Novell Storage Services ™  File System Performance, Clustering and Auditing in Novell ®  Open Enterprise Server on Linux M...
Agenda <ul><li>Novell Storage Services ™ Feature and Architecture Review
Novell Storage Services and NCP ™ Tuning and Troubleshooting
Novell Storage Services Auditing (Vigil) </li></ul>
Novell Storage Services ™ Feature and Architecture Review
Novell Storage Services ™  Features <ul><li>Trustee Model </li><ul><li>Inherited Rights
Visibility </li></ul><li>Salvage
Directory Quotas
User Quotas
Compression
Data Shredding
Immediate Flush </li></ul>
Novell Storage Services ™  Features <ul><li>Multiple Name Spaces
Distributed File Services (DFS)
Multiple Server Activation Prevention
Archive / Versioning enabled
Logical Volumes and Pools
Encryption
Pool Snapshot
File Snapshot (COW) </li></ul>
Architecture:  Novell Storage Services ™  on Linux User Kernel Device Drivers EVMS (Enterprise Volume Management System) M...
Architecture:  Novell Storage Services ™  on Linux Device Drivers EVMS (Enterprise Volume Management System) Media Manager...
EVMS  (Enterprise Volume Management System) <ul><li>Allows NSS pools to be moved between NetWare ®  and OES Linux </li><ul...
NetWare-created pools can mount on Linux
Linux-created pools can mount on NetWare
Must   stick to iManager and  nssmu </li></ul></ul>Device Drivers EVMS (Enterprise Volume Management System) Media Manager...
Novell Storage Services ™ <ul><li>NSS automatically mounted in NCP ™ </li><ul><li>Disable NCP via Remote Manager </li><ul>...
All features work as NetWare ® </li><ul><li>Except non-LUM modifier, archiver  and deleter of files show as root </li></ul...
eDirectory ™ <ul><li>eDirectory users can access NSS
Local users require LUM </li><ul><li>NSS uses eDirectory GUIDs internally
Linux uses UIDs internally
Linux passes UIDs to NSS
LUM links GUID to UID via eDirectory </li></ul><li>NSS maintains multiple ID caches </li><ul><li>G2I, I2G and SEV caches <...
VFS  (Virtual File Services) <ul><li>Registers NSS as a normal Linux file system </li><ul><li>POSIX rwx attributes represe...
Write:  Set unless file is read-only
Execute:  NetWare Execute attribute (cannot copy) or subdirectory </li></ul></ul><li>Most access to NSS is via VFS (POSIX ...
Some access to NSS directly via zAPI </li><ul><li>e.g. SMS, AFP </li></ul><li>Trustee rights are enforced </li></ul>Device...
VFS  (Virtual File Services) Device Drivers EVMS (Enterprise Volume Management System) Media Manager Logic NSS Storage Sub...
VFS  (Virtual File Services) (1)  Create File  foo.txt  logged in as Joe with a UID of 705 Client NSS Device Drivers EVMS ...
VFS  (Virtual File Services) (1)  Create File  foo.txt  logged in as Joe with a UID of 705 (2)  NSS requests eDirectory na...
VFS  (Virtual File Services) (1)  Create File  foo.txt  logged in as Joe with a UID of 705 (2)  NSS requests eDirectory na...
VFS  (Virtual File Services) (1)  Create File  foo.txt  logged in as Joe with a UID of 705 (2)  NSS requests eDirectory na...
NCP ™  Server <ul><li>Communicates with NSS Via VFS </li><ul><li>Runs as part of eDirectory ™  (ndsd)
No standalone NCP daemon </li><ul><li>/etc/opt/novell/ncpserv.conf
/var/opt/novell/log/ncpserv.log </li></ul><li>ncp2nss daemon </li><ul><li>/etc/opt/novell/ncp2nss.conf
/var/opt/novell/log/ncp2nss.log </li></ul><li>Also uses Extended Attributes and _admin
Processes NEB events from NSS </li></ul><li>Maintains own trustee store </li><ul><li>Synchronised with NSS </li></ul></ul>...
NCP ™  Server <ul><li>Can make Linux volumes available via NCP </li><ul><li>Can mount native Linux file systems </li><ul><...
User quotas and salvage will not work </li></ul><li>OES2 </li><ul><li>Owner will be correct and user quotas will work </li...
User quotas and salvage will work </li></ul></ul></ul>Device Drivers EVMS (Enterprise Volume Management System) Media Mana...
NCP ™  Server Device Drivers EVMS (Enterprise Volume Management System) Media Manager Logic NSS Storage Subsystem Linux Se...
NCP ™  Server (1)  User and Group information for the connection joe.acme is using NCP Server eDirectory Device Drivers EV...
NCP ™  Server (2)  Create file foo.txt logged in as joe.acme (1)  User and Group information for the connection joe.acme i...
NCP ™  Server (2)  Create file foo.txt logged in as joe.acme (1)  User and Group information for the connection joe.acme i...
NCP ™  Server (2)  Create file foo.txt logged in as joe.acme (1)  User and Group information for the connection joe.acme i...
NCP ™  Server (2)  Create file foo.txt logged in as joe.acme (1)  User and Group information for the connection joe.acme i...
Tuning Novell Storage Services ™
Linux Memory Recap <ul><li>Kernel Memory </li><ul><li>Low memory directly addressable by the kernel
Bottom 1GB on 32 Bit Linux (can be customised)
All memory on 64 Bit Linux </li></ul><li>User Memory aka HiMem </li><ul><li>High memory used by applications
Kernel has to map it to use it </li></ul></ul>0 1 4 GB 2 3 User Kernel
Novell Storage Services ™  Caching <ul><li>Files </li><ul><li>Objects in memory (Beasts / inodes)
Packed on disk in 4K Blocks (Metadata Blocks) </li></ul><li>Metadata </li><ul><li>4K Pages in Memory
Unpacked into Objects </li></ul><li>User Data </li><ul><li>4K Pages in Memory
Saved on disk as 4K Blocks (User data Blocks) </li></ul></ul>
Novell Storage Services ™   Caching on Linux <ul><li>32 Bit </li><ul><li>NSS Metadata cached in HiMem </li><ul><li>Private...
Linux:  Memory shared with, and managed by, Linux
nss /HighMemoryCacheType=Private|Linux|None </li></ul><li>NSS User data integrated into Linux cache </li></ul><li>64 Bit <...
Metadata cache configurable </li><ul><li>nss /MinBufferCacheSize </li></ul><li>NSS User data integrated into Linux cache <...
Previous Versions of  Novell Storage Services ™  on Linux <ul><li>Open Enterprise Server (OES) </li><ul><li>All user and m...
NSS user data integrated into Linux cache </li></ul><li>OES SP2 </li><ul><li>NSS Metadata cached in HiMem </li><ul><li>nss...
Previous Versions of  Novell Storage Services ™  on Linux <ul><li>OES2 </li><ul><li>64 bit  </li></ul><li>OES2 SP1 </li><u...
Upcoming SlideShare
Loading in...5
×

Cl309

379

Published on

Novell Brainshare 2010 Amsterdam

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
379
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
5
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide
  • The vigil_ncp.ko module was architected to audit these (2) specific NCP internal events. The NCP engine has been modified to pass these events (through a sysfs interface) to vigil_ncp.ko. For each of these specific NCP internal events, vigil_ncp.ko module retrieves the NCP/NDS client metadata through the Process Metadata Table (in the same fassion as does the vigil_nss.ko module). An audit record is created and passed on to vigil.ko for further processing.
  • The vigil_ncp.ko module was architected to audit these (2) specific NCP internal events. The NCP engine has been modified to pass these events (through a sysfs interface) to vigil_ncp.ko. For each of these specific NCP internal events, vigil_ncp.ko module retrieves the NCP/NDS client metadata through the Process Metadata Table (in the same fassion as does the vigil_nss.ko module). An audit record is created and passed on to vigil.ko for further processing.
