Table of Contents

**This is an old revision of the document!**

Enterprise File Fabric Admin Guide

1 Software Stack

The File Fabric is built using open Internet technologies. The base operating system used is hardened Linux CentOS. HTTPD Apache Server is used for serving http requests and for temporary caching memcached is used. File Metadata is stored using a MySQL database.

The web interface is written in PHP / HTML / Ajax, and protocol adapters are written using Perl / Python.

By using standard components the File Fabric can easily be adopted and customized to a wide variety of deployments and can be scaled up as well as out.

A standard firewall friendly secure protocol, HTTPS, is used for communicating with clients.

The basic premise of the File Fabric is to unify dispersed storage content, whether stored on-cloud and/or on-premises, and provide a single audit, control and encryption point. All files continue to reside in the storage provider with the File Fabric only caching metadata e.g. file name, size (if available), security permissions.

The Apache server is stateless and can run on a separate host from the MySQL DB Server. This allows flexibility in deployment topologies for scalability and high availability using proven deployment configurations supported by Apache web server (e.g. multiple web servers behind a load balancer) and MySQL DB (replication, data sharding).

2 Components

The File Fabric is built as an open modular platform. All the functionality is available via the File Fabric API and major components have hook points to integrate external system .e.g authentication , a new storage provider, payment gateway etc.

Details of the File Fabric API can be found at:

https://storagemadeeasy.com/?p=apidoc

Protocol Adaptors

At the top of the File Fabric Architecture diagram adjacent to the REST API are protocol adapters These allow to access data using multiple protocols and work with any configured storage provider.

Out of the box the File Fabric supports:

  • REST/XML and REST/JSON: File Fabric proprietary API. This is used by all the File Fabric tools, is fully documented and can be used to develop custom applications.
  • WebDav/HTTPS: Standard WebDav is protocol especially useful for integrating into user desktops without an Application deployment
  • FTP/FTPS: Standard FTP and FTP Secure protocol

Provider Sync Engine

The provider Sync Engine is used to discover new data which has been added to the storage provider outside of the File Fabric. This can run in realtime, scheduled and manual mode.

  • Real-time: new data is checked every time a storage provider is accessed by and end-user. For optimum performance only relevant subset of data is checked for new data.
  • Scheduled: storage provider is accessed at a set scheduled interval.
  • Manual: File Fabric Administrator initiates a sync

Multi-Site Backup and Archive Engine

Used to backup files updated through the File Fabric to another storage provider for disaster recovery, and availability in the event of lost or damaged files and/or Ransomware attacks. Recovery can easily be facilitated by the Forever File feature.

Access Control Module

The ACL module is responsible for applying permissions. Every operation is verified by the access control module to ascertain that the user has permission to perform the operation.

Audit Manager

The Audit module is used by all components to generate audit records for all file interactions. The granularity of this can be controlled at a per Organization tenant level.

Encryption Engine

The Encryption engine s used to encrypt data before sending to a remote cloud provider. It uses FIPS certified 256 bit encryption to encrypt data at rest. Further details on how this works and security can be referenced in the File Fabric Security white paper.

Payment Gateway

The Payment Gateway is available in the ISP edition of the product and it enables Integration with external billing system and out of the box supports PayPal.

Custom payment gateways can also be integrated.

Storage Connectors

The File Fabric supports more that 60 cloud storage providers including Amazon S3, S3 compatible storage, OpenStack, MS Azure, Google Storage, SMB / NAS / SAN, WebDav and FTP/SFTP.

Additional storage providers can be easily developed using a storage providers native API

Protocol Adaptors

The protocol adaptors are the front end adaptors that are additional to the File FabricAPI. They enable access from a compatible S3 API, FTP/S, or Secure WebDav.

3 Administration

For these commands you will need to su as root 

$ ssh smeconfiguser@appliance IP address
# after login su as root//
-bash-3.2$ su - root
Password:
root@appliance:~ #

Security Enhanced Linux (selinux) 

selinux is enabled by default.

Check Status of selinx 

    sestatus
    SELinux status:                 enabled
    SELinuxfs mount:                /sys/fs/selinux
    SELinux root directory:         /etc/selinux
    Loaded policy name:             targeted
    Current mode:                   enforcing
    Mode from config file:          enforcing
    Policy MLS status:              enabled
    Policy deny_unknown status:     allowed
    Max kernel policy versions:     28

Temporarily Disable selinux

You can temporarily disable sexlinux by running the following command. 

  echo 0 >/selinux/enforce

Enable selinux

To enable selinux run the command 

  echo 1 >/selinux/enforce

Cloud FTP

CloudFTP is an FTP implementation on top of Clouds that do not natively support FTP. Once a Cloud has been added to an account, you can access it from any FTP Client.

Stopping CloudFTP 

  service cloudftp stop
  stopping cloud ftp...

Starting CloudFTP 

  service cloudftp start
  starting cloud ftp...
  starting cloud ftps...
  starting cloud sftp...

Apache HTTP Server

Start HTTP Server 

  service httpd start

Stop HTTP Server 

  service httpd stop

HTTPD Logs

Httpd server logs are located at /etc/httpd/logs

HTTPD Configuration

HTTPD server configuration files are located in the following 2 directories 

/etc/httpd/conf

/etc/httpd/conf.d

MySQL Database

Start MySQL 

  service mysqld start

Stop MySQL 

service mysqld stop

MySQL Data Files 

/var/lib/mysql

MySQL Configuration 

/etc/my.cnf

Backup MySQL Database

You can backup the meta-data database using the following command 

mysqldump -p   smestorage >smestorage.sql

Memcached

Memcached currently exists in two forms - classic, and new.

To detetermin which you have, run the following command : 

yum list installed | grep sme-containers-memcached && echo "New Memcached installed"

If the output contains the message “New Memcached installed” then you have the new Memcached installed

Start New Memcached 

cd /var/www/smestorage/containers/memcached/
docker-compose up -d

Stop New Memcached 

 cd /var/www/smestorage/containers/memcached/
  docker-compose down

New Memcached Config File 

  cd /var/www/smestorage/containers/memcached/.env

Start Classic Memcached 

service memcached start

Stop Classic Memcached 

  service memcached stop

Classic Memcached Config File 

  /etc/sysconfig/memcached

FTP Server

Start FTP Server 

service vsftpd start

Stop FTP Server 

  service vsftpd stop

FTP Server Configuration 

/etc/vsftpd

Application Log Location

The File Fabric application logs are located at 

  /var/www/smestorage/sitelogs

A brief description below 

  * allmails.txt all sent mails to address and subject are logged here
  * errorlogs.txt Any application error is logged here
  * errorlogs_trace.txt Contains full trace of errors in errorlogs.txt
  * logits.txt All general application logging

Appliance Monitoring

See Systems Monitoring.

© Copyright 2024 Nasuni.