HP StorageWorks X9000 File Serving Software File System User Guide Abstract This guide describes how to configure and manage X9000 Software file systems and how to use NFS, CIFS, FTP, and HTTP to access file system data. The guide also describes the following file system features: quotas, remote replication, snapshots, data tiering, and file allocation.
© Copyright 2009, 2011 Hewlett-Packard Development Company, L.P. Confidential computer software. Valid license from HP required for possession, use or copying. Consistent with FAR 12.211 and 12.212, Commercial Computer Software, Computer Software Documentation, and Technical Data for Commercial Items are licensed to the U.S. Government under vendor's standard commercial license. The information contained herein is subject to change without notice.
Contents 1 Using X9000 Software file systems...............................................................8 File system organization and access............................................................................................8 File system building blocks.........................................................................................................9 Configuring file systems.............................................................................................................
How rebalancing works......................................................................................................30 Rebalancing segments on the management console GUI.........................................................30 Rebalancing segments from the CLI......................................................................................31 Tracking the progress of a rebalance task.............................................................................
Configuring Active Directory................................................................................................59 Assigning attributes............................................................................................................61 Consolidating SMB servers with common share names................................................................62 CIFS clients............................................................................................................................
Adding a certificate to the cluster..............................................................................................85 Exporting a certificate.............................................................................................................86 Deleting a certificate...............................................................................................................86 11 Using remote replication..........................................................................
13 Using data tiering.................................................................................108 Overview............................................................................................................................108 Moving files between tiers.................................................................................................108 Writing a rule to implement a policy...................................................................................108 Tiered file systems.
1 Using X9000 Software file systems File system organization and access The following diagram shows how data is organized on a file system and how it is accessed. The diagram includes the following items: 1. 2. 3. 4. 8 The file system is a collection of segments (logical volumes) that organize data for faster access. Each segment is a repository for files and directories with no implicit namespace relationships among them. (A segment need not be a complete, rooted directory tree.
5. protocols must mount the file system from a file serving node. All requests are sent to the mounting server, which performs the required routing. A client request can be made for a file on a segment that is either owned by the server, owned by another server but accessible by this server over the SAN, or owned by another server and not accessible by this server over the SAN.
attributes such as such as modification time, access time, file size, or file type. See “Using data tiering” (page 108). • File allocation. This feature allocates new files and directories to segments according to the allocation policy and segment preferences that are in effect for a client. An allocation policy is an algorithm that determines the segments that are selected when clients write to a file system. See “Using file allocation” (page 116).
2 Creating and mounting file systems This chapter describes how to create file systems and mount or unmount them. Creating a file system You can create a file system using the New Filesystem Wizard provided with the management console GUI, or you can use CLI commands. The New Filesystem Wizard also allows you to create an NFS export or a CIFS share for the file system. Using 32-bit or 64-bit mode A file system can be created to use either 32-bit or 64-bit mode.
If the file system will be exported through NFS, configure an NFS export record on the NFS Export dialog box. If the file system will be made available to Windows clients through a CIFS share, create a share on the CIFS Share dialog box. For more information, see “Using CIFS” (page 49).
If clients will access the file system using HTTP or HTTPS, create an HTTP share on the HTTP Export dialog box. An HTTP configuration profile and an HTTP Vhost must already exist. If the Directory Path includes a subdirectory, be sure to create the subdirectory on the file system and assign read/write/execute permissions to it. (X9000 Software does not create the subdirectory if it does not exist, and instead adds a /pub/ directory to the share path.) For more information, see “Using HTTP” (page 75).
Review the Summary to ensure that the file system is configured properly. If necessary, you can return to a dialog box and make any corrections. Creating a file system using the CLI The ibrix_fs command is used to create a file system. It can be used in the following ways: • Create a file system with the specified segments (segments are logical volumes): ibrix_fs -c -f FSNAME -s LVLIST [-t TIERNAME] [-a] [-q] [-o OPTION1=VALUE1,OPTION2=VALUE2,...
Spillover files The X9000 Software file system supports spilling over sequentially written files from one segment to another. Managing mountpoints and mount/unmount operations GUI procedures When you use the New Filesystem Wizard to create a file system, you can specify a name for the mountpoint and indicate whether the file system should be mounted after it is created. The wizard will create the mountpoint if necessary. Click Mount or Unmount as necessary to mount or unmount the file system.
CLI procedures The CLI commands are executed immediately on file serving nodes. For X9000 clients, the command intention is stored in the management console. When X9000 Software services start on a client, the client queries the management console for any commands. If the services are already running, you can force the client to query the management console by executing either ibrix_client or ibrix_lwmount -a on the client, or by rebooting the client.
/bin/ibrix_umount -f FSNAME [-h HOSTLIST | -g GROUPLIST] To unmount a file system from a specific mountpoint on a file serving node, X9000 client, or hostgroup: /bin/ibrix_umount -m MOUNTPOINT [-h HOSTLIST | -g GROUPLIST] Mounting and unmounting file systems locally on Linux/Windows X9000 clients On both Linux and Windows X9000 clients, you can locally override a mount done on the management console.
To remove a client access entry, select the affected file system on the GUI, and then select Client Exports from the lower Navigator. Select the access entry from the Client Exports display, and click Delete. On the CLI, use the ibrix_exportfs command to create an access entry: /bin/ibrix_exportfs –c –f FSNAME –p CLIENT:/PATHNAME,CLIENT2:/PATHNAME,...
