Isilon Administration and

Management Lab Guide for

OneFS 7.2.0
May 2015

EMC Education Services

Copyright
Copyright 2015 EMC Corporation. All Rights Reserved. Published in the USA. EMC believes the
information in this publication is accurate as of its publication date. The information is subject to
change without notice.
THE INFORMATION IN THIS PUBLICATION IS PROVIDED AS IS. EMC CORPORATION MAKES NO
REPRESENTATIONS OR WARRANTIES OF ANY KIND WITH RESPECT TO THE INFORMATION IN THIS
PUBLICATION, AND SPECIFICALLY DISCLAIMS IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS
FOR A PARTICULAR PURPOSE.
Use, copying, and distribution of any EMC software described in this publication requires an applicable
software license. The trademarks, logos, and service marks (collectively "Trademarks") appearing in
this publication are the property of EMC Corporation and other parties. Nothing contained in this
publication should be construed as granting any license or right to use any Trademark without the prior
written permission of the party that owns the Trademark.
EMC, EMC AccessAnywhere Access Logix, AdvantEdge, AlphaStor, AppSync ApplicationXtender,
ArchiveXtender, Atmos, Authentica, Authentic Problems, Automated Resource Manager, AutoStart,
AutoSwap, AVALONidm, Avamar, Bus-Tech, Captiva, Catalog Solution, C-Clip, Celerra, Celerra
Replicator, Centera, CenterStage, CentraStar, EMC CertTracker. CIO Connect, ClaimPack, ClaimsEditor,
Claralert ,cLARiiON, ClientPak, CloudArray, Codebook Correlation Technology, Common Information
Model, Compuset, Compute Anywhere, Configuration Intelligence, Configuresoft, Connectrix,
Constellation Computing, EMC ControlCenter, CopyCross, CopyPoint, CX, DataBridge , Data Protection
Suite. Data Protection Advisor, DBClassify, DD Boost, Dantz, DatabaseXtender, Data Domain, Direct
Matrix Architecture, DiskXtender, DiskXtender 2000, DLS ECO, Document Sciences, Documentum, DR
Anywhere, ECS, elnput, E-Lab, Elastic Cloud Storage, EmailXaminer, EmailXtender , EMC Centera, EMC
ControlCenter, EMC LifeLine, EMCTV, Enginuity, EPFM. eRoom, Event Explorer, FAST, FarPoint, FirstPass,
FLARE, FormWare, Geosynchrony, Global File Virtualization, Graphic Visualization, Greenplum,
HighRoad, HomeBase, Illuminator , InfoArchive, InfoMover, Infoscape, Infra, InputAccel, InputAccel
Express, Invista, Ionix, ISIS,Kazeon, EMC LifeLine, Mainframe Appliance for Storage, Mainframe Data
Library, Max Retriever, MCx, MediaStor , Metro, MetroPoint, MirrorView, Multi-Band
Deduplication,Navisphere, Netstorage, NetWorker, nLayers, EMC OnCourse, OnAlert, OpenScale,
Petrocloud, PixTools, Powerlink, PowerPath, PowerSnap, ProSphere, ProtectEverywhere, ProtectPoint,
EMC Proven, EMC Proven Professional, QuickScan, RAPIDPath, EMC RecoverPoint, Rainfinity, RepliCare,
RepliStor, ResourcePak, Retrospect, RSA, the RSA logo, SafeLine, SAN Advisor, SAN Copy, SAN
Manager, ScaleIO Smarts, EMC Snap, SnapImage, SnapSure, SnapView, SourceOne, SRDF, EMC
Storage Administrator, StorageScope, SupportMate, SymmAPI, SymmEnabler, Symmetrix, Symmetrix
DMX, Symmetrix VMAX, TimeFinder, TwinStrata, UltraFlex, UltraPoint, UltraScale, Unisphere, Universal
Data Consistency, Vblock, Velocity, Viewlets, ViPR, Virtual Matrix, Virtual Matrix Architecture, Virtual
Provisioning, Virtualize Everything, Compromise Nothing, Virtuent, VMAX, VMAXe, VNX, VNXe, Voyence,
VPLEX, VSAM-Assist, VSAM I/O PLUS, VSET, VSPEX, Watch4net, WebXtender, xPression, xPresso, Xtrem,
XtremCache, XtremSF, XtremSW, XtremIO, YottaYotta, Zero-Friction Enterprise Storage.
Revision Date: May 2015
Revision Number: MR-1CP-ISIAM_1.1

EMC Education Services

Document Revision History

Rev #

EMC Education Services

File Name

Date

1.0

PPAM_720_Lab Guide

Jan 2015

1.1

PPAM_720_Lab Guide

May 2015

Table of Contents
COPYRIGHT ............................................................................................................................................................ 2
DOCUMENT REVISION HISTORY ............................................................................................................................. 3
TABLE OF CONTENTS .............................................................................................................................................. 4
ABOUT THIS LAB MANUAL ..................................................................................................................................... 9
DOCUMENT CONVENTIONS ....................................................................................................................................9
ORGANIZATION ....................................................................................................................................................9
BEFORE YOU BEGIN .............................................................................................................................................. 10
VIRTUAL LAB ENVIRONMENT CONFIGURATION ................................................................................................... 11
DAY 1 ................................................................................................................................................................... 11
LAB CONFIGURATION ..........................................................................................................................................11
LOGGING IN TO LAB ENVIRONMENT .......................................................................................................................13
MODULE 1 ISILON CLUSTER OVERVIEW ............................................................................................................. 18
LAB 1.0: INSTALL FIRST NODE IN CLUSTER ............................................................................................................ 18
TASK 1: CONFIGURE INITIAL NODE .........................................................................................................................19
TASK 2: CONNECT TO CLUSTER VIA WEB ADMINISTRATION INTERFACE .........................................................................27
TASK 3: CONNECT TO CLUSTER VIA CLI ...................................................................................................................29
LAB 1.0: SUMMARY ............................................................................................................................................31
LAB 1.1: JOIN NODES TO CLUSTER ........................................................................................................................ 32
TASK 1: JOIN SECOND NODE USING CONFIGURATION WIZARD....................................................................................32
TASK 2: JOIN THIRD NODE USING WEB ADMINISTRATION INTERFACE ...........................................................................34
LAB 1.1: SUMMARY ............................................................................................................................................37
LAB 1.2: VALIDATE CLUSTER USING CLI ................................................................................................................ 38
TASK 1: USING ISI COMMANDS .............................................................................................................................39
TASK 2: EXAMINING CLUSTER HARDWARE...............................................................................................................43
TASK 3: USING CONFIGURATION CONSOLE ..............................................................................................................45
LAB 1.2: SUMMARY ............................................................................................................................................47
LAB 1.3: MANAGING RBAC ................................................................................................................................... 48
TASK 1: VIEW AND MODIFY ACCOUNTS USING ISI AUTH.............................................................................................48
TASK 2: CREATE ACCOUNT USING ISI AUTH..............................................................................................................51
TASK 3: CREATE ACCOUNT WITH THE WEB ADMINISTRATION INTERFACE ........................................................................54
LAB 1.3: SUMMARY ............................................................................................................................................62
MODULE 2 DATA PROTECTION, LAYOUT, AND ACCESS ...................................................................................... 64
LAB 2.0: DATA PROTECTION AND FILE LAYOUT ................................................................................................... 64
LAB 2.0: SUMMARY ............................................................................................................................................68
LAB 2.1: DATA PROTECTION SETTINGS ................................................................................................................. 69
TASK 1: EXAMINE AND MODIFY DATA PROTECTION SETTINGS .....................................................................................69

EMC Education Services

TASK 2: APPLY DIRECTORY LEVEL PROTECTION .........................................................................................................77

