Curs 7 Servicii de file sharing
Gestiunea Serviciilor de Ret, ea
17 noiembrie 2011
GSR Curs 7, Servicii de file sharing 1/45 Moto
Jesus saves! The rest of us better make backups.
GSR Curs 7, Servicii de file sharing 2/45 Partajarea fis, ierelor
SSH. rsync
NFS
Samba
FTP
ˆIncheiere
ˆIntreb˘ari
GSR Curs 7, Servicii de file sharing 3/45 Suport
I “Unix and Linux System Administration”
I Chapter 8 – Storage (Section “Storage area networking”) I Chapter 18 – The Network File System I Chapter 30 – Cooperating with Windows (Section “Sharing files with Samba and CIFS”) I “Professional Linux System Administration”
I Chapter 12 – File and Print Sharing
GSR Curs 7, Servicii de file sharing 4/45 Outline
Partajarea fis, ierelor
SSH. rsync
NFS
Samba
FTP
ˆIncheiere
ˆIntreb˘ari
GSR Curs 7, Servicii de file sharing 5/45 Partajarea fis, ierelor
I file sharing
I distribut, ie de cont, inut/date/informat, ie I probleme
I drepturi de acces I autentificare
I consum de resurse (l˘at, ime de band˘a)
I interfat, ˘ade utilizare I scalabilitate – num˘arde utilizatori, num˘arde accese
I HTTP/FTP, Peer-to-Peer, SSH, rsync, NFS, Samba
GSR Curs 7, Servicii de file sharing 6/45 HTTP/FTP
I HTTP
I universal disponibil, num˘armare client, i (browsere) I suport de securitate (HTTPS)
I num˘armare de aplicat, ii
I nu are implicit suport pentru transferuri part, iale
I wget --continue
I folosit, ˆıngeneral pentru download; pentru upload se foloses, te SSH/FTP
I necesit˘aacces s, i configur˘arila nivel de server I FTP
I din ce ˆınce mai put, in utilizat I suport redus comparativ cu HTTP I suport de securitate: autentificare, FTPS
I nu are suport implicit pentru transferuri part, iale
I folosit pentru upload; un avantaj fat, ˘ade SSH este rapiditatea I posibile probleme de acces (active mode, passive mode)
GSR Curs 7, Servicii de file sharing 7/45 WebDAV
I web-based distributed authoring and versioning
I “authoring” a activ, “versioning” mai tˆarziu(extensia Delta-V)
I “makes the web a readable and writable medium”
I noi metode s, i headere ˆınHTTP
I mod dav ˆınApache
I ˆınLinux, davfs2, fusedav, cadaver (CLI)
I util pentru sisteme de control al versiunii (Git, SVN): URL-uri read-write peste HTTP(S)
I extensii: Delta-V, CalDAV, CardDAV, GroupDAV
GSR Curs 7, Servicii de file sharing 8/45 Protocoale Peer-to-Peer
I nu necesit˘aun server
I upload/download facil
I transfer part, ial
I distribut, ie rapid˘a
I scalabilitate
I probleme cu NAT, firewall
I utile pentru num˘armare de client, i/peeri
I ˆıngeneral f˘ar˘aforme de securitate/drepturi de acces
GSR Curs 7, Servicii de file sharing 9/45 SSH/rsync
I SSH (scp)
I transfer securizat (probabil cea mai sigur˘ametod˘a)
I necesit˘acont s, i server I form˘apreferat˘ade upload I nu exist˘adownload public (anonim)
I se prefer˘aHTTP sau protocoale peer-to-peer
I f˘ar˘asuport de transfer part, ial (use rsync) I rsync
I cel mai bun suport de transfer part, ial
I actualiz˘ariale cont, inutului
I se transfer˘adoar ce difer˘a(delta encoding)
I util pentru mirroring s, i backup-uri
I poate folosi wrapper cu SSH
GSR Curs 7, Servicii de file sharing 10/45 NFS/Samba
I NFS, SMB/CIFS, DFS, AFS I NFS (Network File System)
I montare local˘a(mount -t nfs)
I acces transparent
I acces la server I configurare relativ facil˘a I suport de securitate
I controlul accesului
I sistem de fis, iere partajat I Samba
I implementare a SMB/CIFS I compatibilitate cu sisteme Windows I acces la server I configurare complex˘a;se poate folosi SWAT I suport de securitate I montare local˘acu smbmount, smbfs
GSR Curs 7, Servicii de file sharing 11/45 Outline
Partajarea fis, ierelor
SSH. rsync
NFS
Samba
FTP
ˆIncheiere
ˆIntreb˘ari
GSR Curs 7, Servicii de file sharing 12/45 scp – reminder
I scp surs˘adestinat, ie I upload – folosit ˆın“colaborare” cu alte protocoale
I scp file.txt [email protected]: I scp -r code/ [email protected]:public_html/
I download – folosit doar ˆın situat, iile ce necesit˘asecuritate; ˆın rest, HTTP
I scp -r [email protected]:test-dir/ .
