My files in the “cloud” – with OpenAFS

I, like many others, have more than one computer from which I would like to access my files wherever I am. Also small hard drives in laptops makes it impossible for me to have all my files with me when I am around. To solve that I used SSHFS for a few years. It is easy to set up but I experienced a number of issues, ranging from the lack of handling mobile clients properly (e.g. mobile clients do change IP’s when moving around and experience periods without network connections) to not handling file locking (e.g. GnuPG will not work properly without).

A better alternative
When I studied at Department of Electronic Systems at Aalborg University we did not collaborate and exchange our files via e.g. a local Samba server. Instead we had access to a distributed network file system called Andrew File System. AFS made it possible for us to access files from home, at the university, the login/job servers – in other words every internet connected computer with an OpenAFS client installed. For report writing in LaTeX and software code we used SVN on top of AFS or via SSH to a server with an OpenAFS client which worked great.

The distributed nature of AFS and the fact that I could not find a good way to access my personal files in an elegant way from multiple computers made me look into how to set up an AFS cell with OpenAFS. A cell is one or more servers within a name space for a given domain. E.g. the cell for the institute where I studied is available on the file system at /afs/ies.auc.dk. Other examples are Stockholm university which has /afs/su.se and CERN which has /afs/cern.ch.

openafs.dk – guides for setting up OpenAFS
I wanted to set up a cell for my personal files but found it a bit challenging and openafs.org did not have a good guide for newbies on how to set up a new cell (their technical documentation and the mailing lists are great though). Therefore I wrote a guide which I have also used several times when helping others to set up a cell. Besides the guide for setting up OpenAFS servers I have also made some instructions on how to install the OpenAFS client on the most popular operating systems. If you would like to put your files into “the cloud” (that term is so silly.. 🙂 ) consider using OpenAFS for the job.

Some of the features of AFS are:

  • Globally distributed file system An AFS-setup is able to scale across multiple servers – many of them if necessary. You can make a file globally available to other clients even outside your cell and the file paths are globally unique independent of the computer you are using.
  • Extended ACL‘s AFS gives extended possibilities for administrating access to folders compared to traditional Unix file permissions. Users can even make their own personal groups and include other users in them.
  • Secure Good integration with Kerberos for authentication. Connection between server may be (and normally is configured to be) encrypted.
  • Mature AFS has through its development through several decades achieved a high degree of stability and is used around the globe at many large sites including many universities and large companies.
  • Location independence You may access your files across the internet. A local cache on client computers lightens the load on both server an the internet connection of the client. If the client changes IP-address AFS handles this transparently in an automatic way because of the design around Kerberos (e.g. changing from 3G/UMTS to WiFi or a cabled network will not cause you to re-enter your passphrase for accessing AFS).
  • Platform indepence Many Operating systems are supported by the OpenAFS application; Windows, Linux, OS X, iOS, *BSD, Solaris and others.
  • File locks As opposed to what I have experienced with e.g. NFS, OpenAFS actually handles file locks very well.

NJLUG talk about AFS
A few years ago at NJLUG we got Bo from the IT-Department, at the Department of Electronic Systems, to give a technical presentation about how AFS works. You can download the video from the presentation here from dotsrc.org. Be aware though that the talk, though very interesting, is in danish and lasts more than 4 hours.