Open source products, such as Network File System (NFS), now offer industrial grade capabilities and have gained major vendor support. NFS has evolved into a powerful enterprise file system that enables it to take advantage of more powerful servers and storage. Older enterprise file systems, such as Andrew File System (AFS) and Distributed File System™ (DFS™), have architectural limitations that limit their ability to process large files and take advantage of the increased memory and multiprocessor support available in modern servers. Since NFS Version 4 is an outcome of standards, it offers the ability to quickly deploy an enterprise file system without imposing dependencies on custom code. NFS Version 4 has come a long way to overcome the shortcomings of NFS Version 2 and Version 3, and many vendors are already out with their implementation of NFS Version 4, including IBM with its AIX® 5.3 release and the Open NFS Version 4 with the Linux® 2.6 kernel release. The industry is looking at NFS Version 4 as the next generation distributed file system. So with the end of support declared for IBM DFS and AFS products and NFS Version 4 emerging as the upcoming enterprise file system, administrators will be busy sketching strategies for migrating to NFS Version 4. This article takes you through the migration strategies that administrators can use when migrating data from IBM DFS to NFS Version 4. We discuss the importance of NFS Version 4 and then propose some strategies for migration, such as phased, partial, and full migration. Lastly, we briefly describe the IBM NFS/DFS Authentication Gateway, which is shipped along with IBM DFS, and then move on to elaborate how this authentication gateway can aid the migration on AIX and Linux platforms.
Migration strategies from IBM DFS to NFS Version 4
You can use different approaches to migrate from IBM DFS to NFS Version 4. It depends on the existing organizational role of IBM DFS and the potential impact on existing applications, services, network, migration deadlines, size of data, administrative expertise, and so forth. In this section, we discuss some of the basic migration strategies to adopt for migration.
The following approach allows you to expand a small NFS Version 4 configuration to manage increasing amounts of IBM DFS data. To start out, we recommend moving only a few of the IBM DFS filesets to NFS Version 4 in such way that both IBM DFS and NFS users can access them. Over a period of time, as your NFS Version 4 expertise grows and more IBM DFS filesets are moved to NFS, you can choose to completely migrate to NFS Version 4 and phase out of IBM DFS. This gradual migration process allows administrators to ease their IBM DFS users into NFS Version 4, while taking advantage of DFS-only machines. The following migration strategies provide a broad overview that can help in planning the migration:
- Phased migration
- A phased migration occurs over a long period of time, possibly as long as a year. In this strategy, the DFS users and data are moved gradually to NFS Version 4. Users need to access both the DFS as well as NFS space during the migration period. Typically, a phased migration procedure is recommended if the DFS cell of your organization is large or if you choose to take a long time to migrate to NFS Version 4 for some reason. Later in this article, you'll see how the IBM NFS/DFS Authentication Gateway proves handy for phased migration.
- Partial migration
- The partial migration procedure is applicable when converting huge DFS cells wherein you might like to migrate only a limited amount of data to NFS Version 4, continue to have the rest on DFS, or have reasons for keeping DFS machines online for an extended period of time after completing your migration work from DFS to NFS Version 4. For this reason, you can use the IBM NFS/DFS Authentication Gateway for NFS Version 4 clients to access DFS data.
- Full migration
- A full migration procedure is generally suitable for a small DFS cell where the migration work is expected to complete within a small period of time (from several hours to few days). In this procedure, the entire DFS cell is migrated to NFS Version 4 in a short span of time. As data is moved from DFS to NFS Version 4, the DFS server machines can be decommissioned and configured as NFS Version 4 server. Since migration is expected to complete over a short period of time, administrators might choose not to allow users to access both the DFS and NFS Version 4 space.
Though a full migration strategy seems to look pretty straightforward in actual practice, it's the phased migration that is preferred by most of the administrators and recommended for enterprises having medium to large DFS cells. The major concern to address in the phased migration is that the administrators are required to give the end users access to both the DFS as well as the NFS Version 4 space.
IBM NFS/DFS Authentication Gateway
The NFS/DFS Authentication Gateway provides authenticated access to the IBM DFS filespace in the Distributed Computing Environment (DCE) for users of NFS clients. The ability of NFS clients to access the IBM DFS filespace from an IBM DFS client is already inherent in IBM DFS. However, NFS client users are limited to unauthenticated access, because the authentication information differs for DFS and NFS. The NFS/DFS Authentication Gateway bridges this difference and connects an NFS client user with an authenticated DCE principal. For detailed information, refer to the IBM DFS for AIX/Solaris NFS/DFS Authentication Gateway Guide and Reference (see Resources). Figure 1 below shows the overview of the NFS/DFS Authentication Gateway.
