Setup
This page describes how to set up AFS on a server. If you are looking for the client configuration, see:
Client SetupTL;DR: use ansible for both clients and servers.
Packages
On Ubuntu, the following packages are needed for it to operate.
openafs-modules-dkms
openafs-krb5
openafs-fileserver
openafs-dbserver
openafs-client
Configuration
The QEMU configuration files for the OpenAFS servers have three disks attached to each server:
openafs<NUMBER>
(attached as/dev/vda
) which contains the root partition.openafs<NUMBER>-vicepa
(attached as/dev/vdb
) which contains thevicepa
partition and is mounted as/vicepa
.openafs<NUMBER>-vicepb
(attached as/dev/vdc
) which contains thevicepb
partition and is mounted as/vicepb
.
The disks themselves are stored in Ceph.
The configuration files CellServDB
and UserList
are copied to /etc/openafs/server
, then the following commands are run:
Create the ptserver process:
bos create <hostname> ptserver simple /usr/lib/openafs/ptserver -localauth
Create the vlserver process:
bos create <hostname> vlserver simple /usr/lib/openafs/vlserver -localauth
Create the buserver process:
bos create <hostname> buserver simple /usr/lib/openafs/buserver -localauth
Create the dafs process:
bos create <hostname> dafs dafs /usr/lib/openafs/dafileserver /usr/lib/openafs/davolserver /usr/lib/openafs/salvageserver /usr/lib/openafs/dasalvager -localauth
Start the backup cron job:
bos create <hostname> dailybackup cron -cmd "/usr/bin/vos backupsys -server <hostname> -localauth" "2:00"
Note: these commands should only be run once, when creating a new OpenAFS server.
Sample CellServDB
CellServDB
>csl.tjhsst.edu #Cell name
198.38.16.19 #openafs1.csl.tjhsst.edu
198.38.16.22 #openafs2.csl.tjhsst.edu
198.38.16.23 #openafs3.csl.tjhsst.edu
198.38.16.24 #openafs4.csl.tjhsst.edu
198.38.16.25 #openafs5.csl.tjhsst.edu
Sample UserList
UserList
Entries correspond to Kerberos principals of administrators who should be able to run bos
and vos
.
2019okulkarn.admin
2020fouzhins.root
Automation
Like it says at the beginning, the ansible repo on GitLab is the ultimate source of authority for configuring OpenAFS. This document exists to provide a summary of the openafs-server
play in case something happens to the repo.
Last updated