Discussion:
the future
(too old to reply)
Ted Creedon
2012-09-28 18:21:11 UTC
Permalink
Its clear to me that the skill set needed to improve AFS is moving on.

My only concern is dealing with vulture capitalists, buyouts and more
financial quicksand.

The reluctance of the major users to fund a mission critical file system
like AFS is yet another example of corporate spread sheet management
stupidity.

I'd turn the file servers off for a day so so to simulate what the world
would be like w/o AFS.

Perhaps on a triple witching day..

Ted

If you can self fund YFS and I hope you make out as well as Linus.
Troy Benjegerdes
2012-09-29 03:33:10 UTC
Permalink
The key here seems to be marketing, and getting inside the head of
the spread sheet managers (or just modifying their spreadsheets).

What do they like? New things, so they can impress their peers
because they got the scoop on some amazing new technology?

If we dust off some old AFS code and paint up with YFS, TFS, and
WTFS (What The Foo is this File Stuff) logos, and have ourselves
a nice horserace all the spreadsheet guys can take bets on, what
might happen?

How about at the next DEFCON hacker convention we organize a demo
of a real-time AFS protocol encryption cracker and file-server spoofer?
I expect this would have all the impact of turning off your servers but
conveniently providing someone else to blame. Spreadsheet pushers like
to play blame games, you know.
Post by Ted Creedon
Its clear to me that the skill set needed to improve AFS is moving on.
My only concern is dealing with vulture capitalists, buyouts and more
financial quicksand.
The reluctance of the major users to fund a mission critical file system
like AFS is yet another example of corporate spread sheet management
stupidity.
I'd turn the file servers off for a day so so to simulate what the world
would be like w/o AFS.
Perhaps on a triple witching day..
Ted
If you can self fund YFS and I hope you make out as well as Linus.
Jason Edgecombe
2012-09-29 14:13:58 UTC
Permalink
Post by Troy Benjegerdes
If we dust off some old AFS code and paint up with YFS, TFS, and
WTFS (What The Foo is this File Stuff) logos, and have ourselves
a nice horserace all the spreadsheet guys can take bets on, what
might happen?
As I understand, YFS, Inc. is taking this approach.
Post by Troy Benjegerdes
How about at the next DEFCON hacker convention we organize a demo
of a real-time AFS protocol encryption cracker and file-server spoofer?
I expect this would have all the impact of turning off your servers but
conveniently providing someone else to blame. Spreadsheet pushers like
to play blame games, you know.
Manager/Security: "What do you mean that the bloody protocol is
compromised and we can't fix it?! How much to get off of this crap right
now?"

Much backlash. That would just make AFS fail.

I doubt that we would win any customers by deliberately exposing them to
security, regulatory, or legal problems.

Jason
Troy Benjegerdes
2012-09-30 03:52:43 UTC
Permalink
Post by Jason Edgecombe
Post by Troy Benjegerdes
If we dust off some old AFS code and paint up with YFS, TFS, and
WTFS (What The Foo is this File Stuff) logos, and have ourselves
a nice horserace all the spreadsheet guys can take bets on, what
might happen?
As I understand, YFS, Inc. is taking this approach.
Post by Troy Benjegerdes
How about at the next DEFCON hacker convention we organize a demo
of a real-time AFS protocol encryption cracker and file-server spoofer?
I expect this would have all the impact of turning off your servers but
conveniently providing someone else to blame. Spreadsheet pushers like
to play blame games, you know.
Manager/Security: "What do you mean that the bloody protocol is
compromised and we can't fix it?! How much to get off of this crap
right now?"
Much backlash. That would just make AFS fail.
I doubt that we would win any customers by deliberately exposing
them to security, regulatory, or legal problems.
Someone else commented about 'nuking bridges', and demoing an
encryption cracker without tested replacement code would be more
like nuking all the bridges from orbit, which is why I haven't
seriously considered it.

Now, here's the thing though... Look at the competition.. iCloud,
amazon S3, google drive. THOSE are protocols that are broken.
Spreadsheet guys don't understand protocols, or why they are
important.

At least with AFS we have a solid protocol, and (I think) an
accepted path forward (rxgk), and all that is lacking is *paying
someone to write the code*

If the support vendors have good PR people, the response to the
manager will be "Here, we have a new upgrade to sell you, that will
be $X, and here are our pen test reports showing how easy it is to
hack everything else because the only protocol that actually addresses
the threat is AFS"

On my more cynical days, I think the only way to actually make money
in today's current software/hardware business is to abuse your customers
with licenses, upgrade treadmills, and FUD.
Aaron Knister
2012-09-30 05:43:05 UTC
Permalink
Post by Troy Benjegerdes
Post by Jason Edgecombe
Post by Troy Benjegerdes
If we dust off some old AFS code and paint up with YFS, TFS, and
WTFS (What The Foo is this File Stuff) logos, and have ourselves
a nice horserace all the spreadsheet guys can take bets on, what
might happen?
As I understand, YFS, Inc. is taking this approach.
Post by Troy Benjegerdes
How about at the next DEFCON hacker convention we organize a demo
of a real-time AFS protocol encryption cracker and file-server spoofer?
I expect this would have all the impact of turning off your servers but
conveniently providing someone else to blame. Spreadsheet pushers like
to play blame games, you know.
Manager/Security: "What do you mean that the bloody protocol is
compromised and we can't fix it?! How much to get off of this crap
right now?"
Much backlash. That would just make AFS fail.
I doubt that we would win any customers by deliberately exposing
them to security, regulatory, or legal problems.
Someone else commented about 'nuking bridges', and demoing an
encryption cracker without tested replacement code would be more
like nuking all the bridges from orbit, which is why I haven't
seriously considered it.
Now, here's the thing though... Look at the competition.. iCloud,
amazon S3, google drive. THOSE are protocols that are broken.
Spreadsheet guys don't understand protocols, or why they are
important.
At least with AFS we have a solid protocol, and (I think) an
accepted path forward (rxgk), and all that is lacking is *paying
someone to write the code*
If the support vendors have good PR people, the response to the
manager will be "Here, we have a new upgrade to sell you, that will
be $X, and here are our pen test reports showing how easy it is to
hack everything else because the only protocol that actually addresses
the threat is AFS"
On my more cynical days, I think the only way to actually make money
in today's current software/hardware business is to abuse your customers
with licenses, upgrade treadmills, and FUD.
*cough*Oracle*cough*
Post by Troy Benjegerdes
_______________________________________________
OpenAFS-info mailing list
https://lists.openafs.org/mailman/listinfo/openafs-info
Ted Creedon
2012-09-30 09:49:08 UTC
Permalink
I didn't mean an unauthorized shutdown.

How about taking a AFS wide survey using a aklog token driven one time pop
up explaining that AFS is not being updated according to industry standards
and that it needs substantial financial support.

Most users are charged for computer support one way or another. AFS needs
to be included just like Microsoft license fees.

I.e. is there any way to get the users fired up?
Post by Jason Edgecombe
Post by Troy Benjegerdes
If we dust off some old AFS code and paint up with YFS, TFS, and
WTFS (What The Foo is this File Stuff) logos, and have ourselves
a nice horserace all the spreadsheet guys can take bets on, what
might happen?
As I understand, YFS, Inc. is taking this approach.
How about at the next DEFCON hacker convention we organize a demo
Post by Troy Benjegerdes
of a real-time AFS protocol encryption cracker and file-server spoofer?
I expect this would have all the impact of turning off your servers but
conveniently providing someone else to blame. Spreadsheet pushers like
to play blame games, you know.
Manager/Security: "What do you mean that the bloody protocol is
compromised and we can't fix it?! How much to get off of this crap right
now?"
Much backlash. That would just make AFS fail.
I doubt that we would win any customers by deliberately exposing them to
security, regulatory, or legal problems.
Jason
Troy Benjegerdes
2012-09-30 15:41:17 UTC
Permalink
Post by Ted Creedon
How about taking a AFS wide survey using a aklog token driven one time pop
up explaining that AFS is not being updated according to industry standards
and that it needs substantial financial support.
Most users are charged for computer support one way or another. AFS needs
to be included just like Microsoft license fees.
I.e. is there any way to get the users fired up?
I like this. But I think for this to work we need a simple URL like
'http://openafs.org/donate' that that shows up in the command line aklog
client, and on a clickable link in the GUI client.

Currently http://static.usenix.org/about/openafs/ is the only 'donate to
OpenAFS' link I can find, but that requires cutting a check. The landing
page for donations needs to accept PayPal, Amazon payments, Dwolla, and
Bitcoin, as well as form to click saying 'My organization uses openafs,
please contact __________ who has purchasing authority'

I think it would look better to have a full OpenAFS foundation with clear
governance, but for the moment, all that is needed is some consensus to
set up a 'donate' landing page on OpenAFS.org, and someone to set up the
payment arrangements so checks get regularly cut to the address on the
Usenix association page.

