W E K A
4.4
4.4
  • WEKA v4.4 documentation
    • Documentation revision history
  • WEKA System Overview
    • Introduction
      • WEKA system functionality features
      • Converged WEKA system deployment
      • Optimize redundancy in WEKA deployments
    • SSD capacity management
    • Filesystems, object stores, and filesystem groups
    • WEKA networking
    • Data lifecycle management
    • WEKA client and mount modes
    • WEKA containers architecture overview
    • Glossary
  • Planning and Installation
    • Prerequisites and compatibility
    • WEKA cluster installation on bare metal servers
      • Plan the WEKA system hardware requirements
      • Obtain the WEKA installation packages
      • Install the WEKA cluster using the WMS with WSA
      • Install the WEKA cluster using the WSA
      • Manually install OS and WEKA on servers
      • Manually prepare the system for WEKA configuration
        • Broadcom adapter setup for WEKA system
        • Enable the SR-IOV
      • Configure the WEKA cluster using the WEKA Configurator
      • Manually configure the WEKA cluster using the resources generator
        • VLAN tagging in the WEKA system
      • Perform post-configuration procedures
      • Add clients to an on-premises WEKA cluster
    • WEKA Cloud Deployment Manager Web (CDM Web) User Guide
    • WEKA Cloud Deployment Manager Local (CDM Local) User Guide
    • WEKA installation on AWS
      • WEKA installation on AWS using Terraform
        • Terraform-AWS-WEKA module description
        • Deployment on AWS using Terraform
        • Required services and supported regions
        • Supported EC2 instance types using Terraform
        • WEKA cluster auto-scaling in AWS
        • Detailed deployment tutorial: WEKA on AWS using Terraform
      • WEKA installation on AWS using the Cloud Formation
        • Self-service portal
        • CloudFormation template generator
        • Deployment types
        • AWS Outposts deployment
        • Supported EC2 instance types using Cloud Formation
        • Add clients to a WEKA cluster on AWS
        • Auto scaling group
        • Troubleshooting
    • WEKA installation on Azure
      • Azure-WEKA deployment Terraform package description
      • Deployment on Azure using Terraform
      • Required services and supported regions
      • Supported virtual machine types
      • Auto-scale virtual machines in Azure
      • Add clients to a WEKA cluster on Azure
      • Troubleshooting
      • Detailed deployment tutorial: WEKA on Azure using Terraform
    • WEKA installation on GCP
      • WEKA project description
      • GCP-WEKA deployment Terraform package description
      • Deployment on GCP using Terraform
      • Required services and supported regions
      • Supported machine types and storage
      • Auto-scale instances in GCP
      • Add clients to a WEKA cluster on GCP
      • Troubleshooting
      • Detailed deployment tutorial: WEKA on GCP using Terraform
      • Google Kubernetes Engine and WEKA over POSIX deployment
    • WEKA installation on OCI
  • Getting Started with WEKA
    • Manage the system using the WEKA GUI
    • Manage the system using the WEKA CLI
      • WEKA CLI hierarchy
      • CLI reference guide
    • Run first IOs with WEKA filesystem
    • Getting started with WEKA REST API
    • WEKA REST API and equivalent CLI commands
  • Performance
    • WEKA performance tests
      • Test environment details
  • WEKA Filesystems & Object Stores
    • Manage object stores
      • Manage object stores using the GUI
      • Manage object stores using the CLI
    • Manage filesystem groups
      • Manage filesystem groups using the GUI
      • Manage filesystem groups using the CLI
    • Manage filesystems
      • Manage filesystems using the GUI
      • Manage filesystems using the CLI
    • Attach or detach object store buckets
      • Attach or detach object store bucket using the GUI
      • Attach or detach object store buckets using the CLI
    • Advanced data lifecycle management
      • Advanced time-based policies for data storage location
      • Data management in tiered filesystems
      • Transition between tiered and SSD-only filesystems
      • Manual fetch and release of data
    • Mount filesystems
      • Mount filesystems from Single Client to Multiple Clusters (SCMC)
      • Manage authentication across multiple clusters with connection profiles
    • Snapshots
      • Manage snapshots using the GUI
      • Manage snapshots using the CLI
    • Snap-To-Object
      • Manage Snap-To-Object using the GUI
      • Manage Snap-To-Object using the CLI
    • Snapshot policies
      • Manage snapshot policies using the GUI
      • Manage snapshot policies using the CLI
    • Quota management
      • Manage quotas using the GUI
      • Manage quotas using the CLI
  • Additional Protocols
    • Additional protocol containers
    • Manage the NFS protocol
      • Supported NFS client mount parameters
      • Manage NFS networking using the GUI
      • Manage NFS networking using the CLI
    • Manage the S3 protocol
      • S3 cluster management
        • Manage the S3 service using the GUI
        • Manage the S3 service using the CLI