TASK 3: FILE PROTECTION USING CLI .....................................................................................................................80
LAB 2.1: SUMMARY ............................................................................................................................................86
LAB 2.2: LOCATING CACHE INFORMATION ........................................................................................................... 87
LAB 2.2: SUMMARY ............................................................................................................................................88
MODULE 3 ACCESS TO THE CLUSTER ................................................................................................................. 90
LAB 3.0: CONNECTING ISILON TO THE NETWORK ................................................................................................ 90
LAB 3.0: SUMMARY ............................................................................................................................................91
LAB 3.1: SMARTCONNECT SETTINGS .................................................................................................................... 92
TASK 1: CONFIGURE SMARTCONNECT ....................................................................................................................93
TASK 2: CREATE REQUIRED DNS RECORDS ..............................................................................................................96
TASK 3: TEST SMARTCONNECT SETTINGS ............................................................................................................. 101
LAB 3.1: SUMMARY ......................................................................................................................................... 103
LAB 3.2: SET NTP SERVICES ................................................................................................................................. 104
LAB 3.2: SUMMARY ......................................................................................................................................... 107
LAB 3.3: CONNECT TO LDAP DOMAIN ................................................................................................................ 108
TASK 1: ENABLE LDAP AUTHENTICATION ............................................................................................................ 109
TASK 2: VERIFY LDAP AUTHENTICATION.............................................................................................................. 111
LAB 3.3: SUMMARY ......................................................................................................................................... 112
LAB 3.4: JOIN AN ACTIVE DIRECTORY DOMAIN .................................................................................................. 113
TASK 1: JOIN CLUSTER TO ACTIVE DIRECTORY ....................................................................................................... 113
TASK 2: CHECK DOMAIN JOIN STATUS ................................................................................................................. 116
TASK 3: CREATE TWO SHARES AND SET PERMISSIONS ............................................................................................ 117
TASK 4: ACCESS AND REVIEW SHARES ................................................................................................................. 122
LAB 3.4: SUMMARY ......................................................................................................................................... 126
LAB 3.5: ADVANCED SMARTCONNECT SETTINGS................................................................................................ 127
TASK 1: CONFIGURE ADDITIONAL SMARTCONNECT ZONE........................................................................................ 127
TASK 2: CREATE DNS RECORDS FOR NFS ZONE .................................................................................................... 132
TASK 3: TEST NEW SMARTCONNECT ZONE SETTINGS ............................................................................................. 135
LAB 3.5: SUMMARY ......................................................................................................................................... 136
LAB 3.6: CREATING ACCESS ZONES .................................................................................................................... 137
LAB 3.6: SUMMARY ......................................................................................................................................... 144
MODULE 4 IDENTITY MANAGEMENT ............................................................................................................... 146
LAB 4.0: IDENTITY MANAGEMENT ..................................................................................................................... 146
TASK 1: VIEWING UID, GID, UNIX SIDS AND ON-DISK IDENTITY ............................................................................ 146
TASK 2: ON-DISK IDENTITY MAPPING.................................................................................................................. 149
LAB 4.0: SUMMARY ......................................................................................................................................... 149
LAB 4.1: PERMISSIONS ....................................................................................................................................... 150
TASK 1: VERIFY AUTHENTICATION PROVIDERS ....................................................................................................... 150

EMC Education Services

TASK 2: VIEW PERMISSIONS .............................................................................................................................. 151

TASK 3: MODIFY PERMISSIONS .......................................................................................................................... 154
TASK 4: ADVANCED ACL REMOVAL AND USER IMPERSONATION............................................................................... 156
LAB 4.1: SUMMARY ......................................................................................................................................... 157
LAB 4.2: ACL POLICIES ........................................................................................................................................ 158
TASK 1: DEFAULT ACL POLICIES ......................................................................................................................... 158
TASK 2: ACL POLICY SETTINGS REVIEW ............................................................................................................... 159
LAB 4.2: SUMMARY ......................................................................................................................................... 168
LAB 4.3: CONFIGURING SMB SHARES ................................................................................................................. 169
TASK 1: CREATE DIRECTORIES FOR SMB CLIENTS .................................................................................................. 169
TASK 2: SHARE DIRECTORIES.............................................................................................................................. 170
TASK 3: ACCESS AND REVIEW SHARES ................................................................................................................. 171
LAB 4.3: SUMMARY ......................................................................................................................................... 174
LAB 4.4: HOME DIRECTORY CREATION WITH SMB ............................................................................................. 175
LAB 4.4: SUMMARY ......................................................................................................................................... 179
LAB 4.5: MANAGING NFS EXPORTS .................................................................................................................... 180
TASK 1: CREATE DIRECTORY .............................................................................................................................. 180
TASK 2: CREATE AN EXPORT .............................................................................................................................. 181
TASK 3: MOUNT AN EXPORT.............................................................................................................................. 182
LAB 4.5: SUMMARY ......................................................................................................................................... 184
LAB 4.6: REMOTE FILE ACCESS PROTOCOL .......................................................................................................... 185
TASK 1: CONFIGURE AND ENABLE HTTP .............................................................................................................. 185
TASK 2: CONNECT USING HTTP ......................................................................................................................... 186
TASK 3: CONFIGURE AND ENABLE FTP ACCESS...................................................................................................... 186
TASK 4: CONNECT USING FTP ........................................................................................................................... 187
LAB 4.6: SUMMARY ......................................................................................................................................... 187
MODULE 5 STORAGE ADMINISTRATION .......................................................................................................... 189
LAB 5.0: CONFIGURE SMARTPOOLS ................................................................................................................... 190
TASK 1: VALIDATE SMARTPOOLS SETTINGS AND DEFAULT FILE POOL POLICIES ............................................................ 190
TASK 2: CREATE NEW FILE POOL POLICY .............................................................................................................. 191
TASK 3: CREATE NEW NODE POOLS & DISK POOLS INSTRUCTOR DEMO IF TIME PERMITS. ........................................... 192
LAB 5.0: SUMMARY ......................................................................................................................................... 193
LAB 5.1: CONFIGURE SMARTQUOTAS ................................................................................................................ 194
TASK 1: REPORT GENERATION AND EVENT NOTIFICATION ....................................................................................... 194
TASK 2: CONFIGURE SMARTQUOTAS DIRECTORY ................................................................................................... 197
TASK 3: ADD USER QUOTA TO A DIRECTORY ......................................................................................................... 198
TASK 4: TEST QUOTA DIRECTORY ....................................................................................................................... 199
LAB 5.1: SUMMARY ......................................................................................................................................... 200
LAB 5.2: CONFIGURE SNAPSHOTIQ ..................................................................................................................... 201
TASK 1: CREATE SNAPSHOTIQ SCHEDULE ............................................................................................................. 201
TASK 2: VIEW SNAPSHOTS................................................................................................................................. 203

EMC Education Services

LAB 5.2: SUMMARY ......................................................................................................................................... 204