  • The vigil_ncp.ko module was architected to audit these (2) specific NCP internal events. The NCP engine has been modified to pass these events (through a sysfs interface) to vigil_ncp.ko. For each of these specific NCP internal events, vigil_ncp.ko module retrieves the NCP/NDS client metadata through the Process Metadata Table (in the same fassion as does the vigil_nss.ko module). An audit record is created and passed on to vigil.ko for further processing.
  • The vigil_ncp.ko module was architected to audit these (2) specific NCP internal events. The NCP engine has been modified to pass these events (through a sysfs interface) to vigil_ncp.ko. For each of these specific NCP internal events, vigil_ncp.ko module retrieves the NCP/NDS client metadata through the Process Metadata Table (in the same fassion as does the vigil_nss.ko module). An audit record is created and passed on to vigil.ko for further processing.
  • The vigil_ncp.ko module was architected to audit these (2) specific NCP internal events. The NCP engine has been modified to pass these events (through a sysfs interface) to vigil_ncp.ko. For each of these specific NCP internal events, vigil_ncp.ko module retrieves the NCP/NDS client metadata through the Process Metadata Table (in the same fassion as does the vigil_nss.ko module). An audit record is created and passed on to vigil.ko for further processing.
  • The vigil_ncp.ko module was architected to audit these (2) specific NCP internal events. The NCP engine has been modified to pass these events (through a sysfs interface) to vigil_ncp.ko. For each of these specific NCP internal events, vigil_ncp.ko module retrieves the NCP/NDS client metadata through the Process Metadata Table (in the same fassion as does the vigil_nss.ko module). An audit record is created and passed on to vigil.ko for further processing.
  • The vigil_ncp.ko module was architected to audit these (2) specific NCP internal events. The NCP engine has been modified to pass these events (through a sysfs interface) to vigil_ncp.ko. For each of these specific NCP internal events, vigil_ncp.ko module retrieves the NCP/NDS client metadata through the Process Metadata Table (in the same fassion as does the vigil_nss.ko module). An audit record is created and passed on to vigil.ko for further processing.
  • The vigil_ncp.ko module was architected to audit these (2) specific NCP internal events. The NCP engine has been modified to pass these events (through a sysfs interface) to vigil_ncp.ko. For each of these specific NCP internal events, vigil_ncp.ko module retrieves the NCP/NDS client metadata through the Process Metadata Table (in the same fassion as does the vigil_nss.ko module). An audit record is created and passed on to vigil.ko for further processing.
  • The vigil_ncp.ko module was architected to audit these (2) specific NCP internal events. The NCP engine has been modified to pass these events (through a sysfs interface) to vigil_ncp.ko. For each of these specific NCP internal events, vigil_ncp.ko module retrieves the NCP/NDS client metadata through the Process Metadata Table (in the same fassion as does the vigil_nss.ko module). An audit record is created and passed on to vigil.ko for further processing.
  • The vigil_ncp.ko module was architected to audit these (2) specific NCP internal events. The NCP engine has been modified to pass these events (through a sysfs interface) to vigil_ncp.ko. For each of these specific NCP internal events, vigil_ncp.ko module retrieves the NCP/NDS client metadata through the Process Metadata Table (in the same fassion as does the vigil_nss.ko module). An audit record is created and passed on to vigil.ko for further processing.
  • The vigil_ncp.ko module was architected to audit these (2) specific NCP internal events. The NCP engine has been modified to pass these events (through a sysfs interface) to vigil_ncp.ko. For each of these specific NCP internal events, vigil_ncp.ko module retrieves the NCP/NDS client metadata through the Process Metadata Table (in the same fassion as does the vigil_nss.ko module). An audit record is created and passed on to vigil.ko for further processing.
  • The vigil_ncp.ko module was architected to audit these (2) specific NCP internal events. The NCP engine has been modified to pass these events (through a sysfs interface) to vigil_ncp.ko. For each of these specific NCP internal events, vigil_ncp.ko module retrieves the NCP/NDS client metadata through the Process Metadata Table (in the same fassion as does the vigil_nss.ko module). An audit record is created and passed on to vigil.ko for further processing.
  • The vigil_ncp.ko module was architected to audit these (2) specific NCP internal events. The NCP engine has been modified to pass these events (through a sysfs interface) to vigil_ncp.ko. For each of these specific NCP internal events, vigil_ncp.ko module retrieves the NCP/NDS client metadata through the Process Metadata Table (in the same fassion as does the vigil_nss.ko module). An audit record is created and passed on to vigil.ko for further processing.
  • The vigil_ncp.ko module was architected to audit these (2) specific NCP internal events. The NCP engine has been modified to pass these events (through a sysfs interface) to vigil_ncp.ko. For each of these specific NCP internal events, vigil_ncp.ko module retrieves the NCP/NDS client metadata through the Process Metadata Table (in the same fassion as does the vigil_nss.ko module). An audit record is created and passed on to vigil.ko for further processing.
  • The vigil_ncp.ko module was architected to audit these (2) specific NCP internal events. The NCP engine has been modified to pass these events (through a sysfs interface) to vigil_ncp.ko. For each of these specific NCP internal events, vigil_ncp.ko module retrieves the NCP/NDS client metadata through the Process Metadata Table (in the same fassion as does the vigil_nss.ko module). An audit record is created and passed on to vigil.ko for further processing.
  • The vigil_ncp.ko module was architected to audit these (2) specific NCP internal events. The NCP engine has been modified to pass these events (through a sysfs interface) to vigil_ncp.ko. For each of these specific NCP internal events, vigil_ncp.ko module retrieves the NCP/NDS client metadata through the Process Metadata Table (in the same fassion as does the vigil_nss.ko module). An audit record is created and passed on to vigil.ko for further processing.
