Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
[Samba] Active/Passive Samba Cluster for Shared NFS Backend
620 views
Skip to first unread message
Andrew Martin
Sep 17, 2014, 3:00:03 PM9/17/14
to
Hello,
I am working on setting up an Active/Passive Samba cluster on Ubuntu 14.04
using Samba 4.1.6. Samba will be sharing an NFS mount so that it can be
accessible to CIFS clients. Thus, the server setup is as follows:
-- cifs0 --
/ \
/ \
NFS_Server VIP --- CIFS clients
\ /
\ /
-- cifs1 --
The NFS export is mounted at the same place on both cifs0 and cifs1, /mnt/nfs.
I have configured "lock directory" to point at a directory inside of the NFS
share:
lock directory = /mnt/nfs/locks
I then configured a share:
test]
path = /mnt/nfs/test
browseable = yes
public = yes
guest ok = yes
writable = yes
create mode = 0644
directory mode = 0775
Both cifs0 and cifs1 are running keepalived to export a VIP and move it between
the two of them. All CIFS clients use this VIP for accessing the share. I have
some questions about this setup:
* does "private dir" also need to be on the shared NFS directory? I am syncing
the smb.conf to be identical on both servers (except for "netbios name"), so
I don't think it's necessary to have it on shared storage
* can I have smbd and nmbd running on both cifs0 and cifs1 simultaneously,
since traffic should only come through one server at any given time?
* are there any other problems with this configuration?
Thanks,
Andrew Martin
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
I am working on setting up an Active/Passive Samba cluster on Ubuntu 14.04
using Samba 4.1.6. Samba will be sharing an NFS mount so that it can be
accessible to CIFS clients. Thus, the server setup is as follows:
-- cifs0 --
/ \
/ \
NFS_Server VIP --- CIFS clients
\ /
\ /
-- cifs1 --
The NFS export is mounted at the same place on both cifs0 and cifs1, /mnt/nfs.
I have configured "lock directory" to point at a directory inside of the NFS
share:
lock directory = /mnt/nfs/locks
I then configured a share:
test]
path = /mnt/nfs/test
browseable = yes
public = yes
guest ok = yes
writable = yes
create mode = 0644
directory mode = 0775
Both cifs0 and cifs1 are running keepalived to export a VIP and move it between
the two of them. All CIFS clients use this VIP for accessing the share. I have
some questions about this setup:
* does "private dir" also need to be on the shared NFS directory? I am syncing
the smb.conf to be identical on both servers (except for "netbios name"), so
I don't think it's necessary to have it on shared storage
* can I have smbd and nmbd running on both cifs0 and cifs1 simultaneously,
since traffic should only come through one server at any given time?
* are there any other problems with this configuration?
Thanks,
Andrew Martin
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
John Yocum
Sep 17, 2014, 3:40:01 PM9/17/14
to
solution. https://ctdb.samba.org/
--
John Yocum, Systems Administrator, DEOHS
Andrew Martin
Sep 17, 2014, 4:30:02 PM9/17/14
to
----- Original Message -----
> From: "John Yocum" <jty...@uw.edu>
> To: sa...@lists.samba.org
> Sent: Wednesday, September 17, 2014 2:09:19 PM
> Subject: Re: [Samba] Active/Passive Samba Cluster for Shared NFS Backend
>
> You may want to look into Samba CTDB, which is Samba's clustering
> solution. https://ctdb.samba.org/
>
Isn't CTDB for Active/Active clusters? I was hoping to keep this setup
> From: "John Yocum" <jty...@uw.edu>
> To: sa...@lists.samba.org
> Sent: Wednesday, September 17, 2014 2:09:19 PM
> Subject: Re: [Samba] Active/Passive Samba Cluster for Shared NFS Backend
>
> You may want to look into Samba CTDB, which is Samba's clustering
> solution. https://ctdb.samba.org/
>
as simple as possible, without the need for a clustered filesystem or
other components.
Andrew
Daniel Müller
Sep 18, 2014, 2:00:02 AM9/18/14
to
CTDB only does keep you logged on on failover or keep alive of your IP. The
data of the user is another thing. So In fact you need both things
CTDB and a fileserver running on drbd or gluster or something like that.
EDV Daniel Müller
Leitung EDV
Tropenklinik Paul-Lechler-Krankenhaus
Paul-Lechler-Str. 24
72076 Tübingen
Tel.: 07071/206-463, Fax: 07071/206-499
eMail: mue...@tropenklinik.de
Internet: www.tropenklinik.de
-----Ursprüngliche Nachricht-----
Von: samba-...@lists.samba.org [mailto:samba-...@lists.samba.org] Im
Auftrag von Andrew Martin
Gesendet: Mittwoch, 17. September 2014 22:25
An: John Yocum
Cc: sa...@lists.samba.org
Betreff: Re: [Samba] Active/Passive Samba Cluster for Shared NFS Backend
data of the user is another thing. So In fact you need both things
CTDB and a fileserver running on drbd or gluster or something like that.
