U.S. patent application number 10/704327 was filed with the patent office on 2004-06-17 for dynamic directory service.
Invention is credited to Abraham, William, Carter, John B., Davis, Scott H., Dietterich, Daniel J., Frank, Steven J., Phillips, Robert S..
Application Number | 20040117410 10/704327 |
Document ID | / |
Family ID | 27419465 |
Filed Date | 2004-06-17 |
United States Patent
Application |
20040117410 |
Kind Code |
A1 |
Dietterich, Daniel J. ; et
al. |
June 17, 2004 |
Dynamic directory service
Abstract
In a network of computer nodes, a directory service provides
both the physical location of directory information around the
network and the directory information itself in a single data
structure.
Inventors: |
Dietterich, Daniel J.;
(Acton, MA) ; Phillips, Robert S.; (Brookfield,
MA) ; Carter, John B.; (Salt Lake City, UT) ;
Davis, Scott H.; (Groton, MA) ; Frank, Steven J.;
(Hopkinton, MA) ; Abraham, William; (Windham,
NH) |
Correspondence
Address: |
PROSKAUER ROSE LLP
PATENT DEPARTMENT
1585 BROADWAY
NEW YORK
NY
10036-8299
US
|
Family ID: |
27419465 |
Appl. No.: |
10/704327 |
Filed: |
November 7, 2003 |
Related U.S. Patent Documents
|
|
|
|
|
|
Application
Number |
Filing Date |
Patent Number |
|
|
10704327 |
Nov 7, 2003 |
|
|
|
08850137 |
May 2, 1997 |
|
|
|
6647393 |
|
|
|
|
08850137 |
May 2, 1997 |
|
|
|
08754481 |
Nov 22, 1996 |
|
|
|
6148377 |
|
|
|
|
08850137 |
May 2, 1997 |
|
|
|
08827534 |
Mar 28, 1997 |
|
|
|
5918229 |
|
|
|
|
Current U.S.
Class: |
1/1 ; 707/999.2;
707/E17.12; 711/E12.025; 711/E12.066; 714/E11.016; 714/E11.072 |
Current CPC
Class: |
H04L 67/36 20130101;
Y10S 707/966 20130101; G06F 9/5016 20130101; G06F 11/0724 20130101;
G06F 11/2094 20130101; Y10S 707/99943 20130101; H04L 69/329
20130101; G06F 16/9574 20190101; H04L 67/02 20130101; G06F 11/1425
20130101; Y10S 707/99945 20130101; G06F 11/182 20130101; H04L 69/40
20130101; G06F 11/0757 20130101; H04L 67/42 20130101; G06F 11/1435
20130101; H04L 67/1095 20130101; H04L 69/24 20130101; G06F 15/167
20130101; G06F 12/0813 20130101; G06F 12/1072 20130101; H04L
67/1002 20130101; H04L 29/06 20130101; H04L 67/00 20130101 |
Class at
Publication: |
707/200 |
International
Class: |
G06F 017/30 |
Claims
What is claimed is:
1. A method for obtaining directory information, comprising:
providing a plurality of nodes interconnected by a network;
providing a directory service on the network by installing on each
of the nodes a directory service program that allows directory
information to be accessed by each of the nodes and that stores on
one or more of the nodes a directory that includes both the
directory information and information about the location of the
directory information on the network; and obtaining both the
location information and the directory information by accessing the
directory service.
2. The method of claim 1 wherein the directory service providing
step further comprises installing the directory service program on
each of the nodes and the directory service program automatically
replicates directory information.
3. The method of claim 2 wherein the directory service providing
step further comprises installing the directory service program on
each of the nodes and the directory service program automatically
replicates directory information based on accesses of the directory
service by the nodes.
4. The method of claim 2 wherein the directory service providing
step further comprises installing the directory service program on
each of the nodes and the directory service program automatically
replicates directory information based on available resources on
the network.
5. The method of claim 1 wherein the directory service providing
step further comprises installing the directory service program on
each of the nodes and the directory service program automatically
migrates directory information.
6. The method of claim 5 wherein the directory service providing
step further comprises installing the directory service program on
each of the nodes and the directory service program automatically
migrates directory information based on accesses of the directory
service by the nodes.
7. The method of claim 5 wherein the directory service providing
step further comprises installing the directory service program on
each of the nodes and the directory service program automatically
migrates directory information based on available resources on the
network.
9. A method for storing directory information, comprising:
providing a plurality of nodes interconnected by a network; and
storing on one or more of the nodes a data structure representative
of both the directory information and information about the
location of the directory information on the network.
