Federated, Available, and Reliable Storage for an Incompletely Trusted Environment Atul Adya, Bill Bolosky, Miguel Castro, Gerald Cermak, Ronnie Chaiken,

Slides:

Advertisements

Similar presentations

System Area Network Abhiram Shandilya 12/06/01. Overview Introduction to System Area Networks SAN Design and Examples SAN Applications.

Advertisements

SPORC: Group Collaboration using Untrusted Cloud Resources Ariel J. Feldman, William P. Zeller, Michael J. Freedman, Edward W. Felten Published in OSDI’2010.

Clayton Sullivan PEER-TO-PEER NETWORKS. INTRODUCTION What is a Peer-To-Peer Network A Peer Application Overlay Network Network Architecture and System.

FARSITE: Federated, Available, and Reliable Storage for an Incompletely Trusted Environment Presented by: Boon Thau Loo CS294-4 (Adapted from Adya’s OSDI’02.

The SMART Way to Migrate Replicated Stateful Services Jacob R. Lorch, Atul Adya, Bill Bolosky, Ronnie Chaiken, John Douceur, Jon Howell Microsoft Research.

Pond: the OceanStore Prototype CS 6464 Cornell University Presented by Yeounoh Chung.

Serverless Network File Systems. Network File Systems Allow sharing among independent file systems in a transparent manner Mounting a remote directory.

Byzantine Fault Isolation in the Farsite Distributed File System John R. Douceur and Jon Howell.

Peer-to-peer archival data trading Brian Cooper Joint work with Hector Garcia-Molina (and others) Stanford University.

Web Caching Schemes1 A Survey of Web Caching Schemes for the Internet Jia Wang.

1 Principles of Reliable Distributed Systems Tutorial 12: Frangipani Spring 2009 Alex Shraer.

Lecture 6 – Google File System (GFS) CSE 490h – Introduction to Distributed Computing, Winter 2008 Except as otherwise noted, the content of this presentation.

Comparison and Performance Evaluation of SAN File System Yubing Wang & Qun Cai.

Mondo Bringing Distributed File Systems to the People Xavid Pretzer Bringing Distributed File Systems to the People Xavid Pretzer.

Large Scale Sharing GFS and PAST Mahesh Balakrishnan.

G Robert Grimm New York University Farsite: A Serverless File System.

Squirrel: A decentralized peer- to-peer web cache Paul Burstein 10/27/2003.

OceanStore: An Architecture for Global-Scale Persistent Storage Professor John Kubiatowicz, University of California at Berkeley

Concurrency Control & Caching Consistency Issues and Survey Dingshan He November 18, 2002.

Farsite: Ferderated, Available, and Reliable Storage for an Incompletely Trusted Environment Microsoft Reseach, Appear in OSDI’02.

Wide-area cooperative storage with CFS

University of Pennsylvania 11/21/00CSE 3801 Distributed File Systems CSE 380 Lecture Note 14 Insup Lee.

Northwestern University 2007 Winter – EECS 443 Advanced Operating Systems The Google File System S. Ghemawat, H. Gobioff and S-T. Leung, The Google File.

RAID-x: A New Distributed Disk Array for I/O-Centric Cluster Computing Kai Hwang, Hai Jin, and Roy Ho.

Network File Systems Victoria Krafft CS /4/05.

Storage management and caching in PAST PRESENTED BY BASKAR RETHINASABAPATHI 1.

Network File Systems II Frangipani: A Scalable Distributed File System A Low-bandwidth Network File System.

Sanjay Ghemawat, Howard Gobioff, and Shun-Tak Leung Google∗

Presented by: Alvaro Llanos E.  Motivation and Overview  Frangipani Architecture overview  Similar DFS  PETAL: Distributed virtual disks ◦ Overview.

Distributed File Systems Concepts & Overview. Goals and Criteria Goal: present to a user a coherent, efficient, and manageable system for long-term data.

Review Session for Fourth Quiz Jehan-François Pâris Summer 2011.

SANPoint Foundation Suite HA Robert Soderbery Sr. Director, Product Management VERITAS Software Corporation.

FARSITE: Federated, Available, and Reliable Storage for an Incompletely Trusted Environment.

1 The Google File System Reporter: You-Wei Zhang.

P EER - TO -P EER N ETWORKS Michael Fine 1. W HAT ARE P EER -T O -P EER N ETWORKS ? Napster Social networking spawned from this concept. Emerged in the.

