This site is a work in progress — you can help! Please see the Site news for details.

Samba

From Linux-HA

Jump to: navigation, search

Contents

Introduction

These (regrettably short) notes are intended to aid in the creation of Linux-HA/Pacemaker based Samba file servers. Here we are talking about active/passive configurations (i.e. one node running Samba, another node takes over if the first dies). For active/active, you need to use CTDB.


Basic Configuration

  • Configure some shared storage (DRBD, a SAN, whatever) on all nodes in the cluster.
    • If the filesystem is going to be mounted on all nodes, you need to use a clustered filesystem such as GFS2 or OCFS2 (in which case, you need to run Pacemaker on top of OpenAIS, not Heartbeat).
    • If it's only going to be mounted on one node at a time, any filesystem will do, but something that supports POSIX ACLs might do nicer (for interop via Samba with Windows ACLs).
  • Configure a shared/virtual IP address resource.
  • Configure Samba identically on all nodes in the cluster (/etc/samba/smb.conf, etc. needs to be the same on all nodes).
  • Make sure you set lock directory and private dir to a directory on your shared filesystem, or Bad Things Will Happen.
  • Only create Samba shares for directories on your shared filesystem.
  • Use the crm shell or GUI to create a Samba resource, using the smb LSB init script.
  • You probably also want to do the same for nmb and winbind.
  • Configure colocation and ordering constraints such that samba and friends run on the same node as your filesystem and IP address, and start after them.
  • Voila! You should now be able to access the samba shares via the virtual IP from client systems.
  • If one node fails, another will take over.


Active Directory Integration

  • Set netbios name in smb.conf to the name you want your Samba resource to have (make sure it's the same on all nodes).
  • On whichever node is currently running the Samba resource, join the AD domain (net ads join, etc. - refer to the Samba documentation for specifics).
  • That Samba instance should now be a member of the AD domain, and also be in the DNS (assuming your AD server is your DNS server).
  • Edit the DNS on the AD server and remove the node's physical IP address (only the virtual IP should be associated with the name).

This gives your resource a "virtual name" (to use the MSCS term).


Frequently Asked Questions

Is failover possible without dropping client connections?
Not with an active/passive configuration. You need to use CTDB and/or the tickle ACK feature in the portblock RA.
I have configured a cluster as described here and would like to contribute my deployment notes to this extremely helpful documentation effort. How can I do this?
Talk to tserong, or make some noise on the IRC channel or mailing list.

Retrieved from "http://linux-ha.org/wiki/Samba"
Personal tools