docs: 10 blocks by default, not 12

This commit is contained in:
amber 2008-02-13 04:57:19 -07:00
parent 124b2160b9
commit 0a01fd405b
2 changed files with 4 additions and 4 deletions

View File

@ -17,7 +17,7 @@
<h2>Overview</h2> <h2>Overview</h2>
<p>A "storage grid" is made up of a number of storage servers. A storage server has local attached storage (typically one or more SATA hard disks). A "gateway" uses the storage servers and provides to its clients a filesystem over a standard protocol such as HTTP(S), FUSE, or SMB.</p> <p>A "storage grid" is made up of a number of storage servers. A storage server has local attached storage (typically one or more SATA hard disks). A "gateway" uses the storage servers and provides to its clients a filesystem over a standard protocol such as HTTP(S), FUSE, or SMB.</p>
<p>Users do not rely on storage servers to provide <i>confidentiality</i> nor <i>integrity</i> for the data -- instead all of the data is encrypted and integrity-checked by the gateway, so that the servers can neither read nor alter the contents of the files.</p> <p>Users do not rely on storage servers to provide <i>confidentiality</i> nor <i>integrity</i> for the data -- instead all of the data is encrypted and integrity-checked by the gateway, so that the servers can neither read nor alter the contents of the files.</p>
<p>Users do rely on storage servers for <i>availability</i>. The ciphertext is erasure-coded and distributed across <cite>N</cite> storage servers (the default value for <cite>N</cite> is 12) so that it can be recovered from any <cite>K</cite> of these servers (the default value of <cite>K</cite> is 3). Therefore only the simultaneous failure of <cite>N-K+1</cite> (with the defaults, 10) servers can make the data unavailable. Phrasing this in terms of <i>reliance</i>, we say that the users <i>rely on</i> the gateway for the confidentiality and integrity of the data, and on any 3 of the 12 servers for the availability of the data.</p> <p>Users do rely on storage servers for <i>availability</i>. The ciphertext is erasure-coded and distributed across <cite>N</cite> storage servers (the default value for <cite>N</cite> is 12) so that it can be recovered from any <cite>K</cite> of these servers (the default value of <cite>K</cite> is 3). Therefore only the simultaneous failure of <cite>N-K+1</cite> (with the defaults, 10) servers can make the data unavailable. Phrasing this in terms of <i>reliance</i>, we say that the users <i>rely on</i> the gateway for the confidentiality and integrity of the data, and on any 3 of the 10 servers for the availability of the data.</p>
<p>In the typical deployment mode each user runs her own gateway on her own machine. This way she need rely only on her own machine for the confidentiality and integrity of the data, and she can take advantage of filesystem integration using FUSE or SMB.</p> <p>In the typical deployment mode each user runs her own gateway on her own machine. This way she need rely only on her own machine for the confidentiality and integrity of the data, and she can take advantage of filesystem integration using FUSE or SMB.</p>
<p>An alternate deployment mode is that the gateway runs on a remote machine and the user connects to it over HTTPS. This means that the operator of the gateway can view and modify the user's data (the user <i>relies on</i> the gateway for confidentiality and integrity), but the user can access the filesystem with a client that doesn't have the gateway software installed, such as an Internet kiosk or cell phone.</p> <p>An alternate deployment mode is that the gateway runs on a remote machine and the user connects to it over HTTPS. This means that the operator of the gateway can view and modify the user's data (the user <i>relies on</i> the gateway for confidentiality and integrity), but the user can access the filesystem with a client that doesn't have the gateway software installed, such as an Internet kiosk or cell phone.</p>
<p>A user who has read-write access to a file or directory in this filesystem can give another user read-write access to that file or directory, or read-only access to that file or directory. A user who has read-only access to a file or directory can give another user read-only access to it.</p> <p>A user who has read-write access to a file or directory in this filesystem can give another user read-write access to that file or directory, or read-only access to that file or directory. A user who has read-only access to a file or directory can give another user read-only access to it.</p>

View File

@ -37,7 +37,7 @@ secure remote message passing library.
Each peer offers certain services to the others. The primary service Each peer offers certain services to the others. The primary service
is that of the storage server, which holds data in the form of is that of the storage server, which holds data in the form of
"shares". Shares are encoded pieces of files. There are a "shares". Shares are encoded pieces of files. There are a
configurable number of shares for each file, 12 by default. Normally, configurable number of shares for each file, 10 by default. Normally,
each share is stored on a separate server, but a single server can each share is stored on a separate server, but a single server can
hold multiple shares for a single file. hold multiple shares for a single file.
@ -62,9 +62,9 @@ example the lag between hitting "play" and a movie actually starting.
The peer then erasure-codes each segment, producing blocks such that The peer then erasure-codes each segment, producing blocks such that
only a subset of them are needed to reconstruct the segment (by only a subset of them are needed to reconstruct the segment (by
default 3 out of 12 of the blocks). It sends one block from each default 3 out of 10 of the blocks). It sends one block from each
segment to a given server. The set of blocks on a given server segment to a given server. The set of blocks on a given server
constitutes a "share". Only a subset of the shares (3 out of 12) are constitutes a "share". Only a subset of the shares (3 out of 10) are
needed to reconstruct the file. needed to reconstruct the file.
A tagged hash of the encryption key is used to form the "storage A tagged hash of the encryption key is used to form the "storage