From: Trond Myklebust <Trond.Myklebust@netapp.com>
To: Jeff Layton <jlayton@redhat.com>
Cc: linux-nfs@vger.kernel.org
Subject: Re: [PATCH 30/32] NFS: Add a dns resolver for use with NFSv4 referrals and migration
Date: Fri, 21 Aug 2009 10:21:33 -0400 [thread overview]
Message-ID: <1250864493.6514.71.camel@heimdal.trondhjem.org> (raw)
In-Reply-To: <20090821094248.23bc54f1-9yPaYZwiELC+kQycOl6kW4xkIHaj4LzF@public.gmane.org>
On Fri, 2009-08-21 at 09:42 -0400, Jeff Layton wrote:
> On Wed, 19 Aug 2009 19:38:53 -0400
> Trond Myklebust <Trond.Myklebust@netapp.com> wrote:
>
> > The NFSv4 and NFSv4.1 protocols both allow for the redirection of a client
> > from one server to another in order to support filesystem migration and
> > replication. For full protocol support, we need to add the ability to
> > convert a DNS host name into an IP address that we can feed to the RPC
> > client.
> >
> > We'll reuse the sunrpc cache, now that it has been converted to work with
> > rpc_pipefs.
> >
> > Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
>
>
> I'm happy to see this problem get resolved. Much of this functionality
> however is already provided by the keys API. While it's more geared
> toward dealing with auth tokens, it's still a fairly decent generic upcall
> implementation and could easily have been used here with a lot less new
> code added. Why did you decide to roll your own implementation instead?
As I told you at Connectathon, I don't trust the keyring mechanism at
all for this.
The user is free to inject anything they want into their keyring caches.
Trusting that information when doing a mount onto a shared namespace is
inappropriate.
The point then is that if you can't trust the caching mechanism, then
you have to build a new cache. I chose to reuse Neil's rpc-cache stuff,
because it has some nice properties:
* Write access is restricted to privileged processes using
standard filesystem techniques.
* The cache contents can be easily verified using the 'contents'
pseudofile.
* The contents can be easily cleared using the 'flush' pseudofile.
The only property I really didn't like about his cache mechanism (that
it uses procfs), I easily worked around.
As I said to Chuck, the plan is to also rewrite the idmapper to use a
similar mechanism. The current idmapper has scalability problems that we
need to address in order to make NFSv4 perform in environments with lots
of users.
Cheers
Trond
--
Trond Myklebust
Linux NFS client maintainer
NetApp
Trond.Myklebust@netapp.com
www.netapp.com
prev parent reply other threads:[~2009-08-21 14:21 UTC|newest]
Thread overview: 48+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-08-19 23:38 [PATCH 00/32] The following patches have been committed to branch nfs-for-2.6.32 Trond Myklebust
2009-08-19 23:38 ` [PATCH 01/32] nfs: Keep index within mnt_errtbl[] Trond Myklebust
2009-08-19 23:38 ` [PATCH 02/32] NFSv4: Don't loop forever on state recovery failure Trond Myklebust
2009-08-19 23:38 ` [PATCH 03/32] NFSv4: Add 'server capability' flags for NFSv4 recommended attributes Trond Myklebust
2009-08-19 23:38 ` [PATCH 04/32] NFSv4: Don't do idmapper upcalls for asynchronous RPC calls Trond Myklebust
2009-08-19 23:38 ` [PATCH 05/32] SUNRPC: convert some sysctls into module parameters Trond Myklebust
2009-08-19 23:38 ` [PATCH 06/32] NFSv4: Clean up the nfs.callback_tcpport option Trond Myklebust
2009-08-19 23:38 ` [PATCH 07/32] SUNRPC: Constify rpc_pipe_ops Trond Myklebust
2009-08-19 23:38 ` [PATCH 08/32] SUNRPC: Allow rpc_pipefs_ops to have null values for upcall and downcall Trond Myklebust
2009-08-19 23:38 ` [PATCH 09/32] SUNRPC: Clean up rpc_pipefs lookup code Trond Myklebust
2009-08-19 23:38 ` [PATCH 10/32] SUNRPC: Clean up file creation code in rpc_pipefs Trond Myklebust
