 Okay, everyone again welcome to the Linux and the programming languages course, the LTS. And today we will be continuing our discussion on the Linux networking, 7 on the Linux networking. We started learning about the distributed file system, we learned about the NFS file system. We will be learning today the ASS for the Android file system, this is the second half and then we will do some comparison between the NFS and the ASS. And then finally we will look at the NIS, which is the network information system. And that will pretty much conclude the networking portion of this course. So before I start about start talking about the ASS or the Android file system, let me summarize what we discussed last time. We actually started talking about the distributed file system or remote file system. Some of the benefits of the remote file system are one is reliability. So again this goes back to like I mean not many people, not many people carrying multiple copies of the data and if you are carrying multiple copies of the data it is not like a much protection. So you need to have like that kind of a reliable mechanism. And then the second thing is like the backups are very nice and especially like I mean the backups are done in a temperature controlled humidity controlled room with the fire suppressed facilities and the time travel is nice to meaning that you can go back in time and actually capture some of the data things like that it is also like pretty nice. The second aspect of the remote file system is the sharing. It allows the multiple users to act with data but you need to provide authentication system the security becomes an issue there but in general it allows this sharing. So again that is another benefit of the remote file system. We actually talked about several key terminologies like transparent things like that. So again it all goes back to these benefits what the remote file system gives the other benefit is the scalability again buying large disks are cheaper. So centralized large data for multiple users is a good thing. Locality of reference I think again so this is one thing is we don't use all the files all the time in a single day. So why do we need to carry everything in sense of portable storage might as well have it in remote files and access only the files that we need. So again that is another big benefit of the remote file system and then finally the auditability which is essentially we can make sure we know who did or who submitted the data what they submitted when with a sample storage it is much more easier that we can get to that. So there are all these benefits this is what we talked about in the distributed system then we looked at the NFS file system before the architecture is fairly simple it is a stateless model for the server all the information about a particular files are stored in the client side the client has this NFS client application program accesses form just like it's a local file through a virtual file system the virtual file system understand whether it's a part of the local files is the unit file system or it is a remote file in this in that case it actually mounts those files as a remote file and then it communicates to the through the network to the NFS server on the server computer and then gets that data back into the application program. So from the application program it still looks at looks like a local file itself and it uses this mounting as a way to get the files. So the NFS client keeps track of what goes on where is the file all those things whereas the server side it's basically a stateless machine. So the advantage is that you can add as many times as possible till you don't lose any performance edge performance itself does not degrade by accessing. So this is all we saw basically like how the unit system file works and then how the operation happens. Let's look at the summary on NFS the so the network file system again it's basically it's a world group network file service and of the protocol and any Unix machine can become a server and it's fairly easily just easy to set up a server for the NFS on any machine the machines can be both the client as well as a server. So some files on my disk and some files on the other side and then everybody in the group can access all the files. But as we saw there are some serious trust issues some scaling problems that we saw the stateless file server model is goes only up to some point basically it's only a partial success. So now let's look at another file system which is completely different from the NFS or essentially like I mean it uses certain other concepts to build this remote file system. Let's look at that that's the Andrew file system. So again one similarity between the AFS and the NFS is that both provide transparent access to the remote shared files or Unix programs running on both stations and similar to the client server model what we saw in the NFS the AFS is also implemented as two software components that exist at the unit Unix processes they are called wise and be so let's look at the picture on this one. So here you have all the different workstations with its own Unix kernel there are some user programs it also has what is called the Venus is actually a process now in the NFS we had the NFS server as a separate file system basically so or it was actually like down here whereas the Venus is actually a process that is running on the Unix kernel just like they use a program. So and then all these programs are running and then the server side you can see the device is also a process or a program that is running on top of the Unix kernel and there are n number of files. So these programs themselves communicate and make sure that what is there in the file system is given to the user so just a simple contrast between these pictures if you look at this picture versus this picture here the NFS client was under the file system as a particular file so somehow are somewhat static you can say and then even the NFS server was also another file which is under the vocal file system again a static and how they are linked together so that is why let me use all these the NFS protocol itself to link these files whereas in a and the file system actually the Venus and the whites are programs that are being executed so they are processes so and then the program actually the user program from the case through this process to get to the various file systems and get the data back to the program that is running so in the Andrew Andrew file system case the files are available to the user processes running on the workstations are either local or shared so and the local files are handled as the normal you solve they are stored in the workstations this itself and are available only to the local user processes the shared files are stored on servers and copies of them are cached in local this so again it allows that up the caching mechanism