If there is a consensus to go ahead with this, I would be willing to offer
to handle the Dwolla and Bitcoin 'instant donate' links. I can beat whatever
percentage Amazon and Paypal take and still make it worth my time, and I'll
include the others because it makes for wider audience for contributions.

If there is not a consensus to go ahead with this within a month or two,
I'm going to (at whatever glacial pace I feel like it) release TFS version(s)
for Linux, Android, and MacOS that have such a link and donate pages.
Ted Creedon
2012-09-30 17:52:51 UTC
Permalink
My intent was to foment a user uprising resulting in pressure on the .edu &
.com level administrators to provide funding from established budgets. More
of a corporate funding than individual contributions.

Perhaps a cc to the local spreadsheet managers would get the user needs
better communicated.

I.e. you can't aklog one time only until you fill out the poll, send it in
w/cc to local financial folks.

Tedc
Post by Ted Creedon
Post by Ted Creedon
How about taking a AFS wide survey using a aklog token driven one time
pop
Post by Ted Creedon
up explaining that AFS is not being updated according to industry
standards
Post by Ted Creedon
and that it needs substantial financial support.
Most users are charged for computer support one way or another. AFS needs
to be included just like Microsoft license fees.
I.e. is there any way to get the users fired up?
I like this. But I think for this to work we need a simple URL like
'http://openafs.org/donate' that that shows up in the command line aklog
client, and on a clickable link in the GUI client.
Currently http://static.usenix.org/about/openafs/ is the only 'donate to
OpenAFS' link I can find, but that requires cutting a check. The landing
page for donations needs to accept PayPal, Amazon payments, Dwolla, and
Bitcoin, as well as form to click saying 'My organization uses openafs,
please contact __________ who has purchasing authority'
I think it would look better to have a full OpenAFS foundation with clear
governance, but for the moment, all that is needed is some consensus to
set up a 'donate' landing page on OpenAFS.org, and someone to set up the
payment arrangements so checks get regularly cut to the address on the
Usenix association page.
If there is a consensus to go ahead with this, I would be willing to offer
to handle the Dwolla and Bitcoin 'instant donate' links. I can beat whatever
percentage Amazon and Paypal take and still make it worth my time, and I'll
include the others because it makes for wider audience for contributions.
If there is not a consensus to go ahead with this within a month or two,
I'm going to (at whatever glacial pace I feel like it) release TFS version(s)
for Linux, Android, and MacOS that have such a link and donate pages.
Troy Benjegerdes
2012-09-30 19:10:23 UTC
Permalink
I would hope that the donation link would be a more subtle, and equally
effective incentive. If edu CIO's start getting emails from professors
asking "Why is this software we depend on asking for donations", maybe
they'd start looking at their overhead budgets. But that overhead money
will come from somewhere else.. We better have a story on the donation
landing page on how much AFS saves vs the 'storage appliance' and 'cloud'
models that are all the rage among CIOs.

How about a landing page with a survey of "What excessive IT spend would
you cut in your organization and redirect to AFS?".

One-time deals (on linux) that require interaction will blow up all kinds
of automated tools and leave the rank and file admins your enemy.

How do you pop up a dialog when aklog is called via the GDM/KDM login via
pam_aklog, for instance?
Post by Ted Creedon
My intent was to foment a user uprising resulting in pressure on the .edu &
.com level administrators to provide funding from established budgets. More
of a corporate funding than individual contributions.
Perhaps a cc to the local spreadsheet managers would get the user needs
better communicated.
I.e. you can't aklog one time only until you fill out the poll, send it in
w/cc to local financial folks.
Tedc
Post by Ted Creedon
Post by Ted Creedon
How about taking a AFS wide survey using a aklog token driven one time
pop
Post by Ted Creedon
up explaining that AFS is not being updated according to industry
standards
Post by Ted Creedon
and that it needs substantial financial support.
Most users are charged for computer support one way or another. AFS needs
to be included just like Microsoft license fees.
I.e. is there any way to get the users fired up?
I like this. But I think for this to work we need a simple URL like
'http://openafs.org/donate' that that shows up in the command line aklog
client, and on a clickable link in the GUI client.
Currently http://static.usenix.org/about/openafs/ is the only 'donate to
OpenAFS' link I can find, but that requires cutting a check. The landing
page for donations needs to accept PayPal, Amazon payments, Dwolla, and
Bitcoin, as well as form to click saying 'My organization uses openafs,
please contact __________ who has purchasing authority'
I think it would look better to have a full OpenAFS foundation with clear
governance, but for the moment, all that is needed is some consensus to
set up a 'donate' landing page on OpenAFS.org, and someone to set up the
payment arrangements so checks get regularly cut to the address on the
Usenix association page.
If there is a consensus to go ahead with this, I would be willing to offer
to handle the Dwolla and Bitcoin 'instant donate' links. I can beat whatever
percentage Amazon and Paypal take and still make it worth my time, and I'll
include the others because it makes for wider audience for contributions.
If there is not a consensus to go ahead with this within a month or two,
I'm going to (at whatever glacial pace I feel like it) release TFS version(s)
for Linux, Android, and MacOS that have such a link and donate pages.
Troy Benjegerdes
2012-09-30 19:33:07 UTC
Permalink
How about this:

src/aklog$ LD_LIBRARY_PATH=../../lib ./aklog
This software is free software, and depends on your ongoing support
Please consider a donation to http://openafs.org/Donate
src/tfs/src/aklog$ LD_LIBRARY_PATH=../../lib ./aklog -nonag
src/tfs/src/aklog$

After doing this, I realized I need to add this message to 'tokens'
as well.

Would the developers accept a patch to add this to at least 'aklog'
and 'tokens' ?
Post by Troy Benjegerdes
I would hope that the donation link would be a more subtle, and equally
effective incentive. If edu CIO's start getting emails from professors
asking "Why is this software we depend on asking for donations", maybe
they'd start looking at their overhead budgets. But that overhead money
will come from somewhere else.. We better have a story on the donation
landing page on how much AFS saves vs the 'storage appliance' and 'cloud'
models that are all the rage among CIOs.
How about a landing page with a survey of "What excessive IT spend would
you cut in your organization and redirect to AFS?".
One-time deals (on linux) that require interaction will blow up all kinds
of automated tools and leave the rank and file admins your enemy.
How do you pop up a dialog when aklog is called via the GDM/KDM login via
pam_aklog, for instance?
Post by Ted Creedon
My intent was to foment a user uprising resulting in pressure on the .edu &
.com level administrators to provide funding from established budgets. More
of a corporate funding than individual contributions.
Perhaps a cc to the local spreadsheet managers would get the user needs
better communicated.
I.e. you can't aklog one time only until you fill out the poll, send it in
w/cc to local financial folks.
Tedc
Post by Ted Creedon
Post by Ted Creedon
How about taking a AFS wide survey using a aklog token driven one time
pop
Post by Ted Creedon
up explaining that AFS is not being updated according to industry
standards
Post by Ted Creedon
and that it needs substantial financial support.
Most users are charged for computer support one way or another. AFS needs
to be included just like Microsoft license fees.
I.e. is there any way to get the users fired up?
I like this. But I think for this to work we need a simple URL like
'http://openafs.org/donate' that that shows up in the command line aklog
client, and on a clickable link in the GUI client.
Currently http://static.usenix.org/about/openafs/ is the only 'donate to
OpenAFS' link I can find, but that requires cutting a check. The landing
page for donations needs to accept PayPal, Amazon payments, Dwolla, and
Bitcoin, as well as form to click saying 'My organization uses openafs,
please contact __________ who has purchasing authority'
I think it would look better to have a full OpenAFS foundation with clear
governance, but for the moment, all that is needed is some consensus to
set up a 'donate' landing page on OpenAFS.org, and someone to set up the
payment arrangements so checks get regularly cut to the address on the
Usenix association page.
If there is a consensus to go ahead with this, I would be willing to offer
to handle the Dwolla and Bitcoin 'instant donate' links. I can beat whatever
percentage Amazon and Paypal take and still make it worth my time, and I'll
include the others because it makes for wider audience for contributions.
If there is not a consensus to go ahead with this within a month or two,
I'm going to (at whatever glacial pace I feel like it) release TFS version(s)
for Linux, Android, and MacOS that have such a link and donate pages.
_______________________________________________
OpenAFS-info mailing list
https://lists.openafs.org/mailman/listinfo/openafs-info
Aaron Knister
2012-09-30 20:33:02 UTC
Permalink
Hi Troy,

I admire your energy and desire to support openafs but I think this approach would create a lot of angry people. If we deployed this at the university for which I used to work we would have a mob of angry users. We'd end up modifying the source to remove it.

