AFS Servers
(New page: AFS servers are quite important to us because they help take care of most of our important data. ==Overview== AFS has several different types of file servers. They are generically split ...) |
|||
| Line 1: | Line 1: | ||
| − | AFS servers are quite important to us because they help take care of most of our important data. | + | AFS servers are quite important to us because they help take care of most of our important data. The largest logical unit of AFS is the cell, which represents a site installation. The cell "lives" in /afs/cellname, so ours in in /afs/ugcs.caltech.edu. For convenience, /afs/ugcs and /afs/.ugcs is a symlink to /afs/ugcs.caltech.edu |
==Overview== | ==Overview== | ||
| − | AFS has several different types of file servers. They are generically split into database servers and file servers. A server can be either a database or file server, or it can be both. For UGCS, apollo, athena, and hermes are our AFS database servers. They are also our three AFS file servers. Although we may add future AFS file servers, we won't need | + | AFS has several different types of file servers. They are generically split into database servers and file servers. A server can be either a database or file server, or it can be both. For UGCS, apollo, athena, and hermes are our AFS database servers. They are also our three AFS file servers. Although we may add future AFS file servers, we won't need more database servers. |
| + | |||
| + | Database servers have three databases on them: | ||
| + | * volume location databases | ||
| + | * protection database (pts) - user information | ||
| + | * backup server: maintains backup information | ||
| + | |||
| + | File server have a file server on them. | ||
==Server Configuration== | ==Server Configuration== | ||
| + | Servers are configured in file in /etc/openafs/server. They have their on CellServDB that just lists the database servers for this cell. The other key piece they have is the KeyFile, a Kerberos keytab that the servers use to authenticate to each other (every server has the same one). Thus if one server is rooted, the attacker will have access to the key and will then be able to gain access to the AFS cell. | ||
| + | |||
| + | |||
[[Category:Sysadmin_Documentation]] | [[Category:Sysadmin_Documentation]] | ||
Revision as of 00:44, 27 March 2010
AFS servers are quite important to us because they help take care of most of our important data. The largest logical unit of AFS is the cell, which represents a site installation. The cell "lives" in /afs/cellname, so ours in in /afs/ugcs.caltech.edu. For convenience, /afs/ugcs and /afs/.ugcs is a symlink to /afs/ugcs.caltech.edu
Overview
AFS has several different types of file servers. They are generically split into database servers and file servers. A server can be either a database or file server, or it can be both. For UGCS, apollo, athena, and hermes are our AFS database servers. They are also our three AFS file servers. Although we may add future AFS file servers, we won't need more database servers.
Database servers have three databases on them:
- volume location databases
- protection database (pts) - user information
- backup server: maintains backup information
File server have a file server on them.
Server Configuration
Servers are configured in file in /etc/openafs/server. They have their on CellServDB that just lists the database servers for this cell. The other key piece they have is the KeyFile, a Kerberos keytab that the servers use to authenticate to each other (every server has the same one). Thus if one server is rooted, the attacker will have access to the key and will then be able to gain access to the AFS cell.
