Installing SwiftStack File Access

SwiftStack File Access enables file and object API access for the same data. This enables users and applications to leverage the architecture of SwiftStack even if they do not use object APIs.

SwiftStack File Access supports NFS and SMB for filesystem access and AWS S3 and OpenStack Swift API for object API access.

Enable ProxyFS Node

Enable File Access on a node by either changing the role of an existing node or ingesting a new node with a File Access node type.

Create a File Access Account


  • An entire Swift Account is used when creating a ProxyFS volume.
  • A volume cannot be created using a container/bucket.
  • You cannot use an existing user account that already contains data.

Create a new user account and check 'File Access'. Enabling this on an account will provide convenience for future configuration steps. Accounts authenticated via other mechanisms, such as LDAP/AD, may also be used for File Access.


The username and password / S3 API Key fields are used for object API access only. Filesystem access is configured while provisioning a volume.


Configure File Access

In order to create and export a Volume, you must create, at least, one Volume Group and one Backing Policy.

Backing Policies

Backing Policies allow an operator to specify which storage policies a volume will use to store data and metadata within Swift.

Click Create New Backing Policy, type a label, and select the appropriate storage policies.


More detailed information about these options is available at Backing Policies.

SMB Users

For SMB-exported volumes, you can define users that will then be created for you and can be used for authentication.


Click SMB Users, then Create User. This allows you to create users that you may then select as "local valid users" when configuring a share.


Do not use the same name as a local Linux user account on the File Access node that is exporting the volume. Avoid root, swift, operator, or any other usernames that exist on the systems.

Alternatively, SMB authentication via Active Directory can be configured via Settings / AD & SMB Settings

Swift Users

When creating a Swift User, you can check the "File Access" box to create a user that will be easy to use for a File Access volume.


Volume Groups

A Volume Group is a group of nodes that have shared availability characteristics. A Volume Group is connected to a node, which will export all associated Volumes, and zero or more Volumes. Volume Groups can transition across nodes, allowing a group of Volumes to move at once.

Navigate to the Shares tab and click Create New Volume Group. Enter a valid name and choose the associated node.

Configuring a Volume

The volume configuration is used to provision a volume for export. Navigate to the Shares tab and click Create New Volume.


After providing a label, specify a name that will be used for exporting and the Swift Account to be used for the volume, and select the Volume Group.


Any Swift Users designated as File Access Users will be selectable here. If you wish to use a different Swift Account, select <other account name> and enter any Account you prefer. Make sure to include the prefix, such as AUTH_ or LDAP_ if you do so.


If you select NFS export, specify the Network share clients that are allowed to access this volume. You can specify a comma-separated list of allowed IP addresses; if left blank, all clients will be allowed to connect.


If you select SMB export, select the SMB Users that will be allowed to connect to this volume.

Finally, select the Node that will be exporting this volume, which Backing Policy will beused to store the data and the Flow Control.

Max flush size / Max flush time control how data is persisted. After either the size or time defined here is exceeded, a write will be triggered to persist data to the back-end Swift storage.

Click 'Add Volume' and deploy the config to your cluster.

Operating File Access

See Operating SwiftStack File Access for an operations guide.

Using File Access Volumes

The list of configured volumes provides information about the existing shares in the cluster.


Mounting the Volumes

SMB in Windows 10

For an SMB exported volume, from Windows Explorer, select This PC from the left pane. Right click and select "Map network drive". Or select "Map network drive" from the Computer tab.


In the Map Network Drive modal window, select a drive letter and enter the UNC-formatted share location. Check 'Connect using different credentials' to be prompted for the username and password that was previouslly entered in the SwiftStack Controller in the SMB Users section.


SMB in Linux

Mouting SMB shares in Linux should include the appropriate user ID and group ID when performing the mount. For example:

sudo mount -t cifs -o user=<smb user>,password=<smb password>,uid=`id -u`,gid=`id -g`,iocharset=utf8,actimeo=0 //<host name>/<share name> <directory mount point>

NFS in Linux

mount -t nfs -o nfsvers=3 <host name>:/share/<share name> <directory mount point>

SMB or NFS in macOS

On macOS in the Finder, navigate in the menu bar to Go, then Connect to Server. After clicking on 'Connect', enter the appropriate credential information.

For SMB shares, the format is: smb://<host name>/<share name>

For NFS shares, the format is: nfs://<host name>/share/<share name> (note the additional '/share' in the path)


Access Data via Object API

The storage URLs for the cluster are listed on the Cluster Monitor page.


For object API credentials, click on Users in the upper-left.

  • The username / password for the SwiftStack Client will be the entered credentials.
  • The S3 Account Secret Key is reveled when clicking the Show S3 API Key.

SwiftStack Client

The SwiftStack Client can be configured as described in the SwiftStack Client instructions. The filesystem view and the SwiftStack Client will reflect the same data.


Likewise, the same data is accessable via the AWS S3 API. For S3 client configuration information, see Configuring S3 Clients.