Regarding support, some type of subscription based model could go a long way. One if the reasons (other than frankly ignorance) that OpenAFS was frowned upon at UMBC was our lack of commercial support. I know there are entities that provide support but they seemed to require more effort than clicking a button, selecting my subscription type (X number of FileServers, Y number of "supported" clients, Z number of vldb servers, etc), and typing in a credit card number

OpenAFS is the best general purpose, distributed filesystem I've ever used and I would *love* to see it make a rising and ale the industry by storm. I can dream, can't I?

Sent from my iPhone
Post by Troy Benjegerdes
src/aklog$ LD_LIBRARY_PATH=../../lib ./aklog
This software is free software, and depends on your ongoing support
Please consider a donation to http://openafs.org/Donate
src/tfs/src/aklog$ LD_LIBRARY_PATH=../../lib ./aklog -nonag
src/tfs/src/aklog$
After doing this, I realized I need to add this message to 'tokens'
as well.
Would the developers accept a patch to add this to at least 'aklog'
and 'tokens' ?
Post by Troy Benjegerdes
I would hope that the donation link would be a more subtle, and equally
effective incentive. If edu CIO's start getting emails from professors
asking "Why is this software we depend on asking for donations", maybe
they'd start looking at their overhead budgets. But that overhead money
will come from somewhere else.. We better have a story on the donation
landing page on how much AFS saves vs the 'storage appliance' and 'cloud'
models that are all the rage among CIOs.
How about a landing page with a survey of "What excessive IT spend would
you cut in your organization and redirect to AFS?".
One-time deals (on linux) that require interaction will blow up all kinds
of automated tools and leave the rank and file admins your enemy.
How do you pop up a dialog when aklog is called via the GDM/KDM login via
pam_aklog, for instance?
Post by Ted Creedon
My intent was to foment a user uprising resulting in pressure on the .edu &
.com level administrators to provide funding from established budgets. More
of a corporate funding than individual contributions.
Perhaps a cc to the local spreadsheet managers would get the user needs
better communicated.
I.e. you can't aklog one time only until you fill out the poll, send it in
w/cc to local financial folks.
Tedc
Post by Ted Creedon
Post by Ted Creedon
How about taking a AFS wide survey using a aklog token driven one time
pop
Post by Ted Creedon
up explaining that AFS is not being updated according to industry
standards
Post by Ted Creedon
and that it needs substantial financial support.
Most users are charged for computer support one way or another. AFS needs
to be included just like Microsoft license fees.
I.e. is there any way to get the users fired up?
I like this. But I think for this to work we need a simple URL like
'http://openafs.org/donate' that that shows up in the command line aklog
client, and on a clickable link in the GUI client.
Currently http://static.usenix.org/about/openafs/ is the only 'donate to
OpenAFS' link I can find, but that requires cutting a check. The landing
page for donations needs to accept PayPal, Amazon payments, Dwolla, and
Bitcoin, as well as form to click saying 'My organization uses openafs,
please contact __________ who has purchasing authority'
I think it would look better to have a full OpenAFS foundation with clear
governance, but for the moment, all that is needed is some consensus to
set up a 'donate' landing page on OpenAFS.org, and someone to set up the
payment arrangements so checks get regularly cut to the address on the
Usenix association page.
If there is a consensus to go ahead with this, I would be willing to offer
to handle the Dwolla and Bitcoin 'instant donate' links. I can beat whatever
percentage Amazon and Paypal take and still make it worth my time, and I'll
include the others because it makes for wider audience for contributions.
If there is not a consensus to go ahead with this within a month or two,
I'm going to (at whatever glacial pace I feel like it) release TFS version(s)
for Linux, Android, and MacOS that have such a link and donate pages.
_______________________________________________
OpenAFS-info mailing list
https://lists.openafs.org/mailman/listinfo/openafs-info
_______________________________________________
OpenAFS-info mailing list
https://lists.openafs.org/mailman/listinfo/openafs-info
Jeffrey Altman
2012-10-02 00:57:25 UTC
Permalink
Post by Aaron Knister
Regarding support, some type of subscription based model could go a long way. One if the reasons (other than frankly ignorance) that OpenAFS was frowned upon at UMBC was our lack of commercial support. I know there are entities that provide support but they seemed to require more effort than clicking a button, selecting my subscription type (X number of FileServers, Y number of "supported" clients, Z number of vldb servers, etc), and typing in a credit card number
I have always received a significant amount of pushback for any pricing
model that is based upon # of servers and especially # of clients. That
is why the YFSI pricing model is based upon number a number of support
incidents. It doesn't matter how many platforms you deploy or how many
servers or number of clients, support is driven by how much support the
organization requires and whether support is U.S. business hours monday
to friday or 24/7/365.

Support packages start at US$4995 per year.

Jeffrey Altman
Ted Creedon
2012-10-02 01:12:20 UTC
Permalink
Is it available unsupported?

tedc
Post by Aaron Knister
Post by Aaron Knister
Regarding support, some type of subscription based model could go a long
way. One if the reasons (other than frankly ignorance) that OpenAFS was
frowned upon at UMBC was our lack of commercial support. I know there are
entities that provide support but they seemed to require more effort than
clicking a button, selecting my subscription type (X number of FileServers,
Y number of "supported" clients, Z number of vldb servers, etc), and typing
in a credit card number
I have always received a significant amount of pushback for any pricing
model that is based upon # of servers and especially # of clients. That
is why the YFSI pricing model is based upon number a number of support
incidents. It doesn't matter how many platforms you deploy or how many
servers or number of clients, support is driven by how much support the
organization requires and whether support is U.S. business hours monday
to friday or 24/7/365.
Support packages start at US$4995 per year.
Jeffrey Altman
Jeffrey Altman
2012-10-02 01:56:02 UTC
Permalink
Ted:

Is OpenAFS available unsupported? Sure, download the code from
openafs.org and have a blast.

Pricing for YFS 1.0 has not been finalized. It will not be available
for free.

Jeffrey Altman
Post by Ted Creedon
Is it available unsupported?
tedc
On Mon, Oct 1, 2012 at 5:57 PM, Jeffrey Altman
Post by Aaron Knister
Regarding support, some type of subscription based model could go
a long way. One if the reasons (other than frankly ignorance) that
OpenAFS was frowned upon at UMBC was our lack of commercial support.
I know there are entities that provide support but they seemed to
require more effort than clicking a button, selecting my
subscription type (X number of FileServers, Y number of "supported"
clients, Z number of vldb servers, etc), and typing in a credit card
number
I have always received a significant amount of pushback for any pricing
model that is based upon # of servers and especially # of clients. That
is why the YFSI pricing model is based upon number a number of support
incidents. It doesn't matter how many platforms you deploy or how many
servers or number of clients, support is driven by how much support the
organization requires and whether support is U.S. business hours monday
to friday or 24/7/365.
Support packages start at US$4995 per year.
Jeffrey Altman
Troy Benjegerdes
2012-10-02 04:12:08 UTC
Permalink
Have you thought about what you can offer to SMB (small-medium businesses)

For instance, you charge $3.99 for the iYFS iDevice app.

What could you offer for $20/month? Would you let a third party resell
iYFS to the SMB market, as long as you are getting the standard yearly
incident support rate from the reseller?
Post by Jeffrey Altman
Is OpenAFS available unsupported? Sure, download the code from
openafs.org and have a blast.
Pricing for YFS 1.0 has not been finalized. It will not be available
for free.
Jeffrey Altman
Post by Ted Creedon
Is it available unsupported?
tedc
On Mon, Oct 1, 2012 at 5:57 PM, Jeffrey Altman
Post by Aaron Knister
Regarding support, some type of subscription based model could go
a long way. One if the reasons (other than frankly ignorance) that
OpenAFS was frowned upon at UMBC was our lack of commercial support.
I know there are entities that provide support but they seemed to
require more effort than clicking a button, selecting my
subscription type (X number of FileServers, Y number of "supported"
clients, Z number of vldb servers, etc), and typing in a credit card
number
I have always received a significant amount of pushback for any pricing
model that is based upon # of servers and especially # of clients. That
is why the YFSI pricing model is based upon number a number of support
incidents. It doesn't matter how many platforms you deploy or how many
servers or number of clients, support is driven by how much support the
organization requires and whether support is U.S. business hours monday
to friday or 24/7/365.
Support packages start at US$4995 per year.
Jeffrey Altman
Jeffrey Altman
2012-10-02 04:27:31 UTC
Permalink
Post by Troy Benjegerdes
Have you thought about what you can offer to SMB (small-medium businesses)
For instance, you charge $3.99 for the iYFS iDevice app.
What could you offer for $20/month? Would you let a third party resell
iYFS to the SMB market, as long as you are getting the standard yearly
incident support rate from the reseller?
There is a rule in place within the New York Tech Meetup community.
Questions about business models are off limits for the mailing lists and
the demo days. Its a good rule because no one is going to provide
answers to business model questions and asking simply creates a awkward
rejection.