3 Setting up quotas Quotas can be assigned to individual users or groups, or to a directory tree. Individual quotas limit the amount of storage or the number of files that a user or group can use in a file system. Directory tree quotas limit the amount of storage and the number of files that can be created on a file system located at a specific directory tree. Although it is best to set up quotas when you create a file system, you can configure them at any time.
NOTE: For the purpose of setting quotas, no UID or GID can exceed 2,147,483,647. Setting user quotas to zero removes the quotas. NOTE: When a new NIS user is added, you need to restart the Fusionmanager services before assigning quotas to the user: /etc/init.d/ibrix_fusionmanager restart GUI procedure To configure a user quota, select the file system where the quotas will be configured. Next, select Quotas > User Quotas from the lower Navigator, and then, on the User Quota Usage Limits page, click Set.
/bin/ibrix_edquota -s -u “USER” -f FSNAME [-M SOFT_MEGABYTES] [-m HARD_MEGABYTES] [-I SOFT_FILES] [-i HARD_FILES] • Set a quota for a single group: /bin/ibrix_edquota -s -g “GROUP” -f FSNAME [-M SOFT_MEGABYTES] [-m HARD_MEGABYTES] [-I SOFT_FILES] [-i HARD_FILES] Enclose the user or group name in single or double quotation marks.
The -n NAME option specifies a unique name for the directory tree quota. The name cannot contain a comma (,) character. 2. Assign usage limits to the directory tree quota: ibrix_edquota -s -d NAME -f FSNAME -M SOFT_MEGABYTES -m HARD_MEGABYTES -I SOFT_FILES -i HARD_FILES The -d NAME option specifies the name of the directory tree quota. The -f FSNAME option specifies the name of the file system.
specifies a user or group name, or a directory tree that has already been assigned an identifier name. The “C” format specifies a directory tree, where the path exists, but the identifier name for the directory tree will not be created until the quotas are imported.
ibrix_online_quotacheck –g —T groupid home_dir To run a quota check on a specific directory tree, use the following command: ibrix_online_quotacheck –t —P dirtree_path To remove the directory tree quota for all files under a specific path, use the following command: ibrix_online_quotacheck –t —T 0 dirtree_path Configuring email notifications for quota events If you would like to be notified when certain quota events occur, you can set up email notification for those events.
4 Maintaining file systems This chapter describes how to extend a file system, rebalance segments, delete a file system or file system component, and check or repair a file system. The chapter also includes file system troubleshooting information. Viewing information about file systems and components The Filesystems page on the management console GUI displays comprehensive information about a file system and its components. This section describes how to view the same information from the command line.
To display detailed information about volume groups, use the ibrix_vg -i command. The -g VGLIST option restricts the output to the specified volume groups. /bin/ibrix_vg -i [-g VGLIST] The following table lists the output fields for ibrix_vg -i. Field Description Name Volume group name. Size (MB) Volume group size in MB. Free (MB) Free (unallocated) space, in MB, available on this volume group.
The following table lists the output fields for ibrix_fs -l. Field Description FS_NAME File system name. STATE State of the file system (for example, Mounted). CAPACITY (GB) Total space available in the file system, in GB. USED% Amount of space used in the file system. Files Number of files that can be created in this file system. FilesUsed% Percentage of total storage used by files and directories.
Field Description Default policy Allocation policy assigned on this file system. Defined policies are: ROUNDROBIN, STICKY, DIRECTORY, LOCAL, RANDOM, and NONE. See “File allocation policies” (page 116) for information on these policies. Default start segment The first segment to which an allocation policy is applied in a file system. If a segment is not specified, allocation starts on the segment with the most storage space available. File replicas NA. Dir replicas NA.
Viewing disk space information from a Linux X9000 client Because file systems are distributed among segments on many file serving nodes, disk space utilities such as df must be provided with collated disk space information about those nodes. The management console collects this information periodically and collates it for df. X9000 Software includes a disk space utility, ibrix_df, that enables Linux X9000 clients to obtain utilization data for a file system.
/bin/ibrix_fs -e -f FSNAME -s LVLIST [-t TIERNAME] Extend a file system with segments created from the physical volumes in LVLIST: /bin/ibrix_fs -e -f FSNAME -p PVLIST [-t TIERNAME] Extend a file system with specific logical volumes on specific file serving nodes: /bin/ibrix_fs -e -f FSNAME -S LV1:HOSTNAME1,LV2:HOSTNAME2...
On the Advanced tab, select the source segments, destination segments, or both for the rebalancing task. You can also specify segments to evacuate. Rebalancing segments from the CLI To rebalance all segments, use the following command. Include the -a option to run the rebalance operation in analytical mode.
/bin/ibrix_rebalance -r -f ifs1 -d 3,4 To rebalance segments 3 and 4 only and to specify them by their logical volume names: /bin/ibrix_rebalance -r -f ifs1 -D ilv3,ilv4 Tracking the progress of a rebalance task You can use the management console GUI or CLI to track the progress of a rebalance task.
NOTE: A file system using 64-bit mode cannot be changed to use 32-bit mode. If there is a chance that clients will need to run a 32-bit application, do not disable 32-bit mode. To disable 32-bit mode, complete these steps: 1. 2. Unmount the file system. On the GUI, select the file system and click Modify on the Summary tab. On the Modify Filesystems Properties dialog box, select Disable 32 Bit Compatibility Mode. From the CLI, execute the following command: /bin/ibrix_fs -w -f FSNAME 3.
