Top
ETERNUS SF Storage Cruiser V16.9 Operation Guide
FUJITSU Storage

6.6.3 Installation Steps

The installation steps for performing ETERNUS Disk storage system NAS operation is explained.

Installation is implemented in the following order.

Order

Installation Item

Title of Sections Listed
in the Web Console Guide

Optional/Required
(*1)

1

Creating Shared Folder

Create Shared Folder

Required

2

Creating NAS Interface

Create NAS Interface

Required

3

NAS File System Environment Settings

Configure DNS Server

Optional

Configure Authentication Server

Optional

*1: Tasks that must be performed in order to operate the NAS file system are "Required", while tasks that may be omitted are "Optional".

Point

If an authentication system is not implemented then the NAS file system can be accessed from any clients connected to the business LAN. It is strongly recommended that an authentication server is properly configured and implemented.

6.6.3.1 Creating Shared Folder

Create a shared folder in order to configure the folder of the access destination of the NAS file system.

Configure the following for the shared folder:

Table 6.6 Create Shared Folder

Subject of Configuration

Configuration Details

Shared Folder

NAS Backup

NAS Snapshot

Access Settings

Quota Settings

Shared Folder

Usage

Purpose and intended use of the shared folder. You can select either "File Sharing" or "Home Directory".
If you select "Home Directory", you cannot specify values of the following items.

Item Name

Explanation

Shared Folder Name

"homes" is fixed.

Protocol

"CIFS" is fixed.

Enumeration Based on Access Permission Settings

"Disable" is fixed.

Configurations of CIFS Access Permission to Shared Folder

No specification is allowed.

The setting items other than listed above are common to all the home directories that are created under the shared folder.

Shared Folder Name

The name of the shared folder.

Protocol

The protocol to be used by the shared folder.
It is possible to select CIFS, NFS, or both of these protocols.

See

When using a protocol other than CIFS and NFS, refer to the procedure for creating NAS environments described in the ETERNUS Disk storage system manuals.

Oplocks Setting

This is the configuration of the Oplocks function that prevents concurrent file access.
It is possible to configure this only when using the CIFS protocol.

When the Oplocks function is enabled, although improvement of access performance from the client can be expected, it becomes impossible to use the Alternate Data Stream. In addition, when selecting both protocols of CIFS and NFS, it is recommended that the Oplocks function is not enabled.

Data Access SMB Encryption

Settings that are for the SMB encryption function.
The settings can be configured only when using the CIFS protocol.

When the SMB encryption function is enabled, the communications between the client and the ETERNUS Disk storage system are encrypted. In order to use this function, the client must support SMB 3.0.

Note

When data access encryption is enabled, clients that do not support SMB 3.0 cannot access the shared folder.

Enumeration Based on Access Permission Settings

This is the Access Based Enumeration (ABE) function settings.
The settings can be configured only when using the CIFS protocol.

When the ABE function is enabled, folders and files that cannot be referenced by users accessing the shared folder are not displayed.

Destination Volume of Shared Folder Creation Destination

This is the volume where the shared folder is to be created.

When no NAS volumes are already defined, a new NAS volume is created.
When NAS volumes are already defined, one of them may be selected, or a new NAS volume may be created.

NAS File System Block Size of Shared Folder Creation Destination

This is NAS file system block size.
Only specified when creating a new NAS volume.

Information

If you increase the block size, the maximum volume capacity and the maximum file size increases, but the capacity efficiency decreases.

NAS Volume Capacity of Shared Folder Creation Destination

This is the capacity of the NAS volume.
Only specified when creating a new NAS volume.

The capacity that can be specified differs depending on the NAS file system block size. For details, refer to the NAS file system specification described in the ETERNUS Disk storage system manuals.

Information

For NAS volume, a system area of 300 GB is reserved. For this reason, the area available as a file system is the value after subtracting the system area from the area specified for the NAS volume.

For example, if a NAS volume of 3 TB is created, the user area is 2.7 TB and the system area is 0.3 TB.

NAS Volume Number of Shared Folder Creation Destination

This is a NAS volume number.

Specify this number when execute the inter-box backup of NAS volumes.
In the ETERNUS DX100 S3/DX200 S3, DX500 S3/DX600 S3 whose firmware version is earlier than V10L51, the NAS volume number must be the same at ETERNUS Disk storage systems as backup source and backup destination respectively.

