Re: [nfsv4] I-D Action: draft-ietf-nfsv4-flex-files-11.txt
Rick Macklem <rmacklem@uoguelph.ca> Tue, 18 July 2017 23:16 UTC
Return-Path: <rmacklem@uoguelph.ca>
X-Original-To: nfsv4@ietfa.amsl.com
Delivered-To: nfsv4@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AE720131B17 for <nfsv4@ietfa.amsl.com>; Tue, 18 Jul 2017 16:16:49 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.902
X-Spam-Level:
X-Spam-Status: No, score=-1.902 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id FXYD-Nf2Ctxw for <nfsv4@ietfa.amsl.com>; Tue, 18 Jul 2017 16:16:47 -0700 (PDT)
Received: from CAN01-QB1-obe.outbound.protection.outlook.com (mail-eopbgr660042.outbound.protection.outlook.com [40.107.66.42]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D824512EC39 for <nfsv4@ietf.org>; Tue, 18 Jul 2017 16:16:46 -0700 (PDT)
Received: from YTXPR01MB0189.CANPRD01.PROD.OUTLOOK.COM (10.165.218.133) by YTXPR01MB0189.CANPRD01.PROD.OUTLOOK.COM (10.165.218.133) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1261.13; Tue, 18 Jul 2017 23:16:44 +0000
Received: from YTXPR01MB0189.CANPRD01.PROD.OUTLOOK.COM ([10.165.218.133]) by YTXPR01MB0189.CANPRD01.PROD.OUTLOOK.COM ([10.165.218.133]) with mapi id 15.01.1261.024; Tue, 18 Jul 2017 23:16:44 +0000
From: Rick Macklem <rmacklem@uoguelph.ca>
To: Thomas Haynes <loghyr@primarydata.com>, "nfsv4@ietf.org" <nfsv4@ietf.org>
Thread-Topic: [nfsv4] I-D Action: draft-ietf-nfsv4-flex-files-11.txt
Thread-Index: AQHS/61RyZMtR1DFXEOrjed5cJ+UUqJZW6EAgADcQxY=
Date: Tue, 18 Jul 2017 23:16:44 +0000
Message-ID: <YTXPR01MB018967B530A4C9F166670740DDA10@YTXPR01MB0189.CANPRD01.PROD.OUTLOOK.COM>
References: <150037229404.11336.16983983178083243373@ietfa.amsl.com>, <6B40A2A0-741F-4E5C-849A-847DC1BCAC39@primarydata.com>
In-Reply-To: <6B40A2A0-741F-4E5C-849A-847DC1BCAC39@primarydata.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: primarydata.com; dkim=none (message not signed) header.d=none;primarydata.com; dmarc=none action=none header.from=uoguelph.ca;
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; YTXPR01MB0189; 7:z0EBgZIvYyKnXN4We4ne3sracjpSqowDbPf8DJ1JD3+rzyC6aifFpCj7AFDfWXmxBeD1gexHerH56KNOZoyLAo88qg+Nxg1ebzxXBeAmgLY2C6gyFUHw7Ujk3FyKdJkQAZTMTVkgjTrelkUlwazl8MtwSyglUxYyrnWOJVMxCJSdT243UUarNFQm0BaS78T2HN0Yr3TRYyQB8s5+Awxte012e4QcJA6AS33sAfV+RjwVuzbJ3IonyqkOy8Cr9DBbM+k5SSjiFkqvNFOTz1rOuJm8kmOS0W1oXsAcZK6+GlwEQJ2OZx5GuxLYewU6rZU4NxQoRGAXeoHLPSsAlDelK04nhXt3aVQpPIAsrispV23wOdquFBewnd3lo8434kYKF3U5BPDiTiBFnrVmb/qfpmtEYJ/KrDoZhuymnAHg9rqv7xd0pOEANVjtfigLjmVQGe4NoY8qHkml6IoXnF1sEyzQMz9HnfT3qyqCG+jzEISc35f2avjXlmaBRvSY7lE9VGHeO8QeqeGe6n8l+N4DLpxn4u16t5T+yyqZkERlJwYUXFWov0Y+urL5VwOBA+6pOTu2Q8d/ln+x62xMMTonLuKQo+tfAPAIc+qDBn3AHGrYlI544yf69FPxMEaf3rXjvtTX4SwMKTGGaNQSiIn1PNyHQZO8e+nXX/nT/1+QkIdtJ9Pp4zS/kqebMe9rpt9HSEU1zDlL0UKkOM+i0jbY7/gt8LhrJEaptiVtsmU2dtOe0VzL3CTU98Ghc2xI3Njp1D8uGqXn9kPxjC9u/snb9nlGJW/DvhZom+Q82lo+Uq8=
x-ms-office365-filtering-correlation-id: 125d06c0-edcd-4680-c5da-08d4ce330e41
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(300000500095)(300135000095)(300000501095)(300135300095)(22001)(300000502095)(300135100095)(2017030254075)(300000503095)(300135400095)(2017052603031)(201703131423075)(201703031133081)(300000504095)(300135200095)(300000505095)(300135600095)(300000506095)(300135500095); SRVR:YTXPR01MB0189;
x-ms-traffictypediagnostic: YTXPR01MB0189:
