Enload198

​​​

Guidelines to build a storage infrastructure for Windows File Services. It describes the typical deployment-related best practices used by system administrators and architects for integration with Microsoft® Active Directory® and services, securing and optimizing NetApp storage systems using CIFS or SMB 2.0 protocol. Microsoft Distributed File System (DFS) and DFS-Replication (DFS-R): The Microsoft equivalent is simple to manage from permissions as AD permissions can be applied to DFS virtual folders in a DFS Root. The virtual folders are assigned “targets” that can be spread across nodes. This is where DFS-R comes into the game. Jan 26, 2015 This paper explains how to deploy Microsoft Azure StorSimple, Windows file servers, and Windows Server Distributed File System Namespace to create a global namespace for all the shares created in StorSimple.

Answer

Overview

One of the important considerations for deploying NetApp storage to interoperate effectively with the VMware ESX/ESXi guest operating systems in a SAN/NFS environment is to utilize the NetApp recommended guest OS tunings in the virtual machines. This article describes the guest OS tunings utilized and the settings recommended by NetApp to help improve interoperability. The article also describes the purpose of updating guest OS tunings from the previous settings and provides guidance on adopting the updated guest OS tunings.

Why are guest OS tunings required?

The following are some reasons why guest OS tunings are required:

• To help improve error handling and interoperability during storage controller failover events.
• To improve recovery times following a storage controller failover event.

What are the guest OS tunings utilized?

In a typical VMware virtual machine deployment, the guests utilize the local SCSI disks served by the VMware vSphere hypervisor with the backing storage, either using VMware virtual disk (VMDK) or raw device map (RDM) formats. The guest OS tunings recommended are for the SCSI disks inside the virtual machines. In particular, the following is a list of the tunings for the different guest operating systems:

• Windows: disk timeout
• Linux: disk timeout
• Solaris: disk timeout and additional I/O tunings concerning busy/not-ready/reset retries and I/O throttle settings

What are the settings recommended?

Historically, the NetApp tools ESX Host Utilities 5.2.1 and VSC 4.0 set the disk timeout for the Windows, Linux, and Solaris guests to 190 seconds. In addition, they also make adjustments to the I/O tuning settings for the Solaris guest.

With the introduction of more advanced NetApp storage controller clustered technologies, in addition to aligning to newer versions of VMware vSphere best practices and to correct the vendor ID (VID) and product ID (PID) information on Solaris I/O tuning specifications, NetApp has decided to update the guest OS tunings. The following table summarizes the historical guest OS tunings and the updated guest OS tunings.

Guest OS Type	Historical Guest OS Tuning for SAN	Updated Guest OS Tuning for SAN
Windows	Boom boom boom hindi song 2012 mp3 free download. disk timeout = 190	disk timeout = 60
Linux	disk timeout = 190	disk timeout = 60
Solaris	disk timeout = 190 busy retry = 300 not ready retry = 300 reset retry = 30 max. throttle = 32 min. throttle = 8	disk timeout = 60 busy retry = 300 not ready retry = 300 reset retry = 30 max. throttle = 32 min. throttle = 8 corrected VID/PID specification

What are the NetApp guidelines for deployment?

Use the following guidelines to determine if you should update the guest OS tunings:

• There is no need to update the guest OS tunings for your VMware NFS deployment, the VMware Tools default timeout setting is sufficient. This KB addresses the guest OS tuning updates for a VMware SAN deployment.
• There is no need to update the Windows and Linux guest OS tunings in existing solutions that are working well with the historical guest OS tuning settings.
• For the Solaris guest OS, adopt the corrected VID/PID information provided below to help improve error handling and interoperability during storage controller failover events.
• When deploying new solutions with ESXi 5 and later, or Data ONTAP 8.1 and later, adopt the updated guest OS tunings to help improve the recovery times following a storage controller failover event.
• When upgrading the ESX/ESXi hosts or NetApp storage controller software to a recent release, utilize the opportunity to also deploy the updated guest OS tunings.
• If you are utilizing software iSCSI initiator from the guest OS, please follow respective NetApp documentations on the native OS interoperability requirements for supported configurations, multipathing configurations, and any additional required tunings in Host Utilities.