GSR Curs 7, Servicii de file sharing 13/45 rsync
I sincronizarea fis, ierelor ˆıntredou˘asisteme I minimizarea transferului
I se transmit, ˆınm˘asuraposibilului, doar datele diferite I delta encoding
I ˆınlocuitor pentru scp – sintax˘asimilar˘apentru client
I Andrew Tridgell
I backups
I mirroring
GSR Curs 7, Servicii de file sharing 14/45 rsync daemon
I rsync --daemon
I port implicit 873 I pentru configurare pe Debian
I editat /etc/default/rsync
I RSYNC ENABLE=true
I /etc/init.d/rsync start | stop | restart I Configurare ˆın/etc/rsyncd.conf
I man rsyncd.conf I format .ini (similar cu Samba) razvan@valhalla:/tmp$ cat /etc/rsyncd.conf [code] path = /home/razvan/code comment = Razvan’s code
GSR Curs 7, Servicii de file sharing 15/45 Client rsync
I implicit foloses, te un shell razvan@valhalla:/tmp$ rsync localhost:code razvan@localhost’s password: drwxr-xr-x 4096 2009/11/13 09:40:02 code
I transfer folosind rsync daemon (de dou˘aori dou˘apuncte – ‘:’) razvan@valhalla:/tmp$ rsync localhost::code drwxr-xr-x 4096 2009/11/13 09:40:02 . -rw-r--r-- 3 2009/11/13 09:40:02 .gitignore drwxr-xr-x 4096 2009/11/13 09:41:14 .git drwxr-xr-x 4096 2009/11/07 12:33:17 asm [...]
I argumente uzuale sunt -avz
GSR Curs 7, Servicii de file sharing 16/45 rsync + SSH
I s, ir de c˘autare “rsync ssh” pe Google :-)
I opt, iunea -e la rsync
I nu necesit˘aserver de rsync
I util pentru upload (sigur) I rsync -avz -e ssh remoteuser@remotehost:/remote/dir /this/dir/
I sincronizare I rsync -avz -e ssh /this/dir remoteuser@remotehost:/remote/dir
I backup
GSR Curs 7, Servicii de file sharing 17/45 rsync backup (cron)
1 #!/bin/bash 2 3 RSYNC=/usr/bin/rsync 4 SSH=/usr/bin/ssh 5 RUSER=so 6 RHOST=cursuri.cs.pub.ro 7 RPATH=/home/courses/so/public html/* 8 LPATH=/home/so/www/cs/ 9 #OPTS=”-avz --include /wiki/images --exclude /wiki/* --exclude /wiki-old --exclude /Teme/note --exclude /Teme/upload --exclude /Teme/*.auth --exclude /functions.php” 10 OPTS="-avz --exclude /wiki-old --exclude /Teme/note --exclude /Teme/upload --exclude /Teme/*.auth --exclude /functions.php" 11 12 cd $LPATH&& $RSYNC $OPTS-e $SSH $RUSER@$RHOST:$RPATH $LPATH
GSR Curs 7, Servicii de file sharing 18/45 Outline
Partajarea fis, ierelor
SSH. rsync
NFS
Samba
FTP
ˆIncheiere
ˆIntreb˘ari
GSR Curs 7, Servicii de file sharing 19/45 NFS
I protocol de acces la fis, iere
I montare ˆınret, ea
I NFSv4 (RFC3010, RFC3530)
I init, ial funct, iona peste UDP, ast˘azipeste TCP
I RPC-based I nu exist˘aun port pe care ascult˘a
I portmap (port mapper, rpcbind) – TCP/UDP port 111
I NFSv4.1 – pNFS (scalable parallel access)
GSR Curs 7, Servicii de file sharing 20/45 Configurare server NFS
I /etc/exports
I Ce se partajeaz˘a?Ce stat, ii au acces? Cu ce drept? anaconda:~# cat /etc/exports /home/razvan/public_html/pub 141.85.37.75(rw,sync,subtree_check)
I Dup˘amodificarea /etc/exports se ruleaz˘acomanda
I exportfs -ra
GSR Curs 7, Servicii de file sharing 21/45 Client NFS
I montare I mount anaconda.cs.pub.ro:/home/razvan/public_html/pub pub
I configurare /etc/fstab I montare automat˘ala pornire razvan@valhalla:~/nfs/anaconda/pub$ tail -1 /etc/fstab anaconda.cs.pub.ro:/home/razvan/public_html/pub /home/razvan/nfs/anaconda/pub nfs rw 0 0
GSR Curs 7, Servicii de file sharing 22/45 Utiliz˘ariNFS
I directoare partajate la nivelul ret, elei locale
I stocarea directoarelor home pe un singur sistem/server
I directoare cu executabile pe un singur sistem (dac˘asunt sisteme identice)
GSR Curs 7, Servicii de file sharing 23/45 Sisteme de fis, iere pentru clustere
I Lustre (Linux cluster)
I high performance file system I GlusterFS
I NAS file system I cloud computing
GSR Curs 7, Servicii de file sharing 24/45 SAN/NAS
I Storage Area Network
I discuri legate prin ret, ea la sistemele de procesare I SCSI I AoE, FC, HyperSCSI, iSCSI I Network Attached Storage
I sisteme dedicate care asigur˘astocarea I elimin˘anevoia utiliz˘arii I FreeNAS (stripped-down version of FreeBSD)
GSR Curs 7, Servicii de file sharing 25/45 SAN/NAS (2)
GSR Curs 7, Servicii de file sharing 26/45 iSCSI
I Internet Small Computer System Interface
I SCSI commands over IP networks
I SCSI clients – initiators
I SCSI storage devices – targets
I SAN
I poate folosi infrastructura existent˘a(spre deosebire de FibreChannel)
GSR Curs 7, Servicii de file sharing 27/45 Outline
Partajarea fis, ierelor
SSH. rsync
NFS
Samba
FTP
ˆIncheiere
ˆIntreb˘ari
GSR Curs 7, Servicii de file sharing 28/45 Samba
I implementare free a SMB/CIFS
I SMB – Server Message Block I CIFS – Common Internet File System
I Andrew Tridgell (rsync)
I network shares I doi daemoni
I smbd – serviciu de file/printer sharing I nmbd – serviciu de mapare NetBIOS-IP
GSR Curs 7, Servicii de file sharing 29/45 Configurare Samba
I configur˘arilese realizeaz˘aˆın /etc/samba/smb.conf
I fis, ier format .ini (similar rsyncd.conf :-P)
I ˆınzona [global] este important˘aopt, iunea “netbios name”
I nu apare implicit ˆınfis, ierul de configurare anaconda:~# cat /etc/samba/smb.conf | grep -v ’^[#;]’ | grep -v ’^$’ [global] workgroup = CS netbios name = anaconda server string = %h server dns proxy = no log file = /var/log/samba/log.%m max log size = 1000 syslog = 0 [...]
GSR Curs 7, Servicii de file sharing 30/45 Configurare Samba (2)
I directive pentru creare share-uri
I implicit sunt partajate read-only directoarele home
I pentru verificarea configurat, iei se foloses, te comanda testparm
I se foloses, te smbpasswd pentru ad˘augarea unui utilizator ˆın Samba
GSR Curs 7, Servicii de file sharing 31/45 Configurare Samba (3)
I se adaug˘autilizatorul ˆınconfigurarea Samba anaconda:~# smbpasswd -a razvan New SMB password: Retype new SMB password: Testare configurat, ie razvan@valhalla:~$ smbclient -L //anaconda -U razvan Enter razvan’s password: Domain=[CS] OS=[Unix] Server=[Samba 3.0.24]
Sharename Type Comment ------print$ Disk Printer Drivers IPC$ IPC IPC Service (anaconda server) lp Printer Generic dot-matrix printer entry razvan Disk Home Directories Domain=[CS] OS=[Unix] Server=[Samba 3.0.24]
GSR Curs 7, Servicii de file sharing 32/45 Client Samba
I smbclient I interfat, a FTP-like razvan@valhalla:~$ smbclient //anaconda/rd-pub -U razvan Enter razvan’s password: Domain=[CS] OS=[Unix] Server=[Samba 3.0.24] smb: \> get i386-cds.torrent getting file \i386-cds.torrent of size 70787 as i386-cds.torrent (490.3 KiloBytes/sec) (average 490.3 KiloBytes/sec) smb: \> exit
I smbmount I montarea share-ului ˆınsistemul local de fis, iere $ smbmount //anaconda/rd-pub pub -o username=razvan,password=statesecret $ smbumount pub
GSR Curs 7, Servicii de file sharing 33/45 Client Samba (2)