CSC 456 Operating Systems Seminar Presentation (11/13/2012) Leon Weingard, Liang Xin The Google File System.

Version 4.0. Objectives Describe how networks impact our daily lives. Describe the role of data networking in the human network. Identify the key components.

Cooperative File System. So far we had… - Consistency BUT… - Availability - Partition tolerance ?

FARSITE: Federated, Available and Reliable Storage for an Incompletely Trusted Environment A. Atta, W. J. Bolowsky, M. Castro, G. Cermak, R. Chaiken, J.

Failure Resilience in the Peer-to-Peer-System OceanStore Speaker: Corinna Richter.

1 Configurable Security for Scavenged Storage Systems NetSysLab The University of British Columbia Abdullah Gharaibeh with: Samer Al-Kiswany, Matei Ripeanu.

Chapter 20 Distributed File Systems Copyright © 2008.

Practical Byzantine Fault Tolerance

Presenters: Rezan Amiri Sahar Delroshan

PARALLEL DATA LABORATORY Carnegie Mellon University An Architecture for Self-  Storage Systems Andrew Klosterman, John Strunk Greg Ganger.

Peer-to-peer Information Systems Universität des Saarlandes Max-Planck-Institut für Informatik – AG5: Databases and Information Systems Group Prof. Dr.-Ing.

Robustness in the Salus scalable block store Yang Wang, Manos Kapritsos, Zuocheng Ren, Prince Mahajan, Jeevitha Kirubanandam, Lorenzo Alvisi, and Mike.

Paper Survey of DHT Distributed Hash Table. Usages Directory service  Very little amount of information, such as URI, metadata, … Storage  Data, such.

1 JTE HPC/FS Pastis: a peer-to-peer file system for persistant large-scale storage Jean-Michel Busca Fabio Picconi Pierre Sens LIP6, Université Paris 6.

Lock Services in Distributed File Systems Shaan Mahbubani Anshuman Gupta Ravi Vijay Anup Tapadia UCSD CSE 221 Operating Systems - Winter 07.

1 Secure Peer-to-Peer File Sharing Frans Kaashoek, David Karger, Robert Morris, Ion Stoica, Hari Balakrishnan MIT Laboratory.

 Cachet Technologies 1998 Cachet Technologies Technology Overview February 1998.

HADOOP DISTRIBUTED FILE SYSTEM HDFS Reliability Based on “The Hadoop Distributed File System” K. Shvachko et al., MSST 2010 Michael Tsitrin 26/05/13.

POND: THE OCEANSTORE PROTOTYPE S. Rea, P. Eaton, D. Geels, H. Weatherspoon, J. Kubiatowicz U. C. Berkeley.

Google File System Robert Nishihara. What is GFS? Distributed filesystem for large-scale distributed applications.

GPFS: A Shared-Disk File System for Large Computing Clusters Frank Schmuck & Roger Haskin IBM Almaden Research Center.

1 CEG 2400 Fall 2012 Network Servers. 2 Network Servers Critical Network servers – Contain redundant components Power supplies Fans Memory CPU Hard Drives.

Distributed File System. Outline Basic Concepts Current project Hadoop Distributed File System Future work Reference.

Chapter Five Distributed file systems. 2 Contents Distributed file system design Distributed file system implementation Trends in distributed file systems.

The Google File System Sanjay Ghemawat, Howard Gobioff, and Shun-Tak Leung Presenter: Chao-Han Tsai (Some slides adapted from the Google’s series lectures)

Introduction to Distributed Platforms

Slicer: Auto-Sharding for Datacenter Applications

Gregory Kesden, CSE-291 (Storage Systems) Fall 2017

Gregory Kesden, CSE-291 (Cloud Computing) Fall 2016

Outline Midterm results summary Distributed file systems – continued

A Redundant Global Storage Architecture

Replica Placement Model: We consider objects (and don’t worry whether they contain just data or code, or both) Distinguish different processes: A process.

The SMART Way to Migrate Replicated Stateful Services

Federated, Available, and Reliable Storage for an Incompletely Trusted Environment Atul Adya, William J. Bolosky, Miguel Castro, Gerald Cermak, Ronnie.