  • Cl309

    1. 1. Novell Storage Services ™ File System Performance, Clustering and Auditing in Novell ® Open Enterprise Server on Linux Marcus Gould Premium Support Engineer Novell, Inc. [email_address] Bart Schoofs WorldWide Support Engineer Novell, Inc. [email_address] Adam Jerome Senior Software Engineer Novell, Inc. [email_address] Vijai Babu Madhavan Filesystem Engineer Novell, Inc. [email_address]
    2. 2. Agenda <ul><li>Novell Storage Services ™ Feature and Architecture Review
    3. 3. Novell Storage Services and NCP ™ Tuning and Troubleshooting
    4. 4. Novell Storage Services Auditing (Vigil) </li></ul>
    5. 5. Novell Storage Services ™ Feature and Architecture Review
    6. 6. Novell Storage Services ™ Features <ul><li>Trustee Model </li><ul><li>Inherited Rights
    7. 7. Visibility </li></ul><li>Salvage
    8. 8. Directory Quotas
    9. 9. User Quotas
    10. 10. Compression
    11. 11. Data Shredding
    12. 12. Immediate Flush </li></ul>
    13. 13. Novell Storage Services ™ Features <ul><li>Multiple Name Spaces
    14. 14. Distributed File Services (DFS)
    15. 15. Multiple Server Activation Prevention
    16. 16. Archive / Versioning enabled
    17. 17. Logical Volumes and Pools
    18. 18. Encryption
    19. 19. Pool Snapshot
    20. 20. File Snapshot (COW) </li></ul>
    21. 21. Architecture: Novell Storage Services ™ on Linux User Kernel Device Drivers EVMS (Enterprise Volume Management System) Media Manager Logic NSS Storage Subsystem Linux Semantic Agent Linux Applications (e.g. SAMBA) NCP _Admin Management (Virtual File System) eDirectory Handler Up Call VFS (Virtual File Services) Reiser EXT3 XFS
    22. 22. Architecture: Novell Storage Services ™ on Linux Device Drivers EVMS (Enterprise Volume Management System) Media Manager Logic NSS Storage Subsystem Linux Semantic Agent Linux Applications (e.g. SAMBA) NCP _ Admin Management (Virtual File System) eDirectory Handler Up Call VFS (Virtual File Services) Reiser EXT3 XFS
    23. 23. EVMS (Enterprise Volume Management System) <ul><li>Allows NSS pools to be moved between NetWare ® and OES Linux </li><ul><li>Without modification
    24. 24. NetWare-created pools can mount on Linux
    25. 25. Linux-created pools can mount on NetWare
    26. 26. Must stick to iManager and nssmu </li></ul></ul>Device Drivers EVMS (Enterprise Volume Management System) Media Manager Logic NSS Storage Subsystem Linux Semantic Agent Linux Applications (e.g. SAMBA) NCP _ Admin Management (Virtual File System) eDirectory Handler Up Call VFS (Virtual File Services) Reiser EXT3 XFS
    27. 27. Novell Storage Services ™ <ul><li>NSS automatically mounted in NCP ™ </li><ul><li>Disable NCP via Remote Manager </li><ul><li>e.g. Shadow Volumes </li></ul><li>Mounted in Linux file system </li><ul><li>/media/nss/<Volume_Name> </li></ul></ul><li>novell-nss kernel module
    28. 28. All features work as NetWare ® </li><ul><li>Except non-LUM modifier, archiver and deleter of files show as root </li></ul></ul>Device Drivers EVMS (Enterprise Volume Management System) Media Manager Logic NSS Storage Subsystem Linux Semantic Agent Linux Applications (e.g. SAMBA) NCP _ Admin Management (Virtual File System) eDirectory Handler Up Call VFS (Virtual File Services) Reiser EXT3 XFS
    29. 29. eDirectory ™ <ul><li>eDirectory users can access NSS
    30. 30. Local users require LUM </li><ul><li>NSS uses eDirectory GUIDs internally
    31. 31. Linux uses UIDs internally
    32. 32. Linux passes UIDs to NSS
    33. 33. LUM links GUID to UID via eDirectory </li></ul><li>NSS maintains multiple ID caches </li><ul><li>G2I, I2G and SEV caches </li></ul></ul>Device Drivers EVMS (Enterprise Volume Management System) Media Manager Logic NSS Storage Subsystem Linux Semantic Agent Linux Applications (e.g. SAMBA) NCP _ Admin Management (Virtual File System) eDirectory Handler Up Call VFS (Virtual File Services) Reiser EXT3 XFS
    34. 34. VFS (Virtual File Services) <ul><li>Registers NSS as a normal Linux file system </li><ul><li>POSIX rwx attributes represent NetWare ® attributes </li><ul><li>Read: NetWare Hidden attribute
    35. 35. Write: Set unless file is read-only
    36. 36. Execute: NetWare Execute attribute (cannot copy) or subdirectory </li></ul></ul><li>Most access to NSS is via VFS (POSIX Layer)
    37. 37. Some access to NSS directly via zAPI </li><ul><li>e.g. SMS, AFP </li></ul><li>Trustee rights are enforced </li></ul>Device Drivers EVMS (Enterprise Volume Management System) Media Manager Logic NSS Storage Subsystem Linux Semantic Agent Linux Applications (e.g. SAMBA) NCP _ Admin Management (Virtual File System) eDirectory Handler Up Call VFS (Virtual File Services) Reiser EXT3 XFS
    38. 38. VFS (Virtual File Services) Device Drivers EVMS (Enterprise Volume Management System) Media Manager Logic NSS Storage Subsystem Linux Semantic Agent Linux Applications (e.g. SAMBA) NCP _ Admin Management (Virtual File System) eDirectory Handler Up Call VFS (Virtual File Services) Reiser EXT3 XFS
    39. 39. VFS (Virtual File Services) (1) Create File foo.txt logged in as Joe with a UID of 705 Client NSS Device Drivers EVMS (Enterprise Volume Management System) Media Manager Logic NSS Storage Subsystem Linux Semantic Agent Linux Applications (e.g. SAMBA) NCP _ Admin Management (Virtual File System) eDirectory Handler Up Call VFS (Virtual File Services) Reiser EXT3 XFS
    40. 40. VFS (Virtual File Services) (1) Create File foo.txt logged in as Joe with a UID of 705 (2) NSS requests eDirectory name for UID 705 LUM returns joe.acme Client LUM NSS Device Drivers EVMS (Enterprise Volume Management System) Media Manager Logic NSS Storage Subsystem Linux Semantic Agent Linux Applications (e.g. SAMBA) NCP _ Admin Management (Virtual File System) eDirectory Handler Up Call VFS (Virtual File Services) Reiser EXT3 XFS
    41. 41. VFS (Virtual File Services) (1) Create File foo.txt logged in as Joe with a UID of 705 (2) NSS requests eDirectory name for UID 705 LUM returns joe.acme (3) NSS requests security equivalence information for joe.acme – eDirectory returns a list of equivalent users and group memberships Client LUM eDirectory NSS Device Drivers EVMS (Enterprise Volume Management System) Media Manager Logic NSS Storage Subsystem Linux Semantic Agent Linux Applications (e.g. SAMBA) NCP _ Admin Management (Virtual File System) eDirectory Handler Up Call VFS (Virtual File Services) Reiser EXT3 XFS
    42. 42. VFS (Virtual File Services) (1) Create File foo.txt logged in as Joe with a UID of 705 (2) NSS requests eDirectory name for UID 705 LUM returns joe.acme (3) NSS requests security equivalence information for joe.acme – eDirectory returns a list of equivalent users and group memberships (4) NSS does normal trustee checking based on users and groups returned by eDirectory Client LUM eDirectory NSS Device Drivers EVMS (Enterprise Volume Management System) Media Manager Logic NSS Storage Subsystem Linux Semantic Agent Linux Applications (e.g. SAMBA) NCP _ Admin Management (Virtual File System) eDirectory Handler Up Call VFS (Virtual File Services) Reiser EXT3 XFS
    43. 43. NCP ™ Server <ul><li>Communicates with NSS Via VFS </li><ul><li>Runs as part of eDirectory ™ (ndsd)
    44. 44. No standalone NCP daemon </li><ul><li>/etc/opt/novell/ncpserv.conf
    45. 45. /var/opt/novell/log/ncpserv.log </li></ul><li>ncp2nss daemon </li><ul><li>/etc/opt/novell/ncp2nss.conf
    46. 46. /var/opt/novell/log/ncp2nss.log </li></ul><li>Also uses Extended Attributes and _admin
    47. 47. Processes NEB events from NSS </li></ul><li>Maintains own trustee store </li><ul><li>Synchronised with NSS </li></ul></ul>Device Drivers EVMS (Enterprise Volume Management System) Media Manager Logic NSS Storage Subsystem Linux Semantic Agent Linux Applications (e.g. SAMBA) NCP _ Admin Management (Virtual File System) eDirectory Handler Up Call VFS (Virtual File Services) Reiser EXT3 XFS
    48. 48. NCP ™ Server <ul><li>Can make Linux volumes available via NCP </li><ul><li>Can mount native Linux file systems </li><ul><li>ncpcon create volume </li></ul></ul><li>NCP does not require LUM, but... </li><ul><li>OES1 </li><ul><li>Owner, modifier, archiver and deleter are all root
    49. 49. User quotas and salvage will not work </li></ul><li>OES2 </li><ul><li>Owner will be correct and user quotas will work </li></ul><li>OES2 SP2 (& OES2SP1+Patches) </li><ul><li>Owner, modifier, archiver and deleter will work
