File and Object Storage

 View Only

IBM Spectrum Scale™ Authentication – Planning for NFS Access

By Archive User posted Mon July 24, 2017 06:55 AM


Planning NFS Access

This article discusses how to prepare your cluster for NFS Access.

Following figure explains the NFS Architecture for IBM Spectrum Scale™.

NFS Clients make requests to access data stored on IBM Spectrum Scale™ via NFS Mounts. Through a Load Balancer or by using DNS round robin, the requests are routed to the Protocol Nodes each having NFS enabled and NFS Service running. The protocol nodes can have SMB services or Object services running additionally.

The NFS Client typically makes a READ or WRITE request. The NFS server on each of the protocol nodes then implements the request against the Storage File System and data access for READ or WRITE is provided to the NFS Client.

Important Considerations for NFS Access

  • Ensure that all IBM Spectrum Scale™ file systems used to export data using NFS are mounted with the "syncnfs" option to prevent clients from running into data integrity issues during a failover. It is recommended to use the "mmchfs" command to set the syncnfs option as default when mounting the IBM Spectrum Scale™ file system.

  • If you mount the same NFS export on one client from two different IBM Spectrum Scale NFS protocol nodes, data corruption might occur.

  • Cross-protocol notifications are not supported by clustered NFS. For example, files that are created with NFS are not automatically visible on SMB clients and SMB clients need to refresh the directory listing by performing a manual refresh in Microsoft Windows Explorer. Similarly, files that are created from other methods such as files that are created with FTP or files that are restored from a backup are not automatically visible.

  • The NFS protocol version that is used as the default on a client operating system might differ from what you expect. If you are using a client that mounts NFSv3 by default, and you want to mount NFSv4, then you must explicitly specify NFSv4 in the mount command.

  • It is recommended to use the CES IP address of the IBM Spectrum Scale™ system to mount the NFS export on an NFS client.

  • Authentication Consideration for NFS Access

    If you have ONLY NFS clients in your environment, you can consider configuring NIS based Authentication.

    For CIFS and NFS access where there could be both Windows and UNIX clients in the environment you can consider going with AD + RFC2307, AD + LDAP Idmapping or LDAP authentication.
    We will discuss each method in articles to come.