People have had issues with hangs, performance spikes, etc...
Just recently changed to VMXNET3 from E1000, so I'll keep an eye out for the above. Thanks for info
BR Jim
Follow along with the video below to see how to install our site as a web app on your home screen.
Note: This feature may not be available in some browsers.
People have had issues with hangs, performance spikes, etc...
Are there any reasons, despite TB-limit and no-encryption-support, against using NexentaStor Community Edition?
Are there any specialities regarding ESXi?
Which VMXNET3 issue? I'm using vmxnet3 on IO without any issues at all!
And on a sidenote OI w/ napp-it can't be beaten. I found it to be a fantastic combo, with minimal maintenance.
You have 4 DIMM Slots that accept each up to 8 GB Unbuffered Memory, so how do you want to reach 32GB with 4GB DIMMs?Kingston 8GB (2 x 4GB) ECC Unbuffered DDR3 1333
I find their gui very resource heavy and unstable (not just me either.)
fixed memory linkYou have 4 DIMM Slots that accept each up to 8 GB Unbuffered Memory, so how do you want to reach 32GB with 4GB DIMMs?
That case is very nice, Motherboard too (one NIC does not work under ESXi without patching)
General Consensus regarding controller cards at the moment: IBM M1015 with IT-mode
RAID-Z2 recommended vdev-size: 6 (not 8)
I am just playing around with it under VMware and it runs like a champ, really like it.
chown -R fileserv:staff audio
chmod -R 775 audio
drwxrwxr-x+ 13 fileserv staff 14 2012-04-11 22:24 .
drwxr-xr-x+ 181 fileserv staff 181 2012-04-11 21:58 ..
(...)
drwxrwxr-x+ 2 fileserv staff 2 2007-10-25 17:26
----------+ 1 fileserv staff 247417 2012-04-03 20:38 file-from-fileserv.jpg
drwxrwxr-x+ 2 fileserv staff 2 2012-04-11 22:07 Neuer Ordner
I find their gui very resource heavy and unstable (not just me either.)
it does. go hang out on the nexentastor.org forums. it's fine when it works, but the chances of having something wedge or start eating CPU time or something is non-trivial.
I've had no trouble with it so far, but i am running 100% hardware from the HSL on bare metal. GUI has also worked fine for me with no issues with hogging CPU. their GUI is basically just python with an EXTjs based ajax front end. It's certainly not perfect tho, so i suggest anyone considering it troll the forums and know what they are getting. My experience so far has been tho, run it on the right hardware and problems are limited. It's been a breeze for me so far. YMMV. really looking forward to illumian based version.
UNSUCCESSFUL happens mostly when
- there is already a computeraccount for this host in the domain -> DELETE and retry
- SMB service is not working -> SMB share a folder, restart service or reboot
- wrong user/PW
newbie here:
I don't get it, i am doing something wron, but cannot find out what...
I finally managed to get all my shares via SMB working, but one doesnt. It's the filsystem called audio, shared via SMB.
i already did the following steps more than once, but... well
Here is what i tried several times:
and then set permission to 775 via nappit in order to set ACL accordingly.Code:chown -R fileserv:staff audio chmod -R 775 audio
After applying, it nevertheless keeps displaying the permissions in the PERM row in nappit as "755+181" and i cannot even delete a file or folder that i just created over SMB.
But i got it working that way on other filesystems/shares.
When listing the file 'file-from-fileserv.jpg' just created in a subfolder of audio, it outputs:
And just to be complete, logged in via SMB as user fileserv, i even cannot delete the folder 'dfg dfg dfgd fgdf', is that normal?Code:drwxrwxr-x+ 13 fileserv staff 14 2012-04-11 22:24 . drwxr-xr-x+ 181 fileserv staff 181 2012-04-11 21:58 .. (...) drwxrwxr-x+ 2 fileserv staff 2 2007-10-25 17:26 ----------+ 1 fileserv staff 247417 2012-04-03 20:38 file-from-fileserv.jpg drwxrwxr-x+ 2 fileserv staff 2 2012-04-11 22:07 Neuer Ordner
greetings
mo
##edit
another strange thing: now i cannot even login via AFP which shares just two filesystems - one for timemachine, one for other stuff.
/usr/bin/chmod -R A- /tank
/usr/bin/chmod -R A+user:pitne:full_set:allow /tank
many thanks for the answers! Here is what i ended up doing…
* add user fileserv to group root - since root can have different password on different machine and i will mix this up, for me it doesn't make sense to use the root account directly when using shares…
* usermod -u 104 -G root,staff fileserv in order to maybe circumvent some future issues
* chown -R root:root /myzsfpool in order to reset owners…
* /usr/bin/chmod -R A- /myzsfpool
* /usr/bin/chmod -R A+user:fileserv:full_set:allow /myzsfpool
* /usr/bin/chmod -R A+user:share:read_set:allow /myzsfpool
* idmap add win user:Administrator unixuser:fileserv in order to be complete. But does this make even sense?
