Example scenario - administering unified file and object access
The following example describes an end-to-end scenario of administering and using unified file and object access.
This example provides a quick reference of steps performed for unified file and object access. For detailed information about these steps, see Administering unified file and object access.
- Enable the file-access object capability as follows.
mmobj config change --ccrfile spectrum-scale-object.conf \ --section capabilities --property file-access-enabled --value true
- [Optional] Change the objectizer service interval as follows.
mmobj config change --ccrfile spectrum-scale-objectizer.conf \ --section DEFAULT --property objectization_interval --value 600
- [Optional] Change the identity management mode to unified_mode as
follows.
mmobj config change --ccrfile object-server-sof.conf \ --section DEFAULT --property id_mgmt --value unified_mode
- [Optional] Set the ad_domain parameter
as follows.
mmobj config change --ccrfile object-server-sof.conf \ --section DEFAULT --property ad_domain --value ADDOMAINX
- Create a unified file and object access storage policy
as follows.
mmobj policy create SwiftOnFileFS --enable-file-access
The system displays output similar to the following:
[I] Getting latest configuration from ccr [I] Creating fileset /dev/gpfs0:obj_SwiftOnFileFS [I] Creating new unique index and building the object rings [I] Updating the configuration [I] Uploading the changed configuration
This command also creates a unified file and object access enabled fileset.
- Create a base container with a unified file and object
access storage policy as follows.
swift post unified_access -H "X-Storage-Policy: SwiftOnFileFS"
- Store the path created for the container by finding it
in the newly created fileset as follows.
export FILE_EXPORT_PATH=`find /ibm/gpfs0/obj_SwiftOnFileFS/ -name "unified_access"` # echo $FILE_EXPORT_PATH /ibm/gpfs0/obj_SwiftOnFileFS/s10041510210z1device1/ AUTH_09271462d54b472c82adecff17217586/unified_access
- Create an SMB export on the path as follows.
mmsmb export add unified_access $FILE_EXPORT_PATH
The system displays output similar to the following:
mmsmb export add: The SMB export was created successfully
- Create an NFS export on the path.
mmnfs export add $FILE_EXPORT_PATH --client "*(Access_Type=RW,Squash=no_root_squash,SecType=sys)"
The system displays output similar to the following:
192.0.2.2: Redirecting to /bin/systemctl stop nfs-ganesha.service 192.0.2.3: Redirecting to /bin/systemctl stop nfs-ganesha.service 192.0.2.2: Redirecting to /bin/systemctl start nfs-ganesha.service 192.0.2.3: Redirecting to /bin/systemctl start nfs-ganesha.service NFS Configuration successfully changed. NFS server restarted on all NFS nodes.
- Check the NFS and SMB exports.
mmnfs export list Path Delegations Clients ---------------------------------------------------------------------------- /ibm/gpfs0/obj_SwiftOnFileFS/ s10041510210z1device1/ AUTH_09271462d54b472c82adecff17217586/unified_access none * mmsmb export list export path guest ok smb encrypt unified_access /ibm/gpfs0/obj_SwiftOnFileFS/ s10041510210z1device1/ AUTH_09271462d54b472c82adecff17217586/unified_access no auto Information: The following options are not displayed because they do not contain a value: "browseable"
- Access this export with NFS or SMB clients and create a
sample directory and a file. For example: DirCreatedFromGPFS/File1.txt and DirCreatedFromSMB/File2.txt
You can view the association of ownership when data is created from the SMB interface as follows.
ls -l /ibm/gpfs0/obj_SwiftOnFileFS/s10041510210z1device1/ AUTH_09271462d54b472c82adecff17217586/unified_access/DirCreatedFromSMB total 0 -rwxr--r--. 1 ADDOMAINX\administrator ADDOMAINX\domain users 20 Oct 21 18:09 File2.txt mmgetacl /ibm/gpfs0/obj_SwiftOnFileFS/s10041510210z1device1/ AUTH_09271462d54b472c82adecff17217586/unified_access/DirCreatedFromSMB #NFSv4 ACL #owner:ADDOMAINX\administrator #group:ADDOMAINX\domain users special:owner@:rwxc:allow (X)READ/LIST (X)WRITE/CREATE (X)APPEND/MKDIR (X)SYNCHRONIZE (X)READ_ACL (X)READ_ATTR (X)READ_NAMED (-)DELETE (X)DELETE_CHILD (X)CHOWN (X)EXEC/SEARCH (X)WRITE_ACL (X)WRITE_ATTR (X)WRITE_NAMED special:group@:r-x-:allow (X)READ/LIST (-)WRITE/CREATE (-)APPEND/MKDIR (X)SYNCHRONIZE (X)READ_ACL (X)READ_ATTR (X)READ_NAMED (-)DELETE (-)DELETE_CHILD (-)CHOWN (X)EXEC/SEARCH (-)WRITE_ACL (-)WRITE_ATTR (-)WRITE_NAMED special:everyone@:r-x-:allow (X)READ/LIST (-)WRITE/CREATE (-)APPEND/MKDIR (X)SYNCHRONIZE (X)READ_ACL (X)READ_ATTR (X)READ_NAMED (-)DELETE (-)DELETE_CHILD (-)CHOWN (X)EXEC/SEARCH (-)WRITE_ACL (-)WRITE_ATTR (-)WRITE_NAMED
You can view the container and the file created from the REST interface and retention of ownership in the PUT operation as follows.
ls -l /ibm/gpfs0/obj_SwiftOnFileFS/s10041510210z1device1/ AUTH_09271462d54b472c82adecff17217586/unified_access/DirCreatedFromSMB/File2.txt -rwxr-xr-x. 1 ADDOMAINX\administrator ADDOMAINX\domain users 520038360 Nov 3 11:47 /ibm/gpfs0/obj_SwiftOnFileFS/s10041510210z1device1/AUTH_09271462d54b472c82adecff17217586/ DirCreatedFromSMB/unified_access/File2.txt
- Objectize that file immediately by using the following
command or wait for the objectization cycle to complete.
mmobj file-access --object-path \ /ibm/gpfs0/obj_SwiftOnFileFS/s10041510210z1device1/AUTH_09271462d54b472c82adecff17217586 /unified_access/File2.txt
- Download that object using the Swift client which is configured
with all variables as follows.
swift download unified_access/File2.txt
- List the contents of the container using the Swift client
which is configured with all variables as follows.
swift list unified_access
The system displays output similar to the following:
DirCreatedFromGPFS/File1.txt DirCreatedFromSMB/File2.txt