Diffuser

We use FUSE (filesystems from userspace) to create a virtual loopback block device from cloud storage providers using a layered composable set of tools. We have FUSE drivers that allow the user to mount cloud storage provides in a standard way, without using disk space on their local machine. Since most providers only allow uploads of full files rather than diff representations, it is impractical to store a large image file with them. As a solution, we provide a FUSE driver that splits a single virtual image file into one a set of actual 4096-byte block files. Using this, only the blocks that are modified are sent to the cloud provider. We mount multiple of these virtual image files as loopback devices and unify them in a stripe layout using LVM. The unified virtual device can either be used directly as a drive, or can be used as a backend for other composable filesystem utilities, such as LUKS for full disk encryption. Using the LUKS configuration, the result is that the user's files are distributed across multiple storage providers such that no single provider has control, and encrypted such that they are secure to be stored on untrusted servers. Currently there is no composable, cross-provider solution for automatically storing files in the cloud with encryption. Diffuser provides not just a framework for encryption, but also other desireable properties for file storage, such as compression.