the namespace seen by the user process that we will show in the next picture so again in this one you can see that actually when you have the shared one they are actually shown as symbolic links between the those files and that is how it knows that okay that is the remote file so the Unix kernel in each of the workstation and server is a modified version of the DSD Unix which is the Birkin systems and essentially the modifications are designed to intercept the file commands which is essentially the open and the close and some other file system commands as well and when they refer to this shared memory and then pass them to the venous process in the client computer so essentially like I mean the venous intercepts these submit to the wise and then that wise process is the venous of the client computer get the information and then submit back to the the process that is looking for this so here a quick setup basically like I mean in the picture of the system call interception itself so here the user program calls it generates a Unix file system call goes into the Unix kernel it knows that actually it is not the local dispatches but it's actually a remote file access so those non-local file operations are sent to venous which actually captures that then communicates to wise and then goes to the server and then gets that information brings it back to the user simple user program so let's look at this process in little bit detail so here the user process is open and we know this command the open file name on the more once the user process initiates this command the Unix actually has this code which is the if the file name refers to the file in this the shared file space has the request to venous otherwise let's open the local file and return the file to the user process and so the result of this operation will be a description so now let's look at what happens when this file system or the file that is filing that is requesting is not in the local file but it's actually a shared file so now it the request is sent to venous the venous actually checklist of files in the local cache if it is not present or there is no valid callback promise send the request of the file to the wise server that is the custodian of the volume containing this file so and if it finds that file to either a callback from the wise or otherwise basically the if it is in the local cache or there is a callback promise then the place the copy of the file in the local file system enter its name in the local cache list and return the local name back to the unit so it goes back the internal and then look back now when the venous makes a call to wise essentially wise reads this call and says okay I have the file in my past system so I will transfer that file and the callback promise to the workstation which is requesting this log that callback promise and then basically exist at that point so once that file gets transferred back then this is basically like the copies in the local cache so that now it can be served so now let's look at read pointer essentially so for reading a file descriptor the buffer and the length this is not an issue basically now does not go to venous otherwise because the venous already placed or the yeah the venous already placed that file in the unique system as a local file in the cache so now the read operation is just reading that it's a normal operation like this normal read operation on a localized file system now if it is a right operation now again it does not go into the venous otherwise but it just does the operation in the local file system itself the local copy now the interesting thing is when you close that particular file when you close the file it closes the local copy and it also notifies the venous that the file has been closed so that's when now the venous will pick in and then essentially looks for the local copy is changed if it is changed then that it will send that copy to the why server and why server now puts it in its file system it replaces the file content and send the callback to all the clients that are holding that that file that callback promise saying that okay this file is modified now you need to modify your local cache file so you can think of this system basically the venous the network and the why as processes running monitoring what is going on in the file and communicating back and forth then the files change or if some other venous process is requesting a file it passes that file so think of there are two systems here one is the user process and user tunnel the other one is the venous and the why for systems so and then they both have a shared local cache essentially you know here the shared memory is actually situated in why you can think of them as updating local cache that essentially like I mean that's your area where both of these processes can gain access to so that may be a better way to understand how the whole thing works in the contrasting with the NFS would have seen that actually the processes are pretty much the same the file systems themselves have a separate basically so the there is a localized file system and then there is a remote file system and basically like the common link is through the mounting and unmounting so now let's look at some more some more important components of the the wife service interface so this is basically like the server side essentially like an option what is shown here so there is a fetch command which returns an attribute and the data for a given file ID so this essentially like I mean returns the attribute and also it records any all back promises on that particular file from that the centralized files so back to the plant back to the venous program the second command is the store file ID attribute data this updates the attributes essentially and and the contents of a specific this is what the venous will give the command once there is a closed file it basically like then sends the store command to the the the vice to make sure that the contents are updated then there is another command called create that returns a file ID this creates a new file and records a callback promise on it and then sends this file ID to the requesting process the remove file ID removes a specified file and then we have set lock file ID with mode this sets the lock on the specified file and the mode of the lock may be shared or exclusive the lock that are not removed will expire after 30 minutes and release lock again with the file ID unlocks the specified file of the directory and remove callback for a file ID also informs the server that the venous process has flushed a file from the cache and break callback file ID this is made by the the vice server to the venous process it cancels a callback promise 111 file so in summary the ASS is a worldwide file system so if you look at the structure here the servers hold this file system here and you can pretty much um any any other files