The really strange thing about not being able to login via AFP: well, of course i missed something - after re-setting the passwords for the users, it was back working again timemachine here we go....
some notes
* nappit seems really strange to me when i set permissions on the 'zfsfolder' page: when i set them to 775 for a filesystem, it displays 755 when the refreshed page comes up. When setting to 770 it displays 700.
* i tried to set those 'trivial ACLs', it seemed to do something, but eventually came back with the error message about not being able to do it because of having no license for that - i thought those 'trivial ACLs' would get set - or its more likely i did it the wrong way ;-)
* nevertheless its a really great thing!!
* thats incredible for a newbie what one can find in this stuff - didn't know about that /usr/bin/chmod exists and that it has different capabilities!
many thanks!!
greetings
mo
_Gea
Did you remove NDMP from your Napp-it recently?
I installed the package with "pkg install ndmp", but I'm not sure how to configure it. Trying to create an initiator so another box can connect to the tape drive I have installed.
Encryption on OpenIndiana
Not integrated in ZFS like with Solaris 11 and ZFS V.31+
but on an underlaying disk level and therefor working with ZFS V.28
i will add it to next versions of napp-it
The thought is:
- create files on a ZFS dataset (ex 1 GB with the option to backup them to any Filesystem/ Cloud provider)
- build block-devices from the files with lofiadm. (lofiadm supports encryption, must enter a pw here)
- build a regular ZFS pool from these files (use ex ZFS Z2 to recover from backup files with errors)
ex:
1. create a 1G file in /tank/secrets (a ZFS dataset)
cd /tank/secrets
mkfile 1g file1
2. create encrypted blockdevices from these file(s) -> creates a device /dev/lofi/1
lofiadm -c aes-256-cbc -a /tank/secrets/file1
Enter passphrase: ..
-repeat for all disks if you want to build a pool from more disks to have redundancy
(important if you want to backup these files on a non-ZFS file system)
3. Create a regular (ex. basic) ZFS pool from this or these (encrypted) device(s)
zpool create secretpool /dev/lofi/1
The newly created pool works like any ZFS pool.
To take offline you must export the pool and remove the devices
zpool export secretpool
lofiadm -d /tank/secrets/file1
To take online you must build devices from the files again using the same PW and import the pool
lofiadm -c aes-256-cbc -a /tank/secrets/file1
Enter passphrase: ..
If you use the wrong PW, all seems ok but there are no files...
Now you can import your pool from these devices
zpool import -d /dev/lofi shows all available pools
To import the pool, you must use:
zpool import -d /dev/lofi/ secretpool
Only disadvantage may be some lower performance (goes through ZFS twice + encryption).
But its very elegant, easy to implement and it is based simply only on one or more encrypted files.
If you want to backup them, you can just copy them. With small files its not a problem, even on FAT disks
with a max file limit of 2 GB. If you have build redundant ZFS pools from several files (ex Raid-Z1/2/3) its even not
a problem if (1/2/3) files get damaged for whatever reason.
http://constantin.glez.de/blog/2012/02/introducing-sparse-encrypted-zfs-pools
http://www.cuddletech.com/blog/pivot/entry.php?id=1029
https://blogs.oracle.com/yakshaving/entry/encrypted_fs_on_solaris_10
http://www.idevelopment.info/data/Oracle/DBA_tips/Automatic_Storage_Management/ASM_21.shtml
it look really easy whas os do you self run you zfs on ? I are on solaris 11 now so if I pulle the triger to move to OpenIndiana I nede to move a lot of TB I got 12TB Encrypted now so how are it can I just create 2TB files so a whole hdd and now I just add 6 X 2TB for a new pool how are that work when you do it that way if you understand me
to update/install intiially or from a former version, open a console and enter
su
wget -O - www.napp-it.org/nappit | perl
rebooot
old jobs should run but new ones may enhance functionality
When I login onto my OI server via IPMI I see in the main window that there are several updates to be downloaded from th OI server. Is it wise to update within OI desktop?
ty
Encryption on OpenIndiana
ndmp is only part of the NexentaCore config. (no longer available, Nexenta deleted all infos on nexenta.org)
It is done on Nexenta like..(have not tried for years)
Enable NDMP daemon:
# svcadm enable ndmpd
Enable authorization. NDMP allows to work in three modes: no auth, clear text, and md5 digest. Most of backup software will require md5 hashed password. ndmpcopy works with clear text passwords. We will use tmpuser and tmppass on both machines for example:
# ndmpadm enable -a cleartext -u tmpuser
Enter new password:
Re-enter password:
Now its time to make the NDMP copy. Assume we have /opt/a on one machine and /opt/b on another. /opt/b is empty right now. This command will start copying:
# ndmpcopy -v hostone:/opt/a hosttwo:/opt/b -sa tmpuser:tmppass -da tmpuser:tmppass