Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
Next revisionBoth sides next revision
cloudappliance/appladmin [2020_06_25 13:09] – [SME Appliance System Admin Guide] jimcloudappliance/appladmin [2021_03_24 20:17] steven
Line 3: Line 3:
 ## 1 Software Stack  ## 1 Software Stack 
  
-{{:/cloudappliance:steps:sme_smearch.png}}+{{ ::sme_enterprise_file_fabric_logical_architecture.png?600 |}}
  
-The SME platform is built using open Internet technologies. The base operating system used s hardened Linux CentOS. HTTPD Apache Server is used for serving http requests and for temporary caching memcached is used. File Metadata is stored using a MySQL database. 
  
-The web interface is written in using PHP / HTML / Ajax, and protocol adapters are written using Perl.+The File Fabric is built using open Internet technologies. The base operating system used s hardened Linux CentOS. HTTPD Apache Server is used for serving http requests and for temporary caching memcached is used. File Metadata is stored using a MySQL database.
  
-By using standard components SME can be adopted and customized to a wide variety of deployments.+The web interface is written in  PHP / HTML / Ajax, and protocol adapters are written using Perl / Python.
  
-standard firewall friendly protocol HTTPS is used for communicating with the clients.+By using standard components the File Fabric can easily be adopted and customized to a wide variety of deployments and can be scaled up as well as out.
  
-The basic premises of SME is to act as a cloud gateway and auditcontrol and encryption point. All the files and data are stored in the provider. The SME platform only keeps the meta data e.g. file namesize (if available), security permissions.+A standard firewall friendly secure protocolHTTPSis used for communicating with clients.
  
-The apache server is stateless and can run on a separate host from the MySQL DB Server. This allows flexibility in deployment topologies for scalability and high availability using proven deployment configurations supported by apache web server (e.g. multiple web servers behind a load balancer) and MySQL DB (replication, data sharding).+The basic premises of the File Fabric is to unify content, whether stored on-cloud and/or on-premises, and provide a single audit, control and encryption point. All files continue to reside in the storage provider with the File Fabric only caching metadata e.g. file name, size (if available), security permissions. 
 + 
 +The Apache server is stateless and can run on a separate host from the MySQL DB Server. This allows flexibility in deployment topologies for scalability and high availability using proven deployment configurations supported by Apache web server (e.g. multiple web servers behind a load balancer) and MySQL DB (replication, data sharding). 
 + 
 +{{ ::sme_enterprise_file_fabric_replication_new.png?600 |}}
  
 ## 2 Components ## 2 Components
  
-{{:/cloudappliance:steps:sme_2_appliance_architectu.png}}+{{ ::logical-architecture.png?600 |}}
  
-SME is built as an open modular platform. All the functionality is available via the SME API and major components have hook points to integrate external system .e.g authentication , a new storage provider, payment gateway etc.+The File Fabric is built as an open modular platform. All the functionality is available via the File Fabric API and major components have hook points to integrate external system .e.g authentication , a new storage provider, payment gateway etc.
  
-Details of the SME API can be found at:+Details of the File Fabric API can be found at:
  
-https://storagemadeeasy.com/for_developers/+https://storagemadeeasy.com/?p=apidoc
  
 **Protocol Adaptors** **Protocol Adaptors**
  
-At the top of the SME Architecture diagram are protocol adapters The allow to access your data using multiple protocols from any supported storage provider.+At the top of the File Fabric Architecture diagram adjacent to the REST API are protocol adapters These allow to access data using multiple protocols and work with any configured storage provider.
  
-Out of the box SME supports:+Out of the box the File Fabric supports:
  
-  * REST/XML and REST/JSON: SME proprietary API. This is used by all the SME tools, is fully documented and can be used to develop custom applications.+  * REST/XML and REST/JSON: File Fabric proprietary API. This is used by all the File Fabric tools, is fully documented and can be used to develop custom applications.
  
