Dell EMC PowerStore Configuring NFS Exports
Notes, cautions, and warnings NOTE: A NOTE indicates important information that helps you make better use of your product. CAUTION: A CAUTION indicates either potential damage to hardware or loss of data and tells you how to avoid the problem. WARNING: A WARNING indicates a potential for property damage, personal injury, or death. © 2020 Dell Inc. or its subsidiaries. All rights reserved. Dell, EMC, and other trademarks are trademarks of Dell Inc. or its subsidiaries.
Contents Additional Resources.......................................................................................................................4 1 Overview..................................................................................................................................... 5 NFS support........................................................................................................................................................................... 5 About secure NFS...............
Preface Additional Resources As part of an improvement effort, revisions of the software and hardware are periodically released. Some functions that are described in this document are not supported by all versions of the software or hardware currently in use. The product release notes provide the most up-to-date information about product features. Contact your technical support professional if a product does not function properly or does not function as described in this document.
1 Overview This chapter includes the following information. Topics: • • • NFS support About secure NFS Planning considerations NFS support PowerStore T model supports NFSv3 and NFSv4. It also supports secure NFS with Kerberos, for strong authentication. While PowerStore T model supports most of the NFSv4 and v4.1 functionality described in the relevant RFCs, directory delegation and pNFS are not supported.
Planning considerations Review the following information before configuring NFS exports: File storage support is only available with PowerStore T model appliances. File storage is not supported with PowerStore X model appliances. NAS server networks Creating network VLANs and IP addresses is optional for NAS servers. If you plan to create a VLAN for NAS servers, the VLAN cannot be shared with the PowerStore T model management, or storage networks.
2 Create NAS servers This chapter includes the following information. Topics: • • • • • Overview of configuring NAS servers Create a NAS server for NFS (UNIX-only) file systems Configure NAS Server Naming Services Configure NAS server Sharing Protocols Configure Kerberos for NAS server Security Overview of configuring NAS servers Before you can provision file storage on the storage system, a NAS server must be running on the system.
Wizard Screen Description • With LDAP You can choose to enable Secure NFS here. Secure NFS requires the following: • • • • • At least one NTP server must be on the storage system to synchronize the date and time. It is recommended that you set up a minimum of two NTP servers per domain to avoid a single point of failure.
Steps 1. Select Storage > NAS Servers > [nas server] > DNS. 2. Enable or disable DNS. If you enabled DNS, enter the DNS server information. Configure a NAS server UNIX Directory Service using NIS You can configure NAS server UNIX Directory Service (UDS) using NIS. Steps 1. Select Storage > NAS Servers > [nas server] > Naming Services > UDS card. 2. Click the Enable a Unix Directory using NIS or LDAP control and select NIS. 3. Enter an NIS domain and add IP addresses for the NIS servers.
Option Description • • Base DN, which is the same as the Fully Qualified Domain Name (for example, svt.lab.com). • Profile DN. If using the iPlanet/OpenLDAP server: • • • • Kerberos Bind DN in LDAP notation format; for example, cn=administrator,cn=users,dc=svt,dc=lab,dc=com. Password Base DN. For example, if using svt.lab.com, the Base DN would be DC=svt,DC=lab,DC=com. Profile DN for the iPlanet/OpenLDAP server. Configure a custom realm to hover over any type of Kerberos realm (Windows, MIT, Heimdal).
• • The file is created with the proper syntax. (Six colons are required for each line.) Reference the template for more details about the syntax and examples. Each user has a unique name and UID. Configure NAS server Sharing Protocols You can configure or modify the sharing protocols that are configured for a NAS server.
3. Select or clear Enable SFTP. If either FTP, or SFTP is enabled, continue with the following steps: 4. Select which type of users have access to the files. 5. Show the Home Directory and Audit options. 6. Optionally, disable or enable the Home directory restrictions. • • If disabled, enter the default home directory. Optionally, leave the default or enter a new Maximum size of audit files. 7. Select or clear Enable FTP/SFTP Auditing. If enabled, enter the directory to save the audit files. 8.
2. Create the principals and their keys: kadmin.local: addprinc -randkey nfs/myrealm.linux.dellemc.com and/or kadmin.local: addprinc -randkey nfs/myrealm 3. Put the key of the principal into the keytab file myrealm.linux.dellemc.fr: kadmin.local: ktadd -k myrealm.linux.dellemc.com.keytab nfs/myrealm.linux.dellemc.
4. Enter the custom realm. 5. Upload the Keytab file.
3 Configure NFS Exports This chapter includes the following information: Topics: • • • File systems and NFS Exports overview Create a file system for NFS exports Create an NFS export File systems and NFS Exports overview While creating File Systems and NFS Exports, it is helpful to note the following: • • A NAS server must be configured to support NFS protocol before creating a file system.
Option Description Add Host Enter hosts individually, or you can add hosts by uploading a properly formatted ..CSV file. You can download the CSV file first to obtain a template. Option Description Local path The path to the file system storage resource on the storage system. This path specifies the unique location of the share on the storage system. • • Export path Each NFS share must have a unique local path.
4 Additional NAS Server Features This chapter includes the following. Topics: • • • Set the preferred UNIX Directory Service Configure NAS server networks Enable NDMP Protection and Events Set the preferred UNIX Directory Service After you have created a NAS server, you can set the preferred UNIX Directory Services (UDS) search order for user access. Steps 1. Select Storage > NAS Servers. 2. Select the checkbox in the Name column to the left of the NAS server. 3. Click Modify. 4.
Option Description Delete To delete the file interface from the NAS server. NOTE: You cannot reuse VLANs that are being used for the management and storage networks. Configure routes for the file interface for external connections You can configure the routes that the file system uses for external connections. Prerequisites You can use the Ping option from the File Interface card to determine if the file interface has access to the external resource.
5 More file system features This chapter includes the following information. Topics: • File system quotas File system quotas You can track and limit drive space consumption by configuring quotas for file systems at the file system or directory level. You can enable or disable quotas at any time, but it is recommended that you enable or disable them during non-peak production hours to avoid impacting file system operations. NOTE: You cannot create quotas for read-only file systems.
Add a user quota onto a file system Create a user quota on a file system to limit or track the amount of storage space that individual users consume on that file system. When you create or modify user quotas, you can use default hard and soft limits that are set at the file-system level. Steps 1. Select Storage > File Systems > [file system] > Quotas. 2. Click Add on the User Quota page. 3. In the Add User Quota wizard, provide the requested information.