Deleting file serving nodes and X9000 clients Before deleting a file serving node, unmount all file systems from it and migrate any segments that it owns to a different server. Ensure that the file serving node is not serving as a failover standby and is not involved in network interface monitoring. To delete a file serving node, use the following command: /bin/ibrix_server -d -h HOSTLIST For example, to delete file serving nodes s1.hp.com and s2.hp.
2.
1. 2. 3. 4. Identify the file serving node that owns the segment. This information is reported on the Filesystem Segments page on the GUI. Fail over the file serving node to its standby. See the administration guide for your system for more information about this procedure. Reboot the file serving node. When the file serving node is up, verify that the segment, or LUN, is available. If the segment is still not available, contact HP Support.
dir_alloc_policy................ NONE cur_segment..................... 0 sup_ap_on....................... NONE local_segments ................. 3 quota .......................... usr,grp,dir f_blocks ....................... 0047582040 4K-blocks (==0190328160 1K-blocks) f_bfree ........................ 0044000311 4K-blocks (==0176001244 1K-blocks) f_bused ........................ 0003581729 4K-blocks (==0014326916 1K-blocks) f_bavail .......................
5 Using NFS This section describes how to export file systems for NFS, how to autoconnect NFS clients, and how to set up NFS clients. Exporting a file system Exporting a file system makes local directories available for NFS clients to mount. The management console manages the table of exported file systems and distributes the information to the /etc/ exports files on the file serving nodes.
From the CLI To export a file system from the CLI, use the ibrix_exportfs command: /bin/ibrix_exportfs -f FSNAME -h HOSTNAME -p CLIENT1:PATHNAME1, CLIENT2:PATHNAME2,.. [-o "OPTIONS"] [-b] The options are as follows: Option Description –f FSNAME The file system to be exported. -h HOSTNAME The file serving node containing the file system to be exported. -p CLIENT1:PATHNAME1, CLIENT2:PATHNAME2,..
Autoconnecting NFS clients The Autoconnect feature enables NFS clients to mount file systems automatically whenever they are accessed. At the same time, Autoconnect manages how these connections are distributed among file serving nodes. Autoconnect uses the Linux automount daemon; working familiarity with automount is recommended.
2. Set permissions on the script file to make it executable. For example, for a curl script, enter the following: chmod +x /etc/auto.curl 3. Edit the /etc/auto.master file to map a base automount mountpoint to the script edited in step 1. For example, to map the base mountpoint /cluster to a curl script, enter the following: /cluster /etc/auto.curl --timeout=60 timeout indicates the number of seconds that a connection remains idle before it is automatically disconnected.
6 Configuring authentication for CIFS, FTP, and HTTP Users accessing CIFS, FTP, or HTTP shares can be authenticated through either Active Directory or Local Users. If you select Active Directory, you can specify the share administrators and enable or disable Linux static user mapping. If you select Local Users, you can create the appropriate local user and local group accounts.
NOTE: When you successfully configure Active Directory authentication, the machine is part of the domain until you remove it from the domain, either with the ibrix_auth -n command or with Windows tools. Because Active Directory authentication is a one-time event, it is not necessary to update authentication if you change the proxy user information.
To configure Local Users authentication from the CLI, use the following command: ibrix_auth -N [-h HOSTLIST] To configure Active Directory authentication, use the following command: ibrix_auth -n DOMAIN_NAME –A AUTH_PROXY_USER_NAME [-P AUTH_PROXY_PASSWORD] [-S SETTINGLIST] [-h HOSTLIST] RFC2307 is the protocol that enables Linux static user mapping with Active Directory.
IMPORTANT: The servers hosting the agile management console must be file serving nodes. Do not use a dedicated Management Server that cannot be converted to a file serving node as a host for the agile management console. Complete the following steps to install the agile management console on all file serving nodes: 1. 2. If your cluster is not currently using the agile management console configuration, migrate to the agile configuration using the procedure in the administration guide for your system.
On the CLI, use the following command to view information about all local group accounts: ibrix_localgroups -L To see information for a specific local group account, use the following command: ibrix_localgroups -l -g GROUPNAME Adding a local group To add a new local group, click Add on the Local Groups pane. Then enter the information for the group on the Add Local Group dialog box. The GID and RID will be generated automatically if you do not enter values for them.
Modifying a local group To change the information for a local group account, select the account on the Local Groups pane and click Modify. You can then make the necessary changes on the Modify Local Group dialog box. If you are changing the GID or RID for the group, it cannot be the primary group for any local users.
To add a local user account from the CLI, use this command: ibrix_localusers -a -u USERNAME -g DEFAULTGROUP -p PASSWORD [-h HOMEDIR] [-s SHELL] [-i USERINFO] [-U USERID] [-S RID] [-G GROUPLIST] Modifying a local user To change the information for a local user account, select the account on the Local Users pane and click Modify. You can then make the necessary changes on the Modify Local User dialog box. You cannot change the UID or RID for the account.