Presentation transcript:

Federated, Available, and Reliable Storage for an Incompletely Trusted Environment Atul Adya, Bill Bolosky, Miguel Castro, Gerald Cermak, Ronnie Chaiken, John Douceur, Jon Howell, Jay Lorch, Marvin Theimer, Roger Wattenhoffer

Project Goal Build a scalable serverless file system Security against malicious attacks is a necessity Byzantine protocols for untrusted infrastructure Leases, caching, batching to reduce overhead Separate replication for file and directory info

Talk Outline Overview Architecture Implementation Related Work Conclusions

Why Serverless? Servers are … Reliant on system operators to –Perform maintenance functions –Not read/modify users’ files Expensive (special hardware) –High-performance I/O, RAID disk, special rooms Centralized points of failure High-value targets for attacks

Farsite Solution Global file store

Farsite vs. central file server Same functionality –Shared namespace –File and directory write-sharing –Strong consistency Better privacy: Uses cryptography –Less vulnerability to system operators Higher availability: Uses Byzantine fault-tolerance –More resilient to malicious attacks Cheaper –Implemented using client desktop machines –Reduced administration

Target Environment Large university or company –Fast network –Ignore different link bandwidth and latency Rough scale: –10 5 total machines –10 10 total files –10 15 total bytes Parts of network may be compromised Small fraction of machines may be attacked

Enabling Trends Availability: enough disk space for replicas –Low disk costs –Unused disk capacity –Duplicate files: ~50% space savings [Sigmetrics00] Privacy: fast crypto –Symmetric encryption: 225 MB/sec –Disk sequential I/O bandwidth: 30 – 40 MB/sec –Digital signature: 4 msec

Project Non-Goals Efficient large-scale write sharing Database semantics High-performance parallel I/O Disconnected operation with offline conflicts

Talk Outline Overview Architecture –Space efficiency –Reducing expensive operations Implementation Related Work Conclusions

Farsite from 10,000 feet / UsersShared CuspCruftAliceBobCharlie Docs viemacsPowerPointExchange

Traditional Byzantine Approach [CL99] Client File Meta-Data Byzantine fault- tolerant protocol Byzantine servers 3f +1 file copies to handle f failures

Farsite: BFT only for meta-data Client Byzantine fault- tolerant protocol Directory group File hosts f + 1 file copies for f failures

Data integrity rooted in BFT Directories/meta-data maintained via BFT –Perform trusted computation on behalf of clients –3f + 1 replicas for tolerating f faults –Consume less than 1% of space Files replicated via simple replication –f +1 replicas to tolerate f faults –File content hash in meta-data allows verification –Average file size: 100 KB

Talk Outline Overview Architecture –Space efficiency –Reducing expensive operations Implementation Related Work Conclusions

Reducing Critical Path Delays Cost of Byzantine operations: –Less than 8 msec for 10 replicas –200 messages for 10 replicas Reducing Byzantine operations on critical path: Localizing operations: leases Optimizing writes: batching and lazy updates

Localizing Operations via Leases Content leases: File data consistency Name leases: Namespace consistency Mode leases: Windows file-sharing semantics Access leases: Windows deletion semantics

Optimizing Updates: Batching Memory Disk Update Op Client Updates Directory group File hosts Byzantine-fault- tolerant protocol

Talk Outline Overview Architecture Implementation Related Work Conclusions

Software Structure Directory ServerFile HostClient Byzantine Protocol Layer Application Farsite Driver NTFS Farsite Local Manager User Kernel

Performance Method –1-hour representative trace from 3-week traces –Played at real time (~ 450,000 operations) –Measured aggregate file operations latency Results (Untuned system) –20% faster than central file system (CIFS) –6x slower than NTFS

Performance Analysis Fine tuning needed to compete with local FS –Half of performance penalty on slow stat path Untuned system faster than central server –Due to client disk caching and leases Exploit low average file system load –Push batched updates in background

Future Work Implementation work –Directory group delegation –Metadata checkpointing and recovery –Distributed duplicate-content detection Design work –Monitoring machine availability for file replication –Quota management for fair space allocation

Related Work Distributed File Systems –NFS, AFS, xFS, Frangipani, BFS, SFS, SUNDR: require trusted servers/clients or unscalable Peer-to-peer immutable storage systems –CFS, PAST, Eternity Service, Freenet, Pasis, Intermemory Peer-to-peer mutable storage systems –Oceanstore, Pangaea, Ivy Separation of directory and file info –Napster

Conclusions If you build a scalable serverless file system  security is a necessary pre-requisite for scalability Farsite distributed file system: Operates securely on untrusted client machines Replicates file and directory information separately Leases, caching, batching reduce overhead Untuned system performs acceptably