[nfsv4] Review of draft-ietf-nfsv4-fex-files-13 (part two of two)
David Noveck <davenoveck@gmail.com> Tue, 22 August 2017 11:45 UTC
Return-Path: <davenoveck@gmail.com>
X-Original-To: nfsv4@ietfa.amsl.com
Delivered-To: nfsv4@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 93E031329AD for <nfsv4@ietfa.amsl.com>; Tue, 22 Aug 2017 04:45:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.699
X-Spam-Level:
X-Spam-Status: No, score=-2.699 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qCRpCPqjRGP6 for <nfsv4@ietfa.amsl.com>; Tue, 22 Aug 2017 04:45:26 -0700 (PDT)
Received: from mail-it0-x234.google.com (mail-it0-x234.google.com [IPv6:2607:f8b0:4001:c0b::234]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1EC2A1329AB for <nfsv4@ietf.org>; Tue, 22 Aug 2017 04:45:26 -0700 (PDT)
Received: by mail-it0-x234.google.com with SMTP id 77so43001418itj.1 for <nfsv4@ietf.org>; Tue, 22 Aug 2017 04:45:26 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to:cc; bh=wr9vpm2nV5PVNs+QTdENNSWWpOXfclKypeQkfUlGjLI=; b=XJpKFPtWy42spi0948Kpw4doNHLaUln0U8mbOxkr5+jGkMlVOQwtxn5WUdi96eT1eB q7yTsKcO7CCeCA5HEGD2XEWoSFmucXaJy035/v+6RwylEaGuuvjpN77dk97SCmRUh9WX zluNbFo0gIG+XcoOjNxT+nC8Ak5nXEWCwL2GElfmqRVpx5k40K7Bn1PtvyVRkQL7pQcf XSNrVMNjESF2P6bqIkPNE9Vfb1GQxqRuDABLR+fKYDQ4GpbgPUpNs1fhwFBGfG6dSKA6 5tXpOZhtFwas6X0Yuos2j/zs9WcpknUt/BpobLhK9WKXkraT5vtOQ9gnmErXvC3MXPrT 1qlw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to:cc; bh=wr9vpm2nV5PVNs+QTdENNSWWpOXfclKypeQkfUlGjLI=; b=I8+JhTOiky4/spZbve/NKh2FCj5rS68LiGRWKzgTAX3O2xrWkQGwwKTcuxoJBo/YHe UGU+TskdlbmfnKUoPes/lry//z1t8t9MEsk3eATF9XdjJy5Jvf5HIiUscw9wGns8Wi/t 9aSohvdDRB9ze+nLcZAQVmQuD6nPp3fmHt2S8w/xaJwgT2gh0tmNkDVP0wi+GpRh41hg x3fIZk2pw1gFRV7I6WsN2gSuq+JzHueeVCAbf8AK+crm8tfVxvuXdfVgG3f/VaTdFMVu brk1LwjSuiS+F+GUq6iCfy7LOrsg1MnYINMzoK+i6+ROOLU8IcNFznRcPvZFG13JK+76 oMzg==
X-Gm-Message-State: AHYfb5hnK6Gj6hvfcKc16of6f4MkTqC2Ef+/UaPg5WRrvfqyFq1udt8w IcYg2SDU3K9gy7WJoFTychH6HftsJg==
X-Received: by 10.36.103.203 with SMTP id u194mr230023itc.27.1503402325252; Tue, 22 Aug 2017 04:45:25 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.107.142.72 with HTTP; Tue, 22 Aug 2017 04:45:24 -0700 (PDT)
From: David Noveck <davenoveck@gmail.com>
Date: Tue, 22 Aug 2017 07:45:24 -0400
Message-ID: <CADaq8jcBNrFunHW+U_iRko+R3irSAvTNkYet_UJR1Se3nbcDTw@mail.gmail.com>
To: Tom Haynes <loghyr@primarydata.com>
Cc: "nfsv4@ietf.org" <nfsv4@ietf.org>
Content-Type: multipart/alternative; boundary="001a11484d068d37bf0557562174"
Archived-At: <https://mailarchive.ietf.org/arch/msg/nfsv4/b--d1uq49oBdW79bbxM87hOTTow>
Subject: [nfsv4] Review of draft-ietf-nfsv4-fex-files-13 (part two of two)
X-BeenThere: nfsv4@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: NFSv4 Working Group <nfsv4.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/nfsv4>, <mailto:nfsv4-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/nfsv4/>
List-Post: <mailto:nfsv4@ietf.org>
List-Help: <mailto:nfsv4-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/nfsv4>, <mailto:nfsv4-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 22 Aug 2017 11:45:29 -0000
*Review Structure* This review has been split up into multiple emails to avoid running afoul of mailing list size restrictions. This is the second section. *Previous Section* This section contains all the general (non-section-specific) comments and the first section of the detailed per-section comments. Generally it should be read first. *Current Section* Contains the bulk of the per-section comments, including those related to security considerations. *Comments by Section (from Section 2.1 onward)* *2.1. LAYOUTCOMMIT* The reference to section 12.5.4 of RFC5661 may have to be updated to point to something within layout-types, given that that Section 12 of RFC5661 is updated by layout-types. *2.3. State and Locking Models* The sentence* "*The choice of locking models is governed by the following rules", is confusng since it is actually the server implementation who makes this choice, when there is a choice Suggest replacing this by the following: A client can determine which couplig model has been implemented as follows: *4.1. ff_device_addr4* In the first sentence, need to replace "storage protool specific "by "layout-type-specific". *5. Flexible File Layout Type* The placement of the last sentence in the section is confusing. It should either be moved to Section 5.1 or "This" should be changed to "The next". *5.1. ff_layout4* The first pargraph, as currently written, seems to suggest that mirroring is always in effect. It needs to be clarified. There are a number of issues in the ninth (non-code) paragraph. Sucggest replacing the last two sentences by the following: In the case of loose coupling when accessing an NFSv4 storage