Internet Engineering Task Force (IETF) J. Lentini
Request for Comments: 7532 NetApp
Category: Standards Track R. Tewari
ISSN: 2070-1721 IBM Almaden
C. Lever, Ed.
Oracle Corporation
March 2015
Internet Engineering Task Force (IETF) J. Lentini
Request for Comments: 7532 NetApp
Category: Standards Track R. Tewari
ISSN: 2070-1721 IBM Almaden
C. Lever, Ed.
Oracle Corporation
March 2015
Namespace Database (NSDB) Protocol for Federated File Systems
用于联邦文件系统的名称空间数据库(NSDB)协议
Abstract
摘要
This document describes a file system federation protocol that enables file access and namespace traversal across collections of independently administered fileservers. The protocol specifies a set of interfaces by which fileservers with different administrators can form a fileserver federation that provides a namespace composed of the file systems physically hosted on and exported by the constituent fileservers.
本文档描述了一个文件系统联合协议,该协议支持跨独立管理的文件服务器集合进行文件访问和命名空间遍历。该协议指定了一组接口,通过这些接口,具有不同管理员的文件服务器可以形成文件服务器联合体,该联合体提供了一个名称空间,该名称空间由物理承载在组成文件服务器上并由组成文件服务器导出的文件系统组成。
Status of This Memo
关于下段备忘
This is an Internet Standards Track document.
这是一份互联网标准跟踪文件。
This document is a product of the Internet Engineering Task Force (IETF). It represents the consensus of the IETF community. It has received public review and has been approved for publication by the Internet Engineering Steering Group (IESG). Further information on Internet Standards is available in Section 2 of RFC 5741.
本文件是互联网工程任务组(IETF)的产品。它代表了IETF社区的共识。它已经接受了公众审查,并已被互联网工程指导小组(IESG)批准出版。有关互联网标准的更多信息,请参见RFC 5741第2节。
Information about the current status of this document, any errata, and how to provide feedback on it may be obtained at http://www.rfc-editor.org/info/rfc7532.
有关本文件当前状态、任何勘误表以及如何提供反馈的信息,请访问http://www.rfc-editor.org/info/rfc7532.
Copyright Notice
版权公告
Copyright (c) 2015 IETF Trust and the persons identified as the document authors. All rights reserved.
版权所有(c)2015 IETF信托基金和确定为文件作者的人员。版权所有。
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License.
本文件受BCP 78和IETF信托有关IETF文件的法律规定的约束(http://trustee.ietf.org/license-info)自本文件出版之日起生效。请仔细阅读这些文件,因为它们描述了您对本文件的权利和限制。从本文件中提取的代码组件必须包括信托法律条款第4.e节中所述的简化BSD许可证文本,并提供简化BSD许可证中所述的无担保。
This document may contain material from IETF Documents or IETF Contributions published or made publicly available before November 10, 2008. The person(s) controlling the copyright in some of this material may not have granted the IETF Trust the right to allow modifications of such material outside the IETF Standards Process. Without obtaining an adequate license from the person(s) controlling the copyright in such materials, this document may not be modified outside the IETF Standards Process, and derivative works of it may not be created outside the IETF Standards Process, except to format it for publication as an RFC or to translate it into languages other than English.
本文件可能包含2008年11月10日之前发布或公开的IETF文件或IETF贡献中的材料。控制某些材料版权的人员可能未授予IETF信托允许在IETF标准流程之外修改此类材料的权利。在未从控制此类材料版权的人员处获得充分许可的情况下,不得在IETF标准流程之外修改本文件,也不得在IETF标准流程之外创建其衍生作品,除了将其格式化以RFC形式发布或将其翻译成英语以外的其他语言。
Table of Contents
目录
1. Introduction ....................................................4
1.1. Requirements Language ......................................5
2. Overview of Features and Concepts ...............................5
2.1. File-Access Protocol .......................................5
2.2. File-Access Client .........................................5
2.3. Fileserver .................................................5
2.4. Referral ...................................................5
2.5. Namespace ..................................................6
2.6. Fileset ....................................................6
2.7. Fileset Name (FSN) .........................................6
2.8. Fileset Location (FSL) .....................................7
2.8.1. The NFS URI Scheme ..................................8
2.8.2. Mutual Consistency across Fileset Locations ........10
2.8.3. Caching of Fileset Locations .......................11
2.8.4. Generating a Referral from Fileset Locations .......12
2.9. Namespace Database (NSDB) .................................13
2.9.1. NSDB Client ........................................14
2.10. Junctions and Referrals ..................................14
2.11. Unified Namespace and the Root Fileset ...................15
2.12. UUID Considerations ......................................15
3. Examples .......................................................16
3.1. Creating a Fileset and Its FSL(s) .........................16
3.1.1. Creating a Fileset and an FSN ......................17
3.1.2. Adding a Replica of a Fileset ......................17
3.2. Junction Resolution .......................................17
3.3. Example Use Cases for Fileset Annotations .................18
4. NSDB Configuration and Schema ..................................19
4.1. LDAP Configuration ........................................19
4.2. LDAP Schema ...............................................21
4.2.1. LDAP Attributes ....................................23
4.2.2. LDAP Object Classes ................................38
5. NSDB Operations ................................................42
5.1. NSDB Operations for Administrators ........................43
5.1.1. Create an FSN ......................................43
5.1.2. Delete an FSN ......................................44
5.1.3. Create an FSL ......................................44
5.1.4. Delete an FSL ......................................47
5.1.5. Update an FSL ......................................48
5.2. NSDB Operations for Fileservers ...........................49
5.2.1. NSDB Container Entry (NCE) Enumeration .............49
5.2.2. Lookup FSLs for an FSN .............................49
5.3. NSDB Operations and LDAP Referrals ........................50
6. Security Considerations ........................................51
7. IANA Considerations ............................................52
7.1. Registry for the fedfsAnnotation Key Namespace ............52
7.2. Registry for FedFS Object Identifiers .....................52
1. Introduction ....................................................4
1.1. Requirements Language ......................................5
2. Overview of Features and Concepts ...............................5
2.1. File-Access Protocol .......................................5
2.2. File-Access Client .........................................5
2.3. Fileserver .................................................5
2.4. Referral ...................................................5
2.5. Namespace ..................................................6
2.6. Fileset ....................................................6
2.7. Fileset Name (FSN) .........................................6
2.8. Fileset Location (FSL) .....................................7
2.8.1. The NFS URI Scheme ..................................8
2.8.2. Mutual Consistency across Fileset Locations ........10
2.8.3. Caching of Fileset Locations .......................11
2.8.4. Generating a Referral from Fileset Locations .......12
2.9. Namespace Database (NSDB) .................................13
2.9.1. NSDB Client ........................................14
2.10. Junctions and Referrals ..................................14
2.11. Unified Namespace and the Root Fileset ...................15
2.12. UUID Considerations ......................................15
3. Examples .......................................................16
3.1. Creating a Fileset and Its FSL(s) .........................16
3.1.1. Creating a Fileset and an FSN ......................17
3.1.2. Adding a Replica of a Fileset ......................17
3.2. Junction Resolution .......................................17
3.3. Example Use Cases for Fileset Annotations .................18
4. NSDB Configuration and Schema ..................................19
4.1. LDAP Configuration ........................................19
4.2. LDAP Schema ...............................................21
4.2.1. LDAP Attributes ....................................23
4.2.2. LDAP Object Classes ................................38
5. NSDB Operations ................................................42
5.1. NSDB Operations for Administrators ........................43
5.1.1. Create an FSN ......................................43
5.1.2. Delete an FSN ......................................44
5.1.3. Create an FSL ......................................44
5.1.4. Delete an FSL ......................................47
5.1.5. Update an FSL ......................................48
5.2. NSDB Operations for Fileservers ...........................49
5.2.1. NSDB Container Entry (NCE) Enumeration .............49
5.2.2. Lookup FSLs for an FSN .............................49
5.3. NSDB Operations and LDAP Referrals ........................50
6. Security Considerations ........................................51
7. IANA Considerations ............................................52
7.1. Registry for the fedfsAnnotation Key Namespace ............52
7.2. Registry for FedFS Object Identifiers .....................52
7.3. LDAP Descriptor Registration ..............................55
8. Glossary .......................................................58
9. References .....................................................60
9.1. Normative References ......................................60
9.2. Informative References ....................................62
Acknowledgments ...................................................64
Authors' Addresses ................................................65
7.3. LDAP Descriptor Registration ..............................55
8. Glossary .......................................................58
9. References .....................................................60
9.1. Normative References ......................................60
9.2. Informative References ....................................62
Acknowledgments ...................................................64
Authors' Addresses ................................................65
A federated file system enables file access and namespace traversal in a uniform, secure, and consistent manner across multiple independent fileservers within an enterprise or across multiple enterprises.
联邦文件系统支持跨企业内或跨多个企业的多个独立文件服务器以统一、安全和一致的方式进行文件访问和命名空间遍历。
This document specifies a set of protocols that allow fileservers, possibly from different vendors and with different administrators, to cooperatively form a federation containing one or more federated file systems. Each federated file system's namespace is composed of the file systems physically hosted on and exported by the federation's fileservers. A federation comprises a common namespace across all its fileservers. A federation can project multiple namespaces and enable clients to traverse each one. A federation can contain an arbitrary number of namespace repositories, each belonging to a different administrative entity and each rendering a part of the namespace. A federation might also have an arbitrary number of administrative entities responsible for administering disjoint subsets of the fileservers.
本文档指定了一组协议,允许可能来自不同供应商和具有不同管理员的文件服务器协作形成包含一个或多个联合文件系统的联合。每个联邦文件系统的名称空间由联邦文件服务器上物理承载和导出的文件系统组成。联合体包含跨其所有文件服务器的公共名称空间。联合可以投影多个名称空间,并使客户端能够遍历每个名称空间。联合可以包含任意数量的名称空间存储库,每个存储库都属于不同的管理实体,并且每个存储库都呈现名称空间的一部分。联邦还可能有任意数量的管理实体负责管理文件服务器的不相交子集。
Traditionally, building a namespace that spans multiple fileservers has been difficult for two reasons. First, the fileservers that export pieces of the namespace are often not in the same administrative domain. Second, there is no standard mechanism for the fileservers to cooperatively present the namespace. Fileservers may provide proprietary management tools, and in some cases, an administrator may be able to use the proprietary tools to build a shared namespace out of the exported file systems. However, relying on vendor-specific proprietary tools does not work in larger enterprises or when collaborating across enterprises because the fileservers are likely to be from multiple vendors or use different software versions, each with their own namespace protocols, with no common mechanism to manage the namespace or exchange namespace information.
传统上,构建跨多个文件服务器的名称空间非常困难,原因有二。首先,导出命名空间片段的文件服务器通常不在同一管理域中。其次,文件服务器没有标准的机制来协同呈现名称空间。文件服务器可以提供专有的管理工具,在某些情况下,管理员可以使用专有工具从导出的文件系统构建共享命名空间。但是,在大型企业或跨企业协作时,依赖特定于供应商的专有工具是行不通的,因为文件服务器可能来自多个供应商或使用不同的软件版本,每个版本都有自己的命名空间协议,没有管理命名空间或交换命名空间信息的通用机制。
The federated file system protocols in this document define how to construct a namespace accessible by a Network File System (NFS) version 4.0 [RFC7530], NFSv4.1 [RFC5661], or newer client and have been designed to accommodate other file-access protocols in the future.
本文档中的联邦文件系统协议定义了如何构造网络文件系统(NFS)版本4.0[RFC7530]、NFSv4.1[RFC5661]或更高版本的客户端可以访问的命名空间,并设计用于在将来适应其他文件访问协议。
The requirements for federated file systems are described in [RFC5716]. A protocol for administering a fileserver's namespace is described in [RFC7533]. The mechanism for discovering the root of a federated namespace is described in [RFC6641].
[RFC5716]中描述了联邦文件系统的要求。[RFC7533]中描述了用于管理文件服务器命名空间的协议。[RFC6641]中描述了发现联邦命名空间根的机制。
In the rest of the document, the term "fileserver" denotes a fileserver that is part of a federation.
在文档的其余部分中,术语“文件服务器”表示作为联合体一部分的文件服务器。
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in [RFC2119].
本文件中的关键词“必须”、“不得”、“必需”、“应”、“不应”、“应”、“不应”、“建议”、“可”和“可选”应按照[RFC2119]中所述进行解释。
A file-access protocol is a network protocol for accessing data. The NFSv4.0 protocol [RFC7530] is an example of a file-access protocol.
文件访问协议是用于访问数据的网络协议。NFSv4.0协议[RFC7530]是文件访问协议的一个示例。
File-access clients are standard, off-the-shelf network-attached storage (NAS) clients that communicate with fileservers using a standard file-access protocol.
文件访问客户端是标准的现成网络连接存储(NAS)客户端,使用标准文件访问协议与文件服务器通信。
Fileservers are servers that store physical fileset data or refer file-access clients to other fileservers. A fileserver provides access to its shared file system data via a file-access protocol. A fileserver may be implemented in a number of different ways, including a single system, a cluster of systems, or some other configuration.
文件服务器是存储物理文件集数据或将文件访问客户端引用到其他文件服务器的服务器。文件服务器通过文件访问协议提供对其共享文件系统数据的访问。文件服务器可以以多种不同的方式实现,包括单个系统、系统集群或其他一些配置。
A referral is a mechanism by which a fileserver redirects a file-access client to a different fileserver or export. The exact information contained in a referral varies from one file-access protocol to another. The NFSv4.0 protocol, for example, defines the
引用是文件服务器将文件访问客户端重定向到其他文件服务器或导出的一种机制。引用中包含的确切信息因文件访问协议而异。例如,NFSv4.0协议定义了
fs_locations attribute for returning referral information to NFSv4.0 clients. The NFSv4.1 protocol introduces the fs_locations_info attribute that can return richer referral information to its clients. NFSv4.1 fileservers may use either attribute during a referral. Both attributes are defined in [RFC5661].
fs_locations属性,用于将转诊信息返回给NFSv4.0客户端。NFSv4.1协议引入了fs_locations_info属性,该属性可以向其客户端返回更丰富的推荐信息。NFSv4.1文件服务器在引用期间可以使用任一属性。这两个属性都在[RFC5661]中定义。
The goal of a unified namespace is to make all managed data available to any file-access client via the same path in a common file system namespace. This should be achieved with minimal or zero configuration on file-access clients. In particular, updates to the common namespace should not require configuration changes to any file-access client.
统一名称空间的目标是使所有托管数据通过公共文件系统名称空间中的相同路径可供任何文件访问客户端使用。这应该通过在文件访问客户端上进行最小或零配置来实现。特别是,对公共名称空间的更新不应要求对任何文件访问客户端进行配置更改。
Filesets, which are the units of data management, are a set of files and directories. From the perspective of file-access clients, the common namespace is constructed by mounting filesets that are physically located on different fileservers. The namespace, which is defined in terms of fileset names and locations, is stored in a set of namespace repositories, each managed by an administrative entity.
文件集是数据管理的单元,是一组文件和目录。从文件访问客户端的角度来看,公共名称空间是通过装载物理上位于不同文件服务器上的文件集来构建的。根据文件集名称和位置定义的名称空间存储在一组名称空间存储库中,每个存储库由一个管理实体管理。
The namespace schema defines the model used for populating, modifying, and querying the namespace repositories. It is not required by the federation that the namespace be common across all fileservers. It should be possible to have several independently rooted namespaces.
名称空间模式定义用于填充、修改和查询名称空间存储库的模型。联合并不要求名称空间在所有文件服务器中都是公共的。应该可以有几个独立的根命名空间。
A fileset is loosely defined as a set of files and the directory tree that contains them. The fileset abstraction is the basic unit of data management. Depending on the configuration, a fileset may be anything from an individual directory of an exported file system to an entire exported file system on a fileserver.
文件集松散地定义为一组文件和包含它们的目录树。文件集抽象是数据管理的基本单元。根据配置的不同,文件集可以是任何内容,从导出文件系统的单个目录到文件服务器上的整个导出文件系统。
A fileset is uniquely represented by its fileset name (FSN). An FSN is considered unique across a federation. After an FSN is created, it is associated with one or more fileset locations (FSLs) on one or more fileservers.
文件集由其文件集名称(FSN)唯一表示。FSN在整个联盟中被认为是唯一的。创建FSN后,它将与一个或多个文件服务器上的一个或多个文件集位置(FSL)相关联。
An FSN consists of:
FSN包括:
NsdbName: the network location of the Namespace Database (NSDB) node that contains authoritative information for this FSN.
NsdbName:包含此FSN的权威信息的命名空间数据库(NSDB)节点的网络位置。
FsnUuid: a UUID (universally unique identifier), conforming to [RFC4122], that is used to uniquely identify an FSN.
FsnUuid:符合[RFC4122]的UUID(通用唯一标识符),用于唯一标识FSN。
FsnTTL: the time-to-live of the FSN's FSL information, in seconds. Fileservers MUST NOT use cached FSL records after the parent FSN's FsnTTL has expired. An FsnTTL value of zero indicates that fileservers MUST NOT cache the results of resolving this FSN.
FsnTTL:FSN的FSL信息的生存时间,以秒为单位。在父FSN的FsnTTL过期后,文件服务器不得使用缓存的FSL记录。FsnTTL值为零表示文件服务器不得缓存解析此FSN的结果。
The NsdbName is not physically stored as an attribute of the record. The NsdbName is obvious to any client that accesses an NSDB and is indeed authenticated in cases where Transport Layer Security (TLS) is in effect.
NsdbName不是作为记录的属性物理存储的。NsdbName对于任何访问NSDB的客户端来说都是显而易见的,并且在传输层安全性(TLS)生效的情况下确实经过身份验证。
The FsnUuid and NsdbName values never change during an FSN's lifetime. However, an FSN's FSL information can change over time and is typically cached on fileservers for performance. More detail on FSL caching is provided in Section 2.8.3.
FsnUuid和NsdbName值在FSN的生存期内不会更改。但是,FSN的FSL信息会随着时间的推移而变化,通常会缓存在文件服务器上以提高性能。第2.8.3节提供了有关FSL缓存的更多详细信息。
An FSN record may also contain:
FSN记录还可能包含:
Annotations: name/value pairs that can be interpreted by a fileserver. The semantics of this field are not defined by this document. These tuples are intended to be used by higher-level protocols.
注释:可由文件服务器解释的名称/值对。本文档未定义此字段的语义。这些元组用于更高级别的协议。
Descriptions: text descriptions. The semantics of this field are not defined by this document.
描述:文本描述。本文档未定义此字段的语义。
An FSL describes one physical location where a complete copy of the fileset's data resides. An FSL contains generic and type-specific information that together describe how to access the fileset data at this location. An FSL's attributes can be used by a fileserver to decide which locations it will return to a file-access client.
FSL描述文件集数据的完整副本所在的一个物理位置。FSL包含通用信息和特定于类型的信息,这些信息共同描述了如何访问此位置的文件集数据。文件服务器可以使用FSL的属性来决定它将返回到文件访问客户端的位置。
An FSL consists of:
FSL包括:
FslUuid: a UUID, conforming to [RFC4122], that is used to uniquely identify an FSL.
FslUuid:符合[RFC4122]的UUID,用于唯一标识FSL。
FsnUuid: the UUID of the FSL's FSN.
FsnUuid:FSL的FSN的UUID。
NsdbName: the network location of the NSDB node that contains authoritative information for this FSL.
NsdbName:包含此FSL权威信息的NSDB节点的网络位置。
The NsdbName is not stored as an attribute of an FSL record for the same reason it is not stored in FSN records.
NsdbName未存储为FSL记录的属性,原因与它未存储在FSN记录中的原因相同。
An FSL record may also contain:
FSL记录还可能包含:
Annotations: name/value pairs that can be interpreted by a fileserver. The semantics of this field are not defined by this document. These tuples are intended to be used by higher-level protocols.
注释:可由文件服务器解释的名称/值对。本文档未定义此字段的语义。这些元组用于更高级别的协议。
Descriptions: text descriptions. The semantics of this field are not defined by this document.
描述:文本描述。本文档未定义此字段的语义。
In addition to the attributes defined above, an FSL record contains attributes that allow a fileserver to construct referrals. For each file-access protocol, a corresponding FSL record subtype is defined.
除了上面定义的属性外,FSL记录还包含允许文件服务器构造引用的属性。对于每个文件访问协议,都定义了相应的FSL记录子类型。
This document defines an FSL subtype for NFS. An NFS FSL contains information suitable for use in one of the NFSv4 referral attributes (e.g., fs_locations or fs_locations_info, described in [RFC5661]). Section 4.2.2.4 describes the contents of an NFS FSL record.
本文档定义了NFS的FSL子类型。NFS FSL包含适合在NFSv4引用属性之一中使用的信息(例如[RFC5661]中描述的fs_位置或fs_位置信息)。第4.2.2.4节描述了NFS FSL记录的内容。
A fileset may also be accessible by file-access protocols other than NFS. The contents and format of such FSL subtypes are not defined in this document.
文件集也可以通过NFS以外的文件访问协议进行访问。本文件未定义此类FSL子类型的内容和格式。
To capture the location of an NFSv4 fileset, we extend the NFS URL scheme specified in [RFC2224]. This extension follows rules for defining Uniform Resource Identifier schemes (see [RFC3986]). In the following text, we refer to this extended NFS URL scheme as an NFS URI.
为了捕获NFSv4文件集的位置,我们扩展了[RFC2224]中指定的NFS URL方案。此扩展遵循定义统一资源标识符方案的规则(请参见[RFC3986])。在以下文本中,我们将此扩展NFS URL方案称为NFS URI。
An NFS URI MUST contain both an authority and a path component. It MUST NOT contain a query component or a fragment component. Use of the familiar "nfs" scheme name is retained.
NFS URI必须同时包含权限和路径组件。它不能包含查询组件或片段组件。保留使用熟悉的“nfs”方案名称。
The rules for encoding the authority component of a generic URI are specified in section 3.2 of [RFC3986]. The authority component of an NFS URI MUST contain the host subcomponent. For globally scoped NFS URIs, a hostname used in such URIs SHOULD be a fully qualified domain name. See section 3.2.2 of [RFC3986] for rules on encoding non-ASCII characters in hostnames.
[RFC3986]第3.2节规定了通用URI的授权组件编码规则。NFS URI的授权组件必须包含主机子组件。对于全局范围的NFS URI,此类URI中使用的主机名应该是完全限定的域名。有关主机名中非ASCII字符编码的规则,请参见[RFC3986]第3.2.2节。
An NFS URI MAY contain a port subcomponent as described in section 3.2.3 of [RFC3986]. If this subcomponent is missing, a port value of 2049 is assumed, as specified in [RFC7530], Section 3.1.
NFS URI可能包含[RFC3986]第3.2.3节所述的端口子组件。如果缺少此子组件,则按照[RFC7530]第3.1节的规定,假定端口值为2049。
The rules for encoding the path component of a generic URI are specified in Section 3.3 of [RFC3986].
[RFC3986]第3.3节规定了通用URI的路径组件编码规则。
According to Sections 5 and 6 of [RFC2224], NFS URLs specify a pathname relative to an NFS fileserver's public filehandle. However, NFSv4 fileservers do not expose a public filehandle. Instead, NFSv4 pathnames contained in an NFS URI are evaluated relative to the pseudoroot of the fileserver identified in the URI's authority component.
根据[RFC2224]的第5节和第6节,NFS URL指定相对于NFS文件服务器的公共文件句柄的路径名。但是,NFSv4文件服务器不公开公共文件句柄。相反,NFS URI中包含的NFSv4路径名相对于URI的授权组件中标识的文件服务器的伪根进行计算。
Each component of an NFSv4 pathname is represented as a component4 string (see Section 3.2, "Basic Data Types", of [RFC5661]). The component4 elements of an NFSv4 pathname are encoded as path segments in an NFS URI. NFSv4 pathnames MUST be expressed in an NFS URI as an absolute path. An NFS URI path component MUST NOT be empty. The NFS URI path component starts with a slash ("/") character, followed by one or more path segments that each start with a slash ("/") character [RFC3986].
