Managing the FUSE-Based POSIX Client

Describes how to use the FUSE-based POSIX client.

Ports Needed for POSIX Clients and File System to Communicate With Each Other

POSIX clients communicate with the CLDB and server components of the HPE Ezmeral Data Fabric file system. You need to open the relevant ports for TCP connectivity from POSIX clients to the HPE Ezmeral Data Fabric file-system cluster nodes. Open the CLDB, file-system server, and file-system server instances ports.

  • CLDB - Ports 7222 and 7223.
  • File-System Server - 5660, 5692, 5724, 5756, and 6660.

For better performance, you can open additional CLDB ports. See Ports Used by HPE Ezmeral Data Fabric Software for more information.

When using Multi-MFS instances, open the relevant ports for these instances to work. For example, instance 0 will use four ports from 5660, 5692 (5660+32), 5724 (5660+64), and 5756 (5660+96), instance 1 will use four ports from 5661, 5693, 5725, 5757, and so on for every additional instance. See Working with Multiple Instances of the File System for more information.

Setting up a Ticket for the POSIX Client

The POSIX client can be accessed using user and service tickets. The service tickets have long lifetimes, by default, for ease of administration. This is useful for running application processes that should not be bounded by the CLDB duration (cldb.security.user.ticket.duration.seconds) and renewal (cldb.security.user.ticket.max.duration.seconds) properties, which limit the lifetime of user tickets. If you plan to use a user ticket, ensure that the user has read permissions on the ticket file.

Regardless of the ticket type, after generating the ticket, set the fuse.ticketfile.location parameter value in the fuse.conf file to point to the ticket file to use.

For more information, see:

NOTE
If the UID/GID in the ticket (without impersonation capability) is different from the UID/GID of the logged-in user, all operations are performed using the UID/GID of the ticket and not that of the logged-in user.

Starting and Stopping the POSIX Client

To ensure that the service can be started and stopped and to run the help option, set the shared LD_LIBRARY_PATH environment variable. Update the shared library environment variable to include the paths to the following:

  • Full path to the directory containing libjvm.so file
  • $MAPR_HOME/lib (that is, /opt/mapr/lib directory)

For example:

export LD_LIBRARY_PATH=/usr/lib/jvm/java-1.7.0-openjdk-1.7.0.79.x86_64/jre/lib/amd64/server/:/opt/mapr/lib

To allow a non-root user to start this service, as administrator or root user, run the following command:

chmod u+s /opt/mapr/bin/fusermount

Verify that permissions have been set for the non-root user to start the service. For example:

ls -l /opt/mapr/bin/fusermount

Your output should look similar to the following:

-rwsr-xr-x 1 root root 39704 Feb 16 19:41 /opt/mapr/bin/fusermount

Ensure that the non-root user has full permissions on the mount point and log files.

To manually start or stop the service:

service mapr-posix-client-* [start|stop|status]

When you run the command, replace * with basic or platinum, which corresponds with the package that is installed on the system.

NOTE
The POSIX client service cannot be stopped or restarted if any other process is accessing the mount point. With systemd (on CentOS/RH 7.x and SLES 12), the service will enter failed state (if you tried to stop) or activating state (if you tried to restart) and you must manually kill the client processes.

Running the POSIX Client in Secure Mode

The POSIX client reads the mapr-clusters.conf file to determine whether the process must start in secure or non-secure mode. If security is configured, the servicewithimpersonation ticket file must be present in the default /tmp directory. If the ticket file is not in the default /tmp directory, specify the location of the ticket file using the fuse.ticketfile.location configuration parameter in the fuse.conf file

If the ticket expires after a connection has been established between the POSIX client and the cluster, the connection can stay alive for up to an hour. No new connections will be allowed. If the access to the ticket was denied, restart POSIX client to refresh the ticket.

Mounting the File System

To mount the HPE Ezmeral Data Fabric file system at the mount point specified in the /opt/mapr/conf/fuse.conf file, create the mount point specified in the fuse.conf file and start the service. For example:

mkdir /mapr
service mapr-posix-client-* start
NOTE
If security software blocks the FUSE subsystem or kernel, the mounting process can be inhibited, or access to the FUSE mount using available commands can hang. Examples of such security software include:
  • CrowdStrike Falcon Sensor Service
  • Vormetric Data Security Manager
  • Tripwire file-integrity monitoring solutions
  • Symantec Agent for Linux IDS daemon
Contact your HPE customer support representative if you experience related issues.
NOTE
When you run the command, replace * with basic or platinum, which corresponds with the package that is installed on the system.
ATTENTION
Remember the following points when using a FUSE mounted file system:
  • When trying to open a FIFO on a FUSE mounted file system, permissions to perform the operation are not checked.
  • Any user can set time using touch -t for any file on a FUSE mounted file system.

See also: Enabling Soft Mount and Setting the Timeout

Monitoring the POSIX Client

To determine whether the POSIX client is running, run the following command:

service mapr-posix-client-* status
NOTE
When you run the command, replace * with basic or platinum, which corresponds with the package that is installed on the system.

Adding and Removing Users

Before you add and/or remove users using the POSIX client, make a note of the following:

  • Invalid UID/GID cannot perform operations on the system.
  • When you add or remove users, it may take up to 30 minutes for the changes to take effect.

By default, the UID cache will expire in 30 minutes. To disable UID cache, set the value (in seconds) for fs.mapr.uid.cache.timeout.seconds parameter in the core-site.xml file. You can set the value to:

  • 0 to fetch the GID information from the idstore directly
  • >0 to specify the amount of time to keep the UID information in cache

For example, your core-site.xml entry would look similar to the following for:

  • Disabling cache:
    <property>
       <name>fs.mapr.uid.cache.timeout.seconds</name>
       <value>0</value>
       <description>disable UID cache</description>
    </property>
  • Setting 3 minutes as the amount of time to keep the UID information in cache:
    <property>
       <name>fs.mapr.uid.cache.timeout.seconds</name>
       <value>180</value>
       <description>UID cached for 3 minutes</description>
    </property>

Registering POSIX Client with Additional Clusters

To register the POSIX client with additional clusters, you must add entries directly to the /opt/mapr/conf/mapr-clusters.conf file. The clusters will be visible after few minutes.

NOTE
Each client supports up to 16 clusters.

Configuring the FUSE Read Chunk Size

The POSIX FUSE platinum client can break large reads into multiple pieces to be handled in parallel, if you set the FUSE read chunk size of a file. This process is called sharding.

By default, the FUSE read chunk size is set to 2 MB. To change the chunk size used by the FUSE platinum client for parallel reads, set the value (in bytes) for the fs.mapr.fuseshard.chunksize configuration field in the core-site.xml file. To set the chunksize to 5 MB (5242880 bytes), use:

<property>
        <name>fs.mapr.fuseshard.chunksize</name>
        <value>5242880</value>
        <description>setting chunk size</description>
        </property>

For example, if the FUSE read chunk size is set to 1 MB, and the FUSE platinum client is configured with 5 libraries, then the platinum client reads 5 MB in parallel.

Unmounting the FUSE Mount

To unmount the mountpoint and kill the FUSE process, run the following command:

service mapr-posix-client-* stop
NOTE
When you run the command, replace * with basic or platinum, which corresponds with the package that is installed on the system.