GlusterFS 9 : GlusterFS + SMB2021/07/09 |
Configure GlusterFS volume to enable SMB protocol.
For example, Configure SMB setting to a Gluster Volume [vol_distributed] like an example of the link here.
|
|
[1] | Configure GlusterFS to enable SMB setting on a Node in GlusterFS Cluster. |
[root@node01 ~]#
dnf -y install centos-release-samba413 perl
[root@node01 ~]#
sed -i -e "s/enabled=1/enabled=0/g" /etc/yum.repos.d/CentOS-Samba-413.repo
# search the latest available version of samba on [samba413] repo and
# downgrade [samba-common-libs] to the version above because # samba on [baseos] repo is newer and can not resolve dependencies if using the latest # then it's possible to install [samba-vfs-glusterfs] packages for Gluster SMB
[root@node01 ~]#
VER=$(dnf --enablerepo=centos-samba413 --disablerepo=baseos repoquery samba | tail -1 | cut -d'-' -f2,3) [root@node01 ~]# dnf --enablerepo=centos-samba413 -y downgrade samba-common-libs-$VER [root@node01 ~]# dnf --enablerepo=centos-samba413 --disablerepo=baseos -y install ctdb samba samba-vfs-glusterfs
# stop the target Gluster volume and change settings [root@node01 ~]# gluster volume stop vol_distributed Stopping volume will make its data inaccessible. Do you want to continue? (y/n) y volume stop: vol_distributed: success [root@node01 ~]# gluster volume set vol_distributed user.smb enable volume set: success [root@node01 ~]# gluster volume set vol_distributed performance.write-behind off volume set: success
[root@node01 ~]#
gluster volume set vol_distributed group samba volume set: success
[root@node01 ~]#
vi /var/lib/glusterd/hooks/1/start/post/S29CTDBsetup.sh # line 25 : change to the target Gluster volume name META=" vol_distributed "
[root@node01 ~]#
vi /var/lib/glusterd/hooks/1/stop/pre/S29CTDB-teardown.sh # line 13 : change to the target Gluster volume name META=" vol_distributed "
# start Gluster volume [root@node01 ~]# gluster volume start vol_distributed volume start: vol_distributed: success # with the settings above, following mounting is done automatically [root@node01 ~]# df -h /gluster/lock Filesystem Size Used Avail Use% Mounted on node01.srv.world:/vol_distributed.tcp 52G 5.6G 47G 11% /gluster/lock[root@node01 ~]# tail -1 /etc/fstab node01.srv.world:/vol_distributed /gluster/lock glusterfs _netdev,transport=tcp,xlator-option=*client*.ping-timeout=10 0 0
[root@node01 ~]#
vi /etc/ctdb/nodes # create new # write all Nodes that configure target Gluster volume 10.0.0.51 10.0.0.52
[root@node01 ~]#
vi /etc/ctdb/public_addresses # create new # set virtual IP address for SMB access # [enp1s0] means network interface name ⇒ replace to your environment 10.0.0.59/24 enp1s0
[root@node01 ~]#
systemctl enable --now ctdb
# confirm status [root@node01 ~]# ctdb status Number of nodes:2 pnn:0 10.0.0.51 OK (THIS NODE) pnn:1 10.0.0.52 DISCONNECTED|UNHEALTHY|INACTIVE Generation:112345513 Size:1 hash:0 lmaster:0 Recovery mode:NORMAL (0) Recovery master:0[root@node01 ~]# ctdb ip Public IPs on node 0 10.0.0.59 0 |
[2] | Configure Samba. For example, Create a shared Folder that users in [smbgroup] group can only access to shared folder [smbshare] and also they are required user authentication. |
# mount Gluster volume with GlusterFS Native and create a shared folder for SMB access [root@node01 ~]# mount -t glusterfs node01.srv.world:/vol_distributed /mnt [root@node01 ~]# mkdir /mnt/smbshare [root@node01 ~]# groupadd smbgroup [root@node01 ~]# chgrp smbgroup /mnt/smbshare [root@node01 ~]# chmod 770 /mnt/smbshare [root@node01 ~]# umount /mnt
[root@node01 ~]#
