clustergroup addexternal
Imports an external NFS server or an external s3 server into a cluster group/global namespace.
The addexternal
command adds an external NFS server or an external s3 server to the cluster group, thereby
making it part of the NFS/S3 global namespace.
Along with Data Fabric cluster entries, NFSv4 clients see a unified directory space across servers hosted from different locations. Data Fabric data can be copied to or transferred to an external NFS server, so that it is shareable across the clusters in the cluster group.
A NFSv4 client is referred directly to the external NFS server. Data Fabric comes into the picture only when the referral
point (like a soft link) is accessed, and after that the client directly
communicates with the NFS server. The authentication mechanism will be the same that
is used for mounting the global namespace (sec=none
OR
sec=system
OR sec=krb5
).
sec=system
), Data Fabric
and the external NFS should ideally be using same AD/LDAP. If the external NFS
server is using Kerberos authentication (sec=kerberos
),
Data Fabric and the external NFS must be
using the same AD/LDAP + KDC server, otherwise external NFS server access will
be denied with EPERM. To view external NFS server details by using the maprcli
, see clustergroup get cgtable. To remove the external NFS server from the
cluster group by using maprcli
, see clustergroup remove cluster.
Syntax
- CLI
-
maprcli clustergroup addexternal -type Type of the external server being added, nfs/s3 -externalservername External server name that would appear in global namespace [ -ips In case of NFS and Generic S3, comma seperated list of external server ips ] [ -accesskey Access key in case of S3 server ] [ -secretkey Secret key in case of S3 server ] [ -s3vendor External S3 server vendor, either AWS OR Generic ] [ -awsregion AWS region in case the S3 vendor type is AWS ] [ -force if provided skip checking external server ips Parameter takes no value ] [ -s3usetlsencryption Use TLSEncryption for external s3. default: true ] [ -s3serverport Port on which s3server is listening, default 9000 ] [ -s3servercertfile External S3 server certificate ] [ -s3servercertfilepath External S3 server certificate file path ] [ -s3servertransferproto S3 server transfer proto, either https or http, default https.
- REST
Request Type POST Request URL http[s]://<host>:<port>/rest/clustergroup/addexternal?<parameters>
Parameters
Parameter | Description |
---|---|
|
(Required) Use nfs to add an external NFS
server. Use s3 to add
external S3 server. |
externalservername |
(Required) Name of the external NFS server/S3 server to display on the global namespace. |
ips |
(Conditionally Required) Required for NFS and Generic S3 servers. List of one or more IP addresses. An NFS server with multiple network interface controllers (NIC) is identifiable by more than one IP address or host name. Use comma as the separator, when you are specifying multiple IP addresses for the parameter. |
accesskey |
(Conditionally Required) Required for S3 servers. The
access key for the external AWS/generic S3 server. NOTE Enclose the
accesskey parameter in quotes. |
secretkey |
(Conditionally Required) Required for AWS S3 servers. The
secret key for the external AWS S3 server. NOTE Enclose the secretkey parameter in
quotes. |
awswebidrolearn |
AWS web-identity role ARN for STS-based access. For more information about STS, see Integrating the AWS Security Token Service (STS) with Data Fabric in the as-a-service documentation. |
s3vendor |
(Conditionally Required) Required for S3 servers. Type of
S3 vendor. Use the value AWS while adding the AWS
S3 server. For other S3 vendors, use the value
generic . |
awsregion |
(Conditionally Required) Required for AWS S3 servers. AWS region for the buckets that contain your data. |
gcpregion |
GCP region for the buckets that contain your data. This field is applicable to GCP S3 server only. |
force |
(Optional) Pass the force parameter to
skip checking the external server IPs. The parameter does not
require a value to be specified. |
s3usetlsencryption |
(Optional) The field is applicable to generic S3 server
import. This is a flag indicating if TLS encryption is to be used
for the external S3 server. The default value for the flag is
true . The HTTPS protocol relies on TLS
encryption for secure communication. |
s3serverport |
(Optional) The port number for the generic S3 server at
which the communication with Data Fabric must happen.The default
value is 9000 . |
s3servercertfile |
(Conditionally Required) Required for S3 servers. The S3 server security certificate content. This is applicable if the communication is to happen over the HTTPS protocol. |
s3servercertfilepath |
(Conditionally Required) Required for S3 servers. The file path of the S3 server security certificate. This is applicable if the communication is to happen over the HTTPS protocol. |
s3servertransferproto |
(Optional) The protocol to use to transfer external S3
server data over the Internet. https and
http are the allowed valid values. The default
value is https . |
Example
- CLI
- Add or import an external NFS server with the name
extnfs
and associated IP address10.163.161.123
.maprcli clustergroup addexternal -type nfs -externalservername extnfs -ips 10.163.161.123
- REST
-
curl -u <username> -X POST https://abc.sj.us:8443/rest/clustergroup/addexternal?type=nfs&externalservername=extnfs&ips=10.163.161.123
- CLI
- Add or import an external AWS S3 server with the name
awsus1
and AWS regionus-west-1
.maprcli clustergroup addexternal -type s3 -externalservername awsus1 -accesskey "<access-key>" -secretkey "<secret-key>" -s3vendor AWS -awsregion us-west-1
- REST
-
curl -u <username> -X POST https://abc.sj.us:8443/rest/clustergroup/addexternal?type=s3&externalservername=awsus1&accesskey="<access-key>"&secretkey="<secret-key>"&s3vendor=AWS&awsregion=us-west-1
- CLI
- Add or import external Scality server having name
extscalityserver
.maprcli clustergroup addexternal -type s3 -externalservername extscalityserver -ips <scality server ip> -accesskey <access-key> -secretkey <secret-key> -s3vendor Generic -s3serverport 443 -s3servercertfilepath <file path for server certificate>
- REST
-
curl -u <username> -X POST https://abc.sj.us:8443/rest/clustergroup/addexternal?type=s3&externalservername=extscalityserver&ips=<scality server ip>&accesskey="<access-key>"&secretkey="<secret-key>"&s3vendor=Generic&s3serverport=443&s3servercertfilepath=<file path for server certificate>
- CLI
- Add or import an external Vast server with the name
extvastserver
.maprcli clustergroup addexternal -type s3 -externalservername extvastserver -ips <vast server ip> -accesskey <access-key> -secretkey <secret-key> -s3vendor Generic -s3serverport <portnumber> -s3servercertfile <server certificate content>
- REST
-
curl -u <username> -X POST https://abc.sj.us:8443/rest/clustergroup/addexternal?type=s3&externalservername=extvastserver&ips=<vast server ip>&accesskey="<access-key>"&secretkey="<secret-key>"&s3vendor=Generic&s3serverport=<portnumber>&s3servercertfile=<server certificate content>