User Tools

Site Tools

Trace: nas_on_debian
nas_on_debian

This is an old revision of the document!

Table of Contents

NAS on Debian 9

Introduction

I want to combine NAS storage functionality with Openstack KVM instances on one box. Cinder can use LVM as storage backend and I want to use bcache as SSD cacing in front of mdraid. On top runs LVM which is necessary for Cinder.

Debian 9

Why Debian? Debian 9 has got a very new kernel which is very wishful for using bcache. The bcache utilities are default in Debian repos. Ubuntu 16.04 LTS is not as new as the long lasting Debian 9.

Basic configuration

NTP

apt install chrony
/etc/chrony/chrony.conf
.
.
server 172.16.2.250 iburst
.
.
systemctl restart chrony
systemctl enable chrony

Network

apt install ifenslave-2.6 vlan
/etc/network/interfaces
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).

source /etc/network/interfaces.d/*

# The loopback network interface
auto lo
iface lo inet loopback

auto bond0
iface bond0 inet manual
  bond_mode 802.3ad
  bond_miimon 100
  bond_xmit_hash_policy layer2+3
  bond_updelay 200
  bond_downdelay 200
  bond_lacp_rate fast
  slaves eno1 eno2

auto vlan2
iface vlan2 inet static
  vlan_raw_device bond0
  address 172.16.2.3/24
  gateway 172.16.2.1

iface vlan2 inet6 static
  address 2a02:22a0:bbb7:402::3/64
  gateway 2a02:22a0:bbb7:402::1

auto vlan11
iface vlan11 inet static
  vlan_raw_device bond0
  address 172.16.3.3/24

iface vlan11 inet6 static
   address 2a02:22a0:bbb7:403::3/64

# dns-* options are implemented by the resolvconf package, if installed
dns-nameservers 2a02:22a0:bbb7:402::21 172.16.2.21 2620:0:ccc::2
dns-search mngt.bh.helux.nl

LDAP authentication with sssd

apt install sssd sssd-ldap
/etc/sssd/sssd.conf
[sssd]
config_file_version = 2
services = nss, pam
domains = LDAP

[nss]

[pam]

[domain/LDAP]
id_provider = ldap
auth_provider = ldap

ldap_uri = ldap://ldap.mngt.bh.helux.nl/
ldap_search_base = dc=helux,dc=nl

ldap_id_use_start_tls = true
ldap_tls_cacert = /usr/local/share/ca-certificates/cacert.crt

cache_credentials = true
enumerate = true
cd /usr/local/share/ca-certificates
wget http://ldap.mngt.bh.helux.nl/cacert.crt
update-ca-certificates
/usr/share/pam-configs/mkhomedir
Name: activate mkhomedir
Default: yes
Priority: 900
Session-Type: Additional
Session:
  required  pam_mkhomedir.so umask=0022 skel=/etc/skel
pam-auth-update
nas_on_debian.1502542187.txt.gz · Last modified: by herwarth

Page Tools

Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki