4.2 KiB
Mounting Volumes
Managing mount points of local or network volumes can also be managed in Hiera.
Managing Mountpoints in Hiera
The configuration in Hiera is done with two parts:
- the definition of a mountpoint (
mounter::def::$NAME) - the list of mount points actually configured on a system (
mounter::mounts)
Due to this the mountpoints can be prepared once on a high scope (e.g. for all systems in an environment), but then the individual systems pick out whatever is required for them.
Example:
mounter::def::scratch:
ensure: 'mounted'
mountpoint: '/scratch'
device: '/dev/vg_data/lv_scratch'
type: 'xfs'
mounter::mounts:
- 'scratch'
The directory of the mountpoint is automatically created when missing.
For auto-mounts, add another option to the mountpoint definition:
auto: true
NFS
Remote NFS mountpoints can be defined as in following example:
mounter::def::controls:
'ensure': 'mounted'
'device': 'sls-hafs:/export/sls/controls'
'mountpoint': '/gfa/.mounts/sls_controls'
'type': 'nfs'
mounter::def::data1:
'ensure': 'mounted'
'device': 'x01dc-fs-1:/export/X01DC/Data1'
'mountpoint': '/sls/X01DC/Data1'
'type': 'nfs'
'options': 'soft,nfsvers=4,tcp,bg'
mounter::mounts:
- 'controls'
- 'data1'
Ideally use NFSv4 (option nfsvers=4.2) and Kerberos authentication (option sec=krb5) is used. For Kerberos please contact the Linux Core Group for support. We managed to get it running experimentally, but it might not run yet automatically from Puppet. And of course also the NetApp side needs to be prepared accordingly.
CIFS
Remote CIFS mountpoints can be defined as follows:
mounter::cifs::def::cifs_mpc2375:
ensure: 'present'
path: '/etc/cifs-utils'
cifs_username: 'allowedWindowsUser'
cifs_password: 'ENC[PKCS7,MIIBeQYJKoZIhvc...]'
mounter::cifs::files:
- 'cifs_mpc2375'
mounter::def::emf:
ensure: 'mounted'
device: '//172.23.75.16/Users'
mountpoint: '/emf/jeol2200fs/k2'
type: 'cifs'
options: 'credentials=/etc/cifs-utils/cifs_mpc2375,uid=35667,gid=35270,forcegid,file_mode=0660,dir_mode=0770'
mounter::mounts:
- 'emf'
In the above example, we need to create a credentials file with mounter::cifs::def::$NAME_. This file will
be called cifs_mpc2375 and will be located in /etc/cifs-utils and will contain information about the
username and password allowed to mount it.
On the other hand, a mount emf is defined. You should specify in options the location of credentials.
Other optional parameters are used. emf is mounted with type cifs, which will automatically ensure that
proper cifs-utils package is installed.
Ideally this would also support Kerberos (option multiuser,sec=krb5) then we would not need to deal with a mount username and password. We got that once running, but only by chance when there was also a NFS mount with Kerberos authentication which would prepare the according Kerberos host tickets. For CIFS RedHat misses some upcall configuration to do the same. RedHat support said that this might be fixed for 8.8, but it did not happen. How to configure this upcall or to prepare the Kerberos ticket that manually outside (e.g. regulary with a timer) we have not figured out yet.
AFS
AFS is depending on role already configured by default. Additionally it can be enabled or disabled in Hiera with base::enable_afs:
base::enable_afs: true
respectively to disable:
base::enable_afs: false
Following details can be modified, but are usually not required:
afs_client::mountpointafs_client::root_volumeafs_client::enable_dynrootafs_client::min_cache_size(e.g.8G)afs_client::filesafs_client::dcache
Bind Mounts
Bind mounts can be defined as follows:
mounter::def::e10550:
'ensure': 'mounted'
'device': '/gpfs/perf/MX/Data10-pro/e10550'
'mountpoint': '/sls/MX/Data10/e10550'
'type': 'none'
'options': 'bind,_netdev,x-systemd.requires-mounts-for=/gpfs/perf/MX/Data10-pro'
Note that beside the mandatory bind option there is
_netdevto be set when the directory to bind (device) is on a network volumex-systemd.requires-mounts-for=$OTHER_MOUNTPOINTensures that systemd prepares the bind mount after the volume on which the directory to bind (device) is located