CN105404640A - Unified authority management based ZFS file system sharing method - Google Patents

Unified authority management based ZFS file system sharing method Download PDF

Info

Publication number
CN105404640A
CN105404640A CN201510688068.8A CN201510688068A CN105404640A CN 105404640 A CN105404640 A CN 105404640A CN 201510688068 A CN201510688068 A CN 201510688068A CN 105404640 A CN105404640 A CN 105404640A
Authority
CN
China
Prior art keywords
file system
ftp
proftpd
zfs
authority
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201510688068.8A
Other languages
Chinese (zh)
Inventor
伍星宇
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shanghai Eisoo Information Technology Co Ltd
Original Assignee
Shanghai Eisoo Information Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shanghai Eisoo Information Technology Co Ltd filed Critical Shanghai Eisoo Information Technology Co Ltd
Priority to CN201510688068.8A priority Critical patent/CN105404640A/en
Publication of CN105404640A publication Critical patent/CN105404640A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/10File systems; File servers
    • G06F16/17Details of further file system functions
    • G06F16/176Support for shared access to files; File sharing support
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/06Protocols specially adapted for file transfer, e.g. file transfer protocol [FTP]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2141Access rights, e.g. capability lists, access control lists, access tables, access matrices

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Databases & Information Systems (AREA)
  • General Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Health & Medical Sciences (AREA)
  • Software Systems (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Bioethics (AREA)
  • Health & Medical Sciences (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Data Mining & Analysis (AREA)
  • Storage Device Security (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)

Abstract

The invention relates to a unified authority management based ZFS file system sharing method. The method comprises the following steps: 1) installing proftpd software in solaris; 2) mounting all file systems in a unified mounting directory; 3) performing ACL configuration on the file systems; and 4) adopting the proftpd software to enable and disable an FTP service, and adopting a solaris service to enable and disable an NFS service and the FTP service. Compared with the prior art, the method achieves the effects that the same directory shared by CIFS, NFS and FTP services and authority management are fused for the ZFS file systems in solaris and various sharing can be flexibly controlled.

