Page tree
Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 4 Current »

The server needs very basic configuration procedure.

Network

The management network interface for web console, ssh, CLI is usually created during installation time itself.  For Cloud computing instances it is usually the default network that gets assigned.  For any  additional network interfaces  network configuration can be done using

Shell prompt

WebGui


Security

MayaNAS server program is designed to work with SeLinux and firewall rules.  There is no real requirement to disable them.

SeLinux

Explanation of SeLinux  interaction with following components

Snapshot replication

Our service is secure ssh based interaction between MayaNAS servers that uses ssh_t secontext as required.  Usually no impact form selinux.

 DRBD

The service script will properly setup customized policy drbdrepli for DRBD when selinux is active.

HeartBeat  HA services

Customized selinux policy update for HeartBeat ping is done automatically when selinux is active.

ZFS

SeLinux adds additional overhead to ZFS by adding xattr on the files and directories. It maybe worthwhile disabling it when SeLinux is not really needed.

firewalld

The required firewall ports for MayaNAS services are automatically opened during installation time or at operation time.

maya.configd

The configuration server for MayaNAS is standard RPC  daemon similar to NFS services program (mountd,lockd) registered with portmapper daemon rpcbind.  The CLI program that contacts maya.configd can be run locally, from another client using ONC RPC/XDR mechanism. This makes the program flexible and cross-platform, and be run from Windows also.   You would need to restrict the client access by using TCP wrapper mechanism as you would for any network service related program.

web-gui

The default TCP port for web console is 2020. It is registered to firewalld as mayastor-gui service.

iSCSI service

Uses standard iSCSI TCP Port 3260 and has to be opened.

Snapshot replication

No additional ports required as it uses SSH pubkey based authentication

 DRBD

Each DRBD configured volume requires TCP port and the script will open-up port with firewalld. It will remove the TCP port when drbd volume is removed.

 HA Cluster services

Needs UDP port 694 to be opened.

On Cloud instances the firewalld rules are usually configured to allow all traffic between the private  networks.  Only for web console firewall rule has to configured to allow the TCP port 2020 for web GUI.

Server Information

The  Configure Server is for entering general bookkeeping  information for your reference only.



Configure Controllers

This configuration is for

Viewing or Editing network information for enet controllers

Viewing or Assign Initiator or Target mode of operation for FC controllers


iSCSI Portal

MayaNAS server will create a default iSCSI target name based on system hostname and hostid, while provisioning iSCSI volume to hosts.  But you can create additional iSCSI target names and iSCSI portals to control the iSCSI service over particular subnet.




  • No labels