7 Using CIFS The X9000 Software CIFS server implementation allows you to create file shares for data stored on the cluster. The CIFS server provides a true Windows experience for Windows clients. A user accessing a file share on an X9000 system will see the same behavior as on a Windows server. IMPORTANT: Before configuring CIFS, select an authentication method (either Local Users or Active Directory). See “Configuring authentication for CIFS, FTP, and HTTP” (page 42) for more information.
which shows CIFS activity statistics on the node. You can start, stop, or restart the CIFS service by clicking the appropriate button. To start, stop, or restart the service from the CLI, use the following command: /bin/ibrix_server –s –t cifs –c {start|stop|restart} CIFS shares Windows clients access file systems through CIFS shares. You can use the X9000 management console GUI or CLI to manage shares, or you can use the Microsoft Management Console interface.
You can also view CIFS shares for a specific file system. Select that file system on the GUI, and then select CIFS Shares from the lower Navigator. You can add, modify, or delete shares from this window, but you cannot configure CIFS settings, as those settings apply to all CIFS shares configured in the cluster.
To view the current setting for SMB signing, use the following command: ibrix_cifsconfig -i To configure SMB signing from the command line, use the following command: ibrix_cifsconfig -t -S SETTINGLIST You can specify the following values in the SETTINGLIST: smb signing enabled smb signing required Use commas to separate the settings, and enclose the list in quotation marks.
The Add a CIFS Share dialog box allows you to share the entire filesystem or a specific subdirectory. Enter a name and description for the share, select the appropriate permissions, and select the servers on which the share will be created. Note the following: • Do not include any of the following special characters in a share name. If the name contains any of these special characters, the share might not be set up properly on all nodes in the cluster.
NOTE: Be sure to use the ibrix_cifs command located in /bin. The ibrix_cifs command located in /usr/local/bin/init is used internally by X9000 Software and should not be run directly. Modifying a CIFS share To change the configuration of a CIFS share, select the share from either CIFS Shares window and click Modify. You can change the share description, the permissions, and whether Access Based Enumeration is enabled.
6. 7. 8. Click Close > OK to exit the dialogs. Expand Shared Folders (\\
). Select Shares and manage the shares as needed. Windows Vista, Windows 2008, Windows 7: Complete the following steps: 1. 2. 3. 4. 5. Open the Start menu and enter mmc in the Start Search box. You can also enter mmc in a DOS cmd window. On the User Account Control window, click Continue. On the Console 1 window, select File > Add/Remove Snap-in. On the Add or Remove Snap-ins window, select Shared Folders and click Add.6. 7. 8. Click OK to exit the Add or Remove Snap-ins window. Expand Shared Folders (\\
). Select Shares and manage the shares as needed. Saving MMC settings You can save your MMC settings to use when managing shares on this server in later sessions. Complete these steps: 1. 2. 3. 4. On the MMC, select File > Save As. Enter a name for the file. The name must have the suffix .msc. Select Desktop as the location to save the file, and click Save. Select File > Exit.Adding CIFS shares CIFS shares can be added with the MMC, using the share management plug-in. When adding shares, you should be aware of the following: • The share path must include the X9000 file system name. For example, if the file system is named data, you could specify C:\fs1\folder1. NOTE: The Browse button cannot be used to locate the file system. • The directory to be shared will be created if it does not already exist. • The permissions on the shared directory will be set to 777.
To add a new share, select Shares > New Share and run the Create A Shared Folder Wizard. On the Folder Path page, enter the path to the share, being sure to include the file system name. When you complete the wizard, the new share appears on the Computer Management window.
Deleting CIFS shares To delete a CIFS share, select the share on the Computer Management window, right-click, and select Delete. Linux static user mapping with Active Directory Linux static user mapping (also called UID/GID mapping or RFC2307 support) allows you to use LDAP as a Network Information Service. When this feature is enabled, you can assign UIDs, GIDs, and other POSIX attributes such as the home directory, primary group and shell to users and groups in Active Directory.
http://technet.microsoft.com/en-us/library/cc778455(WS.10).aspx To install Identity Management for UNIX on a domain controller running Windows Server 2008 R2, see the following Microsoft TechNet article: http://technet.microsoft.com/en-us/library/cc731178.aspx Activating the Active Directory Schema MMC snap-in Use the Active Directory Schema MMC snap-in to add the attributes. To activate the snap-in, complete the following steps: 1. 2. 3. 4. Click Start, click Run, type mmc, and then click OK.
The following article provides more information about modifying attributes in the Active Directory global catalog: http://support.microsoft.com/kb/248717 Assigning attributes To set POSIX attributes for users and groups, start the Active Directory Users and Computers GUI on the Domain Controller. Open the Administrator Properties dialog box, and go to the UNIX Attributes tab. For users, you can set the UID, login shell, home directory, and primary group. For groups, set the GID.
Consolidating SMB servers with common share names If your SMB servers previously used the same share names, you can consolidate the servers without changing the share name requested on the client side. For example, you might have three SMB servers, SRV1, SRV2, and SRV3, that each have a share named DATA. SRV3 points to a shared drive that has the same path as \\SRV1\DATA; however, users accessing SRV3 have different permissions on the share. To consolidate the three servers, we will take these steps: 1. 2.
also be translated to /srv1/data, but the clients will have different permissions. The client requests for \\srv2/data will be translated to share srv2-DATA at /srv2/data. Client utilities such as net use will report the requested share name, not the new share name. Mapping old share names to new share names Mappings are defined in the /etc/likewise/vhostmap file. Use a text editor to create and update the file.
