
Introducing the Infinit file system - urza
http://blog.infinit.one/introducing-infinit-file-system/
======
deprave
This looks really great and I love the direction. Hopefully they're working on
making it more consumer-friendly. ;)

Questions:

1\. They say that "While most solutions (Dropbox, GlusterFS, OwnCloud etc.)
store your files unprotected in the cloud or on a specific server, we took a
diametrically opposed direction by relying heavily on encryption. Whenever a
file is stored in Infinit, it is cut into chunks, every chunk is encrypted
with a unique key (AES-256) and stored, providing both encryption at rest and
in transit."

Isn't that actually a lot like Dropbox?
([https://www.dropbox.com/en/help/27](https://www.dropbox.com/en/help/27))

2\. How stable is FUSE for OS X? Last time I used it (couple of years) was for
SSHFS and it was unstable and crashed the machine every now and then.

~~~
hlieberman
I think the big difference they're implying (though I haven't been able to
actually /verify/ the implication yet) is that Dropbox holds the keys to
decrypt that content. Infinit doesn't.

~~~
JadeNB
> though I haven't been able to actually /verify/ the implication yet

Honest question: how _would_ you verify such a thing? Even if you audit the
code, once they open-source it, how do you know that what you see is the same
as what they run on their end? (Or do you mean 'verify' just in the informal
sense of having them state that that is what they mean, rather than in some
more formal trust-free sense?)

~~~
wtbob
> Even if you audit the code, once they open-source it, how do you know that
> what you see is the same as what they run on their end?

If it's actually secure, then the only thing which matters is what _I_ run on
_my_ end, since the key would be generated on my end and the chunks would be
encrypted on my end. If I send a server my data, then the system cannot be
secure.

------
kefka

         1. Protocol level filesystems featured by a company (single point of failure)
         2. Uses existing services in ways those other companies may not like. (Serf in someone else's walled garden)
         3. Closed-source, with maybe promises of open sourcing later
         4. Hard to search, given the name is -e from a real word
         5. Relies on extensive network bandwidth, especially in cases upload is scarce
    
    

To think of a few.... As converse, I'm looking at IPFS. It works great, now.

~~~
fiatjaf
IPFS serves a totally different purpose and can't be used in any reasonable
way to achive what Infinit seems to be doing.

~~~
bfung
Can you elaborate, please? My initial reaction was the same as grandparent
post - maybe IPFS doesn't have all the security things stated up front, but
these things seem similar.

~~~
rakoo
2 differences:

* infinit provides a virtual filesystem that you can use with any other application. At the moment IPFS only has helpers and an api

* infinit's goal is to use the existing infrastructure (your disk, your S3 account, your google drive account, ...) to form a big drive. IPFS lives in its own world, which is great when everybody uses IPFS, but we're not there (yet ?)

~~~
kefka
"ipfs mount" is certainly a command, and it mounts the ipfs filesystem over
/ipfs and /ipns . And I've already used those in conjunction with programs.
The ipfs mount directive has been there since 0.3.1

I don't view smearing your data across multiple fragile services to be a
"feature". Worse yet, if any of those companies believe you're breaking ToS,
you're out of luck.

Whereas ipfs does live in its own world, it integrates well with our
workflows. And [http://ipfs.io](http://ipfs.io) runs a public ipfs gateway, so
that anyone can resolve data from the network without running the peer
software.

~~~
mycure
Infinit's goal is not to compete against IPFS which is focusing on providing a
protocol for distributing content.

IPFS does not focus on providing redundancy, fault tolerance, rebalancing or
file-level functionalities such as access control, versioning etc. This is
what Infinit is doing.

Two very different solutions even though they may share some technical
similarities.

~~~
kefka
I'm not sure what IPFS you're reading about....

redundancy - Any node in the IPFS network can provide the requested data.
That's because the identity of the data is with the name, and not the server
you got the data from.

fault tolerance - Absolutely does provide fault tolerance. The filesystem is a
SHA256 hash in what they call a multihash. Because everything has a hash-name,
the file system is a self-certifying filesystem.

Rebalancing - Doesn't make sense. You need more capacity or bandwidth? Add
more machines, and pin the data you need.

Access control - file-level encryption is part of the protocol, but not
implemented yet. The idea is that GPG can serve as the go-between until ipfs
encryption subroutines are implemented.

Versioning - similar, in the spec but not added yet. There will be 2 types of
versioning; blockchain and git-style

~~~
mycure
I'm reading what I can find :) Sorry if I missed information, it was not my
intention to say that IPFS was not good, just to say that the purpose was
different from Infinit's.

