AFS - Using the NFS/AFS Translator
Some cells use the Network File System (NFS) in addition to AFS. If you work on an NFS client machine, your system administrator can configure it to access the AFS filespace through a program called the NFS/AFS TranslatorTM. If you have an AFS account, you can access AFS as an authenticated user while working on your NFS client machine. Otherwise, you access AFS as the anonymous user.
|Note:||Acceptable NFS/AFS Translator performance requires that NFS is functioning correctly.|
- An NFS/AFS translator machine is an AFS client machine that also acts as an NFS server machine. Its Cache Manager acts as the surrogate Cache Manager for your NFS client machine. Ask your system administrator which translator machines you can use.
- Your NFS client machine must have an NFS mount to a translator machine. Most often, your system administrator mounts the translator machine's /afs directory and names the mount /afs as well. This enables you to access the entire AFS filespace using standard AFS pathnames. It is also possible to create mounts directly to subdirectories of /afs, and to give NFS mounts different names on the NFS client machine.
Your access to AFS is much more extensive if you have an AFS user account. If you do not, the AFS servers recognize you as the anonymous user and only grant you the access available to members of the system:anyuser group.
If your NFS client machine uses an operating system that AFS supports, your system administrator can configure it to enable you to issue many AFS commands on the machine. Ask him or her about the configuration and which commands you can issue.
If you do not have an AFS account or choose not to access AFS as an authenticated user, then all you do to access AFS is provide the pathname of the relevant file. Its ACL must grant the necessary permissions to the system:anyuser group.
If you have an AFS account and want to access AFS as an authenticated user, the best method depends on whether your NFS machine is a supported type. If it is, use the instructions in To Authenticate on a Supported Operating System. If it is not a supported type, use the instructions in To Authenticate on an Unsupported Operating System.
- Log into the NFS client machine using your NFS username.
- Issue the klog command. For complete instructions, see
To Authenticate with AFS.
% klog -setpag
- Log onto the NFS client machine using your NFS username.
- Establish a connection to the NFS/AFS translator machine you are using (for example, using the telnet utility) and log onto it using your AFS username (which is normally the same as your NFS username).
- If the NFS/AFS translator machine uses an AFS-modified login
utility, then you obtained AFS tokens in Step 2. To check, issue the tokens command,
which is described fully in To
Display Your Tokens.
% tokensIf you do not have tokens, issue the klog command, which is described fully in To Authenticate with AFS.
% klog -setpag
- Issue the knfs
command to associate your AFS tokens with your UNIX UID on the NFS
client machine where you are working. This enables the Cache
Manager on the translator machine to use the tokens properly when
you access AFS from the NFS client machine.
If your NFS client machine is a system type for which AFS defines a system name, it can make sense to add the -sysname argument. This argument helps the Cache Manager access binaries specific to your NFS client machine, if your system administrator has used the @sys variable in pathnames. Ask your system administrator if this argument is useful for you.
% knfs <host name> [<user ID (decimal)>] \ [-sysname <host's '@sys' value>]
- host name
- Specifies the fully-qualified hostname of your NFS client machine (such as nfs52.abc.com).
- user ID
- Specifies your UNIX UID or equivalent (not your username) on the NFS client machine. If your system administrator has followed the conventional practice, then your UNIX and AFS UIDs are the same. If you do not know your local UID on the NFS machine, ask your system administrator for assistance. Your system administrator can also explain the issues you need to be aware of if your two UIDs do not match, or if you omit this argument.
- Specifies your NFS client machine's system type name.
- (Optional) Log out from the translator machine, but do not unauthenticate.
- Work on the NFS client machine, accessing AFS as necessary.
- When you are finished accessing AFS, issue the knfs
command on the translator machine again. Provide the same host
name and user ID arguments as in Step 4, and add the -unlog flag to destroy your
tokens. If you logged out from the translator machine in Step
5, then you must first reestablish a
connection to the translator machine as in Step 2.
% knfs <host name> [<user ID (decimal)>] -unlog
Acceptable performance by the NFS/AFS translator depends for the most part on NFS. Sometimes, problems that appear to be AFS file server outages, broken connections, or inaccessible files are actually caused by NFS outages.
This section describes some common problems and their possible causes. If other problems arise, contact your system administrator, who can ask the AFS Product Support group for assistance if necessary.
|Note:||To avoid degrading AFS performance, the Cache Manager on the translator machine does not immediately send changes made on NFS client machines to the File Server. Instead, it checks every 60 seconds for such changes and sends them then. It can take longer for changes made on an NFS client machine to be saved than for changes made on an AFS client machine. The save operation must complete before the changes are visible on NFS client machines that are using a different translator machine or on AFS client machines.|
If your system administrator has used the recommended options when creating an NFS mount to an NFS/AFS translator machine, then the mount is both hard and interruptible:
- A hard mount means that the NFS client retries its requests if it does not receive a response within the expected time frame. This is useful because requests have to pass through both the NFS and AFS client software, which can sometimes take longer than the NFS client expects. However, it means that if the NFS/AFS translator machine actually becomes inaccessible, your NFS client machine can become inoperative (freeze or hang).
- If the NFS mount is interruptible, then in the case of an NFS/AFS translator machine outage you can press <Ctrl-c> or another interrupt signal to halt the NFS client's repeated attempts to access AFS. You can then continue to work locally, or can NFS-mount another translator machine. If the NFS mount is not interruptible, you must actually remove the mount to the inaccessible translator machine.
If you have authenticated to AFS and your translator machine reboots, you must issue the klog command (and knfs command, if appropriate) to reauthenticate. If you used the knfs command's -sysname argument to define your NFS client machine's system name, use it again.
This section explains possible meanings for NFS error messages you receive while accessing AFS filespace.
stale NFS client
Getpwd: can't read
Both messages possibly means that your translator machine was rebooted and cannot determine the pathname to the current working directory. To reestablish the path, change directory and specify the complete pathname starting with /afs.
NFS server translator_machine is not responding still trying.
The NFS client is not getting a response from the NFS/AFS translator machine. If the NFS mount to the translator machine is a hard mount, your NFS client continues retrying the request until it gets a response (see Your NFS Client Machine is Frozen). If the NFS mount to the translator machine is a soft mount, the NFS client stops retrying after a certain number of attempts (three by default).
© IBM Corporation 2000. All Rights Reserved