      • S3 buckets management
        • Manage S3 buckets using the GUI
        • Manage S3 buckets using the CLI
      • S3 users and authentication
        • Manage S3 users and authentication using the CLI
        • Manage S3 service accounts using the CLI
      • S3 lifecycle rules management
        • Manage S3 lifecycle rules using the GUI
        • Manage S3 lifecycle rules using the CLI
      • Audit S3 APIs
        • Configure audit webhook using the GUI
        • Configure audit webhook using the CLI
        • Example: How to use Splunk to audit S3
        • Example: How to use S3 audit events for tracking and security
      • S3 supported APIs and limitations
      • S3 examples using boto3
      • Configure and use AWS CLI with WEKA S3 storage
    • Manage the SMB protocol
      • Manage SMB using the GUI
      • Manage SMB using the CLI
  • Security
    • WEKA security overview
    • Obtain authentication tokens
    • Manage token expiration
    • Manage account lockout threshold policy
    • Manage KMS
      • Manage KMS using GUI
      • Manage KMS using CLI
    • Manage TLS certificates
      • Manage TLS certificates using GUI
      • Manage TLS certificates using CLI
    • Manage Cross-Origin Resource Sharing
    • Manage CIDR-based security policies
    • Manage login banner
  • Secure cluster membership with join secret authentication
  • Licensing
    • License overview
    • Classic license
  • Operation Guide
    • Alerts
      • Manage alerts using the GUI
      • Manage alerts using the CLI
      • List of alerts and corrective actions
    • Events
      • Manage events using the GUI
      • Manage events using the CLI
      • List of events
    • Statistics
      • Manage statistics using the GUI
      • Manage statistics using the CLI
      • List of statistics
    • Insights
    • System congestion
    • User management
      • Manage users using the GUI
      • Manage users using the CLI
    • Organizations management
      • Manage organizations using the GUI
      • Manage organizations using the CLI
      • Mount authentication for organization filesystems
    • Expand and shrink cluster resources
      • Add a backend server
      • Expand specific resources of a container
      • Shrink a cluster
    • Background tasks
      • Set up a Data Services container for background tasks
      • Manage background tasks using the GUI
      • Manage background tasks using the CLI
    • Upgrade WEKA versions
    • Manage WEKA drivers
  • Monitor the WEKA Cluster
    • Deploy monitoring tools using the WEKA Management Station (WMS)
    • WEKA Home - The WEKA support cloud
      • Local WEKA Home overview
      • Deploy Local WEKA Home v3.0 or higher
      • Deploy Local WEKA Home v2.x
      • Explore cluster insights
      • Explore performance statistics in Grafana
      • Manage alerts and integrations
      • Enforce security and compliance
      • Optimize support and data management
    • Set up the WEKAmon external monitoring
    • Set up the SnapTool external snapshots manager
  • Kubernetes
    • Composable clusters for multi-tenancy in Kubernetes
    • WEKA Operator deployment
    • WEKA Operator day-2 operations
  • WEKApod
    • WEKApod Data Platform Appliance overview
    • WEKApod servers overview
    • Rack installation
    • WEKApod initial system setup and configuration
    • WEKApod support process
  • AWS Solutions
    • Amazon SageMaker HyperPod and WEKA Integrations
      • Deploy a new Amazon SageMaker HyperPod cluster with WEKA
      • Add WEKA to an existing Amazon SageMaker HyperPod cluster
    • AWS ParallelCluster and WEKA Integration
  • Azure Solutions
    • Azure CycleCloud for SLURM and WEKA Integration
  • Best Practice Guides
    • WEKA and Slurm integration
      • Avoid conflicting CPU allocations
    • Storage expansion best practice
  • Support
    • Get support for your WEKA system
    • Diagnostics management
      • Traces management
        • Manage traces using the GUI
        • Manage traces using the CLI
      • Protocols debug level management
        • Manage protocols debug level using the GUI
        • Manage protocols debug level using the CLI
      • Diagnostics data management
  • Appendices
    • WEKA CSI Plugin
      • Deployment
      • Storage class configurations
      • Tailor your storage class configuration with mount options
      • Dynamic and static provisioning
      • Launch an application using WEKA as the POD's storage
      • Add SELinux support
      • NFS transport failback
      • Upgrade legacy persistent volumes for capacity enforcement
      • Troubleshooting
    • Convert cluster to multi-container backend
    • Create a client image
    • Update WMS and WSA
    • BIOS tool
Powered by GitBook
On this page
  • Configure the SMB cluster
  • Edit the SMB cluster
  • Join the SMB cluster to Active Directory
  • Post-configuration in the DNS Manager and Active Directory
  • Add servers to the SMB cluster
  • Remove servers from the SMB cluster
  • Delete the SMB cluster
  • Display the SMB shares list
  • Add an SMB share
  • Edit an SMB share
  • Remove an SMB share
  1. Additional Protocols
  2. Manage the SMB protocol

Manage SMB using the GUI

This page provides procedures for setting up an SMB cluster over WEKA filesystems and managing the cluster itself, using the GUI.

PreviousManage the SMB protocolNextManage SMB using the CLI

Last updated 2 months ago

Using the GUI, you can:

  • (not applicable for legacy SMB)

Configure the SMB cluster

An SMB cluster comprises at least three WEKA servers running the SMB-W stack.

Before you begin

Verify that the dedicated filesystem for persistent protocol configurations is created. If not, create it. For details, see

Procedure

  1. From the menu, select Manage > Protocols.

  2. From the Protocols pane, select SMB.

  3. On the Configuration tab, select Configure.

  4. In the SMB Cluster Configuration dialog, set the following properties:

    • Name: NetBIOS name for the SMB cluster must be 1-15 characters long, using only alphanumeric characters (A-Z, 0-9) and hyphens (-). Names are case-insensitive, cannot start with a hyphen, and must be unique within the network. Spaces and special characters are not allowed. This will be the name of the Active Directory computer object and the hostname part of the FQDN.

    • Domain: The Active Directory domain to join the SMB cluster.

    • Domain NetBIOS Name: (Optional) The domain NetBIOS name.

    • Encryption: Select the in-transit encryption mode to use in the SMB cluster:

      • enabled: Enables encryption negotiation but doesn't turn it on automatically for supported sessions and shared connections.

      • desired: Enables encryption negotiation and turns on data encryption for supported sessions and shared connections.

      • required: Enforces data encryption on sessions and shared connections. Clients that do not support encryption will be denied access to the server.

    • Servers: List 3-8 WEKA system servers to participate in the SMB cluster based on the server IDs in WEKA.

    • IPs: (Optional) List of virtual IPs (comma-separated) used as floating IPs for the SMB cluster to provide HA to clients. These IPs must be unique; do not assign these IPs to any host on the network. For an IP range, use the following format: a.b.c.x-y.

    • Config Filesystem: select the filesystem used for persisting cluster-wide protocol configurations.

    • Symbolic Link: Determines if symbolic links are allowed in the SMB cluster:

      • ON: Enables symbolic links. Use with caution, as it can introduce security risks by exposing data across shares.

      • OFF: Disables symbolic links, enhancing security by preventing link-based vulnerabilities.

Important: If a symbolic link in one share points to a file system in another share, users in the first share can access the data in the second share. Ensure you understand the security implications before enabling this option.

Due to cloud provider network limitations, setting a list of SMB floating IPs in all cloud installations is impossible. In this case, the SMB service must be accessed using the cluster nodes' primary addresses.

  1. Select Save.

Once the system completes configuration, the server statuses change from not ready (❌) to ready (✅).

Edit the SMB cluster

You can modify the encryption and IP settings according to your needs.

Procedure

  1. In the SMB Cluster Configuration, select the pencil icon.

  1. In the Edit SMB Configuration dialog, do the following:

    • Encryption: Select one of the in-transit encryption enforcements: enabled, desired, or required.

    • IPs: List of virtual IPs (comma-separated) used as floating IPs for the SMB cluster. (Floating IPs are not supported for cloud installations.)

3. Select Save.

Join the SMB cluster to Active Directory

To enable the SMB cluster to use Active Directory to resolve the access of users and user groups, join the SMB cluster to Active Directory (AD).

Before you begin

Resolve the AD domain controllers

Add the AD DNS configuration to every SMB protocol backend.