10. A system for accessing directory information, comprising: a
computer network; a storage system for maintaining directory
information; and a plurality of computers, coupled to the network
and the storage system, for accessing the storage system to obtain
directory information; wherein the storage system replicates and
migrates directory information among two or more of the computers.
Description
CROSS-REFERENCE TO RELATED APPLICATIONS
[0001] This application is a continuation-in-part of co-pending
U.S. patent applications Ser. No. 08/754,481, filed Nov. 22, 1996,
and serial number ______, filed Mar. 28, 1997 and bearing attorney
docket number CLC-002. The entirety of both of these applications
is incorporated herein by reference.
TECHNICAL FIELD
[0002] The present invention relates in general to directory
services and, more specifically, to a dynamic directory service
that maintains a directory in which is stored both (1) directory
information and (2) information identifying the physical layout or
structure of the directory.
BACKGROUND INFORMATION
[0003] Computer-based structured storage systems, such as computer
file systems and database systems, have been remarkably successful
at providing users with quick and facile access to enormous amounts
of data. Structured storage systems have allowed businesses to
generate and maintain enormous stores of persistent data that the
company can modify and update over the course of years. For many
companies, this persistent data is a valuable capital asset that is
employed each day to perform the company's core operations. The
data can be, for example, computer files (e.g., source code,
wordprocessing documents, etc.), database records and information
(e.g., information on employees, customers, and/or products),
and/or Web pages.
[0004] A typical computer based structured storage system includes
a central server that provides centralized control over the
structured store of data. The structured store of data is the
information that is being maintained by the system, such as
information in the files and directories of a file system or within
the records of a database system. The central server provides
system services to a plurality of interconnected network client
nodes, and each of the client nodes employs the central server to
access and manipulate the structured store of data.
[0005] It is common to use the central network server to provide a
directory service, i.e., a specialized hierarchical database of
network, user, and other computer system configuration information.
This information typically includes operating system configuration
information, application program configuration information, network
configuration information, network-accessible resources, exported
devices and services, network printers, and user account records.
Network user account records are what allow network-wide, unified
"log on," and they allow sophisticated application programs to
obtain broader, coherent name spaces (e.g., electronic mail system
application programs). Novell's Directory Server (NDS), available
from Novell, Inc. of Provo, Utah, is one example of software that
implements a directory service and that runs on a central server to
allow maintenance of and access to directory information.
[0006] Although central server directory services such as NDS
generally work, problems arise from relying on centralized control.
For example, the operation of the network is dependent upon the
proper functioning of the central server. Any failure of the server
to maintain proper operation, such as a power failure, hardware
failure, or other such system failure, will disable the entire
network and generally prevent users from obtaining access to the
network and its resources. Additionally, a flood of client requests
(e.g., access of user account records) can overload the central
server and slow down or crash the network. Accordingly, reliance on
a centralized, server-based directory service can result in slow
operation or total network failure during periods of heavy use.
[0007] An additional problem with a client-server network system is
that it provides a static operating environment that is set for
optimal performance at a certain level of network activity.
Consequently, the network fails to exploit available resources to
improve system performance. In particular, as the system activity
rises above or drops below the expected level of network activity,
the static operating environment lacks any ability to reconfigure
dynamically the allocation of network resources to one providing
better performance for the present level of activity.
[0008] Technology has been developed to improve the reliability and
operation of a centralized server directory service. This
technology involves employing a plurality of central servers. Each
of the servers provides a directory service. Whenever the directory
information changes, all of the redundant servers are updated so
that requests can be made to any of the centralized servers without
impacting the correctness of the response.
[0009] While this statically replicated technology improves upon
the single server arrangement, it generally performs poorly or
fails as the size of the network increases. As client nodes are
added to the network and more directory servers are added to the
network to handle the corresponding increased network load, the
sustainable update rate of information managed by the servers
decreases because the overhead and complexity of propagating
updates (i.e., changes to the data stored in and replicated across
the directory servers) increases with the increased network size.
Thus, known directory services are inherently read-mostly
repositories, and that is the way they are designed and used. That
is, known directory services are used only for infrequently-updated
directory information.
[0010] Examples of this centralized, statically replicated,
hierarchical directory service technology include Microsoft's
Active Directory (NT 5.0), NDS, Banyan's Streetalk, and X.500
directory services. Lightweight Directory Access Protocol (LDAP) is
a "common" protocol that can be used to access data from any
compatible directory server such as NDS.
SUMMARY OF THE INVENTION
[0011] It is an object of the invention to provide a dynamic
directory service that is an improvement over centralized,
statically replicated, hierarchical database directory
services.