LAB 5.3: CONFIGURING SYNCIQ.......................................................................................................................... 205
TASK 1: CREATE SYNCIQ POLICY ........................................................................................................................ 205
TASK 2: RUN SYNCIQ POLICY AND VIEW RESULTS.................................................................................................. 207
TASK 3: EDIT SYNCIQ POLICY............................................................................................................................. 207
TASK 4: RE-RUN POLICY AND VIEW RESULTS......................................................................................................... 208
LAB 5.3: SUMMARY ......................................................................................................................................... 209
LAB 5.4: IMPLEMENT ISILON DEDUPLICATION.................................................................................................... 210
TASK 1: ASSESS SPACE SAVINGS ......................................................................................................................... 210
TASK 2: SPECIFY SETTINGS AND VIEW SPACE SAVINGS ............................................................................................ 211
TASK 3: VIEW DEDUPLICATION REPORT ............................................................................................................... 213
LAB 5.4: SUMMARY ......................................................................................................................................... 213
LAB 5.5: SMARTLOCK COMPLIANCE ................................................................................................................... 214
TASK 1: COMPLIANCE MODE WIZARD ................................................................................................................. 215
TASK 2: WEB ADMINISTRATION INTERFACE ACCOUNT COMPARISONS ....................................................................... 218
TASK 3: SMARTLOCK ENTERPRISE CLUSTER........................................................................................................... 219
TASK 4: SMARTLOCK COMPLIANCE MODE CLUSTER ............................................................................................... 221
LAB 5.5: SUMMARY ......................................................................................................................................... 223
MODULE 7 - MONITORING ................................................................................................................................. 225
LAB 7.0: CLUSTER EVENTS .................................................................................................................................. 226
TASK 1: SYSTEM EVENTS IN WEB ADMINISTRATION INTERFACE.................................................................................. 226
TASK 2: SYSTEM EVENTS IN CLI .......................................................................................................................... 228
LAB 7.0: SUMMARY ......................................................................................................................................... 230
LAB 7.1: INSTALLATION ON INSIGHTIQ 3.1 ......................................................................................................... 231
TASK 1: ACTIVATE INSIGHTIQ ............................................................................................................................ 231
TASK 2: CONFIGURE LOCAL USER ACCOUNT ......................................................................................................... 232
TASK 3: CONFIGURE ADMINISTRATOR ACCOUNT ................................................................................................... 233
TASK 4: CONFIGURE NETWORK SETTINGS AND TIME ZONE ...................................................................................... 233
TASK 5: LOG ON AND ACCEPT EULA ................................................................................................................... 235
TASK 6: CONFIGURE DATA STORE ....................................................................................................................... 235
TASK 7: ADD CLUSTER ...................................................................................................................................... 235
TASK 8: ENABLE AND CONFIGURE FSA ................................................................................................................ 236
TASK 9: MANAGE IIQ INSTANCE......................................................................................................................... 237
LAB 7.1: SUMMARY ......................................................................................................................................... 237
LAB 7.2: USING INSIGHTIQ ................................................................................................................................. 238
TASK 1: INTERFACE OVERVIEW ........................................................................................................................... 238
TASK 2: INSIGHTIQ PERFORMANCE REPORTS ........................................................................................................ 239
TASK 3: INSIGHTIQ FILE SYSTEM REPORTS............................................................................................................ 246
LAB 7.2: SUMMARY ......................................................................................................................................... 256
LAB 7.3: USING ISI STATISTICS ............................................................................................................................ 257
TASK 1: ISI STATISTICS OPTIONS .......................................................................................................................... 257
TASK 2: USING ISI STATISTICS ............................................................................................................................. 258

EMC Education Services

TASK 3: ISI STATISTICS OUTPUT MANIPULATION .................................................................................................... 258

LAB 7.3: SUMMARY ......................................................................................................................................... 259
MODULE 8 JOB ENGINE ................................................................................................................................... 261
LAB 8.0: JOB ENGINE .......................................................................................................................................... 262
TASK 1: WEB ADMINISTRATION INTERFACE STATUS OF JOBS .................................................................................... 262
TASK 2: CLI STATUS OF JOBS ............................................................................................................................. 263
LAB 8.0: SUMMARY ......................................................................................................................................... 263
LAB 8.1: JOB ENGINE PRIORITIES AND IMPACT POLICIES .................................................................................... 264
TASK 1: REVIEW AND MODIFY IMPACT POLICIES.................................................................................................... 264
TASK 2: REVIEW AND MODIFY JOB PRIORITIES ...................................................................................................... 266
TASK 3: ANALYZE AND TROUBLESHOOT JOB STATUS ............................................................................................... 266
LAB 8.1: SUMMARY ......................................................................................................................................... 268
APPENDIX A RESET VIRTUAL ENVIRONMENT................................................................................................... 269

EMC Education Services

About This Lab Manual

Virtual labs are designed to help you better learn OneFS and the various situations that Isilon clusters are used in.
Please keep in mind that as a virtual environment, they will not be as responsive as a physical cluster and depending on
how near or far from our datacenter you are located, the vApps can be very quick or show lag time from keyboard and
mouse input. We appreciate your patience in performing the labs and all feedback about what you would like to see
more of in future labs.

Document Conventions
This lab manual is written with a style that gives you both a visual image of what you are doing and written instructions
to be performed in each step.

Organization
This lab manual is divided into three sections:
1. Brief overview of the lab/task section.
2. Detailed steps that correspond to the real-life, hands-on training you received.
3. A wrap-up at the end of each lab highlights what you learned in the lab module.

EMC Education Services

Before You Begin

Welcome! Performing the lab will contribute to your success in this course. Below you will find important information
to help you get started.
This lab manual contains information and instructions to perform the tasks presented. The following images will be
used for this portion of the lab:
PPAM_720

EMC Education Services

10

Virtual Lab Environment Configuration

Day 1
Lab Configuration
Isilon Licenses
Some labs require software licenses to unlock specific features. You will get these licenses from your instructor.

Demo Content
Some labs require demonstration files for performing example reads and writes on the cluster. These files are located
in the /ifs/data directory of the cluster.

Lab Environment
Each student will use a dedicated lab environment, which includes the following:

Isilon 3-node cluster

Windows Active Directory and DNS server (WinServer2008)
Linux LDAP server (LinuxServer)
Windows 2012 R2 client
Linux client (LinuxClient)
Isilon.training.com domain

EMC Education Services

11

User Accounts and Access

The following tables contain a list of user accounts and passwords required to perform the lab exercises:
Username Isilon Cluster

Password

admin (web administration interface)

Isilon2!

root (SSH interface)

Isilon2!

Username Windows/AD

Password

isilon\administrator (Windows Server 2008)

Isilon2!

isilon\student

Isilon2!

isilon\student2

Isilon2!

isilon\student3

Isilon2!

Username Linux/LDAP

Password

root

Isilon2

student

Isilon2

student2

Isilon2

student3

Isilon2

alisonw

Isilon2

maryj

Isilon2

bobs

Isilon2

IP Addresses and Domain Name

Use Isilon.training.com as the Active Directory and DNS domain name, and the following IP addresses:
Computers/Virtual Machines

IP Address

WinServer2008

192.168.0.201

Windows Client

192.168.3.100

LinuxServer

192.168.0.202

LinuxClient

192.168.0.212

Cloud9 Nodes Nic 0, int-a IP addresses

128.221.252.11-19

Cloud9 Nodes Nic 1, ext-1 IP addresses

192.168.0.11-19

Compliance SmartConnect Service IP

InsightIQ_v3.1 (Live)
IIQv3.1.DEMO

192.168.0.100
192.168.0.221
192.168.0.222

EMC Education Services

12

Logging in to Lab Environment

To create a cloned copy of the lab environment that you will use in this lab:
1. Log on to a Windows classroom computer or your personal Windows computer.
2. Launch Internet Explorer and navigate to the EMC Education Services, Virtual Data Center (VDC):
https://vdc.emc.com.
3. Log on to the VDC with the User name and Password that your instructor provides, and then click Log On.

4. If you are using your personal computer and the following message appears, click Install, and follow through
with the installation of Citrix Receiver, otherwise skip ahead to step 6.
NOTE: The URL of the Windows download page is http://www.citrix.com/go/receiver.html.

5. After successfully installing Citrix Receiver, click Finish.

EMC Education Services

13

6. To open a Remote Desktop Connection to the virtual environment, in Internet Explorer, return to
https://vdc.emc.com, and then click vCD_IsilonSS.

7. On the remote desktop, double-click VMware Workstation.

8. In the VM Workstation, youll see the PPAM_720 image that includes 11 virtual machines (VMs), which are all
Powered off, as shown in the screenshot below.

EMC Education Services

14

9. Start all the virtual machines by doing the following:

a. In the left navigation pane, click PPAM_720, and then on the menu bar, click the start arrow. It can take
a minute or two for all VMs to start.

b. When the virtual machines are all started, theyll have a green arrow near the name and the Status
column will say Powered on.

EMC Education Services

15

This page intentionally left blank.

EMC Education Services

16

Module 1
Isilon Cluster Overview

EMC Education Services

17

Module 1 Isilon Cluster Overview

Lab 1.0: Install First Node in Cluster
Scenario 1.0:

Tasks:

You need to configure the initial node for an Isilon OneFS cluster.
You will configure the initial node, and then validate access to the
node from the OneFS web administration interface and the
command line interface (CLI). Finally, you will check events,
clearing or quieting the events to achieve a green state for the
cluster.