I'm not going to discuss our business model. Pricing and product
availability will be announced when we believe it is appropriate to do so.

Jeffrey Altman
Russ Allbery
2012-10-02 04:41:52 UTC
Permalink
Post by Jeffrey Altman
Post by Troy Benjegerdes
Have you thought about what you can offer to SMB (small-medium businesses)
For instance, you charge $3.99 for the iYFS iDevice app.
What could you offer for $20/month? Would you let a third party resell
iYFS to the SMB market, as long as you are getting the standard yearly
incident support rate from the reseller?
There is a rule in place within the New York Tech Meetup community.
Questions about business models are off limits for the mailing lists and
the demo days. Its a good rule because no one is going to provide
answers to business model questions and asking simply creates a awkward
rejection.
I think that it would be appropriate to discuss the business model of any
sort of foundation or non-profit, where the organization is responsible to
the community. That's one of the fundamental differences between private
for-profits and public not-for-profits; indeed, it's what makes them
private and public.

Some degree of speculation about the total amount of money available in
the community or about the donations of private organizations to various
costs is probably appropriate (even unavoidable). I think the line is
somewhere between talking about the total funding required to implement
something like rxgk and asking Sine Nomine what their business model is
for doing AFS development, and the latter is really a conversation that
one would have privately with Sine Nomine (if at all).

Part of the problem with discussing business models is that everyone seems
to have an opinion, but the business models of private companies are
usually driven largely by their contracts with their customers, and those
often involve private contracts that neither party is interested in
discussing in public. So a lot of the discussion happens without all the
necessary information and isn't very useful, and it involves people who
really have no say, and it's tricky to work around the confidential
information. (As opposed to a public non-profit, where by definition the
general public *does* have a say.)
--
Russ Allbery (***@stanford.edu) <http://www.eyrie.org/~eagle/>
Hoskins, Matthew E.
2012-10-02 01:33:33 UTC
Permalink
Are the pricing plans and coverage documented somewhere we can show the
people who write checks?

http://www.your-file-system.com doesnt seem to have a lot of info
Post by Aaron Knister
Post by Aaron Knister
Regarding support, some type of subscription based model could go a long
way. One if the reasons (other than frankly ignorance) that OpenAFS was
frowned upon at UMBC was our lack of commercial support. I know there are
entities that provide support but they seemed to require more effort than
clicking a button, selecting my subscription type (X number of FileServers,
Y number of "supported" clients, Z number of vldb servers, etc), and typing
in a credit card number
I have always received a significant amount of pushback for any pricing
model that is based upon # of servers and especially # of clients. That
is why the YFSI pricing model is based upon number a number of support
incidents. It doesn't matter how many platforms you deploy or how many
servers or number of clients, support is driven by how much support the
organization requires and whether support is U.S. business hours monday
to friday or 24/7/365.
Support packages start at US$4995 per year.
Jeffrey Altman
Jonathan Billings
2012-09-30 23:36:55 UTC
Permalink
Post by Troy Benjegerdes
src/aklog$ LD_LIBRARY_PATH=../../lib ./aklog
This software is free software, and depends on your ongoing support
Please consider a donation to http://openafs.org/Donate
src/tfs/src/aklog$ LD_LIBRARY_PATH=../../lib ./aklog -nonag
src/tfs/src/aklog$
I can tell you right now that I'd probably patch the source to remove
this in our environment. It would break so much stuff, and just
further prove to my management that AFS is on its way out, since now I
have to maintain local patches.

--
Jonathan Billings <***@umich.edu>
College of Engineering - CAEN - Unix and Linux Support
Troy Benjegerdes
2012-10-01 04:40:24 UTC
Permalink
How much would you pay per month to be listed on the 'donate' landing
page as an OpenAFS supporter, and have access to nag-free binaries?

As a comparison, what is your college monthly spend on RHEL? How
do we, as a community of developers, make a case to your management
that the value provided by AFS is of the same order of magnitude as
a RHEL subscription (**or** the staff time for maintaining CentOS),
and make the same order of magnitude contribution to OpenAFS.

I think in-kind donation of staff time and machines for testing new
releases would be an excellent way to make non-monetary contributions.
Post by Jonathan Billings
Post by Troy Benjegerdes
src/aklog$ LD_LIBRARY_PATH=../../lib ./aklog
This software is free software, and depends on your ongoing support
Please consider a donation to http://openafs.org/Donate
src/tfs/src/aklog$ LD_LIBRARY_PATH=../../lib ./aklog -nonag
src/tfs/src/aklog$
I can tell you right now that I'd probably patch the source to remove
this in our environment. It would break so much stuff, and just
further prove to my management that AFS is on its way out, since now I
have to maintain local patches.
--
College of Engineering - CAEN - Unix and Linux Support
_______________________________________________
OpenAFS-info mailing list
https://lists.openafs.org/mailman/listinfo/openafs-info
Gary Gatling
2012-09-30 19:34:47 UTC
Permalink
Could government or corporate grants be a way to raise funding for
development of new features or programmers in openafs? Especially since
openafs is open source software and everyone benefits? I'm sorry if this is
a stupid question...

I'm not sure what our high level management here would think about paying
for afs. I just work on running some afs servers. I think we used to pay
money back in the day when it was transarc/ibm afs...
Jeffrey Altman
2012-10-02 03:31:52 UTC
Permalink
Post by Gary Gatling
Could government or corporate grants be a way to raise funding for
development of new features or programmers in openafs? Especially since
openafs is open source software and everyone benefits? I'm sorry if this
is a stupid question...
Gary,

Its not a stupid question. YFSI did receive U.S. Government SBIR grant
funding. Such funding is required to be used for the establishment of a
commercial product but is insufficient by itself to bring a product to
market.

Corporate grants are nearly impossible to obtain for software
development. There is no justification for using the granting process
when software development contract payments are 100% deductible as a
business expense. Software development contracts are not hard to
obtain when the cost is below $10,000. Unfortunately, there are very
few software development projects that can be accomplished in two or
three developer weeks.

Using rxgk as an example. The original draft of the security class was
imported into the OpenAFS source tree in August 2004. An effort was
made in 2005 to move ahead with it but as reported to Troy on the
openafs-devel list in May 2006, there were significant numbers of bugs
in 1.4.0 release that had to be fixed for 1.4.1. The volunteer cycles
to work on rxgk was lost to that effort.

In January 2007 an "rxgk" specific week long hackathon was held at
Stockholm University. Significant progress was made in scoping out the
protocol requirements, the operational deployment requirements, and the
paths for upgrading from rxkad to rxgk. The second draft implementation
of rxgk was created during this hackathon and committed to Arla.
However, there was no functional code nor was there a complete protocol
specification.

The YFS rxgk implementation and protocol specification is a third design
which differs in significant ways from the outcome of the Stockholm
University hackathon. The differences are the result of in-depth
protocol review and implementation experience. Creating the rxgk
security class itself was the smallest part of the work. The bigger
challenge is the integration of rxgk into the source tree. In order to
accomplish it all services must be converted to pthreads since there is
no LWP GSS-API implementation. References to rxkad had to be isolated.
The rx security class interfaces had to be turned into opaques. New
credential management interfaces had to be developed. Library
management had to be converted to libtool. The DES crypto
implementation was replaced by an RFC3961 Crypto Framework derived from
a refactored Heimdal. Many other things as well. The vast majority of
this is work is already upstream but the point I am trying to make is
that the commitment to implementing rxgk was a commitment to writing an
open ended check.

Opened ended checks are required for many OpenAFS projects. The Windows
native redirector is perfect example. The proof of concept
implementation was $280,000. The first production version shipped as
1.7.1 required well over $1 million. The next major revision will
probably cost another $500,000.

Most of the OpenAFS feature enhancements that are desired require
substantial open ended commitments. Corporate development contracts and
open ended research and development are simply not a good match.

Jeffrey Altman
Lars Schimmer
2012-09-30 21:38:10 UTC
Permalink
Post by Troy Benjegerdes
One-time deals (on linux) that require interaction will blow up all kinds
of automated tools and leave the rank and file admins your enemy.
Easy, user do call admins angry and stupid. And Admins change OpenAFS to
NFS/SMB/or anything else, which is free and easy to deploy.
Nearly everything is free, functional and already included.
Why hassle with more work, incompatible licenses and all the user support?

