@@ -98,8 +98,8 @@ required as such a namespace is changed over time.
Installable components include:
- o An automounter program map to manage the FedFS domain namespace
- on FedFS-enabled clients
+ o An automounter program map to allow access to the FedFS domain
+ namespace on FedFS-enabled clients
o A mount command to mount parts of a FedFS domain namespace
@@ -50,7 +50,7 @@ for information about how program maps work.
The
.BR fedfs-map-nfs4 (8)
command locates FedFS domains by looking for DNS SRV records
-that advertise file servers exporting domain root replicas.
+that advertise file servers exporting FedFS domain root replicas.
The
.I domainname
argument determines what FedFS domain is to be mounted.
@@ -96,11 +96,8 @@ Under the /nfs4 directory on the local system, the automounter uses
to convert a FedFS domain name to a set of servers and an export path,
which are then passed to
.BR mount.nfs (8).
-.P
The automounter mounts this FedFS domain on the directory
.IR /nfs4/domainname .
-Note that this also works for dot-prefixed domain names, in order to
-support mounting read-write domain root replicas.
.P
After configuring and restarting
.BR autofs ,
@@ -129,6 +126,7 @@ While these mounted domains remain active on the local system,
the mounted-on directories remain visible.
After a period of inactivity, the automounter automatically unmounts
a FedFS domain.
+.P
Local applications browsing the top-level directory
do not see all available FedFS domains. They see only the ones that
are mounted and active.
@@ -139,11 +139,6 @@ copies of a domain root can exist on multiple file servers.
These copies are known as
.IR "domain root replicas" .
.P
-Two types of domain root replicas are available in a FedFS domain:
-read-only and read-write.
-By default,
-FedFS-enabled file system clients mount read-only replicas.
-.P
Rather than using junctions and information in an NSDB,
FedFS-enabled clients locate a domain's root by looking for
DNS SRV records that advertise file servers exporting domain root replicas.
@@ -165,16 +160,6 @@ specifies a FedFS domain.
Currently, the Linux FedFS implementation recognizes only
.B nfs4
as a valid fstype.
-.P
-If
-.I domainname
-begins with a dot (period),
-the pathname refers to a read-write replica of the domain's root.
-Otherwise, it refers to a read-only replica.
-Note this means that the read-write replicas, and all parts of the
-file system below them,
-are visible at a different point in a client's name space
-than are read-only replicas.
.SS Globally Useful Names
On FedFS-enabled Linux clients,
the automounter (via a program map) or the
@@ -219,13 +204,12 @@ they can encounter both file sets to which they have
read-only access, and file sets to which they have read-write
access.
To allow the server to provide proper access to both types of file sets,
-typically both domain root replica types are mounted read-write
-on FedFS clients.
+typically the domain root is mounted read-write on FedFS clients.
All submounts of the domain root are then mounted read-write as well.
.P
For example, a domain root may contain an NFS version 4 referral to an
export containing user home directories.
-The domain root is read-only,
+The domain root may be exported read-only so normal clients cannot update it,
but user home directories would not be very useful if they could not be
written to.
The file server continues to employ user credentials to limit access
@@ -240,37 +224,31 @@ even though underneath, additional NFS mounts come and go as needed.
.SS Creating domain roots
For now, only NFS domain roots are considered.
FedFS domain roots contain very little data,
-so it is safe to create them right under
-.I /
+so it is safe to create them in the root file system
on your FedFS-enabled Linux NFS file servers.
.P
-FedFS domain roots use a standard export path name form.
-FedFS-enabled file system clients need know only the hostname
-of an NFS server that is exporting a domain root in order to mount it.
-The export path of a read-only domain root replica
-starts with the string "/.domainroot-"
-followed by the FedFS domain name.
-.P
-For instance, the export path of the read-only domain root of the
+FedFS domain roots are mounted via a standard export pathname.
+The first component of the domain root's export pathname is always
+.IR /.domainroot .
+The second component is a FedFS domain name.
+For instance, the export pathname of the domain root of the
.I example.net
-domain would be
-.IR /.domainroot-example.net .
+FedFS domain would be
+.IR /.domainroot/example.net .