    50. 50. User quotas and salvage will work </li></ul></ul></ul>Device Drivers EVMS (Enterprise Volume Management System) Media Manager Logic NSS Storage Subsystem Linux Semantic Agent Linux Applications (e.g. SAMBA) NCP _ Admin Management (Virtual File System) eDirectory Handler Up Call VFS (Virtual File Services) Reiser EXT3 XFS
    51. 51. NCP ™ Server Device Drivers EVMS (Enterprise Volume Management System) Media Manager Logic NSS Storage Subsystem Linux Semantic Agent Linux Applications (e.g. SAMBA) NCP _ Admin Management (Virtual File System) eDirectory Handler Up Call VFS (Virtual File Services) Reiser EXT3 XFS
    52. 52. NCP ™ Server (1) User and Group information for the connection joe.acme is using NCP Server eDirectory Device Drivers EVMS (Enterprise Volume Management System) Media Manager Logic NSS Storage Subsystem Linux Semantic Agent Linux Applications (e.g. SAMBA) NCP _ Admin Management (Virtual File System) eDirectory Handler Up Call VFS (Virtual File Services) Reiser EXT3 XFS
    53. 53. NCP ™ Server (2) Create file foo.txt logged in as joe.acme (1) User and Group information for the connection joe.acme is using NCP Client NCP Server eDirectory Device Drivers EVMS (Enterprise Volume Management System) Media Manager Logic NSS Storage Subsystem Linux Semantic Agent Linux Applications (e.g. SAMBA) NCP _ Admin Management (Virtual File System) eDirectory Handler Up Call VFS (Virtual File Services) Reiser EXT3 XFS
    54. 54. NCP ™ Server (2) Create file foo.txt logged in as joe.acme (1) User and Group information for the connection joe.acme is using (3) Apply trustee rights based on path & connection NCP Client NCP Server eDirectory Device Drivers EVMS (Enterprise Volume Management System) Media Manager Logic NSS Storage Subsystem Linux Semantic Agent Linux Applications (e.g. SAMBA) NCP _ Admin Management (Virtual File System) eDirectory Handler Up Call VFS (Virtual File Services) Reiser EXT3 XFS
    55. 55. NCP ™ Server (2) Create file foo.txt logged in as joe.acme (1) User and Group information for the connection joe.acme is using (3) Apply trustee rights based on path & connection (4) Create foo.txt as root NCP Client NCP Server eDirectory NSS Device Drivers EVMS (Enterprise Volume Management System) Media Manager Logic NSS Storage Subsystem Linux Semantic Agent Linux Applications (e.g. SAMBA) NCP _ Admin Management (Virtual File System) eDirectory Handler Up Call VFS (Virtual File Services) Reiser EXT3 XFS
    56. 56. NCP ™ Server (2) Create file foo.txt logged in as joe.acme (1) User and Group information for the connection joe.acme is using (3) Apply trustee rights based on path & connection (4) Create foo.txt as root (5) Change owner to joe.acme (by GUID) NCP Client NCP Server eDirectory NSS Device Drivers EVMS (Enterprise Volume Management System) Media Manager Logic NSS Storage Subsystem Linux Semantic Agent Linux Applications (e.g. SAMBA) NCP _ Admin Management (Virtual File System) eDirectory Handler Up Call VFS (Virtual File Services) Reiser EXT3 XFS
    57. 57. Tuning Novell Storage Services ™
    58. 58. Linux Memory Recap <ul><li>Kernel Memory </li><ul><li>Low memory directly addressable by the kernel
    59. 59. Bottom 1GB on 32 Bit Linux (can be customised)
    60. 60. All memory on 64 Bit Linux </li></ul><li>User Memory aka HiMem </li><ul><li>High memory used by applications
    61. 61. Kernel has to map it to use it </li></ul></ul>0 1 4 GB 2 3 User Kernel
    62. 62. Novell Storage Services ™ Caching <ul><li>Files </li><ul><li>Objects in memory (Beasts / inodes)
    63. 63. Packed on disk in 4K Blocks (Metadata Blocks) </li></ul><li>Metadata </li><ul><li>4K Pages in Memory
    64. 64. Unpacked into Objects </li></ul><li>User Data </li><ul><li>4K Pages in Memory
    65. 65. Saved on disk as 4K Blocks (User data Blocks) </li></ul></ul>
    66. 66. Novell Storage Services ™ Caching on Linux <ul><li>32 Bit </li><ul><li>NSS Metadata cached in HiMem </li><ul><li>Private: Memory dedicated to, and managed by, NSS (default)
    67. 67. Linux: Memory shared with, and managed by, Linux
    68. 68. nss /HighMemoryCacheType=Private|Linux|None </li></ul><li>NSS User data integrated into Linux cache </li></ul><li>64 Bit </li><ul><li>No HiMem memory constraints
    69. 69. Metadata cache configurable </li><ul><li>nss /MinBufferCacheSize </li></ul><li>NSS User data integrated into Linux cache </li></ul></ul>
    70. 70. Previous Versions of Novell Storage Services ™ on Linux <ul><li>Open Enterprise Server (OES) </li><ul><li>All user and metadata in kernel memory </li></ul><li>OES SP1 </li><ul><li>NSS Metadata cached in kernel memory
    71. 71. NSS user data integrated into Linux cache </li></ul><li>OES SP2 </li><ul><li>NSS Metadata cached in HiMem </li><ul><li>nss /HighMemoryCacheType </li></ul><li>NSS User data integrated into Linux cache </li></ul></ul>
    72. 72. Previous Versions of Novell Storage Services ™ on Linux <ul><li>OES2 </li><ul><li>64 bit </li></ul><li>OES2 SP1 </li><ul><li>Enhanced version of OES2 </li></ul><li>OES2 SP2 </li><ul><li>Improved Read-ahead algorithm (Stepping Window) </li></ul><li>OES2 SP3 </li><ul><li>Improved I/O Scheduler interactions
    73. 73. Multi-page BIO support </li></ul></ul>
    74. 74. NSS File Caching <ul><li>Novell Storage Services ™ on NetWare ® </li><ul><li>nss /ClosedFileCacheSize </li><ul><li>Maximum Number of “notInUse” Files in memory
    75. 75. Based on the available memory in the system
    76. 76. NSS does its own balancing </li></ul></ul><li>Novell Storage Services on Linux </li><ul><li>nss /ClosedFileCacheSize
    77. 77. Linux Memory Pressure </li><ul><li>inodes in memory
    78. 78. /proc/slabinfo </li><ul><li>lsa_inode_cache </li></ul><li>Linux will influence the total number of files in memory </li></ul></ul></ul>
    79. 79. Novell Storage Services ™ ID Cache <ul><li>ID Cache Tuning Parameters </li><ul><li>Per server
    80. 80. Reset various ID caches </li><ul><li>nss /ResetIDCache </li></ul><li>Modify the reset intervals of ID caches </li><ul><li>nss /IDCacheResetInterval=value ( Default: 25 hours) </li></ul><li>Modify the size of ID caches </li><ul><li>Requires latest patches for SP1/SP2
    81. 81. nss /IDCacheSize=value (Default: 16384) </li></ul></ul><li>OES2SP3 </li><ul><li>Monitor ID cache statistics </li></ul></ul>
    82. 82. Performance <ul><li>Always apply latest OES2 patches </li><ul><li>New parameter: nss /noUnplugAlways </li></ul><li>XEN Guest </li><ul><li>Change default noop Scheduler to cfq </li></ul><li>Modify Read Ahead Blocks based on access pattern </li><ul><li>Default ReadAheadBlks on NetWare ® & OES1 was 2
    83. 83. Higher is not necessarily better </li></ul></ul>
    84. 84. nsscon
    85. 85. nsscon <ul><li>nss /help
    86. 86. nss /find
    87. 87. Can be set persistently </li><ul><li>/opt/novell/nss/conf/nssstart.cfg </li></ul></ul>
    88. 88. ravsui <ul><li>Put Pool in maintenance state </li><ul><li>nsscon </li><ul><li>nss /poolMaintenance=<POOLNAME> </li></ul></ul></ul><ul><li>ravsui verify <POOLNAME> </li></ul><ul><ul><li>Verify a pool
    89. 89. ravview vbfn <POOLNAME> </li><ul><li>Parses xml log file and shows the results from verify </li></ul></ul><li>ravsui rebuild <POOLNAME> </li><ul><li>Rebuild a pool
    90. 90. ravview rtfn <POOLNAME> </li><ul><li>Parses xml log file and shows the results from rebuild </li></ul></ul></ul>
    91. 91. NetWare Core Protocol ™
    92. 92. NCP ™ Improvements <ul><li>NCP Server Engine Largely Rewritten </li><ul><li>No IPX Support
    93. 93. Large memory model
    94. 94. NCP on Linux can outperform NCP on NetWare ® </li></ul></ul>
    95. 95. NCP Directory Cache Tuning <ul><li>Monitor usage and evictions </li><ul><li>LOG_CACHE_STATISTICS </li><ul><li>/var/opt/novell/log/ncpserv.log </li></ul></ul><li>Configure based on working set and available memory </li><ul><li>MAXIMUM_CACHED_FILES_PER_VOLUME (Default: 20000)
    96. 96. MAXIMUM_CACHED_SUBDIRECTORIES_PER_VOLUME (Default: 50000)
    97. 97. MAXIMUM_CACHED_FILES_PER_SUBDIRECTORY (Default: 2048)
    98. 98. Cache Entry memory usage: ~216 bytes + Full path name </li></ul><li>Additional Information </li></ul><ul><ul><ul><li>http://www.novell.com/documentation/oes2/file_ncp_lx/data/bc06ts8.html
    99. 99. TID 7004888 – NCP Performance Tuning on OES2 Linux </li></ul></ul></ul>
    100. 100. ncpcon
    101. 101. Performance <ul><li>Horses for Courses </li><ul><li>Do you need NSS functionality?
