clustergroup addexternal
Imports an external NFS server or an external s3 server into a cluster group/global namespace.
The addexternal command adds an external NFS server or an external s3 server to the cluster group, thereby
making it part of the NFS/S3 global namespace.
NOTE An external NFS server is a network file server hosted on a remote network,
typically in a different physical location.
Along with Data Fabric cluster entries, NFSv4 clients see a unified directory space across servers hosted from different locations. Data Fabric data can be copied to or transferred to an external NFS server, so that it is shareable across the clusters in the cluster group.
To view external NFS server details by using the maprcli, see clustergroup get cgtable. To remove the external NFS server from the
cluster group by using maprcli, see clustergroup remove cluster.
Syntax
- CLI
-
maprcli clustergroup addexternal -type Type of the external server being added, nfs/s3 -externalservername External server name that would appear in global namespace [ -ips comma seperated list of external server ips ] [ -accesskey Access key in case of S3 server ] [ -secretkey Secret key in case of S3 server ] [ -awswebidrolearn AWS web-identity role ARN for STS based access ] [ -s3vendor External S3 server vendor, either AWS OR GCP OR Generic ] [ -awsregion AWS region in case the S3 vendor type is AWS ] [ -gcpregion GCP region in case the S3 vendor type is GCP ] [ -force if provided skip checking external server ips Parameter takes no value ] [ -s3usetlsencryption Use TLSEncryption for external s3. default: true ] [ -s3serverport Port on which s3server is listening, default 9000 ] [ -s3servercertfile External S3 server certificate ] [ -s3servercertfilepath External S3 server certificate file path ] [ -s3servertransferproto S3 server transfer proto, either https or http, default https. default: https ] - REST
-
N/A
Parameters
| Parameter | Description |
|---|---|
type |
Use nfs to add an external NFS server. Use s3 to add an external S3
server. |
externalservername |
Name of the external NFS server or S3 server to display on the global namespace. |
ips |
List of one or more IP addresses. An NFS server with multiple network interface controllers (NIC) is identifiable with more than one IP addresses or hostnames. Use comma as the separator, when you are specifying multiple IP addresses for the parameter. |
accesskey |
The access key for the external AWS/GCP/generic S3 server. NOTE Enclose the
accesskey parameter in quotes. |
secretkey |
The secret key for external S3 server. This field is applicable
to AWS S3 and GCP S3 server only. NOTE Enclose the
secretkey parameter in
quotes. |
awswebidrolearn |
AWS web-identity role ARN for STS-based access. For more information about STS, see Integrating the AWS Security Token Service (STS) with Data Fabric in the as-a-service documentation. |
s3vendor |
Type of S3 vendor. Use the value, AWS while
adding AWS S3 server. For GCP use the value GCP.
For other S3 vendor, use the value, generic. |
awsregion |
AWS region for the buckets that contain your data. This field is applicable to AWS S3 server only. |
gcpregion |
GCP region for the buckets that contain your data. This field is applicable to GCP S3 server only. |
force |
When the force parameter is mentioned in the
command, external server ips checking is skipped. The parameter does
not require a value to be specified. |
s3usetlsencryption |
The field is applicable to generic S3 server import. This is a flag indicating if TLS encryption is to be used for the external S3. The default value for the flag is true. The HTTPS protocol relies on TLS encryption for secure communication. |
s3serverport |
The port number for the generic S3 server at which the communication with Data Fabric must happen. This is an optional parameter. The default value is 9000. |
s3servercertfile |
The S3 server security certificate content. This is applicable if the communication is to happen over the HTTPS protocol. |
s3servercertfilepath |
The file path of the S3 server security certificate. This is applicable if the communication is to happen over the HTTPS protocol. |
s3servertransferproto |
The protocol to use to transfer external S3 server data over the
internet. https and http are the
allowed valid values. This is an optional parameter. The default
value is https. |
Example
Add or import external NFS server having name extnfs and associated IP address as 10.163.161.123.maprcli clustergroup addexternal -type nfs -externalservername extnfs -ips 10.163.161.123Add or import external AWS S3 server having name
Add or import external Scality server having
name awsus1 and AWS region
us-west-1.maprcli clustergroup addexternal -type s3 -externalservername awsus1 -accesskey "<access-key>" -secretkey "<secret-key>" -s3vendor AWS -awsregion us-west-1
extscalityserver.
maprcli clustergroup addexternal -type s3 -externalservername extscalityserver -ips <scality server ip> -accesskey <access-key> -secretkey <secret-key> -s3vendor Generic -s3serverport 443 -s3servercertfilepath <file path for server certificate >
extvastserver.
maprcli clustergroup addexternal -type s3 -externalservername extvastserver -ips <vast server ip> -accesskey <access-key> -secretkey <secret-key> -s3vendor Generic -s3serverport <portnumber> -s3servercertfile <server certificate content>
Add or import external GCP S3 server having
name
gcpus1 and GCP region
us-central1.maprcli clustergroup addexternal -type s3 -externalservername gcpus1 -accesskey "<access-key>" -secretkey "<secret-key>" -s3vendor GCP -gcpregion us-central1
Configure an external S3 object store to use STS access by using
the
-awswebidrolearn
option:maprcli clustergroup addexternal -type s3 -s3vendor aws -awswebidrolearn 'arn:aws:iam::74601xxxxxxx:role/Keycloak-webid-s3-readonly'