AFS
Computer Center
AFS
1. Cell Name in DESY Zeuthen
2. AFS Home Directories in DESY Zeuthen
3. AFS Backup/Recover at DESY Zeuthen
4. acrontab
5. Usage of storage locations
6. AFS Usage Hints
7. Documentation to AFS
The DESY Zeuthen cell name is ifh.de
All users have an AFS home directory. A user with account name testuser has the following AFS Home Directory: /afs/ifh.de/user/t/testuser/
You can have up to 2 Gigabyte quota. Please contact uco-zn@desy.de for increasing.
To have an AFS home directory has a lot of advantages:
- better support for setting permissions
- this home is available at DESY Hamburg, CERN and other sites which support AFS
There are some things to know:
- AFS file access control is by directory, but more flexible and done with fs setacl instead of chmod.
- Although Unix file access rights are still visible, most will be ignored by AFS.
An AFS token is needed to access anything in AFS that's not (literally!) world-readable. This AFS token has a lifetime of about 25 hours. You get this during the normal login, using:
> kinit.
A screensaver activated your xsession. With:
> klist
or
> tokens
you can see the current tickets/tokens.
Hence there are some inconveniences when you want processes of yours to run unattended (cron- or background- jobs):
If they need access to your home directory (which is sometimes hard to avoid), they need a valid AFS token. Facilities like acrontab and the Batch System take care of that.
Information about recover of complete volumes and individual files or directories.
The acrontab command allows scheduling of cron jobs with valid AFS tokens.
Purpose |
Path |
Persistence |
Backup Strategy |
Visibility |
Remarks |
valuable user data |
/afs/ifh.de/user/ <initial>/<user> |
permanent |
automatic, daily backup |
on all machines |
contact: uco-zn@desy.de |
group data |
/afs/ifh.de/group/ |
permanent |
backup for all AFS volumes names of which start with g., but not gn. |
on all machines |
contact: your group AFS admin See: AFS Backup |
small data, easy to reproduce |
/afs/ifh.de/group/ |
nearly permanent |
no backup |
on all machines |
contact: your group AFS admin |
- distribute large datasets over a number of volumes
- volumes should not be larger than a few dozen GBytes (moving to a different server possible, selective replication possible, higher throughput if datasets distributed over servers, minimize risk)
- ask your AFS group admin to distribute the volumes to different servers in case of heavy usage within batch
- in case of heavy read actions within batch your AFS group admin should create read-only replicas of your volumes on different servers for better throughput
- please do not move gigabytes of data from one AFS location to another, instead, mount volumes under different paths
- AFS drawbacks
- there's a limit of <~ 64k entries per directory (for short filenames; for longer names it's 32k or lower)
- slow client, local cache is a burden on the client especially for large files
- ACLs are per directory, not per file
- need special solutions for cron job (if write access required, or read access to private data), use acrontab