[0012] It is also an object of the invention to provide a dynamic
directory service that maintains a directory in which is stored
both (1) directory information and (2) the physical layout of the
directory itself. That is, the invention involves the use of a
directory having both information about where to find the directory
information of interest as well as the actual directory
information.
[0013] It is a further object of the invention to provide a dynamic
directory service that is more reliable and provides improved fault
tolerant operation over existing directory services, and that has
the ability to replicate and move data dynamically in response to
network activity levels and access patterns. This ability optimizes
performance and minimizes the time required to provide directory
information (e.g., network configuration information,
organizational information, user configuration information, and
network-accessible resources such as exported devices and services,
network printers, and user account records) to requesting network
nodes.
[0014] It is yet another object of the invention to provide a
dynamic directory service that provides distributed control over a
structured store of directory information and that allows that
information to be changed and/or updated with higher frequency than
generally possible with existing directory services without
adversely effecting network performance or network node access
times.
[0015] It is still another object of the invention to provide a
dynamic directory service that maintains and allows access to
frequently-changing, as well as infrequently-changed, directory
information.
[0016] The directory service of the invention maintains both the
physical location information and the directory information itself
in the same data structure. That data structure is distributed
around the network, and all of the directory information is
homeless (except, usually, a root record). The distributed
directory service of the invention allows network nodes to locate
copies of records to which the nodes want access. A globally unique
identifier (GUID) is associated with each record as a unique index
key that can be used to identify the record on the network. It
contains no location information, and a given record can be
physically located anywhere on the network. Each of the records
also can migrate from physical location (node) to physical location
(node) around the network. The invention provides automatic
migration and/or replication of directory information among the
network nodes without reconfiguring the network nodes and in a
manner transparent to users at the nodes. An example of a mechanism
that can be used to keep replicated records consistent is a
single-writer, multiple-reader, write-invalidate protocol.
[0017] The directory service of the invention can, in some specific
embodiments, employ a globally-addressable unstructured memory
system to maintain simultaneously both the directory information
and layout information in accordance with the invention. For
example, the directory service can employ the distributed shared
memory (DSM) system described in the above-identified,
incorporated-by-reference patent applications, which DSM system
distributes the storage of data across some or all of the storage
devices connected to a network. Storage devices that may be
connected to the network and accessible to the network nodes by
address via the DSM system include, for example, RAM, hard disk
drives, tape drives, floppy disk drives, and CD-ROM drives. In some
embodiments, the dynamic directory service is a computer program
that interfaces to a DSM system to operate the DSM system as a
memory device that provides storage of and access to the directory
information. The directory service program can direct the DSM
system to map directory information into the shared memory space.
The DSM system can include functionality to share, migrate, and
replicate data coherently. In one embodiment, the DSM system
provides memory device services to the directory service program.
These services can include read, write, allocate, flush, or any
other similar or additional service suitable for providing low
level control of a storage device. The directory service program
employs these DSM system services to allocate and access portions
of the shared memory space for creating and manipulating the
directory information. In connection with these embodiments, a
system and related method for accessing directory information
includes a computer network, a globally addressable data storage
system, and a plurality of computers coupled to the network and the
data storage system. The globally addressable data storage system
provides persistent storage of data and contains directory
information. The plurality of computers access the data storage
system to obtain directory information. Based on the access
patterns by the computers and/or the available network resources,
the data storage system replicates and migrates directory
information among two or more of the computers.
[0018] In one aspect, the invention relates to a method comprising
the steps of providing a plurality of nodes interconnected by a
network and storing on one or more of the nodes a directory
containing both the directory information and information about the
layout of the directory (i.e., where to find the directory
information).
[0019] In another aspect, the invention relates to a method
comprising the steps of providing a plurality of nodes
interconnected by a network, providing a directory service on the
network by installing on each of the nodes a directory service
program that allows directory information to be accessed by each of
the nodes and that stores on one or more of the nodes a directory
including both the directory information and information about the
location of the directory information on the network, and obtaining
both the physical location of directory information of interest and
the directory information of interest itself by accessing the
directory service.
[0020] The foregoing and other objects, aspects, features, and
advantages of the invention will become more apparent from the
following description and from the claims.
BRIEF DESCRIPTION OF THE DRAWINGS
[0021] In the drawings, like reference characters generally refer
to the same parts throughout the different views. Also, the
drawings are not necessarily to scale, emphasis instead generally
being placed upon illustrating the principles of the invention.
[0022] FIG. 1 is a conceptual block diagram of a dynamic directory
service according to the invention.
[0023] FIG. 2 is a diagram of the types of directory information
that can be maintained by a dynamic directory service of the
invention.
[0024] FIG. 3 is a diagram of a directory record used by a dynamic
directory service according to the invention.