Description

A kind of ZFS file system based on authority unified management shares method
Technical field
The present invention relates to ZFS file system, especially relate to a kind of ZFS file system based on authority unified management and share method.
Background technology
ZFS is a 128bit file system, and total volume is 1.84x10^19 times of existing 64bit file system, and its single storage volume capacity supported reaches 16EiB (2^64byte, i.e. 16x1024x1024TB); A zpool storage pool can have 2^64 volume, the maximum 256ZiB of total volume (2^78byte); Whole system can have again 2^64 storage pool, can say that, in quite long future time, the problem of memory space inadequate almost unlikely appears in ZFS.The plurality of advantages such as in addition, it also has self-optimizing, automatic Verification data integrity, storage pool/volume system manageability, comparatively ext3 system has larger operating rate, improves about 30%-40%.
ZFS is based on storage pool, different from the traditional file systems of typical mapping physical memory device, and all file system in storage pool of ZFS can use the resource of storage pool.
ZFS file system is a revolutionary brand-new file system, it fundamentally changes the way to manage of file system, the characteristic of this file system and its benefit brought do not have alternative document system to match in excellence or beauty with it so far, and ZFS is designed to powerful, scalable and is easy to manage.
The ZFS concept of " storage pool " carrys out managing physical storage space.In the past, file system is all structured on physical equipment.In order to manage these physical equipments, and provide redundancy for data, the concept of " volume management " provides one and sets up standby reflection.But this design adds complicacy, file system cannot be made to higher development, because file system can not cross over the physical location of data simultaneously at all.
NFS, CIFS, FTP are the usual ways that shared-file system is shared, FTP provides interactive visit, allow type and the form of the fatal file of client, and allowing file to have access right, it shields the details of computer system, to be therefore applicable in heterogeneous network between any computing machine, it at work, first will obtain the copy of a local file, if transmit file or revise, be also all operate for copy.Under NFS is then applied to UNIX operating system at first, it allows Server to derive one or more target directory shared for Terminal Server Client by NFS, the catalogue on client carry server, realizes sharing file resource, NFS carries Cache, can improve access efficiency.CIFS is based on customer end/server mode, connection-oriented, based on TCP/IP or IPX/SPX agreement, uses by three of similar three-way handshake mutual interactive modes.
Due in ZFS file system, FTP, mainly for user, does not associate with file system, when causing data to need to use FTP to share away, manages inconvenience.
Summary of the invention
Object of the present invention is exactly do not do the deficiency of file-sharing and rights management for FTP for the ZFS file system under current solaris and provide a kind of ZFS file system based on authority unified management to share method, realize merging the shared same catalogue of CIFS, NFS, FTP tri-class services and rights management to ZFS file system under solaris, various sharing can be controlled flexibly.
Object of the present invention can be achieved through the following technical solutions:
ZFS file system based on authority unified management shares a method, comprises the following steps:
1) under solaris, proftpd software is installed;
2) by All Files system carry under unified mount directory;
3) ACL configuration is carried out to file system;
4) adopt the opening and closing of proftpd software simulating FTP service, adopt solaris to carry service and realize the opening and closing that NFS serves and FTP serves.
Described step 2) be specially: when creating each file system, unified appointment mountpoint parameter.
Perform described step 3) time, be passthrough by the aclinherit inherited attribute fixed configurations of file system.
Described step 4) in, when adopting the closedown of proftpd software simulating FTP service, exit FTP and serve host process.
The opening and closing of described employing proftpd software simulating FTP service comprise the opening and closing of serving the FTP of Single document system.
The opening and closing that the described FTP to Single document system serves are specially:
The authority of configuration file to corresponding document system mount directory of proftpd software is used to modify.
Compared with prior art, the present invention has the following advantages:
1) the present invention is directed to the ftp software that solaris carries and support not enough problem to shared, increase proftpd software, provide FTP to serve;
2) the present invention is at management end, can carry out the opening and closing operation of NFS, CIFS, FTP service flexibly, thus control various sharing flexibly to a file system;
3) the present invention adopts ACL control authority, and no matter client adopts NFS, CIFS, FTP any one access mode access identical file system, all has same control authority, thus achieves NAS, the unified management of the authority that CIFS, FTP share;
4) the present invention can utilize proftpd to manage the opening and closing that Single document system FTP serves.
Accompanying drawing explanation
Fig. 1 is schematic flow sheet of the present invention;
Fig. 2 is the schematic diagram of the configuration file of proftpd software of the present invention.
Embodiment
Below in conjunction with the drawings and specific embodiments, the present invention is described in detail.The present embodiment is implemented premised on technical solution of the present invention, give detailed embodiment and concrete operating process, but protection scope of the present invention is not limited to following embodiment.
As shown in Figure 1, the invention provides a kind of ZFS file system based on authority unified management and share method, comprise the following steps:
1) ftp software carried due to solaris is inadequate to shared support, needs to use extra ftp software, installs proftpd software under solaris;
2) file system is unified when creating specifies mountpoint parameter, for/FS/xxx (xxx is file system title), by All Files system carry under unified mount directory;
3) carrying out ACL configuration to file system, when being configured, is passthrough by the aclinherit inherited attribute fixed configurations of file system, and all authorities all need to inherit, and make it possible to the demand of the authority unified management meeting file system;
4) adopt the opening and closing of proftpd software simulating FTP service, adopt solaris to carry service and realize the opening and closing that NFS serves and FTP serves.
Step 4) in, the opening and closing of proftpd software simulating FTP service are adopted to be specially: execution/usr/local/sbin/proftpd just can provide FTP to serve, and FTP can be found to serve the PID of host process at/usr/local/var/proftpd.pid, when needing to close service, only need to exit this process.
The opening and closing of proftpd software simulating FTP service are adopted to comprise the opening and closing of serving the FTP of Single document system, be specially: use the authority of configuration file to corresponding document system mount directory of proftpd software to modify, the amendment of configuration file comes into force in real time.
At that one deck of user management, the User Catalog of all users is all appointed as/FS, when making FTP access shared, time user enters User Catalog, can see all sharing.
Create three shared-file systems belonging to different pond: be pool1/test1, pool2/test2, pool1/test3 respectively.Fig. 2 is the content of configuration file, / FS/test2 is the mount point of file system pool2/test2, represent this file system denied access, and/FS/test1 is the mount point of file system pool1/test1, represent that this file system allows access, / FS/test3 does not configure, and namely test1 and test3 provides shared, and test2 does not provide shared.Script can be adopted to be configured file modification, shared by test2 and open, test1 shares and closes.The shared opening and closing of FTP can be entered flexibly to file system.
Carry out to file system the unlatching that NFS shares and CIFS shares fairly simple, solaris file system directly opens and closes sharing operation for file system.