-  * WebDav/HTTPS: Standard WebDav is protocol especially useful for iOS apps (Pages, Keynote, Numbers) that support WebDav+  * WebDav/HTTPS: Standard WebDav is protocol especially useful for integrating into user desktops without an Application deployment
  
   * FTP/FTPS: Standard FTP and FTP Secure protocol   * FTP/FTPS: Standard FTP and FTP Secure protocol
Line 41: Line 44:
 **Provider Sync Engine** **Provider Sync Engine**
  
-The provider Sync Engine s used to discover new data added to the provider outside of SMECan run in realtime, scheduled and manual mode.+The provider Sync Engine s used to discover new data which has been added to the storage provider outside of the File FabricThis can run in realtime, scheduled and manual mode.
  
-  * Real-time: new data is checked every time storage provider is accessed. For optimum performance only relevant subset of data is checked for new data. +  * Real-time: new data is checked every time storage provider is accessed by and end-user. For optimum performance only relevant subset of data is checked for new data. 
-  * Scheduled: storage provider is accessed at schedule interval. +  * Scheduled: storage provider is accessed at a set scheduled interval. 
-  * Manual: Administrator initiates a sync+  * Manual: File Fabric Administrator initiates a sync
  
-**Multi-Site Backup Engine**+**Multi-Site Backup and Archive Engine**
  
-Used to backup files updated via SME platform to another storage provider for disaster recovery and availability.+Used to backup files updated through the File Fabric to another storage provider for disaster recoveryand availability in the event of lost or damaged files and/or Ransomware attacks. Recovery can easily be facilitated by the [[https://storagemadeeasy.com/ForeverFile/|Forever File]] feature.
  
 **Access Control Module** **Access Control Module**
  
-The ACL module is responsible for applying permissions. Every operation is verified by the access control module to ascertain that the user has permission to perform the operation+The ACL module is responsible for applying permissions. Every operation is verified by the access control module to ascertain that the user has permission to perform the operation.
  
 **Audit Manager** **Audit Manager**
  
-The Audit module is used by all components to generate audit records for all file interactions. The granularity of this can be controlled at a per Organization level.+The Audit module is used by all components to generate audit records for all file interactions. The granularity of this can be controlled at a per Organization tenant level.
  
 **Encryption Engine** **Encryption Engine**
  
-The Encryption engine s used to encrypt data before sending to a remote cloud provider. It uses 256 bit encryption to encrypt data at rest. Further details on how this works and security can be referenced in the SME Security white paper.+The Encryption engine s used to encrypt data before sending to a remote cloud provider. It uses 256 bit encryption to encrypt data at rest. Further details on how this works and security can be referenced in the File Fabric Security white paper.
  
 **Payment Gateway** **Payment Gateway**
  
-The Payment Gateway enables Integration with external billing system and supports PayPal and Sage.+The Payment Gateway is available in the ISP edition of the product and it enables Integration with external billing system and out of the box supports PayPal.
  
 Custom payment gateways can also be integrated. Custom payment gateways can also be integrated.
Line 71: Line 74:
 **Storage Connectors** **Storage Connectors**
  
-SME supports more that 60 cloud storage providers including Amazon S3, OpenStack, MS Azure, Google Storage, WebDav and FTP.+The File Fabric supports more that 60 cloud storage providers including Amazon S3, S3 compatible storage, OpenStack, MS Azure, Google Storage, WebDav and FTP.
  
-Additional providers can be easily developed using a storage providers native API+Additional storage providers can be easily developed using a storage providers native API
  
 **Protocol Adaptors** **Protocol Adaptors**
  
-The protocol adaptors are the front end adaptors that are additional to the SME API. They enable access from a compatible S3 API, FTP/S, or Secure WebDav.+The protocol adaptors are the front end adaptors that are additional to the File FabricAPI. They enable access from a compatible S3 API, FTP/S, or Secure WebDav.
  