MfG,
Lars Schimmer
--
-------------------------------------------------------------
TU Graz, Institut für ComputerGraphik & WissensVisualisierung
Tel: +43 316 873-5405 E-Mail: ***@cgv.tugraz.at
Fax: +43 316 873-5402 PGP-Key-ID: 0x4A9B1723
Troy Benjegerdes
2012-10-01 04:48:31 UTC
Permalink
Post by Lars Schimmer
Post by Troy Benjegerdes
One-time deals (on linux) that require interaction will blow up all kinds
of automated tools and leave the rank and file admins your enemy.
Easy, user do call admins angry and stupid. And Admins change OpenAFS to
NFS/SMB/or anything else, which is free and easy to deploy.
Nearly everything is free, functional and already included.
Why hassle with more work, incompatible licenses and all the user support?
Having migrated from NFSv3 to AFS (and then OpenAFS), I'd have to say that
NFS may be free, but it doesn't really fall into the 'functional' category.
But this was several years ago, so there might have been some magic that
happened with NFS I haven't seen yet.

Can anyone who has experience migrating to/from OpenAFS from/to anything
else in the last 2-3 years please comment? If there's really something
free, functional, and already included then I'd like to know what the
heck it is.
Lars Schimmer
2012-10-01 05:55:36 UTC
Permalink
Post by Troy Benjegerdes
Post by Lars Schimmer
Post by Troy Benjegerdes
One-time deals (on linux) that require interaction will blow up
all kinds of automated tools and leave the rank and file admins
your enemy.
Easy, user do call admins angry and stupid. And Admins change
OpenAFS to NFS/SMB/or anything else, which is free and easy to
deploy. Nearly everything is free, functional and already
included. Why hassle with more work, incompatible licenses and
all the user support?
Having migrated from NFSv3 to AFS (and then OpenAFS), I'd have to
say that NFS may be free, but it doesn't really fall into the
'functional' category. But this was several years ago, so there
might have been some magic that happened with NFS I haven't seen
yet.
Can anyone who has experience migrating to/from OpenAFS from/to
anything else in the last 2-3 years please comment? If there's
really something free, functional, and already included then I'd
like to know what the heck it is.
Just buy a NetApp storage, everything for windows roaming is included
and simple and easy.
No need to hassle with extra fileservers, extra admin work, extra
bugs, extra "loose of function" like alternate datastreams,...
Life can be easy.
On the other side, why pay for OpenAFS in kind of licenses, support,
admin hour,... if you already got everything you need in the storage
device?
And why pay if it is open source? Life isn´t as easy as this at all...

(and yeah, IF you go big and have a datacenter, you already HAVE these
storages, everything else would be a horrible nightmare. But small
groups like ours here with 10 people usual do not have/need OpenAFS,
so that discussion is nonesense at all. If you are a small group, you
have something easy and simple like NFS or SMB which cost no extra
support, if you are big, you have the storage with everything
included. Where goes OpenAFS?)


MfG,
Lars Schimmer
- --
- -------------------------------------------------------------
TU Graz, Institut für ComputerGraphik & WissensVisualisierung
Tel: +43 316 873-5405 E-Mail: ***@cgv.tugraz.at
Fax: +43 316 873-5402 PGP-Key-ID: 0x4A9B1723
Troy Benjegerdes
2012-10-01 06:34:13 UTC
Permalink
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Post by Troy Benjegerdes
Post by Lars Schimmer
Post by Troy Benjegerdes
One-time deals (on linux) that require interaction will blow up
all kinds of automated tools and leave the rank and file admins
your enemy.
Easy, user do call admins angry and stupid. And Admins change
OpenAFS to NFS/SMB/or anything else, which is free and easy to
deploy. Nearly everything is free, functional and already
included. Why hassle with more work, incompatible licenses and
all the user support?
Having migrated from NFSv3 to AFS (and then OpenAFS), I'd have to
say that NFS may be free, but it doesn't really fall into the
'functional' category. But this was several years ago, so there
might have been some magic that happened with NFS I haven't seen
yet.
Can anyone who has experience migrating to/from OpenAFS from/to
anything else in the last 2-3 years please comment? If there's
really something free, functional, and already included then I'd
like to know what the heck it is.
Just buy a NetApp storage, everything for windows roaming is included
and simple and easy.
No need to hassle with extra fileservers, extra admin work, extra
bugs, extra "loose of function" like alternate datastreams,...
Life can be easy.
On the other side, why pay for OpenAFS in kind of licenses, support,
admin hour,... if you already got everything you need in the storage
device?
And why pay if it is open source? Life isn?t as easy as this at all...
(and yeah, IF you go big and have a datacenter, you already HAVE these
storages, everything else would be a horrible nightmare. But small
groups like ours here with 10 people usual do not have/need OpenAFS,
so that discussion is nonesense at all. If you are a small group, you
have something easy and simple like NFS or SMB which cost no extra
support, if you are big, you have the storage with everything
included. Where goes OpenAFS?)
Because you don't expose your internal group NFS/SMB share to collaborators
in another timezone, and central IT policy won't let you expose the Netapp.

AFS is the only thing besides GPFS (also from IBM) that I have ever heard
of someone talking seriously about cross-site/cross-continent file sharing.
(Okay, I did a remote mount of PVFS over 6000 miles, but that was an SC
demo stunt)

If you actually want to *share* it, AFS is the way to go. I think if we
are trying to 'keep' admins and small groups that don't understand the
value of sharing, it would be better if they *did* migrate to a department
nfs/smb (un)share and unshare themselves into irrelevance.

If admins and CIO's don't understand the value of having a filesystem
that just politely *asks* for a donation, and get irate at some additional
text in aklog & tokens output, then I think we all might be better served
if they choose a solution like Google drive that's simple, easy, free, and
then feeds you ads and mines your data for you too. Then YFS can buy some
google ads and get them back as paying customers when the figure out what
they are missing.
Lars Schimmer
2012-10-01 06:53:57 UTC
Permalink
Post by Troy Benjegerdes
Because you don't expose your internal group NFS/SMB share to
collaborators in another timezone, and central IT policy won't let
you expose the Netapp.
Thats what a VPN at network borders do already.
Post by Troy Benjegerdes
AFS is the only thing besides GPFS (also from IBM) that I have ever
heard of someone talking seriously about cross-site/cross-continent
file sharing. (Okay, I did a remote mount of PVFS over 6000 miles,
but that was an SC demo stunt)
With current setup and security system, no one expose their data open
to the net, everyone need VPN. If VPN is setup, why prefer OpenAFS
over other solutions?
I do know a lot of groups which do sendout pre-configured CISCO PIX to
home-office workers and remote-support folks, just to have them setup
secure.
Post by Troy Benjegerdes
If you actually want to *share* it, AFS is the way to go. I think
if we are trying to 'keep' admins and small groups that don't
understand the value of sharing, it would be better if they *did*
migrate to a department nfs/smb (un)share and unshare themselves
into irrelevance.
You do not see the reality out in the wild. OpenAFS is nice, but
unsecure. No compnay with "real important data" liek VW, BOEING,..
will run OpenAFS open to the world. Access would always be behind a
VPN, if at all.
Small groups with 1-20 people do have enough other problems like no
money, no admin, no support crew. If at all, a half-time admin is
available. Mostly only external payed-by-hour support.
These underpayed folks should learn, setup and manage OpenAFS for just
1-20 people setup? If they already know howto run SMB/NFS? Who does
pay these extra amounts of work just for the very very small benefit
of OpenAFS?
Post by Troy Benjegerdes
If admins and CIO's don't understand the value of having a
filesystem that just politely *asks* for a donation, and get irate
at some additional text in aklog & tokens output, then I think we
all might be better served if they choose a solution like Google
drive that's simple, easy, free, and then feeds you ads and mines
your data for you too. Then YFS can buy some google ads and get
them back as paying customers when the figure out what they are
missing.
Politely asking is NOT asking on aklog. Thats something which is
accepted the first 2,3 times. Afterwards it is asked to get removed
very, very fast.
Admins and CIO do need to provide something cheap working which does
not stops people from working. And in current situation, OpenAFS is
not the answer. Sorry.
And asking on every aklog is like SPAM mails. Sort out very very fast.

And as written x times in this thread: as long as OpenAFS does not
provide any benefit ahead of other filesystem worth that cost, no one
will pay. Really. Every group has nothing to spent, no money to give
away for free.
Why should a group like mine (10 people) with ~5.000 euro a YEAR for
hard/software costs available spent money for OpenAFS if NFS/SMB is
free of cost and easier to manage/setup and OpenAFS just does not give
us any benefit?

MfG,
Lars Schimmer
- --
- -------------------------------------------------------------
TU Graz, Institut für ComputerGraphik & WissensVisualisierung
Tel: +43 316 873-5405 E-Mail: ***@cgv.tugraz.at
Fax: +43 316 873-5402 PGP-Key-ID: 0x4A9B1723
Booker Bense
2012-10-01 14:58:13 UTC
Permalink
Post by Troy Benjegerdes
Having migrated from NFSv3 to AFS (and then OpenAFS), I'd have to say that
NFS may be free, but it doesn't really fall into the 'functional' category.
But this was several years ago, so there might have been some magic that
happened with NFS I haven't seen yet.
Can anyone who has experience migrating to/from OpenAFS from/to anything
else in the last 2-3 years please comment? If there's really something
free, functional, and already included then I'd like to know what the
heck it is.
There is nothing that does everything AFS does that I am aware of. But
most of the
things AFS does that others don't do are not "user visible" features,
but features
that make it easier to administrate and run.

