clustergroup addexternal

Imports an external NFS server or an external s3 server into a cluster group/global namespace.

The addexternal command adds an external NFS server or an external s3 server to the cluster group, thereby making it part of the NFS/S3 global namespace.

IMPORTANT
The cluster administrator must have granted you the cs3 ACL for you to be able to add an external S3 server to the cluster group. The cluster administrator must have granted you the cv ACL for you to be able to add an external NFS server to the cluster group.
NOTE
An external NFS server is a network file server hosted on a remote network, typically in a different physical location.

Along with Data Fabric cluster entries, NFSv4 clients see a unified directory space across servers hosted from different locations. Data Fabric data can be copied to or transferred to an external NFS server, so that it is shareable across the clusters in the cluster group.

A NFSv4 client is referred directly to the external NFS server. Data Fabric comes into the picture only when the referral point (like a soft link) is accessed, and after that the client directly communicates with the NFS server. The authentication mechanism will be the same that is used for mounting the global namespace (sec=none OR sec=system OR sec=krb5).

IMPORTANT
If your external NFS server uses authentication mechanism (sec=system), Data Fabric and the external NFS should ideally be using same AD/LDAP. If the external NFS server is using Kerberos authentication (sec=kerberos), Data Fabric and the external NFS must be using the same AD/LDAP + KDC server, otherwise external NFS server access will be denied with EPERM.

To view external NFS server details by using the maprcli, see clustergroup get cgtable. To remove the external NFS server from the cluster group by using maprcli, see clustergroup remove cluster.

Syntax

CLI
maprcli clustergroup addexternal
                            

        -type Type of the external server being added, nfs/s3
         -externalservername External server name that would appear in global namespace
         [ -ips In case of NFS and Generic S3, comma seperated list of external server ips ]
         [ -accesskey Access key in case of S3 server ]
         [ -secretkey Secret key in case of S3 server ]
         [ -s3vendor External S3 server vendor, either AWS OR Generic ]
         [ -awsregion AWS region in case the S3 vendor type is AWS ]
         [ -force if provided skip checking external server ips Parameter takes no value  ]
         [ -s3usetlsencryption Use TLSEncryption for external s3. default: true ]
         [ -s3serverport Port on which s3server is listening, default 9000 ]
         [ -s3servercertfile External S3 server certificate ]
         [ -s3servercertfilepath External S3 server certificate file path ]
         [ -s3servertransferproto S3 server transfer proto, either https or http, default https.
REST
Request Type POST
Request URL
http[s]://<host>:<port>/rest/clustergroup/addexternal?<parameters>

Parameters

Parameter Description

type

(Required) Use nfs to add an external NFS server. Use s3 to add external S3 server.
externalservername (Required) Name of the external NFS server/S3 server to display on the global namespace.
ips

(Conditionally Required) Required for NFS and Generic S3 servers.

List of one or more IP addresses. An NFS server with multiple network interface controllers (NIC) is identifiable by more than one IP address or host name. Use comma as the separator, when you are specifying multiple IP addresses for the parameter.

accesskey (Conditionally Required) Required for S3 servers. The access key for the external AWS/generic S3 server.
NOTE
Enclose the accesskey parameter in quotes.
secretkey (Conditionally Required) Required for AWS S3 servers. The secret key for the external AWS S3 server.
NOTE
Enclose the secretkey parameter in quotes.
awswebidrolearn AWS web-identity role ARN for STS-based access. For more information about STS, see Integrating the AWS Security Token Service (STS) with Data Fabric in the as-a-service documentation.
s3vendor (Conditionally Required) Required for S3 servers. Type of S3 vendor. Use the value AWS while adding the AWS S3 server. For other S3 vendors, use the value generic.
awsregion (Conditionally Required) Required for AWS S3 servers. AWS region for the buckets that contain your data.
gcpregion GCP region for the buckets that contain your data. This field is applicable to GCP S3 server only.
force (Optional) Pass the force parameter to skip checking the external server IPs. The parameter does not require a value to be specified.
s3usetlsencryption (Optional) The field is applicable to generic S3 server import. This is a flag indicating if TLS encryption is to be used for the external S3 server. The default value for the flag is true. The HTTPS protocol relies on TLS encryption for secure communication.
s3serverport (Optional) The port number for the generic S3 server at which the communication with Data Fabric must happen.The default value is 9000.
s3servercertfile (Conditionally Required) Required for S3 servers. The S3 server security certificate content. This is applicable if the communication is to happen over the HTTPS protocol.
s3servercertfilepath (Conditionally Required) Required for S3 servers. The file path of the S3 server security certificate. This is applicable if the communication is to happen over the HTTPS protocol.
s3servertransferproto (Optional) The protocol to use to transfer external S3 server data over the Internet. https and http are the allowed valid values. The default value is https.

Example

CLI
Add or import an external NFS server with the name extnfs and associated IP address 10.163.161.123.
maprcli clustergroup addexternal -type nfs -externalservername extnfs -ips 10.163.161.123
REST
curl -u <username> -X POST https://abc.sj.us:8443/rest/clustergroup/addexternal?type=nfs&externalservername=extnfs&ips=10.163.161.123
CLI
Add or import an external AWS S3 server with the name awsus1 and AWS region us-west-1.
maprcli clustergroup addexternal -type s3 -externalservername awsus1 -accesskey "<access-key>" -secretkey "<secret-key>" -s3vendor AWS -awsregion us-west-1
REST
curl -u <username> -X POST https://abc.sj.us:8443/rest/clustergroup/addexternal?type=s3&externalservername=awsus1&accesskey="<access-key>"&secretkey="<secret-key>"&s3vendor=AWS&awsregion=us-west-1
CLI
Add or import external Scality server having name extscalityserver.
maprcli clustergroup addexternal -type s3 -externalservername extscalityserver -ips <scality server ip> -accesskey <access-key> -secretkey <secret-key> -s3vendor Generic  -s3serverport 443 -s3servercertfilepath <file path for server certificate>
REST
curl -u <username> -X POST https://abc.sj.us:8443/rest/clustergroup/addexternal?type=s3&externalservername=extscalityserver&ips=<scality server ip>&accesskey="<access-key>"&secretkey="<secret-key>"&s3vendor=Generic&s3serverport=443&s3servercertfilepath=<file path for server certificate>
CLI
Add or import an external Vast server with the name extvastserver.
maprcli clustergroup addexternal -type s3 -externalservername extvastserver -ips <vast server ip> -accesskey <access-key> -secretkey <secret-key> -s3vendor Generic  -s3serverport <portnumber> -s3servercertfile <server certificate content>
REST
curl -u <username> -X POST https://abc.sj.us:8443/rest/clustergroup/addexternal?type=s3&externalservername=extvastserver&ips=<vast server ip>&accesskey="<access-key>"&secretkey="<secret-key>"&s3vendor=Generic&s3serverport=<portnumber>&s3servercertfile=<server certificate content>