[BBLISA] Chucking samba

Dean Anderson dean at av8.com
Mon Apr 26 12:53:21 EDT 2010 

I've used AFS since the 1980s.  The OpenAFS Windows client is very
stable, and uses a loopback adapter, which insulates the AFS client from
changes in IP address.

I use it on a daily basis.  No crashes. Good backup capabilities.  As
others mentioned, AFS takes a significant investment in learning curve,
but its worth the investment. AFS actually pretty straightforward once
you know how all the parts fit together--there are a fair number of
parts, though.  Every other file and disk management tool merely
approaches AFS.  Once in a while some feature is improved on. E.g. the
NetApp feature of copy-on-write versioning is inspired by the AFS backup
snapshot (one copy-on-write version). The AFS team is working on
expanding this to more than one.

Its true that AFS is not as widely deployed as Active Directory, but
with a thousand+ sites with hundreds of thousands of users (but probably
not many millions), AFS is in the class of being widely deployed, but
not a dominant system. Yet.

Active Directory is based on OSF DCE, which is in turn based on what was
meant to be "AFS 4".  AFS is an ancestor of AD---Just as powerful, but
less complicated and probably more reliable.  What AFS can't do (that
DCE DFS and AD DFS can) is lock portions of a file. This makes AFS
unsuitable as a filesystem for most database systems, but AFS is just
fine for everything else. AFS can lock only the whole file. I don't
remember if SMB allows region locks or not.  I know that DCE and AD DFS
does, though.  I don't think many sites run the AD DFS, though.  And for
the most part, one doesn't want to have database files on remote
filesystems anyway.

		--Dean

On Sat, 24 Apr 2010, Toby Burress wrote:

> So at work we have several document repositories, and while most of
> our clients are Windows PCs, the servers are running nix variants,
> (Linux and BSD, mostly), so we have a bunch of Samba instances running
> at various locations.
> 
> The Windows clients are *not* joined to any domain, and we do not have
> a Windows domain controller (nor, frankly, does anyone want one).
> However, the Samba machines are in pseudo-domain mode, with a "password"
> server and an LDAP backend.  This works some of the time, but very often
> it seems like the magic that Samba uses to authenticate users does not
> work from version to version.  Right now I am struggling with a samba
> server that, though its configuration is copied from a working machine,
> behaves completely differently.
> 
> So I was thinking of ditching Samba for AFS.  It has a number of benefits
> over Samba, I think, such as the kerberos auth, the universal namespace
> (I always have users who complain that their directory was deleted from
> the server, only to find out that they're talking to the wrong server),
> and the (more) consistent ACL structure.
> 
> I have a working AFS cell, and from what I can tell the Windows client
> (OpenAFS + MIT KfW) is fairly stable.  But I haven't been testing for
> very long, and I was wondering if anyone has been here before me, and
> knows what headaches I can expect.  How does AFS tend to fail, and how
> often?  Has anyone ditched AFS for Samba (or anything else) and what
> drove you away?  Is everyone who has used AFS in production in the past
> screaming "Nnnooo!" in slow motion?  It seems like an actively developed
> technology that nonetheless is rarely used, so I'm kind of working in
> a vacuum of opinions.
> 
> Toby
> 
> _______________________________________________
> bblisa mailing list
> bblisa at bblisa.org
> http://www.bblisa.org/mailman/listinfo/bblisa
> 
> 

-- 
Av8 Internet   Prepared to pay a premium for better service?
www.av8.net         faster, more reliable, better service
617 256 5494

More information about the bblisa mailing list