that are there it's mirrored under that this particular file system so you can almost think of this as a worldwide file system so NFS maybe like one per network here the ASS is just it's just only one that is needed and also like since all these callbacks and all of them are tagged and basically like all the file management is done internally it is it has a very good security as well as good scaling and as you see basically the names themselves they don't have to polite basically it's actually it's a global namespace essentially because the files themselves are copied back and forth into various clients as a management so again you can think of this as basically like the server still keeps track of the state of the overall network at all times so this is not a stable server as we have seen in the NFS file system and it's a professional server infrastructure per cell so essentially like I mean you you have to be trained on this so you cannot just set it up just like the NFS where any unit server can be set up as or any unit client can be set up as a server there's only like about 190 ASS between 2005 and 2011 the eight are in CMU and 15 are in Facebook again in this one again it's a no right conflict essentially like I mean kind of that is a protocol that is implied because one and one particular client checks out a file the others may not get the right access this is only like a partial success because now you have like there is a time lag between then the server updates the file and then it communicates to all the clients to also like change the file so there are still some issues in with respect to how we can create the file and model the file so the key differences between the AFS and NFS essentially with NFS the different clients can mount the same file system in different places whereas AFS is just one system for the entire planet so again this goes back to the basic differences basically like client every client sees the file system as its own unique file system in a NFS environment truly by replicating the file mount points whereas in an AFS system the centralized server stores all the files and basically the processes themselves communicate to the centralized server in order to gather those files so that's one of the key differences between the NFS and AFS and unlike NFS the NFS actually uses the ETC file systems as a mount point and this is where there is a map between the local directory name and the remote file system the AFS does all the mapping at the server so this is a tremendous advantage this whole tremendous advantage of making the served file space in patient completely independent so everything is controlled by the server for the clients have seldom any anything to do with that anything to do with changing the namespace so there is no like namespace collision and also the this file space location is also completely independent because the server is the one that controls where the particular goes in where the particular file goes into so you can actually move it around and still you won't see any issues because the server still has the mapping of where the files are whereas in an NFS which is the next one basically form the when you change a file essentially the in an NFS essentially you need to change the ETC file systems file on the 20 clients even if you are taking like just taking the slash home offline or while you moved it between the servers with the AFS you have to just simply move the AFS volume which constitutes the slash home between the servers you do this online while the others are actively using file and without no disruption to their work because the changing whatever you are doing you are going to send a callback notice to the those those clients we are the wise and the Venus to just change the the notification basically so in fact when you are changing a file you don't even have to notify the the why server because in their access form to either close the file or open a new file in that particular directory the mapping is already in place in the server to go to that particular direction and then the regarding the security AFS is far more secure than NFS it uses this special authentication called Kerberos we talked about this Kerberos briefly in the last lecture I just wanted to give you some more detail some of you may already know about Kerberos Kerberos actually provides a centralized authentication server to authenticate users to service and service to users and this relies on the conventional encryption and it does not make use of the public key encryption so there are some additional things basically like there are some other encryption services that it uses so the basic idea behind Kerberos is essentially there is a server where you send the so the as a client or a user the user data is sent to that server which keeps track of which users are authorized to use that particular request so and then it sends back the authentication information so once you receive the authentication with that certificate you can go into a server or for a given service and while you are doing that even the server is also authenticated by the same server by the same Kerberos process which says that okay that server is authenticated to actually now receive your service request and deliver the service so the server gets the same thing so this is what you see like I mean in most of the websites when they say basically like okay the certificate is now expired but you want to redo the certificate essentially like I mean the certificate is the authentication provided by the Kerberos server so with that we conclude the distributed file systems now let's look at the network information system which is essentially an application of all the things that we talked about which is both the DSS DNS everything put together so a network information system provides a generic database access facilities such as password and groups files to all the hosts in a given network so that the network will appear as a single system with the same account on all the hosts so you login from any of the hosts so today like when you have a machine and you're logging in as yourself in that machine tomorrow you go into your friend's office and you try to log in as your with your authentication information what if the computer doesn't let you access and it happens different since all the computers are connected in the same network don't you think that that also needs to take in your information and give you the access I think that's what the NIS provides so it basically distributes the host name information from flash ETC pose to all the machines on them so from for a given user the client everything including the network and all the networked access points everything appears as a single network so it doesn't matter whether it's a subnet of a subnet of a subnet and all the subjects are grouped together the NIS provides a single access or