Presentation is loading. Please wait.

Presentation is loading. Please wait.

Federated, Available, and Reliable Storage for an Incompletely Trusted Environment Atul Adya, Bill Bolosky, Miguel Castro, Gerald Cermak, Ronnie Chaiken,

Published byEleanore Griffith Modified over 9 years ago

Similar presentations

Presentation on theme: "Federated, Available, and Reliable Storage for an Incompletely Trusted Environment Atul Adya, Bill Bolosky, Miguel Castro, Gerald Cermak, Ronnie Chaiken,"— Presentation transcript:

1 Federated, Available, and Reliable Storage for an Incompletely Trusted Environment Atul Adya, Bill Bolosky, Miguel Castro, Gerald Cermak, Ronnie Chaiken, John Douceur, Jon Howell, Jay Lorch, Marvin Theimer, Roger Wattenhoffer

2 Project Goal Build a scalable serverless file system Security against malicious attacks is a necessity Byzantine protocols for untrusted infrastructure Leases, caching, batching to reduce overhead Separate replication for file and directory info

3 Talk Outline Overview Architecture Implementation Related Work Conclusions

4 Why Serverless? Servers are … Reliant on system operators to –Perform maintenance functions –Not read/modify users’ files Expensive (special hardware) –High-performance I/O, RAID disk, special rooms Centralized points of failure High-value targets for attacks

5 Farsite Solution Global file store

6 Farsite vs. central file server Same functionality –Shared namespace –File and directory write-sharing –Strong consistency Better privacy: Uses cryptography –Less vulnerability to system operators Higher availability: Uses Byzantine fault-tolerance –More resilient to malicious attacks Cheaper –Implemented using client desktop machines –Reduced administration

7 Target Environment Large university or company –Fast network –Ignore different link bandwidth and latency Rough scale: –10 5 total machines –10 10 total files –10 15 total bytes Parts of network may be compromised Small fraction of machines may be attacked

8 Enabling Trends Availability: enough disk space for replicas –Low disk costs –Unused disk capacity –Duplicate files: ~50% space savings [Sigmetrics00] Privacy: fast crypto –Symmetric encryption: 225 MB/sec –Disk sequential I/O bandwidth: 30 – 40 MB/sec –Digital signature: 4 msec

9 Project Non-Goals Efficient large-scale write sharing Database semantics High-performance parallel I/O Disconnected operation with offline conflicts

10 Talk Outline Overview Architecture –Space efficiency –Reducing expensive operations Implementation Related Work Conclusions

11 Farsite from 10,000 feet / UsersShared CuspCruftAliceBobCharlie Docs viemacsPowerPointExchange

12 Traditional Byzantine Approach [CL99] Client File Meta-Data Byzantine fault- tolerant protocol Byzantine servers 3f +1 file copies to handle f failures

13 Farsite: BFT only for meta-data Client Byzantine fault- tolerant protocol Directory group File hosts f + 1 file copies for f failures

14 Data integrity rooted in BFT Directories/meta-data maintained via BFT –Perform trusted computation on behalf of clients –3f + 1 replicas for tolerating f faults –Consume less than 1% of space Files replicated via simple replication –f +1 replicas to tolerate f faults –File content hash in meta-data allows verification –Average file size: 100 KB

15 Talk Outline Overview Architecture –Space efficiency –Reducing expensive operations Implementation Related Work Conclusions

16 Reducing Critical Path Delays Cost of Byzantine operations: –Less than 8 msec for 10 replicas –200 messages for 10 replicas Reducing Byzantine operations on critical path: Localizing operations: leases Optimizing writes: batching and lazy updates

17 Localizing Operations via Leases Content leases: File data consistency Name leases: Namespace consistency Mode leases: Windows file-sharing semantics Access leases: Windows deletion semantics

18 Optimizing Updates: Batching Memory Disk Update Op Client Updates Directory group File hosts Byzantine-fault- tolerant protocol

19 Talk Outline Overview Architecture Implementation Related Work Conclusions

20 Software Structure Directory ServerFile HostClient Byzantine Protocol Layer Application Farsite Driver NTFS Farsite Local Manager User Kernel

21 Performance Method –1-hour representative trace from 3-week traces –Played at real time (~ 450,000 operations) –Measured aggregate file operations latency Results (Untuned system) –20% faster than central file system (CIFS) –6x slower than NTFS

22 Performance Analysis Fine tuning needed to compete with local FS –Half of performance penalty on slow stat path Untuned system faster than central server –Due to client disk caching and leases Exploit low average file system load –Push batched updates in background

23 Future Work Implementation work –Directory group delegation –Metadata checkpointing and recovery –Distributed duplicate-content detection Design work –Monitoring machine availability for file replication –Quota management for fair space allocation

24 Related Work Distributed File Systems –NFS, AFS, xFS, Frangipani, BFS, SFS, SUNDR: require trusted servers/clients or unscalable Peer-to-peer immutable storage systems –CFS, PAST, Eternity Service, Freenet, Pasis, Intermemory Peer-to-peer mutable storage systems –Oceanstore, Pangaea, Ivy Separation of directory and file info –Napster

25 Conclusions If you build a scalable serverless file system  security is a necessary pre-requisite for scalability Farsite distributed file system: Operates securely on untrusted client machines Replicates file and directory information separately Leases, caching, batching reduce overhead Untuned system performs acceptably

Download ppt "Federated, Available, and Reliable Storage for an Incompletely Trusted Environment Atul Adya, Bill Bolosky, Miguel Castro, Gerald Cermak, Ronnie Chaiken,"

Similar presentations

System Area Network Abhiram Shandilya 12/06/01. Overview Introduction to System Area Networks SAN Design and Examples SAN Applications.