Follow these steps:

  1. Access the CLI.

  2. Edit the /etc/resolv.conf file to include the DNS settings specific to your domain.

For example, your configuration might look like this:

nameserver 8.8.8.8
nameserver 8.8.4.4
search example.com

Replace 8.8.8.8 and 8.8.4.4 with the appropriate nameserver IP addresses for your domain and example.com with your actual domain name.

Procedure

  1. In the SMB Cluster Configuration, select Join.

  1. In the Join to Active Directory dialog, set the following properties:

    • Username and Password: A username and password of an account that has join privileges to the Active Directory domain. WEKA does not save these credentials. Instead, the SMB cluster creates a computer account for use.

    • Server: (Optional) WEKA automatically identifies an AD Domain Controller server (from /etc/resolv.conf) based on the AD domain name. You do not need to set the server name. In some cases, specify the AD server if required.

    • Computers Org. Unit: The default AD organizational unit (OU) for the computer account is the Computers directory. You can define any OU to create the computer account that the joining account has permission to, such as SMB servers or corporate computers.

Once the SMB cluster joins the Active Directory domain, the join status next to the domain changes to Joined.

To join an existing SMB cluster to a different Active Directory domain, select Leave. To confirm the action, enter the username and password used to join the Active Directory domain.

Post-configuration in the DNS Manager and Active Directory

The following procedures are provided for reference purposes. For specific steps related to your environment, contact your IT administrator.

Add an A record for SMB protocol backends

  1. Open DNS Manager: Navigate to Start > Programs > Administrative Tools > DNS.

  2. Access DNS zones: In the DNS Manager console, double-click the DNS server name to display the list of zones.

  3. Open Forward Lookup Zones.

  4. Create a new A record: Right-click on the relevant domain and select New Record.

  5. Enter record details:

    • Specify the name (for example, TAZ) and the IP address of the backend server.

    • Select the record type as A.

  6. Configure record options:

    • Select the Create Associated PTR record option.

    • Select the Allow any authenticated user to update DNS record with the same owner name option.

  7. Finalize the Record: Select OK to add the new A record.

Set UID and GID for SMB protocol backends

Repeat the following steps for every backend participating in the SMB protocol.

  1. Navigate to Start > Programs > Administrative Tools > Active Directory Users and Computers.

  2. From the View menu, select Advanced Features.

  3. In the Computers section, right-click on an SMB protocol backend and select Properties.

  4. Select the Attribute Editor tab and modify the following:

    • Locate the gidNumber attribute and set its value to 0.

    • Locate the uidNumber attribute and set its value to 0.

  5. Select OK to save the changes.

Set UID and GID for SMB users

Repeat the following steps for every user consuming WEKA services over the SMB protocol.

  1. Navigate to Start > Programs > Administrative Tools > Active Directory Users and Computers.

  2. From the View menu, select Advanced Features.

  3. In the Users section, right-click on a user consuming WEKA services over the SMB protocol, and select Properties.

  4. Select the Attribute Editor tab and modify the following:

    • Locate the gidNumber attribute and set its value to an appropriate number or, if unknown, any numeric value between 0 and 4290000000.

    • Locate the uidNumber attribute and set its value to an appropriate number or, if unknown, any numeric value between 0 and 4290000000.

  1. Select OK to save the changes.

Add servers to the SMB cluster

Adding servers to the SMB cluster can provide several benefits and address various requirements, such as scalability, load balancing, high availability, and improved fault tolerance.

Before you begin

  • Ensure the SMB cluster is joined to an Active Directory domain. See Join the SMB cluster to Active Directory.

Procedure

  1. On the Servers pane, select Add.

  2. In the Add SMB Cluster Servers dialog, select one or more available servers (a maximum of eight servers) from the list.

  3. Select Save.

Remove servers from the SMB cluster

If the SMB cluster has more servers than you need, you can remove the server.

The minimum required number of servers in an SMB cluster is three.

Procedure

  1. To remove one server, select the three dots next to the server to remove and select Remove.

  1. To remove more than one server, select the servers to remove from the Remove SMB Cluster Servers dialog (click the X), and select Save.

Delete the SMB cluster

Deleting the SMB cluster resets its configuration data. Deleting an SMB cluster only applies to SMB-W.

Procedure

  1. In the SMB Cluster Configuration, select the trash icon.

  1. In the SMB Configuration Reset message, select Reset.

Display the SMB shares list

The Shares tab displays the SMB shares created in the system. You can also customize the table columns of the SMB shares.

