W E K A
4.3
4.3
  • WEKA v4.3 documentation
    • Documentation revision history
  • WEKA System Overview
    • WEKA Data Platform introduction
      • WEKA system functionality features
      • Converged WEKA system deployment
      • Optimize redundancy in WEKA deployments
    • SSD capacity management
    • Filesystems, object stores, and filesystem groups
    • WEKA networking
    • Data lifecycle management
    • WEKA client and mount modes
    • WEKA containers architecture overview
    • Glossary
  • Planning and Installation
    • Prerequisites and compatibility
    • WEKA cluster installation on bare metal servers
      • Plan the WEKA system hardware requirements
      • Obtain the WEKA installation packages
      • Install the WEKA cluster using the WMS with WSA
      • Install the WEKA cluster using the WSA
      • Manually install OS and WEKA on servers
      • Manually prepare the system for WEKA configuration
        • Broadcom adapter setup for WEKA system
        • Enable the SR-IOV
      • Configure the WEKA cluster using the WEKA Configurator
      • Manually configure the WEKA cluster using the resource generator
      • Perform post-configuration procedures
      • Add clients to an on-premises WEKA cluster
    • WEKA Cloud Deployment Manager Web (CDM Web) User Guide
    • WEKA Cloud Deployment Manager Local (CDM Local) User Guide
    • WEKA installation on AWS
      • WEKA installation on AWS using Terraform
        • Terraform-AWS-WEKA module description
        • Deployment on AWS using Terraform
        • Required services and supported regions
        • Supported EC2 instance types using Terraform
        • WEKA cluster auto-scaling in AWS
        • Detailed deployment tutorial: WEKA on AWS using Terraform
      • WEKA installation on AWS using the Cloud Formation
        • Self-service portal
        • CloudFormation template generator
        • Deployment types
        • AWS Outposts deployment
        • Supported EC2 instance types using Cloud Formation
        • Add clients to a WEKA cluster on AWS
        • Auto scaling group
        • Troubleshooting
      • Install SMB on AWS
    • WEKA installation on Azure
    • WEKA installation on GCP
      • WEKA project description
      • GCP-WEKA deployment Terraform package description
      • Deployment on GCP using Terraform
      • Required services and supported regions
      • Supported machine types and storage
      • Auto-scale instances in GCP
      • Add clients to a WEKA cluster on GCP
      • Troubleshooting
      • Detailed deployment tutorial: WEKA on GCP using Terraform
      • Google Kubernetes Engine and WEKA over POSIX deployment
  • Getting Started with WEKA
    • Manage the system using the WEKA GUI
    • Manage the system using the WEKA CLI
      • WEKA CLI hierarchy
      • CLI reference guide
    • Run first IOs with WEKA filesystem
    • Getting started with WEKA REST API
    • WEKA REST API and equivalent CLI commands
  • Performance
    • WEKA performance tests
      • Test environment details
  • WEKA Filesystems & Object Stores
    • Manage object stores
      • Manage object stores using the GUI
      • Manage object stores using the CLI
    • Manage filesystem groups
      • Manage filesystem groups using the GUI
      • Manage filesystem groups using the CLI
    • Manage filesystems
      • Manage filesystems using the GUI
      • Manage filesystems using the CLI
    • Attach or detach object store buckets
      • Attach or detach object store bucket using the GUI
      • Attach or detach object store buckets using the CLI
    • Advanced data lifecycle management
      • Advanced time-based policies for data storage location
      • Data management in tiered filesystems
      • Transition between tiered and SSD-only filesystems
      • Manual fetch and release of data
    • Mount filesystems
      • Mount filesystems from Single Client to Multiple Clusters (SCMC)
    • Snapshots
      • Manage snapshots using the GUI
      • Manage snapshots using the CLI
    • Snap-To-Object
      • Manage Snap-To-Object using the GUI
      • Manage Snap-To-Object using the CLI
    • Quota management
      • Manage quotas using the GUI
      • Manage quotas using the CLI
  • Additional Protocols
    • Additional protocol containers
    • Manage the NFS protocol
      • Supported NFS client mount parameters
      • Manage NFS networking using the GUI
      • Manage NFS networking using the CLI
    • Manage the S3 protocol
      • S3 cluster management
        • Manage the S3 service using the GUI
        • Manage the S3 service using the CLI
      • S3 buckets management
        • Manage S3 buckets using the GUI
        • Manage S3 buckets using the CLI
      • S3 users and authentication
        • Manage S3 users and authentication using the CLI
