Module 4: Getting Started with Basic Network Administration

In this blog, I will demonstrate how to configure Network File System (NFS) and
Common Internet File System (CIFS)on a storage system.

The Network File System (NFS) is a client/server application that allows a computer user view as well as optionally store and update file on a remote computer as though they were on the user’s own computer. The NFS protocol is one of several distributed file system standards for network-attached storage (NAS). NFS uses Remote Procedure Calls (RPC) to route requests between clients and servers. Computers connected to a network operate as clients while accessing remote files, and as servers while providing remote users access to local shared files. It allows system administrators or the users who have NFS access permission to mount all file or portion of the file system on a server. That mounted file can be accessed by the client based on their assigned privileges such as Read, Write or Read-Write.

The Common Internet File System (CIFS) is an Internet Protocol-based file-sharing protocol. That is the standard way that computer users share files across corporate intranets and the Internet. CIFS uses the client-server programming model that is based on client request, server requests and return a response to access a file.

CIFS is considered an obsolete file sharing system because Server Message Block (SMB) has taken place of CIFS and most modern data storage systems use robust SMB 2.0 and 3.0 file sharing protocol.

Note: NFS is for Linux/Unix systems while CIFS is for windows systems mainly.

CIFS or SMB and NFS are the major protocols used in network-attached storage systems.

The tasks for the module 4:

  • Use NETAPP ONCOMMAND SYSTEM MANAGER to License NFS and CIFS Service
  • Use NETAPP ONCOMMAND SYSTEM MANAGER and CLI to Export a Volume
  • Mount exports from an administration host
  • Use NETAPP ONCOMMAND SYSTEM MANAGER to Configure CIFS service
  • Create a Windows Domain User
  • Use NetApp OnCommand system manager to View and create shares
  • Create a new share with computer management
  • Map shares to drive letters
  • Modify User Permissions
  • Display CIFS Sessions
  • Configure SMb 2.0 protocol
  • Terminate CIFS sessions

Steps for the task: Use NETAPP ONCOMMAND SYSTEM MANAGER to License NFS and CIFS Service

You require storage system software licenses to enable certain services and features on your storage system, such as NFS, CIFS, FCP, and iSCSI services. Some features require license keys depending on the platform model; However, some features do not require individual license key because those services are free of cost or along with other features of software pack.

Step1: Before active your license key for the services, check your license status and system serial number.

> license    [It will show you license status and system serial number]

1.jpg

Step 2: Go to your NETAPP ONCOMMAND SYSTEM MANAGER.  Dataontap->Configuration->System Tools->licenses.  Note: In the Licenses node, Name, type, key, and date of expiration of each license will be displayed.2.jpg

Licenses for the ESX build (Serial Number 4079432752): 

CIFS WMNZAUTQACAAAAXAGAAAAAAAAAAA CIFS protocol
FCP UBJDCUTQACAAAAXAGAAAAAAAAAAA Fibre Channel Protocol
FlexClone QFALEUTQACAAAAXAGAAAAAAAAAAA FlexClone
Insight_Balance WSKLIUTQACAAAAXAGAAAAAAAAAAA OnCommand Insight and Balance products
iSCSI IHLOBUTQACAAAAXAGAAAAAAAAAAA iSCSI protocol
NFS KSPKAUTQACAAAAXAGAAAAAAAAAAA NFS protocol
SnapLock OUVOFUTQACAAAAXAGAAAAAAAAAAA SnapLock Compliance
SnapLock_Enterprise KYMWHUTQACAAAAXAGAAAAAAAAAAA SnapLock Enterprise
SnapManager APTDGUTQACAAAAXAGAAAAAAAAAAA SnapManager and SnapDrive products
SnapMirror ELCWDUTQACAAAAXAGAAAAAAAAAAA SnapMirror, including synchronous SnapMirror
SnapProtect MJRSGUTQACAAAAXAGAAAAAAAAAAA SnapProtect Applications
SnapRestore SQEHDUTQACAAAAXAGAAAAAAAAAAA SnapRestore
SnapVault CAYZEUTQACAAAAXAGAAAAAAAAAAA SnapVault primary and secondary

Step 3: Cick ‘add’  to add license key. A box wizard appears. 3.jpg4.jpg

Put each of services licenses key that you want to enable. In my case, I enabled NFS, CIFS, iSCSI, FCP.5.jpg

Steps for the task: Use NETAPP ONCOMMAND SYSTEM MANAGER and CLI to Export a Volume

In this task, I will show how to create export and how to export a volume from other location using NETAPP ONCOMMAND SYSTEM MANAGER and CLI.

Step 1: Go to NETAPP ONCOMMAND SYSTEM MANAGER. Click dataontap ->  Export-> Storage. Then Click “Create“.6

A “Create Export” wizard appears. Click “Browse” for location folder where you want to export. 7.jpg11.jpg

Before “Create”, Set your export rule permission from “Edit”. then click “Modify” and “Create“. In my case, I selected “Read only” access rule for host permission.10.jpg

9.jpg

Step 2: For CLI prompt, You need to login via PuTTY with IP address or Hostname to connect Storage System.

