volume modify
Modifies an existing volume. Permissions
required: m
or fc
on
the volume.
An error occurs if the name or path refers to a non-existent volume, or cannot be resolved.
Syntax
- CLI
-
/opt/mapr/bin/maprcli volume modify [ -cluster <cluster name> ] -name <volume name> [ -advisoryquota <advisory quota> ] [ -ae <accounting entity> ] [ -aetype <aetype> ] [ -allowgrant true|false ] [ -allowreadforexecute Enable reads for files with execute permission. <true|false> ] [-atimeUpdateInterval <days>] [ -auditenabled true|false ] [ -autooffloadthresholdgb <offload size threshold> ] [ -coalesce <interval in mins> ] [ -compactionoverheadthreshold <compaction_overhead> ] [ -compactionschedule <compaction_schedule_ID> ] [ -containerallocationfactor <positive integer> ] [ -criticalrereplicationtimeoutsec ] [ -dataauditops <+|- operations> ] [ -dbindexlagsecalarmthresh <threshold> ] [ -dbrepllagsecalarmthresh <threshold> ] [ -disableddataauditops <operations> ] [ -ecenable true|false ] [ -ecscheme <ec_scheme> ] [ -ectopology <path> ] [ -enforcementmode <PolicyAceAndDataAce|PolicyAceOnly|DataAceOnly|PolicyAceAuditAndDataAce> ] [ -enforceminreplicationforio true|false ] [ -filefilter <file filter> ] [ -forceauditenable true|false ] [ -group <list of group:allowMask> ] [ -honorrackreliability <ec-rack-reliability : true | false> ] [ -maxinodesalarmthreshold <threshold> ] [ -maxnssizembalarmthreshold <threshold> ] [ -metricsenabled true|false ] [ -minreplication <minimum replication> ] [ -mirrorschedule <mirror schedule ID> ] [ -mirrorthrottle true|false ] [ -namecontainerdatathreshold <size> ] (available from version 6.0.1) [ -nsminreplication <minimum replication factor> ] [ -nsreplication <replication factor> ] [ -numactivecgcontainers <num containers to be assigned for a cg assign request> ] [ -offloadschedule <schedule ID> ] [ -quota <quota> ] [ -readAce <Access Control Expression> ] [ -readonly <readonly> ] [ -recallexpirytime <expiry time> ] [ -replication <replication> ] [ -rereplicationtimeoutsec <timeout in seconds> ] [ -schedule <schedule ID> ] [ -securitypolicy <policy1,policy2,…> ] [ -skipwiresecurityfortierinternalops Skip Wire level security for backend volumes <true|false> ] [ -source <source volume> ] [ -tierencryption true|false ] [ -tieringrule <rule name> ] [ -tierkey <tier encryption key> ] [ -tiername <tier name> ] [ -type rw|mirror ] [ -user <list of user:allowMask> ] [ -wiresecurityenabled true|false ] [ -writeAce <Access Control Expression> ]
- REST
-
Request Type POST Request URL http[s]://<host>:<port>/rest/volume/modify?<parameters>
Parameters
- Parameter:
advisoryquota
- Possible Values: 0 or any other integer value.
- Parameter:
ae
- Possible Values: Name of the entity that owns the volume.
- Parameter:
aetype
- Possible Values:
-
0
=user
-
1
=group
-
- Parameter:
allowgrant
- Possible Values:
true
truefalse
- Parameter:
allowreadforexecute
- Possible Values:
true
false
- Parameter:
auditenabled
- Possible Values:
true
false
- Parameter:
autooffloadthresholdgb
- Possible Values: Any positive integer.
- Parameter:
cluster
- Possible Values: Any valid cluster.
- Parameter:
coalesce
- Possible Values: Set this parameter to a large number of minutes to prevent audit logs from growing quickly.
- Parameter:
compactionoverheadthreshold
- Possible Values: 0-100%
- Parameter:
compactionschedule
- Possible Values: Any valid schedule ID.
Set this parameter to
0
to disable the compactor. - Parameter:
containerallocationfactor
- Recommended value: 2* SP count in the volume topology.
- Parameter:
criticalrereplicationtimeoutsec
- Possible Values: Any integer between 300 and 3600 (seconds)
- Parameter:
dataauditops
- Possible Values: Any audit operations that you want to enable.
- Parameter:
disableddataauditops
- Possible Values: Any audit operations that you want to disable.
- Parameter:
dbindexlagsecalarmthresh
- Possible Values: Any integer value.
- Parameter:
dbrepllagsecalarmthresh
- Possible Values: Any integer value.
- Parameter:
ecenable
- Possible Values:
true
false
- Parameter:
ecscheme
- Possible Values: Any valid EC scheme.
- Parameter:
ectopology
- Possible Values: Any topology that exists in your environment.
- Parameter:
enforcementmode
- Possible Values:
PolicyAceOnly
PolicyAceAndDataAce
DataAceOnly
PolicyAceAuditAndDataAce
- Parameter:
enforceminreplicationforio
- Possible Values:
true
false
- Parameter:
filefilter
- Possible Values: Any file filter.
