What is unified-access ?
Unified file and object access allows use cases where you can access data using object as well as file interfaces. For example: If a user ingests a file from the SMB interface then users with valid access rights can access that file from the object interface. On the other hand, if a user ingests a object from object interface then users with valid access rights can access that file from file interface.
Why this post ?
- Configuration of Spectrum Scale for unified access
- Demo of unified access.
Details of cluster which I'll be using for demo::
User authentication details
Configuration of Unified Access
Step 1: Enable the file-access object capability from any protocol node
To validate whether unified access is enable you can check status ibmobjectizer service.
If unified access is enabled ibmobjectizer must be running on exactly one node.
Step 2: For this demo, I am using unified_mode for authentication.
In unified_mode users from object and file are expected to be common and coming from the same directory service (Note that I have LDAP user authentication configure for both object and file).
Check this for more information.
Step3: Create policy for unified access.
Following command will create policy with name 'swiftOnFile' with unified access enabled.
Let's check our freshly created policy for unified access.
You can make this policy default, though it is optional.
Demo of Unified Access
Now let's create a container and add a file in it.
I am going to use Swift Explorer for this.
If you are new to Swift Explorer please check my previous post to configure Swift Explorer -
Accessing Spectrum Scale Object Store using Swift Explorer
Create a container :
Upload a file :
Let's check where this file is uploaded on server.
Explanation for path :
Let's export this container with NFS check this file from file interface./ibm/cesSharedRoot -- Mount point for GPFS file systemobj_swiftOnFile -- Policy create CLI creates a directory depending upon your policy names56921512210z1device1 -- 's' followed by policy index followed by fixed suffix 'z1device1'AUTH_2de13f0dae4747b484ed06bc31b29835 -- Unique ID for a tenet with fixed prefix 'AUTH_'unified_access -- Name of container
Let mount it on some other machine --
Let's check our 'file1.txt'
Now try to ingest a file from NFS and try to get it from object interface
Let's check this new file from object interface.
You can get more information about unified access here.