There is also the question of whether you need the things AFS does.
For a small group
in which you trust root on every machine, AFS can easily be replaced
by NFS. ( v3 or v4
depending on your level of paranoia ).

For larger sites, there is really nothing that comes close, but the
underlying cost drivers
that make AFS a functional solution are going away. In particular the
need for a shared
executable repository, local disk is cheap and software install is a
much more solved problem
than it used to be.

AFS is acceptable at sharing read-only data if you don't need high
bandwidth, but hopeless as a read/write source for large
scale computing.

Secure shared home directories is the last hope of AFS and NFS V4
mostly does that but in
a more painful way ( but also supported by vendors... )

- Booker C. Bense
Booker Bense
2012-10-01 15:57:54 UTC
Permalink
I want vos move, does NFSv4 do that ? :)
I think if you spend $$$$$$ on a NetAPP box, you might get that.
However, I am aware of
no open source/freeware solution that does vos move, ( or at least
none that does it as
seamlessly as OpenAFS).

- Booker C. Bense
Hoskins, Matthew E.
2012-10-01 16:36:49 UTC
Permalink
NetApp's "vol move" and "vfiler migrate". We primarily use AFS vos move
for FS balancing and evacuation in prep for maintenance. Since netapps
can be maintained non-disruptively, keeping them scaled small so they can
be evacuated easily is not a design constraint. Therefore, our netapps
have 200+ TB of storage which eliminates most of the data movement we would
typically do with AFS to avoid maint downtime.
Its a different world/different philosophy. Netapp can also serves a
volume to NFS and CIFS simultaneously, supports Krb5 and AD...Snapshots,
dedupe, compression, But i digress.
Post by Booker Bense
I want vos move, does NFSv4 do that ? :)
I think if you spend $$$$$$ on a NetAPP box, you might get that.
However, I am aware of
no open source/freeware solution that does vos move, ( or at least
none that does it as
seamlessly as OpenAFS).
- Booker C. Bense
_______________________________________________
OpenAFS-info mailing list
https://lists.openafs.org/mailman/listinfo/openafs-info
Dyer, Rodney
2012-10-01 19:28:43 UTC
Permalink
NetApp's strength is actually its problem, and that is it doesn't actually exist to the client, it is completely invisible. Windows sees it as a normal Windows CIFS share. 'nix sees it as NFS. The problem is that this is point-to-point file sharing. AFS allows global namespace, and the client does the volume lookup to find the server for the "path" required. This is true "distribution", not point-to-point.

If you setup Microsoft's AD "dfs" with NetApp filers, you might come close to "emulating" what AFS does, but it won't be pretty, and as far as I know 'nix is out of the question in that setup.

I would personally rather be allowed to distribute my server load, than to point thousands of clients at single filer heads. Of course networking is much better now than it was 10 years ago, but single point of failure is still an important consideration. We have server rooms in each of our major campus buildings. If networking goes down in one building, the others don't completely lose access to AFS. This is mainly read-only data, but users are also distributed where possible. The rule of thumb should be always to keep network traffic local where possible, and only expand where necessary. This is actually the opposite model of the internet cloudy file repositories like DropBox.

Maybe I'm just too old, and in a world where 10 Gb networking is everywhere locality no longer matters.

Rodney

Rodney Dyer
Operations and Systems (Specialist)
Mosaic Computing Group
William States Lee College of Engineering
University of North Carolina at Charlotte


From: openafs-info-***@openafs.org [mailto:openafs-info-***@openafs.org] On Behalf Of Hoskins, Matthew E.
Sent: Monday, October 01, 2012 12:37 PM
To: Booker Bense
Cc: Glenn Bjorcken; openafs-***@openafs.org
Subject: Re: [OpenAFS] the future

NetApp's "vol move" and "vfiler migrate". We primarily use AFS vos move for FS balancing and evacuation in prep for maintenance. Since netapps can be maintained non-disruptively, keeping them scaled small so they can be evacuated easily is not a design constraint. Therefore, our netapps have 200+ TB of storage which eliminates most of the data movement we would typically do with AFS to avoid maint downtime.
Its a different world/different philosophy. Netapp can also serves a volume to NFS and CIFS simultaneously, supports Krb5 and AD...Snapshots, dedupe, compression, But i digress.
I want vos move, does NFSv4 do that ? :)
I think if you spend $$$$$$ on a NetAPP box, you might get that.
However, I am aware of
no open source/freeware solution that does vos move, ( or at least
none that does it as
seamlessly as OpenAFS).

- Booker C. Bense
Jeffrey Altman
2012-10-02 02:18:44 UTC
Permalink
NetApp’s strength is actually its problem, and that is it doesn’t
actually exist to the client, it is completely invisible. Windows sees
it as a normal Windows CIFS share. ‘nix sees it as NFS. The problem is
that this is point-to-point file sharing. AFS allows global namespace,
and the client does the volume lookup to find the server for the “path”
required. This is true “distribution”, not point-to-point.
If you setup Microsoft’s AD “dfs” with NetApp filers, you might come
close to “emulating” what AFS does, but it won’t be pretty, and as far
as I know ‘nix is out of the question in that setup.
At the SNIA 2012 Storage Developers Conference Linux SMB 2.1 support was
demonstrated. This support is in kernel and provides Linux the same
level of SMB protocol support as Windows 7. I don't know if the SMB
module is capable of per user GSS-API authentication but if it is, SMB
can be used as an alternative to NFS when communicating with a NetApp
server.

NetApp filers are still extremely expensive storage devices. Microsoft
Windows Storage Server 2012 can be used to provide a much less expensive
storage solution providing cluster failover for database and hypervisor
applications. Of course, many large enterprises already own NetApp
filers and feel obligated to use them for as many services as possible
in order to justify the cost.

Jeffrey Altman
Troy Benjegerdes
2012-10-02 03:45:05 UTC
Permalink
Locality, and latency to the server still matters.

Let's imagine we are 5 years from now, and there are at least 3 branded AFS derivatives, and vendors touting 'AFS appliance' capability, and 'the cloud' has been replaced by 'the filesystem'. As in, some derivative of the Andrew filesystem.

When the meteorology department is approaches deadlines for climate conference papers, and everyone there is throwing terabytes of datafiles into and out of 'the filesystem', everyone else on campus is going to be very happy they have isolated servers, and the only complaints about performance will be from the poor students taking a weather course for graduation requirements.

Dropbox would melt down and explode in bankruptcy from bandwidth charges if 10Gb networking was actually *everywhere*. Their model works, for the moment, because Dropbox has 10Gb firehoses, and all their users drink from teensy consumer class straws. They can take their time filling buckets with the firehose and let the users drain it out slow.

AFS might have a chance of handling this, because of the design.
Post by Dyer, Rodney
NetApp's strength is actually its problem, and that is it doesn't actually exist to the client, it is completely invisible. Windows sees it as a normal Windows CIFS share. 'nix sees it as NFS. The problem is that this is point-to-point file sharing. AFS allows global namespace, and the client does the volume lookup to find the server for the "path" required. This is true "distribution", not point-to-point.
If you setup Microsoft's AD "dfs" with NetApp filers, you might come close to "emulating" what AFS does, but it won't be pretty, and as far as I know 'nix is out of the question in that setup.
I would personally rather be allowed to distribute my server load, than to point thousands of clients at single filer heads. Of course networking is much better now than it was 10 years ago, but single point of failure is still an important consideration. We have server rooms in each of our major campus buildings. If networking goes down in one building, the others don't completely lose access to AFS. This is mainly read-only data, but users are also distributed where possible. The rule of thumb should be always to keep network traffic local where possible, and only expand where necessary. This is actually the opposite model of the internet cloudy file repositories like DropBox.
Maybe I'm just too old, and in a world where 10 Gb networking is everywhere locality no longer matters.
Rodney
Rodney Dyer
Operations and Systems (Specialist)
Mosaic Computing Group
William States Lee College of Engineering
University of North Carolina at Charlotte
Sent: Monday, October 01, 2012 12:37 PM
To: Booker Bense
Subject: Re: [OpenAFS] the future
NetApp's "vol move" and "vfiler migrate". We primarily use AFS vos move for FS balancing and evacuation in prep for maintenance. Since netapps can be maintained non-disruptively, keeping them scaled small so they can be evacuated easily is not a design constraint. Therefore, our netapps have 200+ TB of storage which eliminates most of the data movement we would typically do with AFS to avoid maint downtime.
Its a different world/different philosophy. Netapp can also serves a volume to NFS and CIFS simultaneously, supports Krb5 and AD...Snapshots, dedupe, compression, But i digress.
I want vos move, does NFSv4 do that ? :)
I think if you spend $$$$$$ on a NetAPP box, you might get that.
However, I am aware of
no open source/freeware solution that does vos move, ( or at least
none that does it as
seamlessly as OpenAFS).
- Booker C. Bense
_______________________________________________
OpenAFS-info mailing list
https://lists.openafs.org/mailman/listinfo/openafs-info
Måns Nilsson
2012-10-03 20:31:25 UTC
Permalink
Post by Dyer, Rodney
Maybe I'm just too old, and in a world where 10 Gb networking is everywhere locality no longer matters.
RTT to offsite file servers has not improved with fatter links. Caching
helps a lot. For some things.
--
MÃ¥ns Nilsson primary/secondary/besserwisser/machina
MN-1334-RIPE +46 705 989668
... I want to perform cranial activities with Tuesday Weld!!
Glenn Bjorcken
2012-10-01 15:44:54 UTC
Permalink
Post by Booker Bense
Secure shared home directories is the last hope of AFS and NFS V4
mostly does that but in
a more painful way ( but also supported by vendors... )
I want vos move, does NFSv4 do that ? :)
--
___
/ __\ __ | UNIX System administrator at |
__ / /__ / /__ ____ ____ __ | ICT / KTH Kista |
(__/ /_ // / -_) _ ) _ )__) | Email «» ***@kth.se |
\___//_/\__/_//_/_//_/ | Phone «» +46 8 790 4228 |

