Distributed computing environment By: Manish Bhardwaj

Distributed Computing Environment (DCE) Introduction Originally developed by Open Software Foundation (OSF), which is now called The Open Group (www.opengroup.org) Provides a set of tools and services which simplify and support the development and operation of distributed applications an example of “middleware” a layer of software that sits on top of the host operating system (e.g., UNIX) and networking services, and provides a single, transparent distributed computing environment based on the Client/Server Model

Why Use DCE? Harnesses available computing resources Increases availability Facilitates collaborative work and minimizes storage limitations Tracks data and programs that move around Accommodates heterogeneous data Helps maintain distributed applications Helps synchronize events Protects distributed resources

DCE Services

DCE Supporting Models Client/Server Model RPC Model Data Sharing Model Distributed Object Model

Application Of DCE Microsoft DCOM ODBC

DCE Architecture Overview

Components of DCE Process and Thread Provides Programming layout for concurrent applicati-ons. Create and control multiple threads of execution in a single process. Synchronization to access for global data within an a-pplication .

RPC Provide tools to provide client –Server application. Provides basis for all communication in DCE. N/w and Protocol independent. Secure communication b/n client and server. Automatically convert data to appropriate format needed by client and servers.

DTS Time Service is provided in synchronization. Maps time sources from external source to other external destination.

Name Services CDS( cell directory service), GDS( global directory service) and global directory agent (GDA) are there. Naming is provided uniquely and location transparen--cy is achieved.

Security Service Authentication and authorization to protect system resources against illegitimate access.

DFS Ensures Location Transparency High Performance High availability Provides file services to clients of other file systems.

DCE RPC the fundamental communications mechanism allows direct calls to procedures on remote systems as if they were local procedure calls simplifies the development of distributed applications by eliminating the need to explicitly program the network communications between the client and server masks differences in data representations on different hardware platforms, allowing distributed programs to work transparently across heterogeneous systems

How DCE RPC works ?

Binding in RPC Client must be able to find the server before making an RPC call. This can be done by asking the directory service for the location of the server. Server should first advertise itself in the directory by adding its namespace, interfaces implemented, protocols used for communication and location

Example for RPC

Directory Services DCE Cell Directory Service (CDS) is the mechanism for logically naming objects within a DCE cell (a group of client and server machines) Applications identify resources by name, without needing to know where the resources are located DCE cells can also participate in a worldwide directory service using the DCE Global Directory (GDS), which is based on the X.500 standard, or the Internet-system Domain Name Service (DNS)

Distributed Time Service Problem with clocks in distributed environment DCE/DTS provides synchronized time for users in distributed computing environment Supports event sequencing, duration and scheduling Synchronized with UTC, an international time standard

Keeps machine’s local time synchronized by querying the time servers Time Clerk Keeps machine’s local time synchronized by querying the time servers Time Server Answers the time queries Could query other time servers Three different Types Local Time Server Global Time server Courier Time Server

DCE/DTS Courier time server synchronizes with a global time server DTS time format is UTC (an universal standard supported by NIST) – broadcast by a variety of sources

Security Service DCE Security Service provides the mechanisms for writing applications that support secure communications between clients and servers enables processes on different machines to be certain of one another’s identities (authentication) allows a server to determine whether a given user is authorized to access a particular resource (authorization) supports several protection levels for messages as they travel across the network

DCE Security Service Provides trustworthy identification of users, clients, servers and systems (principles) Provides integrity and privacy of communications 2 way authentication scheme. Ensures security by implementing a trusted third party approach based on Kerberos technology

Three Co-operative services Registry Service Authentication Service Manages cell’s security database Authentication Service Provides trustworthy identification Privilege Service Provides authorization information Additional Facilities Access Control List List of authorized users for a resource Login Facility Initializing the user’s security environment

Working of DCE/Security service

Distrusted File Service DCE Distributed File Service (DFS) is a high-performance, scalable, secure method for sharing remote files DFS appears to the user as a local file systems, providing access to files form anywhere in the network for any user, with the same filename used by all (uniform file access) DFS includes many advanced features not found in traditional distributed file systems, including caching, security, and scalability over wide-area networks