[0025] FIG. 4A is a flowchart of the steps a directory service of
the invention takes to service a request from a network node for
directory information.
[0026] FIG. 4B is a flowchart disclosing additional detail of the
steps taken by the directory service to service the network node's
request for directory information.
[0027] FIG. 5 is a diagram showing an example of directory records
of a distributed dynamic directory service according to the
invention.
DESCRIPTION
[0028] According to the invention, a computer network system 10
includes a plurality of network nodes that access a common
directory service. The directory service is a specialized
hierarchical structured database. Examples of the types of
information that can be stored and maintained by the directory
service include operating system configuration information,
application program configuration information, network
configuration information, network-accessible resources, exported
devices and services, network printers, and network user account
records. Each of the nodes on the network includes at least a
directory service program that accesses and manages the directory
service. The directory service may be stored in an addressable
shared memory or it may be stored in a more traditional fashion.
For example, each node may be responsible for storing a particular
element or elements of the directory service. In such an
embodiment, the directory service program can access a desired
portion of the structured store using a globally-unique tag or
identifier. The underlying system would translate the tag or
identifier into one or more commands for accessing the desired
data, including network transfer commands. In another embodiment,
the directory service is stored in an addressable shared memory
space, which allows the network nodes transparently to access
portions of the structured store using standard memory access
commands. In a preferred embodiment, the tag or identifier is an
address into an addressable memory space such as a 128-bit address
space.
[0029] The system 10 can be a file system, a database system, a Web
server, an object repository system, or any other structured
storage system that maintains an organized set of data. In the
disclosed embodiment, the system 10 is a directory service that
maintains various directory information.
[0030] Referring to FIG. 1, in one embodiment, the network system
10 includes a plurality of network nodes 12a-12d and a common
directory service subsystem 20 that provides a dynamic directory
service 22 according to the invention. The dynamic directory
service 22 maintains and provides access to data including both the
directory information itself and the physical layout of the
directory on the network. Each of the nodes 12a-12d can include
several sub-elements. For example, node 12a includes a processor
30a and a directory service program 32a for accessing the directory
service 22. One or more of the nodes can include a monitor for
displaying graphically (40, 42) the directory service 22.
[0031] A system 10 according to the invention can provide, among
other things, each network node 12a-12d with shared control over
the directory service 22 and, therefore, the system 10 can
distribute control of the directory information across the nodes of
the network. To this end, each node of the system 10, such as node
12a, includes a directory service program 32a that operates as a
structured directory service adapted to maintain directory
information and to employ all of the network nodes for storing and
allowing access to the directory information. These cooperating
elements provide a structured storage system that has a distributed
architecture and thereby achieves greater fault tolerance,
reliability, and flexibility than known directory services that
rely on centralized control and one or more centralized servers.
Accordingly, the invention provides computer networks with
distributively controlled and readily scaled directory
services.
[0032] Still referring to FIG. 1, in one embodiment, the system 10
maintains a directory service 22 within a globally addressable
unstructured storage system. Each of the nodes 12a-12d can access
that storage system and the directory service 22 through the
directory service programs 32a-32d. At least a portion of the
globally addressable unstructured storage system is supported by a
physical memory system that provides persistent storage of data.
For example, a portion of the storage system can be assigned or
mapped to one or more hard disk drives that are on the network or
associated with one or more of the network nodes 12a-12d as local
hard disk storage for those particular nodes. Accordingly, FIG. 1
illustrates one possible system that provides the network nodes
with access to a globally addressable unstructured storage system,
wherein at least a portion of the storage space of that system is
assigned to at least a portion of one or more of the persistent
storage devices (e.g., hard disks) to allow the nodes addressably
to store and retrieve data to and from the one or more persistent
storage devices. The globally addressable storage system is
described in the above-identified, incorporated-by-reference
applications.
[0033] Each of the directory service programs 32a-32d is a software
module that couples to the directory service. The directory service
program 32a can stream data to, and collect data from, the
directory service subsystem. Each of the directory service programs
32a-32d can be a peer incarnation (i.e., an instance) residing on a
different one of the network nodes 12a-12d.
[0034] One or more of the directory service programs 32a-32d can
provide a graphical user interface 42 that graphically depicts the
directory service 22. The graphical user interface 42 could allow a
user at a node, for example at node 12a, to insert directory
information graphically within the directory service 22. To this
end, the directory service program 32a can generate a set of
commands that will present a stream of data that will result in
directory information being stored within the directory service 22.