How to implement the updated guest OS tunings

You can manually configure the virtual machines with the recommended guest OS tunings or utilize the scripts bundled within VSC to implement the tunings. Reboot the guest after the tuning update for the settings to take effect.

Manual Configuration

Warning: Using Registry Editor incorrectly might cause serious problems that require reinstalling your operating system. Make a backup copy of the registry before making any changes to the Windows registry.

• Windows: Set Windows disk timeout to 60 seconds by using the TimeOutValue registry key located below:
  HKEY_LOCAL_MACHINESystemCurrentControlSetServicesDiskTimeOutValue

• Linux: Set Linux disk timeout to 60 seconds can be achieved by creating an udev rule with the following entry.
  DRIVERS'sd', SYSFS '0|7|14', RUN+='/bin/sh -c 'echo 60 > /sys$$DEVPATH/device/timeout'
  • Note that the Linux guest OS tuning script bundled with NetApp VSC adds a script to udev rules with an entry similar to the above. (Different Linux distribution might have a different location for the installed udev rule.)
  • In addition, the VMware Tools in the Linux guest OS provide an udev rule to set the disk timeout to 180 seconds automatically for VMware virtual disks. You can 'grep' for the 'VMware' vendor ID in the udev rules directory to find out which script was installed by VMware and modify it accordingly.
  • Verify again after a VMware Tools update to ensure the disk timeouts is at the desired value.
    
• RHEL 7.x:
  ACTION'add', SUBSYSTEMS'scsi', ATTRS{VENDOR}'VMware ', RUN+='/bin/sh -c 'echo 60 >/sys$$DEVPATH/timeout'
ACTION'add', SUBSYSTEMS'scsi', ATTRS{VENDOR}'NETAPP ', ATTRS{MODEL}'LUN ', RUN+='/bin/sh -c 'echo 60 >/sys$$DEVPATH/timeout'
ACTION'add', SUBSYSTEMS'scsi', ATTRS{VENDOR}'NETAPP ', ATTRS{MODEL}'LUN C-Mode ', RUN+='/bin/sh -c 'echo 60 >/sys$$DEVPATH/timeout'
  
• Solaris: Set Solaris disk timeout to 60 seconds can be done by having the following setting in the /etc/system file.
  set sd:sd_io_time=0x3c

The additional Solaris I/O tuning parameters can be added to /kernel/drv/sd.conf by specifying the following setting entries.

Solaris 10.0 GA thru Solaris 10u6:
sd-config-list='NETAPP LUN','netapp-sd-config',
'VMware Virtual','netapp-sd-config';
netapp-sd-config=1,0x9c01,32,0,0,0,0,0,0,0,0,0,300,300,30,0,0,8,0,0;

Deploying Microsoft Dfs With Netapp Storage Systems In Computer

Note: There are exactly two spaces between the vendor ID NETAPP and product ID LUN as well as between VMware and Virtual in the sd-config-list above.

Solaris 10u7 and later and Solaris 11:
sd-config-list= 'NETAPP LUN','physical-block-size:4096,retries-busy:300,retries-timeout:16,retries-notready:300,retries-reset:30,throttle-max:32,throttle-min:8',
'VMware Virtual','physical-block-size:4096,retries-busy:300,retries-timeout:16,retries-notready:300,retries-reset:30,throttle-max:32,throttle-min:8';

Utilizing scripts provided by VSC

NetApp Virtual Storage Console (VSC) provides the scripts to help reduce the efforts involved in manually updating the guest OS tunings. For more information on whether the scripts are used and to review the settings since earlier versions of VSC sets the disk timeout to 190 seconds, see the VSC documentation in the NetApp Support site.

The contents of KB 2010823 have been moved into this KB (formerly KB 41511).