System Area Network Abhiram Shandilya 12/06/01. Overview Introduction to System Area Networks SAN Design and Examples SAN Applications.
SPORC: Group Collaboration using Untrusted Cloud Resources Ariel J. Feldman, William P. Zeller, Michael J. Freedman, Edward W. Felten Published in OSDI’2010.

SPORC: Group Collaboration using Untrusted Cloud Resources Ariel J. Feldman, William P. Zeller, Michael J. Freedman, Edward W. Felten Published in OSDI’2010.
Clayton Sullivan PEER-TO-PEER NETWORKS. INTRODUCTION What is a Peer-To-Peer Network A Peer Application Overlay Network Network Architecture and System.

Clayton Sullivan PEER-TO-PEER NETWORKS. INTRODUCTION What is a Peer-To-Peer Network A Peer Application Overlay Network Network Architecture and System.
FARSITE: Federated, Available, and Reliable Storage for an Incompletely Trusted Environment Presented by: Boon Thau Loo CS294-4 (Adapted from Adya’s OSDI’02.

FARSITE: Federated, Available, and Reliable Storage for an Incompletely Trusted Environment Presented by: Boon Thau Loo CS294-4 (Adapted from Adya’s OSDI’02.
The SMART Way to Migrate Replicated Stateful Services Jacob R. Lorch, Atul Adya, Bill Bolosky, Ronnie Chaiken, John Douceur, Jon Howell Microsoft Research.

The SMART Way to Migrate Replicated Stateful Services Jacob R. Lorch, Atul Adya, Bill Bolosky, Ronnie Chaiken, John Douceur, Jon Howell Microsoft Research.
Pond: the OceanStore Prototype CS 6464 Cornell University Presented by Yeounoh Chung.

Pond: the OceanStore Prototype CS 6464 Cornell University Presented by Yeounoh Chung.
Serverless Network File Systems. Network File Systems Allow sharing among independent file systems in a transparent manner Mounting a remote directory.

Serverless Network File Systems. Network File Systems Allow sharing among independent file systems in a transparent manner Mounting a remote directory.
Byzantine Fault Isolation in the Farsite Distributed File System John R. Douceur and Jon Howell.

Byzantine Fault Isolation in the Farsite Distributed File System John R. Douceur and Jon Howell.
Peer-to-peer archival data trading Brian Cooper Joint work with Hector Garcia-Molina (and others) Stanford University.

Peer-to-peer archival data trading Brian Cooper Joint work with Hector Garcia-Molina (and others) Stanford University.
Web Caching Schemes1 A Survey of Web Caching Schemes for the Internet Jia Wang.

Web Caching Schemes1 A Survey of Web Caching Schemes for the Internet Jia Wang.
1 Principles of Reliable Distributed Systems Tutorial 12: Frangipani Spring 2009 Alex Shraer.

1 Principles of Reliable Distributed Systems Tutorial 12: Frangipani Spring 2009 Alex Shraer.
Lecture 6 – Google File System (GFS) CSE 490h – Introduction to Distributed Computing, Winter 2008 Except as otherwise noted, the content of this presentation.

Lecture 6 – Google File System (GFS) CSE 490h – Introduction to Distributed Computing, Winter 2008 Except as otherwise noted, the content of this presentation.
Comparison and Performance Evaluation of SAN File System Yubing Wang & Qun Cai.

Comparison and Performance Evaluation of SAN File System Yubing Wang & Qun Cai.
Mondo Bringing Distributed File Systems to the People Xavid Pretzer Bringing Distributed File Systems to the People Xavid Pretzer.

Mondo Bringing Distributed File Systems to the People Xavid Pretzer Bringing Distributed File Systems to the People Xavid Pretzer.
Large Scale Sharing GFS and PAST Mahesh Balakrishnan.

Large Scale Sharing GFS and PAST Mahesh Balakrishnan.
G22.3250-001 Robert Grimm New York University Farsite: A Serverless File System.

G Robert Grimm New York University Farsite: A Serverless File System.
Squirrel: A decentralized peer- to-peer web cache Paul Burstein 10/27/2003.

Squirrel: A decentralized peer- to-peer web cache Paul Burstein 10/27/2003.
OceanStore: An Architecture for Global-Scale Persistent Storage Professor John Kubiatowicz, University of California at Berkeley

OceanStore: An Architecture for Global-Scale Persistent Storage Professor John Kubiatowicz, University of California at Berkeley
Concurrency Control & Caching Consistency Issues and Survey Dingshan He November 18, 2002.

Concurrency Control & Caching Consistency Issues and Survey Dingshan He November 18, 2002.
Farsite: Ferderated, Available, and Reliable Storage for an Incompletely Trusted Environment Microsoft Reseach, Appear in OSDI’02.

Farsite: Ferderated, Available, and Reliable Storage for an Incompletely Trusted Environment Microsoft Reseach, Appear in OSDI’02.

Similar presentations

Ads by Google