As shown in FIG. 1, for node 12c only for simplicity, that node
(which includes a graphical user interface 40) reflects the change
to the directory service 22 affected by the directory service
program 32a of the node 12a. In particular, the graphical user
interface 40 of the node 12c can depict to a user that certain
directory information is being placed within the directory service
22. As illustrated, a system user at node 12a can direct item 50a
to be inserted at a set location within the directory service 22.
The directory service program 32a then places the item 50a within
the directory service 22 at the proper location. Moreover, node 12c
detects the change within the directory service 22 and reflects
that change within its graphical user interface 40.
[0035] A structured dynamic directory service according to the
invention looks to all network nodes like a coherent, single
directory service system when in fact it spans all participating
nodes coupled to the network. The directory service of the
invention differs from known directory services in a variety of
ways. For example, the directory service of the invention:
maintains data coherence among network nodes; automatically
replicates directory information for redundancy and fault
tolerance; automatically and dynamically migrates directory
information to account for varying network usage and traffic
patterns; and provides a variety of other advantages and advances,
some of which are disclosed in the above-identified,
incorporated-by-reference applications. The replication and
migration can be done on the basis of node accesses and/or on the
basis of the availability of network resources.
[0036] Referring to FIG. 2, a directory service according to the
invention includes a structured store of data organized as a
directory information set 66. The set 66 is a tree structure
starting at a root 80 and ending at a leaf (for example, leaf 82).
Each leaf represents a particular piece of directory information
(e.g., user name or password). The set 66 thus is a collection of
directory information organized hierarchically, for example as a
tree structure or as a graph, rooted in the root 80. The non-leaf
nodes in the tree (not including the root 80) are the entries 90,
92, 94, 100, 102, 200, 202, and 204, and the leaves in the tree are
particular pieces of directory information 91, 82, 84, 86, 201, and
205-212 (e.g., a password or a network printer identifier) or empty
entries. Sub-trees within a set can overlap by linking a leaf or a
non-leaf to multiple entries.
[0037] The directory service of the invention can, as an option,
employ more than one set. A benefit of breaking up the directory
service 60 into a plurality of sets is that it may provide more
flexible management for users of the directory service. As the
directory service grows into very large sizes (e.g., hundreds of
nodes with thousands of gigabits of storage), it may be desirable
to have the directory information organized into groups of
management entities such that management actions can be
independently applied to individual groups without affecting the
operation of the others.
[0038] In a set, the root (e.g., the root 80) provides the starting
point to locate the directory information maintained by the
directory service of the invention. The root can be, and preferably
is, stored in a static and well-known location on the network
(e.g., at a particular address or on one or more network nodes).
When a node is accessing a set for the first time, it first looks
up the root to determine the key associated with the set. Once it
has determined the key, the node can access the root of the set.
From the root, it then can traverse the set's entire tree to locate
the desired piece of directory information.
[0039] As an example, in FIG. 2, a network node requesting the
password of a user named Jones might pass the following string to
the directory service: /USERS/JONES/PASSWORD. The directory service
would then reference the set 66 and might find that the root 80
contains a list of all users, the non-leaf node 90 contains
information about the user Jones, and the leaf 82 contains user
Jones' password. In accordance with the invention, and as described
more fully below, all of this information can reside physically on
different network nodes and in fact can migrate from node to node
and can be replicated on a plurality of network nodes.
[0040] FIGS. 3, 4A, 4B, and 5 further and more particularly
illustrate the structure of a hierarchical distributed dynamic
directory service according to the invention.
[0041] Referring to FIG. 3, a directory record 320 includes a
record header 322 and one or more directory entries (two are shown,
324 and 326). Each directory entry includes a key field 330 and one
or more data fields 332. The key field 330 could be, for example,
"company name," and the associated data field 332 could be "Acme
Corporation." Note that for GUID tree records (described below),
there preferably are two data fields, namely "GUID of next record"
identifying the identifier of the next record to be referenced by
the directory service and "GUID responsible node" identifying the
node responsible for the "GUID of next record." The key field 330
could also be a globally unique identifier (GUID). The data field
332 can include actual directory information (for example, "Acme
Corporation"), information about where to go to locate the
directory information of interest or additional information about
where to go to locate it (for example, a globally unique identifier
or GUID), or information about what nodes have copies of the
directory information of interest.
[0042] In one particular embodiment, directory record 320 can be a
page of a global address space that spans both persistent (e.g.,
hard disks) and volatile (e.g., RAM) storage devices. For example,
the page can be a 4 kilobyte portion of the shared address space
described in the above-identified, incorporated-by-reference
applications. In this embodiment, the GUIDS are unique addresses of
the global address space such as 128-bit addresses in a huge
2.sup.128 address space.