Claims (6)

1. the ZFS file system based on authority unified management shares a method, it is characterized in that, the method realizes merging the shared same catalogue of CIFS, NFS, FTP tri-class services and rights management to ZFS file system under solaris, comprises the following steps:
1) under solaris, proftpd software is installed;
2) by All Files system carry under unified mount directory;
3) ACL configuration is carried out to file system;
4) adopt the opening and closing of proftpd software simulating FTP service, adopt solaris to carry service and realize the opening and closing that NFS serves and FTP serves.
2. the ZFS file system based on authority unified management according to claim 1 shares method, it is characterized in that, described step 2) be specially: when creating each file system, unified appointment mountpoint parameter.
3. the ZFS file system based on authority unified management according to claim 1 shares method, it is characterized in that, performs described step 3) time, be passthrough by the aclinherit inherited attribute fixed configurations of file system.
4. the ZFS file system based on authority unified management according to claim 1 shares method, it is characterized in that, described step 4) in, when adopting the closedown of proftpd software simulating FTP service, exit FTP and serve host process.
5. the ZFS file system based on authority unified management according to claim 1 shares method, it is characterized in that, the opening and closing of described employing proftpd software simulating FTP service comprise the opening and closing of serving the FTP of Single document system.
6. the ZFS file system based on authority unified management according to claim 5 shares method, it is characterized in that, the opening and closing that the described FTP to Single document system serves are specially:
The authority of configuration file to corresponding document system mount directory of proftpd software is used to modify.
CN201510688068.8A 2015-10-21 2015-10-21 Unified authority management based ZFS file system sharing method Pending CN105404640A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201510688068.8A CN105404640A (en) 2015-10-21 2015-10-21 Unified authority management based ZFS file system sharing method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201510688068.8A CN105404640A (en) 2015-10-21 2015-10-21 Unified authority management based ZFS file system sharing method

Publications (1)

Publication Number Publication Date
CN105404640A true CN105404640A (en) 2016-03-16

Family

ID=55470130

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201510688068.8A Pending CN105404640A (en) 2015-10-21 2015-10-21 Unified authority management based ZFS file system sharing method

Country Status (1)

Country Link
CN (1) CN105404640A (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106686123A (en) * 2017-01-23 2017-05-17 郑州云海信息技术有限公司 Storage system suitable for multi-user scenario
CN107783872A (en) * 2017-10-27 2018-03-09 郑州云海信息技术有限公司 The method of testing and device of distributed storage product ACL fast response characteristic
CN108696496A (en) * 2017-03-31 2018-10-23 慧与发展有限责任合伙企业 Multi-protocols accesses control list

