NFS
How the Content Software for File system enables file access through the NFS protocol instead of through the client. The Content Software for File system supports NFS v3.
Workflow: Deploy NFS service with a Content Software for File client software
The Content Software for File system supports the NFSv3, NFSv4.0, and NFSv4.1 protocols. The NFS protocol allows client hosts to access the Content Software for File filesystem without installing Content Software for File’s client software using the standard NFS implementation of the client host operating system. While this implementation is easier to deploy, it does not compare in performance to the Content Software for File client.
In order to implement NFS service from a Content Software for File cluster, the following steps must be implemented:
| Step | Method of Implementation |
| Define a set of hosts that will provide the NFS service, which can be the whole cluster or a subset of the cluster. | Define an interface group. |
| Define Ethernet ports on each of the defined hosts that will be used to provide the NFS service. | Define an interface group. |
| Allocate a pool of IP addresses that will be used by the Content Software for File software to provide the NFS service. | Define an interface group. |
| Define a Round-robin DNS name that resolves to the floating IPs. | On the local DNS service configuration; does not involve Content Software for File management. |
| Define the list of client hosts that have access permissions to the NFS filesystems. | Create a client permission group. |
| Configure the client hosts and the filesystems that they can access. | Create a client permission group. |
| Mount the file systems on the client hosts using the NFS mount operating system support. | On the client operating system; does not involve Content Software for File management. Content Software for File management. |
Defining the NFS networking configuration (interface groups)
You can add only a single port to an interface group. To support High Availability (HA) in NFS, create two interface groups. On each interface group, assign the host ports.
To ensure that a single point of failure is not created in the switch, consider the network topology (switches) when assigning the other host ports to these interface groups.
Implementing NFS service from a Content Software for File cluster
In order to define the NFS service, one or more interface groups must be defined. An interface group consists of the following:
- A collection of Content Software for File hosts with an Ethernet port for each host, where all the ports must belong to the same layer 2 subnets.
- A collection of floating IPs that serve the NFS protocol on the hosts and ports. All IP addresses must belong to the layer 2 subnet above.
- A routing configuration for the IPs which must comply with the IP network configuration.
Up to 10 different Interface groups can be defined, where multiple interface groups can be used if the cluster needs to connect to multiple layer 2 subnets. Up to 50 hosts can be defined in each interface group.
The Content Software for File system will automatically distribute the IP addresses evenly on each host and port. On failure of the host, the Content Software for File system will reasonably redistribute the IP addresses associated with the failed host on other hosts. To minimize the effect of any host failures, it is recommended to define sufficient floating IPs so that the system can assign four floating IPs per host.
Configuring the round-robin DNS server
To ensure that the various NFS clients will balance the load on the various Content Software for File hosts serving NFS, it is recommended to define a Round-robin DNS entry which will resolve to the list of floating IPs, ensuring that client loads will be equally distributed across all hosts.
Defining NFS access control (client access groups)
In order to control which host can access which file system, NFS client permission groups must be defined. Each NFS client permission group contains:
- A list of filters for IP addresses or DNS names of clients that can be connected to the Content Software for File system using NFS.
- A collection of rules that control access to specific filesystems.
Configuring NFS on the client
The NFS mount should be configured on the client host using the standard NFS stack operating system. The NFS server IP address should point to the Round-Robin DNS name defined above.
NFS service load balancing and resiliency
The Content Software for File NFS service is a scalable, fully load-balanced, and resilient service that provides continuous service through failures of any kind.
Scalability is implemented by defining many hosts that serve the NFS protocol, thereby enabling the scaling of performance by adding more hosts to the interface group.
Load balancing is implemented using floating IPs. By default, the floating IPs are evenly distributed over all the interface group hosts/ports. When different clients resolve the DNS name into an IP service, each of them receives a different IP address, thereby ensuring that different clients will access different hosts. This allows the Content Software for File system to scale and service thousands of clients.
The same mechanism ensures the resiliency of the service. On a host failure, all IP addresses associated with the failed host will be reassigned to other hosts (using the Gratuitous Address Resolution Protocol (GARP) network messages) and the clients will reconnect to the new hosts without any reconfiguration or service interruption.
Managing NFS networking configuration (interface groups)
How to manage the NFS networking configuration (interface groups) using the GUI.
Creating interface groups using the GUI
Interface Groups define the hosts and ports that provide the NFS service.
Procedure
From the menu, select .
On the left pane, select NFS.
In the Configuration tab, select the + sign near the Interface Groups title.
In the Create Interface Group dialog set the following properties:
- Name: A unique interface group name (maximum 11 characters).
- Gateway: A valid IP address of the gateway.
- Subnet mask: The subnet mask in CIDR (Classless Inter-Domain Routing) format. For example, a value of 16 equals 255.255.0.0.
Select Save.
Setting interface group ports using the GUI
Once you create an interface group, set its ports.
Procedure
In the Configuration tab, select the interface group.
In the Group Ports table, select +Create.
In the Add Port dialog, set the following properties:
- Hostname: Select the host ID on which the port resides.
- Port: Select the port from the list.
Removing an Interface Group Port using the GUI
In the Configuration tab, select the interface group.
In the Group Ports table, select the three dots, and from the menu select Remove.
Setting interface group IPs using the GUI
In the Configuration tab, select the interface group.
In the Group IPs table, select +Create.
In the Add Rang IP dialog, set the relevant IP range.
Select Save.
Removing an Interface Group IPs using the GUI
In the Configuration tab, select the interface group.
In the Group IPs table, select the three dots, and from the menu select Remove.
Managing NFS access control (client access groups)
How to manage NFS access control (client access groups) using the GUI.
Defining client access groups using the GUI
In the Permissions tab, select the + sign near the Client Groups title.
In the Create Client Group dialog, set the client group name (DNS server name).
Select Save.
Managing client access groups using the GUI
In the Permissions tab, select ADD DNS for the relevant Client Group.
In the Create Client Group DNS Rule dialog, set the DNS server name. Then, select Save.
In the Permissions tab, select ADD IP for the relevant Client Group.
In the Create Client Group IP Rule dialog, set the IP address and bitmask. Then, select Save.
Removing the DNS or IP of a client group using the GUI
In the Permissions tab, select the trash symbol displayed next to the DNS or IP for the relevant Client Group.
Managing NFS client permissions
In the Permissions table, select +Create.
In the Filesystem Permission Creation dialog, set the following properties:
- Client Group: The client group to which the permissions are applied.
- Filesystem: The filesystem to which the permissions are applied. A filesystem set with required authentication cannot be used for NFS export.
- Path: The exported directory path (root share).
- Type: The access type: RO (read-only) or RW (read/write).
- Squash Root: The squash mode that the system enforces with the client permission.
- Anon. UID: Anonymous user ID. Only relevant for Root and All user squashing.
- Anon. GID: Anonymous group ID. Only relevant for Root and All user squashing.
Select Save.