x-exchange-antispam-report-test: UriScan:(278178393323532)(158342451672863)(120809045254105)(236129657087228)(192374486261705)(148574349560750);
x-microsoft-antispam-prvs: <YTXPR01MB01899DBA19AF60A7D9E2DA16DDA10@YTXPR01MB0189.CANPRD01.PROD.OUTLOOK.COM>
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(100000700101)(100105000095)(100000701101)(100105300095)(100000702101)(100105100095)(6040450)(2401047)(2017060910075)(5005006)(8121501046)(100000703101)(100105400095)(93006095)(93001095)(10201501046)(3002001)(6041248)(20161123560025)(20161123558100)(20161123562025)(20161123555025)(201703131423075)(201702281529075)(201702281528075)(201703061421075)(201703061406153)(20161123564025)(6072148)(100000704101)(100105200095)(100000705101)(100105500095); SRVR:YTXPR01MB0189; BCL:0; PCL:0; RULEID:(100000800101)(100110000095)(100000801101)(100110300095)(100000802101)(100110100095)(100000803101)(100110400095)(100000804101)(100110200095)(100000805101)(100110500095); SRVR:YTXPR01MB0189;
x-forefront-prvs: 037291602B
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(6009001)(39400400002)(39410400002)(39450400003)(39840400002)(51444003)(24454002)(15404003)(377424004)(377454003)(189998001)(76176999)(54356999)(8936002)(8676002)(86362001)(50986999)(25786009)(229853002)(102836003)(2501003)(6506006)(2950100002)(5660300001)(38730400002)(7696004)(6246003)(74482002)(33656002)(2906002)(230783001)(77096006)(6436002)(74316002)(81166006)(9686003)(6306002)(55016002)(305945005)(966005)(53546010)(2900100001)(478600001)(3280700002)(14454004)(3660700001)(53936002); DIR:OUT; SFP:1101; SCL:1; SRVR:YTXPR01MB0189; H:YTXPR01MB0189.CANPRD01.PROD.OUTLOOK.COM; FPR:; SPF:None; MLV:sfv; LANG:en;
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: uoguelph.ca
X-MS-Exchange-CrossTenant-originalarrivaltime: 18 Jul 2017 23:16:44.2834 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: be62a12b-2cad-49a1-a5fa-85f4f3156a7d
X-MS-Exchange-Transport-CrossTenantHeadersStamped: YTXPR01MB0189
Archived-At: <https://mailarchive.ietf.org/arch/msg/nfsv4/IhsZ5tp2nmSgqyM69u5d6ej0onM>
Subject: Re: [nfsv4] I-D Action: draft-ietf-nfsv4-flex-files-11.txt
X-BeenThere: nfsv4@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: NFSv4 Working Group <nfsv4.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/nfsv4>, <mailto:nfsv4-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/nfsv4/>
List-Post: <mailto:nfsv4@ietf.org>
List-Help: <mailto:nfsv4-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/nfsv4>, <mailto:nfsv4-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 18 Jul 2017 23:16:50 -0000
Here's some comments w.r.t. draft11, rick Generically, I think the only effects on the client of "tight" vs "loose" coupling is: Loose coupling (when doing I/O on storage server): - client uses synthetic uid/gid and anonymous stateid - *** when fenced off, client sees NFS4ERR_ACCESS reply to I/O Tight coupling (when doing I/O on storage server): - client uses same uid/gid as for MDS for the file and ffds_stateid - *** when fenced off, client sees NFS4ERR_BAD_STATEID reply to I/O The "***" cases aren't explicitly spelled out in the draft. It might be nice to have something like this near the beginning of the document, so that client implementors aren't confused by the various discussions of "loose" vs "tight" coupling. Now, here's some things I spotted in draft-11. > 2.1. LAYOUTCOMMIT > > The metadata server has the responsibility, upon receiving a > LAYOUTCOMMIT (see Section 18.42 of [RFC5661]), of ensuring that the > semantics of pNFS are respected (see Section 12.5.4 of [RFC5661]). > These do include a requirement that data written to data storage > device be stable before the occurance of the LAYOUTCOMMIT. Spelling of occurance as noted before, plus.. I think that this needs to be changed to apply to both loose and tight couplings too? (line 527-530 in the .txt file) > case that there is loose coupling is in effect. If > ffdv_tightly_coupled is not set, then the client MUST commit writes > to the storage devices for the file before sending a LAYOUTCOMMIT to > the metadata server. I.e., the writes MUST be committed by the > client to stable storage via issuing WRITEs with stable_how == ... >2.2. Fencing Clients from the Storage Device > > With loosely coupled storage devices, the metadata server uses > synthetic uids and gids for the data file, where the uid owner of the > data file is allowed read/write access and the gid owner is allowed > read only access. As part of the layout (see ffds_user and > ffds_group in Section 5.1), the client is provided with the user and > group to be used in the Remote Procedure Call (RPC) [RFC5531] > credentials needed to access the data file. Fencing off of clients > is achieved by the metadata server changing the synthetic uid and/or > gid owners of the data file on the storage device to implicitly > revoke the outstanding RPC credentials. It might be nice to add that the client will receive a NFS4ERR_ACCESS reply to I/O operations done against the storage server for the loosely coupled case? ... > With tightly coupled storage devices, the metadata server sets the > user and group owners, mode bits, and ACL of the data file to be the > same as the metadata file. And the client must authenticate with the > storage device and go through the same authorization process it would > go through via the metadata server. In the case of tight coupling, > fencing is the responsibility of the control protocol and is not > described in detail here. However, implementations of the tight > coupling locking model (see Section 2.3), will need a way to prevent > access by certain clients to specific files by invalidating the > corresponding stateids on the storage device. As above, it might be nice to clarify that the client will receive a NFS4ERR_BAD_STATEID for the tight coupled case? ... > strongly coupled. They would use a back-end control protocol to I think David N. mentioned this before, but I think "strongly" should be "tightly"? ... > F_FLAGS_NO_IO_THRU_MDS: can be set to indicate that the client > SHOULD not send I/O operations to the metadata server. I.e., even > if the client could determine that there was a network diconnect > to a storage device, the client SHOULD not try to proxy the I/O > through the metadata server. Although I'll let the IETF guys debate the correct use of SHOULD, it seems rather strong here, given that it is "at best a hint" as described here: >5.1.2. Client Interactions with FF_FLAGS_NO_IO_THRU_MDS > > Even if the metadata server provides the FF_FLAGS_NO_IO_THRU_MDS, > flag, the client can still perform I/O to the metadata server. The > flag is at best a hint. The flag is indicating to the client that ... > data strucures are built on concepts introduced in NFSv4.2, the Spelling of structures. ... >13. Recalling a Layout > > While Section 12.5.5 of [RFC5661] discusses layout type independent > reasons for recalling a layout, the flexible file layout type > metadata server should recall outstanding layouts in the following > cases: > > o When the file's security policy changes, i.e., Access Control > Lists (ACLs) or permission mode bits are set. I don't think this applies to the "tightly coupled" case, if the server propagates the ACL, perm changes to the storage server? Same comment applies to parts of: >15. Security Considerations third para. > devices. When the metadata server receives a request to change a > file's permissions or ACL, it SHOULD recall all layouts for that file > and then MUST fence off any clients still holding outstanding layouts > for the respective files by implicitly invalidating the previously > distributed credential on all data file comprising the file in ________________________________________ From: nfsv4 <nfsv4-bounces@ietf.org> on behalf of Thomas Haynes <loghyr@primarydata.com> Sent: Tuesday, July 18, 2017 6:06:16 AM To: nfsv4@ietf.org Subject: Re: [nfsv4] I-D Action: draft-ietf-nfsv4-flex-files-11.txt This has the FF_FLAGS_WRITE_ONE_MIRROR and the fixed IANA considerations. > On Jul 18, 2017, at 12:04 PM, internet-drafts@ietf.org wrote: > > > A New Internet-Draft is available from the on-line Internet-Drafts directories. > This draft is a work item of the Network File System Version 4 of the IETF. > > Title : Parallel NFS (pNFS) Flexible File Layout > Authors : Benny Halevy > Thomas Haynes > Filename : draft-ietf-nfsv4-flex-files-11.txt > Pages : 40 > Date : 2017-07-18 > > Abstract: > The Parallel Network File System (pNFS) allows a separation between > the metadata (onto a metadata server) and data (onto a storage > device) for a file. The flexible file layout type is defined in this > document as an extension to pNFS which allows the use of storage > devices in a fashion such that they require only a quite limited > degree of interaction with the metadata server, using already > existing protocols. Client side mirroring is also added to provide > replication of files. > > > The IETF datatracker status page for this draft is: > https://datatracker.ietf.org/doc/draft-ietf-nfsv4-flex-files/ > > There are also htmlized versions available at: > https://tools.ietf.org/html/draft-ietf-nfsv4-flex-files-11 > https://datatracker.ietf.org/doc/html/draft-ietf-nfsv4-flex-files-11 > > A diff from the previous version is available at: > https://www.ietf.org/rfcdiff?url2=draft-ietf-nfsv4-flex-files-11 > > > Please note that it may take a couple of minutes from the time of submission > until the htmlized version and diff are available at tools.ietf.org. > > Internet-Drafts are also available by anonymous FTP at: > ftp://ftp.ietf.org/internet-drafts/ > > _______________________________________________ > nfsv4 mailing list > nfsv4@ietf.org > https://www.ietf.org/mailman/listinfo/nfsv4 > _______________________________________________ nfsv4 mailing list nfsv4@ietf.org https://www.ietf.org/mailman/listinfo/nfsv4
- [nfsv4] I-D Action: draft-ietf-nfsv4-flex-files-1… internet-drafts
- Re: [nfsv4] I-D Action: draft-ietf-nfsv4-flex-fil… Thomas Haynes
- Re: [nfsv4] I-D Action: draft-ietf-nfsv4-flex-fil… Rick Macklem
- Re: [nfsv4] I-D Action: draft-ietf-nfsv4-flex-fil… Thomas Haynes
- Re: [nfsv4] I-D Action: draft-ietf-nfsv4-flex-fil… David Noveck