Waterloo Polaris Phase II
A Discussion Paper
Early Draft:
Version 1.2
Printed: Feb 9,1998
Introduction:
This discussion paper is intended to give an overview of the current Waterloo Polaris system (referred to as Phase I) and future directions EC staff would like to take in developing a more robust, more easily supported environment referred to in this document as Waterloo Polaris Phase II.
Waterloo Polaris Phase 1:
Waterloo Polaris Phase I was developed as a Win32 successor to the 16bit Watstar and as a foundation for future enhancements to our computing environment. Waterloo Polaris Phase 1 provided the familiar Watstar user features in a new Win32 environment.
Phase I also adopted some significant changes which will act as a springboard for us to move to the use of open technologies as the building blocks for file, application, e-mail, web and other serving functions. This will lead to the elimination of the Watstar server over time:
Unix or any other open server could become the Email storage host, this replaced the proprietary Email delivery technologies used in the past
Phase I was the most difficult and expensive step which required that we upgrade many workstations, all the software, the Email subsystem, the networking technology and upgrading all the servers.
From the systems software side, Phase I was also the most complicated because we had to solve new Windows problems and create and perfect a lot of new technologies. Win95 comes out of the box knowing how to talk to NT and Netware servers, we had to make it talk Watstar, and make it respect Watstar’s legacy features which are highly desired but unavailable from Microsoft. We also had to make Win95 talk to Unix and NT systems better than it does by default.
In winter 1998, there will be some incremental additions to improve multi-platform and Internet issues on Phase I. Most involve minor client software enhancements, and these changes will be distributed automatically to all Waterloo Polaris stations.
increased Email security to reduce tampered messages
One of the ambitious design goals of Waterloo Polaris Phase I was backward compatibility with Watstar. However, Waterloo Polaris is NOT permanently tied to the Watstar server. That connection is only temporary to facilitate the transition - Waterloo Polaris Phase I currently relies on Watstar and established subsystems to provide continuity. In order to move to a more open systems architecture, we need to abandon the Watstar server.
Phase II
The most important aspect about Phase II is that we have a functional Phase I system in place, giving us the freedom to implement Phase II in a modular fashion, at our convenience, rather than in a rushed fashion.
With Phase I in place, Phase II is more of an architectural shift than a user shift. In fact, most typical users will be unaware of the next changes. But users who somehow want to push the envelope (e.g. village users, office machines, laptops, etc.) will all be enthused. We also expect the faculty computing offices and IST to be pleased as this will improve their ability to manage and support the resulting system.
The Client OS
The client OS supported by Waterloo Polaris Phase II will be the standard, or preferred, client OS, currently Windows 95, and a ‘light’, or secondary client which will allow other client OS, and a core, but reduced set of features as compared to the primary client OS.
1. The Primary Client OS
The next phase of Waterloo Polaris will have a preferred client OS which will likely remain Windows 95 for the present time. All student lab machines and any office machines hoping to have automatic updates and no maintenance should stick with the preferred client OS, and they will continue to have the most fully integrated client system, and the most fully supported one too. Win95 remains the best choice for now. Waterloo Polaris II for these preferred clients will not likely require a re-install, the few changes should be distributable using Waterloo Polaris itself
2. The Secondary Client OS - the ‘light’ Client
Other operating systems like NT and even personal workstation running most popular OS’s (desktops or laptops running Win95, NT Workstation, Linux, etc.) in locations like offices or the villages will be able to gain access to Waterloo Polaris II by using a ‘light’ client, which will provide only core Waterloo Polaris features:
The effect of incorporating these systems into the campus PC network will allow a greater degree of access to the network by a larger set of more varied clients - thus providing a higher degree of integration than currently exists on campus. It will hopefully slow the need for additional computing stations and thus save money and space.
The Server OS
The primary goal in this second phase of Waterloo Polaris is to support open protocols and thus open server technologies. The philosophy toward open systems is easy - if a given server product speaks the right protocols, has the right capabilities, and is easily configured and managed, then there should be only minor dependencies for each supported brand.
An example is our present pop mail system, where only a small C-shell script exists to interface our generic account creation software between the various brands of Unix used to implement the mail servers. Upgrading to a more powerful server would be simple, and even supporting new brands of Unix is not a major issue.
An immediate result from this fact is reduced vendor reliance and improved campus stability. The life cycle should be measured in terms of years, not months, and we encourage vendor competition by forcing vendors to remain compatible with open standards.