NFSv4路径名的每个组件都表示为component4字符串(参见[RFC5661]第3.2节“基本数据类型”)。NFSv4路径名的component4元素在NFS URI中编码为路径段。NFSv4路径名必须在NFS URI中表示为绝对路径。NFS URI路径组件不能为空。NFS URI路径组件以斜杠(“/”)字符开头,后跟一个或多个以斜杠(“/”)字符开头的路径段[RFC3986]。
Therefore, a double slash always follows the authority component of an NFS URI. For example, the NFSv4 pathname "/" is represented by two slash ("/") characters following an NFS URI's authority component.
因此,双斜杠始终位于NFS URI的授权组件之后。例如,NFSv4路径名“/”由NFS URI的授权组件后面的两个斜杠(“/”)字符表示。
The component names of an NFSv4 pathname MUST be prepared using the component name rules defined in Section 12 ("Internationalization") of [RFC7530] prior to encoding the path component of an NFS URI. As specified in [RFC3986], any non-ASCII characters and any URI-reserved characters, such as the slash ("/") character, contained in a component4 element MUST be represented by URI percent encoding.
在编码NFS URI的路径组件之前,必须使用[RFC7530]第12节(“国际化”)中定义的组件名称规则准备NFSv4路径名的组件名称。如[RFC3986]中所述,component4元素中包含的任何非ASCII字符和任何URI保留字符,如斜杠(“/”)字符,必须用URI百分比编码表示。
The path component of an NFS URI encodes the rootpath field of the NFSv4 fs_location4 data type or the "fli_rootpath" of the NFSv4 fs_locations_item4 data type (see [RFC5661]).
NFS URI的path组件对NFSv4 fs_location4数据类型的rootpath字段或NFSv4 fs_locations_item4数据类型的“fli_rootpath”进行编码(请参见[RFC5661])。
In its server field, the NFSv4 fs_location4 data type contains a list of universal addresses and DNS labels. Each may optionally include a port number. The exact encoding requirements for this information is found in Section 12.6 of [RFC7530]. The NFSv4 fs_locations_item4 data type encodes the same data in its fli_entries field (see [RFC5661]). This information is encoded in the authority component of an NFS URI.
在其服务器字段中,NFSv4 fs_location4数据类型包含通用地址和DNS标签的列表。每个端口可以选择性地包括端口号。该信息的确切编码要求见[RFC7530]第12.6节。NFSv4 fs_locations_item4数据类型在其fli_entries字段中对相同的数据进行编码(请参见[RFC5661])。此信息编码在NFS URI的授权组件中。
The server and fli_entries fields can encode multiple server hostnames that share the same pathname. An NFS URI, and hence an FSL record, represents only a single hostname and pathname pair. An NFS fileserver MUST NOT combine a set of FSL records into a single fs_location4 or fs_locations_item4 unless each FSL record in the set contains the same rootpath value and extended file system information.
服务器和fli_条目字段可以对共享同一路径名的多个服务器主机名进行编码。NFS URI和FSL记录只表示一个主机名和路径名对。NFS文件服务器不得将一组FSL记录组合到单个fs_location4或fs_locations_item4中,除非集合中的每个FSL记录都包含相同的根路径值和扩展文件系统信息。
All of the FSLs that have the same FSN (and thereby reference the same fileset) are equivalent from the point of view of access by a file-access client. Different fileset locations for an FSN represent the same data, though potentially at different points in time. Fileset locations are equivalent but not identical. Locations may be either read-only or read-write. Typically, multiple read-write locations are backed by a clustered file system while read-only locations are replicas created by a federation-initiated or external replication operation. Read-only locations may represent consistent point-in-time copies of a read-write location. The federation protocols, however, cannot prevent subsequent changes to a read-only location nor guarantee point-in-time consistency of a read-only location if the read-write location is changing.
从文件访问客户端访问的角度来看,具有相同FSN(从而引用相同文件集)的所有FSL都是等效的。FSN的不同文件集位置表示相同的数据,尽管可能在不同的时间点。文件集位置相等但不相同。位置可以是只读的,也可以是读写的。通常,群集文件系统支持多个读写位置,而只读位置是由联合启动或外部复制操作创建的副本。只读位置可以表示读写位置的一致时间点拷贝。但是,如果只读位置正在更改,联合协议不能阻止对只读位置的后续更改,也不能保证只读位置的时间点一致性。
Regardless of the type, one file-access client may be referred to a location described by one FSL while another client chooses to use a location described by another FSL. Since updates to each fileset location are not controlled by the federation protocol, it is the responsibility of administrators to guarantee the functional equivalence of the data.
无论类型如何,一个文件访问客户机可能会被引用到一个FSL描述的位置,而另一个客户机选择使用另一个FSL描述的位置。由于对每个文件集位置的更新不受联合协议控制,因此管理员有责任保证数据的功能等价性。
The federation protocols do not guarantee that different fileset locations are mutually consistent in terms of the currency of their data. However, they provide a means to publish currency information
联合协议不能保证不同的文件集位置在数据货币方面相互一致。但是,它们提供了发布货币信息的手段
so that all fileservers in a federation can convey the same information to file-access clients during referrals. Clients use this information to ensure they do not revert to an out-of-date version of a fileset's data when switching between fileset locations. NFSv4.1 provides guidance on how replication can be handled in such a manner. In particular, see Section 11.7 of [RFC5661].
这样,联合体中的所有文件服务器都可以在引用期间向文件访问客户端传递相同的信息。客户端使用此信息来确保在文件集位置之间切换时不会恢复到文件集数据的过期版本。NFSv4.1提供了有关如何以这种方式处理复制的指导。具体见[RFC5661]第11.7节。
To resolve an FSN to a set of FSL records, a fileserver queries the NSDB node named in the FSN for FSL records associated with this FSN. The parent FSN's FsnTTL attribute (see Section 2.7) specifies the period of time during which a fileserver may cache these FSL records.
要将FSN解析为一组FSL记录,文件服务器将查询FSN中命名的NSDB节点,以查找与此FSN关联的FSL记录。父FSN的FsnTTL属性(请参见第2.7节)指定文件服务器可以缓存这些FSL记录的时间段。
The combination of FSL caching and FSL migration presents a challenge. For example, suppose there are three fileservers named A, B, and C. Suppose further that fileserver A contains a junction J to fileset X stored on fileserver B (see Section 2.10 for a description of junctions).
FSL缓存和FSL迁移的结合带来了一个挑战。例如,假设有三个名为A、B和C的文件服务器。进一步假设文件服务器A包含存储在文件服务器B上的J到文件集X的连接(有关连接的说明,请参阅第2.10节)。
Now suppose that fileset X is migrated from fileserver B to fileserver C, and the corresponding FSL information for fileset X in the authoritative NSDB is updated.
现在假设文件集X从文件服务器B迁移到文件服务器C,并更新权威NSDB中文件集X的相应FSL信息。
If fileserver A has cached FSLs for fileset X, a file-access client traversing junction J on fileserver A will be referred to fileserver B, even though fileset X has migrated to fileserver C. If fileserver A had not cached the FSL records, it would have queried the NSDB and obtained the correct location of fileset X.
如果文件服务器A缓存了文件集X的FSL,则在文件服务器A上通过连接J的文件访问客户端将被引用到文件服务器B,即使文件集X已迁移到文件服务器C。如果文件服务器A没有缓存FSL记录,它将查询NSDB并获得文件集X的正确位置。
Typically, the process of fileset migration leaves a redirection on the source fileserver in place of a migrated fileset (without such a redirection, file-access clients would find an empty space where the migrated fileset was, which defeats the purpose of a managed migration).
通常,文件集迁移的过程会在源文件服务器上留下一个重定向来代替迁移的文件集(如果没有这样的重定向,文件访问客户端将在迁移的文件集所在的位置找到一个空白空间,这会破坏托管迁移的目的)。
This redirection might be a new junction that targets the same FSN as other junctions referring to the migrated fileset, or it might be some other kind of directive, depending on the fileserver implementation, that simply refers file-access clients to the new location of the migrated fileset.
此重定向可能是一个新的连接,其目标与引用已迁移文件集的其他连接相同,也可能是某种其他类型的指令,具体取决于文件服务器实现,它只是将文件访问客户端引用到已迁移文件集的新位置。
Back to our example. Suppose, as part of the migration process, a junction replaces fileset X on fileserver B. Later, either:
回到我们的例子。假设,作为迁移过程的一部分,连接将替换文件服务器B上的文件集X。稍后,可以:
o New file-access clients are referred to fileserver B by stale FSL information cached on fileserver A, or
o 文件服务器A上缓存的陈旧FSL信息将新的文件访问客户端引用到文件服务器B,或
o File-access clients continue to access fileserver B because they cache stale location data for fileset X.
o 文件访问客户端继续访问文件服务器B,因为它们缓存文件集X的过时位置数据。
In either case, thanks to the redirection, file-access clients are informed by fileserver B that fileset X has moved to fileserver C.
在这两种情况下,由于重定向,文件服务器B会通知文件访问客户端文件集X已移动到文件服务器C。
Such redirecting junctions (here, on fileserver B) would not be required to be in place forever. They need to stay in place at least until FSL entries cached on fileservers and locations cached on file-access clients for the target fileset are invalidated.
这样的重定向连接(这里是在文件服务器B上)不需要永远存在。至少在文件服务器上缓存的FSL条目和目标文件集的文件访问客户端上缓存的位置失效之前,它们需要保持在原位。
The FsnTTL field in the FSL's parent FSN (see Section 2.7) specifies an upper bound for the lifetime of cached FSL information and thus can act as a lower bound for the lifetime of redirecting junctions.
FSL的父FSN中的FsnTTL字段(参见第2.7节)指定了缓存的FSL信息的生存期上限,因此可以作为重定向连接的生存期下限。
For example, suppose the FsnTTL field contains the value 3600 seconds (one hour). In such a case, administrators SHOULD keep the redirection in place for at least one hour after a fileset migration has taken place because a referring fileserver might cache the FSL data during that time before refreshing it.
例如,假设FsnTTL字段包含3600秒(一小时)的值。在这种情况下,管理员应该在文件集迁移发生后将重定向保持至少一个小时,因为引用文件服务器可能会在刷新FSL数据之前缓存该数据。
To get file-access clients to access the destination fileserver more quickly, administrators SHOULD set the FsnTTL field of the migrated fileset to a low number or zero before migration begins. It can be reset to a more reasonable number at a later point.
为了让文件访问客户端更快地访问目标文件服务器,管理员应该在迁移开始之前将迁移的文件集的FsnTTL字段设置为低值或零。稍后可以将其重置为更合理的数字。
Note that some file-access protocols do not communicate location cache expiry information to file-access clients. In some cases, it may be difficult to determine an appropriate lifetime for redirecting junctions because file-access clients may cache location information indefinitely.
请注意,某些文件访问协议不会将位置缓存到期信息传递给文件访问客户端。在某些情况下,可能很难确定重定向连接的适当生存期,因为文件访问客户端可能无限期地缓存位置信息。
After resolving an FSN to a set of FSL records, the fileserver generates a referral to redirect a file-access client to one or more of the FSN's FSLs. The fileserver converts the FSL records to a referral format understood by a particular file-access client, such as an NFSv4 fs_locations or fs_locations_info attribute.
将FSN解析为一组FSL记录后,文件服务器生成一个引用,将文件访问客户端重定向到一个或多个FSN的FSL。文件服务器将FSL记录转换为特定文件访问客户端可以理解的引用格式,例如NFSv4 fs_locations或fs_locations_info属性。
To give file-access clients as many options as possible, the fileserver SHOULD include the maximum possible number of FSL records in a referral. However, the fileserver MAY omit some of the FSL records from the referral. For example, the fileserver might omit an FSL record because of limitations in the file-access protocol's referral format.
为了向文件访问客户端提供尽可能多的选项,文件服务器应该在引用中包含尽可能多的FSL记录。但是,文件服务器可能会从引用中省略一些FSL记录。例如,由于文件访问协议的引用格式的限制,文件服务器可能会忽略FSL记录。
For a given FSL record, the fileserver MAY convert or reduce the FSL record's contents in a manner appropriate to the referral format. For example, an NFS FSL record contains all the data necessary to construct an fs_locations_info attribute, but an fs_locations_info attribute contains several pieces of information that are not found in the simpler fs_locations attribute. A fileserver constructs entries in an fs_locations attribute using the relevant contents of an NFS FSL record.
对于给定的FSL记录,文件服务器可以以适合于引用格式的方式转换或减少FSL记录的内容。例如,NFS FSL记录包含构造fs_locations_info属性所需的所有数据,但fs_locations_info属性包含一些在更简单的fs_locations属性中找不到的信息。文件服务器使用NFS FSL记录的相关内容在fs_locations属性中构造条目。
Whenever the fileserver converts or reduces FSL data, the fileserver SHOULD attempt to maintain the original meaning where possible. For example, an NFS FSL record contains the rank and order information that is included in an fs_locations_info attribute (see NFSv4.1's FSLI4BX_READRANK, FSLI4BX_READORDER, FSLI4BX_WRITERANK, and FSLI4BX_WRITEORDER). While this rank and order information is not explicitly expressible in an fs_locations attribute, the fileserver can arrange the fs_locations attribute's locations list based on the rank and order values.
每当文件服务器转换或减少FSL数据时,文件服务器应尽可能保持原始含义。例如,NFS FSL记录包含包含在fs_locations_info属性中的秩和顺序信息(请参阅NFSv4.1的FSLI4BX_READRANK、FSLI4BX_READORDER、FSLI4BX_WRITERANK和FSLI4BX_WRITEORDER)。虽然在fs_locations属性中无法显式表示此排名和顺序信息,但文件服务器可以根据排名和顺序值排列fs_locations属性的位置列表。
Another example: A single NFS FSL record contains the hostname of one fileserver. A single fs_locations attribute can contain a list of fileserver names. An NFS fileserver MAY combine two or more FSL records into a single entry in an fs_locations or fs_locations_info array only if each FSL record contains the same pathname and extended file system information.
另一个示例:单个NFS FSL记录包含一个文件服务器的主机名。单个fs_locations属性可以包含文件服务器名称列表。仅当每个FSL记录包含相同的路径名和扩展文件系统信息时,NFS文件服务器才可以将两个或多个FSL记录合并到fs_locations或fs_locations_info数组中的单个条目中。
Refer to Sections 11.9 and 11.10 of the NFSv4.1 protocol specification [RFC5661] for further details.
有关更多详细信息,请参阅NFSv4.1协议规范[RFC5661]第11.9节和第11.10节。
The NSDB service is a federation-wide service that provides interfaces to define, update, and query FSN information, FSL information, and FSN-to-FSL mapping information.
NSDB服务是一种联邦范围的服务,提供定义、更新和查询FSN信息、FSL信息以及FSN到FSL映射信息的接口。
An individual repository of namespace information is called an NSDB node. The difference between the NSDB service and an NSDB node is analogous to that between the DNS service and a particular DNS server.
名称空间信息的单个存储库称为NSDB节点。NSDB服务和NSDB节点之间的区别类似于DNS服务和特定DNS服务器之间的区别。
Each NSDB node is managed by a single administrative entity. A single administrative entity can manage multiple NSDB nodes.
每个NSDB节点由单个管理实体管理。单个管理实体可以管理多个NSDB节点。
Each NSDB node stores the definition of the FSNs for which it is authoritative. It also stores the definitions of the FSLs associated with those FSNs. An NSDB node is authoritative for the filesets that it defines.
每个NSDB节点存储其授权的FSN的定义。它还存储与这些FSN关联的FSL的定义。NSDB节点对其定义的文件集具有权威性。
An NSDB MAY be replicated throughout the federation. If an NSDB is replicated, the NSDB MUST exhibit loose, converging consistency as defined in [RFC3254]. The mechanism by which this is achieved is outside the scope of this document. Many Lightweight Directory Access Protocol (LDAP) implementations support replication. These features MAY be used to replicate the NSDB.
NSDB可以在整个联盟中复制。如果复制NSDB,NSDB必须表现出[RFC3254]中定义的松散、收敛一致性。实现这一目标的机制不在本文件的范围之内。许多轻量级目录访问协议(LDAP)实现都支持复制。这些功能可用于复制NSDB。
Each NSDB node supports an LDAP [RFC4510] interface. An NSDB client is software that uses the LDAP protocol to access or update namespace information stored on an NSDB node.
每个NSDB节点都支持LDAP[RFC4510]接口。NSDB客户端是使用LDAP协议访问或更新存储在NSDB节点上的命名空间信息的软件。
A domain's administrative entity uses NSDB client software to manage information stored on NSDB nodes. Details of these transactions are discussed in Section 5.1.
域的管理实体使用NSDB客户端软件来管理存储在NSDB节点上的信息。第5.1节讨论了这些交易的细节。
Fileservers act as an NSDB client when contacting a particular NSDB node to resolve an FSN to a set of FSL records. The resulting location information is then transferred to file-access clients via referrals. Therefore, file-access clients never need to access NSDBs directly. These transactions are described in Section 5.2.
文件服务器在联系特定NSDB节点以将FSN解析为一组FSL记录时充当NSDB客户端。然后,生成的位置信息通过转介传输到文件访问客户端。因此,文件访问客户端永远不需要直接访问NSDB。第5.2节描述了这些交易。
A junction is a point in a particular fileset namespace where a specific target fileset may be attached. If a file-access client traverses the path leading from the root of a federated namespace to the junction referring to a target fileset, it should be able to mount and access the data in that target fileset (assuming appropriate permissions). In other words, a junction can be viewed as a reference from a directory in one fileset to the root of the target fileset.
连接点是特定文件集命名空间中的一个点,可以在其中附加特定的目标文件集。如果文件访问客户机遍历从联邦命名空间的根到引用目标文件集的连接的路径,则它应该能够装载和访问该目标文件集中的数据(假定具有适当的权限)。换句话说,可以将连接视为从一个文件集中的目录到目标文件集的根目录的引用。
A junction can be implemented as a special marker on a directory or by some other mechanism in the fileserver's underlying file system. What data is used by the fileserver to represent junctions is not defined by this document. The essential property is that given a junction, a fileserver must be able to find the FSN for the target fileset.
连接可以作为目录上的特殊标记实现,也可以通过文件服务器底层文件系统中的其他机制实现。文件服务器用于表示连接的数据不在本文档中定义。基本属性是,给定一个连接,文件服务器必须能够找到目标文件集的FSN。
When a file-access client reaches a junction, the fileserver refers the client to a list of FSLs associated with the FSN targeted by the junction. The client can then mount one of the associated FSLs.
当文件访问客户机到达连接点时,文件服务器会向客户机引用与连接点所针对的FSN相关联的FSL列表。然后,客户机可以装载一个相关的FSL。
The federation protocols do not limit where and how many times a fileset is mounted in the namespace. Filesets can be nested; a fileset can be mounted under another fileset.
联合协议不限制文件集在命名空间中的装入位置和装入次数。文件集可以嵌套;一个文件集可以装载在另一个文件集下。
The root fileset, when defined, is the top-level fileset of the federation-wide namespace. The root of the unified namespace is the top level directory of this fileset. A set of designated fileservers in the federation can export the root fileset to render the federation-wide unified namespace. When a file-access client mounts the root fileset from any of these designated fileservers, it can view a common federation-wide namespace.
定义根文件集时,它是整个联合体命名空间的顶级文件集。统一命名空间的根目录是此文件集的顶级目录。联合体中的一组指定文件服务器可以导出根文件集以呈现联合体范围的统一命名空间。当文件访问客户端从这些指定的文件服务器中装载根文件集时,它可以查看一个通用的联邦范围的命名空间。
To ensure FSN and FSL records are unique across a domain, Federated File System (FedFS) employs UUIDs conforming to [RFC4122] to form the distinguished names of LDAP records containing FedFS data (see Section 4.2.2.2).
为了确保FSN和FSL记录在域中是唯一的,联邦文件系统(FedFS)使用符合[RFC4122]的UUID来形成包含FedFS数据的LDAP记录的可分辨名称(参见第4.2.2.2节)。
Because junctions store a tuple containing an FSN UUID and the name and port of an NSDB node, an FSN UUID must be unique only on a single NSDB node. An FSN UUID collision can be detected immediately when an administrator attempts to publish an FSN or FSL by storing it under a specific NSDB Container Entry (NCE) on an authoritative NSDB host.
由于连接存储包含FSN UUID以及NSDB节点的名称和端口的元组,因此FSN UUID只能在单个NSDB节点上唯一。当管理员试图通过将FSN或FSL存储在权威NSDB主机上的特定NSDB容器条目(NCE)下来发布FSN或FSL时,可以立即检测到FSN UUID冲突。
Note that one NSDB node may store multiple NCEs, each under a different namingContext. If an NSDB node must contain more than one NCE, the federation's admin entity SHOULD provide a robust method for preventing FSN UUID collisions between FSNs that reside on the same NSDB node but under different NCEs.
请注意,一个NSDB节点可以存储多个NCE,每个NCE位于不同的namingContext下。如果NSDB节点必须包含多个NCE,则联合会的管理实体应提供一种健壮的方法,以防止驻留在同一NSDB节点上但处于不同NCE下的FSN之间的FSN UUID冲突。
Because FSLs are children of FSNs, FSL UUIDs must be unique for just a single FSN. As with FSNs, as soon as an FSL is published, its uniqueness is guaranteed.
因为FSL是FSN的子项,所以FSL UUID对于单个FSN必须是唯一的。与FSN一样,一旦发布FSL,就可以保证其唯一性。
A fileserver performs the operations described in Section 5.2 as an unauthenticated user. Thus, distinguished names of FSN and FSL records, as well as the FSN and FSL records themselves, are required to be readable by anyone who can bind anonymously to an NSDB node. Therefore, FSN and FSL UUIDs should be considered public information.
文件服务器以未经身份验证的用户身份执行第5.2节中描述的操作。因此,可以匿名绑定到NSDB节点的任何人都必须能够读取FSN和FSL记录的可分辨名称以及FSN和FSL记录本身。因此,FSN和FSL UUID应被视为公共信息。
Version 1 UUIDs contain a host's Media Access Control (MAC) address and a timestamp in the clear. This gives provenance to each UUID, but attackers can use such details to guess information about the host where the UUID was generated. Security-sensitive installations should be aware that on externally facing NSDBs, UUIDs can reveal information about the hosts where they are generated.
版本1 UUID包含主机的媒体访问控制(MAC)地址和明文中的时间戳。这提供了每个UUID的来源,但攻击者可以使用这些详细信息猜测生成UUID的主机的相关信息。对安全敏感的安装应注意,在面向外部的NSDB上,UUID可以显示有关生成它们的主机的信息。
In addition, version 1 UUIDs depend on the notion that a hardware MAC address is unique across machines. As virtual machines do not depend on unique physical MAC addresses and, in any event, an administrator can modify the physical MAC address, version 1 UUIDs are no longer considered sufficient.
此外,版本1 UUID依赖于硬件MAC地址在机器之间是唯一的这一概念。由于虚拟机不依赖于唯一的物理MAC地址,而且在任何情况下,管理员都可以修改物理MAC地址,因此版本1 UUID不再被认为是足够的。
To minimize the probability of UUIDs colliding, a consistent procedure for generating UUIDs should be used throughout a federation. Within a federation, UUIDs SHOULD be generated using the procedure described for version 4 of the UUID variant specified in [RFC4122].
为了最小化UUID冲突的概率,应该在整个联盟中使用一致的UUID生成过程。在联邦内,UUID应使用[RFC4122]中指定的UUID变体版本4所述的过程生成。
In this section we provide examples and discussion of the basic operations facilitated by the federated file system protocol: creating a fileset, adding a replica of a fileset, resolving a junction, and creating a junction.
在本节中,我们提供了联邦文件系统协议促进的基本操作的示例和讨论:创建文件集、添加文件集副本、解析连接和创建连接。
A fileset is the abstraction of a set of files and the directory tree that contains them. The fileset abstraction is the fundamental unit of data management in the federation. This abstraction is implemented by an actual directory tree whose root location is specified by a fileset location (FSL).