Differences in locking behavior When CIFS clients access a share from different servers, as in the X9000 Software environment, the behavior of byte-range locks differs from the standard Windows behavior, where clients access a share from the same server. You should be aware of the following: • Zero-length byte-range locks acquired on one file serving node are not observed on other file serving nodes.
and honors ACLS. The UID/GIDs and permission bits for files on a directory tree are peripheral to this activity, and are used only as much as necessary to obtain access to files on behalf of a Windows client. The various cases the CIFS server can encounter while accessing files and directories, and what it does with UID/GID and permission bits in that access, are considered in the following sections. Pre-existing directories and files A pre-existing Linux directory will not have ACLs associated with it.
Changing the way CIFS inherits permissions on files accessed from Linux applications To avoid the CIFS server modifying file permissions on directory trees that a user wants to access from Linux applications (so keeping permissions other than 700 on a file in the directory tree), a user can set the setgid bit in the Linux permissions mask on the directory tree.
occur for 15 to 20 minutes. The client's copy will then continue without error if the retry timeout has not expired. To work around this situation, take one of these steps: • Stop and restart the Likewise process on the affected file serving node: # /opt/likewise/bin/lwsm stop lwreg && /etc/init.d/lwsmd stop # /etc/init.d/lwsmd start && /opt/likewise/bin/lwsm start srvsvc • Power down the file serving node before failing it over, and do failback operations only during off hours.
8 Using FTP The FTP feature allows you to create FTP file shares for data stored on the cluster. Clients access the FTP shares using standard FTP and FTPS protocol services. IMPORTANT: Before configuring FTP, select an authentication method (either Local Users or Active Directory). See “Configuring authentication for CIFS, FTP, and HTTP” (page 42) for more information. To configure FTP, first create one or more configuration profiles.
• If the directory path to the share includes a subdirectory, be sure to create the subdirectory on the file system and assign read/write/execute permissions to it. (X9000 Software does not create the subdirectory if it does not exist, and instead adds a /pub/ directory to the share path.) • For High Availability, when specifying IP addresses for accessing a share, use IP addresses for VIFs having VIF backups. See the administrator guide for your system for information about creating VIFs.
Modifying a configuration profile To modify a configuration profile, select the profile on the Config Profiles pane, and click Modify Profile. You can then make the necessary changes on the Modify FTP Profile dialog box. To modify a configuration profile from the command line, use the following command: ibrix_ftpconfig –m PROFILENAME [-h HOSTLIST] [-S SETTINGLIST] Viewing configuration profiles The Modify FTP Profile dialog box shows details for a specific configuration profile.
NOTE: The allowed ports are 21 (FTP) and 990 (FTPS). The Users tab lists the users allowed read access, write access, or both on a share directory. You can add or delete users as necessary. To assign share permissions to specific users, click Add and complete the Add Users to Share dialog box.
To add an FTP share from the command line, use the following command: ibrix_ftpshare -a SHARENAME –c PROFILENAME -f FSNAME -p dirpath -I IP-Address:Port [–u USERLIST] [-S SETTINGLIST] For the -S option, use a comma to separate the settings, and enclose the settings in quotation marks, such as “browseable=true,readonly=true”. For the -I option, use a semicolon to separate the IP address:port settings and enclose the settings in quotation marks, such as “ip1:port1;ip2:port2;...”.
IMPORTANT: For FTP share access to work properly, the vsftpd service must be started by X9000 Software. Ensure that the chkconfig of vsftpd is set to OFF (chkconfig vsftpd off).
The following example shows an anonymous client accessing a share. For Active Directory users (specify the user as in this example: ASM2k3.
9 Using HTTP The HTTP feature allows you to create HTTP file shares for data stored on the cluster. Clients access the HTTP shares using standard HTTP and HTTPS protocol services. IMPORTANT: Before configuring HTTP, select an authentication method (either Local Users or Active Directory). See “Configuring authentication for CIFS, FTP, and HTTP” (page 42) for more information. The HTTP configuration consists of a configuration profile, a virtual host, and an HTTP share.
not create the subdirectory if it does not exist, and instead adds a /pub/ directory to the share path.) • For High Availability, when specifying IP addresses for accessing a share, use IP addresses for VIFs having VIF backups. See the administrator guide for your system for information about creating VIFs. Configuring HTTP with the HTTP Wizard The New HTTP Wizard creates a configuration profile, a virtual host, and an HTTP share. To begin, click Add Profile on the Config Profiles pane.
On the Create Share dialog box, click Create HTTP Share and set the appropriate parameters. Note the following: • The file system selected for the share must be mounted. If the directory path includes a subdirectory, be sure to create the subdirectory on the file system and assign read/write/execute permissions to it. (X9000 Software does not create the subdirectory if it does not already exist, and instead adds a /pub/ directory to the share path.
When the wizard is complete, users can access the share from a browser. For example, if you configured the share with the anonymous user, specified 99.226.50.92 as the IP address on the Create Vhost dialog box, and specified /reports/ as the URL path on the Create Share dialog box, users can access the share using the following URL: http://99.226.50.92/reports/ The users will see an index of the share (if the browseable property of the share is set to true), and can open and save files.