- Parameter:
forceauditenable
- Possible Values:
true
false
- Parameter:
group
- Possible Values: Any user with
Create Volume
privileges. - Parameter:
honorrackreliability <ec-rack-reliability : true | false>
-
NOTEThe
honorrackreliability
parameter considers each rack as a site. - Parameter:
maxinodesalarmthreshold
- Possible Values: Any positive integer.
- Parameter:
maxnssizembalarmthreshold
- Possible Values: Any positive integer.
- Parameter:
metricsenabled
- Possible Values:
true
false
- Parameter:
minreplication
- Possible Values: Can be any value that you desire based on the replication you need.
- Parameter:
mirrorschedule
- Possible Values:
0
or a valid schedule ID. - Parameter:
mirrorthrottle
- Possible Values:
true
false
- Parameter:
namecontainerdatathreshold
- Possible Values: Any integer value.
If you set this parameter to
0
, there is no limit on the size of user data that can be stored in the name container. - Parameter:
nsminreplication
- Possible Values: Any integer value.
- Parameter:
nsreplication
- Possible Values: Any integer value.
- Parameter:
name
- Possible Values: Not Applicable.
- Parameter:
numactivecgcontainers
- Possible Values: Any integer between 1 and 100.
- Parameter:
offloadschedule
- Possible Values: Any valid schedule ID. To disable schedule-based offload, set this value
to
0
. - Parameter:
quota
- Possible Values: Any integer value along with a unit.
- Parameter:
readAce
- Possible Values: Any valid permissions.
- Parameter:
readonly
- Possible Values:
0
1
- Parameter:
recallexpirytime
- Possible Values: Any integer between
1
and7500
. - Parameter:
replication
- Possible Values: Any integer starting at
0
. - Parameter:
rereplicationtimeoutsec
- Possible Values: Any positive integer.
- Parameter:
schedule
- Possible Values:
0
or a valid schedule ID. - Parameter:
skipwiresecurityfortierinternalops
- Possible Values:
true
false
- Parameter:
source
- Possible Values: Any volume.
- Parameter:
tierencryption
- Possible Values:
true
false
- Parameter:
tieringrule
- Possible Values: Name of any valid rule
- Parameter:
tierkey
- Possible Values:Any 32-character HEX string, or let CLDB auto-generate this string
- Parameter:
tiername
- Possible Values: Not Applicable
- Parameter:
type
- Possible Values:
mirror
rw
0
1
- Parameter:
user
- Possible Values: Any valid permissions
- Parameter:
wiresecurityenabled
- Default Value: true
- Parameter:
writeAce
- Possible Values: Any valid permissions
Examples
Change the source volume of the mirror "test-mirror" and update the atime value to 2 days:
/opt/mapr/bin/maprcli volume modify -name test-mirror -source volume-2@my-cluster -atimeUpdateInterval 2
curl -k -X POST 'https://abc.sj.us:8443/rest/volume/modify?name=test-mirror&source=volume-2@my-cluster&atimeUpdateInterval=2' --user mapr:mapr
Create a volume with namespace container replicas
/opt/mapr/bin/maprcli volume modify -name testVol -nsminreplication 2 -nsreplication 4 -json
{
"timestamp":1526528489360,
"timeofday":"2018-05-16 08:41:29.360 GMT-0700 PM",
"status":"OK",
"total":0,
"data":[
]
}
curl -k -X POST 'https://abc.sj.us:8443/rest/volume/modify?name=testVol&nsminreplication=2&nsreplication=4' --user mapr:mapr
{"timestamp":1526528556748,"timeofday":"2018-05-16 08:42:36.748 GMT-0700 PM","status":"OK","total":0,"data":[]}
Modify a volume to allow inheritance by a child volume
Sub-volumes (children) can inherit properties from their parent volume. The
maprcli volume create
and volume modify
commands
provide parameters for setting the inheritance feature. For a child volume to inherit
from a parent volume, the parent volume must grant permission, and the child volume must
be created specifying the volume name of the parent. In the following example, the
parent volume, parentVol, grants inheritance to child volumes.
/opt/mapr/bin/maprcli volume modify -name parentVol -allowgrant true
curl -k -X POST 'https://abc.sj.us:8443/rest/volume/modify?name=parentVol?allowgrant=true' --user mapr:mapr
Set and modify ACEs on a volume
- Overwrite existing values for access types that were previously set.
- Are set for access types that were not set.
/opt/mapr/bin/maprcli volume modify -name testVol -writeAce 'g:group1&(!u:user1|!r:role1)'
curl -k -X POST 'https://abc.sj.us:8443/rest/volume/modify?name=testVol&writeAce=g%3Agroup1%26%28%21u%3Auser1%7C%21r%3Arole1%29' --user mapr:mapr
Modify the list of operations that are audited
In the following example, the create operation is included for auditing and the lookup operation is excluded from auditing. There are no changes to operations that are not specified.