1. Configure the initial node.

2. Connect to the cluster via the web administration interface
and the CLI.
3. Check cluster events.

References:

Module 1, Lessons 1 3

Username
root (for terminal emulation program)
admin (for web administration interface)
isilon\student (Windows client)
int-a
Subnet mask
255.255.255.0
Low IP address
128.221.252.11
High IP address
128.221.252.19
Default gateway
DNS server IP address
DNS search domain

EMC Education Services

Password
Isilon2!
Isilon2!
Isilon2!
ext-1
255.255.255.0
192.168.0.11
192.168.0.19
192.168.0.1
192.168.0.201
isilon.training.com

18

Task 1: Configure Initial Node

1. In the VMware Workstation, in the left navigation pane, click Cloud9-Node1.

2. In the right tabbed pane, Cloud9-Node1 opens with a CLI prompt.

EMC Education Services

19

3. Click the right pane to activate it.

4. At the Wizard prompt, to Create a new cluster, type 1, and then press ENTER.
NOTE: When you click the console window, the input focus becomes the command prompt of that console
window and your cursor is not visible while inside that window. To make your cursor visible, press CTRL+ALT.
This is helpful when you want to click the command toolbar at the top right of the console window. To bring
input focus back to the command prompt, just click the console window.

5. Press the SPACEBAR to page through the End User License Agreement (EULA) or page down to go to the
bottom of the EULA.
When prompted to accept the EULA, type yes, and then press ENTER.

6. At the Please change the root password prompt, type Isilon2!, and press ENTER.
When prompted, re-enter the same password, and press ENTER again.
NOTE: Password characters will not show up onscreen as you type them.

EMC Education Services

20

7. At the Please change the UI admin password prompt, type Isilon2!, press ENTER.
When prompted, re-enter that same password, and press ENTER again.

8. At the Would you like to enable SupportIQ prompt, type yes, press ENTER.
9. To configure SupportIQ, press ENTER after each of the following:
a. Please enter company name: Type Isilon Training.
b. Please enter contact name: Type student.
c. Please enter contact phone: Type 1-800-4IS-ILON.
d. Please enter contact email: Type student@isilon.com.
e. Configure name: Type Cloud9 for the name of the new cluster.

10. To keep the default encoding of UTF-8, at the Configure encoding prompt, press ENTER.
NOTE: If you make a mistake, type the word back to move back a step in the wizard.

EMC Education Services

21

11. The internal-a (int-a) interface is used for inter-node communication. You need to configure both the netmask
and the IP range for the int-a interface. To configure the netmask for int-a, press ENTER after each entry:
a. Configure interface int-a: Type 1.
b. Configure int-a netmask: Type 255.255.255.0.

12. To configure the int-a IP address range, press ENTER after each of the following:
a. Configure interface int-a: Type 3.
b. Configure int-a IP ranges: Type 1 to select Add an IP range.
c. Low IP address (add): Type 128.221.252.11.
d. High IP address (add): The entry defaults to the Low IP address you just entered. Press BACKSPACE as
necessary to type 128.221.252.19.
e. IP ranges: Press ENTER to accept the IP address range.
f.

Current int-a configuration: Press ENTER again.

EMC Education Services

22

13. To configure the external interface, press ENTER after each of the following.
a. Configure external subnet: Type 1.
b. Configure interface ext-1: Type 1 to configure the netmask.
c. Configure ext-1 netmask: Type 255.255.255.0.

d. Configure interface ext-1: Type 3.

e. Configure ext-1 IP ranges: Type 1.
f.

Low IP address (add): Type 192.168.0.11.

g. High IP address (add): The IP defaults to the Low IP address. Press BACKSPACE as necessary to type
192.168.0.19.
h. Press ENTER to accept the IP address range.
i.

Press ENTER again to accept the current ext-1 configuration.

EMC Education Services

23

14. At the Configure default gateway prompt, type 192.168.0.1, and then press ENTER.

15. At the Configure SmartConnect settings prompt, press ENTER to skip configuration for this lab.

16. To configure DNS, press ENTER after each of the following:

a. Configure DNS settings: Type 1.
b. Configure DNS: Type 192.168.0.201.
c. Configure DNS settings: Type 2 to search domains.
d. Search domains: Type isilon.training.com.
e. Press ENTER to accept the specified DNS settings.

EMC Education Services

24

17. At the Configure external subnet prompt, press ENTER to exit external subnet settings.

18. To configure the date and time for the cluster, press ENTER after each of the following:
a. Configure date: Type 1.
b. Pacific Time Zone: Type 5.
c. Configure date: Press ENTER to keep the current date and time.

EMC Education Services

25

19. To keep the default join mode of Manual, press ENTER.

20. Review all of your clusters settings, type yes to commit the changes, and then press ENTER.
This process can take a while and will run until returned to the login prompt.

21. After you are returned to the login prompt, release the mouse from the VMware Workstation tab screen by
pressing CTRL+ALT, and then you can continue to the next task.

EMC Education Services

26

Task 2: Connect to Cluster via Web Administration Interface

1. In the Windows Workstation, open a web browser and navigate to https://192.168.0.11:8080. This is the
external IP address of Cloud9-Node1 of the cluster.

2. If you get the prompt about the websites security certificate, click Continue to this website.

3. Log in to OneFS on your new Cloud9 Isilon cluster with Username as root and Password as Isilon2!.

EMC Education Services

27

4. On the DASHBOARD tab, click Cluster Overview, and then click Cluster Status.
Youll see the node you just added to the cluster.
a. In the Status table, review the icon in the Stat column for Cloud9-Node1.
Your node may have a status other than healthy (green) because of the number of installed drives.
Healthy status is not required for the purposes of these lab exercises. You can see a status description
by hovering over the icon in the Stat column. In this example, a yellow circle means Attention.
b. Confirm the IP address is 192.168.0.11.
c. In the Monitoring section, look at the Cluster size pie chart and note the available hard disk space.
Check back here to see the growth of available space as you add additional nodes to your cluster.

5. Minimize the browser window, but do not log off.

EMC Education Services

28

Task 3: Connect to Cluster via CLI

Using SSH, you will log on to your cluster via the CLI and check the status.
1. Launch PuTTY from the taskbar.

2. In the PuTTY Configuration dialog box, for Host Name, type 192.168.0.11, and then click Open.

EMC Education Services

29

3. On the PuTTY Security Alert prompt, click Yes.

4. Type root for login as, press ENTER, then type Isilon2! for Password, and press ENTER.

5. To display information about the clusters status, at the Cloud9 prompt, press ENTER after typing:
isi status

You could also use isi stat.

Notice that the clusters health and the first nodes health value is A = Attention, and also note the intitial
available storage size with only one node in the cluster.

EMC Education Services

30

6. This is an example of the isi status output from a larger cluster with physical SSD drives:

7. Minimize this PuTTY window.

Lab 1.0: Summary

Summary:

EMC Education Services

In this lab, you learned how to configure your initial node using the
Configuration Wizard, and how to connect to the node using the
web administration interface and CLI.

31

Lab 1.1: Join Nodes to Cluster

Scenario 1.1:

In this lab, you will grow your cluster by adding nodes from the
serial connection and from the web administration interface.

Tasks:

1. Add a node using the Configuration Wizard.

2. Add a node using the web administration interface.

References:

Module 1, Lessons 1 3

Task 1: Join Second Node Using Configuration Wizard

1. Open the VMware Workstation.
NOTE: The name on the icon will vary depending on the last tab opened.

EMC Education Services

32

2. At the top of the VMware Workstation window, click the Cloud9-Node2 tab.
Click inside the right pane to active the nodes CLI.

3. To join the node to the cluster using the Configuration Wizard, enter the information below, pressing ENTER
after each entry:
a. Wizard: Type 2 to Join an existing cluster.
b. Join cluster: Type 1 to join Cloud9-Node2 to your Cloud9 Isilon cluster.

4. Let the process run until you are returned to the login prompt, and then minimize the VMWare Workstation
window.

EMC Education Services

33

Task 2: Join Third Node Using Web Administration Interface

1. Return to your browser that has the OneFS web administration interface open.

2. On the DASHBOARD tab, click Cluster Overview, and then click Cluster Status.
Youll see the two nodes that youve added to the cluster so far.

3. On the CLUSTER MANAGEMENT tab, click Hardware Configuration.

EMC Education Services

34

4. On the Add Nodes sub-tab, scroll down to the Available Nodes table. This table shows you all the nodes that
you could choose to add to your cluster.
NOTE: For a real-world cluster, the Model column will display the Isilon model, such as S210, X400, NL400, etc.
For the Isilon IQ VMWare node, in the Actions column, click Add node. This node is now added to your cluster.
NOTE: When this third node is added to the Cloud9 cluster, an iq_vmware node pool is automatically created.
Well talk about node pools in the next module.

5. Go back to the DASHBOARD tab, click Cluster Overview, and then click Cluster Status.
Confirm the node was added to the cluster by verifying there are now three nodes listed in the Status table.
NOTE: You might need to wait a minute or two for the new node to show up. Wait until node shows green
before going to the next step.

EMC Education Services

35

6. On the DASHBOARD tab, click Events.

7. On the Summary sub-tab, in the New Events section, click Quiet all events.

8. Go back to the Cluster Overview -> Cluster Status tab.

Note Cloud9s status after you quieted the events, and notice how much more hard drive space it has after
adding the third node.
NOTE: The chart may vary from cluster to cluster depending on the virtual clusters size and protection settings.

9. Minimize the browser window, but dont log off.

EMC Education Services

36

Lab 1.1: Summary

Summary:

EMC Education Services

In this lab, you learned how to add nodes to your Cloud9 cluster
using the Configuration Wizard and the web administration
interface. After completing this lab, you are now able to build a
new cluster by adding nodes and using web administration
interfaces Cluster Overview to verify your changes.

37

Lab 1.2: Validate Cluster Using CLI

Scenario 1.2:

Tasks:

You need to validate your newly built cluster by using specific isi
commands to better understand the cluster, hardware layout, and
built-in help. In this lab, you will learn how the output relates to
the hardware and understand the InfiniBand network that OneFS
relies on to communicate across the nodes.

1. Using isi commands.

2. Examining cluster hardware.
3. Using the configuration console.

References:

Module 1, Lessons 1 3

Username
root (Isilon cluster UI & SSH interface)
admin (Isilon cluster UI & SSH interface)
isilon\student (Windows client)

EMC Education Services

Password
Isilon2!
Isilon2!
Isilon2!

38

Task 1: Using isi Commands

In this task, you will use the built-in help, man isi and isi --help, to view commands and command structure.
1. Launch PuTTY from the taskbar. If youre already connected to your cluster, go to step 2.

a. If you need to reconnect to your cluster, in the PuTTY Configuration dialog box, for Host Name, type
192.168.0.11, and then click Open.

EMC Education Services

39

b. On the PuTTY Security Alert prompt, click Yes.

c. In the PuTTY window, type root for login as, press ENTER, then type Isilon2! for Password, and press
ENTER.

2. To view the isi command structure with all of the isi subcommands, at the Cloud9 prompt, press ENTER
after typing:
isi --help

You will have to scroll up and down to view the entire content.

EMC Education Services

40

3. To view the output one page at a time, at the Cloud9 prompt, press ENTER after typing:
isi --help |more

Use the SPACEBAR to move through the help pages.

Typing a pipe | and the word more, |more, is a common addition to commands with lots of output.
4. Page through the output by pressing the SPACEBAR, and write down the short description for each of the
following isi commands:
a. status:
b. devices:
c. config:
5. To output a two-page description of your clusters status, at the Cloud9 prompt, press ENTER after typing:
isi status |more

EMC Education Services

41

6. To view this nodes hard drives, at the Cloud9 prompt, press ENTER after typing:
isi devices

Scroll up to observe the first four HEALTHY drives in this node. Also, note that the JOURNAL drive in the fifth
drive bay is required because this virtual cluster does not have physical NVRAM to run it.

EMC Education Services

42

To get the list of subcommands for statistics, at the Cloud9 prompt, press ENTER after typing:
isi statistics --help

You will use the drive subcommand in the next task.

Task 2: Examining Cluster Hardware

In this task, you will use isi commands to examine your clusters hardware.
1. In the PuTTY window, to view all the drives on this virtual node, at the Cloud9 prompt, press ENTER after
typing:
isi statistics drive |more

Notice in the output that all are SAS drives with no SATA or SSD drives.

EMC Education Services

43

2. To view the health, size, nodes, and jobs running on your Cloud9 cluster, at the Cloud9 prompt, press ENTER
after typing:
isi status |more

3. To view the hardware in every bay, you can run isi devices for all three nodes in the cluster. At the Cloud9
prompt, press ENTER after typing:
isi_for_array isi devices |more

EMC Education Services

44

Task 3: Using Configuration Console

In this task, you will use the configuration console to view the InfiniBand internal network, int-a.
1. In the PuTTY window, to open the configuration console, at the Cloud9 prompt, press ENTER after typing:
isi config

2. To list the documented commands available in the console, at the Cloud9 prompt, press ENTER after typing:
help

Remember, you dont need to type isi before commands in this console.

EMC Education Services

45

3. To view options for the interface command, at the Cloud9 prompt, press ENTER after typing:
help interface

Note the only valid interface is int-a.

4. To view the only internal network this cluster has set up (which is int-a), at the Cloud9 prompt, press ENTER
after typing:
interface int-a

5. To output the configuration table containing network information for int-a, at the Cloud9 prompt, press ENTER
after typing:
status

Notice the number of allocated IP address and the number of free IP addresses available for int-a.

EMC Education Services

46

6. To leave the configuration console, at the Cloud9 prompt, press ENTER after typing:
exit

Lab 1.2: Summary

Summary:

EMC Education Services

In this lab, you learned how to use the built-in help for isi
commands, which allows you to examine the hardware in your
cluster, and use the configuration console to view InfiniBand
internal networks.

47

Lab 1.3: Managing RBAC

Scenario 1.3:

Tasks:

In this lab, you will discover the power of OneFS Role-based Access
Control (RBAC). You will learn how to view and modify accounts via
the CLI. You will also create an account from the CLI, and then
create an account from the web administration interface.

1. Use isi auth to view and modify accounts.

2. Create an account using isi auth in the CLI.
3. Create an account using the web administration interface.

References:

Module 1, Lesson 4

Task 1: View and Modify Accounts Using isi auth

1. Launch PuTTY from the taskbar. If youre already connected to your cluster, go to step 2.

EMC Education Services

48

a. If you need to reconnect to your cluster, in the PuTTY Configuration dialog box, for Host Name, type
192.168.0.11, and then click Open.

b. On the PuTTY Security Alert prompt, click Yes.

c. In the PuTTY window, type root for login as, press ENTER, then type Isilon2! for Password, and press
ENTER.

EMC Education Services

49

2. To list the OneFS users that are created by default, at the Cloud9 prompt, press ENTER after typing:
isi auth users list

3. To view the five default roles, at the Cloud9 prompt, press ENTER after typing:
isi auth roles list

4. To view the privileges for the SecurityAdmin role, at the Cloud9 prompt, press ENTER after typing:
isi auth roles view SecurityAdmin

Do this for all five roles and note the privileges.

5. To view all of the privileges, at the Cloud9 prompt, press ENTER after typing:
isi auth roles list --format table -v

Scroll up to see all of the privileges.

6. To view the default settings for NTLMv2 authentication, workgroup, cache lifetime, and the system/group UIDs
and GIDs, at the Cloud9 prompt, press ENTER after typing:
isi auth settings global view

7. To view the details of the admin user, at the Cloud9 prompt, press ENTER after typing:
isi auth users view admin

Compare with the output in the next step.

8. To view the details of the compadmin user, at the Cloud9 prompt, press ENTER after typing:
isi auth users view compadmin

9. To change the password for compadmin, at the Cloud9 prompt, press ENTER after typing:
isi auth users modify compadmin --set-password

10. To enter the new password, at the password prompt, type Isilon2!, and press ENTER.
When prompted, re-enter the password, and press ENTER again.
11. To exit the SSH window, at the Cloud9 prompt, press ENTER after typing:
exit

12. Open a new SSH session by launching PuTTY from the taskbar, type 192.168.0.11 for Host Name, and then click
Open.
EMC Education Services

50

13. Log in as compadmin using the new Isilon2! password.

What happens?