I smbmount apeleaz˘a mount.cifs
I man smbmount (identic cu man mount.cifs) I mount.cifs I montare/demontare mount -t cifs //anaconda/rd-pub pub -o username=razvan,password=rosebud umount pub
I se poate configura /etc/fstab pentru pornire la boot
GSR Curs 7, Servicii de file sharing 34/45 Client Samba (3)
I aplicat, ii GUI
I ˆınWindows, integrat ˆınExplorer (file sharing)
I pe Linux, suport integrat ˆınKDE, GNOME
I URL de forma smb://netbios-name/share-name
I intr˘aride tipul “View Network”
GSR Curs 7, Servicii de file sharing 35/45 SWAT
I Samba Web Administration Tool I pe Debian
I apt-get install swat I ascult˘aconexiuni pe portul 901
I se recomand˘asecurizarea (certificat digital) accesului la port
GSR Curs 7, Servicii de file sharing 36/45 Outline
Partajarea fis, ierelor
SSH. rsync
NFS
Samba
FTP
ˆIncheiere
ˆIntreb˘ari
GSR Curs 7, Servicii de file sharing 37/45 Protocolul FTP
I File Transfer Protocol – transfer de fis, iere
I RFC 114 – 16 aprilie 1971
I control connection
I data connection
I active mode – conexiune de date de la server la client
I passive mode – conexiune de date de la client la server
I implicit nesigur – FTPS, SFTP/SCP
I anonymous FTP
GSR Curs 7, Servicii de file sharing 38/45 Client, i/severe FTP
I BulletProof FTP, CrushFTP Server, FileZilla Server
I ProFTPD, Pure-FTPd, vsftpd
I FileZilla, WinSCP, Total Commander
I cURL, ftp, lftp, ncftp
GSR Curs 7, Servicii de file sharing 39/45 FTPS vs. SFTP
I Pros I Pros I o singur˘aconexiune (nu I cunoscut exist˘acanal de date) I transfer server-to-server I conexiune permanent I autentificare SSL/TLS securizat˘a I suport FTP + SSL/TLS I operatii pentru ˆınmulte framework-uri , modificarea drepturilor de I Cons acces I necesit˘aun canal de date I Cons secundar I gestiune mai dificil˘aa I nu toate serverele FTP ofer˘asuport SSL/TLS cheilor SSH I nu exist˘asuport I nu tot, i client, ii FTP ofer˘a suport SSL/TLS SSH/SFTP ˆındiverse framework-uri
GSR Curs 7, Servicii de file sharing 40/45 Outline
Partajarea fis, ierelor
SSH. rsync
NFS
Samba
FTP
ˆIncheiere
ˆIntreb˘ari
GSR Curs 7, Servicii de file sharing 41/45 Ce folosim ˆınsituat, ia X?
I upload de fis, iere: scp, SFTP, FTPS
I upload constant/sincronizare/backup/mirroring: RSYNC
I download de fis, iere publice: HTTP, anon-FTP
I download de fis, iere ˆınmod securizat: SCP, SFTP, FTPS
I distribut, ie de fis, iere de mari dimensiuni: BitTorrent
I folosirea unei singure instant, e de directoare home, date cu acces comun: NFS
I interact, iune cu sisteme Windows, printer sharing: Samba
I partajarea codului, code versioning: SCM/VCS (Git, Subversion, Mercurial, Darcs, Bazaar)
GSR Curs 7, Servicii de file sharing 42/45 Cuvinte cheie
I WebDAV I nfs-kernel-server
I SSH I /etc/exports
I file-sharing I mount -t nfs
I SSH, scp I Samba
I rsync I /etc/samba/smb.conf
I rsync daemon I smbclient
I /etc/rsyncd.conf I smbmount
I NFS I mount -t cifs
I RPC I SWAT
I NAS I sshfs
I SAN I FTP
I iSCSI I FTPS/SFTP
GSR Curs 7, Servicii de file sharing 43/45 Resurse utile
I http://www.samba.org/ I http://wiki.debian.org/NFS I http://samba.anu.edu.au/rsync/ I http://en.wikipedia.org/wiki/File_Transfer_Protocol
GSR Curs 7, Servicii de file sharing 44/45 Outline
Partajarea fis, ierelor
SSH. rsync
NFS
Samba
FTP
ˆIncheiere
ˆIntreb˘ari
GSR Curs 7, Servicii de file sharing 45/45