Filter
Top Products
Appendix C StorNext Files
Cluster-Wide Central Control
StorNext 3.5 Installation Guide 134
Cluster-Wide Central Control
The purpose of this feature (currently supported on the Linux platform
only,) is to provide cluster-wide central control. A central control file
called nss-cctl.xml provides a way to restrict the behavior of SNFS cluster
nodes (fsm, file system client, cvadmin client) from a central place: an
NSS server.
This feature currently supports the following controls that allow you to
specify:
1 Whether a client is allowed to mount as a proxy client.
2 Whether a client is allowed to mount as read/write or read-only.
3 Whether a user (especially a local administrator on Windows clients,)
is allowed to take ownership of a file or directory on a Stornext file
system.
4 Whether cvadmin running on a certain client is allowed to have super
admin privilege to run destructive commands such as starting/
stopping the file system, refreshing disks, changing quota settings,
and so on.
5 Whether cvadmin running on certain client is allowed to connect to
other fsms via the -H option.
The control file is in xml format and has a hierarchical structure. The top
level element, snfsControl, contains control elements with the
securityControl label for certain file systems. If you have different controls
for different file systems, each file system should has its own control
definition. A special virtual file system, SNFS_ALL, is used as the default
control for file systems not defined in this control file. It is also used to
define the cvadmin-related control on clients.
Each file system-related element (indicated by the label securityControl)
has a list of controlEntry items. Each controlEntry item defines the client
and the controls. The client type can be either host or netgrp. A host can
be the IP address or the host name. (Both IP V4 and IP V6 are supported.)
Netgrp specifies a group of consecutive IP addresses and has a network
IP address (either IP V4 or V6,) and network mask bits. It is possible for
Note: You cannot have a file system named SNFS_ALL.