+.P
After creating this directory on a FedFS-enabled
file server and making it world readable,
an entry in /etc/exports for this export might look like:
.RS
.sp
-/.domainroot-example.net *(ro)
+/.domainroot/example.net *(ro)
.sp
.RE
-At this point, if
-.BR rpc.fedfs (8)
-is running on this server,
-FedFS junctions can be created in this directory
-using the FedFS administrative client tools.
+At this point, FedFS junctions can be created in the domain's root directory
+using FedFS administrative tools.
You can also add other objects that might be useful
-at the top of a FedFS domain namespace, such as standard NFS referrals,
-or files, like a terms-of-use document.
+at the top of a FedFS domain namespace, such as standard NFS referrals
+or files like a terms-of-use document.
.P
To enable discovery of this domain root
by FedFS-enabled file system clients,
@@ -284,7 +262,7 @@ domain.
Such a record might look like
.RS
.sp
- _nfs4._domainroot._tcp IN SRV 0 0 2049 foo.example.net.
+ _nfs-domainroot._tcp IN SRV 0 0 2049 foo.example.net.
.RE
.SH SECURITY
Each host in a FedFS domain plays one or more of the following roles,
@@ -44,7 +44,7 @@ For further details, see
The
.BR mount.fedfs (8)
command locates FedFS domains by looking for DNS SRV records
-that advertise file servers exporting domain root replicas.
+that advertise file servers exporting FedFS domain root replicas.
The
.I remotedir
argument determines what FedFS domain is mounted and
@@ -54,7 +54,7 @@ The
.BR mount.fedfs (8)
command sorts the list of available domain root replicas
according to the SRV record sorting rules outlined in RFC 2782.
-It serially attempts to contact each file server
+It attempts to contact each file server
appearing in the SRV record list
until a mount request succeeds
or the end of the SRV record list is reached.
@@ -142,20 +142,14 @@ FedFS domain via NFS version 4 automatically, you might add this to your
/nfs4/example.net /nfs4/example.net fedfs defaults 0 0
.sp
.RE
-If you wanted the read-write replica instead, you could use:
-.RS
-.sp
-/nfs4/.example.net /nfs4/.example.net fedfs defaults 0 0
-.sp
-.RE
A FedFS domain root can also be mounted with a stand-alone invocation of
.BR mount (8):
.RS
.sp
-# mount -t fedfs /nfs4/.example.net /mnt/fedfs
+# mount -t fedfs /nfs4/example.net /mnt/fedfs
.sp
.RE
-This mounts the read-write replica of the FedFS domain root for the
+This mounts the FedFS domain root for the
.I example.net
domain on the client's
.I /mnt/fedfs
@@ -51,24 +51,14 @@
#include "gpl-boiler.h"
/**
- * Name of SRV record containing NFSv4 r/o FedFS root
+ * Name of SRV record containing NFSv4 FedFS root
*/
-#define FEDFS_NFS4_DOMAINROOT_RO "_nfs4._domainroot._tcp"
+#define FEDFS_NFS_DOMAINROOT "_nfs-domainroot._tcp"
/**
- * Name of SRV record containing NFSv4 r/w FedFS root
+ * Export pathname of NFSv4 FedFS root
*/
-#define FEDFS_NFS4_DOMAINROOT_RW "_nfs4._write._domainroot._tcp"
-
-/**
- * Export path of NFSv4 r/o FedFS root
- */
-#define FEDFS_NFS4_EXPORTPATH_RO "/.domainroot"
-
-/**
- * Export path of NFSv4 r/w FedFS root
- */
-#define FEDFS_NFS4_EXPORTPATH_RW "/.domainroot-write"
+#define FEDFS_NFS_EXPORTPATH "/.domainroot"
static char *progname;
@@ -87,19 +77,15 @@ fedfs_map_usage(void)
* Construct an NFSv4 map entry for "domainname" with one server
*
* @param si single-entry list of SRV records
- * @param rw_replica true if a R/W domain root replica was requested
* @param domainname NUL-terminated UTF-8 string containing name of FedFS domain
