4.3. Configuring Samba
The following procedure initializes the Samba environment and configures Samba on the cluster nodes.
- On both nodes of the cluster, perform the following steps:
- Install the
samba,ctdb, andcifs-utilspackages.#
yum install samba ctdb cifs-utils - If you are running the
firewallddaemon, run the following commands to enable the ports that are required by thectdbandsambaservices.#
firewall-cmd --add-service=ctdb --permanent#firewall-cmd --add-service=samba --permanent#firewall-cmd --reload - Enter the following commands to ensure that these daemons are not running and do not start at bootup. Note that not all of these daemons may be present or running on your system.
#
systemctl disable ctdb#systemctl disable smb#systemctl disable nmb#systemctl disable winbind#systemctl stop ctdb#systemctl stop smb#systemctl stop nmb#systemctl stop winbind - In the
/etc/samba/smb.conffile, configure the Samba server and set up the[public]share definition. For example:#
cat << END > /etc/samba/smb.conf[global]netbios name = linuxserverworkgroup = WORKGROUPserver string = Public File Serversecurity = usermap to guest = bad userguest account = smbguestclustering = yesctdbd socket = /tmp/ctdb.socket[public]path = /mnt/gfs2share/publicguest ok = yesread only = noENDFor information on configuring Samba as a standalone server, as in this example, as well as information on verifying thesmb.conffile with thetestparmutility, see the File and Print Servers section of the System Administrator's Guide - Add the IP address of the cluster nodes to the
/etc/ctdb/nodesfile.#
cat << END > /etc/ctdb/nodes192.168.1.151192.168.1.152END - For load balancing between the nodes of the cluster, you can add two or more IP addresses that can be used to access the Samba shares exported by this cluster to the
/etc/ctdb/public_addressesfile. These are the IP addresses that you should configure in DNS for the name of the Samba server and are the addresses that SMB clients will connect to. Configure the name of the Samba server as one DNS type A record with multiple IP addresses and let round-robin DNS distribute the clients across the nodes of the cluster.For this example, the DNS entrylinuxserver.example.comhas been defined with both the addresses listed under the/etc/ctdb/public_addressesfile. With this in place, DNS will distribute the Samba clients across the cluster nodes in a round-robin fashion. Please note that when implementing this scenario, the DNS entries should match your needs.Add the IP addresses that can be used to access the Samba shares exported by this cluster to the/etc/ctdb/public_addressesfile.#
cat << END > /etc/ctdb/public_addresses192.168.1.201/24 eth0192.168.1.202/24 eth0END - Create a Samba group, then add a local user for the public test share directory, setting the previously created group as the primary group.
#
groupadd smbguest#adduser smbguest -g smbguest - Make sure that the SELinux context are correct in the CTDB-related directories.
#
mkdir /var/ctdb/#chcon -Rv -u system_u -r object_r -t ctdbd_var_lib_t /var/ctdb/changing security context of ‘/var/ctdb/’ #chcon -Rv -u system_u -r object_r -t ctdbd_var_lib_t /var/lib/ctdb/changing security context of ‘/var/lib/ctdb/’
- On one node of the cluster, perform the following steps:
- Set up the directories for the CTDB lock file and public share.
[root@z1 ~]#
mkdir -p /mnt/gfs2share/ctdb/[root@z1 ~]#mkdir -p /mnt/gfs2share/public/ - Update the SELinux contexts on the GFS2 share.
[root@z1 ~]#
chown smbguest:smbguest /mnt/gfs2share/public/[root@z1 ~]#chmod 755 /mnt/gfs2share/public/[root@z1 ~]#chcon -Rv -t ctdbd_var_run_t /mnt/gfs2share/ctdb/changing security context of ‘/mnt/gfs2share/ctdb/’ [root@z1 ~]#chcon -Rv -u system_u -r object_r -t samba_share_t /mnt/gfs2share/public/changing security context of ‘/mnt/gfs2share/public’