        • Manage S3 service accounts using the CLI
      • S3 rules information lifecycle management (ILM)
        • Manage S3 lifecycle rules using the GUI
        • Manage S3 lifecycle rules using the CLI
      • Audit S3 APIs
        • Configure audit webhook using the GUI
        • Configure audit webhook using the CLI
        • Example: How to use Splunk to audit S3
      • S3 supported APIs and limitations
      • S3 examples using boto3
      • Access S3 using AWS CLI
    • Manage the SMB protocol
      • Manage SMB using the GUI
      • Manage SMB using the CLI
  • Operation Guide
    • Alerts
      • Manage alerts using the GUI
      • Manage alerts using the CLI
      • List of alerts and corrective actions
    • Events
      • Manage events using the GUI
      • Manage events using the CLI
      • List of events
    • Statistics
      • Manage statistics using the GUI
      • Manage statistics using the CLI
      • List of statistics
    • Insights
    • System congestion
    • Security management
      • Obtain authentication tokens
      • KMS management
        • Manage KMS using the GUI
        • Manage KMS using the CLI
      • TLS certificate management
        • Manage the TLS certificate using the GUI
        • Manage the TLS certificate using the CLI
      • CA certificate management
        • Manage the CA certificate using the GUI
        • Manage the CA certificate using the CLI
      • Account lockout threshold policy management
        • Manage the account lockout threshold policy using GUI
        • Manage the account lockout threshold policy using CLI
      • Manage the login banner
        • Manage the login banner using the GUI
        • Manage the login banner using the CLI
      • Manage Cross-Origin Resource Sharing
    • User management
      • Manage users using the GUI
      • Manage users using the CLI
    • Organizations management
      • Manage organizations using the GUI
      • Manage organizations using the CLI
      • Mount authentication for organization filesystems
    • Expand and shrink cluster resources
      • Add a backend server
      • Expand specific resources of a container
      • Shrink a cluster
    • Background tasks
      • Set up a Data Services container for background tasks
      • Manage background tasks using the GUI
      • Manage background tasks using the CLI
    • Upgrade WEKA versions
  • Licensing
    • License overview
    • Classic license
  • Monitor the WEKA Cluster
    • Deploy monitoring tools using the WEKA Management Station (WMS)
    • WEKA Home - The WEKA support cloud
      • Local WEKA Home overview
      • Deploy Local WEKA Home v3.0 or higher
      • Deploy Local WEKA Home v2.x
      • Explore cluster insights and statistics
      • Manage alerts and integrations
      • Enforce security and compliance
      • Optimize support and data management
    • Set up the WEKAmon external monitoring
    • Set up the SnapTool external snapshots manager
  • Support
    • Get support for your WEKA system
    • Diagnostics management
      • Traces management
        • Manage traces using the GUI
        • Manage traces using the CLI
      • Protocols debug level management
        • Manage protocols debug level using the GUI
        • Manage protocols debug level using the CLI
      • Diagnostics data management
  • Best Practice Guides
    • WEKA and Slurm integration
      • Avoid conflicting CPU allocations
    • Storage expansion best practice
  • WEKApod
    • WEKApod Data Platform Appliance overview
    • WEKApod servers overview
    • Rack installation
    • WEKApod initial system setup and configuration
    • WEKApod support process
  • Appendices
    • WEKA CSI Plugin
      • Deployment
      • Storage class configurations
      • Tailor your storage class configuration with mount options
      • Dynamic and static provisioning
      • Launch an application using WEKA as the POD's storage
      • Add SELinux support
      • NFS transport failback
      • Upgrade legacy persistent volumes for capacity enforcement
      • Troubleshooting
    • Convert cluster to multi-container backend
    • Create a client image
    • Update WMS and WSA
    • BIOS tool
Powered by GitBook
On this page
  • Key features of SMB implementation in WEKA
  • Additional features of SMB-W
  • SMB usage considerations
  • SMB user mapping in the WEKA system
  • ID mapping from Active Directory
  • Active Directory attributes
  • ID range configuration
  • Workflow overview: configure SMB support
  • Round-robin DNS server configuration for SMB load balancing
  • SMB share creation
  • Filesystem permissions and access rights configuration
  • WEKA filesystem snapshots integration with Windows' previous versions
  1. Additional Protocols

