Serverless distributed file system
First Claim
Patent Images
1. A method comprising:
- identifying a group of computers to which a subtree of a hierarchical namespace used to store files is to be delegated;
generating a delegation certificate for the subtree, wherein the delegation certificate comprises;
a first digitally signed certificate identifying another group of computers responsible for managing a namespace root of the subtree; and
a second digitally signed certificate allowing authorization of the group of computers to manage the subtree to be traced to the other group of computers responsible for managing the namespace root;
digitally signing the delegation certificate; and
issuing the delegation certificate to the group of computers.
4 Assignments
0 Petitions
Accused Products
Abstract
A serverless distributed file system manages the storage of files and directories using one or more directory groups. The directories may be managed using Byzantine-fault-tolerant groups, whereas files are managed without using Byzantine-fault-tolerant groups. Additionally, the file system may employ a hierarchical namespace to store files. Furthermore, the directory group may employ a plurality of locks to control access to objects (e.g., files and directories) in each directory.
-
Citations
22 Claims
-
1. A method comprising:
-
identifying a group of computers to which a subtree of a hierarchical namespace used to store files is to be delegated;
generating a delegation certificate for the subtree, wherein the delegation certificate comprises;
a first digitally signed certificate identifying another group of computers responsible for managing a namespace root of the subtree; and
a second digitally signed certificate allowing authorization of the group of computers to manage the subtree to be traced to the other group of computers responsible for managing the namespace root;
digitally signing the delegation certificate; and
issuing the delegation certificate to the group of computers. - View Dependent Claims (2, 3)
-
-
4. A method as recited in 1, wherein the second digitally signed certificate comprises:
-
an identification of a path below the beginning of another subtree previously delegated to a third group of computers, wherein the third group of computers are the directory group performing generating;
an identification of a root of the other subtree delegated to the third group of computers;
an identification of the subtree; and
an identification of the members of the group of computers. - View Dependent Claims (5)
-
-
6. A method as recited in 1, wherein the first digitally signed certificate is digitally signed by a certification authority (CA).
-
7. A method as recited in 1, wherein the delegation certificate further comprises one or more additional digitally signed certificates allowing a certificate chain to be established from the second digitally signed certificate to the first digitally signed certificate.
-
8. A serverless distributed file system comprising:
-
a plurality of computers;
a first set of the plurality of computers operating to store directory information for the file system, wherein each computer of the first set is part of a Byzantine-fault-tolerant group;
a second set of the plurality of computers operating to store replicas of the files in the file system, wherein for each file stored in the file system a plurality of replicas of the file are stored on the second set of computers, and wherein fewer computers are in the first set than in the second set;
wherein the first set of computers is configured to delegate management responsibility for a group of directories of the file system to a third set of the plurality of computers by, generating a delegation certificate for the group of directories, digitally signing the delegation certificate, and issuing the delegation certificate to the third set of computers; and
wherein the third set of computers is configured to maintain management responsibility for the group of directories by employing a plurality of locks to control access to objects in each directory of the group, wherein the plurality of locks include, a first set of locks to control opening of the objects, and a second set of locks to control access to the data in the objects.
-
-
9. One or more computer readable media having stored thereon a plurality of instructions that, when executed by one or more processors, causes the one or more processors to perform acts comprising:
-
identifying a group of computers to which a subtree of a hierarchical namespace used to store files is to be delegated;
generating a delegation certificate for the subtree, wherein the delegation certificate comprises;
a first digitally signed certificate identifying another group of computers responsible for managing a namespace root of the subtree; and
a second digitally signed certificate allowing authorization of the group of computers to manage the subtree to be traced to the other group of computers responsible for managing the namespace root;
digitally signing the delegation certificate; and
issuing the delegation certificate to the group of computers. - View Dependent Claims (10, 11)
-
-
12. One or more computer readable media as recited in 9, wherein the second digitally signed certificate comprises:
-
an identification of a path below the beginning of another subtree previously delegated to a third group of computers, wherein the third group of computers are the directory group performing generating;
an identification of a root of the other subtree delegated to the third group of computers;
an identification of the subtree; and
an identification of the members of the group of computers. - View Dependent Claims (13)
-
-
14. One or more computer readable media as recited in 9, wherein the first digitally signed certificate is digitally signed by a certification authority (CA).
-
15. One or more computer readable media as recited in 9, wherein the delegation certificate further comprises one or more additional digitally signed certificates allowing a certificate chain to be established from the second digitally signed certificate to the first digitally signed certificate.
-
16. A computer comprising:
-
a processor;
a memory coupled to the processor; and
wherein the memory is to store a plurality of instructions to;
identify a group of computers to which a subtree of a hierarchical namespace used to store files is to be delegated;
generate a delegation certificate for the subtree, wherein the delegation certificate comprises;
a first digitally signed certificate identifying another group of computers responsible for managing a namespace root of the subtree; and
a second digitally signed certificate allowing authorization of the group of computers to manage the subtree to be traced to the other group of computers responsible for managing the namespace root;
digitally sign the delegation certificate; and
issue the delegation certificate to the group of computers. - View Dependent Claims (17, 18)
-
-
19. A computer as recited in 16, wherein the second digitally signed certificate comprises:
-
an identification of a path below the beginning of another subtree previously delegated to a third group of computers, wherein the third group of computers are the directory group performing generating;
an identification of a root of the other subtree delegated to the third group of computers;
an identification of the subtree; and
an identification of the members of the group of computers. - View Dependent Claims (20)
-
-
21. A computer as recited in 16, wherein the first digitally signed certificate is digitally signed by a certification authority (CA).
-
22. A computer as recited in 16, wherein the delegation certificate further comprises one or more additional digitally signed certificates allowing a certificate chain to be established from the second digitally signed certificate to the first digitally signed certificate.
Specification