First, you need to verify the content location, and whether automatic exporting of the new volume is enabled or not! by the following command lines. Note: If your new export volume is not enabled yet, make it enable because when the option nfs.export.auto-update is enabled, new volumes are exported upon creation.

rdfile /etc/exports

options nfs.export.auto-update

12.jpg

Step 3: Now you need to create a new volume by the following command:

vol create NFSvol aggr1 100m [create new volume]

rdfile /etc/exports [verify the export location]

exportfs -a [Display the current list of defined exports]

exportfs [display the list of current export]

13.jpg

As you see from the result of command line: the nfs.export.auto-update option only exports the volume is that is current exports, not existing export. [It will show previous exports volume is offline, not exported]

Steps for the task: Mount exports from an administration host

In this task, I will mount the export volume to the directory that I created the previous task using CLI interface.

  1. You need to establish a telnet session to the administration host and create a directory for your storage system and mount it with NFS Volume.

  ># mkdir /mnt/Node1 [Node 1 is the variable and it is not a best practice to create a directory by system name]

# mkdir /mnt/Node1/vol0 [Create a subdirectory in the note directory]

# mount IP_address:/vol/vol0 /mnt/Node1/vol0
# cd /mnt/Node1/vol0 [ To mount the storage system root volume to vol0]

# ls –al /mnt/Node1/vol0 [display the directory structure root volume of storage sytem]

# touch foo [this command create a file in the root of the storage]

# mkdir /mnt/Node1/nfs_tree1 [for creating a mount point on the client]

# mount IP_address:/vol/NFSvol/nfs_tree1 /mnt/Node1/nfs_tree1 [mount command excution ]

# cd /mnt/Node1/nfs_tree1        [change mount directory and create files]
# man csh > file1
# dd if=/dev/zero of=/mnt/Node1/nfs_tree1/file2 bs=8192 count=12500

df –h /vol/NFSvol [for checking disk usage on your storage system]

 

14.jpg

16.jpg

17.jpg

Steps for the task: Use NETAPP ONCOMMAND SYSTEM MANAGER to Configure CIFS service

In this task, I will configure CIFS service that is used for sharing a file in the windows operating system.

Step1: Go to the NetApp System Manger tools to connect cluster, click Configuration ->Protocol->CIFS. You will see that CIFS service status is not configured. 18.jpg

Step 2: Then click “Setup” to get CIFS setup Wizard.19.jpg

Step3: I selected “Multiprotocol” because I want to allow storage system to have Windows and Unix permission, but You can select “NTFS only” for Windows permission.20.jpg

Step4: Select Active Directory Authentication so that all domain users will be allowed to access CIFS File sharing. Then give Domain Name and Domain credentials.

21.jpg22.jpg

The Password is the storage root system password.23.jpg

Verify the default name of the system, and do not enter any WINS server addresses. Then Click Next24.jpg25.jpg26.jpg

Step5: The CIFS configuration is ready. You can view the details here.27.jpg

For review the Domain controller information and Server information, click Domain tab. 28.jpg

Steps for the task: Create a Windows Domain User

In this task, I will create a domain user and install Remote Server Administration Tools roles and features on DC server to access storage system vSim from domain users.

Step1: Go to your DC server and click Add roles and features from Server manager dashboard. 29.jpg30.jpg

Step2: Now you need to create a domain user. Go to Server Manager dashboard and select tools->  log in to the Active Directory Users and Computers, and create a domain user.31.jpg32.jpg33.jpg34.jpg

Steps for the task: Use NetApp OnCommand system manager to View and create shares

In this task, I will view the shares, create New Technology File System (NTFS) qtrees, and share the qtrees.

Step1: Go to the Storage system cluster. Select Storage -> Qtree  and click “Create35.jpg36.jpg37.jpg

Step 2: Go to Storage – > Shares. You will see a default shares folder list that has been already created. Click on “ETC$” and “Edit”  and C$ and “Edit” for set permission.38

Examine the current (default) permissions for this share on the Permission tab. You can set your own permission based on user list or you can leave the permission default for all users.39.jpg

Step 3: Now you need to create shares for cifs_tree1. Click “Create”, A “create share” wizard appears. Then Browse the cifs_tree1 for creating shares.40.jpg4243.jpg44.jpg

Step for the task: Create a new share with computer management

In this task, I will go back to my DC server. I will remotely connect with Storage system through Computer Management Service, and create a new share volume. Before performing that configuration, I will create an NTFS qtree called cifs_tree3 in NASvol using NetApp OnCommand System Manager. 45.jpg46.jpg

Step1: In the Dc server, Go to Computer Manager ( Search: Computer manager if you don’t know the location). From action tab, select “Connection to another computer“. Provide your storage system IP address for connection establish. 47.jpg48.jpg

Step2: Now you need to create a new share for cifs_qtree3 of NAS volume. Click right mouse on Shares -> Create New share.  “Create A Shared Folder” Wizard appears. Now49.jpg50.jpg51.jpg

Give the permission to the user that you created previous task “Domain User” section. Therefore, That user able to access the cifs_qtree3 shared folder. 52.jpg54.jpg55.jpg

56.jpg

Now check the permission, click right mouse on “cifs_qtree3″ and select “properties. Go to Share permission tab and check – “Do the domain user have full permission? if yes, then okay, Otherwise; give the full permission57.jpg

Steps for the task: Map shares to drive letters

In this task, I will Map the shared folders to drive letters. So that users can find the volume folder as a drive on their computer. It will be easy to manage and access rather than browser every time through computer manager.