Manage the SMB protocol

The WEKA configuration of the SMB protocol for shared Windows clients.

SMB (Server Message Block) is a network file-sharing protocol facilitating connections to shared file and print services from remote systems. WEKA's implementation features a modern SMB stack (SMB-W), with the option to use the legacy open-source Samba stack if required. Both SMB implementations in WEKA fully support SMB versions 2 and 3.

WEKA's SMB implementation enables seamless access to storage services for both Windows and macOS clients. It facilitates shared access from multiple clients, supporting a multi-protocol approach that allows files to be accessed simultaneously through SMB, NFS, and WEKA native filesystem drivers.

Key features of SMB implementation in WEKA

The implementation of SMB in the WEKA system is characterized by scalability, resilience, and distribution.

  • Scalability: WEKA supports an SMB cluster ranging from 3 to 8 servers, with the SMB gateway service running on these servers. The backend filesystem can be any WEKA filesystem, making it virtually unlimited in size and performance.

  • Resilience: WEKA's SMB implementation provides clustered access to files in a WEKA filesystem, allowing multiple servers to collaborate. In a server failure, another can seamlessly take over operations, ensuring failover support and high availability. The standard resiliency of WEKA against failures also extends to SMB filesystems, with SMB-W supporting transparent failover for enhanced resilience compared to legacy SMB.

  • Distribution: A WEKA implementation is distributed over a cluster, where all servers manage all SMB filesystems concurrently. This design allows the performance supported by SMB to scale with additional hardware resources, ensuring high availability. SMB-W introduces support for SMB Multichannel and SMB Direct, providing advanced capabilities compared to the legacy SMB.

Additional features of SMB-W

In addition to legacy SMB features, SMB-W introduces the following capabilities:

  • SMB Multichannel: WEKA supports SMB clients configured with multichannel, enhancing performance in such configurations.

  • SMB Transparent Failover: This feature ensures continuous IO availability during failover scenarios.

  • SMB Direct: SMB over Remote Direct Memory Access (RDMA). To enable SMB Direct, ensure the following prerequisites are met:

    • SMB-W servers are RDMA-enabled in both hardware and OS.

    • For Windows clients, configure the SMB client as multichannel.

    • When configuring a CIFS client to work with RDMA, perform the mounting on the host IP (not the floating IP).

SMB usage considerations

When working with SMB clusters, it's important to understand the following points to ensure smooth management and configuration:

  • The default SMB cluster configuration is SMB-W. Contact the Customer Success Team if you need to create a legacy SMB cluster.

  • When managing an SMB-W cluster through the GUI, any limitations in the CLI for SMB-W also apply.

  • You can manage, but not configure or delete, legacy SMB clusters through the GUI. For configuration and deletion, refer to Manage SMB using the CLI.

  • Use ASCII format when configuring name fields, such as domain and shares.

SMB user mapping in the WEKA system

Authentication in the WEKA SMB system is supported by a single Active Directory with multiple trusted domains. To enable SMB access, the Active Directory must resolve POSIX users (uid) and groups (gid) mapping.

ID mapping from Active Directory

The WEKA system automatically pulls user and group information from the Active Directory, supporting two types of id-mapping:

  • RFC2307: Requires uidNumber and gidNumber to be defined in the AD user attributes.

  • rid: Creates a local mapping with AD users and groups. Using rid mapping simplifies configuration as user IDs are automatically tracked. All domain user accounts and groups become available on the domain member without additional attribute settings. However, changes to the rid AD range configuration may result in altered user mapping and incorrect uid/gid resolution.

Active Directory attributes

For RFC2307, the following Active Directory attributes are relevant for users:

AD Attribute
Values

uidNumber

0-4290000000

gidNumber

0-4290000000; must correlate with a real group

For groups of users according to RFC2307:

AD Attribute
Values

gidNumber

0-4290000000

ID range configuration

The default configuration for the WEKA system's AD server IDs can be changed and serves as the primary AD range (if additional trusted domains are defined).

To avoid ID overlapping and collisions, set the range or ranges for multiple domains.

When joining multiple domains, the ID range must be set for each, ensuring they do not overlap. A configurable default mapping range exists for users not part of any domain.

For more details about Active Directory properties, refer to the Microsoft site.