Modifying a virtual host To change the properties for a virtual host, select the virtual host on the VHosts page, click Modify Vhost, and make the necessary changes on the Modify VHost Properties dialog box. To modify a virtual host from the CLI, use the following command: ibrix_httpvhost -m VHOSTNAME -c PROFILENAME -I IP-Address:Port [-S SETTINGLIST] Viewing a virtual host The VHosts pane shows the configuration of virtual hosts.
Adding an HTTP share To add an HTTP share, click Add Share on the Share page. The HTTP Wizard opens at the Create Share dialog box. To add an HTTP share from the command line, use the following command: ibrix_httpshare -a SHARENAME -c PROFILENAME -t VHOSTNAME -f FSNAME -p dirpath -P urlpath [-u USERLIST] [-S SETTINGLIST] For the -S option, use a comma to separate the settings, and enclose the settings in quotation marks, such as “browseable=true,readonly=true”.
NOTE: When the HTTP configuration is changed with the management console GUI or CLI, the HTTP daemon is restarted automatically. Accessing shares Clients access an HTTP share by specifying a URL in their browser (Internet Explorer or Mozilla Firefox). In the following URLs, IP_address:port is the IP (or virtual IP) and port configured for the share.
For Active Directory users (specify the user as in this example: mycompany.
10 Managing SSL certificates Servers accepting FTPS and HTTPS connections typically provide an SSL certificate that verifies the identity and owner of the web site being accessed. You can add your existing certificates to the cluster, enabling file serving nodes to present the appropriate certificate to FTPS and HTTPS clients. X9000 Software supports PEM certificates. When you configure the FTP share or the HTTP vhost, select the appropriate certificate.
1. Generate a private key: openssl genrsa -des3 -out server.key 1024 You will be prompted to enter a passphrase. Be sure to remember the passphrase. 2. Remove the passphrase from the private key file (server.key). When you are prompted for a passphrase, enter the passphrase you specified in step 1. cp server.key server.key.org openssl rsa -in server.key.org -out server.key rm -f server.key.org 3. Generate a Certificate Signing Request (CSR): openssl req -new -key server.key -out server.csr 4.
NOTE: When you are ready to create a real SSL certificate, consult the following site for a description of the procedure: http://httpd.apache.org/docs/2.0/ssl/ssl_faq.html#selfcer Adding a certificate to the cluster To add an existing certificate to the cluster, click Add on the Certificates panel. On the Add Certificate dialog box, enter a name for the certificate. Use a Linux command such as cat to display your concatenated certificate file. For example: cat server.
scp server.pem ib87/tmp Then, on node ib87, add the certificate to the cluster: ibrix_certificate -a -c cert86 –p /tmp/server.pem Exporting a certificate If necessary, you can display a certificate and then copy and save the contents for future use. This step is called exporting. Select the certificate on the Certificates panel and click Export.
11 Using remote replication This chapter describes how to configure and manage remote replication. Overview Remote replication provides a transparent method to replicate changes in a source file system on one cluster to a target file system on either the same cluster or a second cluster. The remote replication service has two modes: continuous and run-once. Both files and directories can be replicated with remote replication, and no special configuration of segments is needed.
that have occurred since the last replication job are replicated from the source file system to the target file system. The following requirements apply to run-once replication: • File systems specified as the replication source or target must exist. • If a directory is specified as the replication target, the directory must exist on the target.
Note the following: • Several replication tasks can run in parallel. • Each replication is either a continuous or a run-once task. • The target subdirectories must not overlap. For example, if source cluster 1 is replicating to dir1, source cluster 2 can replicate to dir2, but it cannot replicate to dir1/dir2. Configuring the target for remote replication You can configure remote replication on the management console GUI or from the CLI.
NOTE: If the cluster uses an agile management console configuration, specify the virtual cluster name and the IP address of the virtual interface. The GUI configures the replication export with the default target hosts and network interface preferences. To specify your own preferences, use the ibrix_exportcfrpreference command. For more information, see “Identifying host and NIC preferences on the target cluster” (page 91). CLI procedure NOTE: This procedure does not apply to intracluster replication.
source cluster (clusterName) containing the file system to be replicated. Include the -P option if you do not want to set the host and NIC preferences.
To stop a task, select the task and click Stop. To pause a task, select the task and click Pause. The status of the task will change to PAUSED. Pausing a task that involves continuous data capture does not stop the data capture. You must allocate space on the disk to avoid running out of space because the data is captured but not moved. To resume a paused replication task, select the task and click Resume.
Configuring and managing replication tasks from the CLI NOTE: When configuring replication tasks, be sure to following the guidelines described in “Overview” (page 87). Starting a remote replication task to a remote cluster Use the following command to start remote replication on the specified source file system. The command is executed from the source cluster.
Querying remote replication tasks Use the following command to list all running and stopped continuous replication jobs in the cluster, optionally restricted by the specified file system and host name. ibrix_cfrjob -l [-f SRC_FSNAME] [-h HOSTNAME] [-C SRC_CLUSTERNAME] To see more detailed information about continuous and run-once replication tasks, run ibrix_cfrjob with the -i option. The command can optionally be restricted to a specified file system and host name.
ibrix_exportcfrpreference command can be used to change the network interface preference.
12 Creating snapshots The snapshot feature allows you to capture a point-in-time copy of a file system for online backup purposes and to simplify recovery of files from accidental deletion. The snapshot replicates all file system entities at the time of capture and is managed exactly like any other file system.