[0043] Referring still to FIG. 3, each directory record 320
includes a record header 322 that includes attribute information
for that record, and that attribute information typically is
metadata for the directory record. The record 320 further includes
one or more directory entries, such as the depicted directory
entries 324 and 326, that provide an index into a portion of the
directory service (non-leaf entries) or actual directory
information (leaf entries). Accordingly, the non-leaf directory
entries subdivide the directory information maintained by the
directory service of the invention. For example, if the directory
entries 324 and 326 are entries of a GUID tree record, they can
subdivide the directory into two subportions, with the first
portion referencing one-half of the directory and the second
portion referencing the other half of the directory. Accordingly,
in this example, the directory entry 324 provides an index for half
of the directory, and in complement thereto the directory entry 326
provides an index for the other half. Continuing with this example,
each of these directory entries 324, 326 can, via the data fields,
point to other records and responsible nodes in which directory
entries have data fields that point to still other records and
responsible nodes and so on until the actual directory information
of interest is located in some data field of some entry of some
record by the directory service (a so-called leaf entry). The
directory service then provides that directory information to the
requesting node. In this way, the directory service of the
invention provides both (1) location information for directory
information maintained by the directory service and (2) the actual
directory information itself, all in the same directory
structure.
[0044] In accordance with the invention, directory records are
indexed by globally unique identifiers (GUIDs), such as 128-bit
values. In the directory records, these GUIDs can appear in the
data fields or the key fields of various of the directory entries.
As described in more detail below, a GUID subtree within the
directory provides a map or assignment of GUIDs to network nodes
that have a copy of certain directory information. It is the leaf
nodes of the GUID) subtree that identify the one or more nodes that
have a copy of desired directory information. Once these nodes are
identified by the directory service, the directory service accesses
one or more of them (typically just one of the identified nodes) to
obtain the directory information and then pass it to the requesting
node. Optionally, the directory system can choose which node to
contact to obtain the directory information based on the state of
the global system such as the current load on the various nodes or
the quality of the network service between the local node and the
node(s) that have copies of the desired directory record.
[0045] Referring to FIG. 4A, to obtain certain desired directory
information (e.g., the password of a user named Jones), a network
node passes an appropriate key to the directory service (step 500).
For example, the node might pass the following key to the directory
service: /USERS/JONES/PASSWORD. The directory service receives the
key and either locates the desired directory information and passes
it to the requesting node or returns an error if the desired
directory information cannot be found (step 600). More
specifically, in attempting to satisfy the request from the node,
the directory service of the invention first determines if the key
corresponds to directory information that is stored on the node
itself in, for example, the node's RAM or on the node's hard disk
(step 602). In the disclosed embodiment, the directory service
performs step 602 by accessing a lookup table (such as a hash
table) maintained by each of the network nodes. This table
identifies the directory records that are locally cached on the
node. If the requested directory information is stored locally on
the requesting node, the directory service retrieves the requested
directory information from the node's local cache and then provides
that directory information to the node (step 604). If the requested
directory information is not stored locally on the requesting node,
the directory service recursively invokes itself to access the
directory record(s) that have the GUID tree structure, and the
directory service descends or walks the GUID tree by accessing the
various records until the desired directory entry is located. The
leaf node in the GUID tree contains the mapping from GUID to the
set of nodes caching the record associated with that GUID. The
directory service uses this information to select a node from which
it acquires a copy of the desired record (step 606). The directory
service then obtains the requested directory information and
provides it to the node (step 608).
[0046] It is important to note that, while traversing the GUID
tree, the directory service first always checks to see if entries
indexed by a GUID are cached locally before the directory service
invokes recursively the GUID tree to locate a copy of the record
remotely.
[0047] At this point, the directory service can store a copy of
(replicate) this directory information (e.g., user Jones' password)
on the requesting node. Actually, if replication is performed by
the directory service, all or a portion of the record that contains
this directory information is replicated on the requesting node. If
the directory service decides to replicate this record on the
requesting node, the directory service adds the requesting node's
identifier (e.g., a number) to the leaf node in the GUID tree that
stores the list of nodes caching the record associated with the
GUID, and the directory service then updates or invalidates the
local caches of all of the other network nodes that also have that
directory record cached locally.
[0048] In one embodiment, the directory service makes the decision
on whether or not to replicate based on node access patterns and/or
on the availability of certain network resources. For example, if a
node has requested a certain record a certain number of times, the
directory service will replicate that record on that node. The
directory service monitors and records a variety of network
information, including node access patterns and network resource
availability, and some or all of this network information is used
to determine what records should be replicated on what nodes. In
accordance with the invention, this replication feature of the
directory service results in certain records being replicated on
the nodes that most often access those records and not being
replicated on (and/or removed from) nodes that access those records
less often or not at all. The directory service of the invention
provides this replication feature dynamically during normal
operation, and thus, as access patterns change, the records and the
copies of the records move or migrate among the various network
nodes to accommodate the changing patterns. This
replication/migration feature of the invention points up an
important aspect of the invention, and that is that all of the
directory records are homeless (except possibly the root directory
record which, while it typically will be replicated, typically is
placed at fixed locations on the network).