* @return command exit status
*/
-static int fedfs_map_nfs4_oneserver(struct srvinfo *si, _Bool rw_replica,
- const char *domainname)
+static int fedfs_map_nfs4_oneserver(struct srvinfo *si, const char *domainname)
{
printf("-fstype=nfs,vers=4,fg");
if (si->si_port != 2049)
printf(",port=%u", si->si_port);
- printf(" %s:%s-%s\n", si->si_target,
- rw_replica ? FEDFS_NFS4_EXPORTPATH_RW :
- FEDFS_NFS4_EXPORTPATH_RO, domainname);
+ printf(" %s:%s/%s\n", si->si_target, FEDFS_NFS_EXPORTPATH, domainname);
return 0;
}
@@ -107,12 +93,10 @@ static int fedfs_map_nfs4_oneserver(struct srvinfo *si, _Bool rw_replica,
* Construct an NFSv4 map entry for "domainname" with multiple servers
*
* @param si list of SRV records for requested FedFS domain
- * @param rw_replica true if a R/W domain root replica was requested
* @param domainname NUL-terminated UTF-8 string containing name of FedFS domain
* @return command exit status
*/
-static int fedfs_map_nfs4_replicas(struct srvinfo *si, _Bool rw_replica,
- const char *domainname)
+static int fedfs_map_nfs4_replicas(struct srvinfo *si, const char *domainname)
{
struct srvinfo *cur;
unsigned short port;
@@ -146,8 +130,7 @@ static int fedfs_map_nfs4_replicas(struct srvinfo *si, _Bool rw_replica,
printf("%s(%u)", cur->si_target, cur->si_weight);
comma = true;
}
- printf(":%s-%s\n", rw_replica ? FEDFS_NFS4_EXPORTPATH_RW :
- FEDFS_NFS4_EXPORTPATH_RO, domainname);
+ printf(":%s/%s\n", FEDFS_NFS_EXPORTPATH, domainname);
return 0;
}
@@ -163,18 +146,9 @@ static int fedfs_map_nfs4(const char *domainname)
struct srvinfo *cur, *si = NULL;
unsigned int count;
int error, result;
- _Bool rw_replica;
- char *rr;
-
- rw_replica = false;
- if (domainname[0] == '.') {
- rw_replica = true;
- domainname++;
- }
result = 1;
- rr = rw_replica ? FEDFS_NFS4_DOMAINROOT_RW : FEDFS_NFS4_DOMAINROOT_RO;
- error = getsrvinfo(rr, domainname, &si);
+ error = getsrvinfo(FEDFS_NFS_DOMAINROOT, domainname, &si);
switch (error) {
case ESI_SUCCESS:
break;
@@ -195,11 +169,9 @@ static int fedfs_map_nfs4(const char *domainname)
for (count = 0, cur = si; cur != NULL; cur = cur->si_next)
count++;
if (count == 1)
- result = fedfs_map_nfs4_oneserver(si, rw_replica,
- domainname);
+ result = fedfs_map_nfs4_oneserver(si, domainname);
else
- result = fedfs_map_nfs4_replicas(si, rw_replica,
- domainname);
+ result = fedfs_map_nfs4_replicas(si, domainname);
out:
freesrvinfo(si);
@@ -56,24 +56,14 @@
#define FEDFS_NFS4_TLDIR "nfs4"
/**
- * Name of SRV record containing NFSv4 r/o FedFS root
+ * Name of SRV record containing NFSv4 FedFS root
*/
-#define FEDFS_NFS4_DOMAINROOT_RO "_nfs4._domainroot._tcp"
+#define FEDFS_NFS_DOMAINROOT "_nfs-domainroot._tcp"
/**
- * Name of SRV record containing NFSv4 r/w FedFS root
+ * Export path of NFSv4 FedFS root
*/
-#define FEDFS_NFS4_DOMAINROOT_RW "_nfs4._write._domainroot._tcp"
-
-/**
- * Export path of NFSv4 r/o FedFS root
- */
-#define FEDFS_NFS4_EXPORTPATH_RO "/.domainroot"
-
-/**
- * Export path of NFSv4 r/w FedFS root
- */
-#define FEDFS_NFS4_EXPORTPATH_RW "/.domainroot-write"
+#define FEDFS_NFS_EXPORTPATH "/.domainroot"
/**
* Pathname to mount.nfs
@@ -186,7 +176,6 @@ out:
*
* @param server NUL-terminated C string containing name of NFS server
* @param port server port to use when mounting
- * @param rw_replica true if the read-write replica was requested
* @param domainname NUL-terminated C string containing FedFS domain name
* @param export_path NUL-terminated C string containing server export path
* @param mounted_on_dir NUL-terminated C string containing local mounted-on directory