NOTE: If the snapshot store is too small, the snapshot will eventually exceed the available space (unless you detect this and manually increase storage). If this situation occurs, the array software deletes the snapshot resources and the X9000 Software snapshot feature invalidates the snapshot file system. Although you can monitor the snapshot and manually increase the snapshot store as needed, the safest policy is to initially provision enough space to last for the expected lifetime of the snapshot.
The type of storage array determines the maximum number of snapshots you can keep and mount per file system. Array Maximum number of snapshots to keep Maximum number of snapshots to mount P2000 G3 MSA System/MSA2000 32 snapshots per file system G2 array 7 snapshots per file system EqualLogic array 7 snapshots per file system 8 snapshots per file system For the P2000 G3 MSA System/MSA2000, the storage array itself also limits the total number of snapshots that can be stored.
On the General tab, enter a name for the strategy. For the Type, select either Day/Week/Month or Regular. • For Day/Week/Month, specify the number of snapshots to keep and mount on a daily, weekly, and monthly basis. Keep in mind the maximums allowed for your array type. NOTE: Daily means that one snapshot is kept per day for the specified number of days. For example, if you enter 6 as the daily count, the snapshot feature keeps 1 snapshot per day through the 6th day.
For either template, enter one or more of the following variables. The variables must be enclosed in braces ({ }) and separated by underscores (_). The template can also include text strings. When a snapshot is created using the templates, the variables are replaced with the following values. Variable Value fsname File system name shortdate yyyy_mm_dd fulldate yyyy_mm_dd_HHmmz + GMT After creating the snapshot strategy, you can create a schedule for the automated snapshots.
To create the schedule for the automated snapshots, go to the Schedule tab and click Schedule this task (or run now). You can set the frequency of the snapshots and schedule when they should occur. You can also set start and end dates for the schedule. When you click OK, the snapshot scheduler will begin taking snapshots according to the specified snapshot strategy and schedule.
-k KEEP The number of snapshots to keep per file system. For the P2000 G3 MSA System/MSA2000 G2 array, the maximum is 32 snapshots per file system. For Dell EqualLogic arrays, the maximum is eight snapshots per file system. If the strategy type is linear, enter the number of snapshots to keep, such as -k 6. If the strategy type is DWMGroup, enter the number of days, weeks, and months to retain snapshots. The numbers must be separated by commas, such as -k 2,7,28.
Modifying an automated snapshot scheme A snapshot scheme can be modified only from the CLI. Use the following command: ibrix_snap_strategy -e -n NAME -k KEEP -m MOUNT [-N NAMESPEC] [-M MOUNTSPEC] Viewing automated snapshot schemes On the GUI, you can view snapshot schemes on the Create Snapshot dialog box. Select Recurring as the Snapshot Type, and then select a snapshot scheme. A description of that scheme will be displayed.
For example, to delete snapshots ifs0_snap and ifs1_snap: /bin/ibrix_snap -d -f ifs0_snap,ifs1_snap Viewing snapshot information Use the following commands to view snapshot information from the CLI. Listing snapshot information for all hosts The ibrix_snap -l command displays snapshot information for all hosts.
The following table lists the output fields for ibrix_snap -i. Field Description SEGMENT Snapshot segment number. OWNER The file serving node that owns the snapshot segment. LV_NAME Logical volume. STATE State of the snapshot. BLOCK_SIZE Block size used for the snapshot. CAPACITY (GB) Size of this snapshot file system, in GB. FREE (GB) Free space on this snapshot file system, in GB. AVAIL (GB) Space available for user files, in GB.
The next window shows a CIFS client accessing the snapshot file system .fs1_snap1. The original file system is mapped to drive X.
Troubleshooting snapshots Snapshot reserve is full and the MSA2000 is deleting snapshot volumes When the snapshot reserve is full, the MSA2000 will delete snapshot volumes on the storage array, leaving the device entries on the file serving nodes. To correct this situation, take the following steps: 1. 2. 3. 4. Stop I/O or any applications that are reading or writing to the snapshot file systems. Log on to the active management console. Unmount all snapshot file systems.
13 Using data tiering This chapter describes how to configure and manage data tiering. Overview Use the data tiering feature to set a preferred tier where newly created files will be stored. Once files are created, you can use a tiering job to move them from initial storage, based on file attributes. When you start the tiering job, you can specify a desired number of file replicas to add (default is 0). • You can use any naming convention you choose to identify each tier grouping.
Note the following: • A tiering policy can contain multiple rules. • Tiering rules are based on individual file attributes. • All rules are executed when the tiering policy is applied during execution of the ibrix_migrator command. • It is important that different rules do not target the same files, especially if different destination tiers are specified. If tiering rules are ambiguous, the final destination for a file is not predictable. See “Ambiguous rules” (page 114), for more information.
NOTE: A tier is created whenever a segment is assigned to it. Be careful to spell the name of the tier correctly when you add segments to an existing tier. If you make an error in the name, a new tier is created with the incorrect tier name, and no error is recognized. Expanding a file system You can make tier assignments for new segments as you add them. NOTE: Verify that no tiering job is running before executing the file system expansion commands.
Managing a tiered file system and tiering policy After tiers have been defined on a file system, you can: • Add segments to existing tiers. • Add or delete tiers. • Add or delete rules for your tiering policy. • Run and monitor your tiering policy. You can perform these management activities from either the management console GUI or the CLI. This section provides instructions for managing via the CLI.