2009-08-19 23:38 ` [PATCH 11/32] SUNRPC: Clean up rpc_unlink() Trond Myklebust
2009-08-19 23:38 ` [PATCH 12/32] SUNRPC: Clean up rpc_lookup_create Trond Myklebust
2009-08-19 23:38 ` [PATCH 13/32] SUNRPC: Clean up rpc_populate/depopulate Trond Myklebust
2009-08-19 23:38 ` [PATCH 14/32] SUNRPC: rpc_pipefs cleanup Trond Myklebust
2009-08-19 23:38 ` [PATCH 15/32] SUNRPC: Rename rpc_mkdir to rpc_create_client_dir() Trond Myklebust
2009-08-19 23:38 ` [PATCH 16/32] SUNRPC: Clean up rpc_create_client_dir() Trond Myklebust
2009-08-19 23:38 ` [PATCH 17/32] SUNRPC: Replace rpc_client->cl_dentry and cl_mnt, with a cl_path Trond Myklebust
2009-08-19 23:38 ` [PATCH 18/32] SUNRPC: clean up rpc_setup_pipedir() Trond Myklebust
2009-08-19 23:38 ` [PATCH 19/32] SUNRPC: One more clean up for rpc_create_client_dir() Trond Myklebust
2009-08-19 23:38 ` [PATCH 20/32] NFSD: Clean up the idmapper warning Trond Myklebust
2009-08-19 23:38 ` [PATCH 21/32] SUNRPC: Ensure we initialise the cache_detail before creating procfs files Trond Myklebust
2009-08-19 23:38 ` [PATCH 22/32] SUNRPC: Remove the global temporary write buffer in net/sunrpc/cache.c Trond Myklebust
2009-08-19 23:38 ` [PATCH 23/32] SUNRPC: Allow the cache_detail to specify alternative upcall mechanisms Trond Myklebust
2009-08-19 23:38 ` [PATCH 24/32] SUNRPC: Move procfs-specific stuff out of the generic sunrpc cache code Trond Myklebust
2009-08-19 23:38 ` [PATCH 25/32] SUNRPC: Add an rpc_pipefs front end for the " Trond Myklebust
2009-08-19 23:38 ` [PATCH 26/32] NFS: Add a ->migratepage() aop for NFS Trond Myklebust
2009-08-19 23:38 ` [PATCH 27/32] NFS: read-modify-write page updating Trond Myklebust
2009-08-19 23:38 ` [PATCH 28/32] nfs: remove superfluous BUG_ON()s Trond Myklebust
2009-08-19 23:38 ` [PATCH 29/32] SUNRPC: Fix a typo in cache_pipefs_files Trond Myklebust
[not found] ` <1250725135-14632-31-git-send-email-Trond.Myklebust@! ne! tapp.com>
[not found] ` <1250725135-14632-31-git-send-email-Trond.Myklebus! t@! ne! tapp.com>
2009-08-19 23:38 ` [PATCH 30/32] NFS: Add a dns resolver for use with NFSv4 referrals and migration Trond Myklebust
2009-08-19 23:38 ` [PATCH 31/32] NFS: Use the DNS resolver in the mount code Trond Myklebust
2009-08-19 23:38 ` [PATCH 32/32] SUNRPC: cache must take a reference to the cache detail's module on open() Trond Myklebust
2009-08-19 23:51 ` [PATCH 30/32] NFS: Add a dns resolver for use with NFSv4 referrals and migration Trond Myklebust
[not found] ` <1250725916.12555.1.camel-rJ7iovZKK19ZJLDQqaL3InhyD016LWXt@public.gmane.org>
2009-08-21 20:47 ` J. Bruce Fields
2009-08-21 20:57 ` Chuck Lever
2009-08-20 15:34 ` Chuck Lever
2009-08-20 16:25 ` Trond Myklebust
[not found] ` <1250785542.19156.12.camel-rJ7iovZKK19ZJLDQqaL3InhyD016LWXt@public.gmane.org>
2009-08-20 16:54 ` Chuck Lever
2009-08-20 19:11 ` Trond Myklebust
[not found] ` <1250795483.26904.6.camel-rJ7iovZKK19ZJLDQqaL3InhyD016LWXt@public.gmane.org>
2009-08-20 21:13 ` Chuck Lever
2009-08-20 21:03 ` J. Bruce Fields
2009-08-20 21:08 ` [PATCH] nfs: fix compile error in rpc_pipefs.h J. Bruce Fields
2009-08-20 22:23 ` [PATCH 30/32] NFS: Add a dns resolver for use with NFSv4 referrals and migration Trond Myklebust
[not found] ` <1250807011.6514.8.camel-rJ7iovZKK19ZJLDQqaL3InhyD016LWXt@public.gmane.org>
2009-08-20 22:33 ` J. Bruce Fields
2009-08-20 22:39 ` Trond Myklebust
2009-08-21 13:42 ` Jeff Layton
[not found] ` <20090821094248.23bc54f1-9yPaYZwiELC+kQycOl6kW4xkIHaj4LzF@public.gmane.org>
2009-08-21 14:21 ` Trond Myklebust [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1250864493.6514.71.camel@heimdal.trondhjem.org \
--to=trond.myklebust@netapp.com \
--cc=jlayton@redhat.com \
--cc=linux-nfs@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox