This article is part of a series.
In this article a CIFS and a NFS share are created. Unfortunately shares on a vFiler cannot be configured in OnCommand System Manager. Instead the console or SSH has to be used. SSH must be set up first in order to directly connect to the vFiler. You can do so from a session on the first simulator (netapp01). It is possible to run commands on the vFiler from here with vfiler run <name of the vFiler> <command>.
netapp01> vfiler run vfiler01 secureadmin setup ssh ===== vfiler01 SSH Setup --------- Determining if SSH Setup has already been done before...no SSH server supports both ssh1.x and ssh2.0 protocols. SSH server needs two RSA keys to support ssh1.x protocol. The host key is generated and saved to file /vol/vol_vfiler01/etc/sshd/ssh_host_key during setup. The server key is re-generated every hour when SSH server is running. SSH server needs a RSA host key and a DSA host key to support ssh2.0 protocol. The host keys are generated and saved to /vol/vol_vfiler01/etc/sshd/ssh_host_rsa_key and /vol/vol_vfiler01/etc/sshd/ssh_host_dsa_key files respectively during setup. SSH Setup will now ask you for the sizes of the host and server keys. For ssh1.0 protocol, key sizes must be between 384 and 2048 bits. For ssh2.0 protocol, key sizes must be between 768 and 2048 bits. The size of the host and server keys must differ by at least 128 bits. Please enter the size of host key for ssh1.x protocol  : Please enter the size of server key for ssh1.x protocol  : Please enter the size of host keys for ssh2.0 protocol  : You have specified these parameters: host key size = 768 bits server key size = 512 bits host key size for ssh2.0 protocol = 768 bits Is this correct? [yes] Setup will now generate the host keys. It will take a minute. After Setup is finished the SSH server will start automatically. netapp01> Wed Feb 17 20:15:16 CET [vfiler01@netapp01:secureadmin.ssh.setup.passed:info]: SSH setup is done and ssh2 is enabled. Host keys are stored in /vol/vol_vfiler01/etc/sshd/ssh_host_key, /vol/vol_vfiler01/etc/sshd/ssh_host_rsa_key, and /vol/vol_vfiler01/etc/sshd/ssh_host_dsa_key. netapp01> vfiler run vfiler01 secureadmin status ===== vfiler01 ssh2 - active ssh1 - inactive
Now you can login to the vFiler via SSH and run commands. Of course you can also skip configuring SSH on the vFiler and run all commands with vfiler run … from the host running the vFiler (in this case netapp01).
The next step is to configure a CIFS share. If you haven’t already set up CIFS when creating the vFiler (see part 6) you have to do so now. In this series the vFiler is not joined to an active directory domain. Instead local users on the vFiler are used for permission to the shares (option 3 during the setup).
vfiler01@netapp01> cifs setup .... This process will enable CIFS access to the filer from a Windows(R) system. Use "?" for help at any prompt and Ctrl-C to exit without committing changes. Your filer does not have WINS configured and is visible only to clients on the same subnet. Do you want to make the system visible via WINS? [n]: n A filer can be configured for multiprotocol access, or as an NTFS-only filer. Since multiple protocols are currently licensed on this filer, we recommend that you configure this filer as a multiprotocol filer (1) Multiprotocol filer (2) NTFS-only filer Selection (1-2)? : 1 CIFS requires local /etc/passwd and /etc/group files and default files will be created. The default passwd file contains entries for 'root', 'pcuser', and 'nobody'. The default name for this CIFS server is 'VFILER'. Would you like to change this name? [n]: n Data ONTAP CIFS services support four styles of user authentication. Choose the one from the list below that best suits your situation. (1) Active Directory domain authentication (Active Directory domains only) (2) Windows NT 4 domain authentication (Windows NT or Active Directory domains) (3) Windows Workgroup authentication using the filer's local user accounts (4) /etc/passwd and/or NIS/LDAP authentication Selection (1-4)? : 3 What is the name of the Workgroup? [WORKGROUP]: WORKGROUP CIFS - Starting SMB protocol... It is recommended that you create the local administrator account (VFILER01\administrator) for this filer. Do you want to create the VFILER01\administrator account? [y]: y Enter the new password for VFILER01\administrator: Retype the password: Welcome to the WORKGROUP Windows(R) workgroup vfiler01@netapp01> Wed Feb 17 21:41:06 CET [vfiler01@netapp01:cifs.startup.local.succeeded:info]: CIFS: CIFS local server is running.
To access the share you can use VFILER01\administrator created a moment ago, or create a new user:
vfiler01@netapp01> useradmin user add user01 -g Guests New password: Retype new password: User <user01> added. vfiler01@netapp01> Wed Feb 17 21:49:18 CET [vfiler01@netapp01:useradmin.added.deleted:info]: The user 'user01' has been added.
After CIFS is set up the share can be configured. First you create a qtree and afterwards the share.
vfiler01@netapp01> qtree create /vol/vol_vfiler01/q_cifs vfiler01@netapp01> qtree security /vol/vol_vfiler01/q_cifs ntfs vfiler01@netapp01> qtree status Volume Tree Style Oplocks Status -------- -------- ----- -------- --------- vol_vfiler01 unix enabled normal vol_vfiler01 q_cifs ntfs enabled normal vfiler01@netapp01> cifs shares -add cifs01 /vol/vol_vfiler01/q_cifs vfiler01@netapp01> cifs shares Name Mount Point Description ---- ----------- ----------- ETC$ /vol/vol_vfiler01/etc Remote Administration ** priv access only ** HOME /vol/vol_vfiler01/home Default Share everyone / Full Control C$ / Remote Administration ** priv access only ** cifs01 /vol/vol_vfiler01/q_cifs everyone / Full Control
You can access the share via \\192.168.2.68\cifs01. In this series limiting the access rights to the share is not necessary. Everyone has full access.
To configure the NFS share a qtree is created as well. In this example the share is accessible from all hosts of the network 192.168.2.0/24.
vfiler01@netapp01> qtree create /vol/vol_vfiler01/q_nfs vfiler01@netapp01> qtree security /vol/vol_vfiler01/q_cifs unix vfiler01@netapp01> qtree status Volume Tree Style Oplocks Status -------- -------- ----- -------- --------- vol_vfiler01 unix enabled normal vol_vfiler01 q_cifs ntfs enabled normal vol_vfiler01 q_nfs unix enabled normal vfiler01@netapp01> exportfs -p rw=192.168.2.0/24,root=192.168.2.0/24 /vol/vol_vfiler01/q_nfs vfiler01@netapp01> exportfs /vol/vol_vfiler01/q_nfs -sec=sys,rw=192.168.2.0/24,root=192.168.2.0/24 /vol/vol_vfiler01 -sec=sys,rw,anon=0,nosuid
On a linux host you can now mount the NFS share.
hostname:~# mount 192.168.2.68:/vol/vol_vfiler01/q_nfs /media/cdrom
All articles of the series
Part 1: Download of the files needed
Part 2: Configuration of the first simulator
Part 3: Configuration of the second simulator
Part 4: Create an aggregate and volume
Part 5: DNS Configuration
Part 6: Create vFiler and configure vFiler DR
Part 7: Synchronous vFiler DR
Part 8: Create shares on vFiler
Part 9: Planned Failover
Part 10: Disaster Failover