NAS Backup

This is set for the purpose of backing up the NAS volume data.

NAS Backup Volume

When there is no NAS backup volume, create a new NAS backup volume. Where there is a NAS backup volume, you can choose to either create a new NAS backup volume or use an existing NAS backup volume.

The NAS backup volume is created with the following details.

Volume Name

nasVolumeName$bak_N (*1)

Capacity

Same as the source NAS volume.

Volume Type

Same as the source NAS volume.

Thin Provisioning Pool of the Creation Destination

User Selection

*1: "N" is a sequential number from 0. The number of digits varies.

When a NAS backup volume is created, the following copy group and copy pair are automatically created.

  • Copy group

    The copy group is a group of copy pairs. A copy pair is comprised of a source NAS volume and a destination NAS backup volume.

    Copy Group Name

    NAS_QuickOPC_nasVolumeName_N (*1,*2)

    Copy Group Type

    QuickOPC

    *1: "N" is a sequential number from 0. The number of digits varies.

    *2: Characters other than those listed below in nasVolumeName are replaced with hash (#):
    One-byte alphanumeric character, minus (-), underscore (_), hash (#), period (.), plus (+)

  • Copy pair

    The copy pair is a definition of a source NAS volume and a destination NAS backup volume. A copy pair is defined within a copy group.

In addition, it is also possible to configure NAS backup individually. Refer to "6.6.4.10 Configuring NAS Backup" for this procedure.

Point

  • For increased reliability, it is recommended to create Thin Provisioning Pools of the creation destination for the NAS backup volume and the NAS volume in separate Thin Provisioning Pools.

  • When configuring NAS backup or backing up the NAS volume, an ETERNUS SF AdvancedCopy Manager Local Copy License is required.

NAS Snapshot

Sets the number of generations that the NAS snapshot has and the schedule that the snapshot is captured automatically. This can be configured only when setting a new NAS snapshot. When using an existing NAS snapshot, the existing setting is used. This cannot be modified.

Number of Snapshot Generations

Sets the number of snapshot generations owned.
The settable number of NAS snapshot generations varies with the device model and firmware version number, and with the total number of NAS snapshot generations specified for a target device. Set a value in this item for a target device so that the maximum settable number of NAS snapshot generations is not exceeded.
The total number of NAS snapshot generations specified for a device means the sum of NAS snapshot generations set for all the NAS volumes in the device. The number of generations includes the number of generations taken in Automatic mode and the number of generations taken in Manual mode, as well. Refer to the NAS snapshot specification described in the ETERNUS Disk storage system manual for details.

Schedule Configuration

Sets the schedule that the snapshot is captured automatically. The following items are set.

Item

Explanation

Cycle

Selects the cycle for capturing snapshots.
Daily: Snapshots captured every day at selected "Time".
Weekly: Snapshots captured on the selected "Day" and "Time" of every week.

Day

Selects the days to capture the snapshot.
This cannot be selected when Daily is selected for the [Cycle].
Check the check box of the days you wish to capture the snapshot.

Time

Selects the time to capture the snapshot.
Check the check box of the time you wish to capture the snapshot.

When an interval of capturing a snapshot is selected, the selected interval time is automatically checked from the start point of zero time.

When configuring a new NAS snapshot, the NAS snapshot volume for the collected snapshot backup is automatically created. The NAS snapshot volume is created with the following content.

Volume Name

nasVolumeName$snap_N (*1)

Capacity

Same as the NAS volume of the backup source

Volume Type

SDV

RAID Group Created

User Selection

*1: "N" is a sequential number from 0. The number of digits varies.

Point

  • The snapshot is collected based on the time set for the ETERNUS Disk storage system.

  • When a new NAS snapshot is configured, it automatically goes into start state.

Note

When using the snapshot function, enable SNMP Trap Setup. If SNMP Trap Setup is not enabled, snapshot collection result is not notified. Refer to "Change ETERNUS Disk Storage System Information" in the Web Console Guide for the procedure to change SNMP Trap Setup via Web Console.