-->

Distributed File Systems Namespaces, commonly referred to as DFS Namespaces or DFS-N, is a Windows Server server role that is widely used to simplify the deployment and maintenance of SMB file shares in production. DFS Namespaces is a storage namespace virtualization technology, which means that it enables you to provide a layer of indirection between the UNC path of your file shares and the actual file shares themselves. DFS Namespaces works with SMB file shares, agnostic of those file shares are hosted: it can be used with SMB shares hosted on an on-premises Windows File Server with or without Azure File Sync, Azure file shares directly, SMB file shares hosted in Azure NetApp Files or other third-party offerings, and even with file shares hosted in other clouds.

At its core, DFS Namespaces provides a mapping between a user-friendly UNC path, like contososharesProjectX and the underlying UNC path of the SMB share like Server01-ProdProjectX or storageaccount.file.core.windows.netprojectx. When the end user wants to navigate to their file share, they type in the user-friendly UNC path, but their SMB client accesses the underlying SMB path of the mapping. You can also extend this basic concept to take over an existing file server name, such as MyServerProjectX. You can use this capability to achieve the following scenarios:

• Provide a migration-proof name for a logical set of data. In this example, you have a mapping like contososharesEngineering that maps to OldServerEngineering. When you complete your migration to Azure Files, you can change your mapping so your user-friendly UNC path points to storageaccount.file.core.windows.netengineering. When an end user accesses the user-friendly UNC path, they will be seamlessly redirected to the Azure file share path.

• Establish a common name for a logical set of data that is distributed to multiple servers at different physical sites, such as through Azure File Sync. In this example, a name such as contososharesFileSyncExample is mapped to multiple UNC paths such as FileSyncServer1ExampleShare, FileSyncServer2DifferentShareName, FileSyncServer3ExampleShare. When the user accesses the user-friendly UNC, they are given a list of possible UNC paths and choose the one closest to them based on Windows Server Active Directory (AD) site definitions.

• Extend a logical set of data across size, IO, or other scale thresholds. This is common when dealing with user directories, where every user gets their own folder on a share, or with scratch shares, where users get arbitrary space to handle temporary data needs. With DFS Namespaces, you stitch together multiple folders into a cohesive namespace. For example, contososharesUserSharesuser1 maps to storageaccount.file.core.windows.netuser1, contososharesUserSharesuser2 maps to storageaccount.file.core.windows.netuser2, and so on.

You can see an example of how to use DFS Namespaces with your Azure Files deployment in the following video overview.

Note

Skip to 10:10 in the video to see how to set up DFS Namespaces.

Deploying Microsoft Dfs With Netapp Storage Systems Pdf

If you already have a DFS Namespace in place, no special steps are required to use it with Azure Files and File Sync. If you're accessing your Azure file share from on-premises, normal networking considerations apply; see Azure Files networking considerations for more information.

Namespace types

DFS Namespaces provides two main namespace types:

• Domain-based namespace: A namespace hosted as part of your Windows Server AD domain. Namespaces hosted as part of AD will have a UNC path containing the name of your domain, for example, contoso.comsharesmyshare, if your domain is contoso.com. Domain-based namespaces support larger scale limits and built-in redundancy through AD. Domain-based namespaces can't be a clustered resource on a failover cluster.
• Standalone namespace: A namespace hosted on an individual server, not hosted as part of Windows Server AD. Standalone namespaces will have a name based on the name of the standalone server, such as MyStandaloneServersharesmyshare, where your standalone server is named MyStandaloneServer. Standalone namespaces support lower scale targets than domain-based namespaces but can be hosted as a clustered resource on a failover cluster.

