Components
One of the advantages of the OSF Distributed Computing Environment is the integration of its component technologies with one another. Wherever appropriate, DCE technologies make use of other DCE technologies to accomplish their tasks. For example, the Cell Directory Service uses many of the other DCE components-Threads, RPC, DTS, and Security-in providing its service.
Because the DCE technologies are well integrated, they also depend on one another for correct functioning. For example, CDS needs a running DCE Security Server in order to provide its directory service in a secure manner.
These dependencies among technology components have implications for DCE activities such as porting, planning, and bringing up a DeE cell.
This chapter describes how DCE components are integrated and the implications of their resulting interdependencies. First a matrix shows the integration of the technology components. Then a section on each of the components describes its use of other DCE technologies. The final section discusses the impact of technology interdependencies on DCE-related activities.
Introduction to OSF DCE
4.1 Integration Matrix
Table 4-1 shows which DCE components are used by each of the other DCE components. The components listed in the leftmost column are the technology consumers. The components listed in the top row are the technology providers. For example, in the box (row RPC, column Threads), the X indicates that RPC makes use of the Threads technology. The abbreviation NA (for Not Applicable) in a box shows the intersection of a technology with itself. A blank box indicates that the consuming technology does not use the providing technology. The following sections include discussions of technology integration, including reasons why certain technologies do not make use of other technologies.
Table 4-1. DCE Component Integration
4-2
Threads RPC CDS DTS Security GDS DFS Diskless Threads
NA
RPC X
NA
X XCDS X X
NA
X X XDTS X X X
NA
XSecurity X X X X
NA
GDS
NA
DFS X X X X X
NA
Diskless X X X X
NA
The DCE components support distributed applications, and in accomplishing that task, they also use each other's services, as shown in the matrix. The use of a given DCE component by another DCE component can provide an example for the application programmer.
Note that many of the boxes are filled in, especially those representing the five most basic components (Threads, RPC, CDS, DTS, and Security). As a result, some pairs of components have mutual dependencies; for example, the Security and CDS components. The Security Service uses information from the Cell Directory Service, while CDS uses the Security Service to control access to its information. The implications of these mutual dependencies are discussed in Section 4.3.
Integration of DCE Technology Components
4.2 Integration by Technology Component
This section takes each of the DCE technology components in turn and describes its use of other technology components.
• DCE Threads Integration
The DCE Threads component does not involve distribution across nodes and therefore does not use any other DCE component.
• DCE RPC Integration
RPC uses Threads, CDS, and the Security Service. Threads are used to allow clients and servers to deal with multiple simultaneous RPCs. Note that as a result of the use of threads by RPC, any component that uses timestamps directly. RPC does, however, depend on DTS to help ensure that clocks on different machines run at approximately the same rate.
The DCE Security Service is used to authenticate the RPC client and server to one another, and to pass authorization information about the client for the server to check against its ACLs.
• DCE CDS Integration
CDS makes use of several DCE technology components. It uses DCE Threads to allow the CDS server and the CDS clerk to handle multiple requests concurrently. It uses RPC in communications between CDS clerks and CDS servers, as well as in communications between CDS servers, such as for keeping replicated information consistent.
CDS relies on DTS to maintain synchronized clocks in the network for use in the sequencing of updates to the namespace and for use in replication. CDS uses GDS (via the GDA) to find foreign cells
Introduction to OSF DeE
4-4
registered in GDS. And finally, CDS uses DCE Security's Access Control Lists and authenticated RPC to ensure authorized access to directory data and administrative functions.
• DCE DTS Integration Security Service to authenticate its interactions.
• DCE Security Service Integration
The DCE Security Server, like all DCE RPC-based applications, uses DCE Threads. The Security Server communicates with its clients using DCE RPC. CDS is used to find Security Servers. GDS may be used indirectly in accessing a Security Server that is in a foreign cell registered in the X.SOO namespace.
The Security Service uses a notion of time for the expiration of credentials and for detecting replays of authentication information. It assumes reasonable synchronization of the clocks in the network, which is accomplished in DCE by the Distributed Time Service. The Security Service does not use DTS timestamps in this version of DCE.
• DCE GDS Integration international directory service standard.
• DCE DFS Integration
The DFS servers that run in user space (for example, the Backup, Fileset Location, and Fileset Servers) all use DCE Threads to handle multiple
Integration of DCE Technology Components
requests. Because the DFS File Exporter and Cache Manager run in the kernel, they do not use DCE Threads; DCE Threads is a user-space, not kernel, threads implementation.
DFS uses DCE RPC for all remote interaction between the DFS clients (for example, the Cache Manager and Scout) and servers (for example, the File Exporter, Fileset Location Server, and Backup Server). Because the Cache Manager and File -Exporter run in the kernel, they use a kernel version of RPC. DFS uses CDS to locate Fileset Location Servers. DFS may use GDS indirectly (via CDS) to locate Fileset Location Servers in foreign cells registered in the X.SOO namespace. DFS uses authenticated RPC and DCE ACLs to protect its resources. DFS relies on DTS to maintain clock synchronization in the network.
• DCE Diskless Support Service Integration
The Swap Server component of the Diskless Support Service uses DCE Threads for concurrency. The Diskless Support Service uses RPC for its interactions with CDS and between the Swap Client and Server. The Diskless Cache Manager also uses RPC to communicate with the DFS File Exporter. It does not use RPC for booting, however, since booting requires very small, simple network services. Diskless Support uses CDS to find its configuration information. Diskless Support Service includes instructions on how to modify the diskless node's kernel to use the DFS Cache Manager (DFS client) to mount the client's root file system.
For diskless operation to be secure, it would require hardware support, which is outside the scope of DCE.
4.3 Implications of Mutual Dependencies
Mutual dependencies among DCE technology components result in restrictions in areas such as the startup of a cell. For example, since the Security Service depends on CDS to find the location of a Security Server, and CDS depends on the Security Service to verify the authenticity of a CDS server, how can a DCE system ever get started? This section identifies the implications of mutual dependencies in the areas of DCE system startup, porting and testing of DCE, and planning for DCE configuration.
Introduction to OSF DeE
4-6
• Implications for Startup
Mutual dependencies in DCE technologies dictate the order in which some steps must be taken in bringing up a DCE client machine, a DCE server machine, and a DCE cell. In particular, a DCE cell's servers must be started up in a particular order. The Security Server is started first, since its dependency on CDS can be circumvented through the use of a local file to find Security Servers. Then the CDS Server is started. For information on starting up DCE, see the first module of the OSF DeE Administration Guide.
• Implications for Porting and Testing
The interdependencies among DCE technologies constrain the order in which technologies can be ported. DCE Threads can be ported first, since other technologies use it, and it has no dependencies. Many of the other technologies have mutual dependencies, however. To resolve this, a porting effort can proceed by first porting the libraries of all the components, and then going on to port and test the servers. GDS can be ported independently, since it has no dependencies on other DCE components. For information on porting DCE technologies, see the OSF DeE Porting and Testing Guide.
• Implications for Configuration
DCE technology interdependencies also have implications for configuration. The servers that other servers depend on are the servers that are the highest priority for replication, in environments where high availability is important. This means that CDS and Security Servers should be replicated, since other DCE servers depend on them in order to operate. Among the various DFS servers, the Fileset Location Server is the highest priority for replication. For information on DCE configuration, see the first module of the OSF DeE Administration Guide.
• Implications for Application Programmers
Since DCE RPC is integrated with DCE Threads, programmers writing RPC-based applications need to be aware of the implications of using multiple threads of control. See the introductory chapter and the Threads chapters of the OSF DeE Application Development Guide for information about programming with Threads.