EDV Daniel Müller
Leitung EDV
Tropenklinik Paul-Lechler-Krankenhaus
Paul-Lechler-Str. 24
72076 Tübingen
Tel.: 07071/206-463, Fax: 07071/206-499
eMail: mue...@tropenklinik.de
Internet: www.tropenklinik.de
-----Ursprüngliche Nachricht-----
Von: samba-...@lists.samba.org [mailto:samba-...@lists.samba.org] Im
Auftrag von Andrew Martin
Gesendet: Mittwoch, 17. September 2014 22:25
An: John Yocum
Cc: sa...@lists.samba.org
Betreff: Re: [Samba] Active/Passive Samba Cluster for Shared NFS Backend
Volker Lendecke
Sep 18, 2014, 7:40:01 AM9/18/14
to
On Wed, Sep 17, 2014 at 01:57:42PM -0500, Andrew Martin wrote:
> * are there any other problems with this configuration?
The only question I have is: Why? You should install Samba (Or the Ontap
> * are there any other problems with this configuration?
CIFS option for that matter) on the NFS server, that's a single point
of failure anyway.
Volker
--
SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen
phone: +49-551-370000-0, fax: +49-551-370000-9
AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen
http://www.sernet.de, mailto:kon...@sernet.de
Andrew Martin
Sep 18, 2014, 10:20:02 AM9/18/14
to
----- Original Message -----
> From: "Volker Lendecke" <Volker....@SerNet.DE>
> To: "Andrew Martin" <ama...@xes-inc.com>
> Cc: sa...@lists.samba.org
> Sent: Thursday, September 18, 2014 6:32:52 AM
> Subject: Re: [Samba] Active/Passive Samba Cluster for Shared NFS Backend
>
> From: "Volker Lendecke" <Volker....@SerNet.DE>
> To: "Andrew Martin" <ama...@xes-inc.com>
> Cc: sa...@lists.samba.org
> Sent: Thursday, September 18, 2014 6:32:52 AM
> Subject: Re: [Samba] Active/Passive Samba Cluster for Shared NFS Backend
>
> On Wed, Sep 17, 2014 at 01:57:42PM -0500, Andrew Martin wrote:
> > * are there any other problems with this configuration?
>
> The only question I have is: Why? You should install Samba (Or the Ontap
> CIFS option for that matter) on the NFS server, that's a single point
> of failure anyway.
>
The NFS serve doesn't support integration with AD, so it cannot
> > * are there any other problems with this configuration?
>
> The only question I have is: Why? You should install Samba (Or the Ontap
> CIFS option for that matter) on the NFS server, that's a single point
> of failure anyway.
>
authenticate Windows users to access the CIFS shares. Thus, I need to use
some type of gateway server that can support authenticating with AD via
winbind.
Is it possible to do what I've described without needing to use CTDB
and a clustering filesystem?
Thanks,
Andrew
Sketch
Sep 18, 2014, 10:50:02 AM9/18/14
to
On Thu, 18 Sep 2014, Andrew Martin wrote:
> Is it possible to do what I've described without needing to use CTDB
> and a clustering filesystem?
I haven't tried it, but I don't see why an NFS share wouldn't work as your
> Is it possible to do what I've described without needing to use CTDB
> and a clustering filesystem?
"cluster filesystem" for CTDB. I believe it just needs to be a shared
volume that can be written to by all cluster members.
Of course, CTDB is not strictly required, it just has a little more smarts
for detecting problems with the samba daemon beyond a complete node
failure. You can use another method to failover if you prefer. If all of
your clients are Windows on AD, you could even just use DFS to handle
failover on the client side.
Volker Lendecke
Sep 18, 2014, 12:20:02 PM9/18/14
to
On Thu, Sep 18, 2014 at 09:17:50AM -0500, Andrew Martin wrote:
> ----- Original Message -----
> > From: "Volker Lendecke" <Volker....@SerNet.DE>
> > To: "Andrew Martin" <ama...@xes-inc.com>
> > Cc: sa...@lists.samba.org
> > Sent: Thursday, September 18, 2014 6:32:52 AM
> > Subject: Re: [Samba] Active/Passive Samba Cluster for Shared NFS Backend
> >
> > On Wed, Sep 17, 2014 at 01:57:42PM -0500, Andrew Martin wrote:
> > > * are there any other problems with this configuration?