    102. 102. Do you need all that metadata? </li></ul><li>Think It Through </li><ul><li>GroupWise ®
    103. 103. Database
    104. 104. User Home Directories </li></ul></ul>
    105. 105. Troubleshooting Novell Storage Services ™ and NCP ™ <ul><li>Slow File Access </li><ul><li>Apply ALL the SP1/SP2 Patches </li><ul><li>Optimized for NSS volumes mounted in LONG name space
    106. 106. Optimized for both LUM and non-LUM users access
    107. 107. Reduced memory usage </li></ul><li>Tune NSS ID Cache
    108. 108. Tune NCP Dir Cache
    109. 109. Process of elimination (NCP, NSS, etc...) </li></ul></ul>
    110. 110. Novell Cluster Services ™
    111. 111. Tracing and Debugging Novell Cluster Services ™ <ul><li>Edit /opt/novell/ncs/bin/ldncs </li><ul><li>Uncomment appropriate lines </li></ul><li>Use at command line </li><ul><li>e.g. echo -n &quot;TRACE CRM ON&quot; > /proc/ncs/cluster
    112. 112. Output: /var/log/messages </li></ul><li>See TID 7005837 for more information </li></ul># echo -n &quot;TRACE ON&quot; > /proc/ncs/vll # echo -n &quot;TRACE SBD ON&quot; > /proc/ncs/vll # echo -n &quot;TRACE GIPC ON&quot; > /proc/ncs/vll # echo -n &quot;TRACE MCAST ON&quot; > /proc/ncs/vll # echo -n &quot;TRACE CVB ON&quot; > /proc/ncs/cluster # echo -n &quot;TRACE CSS ON&quot; > /proc/ncs/cluster # echo -n &quot;TRACE CRM ON&quot; > /proc/ncs/cluster # echo -n &quot;TRACE CMA ON&quot; > /proc/ncs/cluster
    113. 113. Troubleshooting Novell Cluster Services ™ <ul><li>Resource Migration Hangs </li><ul><li>Check unload.out file </li><ul><li>/var/opt/novell/log/ncs/<resource_name>.unload.out </li></ul><li>Stack dump of user space processes (gstack) </li><ul><li>adminusd, ndsd, ncp2nss </li></ul><li>Stack dump of kernel threads </li><ul><li>echo 1 > /proc/sys/kernel/sysrq
    114. 114. echo t > /proc/sysrq-trigger </li></ul><li>Core (user-space processes and kernel) if necessary </li></ul></ul>
    115. 115. Novell Storage Services ™ Auditing (Vigil)
    116. 116. NCP Handling ...(w/o auditing) User-address space Kernel-address space eDirectory Engine POSIX System Call Table VFS NSS NCP Engine NCP_REQEST: OpenFile User: Joe File: fs1/sys:usr/Joe/readme.txt Mode: read_only NCP_REPLY: OpenFile Status : 0 (OK) Handle: 21 (NCP Generated)
    117. 117. NCP Handling ...(vigil_nss.ko) User-address space Kernel-address space eDirectory Engine POSIX System Call Table VFS NSS NCP Engine vigil_nss.ko NCP_REQEST: OpenFile User: Joe File: fs1/sys:usr/Joe/readme.txt Mode: read_only NCP_REPLY: OpenFile Status : 0 (OK) Handle: 21 (NCP Generated)
    118. 118. NCP Handling ...(vigil.ko) User-address space Kernel-address space eDirectory Engine POSIX System Call Table VFS NSS NCP Engine vigil_nss.ko vigil.ko NCP_REQEST: OpenFile User: Joe File: fs1/sys:usr/Joe/readme.txt Mode: read_only NCP_REPLY: OpenFile Status : 0 (OK) Handle: 21 (NCP Generated)
    119. 119. NCP Handling ...(vigil.ko API) User-address space Kernel-address space eDirectory Engine POSIX System Call Table VFS NSS NCP Engine vigil_nss.ko sysfs API vigil.ko NCP_REQEST: OpenFile User: Joe File: fs1/sys:usr/Joe/readme.txt Mode: read_only NCP_REPLY: OpenFile Status : 0 (OK) Handle: 21 (NCP Generated)
    120. 120. NCP Handling ...(libvigil) User-address space Kernel-address space eDirectory Engine POSIX System Call Table VFS NSS NCP Engine vigil_nss.ko sysfs API vigil.ko libvigil NCP_REQEST: OpenFile User: Joe File: fs1/sys:usr/Joe/readme.txt Mode: read_only NCP_REPLY: OpenFile Status : 0 (OK) Handle: 21 (NCP Generated)
    121. 121. NCP Handling ...(Auditing Client) User-address space Kernel-address space SIGIO eDirectory Engine POSIX System Call Table VFS NSS NCP Engine vigil_nss.ko sysfs API vigil.ko Audit Clients Filter(s) Audit Stream Audit App. libvigil NCP_REQEST: OpenFile User: Joe File: fs1/sys:usr/Joe/readme.txt Mode: read_only NCP_REPLY: OpenFile Status : 0 (OK) Handle: 21 (NCP Generated)
    122. 122. NCP Handling ...(Multiple Auditing Clients) User-address space Kernel-address space SIGIO eDirectory Engine POSIX System Call Table VFS NSS NCP Engine vigil_nss.ko sysfs API vigil.ko Audit Clients Filter(s) Audit Stream Audit App. libvigil NCP_REQEST: OpenFile User: Joe File: fs1/sys:usr/Joe/readme.txt Mode: read_only NCP_REPLY: OpenFile Status : 0 (OK) Handle: 21 (NCP Generated) Filter(s) Audit Stream Filter(s) Audit Stream Filter(s) Audit Stream
    123. 123. NCP Handling ...(Identity Issue) User-address space Kernel-address space SIGIO eDirectory Engine POSIX System Call Table VFS NSS NCP Engine vigil_nss.ko sysfs API vigil.ko Audit Clients Filter(s) Audit Stream Audit App. libvigil NCP_REQEST: OpenFile User: Joe File: fs1/sys:usr/Joe/readme.txt Mode: read_only NCP_REPLY: OpenFile Status : 0 (OK) Handle: 21 (NCP Generated) Filter(s) Audit Stream Filter(s) Audit Stream Filter(s) Audit Stream User=root
    124. 124. NCP Handling ...(Process Metadata) User-address space Kernel-address space SIGIO eDirectory Engine POSIX System Call Table VFS NSS NCP Engine pmd.ko Process Meta- data Table vigil_nss.ko sysfs API vigil.ko Audit Clients Filter(s) Audit Stream Audit App. libvigil NCP_REQEST: OpenFile User: Joe File: fs1/sys:usr/Joe/readme.txt Mode: read_only NCP_REPLY: OpenFile Status : 0 (OK) Handle: 21 (NCP Generated) Filter(s) Audit Stream Filter(s) Audit Stream Filter(s) Audit Stream
