Versions Compared

Old Version 20

changes.mady.by.user Francesco Murdaca

Saved on

compared with

New Version Current

changes.mady.by.user Uroosa Farooq

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Info

The content of this article only apply to the users of the EUMETSAT part of the EWC.

Table of Contents

Pre-requisites

Warning

Setting up SFS in a tenancy can be done only by users with ewcloud-tenant-admin role!


Ticket

SFS should be available for tenants created after 28/10/2022, if the tenant is older and you wish to use SFS, please open us a ticket here.

1. Create Server Openstack SFS

1.1 From Morpheus go to Infrastructure → Storage, select the Servers tab and click +ADD

...

Once saved this will create the storage server.

2. Create a File share

Now that you have a storage server for SFS, you can create the File shares,

...

This will create the Shared Filesystem in the storage backend. Wait until you have the "Share Path:" defined in Morpheus. This will take some time.

3. Network configuration required for the VMs that need to access the SFS

Now that you have created the SFS, you can use it in a VM.

...

Once provisioned is finished, ssh into your machine and verify if the SFS network is up:

Code Block
ip addr show

Ubuntu 22 known issue due to race condition in cloud-init - Nov 2023

When running the ip addr show  command, you will notice that one network is not up by default. This is due to a known issue in Ubuntu 22 cloud-init that will be fixed in future updates.

Image Removed

If the SFS network is not UP by default. You need to perform these extra instructions as sudo:

...

network: {config: disabled} 

Modify and save the cloud file at this path /etc/netplan/50-cloud-init.yaml adding the following lines in the list of ethernets:

Code Block
        ens4:
            dhcp4: true
            match:
                macaddress: COPY HERE THE ONE IDENTIFED FROM the command ip addr show for ens4 (e.g. fa:16:3e:14:d6:4c)
            set-name: ens4
            optional: true

So you will have something like this at the end:

Code Block
# This file is generated from information provided by the datasource.  Changes
# to it will not persist across an instance reboot.  To disable cloud-init's
# network configuration capabilities, write a file
# /etc/cloud/cloud.cfg.d/99-disable-network-config.cfg with the following:
# network: {config: disabled}
network:
    ethernets:
        ens3:
            dhcp4: true
            match:
                macaddress: fa:16:3e:c3:6d:1f
            set-name: ens3
        ens4:
            dhcp4: true
            match:
                macaddress: fa:16:3e:14:d6:4c
            set-name: ens4
            optional: true

    version: 2



Run the following command:

Code Block
netplan apply

...

Finally verify the network is up, running ip addr show  again

Image Removed

4. Adding permissions to use the Shared Filesystem

Once the Shared Filesystem is created, you need to add access rules to allow read-only or read/write operations to one machine or multiple machines.

...

You will be able to see your private network and sfs network IPs:


5. Mount file share to VM

Now that everything is configured and permissions have been given for access, you can login into your machine and mount the shared filesystem in a VM using the following commands:

...

To test this, unmount the share with sudo umount /sfs-test  and then run sudo mount -a .  This should cause the share to mount again if you have everything correct, otherwise you'll see an error message.  If it worked, it's then safe to reboot the machine to test mounting on boot up.   If it didn't work, don't reboot until you've fixed it or commented out the entry as it may prevent a proper boot up and you'd have to look at the VM console in Morpheus to correct the problem.


6. Managing Directory Permissions

When setting up your Shared File System (SFS) share, it's important to ensure correct directory permissions to maintain security and accessibility. Below are recommendations for managing directory permissions, and you can choose the one that best fits your requirements

  1. Change Ownership: Use the chown command to change the ownership of directories and files to specific users or groups. This ensures that the appropriate users have access to the files and directories. For example:

    sudo chown -R desired_user:desired_group /path/to/mount/point

  2. Grant Write Permissions: If needed, grant write permissions to everyone on the base directory using the chmod command. However, this is less secure but convenient for a small, trusted group. For example:

    sudo chmod a+w /path/to/mount/point

  3. Create Subdirectories Securely: When creating subdirectories, it's recommended to do so as the root user and then change the ownership to the target user or users. This approach enhances security, especially for single users.

  4. Utilize Shared Groups: If multiple users need access, consider using the Unix group model and changing the ownership to a shared group. This allows multiple users to share a directory securely.


By following any of these steps, you can effectively manage directory permissions on your SFS share, ensuring both security and accessibility.