Phase II Server Specifics
The general role of today’s Watstar server will be broken into several categories. Depending on the situation for a given faculty, some of these tasks may be grouped onto the same server:
Other concerns, like DNS and News servers are already covered by appropriate Unix machinery.
Aside: The file and application server products will have to be well configured and used intelligently.
Achieving integration with Open Systems
Waterloo Polaris will adopt standards based mechanisms for logins (including directory services with LDAP), file service (CIFS/SMB), etc. in addition to our existing support of standards like POP/IMAP. On the surface these goals sound similar to NT 5.0's goals, but the differences are significant under close inspection - Waterloo Polaris will be designed for and committed to a truly open multi-vendor system with a focus on stability rather than a series of upgrade sales. We can concentrate solely on our needs and have the freedom to select and include proven server technologies as necessary. We easily build on what Microsoft offers, but massage it so the result is more open and more timely, but with no loss of functionality.
Benefits of Open Technology:
The benefits of an open technology for the file server are tremendous:
The Path from Watstar to Waterloo Polaris II
Table 1 lists enhancements which have been performed specifically for Waterloo Polaris, but one can see that they are compatible with a non-Watstar future. Also listed is a suggested Phase II configuration for comparison.
Table I - Features of the Transition Path.
Topic | Watstar 1996 | Waterloo
Polaris 1997
Phase I |
Waterloo Polaris
Phase II With Unix, NT or other filservers for most user files |
|
Backbone
Faculty Campus |
ProNET
ProNET |
Fast Ethernet
proNET but soon IP |
IP
IP |
|
User Home Disk Location and
Backup Method |
Watstar
Proprietary |
Watstar
|
SMB
|
SMB
possibly network appliance Open, e.g. Hoover |
Application Disk | Watstar | Watstar | SMB | SMB - likely a different server than the user fileserver because we would like to isolate user data traffic from the high load of application traffic. With our size, we can afford to do this. |
Print Serving | Watstar | Watstar
(+ lpr to Unix) |
SMB
incl. network printers |
SMB (including network printers) |
Authentication | Watstar | Watstar | Kerberos or something similar | |
Accounting | Watstar | Watstar | successor unknown | |
Account Creation | Watstar | Watstar
(Watstar + Unix servers) |
MFCF
(Watstar +Unix servers) |
successor unknown |
IP Routing
|
Proprietary enhancement to routers | Any IP Router | Any IP Router | |
IP Security | Watstar server | Watstar Server | successor unknown | |
Station Hardware
Video Disk RAM |
VGA 0, 100, 1000 MB 8 MB |
SVGA 1 GB 16 MB |
SVGA 1 GB min 16 MB (min for 95) |
|
Email System | Unix + Proprietary
Not available from home except through TELNET |
POP3 / IMAP
Can be read from home |
POP3 / IMAP
Can be read from home. |
|
Home Access for Files | Ugly TELNET feature can be used to transfer files. | minimal FTP to Watstar
servers.
Good SMB/FTP if user files on SMB server |
SMB and FTP | |
Web Host Access | FTP - yuck | SMB - nice | SMB - nice, other products like FrontPage | |
Local Disk Security | DOS feature | DOS feature +
Win95 VxD |
missing, but can re-use from Waterloo Polaris | |
Workstation Disk Layout | Win311 Network Install | Win95 Network Install cleverly used to segregate files into readonly, user data, and disposable data | We can continue to use the Waterloo Polaris strategy. |
Phase II Benefits
The goal of Phase II includes selecting an appropriate server technology (NT, Unix, Network Appliance, etc.). Then Waterloo Polaris becomes simply the campus architecture and the workstation drivers which work with that server and the built-in Microsoft networking on the client.
Security:
Performance
Support Benefits
User Benefits
Challenges
There are some challenges associated with the Waterloo Polaris II approach:
Conclusions:
At this point Waterloo Polaris Phase II appears to be an attractive alternative to the current proprietary Watstar. It proposes to address many of the current concerns with Watstar and Waterloo Polaris Phase I, but clearly it needs further investigation and study.
Appendix 1: Some Server Platforms Notes
Network Appliance
The Network Appliance is a PC running a custom OS and custom filesystem designed specifically to serve files over standard protocols like NFS and SMB. The same network appliance can adequately cover PC and Unix users.
Its supplier has earned respect in the Unix community for years for having a solid NFS product, and stuffing it with supported hardware so the administrator spends little effort on configuration.