Task 2: Create Account Using isi auth

1. Open a new SSH session to the cluster by launching PuTTY from the taskbar, type 192.168.0.11 for Host Name,
click Open.
Log in as root using the Isilon2! password.
2. To create the new synciqadmin user, press ENTER after typing:
isi auth users create synciqadmin

a. To show a list of all users, press ENTER after typing:

isi auth users list

Confirm synciqadmin is in the list of users.

b. To view the details of the new synciqadmin user, press ENTER after typing:
isi auth users view synciqadmin

c. To modify the syniqadmin user, press ENTER after typing:

isi auth users modify synciqadmin -h |more

Press the SPACEBAR to page through the modify options.

d. To enter an email for the synciqadmin, press ENTER after typing:
isi auth users modify synciqadmin --email synciqadmin@isilon.com

e. To confirm the email address was added for the synciqadmin, press ENTER after typing:
isi auth users view synciqadmin

Confirm the email address is in the profile list of the user.

EMC Education Services

51

3. To change the home directory of the new synciqadmin user, press ENTER after typing:
isi auth users modify synciqadmin --home-directory /ifs/data/synciqadmin

a. To confirm the home directory for the synciqadmin user was changed, press ENTER after typing:
isi auth users view synciqadmin

Confirm that the home directory changed from /ifs/home/synciqadmin to /ifs/data/synciqadmin.

4. To create a new SyncIQAdmin group, press ENTER after typing:
isi auth groups create SyncIQAdmin

a. To view the new SyncIQAdmin group, press ENTER after typing:

isi auth groups view SyncIQAdmin --show-groups

b. To add the synciqadmin user to the SyncIQAdmin group, press ENTER after typing:
isi auth groups modify SyncIQAdmin --add-user synciqadmin

c. To view a list of members in the SyncIQAdmin group, press ENTER after typing:
isi auth groups members list SyncIQAdmin

Verify that the user account synciqadmin is now listed.

5. To change the synciqadmin users password, press ENTER after typing:
isi auth users modify synciqadmin --set-password

a. Type Isilon2! for the password, press ENTER, re-enter the password, and then press ENTER again.
6. To enable a user, press ENTER after typing:
isi auth users modify synciqadmin --enabled yes

a. To view the details for the synciqadmin user, press ENTER after typing:
isi auth users view synciqadmin

Verify that the synciqadmin user is enabled.

EMC Education Services

52

7. To view a list of roles, press ENTER after typing:

isi auth roles list

Note the roles listed.

a. To create a new role, press ENTER after typing:
isi auth roles create SyncIQAdmin

b. To view a list of roles, press ENTER after typing:

isi auth roles list

Verify the new role is listed.

8. To list all privileges you can add to an account, press ENTER after typing:
isi auth privileges

9. To add the synciqadmin user to the SyncIQAdmin role, press ENTER after typing:
isi auth roles modify SyncIQAdmin --add-user synciqadmin

10. Add privileges to the new SyncIQAdmin role by using the following commands:
a. Press ENTER after typing:
isi auth roles modify SyncIQAdmin --add-priv ISI_PRIV_LOGIN_CONSOLE

b. Press ENTER after typing:

isi auth roles modify SyncIQAdmin --add-priv ISI_PRIV_LOGIN_PAPI

TIP! To make this go quicker, press SHIFT + UP ARROW to repeat the last command typed, then press
the BACKSPACE key to delete the few unnecessary characters, then type the new characters.
c. Press ENTER after typing:
isi auth roles modify SyncIQAdmin --add-priv ISI_PRIV_LOGIN_SSH

d. Press ENTER after typing:

isi auth roles modify SyncIQAdmin --add-priv ISI_PRIV_NFS

e. Press ENTER after typing:

isi auth roles modify SyncIQAdmin --add-priv ISI_PRIV_SMB

EMC Education Services

53

f.

Press ENTER after typing:

isi auth roles modify SyncIQAdmin --add-priv ISI_PRIV_SNAPSHOT

g. Press ENTER after typing:

isi auth roles modify SyncIQAdmin --add-priv ISI_PRIV_QUOTA

h. Press ENTER after typing:

isi auth roles modify SyncIQAdmin --add-priv ISI_PRIV_NS_TRAVERSE

i.

Press ENTER after typing:

isi auth roles modify SyncIQAdmin --add-priv ISI_PRIV_SYNCIQ

11. To verify privileges were added, press ENTER after typing:

isi auth roles view SyncIQAdmin

12. Minimize the PuTTY window.

Task 3: Create Account with the web administration interface

1. Switch to the web administration interface.
If you closed it, open a new browser session, navigate to https://192.168.0.11:8080, and then log into your
cluster as root using the Isilon2! password.
2. On the ACCESS tab, click Membership & Roles, and then click the Users sub-tab.

EMC Education Services

54

3. View accounts and account details by doing the following:

a. Look at the core accounts:

Current Access Zone: Select System.

Users: Select FILE:System.

Note the core accounts displayed.

b. Look at the local accounts:

Current Access Zone: Leave System selected.

Users: Select LOCAL:System.

Note that the default Guest account and the synciqadmin account are both listed.

EMC Education Services

55

c. Look at the details of an account:

i.

For the synciqadmin account, click the View details link.

ii.

Note the details, and compare the output of the isi auth users view.

d. Look at even more details of the account.

i.

EMC Education Services

Scroll down, and then click More user details.

56

ii.

Observe the listed items and compare to the output of the isi auth users view
synciqadmin command. This command displayed everything that is now listed in the web
administration interface.

e. Collapse the User Details by going clicking Close.

4. Create a new account by doing the following:

a. On the ACCESS tab, click Membership & Roles, and then click Users.
b. On the right side of the Users tab, click Create a user.

EMC Education Services

57

c. On the Create a new user page, do the following, and then click Create:
NOTE: Screenshot is after list of field descriptions.

Username: Type Ballard.

Password: Type Isilon2!.

Email Address: Type bwashington@isilon.com.

Primary Group: Click the Select group button, then on the Select Primary Group dialog box,
do the following:
i. Search for groups by doing the following, and then click Search:
o

Group Name: Type Isilon Users.

Provider: Select LOCAL:System

ii. From the search results, select Isilon Users, and click Select.

Home Directory: Type /ifs/home/ballard.

UNIX Shell: Select /bin/sh.

Account Expiration Date: Use the date selector to choose any date.

Enable the account: Check this box.

EMC Education Services

58

d. On the Users tab, in the Users table, verify the new account is listed.

5. Verify the new directory was created by doing the following:

a. On the FILE SYSTEM tab, click File System Explorer.

EMC Education Services

59

b. In the Directories pane, select the home folder, and verify that the ballard directory displays in the
right pane.

6. Verify the new user is a member of the Isilon Users group.

a. On the ACCESS tab, click Membership & Roles, and then click Groups.

b. On the Groups tab, and do the following:

Current Access Zone: Select System.
Groups: Select LOCAL:System.
Isilon Users: Click View details.

EMC Education Services

60

c. In the Members section, verify Ballard is listed, and then log out of the web administration interface.

7. In the PuTTY window, at the Cloud9 prompt, press ENTER after typing:
isi auth roles modify AuditAdmin --add-user Ballard

8. To exit the SSH session, at the Cloud9 prompt, press ENTER after typing:
exit

9. Start a new PuTTY session on 192.168.0.11, and log on as Ballard using the Isilon2! password.
After you have verified that you can log in, exit the SSH session by typing exit.

EMC Education Services

61

10. In the browser, log in using the Ballard user with the Isilon2! password.
Verify the account is able to access and use the web administration interface.

11. Log out of the web administration interface.

Lab 1.3: Summary

Summary:

EMC Education Services

In this lab, you learned how to explore RBAC identities, create

roles, and grant privileges to users using roles, and you are now
able to configure OneFS RBAC profiles for accounts.

62

Module 2
Data Protection, Layout, and
Access

EMC Education Services

63

Module 2 Data Protection, Layout, and Access

Lab 2.0: Data Protection and File Layout

Scenario 2.0:

As Cloud9 Senior IT admin, you need to understand how data

protection levels work in OneFS. Working through this exercise,
youll identify the protection levels of the file layouts for various
protection strips, as well as determine the overhead for cluster
sizing.

