Use ZFS and CIFS to create a home NAS box

Over the winter break, my son and I spent some quality timetogether and we created a little home NAS server. We had a great timeand we both learned a lot. I learned how much I love OpenSolaris (andhow little I know about Windows) and my son got a glimpse of what I doat work. I had forgotten how important it is for 11 year olds to knowwhat their dads do. My son also learned a little about computerhardware and how to use a UNIX command line.

This post details what we did to get our NAS box up and running as well as some of the challenges we faced.

What's the Problem?

Wetook on this challenge primarily as a learning experience, but we alsowanted to solve a real problem. We have a few Windows XP machines athome and there is always some type of contention with the music andhomework stored on one of the machines. Typically, the contention isthat I'm working at home (on my OpenSolaris laptop) using the monitorattached to the “primary” Windows machine and the rest of the family istrying to use the Windows laptop to listen to music or get a homeworkfile. A while back, I created a Windows Share on the “primary” desktop,but firewalls and other problems kept making the share go away. So, Idecided that with the new CIFS server in OpenSolaris, it was a greattime to use ZFS and CIFS to create a home NAS box and replace theWindows share machine.

Step 1: Getting the Hardware

To getstarted, I had to find hardware for the NAS box. The good thing aboutworking for Sun is that there is always old hardware lying around. WhenI entered our lab, I quickly found a stack of unused multipacks. Whilethey were pretty old and unexciting (6 x 40GB drives), they wouldprovide a great way to use ZFS and I didn't need much storage, yet. Theother thing I found was a recently retired W2100Z workstation. This isa great platform with dual 64-bit AMD processors, an internal SCSIdrive, and a place to put 3 more drives. I also found some DIMMs forthe W2100Z and an extra SCSI card. Sweet! This was everything we neededto get started.

Step 2: Assembling the Hardware

Since myson had never seen the inside of a computer, we started by opening upthe W2100Z case and walking through the hardware components. “Here's aCPU, there's a controller, that's the power supply”... stuff like that.Also, I did a quick lesson about static electricity. There is a lot of static in January in Colorado , so I showed him how to “attach” himself to the computer with a static strip and get started with the hardware upgrade.

Iexplained we needed the SCSI card to attach to the multipack. I alsoexplained that the extra memory would be used to help ZFS work better.The whole lesson and hardware installation took only 20 minutes. Then,it was time to install OpenSolaris.

Step 3: Installing OpenSolaris SXDE 1/08

Preparing to install OpenSolaris was quite simple and quick (5 minutes with explanations):

• Download and burn DVD

• Insert the DVD

• Boot the workstation

• Answer the questions

• Click the “ Finish” button
  
  

Thencame the actual installation. My son didn't this part of the project,because he had to go to bed before it finished. The install took about1.5 hours and our new server was up and running OpenSolaris when my sonwoke up the next morning. Now all we had to do was configureeverything.

Step 4: Configuring OpenSolaris

I alwaystry to be a good dad and teach my children the lessons that took me awhile to learn. One of those lessons is that there are smart people whocan be helpful to you, and you should build on their knowledge wheneverpossible. For this project, the smart people were the developers of theOpenSolaris CIFS server and ZFS features. The distillation of theirknowledge is found in the CIFS Getting Started Guide.This guide was invaluable and provided us everything we needed to getstarted. So, I suggest you also start with this guide as well.

Create the Users

Tobegin with, we needed to create a few different users. At install time,we created our root user account and after this we needed to have a“privileged” regular user and a user that could own the files. Weselected the userids admin and media for these purposes. To add the users, we used the “Users and Groups” action on the Administration section of the Start Menu.

Create a Storage Pool

Toget our server up and serving data, we needed to configure the storage.To do this, we used the ZFS GUI by just pointing a browser to https://<hostname>:6789/zfsand logging in as a user with root permissions. This graphicalinterface provides the ability to see all of the storage attached toyour system and how it is being used. We selected all of the drives onthe multipack and created a single RAIDZ1 pool called mediapool.

Create the File Systems

After creating a ZFS pool with the ZFS GUI, we switched to a terminal window to check the status of the newly created pool:

# zfs list
NAME USED AVAIL REFER MOUNTPOINT
mediapool 144K 165G 29.9K /mediapool
  

Then, we created the file systems:

# zfs create -o casesensitivity=mixed mediapool/music
# zfs create -o casesensitivity=mixed mediapool/photos
# zfs create -o casesensitivity=mixed mediapool/movies
  

We decided to set the ZFS property casesensitivity=mixedto allow us to use mixed cases for the files. This is a very importantstep when sharing files with Windows. If you don't do this, all of thefile names will get set to all upper case, which is very hard to read.