Requirements

To use DFS Namespaces with Azure Files and File Sync, you must have the following resources:

• An Active Directory domain. This can be hosted anywhere you like, such as on-premises, in an Azure virtual machine (VM), or even in another cloud.
• A Windows Server that can host the namespace. A common pattern deployment pattern for DFS Namespaces is to use the Active Directory domain controller to host the namespaces, however the namespaces can be setup from any server with the DFS Namespaces server role installed. DFS Namespaces is available on all supported Windows Server versions.
• An SMB file share hosted in a domain-joined environment, such as an Azure file share hosted within a domain-joined storage account, or a file share hosted on a domain-joined Windows File Server using Azure File Sync. For more on domain-joining your storage account, see Identity-based authentication. Windows File Servers are domain-joined the same way regardless of whether you are using Azure File Sync.
• The SMB file shares you want to use with DFS Namespaces must be reachable from your on-premises networks. This is primarily a concern for Azure file shares, however, technically applies to any file share hosted in Azure or any other cloud. For more information on networking, see Networking considerations for direct access.

Install the DFS Namespaces server role

If you are already using DFS Namespaces, or wish to set up DFS Namespaces on your domain controller, you may safely skip these steps.

To install the DFS Namespaces server role, open the Server Manager on your server. Select Manage, and then select Add Roles and Features. The resulting wizard guides you through the installation of the necessary Windows components to run and manage DFS Namespaces.

In the Installation Type section of the installation wizard, select the Role-based or feature-based installation radio button and select Next. On the Server Selection section, select the desired server(s) on which you would like to install the DFS Namespaces server role, and select Next.

In the Server Roles section, select and check the DFS Namespaces role from role list. You can find this under File and Storage Services > File and ISCSI Services. When you select the DFS Namespaces server role, it may also add any required supporting server roles or features that you don't already have installed.

After you have checked the DFS Namespaces role, you may select Next on all subsequent screens, and select Install as soon as the wizard enables the button. When the installation is complete, you may configure your namespace.

From an elevated PowerShell session (or using PowerShell remoting), execute the following commands.

Take over existing server names with root consolidation

An important use for DFS Namespaces is to take over an existing server name for the purposes of refactoring the physical layout of the file shares. For example, you may wish to consolidate file shares from multiple old file servers together on a single file server during a modernization migration. Traditionally, end user familiarity and document-linking limit your ability to consolidate file shares from disparate file servers together on one host, but the DFS Namespaces root consolidation feature allows you to stand-up a single server to multiple server names and route to the appropriate share name.

Although useful for various datacenter migration scenarios, root consolidation is especially useful for adopting cloud-native Azure file shares because:

• Azure file shares don't allow you to keep existing on-premises server names.
• Azure file shares must be accessed via the fully qualified domain name (FQDN) of the storage account. For example, an Azure file share called share in storage account storageaccount is always accessed through the storageaccount.file.core.windows.netshare UNC path. This can be confusing to end users who expect a short name (ex. MyServershare) or a name that is a subdomain of the organization's domain name (ex. MyServer.contoso.comshare).

Root consolidation may only be used with standalone namespaces. If you already have an existing domain-based namespace for your file shares, you do not need to create a root consolidated namespace.

Enabling root consolidation

Root consolidation can be enabled by setting the following registry keys from an elevated PowerShell session (or using PowerShell remoting).

Creating DNS entries for existing file server names

In order for DFS Namespaces to respond to existing file server names, create alias (CNAME) records for your existing file servers that point at the DFS Namespaces server name. The exact procedure for updating your DNS records may depend on what servers your organization is using and if your organization is using custom tooling to automate the management of DNS. The following steps are shown for the DNS server included with Windows Server and automatically used by Windows AD.

On a Windows DNS server, open the DNS management console. This can be found by selecting the Start button and typing DNS. Navigate to the forward lookup zone for your domain. For example, if your domain is contoso.com, the forward lookup zone can be found under Forward Lookup Zones > contoso.com in the management console. The exact hierarchy shown in this dialog will depend on the DNS configuration for your network.

