-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Am 02.02.2015 um 13:30 schrieb Sven Schwedas:> On 2015-02-02 12:56, Lars Hanke wrote: >> I currently plan to move my storage to Gluster. One of the >> anticipated advantages is to have Gluster replicate data among >> physical nodes, i.e. if one node dies the file service can live >> on. >> >> AD for authentication also replicates nice on distinct physical >> nodes. >> >> So the remaining single point of failure is the samba file >> service. Is there something more intelligent than: >> >> if not \\severA\share -> try: \\serverB\share? > > Use a common domain name for both servers (what AD does internally > for authentication), or use IP-based failover via Samba's CTDB.For Member Servers, you can use a clustred Samba installation with CTDB. But you can't on Samba AD DCs, because it's not compatible with CTDB. Regards, Marc -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEcBAEBAgAGBQJUz6OlAAoJEFNERvHO3m51hPMH/iCuKsSyJrIqEJV9F+jBBPEe 3kqRmYPEbO/wpMF2T3B3fps7OiQOElasudHLxj6Af83/RtcxUyv7J7uX2BBheY1g Bjh+dD68nhN/na04E2cm98+JPND7a2ZhE1JkL7Bj8PRow3hTfrR6ponNI3Hnbk+i mCQxYoUASPbZjdzFCqW4gJ21zFMVhy/5trUkqYLv8koXvDdDiHDhmZ/Ly2U+p2qe Y2nxeNlgg4Vrod+GfByczXnGenH3OaXAYxaZDCwHoO5UuAZsIVzzgUXi7ccOhjQn MnZoBF/BF7/Hfmlif3OKQw8sFP8xHoOPvO0HQj0vifzbN83suw4vUdZpWV7TBLA=qAUS -----END PGP SIGNATURE-----
>>> So the remaining single point of failure is the samba file >>> service. Is there something more intelligent than: >>> >>> if not \\severA\share -> try: \\serverB\share? >> >> Use a common domain name for both servers (what AD does internally >> for authentication), or use IP-based failover via Samba's CTDB. > > For Member Servers, you can use a clustred Samba installation with CTDB. > But you can't on Samba AD DCs, because it's not compatible with CTDB.Sorry, I'm totally new to Samba HA. My file servers join AD, but are not the DC itself. Does it mean that CTDB is an option or not? A common FQDN would mean I simply add two A records for e.g. smb.samdom.example.com, resolving to each IP of the file servers? Can it be as simple as that? Thanks for your help, - lars.
Am 02.02.2015 um 18:02 schrieb Lars Hanke:> My file servers join AD, but are not the DC itself. Does it mean that > CTDB is an option or not?Yes.> A common FQDN would mean I simply add two A records for e.g. > smb.samdom.example.com, resolving to each IP of the file servers? Can it > be as simple as that?A first start and introduction to CTDB you will find in the Wiki: https://wiki.samba.org/index.php/CTDB_Setup https://wiki.samba.org/index.php/Samba_CTDB_GPFS_Cluster_HowTo Regards, Marc
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi Lars, I have writen a Howto in German f?r CTDB with GlusterFS BUT there is still a problem. If you try to set the Filessystempermissions via Windows it is not working. You can't delete any of the permissions. If you wan't I can send it to you. I also writing a Howto for Samba CTDB with a Corosync, Pacemaker and OCFS2 Cluster. If you try it with Gluster please let me know, if the stting of the Permissions via Windwos is working for you. Stefan Am 02.02.15 um 18:02 schrieb Lars Hanke:>>>> So the remaining single point of failure is the samba file >>>> service. Is there something more intelligent than: >>>> >>>> if not \\severA\share -> try: \\serverB\share? >>> >>> Use a common domain name for both servers (what AD does >>> internally for authentication), or use IP-based failover via >>> Samba's CTDB. >> >> For Member Servers, you can use a clustred Samba installation >> with CTDB. But you can't on Samba AD DCs, because it's not >> compatible with CTDB. > > Sorry, I'm totally new to Samba HA. > > My file servers join AD, but are not the DC itself. Does it mean > that CTDB is an option or not? > > A common FQDN would mean I simply add two A records for e.g. > smb.samdom.example.com, resolving to each IP of the file servers? > Can it be as simple as that? > > Thanks for your help, - lars. > >-----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.16 (Darwin) iEYEARECAAYFAlTP0eYACgkQ2JOGcNAHDTZg3ACfe/0OFx5tTDY1x7E3uNuny/n2 tn4AnjMvwh3qoMzXJigzv/5OLBhBIkXi =AWVM -----END PGP SIGNATURE-----