Configure CIFS

After creating the file systems, we started the CIFS service:

# svcadm enable -r smb/server
# smbadm join -w CENTRAL
  

Sincewe were working on our home systems and didn't have a fancy domaincontroller, we used the workgroup mode for sharing the files. I hadpreviously set our home workgroup to CENTRAL, which is reflected in the join command. In most cases. you would keep the workgroup set to WORKGROUP.

Set Up Authentication

Wealso needed to update the OpenSolaris password system to configure theCIFS server to use PAM (pluggable authentication module)authentication. We did this using the following mystical command:

# echo "other password required pam_smb_passwd.so.1 nowarn" >> /etc/pam.conf
  

Additionally,after entering the above command, we had to reset the passwords for allusers who would be using the CIFS authentication. For our situation, itwas only one user:

# passwd media
  

That did the trick and we were ready to start sharing the file systems we created.

Share File Systems

Wewere getting closer to being able to use our new server. CIFS wasenabled, the file systems were created, and we just needed to get themshared:

# zfs set sharesmb=name=Movies mediapool/movies
# zfs set sharesmb=name=Music mediapool/music
# zfs set sharesmb=name=photos mediapool/photos
  

We could have used a single set command with the sharesmb=onoption, but we wanted useful names on our Windows' machines. So, toavoid any ambiguous or long share names, we explicitly set them. Thiswas just one more of the little tricks and helpful tips from the CIFS Getting Started Guide and the discussion forums.

Set File System Permissions

For our last step, all of the files needed to be owned by our primary share user:

# chown -R media /mediapool
  

After this last step, we were done configuring OpenSolaris on our NAS box.

Step 5: Configuring Windows

Now,the real fun began. So far, it took only 2 hours to assemble the serverhardware, install the OS, and configure the storage, and 90 minutes ofthat was the OpenSolaris installation. We were feeling pretty goodabout spending only 30 minutes to get our file system configured andshared. Then, we had to configure Windows.

I realized very quickly that while using a Windows XPsystem for e-mail and web browsing is pretty simple, there is somecomplexity in sharing files. I scoured web sites and discussion forumsand learned that sharing files with CIFS is different than sharing filewith NFS.

I'm used to having a filer export an NFS file system,which provides the ability to browse the share and then verify thepermissions. Well, Windows is the same, but the permissions thing isdifferent. Or, so I thought.

When mounting a CIFS share from a OpenSolaris box, youmust authenticate to that server. This point is critical. Theauthentication also has to be from the perspective of the server andnot the client.

To make the share on the windows client work, we needed to do the following:

1. Map a windows drive with the “Folder” path of //< OpenSolaris_Server >/<sharename>

2. Select the Connect as different user name link and use the user name and password from the OpenSolaris server.

For our machine, the “Folder” path was //PHRED//Movies and the user name was media.

Makingthis simple discovery took about 3 days, but we finally had a way forall of our Windows machines to access a shared file system on our newOpenSolaris NAS box.

Variations on a Theme

My son and I had agreat time with this exercise. We had a lot of fun playing with thehardware and we both learned a great deal. We are still playing withthe server and are now looking at adding some new pieces:

• Larger drives – we'll be adding some 500GB SATA drives, using the onboard SATA controller

• Virus scanning – we're looking into using clamAV to do our onboard virus scanning. The directions on the Genunix wiki look pretty straight forward.

Thanks and References

Thispost would not be complete with out us taking the time to thank thosewho helped us out along the way. Here are a list of web sites, blogs,and discussion lists that were invaluable.

• http://opensolaris-DOT-org/os/project/cifs-server/

• http://www.genunix.org/wiki/index.php/Getting_Started_With_the_Solaris_CIFS_Service

• http://www.genunix.org/wiki/index.php/Solaris_CIFS_Service_Troubleshooting

• http://blogs.sun.com/dougm/

• storage-discuss-AT-opensolaris.org

• cifs-discuss-AT-opensolaris.org

Also, thanks to those who blazed the trail before us.

Note: this article was originally posted at http://blogs.sun.com/icedawn/entry/bondin