文件集是一组文件和包含它们的目录树的抽象。文件集抽象是联邦中数据管理的基本单元。此抽象由实际目录树实现,其根位置由文件集位置(FSL)指定。
In this section, we describe the basic requirements for starting with a directory tree and creating a fileset that can be used in the federation protocols. Note that we do not assume that the process of creating a fileset requires any transformation of the files or the directory hierarchy. The only thing that is required by this process is assigning the fileset a fileset name (FSN) and expressing the location of the implementation of the fileset as an FSL.
在本节中,我们将描述从目录树开始并创建可在联合协议中使用的文件集的基本要求。请注意,我们并不认为创建文件集的过程需要对文件或目录层次结构进行任何转换。这个过程唯一需要的是为文件集分配一个文件集名称(FSN),并将文件集实现的位置表示为FSL。
There are many possible variations to this procedure, depending on how the FSN that binds the FSL is created and whether other replicas of the fileset exist, are known to the federation, and need to be bound to the same FSN.
此过程有许多可能的变化,这取决于绑定FSL的FSN是如何创建的,以及文件集的其他副本是否存在,联邦是否知道,并且需要绑定到同一FSN。
It is easiest to describe this in terms of how to create the initial implementation of the fileset and then describe how to add replicas.
从如何创建文件集的初始实现以及如何添加副本的角度来描述这一点最简单。
The following administrative steps create an FSN, which is used to track all replicas of a single physical dataset.
以下管理步骤创建一个FSN,用于跟踪单个物理数据集的所有副本。
1. Choose the NSDB node that will keep track of the FSL(s) and related information for the fileset.
1. 选择将跟踪文件集的FSL和相关信息的NSDB节点。
2. Create an FSN in the NSDB node.
2. 在NSDB节点中创建FSN。
The FSN UUID is chosen by the administrator or generated automatically by administration software. The former case is used if the fileset is being restored, perhaps as part of disaster recovery, and the administrator wishes to specify the FSN UUID in order to permit existing junctions that reference that FSN to work again.
FSN UUID由管理员选择或由管理软件自动生成。如果正在恢复文件集(可能是作为灾难恢复的一部分),并且管理员希望指定FSN UUID以允许引用该FSN的现有连接再次工作,则使用前一种情况。
At this point, the FSN exists, but its fileset locations are unspecified.
此时,FSN存在,但其文件集位置未指定。
3. For the FSN created above, create an FSL in the NSDB node that describes the physical location of the fileset data.
3. 对于上面创建的FSN,在NSDB节点中创建一个FSL,描述文件集数据的物理位置。
Adding a replica is straightforward: the NSDB node and the FSN are already known. The only remaining step is to add another FSL.
添加复制副本很简单:NSDB节点和FSN已经知道了。剩下的唯一步骤是添加另一个FSL。
Note that the federation protocols provide only the mechanisms to register and unregister replicas of a fileset. Fileserver-to-fileserver replication protocols are not defined.
请注意,联合协议仅提供注册和注销文件集副本的机制。未定义文件服务器到文件服务器的复制协议。
A fileset may contain references to other filesets. These references are represented by junctions. If a file-access client requests access to a fileset object that is a junction, the fileserver resolves the junction to discover one or more FSLs that implement the referenced fileset.
文件集可能包含对其他文件集的引用。这些参照由连接表示。如果文件访问客户端请求访问作为连接的文件集对象,则文件服务器将解析该连接以发现一个或多个实现所引用文件集的FSL。
There are many possible variations to this procedure, depending on how the junctions are represented by the fileserver and how the fileserver performs junction resolution.
此过程有许多可能的变体,具体取决于文件服务器如何表示连接以及文件服务器如何执行连接解析。
Step 4 is the only step that interacts directly with the federation protocols. The rest of the steps may use platform-specific interfaces.
步骤4是与联合协议直接交互的唯一步骤。其余步骤可能使用特定于平台的接口。
1. The fileserver determines that the object being accessed is a junction.
1. 文件服务器确定要访问的对象是连接。
2. The fileserver does a local lookup to find the FSN of the target fileset.
2. 文件服务器执行本地查找以查找目标文件集的FSN。
3. Using the FSN, the fileserver finds the NSDB node responsible for the target FSN.
3. 文件服务器使用FSN查找负责目标FSN的NSDB节点。
4. The fileserver contacts that NSDB node and asks for the set of FSLs that implement the target FSN. The NSDB node responds with a (possibly empty) set of FSLs.
4. 文件服务器联系该NSDB节点并请求实现目标FSN的FSL集。NSDB节点使用一组(可能为空)FSL进行响应。
5. The fileserver converts one or more of the FSLs to the location type used by the file-access client (e.g., an NFSv4 fs_locations attribute as described in [RFC5661]).
5. 文件服务器将一个或多个FSL转换为文件访问客户端使用的位置类型(例如,[RFC5661]中描述的NFSv4 fs_locations属性)。
6. The fileserver redirects (in whatever manner is appropriate for the client) the client to the location(s).
6. 文件服务器将客户端重定向(以适合客户端的任何方式)到该位置。
Fileset annotations can convey additional attributes of a fileset. For example, fileset annotations can be used to define relationships between filesets that can be used by an auxiliary replication protocol. Consider the scenario where a fileset is created and mounted at some point in the namespace. A snapshot of the read-write FSL of that fileset is taken periodically at different frequencies (say, a daily or weekly snapshot). The different snapshots are mounted at different locations in the namespace.
文件集批注可以传递文件集的附加属性。例如,文件集批注可用于定义可由辅助复制协议使用的文件集之间的关系。考虑在命名空间中的某个点创建和安装文件集的场景。该文件集的读写FSL的快照以不同的频率定期拍摄(例如,每日或每周快照)。不同的快照装载在命名空间中的不同位置。
The daily snapshots are considered as different filesets from the weekly ones, but both are related to the source fileset. We can define an annotation labeling the filesets as source and replica. The replication protocol can use this information to copy data from one or more FSLs of the source fileset to all the FSLs of the replica fileset. The replica filesets are read-only while the source fileset is read-write.
每日快照被视为与每周快照不同的文件集,但两者都与源文件集相关。我们可以定义一个注释,将文件集标记为源和副本。复制协议可以使用此信息将数据从源文件集的一个或多个FSL复制到副本文件集的所有FSL。副本文件集是只读的,而源文件集是读写的。
This follows the traditional Andrew File System (AFS) model of mounting the read-only volume at a path in the namespace different from that of the read-write volume [AFS].
这遵循了传统的Andrew文件系统(AFS)模型,即将只读卷装入命名空间中与读写卷[AFS]不同的路径。
The federation protocol does not control or manage the relationship among filesets. It merely enables annotating the filesets with user-defined relationships.
联合协议不控制或管理文件集之间的关系。它只允许使用用户定义的关系对文件集进行注释。
Another potential use for annotations is recording references to an FSN. A single annotation containing the number of references could be defined, or multiple annotations, one per reference, could be used to store detailed information on the location of each reference.
注释的另一个潜在用途是记录对FSN的引用。可以定义一个包含引用数量的注释,或者可以使用多个注释(每个引用一个注释)来存储每个引用位置的详细信息。
As with the replication annotation described above, the maintenance of reference information would not be controlled by the federation protocol. The information would most likely be non-authoritative because the ability to create a junction does not require the authority to update the FSN record. In any event, such annotations could be useful to administrators for determining if an FSN is referenced by a junction.
与上面描述的复制注释一样,参考信息的维护将不受联合协议的控制。这些信息很可能是非权威性的,因为创建连接的能力不需要权威机构更新FSN记录。在任何情况下,管理员都可以使用这些注释来确定连接是否引用了FSN。
This section describes how an NSDB is constructed using an LDAP Version 3 [RFC4510] directory. Section 4.1 describes the basic properties of the LDAP configuration that MUST be used in order to ensure compatibility between different implementations. Section 4.2 defines the new LDAP attribute types and the new object types; it also specifies how the distinguished name (DN) of each object instance MUST be constructed.
本节介绍如何使用LDAP版本3[RFC4510]目录构造NSDB。第4.1节描述了为确保不同实现之间的兼容性而必须使用的LDAP配置的基本属性。第4.2节定义了新的LDAP属性类型和新的对象类型;它还指定必须如何构造每个对象实例的可分辨名称(DN)。
An NSDB is constructed using an LDAP directory. This LDAP directory MAY have multiple naming contexts. The LDAP directory's entry specific to Digital Signature Algorithm (DSA) (its rootDSE) has a multi-valued namingContext attribute. Each value of the namingContext attribute is the DN of a naming context's root entry (see [RFC4512]).
NSDB是使用LDAP目录构建的。此LDAP目录可能有多个命名上下文。特定于数字签名算法(DSA)的LDAP目录项(其rootDSE)具有多值namingContext属性。namingContext属性的每个值都是命名上下文根条目的DN(请参见[RFC4512])。
For each naming context that contains federation entries (e.g., FSNs and FSLs):
对于包含联合条目(例如,FSN和FSL)的每个命名上下文:
1. There MUST be an LDAP entry that is superior to all of the naming context's federation entries in the Directory Information Tree (DIT). This entry is termed the NSDB Container Entry (NCE). The NCE's children are FSNs. An FSN's children are FSLs.
1. 必须有一个LDAP条目优于目录信息树(DIT)中所有命名上下文的联合条目。此条目称为NSDB容器条目(NCE)。NCE的孩子是FSN。FSN的孩子是FSL。
2. The naming context's root entry MUST include "fedfsNsdbContainerInfo" (defined in Section 4.2.2.1) as one of its object classes. The fedfsNsdbContainerInfo's fedfsNceDN attribute is used to locate the naming context's NCE.
2. 命名上下文的根条目必须包含“fedfsNsdbContainerInfo”(在第4.2.2.1节中定义)作为其对象类之一。fedfsNsdbContainerInfo的fedfsNceDN属性用于定位命名上下文的NCE。
If a naming context does not contain federation entries, it will not contain an NCE, and its root entry will not include a "fedfsNsdbContainerInfo" as one of its object classes.
如果命名上下文不包含联合条目,则它将不包含NCE,并且它的根条目将不包含“fedfsNsdbContainerInfo”作为其对象类之一。
A fedfsNsdbContainerInfo's fedfsNceDN attribute contains the distinguished name (DN) of the NSDB Container Entry residing under this naming context. The fedfsNceDN attribute MUST NOT be empty.
fedfsNsdbContainerInfo的fedfsNceDN属性包含驻留在此命名上下文下的NSDB容器项的可分辨名称(DN)。fedfsNceDN属性不能为空。
For example, an LDAP directory might have the following entries:
例如,LDAP目录可能包含以下条目:
-+ [root DSE]
| namingContext: o=fedfs
| namingContext: dc=example,dc=com
| namingContext: ou=system
|
|
+---- [o=fedfs]
| fedfsNceDN: o=fedfs
|
|
+---- [dc=example,dc=com]
| fedfsNceDN: ou=fedfs,ou=corp-it,dc=example,dc=com
|
|
+---- [ou=system]
-+ [root DSE]
| namingContext: o=fedfs
| namingContext: dc=example,dc=com
| namingContext: ou=system
|
|
+---- [o=fedfs]
| fedfsNceDN: o=fedfs
|
|
+---- [dc=example,dc=com]
| fedfsNceDN: ou=fedfs,ou=corp-it,dc=example,dc=com
|
|
+---- [ou=system]
In this case, the "o=fedfs" namingContext has an NSDB Container Entry at "o=fedfs", the "dc=example,dc=com" namingContext has an NSDB Container Entry at "ou=fedfs,ou=corp-it,dc=example,dc=com", and the "ou=system" namingContext has no NSDB Container Entry.
在这种情况下,“o=fedfs”namingContext在“o=fedfs”处有一个NSDB容器条目,“dc=example,dc=com”namingContext在“ou=fedfs,ou=corp it,dc=example,dc=com”处有一个NSDB容器条目,“ou=system”namingContext没有NSDB容器条目。
The NSDB SHOULD be configured with one or more privileged LDAP users. These users are able to modify the contents of the LDAP database. An administrator that performs the operations described in Section 5.1 SHOULD authenticate using the DN of a privileged LDAP user.
NSDB应配置一个或多个具有特权的LDAP用户。这些用户能够修改LDAP数据库的内容。执行第5.1节所述操作的管理员应使用特权LDAP用户的DN进行身份验证。
It MUST be possible for an unprivileged (unauthenticated) user to perform LDAP queries that access the NSDB data. A fileserver performs the operations described in Section 5.2 as an unprivileged user.
非特权(未经验证)用户必须能够执行访问NSDB数据的LDAP查询。文件服务器以非特权用户的身份执行第5.2节中描述的操作。
All implementations SHOULD use the same schema. At minimum, each MUST use a schema that includes all objects named in the following sections, with all associated attributes. If it is necessary for an
所有实现都应该使用相同的模式。至少,每个应用程序必须使用一个模式,该模式包含以下部分中命名的所有对象以及所有相关属性。如果有必要
implementation to extend the schema defined here, consider using one of the following ways to extend the schema:
实现扩展在此定义的架构,请考虑使用下列方式之一扩展架构:
o Define a fedfsAnnotation key and values (see Section 4.2.1.6). Register the new key and values with IANA (see Section 7.1).
o 定义FEDFS注释键和值(参见第4.2.1.6节)。向IANA注册新的密钥和值(见第7.1节)。
o Define additional attribute types and object classes, then have entries inherit from a class defined in this document and from the implementation-defined ones.
o 定义其他属性类型和对象类,然后让条目继承本文档中定义的类和实现定义的类。
Given the above configuration guidelines, an NSDB SHOULD be constructed using a dedicated LDAP server. If LDAP directories are needed for other purposes, such as to store user account information, use of a separate LDAP server for those is RECOMMENDED. By using an LDAP server dedicated to storing NSDB records, there is no need to disturb the configuration of any other LDAP directories that store information unrelated to an NSDB.
根据上述配置指南,应使用专用LDAP服务器构建NSDB。如果出于其他目的(如存储用户帐户信息)需要LDAP目录,建议使用单独的LDAP服务器。通过使用专用于存储NSDB记录的LDAP服务器,无需干扰存储与NSDB无关信息的任何其他LDAP目录的配置。
The schema definitions provided in this document use the LDAP schema syntax defined in [RFC4512]. The definitions are formatted to allow the reader to easily extract them from the document. The reader can use the following shell script to extract the definitions:
本文档中提供的模式定义使用[RFC4512]中定义的LDAP模式语法。定义的格式允许读者轻松地从文档中提取它们。读者可以使用以下shell脚本提取定义:
<CODE BEGINS>
<代码开始>
#!/bin/sh
grep '^ *///' | sed 's?^ */// ??' | sed 's?^ *///$??'
#!/bin/sh
grep '^ *///' | sed 's?^ */// ??' | sed 's?^ *///$??'
<CODE ENDS>
<代码结束>
If the above script is stored in a file called "extract.sh", and this document is in a file called "spec.txt", then the reader can do:
如果上述脚本存储在名为“extract.sh”的文件中,而此文档存储在名为“spec.txt”的文件中,则读者可以执行以下操作:
<CODE BEGINS>
<代码开始>
sh extract.sh < spec.txt > fedfs.schema
sh extract.sh<spec.txt>fedfs.schema
<CODE ENDS>
<代码结束>
The effect of the script is to remove leading white space from each line, plus a sentinel sequence of "///".
脚本的作用是删除每行的前导空格,以及“//”的哨兵序列。
Code components extracted from this document must include the following license:
从本文档中提取的代码组件必须包括以下许可证:
<CODE BEGINS>
<代码开始>
/// #
/// # Copyright (c) 2015 IETF Trust and the persons identified
/// # as authors of the code. All rights reserved.
/// #
/// # The authors of the code are:
/// # J. Lentini, C. Everhart, D. Ellard, R. Tewari, and M. Naik.
/// #
/// # Redistribution and use in source and binary forms, with
/// # or without modification, are permitted provided that the
/// # following conditions are met:
/// #
/// # - Redistributions of source code must retain the above
/// # copyright notice, this list of conditions and the
/// # following disclaimer.
/// #
/// # - Redistributions in binary form must reproduce the above
/// # copyright notice, this list of conditions and the
/// # following disclaimer in the documentation and/or other
/// # materials provided with the distribution.
/// #
/// # - Neither the name of Internet Society, IETF or IETF
/// # Trust, nor the names of specific contributors, may be
/// # used to endorse or promote products derived from this
/// # software without specific prior written permission.
/// #
/// # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS
/// # AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED
/// # WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
/// # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
/// # FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO
/// # EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
/// # LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
/// # EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
/// # NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
/// # SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
/// # INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
/// # LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
/// # OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING
/// # IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
/// # ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
/// #
/// #
/// # Copyright (c) 2015 IETF Trust and the persons identified
/// # as authors of the code. All rights reserved.
/// #
/// # The authors of the code are:
/// # J. Lentini, C. Everhart, D. Ellard, R. Tewari, and M. Naik.
/// #
/// # Redistribution and use in source and binary forms, with
/// # or without modification, are permitted provided that the
/// # following conditions are met:
/// #
/// # - Redistributions of source code must retain the above
/// # copyright notice, this list of conditions and the
/// # following disclaimer.
/// #
/// # - Redistributions in binary form must reproduce the above
/// # copyright notice, this list of conditions and the
/// # following disclaimer in the documentation and/or other
/// # materials provided with the distribution.
/// #
/// # - Neither the name of Internet Society, IETF or IETF
/// # Trust, nor the names of specific contributors, may be
/// # used to endorse or promote products derived from this
/// # software without specific prior written permission.
/// #
/// # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS
/// # AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED
/// # WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
/// # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
/// # FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO
/// # EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
/// # LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
/// # EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
/// # NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
/// # SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
/// # INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
/// # LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
/// # OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING
/// # IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
/// # ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
/// #
<CODE ENDS>
<代码结束>
The following definitions are used in this document:
本文件中使用了以下定义:
o The name attribute described in [RFC4519].
o [RFC4519]中描述的名称属性。
o The Integer syntax (1.3.6.1.4.1.1466.115.121.1.27) described in [RFC4517].
o [RFC4517]中描述的整数语法(1.3.6.1.4.1.1466.115.121.1.27)。
o The integerMatch rule described in [RFC4517].
o [RFC4517]中描述的整数匹配规则。
o The Octet String syntax (1.3.6.1.4.1.1466.115.121.1.40) described in [RFC4517].
o [RFC4517]中描述的八位字节字符串语法(1.3.6.1.4.1.1466.115.121.1.40)。
o The octetStringMatch rule described in [RFC4517].
o [RFC4517]中描述的octetStringMatch规则。
o The Boolean syntax (1.3.6.1.4.1.1466.115.121.1.7) described in [RFC4517].
o [RFC4517]中描述的布尔语法(1.3.6.1.4.1.1466.115.121.1.7)。
o The booleanMatch rule described in [RFC4517].
o [RFC4517]中描述的布尔匹配规则。
o The distinguishedNameMatch rule described in [RFC4517].
o [RFC4517]中描述的DifferentiedNameMatch规则。
o The DN syntax (1.3.6.1.4.1.1466.115.121.1.12) described in [RFC4517].
o [RFC4517]中描述的DN语法(1.3.6.1.4.1.1466.115.121.1.12)。
o The labeledURI attribute described in [RFC2079].
o [RFC2079]中描述的labeledURI属性。
o The UUID syntax (1.3.6.1.1.16.1) described in [RFC4530].
o [RFC4530]中描述的UUID语法(1.3.6.1.1.16.1)。
o The UuidMatch rule described in [RFC4530].
o [RFC4530]中描述的UuidMatch规则。
o The UuidOrderingMatch rule described in [RFC4530].
o [RFC4530]中描述的UUIOrderingMatch规则。
A fedfsUuid is the base type for all of the universally unique identifiers (UUIDs) used by the federated file system protocols.
fedfsUuid是联邦文件系统协议使用的所有通用唯一标识符(UUID)的基本类型。
The fedfsUuid type is based on rules and syntax defined in [RFC4530].
fedfsUuid类型基于[RFC4530]中定义的规则和语法。
A fedfsUuid is a single-valued LDAP attribute.
fedfsUuid是单值LDAP属性。
<CODE BEGINS>
<代码开始>
///
/// attributetype (
/// 1.3.6.1.4.1.31103.1.1 NAME 'fedfsUuid'
/// DESC 'A UUID used by NSDB'
/// EQUALITY uuidMatch
/// ORDERING uuidOrderingMatch
/// SYNTAX 1.3.6.1.1.16.1
/// SINGLE-VALUE
/// )
///
///
/// attributetype (
/// 1.3.6.1.4.1.31103.1.1 NAME 'fedfsUuid'
/// DESC 'A UUID used by NSDB'
/// EQUALITY uuidMatch
/// ORDERING uuidOrderingMatch
/// SYNTAX 1.3.6.1.1.16.1
/// SINGLE-VALUE
/// )
///
<CODE ENDS>
<代码结束>
A fedfsFsnUuid represents the UUID component of an FSN. An NSDB SHOULD ensure that no two FSNs it stores have the same fedfsFsnUuid.
FEDFSFSNUID表示FSN的UUID组件。NSDB应确保其存储的两个FSN没有相同的FEDFSFSNUID。
This attribute is single-valued.
此属性是单值的。
<CODE BEGINS>
<代码开始>
///
/// attributetype (
/// 1.3.6.1.4.1.31103.1.4 NAME 'fedfsFsnUuid'
/// DESC 'The FSN UUID component of an FSN'
/// SUP fedfsUuid
/// SINGLE-VALUE
/// )
///
///
/// attributetype (
/// 1.3.6.1.4.1.31103.1.4 NAME 'fedfsFsnUuid'
/// DESC 'The FSN UUID component of an FSN'
/// SUP fedfsUuid
/// SINGLE-VALUE
/// )
///
<CODE ENDS>
<代码结束>
A fedfsFsnTTL is the time-to-live in seconds of a cached FSN and its child FSL records. It corresponds to the FsnTTL as defined in Section 2.7. See also Section 2.8.3 for information about caching FSLs. A fedfsFsnTTL MUST be encoded as an Integer syntax value [RFC4517] in the range [0, 4294967295].
fedfsFsnTTL是缓存的FSN及其子FSL记录的生存时间(以秒为单位)。它对应于第2.7节中定义的FsnTTL。有关缓存FSL的信息,请参见第2.8.3节。fedfsFsnTTL必须编码为[04294967295]范围内的整数语法值[RFC4517]。
This attribute is single-valued.
此属性是单值的。
<CODE BEGINS>
<代码开始>
///
/// attributetype (
/// 1.3.6.1.4.1.31103.1.11 NAME 'fedfsFsnTTL'
/// DESC 'Time to live of an FSN tree'
/// EQUALITY integerMatch
/// SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
/// SINGLE-VALUE
/// )
///
///
/// attributetype (
/// 1.3.6.1.4.1.31103.1.11 NAME 'fedfsFsnTTL'
/// DESC 'Time to live of an FSN tree'
/// EQUALITY integerMatch
/// SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
/// SINGLE-VALUE
/// )
///
<CODE ENDS>
<代码结束>
OID 1.3.6.1.4.1.1466.115.121.1.27 is the Integer syntax [RFC4517].
OID 1.3.6.1.4.1.1466.115.121.1.27是整数语法[RFC4517]。
A fedfsNceDN stores a distinguished name (DN).
fedfsNceDN存储可分辨名称(DN)。
This attribute is single-valued.
此属性是单值的。
<CODE BEGINS>
<代码开始>
///
/// attributetype (
/// 1.3.6.1.4.1.31103.1.14 NAME 'fedfsNceDN'
/// DESC 'NCE Distinguished Name'
/// EQUALITY distinguishedNameMatch
/// SYNTAX 1.3.6.1.4.1.1466.115.121.1.12
/// SINGLE-VALUE
/// )
///
///
/// attributetype (
/// 1.3.6.1.4.1.31103.1.14 NAME 'fedfsNceDN'
/// DESC 'NCE Distinguished Name'
/// EQUALITY distinguishedNameMatch
/// SYNTAX 1.3.6.1.4.1.1466.115.121.1.12
/// SINGLE-VALUE
/// )
///
<CODE ENDS>
<代码结束>
OID 1.3.6.1.4.1.1466.115.121.1.12 is the DN syntax [RFC4517].
