How DFS mode with Eyeglass Works
- Process Flow for DFS Failover with Eyeglass
- Normal
- Failover with Eyeglass DFS mode
- Failback with Eyeglass
- Eyeglass Microsoft DFS Mode Failover with NFS Export
- Linux use of DFS with Samba with DFS mode Failover
- How to Configure Samba with Linux with DFS mounts
Process Flow for DFS Failover with Eyeglass
Normal
The following diagram displays the process flow in normal condition (before Failover)
Configuration:
DFS Target folder was configured to refer to both Primary Cluster and Secondary Cluster’s SMB Shares, with the priority set to the Primary Cluster. The Active Directory Sites and Subnets were also configured to let the clients resided on the same subnet and site as the PowerScale Primary Cluster IP addresses.
SMB Shares were created on Primary and Secondary Clusters. See DFS Feature changes table (DFS Feature Changes and Share names used on DFS synced Shares) for version behaviour.
- SMB Client is accessing a domain-based namespace (e.g. \\example.com\dfs01\folder1) . This SMB client computer sends a query to the AD to discover a list of root targets for the namespace.
- AD Controller returns a list of root targets defined for the requested namespace.
- SMB client selects the root target from the referral list and sends a query to the root server for the requested link.
- DFS root server constructs a list of folder targets in the referral. Order / priority of targets can be configured. Folder Target to the Primary Cluster is configured as the first path to refer to (higher priority) in the referral list. The SMB Client and Primary Cluster are also residing in the same Active Directory Site and Subnet. The SMB Share(s) on Secondary Cluster is not active (Deleted). DFS root server sends the referral information to the client. The active path is to the Primary Cluster.
- SMB client tries to establish a connection to the selected target (the first priority / active target in the list).
- PowerScale (Primary cluster) responds to this SMB connection.
Failover with Eyeglass DFS mode
The following diagram displays the process flow during Failover event.
Flow:
- Primary Cluster failure or down detected,
- Initiate Eyeglass Failover of DFS syncIQ policy protecting the DFS UNC targets (7a)
- Eyeglass deletes or renames SMB share(s) on Primary Cluster (7b) See DFS Feature changes table (DFS Feature Changes and Share names used on DFS synced Shares ) for version behaviour.
- Eyeglass creates quotas on Secondary cluster and deletes them from the Primary cluster
- Eyeglass performs SyncIQ Failover to Secondary Cluster
- Eyeglass syncs data changes with SyncIQ to Secondary cluster move schedule over and runs re-sync prep (8)
- Eyeglass creates or renames SMB share(s) on Secondary Cluster See DFS Feature changes table (DFS Feature Changes and Share names used on DFS synced Shares ) for version behaviour.
- DFS Target folder - path to the Secondary cluster will automatically be activated
- SMB Client is connecting to the Secondary cluster
- Secondary cluster is responding to SMB client
Failback with Eyeglass
The following diagram displays the process flow during Failback event.
Flow:
- Primary cluster is resumed and ready for failback. (13, 14, 15, 16)
- Perform Eyeglass Failback of DFS SyncIQ policy protecting the DFS UNC targets (15)
- Eyeglass syncs data changes with SyncIQ to Primary cluster (15)
- Eyeglass performs SyncIQ Failover to Primary Cluster
- Eyeglass creates or renames SMB share(s) on Primary Cluster (16) See DFS Feature changes table (DFS Feature Changes and Share names used on DFS synced Shares ) for version behaviour.
- Eyeglass deletes or renames SMB share(s) on Secondary Cluster (14) See DFS Feature changes table (DFS Feature Changes and Share names used on DFS synced Shares ) for version behaviour.
- Eyeglass creates quotas on Primary cluster and deletes them from the Secondary cluster
- DFS Target folder - path to the primary cluster will automatically be activated.
- SMB Client is connecting to the primary cluster
- Primary cluster is responding to SMB client
Eyeglass Microsoft DFS Mode Failover with NFS Export
Eyeglass Microsoft DFS Mode Failover can be used with SyncIQ policies that protect NFS exports by the same policy, but in this case manual steps or post-failover scripting must be used to update NFS client mounts.
Linux use of DFS with Samba with DFS mode Failover
Samba is a SMB port to Linux. This can mount SMB shares similar to how NFS mounts data.
This has been tested with DFS presented folder with dual referral paths. Testing showed that samba DFS folders did not auto switch cluster smartconnect paths until the Interface removal method was used to remove the Interfaces from the source cluster IP pool. This procedure is fully described here.
How to Configure Samba with Linux with DFS mounts
Install Linux DFS client
Environment
Centos Release: CentOS Linux release 7.6.1810 (Core)
Samba version: Samba version 4.8.3
Windows server version: 2016 Essentials
Microsoft Corporation DFS Management : Version: 6.0
Installation
- Install packages using yum. Package needed: samba samba-client cifs-utilskeyutils
- yum install -y samba samba-client cifs-utils keyutils
- Enable firewall rules for SMB
- firewall-cmd --permanent --zone=public --add-service=samba && firewall-cmd --reload && systemctl restart firewalld
- Modify /etc/request-key.conf file
- sed -i "\$acreate cifs.spnego * * /usr/sbin/cifs.upcall %k\ncreate dns_resolver * * /usr/sbin/cifs.upcall %k" /etc/request-key.conf
- Create Local directory for mount point and assign permission [tested with 777permission]
- mkdir -p /tmp/dfs && chmod 777 /tmp/dfs
- Mount the DFS root [can use vers=3]
- mount -t cifs //DOMAIN/DFSRoot /tmp/dfs -osec=ntlmv2,domain=DOMAIN,
username=usr,vers=2.1
- mount -t cifs //DOMAIN/DFSRoot /tmp/dfs -osec=ntlmv2,domain=DOMAIN,
- Browse to local mount directory and list your DFS Shares
- cd /tmp/dfs && ls -lha
- Check your mount information
- df -h