 ## 3 Administration  ## 3 Administration 
Line 225: Line 228:
  
  
-## 4 Monitoring +## Appliance Monitoring
- +
- +
-{{:/cloudappliance:appladmin:steps:sme_4_monitoring.png}} +
- +
-You can use any tool that support monitoring CentOS 7. +
- +
-We recommend monitoring the following parameters +
- +
-**Base OS** +
- +
-    vmstat     +
-    Procs            +
-    r: The number of processes waiting for run time.            +
-    b: The number of processes in uninterruptible sleep.      +
-    Memory            +
-    swpd: the amount of virtual memory used.            +
-    free: the amount of idle memory.            +
-    active: the amount of active memory.        +
-    Swap            +
-    si: Amount of memory swapped in from disk (/s).            +
-    so: Amount of memory swapped to disk (/s).      +
-    IO            +
-    bi: Blocks received from a block device (blocks/s).            +
-    bo: Blocks sent to a block device (blocks/s).      +
-    CPU            +
-    us: Time spent running non-kernel code. (user time, including nice time)            +
-    sy: Time spent running kernel code. (system time)            +
-    id: Time spent idle.              +
-    st: Time stolen from a virtual machine.%%'' +
- +
-**Disk Space** +
- +
-    df -k +
-    Filesystem                1K-blocks         Used Available Use% Mounted on/dev/mapper/VolGroup00-LogVol00                                 18187836    2903080   14345956   17% //dev/sda1 +
-         101086        20047      75820   21% /boottmpfs +
-         512468            0     512468    0% /dev/shm%%' +
- +
-**MySQL** +
- +
-**Number of connections** +
- +
-    SHOW STATUS LIKE "Connections" +
- +
-**Network Usage** +
- +
-Monitor the network traffic using your monitoring system. Or you can get the information from +
- +
-    cat /proc/net/dev +
- +
-**Total Number of Processes** +
- +
-    ps -e|sed 1d|wc -l +
- +
-**Recipes** +
- +
-**Increasing Disk Space** +
- +
-To increase the disk space please follow the instructions at the following [[http://kb.vmware.com/selfservice/microsites/search.do?cmd=displayKC&docType=kc&docTypeID=DT_KB_1_1&externalId=1006371|vmware kb article]] +
- +
-**Attaching a new Disk to The Appliance** +
- +
-To add a new disk to the appliance please follow the instructions at the following [[http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1003940|vmware kb article]] +
- +
-**Using a New Disk as Local Storage** +
- +
-The appliance is already configured with an FTP server listening on ip address 127.0.0.1 and port 2001. +
- +
-  * Add a new user with user home directory located on the newly attached disk mounted at _newdisk_ +
- +
-        adduser   -b /newdisk   -s /sbin/nologin localstorage#change the  +
- +
-        passwd localstorage +
- +
-  * Set home directory context for ///newdisk/localstorage// +
- +
-        chcon -R -t user_home_dir_t   /newdisk/localstorage +
- +
-  * Now you can add the a FTP provider to your SME account using the credentials +
-    - account login:localstorage +
-    - account password: the password you entered for localstorage user +
-    - server host:ftp://127.0.0.1 +
-    - server port:2001 +
-    - server home directory:/ +
- +
- +
-**Production CheckList**+
  
-  * ] SSL certificate Installed +See [[[cloudappliance/monitoring|]].
-  * ]Once you have installed SSL certificates enable https only in the configuration +
-  * [ ] Only have inbound port **443** open. If you are using CloudFTP then also open port **21** and **990** +
-  * [ ] Permanent IP address Configured +
-  * [ ] DNS Names Configured. Make sure webdav DNS is configured as webdav<DomaninName> e.g. if domain name is sme.yourdomain.com then webdav url should be webdavsme.yourdomain.com. +
-  * [ ] Passwords changed for default users +
-  * [ The date and time is set correctly in the appliance and not drifting.+
  
© Copyright 2024 Nasuni.