OID 1.3.6.1.4.1.1466.115.121.1.12是DN语法[RFC4517]。
A fedfsFslUuid represents the UUID of an FSL. An NSDB SHOULD ensure that no two FSLs it stores have the same fedfsFslUuid.
FEDFSFSLUID表示FSL的UUID。NSDB应确保其存储的两个FSL没有相同的FEDFSFSLUID。
This attribute is single-valued.
此属性是单值的。
<CODE BEGINS>
<代码开始>
///
/// attributetype (
/// 1.3.6.1.4.1.31103.1.8 NAME 'fedfsFslUuid'
/// DESC 'UUID of an FSL'
/// SUP fedfsUuid
/// SINGLE-VALUE
/// )
///
///
/// attributetype (
/// 1.3.6.1.4.1.31103.1.8 NAME 'fedfsFslUuid'
/// DESC 'UUID of an FSL'
/// SUP fedfsUuid
/// SINGLE-VALUE
/// )
///
<CODE ENDS>
<代码结束>
A fedfsAnnotation contains an object annotation formatted as a key/ value pair.
FEDFSCannotation包含格式化为键/值对的对象批注。
This attribute is multi-valued; an object type that permits annotations may have any number of annotations per instance.
这个属性是多值的;允许注释的对象类型每个实例可以有任意数量的注释。
A fedfsAnnotation attribute is a human-readable sequence of UTF-8 characters with no non-terminal NUL characters. The value MUST be formatted according to the following ABNF [RFC5234] rules:
FEDFSNotation属性是人类可读的UTF-8字符序列,不包含非终端NUL字符。必须根据以下ABNF[RFC5234]规则格式化该值:
ANNOTATION = KEY "=" VALUE
KEY = ITEM
VALUE = ITEM
ITEM = *WSP DQUOTE UTF8-octets DQUOTE *WSP
ANNOTATION = KEY "=" VALUE
KEY = ITEM
VALUE = ITEM
ITEM = *WSP DQUOTE UTF8-octets DQUOTE *WSP
DQUOTE and WSP are defined in [RFC5234], and UTF8-octets is defined in [RFC3629].
[RFC5234]中定义了DQUOTE和WSP,而[RFC3629]中定义了UTF8八位字节。
The following escape sequences are allowed:
允许以下转义序列:
+-----------------+-------------+
| escape sequence | replacement |
+-----------------+-------------+
| \\ | \ |
| \" | " |
+-----------------+-------------+
+-----------------+-------------+
| escape sequence | replacement |
+-----------------+-------------+
| \\ | \ |
| \" | " |
+-----------------+-------------+
A fedfsAnnotation value might be processed as follows:
FEDFSCannotation值可以按如下方式处理:
1. Parse the attribute value according to the ANNOTATION rule, ignoring the escape sequences above.
1. 根据注释规则解析属性值,忽略上面的转义序列。
2. Scan through results of the previous step and replace the escape sequences above.
2. 扫描上一步的结果并替换上面的转义序列。
A fedfsAnnotation attribute that does not adhere to this format SHOULD be ignored in its entirety. It MUST NOT prevent further processing of its containing entry.
应完全忽略不符合此格式的FEDFSNotation属性。它不能阻止对其包含条目的进一步处理。
The following are examples of valid fedfsAnnotation attributes:
以下是有效FEDFSCannotation属性的示例:
"key1" = "foo" "another key" = "x=3" "key-2" = "A string with \" and \\ characters." "key3"="bar"
“key1”=“foo”“另一个键”=“x=3”“key-2”=“带有\”和\\个字符的字符串。”“key3”=“bar”
These correspond to the following key/value pairs:
这些对应于以下键/值对:
+-------------+-----------------------------------+
| key | value |
+-------------+-----------------------------------+
| key1 | foo |
| another key | x=3 |
| key-2 | A string with " and \ characters. |
| key3 | bar |
+-------------+-----------------------------------+
+-------------+-----------------------------------+
| key | value |
+-------------+-----------------------------------+
| key1 | foo |
| another key | x=3 |
| key-2 | A string with " and \ characters. |
| key3 | bar |
+-------------+-----------------------------------+
<CODE BEGINS>
<代码开始>
///
/// attributetype (
/// 1.3.6.1.4.1.31103.1.12 NAME 'fedfsAnnotation'
/// DESC 'Annotation of an object'
/// SUP name
/// )
///
///
/// attributetype (
/// 1.3.6.1.4.1.31103.1.12 NAME 'fedfsAnnotation'
/// DESC 'Annotation of an object'
/// SUP name
/// )
///
<CODE ENDS>
<代码结束>
A fedfsDescr stores an object description. The description MUST be encoded as a UTF-8 string.
fedfsDescr存储对象描述。描述必须编码为UTF-8字符串。
This attribute is multi-valued, which permits any number of descriptions per entry.
该属性是多值的,允许每个条目有任意数量的描述。
<CODE BEGINS>
<代码开始>
///
/// attributetype (
/// 1.3.6.1.4.1.31103.1.13 NAME 'fedfsDescr'
/// DESC 'Description of an object'
/// SUP name
/// )
///
///
/// attributetype (
/// 1.3.6.1.4.1.31103.1.13 NAME 'fedfsDescr'
/// DESC 'Description of an object'
/// SUP name
/// )
///
<CODE ENDS>
<代码结束>
A fedfsNfsURI stores the host and pathname components of an FSL. A fedfsNfsURI MUST be encoded as an NFS URI (see Section 2.8.1).
fedfsNfsURI存储FSL的主机和路径名组件。fedfsNfsURI必须编码为NFS URI(请参阅第2.8.1节)。
The fedfsNfsURI is a subtype of the labeledURI type [RFC2079], with the same encoding rules.
fedfsNfsURI是labeledURI类型[RFC2079]的一个子类型,具有相同的编码规则。
This attribute is single-valued.
此属性是单值的。
<CODE BEGINS>
<代码开始>
///
/// attributetype (
/// 1.3.6.1.4.1.31103.1.120 NAME 'fedfsNfsURI'
/// DESC 'Location of fileset'
/// SUP labeledURI
/// SINGLE-VALUE
/// )
///
///
/// attributetype (
/// 1.3.6.1.4.1.31103.1.120 NAME 'fedfsNfsURI'
/// DESC 'Location of fileset'
/// SUP labeledURI
/// SINGLE-VALUE
/// )
///
<CODE ENDS>
<代码结束>
A fedfsNfsCurrency stores the NFSv4.1 fs_locations_server's fls_currency value [RFC5661]. A fedfsNfsCurrency MUST be encoded as an Integer syntax value [RFC4517] in the range [-2147483648, 2147483647].
FEDFSNFSCURRENTY存储NFSv4.1 fs_locations_服务器的fls_货币值[RFC5661]。FEDFSNFSCURRENTY必须编码为[-2147483648,2147483647]范围内的整数语法值[RFC4517]。
This attribute is single-valued.
此属性是单值的。
<CODE BEGINS>
<代码开始>
///
/// attributetype (
/// 1.3.6.1.4.1.31103.1.103 NAME 'fedfsNfsCurrency'
/// DESC 'up-to-date measure of the data'
/// EQUALITY integerMatch
/// SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
/// SINGLE-VALUE
/// )
///
///
/// attributetype (
/// 1.3.6.1.4.1.31103.1.103 NAME 'fedfsNfsCurrency'
/// DESC 'up-to-date measure of the data'
/// EQUALITY integerMatch
/// SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
/// SINGLE-VALUE
/// )
///
<CODE ENDS>
<代码结束>
OID 1.3.6.1.4.1.1466.115.121.1.27 is the Integer syntax [RFC4517].
OID 1.3.6.1.4.1.1466.115.121.1.27是整数语法[RFC4517]。
A fedfsNfsGenFlagWritable stores the value of an FSL's NFSv4.1 FSLI4GF_WRITABLE bit [RFC5661]. A value of "TRUE" indicates the bit is set. A value of "FALSE" indicates the bit is not set.
FEDFSNFSGENFLAGGREWRITABLE存储FSL的NFSv4.1 FSLI4GF_可写位[RFC5661]的值。“真”值表示位已设置。值“FALSE”表示未设置位。
<CODE BEGINS>
<代码开始>
///
/// attributetype (
/// 1.3.6.1.4.1.31103.1.104 NAME 'fedfsNfsGenFlagWritable'
/// DESC 'Indicates if the file system is writable'
/// EQUALITY booleanMatch
/// SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
/// SINGLE-VALUE
/// )
///
///
/// attributetype (
/// 1.3.6.1.4.1.31103.1.104 NAME 'fedfsNfsGenFlagWritable'
/// DESC 'Indicates if the file system is writable'
/// EQUALITY booleanMatch
/// SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
/// SINGLE-VALUE
/// )
///
<CODE ENDS>
<代码结束>
OID 1.3.6.1.4.1.1466.115.121.1.7 is the Boolean syntax [RFC4517].
OID 1.3.6.1.4.1.1466.115.121.1.7是布尔语法[RFC4517]。
A fedfsNfsGenFlagGoing stores the value of an FSL's NFSv4.1 FSLI4GF_GOING bit [RFC5661]. A value of "TRUE" indicates the bit is set. A value of "FALSE" indicates the bit is not set.
FEDFSNFSGENFAGONGONG存储FSL的NFSv4.1 FSLI4GF_GONG位[RFC5661]的值。“真”值表示位已设置。值“FALSE”表示未设置位。
<CODE BEGINS>
<代码开始>
///
/// attributetype (
/// 1.3.6.1.4.1.31103.1.105 NAME 'fedfsNfsGenFlagGoing'
/// DESC 'Indicates if the file system is going'
/// EQUALITY booleanMatch
/// SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
/// SINGLE-VALUE
/// )
///
///
/// attributetype (
/// 1.3.6.1.4.1.31103.1.105 NAME 'fedfsNfsGenFlagGoing'
/// DESC 'Indicates if the file system is going'
/// EQUALITY booleanMatch
/// SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
/// SINGLE-VALUE
/// )
///
<CODE ENDS>
<代码结束>
OID 1.3.6.1.4.1.1466.115.121.1.7 is the Boolean syntax [RFC4517].
OID 1.3.6.1.4.1.1466.115.121.1.7是布尔语法[RFC4517]。
A fedfsNfsGenFlagSplit stores the value of an FSL's NFSv4.1 FSLI4GF_SPLIT bit [RFC5661]. A value of "TRUE" indicates the bit is set. A value of "FALSE" indicates the bit is not set.
FEDFSFSGENFLAGSPLIT存储FSL的NFSv4.1 FSLI4GF_分割位[RFC5661]的值。“真”值表示位已设置。值“FALSE”表示未设置位。
<CODE BEGINS>
<代码开始>
///
/// attributetype (
/// 1.3.6.1.4.1.31103.1.106 NAME 'fedfsNfsGenFlagSplit'
/// DESC 'Indicates if there are multiple file systems'
/// EQUALITY booleanMatch
/// SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
/// SINGLE-VALUE
/// )
///
///
/// attributetype (
/// 1.3.6.1.4.1.31103.1.106 NAME 'fedfsNfsGenFlagSplit'
/// DESC 'Indicates if there are multiple file systems'
/// EQUALITY booleanMatch
/// SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
/// SINGLE-VALUE
/// )
///
<CODE ENDS>
<代码结束>
OID 1.3.6.1.4.1.1466.115.121.1.7 is the Boolean syntax [RFC4517].
OID 1.3.6.1.4.1.1466.115.121.1.7是布尔语法[RFC4517]。
A fedfsNfsTransFlagRdma stores the value of an FSL's NFSv4.1 FSLI4TF_RDMA bit [RFC5661]. A value of "TRUE" indicates the bit is set. A value of "FALSE" indicates the bit is not set.
FEDFSFSTRANSFLAGRDMA存储FSL的NFSv4.1 FSLI4TF_RDMA位[RFC5661]的值。“真”值表示位已设置。值“FALSE”表示未设置位。
<CODE BEGINS>
<代码开始>
///
/// attributetype (
/// 1.3.6.1.4.1.31103.1.107 NAME 'fedfsNfsTransFlagRdma'
/// DESC 'Indicates if the transport supports RDMA'
/// EQUALITY booleanMatch
/// SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
/// SINGLE-VALUE
/// )
///
///
/// attributetype (
/// 1.3.6.1.4.1.31103.1.107 NAME 'fedfsNfsTransFlagRdma'
/// DESC 'Indicates if the transport supports RDMA'
/// EQUALITY booleanMatch
/// SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
/// SINGLE-VALUE
/// )
///
<CODE ENDS>
<代码结束>
OID 1.3.6.1.4.1.1466.115.121.1.7 is the Boolean syntax [RFC4517].
OID 1.3.6.1.4.1.1466.115.121.1.7是布尔语法[RFC4517]。
A fedfsNfsClassSimul contains the FSL's NFSv4.1 FSLI4BX_CLSIMUL [RFC5661] value. A fedfsNfsClassSimul MUST be encoded as an Integer syntax value [RFC4517] in the range [0, 255].
fedfsNfsClassSimul包含FSL的NFSv4.1 FSLI4BX_CLSIMUL[RFC5661]值。fedfsNfsClassSimul必须编码为[0255]范围内的整数语法值[RFC4517]。
<CODE BEGINS>
<代码开始>
///
/// attributetype (
/// 1.3.6.1.4.1.31103.1.108 NAME 'fedfsNfsClassSimul'
/// DESC 'The simultaneous-use class of the file system'
/// EQUALITY integerMatch
/// SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
/// SINGLE-VALUE
/// )
///
///
/// attributetype (
/// 1.3.6.1.4.1.31103.1.108 NAME 'fedfsNfsClassSimul'
/// DESC 'The simultaneous-use class of the file system'
/// EQUALITY integerMatch
/// SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
/// SINGLE-VALUE
/// )
///
<CODE ENDS>
<代码结束>
OID 1.3.6.1.4.1.1466.115.121.1.27 is the Integer syntax [RFC4517].
OID 1.3.6.1.4.1.1466.115.121.1.27是整数语法[RFC4517]。
A fedfsNfsClassHandle contains the FSL's NFSv4.1 FSLI4BX_CLHANDLE [RFC5661] value. A fedfsNfsClassHandle MUST be encoded as an Integer syntax value [RFC4517] in the range [0, 255].
fedfsNfsClassHandle包含FSL的NFSv4.1 FSLI4BX_CLHANDLE[RFC5661]值。fedfsNfsClassHandle必须编码为[0255]范围内的整数语法值[RFC4517]。
<CODE BEGINS>
<代码开始>
///
/// attributetype (
/// 1.3.6.1.4.1.31103.1.109 NAME 'fedfsNfsClassHandle'
/// DESC 'The handle class of the file system'
/// EQUALITY integerMatch
/// SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
/// SINGLE-VALUE
/// )
///
///
/// attributetype (
/// 1.3.6.1.4.1.31103.1.109 NAME 'fedfsNfsClassHandle'
/// DESC 'The handle class of the file system'
/// EQUALITY integerMatch
/// SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
/// SINGLE-VALUE
/// )
///
<CODE ENDS>
<代码结束>
OID 1.3.6.1.4.1.1466.115.121.1.27 is the Integer syntax [RFC4517].
OID 1.3.6.1.4.1.1466.115.121.1.27是整数语法[RFC4517]。
A fedfsNfsClassFileid contains the FSL's NFSv4.1 FSLI4BX_CLFILEID [RFC5661] value. A fedfsNfsClassFileid MUST be encoded as an Integer syntax value [RFC4517] in the range [0, 255].
fedfsNfsClassFileid包含FSL的NFSv4.1 FSLI4BX_CLFILEID[RFC5661]值。fedfsNfsClassFileid必须编码为[0255]范围内的整数语法值[RFC4517]。
<CODE BEGINS>
<代码开始>
///
/// attributetype (
/// 1.3.6.1.4.1.31103.1.110 NAME 'fedfsNfsClassFileid'
/// DESC 'The fileid class of the file system'
/// EQUALITY integerMatch
/// SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
/// SINGLE-VALUE
/// )
///
///
/// attributetype (
/// 1.3.6.1.4.1.31103.1.110 NAME 'fedfsNfsClassFileid'
/// DESC 'The fileid class of the file system'
/// EQUALITY integerMatch
/// SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
/// SINGLE-VALUE
/// )
///
<CODE ENDS>
<代码结束>
OID 1.3.6.1.4.1.1466.115.121.1.27 is the Integer syntax [RFC4517].
OID 1.3.6.1.4.1.1466.115.121.1.27是整数语法[RFC4517]。
A fedfsNfsClassWritever contains the FSL's NFSv4.1 FSLI4BX_CLWRITEVER [RFC5661] value. A fedfsNfsClassWritever MUST be encoded as an Integer syntax value [RFC4517] in the range [0, 255].
FEDFSFSCLASSWRITEVER包含FSL的NFSv4.1 FSLI4BX_CLWRITEVER[RFC5661]值。FEDFSNFSCLassWriteEver必须编码为[0255]范围内的整数语法值[RFC4517]。
<CODE BEGINS>
<代码开始>
///
/// attributetype (
/// 1.3.6.1.4.1.31103.1.111 NAME 'fedfsNfsClassWritever'
/// DESC 'The write-verifier class of the file system'
/// EQUALITY integerMatch
/// SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
/// SINGLE-VALUE
/// )
///
///
/// attributetype (
/// 1.3.6.1.4.1.31103.1.111 NAME 'fedfsNfsClassWritever'
/// DESC 'The write-verifier class of the file system'
/// EQUALITY integerMatch
/// SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
/// SINGLE-VALUE
/// )
///
<CODE ENDS>
<代码结束>
OID 1.3.6.1.4.1.1466.115.121.1.27 is the Integer syntax [RFC4517].
OID 1.3.6.1.4.1.1466.115.121.1.27是整数语法[RFC4517]。
A fedfsNfsClassChange contains the FSL's NFSv4.1 FSLI4BX_CLCHANGE [RFC5661] value. A fedfsNfsClassChange MUST be encoded as an Integer syntax value [RFC4517] in the range [0, 255].
fedfsNfsClassChange包含FSL的NFSv4.1 FSLI4BX_CLCHANGE[RFC5661]值。fedfsNfsClassChange必须编码为[0255]范围内的整数语法值[RFC4517]。
<CODE BEGINS>
<代码开始>
///
/// attributetype (
/// 1.3.6.1.4.1.31103.1.112 NAME 'fedfsNfsClassChange'
/// DESC 'The change class of the file system'
/// EQUALITY integerMatch
/// SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
/// SINGLE-VALUE
/// )
///
///
/// attributetype (
/// 1.3.6.1.4.1.31103.1.112 NAME 'fedfsNfsClassChange'
/// DESC 'The change class of the file system'
/// EQUALITY integerMatch
/// SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
/// SINGLE-VALUE
/// )
///
<CODE ENDS>
<代码结束>
OID 1.3.6.1.4.1.1466.115.121.1.27 is the Integer syntax [RFC4517].
OID 1.3.6.1.4.1.1466.115.121.1.27是整数语法[RFC4517]。
A fedfsNfsClassReaddir contains the FSL's NFSv4.1 FSLI4BX_CLREADDIR [RFC5661] value. A fedfsNfsClassReaddir MUST be encoded as an Integer syntax value [RFC4517] in the range [0, 255].
FEDFSFSCLASSREADDIR包含FSL的NFSv4.1 FSLI4BX_CLREADDIR[RFC5661]值。fedfsNfsClassReaddir必须编码为[0255]范围内的整数语法值[RFC4517]。
<CODE BEGINS>
<代码开始>
///
/// attributetype (
/// 1.3.6.1.4.1.31103.1.113 NAME 'fedfsNfsClassReaddir'
/// DESC 'The readdir class of the file system'
/// EQUALITY integerMatch
/// SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
/// SINGLE-VALUE
/// )
///
///
/// attributetype (
/// 1.3.6.1.4.1.31103.1.113 NAME 'fedfsNfsClassReaddir'
/// DESC 'The readdir class of the file system'
/// EQUALITY integerMatch
/// SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
/// SINGLE-VALUE
/// )
///
<CODE ENDS>
<代码结束>
OID 1.3.6.1.4.1.1466.115.121.1.27 is the Integer syntax [RFC4517].
OID 1.3.6.1.4.1.1466.115.121.1.27是整数语法[RFC4517]。
A fedfsNfsReadRank contains the FSL's NFSv4.1 FSLI4BX_READRANK [RFC5661] value. A fedfsNfsReadRank MUST be encoded as an Integer syntax value [RFC4517] in the range [0, 255].
fedfsNfsReadRank包含FSL的NFSv4.1 FSLI4BX_READRANK[RFC5661]值。fedfsNfsReadRank必须编码为[0255]范围内的整数语法值[RFC4517]。
<CODE BEGINS>
<代码开始>
///
/// attributetype (
/// 1.3.6.1.4.1.31103.1.114 NAME 'fedfsNfsReadRank'
/// DESC 'The read rank of the file system'
/// EQUALITY integerMatch
/// SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
/// SINGLE-VALUE
/// )
///
///
/// attributetype (
/// 1.3.6.1.4.1.31103.1.114 NAME 'fedfsNfsReadRank'
/// DESC 'The read rank of the file system'
/// EQUALITY integerMatch
/// SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
/// SINGLE-VALUE
/// )
///
<CODE ENDS>
<代码结束>
OID 1.3.6.1.4.1.1466.115.121.1.27 is the Integer syntax [RFC4517].
OID 1.3.6.1.4.1.1466.115.121.1.27是整数语法[RFC4517]。
A fedfsNfsReadOrder contains the FSL's NFSv4.1 FSLI4BX_READORDER [RFC5661] value. A fedfsNfsReadOrder MUST be encoded as an Integer syntax value [RFC4517] in the range [0, 255].
fedfsNfsReadOrder包含FSL的NFSv4.1 FSLI4BX_读取顺序[RFC5661]值。fedfsNfsReadOrder必须编码为[0255]范围内的整数语法值[RFC4517]。
<CODE BEGINS>
<代码开始>
///
/// attributetype (
/// 1.3.6.1.4.1.31103.1.115 NAME 'fedfsNfsReadOrder'
/// DESC 'The read order of the file system'
/// EQUALITY integerMatch
/// SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
/// SINGLE-VALUE
/// )
///
///
/// attributetype (
/// 1.3.6.1.4.1.31103.1.115 NAME 'fedfsNfsReadOrder'
/// DESC 'The read order of the file system'
/// EQUALITY integerMatch
/// SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
/// SINGLE-VALUE
/// )
///
<CODE ENDS>
<代码结束>
OID 1.3.6.1.4.1.1466.115.121.1.27 is the Integer syntax [RFC4517].
OID 1.3.6.1.4.1.1466.115.121.1.27是整数语法[RFC4517]。
A fedfsNfsWriteRank contains the FSL's FSLI4BX_WRITERANK [RFC5661] value. A fedfsNfsWriteRank MUST be encoded as an Integer syntax value [RFC4517] in the range [0, 255].
fedfsNfsWriteRank包含FSL的FSLI4BX_WRITERANK[RFC5661]值。fedfsNfsWriteRank必须编码为[0255]范围内的整数语法值[RFC4517]。
<CODE BEGINS>
<代码开始>
///
/// attributetype (
/// 1.3.6.1.4.1.31103.1.116 NAME 'fedfsNfsWriteRank'
/// DESC 'The write rank of the file system'
/// EQUALITY integerMatch
/// SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
/// SINGLE-VALUE
/// )
///
///
/// attributetype (
/// 1.3.6.1.4.1.31103.1.116 NAME 'fedfsNfsWriteRank'
/// DESC 'The write rank of the file system'
/// EQUALITY integerMatch
/// SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
/// SINGLE-VALUE
/// )
///
<CODE ENDS>
<代码结束>
OID 1.3.6.1.4.1.1466.115.121.1.27 is the Integer syntax [RFC4517].