Procedure

  1. From the menu, select Manage > Protocols.

  2. From the Protocols pane, select SMB.

  3. Select the Shares tab. You can filter the list using any column in the table.

Add an SMB share

Once the SMB cluster is created, you can create SMB shares (maximum of 1024). Each share must have a name and a shared path to the filesystem, which can be the root of the filesystem or a subdirectory

Before you begin

  • Ensure the SMB cluster is joined to the Active Directory. For details, see Join the SMB cluster to Active Directory.

  • Ensure the filesystem is already mounted and the directory you want to share is created in the filesystem. For details, see Mount filesystems;

Procedure

  1. In the Shares tab, select +Create.

  2. In the Add SMB Share dialog, set the following properties:

    • Name: A meaningful name for the SMB share.

    • Filesystem: The filesystem name that includes the directory to share. Select one from the list. A filesystem with Required Authentication set to ON cannot be used for SMB share.

    • Description: A description or purpose of the SMB share.

    • Path: A valid internal path, relative to the root, within the filesystem to expose the SMB share.

    If required, select Advanced and set the following:

    • Encryption: Select in-transit encryption enforcement of the share. The global cluster encryption settings can affect the actual encryption.

    • Direct Object Store Sync: Enables immediate synchronization of files to the object store, bypassing time-based file retention policies. When enabled, newly created or modified files in the share are prioritized for release without delay.

    • Read Only: Select to set the share as read-only.

    • Hidden: Select if you want to hide the share so it is not visible when viewing the list of system shares.

    • Allow Guest Access: Select if you want guests to access without authentication.

    • Access Permissions: Define the share access permissions. If you select ON, select the access type and the users or groups allowed to access the share (comma-separated users and groups list, add '@' as a group prefix). Not supported in SMB-W.

    • Files/Directories POSIX Mode Mask: Set the new default file and directory permissions in a numeric (octal) format created through the share.

    • ACLs Enabled: Enables or disables Windows Access-Control Lists (ACLs) for the share. When enabled, WEKA applies the selected Access Control Model. Only applicable for SMB-W.

    • Access Control Model: Specifies the type of access control to use for the share. Options include POSIX, Windows, or Hybrid (default: POSIX). Hybrid ACL allows seamless interoperability between POSIX and Windows systems by exchanging permissions based on timestamps. The most recent permission, regardless of the system it originated from, takes precedence. Only applicable for SMB-W.

    • Case Sensitivity: Enables or disables case sensitivity for the specified SMB share (default: ON). When enabled, the share distinguishes between files with the same name but different capitalization. This option applies exclusively to the SMB-W cluster.

    • ADS: Enables using Alternate Data Streams (ADS) on a specified SMB share. Possible values: ON, OFF (default: ON). For macOS clients, if ACLs are disabled (acl=off), set enable-ADS to off. For Windows clients, when enabled, ADS data is stored in the file’s extended attributes (XAttr), which consumes XAttr space.

  3. Select Save.

Access the share from Windows

  1. Right-click on This PC.

  2. Select Map network drive.

  3. In the Folder field, enter the path to the share, for example, \\smbshare\mynewshare.

  4. If prompted, enter the required credentials.

Edit an SMB share

You can update some of the SMB share settings. These include encryption, hiding the share, allowing guest access, and setting the share as read-only.

Procedure

  1. In the Shares tab, select the three dots of the share and select Edit.

  1. In the Update Share Settings dialog, update the relevant properties and select Save.

Remove an SMB share

Procedure

  1. In the Shares tab, select the three dots of the share and select Remove.

  1. In the confirmation message that appears, select Confirm. The removed share no longer appears in the SMB Shares list.

Configure the SMB cluster
Edit the SMB cluster
Join the SMB cluster to Active Directory
Add servers to the SMB cluster
Remove servers from the SMB cluster
Delete the SMB cluster
Display the SMB shares list
Add an SMB share
Edit an SMB share
Remove an SMB share
SMB cluster configuration
SMB cluster configuration example
Edit the SMB cluster
Edit SMB configuration
Join the SMB cluster in the Active Directory
Join Active Directory dialog
Add servers to the SMB cluster
Remove one server from the SMB cluster
Remove more than one server from the SMB cluster
Delete the SMB cluster configuration
SMB shares list
Edit an SMB share
Update the SMB share settings
Remove an SMB share
#dedicated-filesystem-requirement-for-persistent-protocol-configurations