Redundancy:
[https://github.com/ipfs/ipfs/issues/50](https://github.com/ipfs/ipfs/issues/50).
One of IPFS' core developers clearly states that there is no redundancy in
IPFS. I took my information from there because it was the only one I could
find with Google. It is not because one node can retrieve the data that the
data is actually stored multiple times and that the storage servers coordinate
to maintain consistency. From what I understand, IPFS content-hashes
information (as Infinit does) but does not replicate it. As such, if a server
goes down, its hosted content becomes unavailable; very much like the Web.
This is not the case of Infinit (if you defined a replication factor above 1).
Again, different purposes, my goal is not to say one is better; redundancy
obviously has a cost.

Fault tolerance: Yes nodes can go down in IPFS but the system will not
function as before as some data may be unavailable, in the worst-case
scenario, permanently, should the failure be fatal. Sorry, I should have made
myself clear. IPFS is fault-tolerant but does not ensure availability.
Bittorrent as well. Some files may become so rare that you cannot access it
anymore. Infinit ensures that all the files are available at any time. Self-
certifying is another concept altogether.

Rebalancing: I don't understand exactly what you mean but if you want to
provide a POSIX-compliant reliable (available/durable) file system, you need
fault tolerance and rebalancing, which is to recreate missing replicas and
possibly move data around as servers are added or fail. If you can't do that,
then again you have the problem of potentially having unavailable pieces of
information. It is fine for some systems such as the Web (not critical if you
can't access some rare pages), but it is super critical for an enterprise file
system in production. Again, different purposes I believe as IPFS (from what I
understand, sorry if I missed something) is trying to provide a HTTP
replacement: a new peer-to-peer hypermedia protocol (from
[http://ipfs.io](http://ipfs.io)).

Access control: File-level encryption is one thing but access control
something else entirely: how to allow other users to read/write files and how
to manage the keys. What about removing files? What about groups? Subgroups?
And what about integrating into an enterprise directory (LDAP)? These compose
a complete set of access control capabilities from my point of view. File-
level encryption is obviously the basis for access control but is not enough.
As you stated, it is planned in the protocol.

Versioning: Good to know that IPFS will be providing versioning, I didn't know
that. Thanks for pointing that out.

To conclude, both projects seem to rely on some similar tech such as content
hashing. IPFS seems to be going the way of a protocol for accessing data in a
decentralized way (like the Web in a more modern way) but without providing
redundancy, consistency and availabilities garantees. Storj is going this way
for instance, providing a peer-to-peer object store (S3-like). Infinit however
seems to be more focused on providing a POSIX-compliant peer-to-peer,
reliable, secure and fault-tolerant file system for Ops and DevOps.

~~~
bfung
Thanks for the in-depth analysis, it's super helpful.

My understanding is that IPFS is bittorrent + blockchain mashed together (I've
read the tech specs, it's more complicated but will have to suffice as a
explanation device here). The bittorrent part certainly has redundancy when
the data is widely accessed, it's just not guaranteed to be.

From a high level, it seems that Infinit has just more stated features at the
moment, but it does look like the two technologies are in the same space and
can solve similar problems of file storage in a large, distributed manner.

------
disposeofnick9
How would this be better/different than [https://tahoe-lafs.org/trac/tahoe-
lafs](https://tahoe-lafs.org/trac/tahoe-lafs) ?

~~~
cookrn
Here is their comparison with Tahoe:
[https://infinit.sh/documentation/comparison/tahoe-
lafs](https://infinit.sh/documentation/comparison/tahoe-lafs)

If you flip on the "Compare" switch there, the two differences it shows are:

1) Infinit is redundant using replication while Tahoe uses erasure codes

2) Infinit supports heterogenous storage backends, while Tahoe is homogenous

------
meesterdude
This looks awesome!

