clustergroup addexternal
Imports an external NFS server or an external s3 server into a cluster group/global namespace.
The addexternal command adds an external NFS server or an external s3 server to the cluster group, thereby
making it part of the NFS/S3 global namespace.
Along with Data Fabric cluster entries, NFSv4 clients see a unified directory space across servers hosted from different locations. Data Fabric data can be copied to or transferred to an external NFS server, so that it is shareable across the clusters in the cluster group.
A NFSv4 client is referred directly to the external NFS server. Data Fabric comes into the picture only when the referral
point (like a soft link) is accessed, and after that the client directly
communicates with the NFS server. The authentication mechanism will be the same that
is used for mounting the global namespace (sec=none OR
sec=system OR sec=krb5).
sec=system), Data Fabric
and the external NFS should ideally be using same AD/LDAP. If the external NFS
server is using Kerberos authentication (sec=kerberos),
Data Fabric and the external NFS must be
using the same AD/LDAP + KDC server, otherwise external NFS server access will
be denied with EPERM. To view external NFS server details by using the maprcli, see clustergroup get cgtable. To remove the external NFS server from the
cluster group by using maprcli, see clustergroup remove cluster.
Syntax
- CLI
-
maprcli clustergroup addexternal -type Type of the external server being added, nfs/s3 -externalservername External server name that would appear in global namespace [ -ips In case of NFS and Generic S3, comma seperated list of external server ips ] [ -accesskey Access key in case of S3 server ] [ -secretkey Secret key in case of S3 server ] [ -s3vendor External S3 server vendor, either AWS OR GCP OR Generic ] [ -awsregion AWS region in case the S3 vendor type is AWS ] [ -force if provided skip checking external server ips Parameter takes no value ] [ -s3usetlsencryption Use TLSEncryption for external s3. default: true ] [ -s3serverport Port on which s3server is listening, default 9000 ] [ -s3servercertfile External S3 server certificate ] [ -s3servercertfilepath External S3 server certificate file path ] [ -s3servertransferproto S3 server transfer proto, either https or http, default https. - REST
Request Type POST Request URL http[s]://<host>:<port>/rest/clustergroup/addexternal?<parameters>
Parameters
| Parameter | Description |
|---|---|
|
|
(Required) Use nfs to add an external NFS
server. Use s3 to add external S3 server such
as AWS, GCP . |
externalservername |
(Required) Name of the external NFS server/S3 server or object storage like AWS , GCP, generic to display on the global namespace. |
ips |
(Conditionally Required) Required for NFS/generic S3 servers. List of one or more IP addresses or hostnames. An NFS server with multiple network interface controllers (NIC) is identifiable by more than one IP address or host name. Use comma as the separator, when you are specifying multiple IP addresses for the parameter. |
accesskey |
(Conditionally Required) Required for S3 servers. The
access key for the external AWS, GCP,generic
S3 server. NOTE Enclose the accesskey parameter in
quotes. |
secretkey |
(Conditionally Required) Required for S3 servers. The
secret key for the external AWS S3, GCP,
generic S3 server. NOTE Enclose the secretkey parameter in
quotes. |
awswebidrolearn |
AWS web-identity role ARN for secure token service or STS-based access. This field is applicable only for STS-based access to AWS S3 object storage. For more information about STS, see Integrating the AWS Security Token Service (STS) with Data Fabric. |
s3vendor |
(Conditionally Required) Required for S3 servers. Type of
S3 vendor. Use the value AWS while adding the AWS
S3 server. For other S3 vendors, use the value
generic. Use the value
GCP for GCP object storage.
|
awsregion |
(Conditionally Required) Required for AWS S3 servers. AWS region for the buckets that contain your data. |
gcpregion |
(Conditionally Required) GCP region for the buckets that contain your data. This field is applicable to GCP S3 server only. |
force |
(Optional) Pass the force parameter to
skip checking the external server IPs. The parameter does not
require a value to be specified. |
s3usetlsencryption |
(Optional) The field is applicable to generic S3 server import.
This is a flag indicating if TLS encryption is to be used for the
external S3 server. The default value for the flag is
true. The HTTPS protocol relies on TLS
encryption for secure communication. |
s3serverport |
(Optional) The port number for the generic S3 server on
which the communication with Data Fabric must happen.The default
value is 9000. |
s3servercertfile |
(Conditionally Required) Required for generic S3 servers. The S3 server security certificate content. This is applicable if the communication is to happen over the HTTPS protocol. |
s3servercertfilepath |
(Conditionally Required) Required for generic S3 servers . The file path of the S3 server security certificate. This is applicable if the communication is to happen over the HTTPS protocol. |
s3servertransferproto |
(Optional) The protocol to use to transfer external S3
server data over the Internet. https and
http are the allowed valid values. The default
value is https. |
Example
- CLI
- Add or import an external NFS server with the name
extnfsand associated IP address10.163.161.123.maprcli clustergroup addexternal -type nfs -externalservername extnfs -ips <ip address>
- REST
-
curl -u <username> -X POST https://abc.sj.us:8443/rest/clustergroup/addexternal?type=nfs&externalservername=extnfs&ips=<ip address>
- CLI
- Add or import an external AWS S3 server with the name
awsus1and AWS regionus-west-1.maprcli clustergroup addexternal -type s3 -externalservername awsus1 -accesskey "<access-key>" -secretkey "<secret-key>" -s3vendor AWS -awsregion us-west-1
- REST
-
curl -u <username> -X POST https://abc.sj.us:8443/rest/clustergroup/addexternal?type=s3&externalservername=awsus1&accesskey="<access-key>"&secretkey="<secret-key>"&s3vendor=AWS&awsregion=us-west-1
- CLI
- Add or import external Scality server having name
extscalityserver.maprcli clustergroup addexternal -type s3 -externalservername extscalityserver -ips <scality server ip> -accesskey <access-key> -secretkey <secret-key> -s3vendor Generic -s3serverport 443 -s3servercertfilepath <file path for server certificate>
- REST
-
curl -u <username> -X POST https://abc.sj.us:8443/rest/clustergroup/addexternal?type=s3&externalservername=extscalityserver&ips=<scality server ip>&accesskey="<access-key>"&secretkey="<secret-key>"&s3vendor=Generic&s3serverport=443&s3servercertfilepath=<file path for server certificate>
- CLI
- Add or import an external Vast server with the name
extvastserver.maprcli clustergroup addexternal -type s3 -externalservername extvastserver -ips <vast server ip> -accesskey <access-key> -secretkey <secret-key> -s3vendor Generic -s3serverport <portnumber> -s3servercertfile <server certificate content>
- REST
-
curl -u <username> -X POST https://abc.sj.us:8443/rest/clustergroup/addexternal?type=s3&externalservername=extvastserver&ips=<vast server ip>&accesskey="<access-key>"&secretkey="<secret-key>"&s3vendor=Generic&s3serverport=<portnumber>&s3servercertfile=<server certificate content>
- CLI
- Add or import an external GCP object storage with the name
gcp.maprcli clustergroup addexternal -type s3 -externalservername gcp -accesskey <accesskey> -secretkey <secretkey> -s3vendor GCP -gcpregion <gcp-region>
- REST
-
curl -u <username> -X POST https://abc.sj.us:8443/rest/clustergroup/addexternal?type=s3&externalservername=gcp&accesskey="<access key>"&secretkey="<secret key>"&s3vendor="GCP"&gcpregion=<gcp region>