For example: /bin/ibrix_migrator -v -r -f ifs2 The output lists the file system name, the rule ID (IDs are assigned in the order in which rules are added to the configuration database), the rule definition, and the source and destination tiers. For example, if you specify the following rule: ibrix_migrator -A -f ifs2 -r 'mtime older than 1 month and ( name = "*.jpg" or name = "*.gif" )' -S T1 -D T2 The output lists the following: ifs2 2 mtime older than 1 month and ( name = "*.
Use the following qualifiers for fixed times and dates: • Time: Enter as three pairs of colon-separated integers using a 24-hour clock. The format is hh:mm:ss (for example, 15:30:00). • Date: Enter as yyyy-mm-dd [hh:mm:ss], where time of day is optional (for example, 2008-06-04 or 2008-06-04 15:30:00). Note the space separating the date and time. When specifying an absolute date and/or time, the rule must use a compare type operator (< | <= | = | != | > | >=).
Migration rule examples When you write a rule, identify the following components: • File system (-f) • Source tier (-S) • Destination tier (-D) Use the following command to write a rule. The rule portion of the command must be enclosed in single quotes. ibrix_migrator -A -f FSNAME -r 'RULE' -S SOURCE_TIER -D DEST_TIER Examples: The rule in the following example is based on the file’s last modification time, using a relative time period.
There is no guarantee as to the order in which the two rules will be executed; therefore, the final destination is ambiguous because multiple rules can apply to the same file. Example 2: Rules can cause data movement in both directions, which can lead to issues. In the following example, the rules specify that all .doc files in tier 1 to be moved to tier 2 and all .jpg files in tier 2 be moved to tier 1. However, this might not succeed, depending on how full the tiers are.
14 Using file allocation This chapter describes how to configure and manage file allocation. Overview X9000 Software allocates new files and directories to segments according to the allocation policy and segment preferences that are in effect for a client. An allocation policy is an algorithm that determines the segments that are selected when clients write to a file system. File allocation policies Different allocation policies can be set for files and directories.
How file allocation settings are evaluated X9000 clients and NFS/CIFS clients use the following precedence rules to evaluate the file allocation settings that are in effect for them: • If the host uses the default file and directory allocation policies and segment preferences: The RANDOM policy is applied, and a segment is chosen from among all segments.
NOTE: If your file and directory allocation policies are different and you want to make them the same, first verify that the file allocation policy is set correctly. Next, set the directory allocation policy to NONE. The directory allocation policy then reverts to its default value, which is the policy set for file allocation.
/bin/ibrix_fs_tune -f FSNAME {-h HOSTLIST|-g GROUPLIST} -S {SEGNUMLIST|ALL|LOCAL} Restoring the default segment preference The default is for all file system segments to be preferred.
15 Support and other resources Contacting HP For worldwide technical support information, see the HP support website: http://www.hp.
Glossary ACE access control entry. ACL access control list. ADS Active Directory Service. ALB Advanced load balancing. BMC Baseboard Management Configuration. CIFS Common Internet File System. The protocol used in Windows environments for shared folders. CLI Command-line interface. An interface comprised of various commands which are used to control operating system responses. CSR Customer self repair. DAS Direct attach storage.
SELinux Security-Enhanced Linux. SFU Microsoft Services for UNIX. SID Secondary controller identifier number. SNMP Simple Network Management Protocol. TCP/IP Transmission Control Protocol/Internet Protocol. UDP User Datagram Protocol. UFM Voltaire's Unified Fabric Manager client software. UID Unit identification. USM SNMP User Security Model. VACM SNMP View Access Control Model. VC HP Virtual Connect. VIF Virtual interface. WINS Windows Internet Naming Service.
Index Symbols /etc/likewise/vhostmap file, 63 32-bit mode, disable, 32 64-bit mode, enable, 11 A authentication methods Active Directory, 42 Local Users, 42 automated snapshots create from CLI, 101 create on GUI, 98 delete snapshot scheme, 103 modify snapshot scheme, 103 schedule from CLI, 102 snapshot scheme, 97 view snapshot scheme from CLI, 103 C CIFS activity statistics per node, 49 authentication methods, 42 configure local groups, 45 configure local users, 47 configure nodes, 49 file shares, 52 Linu
mountpoints, view, 15, 16 NFS export, 38 unexport, 39 quotas, 19 remote replication, 87 segments assign to tiers, 111 defined, 8 rebalance, 30 remove from tiers, 111 snapshots, 96 structure of, 8 troubleshooting, 35 unmount, 16 view summary information, 26 H help obtaining, 120 hostgroups, 16 HP technical support, 120 HP websites, 120 HTTP authentication methods, 42 configuration, 75 configuration profile, 76 configure local groups, 45 configure local users, 47 HTTP Wizard, 76 share, access, 81 share, conf
create from CLI, 101 create on GUI, 98 delete snapshot scheme, 103 modify snapshot scheme, 103 schedule from CLI, 102 view snapshot scheme from CLI, 103 clear invalid snapshot, 103 create, 103 defined, 96 delete, 103 discover LUNs, 97 list storage allocation, 97 mount, 103 register the snapshot partition, 97 set up the snapshot partition, 96 view information about, 104 Subscriber's Choice, HP, 120 T technical support HP, 120 service locator website, 120 U unmounting, file systems, 16 V volume groups dele