Step1:  From the Windows desktop, click Start > Computer > Map Network Drive and follow the snapshot for further instruction of creating a mapped drive.58.jpg59.jpg60.jpg

Step2: Copy some files from your Windows machine to cifs_tree1 and cifs_tree3. That files will be necessary for the further module exercise.

61.jpg

Steps for the task: Modify User Permissions

In this task, I will show how to modify the user permissions via CLI command prompt

Step1: You need to configure permissions on cifs_tree1 for the domain user that you created earlier.  Go to your CL1 interface. Before modifying the permission, Go to Storage->Shares to check the current permission of cifs_tree1.62.jpg63.jpg

cifs access cifs_tree1 UserX rwx [ after execute this command, you can see userX = userdataontap got the permission of full access:rwx]

64.jpg

Step2: Now you need to verify the access permission through storage system console.

cifs shares

65.jpg

Steps3: Now you will view the permission from your dc machines through computer Manager. Go to DC server, open – Computer Manager and connect with your storage system through IP address. 66.jpg

 

Step3:  Now you will again modify the permission on the storage system for the cifs_tree1 share to read-only of domain userdataontap (or your userX).

cifs access cifs_tree1 userdataontap read [(UserX)=dataontap, or your own domain user]

67.jpg

Now again verify the permission, you will see the permission of userdataontap has changed for cifs_tree1.68.jpg69
 Steps for the task: Display CIFS Sessions

Step1: In NetApp System Manager, click Diagnostics > Session. You will notice that there is some session, at least you will view one session.70.jpg

Step2: Now you need to open Computer Management and connect to your storage system. You can view two sessions with connection time and idle time. 71.jpg

Now verify the session with Storage system console.

> cifs sessions [It wil show all current sessions]

72.jpg

Steps for the task: Configure SMb 2.0 protocol

In this task, I will configure SMb 2.0 Protocol in storage. And I will enable the service on the client machine.

SMB 2.0 Protocol is the upgrade version of CIFS. It operates mainly application-layer network and used for providing shared access files, serial ports and printers communication between nodes on the network.

Step1: Enable SMB 2.0 protocol on the storage system and the storage system’s SMB 2.0 protocol client capability. Go to CLI interface and execute the following command.

options cifs.smb2.enable on

options cifs.smb2.client.enable on

73.jpg

Step2: You need to go your client machine to enable SMB 2.0 protocol. and run cmd prompt. Then type the following command line:

sc config lanmanworkstation depend= bowser/mrxsmb10/mrxsmb20/nsi [an extra space after = ]

sc config mrxsmb20 start= auto

74.jpg

Step 3: Now you need to connect to a share from your client machine to your Storage system and open the folder named “Home“. 76.jpg77

Step 4: You need to verify the SMB2.0 protocol open sessions from the storage system. Execute the following command, you can view all available sessions including your client machine.

cifs sessions –p smb2

78.jpg

Steps for the task: Terminate CIFS sessions

In this task, I will show you how to disconnect all the CIFS session from the Storage system through NetApp OnCommand system manager, and remote connection through “Computer Management” service. At the end of the demo, I will restart CIFS service again, so Don’t forget yours.

Step1: Go to your DC server and connect with your Storage system through Computer management. Select sessions, you can see their current available sessions. click right mouse button, select “Disconnect All Session“. 79.jpg

You will get a message that you will not able to disconnect all session because one session is using computer management at this moment. 80.jpg

Step2: Go to the NetApp OnCommand System Manager, Open your storage system. Go to Configuration -> Protocols->CIFS. Click On “STOP” for stopping all sessions.81.jpg82.jpg83.jpg

Click Diagnostics > Session. You can see there is no session after stopped the CIFS service.

84.jpg

Step 3: For restart the CIFS service again. Go to the Protocols->CIFS again. Click “START“. Service will be restarted!

85.jpg86.jpg

What is NTFS?

NTFS is the file system that the Windows operating system uses for storing and retrieving files on a hard disk by local and remote users.

What is qtree?

A qtree is a logically defined file system that can exist as a special subdirectory of the root directory within an internal volume. You can create up to 4,995 qtrees per internal volume. There is no maximum for the storage system as a whole. There are no restrictions on how much disk space can be used by the qtree or how many files can exist in the qtree.

Recommendation: You will need to execute so many commands to configure, verification and analysis of your storage system; therefore, sometimes you will get errors because of the spelling mistake, not putting # when it requires. Just careful about your typing when you need to execute any command in the terminal console.

Screencast: https://www.youtube.com/watch?v=ZEkbv6MHW4Y

The next module-5, I will discuss “Protecting Data using Snapshot Technology

Thank you 🙂

 

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s