[0049] Because the directory records contain, according to the
invention, both the GUID tree structure (i.e., the information
about where directory information is located) and the actual
directory information, the directory structure (i.e., the GUID
tree) is dynamically moved and replicated among the network nodes
just as is the directory information itself.
[0050] These dynamic replication and migration features provide
tremendous benefits to networks utilizing the directory service of
the invention. For example, networks utilizing the directory
service of the invention can be expanded (i.e., additional nodes
can be added to the network and/or other networks can be
interconnected to the network) without substantially impacting the
performance and speed realized by the nodes as they access
directory information via the directory service. That is, the
directory service scales very well. This is because, once the
network is up and running, all nodes generally will have cached
locally the records they most often access, and access times for
these nodes for the directory information that is cached locally
will be the same (very fast) regardless of the size of or the
traffic on the network.
[0051] Referring to FIG. 4B, the recursive invocations identified
in step 606 (FIG. 4A) are now described in more detail. Step 606
includes the following substeps that are performed by the directory
service. The directory service first locates the root directory
record (step 610), and it indexes into that record using the key
(e.g., /USERS/JONES/PASSWORD) passed to it by the requesting node.
The directory service then checks to see if a portion of the key
(e.g., /USERS) matches a directory entry in the root directory
(step 612). If it does not match, the directory service returns an
error message to the requesting node (step 614). If there is a
corresponding entry in the root directory, the directory service
next determines if that directory entry contains the requested
directory information in its data field (step 616). If so, the
directory service retrieves the requested directory information
from that data field and provides it to the requesting node
(618).
[0052] Referring now to FIGS. 4B and 5, a root directory record 400
could be the root record referred to in step 612. If directory 402
contains the requested directory information in its data field
(step 616), the directory service need only to index into that
entry 402 using the key and retrieve the requested directory
information from the data field. Note that, as indicated in FIG. 5,
the root directory record 400 could be replicated (401, 403, 405)
on three other network nodes in accordance with the replication
feature of the directory service of the invention. In fact, it may
be that the root directory record 400 is replicated on all network
nodes. This could be reasonable in light of the fact that every
network node will likely refer to the root directory record when
the node first invokes the directory service of the invention, and
frequently thereafter.
[0053] If the entry in the root directory record does not contain
the requested directory information in the entry's data field (step
616 of FIG. 4B), the directory service determines whether the
entry's data field contains a GUID (step 620). If it does contain a
GUID, this means that the GUID tree must be navigated by the
directory service to located the requested directory information.
The directory service thus follows the GUID in the root directory
record's entry's data field to a new directory record (step 628),
possibly the GUID tree root directory record (404 in FIG. 5). The
GUID thus is a logical link to a record that will provide more
information about the GUID tree structure and ultimately allow the
directory service to locate the requested directory
information.
[0054] As shown in FIG. 5, the GUID in the root directory record's
entry's data field can be a logical link or pointer to a record
that is the GUID tree root directory record 404. As, with the root
directory record 400, the GUID tree root directory record 404 is
likely to be replicated on many or all of the network nodes. In the
example of FIG. 5, two replicas (405, 407) of the record 404 are
depicted.
[0055] The loop defined by steps 628, 630, and 634 in FIG. 4B
illustrates the recursive nature of the directory service. That is,
once the GUID tree records are entered via the GUID tree root
directory record 404 (FIG. 5), and if the data fields of the
appropriate directory entries in the GUID tree records contain
GUIDs, the directory service will enter a recursive loop whereby it
accesses a plurality of records (identified by the ellipsis 410 in
FIG. 5) until it reaches a record that has a directory entry with
one or more nodes listed its data field (step 622). Such a record
is a leaf of the GUID tree structure, and is indicated as record
412 in FIG. 5. As with all records maintained by the directory
service of the invention, this record 412 can be replicated (413)
on at least one other network node. Also, while not presently
preferred, in general it is possible at any point during this
recursive GUID tree walk to encounter a directory entry having the
requested directory information in its data field (step 630 of FIG.
4B), and in such a case the directory service would retrieve from
the data field the requested directory information and provide it
to the requesting node (632).