OID 1.3.6.1.4.1.1466.115.121.1.27是整数语法[RFC4517]。
A fedfsNfsWriteOrder contains the FSL's FSLI4BX_WRITEORDER [RFC5661] value. A fedfsNfsWriteOrder MUST be encoded as an Integer syntax value [RFC4517] in the range [0, 255].
fedfsNfsWriteOrder包含FSL的FSLI4BX_WRITEORDER[RFC5661]值。fedfsNfsWriteOrder必须编码为[0255]范围内的整数语法值[RFC4517]。
<CODE BEGINS>
<代码开始>
///
/// attributetype (
/// 1.3.6.1.4.1.31103.1.117 NAME 'fedfsNfsWriteOrder'
/// DESC 'The write order of the file system'
/// EQUALITY integerMatch
/// SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
/// SINGLE-VALUE
/// )
///
///
/// attributetype (
/// 1.3.6.1.4.1.31103.1.117 NAME 'fedfsNfsWriteOrder'
/// DESC 'The write order of the file system'
/// EQUALITY integerMatch
/// SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
/// SINGLE-VALUE
/// )
///
<CODE ENDS>
<代码结束>
OID 1.3.6.1.4.1.1466.115.121.1.27 is the Integer syntax [RFC4517].
OID 1.3.6.1.4.1.1466.115.121.1.27是整数语法[RFC4517]。
A fedfsNfsVarSub stores the value of an FSL's NFSv4.1 FSLI4IF_VAR_SUB bit [RFC5661]. A value of "TRUE" indicates the bit is set. A value of "FALSE" indicates the bit is not set.
fedfsNfsVarSub存储FSL的NFSv4.1 FSLI4IF_VAR_子位[RFC5661]的值。“真”值表示位已设置。值“FALSE”表示未设置位。
<CODE BEGINS>
<代码开始>
///
/// attributetype (
/// 1.3.6.1.4.1.31103.1.118 NAME 'fedfsNfsVarSub'
/// DESC 'Indicates if variable substitution is present'
/// EQUALITY booleanMatch
/// SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
/// SINGLE-VALUE
/// )
///
///
/// attributetype (
/// 1.3.6.1.4.1.31103.1.118 NAME 'fedfsNfsVarSub'
/// DESC 'Indicates if variable substitution is present'
/// EQUALITY booleanMatch
/// SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
/// SINGLE-VALUE
/// )
///
<CODE ENDS>
<代码结束>
OID 1.3.6.1.4.1.1466.115.121.1.7 is the Boolean syntax [RFC4517].
OID 1.3.6.1.4.1.1466.115.121.1.7是布尔语法[RFC4517]。
A fedfsNfsValidFor stores an FSL's NFSv4.1 fs_locations_info fli_valid_for value [RFC5661]. A fedfsNfsValidFor MUST be encoded as an Integer syntax value [RFC4517] in the range [-2147483648, 2147483647].
fedfsNfsValidFor存储FSL的NFSv4.1 fs_位置信息fli_有效值[RFC5661]。fedfsNfsValidFor必须编码为[-2147483648、2147483647]范围内的整数语法值[RFC4517]。
An FSL's parent's fedfsFsnTTL value and its fedfsNfsValidFor value MAY be different.
FSL父级的FEDFSFNTTL值及其fedfsNfsValidFor值可能不同。
This attribute is single-valued.
此属性是单值的。
<CODE BEGINS>
<代码开始>
///
/// attributetype (
/// 1.3.6.1.4.1.31103.1.19 NAME 'fedfsNfsValidFor'
/// DESC 'Valid for time'
/// EQUALITY integerMatch
/// SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
/// SINGLE-VALUE
/// )
///
///
/// attributetype (
/// 1.3.6.1.4.1.31103.1.19 NAME 'fedfsNfsValidFor'
/// DESC 'Valid for time'
/// EQUALITY integerMatch
/// SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
/// SINGLE-VALUE
/// )
///
OID 1.3.6.1.4.1.1466.115.121.1.27 is the Integer syntax [RFC4517].
OID 1.3.6.1.4.1.1466.115.121.1.27是整数语法[RFC4517]。
<CODE ENDS>
<代码结束>
A fedfsNsdbContainerInfo describes the location of the NCE.
fedfsNsdbContainerInfo描述NCE的位置。
A fedfsNsdbContainerInfo's fedfsNceDN attribute is REQUIRED.
需要fedfsNsdbContainerInfo的fedfsNceDN属性。
A fedfsNsdbContainerInfo's fedfsAnnotation and fedfsDescr attributes are OPTIONAL.
fedfsNsdbContainerInfo的FEDFSCannotation和fedfsDescr属性是可选的。
<CODE BEGINS>
<代码开始>
///
/// objectclass (
/// 1.3.6.1.4.1.31103.1.1001 NAME 'fedfsNsdbContainerInfo'
/// DESC 'Describes NCE location'
/// SUP top AUXILIARY
/// MUST (
/// fedfsNceDN
/// )
/// MAY (
/// fedfsAnnotation
/// $ fedfsDescr
/// ))
///
///
/// objectclass (
/// 1.3.6.1.4.1.31103.1.1001 NAME 'fedfsNsdbContainerInfo'
/// DESC 'Describes NCE location'
/// SUP top AUXILIARY
/// MUST (
/// fedfsNceDN
/// )
/// MAY (
/// fedfsAnnotation
/// $ fedfsDescr
/// ))
///
<CODE ENDS>
<代码结束>
A fedfsFsn represents an FSN.
fedfsFsn表示一个FSN。
A fedfsFsn's fedfsFsnUuid and fedfsFsnTTL attributes are REQUIRED.
fedfsFsn的FEDFSFSNUID和fedfsFsnTTL属性是必需的。
A fedfsFsn's fedfsAnnotation and fedfsDescr attributes are OPTIONAL.
fedfsFsn的FEDFSNotation和fedfsDescr属性是可选的。
The DN of an FSN is REQUIRED to take the following form: "fedfsFsnUuid=$FSNUUID,$NCE", where $FSNUUID is the UUID of the FSN and $NCE is the DN of the NCE. Since LDAP requires a DN to be unique, this ensures that each FSN entry has a unique UUID value within the LDAP directory.
FSN的DN必须采用以下形式:“FEDFSFSNUID=$FSNUUID,$NCE”,其中$FSNUUID是FSN的UUID,$NCE是NCE的DN。由于LDAP要求DN是唯一的,因此可以确保每个FSN条目在LDAP目录中具有唯一的UUID值。
<CODE BEGINS>
<代码开始>
///
/// objectclass (
/// 1.3.6.1.4.1.31103.1.1002 NAME 'fedfsFsn'
/// DESC 'Represents a fileset'
/// SUP top STRUCTURAL
/// MUST (
/// fedfsFsnUuid
/// $ fedfsFsnTTL
/// )
/// MAY (
/// fedfsAnnotation
/// $ fedfsDescr
/// ))
///
///
/// objectclass (
/// 1.3.6.1.4.1.31103.1.1002 NAME 'fedfsFsn'
/// DESC 'Represents a fileset'
/// SUP top STRUCTURAL
/// MUST (
/// fedfsFsnUuid
/// $ fedfsFsnTTL
/// )
/// MAY (
/// fedfsAnnotation
/// $ fedfsDescr
/// ))
///
<CODE ENDS>
<代码结束>
The fedfsFsl object class represents an FSL.
fedfsFsl对象类表示一个FSL。
The fedfsFsl is an abstract object class. Protocol-specific subtypes of this object class are used to store FSL information. The fedfsNfsFsl object class defined in Section 4.2.2.4 is used to record an NFS FSL's location. Other subtypes MAY be defined for other protocols (e.g., Common Internet File System (CIFS)).
fedfsFsl是一个抽象对象类。此对象类的协议特定子类型用于存储FSL信息。第4.2.2.4节中定义的FEDFSNFSSL对象类用于记录NFS FSL的位置。可以为其他协议定义其他子类型(例如,通用Internet文件系统(CIFS))。
A fedfsFsl's fedfsFslUuid and fedfsFsnUuid attributes are REQUIRED.
fedfsFsl的FEDFSFSLUID和FEDFSFSNUID属性是必需的。
A fedfsFsl's fedfsAnnotation and fedfsDescr attributes are OPTIONAL.
fedfsFsl的FEDFSNotation和fedfsDescr属性是可选的。
The DN of an FSL is REQUIRED to take the following form: "fedfsFslUuid=$FSLUUID,fedfsFsnUuid=$FSNUUID,$NCE", where $FSLUUID is the FSL's UUID, $FSNUUID is the FSN's UUID, and $NCE is the DN of the NCE. Since LDAP requires a DN to be unique, this ensures that each FSL entry has a unique UUID value within the LDAP directory.
FSL的DN必须采用以下形式:“FEDFSFSLUID=$FSLUUID,FEDFSFSNUID=$FSNUUID,$NCE”,其中$FSLUUID是FSL的UUID,$FSNUUID是FSN的UUID,$NCE是NCE的DN。由于LDAP要求DN是唯一的,因此可以确保每个FSL条目在LDAP目录中具有唯一的UUID值。
<CODE BEGINS>
<代码开始>
///
/// objectclass (
/// 1.3.6.1.4.1.31103.1.1003 NAME 'fedfsFsl'
/// DESC 'A physical location of a fileset'
/// SUP top ABSTRACT
/// MUST (
/// fedfsFslUuid
/// $ fedfsFsnUuid
/// )
/// MAY (
/// fedfsAnnotation
/// $ fedfsDescr
/// ))
///
///
/// objectclass (
/// 1.3.6.1.4.1.31103.1.1003 NAME 'fedfsFsl'
/// DESC 'A physical location of a fileset'
/// SUP top ABSTRACT
/// MUST (
/// fedfsFslUuid
/// $ fedfsFsnUuid
/// )
/// MAY (
/// fedfsAnnotation
/// $ fedfsDescr
/// ))
///
<CODE ENDS>
<代码结束>
A fedfsNfsFsl is used to represent an NFS FSL. The fedfsNfsFsl inherits all of the attributes of the fedfsFsl and extends the fedfsFsl with information specific to the NFS protocol.
FEDFSNFSSL用于表示NFS FSL。fedfsFsl继承fedfsFsl的所有属性,并使用特定于NFS协议的信息扩展fedfsFsl。
The DN of an NFS FSL is REQUIRED to take the following form: "fedfsFslUuid=$FSLUUID,fedfsFsnUuid=$FSNUUID,$NCE", where $FSLUUID is the FSL's UUID, $FSNUUID is the FSN's UUID, and $NCE is the DN of the NCE. Since LDAP requires a DN to be unique, this ensures that each NFS FSL entry has a unique UUID value within the LDAP directory.
NFS FSL的DN必须采用以下形式:“FEDFSFSLUID=$FSLUUID,FEDFSFSNUID=$FSNUUID,$NCE”,其中$FSLUUID是FSL的UUID,$FSNUUID是FSN的UUID,$NCE是NCE的DN。由于LDAP要求DN是唯一的,这确保每个NFS FSL条目在LDAP目录中具有唯一的UUID值。
<CODE BEGINS>
<代码开始>
///
/// objectclass (
/// 1.3.6.1.4.1.31103.1.1004 NAME 'fedfsNfsFsl'
/// DESC 'An NFS location of a fileset'
/// SUP fedfsFsl STRUCTURAL
/// MUST (
/// fedfsNfsURI
/// $ fedfsNfsCurrency
/// $ fedfsNfsGenFlagWritable
/// $ fedfsNfsGenFlagGoing
/// $ fedfsNfsGenFlagSplit
/// $ fedfsNfsTransFlagRdma
/// $ fedfsNfsClassSimul
/// $ fedfsNfsClassHandle
/// $ fedfsNfsClassFileid
/// $ fedfsNfsClassWritever
/// $ fedfsNfsClassChange
/// $ fedfsNfsClassReaddir
/// $ fedfsNfsReadRank
/// $ fedfsNfsReadOrder
/// $ fedfsNfsWriteRank
/// $ fedfsNfsWriteOrder
/// $ fedfsNfsVarSub
/// $ fedfsNfsValidFor
/// ))
///
///
/// objectclass (
/// 1.3.6.1.4.1.31103.1.1004 NAME 'fedfsNfsFsl'
/// DESC 'An NFS location of a fileset'
/// SUP fedfsFsl STRUCTURAL
/// MUST (
/// fedfsNfsURI
/// $ fedfsNfsCurrency
/// $ fedfsNfsGenFlagWritable
/// $ fedfsNfsGenFlagGoing
/// $ fedfsNfsGenFlagSplit
/// $ fedfsNfsTransFlagRdma
/// $ fedfsNfsClassSimul
/// $ fedfsNfsClassHandle
/// $ fedfsNfsClassFileid
/// $ fedfsNfsClassWritever
/// $ fedfsNfsClassChange
/// $ fedfsNfsClassReaddir
/// $ fedfsNfsReadRank
/// $ fedfsNfsReadOrder
/// $ fedfsNfsWriteRank
/// $ fedfsNfsWriteOrder
/// $ fedfsNfsVarSub
/// $ fedfsNfsValidFor
/// ))
///
<CODE ENDS>
<代码结束>
The operations defined by the protocol can be described as several sub-protocols that are used by entities within a federation to perform different roles.
协议定义的操作可以描述为多个子协议,联邦内的实体使用这些子协议来执行不同的角色。
The first of these sub-protocols defines how the state of an NSDB node can be initialized and updated. The primary use of this sub-protocol is by an administrator to add, edit, or delete filesets, their properties, and their fileset locations.
第一个子协议定义了如何初始化和更新NSDB节点的状态。此子协议的主要用途是由管理员添加、编辑或删除文件集及其属性和文件集位置。
The second of these sub-protocols defines the queries that are sent to an NSDB node in order to perform resolution (or to find other information about the data stored within that NSDB node) and the responses returned by the NSDB node. The primary use of this sub-protocol is by a fileserver in order to perform resolution, but it may also be used by an administrator to query the state of the system.
这些子协议中的第二个定义了发送到NSDB节点的查询,以便执行解析(或查找存储在该NSDB节点中的数据的其他信息)和NSDB节点返回的响应。此子协议的主要用途是由文件服务器执行解析,但管理员也可以使用它来查询系统的状态。
The first and second sub-protocols are defined as LDAP operations, using the schema defined in the previous section. If each NSDB node is a standard LDAP server, then, in theory, it is unnecessary to describe the LDAP operations in detail because the operations are ordinary LDAP operations to query and update records. However, we do not require that an NSDB node implement a complete LDAP service. Therefore, we define the minimum level of LDAP functionality required to implement an NSDB node.
第一和第二个子协议使用上一节中定义的模式定义为LDAP操作。如果每个NSDB节点都是一个标准的LDAP服务器,那么理论上不需要详细描述LDAP操作,因为这些操作是查询和更新记录的普通LDAP操作。但是,我们不要求NSDB节点实现完整的LDAP服务。因此,我们定义了实现NSDB节点所需的LDAP功能的最低级别。
The NSDB sub-protocols are defined in Section 5.1 and Section 5.2. The descriptions of LDAP messages in these sections use the LDAP Data Interchange Format (LDIF) [RFC2849]. In order to differentiate constant and variable strings in the LDIF specifications, variables are prefixed by a $ character and use all uppercase characters. For example, a variable named FOO would be specified as $FOO.
第5.1节和第5.2节定义了NSDB子协议。这些部分中对LDAP消息的描述使用LDAP数据交换格式(LDIF)[RFC2849]。为了区分LDIF规范中的常量字符串和变量字符串,变量的前缀为$字符,并使用所有大写字符。例如,名为FOO的变量将被指定为$FOO。
This document uses the term "NSDB client" to refer to an LDAP client that uses either of the NSDB sub-protocols.
本文档使用术语“NSDB客户端”来指代使用任一NSDB子协议的LDAP客户端。
The third sub-protocol defines the queries and other requests that are sent to a fileserver in order to get information from it or to modify the state of the fileserver in a manner related to the federation protocols. The primary purpose of this protocol is for an administrator to create or delete a junction or discover related information about a particular fileserver.
第三个子协议定义发送到文件服务器的查询和其他请求,以便从文件服务器获取信息或以与联合协议相关的方式修改文件服务器的状态。此协议的主要目的是让管理员创建或删除连接,或发现有关特定文件服务器的相关信息。
The third sub-protocol is defined as an Open Network Computing (ONC) Remote Procedure Call (RPC) protocol. The reason for using ONC RPC
第三个子协议定义为开放网络计算(ONC)远程过程调用(RPC)协议。使用ONC-RPC的原因
instead of LDAP is that all fileservers support ONC RPC, but some do not support an LDAP directory server.
与LDAP不同的是,所有文件服务器都支持ONC RPC,但有些文件服务器不支持LDAP目录服务器。
The ONC RPC administration protocol is defined in [RFC7533].
[RFC7533]中定义了ONC RPC管理协议。
The admin entity initiates and controls the commands to manage fileset and namespace information. The protocol used for communicating between the admin entity and each NSDB node MUST be the LDAPv3 [RFC4510] protocol.
管理实体启动并控制用于管理文件集和命名空间信息的命令。用于管理实体和每个NSDB节点之间通信的协议必须是LDAPv3[RFC4510]协议。
The names we assign to these operations are entirely for the purpose of exposition in this document and are not part of the LDAP dialogs.
我们为这些操作指定的名称完全是为了在本文档中阐述,而不是LDAP对话框的一部分。
This operation creates a new FSN in the NSDB by adding a new fedfsFsn entry in the NSDB's LDAP directory.
此操作通过在NSDB的LDAP目录中添加新的fedfsFsn条目,在NSDB中创建新的FSN。
A fedfsFsn entry contains a fedfsFsnUuid. The administrator chooses the fedfsFsnUuid by the process described in Section 2.12. A fedfsFsn entry also contains a fedfsFsnTTL. The fedfsFsnTTL is chosen by the administrator as described in Section 2.8.3.
fedfsFsn条目包含FEDFSFSNUID。管理员通过第2.12节中描述的过程选择FEDFSFSNUID。fedfsFsn条目还包含fedfsFsnTTL。fedfsFsnTTL由管理员选择,如第2.8.3节所述。
This operation is implemented using the LDAP ADD request described by the LDIF below.
此操作使用下面LDIF描述的LDAP添加请求实现。
dn: fedfsFsnUuid=$FSNUUID,$NCE changeType: add objectClass: fedfsFsn fedfsFsnUuid: $FSNUUID fedfsFsnTTL: $TTL
dn:FEDFSFSNUID=$FSNUUID,$NCE变更类型:添加对象类:fedfsFsn FEDFSFSNUID:$FSNUUID fedfsFsnTTL:$TTL
For example, if $FSNUUID is "e8c4761c-eb3b-4307-86fc-f702da197966", $TTL is "300" seconds, and $NCE is "o=fedfs", the operation would be:
例如,如果$FSNUUID为“e8c4761c-eb3b-4307-86fc-f702da197966”,$TTL为“300”秒,$NCE为“o=fedfs”,则操作将为:
dn: fedfsFsnUuid=e8c4761c-eb3b-4307-86fc-f702da197966,o=fedfs
changeType: add
objectClass: fedfsFsn
fedfsFsnUuid: e8c4761c-eb3b-4307-86fc-f702da197966
fedfsFsnTTL: 300
dn: fedfsFsnUuid=e8c4761c-eb3b-4307-86fc-f702da197966,o=fedfs
changeType: add
objectClass: fedfsFsn
fedfsFsnUuid: e8c4761c-eb3b-4307-86fc-f702da197966
fedfsFsnTTL: 300
This operation deletes an FSN by removing a fedfsFsn entry in the NSDB's LDAP directory.
此操作通过删除NSDB LDAP目录中的fedfsFsn条目来删除FSN。
If the FSN entry being deleted has child FSL entries, this function MUST return an error. This ensures that the NSDB will not contain any orphaned FSL entries. A compliant LDAP implementation will meet this requirement since Section 4.8 of [RFC4511] defines the LDAP delete operation to only be capable of removing leaf entries.
如果要删除的FSN条目包含子FSL条目,则此函数必须返回错误。这确保NSDB不会包含任何孤立的FSL条目。兼容的LDAP实现将满足此要求,因为[RFC4511]的第4.8节将LDAP删除操作定义为只能删除叶条目。
Note that the FSN delete function removes the fileset only from a federation namespace (by removing the records for that FSN from the NSDB node that receives this request). The fileset and its data are not deleted. Any junction that has this FSN as its target may continue to point to this non-existent FSN. A dangling reference may be detected when a fileserver tries to resolve a junction that refers to the deleted FSN.
请注意,FSN delete函数仅从联合名称空间中删除文件集(通过从接收此请求的NSDB节点中删除该FSN的记录)。文件集及其数据不会被删除。将此FSN作为其目标的任何连接都可能继续指向此不存在的FSN。当文件服务器尝试解析引用已删除FSN的连接时,可能会检测到悬空引用。
This operation is implemented using the LDAP DELETE request described by the LDIF below.
此操作使用下面LDIF描述的LDAP删除请求实现。
dn: fedfsFsnUuid=$FSNUUID,$NCE changeType: delete
dn:FEDFSFSNUID=$FSNUUID,$NCE变更类型:删除
For example, if $FSNUUID is "e8c4761c-eb3b-4307-86fc-f702da197966" and $NCE is "o=fedfs", the operation would be:
例如,如果$FSNUUID是“e8c4761c-eb3b-4307-86fc-f702da197966”,而$NCE是“o=fedfs”,则操作将是:
dn: fedfsFsnUuid=e8c4761c-eb3b-4307-86fc-f702da197966,o=fedfs
changeType: delete
dn: fedfsFsnUuid=e8c4761c-eb3b-4307-86fc-f702da197966,o=fedfs
changeType: delete
This operation creates a new FSL for the given FSN by adding a new fedfsFsl entry in the NSDB's LDAP directory.
此操作通过在NSDB的LDAP目录中添加新的fedfsFsl条目,为给定的FSN创建新的FSL。
A fedfsFsl entry contains a fedfsFslUuid and fedfsFsnUuid. The administrator chooses the fedfsFslUuid. The process for choosing the fedfsFslUuid is described in Section 2.12. The fedfsFsnUuid is the UUID of the FSL's FSN.
fedfsFsl条目包含FEDFSFSLUID和FEDFSFSNUID。管理员选择fedfsfsluid。第2.12节介绍了选择FEDFSFSLUID的过程。FEDFSFSNUID是FSL的FSN的UUID。
The administrator will also set additional attributes depending on the FSL type.
管理员还将根据FSL类型设置其他属性。
This operation is implemented using the LDAP ADD request described by the LDIF below (Note: the LDIF shows the creation of an NFS FSL.)