"Where the russian heart is strong, like the beating of a drum,
Where the magic lingers on and the fight for truth is won..
Deep in the European soul.."
Jeffrey Altman
2012-10-02 02:09:05 UTC
Permalink
Post by Troy Benjegerdes
Post by Lars Schimmer
Post by Troy Benjegerdes
One-time deals (on linux) that require interaction will blow up all kinds
of automated tools and leave the rank and file admins your enemy.
Easy, user do call admins angry and stupid. And Admins change OpenAFS to
NFS/SMB/or anything else, which is free and easy to deploy.
Nearly everything is free, functional and already included.
Why hassle with more work, incompatible licenses and all the user support?
Having migrated from NFSv3 to AFS (and then OpenAFS), I'd have to say that
NFS may be free, but it doesn't really fall into the 'functional' category.
But this was several years ago, so there might have been some magic that
happened with NFS I haven't seen yet.
Can anyone who has experience migrating to/from OpenAFS from/to anything
else in the last 2-3 years please comment? If there's really something
free, functional, and already included then I'd like to know what the
heck it is.
I will remind the community of OpenEFS <http://www.openefs.org/> which
was developed specifically to permit a large financial institution to
use NFSv3 for global software distribution via a firm-wide name space.
While it is true that AFS3 provides a large amount of administrator
functionality in the box that is not present in competing products, that
doesn't prevent organizations from spending money to replicate that
functionality at a higher layer.

Jeffrey Altman
Steven Jenkins
2012-10-02 02:39:19 UTC
Permalink
On Mon, Oct 1, 2012 at 10:09 PM, Jeffrey Altman <
***@your-file-system.com> wrote:
...
Post by Jeffrey Altman
Post by Troy Benjegerdes
Can anyone who has experience migrating to/from OpenAFS from/to anything
else in the last 2-3 years please comment? If there's really something
free, functional, and already included then I'd like to know what the
heck it is.
I will remind the community of OpenEFS <http://www.openefs.org/> which
was developed specifically to permit a large financial institution to
use NFSv3 for global software distribution via a firm-wide name space.
While it is true that AFS3 provides a large amount of administrator
functionality in the box that is not present in competing products, that
doesn't prevent organizations from spending money to replicate that
functionality at a higher layer.
Some further notes on OpenEFS: the original version was written to sit on
top of AFS. A rewrite at a different financial institution was done on top
of NFS, and that product became OpenEFS. Some preliminary work by the
original author (ie, not me) has been done to make OpenEFS run on top of
OpenAFS, but that is incomplete at this time (cf the openafs branch of
efs-core). If people are interested in seeing OpenEFS support OpenAFS,
they should contact the OpenEFS developers (disclaimer: I'm one of the
OpenEFS developers, but right now, the NFS-based version is the priority,
at least for my employer).

Thanks,
Steven
Phillip Moore
2012-10-02 16:32:50 UTC
Permalink
On Mon, Oct 1, 2012 at 10:09 PM, Jeffrey Altman
Post by Jeffrey Altman
Post by Troy Benjegerdes
Post by Lars Schimmer
Post by Troy Benjegerdes
One-time deals (on linux) that require interaction will blow up all kinds
of automated tools and leave the rank and file admins your enemy.
Easy, user do call admins angry and stupid. And Admins change OpenAFS to
NFS/SMB/or anything else, which is free and easy to deploy.
Nearly everything is free, functional and already included.
Why hassle with more work, incompatible licenses and all the user support?
Having migrated from NFSv3 to AFS (and then OpenAFS), I'd have to say that
NFS may be free, but it doesn't really fall into the 'functional' category.
But this was several years ago, so there might have been some magic that
happened with NFS I haven't seen yet.
Can anyone who has experience migrating to/from OpenAFS from/to anything
else in the last 2-3 years please comment? If there's really something
free, functional, and already included then I'd like to know what the
heck it is.
I will remind the community of OpenEFS <http://www.openefs.org/> which
was developed specifically to permit a large financial institution to
use NFSv3 for global software distribution via a firm-wide name space.
While it is true that AFS3 provides a large amount of administrator
functionality in the box that is not present in competing products, that
doesn't prevent organizations from spending money to replicate that
functionality at a higher layer.
Thanks for the shout out, Jeff....

Now that my software's name has been invoked in this conversation, I
think it's finally time I piped up and offered some of my perspective
on this.

First, for those of you who are not familiar with the work I've done,
just read this short document.

http://docs.openefs.org/efs-core-docs/AdminGuide/History.html

I think am uniquely qualified to talk about "migrating to/from
OpenAFS" given my history with distributed filesystems in general.
That document's a bit out of date, since I've had a couple of jobs
since I wrote it. I think the first thing to point out is that it is
foolish, and in fact categorically false, to make a context-free
statement like:

"Filesystem FOO is better than filesystem BAR"

I can give you plenty of real world use case scenarios where OpenAFS
performance is completely horrid, and the other filesystems beat the
crap out of it. The opposite is also true, of course. The reality
is that there is no obvious winner in this debate, because you have to
compare each of these technologies in the context of the specific use
case to which you are subjecting it.

Troy, you have repeatedly asserted that "everything not-AFS just plain
sucks" (sorry for the paraphrase), and all that tells me is that for
YOUR specific use cases, that is obviously true. However, you can
not make that same assertion for the general case.

What large enterprises have either understood, or are slowly figuring
out, is that there is no single distributed filesystem product that
stands out above the others. You have to make some painful trade
offs to determine which one works for the specific use cases you have,
and the challenge is to pick the best one for the problem you're
trying to solve. Trade offs suck, especially when they are very
hard to pin down with quantifiable metrics.

Also, I want to make sure people understand what OpenEFS is, and how
it relates to OpenAFS (other than the confusing single-character
difference in the produce names). EFS is really an open source
implementation of the software development lifecycle functionality
that was core to VMS, and it currently only supports an NFSv3 backend.
As Steve Jenkins has pointed out, there is a branch with a WIP
implementation of support for OpenAFS and that branch is also where
I've been laying the groundwork for NFSv4 support, too. I expect to
make the OpenAFS support part of the master branch, fully working,
early next year.

However, and this is CRITICAL: EFS does NOT manage the backend NFS
servers. Why? A complete and total lack of standards for how to
manage NFS!! Have you ever taken a close look at how something as
simple as "exportfs" varies WILDLY from OS to OS? This is one area
where OpenAFS *does* kick the crap out of NFS: centralized management,
and the fact that there's one implementation, making automation a lot
more feasible (cf. AFS::Command perl modules suite, which has been
used to implement things like VMS, and lots of other management
software for AFS). Nothing remotely similar exists for NFS, since
each and every NAS vendor has taken advantage of the LACK of
standardization of their management tools, making a generic management
infrastructure all but impossible. Other have disagreed, but I'm
still waiting for the code or the product to appear....

Example: in order to manage the NetApp filers, I had to develop a
rather complex suite of perl modules to make it possible to write
scalable code to manage them: that code is available CPAN, too. That
code was, by necessity, entirely proprietary to NetApp, since their
management interface for NFS is entirely proprietary. In order to
generically manage NFS servers, you would need to develop an abstract
API that support common functionality, and design it to take plug-ins
for a variety of APIs to proprietary management interfaces, since
EVERY SINGLE NAS VENDOR, without exception, has developed (out of
necessity, to fill the void) their own management interfaces.