    125. 125. NCP Handling ...(Process Metadata Table) User-address space Kernel-address space SIGIO eDirectory Engine POSIX System Call Table VFS NSS NCP Engine pmd.ko Process Meta- data Table vigil_nss.ko sysfs API vigil.ko Audit Clients Filter(s) Audit Stream Audit App. libvigil NCP_REQEST: OpenFile User: Joe File: fs1/sys:usr/Joe/readme.txt Mode: read_only NCP_REPLY: OpenFile Status : 0 (OK) Handle: 21 (NCP Generated) Filter(s) Audit Stream Filter(s) Audit Stream Filter(s) Audit Stream Process Metadata Table
    126. 126. NCP Handling ...(Process Metadata Logging) User-address space Kernel-address space SIGIO eDirectory Engine POSIX System Call Table VFS NSS NCP Engine pmd.ko Process Meta- data Table vigil_nss.ko sysfs API vigil.ko Audit Clients Filter(s) Audit Stream Audit App. libvigil Linux Process NCP/NDS Client Metadata NCP_REQEST: OpenFile User: Joe File: fs1/sys:usr/Joe/readme.txt Mode: read_only NCP_REPLY: OpenFile Status : 0 (OK) Handle: 21 (NCP Generated) Filter(s) Audit Stream Filter(s) Audit Stream Filter(s) Audit Stream
    127. 127. NCP Handling ...(Process Metadata Retrieval) User-address space Kernel-address space SIGIO eDirectory Engine POSIX System Call Table VFS NSS NCP Engine pmd.ko Process Meta- data Table vigil_nss.ko sysfs API vigil.ko Audit Clients Filter(s) Audit Stream Audit App. libvigil Linux Process NCP/NDS Client Metadata NCP_REQEST: OpenFile User: Joe File: fs1/sys:usr/Joe/readme.txt Mode: read_only NCP_REPLY: OpenFile Status : 0 (OK) Handle: 21 (NCP Generated) Filter(s) Audit Stream Filter(s) Audit Stream Filter(s) Audit Stream
    128. 128. NCP Handling ...(Internal NCP Engine Event handling) User-address space Kernel-address space SIGIO eDirectory Engine POSIX System Call Table VFS NSS NCP Engine pmd.ko Process Meta- data Table vigil_nss.ko sysfs API vigil.ko Audit Clients Filter(s) Audit Stream Audit App. libvigil Lazy-Close Dup-Open Events Linux Process NCP/NDS Client Metadata NCP_REQEST: OpenFile User: Joe File: fs1/sys:usr/Joe/readme.txt Mode: read_only NCP_REPLY: OpenFile Status : 0 (OK) Handle: 21 (NCP Generated) Filter(s) Audit Stream Filter(s) Audit Stream Filter(s) Audit Stream
    129. 129. NCP Handling ...(vigil_ncp.ko) User-address space Kernel-address space SIGIO eDirectory Engine POSIX System Call Table VFS NSS NCP Engine pmd.ko Process Meta- data Table vigil_nss.ko vigil_ncp.ko sysfs sysfs API vigil.ko Audit Clients Filter(s) Audit Stream Audit App. libvigil Lazy-Close Dup-Open Events Linux Process NCP/NDS Client Metadata NCP_REQEST: OpenFile User: Joe File: fs1/sys:usr/Joe/readme.txt Mode: read_only NCP_REPLY: OpenFile Status : 0 (OK) Handle: 21 (NCP Generated) Filter(s) Audit Stream Filter(s) Audit Stream Filter(s) Audit Stream
    130. 130. CIFS Handling User-address space Kernel-address space SIGIO POSIX System Call Table VFS NSS CIFS Engine pmd.ko Process Meta- data Table vigil_nss.ko vigil_cifs.ko sysfs sysfs API vigil.ko Audit Clients Filter(s) Audit Stream Audit App. libvigil Lazy-Close Dup-Open Events Linux Process NCP/NDS Client Metadata CIFS_REQEST: OpenFile User: Joe File: fs1/sys:usr/Joe/readme.txt Mode: read_only CIFS_REPLY: OpenFile Status : 0 (OK) Handle: 21 (NCP Generated) Filter(s) Audit Stream Filter(s) Audit Stream Filter(s) Audit Stream
    131. 131. AFP Handling User-address space Kernel-address space SIGIO POSIX System Call Table VFS NSS vigil_nss.ko sysfs API vigil.ko Audit Clients Filter(s) Audit Stream Audit App. libvigil NSS zAPIs AFP_REQEST: OpenFile User: Joe File: fs1/sys:usr/Joe/readme.txt Mode: read_only AFP_REPLY: OpenFile Status : 0 (OK) Handle: 21 (NCP Generated) Filter(s) Audit Stream Filter(s) Audit Stream Filter(s) Audit Stream AFP Engine
    132. 132. Auditing Client Applications Blue Lance – LT Auditor+ 9 for SUSE ® Linux NetVision – NVMonitor Version 7.0 Novell ® Sentinel ™ – Log Manager Novell Open Enterprise Server – vlog
    133. 133. <AUDIT vlogRecNo=&quot;2&quot; vigilRecNo=&quot;2&quot; pid=&quot;11442&quot; TimeStamp=&quot;2010-03-04 09:46:25.416900&quot; Type=&quot;3 NSS&quot;> <NSS Event=&quot;64 MODIFY&quot; TaskID=&quot;0&quot; Zid=&quot;1C2E&quot; ParentZid=&quot;9A&quot; OpRetCode=&quot;0&quot; FileType=&quot;3 NAMED_DATA_STREAM&quot; FileAttributes=&quot;0x40000021 0-READ_ONLY 5-ARCHIVE 30-ATTR_ARCHIVE&quot; VolID=&quot;B87E55ADF559DE018000D7BDDBFE9C09&quot; VolDn=&quot;VOL1&quot; UserID=&quot;03000000000000000000000000000000&quot; UserDn=&quot;Supervisor&quot; Uid=&quot;0&quot; Uid_name=&quot;root&quot; Euid=&quot;0&quot; Euid_name=&quot;root&quot; Suid=&quot;0&quot; Suid_name=&quot;root&quot; Fsuid=&quot;0&quot; Fsuid_name=&quot;root&quot; Gid=&quot;0&quot; Gid_name=&quot;root&quot; Egid=&quot;0&quot; Egid_name=&quot;root&quot; Sgid=&quot;0&quot; Sgid_name=&quot;root&quot; Fsgid=&quot;0&quot; Fsgid_name=&quot;root&quot; Comm=&quot;ndsd&quot;> <PATH Type=&quot;1 target&quot; NameSpace=&quot;2 unicode&quot;>VOL1:/ajerome/myFile</PATH> <MODIFY_INFO ModifyInfoMask=&quot;0x00000021 0-FILE_ATTRIBUTES 5-METADATA_MODIFIED_TIME&quot; modifyTypeInfoMask=&quot;0x21&quot; /> <FILE_ATTRIBUTES FileAttributes=&quot;0x00000000&quot; FileAttributesModMask=&quot;0x4000000B&quot; /> <METADATA_MODIFIED_TIME Time=&quot;03/04/2010 09:46:25&quot; /> </NSS> </AUDIT> <AUDIT vlogRecNo=&quot;3&quot; vigilRecNo=&quot;3&quot; pid=&quot;11442&quot; TimeStamp=&quot;2010-03-04 09:46:25.417052&quot; Type=&quot;3 NSS&quot;> <NSS Event=&quot;4 OPEN&quot; TaskID=&quot;0&quot; Zid=&quot;1C2E&quot; ParentZid=&quot;9A&quot; OpRetCode=&quot;0&quot; FileType=&quot;3 NAMED_DATA_STREAM&quot; FileAttributes=&quot;0x40000020 5-ARCHIVE 