此操作使用下面LDIF描述的LDAP添加请求实现(注意:LDIF显示NFS FSL的创建。)
dn: fedfsFslUuid=$FSLUUID,fedfsFsnUuid=$FSNUUID,$NCE
changeType: add
objectClass: fedfsNfsFsl
fedfsFslUuid: $FSLUUID
fedfsFsnUuid: $FSNUUID
fedfsNfsURI: nfs://$HOST:$PORT//$PATH
fedfsNfsCurrency: $CURRENCY
fedfsNfsGenFlagWritable: $WRITABLE
fedfsNfsGenFlagGoing: $GOING
fedfsNfsGenFlagSplit: $SPLIT
fedfsNfsTransFlagRdma: $RDMA
fedfsNfsClassSimul: $CLASS_SIMUL
fedfsNfsClassHandle:$CLASS_HANDLE
fedfsNfsClassFileid:$CLASS_FILEID
fedfsNfsClassWritever:$CLASS_WRITEVER
fedfsNfsClassChange: $CLASS_CHANGE
fedfsNfsClassReaddir: $CLASS_READDIR
fedfsNfsReadRank: $READ_RANK
fedfsNfsReadOrder: $READ_ORDER
fedfsNfsWriteRank: $WRITE_RANK
fedfsNfsWriteOrder: $WRITE_ORDER
fedfsNfsVarSub: $VAR_SUB
fedfsNfsValidFor: $TIME
fedfsAnnotation: $ANNOTATION
fedfsDescr: $DESCR
dn: fedfsFslUuid=$FSLUUID,fedfsFsnUuid=$FSNUUID,$NCE
changeType: add
objectClass: fedfsNfsFsl
fedfsFslUuid: $FSLUUID
fedfsFsnUuid: $FSNUUID
fedfsNfsURI: nfs://$HOST:$PORT//$PATH
fedfsNfsCurrency: $CURRENCY
fedfsNfsGenFlagWritable: $WRITABLE
fedfsNfsGenFlagGoing: $GOING
fedfsNfsGenFlagSplit: $SPLIT
fedfsNfsTransFlagRdma: $RDMA
fedfsNfsClassSimul: $CLASS_SIMUL
fedfsNfsClassHandle:$CLASS_HANDLE
fedfsNfsClassFileid:$CLASS_FILEID
fedfsNfsClassWritever:$CLASS_WRITEVER
fedfsNfsClassChange: $CLASS_CHANGE
fedfsNfsClassReaddir: $CLASS_READDIR
fedfsNfsReadRank: $READ_RANK
fedfsNfsReadOrder: $READ_ORDER
fedfsNfsWriteRank: $WRITE_RANK
fedfsNfsWriteOrder: $WRITE_ORDER
fedfsNfsVarSub: $VAR_SUB
fedfsNfsValidFor: $TIME
fedfsAnnotation: $ANNOTATION
fedfsDescr: $DESCR
For example, if $FSNUUID is "e8c4761c-eb3b-4307-86fc-f702da197966", $FSLUUID is "ba89a802-41a9-44cf-8447-dda367590eb3", $HOST is "server.example.com", $PORT is "20049", $PATH is stored in the file "/tmp/fsl_path", $CURRENCY is "0" (an up-to-date copy), the FSL is writable, but not going, split, or accessible via Remote Direct Memory Access (RDMA), the simultaneous-use class is "1", the handle class is "0", the fileid class is "1", the write-verifier class is "1", the change class is "1", the readdir class is "9", the read rank is "7", the read order is "8", the write rank is "5", the write order is "6", variable substitution is false, $TIME is "300" seconds, $ANNOTATION is ""foo" = "bar"", $DESC is "This is a description.", and $NCE is "o=fedfs", the operation would be (for readability, the DN is split into two lines):
例如,如果$FSLUUID是“e8c4761c-eb3b-4307-86fc-f702da197966”、$FSLUUID是“ba89a802-41a9-44cf-8447-dda367590eb3”、$HOST是“server.example.com”、$PORT是“20049”、$PATH存储在文件“/tmp/fsl_PATH”中、$CURRENCY是“0”(最新副本),则fsl是可写的,但不能继续、拆分或通过远程直接内存访问(RDMA)访问,同时使用类为“1”,句柄类为“0”,fileid类为“1”,写入验证程序类为“1”,更改类为“1”,readdir类为“9”,读取秩为“7”,读取顺序为“8”,写入秩为“5”,写入顺序为“6”,变量替换为false,$TIME为“300”秒,$ANNOTATION为“foo”=“bar”,$DESC是“这是一个描述,”,而$NCE是“o=fedfs”,操作将是(为了可读性,DN分为两行):
dn: fedfsFslUuid=ba89a802-41a9-44cf-8447-dda367590eb3, fedfsFsnUuid=e8c4761c-eb3b-4307-86fc-f702da197966,o=fedfs changeType: add objectClass: fedfsNfsFsl fedfsFslUuid: ba89a802-41a9-44cf-8447-dda367590eb3 fedfsFsnUuid: e8c4761c-eb3b-4307-86fc-f702da197966 fedfsNfsURI: nfs://server.example.com:20049//tmp/fsl_path fedfsNfsCurrency: 0 fedfsNfsGenFlagWritable: TRUE fedfsNfsGenFlagGoing: FALSE fedfsNfsGenFlagSplit: FALSE fedfsNfsTransFlagRdma: FALSE fedfsNfsClassSimul: 1 fedfsNfsClassHandle: 0 fedfsNfsClassFileid: 1 fedfsNfsClassWritever: 1 fedfsNfsClassChange: 1 fedfsNfsClassReaddir: 9 fedfsNfsReadRank: 7 fedfsNfsReadOrder: 8 fedfsNfsWriteRank: 5 fedfsNfsWriteOrder: 6 fedfsNfsVarSub: FALSE fedfsNfsValidFor: 300 fedfsAnnotation: "foo" = "bar" fedfsDescr: This is a description.
dn:FEDFSFSUUID=ba89a802-41a9-44cf-8447-dda367590eb3,FEDFSFSUUID=e8c4761c-eb3b-4307-86fc-F702DA19766,o=fedfs变更类型:添加对象类:FEDFSNFSSL FEDFSFLUUID:ba89a802-41a9-44cf-8447-dda367590eb3 FEDFSFNUUID:e8c4761c-eb3b-4307-86fc-F702DA19766 FEDFSFSURI:nfs://server.example.com:20049//tmp/fsl_path fedfsNfsCurrency:0 fedfsNfsGenFlagWritable:TRUE fedfsNfsGenFlagGoing:FALSE fedfsNfsGenFlagSplit:FALSE fedfsNfsTransFlagRdma:FALSEFEDFSFSClassSimul:1 FEDFSFSClassHandle:0 FEDFSFSFSClassFileId:1 FEDFSFSClassWritever:1 FEDFSFSClassChange:1 FEDFSFSFSClassReadDir:9 FEDFSFSREADRANK:7 FEDFSFSREADER:8 FEDFSFSFSWriteRank:5 FEDFSFSFSWriteOrder:6 FEDFSFSvarsub:FALSE FEDFSFNFSvalidFor:300 FEDFSFAnnotation:“foo”=“bar”fedfsDescr:这是一个描述。
The fedfsNfsFSl object class is used to describe NFSv4-accessible filesets. For the reasons described in Section 2.8.4, administrators SHOULD choose reasonable values for all LDAP attributes of an NFSv4-accessible fedfsNfsFsl even though some of these LDAP attributes are not explicitly contained in an NFSv4 fs_locations attribute.
FEDFSNFSSL对象类用于描述NFSv4可访问的文件集。出于第2.8.4节所述原因,管理员应为NFSv4可访问FEDFSNFSSL的所有LDAP属性选择合理的值,即使其中一些LDAP属性未明确包含在NFSv4 fs_locations属性中。
When the administrator is unable to choose reasonable values for the LDAP attributes not explicitly contained in an NFSv4 fs_locations attribute, the values in the following table are RECOMMENDED.
当管理员无法为NFSv4 fs_locations属性中未明确包含的LDAP属性选择合理值时,建议使用下表中的值。
+-------------------------+----------+------------------------------+
| LDAP attribute | LDAP | Notes |
| | value | |
+-------------------------+----------+------------------------------+
| fedfsNfsCurrency | negative | Indicates that the server |
| | value | does not know the currency |
| | | (see Section 11.10.1 of |
| | | [RFC5661]). |
| fedfsNfsGenFlagWritable | FALSE | Leaving unset is not harmful |
| | | (see Section 11.10.1 of |
| | | [RFC5661]). |
| fedfsNfsGenFlagGoing | FALSE | NFS client will detect a |
| | | migration event if the FSL |
| | | becomes unavailable. |
| fedfsNfsGenFlagSplit | TRUE | Safe to assume that the FSL |
| | | is split. |
| fedfsNfsTransFlagRdma | TRUE | NFS client will detect if |
| | | RDMA access is available. |
| fedfsNfsClassSimul | 0 | 0 is treated as non-matching |
| | | (see Section 11.10.1 of |
| | | [RFC5661]). |
| fedfsNfsClassHandle | 0 | See fedfsNfsClassSimul note. |
| fedfsNfsClassFileid | 0 | See fedfsNfsClassSimul note. |
| fedfsNfsClassWritever | 0 | See fedfsNfsClassSimul note. |
| fedfsNfsClassChange | 0 | See fedfsNfsClassSimul note. |
| fedfsNfsClassReaddir | 0 | See fedfsNfsClassSimul note. |
| fedfsNfsReadRank | 0 | Highest value ensures FSL |
| | | will be tried. |
| fedfsNfsReadOrder | 0 | See fedfsNfsReadRank note. |
| fedfsNfsWriteRank | 0 | See fedfsNfsReadRank note. |
| fedfsNfsWriteOrder | 0 | See fedfsNfsReadRank note. |
| fedfsNfsVarSub | FALSE | NFSv4 does not define |
| | | variable substitution in |
| | | paths. |
| fedfsNfsValidFor | 0 | Indicates no appropriate |
| | | refetch interval (see |
| | | Section 11.10.2 of |
| | | [RFC5661]). |
+-------------------------+----------+------------------------------+
+-------------------------+----------+------------------------------+
| LDAP attribute | LDAP | Notes |
| | value | |
+-------------------------+----------+------------------------------+
| fedfsNfsCurrency | negative | Indicates that the server |
| | value | does not know the currency |
| | | (see Section 11.10.1 of |
| | | [RFC5661]). |
| fedfsNfsGenFlagWritable | FALSE | Leaving unset is not harmful |
| | | (see Section 11.10.1 of |
| | | [RFC5661]). |
| fedfsNfsGenFlagGoing | FALSE | NFS client will detect a |
| | | migration event if the FSL |
| | | becomes unavailable. |
| fedfsNfsGenFlagSplit | TRUE | Safe to assume that the FSL |
| | | is split. |
| fedfsNfsTransFlagRdma | TRUE | NFS client will detect if |
| | | RDMA access is available. |
| fedfsNfsClassSimul | 0 | 0 is treated as non-matching |
| | | (see Section 11.10.1 of |
| | | [RFC5661]). |
| fedfsNfsClassHandle | 0 | See fedfsNfsClassSimul note. |
| fedfsNfsClassFileid | 0 | See fedfsNfsClassSimul note. |
| fedfsNfsClassWritever | 0 | See fedfsNfsClassSimul note. |
| fedfsNfsClassChange | 0 | See fedfsNfsClassSimul note. |
| fedfsNfsClassReaddir | 0 | See fedfsNfsClassSimul note. |
| fedfsNfsReadRank | 0 | Highest value ensures FSL |
| | | will be tried. |
| fedfsNfsReadOrder | 0 | See fedfsNfsReadRank note. |
| fedfsNfsWriteRank | 0 | See fedfsNfsReadRank note. |
| fedfsNfsWriteOrder | 0 | See fedfsNfsReadRank note. |
| fedfsNfsVarSub | FALSE | NFSv4 does not define |
| | | variable substitution in |
| | | paths. |
| fedfsNfsValidFor | 0 | Indicates no appropriate |
| | | refetch interval (see |
| | | Section 11.10.2 of |
| | | [RFC5661]). |
+-------------------------+----------+------------------------------+
This operation deletes an FSL record. The admin requests the NSDB node storing the fedfsFsl to delete it from its database. This operation does not result in fileset data being deleted on any fileserver.
此操作删除FSL记录。管理员请求存储fedfsFsl的NSDB节点将其从数据库中删除。此操作不会导致删除任何文件服务器上的文件集数据。
The admin sends an LDAP DELETE request to the NSDB node to remove the FSL.
管理员向NSDB节点发送LDAP删除请求以删除FSL。
dn: fedfsFslUuid=$FSLUUID,fedfsFsnUuid=$FSNUUID,$NCE
changeType: delete
dn: fedfsFslUuid=$FSLUUID,fedfsFsnUuid=$FSNUUID,$NCE
changeType: delete
For example, if $FSNUUID is "e8c4761c-eb3b-4307-86fc-f702da197966", $FSLUUID is "ba89a802-41a9-44cf-8447-dda367590eb3", and $NCE is "o=fedfs", the operation would be (for readability, the DN is split into two lines):
例如,如果$FSNUUID是“e8c4761c-eb3b-4307-86fc-f702da197966”、$FSLUUID是“ba89a802-41a9-44cf-8447-dda367590eb3”、$NCE是“o=fedfs”,则操作将是(为了可读性,DN分为两行):
dn: fedfsFslUuid=ba89a802-41a9-44cf-8447-dda367590eb3,
fedfsFsnUuid=e8c4761c-eb3b-4307-86fc-f702da197966,o=fedfs
changeType: delete
dn: fedfsFslUuid=ba89a802-41a9-44cf-8447-dda367590eb3,
fedfsFsnUuid=e8c4761c-eb3b-4307-86fc-f702da197966,o=fedfs
changeType: delete
This operation updates the attributes of a given FSL. This command results in a change in the attributes of the fedfsFsl at the NSDB node maintaining this FSL. The values of the fedfsFslUuid and fedfsFsnUuid attributes MUST NOT change during an FSL update.
此操作更新给定FSL的属性。此命令导致在维护此FSL的NSDB节点上更改fedfsFsl的属性。在FSL更新期间,FEDFSFSLUID和FEDFSFSNUID属性的值不得更改。
The admin sends an LDAP MODIFY request to the NSDB node to update the FSL.
管理员向NSDB节点发送LDAP修改请求以更新FSL。
dn: fedfsFslUuid=$FSLUUID,fedfsFsnUuid=$FSNUUID,$NCE
changeType: modify
replace: $ATTRIBUTE-TYPE
dn: fedfsFslUuid=$FSLUUID,fedfsFsnUuid=$FSNUUID,$NCE
changeType: modify
replace: $ATTRIBUTE-TYPE
For example, if $FSNUUID is "e8c4761c-eb3b-4307-86fc-f702da197966", $FSLUUID is "ba89a802-41a9-44cf-8447-dda367590eb3", $NCE is "o=fedfs", and the administrator wished to change the NFS read rank to 10, the operation would be (for readability, the DN is split into two lines):
例如,如果$FSNUUID是“e8c4761c-eb3b-4307-86fc-f702da197966”、$FSLUUID是“ba89a802-41a9-44cf-8447-dda367590eb3”、$NCE是“o=fedfs”,并且管理员希望将NFS读秩更改为10,则操作将是(为了可读性,DN分为两行):
dn: fedfsFslUuid=ba89a802-41a9-44cf-8447-dda367590eb3,
fedfsFsnUuid=e8c4761c-eb3b-4307-86fc-f702da197966,o=fedfs
changeType: modify
replace: fedfsNfsReadClass
fedfsNfsReadRank: 10
dn: fedfsFslUuid=ba89a802-41a9-44cf-8447-dda367590eb3,
fedfsFsnUuid=e8c4761c-eb3b-4307-86fc-f702da197966,o=fedfs
changeType: modify
replace: fedfsNfsReadClass
fedfsNfsReadRank: 10
To find the NCEs for the NSDB nsdb.example.com, a fileserver would do the following:
要查找NSDB NSDB.example.com的NCE,文件服务器将执行以下操作:
nce_list = empty
connect to the LDAP directory at nsdb.example.com
for each namingContext value $BAR in the root DSE
/* $BAR is a DN */
query for a fedfsNceDN value at $BAR
/*
* The RFC 4516 LDAP URL for this search would be
*
* ldap://nsdb.example.com:389/$BAR?fedfsNceDN??
* (objectClass=fedfsNsdbContainerInfo)
*
*/
if a fedfsNceDN value is found
add the value to the nce_list
nce_list = empty
connect to the LDAP directory at nsdb.example.com
for each namingContext value $BAR in the root DSE
/* $BAR is a DN */
query for a fedfsNceDN value at $BAR
/*
* The RFC 4516 LDAP URL for this search would be
*
* ldap://nsdb.example.com:389/$BAR?fedfsNceDN??
* (objectClass=fedfsNsdbContainerInfo)
*
*/
if a fedfsNceDN value is found
add the value to the nce_list
Using an LDAP search, the fileserver can obtain all of the FSLs for a given FSN. The FSN's fedfsFsnUuid is used as the search key. The following examples use the LDAP Uniform Resource Identifier (URI) format defined in [RFC4516].
使用LDAP搜索,文件服务器可以获取给定FSN的所有FSL。FSN的FEDFSFSNUID用作搜索键。以下示例使用[RFC4516]中定义的LDAP统一资源标识符(URI)格式。
To obtain a list of all FSLs for $FSNUUID on the NSDB named $NSDBNAME, the following search can be used (for readability, the URI is split into two lines):
要获取名为$NSDBNAME的NSDB上$FSNUUID的所有FSL的列表,可以使用以下搜索(为了可读性,URI分为两行):
for each $NCE in nce_list
ldap://$NSDBNAME/fedfsFsnUuid=$FSNUUID,$NCE??one?
(objectClass=fedfsFsl)
for each $NCE in nce_list
ldap://$NSDBNAME/fedfsFsnUuid=$FSNUUID,$NCE??one?
(objectClass=fedfsFsl)
This search is for the children of the object with DN "fedfsFsnUuid=$FSNUUID,$NCE" with a filter for "objectClass=fedfsFsl". The scope value of "one" restricts the search to the entry's children (rather than the entire subtree below the entry), and the filter ensures that only FSL entries are returned.
此搜索用于DN为“FEDFSFSNUID=$FSNUUID,$NCE”且筛选器为“objectClass=fedfsFsl”的对象的子对象。scope值“one”将搜索限制为条目的子项(而不是条目下的整个子树),并且过滤器确保只返回FSL条目。
For example, if $NSDBNAME is "nsdb.example.com", $FSNUUID is "e8c4761c-eb3b-4307-86fc-f702da197966", and $NCE is "o=fedfs", the search would be (for readability, the URI is split into three lines):
例如,如果$NSDBNAME是“nsdb.example.com”、$FSNUUID是“e8c4761c-eb3b-4307-86fc-F702DA19766”、$NCE是“o=fedfs”,则搜索将是(为了可读性,URI分为三行):
ldap://nsdb.example.com/
fedfsFsnUuid=e8c4761c-eb3b-4307-86fc-f702da197966,o=fedfs
??one?(objectClass=fedfsFsl)
ldap://nsdb.example.com/
fedfsFsnUuid=e8c4761c-eb3b-4307-86fc-f702da197966,o=fedfs
??one?(objectClass=fedfsFsl)
The following search can be used to obtain only the NFS FSLs for $FSNUUID on the NSDB named $NSDBNAME (for readability, the URI is split into two lines):
以下搜索可用于在名为$NSDBNAME的NSDB上仅获取$FSNUUID的NFS FSL(为了可读性,URI分为两行):
for each $NCE in nce_list
ldap://$NSDBNAME/fedfsFsnUuid=$FSNUUID,$NCE??one?
(objectClass=fedfsNfsFsl)
for each $NCE in nce_list
ldap://$NSDBNAME/fedfsFsnUuid=$FSNUUID,$NCE??one?
(objectClass=fedfsNfsFsl)
This also searches for the children of the object with DN "fedfsFsnUuid=$FSNUUID,$NCE", but the filter for "objectClass = fedfsNfsFsl" restricts the results to only NFS FSLs.
这还会搜索DN为“fedfsfsnuid=$FSNUUID,$NCE”的对象的子对象,但“objectClass=fedfsnfssl”的筛选器将结果仅限于NFS FSL。
For example, if $NSDBNAME is nsdb.example.com, $FSNUUID is "e8c4761c-eb3b-4307-86fc-f702da197966", and $NCE is "o=fedfs", the search would be (for readability, the URI is split into three lines):
例如,如果$NSDBNAME是nsdb.example.com,$FSNUUID是“e8c4761c-eb3b-4307-86fc-f702da197966”,而$NCE是“o=fedfs”,则搜索将是(为了可读性,URI分为三行):
ldap://nsdb.example.com/
fedfsFsnUuid=e8c4761c-eb3b-4307-86fc-f702da197966,o=fedfs
??one?(objectClass=fedfsNfsFsl)
ldap://nsdb.example.com/
fedfsFsnUuid=e8c4761c-eb3b-4307-86fc-f702da197966,o=fedfs
??one?(objectClass=fedfsNfsFsl)
The fileserver will generate a referral based on the set of FSLs returned by these queries using the process described in Section 2.8.4.
文件服务器将使用第2.8.4节中描述的过程,根据这些查询返回的FSL集生成引用。
The LDAPv3 protocol defines an LDAP referral mechanism that allows an LDAP server to redirect an LDAP client. LDAPv3 defines two types of LDAP referrals: the Referral type defined in Section 4.1.10 of [RFC4511] and the SearchResultReference type defined in Section 4.5.3 of [RFC4511]. In both cases, the LDAP referral lists one or more URIs for services that can be used to complete the operation. In the remainder of this document, the term "LDAP referral" is used to indicate either of these types.
LDAPv3协议定义了一种LDAP引用机制,允许LDAP服务器重定向LDAP客户端。LDAPv3定义了两种类型的LDAP引用:在[RFC4511]第4.1.10节中定义的引用类型和在[RFC4511]第4.5.3节中定义的SearchResultReference类型。在这两种情况下,LDAP引用都会列出可用于完成操作的服务的一个或多个URI。在本文档的其余部分中,术语“LDAP引用”用于表示这两种类型中的任何一种。
If an NSDB operation results in an LDAP referral, the NSDB client MAY follow the LDAP referral. An NSDB client's decision to follow an LDAP referral is implementation and configuration dependent. For example, an NSDB client might be configured to follow only those LDAP referrals that were received over a secure channel or only those that target an NSDB that supports encrypted communication. If an NSDB client chooses to follow an LDAP referral, the NSDB client MUST process the LDAP referral and prevent looping as described in Section 4.1.10 of [RFC4511].
如果NSDB操作导致LDAP引用,NSDB客户端可能会遵循LDAP引用。NSDB客户端遵循LDAP引用的决定取决于实现和配置。例如,NSDB客户端可能被配置为仅遵循通过安全通道接收的LDAP引用,或者仅遵循那些以支持加密通信的NSDB为目标的LDAP引用。如果NSDB客户端选择遵循LDAP引用,则NSDB客户端必须按照[RFC4511]第4.1.10节所述处理LDAP引用并防止循环。
Both the NFSv4 and LDAPv3 protocols provide security mechanisms. When used in conjunction with the federated file system protocols described in this document, the use of these mechanisms is RECOMMENDED. Specifically, the use of RPCSEC_GSS [RFC2203], which is built on the Generic Security Service Application Program Interface (GSS-API) [RFC2743], is RECOMMENDED on all NFS connections between a file-access client and fileserver. The security considerations sections of the NFSv4.0 [RFC7530] and NFSv4.1 [RFC5661] specifications contain special considerations for the handling of GETATTR operations for the fs_locations and fs_locations_info attributes.
NFSv4和LDAPv3协议都提供了安全机制。当与本文档中描述的联邦文件系统协议结合使用时,建议使用这些机制。具体而言,建议在文件访问客户端和文件服务器之间的所有NFS连接上使用基于通用安全服务应用程序接口(GSS-API)[RFC2743]的RPCSEC_GSS[RFC2203]。NFSv4.0[RFC7530]和NFSv4.1[RFC5661]规范的安全注意事项部分包含处理fs_位置和fs_位置信息属性的GETATTR操作的特殊注意事项。
NSDB nodes and NSDB clients MUST implement support for TLS [RFC5246], as described in [RFC4513]. For all LDAP connections established by the federated file system protocols, the use of TLS is RECOMMENDED.
NSDB节点和NSDB客户端必须实现对TLS[RFC5246]的支持,如[RFC4513]中所述。对于由联邦文件系统协议建立的所有LDAP连接,建议使用TLS。
If an NSDB client chooses to follow an LDAP referral, the NSDB client SHOULD authenticate the LDAP referral's target NSDB using the target NSDB's credentials (not the credentials of the NSDB that generated the LDAP referral). The NSDB client SHOULD NOT follow an LDAP referral that targets an NSDB for which it does not know the NSDB's credentials.