@@ -194,7 +183,7 @@ out:
*
*/
static void
-exec_mount_nfs4(const char *server, unsigned short port, _Bool rw_replica,
+exec_mount_nfs4(const char *server, unsigned short port,
const char *domainname, const char *export_path,
const char *mounted_on_dir, const char *text_options)
{
@@ -203,10 +192,8 @@ exec_mount_nfs4(const char *server, unsigned short port, _Bool rw_replica,
char *args[16];
int count = 0;
- snprintf(special, sizeof(special), "%s:%s-%s%s", server,
- rw_replica ? FEDFS_NFS4_EXPORTPATH_RW :
- FEDFS_NFS4_EXPORTPATH_RO,
- domainname, export_path);
+ snprintf(special, sizeof(special), "%s:%s/%s%s", server,
+ FEDFS_NFS_EXPORTPATH, domainname, export_path);
if (text_options != NULL && strcmp(text_options, "") != 0)
snprintf(options, sizeof(options), "%s,vers=4,fg,port=%u",
@@ -262,19 +249,10 @@ nfs4_mount(const char *domainname, const char *export_path,
{
struct srvinfo *tmp, *si = NULL;
int error, status;
- _Bool rw_replica;
- char *srv_rr;
status = EX_FAIL;
- rw_replica = false;
- if (domainname[0] == '.') {
- rw_replica = true;
- domainname++;
- }
-
- srv_rr = rw_replica ? FEDFS_NFS4_DOMAINROOT_RW : FEDFS_NFS4_DOMAINROOT_RO;
- error = getsrvinfo(srv_rr, domainname, &si);
+ error = getsrvinfo(FEDFS_NFS_DOMAINROOT, domainname, &si);
switch (error) {
case ESI_SUCCESS:
break;
@@ -303,7 +281,7 @@ nfs4_mount(const char *domainname, const char *export_path,
pid = fork();
switch (pid) {
case 0:
- exec_mount_nfs4(tmp->si_target, tmp->si_port, rw_replica,
+ exec_mount_nfs4(tmp->si_target, tmp->si_port,
domainname, export_path, mounted_on_dir,
text_options);
/*NOTREACHED*/
draft-ietf-nfsv4-federated-fs-dns-srv-namespace is now a proposed standard with an assigned RFC number of 6641. This revision changes the layout of the DNS SRV record used to locate a FedFS domain. It also changes the standard export pathname of FedFS domain root directories on a file server. Update the mount.fedfs and fedfs-map-nfs4 components and accompanying documentation to query new-style FedFS SRV records and use new-style export pathnames when mounting a FedFS domain root. The old DNS SRV record looked like this: $ORIGIN example.net. _nfs4._domainroot._tcp IN SRV 0 0 2049 nfssrv.example.net. _nfs4._write._domainroot._tcp IN SRV 0 0 2049 nfssrv.example.net. The new DNS SRV record looks like this: $ORIGIN example.net. _nfs-domainroot._tcp IN SRV 0 0 2049 nfssrv.example.net. The old domain root directory export path looked like this: /.domainroot-example.net and /.domainroot-write-example.net The new domain root directory export path looks like this: /.domainroot/example.net Support for separate read-only and read-write domain root directories is removed. NOTE: This change is non-backwards compatible. The intention is that fedfs-utils-0.9 no longer accesses domain roots via old-style FedFS SRV records or via the old export path. To concurrently support fedfs-utils-0.8 and earlier, you can maintain both the old-style and new-style SRV records and domain root directories as long as there are clients that require the old-style set up (eg fedfs-utils-0.8 clients). Signed-off-by: Chuck Lever <chuck.lever@oracle.com> --- README | 4 ++- doc/man/fedfs-map-nfs4.8 | 6 ++--- doc/man/fedfs.7 | 56 +++++++++++++------------------------------- doc/man/mount.fedfs.8 | 14 +++-------- src/mount/fedfs-map-nfs4.c | 50 +++++++++------------------------------ src/mount/main.c | 40 +++++++------------------------ 6 files changed, 45 insertions(+), 125 deletions(-)