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0875846A2 (en) * 1997-05-02 1998-11-04 Sony Electronics Inc. Multimedia information transfer via a wide area network
US6356934B1 (en) * 1997-04-28 2002-03-12 Sabre Inc. Intermediate server having control program for storing content accessed during browsing sessions and playback program for asynchronously replaying browsing sessions
CN103685579A (en) * 2014-01-13 2014-03-26 浪潮(北京)电子信息产业有限公司 Shared access method of cluster NAS (network attached storage) system
CN104539665A (en) * 2014-12-15 2015-04-22 北京极科极客科技有限公司 Remote file control system based on routers

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6356934B1 (en) * 1997-04-28 2002-03-12 Sabre Inc. Intermediate server having control program for storing content accessed during browsing sessions and playback program for asynchronously replaying browsing sessions
EP0875846A2 (en) * 1997-05-02 1998-11-04 Sony Electronics Inc. Multimedia information transfer via a wide area network
CN103685579A (en) * 2014-01-13 2014-03-26 浪潮(北京)电子信息产业有限公司 Shared access method of cluster NAS (network attached storage) system
CN104539665A (en) * 2014-12-15 2015-04-22 北京极科极客科技有限公司 Remote file control system based on routers

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
刘坤峰: "基于开源软件的网页维护FTP配置", 《中国教育网络》 *

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106686123A (en) * 2017-01-23 2017-05-17 郑州云海信息技术有限公司 Storage system suitable for multi-user scenario
CN108696496A (en) * 2017-03-31 2018-10-23 慧与发展有限责任合伙企业 Multi-protocols accesses control list
CN108696496B (en) * 2017-03-31 2020-12-01 慧与发展有限责任合伙企业 Multi-protocol access control method and storage system
CN107783872A (en) * 2017-10-27 2018-03-09 郑州云海信息技术有限公司 The method of testing and device of distributed storage product ACL fast response characteristic

Similar Documents

Publication Publication Date Title
US11856050B2 (en) Multi-tenant-cloud-aggregation and application-support system
US10326769B2 (en) Extensible multi-tenant cloud-management system and methods for extending functionalities and services provided by multi-tenant cloud-management system
US10922284B1 (en) Extensible framework for managing multiple Hadoop clusters
US10740145B2 (en) Method and system for migration of virtual machines and virtual applications between cloud-computing facilities
US9391801B2 (en) Virtual private networks distributed across multiple cloud-computing facilities
US9672071B2 (en) Method and system for distributed processing of HTTP requests
US9389893B2 (en) Method and system for migration of virtual machines and virtual applications between cloud-computing facilities through multiplexed secure tunnels
US9329894B2 (en) Method and apparatus for extending local area networks between clouds and permanently migrating virtual machines using static network addresses
US9430256B2 (en) Method and apparatus for migrating virtual machines between cloud computing facilities using multiple extended local virtual networks and static network addresses
US8984269B2 (en) Migrating data among cloud-based storage networks via a data distribution service
US20170293501A1 (en) Method and system that extends a private data center to encompass infrastructure allocated from a remote cloud-computing facility
US8606878B2 (en) Systems and methods for de-populating cloud data store
US10372433B2 (en) Caching and analyzing images for faster and simpler cloud application deployment
US20120221684A1 (en) Systems and methods for staged data migration between data sources and cloud-based storage network
US20180137296A1 (en) Providing containers access to container daemon in multi-tenant environment
CN103581187A (en) Method and system for controlling access rights
Groß et al. Towards user centric data governance and control in the cloud
US10891386B2 (en) Dynamically provisioning virtual machines
CN105404640A (en) Unified authority management based ZFS file system sharing method
Zarei et al. Past, present and future of Hadoop: A survey
US11252157B1 (en) Permission management for electronic resources
US20130086140A1 (en) Cloud management system and method
Yan Cloud storage services
US20200045050A1 (en) Reverse identity federation in distributed cloud systems
CN116566656A (en) Resource access method, device, equipment and computer storage medium

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20160316

RJ01 Rejection of invention patent application after publication