如果NSDB客户端选择遵循LDAP引用,则NSDB客户端应使用目标NSDB的凭据(而不是生成LDAP引用的NSDB的凭据)对LDAP引用的目标NSDB进行身份验证。NSDB客户端不应遵循针对其不知道NSDB凭据的NSDB的LDAP引用。
Within a federation, there are two types of components an attacker may compromise: a fileserver and an NSDB.
在联盟中,攻击者可能会危害两种类型的组件:文件服务器和NSDB。
If an attacker compromises a fileserver, the attacker can interfere with a file-access client's file system input/output (I/O) operations (e.g., by returning fictitious data in the response to a read request) or can fabricate a referral. The attacker's abilities are the same regardless of whether or not the federation protocols are in use. While the federation protocols do not give the attacker additional capabilities, they are additional targets for attack. The LDAP protocol described in Section 5.2 SHOULD be secured using the methods described above to defeat attacks on a fileserver via this channel.
如果攻击者破坏文件服务器,则攻击者可以干扰文件访问客户端的文件系统输入/输出(I/O)操作(例如,通过在对读取请求的响应中返回虚拟数据),或者伪造引用。无论是否使用联合协议,攻击者的能力都是相同的。虽然联邦协议没有为攻击者提供额外的功能,但它们是额外的攻击目标。应使用上述方法保护第5.2节中描述的LDAP协议,以通过此通道抵御对文件服务器的攻击。
If an attacker compromises an NSDB, the attacker will be able to forge FSL information and thus poison the fileserver's referral information. Therefore, an NSDB should be as secure as the fileservers that query it. The LDAP operations described in Section 5 SHOULD be secured using the methods described above to defeat attacks on an NSDB via this channel.
如果攻击者破坏NSDB,攻击者将能够伪造FSL信息,从而毒害文件服务器的引用信息。因此,NSDB应该和查询它的文件服务器一样安全。应使用上述方法保护第5节中描述的LDAP操作,以通过此通道抵御对NSDB的攻击。
A fileserver binds anonymously when performing NSDB operations. Thus, the contents and distinguished names of FSN and FSL records are required to be readable by anyone who can bind anonymously to an NSDB service. Section 2.12 presents the security considerations in the choice of the type of UUID used in these records.
文件服务器在执行NSDB操作时匿名绑定。因此,可以匿名绑定到NSDB服务的任何人都需要能够读取FSN和FSL记录的内容和可分辨名称。第2.12节介绍了选择这些记录中使用的UUID类型时的安全注意事项。
It should be noted that the federation protocols do not directly provide access to file system data. The federation protocols only provide a mechanism for building a namespace. All data transfers occur between a file-access client and fileserver just as they would if the federation protocols were not in use. As a result, the federation protocols do not require new user authentication and authorization mechanisms or require a fileserver to act as a proxy for a client.
应该注意的是,联合协议并不直接提供对文件系统数据的访问。联合协议仅提供用于构建命名空间的机制。所有数据传输都发生在文件访问客户端和文件服务器之间,就像不使用联合协议时一样。因此,联合协议不需要新的用户身份验证和授权机制,也不需要文件服务器作为客户端的代理。
This document defines the fedfsAnnotation key in Section 4.2.1.6. The fedfsAnnotation key namespace is managed by IANA. IANA has created and now maintains a new registry entitled "FedFS Annotation Keys". The location of this registry is under a new heading called "Federated File System (FedFS) Parameters". The URL address is <http://www.iana.org/assignments/fedfs-parameters>.
本文件在第4.2.1.6节中定义了FEDFS注释键。FEDFSNotation密钥命名空间由IANA管理。IANA已经创建并维护了一个名为“FedFS注释键”的新注册表。此注册表的位置位于名为“联邦文件系统(FedFS)参数”的新标题下。URL地址为<http://www.iana.org/assignments/fedfs-parameters>.
Future registrations are to be administered by IANA using the "First Come First Served" policy defined in [RFC5226]. Registration requests MUST include the key (a valid UTF-8 string of any length), a brief description of the key's purpose, and an email contact for the registration. For viewing, the registry should be sorted lexicographically by key. There are no initial assignments for this registry.
IANA将使用[RFC5226]中定义的“先到先得”政策管理未来的注册。注册请求必须包括密钥(任意长度的有效UTF-8字符串)、密钥用途的简要说明以及注册的电子邮件联系人。为了便于查看,注册表应按关键字按字典顺序排序。此注册表没有初始分配。
Using the process described in [RFC2578], one of the authors was assigned the Internet Private Enterprise Numbers range 1.3.6.1.4.1.31103.x. Within this range, the subrange 1.3.6.1.4.1.31103.1.x is permanently dedicated for use by the federated file system protocols. Unassigned OIDs in this range MAY be used for Private Use or Experimental Use as defined in [RFC5226]. New permanent FedFS OID assignments MUST NOT be made using OIDs in this range.
使用[RFC2578]中所述的流程,其中一位作者被分配到互联网私有企业编号范围1.3.6.1.4.1.31103.x。在此范围内,子范围1.3.6.1.4.1.31103.1.x永久专用于联邦文件系统协议。此范围内的未分配OID可用于私人用途或[RFC5226]中定义的实验用途。不能使用此范围内的OID进行新的永久FedFS OID分配。
IANA has created and now maintains a new registry entitled "FedFS Object Identifiers" for the purpose of recording the allocations of FedFS Object Identifiers (OIDs) specified by this document. No future allocations in this registry are allowed.
IANA已经创建并维护了一个名为“FedFS对象标识符”的新注册表,用于记录本文档指定的FedFS对象标识符(OID)的分配。不允许在此注册表中进行以后的分配。
The location of this registry is under the heading "Federated File System (FedFS) Parameters", created in Section 7.1. The URL address is <http://www.iana.org/assignments/fedfs-parameters>.
该注册表的位置位于第7.1节中创建的标题“联邦文件系统(FedFS)参数”下。URL地址为<http://www.iana.org/assignments/fedfs-parameters>.
For viewing, the registry has been sorted numerically by OID value. The contents of the "FedFS Object Identifiers" registry are given in Table 1.
为了便于查看,注册表已按OID值进行数字排序。表1给出了“FedFS对象标识符”注册表的内容。
Note: A descriptor designated below as "historic" reserves an OID used in a past version of the NSDB protocol. Registering such OIDs retains compatibility among existing implementations of the NSDB protocol. This document does not otherwise refer to historic OIDs.
注:下面指定为“历史”的描述符保留NSDB协议过去版本中使用的OID。注册此类OID可保持NSDB协议现有实现之间的兼容性。本文件不涉及历史OID。
+---------------------------+--------------------------+-----------+
| OID | Description | Reference |
+---------------------------+--------------------------+-----------+
| 1.3.6.1.4.1.31103.1.1 | fedfsUuid | RFC 7532 |
| 1.3.6.1.4.1.31103.1.2 | fedfsNetAddr | historic |
| 1.3.6.1.4.1.31103.1.3 | fedfsNetPort | historic |
| 1.3.6.1.4.1.31103.1.4 | fedfsFsnUuid | RFC 7532 |
| 1.3.6.1.4.1.31103.1.5 | fedfsNsdbName | historic |
| 1.3.6.1.4.1.31103.1.6 | fedfsNsdbPort | historic |
| 1.3.6.1.4.1.31103.1.7 | fedfsNcePrefix | historic |
| 1.3.6.1.4.1.31103.1.8 | fedfsFslUuid | RFC 7532 |
| 1.3.6.1.4.1.31103.1.9 | fedfsFslHost | historic |
| 1.3.6.1.4.1.31103.1.10 | fedfsFslPort | historic |
| 1.3.6.1.4.1.31103.1.11 | fedfsFslTTL | historic |
| 1.3.6.1.4.1.31103.1.12 | fedfsAnnotation | RFC 7532 |
| 1.3.6.1.4.1.31103.1.13 | fedfsDescr | RFC 7532 |
| 1.3.6.1.4.1.31103.1.14 | fedfsNceDN | RFC 7532 |
| 1.3.6.1.4.1.31103.1.15 | fedfsFsnTTL | RFC 7532 |
| 1.3.6.1.4.1.31103.1.100 | fedfsNfsPath | historic |
| 1.3.6.1.4.1.31103.1.101 | fedfsNfsMajorVer | historic |
| 1.3.6.1.4.1.31103.1.102 | fedfsNfsMinorVer | historic |
| 1.3.6.1.4.1.31103.1.103 | fedfsNfsCurrency | RFC 7532 |
| 1.3.6.1.4.1.31103.1.104 | fedfsNfsGenFlagWritable | RFC 7532 |
| 1.3.6.1.4.1.31103.1.105 | fedfsNfsGenFlagGoing | RFC 7532 |
| 1.3.6.1.4.1.31103.1.106 | fedfsNfsGenFlagSplit | RFC 7532 |
| 1.3.6.1.4.1.31103.1.107 | fedfsNfsTransFlagRdma | RFC 7532 |
| 1.3.6.1.4.1.31103.1.108 | fedfsNfsClassSimul | RFC 7532 |
| 1.3.6.1.4.1.31103.1.109 | fedfsNfsClassHandle | RFC 7532 |
| 1.3.6.1.4.1.31103.1.110 | fedfsNfsClassFileid | RFC 7532 |
| 1.3.6.1.4.1.31103.1.111 | fedfsNfsClassWritever | RFC 7532 |
| 1.3.6.1.4.1.31103.1.112 | fedfsNfsClassChange | RFC 7532 |
| 1.3.6.1.4.1.31103.1.113 | fedfsNfsClassReaddir | RFC 7532 |
| 1.3.6.1.4.1.31103.1.114 | fedfsNfsReadRank | RFC 7532 |
| 1.3.6.1.4.1.31103.1.115 | fedfsNfsReadOrder | RFC 7532 |
| 1.3.6.1.4.1.31103.1.116 | fedfsNfsWriteRank | RFC 7532 |
| 1.3.6.1.4.1.31103.1.117 | fedfsNfsWriteOrder | RFC 7532 |
| 1.3.6.1.4.1.31103.1.118 | fedfsNfsVarSub | RFC 7532 |
| 1.3.6.1.4.1.31103.1.119 | fedfsNfsValidFor | RFC 7532 |
| 1.3.6.1.4.1.31103.1.120 | fedfsNfsURI | RFC 7532 |
| 1.3.6.1.4.1.31103.1.1001 | fedfsNsdbContainerInfo | RFC 7532 |
| 1.3.6.1.4.1.31103.1.1002 | fedfsFsn | RFC 7532 |
| 1.3.6.1.4.1.31103.1.1003 | fedfsFsl | RFC 7532 |
| 1.3.6.1.4.1.31103.1.1004 | fedfsNfsFsl | RFC 7532 |
+---------------------------+--------------------------+-----------+
+---------------------------+--------------------------+-----------+
| OID | Description | Reference |
+---------------------------+--------------------------+-----------+
| 1.3.6.1.4.1.31103.1.1 | fedfsUuid | RFC 7532 |
| 1.3.6.1.4.1.31103.1.2 | fedfsNetAddr | historic |
| 1.3.6.1.4.1.31103.1.3 | fedfsNetPort | historic |
| 1.3.6.1.4.1.31103.1.4 | fedfsFsnUuid | RFC 7532 |
| 1.3.6.1.4.1.31103.1.5 | fedfsNsdbName | historic |
| 1.3.6.1.4.1.31103.1.6 | fedfsNsdbPort | historic |
| 1.3.6.1.4.1.31103.1.7 | fedfsNcePrefix | historic |
| 1.3.6.1.4.1.31103.1.8 | fedfsFslUuid | RFC 7532 |
| 1.3.6.1.4.1.31103.1.9 | fedfsFslHost | historic |
| 1.3.6.1.4.1.31103.1.10 | fedfsFslPort | historic |
| 1.3.6.1.4.1.31103.1.11 | fedfsFslTTL | historic |
| 1.3.6.1.4.1.31103.1.12 | fedfsAnnotation | RFC 7532 |
| 1.3.6.1.4.1.31103.1.13 | fedfsDescr | RFC 7532 |
| 1.3.6.1.4.1.31103.1.14 | fedfsNceDN | RFC 7532 |
| 1.3.6.1.4.1.31103.1.15 | fedfsFsnTTL | RFC 7532 |
| 1.3.6.1.4.1.31103.1.100 | fedfsNfsPath | historic |
| 1.3.6.1.4.1.31103.1.101 | fedfsNfsMajorVer | historic |
| 1.3.6.1.4.1.31103.1.102 | fedfsNfsMinorVer | historic |
| 1.3.6.1.4.1.31103.1.103 | fedfsNfsCurrency | RFC 7532 |
| 1.3.6.1.4.1.31103.1.104 | fedfsNfsGenFlagWritable | RFC 7532 |
| 1.3.6.1.4.1.31103.1.105 | fedfsNfsGenFlagGoing | RFC 7532 |
| 1.3.6.1.4.1.31103.1.106 | fedfsNfsGenFlagSplit | RFC 7532 |
| 1.3.6.1.4.1.31103.1.107 | fedfsNfsTransFlagRdma | RFC 7532 |
| 1.3.6.1.4.1.31103.1.108 | fedfsNfsClassSimul | RFC 7532 |
| 1.3.6.1.4.1.31103.1.109 | fedfsNfsClassHandle | RFC 7532 |
| 1.3.6.1.4.1.31103.1.110 | fedfsNfsClassFileid | RFC 7532 |
| 1.3.6.1.4.1.31103.1.111 | fedfsNfsClassWritever | RFC 7532 |
| 1.3.6.1.4.1.31103.1.112 | fedfsNfsClassChange | RFC 7532 |
| 1.3.6.1.4.1.31103.1.113 | fedfsNfsClassReaddir | RFC 7532 |
| 1.3.6.1.4.1.31103.1.114 | fedfsNfsReadRank | RFC 7532 |
| 1.3.6.1.4.1.31103.1.115 | fedfsNfsReadOrder | RFC 7532 |
| 1.3.6.1.4.1.31103.1.116 | fedfsNfsWriteRank | RFC 7532 |
| 1.3.6.1.4.1.31103.1.117 | fedfsNfsWriteOrder | RFC 7532 |
| 1.3.6.1.4.1.31103.1.118 | fedfsNfsVarSub | RFC 7532 |
| 1.3.6.1.4.1.31103.1.119 | fedfsNfsValidFor | RFC 7532 |
| 1.3.6.1.4.1.31103.1.120 | fedfsNfsURI | RFC 7532 |
| 1.3.6.1.4.1.31103.1.1001 | fedfsNsdbContainerInfo | RFC 7532 |
| 1.3.6.1.4.1.31103.1.1002 | fedfsFsn | RFC 7532 |
| 1.3.6.1.4.1.31103.1.1003 | fedfsFsl | RFC 7532 |
| 1.3.6.1.4.1.31103.1.1004 | fedfsNfsFsl | RFC 7532 |
+---------------------------+--------------------------+-----------+
Table 1
表1
In accordance with Sections 3.4 and 4 of [RFC4520], the object identifier descriptors defined in this document (listed below) have been registered via the Expert Review process.
根据[RFC4520]第3.4节和第4节,本文件中定义的对象标识符描述符(如下所列)已通过专家评审流程进行注册。
Subject: Request for LDAP Descriptor Registration
Person & email address to contact for further information: See
"Author/Change Controller"
Specification: RFC 7532
Author/Change Controller: IESG (iesg@ietf.org)
Subject: Request for LDAP Descriptor Registration
Person & email address to contact for further information: See
"Author/Change Controller"
Specification: RFC 7532
Author/Change Controller: IESG (iesg@ietf.org)
Object Identifier: 1.3.6.1.4.1.31103.1.1 Descriptor (short name): fedfsUuid Usage: attribute type
对象标识符:1.3.6.1.4.1.31103.1.1描述符(简称):fedfsUuid用法:属性类型
Object Identifier: 1.3.6.1.4.1.31103.1.2 Descriptor (short name): fedfsNetAddr Usage: attribute type (historic)
对象标识符:1.3.6.1.4.1.31103.1.2描述符(简称):FEDFSNetAddress用法:属性类型(历史)
Object Identifier: 1.3.6.1.4.1.31103.1.3 Descriptor (short name): fedfsNetPort Usage: attribute type (historic)
对象标识符:1.3.6.1.4.1.31103.1.3描述符(简称):fedfsNetPort用法:属性类型(历史)
Object Identifier: 1.3.6.1.4.1.31103.1.4 Descriptor (short name): fedfsFsnUuid Usage: attribute type
对象标识符:1.3.6.1.4.1.31103.1.4描述符(简称):FEDFSFSNUID用法:属性类型
Object Identifier: 1.3.6.1.4.1.31103.1.5 Descriptor (short name): fedfsNsdbName Usage: attribute type (historic)
对象标识符:1.3.6.1.4.1.31103.1.5描述符(简称):fedfsNsdbName用法:属性类型(历史)
Object Identifier: 1.3.6.1.4.1.31103.1.6 Descriptor (short name): fedfsNsdbPort Usage: attribute type (historic)
对象标识符:1.3.6.1.4.1.31103.1.6描述符(简称):FEDFSNSDB端口用法:属性类型(历史)
Object Identifier: 1.3.6.1.4.1.31103.1.7 Descriptor (short name): fedfsNcePrefix Usage: attribute type (historic)
对象标识符:1.3.6.1.4.1.31103.1.7描述符(简称):FEDFSCENCEPREFIX用法:属性类型(历史)
Object Identifier: 1.3.6.1.4.1.31103.1.8 Descriptor (short name): fedfsFslUuid Usage: attribute type
对象标识符:1.3.6.1.4.1.31103.1.8描述符(简称):FEDFSFSLUID用法:属性类型
Object Identifier: 1.3.6.1.4.1.31103.1.9 Descriptor (short name): fedfsFslHost Usage: attribute type (historic)
对象标识符:1.3.6.1.4.1.31103.1.9描述符(简称):fedfsFslHost用法:属性类型(历史)
Object Identifier: 1.3.6.1.4.1.31103.1.10 Descriptor (short name): fedfsFslPort Usage: attribute type (historic)
对象标识符:1.3.6.1.4.1.31103.1.10描述符(简称):fedfsFslPort用法:属性类型(历史)
Object Identifier: 1.3.6.1.4.1.31103.1.11 Descriptor (short name): fedfsFslTTL Usage: attribute type (historic)
对象标识符:1.3.6.1.4.1.31103.1.11描述符(简称):fedfsFslTTL用法:属性类型(历史)
Object Identifier: 1.3.6.1.4.1.31103.1.12 Descriptor (short name): fedfsAnnotation Usage: attribute type
对象标识符:1.3.6.1.4.1.31103.1.12描述符(简称):FEDFS注释用法:属性类型
Object Identifier: 1.3.6.1.4.1.31103.1.13 Descriptor (short name): fedfsDescr Usage: attribute type
对象标识符:1.3.6.1.4.1.31103.1.13描述符(简称):fedfsDescr用法:属性类型
Object Identifier: 1.3.6.1.4.1.31103.1.14 Descriptor (short name): fedfsNceDN Usage: attribute type
对象标识符:1.3.6.1.4.1.31103.1.14描述符(简称):fedfsNceDN用法:属性类型
Object Identifier: 1.3.6.1.4.1.31103.1.15 Descriptor (short name): fedfsFsnTTL Usage: attribute type
对象标识符:1.3.6.1.4.1.31103.1.15描述符(简称):fedfsFsnTTL用法:属性类型
Object Identifier: 1.3.6.1.4.1.31103.1.100 Descriptor (short name): fedfsNfsPath Usage: attribute type (historic)
对象标识符:1.3.6.1.4.1.31103.1.100描述符(简称):fedfsNfsPath用法:属性类型(历史)
Object Identifier: 1.3.6.1.4.1.31103.1.101 Descriptor (short name): fedfsNfsMajorVer Usage: attribute type (historic)
对象标识符:1.3.6.1.4.1.31103.1.101描述符(简称):FEDFSNFSMA主要用法:属性类型(历史)
Object Identifier: 1.3.6.1.4.1.31103.1.102 Descriptor (short name): fedfsNfsMinorVer Usage: attribute type (historic)
对象标识符:1.3.6.1.4.1.31103.1.102描述符(简称):fedfsNfsMinorVer用法:属性类型(历史)
Object Identifier: 1.3.6.1.4.1.31103.1.103 Descriptor (short name): fedfsNfsCurrency Usage: attribute type
对象标识符:1.3.6.1.4.1.31103.1.103描述符(简称):fedfsNfsCurrency用法:属性类型
Object Identifier: 1.3.6.1.4.1.31103.1.104 Descriptor (short name): fedfsNfsGenFlagWritable Usage: attribute type
对象标识符:1.3.6.1.4.1.31103.1.104描述符(简称):fedfsnfsgenflagenwriteable用法:属性类型
Object Identifier: 1.3.6.1.4.1.31103.1.105 Descriptor (short name): fedfsNfsGenFlagGoing Usage: attribute type
对象标识符:1.3.6.1.4.1.31103.1.105描述符(简称):fedfsnfsgenflagging用法:属性类型
Object Identifier: 1.3.6.1.4.1.31103.1.106 Descriptor (short name): fedfsNfsGenFlagSplit Usage: attribute type
对象标识符:1.3.6.1.4.1.31103.1.106描述符(简称):fedfsnfsgenflagssplit用法:属性类型
Object Identifier: 1.3.6.1.4.1.31103.1.107 Descriptor (short name): fedfsNfsTransFlagRdma Usage: attribute type
对象标识符:1.3.6.1.4.1.31103.1.107描述符(简称):fedfsNfsTransFlagRdma用法:属性类型
Object Identifier: 1.3.6.1.4.1.31103.1.108 Descriptor (short name): fedfsNfsClassSimul Usage: attribute type
对象标识符:1.3.6.1.4.1.31103.1.108描述符(简称):fedfsNfsClassSimul用法:属性类型
Object Identifier: 1.3.6.1.4.1.31103.1.109 Descriptor (short name): fedfsNfsClassHandle Usage: attribute type
对象标识符:1.3.6.1.4.1.31103.1.109描述符(简称):fedfsNfsClassHandle用法:属性类型
Object Identifier: 1.3.6.1.4.1.31103.1.110 Descriptor (short name): fedfsNfsClassFileid Usage: attribute type
对象标识符:1.3.6.1.4.1.31103.1.110描述符(简称):FEDFSFSCLASSFILEID用法:属性类型
Object Identifier: 1.3.6.1.4.1.31103.1.111 Descriptor (short name): fedfsNfsClassWritever Usage: attribute type
对象标识符:1.3.6.1.4.1.31103.1.111描述符(简称):FEDFSFSCLASSWRITEVER用法:属性类型
Object Identifier: 1.3.6.1.4.1.31103.1.112 Descriptor (short name): fedfsNfsClassChange Usage: attribute type
对象标识符:1.3.6.1.4.1.31103.1.112描述符(简称):fedfsNfsClassChange用法:属性类型
Object Identifier: 1.3.6.1.4.1.31103.1.113 Descriptor (short name): fedfsNfsClassReaddir Usage: attribute type
对象标识符:1.3.6.1.4.1.31103.1.113描述符(简称):fedfsNfsClassReaddir用法:属性类型
Object Identifier: 1.3.6.1.4.1.31103.1.114 Descriptor (short name): fedfsNfsReadRank Usage: attribute type
对象标识符:1.3.6.1.4.1.31103.1.114描述符(简称):fedfsNfsReadRank用法:属性类型
Object Identifier: 1.3.6.1.4.1.31103.1.115 Descriptor (short name): fedfsNfsReadOrder Usage: attribute type
对象标识符:1.3.6.1.4.1.31103.1.115描述符(简称):fedfsNfsReadOrder用法:属性类型
Object Identifier: 1.3.6.1.4.1.31103.1.116 Descriptor (short name): fedfsNfsWriteRank Usage: attribute type
对象标识符:1.3.6.1.4.1.31103.1.116描述符(简称):fedfsNfsWriteRank用法:属性类型
Object Identifier: 1.3.6.1.4.1.31103.1.117 Descriptor (short name): fedfsNfsWriteOrder Usage: attribute type
对象标识符:1.3.6.1.4.1.31103.1.117描述符(简称):fedfsNfsWriteOrder用法:属性类型
Object Identifier: 1.3.6.1.4.1.31103.1.118 Descriptor (short name): fedfsNfsVarSub Usage: attribute type
对象标识符:1.3.6.1.4.1.31103.1.118描述符(简称):fedfsNfsVarSub用法:属性类型
Object Identifier: 1.3.6.1.4.1.31103.1.119 Descriptor (short name): fedfsNfsValidFor Usage: attribute type
对象标识符:1.3.6.1.4.1.31103.1.119描述符(简称):fedfsNfsValidFor用法:属性类型
Object Identifier: 1.3.6.1.4.1.31103.1.120 Descriptor (short name): fedfsNfsURI Usage: attribute type
对象标识符:1.3.6.1.4.1.31103.1.120描述符(简称):fedfsNfsURI用法:属性类型
Object Identifier: 1.3.6.1.4.1.31103.1.1001 Descriptor (short name): fedfsNsdbContainerInfo Usage: object class
对象标识符:1.3.6.1.4.1.31103.1.1001描述符(简称):FEDFSSDBContainerInfo用法:对象类
Object Identifier: 1.3.6.1.4.1.31103.1.1002 Descriptor (short name): fedfsFsn Usage: object class
对象标识符:1.3.6.1.4.1.31103.1.1002描述符(简称):fedfsFsn用法:对象类
Object Identifier: 1.3.6.1.4.1.31103.1.1003 Descriptor (short name): fedfsFsl Usage: object class
对象标识符:1.3.6.1.4.1.31103.1.1003描述符(简称):fedfsFsl用法:对象类
Object Identifier: 1.3.6.1.4.1.31103.1.1004 Descriptor (short name): fedfsNfsFsl Usage: object class
对象标识符:1.3.6.1.4.1.31103.1.1004描述符(简称):FEDFSNFSSL用法:对象类
Administrator: A user with the necessary authority to initiate administrative tasks on one or more servers.