Right-click on your forward lookup zone and select New Alias (CNAME). In the resulting dialog, enter the short name for the file server you're replacing (the fully qualified domain name will be auto-populated in the textbox labeled Fully qualified domain name). In the textbox labeled Fully qualified domain name (FQDN) for the target host, enter the name of the DFS-N server you have set up. You can use the Browse button to help you select the server if desired. Select OK to create the CNAME record for your server.

On a Windows DNS server, open a PowerShell session (or use PowerShell remoting) to execute the following commands, populating $oldServer and $dfsnServer, with the relevant values for your environment ($domain will auto-populate with the domain name, but you can also manually type this out as well).

Create a namespace

The basic unit of management for DFS Namespaces is the namespace. The namespace root, or name, is the starting point of the namespace, such that in the UNC path contoso.comPublic, the namespace root is Public.

If you are using DFS Namespaces to take over an existing server name with root consolidation, the name of the namespace should be the name of server name you want to take over, prepended with the # character. For example, if you wanted to take over an existing server named MyServer, you would create a DFS-N namespace called #MyServer. The PowerShell section below takes care of prepending the #, but if you create via the DFS Management console, you will need to prepend as appropriate.

To create a new namespace, open the DFS Management console. This can be found by selecting the Start button and typing DFS Management. The resulting management console has two sections Namespaces and Replication, which refer to DFS Namespaces and DFS Replication (DFS-R) respectively. Azure File Sync provides a modern replication and synchronization mechanism that may be used in place of DFS-R if replication is also desired.

Select the Namespaces section, and select the New Namespace button (you may also right-click on the Namespaces section). The resulting New Namespace Wizard walks you through creating a namespace.

The first section in the wizard requires you to pick the DFS Namespace server to host the namespace. Multiple servers can host a namespace, but you will need to set up DFS Namespaces with one server at a time. Enter the name of the desired DFS Namespace server and select Next. In the Namespace Name and Settings section, you can enter the desired name of your namespace and select Next.

The Namespace Type section allows you to choose between a Domain-based namespace and a Stand-alone namespace. If you intend to use DFS Namespaces to preserve an existing file server/NAS device name, you should select the standalone namespace option. For any other scenarios, you should select a domain-based namespace. Refer to namespace types above for more information on choosing between namespace types.

Select the desired namespace type for your environment and select Next. The wizard will then summarize the namespace to be created. Select Create to create the namespace and Close when the dialog completes.

From a PowerShell session on the DFS Namespace server, execute the following PowerShell commands, populating $namespace, $type, and $takeOverName with the relevant values for your environment.

Configure folders and folder targets

For a namespace to be useful, it must have folders and folder targets. Each folder can have one or more folder targets, which are pointers to the SMB file share(s) that host that content. When users browse a folder with folder targets, the client computer receives a referral that transparently redirects the client computer to one of the folder targets. You can also have folders without folder targets to add structure and hierarchy to the namespace.

You can think of DFS Namespaces folders as analogous to file shares.

In the DFS Management console, select the namespace you just created and select New Folder. The resulting New Folder dialog will allow you to create both the folder and its targets.

In the textbox labeled Name provide the name of the folder. Select Add.. to add folder targets for this folder. The resulting Add Folder Target dialog provides a textbox labeled Path to folder target where you can provide the UNC path to the desired folder. Select OK on the Add Folder Target dialog. If you are adding a UNC path to an Azure file share, you may receive a message reporting that the server storageaccount.file.core.windows.net cannot be contacts. This is expected; select Yes to continue. Finally, select OK on the New Folder dialog to create the folder and folder targets.

Now that you have created a namespace, a folder, and a folder target, you should be able to mount your file share through DFS Namespaces. If you are using a domain-based namespace, the full path for your share should be <domain-name><namespace><share>. If you are using a standalone namespace, the full path for your share should be <DFS-server><namespace><share>. If you are using a standalone namespace with root consolidation, you can access directly through your old server name, such as <old-server><share>.

See also

• Deploying an Azure file share: Planning for an Azure Files deployment and How to create an file share.
• Configuring file share access: Identity-based authentication and Networking considerations for direct access.