uniform access across this network the network information structure is based on remote procedure calls this we saw already it comprises a server a client-side library and several administrative tools originally the NIS was started by Sun as yellow pages system so it used to be called yellow pages but then British Telecom had exclusively exclusive rights on this term yellow pages so Sun had discontinued the usage of the yellow pages so then they named it as so that's the origin of the network information system but the yp is still there in lot of the commands such as yp serve yp buying etc these are the basic commands for building a network information system so the NIS supports replication with the slave source we thought that basically that's what it does and essentially like any the changes in master server need to be pushed using yp push man to the slaves and it uses the Berkeley database for passing we saw the very first thing is essentially it's a database based system for authenticating password and the group files and each file might be translated into multiple network information system so this is using the ETC password so you can have like password by name password by user ID things like that so various forms of authentication information can be provided so now let's look at how to set up an NIS server so essentially like I mean we use these the most yum install yp serve then we provide a yp domain name like yp domain name nx is better then we start the yp serve process which is in the fashctc slash init dot d and if you want to set up a master process then we say basically yp unit dash m and for the slaves we say basically it's a ip init dash s and provide master some IP address then we essentially like read from the yp.config essentially like I mean that's where we set it up as this domain so this is what is the outcome essentially the yp.con where we set up this domain Linux is better and basically like I mean now you have the the the configuration defined now you can actually start the process which is using the yp bind command and we just say basically why to bind start and then starts the overall process so the yp serve start essentially starts the NIS server domain and even when you view the master command that will prompt you to add the slave command and control D is to end and then finally the the NIS clan dimmin itself is started by the yp bind command and this needs to be run both in the server side as well as the client and then to verify we use the the ps-a ux w which is essentially like we want to make sure that the yp processes are running and then yp which is another command yp cat yp servers essentially and then why we get password and why we get group so these are all essentially commands to get the information regarding the NIS system I would like you to actually use some of these commands in your workstation and see what is the result and also you can also type in man for each of these commands essentially the yp which yp cat etc to find out more information on how these commands work and to run the NIS server automatically the slash etc slash sysconfig slash network needs to be updated with the NIS domain so basically just before the NIS domain equal to the domain name and then the you give these commands check config yp serve on check config yp bind so again you need to set up the might be serve do the binding and then essentially like if you want to do like other services to be offered so for example the yp password is one of them which is you can do the check config like the password make that also on so that you can give the users to do these commands and yp chsh is also like another one that is a change shell command if you want to provide the users with that facility then you can basically turn on that feature also so now the other thing is how do you think data between the master and the slave in my servers so from the server we can just provide the yp transfer command with the mapping from the server side sorry from the slave side we just provide the yp transfer command and from the server side we do the yp push command we already saw this yp push essentially push this information back to the all the slaves so any new map changes are pushed through these two commands either from the slaves to the server or servers to the slave and some sites use their back-end databases and make nis servers fetch the data from this central source so we have a some back-end database is already defined and then it basically like nis servers fetch the data from this post essentially like they use some prong job to do this one for example this is a transfer 12 per day which is basically every other hour basically transfers that or they can use a prong job which is transfer yp transfer one per day one per hour which is every hour it transfers that so here essentially like I mean this is just a sequence of command that you can try it in your machines which is set up the yp domain name called linux.ease.better and then essentially you configure the look for the the config file which is yp.config and then you basically do the yp find start then the nis to the each of these lines the password and the group essentially and then use the various commands to debug which is the yp which yp cat password and then try to log in into a user account and then this is the something that we thought basically like how to run it automatically and then to change the password on the nis server it's the yp password command similar to password so this essentially changes the password across all the plan so that that is through that yp transfer process it pushes into this service and then to change the login shell in the nis server it is a change shell command with yp in front so this actually concludes the topic for today I think we will begin the programming classes the next one so today in the server in the linux networking class we saw two items one is the android file system we now know what is an android file system and how to contrast between the android file system and the nfs that we learned in the last class and then also we learned about nis how to set up nis and also like what are the key points about nis and why do we need again thank you very much for attending and thank you see you in the next class thanks hello sir yeah hey okay so done with the class right sir yeah so today it was only like about 40 minutes right around 41 minutes okay okay so let me send you the slides by the day in today here like within 4 to 5 hours okay so starting the whole basis right sir yeah okay I will send it sir by the way like while sending that particular thing I am sending my contact number to you also okay okay so like if anything like you can just call me and this just put me a mutate sure sure and you know what even next class let's start at 10 30 when we can plan same thing right now we will go with like the Wednesday and Sunday