Page 5
D.2.2. Renaming a Domain in a Mirrored or DR Cluster ........... 62 D.3. Using DX Content Router to List Buckets and Objects ..........64 D.4. Boot Errors ......................64 D.5. Configuration ......................65 D.6. Operational Problems ..................... 65 E. Drive Identification API ...................... 67 E.1.
Chapter 1. Welcome to DX Storage 1.1. Overview of DX Storage As discussed in the DX Object Storage Getting Started Guide, the DX Storage product provides an object-based storage infrastructure over TCP/IP networks with a cluster of standard x86 based hardware. By default, DX Storage can be deployed on a wide variety of x86 hardware with minimal required configuration.
Chapter 2. Introduction to the Admin Console The web-based DX Storage Admin Console provides administrative, monitoring, and maintenance features for a DX Storage cluster. At a glance, you can view the status of the cluster, of individual nodes, and nodes' volumes. You can start up or shut down a node or the entire cluster, view health status, and view detailed monitoring statistics.
The cluster status page enables you to view cluster-wide information, such as number of nodes, cluster status, number of errors, number of streams, and capacity data. For more information, see Chapter 3, Managing the Cluster. 2.2.2. Viewing a Node's Status Page If you click a node's IP address, the node's status page displays, as follows.
Chapter 3. Managing the Cluster To access the Admin Console, see Chapter 2, Introduction to the Admin Console. This chapter discusses the following topics: • Section 3.1, “Viewing the Cluster Status Page” • Section 3.2, “Authenticating Cluster-Wide Actions” • Section 3.3, “Shutting Down or Restarting the Cluster” •...
(that is, the password is sent from your browser to the Admin Console in clear text). Dell strongly recommends you change admin's password immediately, that you use the names of real users, and that you encrypt users' passwords using Digest authentication. For more information, Section 6.2.3, “Securing the Administrator and Operator...
3.3. Shutting Down or Restarting the Cluster To shut down or restart all nodes in the cluster, click Shutdown Cluster or Restart Cluster in the top right of the Admin Console. Note It can take several minutes for the nodes to shut down or restart. 3.4.
The display of the cluster nodes and their status information is transmitted periodically. Therefore, there can be a delay of up to two minutes before node transitions are recorded on the admin console. This also means that the Admin Console view may differ slightly when two nodes are compared to each other.
Page 14
Note Dell recommends you do not set cluster-wide persisted parameters in individual node configuration files because these values must be the same for the whole cluster. Any values specified in a node configuration file are overridden by the cluster settings from the Admin Console.
clusterSettingsUUID is in your node or cluster configuration file is to enable the cluster to remember the settings UUID when all nodes are rebooted at once (for example, after certain upgrades, after a power outage, or after a network outage.) 3.7.1.
Page 16
below. Space used is calculated against the lesser of the total physical space or the licensed space. For instance, in a cluster with 4TB of physical space but only 2TB of licensed space where 1.5TB of space is used, the console would report 75% Space Used. Logical Threshold* Description Default Threshold Value...
Chapter 4. Managing Tenants This chapter discusses how to manage cluster tenants. A tenant corresponds to a corporation or an organizational unit and consists of the following DX Storage components, which the Admin Console creates for you: • A domain, which is a container for buckets and objects. •...
See one of the following sections for more information about tenants: • Section 4.1, “Terminology Related to Tenant Security” • Section 4.2, “About the Default Cluster Domain” • Section 4.3, “Security Privileges for Administrative Operations” • Section 4.4, “Rules and Recommendations for Managing Tenants” •...
Users who are not in any realm defined by the domain manager can perform only actions that require no authentication. • Application developer: Responsible for creating content in the domain (that is, buckets and objects for which they have privileges). 4.2.
4.3. Security Privileges for Administrative Operations The following table shows the privileges required to perform administrative operations in a domain, bucket, or in the objects contained by them. Operation Privilege required Create tenants CAStor administrator only. This realm is defined by the administrators parameter in your node or cluster configuration file.
• Dell strongly recommends you set up a default cluster domain (that is, a domain name that exactly matches the name of the cluster). Every object that has no domain explicitly defined for it belongs to the default cluster domain.
• It cannot contain a comma (,), colon (:), space, or slash (/) character. • It must be a valid UTF-8 byte sequence. • It cannot be an IPv4 or IPv6 IP address. • It is case-insensitive. Note To use named objects in your cluster, you must create at least one domain. Unnamed objects do not require a domain because you can access them using a UUID.
Page 23
Option Description Domain naming rules are discussed in Section 4.5, “Domain Naming Rules”. Renaming an existing domain is supported only using the Admin Console. Protection Setting All protection settings enable domain managers to maintain their own user list and the domain user list. The difference between protection settings is which realms can POST to the domain (that is, create buckets).
• User ID: Enter a name to identify the domain manager. Domain manager names can consist of ASCII characters only and cannot include a colon character (:). • Password: Enter the domain manager's password. • Re-Enter Password: Verify the password by entering it again. The following figure shows an example tenant.
Although you can update a user list using PUT, Dell recommends you use APPEND because PUT replaces the user list, which might disable other users' access to the same object.
Page 26
Apache wiki bug report page for up-to- date information about it. Dell testing and experience recommends you observe the following guidelines when using htdigest: • On Windows, avoid creating a password file with a reserved extension, such as .com. • If either the password file name or your realm name includes spaces, enclose the name in double quotes.
Page 27
4.7.1.3. Using Override to Resolve Authorization Specification Issues This section discusses how to resolve issues with authorization specifications that render objects inaccessible. You can perform these tasks to reset the authorization specification for any object, even an object for which an authorized user name and password are not known. To resolve this issue, you must PUT to the object the user list and the authorization specification using the admin query argument, authenticating with your cluster administrator credentials.
the next step or you can remove the Castor-Authorization header and allow another user to modify it. To remove the Castor-Authorization header, use PUT or POST with the admin query argument and your credentials to upload a user realm to the object but do not specify a Castor-Authorization header in the request.
Page 29
• The domain has been duplicated in a disaster recovery cluster; in other words, there are two domains with the same name in the same cluster. You can find more information about duplicate domains in a disaster recovery cluster in Section D.2, “Resolving Duplicate Domain Names in a Mirrored or Disaster Recovery (DR) Cluster”.
Chapter 5. Managing Nodes To access the Admin Console, see Chapter 2, Introduction to the Admin Console. 5.1. Viewing the Node Status Page To view the status of a node, click its IP address on the left side of the Admin Console. To search for a particular node, see Section 3.5, “Searching for Nodes By IP Address”.
Retiring a node or volume means all of its streams, including replicas, are transferred to other nodes in the cluster. Before you retire a node, you must make sure of both of the following: • There is enough capacity in the cluster for the objects on the retiring node to be replicating elsewhere.
Page 33
5.1.4.1. Hardware Status Reporting The expandable Hardware Status section of the Node Status page contains status and operational reporting if available for various hardware components installed on the node. Hardware status reporting is dependent on hardware that supports and populates IPMI sensors, SMART status, and in some cases manufacturer-specific components like SAS or iDRAC.
5.2. Displaying Subcluster Information When subclusters are configured, the Node List is grouped first by subcluster name and then by IP address of the nodes. The first row of each subcluster includes a roll up of the status for the nodes in the subcluster.
Chapter 6. Configuring the Node To configure certain cluster parameters, you must modify the node or cluster configuration in one of the following ways: • If your cluster boots from a CSN, it is already set up to PXE boot. See the DX Object Storage Cluster Services Node (CSN) Installation and Configuration Guide for more information about configuring the DX Storage cluster.
Page 36
The following table shows all configurations to control the operation of the DX Storage cluster nodes. If a parameter name displays as a link, click the link to jump to more information about that parameter. Option Name Default Description administrators {'admin':'ourpwdofchoice- List of usernames and passwords authorized here',...
Page 37
To prevent confusion, both in viewing the cluster from the administration console and downstream in applications like DX Content Router that might analyze the source cluster, Dell highly recommends that all nodes in the cluster be configured with the same cluster name. clusterSettingsUUID...
Page 38
Option Name Default Description domainHeaders none A comma-separated list of headers in which to search for the host in an SCSP request. By default, the setting is X-Forwarded- Host, Host gateway none IP address of the default gateway in the subnet.
Page 39
Option Name Default Description (see below). Maxreps is a ceiling that cannot be exceeded by individual lifepoint specifications. minreps The minimum number of stream instances that must be kept in the cluster. This is required to be 1 or higher. This is a floor that cannot be reduced by individual lifepoint specifications.
Page 40
Option Name Default Description optimize write performance in large clusters. NOTE: this setting is not compatible with DX Content Router versions 1.2 or earlier. repMulticastFrequency 1 Frequency with which UUIDs are multicast to verify replicas. By default this is set to 1% but can be changed to a higher approximate percentage (expressed as an integer) up to 100%.
Option Name Default Description to automatically assign storage volumes. Set to 0 to include all disk devices. volPluginURL none Location of the volume identification tar file plugin if different from the default IO script. vols none Specifies the volume storage devices that DX Storage can use.
'snmp':'ourpwdofchoicehere'} In the example, the CAStor administrators realm has two users, admin and snmp. Both users have the same password, ourpwdofchoicehere. For security reasons, Dell strongly recommends you change these users' passwords as soon as possible. Note The names admin and snmp are reserved and should not be changed. Changing or deleting these names results in errors and unpredictable performance.