Workflow overview: configure SMB support

Before you begin

Workflow

  1. Configure SMB cluster: Set the WEKA system servers participating in the SMB cluster and the domain name.

    • In on-premises deployments, it is possible to configure a list of public IP addresses distributed across the SMB cluster. If a server fails, the IP addresses from that server are reassigned to another server.

  2. Join the SMB cluster to the Active Directory (AD) domain: Connect and define the WEKA system in the AD domain. This process includes pre-configuration in the and post-configuration in the DNS Manager and Active Directory.

  3. Create shares and folders and set permissions: By default, the filesystem permissions are root/root/755 and can initially only be set by a WekaFS/NFS mount.

Once these steps are completed, you can connect as an administrator and define permissions through the Windows operating system.

Round-robin DNS server configuration for SMB load balancing

For effective load balancing across multiple WEKA servers serving SMB, it is recommended to configure a round-robin DNS entry that resolves to the list of floating IPs.

Follow these steps to optimize the DNS configuration:

  1. Configure round-robin DNS entry: Set the round-robin entry to distribute the load evenly among the WEKA servers. This entry must resolve to the list of floating IPs associated with the SMB servers. Ensure the cluster name matches the DNS name, with a maximum length of 15 characters.

  2. Adjust TTL (Time to Live): To prevent caching of IP addresses by clients or DNS servers, set the TTL for all records assigned to the SMB servers to 0 (Zero). This ensures dynamic and real-time resolution of IPs for efficient load balancing.

Related information

For more details on round-robin DNS configurations, refer to the relevant documentation or resources related to round-robin DNS.

SMB share creation

After setting up the SMB cluster, you can create SMB shares. Each share must be assigned a name and a shared path to the filesystem, which can be the filesystem's root or a sub-directory.

  • If the share is declared without specifying a sub-directory, the WekaFS root is automatically used. In this case, creating a root folder is unnecessary, as it already exists.

  • To create sub-directories, use either a WekaFS mount or an NFS mount in the shell. Adjust the permissions of the sub-directory accordingly.

This approach ensures flexibility and ease of use when defining SMB shares within the WEKA environment.

Filesystem permissions and access rights configuration

When integrating the SMB cluster with Active Directory, administrators can assign permissions and access rights for SMB cluster filesystems to specific users or user groups. These assignments adhere to POSIX permissions guidelines, as Windows permissions are stored within the POSIX permissions system. Any changes to Windows permissions are automatically reflected in the POSIX permissions.

To manage these permissions effectively, follow these guidelines:

  • Initial POSIX permissions setup: Configure initial POSIX permissions through the driver/NFS.

  • Root access to SMB shares: Grant root access to SMB shares by assigning an Active Directory user with a uidNumber and gidNumber set to 0.

  • Windows permissions configuration: Specify Windows permissions for shares, folders, and files by turning Full Control on or off, Modify, and Write collectively. This ensures a seamless translation into POSIX permissions.

WEKA filesystem snapshots integration with Windows' previous versions

Generating WEKA filesystem snapshots and labeling the access point in the @GMT_%Y.%m.%d-%H.%M.%S format makes them accessible through the Windows previous versions mechanism.

To access a list of previous versions associated with the filesystem snapshots, right-click on a file or folder within the WEKA SMB share on the Windows client and navigate to Properties -> Previous Versions.

Example: Create snapshots using CLI with the required access point syntax.

$ weka fs snapshot create fs_name snapshot_name --access-point `TZ=GMT date +@GMT-%Y.%m.%d-%H.%M.%S` 

Related topics

Snapshots

PreviousAccess S3 using AWS CLINextManage SMB using the GUI

Last updated 2 months ago

Public Cloud requirements: Ensure Active Directory and DNS services are already configured before installing WEKA SMB protocol. For example, WEKA in AWS has been tested to work with AWS Managed Microsoft AD and Amazon Route 53 Resolver. If there services are not configured already. Follow the AWS guidelines to configure and .

This workflow concisely overviews the essential steps to configure SMB support in the WEKA system. Detailed procedures for both and implementations can be found in the following "How-To" sections.

Verify that the dedicated filesystem for persistent protocol configurations is created. If not, create it. For details, see .

AWS Managed Microsoft AD
Amazon Route 53 Resolver
GUI
CLI
#dedicated-filesystem-requirement-for-persistent-protocol-configurations