HP StorageWorks Scalable File Share System Installation and Upgrade Guide Version 2.2

ManualsBrandsHP ManualsStorageHP StorageWorks Scalable File Share Enterprise Object Storage Server

221

222

223

224

225

226

227

228

229

230

Configuring the system after installing or upgrading9–4

CAUTION: If the user name under which the hpls_getgroups command runs includes any

Lustre file system in its path, the hpls_getgroups command will always time out and all

access to file systems will be denied to all users—including the root user, who will be unable to

mount a Lustre file system.

• When the HP SFS system has been configured as described in Section 9.2.3, the servers in the

HP SFS system must be able to connect to this user account using the ssh utility without a

password.

9.2.3 Configuring group servers and the HP SFS system to support

supplementary groups

Configure the system as shown in the following example. In this example, the IP address of the first group

server is 172.100.100.100, the IP address of the second group server is 172.100.100.110 and the

user name under which the hpls_getgroups command will run is gs. The HP SFS system is called

south, with south1 being the administration server and south2 the MDS server. Because the MDS

service can fail over to the administration server, the administration server must also be able to access group

information.

1. Copy the /root/.ssh/id_rsa.pub file from the administration server and append it to the

~/username/.ssh/authorized_keys directory on the group server. For example:

# scp south1:/root/.ssh/id_rsa.pub /tmp/south1.pub

# cat /tmp/south1.pub >> ~gs/.ssh/authorized_keys

2. Copy the /root/.ssh/id_rsa.pub file from the MDS server and append it to the

~/username/.ssh/authorized_keys directory on the group server. For example:

# scp south2:/root/.ssh/id_rsa.pub /tmp/south2.pub

# cat /tmp/south2.pub >> ~gs/.ssh/authorized_keys

3. Repeat Step 1 and Step 2 for each of the remaining group servers.

4. Specify the group server and user name using the sfsmgr set attribute command, as shown

in the following example:

# sfsmgr set attribute lustre.groups_server=172.100.100.100,172.100.100.110

# sfsmgr set attribute lustre.groups_user=gs

5. Rewrite the LDAP database for each file system by performing the following steps:

a. Stop the file system.

b. Enter the sfsmgr modify filesystem command as shown in the following example, where

data is the name of the file system:

# sfsmgr modify filesystem data write_ldap

Repeat these steps for each file system.

6. Log in to the administration server.

7. Invoke the hpls_getgroups command on the group server as shown in the following example,

where 100 is a user UID:

# ssh gs@172.100.100.100 /usr/sbin/hpls_getgroups 100

uid=100 gid=30 gids=31,32,33,44,46,50

Ensure that the primary group (gid=) and the supplementary groups (gids=) fields shown by the

command are correct.

Repeat Step 6 and Step 7 on the MDS server.

NOTE: If you upgrade the HP SFS software on the administration and MDS servers after you have

configured support for supplementary groups, you must repeat Steps 1 and 2 of this procedure for each

group server.