Articles in this section

See more

Displaying Views and View Policies

Sara Levy
  • Updated
Follow

VAST Cluster has one default view and one default view policy. A view policy is a reusable set of configurations. Every view has a view policy and a view policy may be used by multiple views.

Initially, a view is pre-configured for access via NFS. It exposes the top location of the file system "/". The default view policy gives read/write access to all hosts and root squashes all hosts. Both the initially configured view and the default view policy can be modified.

Displaying Views and View Policies via the VAST Web UI

To see the existing views configured on the cluster, go to the Element Store page and select the Views tab.

The following settings are displayed:

Path

The full path from the top level of the storage system on the cluster to the location exposed by the view.

Alias

An alias for the mount path of an NFS export.

Share

For SMB shares, the share name.

Policy Name

The view policy.

Protocols

The protocol(s) the view is exposed to. This can be NFS (which refers to NFS version 3), NSF4 (which refers to NFS version 4.1), SMB or any combination of these three.

You can modify and remove views using the Actions menu in the far right column.

To see the existing view policies configured on the cluster, go to the Element Store page and select the View Policies tab.

The following settings are displayed:

Name

The name of the policy.

Atime Frequency

atime is a metadata attribute of NFS files that represents the last time the file was updated. atime is updated on read operations if the difference between the current time and the file's atime value is greater than the configured atime frequency.

Flavor

The security flavor of the policy.

The security flavor determines how file and directory permissions are controlled. For a full description of the security flavors, see File and Directory Permissions in Multiprotocol Views. In brief, the possible values are:

  • NFS. NFS clients can set permission mode bits on files and directories when creating new files and directories or modifying existing files and directories. Attempts by SMB clients to set file and directory permissions are ignored. Files and directories created by SMB clients receive a configurable set of initial permission bits.

  • SMB. SMB clients can set permissions on files and directories. Attempts by NFS clients to set permission bits for files and directories are ignored. Files and directories created on NFS clients inherit permissions set on the parent directory by the SMB client.

  • Mixed Last Wins. This flavor is designed to act as natively as possible to whichever protocol is used to create or modify a file or directory. It allows permissions to be set and modified from all clients. As far as possible, this flavor is designed such that whenever a user changes permissions via a given protocol, the permission change that is applied in vast permissions is as the user intended.

Auth Source

Determines the source for retrieving group memberships of NFS users for the purposes of authorizing access to files and directories. Possible values:

  • Client. The GIDs declared in the RPC as the user's leading group and auxiliary groups are trusted and provider-sourced groups are not considered.

  • Providers. Group memberships retrieved from authorization providers are considered as the user's group memberships (as for SMB-only and multiprotocol views). The GIDs declared in the RPC are ignored.

  • Client and Providers. Both the GIDs declared in the RPC and group memberships retrieved from authorization providers are considered.

For more information about the impact of this setting, see The VAST Cluster Authorization Flow.

Read Write

The hosts that have read/write access to the view via NFS. * is a wildcard indicating all hosts.

Read Only

The hosts that have read only access to the view via NFS. * is a wildcard indicating all hosts.

All Squash

The hosts that have all squash applied to them when accessing the view via NFS. With all squash, all client users are mapped to nobody for all file and folder management operations on the export.

No Squash

The hosts that have no squash applied to them when accessing the view via NFS. With no squash, all operations are supported. Use this option if you trust the root user not to perform operations that will corrupt data.

Root Squash

The hosts that have root squash applied to them when accessing the view via NFS. With root squash, the root user is mapped to nobody for all file and folder management operations on the export.

Trash

The hosts that have access to the trash folder when accessing the view via NFS (NFSv3 only). These hosts have the ability to delete files by moving them into a trash folder, from which they are automatically deleted.

You can modify and remove view policies using the Actions menu in the far right column.

Displaying Views and View Policies via the VAST CLI

Run the view list and viewpolicy list commands to list existing views and view policies via the VAST CLI.

Related articles

Comments

0 comments

Article is closed for comments.