30-ATTR_ARCHIVE&quot; VolID=&quot;B87E55ADF559DE018000D7BDDBFE9C09&quot; VolDn=&quot;VOL1&quot; UserID=&quot;03000000000000000000000000000000&quot; UserDn=&quot;Supervisor&quot; Uid=&quot;0&quot; Uid_name=&quot;root&quot; Euid=&quot;0&quot; Euid_name=&quot;root&quot; Suid=&quot;0&quot; Suid_name=&quot;root&quot; Fsuid=&quot;0&quot; Fsuid_name=&quot;root&quot; Gid=&quot;0&quot; Gid_name=&quot;root&quot; Egid=&quot;0&quot; Egid_name=&quot;root&quot; Sgid=&quot;0&quot; Sgid_name=&quot;root&quot; Fsgid=&quot;0&quot; Fsgid_name=&quot;root&quot; Comm=&quot;ndsd&quot;> <PATH Type=&quot;1 target&quot; NameSpace=&quot;2 unicode&quot;>VOL1:/ajerome/myFile</PATH> <OPEN key=&quot;0x9552AE6B440F959&quot; RequestedRights=&quot;0x00000013 0-READ_ACCESS 1-WRITE_ACCESS 4-SCAN_ACCESS&quot; Accessed=&quot;03/04/2010 09:46:25&quot; Created=&quot;02/05/2010 14:35:01&quot; Modified=&quot;02/05/2010 14:35:01&quot; MetaDataModified=&quot;03/04/2010 09:46:25&quot; /> </NSS> </AUDIT> <AUDIT vlogRecNo=&quot;4&quot; vigilRecNo=&quot;4&quot; pid=&quot;11442&quot; TimeStamp=&quot;2010-03-04 09:46:25.417154&quot; Type=&quot;3 NSS&quot;> <NSS Event=&quot;64 MODIFY&quot; TaskID=&quot;0&quot; Zid=&quot;1C2E&quot; ParentZid=&quot;9A&quot; OpRetCode=&quot;0&quot; FileType=&quot;3 NAMED_DATA_STREAM&quot; FileAttributes=&quot;0x40000020 5-ARCHIVE 30-ATTR_ARCHIVE&quot; VolID=&quot;B87E55ADF559DE018000D7BDDBFE9C09&quot; VolDn=&quot;VOL1&quot; UserID=&quot;03000000000000000000000000000000&quot; UserDn=&quot;Supervisor&quot; Uid=&quot;0&quot; Uid_name=&quot;root&quot; Euid=&quot;0&quot; Euid_name=&quot;root&quot; Suid=&quot;0&quot; Suid_name=&quot;root&quot; Fsuid=&quot;0&quot; Fsuid_name=&quot;root&quot; Gid=&quot;0&quot; Gid_name=&quot;root&quot; Egid=&quot;0&quot; Egid_name=&quot;root&quot; Sgid=&quot;0&quot; Sgid_name=&quot;root&quot; Fsgid=&quot;0&quot; Fsgid_name=&quot;root&quot; Comm=&quot;ndsd&quot;> <PATH Type=&quot;1 target&quot; NameSpace=&quot;2 unicode&quot;>VOL1:/ajerome/myFile</PATH> <MODIFY_INFO ModifyInfoMask=&quot;0x00000021 0-FILE_ATTRIBUTES 5-METADATA_MODIFIED_TIME&quot; modifyTypeInfoMask=&quot;0x21&quot; /> <FILE_ATTRIBUTES FileAttributes=&quot;0x00000001 0-READ_ONLY&quot; FileAttributesModMask=&quot;0x4000000B&quot; /> <METADATA_MODIFIED_TIME Time=&quot;03/04/2010 09:46:25&quot; /> </NSS> </AUDIT> <AUDIT vlogRecNo=&quot;5&quot; vigilRecNo=&quot;5&quot; pid=&quot;11442&quot; TimeStamp=&quot;2010-03-04 09:46:25.417323&quot; Type=&quot;2 NCP&quot;> <NCP Event=&quot;16 OPEN&quot;> <WHO_LINUX Uid=”0” UidName=”root” Euid=”0” EuidName=”root” Suid=”0” SuidName=”root” Fsuid=”0” FsuidName=”root” Gid=”0” GidName=”root” Egid=”0” EgidName=”root” Sgid=”0” SgidName=”root” Fsgid=”0” FsguidName=”root” Comm=”ndsd” /> <PMD_NCP ConnID=&quot;12&quot; TaskID=&quot;4&quot; Guid=&quot;A053F649CB3CD94AE5A3A053F649CB3C&quot; Dn=&quot;.CN=ajerome.O=novell.T=AJEROME-OES2-64-TREE.&quot; /> <NCP_LOCAL__OPENFILE searchAttributes=&quot;0x26&quot; DesiredAccessRights=&quot;0x01&quot; LinuxPath=&quot;/media/nss/VOL1/ajerome/myFile&quot; Status=&quot;0&quot; FileHandle=&quot;000037623030&quot; FileAttributes=&quot;0x00000021 0-READ_ONLY 5-ARCHIVE&quot; FileExecuteType=&quot;00&quot; FileLen=&quot;14&quot; CreationDate=&quot; 5/02/2010&quot; LastAccessDate=&quot; 4/03/2010&quot; LastUpdateDate=&quot; 5/02/2010&quot; LastUpdateTime=&quot;14:35:00&quot; /> </NCP> </AUDIT> <AUDIT vlogRecNo=&quot;6&quot; vigilRecNo=&quot;6&quot; pid=&quot;11442&quot; TimeStamp=&quot;2010-03-04 09:46:25.423618&quot; Type=&quot;2 NCP&quot;> <NCP Event=&quot;32 CLOSE&quot;> <WHO_LINUX Uid=”0” UidName=”root” Euid=”0” EuidName=”root” Suid=”0” SuidName=”root” Fsuid=”0” FsuidName=”root” Gid=”0” GidName=”root” Egid=”0” EgidName=”root” Sgid=”0” SgidName=”root” Fsgid=”0” FsguidName=”root” Comm=”ndsd” /> <PMD_NCP ConnID=&quot;12&quot; TaskID=&quot;4&quot; Guid=&quot;A053F649CB3CD94AE5A3A053F649CB3C&quot; Dn=&quot;.CN=ajerome.O=novell.T=AJEROME-OES2-64-TREE.&quot; /> <NCP_LOCAL__CLOSEFILE FileHandle=&quot;0x000089007B00&quot; Status=&quot;0&quot; /> </NCP> </AUDIT>
    134. 134. <AUDIT VlogRecNo=&quot;3&quot; VigilRecNo=&quot; 3 &quot; Pid=&quot; 11442 &quot; TimeStamp=&quot; 2010-03-04 09:46:25.417052 &quot; Type=&quot; 3 NSS &quot; > <NSS Event=&quot; 4 OPEN &quot; TaskID=&quot; 0 &quot; Zid=&quot; 1C2E &quot; ParentZid=&quot; 9A &quot; OpRetCode=&quot; 0 &quot; FileType=&quot; 3 NAMED_DATA_STREAM&quot; FileAttributes=&quot; 0x40000020 5-ARCHIVE 30-ATTR_ARCHIVE&quot; VolID=&quot; B87E55ADF559DE018000D7BDDBFE9C09 &quot; VolDn=&quot;VOL1&quot; UserID=&quot; 03000000000000000000000000000000 &quot; UserDn=&quot;Supervisor&quot; Uid=&quot; 0 &quot; Uid_name=&quot;root&quot; Euid=&quot; 0 &quot; Euid_name=&quot;root&quot; Suid=&quot; 0 &quot; Suid_name=&quot;root&quot; Fsuid=&quot; 0 &quot; Fsuid_name=&quot;root&quot; Gid=&quot; 0 &quot; Gid_name=&quot;root&quot; Egid=&quot;0&quot; Egid_name=&quot;root&quot; Sgid=&quot; 0 &quot; Sgid_name=&quot;root&quot; Fsgid=&quot; 0 &quot; Fsgid_name=&quot;root&quot; Comm=&quot; ndsd &quot; > <PATH Type=&quot; 1 target&quot; NameSpace=&quot; 2 unicode&quot;> VOL1:/ajerome/myFile </PATH> <OPEN Key=&quot; 0x9552AE6B440F959 &quot; RequestedRights=&quot; 0x00000013 0-READ_ACCESS 1-WRITE_ACCESS 4-SCAN_ACCESS&quot; Accessed=&quot; 03/04/2010 09:46:25 &quot; Created=&quot; 02/05/2010 14:35:01 &quot; Modified=&quot; 02/05/2010 14:35:01 &quot; MetaDataModified=&quot; 03/04/2010 09:46:25 &quot; /> </NSS> </AUDIT>