6. Restart the cluster to use the new setting. Note that the admin user must always be specified in the administrators parameter, although Dell recommends you change the user's password. Specifying console administrative permissions in the configuration file on one node allows access to and control of all other nodes in the cluster when the console is accessed from that node.
Only one vols parameter is allowed in a configuration file. Warning DX Storage erases any non-DX Storage data on all the volumes it uses. Dell recommends you run DX Storage only on nodes that are free of non-DX Storage data.
When the keyword all is used, do not include any other device path specifications. Dell strongly recommends you use vols = all and discourages you from using Linux device paths. You can optionally exclude certain volumes from being used by DX Storage as discussed in Section 6.5.3, “Specifying...
6.5.3. Specifying Exceptions Although Dell recommends you allow DX Storage to use all disk volumes, you can optionally exclude certain volumes from being formatted and used by DX Storage. An example follows: vols = all except /dev/sda /dev/sdb As the example shows, except is used only with vols = all.
Your client might use an HTTP proxy that modifies the Host header, but the DX Storage domain name matches the original Host header. In that case, an HTTP proxy copies the original Host header into another header, typically X-Forwarded-Host. Use the domainHeaders configuration parameter to specify a search order for headers in which to find the host of a request.
Page 48
Example: timeSource = system Warning Extra care should be used when operating without an external NTP time source. Specifically, administrators will need to assure that all new nodes have their BIOS clocks set relatively close to the correct GMT time before they join the cluster. All DX Storage nodes set their clocks relative to GMT, not local time, and they do not change for daylight savings time.
Chapter 7. Managing Volumes In normal operations, there are no required actions on the part of the administrator in order to manage DX Storage volumes. However, there are some special cases that occur if a volume or a node has a problem or if the administrator wishes to perform hardware maintenance on a node. 7.1.
Page 50
guarantee that the extent of the error can be isolated or that the continued use of the failing device will allow the node to continue to operate normally with its other storage devices. For these reasons, DX Storage takes the conservative approach of retiring a device upon receipt of any physical errors. If a configurable number of additional errors are received during the retire, the volume will be forced off-line.
The processes parameter enables you to specify the number of independent DX Storage server processes that should be started in a physical chassis. Dell recommends you use n-1 processes for a chassis with n CPU cores. Using too many DX Storage server processes impairs performance.
shared for all processes so they only need to be specified a single time, as in a single-process implementation. For example, for a chassis with two processes, the following node or cluster configuration file entries could be utilized: processes = 2 ipaddress = 192.10.11.200 192.10.11.201 netmask = 255.255.0.0 gateway = 192.10.1.1...
Note If your multi-server configuration has more than one chassis, you must use the drive identification feature to determine which physical chassis a given virtual node belongs to in the subcluster. Nodes are sorted by IP address so it is possible that the Admin Console does not group nodes from different chassis together.
Appendix B. Using SNMP with DX Storage This appendix explains how to integrate a DX Storage cluster into an enterprise SNMP monitoring infrastructure. The DX Storage SNMP agent implementation provides the mechanism through which to monitor the health of cluster nodes, collect usage data, and control node actions. B.1.
B.2.2.1. Single Volumes When a volume is retired, all of the streams stored on it are moved to other nodes within the DX Storage cluster. Once the retirement of a volume is initiated, it becomes read-only and no additional streams will be stored on it. After all of the streams have been moved elsewhere in the cluster, the volume is idled and no further read/write requests will be made to it.
B.3.2. SNMP Examples with DX Storage The following example shows an SNMP walk of all the DX Storage values on a node. snmpwalk –v 2c –c pwd –m +CASTOR-MIB 192.168.1.101 caringo The following example shows the request of a specific SNMP variable from a DX Storage node. snmpget –v 2c –c pwd –m +CASTOR-MIB 192.168.1.101 caringo.castor.scsp.reads The following example shows a set request that will shutdown a DX Storage node.
B.3.3.5. volumeRecoverySuspend Writing to this object allows an administrator to suspend volume recovery behavior in the cluster during an upgrade or a network outage. B.3.4. Practical SNMP with DX Storage This section outlines some practical approaches to using the built-in SNMP agent in order to monitor the health and operational aspects of a DX Storage cluster.
Page 58
volUsedMbytes / volMaxMbytes These disk usage variables can be totaled for all disk volumes in a node and all nodes in a cluster in order to produce capacity utilization reports. B.3.4.3. Client Activity Reporting It can be useful to collect and report the amount of client activity received by nodes in order to understand end-user usage patterns.