Finally, there's a HUGE barrier to adoption for EFS: it makes a lot of
assumptions about your global environment that are inherited from the
original Morgan Stanley Aurora architecture, and that probably do not
hold true for most enterprises. For example, it assumes you have a
single, global authentication domain (i.e. Kerberos realm) and that
ALL of your "cells" are part of that environment. It also assumes,
for NFSv3, that your UIDs and GIDs are sanely managed, and effectively
one, single global database as well. It also assumes that you are
willing to let all of the EFS administrative servers trust each other
(distribution is rsync over ssh, for example, and you have to allow
password-free ssh as root between those core machines).

I will be the first to admit that EFS is trying to provide general
purpose solution to a problem that probably will not fit very well
with most big enterprises. And that's really a key point: each and
every large enterprise is to some degree unique, since each and every
business is to some degree unique. Standardization can only get you
so far, and then when you encounter problem of scale for which you
can't buy a COTS solution, you solve the problem yourself, and now
you're unique. I've been working in the core engineering departments
of major financial firms for over 20 years now, and had a hands-on,
up-close-and-personal look at how these companies have deployed core
services, and I would probably guarantee that my career ends
immediately if I were to share some of what I know (maybe I'll write a
book, if I ever retire -- unlikely -- my expensive hobbies will
probably force me to stay employed until I drop dead :-).
Devine, Steven (sd)
2012-10-01 01:03:32 UTC
Permalink
Please know that this post is offered in the hopes of helping, or at least giving a viewpoint of one that operates on the edge of the OpenAFS.

I am generally unaware of the current dilemma that seems to be facing OpenAFS. I read this list in digest mode and recent changes in my responsibilities have made that pretty sporadic. This doesn't mean that AFS is not important to MSU or to me.
So here is my question:
Can some one give the list a couple of paragraphs about what the heck is going on? I suspect there are a lot of us that would like to help but I truly can't tell if there is a serious issue at hand or if this is just the result of the elders and gatekeepers facing burnout. Respectfully please, we need direction if help is truly required from the members of this list.
/sd

Steve Devine
Collaborative Systems & Support
Information Technology Services
Michigan State University
Jeffrey Altman
2012-10-01 01:25:54 UTC
Permalink
Steve:

I have written many paragraphs over the last couple of months. They are
drowned out by the noise.

There is no burnout. Russ and I both resigned from the Elders for
different reasons. You can read our resignation letters in the
openafs-announce 2012 archives

http://lists.openafs.org/pipermail/openafs-announce/2012/date.html

I recommend that you read

http://lists.openafs.org/pipermail/openafs-info/2012-August/038511.html

if you have not already.
Post by Devine, Steven (sd)
Please know that this post is offered in the hopes of helping, or at least giving a viewpoint of one that operates on the edge of the OpenAFS.
I am generally unaware of the current dilemma that seems to be facing OpenAFS. I read this list in digest mode and recent changes in my responsibilities have made that pretty sporadic. This doesn't mean that AFS is not important to MSU or to me.
Can some one give the list a couple of paragraphs about what the heck is going on? I suspect there are a lot of us that would like to help but I truly can't tell if there is a serious issue at hand or if this is just the result of the elders and gatekeepers facing burnout. Respectfully please, we need direction if help is truly required from the members of this list.
/sd
Steve Devine
Collaborative Systems & Support
Information Technology Services
Michigan State University
_______________________________________________
OpenAFS-info mailing list
https://lists.openafs.org/mailman/listinfo/openafs-info
Troy Benjegerdes
2012-10-01 04:29:42 UTC
Permalink
I'd say the summary is something like this:

1) YFS (your-file-system) is forking (or re-implementing) OpenAFS to be
able to have a commercially viable business & product that will have the
financial return-on-investment needed to justify the cost of implementing
a long list of things, starting with rxgk.

2) No other credible plans have been proposed that can provide a working
rxgk implementation, and the only implementation that at one point actually
worked was rxk5, but it had 'flag day' issues for upgrades.

Some of us don't really care about the flag day issue, but then that's
effectively forking OpenAFS into incompatible versions. It's also not clear
why YFS should support the OpenAFS community if the OpenAFS community is not
providing anything to YFS in return.


Is this a halfway accurate short summary, or I am completely missing something?
Post by Jeffrey Altman
I have written many paragraphs over the last couple of months. They are
drowned out by the noise.
There is no burnout. Russ and I both resigned from the Elders for
different reasons. You can read our resignation letters in the
openafs-announce 2012 archives
http://lists.openafs.org/pipermail/openafs-announce/2012/date.html
I recommend that you read
http://lists.openafs.org/pipermail/openafs-info/2012-August/038511.html
if you have not already.
Post by Devine, Steven (sd)
Please know that this post is offered in the hopes of helping, or at least giving a viewpoint of one that operates on the edge of the OpenAFS.
I am generally unaware of the current dilemma that seems to be facing OpenAFS. I read this list in digest mode and recent changes in my responsibilities have made that pretty sporadic. This doesn't mean that AFS is not important to MSU or to me.
Can some one give the list a couple of paragraphs about what the heck is going on? I suspect there are a lot of us that would like to help but I truly can't tell if there is a serious issue at hand or if this is just the result of the elders and gatekeepers facing burnout. Respectfully please, we need direction if help is truly required from the members of this list.
/sd
Steve Devine
Collaborative Systems & Support
Information Technology Services
Michigan State University
_______________________________________________
OpenAFS-info mailing list
https://lists.openafs.org/mailman/listinfo/openafs-info
Chas Williams (CONTRACTOR)
2012-10-01 12:52:21 UTC
Permalink
Post by Troy Benjegerdes
Can anyone who has experience migrating to/from OpenAFS from/to anything
else in the last 2-3 years please comment? If there's really something
free, functional, and already included then I'd like to know what the
heck it is.
we are running lustre alongside afs right now. lustre is generally
much much faster than afs. the downside is that the security model
is essentially nfsv3. anyone with root on a lustre client is essentially
any other user on the filesystem and can read/write your files.

lustre also has some issues since it currently lacks bulk stat but
i believe the work on that is in progress. lack of bulk stat makes
it difficult to use over long haul links but you can work around
that.
Gary Buhrmaster
2012-10-01 18:00:20 UTC
Permalink
On Mon, Oct 1, 2012 at 5:52 AM, Chas Williams (CONTRACTOR)
<***@cmf.nrl.navy.mil> wrote:
....
Post by Chas Williams (CONTRACTOR)
we are running lustre alongside afs right now. lustre is generally
much much faster than afs. the downside is that the security model
is essentially nfsv3. anyone with root on a lustre client is essentially
any other user on the filesystem and can read/write your files.
My recollection was that if you are willing/able to run bleeding
edge that there was gssapi support in Lustre. I have no idea
how production ready that support is.

Regardless, Lustre is no AFS (and vice versa). Different
strengths and different weaknesses.

Gary
Booker Bense
2012-10-01 19:05:44 UTC
Permalink
Post by Gary Buhrmaster
On Mon, Oct 1, 2012 at 5:52 AM, Chas Williams (CONTRACTOR)
....
Post by Chas Williams (CONTRACTOR)
we are running lustre alongside afs right now. lustre is generally
much much faster than afs.
Lustre is a replacement for AFS in the same way that a formula 1 race
car is a replacement for your family mini-van.

There are many similar solutions out there ( GlusterFS, etc... ) that
address parts of the problem, but
none that I see make any effort at security better than NFS v3. They
all pretty much allow the machine
to assert any userid it wants.

If the problem you have is

"Share a user's home directory on a machine that you don't entirely
trust root on"

the only solution I know of is AFS or NFS V4. And if the problem is

"Access a filesystem securely[1] from just about anywhere on almost any OS"

then OpenAFS is the only solution I know about.

- Booker C. Bense

[1]- For the sake of argument, we will assume AFS encryption is "good enough".
Chas Williams (CONTRACTOR)
2012-10-04 00:52:28 UTC
Permalink
Subject: RE: [OpenAFS] the future Date: Mon, Oct 01, 2012 at 07:28:43PM +00=
Post by Dyer, Rodney
=20
Maybe I'm just too old, and in a world where 10 Gb networking is everywhere locality no longer matters.
RTT to offsite file servers has not improved with fatter links. Caching
helps a lot. For some things.
that really is the problem. fatter links only make sense if you can
put enough data on the wire to overcome the bandwidth-delay product.
NFS suffers in this respect just like AFS.

also, if your filesystem protocol requires a lot of individual
transactions to do something like enumerate a directory, round trip
times really start to add up. so even without caching and just bulkstat,
AFS can wind up being a winner in some cases.

Continue reading on narkive:
Loading...