/opt/mapr/bin/maprcli volume modify -name parentVol -dataauditops +create,-lookup
curl -k -X POST 'https://abc.sj.us:8443/rest/volume/modify?name=p1&dataauditops=%2Bcreate%2C-lookup' --user mapr:mapr
Modify an existing volume to enable on-wire encryption:
/opt/mapr/bin/maprcli volume modify -name local2 -wiresecurityenabled true -json
{
"timestamp":1505205889697,
"timeofday":"2017-09-12 01:44:49.697 GMT-0700",
"status":"OK",
"total":0,
"data":[
]
}
# curl -k -X POST 'https://abc.sj.us:8443/rest/volume/modify?name=p1&wiresecurityenabled=true' --user mapr:mapr
{"timestamp":1526569299139,"timeofday":"2018-05-17 08:01:39.139 GMT-0700 AM","status":"OK","total":0,"data":[]}
/opt/mapr/bin/maprcli volume modify -name sampleVol -tieringrule ksTestRule -json
{
"timestamp":1526569498559,
"timeofday":"2018-05-17 08:04:58.559 GMT-0700 AM",
"status":"OK",
"total":0,
"data":[
]
}
curl -k -X POST 'https://abc.sj.us:8443/rest/volume/modify?name=sampleVol&tieringrule=ksTestRule' --user mapr:mapr
{"timestamp":1526569554743,"timeofday":"2018-05-17 08:05:54.743 GMT-0700 AM","status":"OK","total":0,"data":[]}
/opt/mapr/bin/maprcli volume modify -name sampleVol -offloadschedule 3 -recallexpirytime 3 -json
{
"timestamp":1526569615285,
"timeofday":"2018-05-17 08:06:55.285 GMT-0700 AM",
"status":"OK",
"total":0,
"data":[
]
}
curl -k -X POST 'https://abc.sj.us:8443/rest/volume/modify?name=sampleVol&offloadschedule=3&recallexpirytime=3' --user mapr:mapr
{"timestamp":1526569653267,"timeofday":"2018-05-17 08:07:33.267 GMT-0700 AM","status":"OK","total":0,"data":[]}
/opt/mapr/bin/maprcli volume modify -securitypolicy Lab_Security_Policy -name my_volume -json
{
"timestamp":1526569615285,
"timeofday":"2019-02-15 08:06:55.285 GMT-0700 AM",
"status":"OK",
"total":0,
"data":[
]
}
curl -k -X POST 'https://abc.sj.us:8443/rest/volume/modify?name=my_volume& \
securitypolicy=Lab_Security_Policy' --user mapr:mapr
{"timestamp":1526569653267,"timeofday":"2019-02-15 08:07:33.267 GMT-0700 AM","status":"OK","total":0,"data":[]}
The -securitypolicy
option in the
maprcli volume modify
command sets the volume to be tagged with the
specified policies, replacing any security policies that existed before the command was
run. This command works as follows, depending on the security policies that are
associated with this volume prior to invoking this command.
- If the volume initially has no security policy tags before invoking this command,
then it is tagged with the specified security policy
(
Lab_Security_Policy
in our example). - If the volume initially has two security policy tags before invoking this
command, say
Lab_Security_Policy
andSensitive_Data
, then theSensitive_Data Policy
security policy is disassociated from this volume, and the volume now has only theLab_Security_Policy
tag. - If the volume initially has one security policy tag, say
Sensitive_Data
, then theSensitive_Data
security policy is removed and replaced with the security policyLab_Security_Policy
. - If the volume has one security policy tag, say
Lab_Security_Policy
, which is the same as the security policy specified in the command, then modifications are not made.
Remove all security policies that are tagged to a volume
To remove all security policy tags from a volume, pass in an
empty string as the value of the securitypolicy
parameter.
For example:
/opt/mapr/bin/maprcli volume modify -securitypolicy "" -name my_volume
This code removes all security policy tags from the volume named
my_volume
.
curl -u mapr:mapr -k 'https://abc.sj.us:8443/rest/volume/modify?name=my_volume<securitypolicy=' | python -m json.tool
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 111 100 111 0 0 184 0 --:--:-- --:--:-- --:--:-- 190
{
"data": [],
"status": "OK",
"timeofday": "2018-09-03 11:20:13.282 GMT-0700 PM",
"timestamp": 1536042013282,
"total": 0
}
Disable scheduled snapshot creation
To disable a schedule, set the schedule
parameter to 0
.
For example:
/opt/mapr/bin/maprcli volume modify -name mapr.apps -schedule 0
/opt/mapr/bin/maprcli volume info -name mapr.apps -json | grep schedule
"scheduleid":"0",
"schedulename":"",
"mirrorscheduleid":"0"
Remove file filter from a volume
To remove a file filter use the special filefilter "" .
For example:
/opt/mapr/bin/maprcli volume modify -name noexec -filefilter ""