+= Tahoe-LAFS Architecture =
- Tahoe-LAFS Architecture
+1. Overview
+2. The Key-Value Store
+3. File Encoding
+4. Capabilities
+5. Server Selection
+6. Swarming Download, Trickling Upload
+7. The Filesystem Layer
+8. Leases, Refreshing, Garbage Collection
+9. File Repairer
+10. Security
+11. Reliability
-(See the docs/specifications directory for more details.)
-OVERVIEW
+== Overview ==
+
+(See the docs/specifications directory for more details.)
There are three layers: the key-value store, the filesystem, and the
application.
filesystem (see the RelatedProjects page of the wiki for a list).
-THE KEY-VALUE STORE
+== The Key-Value Store ==
The key-value store is implemented by a grid of Tahoe-LAFS storage servers --
user-space processes. Tahoe-LAFS storage clients communicate with the storage
server to tell a new client about all the others.
-FILE ENCODING
+== File Encoding ==
When a client stores a file on the grid, it first encrypts the file. It then
breaks the encrypted file into small segments, in order to reduce the memory
into plaintext, then emit the plaintext bytes to the output target.
-CAPABILITIES
+== Capabilities ==
Capabilities to immutable files represent a specific set of bytes. Think of
it like a hash function: you feed in a bunch of bytes, and you get out a
key-value layer.
-SERVER SELECTION
+== Server Selection ==
When a file is uploaded, the encoded shares are sent to some servers. But to
which ones? The "server selection" algorithm is used to make this choice.
long-term connections, at the expense of complexity and latency.
-SWARMING DOWNLOAD, TRICKLING UPLOAD
+== Swarming Download, Trickling Upload ==
Because the shares being downloaded are distributed across a large number of
nodes, the download process will pull from many of them at the same time. The
See "helper.txt" for details about the upload helper.
-THE FILESYSTEM LAYER
+== The Filesystem Layer ==
The "filesystem" layer is responsible for mapping human-meaningful pathnames
(directories and filenames) to pieces of data. The actual bytes inside these
that are globally visible.
-LEASES, REFRESHING, GARBAGE COLLECTION
+== Leases, Refreshing, Garbage Collection ==
When a file or directory in the virtual filesystem is no longer referenced,
the space that its shares occupied on each storage server can be freed,
garbage collection.
-FILE REPAIRER
+== File Repairer ==
Shares may go away because the storage server hosting them has suffered a
failure: either temporary downtime (affecting availability of the file), or a
in client behavior.
-SECURITY
+== Security ==
The design goal for this project is that an attacker may be able to deny
service (i.e. prevent you from recovering a file that was uploaded earlier)
capabilities).
-RELIABILITY
+== Reliability ==
File encoding and peer-node selection parameters can be adjusted to achieve
different goals. Each choice results in a number of properties; there are
-= Tahoe FTP/SFTP Frontend =
+= Tahoe FTP and SFTP Frontends =
1. FTP/SFTP Background
2. Tahoe Support
4. Configuring FTP Access
5. Configuring SFTP Access
6. Dependencies
+7. Immutable and mutable files
+
== FTP/SFTP Background ==
and passwords, octal file modes (user/group/other, read/write/execute), and
ctime/mtime timestamps.
+
== Tahoe Support ==
All Tahoe client nodes can run a frontend FTP server, allowing regular FTP
latter form is used by allmydata.com to provide secure access to customer
rootcaps.
+
== Creating an Account File ==
To use the first form, create a file (probably in
Then add an 'accounts.file' directive to your tahoe.cfg file, as described
in the next sections.
+
== Configuring FTP Access ==
To enable the FTP server with an accounts file, add the following lines to
You can provide both accounts.file and accounts.url, although it probably
isn't very useful except for testing.
+
== Configuring SFTP Access ==
The Tahoe SFTP server requires a host keypair, just like the regular SSH
projects / tahoe-lafs / tahoe-lafs.git / commitdiff