I can't find anything in the docs on data resiliency - if i add a storage node
and it later becomes unavailable, is data distributed across other nodes? how
many nodes can fail?

~~~
cadeuh
Hey, it all depends on the replication factor you set when creating your
infrastructure. If you have 3 nodes, a replication factor of 2 and one of the
node used for storing data becomes unavailable, then data will be distributed
to the third node for example.

Feel free to join our Slack channel to chat with us directly!

------
fiatjaf
See also: [https://bazil.org/](https://bazil.org/), [https://git-
annex.branchable.com/](https://git-annex.branchable.com/)

------
mitchty
Thought this looked familiar, this is from February and they still have the
source as "coming soon (tm)".

So until that coming soon becomes released I'm not really all that bothered by
this thing.

~~~
gkya
It's 2nd may today man.

~~~
mitchty
Sure, still doesn't give me any hope as to when/if it will get released.

------
cookrn
Note: Infinit is not yet OSS. They plan to open-source the code, but have not
yet done so:
[https://github.com/infinit/infinit/issues/1](https://github.com/infinit/infinit/issues/1)

------
jcoffland
This sound really cool but I will wait until it is fully Open-Source and I can
build it myself.

~~~
yashinm92
I did create something similar a while back:
[https://github.com/sp3ctr3/arcanum-
server](https://github.com/sp3ctr3/arcanum-server)
[https://github.com/sp3ctr3/arcanum-
client](https://github.com/sp3ctr3/arcanum-client)

------
WorldMaker
This seems like an interesting project to watch and I'd be interested more in
it as A) Windows support gets better, and B) source is opened.

I'm definitely comparing to my usage of BitTorrent Sync today. I see in the
FAQ a comparison for BT Sync a few things of interest.

BT Sync does have a more filesystem-like mode. (It's a part of BT Sync "Pro",
if that makes a differences.) It's also scalable to available resources,
although some of that through manual management of which devices are connected
to a BT Sync share and which have which copies of which files.

Also, BT Sync Pro does support At-Rest security with some management. A UX for
encrypted shares was added in recent versions of the software and it supported
through some command line effort in previous versions. I've seen tutorials for
setting up BT Sync "know nothing peers" on, for instance, EC2 storing
encrypted blocks to S3.

------
TheIronYuppie
Really cool! Do you know how it compares to the research project Farsite from
Microsoft?
[http://research.microsoft.com/apps/mobile/showpage.aspx?page...](http://research.microsoft.com/apps/mobile/showpage.aspx?page=/en-
us/projects/farsite/)

Sounds really similar (but productized).

------
Filligree
Really cool, but I use NixOS for everything. You mentioned it's open source so
--want to help me package it?

It's probably not very hard.

~~~
ccrone
It's not open source just yet. We want to open it in a responsible way (i.e.:
not a massive code dump) so it will take a bit of time.

You can post a request for packages here in the meantime if you would like:
[http://infinit-sh.uservoice.com](http://infinit-sh.uservoice.com)

------
acd
Thanks for creating Infinit! I think its great that you have end user
usability in mind when building the filesystem.

------
tingol
Is there any information on how good it works in the real world by people who
have used it?

~~~
wazoox
Works well from the limited experimentations I've made. Very well documented,
nice, professional job overall.

------
sigmonsays
my bandwidth kills things like this. I have so little upload in the US that I
can't host anything and still have a usable network connection

~~~
toomuchtodo
You could get a virtual machine somewhere cheap for $5-10/month and use that
as your canonical storage reference.

~~~
toomuchtodo
Reply to myself since I cannot edit: Depending on how much storage you need,
it might be cheaper to get a dedicated server or colo your own versus getting
a virtual machine. Feel free to reply if you have questions on this.

~~~
DecoPerson
Any advice on getting either of those in Australia for less than an arm and a
leg?

~~~
fapjacks
Ramnode has a bunch of locations and is hands-down the best VPS provider I've
ever used, and I've used literally hundreds over the last fifteen or so years.
The vast majority are a flash in the pan, and very few actually don't suck.
Ramnode has always been super solid for me, and very reasonably priced. Take
every other recommendation with a grain of salt. VPS is one of those
industries that attracts the scummiest human beings on the planet.

------
lootsauce
Looks cool but I get a bad gateway error when I try to set up an account :-(

~~~
cadeuh
Hey! Can you send us an email at contact@infinit.sh so we can have a look? We
fixed an issue similar to this just a few hours ago, so it might be working
now.

------
bicatali
onedata.org is another one of these unified file view used in science.

------
matreyes
Looks great! Is there any option to do some Map Reduce jobs on Infinit ?