管理员:具有在一台或多台服务器上启动管理任务所需权限的用户。
Admin Entity: A server or agent that administers a collection of fileservers and persistently stores the namespace information.
管理实体:管理文件服务器集合并持久存储名称空间信息的服务器或代理。
File-Access Client: Standard off-the-shelf, network-attached storage (NAS) client software that communicates with fileservers using a standard file-access protocol.
文件访问客户端:标准现成的网络连接存储(NAS)客户端软件,使用标准文件访问协议与文件服务器通信。
Federation: A set of fileserver collections and singleton fileservers that use a common set of interfaces and protocols in order to provide to file-access clients a federated namespace accessible through a file system access protocol.
联合:一组文件服务器集合和单例文件服务器,它们使用一组通用的接口和协议,以便为文件访问客户端提供一个通过文件系统访问协议访问的联合命名空间。
Fileserver: A server that stores physical fileset data or refers file-access clients to other fileservers. A fileserver provides access to its shared file system data via a file-access protocol.
文件服务器:存储物理文件集数据或将文件访问客户端指向其他文件服务器的服务器。文件服务器通过文件访问协议提供对其共享文件系统数据的访问。
Fileset: The abstraction of a set of files and the directory tree that contains them. A fileset is the fundamental unit of data management in the federation.
文件集:一组文件和包含它们的目录树的抽象。文件集是联合体中数据管理的基本单元。
Note that all files within a fileset are descendants of one directory and that filesets do not span file systems.
请注意,文件集中的所有文件都是一个目录的后代,并且文件集不跨文件系统。
File System: A self-contained unit of export for a fileserver and the mechanism used to implement filesets. The fileset does not need to be rooted at the root of the file system, nor at the export point for the file system.
文件系统:文件服务器的自包含导出单元,以及用于实现文件集的机制。文件集不需要在文件系统的根目录下,也不需要在文件系统的导出点上。
A single file system MAY implement more than one fileset, if the file-access protocol and the fileserver permit this.
如果文件访问协议和文件服务器允许,单个文件系统可以实现多个文件集。
File-Access Protocol: A network file system access protocol such as NFSv3 [RFC1813], NFSv4 [RFC7530], or CIFS (Common Internet File System) [MS-SMB] [MS-SMB2] [MS-CIFS].
文件访问协议:网络文件系统访问协议,如NFSv3[RFC1813]、NFSv4[RFC7530]或CIFS(通用Internet文件系统)[MS-SMB][MS-SMB2][MS-CIFS]。
FSL (Fileset Location): The location of the implementation of a fileset at a particular moment in time. An FSL MUST be something that can be translated into a protocol-specific description of a resource that a file-access client can access directly, such as an fs_locations attribute (for NFSv4) or a share name (for CIFS).
FSL(文件集位置):文件集在特定时刻的实现位置。FSL必须能够转换为文件访问客户端可以直接访问的资源的特定于协议的描述,例如fs_locations属性(对于NFSv4)或共享名(对于CIFS)。
FSN (Fileset Name): A platform-independent and globally unique name for a fileset. Two FSLs that implement replicas of the same fileset MUST have the same FSN, and if a fileset is migrated from one location to another, the FSN of that fileset MUST remain the same.
FSN(文件集名称):文件集的独立于平台且全局唯一的名称。实现相同文件集副本的两个FSL必须具有相同的FSN,如果文件集从一个位置迁移到另一个位置,则该文件集的FSN必须保持不变。
Junction: A file system object used to link a directory name in the current fileset with an object within another fileset. The server-side "link" from a leaf node in one fileset to the root of another fileset.
连接:一个文件系统对象,用于将当前文件集中的目录名链接到另一个文件集中的对象。从一个文件集中的叶节点到另一个文件集的根节点的服务器端“链接”。
Namespace: A filename/directory tree that a sufficiently authorized file-access client can observe.
名称空间:一个文件名/目录树,一个经过充分授权的文件访问客户端可以观察到它。
NSDB (Namespace Database) Service: A service that maps FSNs to FSLs. The NSDB may also be used to store other information, such as annotations for these mappings and their components.
NSDB(名称空间数据库)服务:将FSN映射到FSL的服务。NSDB还可用于存储其他信息,例如这些映射及其组件的注释。
NSDB Node: The name or location of a server that implements part of the NSDB service and is responsible for keeping track of the FSLs (and related information) that implement a given partition of the FSNs.
NSDB节点:实现部分NSDB服务并负责跟踪实现FSN给定分区的FSL(及相关信息)的服务器的名称或位置。
Referral: A server response to a file-access client access that directs the client to evaluate the current object as a reference to an object at a different location (specified by an FSL) in another fileset and possibly hosted on another fileserver. The client re-attempts the access to the object at the new location.
引用:对文件访问客户端访问的服务器响应,它指示客户端将当前对象作为对另一个文件集中不同位置(由FSL指定)的对象的引用进行评估,该位置可能位于另一个文件服务器上。客户端在新位置重新尝试访问对象。
Replica: A redundant implementation of a fileset. Each replica shares the same FSN but has a different FSL.
副本:文件集的冗余实现。每个复制副本共享相同的FSN,但具有不同的FSL。
Replicas may be used to increase availability or performance. Updates to replicas of the same fileset MUST appear to occur in the same order; therefore, each replica is self-consistent at any moment.
副本可用于提高可用性或性能。对相同文件集副本的更新必须以相同的顺序进行;因此,每个副本在任何时刻都是自一致的。
We do not assume that updates to each replica occur simultaneously. If a replica is offline or unreachable, the other replicas may be updated.
我们不假设对每个复制副本的更新同时发生。如果某个复制副本脱机或无法访问,则可能会更新其他复制副本。
Server Collection: A set of fileservers administered as a unit. A server collection may be administered with vendor-specific software.
服务器集合:作为一个单元管理的一组文件服务器。可以使用特定于供应商的软件管理服务器集合。
The namespace provided by a server collection could be part of the federated namespace.
服务器集合提供的命名空间可以是联合命名空间的一部分。
Singleton Server: A server collection containing only one server; a stand-alone fileserver.
单例服务器:仅包含一台服务器的服务器集合;独立文件服务器。
[RFC2079] Smith, M., "Definition of an X.500 Attribute Type and an Object Class to Hold Uniform Resource Identifiers (URIs)", RFC 2079, January 1997, <http://www.rfc-editor.org/info/rfc2079>.
[RFC2079]Smith,M.“X.500属性类型和用于保存统一资源标识符(URI)的对象类的定义”,RFC 2079,1997年1月<http://www.rfc-editor.org/info/rfc2079>.
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997, <http://www.rfc-editor.org/info/rfc2119>.
[RFC2119]Bradner,S.,“RFC中用于表示需求水平的关键词”,BCP 14,RFC 2119,1997年3月<http://www.rfc-editor.org/info/rfc2119>.
[RFC2203] Eisler, M., Chiu, A., and L. Ling, "RPCSEC_GSS Protocol Specification", RFC 2203, September 1997, <http://www.rfc-editor.org/info/rfc2203>.
[RFC2203]Eisler,M.,Chiu,A.,和L.Ling,“RPCSEC_GSS协议规范”,RFC 2203,1997年9月<http://www.rfc-editor.org/info/rfc2203>.
[RFC2578] McCloghrie, K., Ed., Perkins, D., Ed., and J. Schoenwaelder, Ed., "Structure of Management Information Version 2 (SMIv2)", STD 58, RFC 2578, April 1999, <http://www.rfc-editor.org/info/rfc2578>.
[RFC2578]McCloghrie,K.,Ed.,Perkins,D.,Ed.,和J.Schoenwaeld,Ed.“管理信息的结构版本2(SMIv2)”,STD 58,RFC 2578,1999年4月<http://www.rfc-editor.org/info/rfc2578>.
[RFC2743] Linn, J., "Generic Security Service Application Program Interface Version 2, Update 1", RFC 2743, January 2000, <http://www.rfc-editor.org/info/rfc2743>.
[RFC2743]Linn,J.,“通用安全服务应用程序接口版本2,更新1”,RFC 2743,2000年1月<http://www.rfc-editor.org/info/rfc2743>.
[RFC2849] Good, G., "The LDAP Data Interchange Format (LDIF) - Technical Specification", RFC 2849, June 2000, <http://www.rfc-editor.org/info/rfc2849>.
[RFC2849]Good,G.,“LDAP数据交换格式(LDIF)-技术规范”,RFC 28492000年6月<http://www.rfc-editor.org/info/rfc2849>.
[RFC3629] Yergeau, F., "UTF-8, a transformation format of ISO 10646", STD 63, RFC 3629, November 2003, <http://www.rfc-editor.org/info/rfc3629>.
[RFC3629]Yergeau,F.,“UTF-8,ISO 10646的转换格式”,STD 63,RFC 3629,2003年11月<http://www.rfc-editor.org/info/rfc3629>.
[RFC3986] Berners-Lee, T., Fielding, R., and L. Masinter, "Uniform Resource Identifier (URI): Generic Syntax", STD 66, RFC 3986, January 2005, <http://www.rfc-editor.org/info/rfc3986>.
[RFC3986]Berners Lee,T.,Fielding,R.,和L.Masinter,“统一资源标识符(URI):通用语法”,STD 66,RFC 3986,2005年1月<http://www.rfc-editor.org/info/rfc3986>.
[RFC4122] Leach, P., Mealling, M., and R. Salz, "A Universally Unique IDentifier (UUID) URN Namespace", RFC 4122, July 2005, <http://www.rfc-editor.org/info/rfc4122>.
[RFC4122]Leach,P.,Mealling,M.和R.Salz,“通用唯一标识符(UUID)URN名称空间”,RFC 4122,2005年7月<http://www.rfc-editor.org/info/rfc4122>.
[RFC4510] Zeilenga, K., Ed., "Lightweight Directory Access Protocol (LDAP): Technical Specification Road Map", RFC 4510, June 2006, <http://www.rfc-editor.org/info/rfc4510>.
[RFC4510]Zeilenga,K.,Ed.“轻量级目录访问协议(LDAP):技术规范路线图”,RFC45102006年6月<http://www.rfc-editor.org/info/rfc4510>.
[RFC4511] Sermersheim, J., Ed., "Lightweight Directory Access Protocol (LDAP): The Protocol", RFC 4511, June 2006, <http://www.rfc-editor.org/info/rfc4511>.
[RFC4511]Sermersheim,J.,Ed.,“轻量级目录访问协议(LDAP):协议”,RFC4511,2006年6月<http://www.rfc-editor.org/info/rfc4511>.
[RFC4512] Zeilenga, K., Ed., "Lightweight Directory Access Protocol (LDAP): Directory Information Models", RFC 4512, June 2006, <http://www.rfc-editor.org/info/rfc4512>.
[RFC4512]Zeilenga,K.,Ed.,“轻量级目录访问协议(LDAP):目录信息模型”,RFC4512,2006年6月<http://www.rfc-editor.org/info/rfc4512>.
[RFC4513] Harrison, R., Ed., "Lightweight Directory Access Protocol (LDAP): Authentication Methods and Security Mechanisms", RFC 4513, June 2006, <http://www.rfc-editor.org/info/rfc4513>.
[RFC4513]Harrison,R.,Ed.“轻量级目录访问协议(LDAP):身份验证方法和安全机制”,RFC4513,2006年6月<http://www.rfc-editor.org/info/rfc4513>.
[RFC4516] Smith, M., Ed. and T. Howes, "Lightweight Directory Access Protocol (LDAP): Uniform Resource Locator", RFC 4516, June 2006, <http://www.rfc-editor.org/info/rfc4516>.
[RFC4516]Smith,M.,Ed.和T.Howes,“轻量级目录访问协议(LDAP):统一资源定位器”,RFC4516,2006年6月<http://www.rfc-editor.org/info/rfc4516>.
[RFC4517] Legg, S., Ed., "Lightweight Directory Access Protocol (LDAP): Syntaxes and Matching Rules", RFC 4517, June 2006, <http://www.rfc-editor.org/info/rfc4517>.
[RFC4517]Legg,S.,Ed.,“轻量级目录访问协议(LDAP):语法和匹配规则”,RFC4517,2006年6月<http://www.rfc-editor.org/info/rfc4517>.
[RFC4519] Sciberras, A., Ed., "Lightweight Directory Access Protocol (LDAP): Schema for User Applications", RFC 4519, June 2006, <http://www.rfc-editor.org/info/rfc4519>.
[RFC4519]Sciberras,A.,Ed.,“轻量级目录访问协议(LDAP):用户应用程序模式”,RFC4519,2006年6月<http://www.rfc-editor.org/info/rfc4519>.
[RFC4520] Zeilenga, K., "Internet Assigned Numbers Authority (IANA) Considerations for the Lightweight Directory Access Protocol (LDAP)", BCP 64, RFC 4520, June 2006, <http://www.rfc-editor.org/info/rfc4520>.
[RFC4520]Zeilenga,K.,“轻量级目录访问协议(LDAP)的互联网分配号码管理局(IANA)注意事项”,BCP 64,RFC 4520,2006年6月<http://www.rfc-editor.org/info/rfc4520>.
[RFC4530] Zeilenga, K., "Lightweight Directory Access Protocol (LDAP) entryUUID Operational Attribute", RFC 4530, June 2006, <http://www.rfc-editor.org/info/rfc4530>.
[RFC4530]Zeilenga,K.,“轻量级目录访问协议(LDAP)入口UUID操作属性”,RFC4530,2006年6月<http://www.rfc-editor.org/info/rfc4530>.
[RFC5226] Narten, T. and H. Alvestrand, "Guidelines for Writing an IANA Considerations Section in RFCs", BCP 26, RFC 5226, May 2008, <http://www.rfc-editor.org/info/rfc5226>.
[RFC5226]Narten,T.和H.Alvestrand,“在RFCs中编写IANA注意事项部分的指南”,BCP 26,RFC 5226,2008年5月<http://www.rfc-editor.org/info/rfc5226>.
[RFC5234] Crocker, D., Ed. and P. Overell, "Augmented BNF for Syntax Specifications: ABNF", STD 68, RFC 5234, January 2008, <http://www.rfc-editor.org/info/rfc5234>.
[RFC5234]Crocker,D.,Ed.和P.Overell,“语法规范的扩充BNF:ABNF”,STD 68,RFC 5234,2008年1月<http://www.rfc-editor.org/info/rfc5234>.
[RFC5246] Dierks, T. and E. Rescorla, "The Transport Layer Security (TLS) Protocol Version 1.2", RFC 5246, August 2008, <http://www.rfc-editor.org/info/rfc5246>.
[RFC5246]Dierks,T.和E.Rescorla,“传输层安全(TLS)协议版本1.2”,RFC 5246,2008年8月<http://www.rfc-editor.org/info/rfc5246>.
[RFC5661] Shepler, S., Ed., Eisler, M., Ed., and D. Noveck, Ed., "Network File System (NFS) Version 4 Minor Version 1 Protocol", RFC 5661, January 2010, <http://www.rfc-editor.org/info/rfc5661>.
[RFC5661]Shepler,S.,Ed.,Eisler,M.,Ed.,和D.Noveck,Ed.,“网络文件系统(NFS)版本4次要版本1协议”,RFC 56612010年1月<http://www.rfc-editor.org/info/rfc5661>.
[RFC7530] Haynes, T., Ed. and D. Noveck, Ed., "Network File System (NFS) Version 4 Protocol", RFC 7530, March 2015, <http://www.rfc-editor.org/info/rfc7530>.
[RFC7530]Haynes,T.,Ed.和D.Noveck,Ed.,“网络文件系统(NFS)第4版协议”,RFC 7530,2015年3月<http://www.rfc-editor.org/info/rfc7530>.
[AFS] Howard, J., "An Overview of the Andrew File System", Proceedings of the USENIX Winter Technical Conference , 1988.
[AFS]Howard,J.,“Andrew文件系统概述”,USENIX Winter技术会议记录,1988年。
[MS-CIFS] Microsoft Corporation, "Common Internet File System (CIFS) Protocol Specification", MS-CIFS 24.0, May 2014.
[MS-CIFS]微软公司,“通用互联网文件系统(CIFS)协议规范”,MS-CIFS 24.0,2014年5月。
[MS-SMB] Microsoft Corporation, "Server Message Block (SMB) Protocol Specification", MS-SMB 43.0, May 2014.
[MS-SMB]微软公司,“服务器消息块(SMB)协议规范”,MS-SMB 43.0,2014年5月。
[MS-SMB2] Microsoft Corporation, "Server Message Block (SMB) Version 2 Protocol Specification", MS-SMB2 46.0, May 2014.
[MS-SMB2]微软公司,“服务器消息块(SMB)第2版协议规范”,MS-SMB2 46.0,2014年5月。
[RFC1813] Callaghan, B., Pawlowski, B., and P. Staubach, "NFS Version 3 Protocol Specification", RFC 1813, June 1995, <http://www.rfc-editor.org/info/rfc1813>.
[RFC1813]Callaghan,B.,Pawlowski,B.,和P.Staubach,“NFS版本3协议规范”,RFC 1813,1995年6月<http://www.rfc-editor.org/info/rfc1813>.
[RFC2224] Callaghan, B., "NFS URL Scheme", RFC 2224, October 1997, <http://www.rfc-editor.org/info/rfc2224>.
[RFC2224]Callaghan,B.,“NFS URL方案”,RFC 22242997年10月<http://www.rfc-editor.org/info/rfc2224>.
[RFC3254] Alvestrand, H., "Definitions for talking about directories", RFC 3254, April 2002, <http://www.rfc-editor.org/info/rfc3254>.
[RFC3254]Alvestrand,H.,“谈论目录的定义”,RFC 3254,2002年4月<http://www.rfc-editor.org/info/rfc3254>.
[RFC5662] Shepler, S., Ed., Eisler, M., Ed., and D. Noveck, Ed., "Network File System (NFS) Version 4 Minor Version 1 External Data Representation Standard (XDR) Description", RFC 5662, January 2010, <http://www.rfc-editor.org/info/rfc5662>.
[RFC5662]Shepler,S.,Ed.,Eisler,M.,Ed.,和D.Noveck,Ed.,“网络文件系统(NFS)版本4次要版本1外部数据表示标准(XDR)说明”,RFC 5662,2010年1月<http://www.rfc-editor.org/info/rfc5662>.
[RFC5716] Lentini, J., Everhart, C., Ellard, D., Tewari, R., and M. Naik, "Requirements for Federated File Systems", RFC 5716, January 2010, <http://www.rfc-editor.org/info/rfc5716>.
[RFC5716]Lentini,J.,Everhart,C.,Ellard,D.,Tewari,R.,和M.Naik,“联邦文件系统的要求”,RFC 57162010年1月<http://www.rfc-editor.org/info/rfc5716>.
[RFC6641] Everhart, C., Adamson, W., and J. Zhang, "Using DNS SRV to Specify a Global File Namespace with NFS Version 4", RFC 6641, June 2012, <http://www.rfc-editor.org/info/rfc6641>.
[RFC6641]Everhart,C.,Adamson,W.,和J.Zhang,“使用DNS SRV指定NFS版本4的全局文件命名空间”,RFC 66412012年6月<http://www.rfc-editor.org/info/rfc6641>.
[RFC7533] Lentini, J., Tewari, R., and C. Lever, Ed., "Administration Protocol for Federated File Systems", RFC 7533, March 2015, <http://www.rfc-editor.org/info/rfc7533>.
[RFC7533]Lentini,J.,Tewari,R.,和C.Lever,编辑,“联邦文件系统的管理协议”,RFC 7533,2015年3月<http://www.rfc-editor.org/info/rfc7533>.
Acknowledgments
致谢
Daniel Ellard contributed significant parts of this document.
Daniel Ellard贡献了本文件的重要部分。
The authors and editor would like to thank Craig Everhart and Manoj Naik, who were co-authors of an earlier draft version of this document. In addition, we would like to thank Andy Adamson, Paul Lemahieu, Mario Wurzl, and Robert Thurlow for helping to author this document.
作者和编辑要感谢Craig Everhart和Manoj Naik,他们是本文件早期草稿的共同作者。此外,我们还要感谢Andy Adamson、Paul Lemahieu、Mario Wurzl和Robert Thurlow帮助编写本文档。
We would like to thank George Amvrosiadis, Trond Myklebust, Howard Chu, and Nicolas Williams for their comments and review.
我们要感谢George Amvrosiadis、Trond Myklebust、Howard Chu和Nicolas Williams的评论和评论。
The editor gratefully acknowledges the IESG reviewers, whose constructive comments helped make this a much stronger document.
编辑非常感谢IESG的评论员,他们的建设性评论使本文件更为有力。
Finally, we would like to thank Andy Adamson, Rob Thurlow, and Tom Haynes for helping to get this document out the door.
最后,我们要感谢Andy Adamson、Rob Thurlow和Tom Haynes,感谢他们帮助我们将这份文件分发出去。
The extract.sh shell script and formatting conventions were first described by the authors of the NFSv4.1 XDR specification [RFC5662].
extract.sh shell脚本和格式约定首先由NFSv4.1 XDR规范[RFC5662]的作者描述。
Authors' Addresses
作者地址
James Lentini NetApp 1601 Trapelo Rd, Suite 16 Waltham, MA 02451 United States
美国马萨诸塞州沃尔瑟姆市特拉佩罗路1601号16室詹姆斯·兰蒂尼·内塔普02451
Phone: +1 781-768-5359
EMail: jlentini@netapp.com
Phone: +1 781-768-5359
EMail: jlentini@netapp.com
Renu Tewari IBM Almaden 650 Harry Rd San Jose, CA 95120 United States
Renu Tewari IBM Almaden美国加利福尼亚州圣何塞哈里路650号,邮编95120
EMail: tewarir@us.ibm.com
EMail: tewarir@us.ibm.com
Charles Lever (editor) Oracle Corporation 1015 Granger Avenue Ann Arbor, MI 48104 United States
查尔斯·利弗(编辑)美国密歇根州安阿伯格兰杰大道1015号甲骨文公司,邮编:48104
Phone: +1 248-614-5091
EMail: chuck.lever@oracle.com
Phone: +1 248-614-5091
EMail: chuck.lever@oracle.com