Access Settings

Access Configurations of Shared Folder

The owner and group that issue access rights in relation to the shared folder are configured. For the owner and group, configure a user and group on the authentication server configured with "6.6.3.3 NAS File System Environment Settings" or configure a local user and local group registered with "6.6.2.1 ETERNUS Disk Storage System Configuration" for connecting to NAS. When root is configured as the owner and group that has the access rights of the shared folder, it is possible to access the shared folder from all clients on the business LAN.

Point

  • Set root to the owner and the group when making first time of the shared folder or the authentication server is a unsetting. Refer to "6.6.4.3 Changing Access Setting for Shared Folder" for the modification procedure when the access authority is given to a specific owner and the group after the authentication server is set.

  • In order to perform detailed access control such as specifying Read-Only to individual users other than the owner, directly configure this in relation to the authentication server.

Host Access Configurations of Shared Folder

Configure host access, permitted and denials, to the shared folder. When a host to permit is not specified, access from all hosts is permitted.

It is possible to configure hosts to deny only when CIFS is specified for the protocol.
It is possible to configure hosts allowed access with root privileges only when NFS is specified for the protocol.

Point

  • If a user other than root user is specified for an NFS owner and group, the root user of an NFS client cannot operate files in a shared folder with root privileges.

  • If you specify a host allowed access with root privileges, only the root user of the specified NFS client can operate files in a shared folder with root privileges.

Note

The host access control to the shared folder when NFS is specified for protocol complies with the standard NFS server control.

Since there is priority on the order of specified host names, the specified order is important. Also, the host name specified for root Access Allowed Hosts must correspond to a NFS allowed host in the format of the character string.
Concretely speaking, when specifying multiple host names for the NFS allowed host, the priority order applied to root Access Allowed Hosts differs with the specified format and order. The priority order is as follows. The number 1 shows the highest priority and the number 4 shows the lowest priority. When the priority order is the same, the number listed to the left has a priority.

Priority Order

Specified Format

1

FQDN

2

IP address, IP network (for example: 192.0.2.0/255.255.255.0)

3

Others (host name, FQDN that includes *)

4

*

Depending on the specified order, access may not be allowed with root privileges from a host specified for root Access Allowed Hosts. The following is the example:

  • Inaccessible example with root privileges

    Specified IP address and IP network are mixed.

    Allowed hosts: 192.0.2.0/255.255.255.0, 192.0.2.100
    root Access Allowed Hosts: 192.0.2.100

    In the above configuration, the access from the host with IP address 192.0.2.100 is not allowed with root privileges. The reason of being inaccessible is that the IP address 192.0.2.100 falls under 192.0.2.0/255.255.255.0 specified to the left of the allowed host and 192.0.2.0/255.255.255.0 is not specified for root Access Allowed Hosts.

    In this case, considering the priority order, specify the IP address first as follows.

    Allowed hosts: 192.0.2.100, 192.0.2.0/255.255.255.0
    root Access Allowed Hosts: 192.0.2.100
  • Accessible example with root privileges

    Specified FQDN and IP network are mixed.

    Allowed hosts: 192.0.2.0/255.255.255.0, fqdn.example.com
    root Access Allowed Hosts: fqdn.example.com

    When "fqdn.example.com" specified in FQDN is defined as IP address 192.0.2.100, set as listed above, and when accessing from the host of 192.0.2.100, access is allowed with root privileges. The reason of being accessible is that "fqdn.example.com" specified in FQDN is applicable to high priority of allowed hosts.

Configurations of CIFS Access Permission to Shared Folder

Configure access permission to the shared folder with CIFS protocol on a per user/group basis.

Note

When CIFS access permission has been configured, the users/groups that are not permitted to access cannot access the shared folder with CIFS protocol.

Quota Settings

Quota Configurations of Shared Folder

Sets limits on the quantity consumed of disk/number of files for shared folders.

The following items are set:

  • Disk Space (Warning, Limit)

  • File Count (Warning, Limit)


In addition, the following are automatically configured when creating the shared folder:

Writing Authority of Shared Folder

The state of whether writing to the shared folder is enabled or disabled is displayed. The client can only write into a shared folder for which writing authority is enabled, or folders and files subordinate to such a shared folder.

When the shared folder is created, writing is enabled by default.

