Articles in this section

cluster modify

Sara Levy
Follow

This command modifies various cluster settings.

Usage
cluster modify [--id ID]
               [--name]
               [--psnt PSNT]
               [--remove-s3-key-pair]
               [--s3-certificate S3_CERTIFICATE]
               [--s3-private-key S3_PRIVATE_KEY]
               [--auto-logout-timeout AUTO_LOGOUT_TIMEOUT]
               [--motd MOTD]
               [--enable-metrics]
               [--disable-metrics]
               [--enable-module-metrics]
               [--disable-module-metrics]
               [--enable-similarity]
               [--disable-similarity]
               [--auth-provider-refresh-interval AUTH_PROVIDER_REFRESH_INTERVAL]
               [--enable-trash]
               [--disable-trash]
               [--trash-gid TRASH_GID]
               [--enable-suppressed-showmount]
               [--disable-suppressed-showmount]
               [--smb-privileged-user-name SMB_PRIVILEGED_USER_NAME]
               [--smb-privileged-group-sid SMB_PRIVILEGED_GROUP_SID]
               [--enable-smb-privileged-user]
               [--disable-smb-privileged-user]
               [--enable-smb-privileged-group]
               [--disable-smb-privileged-group]
               [--smb-read-write-privileged-group-access]
               [--smb-read-only-privileged-group-access]
               [--audit-dir-name]
               [--read-access-users]
               [--read-access-users-groups]
               [--max-file-size]
               {
                [--disable-audit]
                 | 
                  {
                  [--audit-protocols]
                  [--audit-operations]
                  [--audit-options]
                  [--enable-audit-settings|--disable-audit-settings]
                  }
               }
Options

--id ID

The ID of the cluster.

--name NAME

Modify the cluster name.

--psnt PSNT

Change the PSNT of the cluster.

--remove-s3-key-pair

Remove the current SSL server certificate key pair for the S3 service.

--s3-certificate S3_CERTIFICATE

Specify content of SSL server certificate file, to install SSL certificate for the S3 service, to enable S3 clients to connect to the S3 service over HTTPS. Include also the --s3-private-key parameter to complete the certificate installation.

--s3-private-key S3_PRIVATE_KEY

Specify content of SSL server key file, to install SSL certificate for the S3 service, to enable S3 clients to connect to the S3 service over HTTPS. Include also the --s3-certificate parameter to complete the certificate installation.

--auto-logout-timeout AUTO_LOGOUT_TIMEOUT

Modify the inactivity period for auto logout for VAST OS on all nodes (seconds).

--motd MOTD

Specify a custom Message of the Day text . VAST OS displays this MOTD text on login.

--enable-similarity

Enable similarity-based data reduction.

--disable-similarity

Disable similarity-based data reduction (enabled by default).

--auth-provider-refresh-interval AUTH_PROVIDER_REFRESH_INTERVAL

Modify the Auth Provider Refresh Interval (specify in seconds).

--enable-trash

Enable the trash folder feature. Once enabled, trash folder access permission can be given to NFSv3 client hosts per view policy.

--disable-trash

Disable the trash folder feature.

--trash-gid

Specify the GID of a group of non root users to allow them access to the trash folder.

--enable-suppressed-showmount

Suppress output of 'showmount' command from Linux NFSv3 clients.

--disable-suppressed-showmount

Disable suppression of 'showmount' command output.

--smb-privileged-user-name SMB_PRIVILEGED_USER_NAME

Specify a custom username for the privileged SMB user. If not specified, the user name of the SMB privileged user is 'vastadmin'.

--smb-privileged-group-sid SMB_PRIVILEGED_GROUP_SID

Specify a custom SID for the privileged SMB group. If not specified, the privileged SMB group SID is the Backup Operators domain group SID (S-1-5-32-551).

--enable-smb-privileged-user

Enable the privileged SMB user.

--disable-smb-privileged-user

Disable the privileged SMB user.

--enable-smb-privileged-group

Enable the privileged SMB group.

--disable-smb-privileged-group

Disable the privileged SMB group.

--smb-read-write-privileged-group-access

Grant read and write control access to the privileged SMB group. Members of the group can perform backup and restore operations on all files and directories, without requiring read or write access to the specific files and directories.

--smb-read-only-privileged-group-access

Grant only read-only access control to the privileged SMB group. Members of the group can perform backup operations on all files and directories without requiring read access to the specific files and directories. They cannot perform restore operations without write access to the specific files and directories.

--audit-dir-name

Sets a name for the audit directory. A file of this name will be created directly under the root directory of the Element Store. Protocol audit records are written to this directory.

--read-access-users

Specifies users to grant them read access to all files in the audit directory.

Specify users as a comma separated list of user names.

--read-access-users-groups

Specifies user groups to grant users in those groups read access to all files in the audit directory.

Specify groups as a comma separated list of user names.

--max-file-size MAX_FILE_SIZE

Modifies the maximum size of each file in the audit directory. Audit records are written to subdirectories of the audit directory per CNode core. Records written to each directory roll over to a new file when the file reaches this size.

Specify MAX_FILE_SIZE with units of MB, GB, TB and so on.

Default: 1024MB

For example: --max-file-size 2GB

--audit-protocols PROTOCOLS

Specifies auditing protocols to enable or disable.

Must be used together with --enable-audit-settings or --disable-audit-settings to enable or disable auditing of the specified protocols.

When specifying --audit-protocols you must also specify --audit-operations and/or --audit-options.

Specify PROTOCOLS as a comma separated list of values. Possible values:

  • NFSv3

  • SMB

--audit-operations OPERATIONS

Specifies categories of auditing operations to enable or disable.

Must be used together with --enable-audit-settings or --disable-audit-settings to enable or disable auditing of the specified operations.

When specifying --audit-operations you must also specify --audit-protocols to specify which protocols to enable the operations for.

Specify OPERATIONS as a comma separated list of values.

Possible values:

  • create_delete_files_dirs_objects. Operations that create, delete files and directories.

  • modify_data_md. Operations that modify data (this includes operations that change the file size) and metadata.

  • read_data. Operations that read data and metadata.

  • session_create_close. Session creation and closing operations. Relevant only for SMB.

--audit-options OPTIONS

Specifies audit options to enable or disable. Use together with --enable-audit-settings to enable the specified option(s) or together with --disable-audit-settings to disable the specified option(s).

When specifying --audit-options you must also specify --audit-protocols to specify which protocols to enable the options for.

Specify OPTIONS as a comma separated list of values.

Possible values:

  • log_full_path. Available and relevant for NFSv3 only. Enabled by default if NFSv3 protocol is enabled for auditing. If enabled, audit records contain the full Element Store path to the requested resource. When disabled, the path relative to the view is recorded. This may affect performance.

  • log_username. Disabled by default. If enabled, audit records contain the username.

--enable-audit-settings

Enables audit operations and options specified in the same command line by the --audit-options , --audit-protocols and --audit-operations parameters.

Any auditing protocols, operations options that are already enabled remain enabled.

--disable-audit-settings

Disables audit protocols and operations and/or audit options specified in the command line by the --audit-protocols, --audit-operations and --audit-options parameters.

Any auditing protocols, operations options that are already enabled and which you do not specify remain enabled.

--disable-audit

Disables protocol auditing.

To enable protocol auditing, include --audit-protocols PROTOCOLS in the command line as well as --audit-options and/or --audit-operations.
Example

This example changes the SMB privileged user name to 'vast_backup_user'.

vcli: admin>  cluster modify --smb-privileged-user-name vast_backup_user

Related articles

Comments

0 comments

Article is closed for comments.