Installing SwiftStack File Access

SwiftStack File Access enables file and object API access for the same data. This enables users and applications to leverage the architecture of SwiftStack even if they do not use object APIs.

SwiftStack File Access supports NFS and SMB for filesystem access and AWS S3 and OpenStack Swift API for object API access.

Enable ProxyFS Node

Enable File Access on a node by either changing the role of an existing node or ingesting a new node with a File Access node type.

Create a File Access Account

Note

  • An entire Swift Account is used when creating a ProxyFS volume.
  • A volume cannot be created using a container/bucket.
  • You cannot use an existing user account that already contains data.

Create a new user account and check 'File Access'. Enabling this on an account will provide convenience for future configuration steps. Accounts authenticated via other mechanisms, such as LDAP/AD, may also be used for File Access.

Note

The username and password / S3 API Key fields are used for object API access only. Filesystem access is configured while provisioning a volume.

../_images/file_access_create_swiftstack_user.png

Configure File Access

In order to create and export a Volume, you must create, at least, one Flow Control and one Backing Policy.

Flow Controls

Flow Controls determine the way in which data is cached and how data is flushed to the object backend. Additional detailed information about options is available at Flow Controls.

A default flow control is already created.

Backing Policies

Backing Policies allow an operator to specify which storage policies a volume will use to store data and metadata within Swift.

Click Create New Backing Policy, type a label, and select the appropriate storage policies.

../_images/file_access_backing_policy.png

More detailed information about these options is available at Backing Policies.

SMB Users

For SMB-exported volumes, you can define users that will then be created for you and can be used for authentication.

../_images/file_access_smb_users.png

Click SMB Users, then Create User. This allows you to create users that you may then select as "local valid users" when configuring a share.

Note

Do not use the same name as a local Linux user account on the File Access node that is exporting the volume. Avoid root, swift, operator, or any other usernames that exist on the systems.

Alternatively, SMB authentication via Active Directory can be configured via Settings / AD & SMB Settings

Swift Users

When creating a Swift User, you can check the "File Access" box to create a user that will be easy to use for a File Access volume.

../_images/file_access_create_smb_user_modal.png

Configuring a Volume

The volume configuration is used to provision a volume for export. Navigate to the Shares tab and click Create New Volume.

../_images/file_access_create_volume.png

After providing a label, specify a name that will be used for exporting and the Swift Account to be used for the volume.

Note

Any Swift Users designated as File Access Users will be selectable here. If you wish to use a different Swift Account, select <other account name> and enter any Account you prefer. Make sure to include the prefix, such as AUTH_ or LDAP_ if you do so.

NFS

If you select NFS export, specify the Network share clients that are allowed to access this volume. You can specify a comma-separated list of allowed IP addresses; if left blank, all clients will be allowed to connect.

SMB

If you select SMB export, select the SMB Users that will be allowed to connect to this volume.

Finally, select the Node that will be exporting this volume, which Backing Policy will beused to store the data and the Flow Control.

Click 'Add Volume' and deploy the config to your cluster.

Operating File Access

See Operating SwiftStack File Access for an operations guide.

Using File Access Volumes

The list of configured volumes provides information about the existing shares in the cluster.

../_images/file_access_volume_list.png

Mounting the Volumes

SMB in Windows 10

For an SMB exported volume, from Windows Explorer, select This PC from the left pane. Right click and select "Map network drive". Or select "Map network drive" from the Computer tab.

../_images/file_access_windows10_select_map_network_drive.png

In the Map Network Drive modal window, select a drive letter and enter the UNC-formatted share location. Check 'Connect using different credentials' to be prompted for the username and password that was previouslly entered in the SwiftStack Controller in the SMB Users section.

../_images/file_access_windows10_map_network_drive.png

SMB in Linux

Mouting SMB shares in Linux should include the appropriate user ID and group ID when performing the mount. For example:

sudo mount -t cifs -o user=<smb user>,password=<smb password>,uid=`id -u`,gid=`id -g`,iocharset=utf8,actimeo=0 //<host name>/<share name> <directory mount point>

NFS in Linux

mount -t nfs -o nfsvers=3 <host name>:/share/<share name> <directory mount point>

SMB or NFS in macOS

On macOS in the Finder, navigate in the menu bar to Go, then Connect to Server. After clicking on 'Connect', enter the appropriate credential information.

For SMB shares, the format is: smb://<host name>/<share name>

For NFS shares, the format is: nfs://<host name>/share/<share name> (note the additional '/share' in the path)

../_images/file_access_macos.png

Access Data via Object API

The storage URLs for the cluster are listed on the Cluster Monitor page.

../_images/cluster-detail-api-endpoints.png

For object API credentials, click on Users in the upper-left.

  • The username / password for the SwiftStack Client will be the entered credentials.
  • The S3 Account Secret Key is reveled when clicking the Show S3 API Key.
../_images/file_access_object_api_credentials.png

SwiftStack Client

The SwiftStack Client can be configured as described in the SwiftStack Client instructions. The filesystem view and the SwiftStack Client will reflect the same data.

AWS S3 API

Likewise, the same data is accessable via the AWS S3 API. For S3 client configuration information, see Configuring S3 Clients.

../_images/file_access_with_swiftstack_client_s3cmd.png