Refer to "6.6.4.2 Changing Basic Setting for Shared Folder" for information on how to change write authority.

Shared Status of Shared Folder

The state of whether the sharing of the shared folder is active (Online) or inactive (Offline) is displayed. For a folder where sharing has been made active, a client is able to access files via the NAS interface.

When the shared folder is created, sharing is in an active state by default.

Refer to "6.6.4.8 Activating Sharing" or "6.6.4.9 Stopping Sharing" for information on how to change the shared status.


Shared folders can be created up to 256 folders per device.

See

Refer to "Create Shared Folder" in the Web Console Guide for information on how to create using Web Console.

6.6.3.2 Creating NAS Interface

Create a NAS Interface in order to configure a public IP address and a port to access the shared folder.

The following can be configured with this function:

Subject of Configuration

Configuration Details

NAS Interface (Port)

NAS Interface (network)

NAS Interface (Port)

RIP Setting Enable/Disable

Configure whether to enable/disable RIP configuration.

When the RIP setting is enabled, its own routing table is automatically generated based on the routing table broadcast from the router connected to the port, and the access route set in the NAS interface can be automatically selected.

When the RIP setting is disabled, there is dynamic generation of the routing table.

Point

  • When the RIP configuration is enabled, in order to dynamically create the routing table of the NAS interface, enable the RIP configuration of the router that is connected.

  • When the RIP setting is disabled, the NAS interface cannot select its own access route. Set the routing table manually using the ETERNUS Disk storage system command.

Port for Access

Configure the Allocation port and the Redundant port of the NAS interface. The shared folder is accessed via the port configured as the Allocation port.
When the Allocation port is down, the shared folder can be accessed via the port configured as the Redundant port. It is also possible to use a single port operation format where a Redundant port is not configured.

Point

  • By setting the VLAN ID, 1 port can be allocated to multiple NAS interfaces.

  • The following ports cannot be selected for the Allocation port:

    • Member ports of bonding port

  • The following port cannot be selected for Redundant port:

    • Port of same CM as assignment Allocation port

    • Redundant port of other port

    • Member port of bonding port

  • When a Redundant port is not configured, it is not possible to access the shared folder when the Allocation port goes down. For this reason, it is recommended that a Redundant port be configured.

Connection Access Method

Configure the Allocation port and Redundant port for the shared folder access connection method.

The method for configuration of the connection type is as follows:

Connection Settings

Configuration Method

Single connection

Specify only an Allocation port, and create a NAS interface.

Active-Standby connection

Specify an Allocation port and a Redundant port, and create a NAS interface.

Active-Active connection

There are the two following configuration methods.

  • Method 1

    1. Create a NAS interface of an Active-Standby connection.

    2. Again, create a NAS interface. During this, specify the "Redundant port of the NAS interface" created in step 1 as the port.

  • Method 2

    1. Create a NAS interface of a Single connection.

    2. Again, create a NAS interface. During this, specify the "port of the NAS interface" created in step 1 as the Redundant port.

Port Bonding

The Allocation ports and the Redundant ports for the NAS interface can be set as operating mode of member port and bonding port.

Point

  • The following ports cannot be selected for bonding ports.

    • Port of CM different from the master port

    • Port to which a NAS interface has already been assigned

    • Duplicated port

The operating mode that is the method of determining the communication ports from the bonding ports can be selected from the following.

Mode

Name

Explanation

0

Load distribution
(round robin)

Performs load distribution using round robin.

1

Active backup

Communicates on one port, and when communication is not possible, switches over to other ports. This does not perform load distribution.

2

Load distribution
(EXCLUSIVE OR)

Performs load distribution based on EXCLUSIVE OR of recipient/sender

4

IEEE802.3ad

Performs load distribution following the IEEE802.3ad standard.
As it communicates with the switch using Link Aggregation Control Protocol, an 802.3ad-compatible switch is required.

5

Load distribution
(link speed[only transmit])

Transmit performs load distribution in line with Link speed. Receive is only performed on one port.

6

Load distribution
(link speed[transmit and receive])

Transmit performs load distribution in line with Link speed. Receive allocates a communication ports as necessary for each communication partner. With IPv6, there is the same operation as mode 5.