References:

Module 2, Lessons 1 3

N+1n

N+2n

N+2d:1n

N+3n

N+3d:1n

N+3d:1n1d

N+4n

N+4d:1n

OneFS 7.1.1 & Older

N+1

N+2

N+2:1

N+3

N+3:1

n/a

N+4

N+4:1

N+4:2

2+1 (33%)

3x (67%)

4+2 (33%)

3x (67%)

6+3 (33%)

3+3 (50%)

3x (67%)

8+4 (33%)

3x (67%)

3+1 (25%)

2+2 (50%)

6+2 (25%)

4x (75%)

9+3 (25%)

5+3 (38%)

4x (75%)

12+4 (25%)

4+4 (50%)

4+1 (20%)

3+2 (40%)

8+2 (20%)

4x (75%)

12+3 (20%)

7+3 (30%)

5x (80%)

16+4 (20%)

6+4 (40%)

5+1 (17%)

4+2 (33%)

10+2 (17%)

3+3 (50%)

15+3 (17%)

9+3 (25%)

5x (80%)

16+4 (20%)

8+4 (33%)

6+1 (14%)

5+2 (29%)

12+2 (14%)

4+3 (43%)

16+3 (16%)

11+3 (21%)

5x (80%)

16+4 (20%)

10+4 (29%)

7+1 (13%)

6+2 (25%)

14+2 (13%)

5+3 (38%)

16+3 (16%)

13+3 (19%)

4+4 (50%)

16+4 (20%)

12+4 (25%)

8+1 (11%)

7+2 (22%)

16+2 (11%)

6+3 (33%)

16+3 (16%)

15+3 (17%)

5+4 (44%)

16+4 (20%)

14+4 (22%)

10

9+1 (10%)

8+2 (20%)

16+2 (11%)

7+3 (30%)

16+3 (16%)

15+3 (17%)

6+4 (40%)

16+4 (20%)

16+4 (20%)

11

10+1 (9%)

9+2 (18%)

16+2 (11%)

8+3 (27%)

16+3 (16%)

15+3 (17%)

7+4 (36%)

16+4 (20%)

16+4 (20%)

12

11+1 (8%)

10+2 (17%)

16+2 (11%)

9+3 (25%)

16+3 (16%)

15+3 (17%)

8+4 (33%)

16+4 (20%)

16+4 (20%)

13

12+1 (8%)

11+2 (15%)

16+2 (11%)

10+3 (23%)

16+3 (16%)

15+3 (17%)

9+4 (31%)

16+4 (20%)

16+4 (20%)

14

13+1 (7%)

12+2 (14%)

16+2 (11%)

11+3 (21%)

16+3 (16%)

15+3 (17%)

10+4 (29%)

16+4 (20%)

16+4 (20%)

15

14+1 (7%)

13+2 (13%)

16+2 (11%)

12+3 (20%)

16+3 (16%)

15+3 (17%)

11+4 (27%)

16+4 (20%)

16+4 (20%)

16

15+1 (6%)

14+2 (13%)

16+2 (11%)

13+3 (19%)

16+3 (16%)

15+3 (17%)

12+4 (25%)

16+4 (20%)

16+4 (20%)

17

16+1 (6%)

15+2 (12%)

16+2 (11%)

14+3 (18%)

16+3 (16%)

15+3 (17%)

13+4 (24%)

16+4 (20%)

16+4 (20%)

18

16+1 (6%)

16+2 (11%)

16+2 (11%)

15+3 (17%)

16+3 (16%)

15+3 (17%)

14+4 (22%)

16+4 (20%)

16+4 (20%)

19

16+1 (6%)

16+2 (11%)

16+2 (11%)

16+3 (16%)

16+3 (16%)

15+3 (17%)

15+4 (21%)

16+4 (20%)

16+4 (20%)

20

16+1 (6%)

16+2 (11%)

16+2 (11%)

16+3 (16%)

16+3 (16%)

15+3 (17%)

16+4 (20%)

16+4 (20%)

16+4 (20%)

Number of Nodes

OneFS 7.2.0 +

Data Protection Chart

EMC Education Services

64

N+4d:2n

Using the Data Protection Chart above, answer the following questions below. Where stated number of Nodes, this
is based on the chart, not your virtual workstation setup.
1. Based on your existing OneFS 7.2.0 cluster for N+2d:1n, what is the stated protection overhead for your 7 node
cluster?

2. What is the percentage of Protection Overhead for the cluster when increased to 9 nodes?

3. At 18 nodes in a cluster for N+4n, what is your Protection overhead?

4. Looking at the 18 node cluster, going from N+2n to N+4n, what does the chart tell you about the overhead
growth?

5. Identify what N+Mn the following protection strip represents.

EMC Education Services

65

6. Determine the following protection stripe:

7. The order of F = FEC vs D = data stripe units in these tables is not important, but the number of each is. These
exercises assume 128KB stripe units. Based on file size and the Requested Protection, layout the protections
with letters D or F and the following tables:

Requested Protection
File Size (KB)

N+2d:1n
1,536

N1

N2

N3

N4

N5

N6

Disk 1

Disk 2
Disk 3

Requested Protection
File Size (KB)
N1
D
D

N2
D
D

N3
D
D

N4
D
D

N5
D
D

Requested Protection
File Size (KB)
EMC Education Services

N7

N8

Requested Protection
File Size (KB)
N9

N1

N2

N3

N4

N5

N6

N+3d:1n1d
1,920
N6
D
D

N7
D
D

N8
D

N+2n
768

Requested Protection
File Size (KB)
N9
Disk 1
Disk 2
Disk 3

N+3d:1n
1,536

N1
D
D

N2
D
D

N3
D
D

N4
D
D

N5
D
D

Requested Protection
File Size (KB)
66

N7

N8

N9

N+4d:2n
1,536
N6
D
D

N7

N8

N+3n
768

N9

N1

N2

N3

N4

D
D
D

D
D
D

D
D
D

D
D
D

N5

N6

N7

N8

N9
Disk 1
Disk 2
Disk 3

N1

N2

N3

N4

N5

N6

N7

N8

N9

8. Write down the Requested Protection, File size, and Protection overhead percentage based on the each of the
file layouts below:

N1
Data
Data

N2
Data
Data

N3
Data
Data

N4
FEC
Data

N5
FEC
Data

N6

N7

N8

N9
Disk 1
Disk 2
Disk 3

Requested Protection
File Size (KB)
Protection Overhead %

N1
Data
Data

N2
Data
Data

N3
Data
Data

N4
Data
Data

N5
Data
FEC

N6
FEC
FEC

N7

N6

N7

N8

N9
Disk 1
Disk 2
Disk 3

Requested Protection
File Size (KB)
Protection Overhead %

N1
Data
Data
Data

N2
Data
Data
Data

N3
Data
Data
Data

N4
FEC
FEC
FEC

N5

N9
Disk 1
Disk 2
Disk 3

Requested Protection
File Size (KB)
Protection Overhead %

EMC Education Services

N8

67

N1

N2

N3

N4

N5

N6

Data

Data

Data

Data

FEC

FEC

N7

N8

N9
Disk 1
Disk 2
Disk 3

Requested Protection
File Size (KB)
Protection Overhead %

N1
Data
Data

N2
Data
Data

N3
Data
Data

N4
Data
Data

N5
FEC
FEC

N6
FEC
FEC

N7

N8

N9
Disk 1
Disk 2
Disk 3

Requested Protection
File Size (KB)
Protection Overhead %

N1

N2

N3

N4

N5

N6

N7

N8

N9

Data

Data

Data

Data

Data

FEC

FEC

FEC

FEC

Requested Protection
File Size (KB)
Protection Overhead %

Lab 2.0: Summary

Summary:

EMC Education Services

In this lab, you learned how to review data protection and file
layout. This exercise should have helped you become more
comfortable with understanding how OneFS handles data, and the
protection of the cluster and files. You are now able to identify
OneFS protection levels and striping types.

68

Disk 1
Disk 2
Disk 3

Lab 2.1: Data Protection Settings

Scenario 2.1:

Now that you have reinforced your understanding of protection

overhead and file layout, you will review and make changes to the
data protection settings for directory and file protection levels that
can affect node pool, folder, and file. To do this, youll use the web
administration interface and also use the CLI using isi get and
isi set. Here you will see how a cluster responds to being under
protected. You will then find and apply the file protection from the
CLI.
The final task for you will be to apply what you were taught about
cache using the CLI.