    135. 135. <AUDIT VlogRecNo=&quot; 4 &quot; VigilRecNo=&quot; 4 &quot; Pid=&quot; 11442 &quot; TimeStamp=&quot; 2010-03-04 09:46:25.417154 &quot; Type=&quot; 3 NSS &quot; > <NSS Event=&quot; 64 MODIFY &quot; TaskID=&quot; 0 &quot; Zid=&quot; 1C2E &quot; ParentZid=&quot; 9A &quot; OpRetCode=&quot; 0 &quot; FileType=&quot; 3 NAMED_DATA_STREAM&quot; FileAttributes=&quot; 0x40000020 5-ARCHIVE 30-ATTR_ARCHIVE&quot; VolID=&quot; B87E55ADF559DE018000D7BDDBFE9C09 &quot; VolDn=&quot;VOL1&quot; UserID=&quot; 03000000000000000000000000000000 &quot; UserDn=&quot;Supervisor&quot; Uid=&quot; 0 &quot; Uid_name=&quot;root&quot; Euid=&quot; 0 &quot; Euid_name=&quot;root&quot; Suid=&quot; 0 &quot; Suid_name=&quot;root&quot; Fsuid=&quot; 0 &quot; Fsuid_name=&quot;root&quot; Gid=&quot; 0 &quot; Gid_name=&quot; root &quot; Egid=&quot; 0 &quot; Egid_name=&quot;root&quot; Sgid=&quot; 0 &quot; Sgid_name=&quot;root&quot; Fsgid=&quot;0&quot; Fsgid_name=&quot;root&quot; Comm=&quot; ndsd &quot; > <PATH Type=&quot; 1 target&quot; NameSpace=&quot; 2 unicode&quot;> VOL1:/ajerome/myFile </PATH> <MODIFY_INFO ModifyInfoMask=&quot; 0x00000021 0-FILE_ATTRIBUTES 5-METADATA_MODIFIED_TIME&quot; ModifyTypeInfoMask =&quot; 0x21 &quot; /> <FILE_ATTRIBUTES FileAttributes=&quot; 0x00000001 0-READ_ONLY&quot; FileAttributesModMask=&quot; 0x4000000B &quot; /> <METADATA_MODIFIED_TIME Time=&quot; 03/04/2010 09:46:25 &quot; /> </NSS> </AUDIT>
    136. 136. <AUDIT VlogRecNo=&quot;5&quot; VigilRecNo=&quot; 5 &quot; Pid=&quot; 11442 &quot; TimeStamp=&quot; 2010-03-04 09:46:25.417323 &quot; Type=&quot; 2 NCP &quot; > <NCP Event=&quot; 16 OPEN &quot; > <WHO_LINUX Uid=” 0 ” UidName=”root” Euid=” 0 ” EuidName=”root” Suid=” 0 ” SuidName=”root” Fsuid=” 0 ” FsuidName=”root” Gid=” 0 ” GidName=”root” Egid=” 0 ” EgidName=”root” Sgid=” 0 ” SgidName=”root” Fsgid=” 0 ” FsguidName=”root” Comm=” ndsd ” /> <PMD_NCP ConnID=&quot; 12 &quot; TaskID=&quot; 4 &quot; Guid=&quot; A053F649CB3CD94AE5A3A053F649CB3C &quot; Dn=&quot;.CN=ajerome.O=novell.T=AJEROME-OES2-64-TREE.&quot; /> <NCP_LOCAL__OPENFILE SearchAttributes=&quot; 0x26 &quot; DesiredAccessRights=&quot; 0x01 &quot; LinuxPath=&quot; /media/nss/VOL1/ajerome/myFile &quot; Status=&quot; 0 &quot; FileHandle=&quot; 000037623030 &quot; FileAttributes=&quot; 0x00000021 0-READ_ONLY 5-ARCHIVE&quot; FileExecuteType=&quot; 00 &quot; FileLen=&quot; 14 &quot; CreationDate=&quot; 5/02/2010 &quot; LastAccessDate=&quot; 4/03/2010 &quot; LastUpdateDate=&quot; 5/02/2010 &quot; LastUpdateTime=&quot; 14:35:00 &quot; /> </NCP> </AUDIT>
    137. 137. <AUDIT VlogRecNo=&quot;6&quot; VigilRecNo=&quot; 6 &quot; Pid=&quot; 11442 &quot; TimeStamp=&quot; 2010-03-04 09:46:25.423618 &quot; Type=&quot; 2 NCP &quot; > <NCP Event=&quot; 32 CLOSE &quot;> <WHO_LINUX Uid=” 0 ” UidName=”root” Euid=” 0 ” EuidName=”root” Suid=” 0 ” SuidName=”root” Fsuid=” 0 ” FsuidName=”root” Gid=” 0 ” GidName=”root” Egid=” 0 ” EgidName=”root” Sgid=” 0 ” SgidName=”root” Fsgid=” 0 ” FsguidName=”root” Comm=” ndsd ” /> <PMD_NCP ConnID=&quot; 12 &quot; TaskID=&quot; 4 &quot; Guid=&quot; A053F649CB3CD94AE5A3A053F649CB3C &quot; Dn=&quot;.CN=ajerome.O=novell.T=AJEROME-OES2-64-TREE.&quot; /> <NCP_LOCAL__CLOSEFILE FileHandle=&quot; 0x000089007B00 &quot; Status=&quot;0&quot; /> </NCP> </AUDIT>
    138. 138. Reference <ul><li>NCP ™ Tuning </li></ul><ul><ul><ul><li>http://www.novell.com/documentation/oes2/file_ncp_lx/data/bc06ts8.html </li></ul></ul></ul><ul><li>Novell Storage Services ™ Tuning </li></ul><ul><ul><ul><li>http://www.novell.com/documentation/oes2/stor_nss_lx_nw/data/btbkjyi.html </li></ul></ul></ul><ul><li>Auditing </li></ul><ul><ul><ul><li>http://developer.novell.com/wiki/index.php/NSS_Auditing_SDK </li></ul></ul></ul><ul><li>TIDs </li></ul><ul><ul><ul><li>TID#7004888 - NCP Performance Tuning
    139. 139. TID#7004877 – NSS takes time to load and slow access
    140. 140. http://support.novell.com </li></ul></ul></ul>
    141. 141. Question and Answer
    142. 143. Unpublished Work of Novell, Inc. All Rights Reserved. This work is an unpublished work and contains confidential, proprietary, and trade secret information of Novell, Inc. Access to this work is restricted to Novell employees who have a need to know to perform tasks within the scope of their assignments. No part of this work may be practiced, performed, copied, distributed, revised, modified, translated, abridged, condensed, expanded, collected, or adapted without the prior written consent of Novell, Inc. Any use or exploitation of this work without authorization could subject the perpetrator to criminal and civil liability. General Disclaimer This document is not to be construed as a promise by any participating company to develop, deliver, or market a product. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. Novell, Inc. makes no representations or warranties with respect to the contents of this document, and specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose. The development, release, and timing of features or functionality described for Novell products remains at the sole discretion of Novell. Further, Novell, Inc. reserves the right to revise this document and to make changes to its content, at any time, without obligation to notify any person or entity of such revisions or changes. All Novell marks referenced in this presentation are trademarks or registered trademarks of Novell, Inc. in the United States and other countries. All third-party trademarks are the property of their respective owners.
    1. A particular slide catching your eye?

      Clipping is a handy way to collect important slides you want to go back to later.

    ×