4.3. Configuring Samba
The following procedure initializes the Samba environment and configures Samba on the cluster nodes.
- On both nodes of the cluster, perform the following steps:
- Install the
samba
,ctdb
, andcifs-utils
packages.#
yum install samba ctdb cifs-utils
- If you are running the
firewalld
daemon, run the following commands to enable the ports that are required by thectdb
andsamba
services.#
firewall-cmd --add-service=ctdb --permanent
#firewall-cmd --add-service=samba --permanent
#firewall-cmd --reload
- Enter the following commands to ensure that these daemons are not running and do not start at bootup. Note that not all of these daemons may be present or running on your system.
#
systemctl disable ctdb
#systemctl disable smb
#systemctl disable nmb
#systemctl disable winbind
#systemctl stop ctdb
#systemctl stop smb
#systemctl stop nmb
#systemctl stop winbind
- In the
/etc/samba/smb.conf
file, configure the Samba server and set up the[public]
share definition. For example:#
cat << END > /etc/samba/smb.conf
[global]
netbios name = linuxserver
workgroup = WORKGROUP
server string = Public File Server
security = user
map to guest = bad user
guest account = smbguest
clustering = yes
ctdbd socket = /tmp/ctdb.socket
[public]
path = /mnt/gfs2share/public
guest ok = yes
read only = no
END
For information on configuring Samba as a standalone server, as in this example, as well as information on verifying thesmb.conf
file with thetestparm
utility, see the File and Print Servers section of the System Administrator's Guide - Add the IP address of the cluster nodes to the
/etc/ctdb/nodes
file.#
cat << END > /etc/ctdb/nodes
192.168.1.151
192.168.1.152
END
- For load balancing between the nodes of the cluster, you can add two or more IP addresses that can be used to access the Samba shares exported by this cluster to the
/etc/ctdb/public_addresses
file. These are the IP addresses that you should configure in DNS for the name of the Samba server and are the addresses that SMB clients will connect to. Configure the name of the Samba server as one DNS type A record with multiple IP addresses and let round-robin DNS distribute the clients across the nodes of the cluster.For this example, the DNS entrylinuxserver.example.com
has been defined with both the addresses listed under the/etc/ctdb/public_addresses
file. With this in place, DNS will distribute the Samba clients across the cluster nodes in a round-robin fashion. Please note that when implementing this scenario, the DNS entries should match your needs.Add the IP addresses that can be used to access the Samba shares exported by this cluster to the/etc/ctdb/public_addresses
file.#
cat << END > /etc/ctdb/public_addresses
192.168.1.201/24 eth0
192.168.1.202/24 eth0
END
- Create a Samba group, then add a local user for the public test share directory, setting the previously created group as the primary group.
#
groupadd smbguest
#adduser smbguest -g smbguest
- Make sure that the SELinux context are correct in the CTDB-related directories.
#
mkdir /var/ctdb/
#chcon -Rv -u system_u -r object_r -t ctdbd_var_lib_t /var/ctdb/
changing security context of ‘/var/ctdb/’ #chcon -Rv -u system_u -r object_r -t ctdbd_var_lib_t /var/lib/ctdb/
changing security context of ‘/var/lib/ctdb/’
- On one node of the cluster, perform the following steps:
- Set up the directories for the CTDB lock file and public share.
[root@z1 ~]#
mkdir -p /mnt/gfs2share/ctdb/
[root@z1 ~]#mkdir -p /mnt/gfs2share/public/
- Update the SELinux contexts on the GFS2 share.
[root@z1 ~]#
chown smbguest:smbguest /mnt/gfs2share/public/
[root@z1 ~]#chmod 755 /mnt/gfs2share/public/
[root@z1 ~]#chcon -Rv -t ctdbd_var_run_t /mnt/gfs2share/ctdb/
changing security context of ‘/mnt/gfs2share/ctdb/’ [root@z1 ~]#chcon -Rv -u system_u -r object_r -t samba_share_t /mnt/gfs2share/public/
changing security context of ‘/mnt/gfs2share/public’