Further, when the operating mode is "load distribution (EXCLUSIVE OR)" or "IEEE802.3ad", has policy is set as the method of determining the port.

Name

Explanation

MAC Address

This is determined using an EXCLUSIVE OR of the sender and recipient MAC addresses.

MAC Address and IP Address

This is determined using an EXCLUSIVE OR of the sender and recipient MAC addresses and IP addresses.

IP Address and Port Number

This is determined using an EXCLUSIVE OR of the sender and recipient IP addresses and port numbers.

Point

  • Specify "1" for Restriction on the number of detached ports of the switch. The number "1" is set by default.
    The Restriction on the number of detached ports indicates the allowable number of ports disconnected from members making up a bonding port. When the number of detached ports is less than the restriction number, the bonding port is disabled. For example, if number "1" is specified for the Restriction on the number of detached ports and 4 ports make up a bonding port, when all the 4 ports become unavailable, the bonding port is disabled. When all the ports are recovered, the bonding port gets enabled.

  • The function required for LAN switch varies depending on the operating mode of bonding port.
    Refer to the ETERNUS Disk storage system manuals for the function required for switch by operating mode.

NAS Interface (network)

IP Address for Access

Sets the IP address used for the NAS interface. Either an IPv4 address, IPv6 address or both can be configured.

VLAN ID

Sets the tag VLAN ID configured for the NAS interface.

By setting the VLAN ID for the NAS interface, the NAS interface can be additionally allocated for ports that other NAS interfaces have allocated.

Note

  • When multiple NAS interface are assigned to the same port using the VLAN ID, the NAS interface must all be in different subnets.

  • Port VLAN is not supported for connection between ETERNUS Disk storage system and switch.

See

Refer to "Create NAS Interface" in the Web Console Guide for information on settings using Web Console.

Note

  • When the same subnet is assigned to the same CM, the behavior is to communicate using only a specific port.

  • Where the network is allocated in an Active-Active connection form, it is necessary to set the same network address between CM.

  • To create a NAS interface, allocate a new NAS interface to NAS ports and then restart the service to access the shared folder by the CIFS protocol. Before the restart process is completed, the shared folder is not accessible from the existing NAS interface by the CIFS protocol. Wait a few moments to access it again.

  • If Spanning Tree Protocol (STP) is implemented into the LAN switch for connecting to NAS ports, when the STP function is enabled, access to the shared folders may fail.
    Take the following steps to disable the STP function:

    • When the STP function is not required for network configuration:
      Disable the STP function of the LAN switch.

    • When the STP function is required for network configuration:
      At only the NAS port connected part of the connection ports of the LAN switch, disable the STP function or configure Port-Fast.

6.6.3.3 NAS File System Environment Settings

Configures the NAS file system environment settings

DNS Server

The ETERNUS Disk storage system NAS file system sets the DNS Server for performing name resolution.

The DNS Server is in both IPv4 and IPv6 formats. A primary DNS Server and secondary DNS Server can be registered for each.

Information

When Active Directory authentication Servers on which the DNS feature is enabled are registered in the ETERNUS Disk storage system, name resolution is performed using the DNS feature on the Active Directory authentication server. In this case, the DNS Server information can be displayed on Web Console.

Authentication Server

Perform configuration of the authentication server to perform client access control to the NAS file system.

Depending on the type of protocol for access, specify the following for the authentication method:

Active Directory

Specify this when accessing the NAS file system using the CIFS protocol.

LDAP

Specify this when accessing the NAS file system using the NFS protocol.

Note

  • The authentication methods that can be operated differ with each protocol. For this reason, when the shared folder is accessed with an authentication method that is not supported, the authentication system does not operate.

  • In the operation using Active Directory, it is required to synchronize the time between the ETERNUS Disk storage system and the Active Directory installed authentication server. It is recommended to automatically correct the time by Network Time Protocol (NTP).

  • When a local user/local group for connecting to NAS is created on the ETERNUS Disk storage system, you cannot set up an authentication server.

It is possible to register a maximum of 3 authentication servers for each authentication method.

See

Refer to "Configure Authentication Server" in the Web Console Guide for information on settings using Web Console.

Set the access authority to the owner and the group if necessary for the shared folder made by "6.6.3.1 Creating Shared Folder" after setting the authentication server.