General-purpose distributed file system for Windows, macOS, iOS, Linux, Solaris, AIX, and other UNIXes.
I had the opportunity to meet with Jeffrey Altman, Founder and Gerry Seidman, President of AuriStor, formerly Your File System, Inc., as part of the 40th IT Press Tour.
AuriStorFS is part of the AFS family file system created at Carnegie Mellon, funded by IBM, and part of the Open Source community in 2000 with OpenAFS. The company was founded in 2007 to create a next-generation file system for the 21st century to enable people with the AFS file system to continue using it.
AuriStor's vision for /afs includes:
Application transparency as a first-class file system on all major operating systems with client support built into Linux kernel.
Embrace and empower multi-producer, multi-consumer workflows. Anything in a file system will just work. Be as tightly integrated into each platform rather than supporting the lowest common denominator.
Be performance competitive with Lustre, GPFS, Panasas, NFSv4 and others without expecting to beat them. Can achieve 50 GB performance per workflow but not 100 GB performance. Do not compromise on security for higher performance. The AFS namespace is global regardless of where it stands.
Providing best-of-breed data security with wire privacy and integrity protection policy guarantees, combined identity authentication, multi-factor authentication, and geographic isolation.
Improved ease of use.
No flag days or loss of information.
Key features of AuriStor include:
Security with combined identity authentication, multi-factor authorization, volume and file server policies, data privacy for all services, need to know access policies, AES256 wire privacy, and protection against cache poisoning attacks.
Networking with IPv6 and can saturate multiple bonded 10GB NICs.
File and DB server performance and scale with dynamic per-service worker pools, reduce resource contention, all while supporting multi-producer, multi-consumer workflows.
The global /afs namespace has been around for 38 years. It provides federated authentication, home and sharted project directories, cross-platform distributed access to files and directory trees over the WAN. It's useful for anything that benefits from atomic publication and/or read-only replication like software distribution, and static-web content distribution, as well as global data replication and live data migration. Use cases include persistent storage for containerized processes and distribution of container images.
Use cases for AFS continue to expand. AuriStorFS /afs handles workflows that require thousands of nodes modifying a common set of objects -- multiple writer and multiple reader. It can handle hundreds of processes on a single multi-processor thread client system. And it provides robust multi-factor authorization and security (authorization/integration/ privacy) requirements. End users expect their data to be available out of the box with no third-party software. Linux native AFS (kafs) and AF_RXRPC now provide an out-of-the-box AuriStorFS client on Fedora, Debian, and Ubuntu.
AutiStor has made a numbert of functional improvements as the result of end user needs:
Unlimited data transfer RX calls. On March 19, 2018, made rthw world's first RX call to send more than 5.63 TB.
World's largest AFS volume -- 500 TB, fully functional migration, replication, backup, and restore with volume quotas up to 16 ZB.
500,000 sustained RX connections per fileserver.
40,000 Ubik queriews per second and 25 writes per second sustained.
Linux cache manager scaling beyond 64 simultaneous processor threads with minimal resource contention.
The AFS operational goals include location independence; authentication, integrity protection and privacy; geographic replication of critical data; an atomic publishing model; one file system for all; fine-grained access control; federated authentication; platform specific path resolution; platform achitecture independence; and, distributed administration.
AuriStorFS is the next generation AFS with zero configuration clients, an improved security module, client cache poisoning attack prevention, performance, scale, enhanced file security functionality, and out-of-the -box /afs access.