vi /etc/samba/smb.conf [global] workgroup = MYGROUP netbios name = MYSERVER server string = Samba Server Version %v log file = /var/log/samba/log.%m max log size = 50 security = user passdb backend = tdbsam load printers = yes cups options = raw # add follows clustering = yes kernel share modes = no kernel oplocks = no map archive = no map hidden = no map read only = no map system = no store dos attributes = yes # following 9 lines are configured automatically [gluster-vol_distributed] comment = For samba share of volume vol_distributed vfs objects = glusterfs glusterfs:volume = vol_distributed glusterfs:logfile = /var/log/samba/glusterfs-vol_distributed.%M.log glusterfs:loglevel = 7 path = / read only = no kernel share modes = no # add follows writable = yes valid users = @smbgroup force create mode = 777 force directory mode = 777 inherit permissions = yes
[root@node01 ~]#
systemctl enable --now smb
# add Samba user [root@node01 ~]# useradd cent [root@node01 ~]# smbpasswd -a cent New SMB password: # set any SMB password Retype new SMB password: Added user cent. [root@node01 ~]# usermod -aG smbgroup cent |
[3] | If SELinux is enabled, change policy. |
[root@node01 ~]# setsebool -P use_fusefs_home_dirs on [root@node01 ~]# setsebool -P samba_load_libgfapi on [root@node01 ~]# setsebool -P domain_kernel_load_modules on
[root@node01 ~]#
vi gluster_smb.te # create new module gluster_smb 1.0; require { type glusterd_t; type ctdbd_t; type load_policy_t; class fifo_file read; class capability sys_ptrace; } #============= ctdbd_t ============== allow ctdbd_t self:capability sys_ptrace; #============= load_policy_t ============== allow load_policy_t glusterd_t:fifo_file read; checkmodule -m -M -o gluster_smb.mod gluster_smb.te [root@node01 ~]# semodule_package --outfile gluster_smb.pp --module gluster_smb.mod [root@node01 ~]# semodule -i gluster_smb.pp |
[4] | If Firewalld is running, allow services. |
[root@node01 ~]# firewall-cmd --add-service={samba,ctdb} success [root@node01 ~]# firewall-cmd --runtime-to-permanent success |
[5] | Verify it can access to the target share with SMB from any Linux client computer. The examples below are on Linux clients but it's possible to access from Windows clients with common way. |
# verify with [smbclient] [root@client ~]# smbclient //node01.srv.world/gluster-vol_distributed -U cent Enter SAMBA\cent's password: Try "help" to get a list of possible commands. # verify witable to move to shared folder smb: \> cd smbshare smb: \smbshare\> mkdir testdir smb: \smbshare\> ls . D 0 Fri Jul 9 19:22:04 2021 .. D 0 Fri Jul 9 19:16:30 2021 testdir D 0 Fri Jul 9 19:22:04 2021 54491144 blocks of size 1024. 48577824 blocks available smb: \smbshare\> exit # verify with [mount] # for [10.0.0.59], it is virtual IP address set in [1] section [root@client ~]# mount -t cifs -o vers=3.0,username=cent //10.0.0.59/gluster-vol_distributed /mnt Password for cent@//10.0.0.59/gluster-vol_distributed: ******** df -hT Filesystem Type Size Used Avail Use% Mounted on devtmpfs devtmpfs 1.9G 0 1.9G 0% /dev tmpfs tmpfs 1.9G 0 1.9G 0% /dev/shm tmpfs tmpfs 1.9G 8.6M 1.9G 1% /run tmpfs tmpfs 1.9G 0 1.9G 0% /sys/fs/cgroup /dev/mapper/cs-root xfs 26G 2.4G 24G 10% / /dev/vda1 xfs 1014M 322M 693M 32% /boot tmpfs tmpfs 374M 0 374M 0% /run/user/0 //10.0.0.59/gluster-vol_distributed cifs 52G 5.7G 47G 11% /mnt[root@client ~]# touch /mnt/smbshare/testfile.txt [root@client ~]# ll /mnt/smbshare total 4 drwxr-xr-x. 2 root root 0 Jul 9 19:22 testdir -rwxr-xr-x. 1 root root 0 Jul 9 19:23 testfile.txt |
Sponsored Link |