The SMB/CIFS implementation seems very good too based on our tests. It also offers good diagnostics and is nicely administered over a network (like Unix, but unlike NT) with network logins and command line tools.
RAID and multiple network interfaces make this a capable system. Its well designed filesystem layout allow it to serve NFS and SMB/CIFS with little effort and quotas are built in. By contrast, Unix spends effort offering SMB/CIFS, and NT has no quotas and is not well designed for production level NFS serving.
The NetApp’s most major detraction is its prohibitive price. The other problem is that it is not Unix or NT, so it’s different again.
Judging from our experience, the NetApp is generally quite fast and easy to integrate. It has nice features like access control lists. The company specializes in supporting open protocols, so it does open protocols very well. Little effort should be required to use it extensively in a Waterloo Polaris configuration.
Unix
There are three major Unix implementations of SMB/CIFS. Some are commercial and the last is freeware.
All of these share a few noteworthy features when compared to NTAS. The underlying filesystems (UFS, LFS, etc.) are proven technologies which do not fragment easily. User quotas and other features are often commonplace. The operating systems include user administration tools and file formats which are more easily integrated into a complex environment with scripts and remote access. Often directory services, NFS and NIS are already included. The servers are typically scalable.
AT&T Advanced Server for Unix
AS/U is licensed by several Unix system vendors including Digital. AT&T directly supplies versions for AIX, Solaris, Digital Unix.
AS/U has ACL features beyond NT’s own, and otherwise is comparable in most ways to NTAS.
Syntax TotalNet Advanced Server
This product is licensed by IBM (AIX Connections) and has been a big selling point of recent Sun releases. There may be other OEMs.
Samba
Samba is a GNU software license product.
Samba’s greatest strengths are that it is free, it works on almost any platform (not an issue for us), and that it is very flexible.
Even if some other product is used for mass file storage, Samba fills in some needed services which make it very convenient. It also uses ASCII configuration files and is easy to configure.
Recent releases have greatly improved performance using memory mapped files, giving Samba performance comparable to NTAS. The underlying Unix system obviously does a fine job of NFS serving to other clients, making this an interesting server for multiple platforms.
Samba’s technical limitations are its diagnostic tools. If there is a problem, the smbstatus program is too limited to really help in a situation like ours, and it is output only and does not allow one to solve problems like dangling open files.
Sometimes Samba load can devastate servers. Another concern is that this is not commercial software, there is no 1-900 support number to call in frustration.
NT
NT Advanced Server (NTAS) is available for Intel and Alpha in single and multiprocessor versions.
NTAS is very well tuned for SMB fileservice in both OS design and its disk layout. Its ACLs (access control lists) are nice. It takes little effort for NTAS to serve PC clients, and it does so reliably. Hardware availability for RAID, UPS monitoring and other features is excellent.
NT has some excellent medium scale database tools, and it shares the client’s Win32 API. These features make NT a good choice for some of the daemon type background operations we must perform.
NT 5.0, still months away, promises many new and desirable features, including disk quotas. Many promised features are still not present in test releases, such as the traveling profiles which Waterloo Polaris boasts. Also, the recent release of 4.0 Enterprise Edition suggests that 5.0 should not be expected until near 1999.
NT’s weaknesses are largely that it is new and highly proprietary. New releases are frequent and important because they fill in key missing features. The upgrade path is still awkward due to significant design changes, and upgrading of all servers is mandatory since service packs do not always add missing features to older releases. NTAS also suffers from numerous security and design holes which have long been solved on more mature platforms.
The shipping version of the filesystem is also not well designed for our user environment. The filesystem is prone to fragmentation, it lacks user quotas, and it is appropriate for NT clients but not NFS clients. A new filesystem is included in the 5.0 prerelease kit, so we will have to investigate it once 5.0 becomes a real product.
User account creation is also a concern. Command line user administration tools are limited and not easily networked. Again, version 5 promises more, but it still not easily integrated into our complex Campus userid creation systems.
Microsoft already warns users that every NT 4 server (the current version) must be upgraded to NT 5 if the new LDAP based directory service and similar features of NT 5 are to be usable. Few other companies would so boldly promise to make recently released products obsolete so quickly.
Given the promises of 5.0, NTAS may be appropriate for some disk storage several terms from now. But there will still be development effort to manage user accounts and perform other large scale tasks on the scale currently being done by the Watstar and MFCF systems. Also, an NTAS server solution does not bode well for Unix clients. Faculties with a strong Unix component will continue to want open solutions for user file storage.