[0056] It is important to note that the cache of locally stored
directory entries can be indexed so that at any stage of the GUID
tree walk operation it is possible to obtain the desired record
from the local cache instead of the tree structure. For example, if
record 398 is cached on the node attempting to lookup
"/USERS/JONES/PASSWORD," the directory service will be able to find
the locally cached record via a hash lookup for either
/USERS/JONES/PASSWORD or the corresponding GUID. Similarly, while
traversing the GUID subtree, the directory service first always
checks to see if entries indexed by a GUID are cached locally
before the directory service invokes recursively the GUID tree to
locate a copy of the record remotely.
[0057] In the course of the recursion, the various records that the
directory service accesses lead the directory service to the leaf
record 412. This happens by the directory service beginning at the
GUID tree root directory record 404 and examining the key field of
each of the directory entries in the record 404 (or one of the
copies 405, 407 of the record 405 on other nodes in the network) to
determine the range in which the GUID logical link from the record
400 falls. If the GUID logical link from the record 400 falls
within the range identified by the key field of directory entry
409, the GUID in the data field of the entry 409 is used as the
logical link or pointer to the next record. This process continues
until the ranges in the key fields of the directory entries of the
subsequent records reduce to a single GUID such as the GUID "12540"
in the key field of a directory entry 411 in the GUID leaf record
412.
[0058] Again, while traversing the GUID subtree, the directory
service first always checks to see if entries indexed by a GUID are
cached locally before the directory service invokes recursively the
GUID tree to locate a copy of the record remotely. In referencing
the GUID tree, the directory service uses the responsible node
information in the data fields of the GUID tree records in the
location process.
[0059] It is important to realize that all of these records that
the directory service accesses in this recursive loop (and, in
general, even when it is not in the recursive loop) can, and in
many instances will, be located on different network nodes. This is
because the directory service of the invention is distributed, and
in general the records that make up the directory and that contain
the various pieces of the directory information maintained by the
directory service are located on different nodes all over the
network. As the GUID tree is walked in the manner described herein,
the directory service can replicate the accessed GUID tree records
and make them local on the requesting node. This replication is
optional and is accomplished as described hereinabove.
[0060] It also is important to realize that the records that
describe the structure of the directory layout (i.e., the GUID tree
records) are stored by the directory service in the same manner as
it stores the records having the actual directory information and
also maintained by the directory service in the same way that it
maintains the records with the actual directory information.
[0061] Referring to step 622 of FIG. 4B and record 412 of FIG. 5,
the data field in the entry 411 of the GUID leaf record 412
contains a list of nodes. This is a list of nodes that have a copy
of the record that contains the requested directory information.
The directory service can now access any one of those listed nodes
to obtain the requested directory information (step 624).
[0062] Instead of going from the root directory record 400 (or any
one of its copies 401, 403, 405) to walking the GUID tree to obtain
the requested directory information, it is possible that the
directory service of the invention will find an entry in the root
directory record 400 that provides a logical link (e.g., GUID
"12540") in its data field directly to an entry 399 in a record 398
that has the requested directory information in its data field. It
also is possible, as mentioned hereinabove, that an entry 402 in
the root directory record 400 itself will have the requested
directory information in its data field. A typical situation,
however, is when the GUID tree is walked by the directory service
via the GUID tree records in order to locate and return the
requested directory information to the requesting network node.
[0063] In accordance with the invention, the directory service
tracks ownership and responsibility for directory information
thereby providing a level of indirection between the actual
directory information itself and the physical location of that
directory information on the network.
[0064] It should be appreciated that the directory service of the
invention comprises a hierarchical structured storage mechanism for
directory information. To this end, the directory service of the
invention provides a structure that continually subdivides itself
into smaller and smaller sections. Further, each section is
represented by directory records of the same structure, but each
section indexes different amounts (sizes) of directory
information.
[0065] In accordance with the invention, more frequently accessed
directory information is copied and distributed among various
network nodes, and rarely used directory information generally will
appear on only a few network nodes. Also, directory records will
migrate to those nodes that access them most, providing a degree of
self-organization that reduces network traffic.
[0066] In general, all of the functionality of the directory
service of the invention can be implemented in software. In one
embodiment, an instance of a directory service program resides and
executes on each of the network nodes and provides all of the
directory service features and functionality described herein. It
is possible to perform one or more of the various functions of the
directory service with dedicated electronics or a combination of
hardware and software, and this hardware might be added to a
general purpose computer to implement the directory service of the
invention.
[0067] Variations, modifications, and other implementations of what
is described herein will occur to those of ordinary skill in the
art without departing from the spirit and the scope of the
invention as claimed. Accordingly, the invention is to be defined
not by the preceding illustrative description but instead by the
spirit and scope of the following claims.
* * * * *