Appendix C StorNext Files

Cluster-Wide Central Control

Cluster-Wide Central Control

The purpose of this feature (currently supported on the Linux platform only,) is to provide cluster-wide central control. A central control file called nss-cctl.xmlprovides a way to restrict the behavior of SNFS cluster nodes (fsm, file system client, cvadmin client) from a central place: an NSS server.

This feature currently supports the following controls that allow you to specify:

1Whether a client is allowed to mount as a proxy client.

2Whether a client is allowed to mount as read/write or read-only.

3Whether a user (especially a local administrator on Windows clients,) is allowed to take ownership of a file or directory on a Stornext file system.

4Whether cvadmin running on a certain client is allowed to have super admin privilege to run destructive commands such as starting/ stopping the file system, refreshing disks, changing quota settings, and so on.

5Whether cvadmin running on certain client is allowed to connect to other fsms via the -Hoption.

The control file is in xml format and has a hierarchical structure. The top level element, snfsControl, contains control elements with the securityControl label for certain file systems. If you have different controls for different file systems, each file system should has its own control definition. A special virtual file system, SNFS_ALL, is used as the default control for file systems not defined in this control file. It is also used to define the cvadmin-related control on clients.

Note: You cannot have a file system named SNFS_ALL.

Each file system-related element (indicated by the label securityControl) has a list of controlEntry items. Each controlEntry item defines the client and the controls. The client type can be either host or netgrp. A host can be the IP address or the host name. (Both IP V4 and IP V6 are supported.) Netgrp specifies a group of consecutive IP addresses and has a network IP address (either IP V4 or V6,) and network mask bits. It is possible for

StorNext 3.5 Installation Guide

134

Page 151
Image 151
Quantum 3.5 manual Cluster-Wide Central Control