device, the client will use an anonymous stateid to perform I/O on the storage device as there is no use for the metadata server stateid in the absence of a control protocol to provide a global stateid model. In such cases, the server MUST set the ffds_stateid to be the anonymous stateid. There are a number of issues in the thirteenth (non-code) paragraph: - It is unclear what the referent of the intial "These" is. - The statement that "it can not be fixed" is not correct. It could be fixed although there are good resons not to fix it. Those reason should be explained. - The statement that an implementation might require the protocol to be changed sounds backward to me and the IESG is likely to find it unacceptable. Suggest the following replcement paragraph: A number of issues stem from a mismatch between the fact that ffds_stateid is defined as a single item while ffds_fh_vers is defined as an array. It is possible for each open file on the storage device to require its own open stateid. Because there are established loosely coupled implementations of the version of the protocol described in this document, such potential issues have not been addressed here. It is possible for future layout types to be defined that adress these issues, should it become important to provide multiple stateids for the same underlying file. *5.1.2. Client Interactions with FF_FLAGS_NO_IO_THRU_MDS* Suggest replacing the second sentence by "The flag functions as a hint". To clarify the third sentence suggest replacing it by the following: The flag indicates to the client that the metadata server prefers to separate the MDS I/O from the data I/O, most likely for peformance reasons. The material beyond the current third sentece is just a complicated way of saying that the MDS has no effective way to deal with a client that ignores this flag. It would be better to just delete that material *14. Client Fencing* In the first sentece,suggest deleting the phrase "at the least". *15. Security Considerations* The way the material before section 15.1 is written, it isn't clear that the first pargraph is dscussing security for pNFS as whole, while the following two paragraphs are about security with regard to the loose coupling model of the flex-files layout type. In order to clarify, suggest: - not describing pNFS as an extension since it is inconsistent with the watythis term is used in RFC8178. "Feature" would be better. - shortening the first pargraph to put the stress on the fct that this issue was ealt with in RFC5661. - Adding some introductory material to the second paragraph to make clear what you are talkig about. *15.1. RPCSEC_GSS and Security Services* There needs to be some sort of introductory material to introduce this section as a whole. Suggest the following: Because of the special use of principals within the loose coupling model, the issues are different in the case of loose coupling (Section 15.1.1) and tight coupling (Section 15.1.2) *15.1.1. Loosely Coupled* Although I understand why RPCSEC_GSSv3 is not being used, many readers, not being familiar with the discussions about it, may well be confused, especually given the reference to "the intent of the loosely coupled model that the storage device not be modified" which is mentioned nowhere else in this document. Suggest the following replacement: RPCSEC_GSS version 3 (RPCSEC_GSSv3) [RFC7861] contains facilities that would allow it to be used to authorize the client to the storage device on behalf of the metadata server. Doing so would require that each of the metadata server, storage device, and client would need to implement RPCSEC_GSSv3 using an RPC-application-defined structured privilege assertion in a manner described in Section 4.9.1 of [RFC7862]. The specifics necessary to do so are not described in this document. This is principally because any such specification would require extensive implementation work on a wide range of data servers, which would be unlikely to result in a widely usable specification for a considerable time. As a result, the layout type described in this document will not provide support for use of RPCSEC_GSS togther with the loosely coupled model. However, future layout types could be specified which would allow such support, either through the use of RPCSEC_GSSv3, or in other ways. *17.1. Normative References* The reference for [pNFSLayouts] needs to be updated. I believe RFC7861 belongs here (see below). *17.2. Informative References* Given how this is used in Section 15.1.1, I believe the reference to RFC 7861 is more appropriate as a normative reference.
- [nfsv4] Review of draft-ietf-nfsv4-fex-files-13 (… David Noveck
- Re: [nfsv4] Review of draft-ietf-nfsv4-fex-files-… Thomas Haynes