DCE Distributed File System It is a distributed client/server application built over underlying DCE components Features of DCE/DFS Uniform File Access Intracell Location Transparency Performance Availability Integration Interoperation Standards – POSIX 1003.1

DFS data is organized at three levels Files and Directories FileSets Aggregates

DCE/DFS Components Cache Manager File Exporter Token Manager Client side of DFS and uses local cache for access File Exporter Server side of DFS Runs on a DFS file server machine Token Manager Synchronize access to files by multiple clients by issuing token that carry access rights. Types of tokens Data Tokens Status Tokens Lock Tokens Open Tokens

Additional File Servers DCE Local File System Physical file system provided within DCE for storage of files More powerful than UNIX file system Flexible Data Protection through ACL Ability to replicate, backup and move transparently Logging for fast recovery after a crash Additional File Servers FileSet Server Basic Overseer Server Replication Server Update Server Backup Server Fileset Location Server

DCE/DFS

Distributed Time Service Provides a way to synchronize the clocks on the different machines in a distributed system Threads DCE supports multi-threaded applications i.e., programs that use “lightweight” processes to perform many actions concurrently DCE Threads are based on the POSIX threading standard

The Domain of the Distributed Environment DCE Cells The Domain of the Distributed Environment DCE can provide scalable computing environment - Small environment * two network hosts * typically consists of a single group of users who share common goals - large environment * a network (or internetworks) of thousands of hosts * typically consists of a diverse groups of users, each group having its own goals and pool of shared resources a cell is the basic unit of operation and administration a cell is a group of users, hosts, and resources that share common DCE services

Distributed Operation in a DCE Cell Cell Configurations at a minimum, a cell includes CDS, Security Service and Time Service Distributed Operation in a DCE Cell

DCE Client and Server Software

A Simple DCE Cell

Cell with DFS and Multiple DCE Clients

Cells and Naming The DCE Directory Service consists of two directory services: CDS & GDS CDS manages names inside cells GDS manages names outside cells and between cells GDS is an implementation of a directory standard known as X.500 Directory Service (XDS)

Domain Name Service (DNS) - another widely used existing global name service - used primarily as a name service for Internet host names although DNS is not a part of DCE, support for cells to address each other through DNS is provided Global Directory Agent (GDA) makes inter-cell communication possible

- begins with the … prefix DCE naming environment supports two kinds of names: Global and Local (cell-relative) names Global Names - begins with the … prefix - can refer to an object within a cell or an object outside of a cell Example 1 - uses X.500 name for global cell name Example 2 - uses DNS name for global cell name

- do not include a global cell name - begins with the /.: prefix Local Names - do not include a global cell name - begins with the /.: prefix Example: /…/C=US/O=XYZ/OU=Portland/subsys/PriceMax/price_server1 /.:/subsys/PriceMax/price_server 1 are equivalent when used within the cell named /…/C=US/O=XYZ/OU=Portland

Junctions some services connect into the cell by means of specialized CDS entries called “junctions” contain binding information that enables a client to connect to a server outside the Directory Service (e.g., Security Service, DFS) Example 1 - Security Service Junction(/.:/sec) Example 2 - DFS Junction (/.:/fs)

DCE RPC Enhanced version of the HP’s NCS (Network Computing System) RPC DCE threads allow increased concurrency in servers and clients supports TCP and UDP transport services authenticated RPC supported Interface Definition Language the service interfaces are defined by DCE IDL a universal unique identifier (UUID) in the interface distinguishes this interface form any other interface UUIDs are generated by uuidgen

Distributed Application Development Tasks

DCE client (runtime library) finds a server using a two-step process Binding DCE client (runtime library) finds a server using a two-step process The client gets the server’s host address from the CDS The client finds the server process address by searching the host’s endpoint map (which is maintained by RPC daemon, rpcd) Basic server initialization steps: Register each interface with the server runtime library Register protocol sequences that the server will use for RPCs Advertise the server location to clients Listen for remote procedure calls

Advertising Server Interface

Finding a Server

More on DCE More information on DCE can be found from The Open Group (http://www.opengroup.org/dce) Free DCE software can be downloaded from (http://www.opengroup.org/dce/download/)