Appendix C. Upgrading a License or Cluster C.1. Upgrading a License File It may periodically be necessary to update DX Storage's license file to add additional capacity or update customer information. All new license files must be either issued by your support representative or generated from the Licensing page of the CSN Console to ensure they have an electronic signature that is recognized and approved by DX Storage.
differences, and any issues that could change the manner in which the DX Storage cluster will process and store data. If using USB boot devices, they may be removed from the running nodes in order to view and backup the configuration and license files. The sticks or configuration server can then be updated using the instructions in the README.txt file found in the ISO update cd for the new version of DX Storage.
a single node before starting the others in order to verify that the software runs and that it can communicate with the network. Verify that the first node boots properly then power up the other nodes in the cluster. When a node is first booted, there is a default window of 15 minutes, controlled by the hpStartDelay parameter, before it will begin attempting to check for the absence of other nodes in the cluster.
Appendix D. Troubleshooting This discusses the following suggested solutions to problems with DX Storage: • Section D.1, “Restoring Domains and Buckets” • Section D.2, “Resolving Duplicate Domain Names in a Mirrored or Disaster Recovery (DR) Cluster” • Section D.3, “Using DX Content Router to List Buckets and Objects” •...
Page 63
Protection setting Castor-Authorization header All Users. No authentication Castor-Authorization: domain-name/ required _administrators, POST= Only users in this domain Castor-Authorization: domain-name/ _administrators, POST=domain-name Only users in domain Castor-Authorization: domain-name/ _administrators, POST=domain-name The difference between this protection setting and the preceding is that in this case, domain-name is the name of a different domain in the cluster.
Page 64
domain=cluster.example.com&admin&recreatecid=c0d0fa42bccac73cd3f2324bb53e40a5" --digest -u "admin:ourpwdofchoicehere" 5. Create the _administrators bucket for the domain. curl -i -X POST -H "Cache-Control: no-cache-context" -H "Castor- Authorization: domain-name/_administrators" -H "Castor-Stream-Type: admin" -H "lifepoint: [] reps=16" --data-binary '' --post301 --location- trusted "http://node-ip/_administrators?domain=domain-name&admin" -- digest -u "your-username:your-password" [-D log-file-name] Note The following error indicates you omitted --post301 from the command: CAStor Error Content-Length header is required...
If you added a domain manager successfully, the procedure completed successfully. There is likely an alert in the Admin Console due to not having an _administrators bucket for the domain. You can optionally clear the error from the Admin Console as discussed in the next step. 12.
When DX Content Router detects a duplicate domain, it logs a Critical error to its DX Storage Admin Console. If you are alerted to such an error, Dell suggests the following resolutions: • Recommended for a DR cluster conflict. Rename either domain in its source cluster.
To resolve a conflict in a mirrored configuration, skip this section and use Section D.2.2, “Renaming a Domain in a Mirrored or DR Cluster” instead. To rename a domain in the source cluster of a DR cluster, use the Admin Console as follows: 1.
Page 68
H "Castor-Stream-Type: admin" --anyauth -u "cluster-administrator- username:password" --location-trusted "http://node-ip?domain=domain- name&admin&aliasuuid=uuid&newname=new-domain-name" For example, to rename cluster.example.com to archive.example.com by sending commands to a node whose IP address is 172.16.0.35: 1. HEAD the domain to get its alias UUID: curl -I --anyauth -u "admin:ourpwdofchoicehere" --location-trusted "http://172.16.0.35?domain=cluster.example.com&admin"...
the domain from being cached. lifepoint: [] reps=16 enables the domain to be replicated as many times as possible. Castor-Stream-Type: admin is recommended for all objects that use a Castor-Authorization header. 2. Rename the domain. curl -i -X COPY -H "Castor-Authorization: archive.example.com/ _administrators, POST=archive.example.com"...
D.5. Configuration Symptom Resolution 1. After the system has booted, there is a Every node needs to have a node.cfg file on the message on the screen saying that the USB stick and all the volumes within the node configuration file is missing. need to be specified in the vols option.
Page 71
Symptom Resolution 3. You have read-only access to the Admin You added an operator (that is, a read-only Console even though you are a member of user) to the Castor operators realm but the Castor administrators realm, or did not add your administrator user name and you cannot view the Admin Console.
Appendix E. Drive Identification API As of the 4.0 release, DX Storage supports a drive identification function that allows an administrator to select a volume from the admin console and have the LED associated with the volume flash for a selectable period of time. By default, when the Identify function is enabled, DX Storage will continuously read blocks from the drive to force i/o activity and thereby flash the drive LED.
Appendix F. Customizing the Admin Console The console ships with a set of default styles. These styles are persisted in the following files. • console.css – baseline set of styles. • console_print.css – a small set of overrides for the printed page. •...
Appendix G. Open Source Software Regarding certain third party open source components also shipped with the product, please see the detailed information that appears in the document DX Storage OSS License Notices for 3rd Party Software.pdf. Your vendor will ship open/free/libre (for example, GPL-covered) source code for certain 3rd party items shipped with the product after receiving at vendor HQ a written request specifying the code component(s) that you seek accompanied by prepayment (check on U.S.