Optional configuration

Explanation of some configuration options.

High Availability

The following steps are optional and create High Availability (HA) access to a Share via a virtual IP. High Availability configuration supports continued operation during the outage of one File Accesser device when more than three File Accesser devices are configured.

  1. Under HA Configuration, enter a Virtual IP address. Multiple addresses are allowed in a comma-separated list.
  2. Click Update. The added virtual IP is now listed on the File Accesser Configure Device page.
  3. The Monitor File Server Pool page shows the status of the defined virtual IP.
  4. Defined virtual IP addresses can now be used.
Note:

When new File Accesser devices are added to an existing File Server Pool cluster (with more than five devices), the HA inter-device communication system might timeout before status is properly reported for the entire cluster. If it occurs, you must restart the HA service on each device in the File Server Pool by using the following command.

$ service corosync stop; service corosync start; service pacemaker start

This procedure is only needed after the addition of a new node where the cluster status appears to not come back online after the new device addition.

Two sites for Disaster Recovery

Two sites can be configured for File Accesser Devices. The second site contains a mirror of all metadata stored within the primary site. The second site should have the same number of File Accesser Devices as the first site. The second site is not supported as an active use location and should be used for Disaster Recovery purposes during the technology preview.

When File Server Pools are created, the “Site” designation identifies all of the File Accesser devices that should participate in a single metadata cluster. A “Site” can have one or multiple File Server Pools that participates in the metadata cluster.

To create a second site for Disaster Recovery, include the same number of File Accesser devices as in the first site (some of all devices in each File Server Pool). All that is needed to enable the Disaster Recovery site is to create a File Server Pool (or multiple File Server Pools) with a second “Site” designation. The metadata Cluster software automatically handles the mirrored replication between the two sites.

Access Control

System administrators can provide a list of authorized systems into the Authorized Systems text area.

A blank list implies all systems can access the share. A non-empty list implies only the systems that are listed in the text box have access to the share.

The Manager application validates each authorized system in the list. An authorized system must be one of the following.

  • An IPv4 address.
  • A Classless Inter-Domain Routing string. For example, 192.168.56.101/24.
  • An IPV4 address with a subnet address. For example, 192.168.56.101/255.255.255.0.
  • A Fully Qualified Domain Name. For example, usil.ibm.com
  • A string equal to “*”. A '*' implies any system can access the share.
  • A '*' in domain names. A name with a '*' is matched as a Posix basic regular expression. For example, *.ibm.com.
    Note: *.ibm.com matches usil.ibm.com or host1.usil.com.
  • One or more '?' in the domain name. A domain name with one or more '?' is also matched as a Posix basic regular expression. For example, usil?.ibm.com matches usi.ibm.com or usil.ibm.com
  • Character Classes ([..]) in domain names. For example, [abc]-host.ibm.com. It matches a-host.ibm.com or b-host.ibm.com or c-host.ibm.com
  • '*' or '?' or '[]' can be present in the same domain name multiple times.
Note: If an entry in the list contains '?', '*', or '[', then the Manager application verifies that the authorized system string is a valid regular expression. It is so that entries such as *.ibm.com, host?.ibm.com, and host[1-9].ibm.com can be entered.
Note: Wildcards are not supported in IP/subnet addresses.
Note: Each entry must be 1 - 253 characters.
Note: Entries are case-insensitive.
Note: Each share can have 1000 allowed machine names.

Cloud Storage Object Access

Users can read their NFS written files with the Cloud Storage Object API. To set either anonymous or authenticated Cloud Storage Object Access, use the Cloud Storage Object Access section of the Configure Share page.