Figure 1: Overview of the NFS/DFS Authentication Gateway
In Figure 1 above, the following versions of software were successfully tested:
- DFS server: IBM DFS 3.1, PTF 9 for AIX 5.2
- DFS client: IBM DFS 3.1, PTF 9 for AIX 5.2
- NFS server: IBM AIX 5.2 NFS Version 3
- NFS client: IBM AIX 5.3 NFS Version 4 and Red Hat Enterprise Linux 4.0 (RHEL 4) (kernel 2.6) NFS Version 4
IBM DFS -- NFS Version 4 migration bridge
As discussed earlier during the migration from IBM DFS to NFS Version 4, there will be a need for users to access both the DFS as well as NFS space at the same time. Since the primary function of the NFS/DFS Authentication Gateway is to enable NFS clients to have access to DFS, administrators can make use of this gateway to help bridge across the two file systems. Using this gateway, the NFS client can then view the same file system hierarchy as the DFS client. In short, the NFS/DFS Authentication Gateway provides a migration capability for NFS Version 4 clients to access DFS objects that still need to be migrated while making the transition from DFS to the NFS Version 4 file sharing environment.
The following are the high-level steps for setting up the IBM DFS to AIX NFS Version 4 migration bridge:
- Configure the IBM NFS/DFS Authentication Gateway when you plan for the migration. You can either choose to configure the authentication gateway on one of the existing DFS server machines or have it on a separate machine, as you would not want to load your server machines. For details about configuring the IBM NFS/DFS Authentication Gateway, please refer to the IBM DFS for AIX NFS/DFS Authenticating Gateway Guide and Reference.
- You can now us your client machines (with NFS Version 4 client) to access both the DFS as well as NFS space by appropriately mounting the file systems. Care should be taken while mounting DFS using the NFS Version 4 client. None of the NFS Version 4 features, such as enhanced authentication, authorization, and so forth, should be used. In other words, the NFS Version 4 client should mount the DFS space just like the NFS Version 3 client.
The previous steps allow NFS Version 4 client machines to access both the migrated data from the NFS Version 4 space as well as the data still under migration from the DFS space. In fact, administrators can use this kind of setup to transfer data from DFS to NFS Version 4. Keep in mind that such a transfer of data will not take care of the existing data in the Access Control List (ACL). Administrators must deal with this situation separately.
Figure 2 below illustrates the migration setup involving the IBM NFS/DFS Authentication Gateway that administrators can use while migrating from IBM DFS to NFS Version 4.
Figure 2: DFS to NFS Version 4 migration setup with NFS/DFS Authentication Gateway
The previous setup was tested with the following combination:
- IBM DFS servers -- IBM DFS 3.1 PTF9 running AIX 5.2
- NFS Version 4 servers -- AIX 5.3 , RHEL 4 (kernel 2.6)
- NFS Version 4 clients -- AIX 5.3, RHEL 4 (kernel 2.6)
- IBM NFS/DFS Authentication Gateway -- IBM DFS 3.1 PTF9 running on AIX 5.2
With the NFS Version 4 emerging as the next generation enterprise file system and IBM DFS nearing its end, administrators should start planning to migrate from IBM DFS to NFS Version 4. As discussed above, having the IBM NFS/DFS Authentication Gateway in the migration setup proves very handy to administrators when migrating from IBM DFS to NFS Version 4.
- The IBM Redbook Implementing NFS Version 4 in the Enterprise Planning and Migration Strategies provides methods for implementing NFS Version 4 in the enterprise and extensive coverage of methods for how it can potentially be used as a migration target for legacy AFS- and DCE/DFS-based enterprise file systems.
- The IBM Redbook Securing NFS in AIX: An Introduction to NFS Version 4 in AIX 5L Version 5.3 provides a broad understanding of NFS Version 4 and specific AIX NFS Version 4 implementation details.
- Learn about System Management Guide: Communication and Networks from online AIX documentation for IBM pSeries Hardware.
- Know about general information and reference for the NFS Version 4 protocol and its open source implementation.
- For details on NFS Version 4, see IETF Request for Comments (RFC) 3530, "Network File System (NFS) version 4 Protocol."
- Stay current with developerWorks technical events and Webcasts.
Get products and technologies
- Get your hands on application development tools and middleware products from DB2®, Lotus®, Rational®, Tivoli®, and WebSphere®. You can download evaluation versions of the products at no charge, or select the Linux or Windows® version of developerWorks' Software Evaluation Kit.
- Participate in the eServer forums, developerWorks blogs, and get involved in the developerWorks community.