> >
> > The only question I have is: Why? You should install Samba (Or the Ontap
> > CIFS option for that matter) on the NFS server, that's a single point
> > of failure anyway.
> >
> The NFS serve doesn't support integration with AD, so it cannot
> authenticate Windows users to access the CIFS shares. Thus, I need to use
> some type of gateway server that can support authenticating with AD via
> winbind.
Well, installing Samba on the NFS server will be no
> ----- Original Message -----
> > From: "Volker Lendecke" <Volker....@SerNet.DE>
> > To: "Andrew Martin" <ama...@xes-inc.com>
> > Cc: sa...@lists.samba.org
> > Sent: Thursday, September 18, 2014 6:32:52 AM
> > Subject: Re: [Samba] Active/Passive Samba Cluster for Shared NFS Backend
> >
> > On Wed, Sep 17, 2014 at 01:57:42PM -0500, Andrew Martin wrote:
> > > * are there any other problems with this configuration?
> >
> > The only question I have is: Why? You should install Samba (Or the Ontap
> > CIFS option for that matter) on the NFS server, that's a single point
> > of failure anyway.
> >
> The NFS serve doesn't support integration with AD, so it cannot
> authenticate Windows users to access the CIFS shares. Thus, I need to use
> some type of gateway server that can support authenticating with AD via
> winbind.
different than on an NFS client in any manner. Samba
communicates numerid unix IDs to the kernel, just as the NFS
client will do.
> Is it possible to do what I've described without needing to use CTDB
> and a clustering filesystem?
both smbds running for faster failover, make it local. Put
the "private directory" on a proper cluster file system, NFS
just is not up to the task to serve tdb files. That's the
entire reason why ctdb exists.
Volker
--
SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen
phone: +49-551-370000-0, fax: +49-551-370000-9
AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen
http://www.sernet.de, mailto:kon...@sernet.de
Andrew Martin
Sep 18, 2014, 12:30:02 PM9/18/14
to
----- Original Message -----
> From: "Volker Lendecke" <Volker....@SerNet.DE>
> To: "Andrew Martin" <ama...@xes-inc.com>
> Cc: sa...@lists.samba.org
> Sent: Thursday, September 18, 2014 11:17:36 AM
> Subject: Re: [Samba] Active/Passive Samba Cluster for Shared NFS Backend
> > Is it possible to do what I've described without needing to use CTDB
> > and a clustering filesystem?
>
> No. "lock directory" on NFS just won't work. If you need
> both smbds running for faster failover, make it local. Put
> the "private directory" on a proper cluster file system, NFS
> just is not up to the task to serve tdb files. That's the
> entire reason why ctdb exists.
>
If I left the "private directory" on each local server, what would be the
> From: "Volker Lendecke" <Volker....@SerNet.DE>
> To: "Andrew Martin" <ama...@xes-inc.com>
> Cc: sa...@lists.samba.org
> Sent: Thursday, September 18, 2014 11:17:36 AM
> Subject: Re: [Samba] Active/Passive Samba Cluster for Shared NFS Backend
> > Is it possible to do what I've described without needing to use CTDB
> > and a clustering filesystem?
>
> No. "lock directory" on NFS just won't work. If you need
> both smbds running for faster failover, make it local. Put
> the "private directory" on a proper cluster file system, NFS
> just is not up to the task to serve tdb files. That's the
> entire reason why ctdb exists.
>
consequence (just lost state information after a failover)? Would it be
safe to let smbd run on both servers at once (both with their own local
"private directory") with the understanding that all traffic would route
through the VIP?
What would happen if traffic tried to access the share from both servers
at once if smbd was running on both simultaneously?
Volker Lendecke
Sep 18, 2014, 12:30:03 PM9/18/14
to
On Thu, Sep 18, 2014 at 09:43:55AM -0500, Sketch wrote:
> On Thu, 18 Sep 2014, Andrew Martin wrote:
>
> >Is it possible to do what I've described without needing to use CTDB
> >and a clustering filesystem?
>
> I haven't tried it, but I don't see why an NFS share wouldn't work
> as your "cluster filesystem" for CTDB. I believe it just needs to
> be a shared volume that can be written to by all cluster members.
Well, at the very least you have to turn off posix locking.
> On Thu, 18 Sep 2014, Andrew Martin wrote:
>
> >Is it possible to do what I've described without needing to use CTDB
> >and a clustering filesystem?
>
> I haven't tried it, but I don't see why an NFS share wouldn't work
> as your "cluster filesystem" for CTDB. I believe it just needs to
> be a shared volume that can be written to by all cluster members.
Volker
--
SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen
phone: +49-551-370000-0, fax: +49-551-370000-9
AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen
http://www.sernet.de, mailto:kon...@sernet.de
0 new messages