Tasks:

1. Examine data protection settings.

2. Apply directory level protection.
3. File protection using the CLI.

References:

Module 2, Lessons 1 3

Task 1: Examine and Modify Data Protection Settings

In this task, you examine and modify the data protection settings of the cluster.
1. From the Remote Desktop window, open a web browser and navigate to https://192.168.0.11:8080.

EMC Education Services

69

2. Log in to OneFS with user as root and password as Isilon2!. If you get the prompt about the websites security
certificate, click Continue to this website.

3. On the FILE SYSTEM tab, click Storage Pools, and then click the SmartPools sub-tab.
For the iq_vmware node pool, note the Requested Protection level.
NOTE: Data protection settings are managed by SmartPools, and can be edited on SmartPools Settings tab.

EMC Education Services

70

4. Click the File Pool Policies sub-tab.

You should see a message telling you that SmartPools is not licensed on this cluster. This means you have a
single SmartPools policy.
In the File Pool Policies table, in the Actions column, click View/Edit.

5. On the View Default Policy Details dialog box, click Edit Policy.

EMC Education Services

71

6. In the Edit Default Policy Details window, do the following, click Save Changes, and then click Close (after you
click Save Changes, the Cancel button changes to Close).

Requested Protection: Select +1n.

7. On the SmartPools tab, in the Tiers & Node Pools section, notice that for node pool iq_vmware, the Requested
Protection has not changed to +1n because you only changed the file pool policy not the SmartPools policy.
Now in the Actions column, click View/Edit.

EMC Education Services

72

8. In the View Node Pool Details window, do the following:

a. In the Node Pool Information section, find the Requested Protection, and note the default protection
level listed.
b. Click Edit, and review the L3 Cache notice.
c. Click the Requested Protection drop-down list to see all available options, and then select +1n.
d. Click Save Changes.
e. When the button is available, click Close.

9. On the SmartPools tab, note the protection level now. How does this compare with what appeared in Step 6
above?

10. Click the Summary tab. For SmartPools, what is the Status and what does the message say?

11. In the SmartPools row, click the View Details button.

EMC Education Services

73

12. Review the details in the Details window.

Notice that the node pool is now underprotected.
Click Close, and then minimize the browser.

13. Launch PuTTY from the taskbar, type 192.168.0.11 for Host Name, click Open.
Log in as root using the Isilon2! password.
14. To manage your clusters protection policy, use the following sequence of commands:
a. At the Cloud9 prompt, press ENTER after typing:
isi storagepool nodepools list

Note the current ID number and Protection Policy. These will be used in the next step.

b. To change the Protection Policy, at the Cloud9 prompt, press ENTER after typing:
isi storagepool nodepools modify 2 -p +3d:1n1d

c. To view the updates, at the Cloud9 prompt, press ENTER after typing:
isi storagepool nodepools list

Note the change in Protection Policy.

EMC Education Services

74

15. In the browser, go to the OneFS web administration interface.

16. On FILE SYSTEM tab, click Storage Pools, and then click the SmartPools sub-tab.
Notice the new Requested Protection level.

EMC Education Services

75

17. On the Storage Pools tab, click Summary, and then in the SmartPools row for iq_vmware, note the change in
protection.
Click View Details.

18. Examine the details of the Status page, and then click Close.
NOTE: You have now gone from being underprotected to over protected.
Leave the browser window open.

19. How does under protection or over protection affect your storage capacity?

EMC Education Services

76

Task 2: Apply Directory Level Protection

In this task, you use the web administration interface to apply directory-specific protection levels.
1. If you are not already logged in, log in to the web administration interface as root using password Isilon2!.
2. On the FILE SYSTEM tab, click File System Explorer.

3. In the Directories pane, select the data folder, and then for this directory, click Properties.

4. Verify that the current Requested protection level is Diskpool default.

Click the Requested protection drop-down list to view available protection levels, and then click Cancel to
return to the File System Explorer tab.

EMC Education Services

77

5. In the Directories pane, select the data directory, and then click Add Directory.

6. To create a new directory, complete the following, and then click Submit.

Directory name: Type Protection_Test.

User: Verify root is selected.

Group: Select Isilon Users.

Permissions: Select the following so all Permissions are selected:

o

Group: Select Write.

Other: Select Write.

7. In the Directories pane, expand the data folder, and select the new Protection_Test folder.
In the right-side pane, for this directory, click Properties.

EMC Education Services

78

8. In the Properties window, do the following, and then click Submit.

Settings management: Select Manually managed.

Requested protection: Select +3d:1n1d.

9. Back on the File System Explorer tab, in the Directories pane, select the data directory.
Examine the Policy column, and note the protection settings of the data (or this directory) and the
Protection_Test directory.
Minimize the browser.

EMC Education Services

79

Task 3: File Protection Using CLI

In this task, you use an SSH session to review protection levels and apply directory-specific protection levels.
1. In the Remote Desktop window, launch Windows Explorer from the taskbar.

2. In the navigation pane, right-click This PC, and then click Map network drive.

EMC Education Services

80

3. In the Map Network Drive dialog, do the following, and then click Finish.

Folder: Type \\192.168.0.12\ifs.

Reconnect at sign-in: Confirm this box is checked.

Connect using different credentials: Check this box.

4. When prompted for network credentials, log in as root using password Isilon2!, and then click OK.

EMC Education Services

81

5. Double-click the data folder, and then double-click the Protection_Test folder you created in the previous task.
You are now inside the empty Protection_Test folder.
Minimize this window for now; in the next steps you will copy a local file into this directory.

6. Return to Windows Explorer.

Open the Demo Data folder, then open one of the sub-folders, and copy a file.

EMC Education Services

82

7. In the Protection_Test folder you opened previously, paste the file you just copied.

8. If PuTTY is not open already, launch PuTTY from the taskbar, type 192.168.0.11 for Host Name, and then click
Open.
If a message appears indicating a certificate or security problem, continue despite the warning.
9. Log in as root using password Isilon2!.
10. At the Cloud9 prompt, press ENTER after typing the lines below.
11. To get information about the data folder, press ENTER after typing:
isi get -d /ifs/data

Notice the Policy, Level, and Performance.

EMC Education Services

83

12. To get detailed node data plus the layout of the files and attributes, press ENTER after typing:
isi get -D /ifs/data |more

Use the SPACEBAR to page through the output.

13. To get additional detailed file attributes, at the Cloud9 prompt, press ENTER after typing:
isi get -DD /ifs/data |more

EMC Education Services

84

14. At the Cloud9 prompt, press ENTER after typing:

isi get -D <path to your file> |more

where <path to your file> is the path to the file you just copied-and-pasted to the Protection_Test
folder.
Notice your protection level and file details.

15. At the Cloud9 prompt, press ENTER after typing:

isi get -DD <path to your file> |more

where <path to your file> is the file path.

Compare the end of this output to the info above. Notice the Protection Groups and Security Descriptors you
get in addition to the protection level and file details from the previous steps output.

EMC Education Services

85

Lab 2.1: Summary

Summary:

In this lab you learned how to review and change

data protection settings, and to change data
protection levels for folders.
After completing this lab you are now able to
change OneFS protection levels.

EMC Education Services

86

Lab 2.2: Locating Cache Information

Scenario 2.2:

References:

As the administrator, you will need to know how to find caching

information. In this lab, you will examine your clusters cache
statistics and settings information using the CLI.

Module 2, Lesson 4

1. In the PuTTY window, at the Cloud9 prompt, press ENTER after typing:
isi status

Do you see any L3 cache listed in the readout?

NOTE: Because this is a virtual application, there are no SSD drives and, as such, no L3 cache listed under the
SSD Storage.

2. At the Cloud9 prompt, press ENTER after typing:

isi storagepool settings view

Note the default SSD setting for L3 if drives were present.

EMC Education Services

87

3. At the Cloud9 prompt, press ENTER after typing:

isi storagepool nodepool list -v

Observe the setting and status for L3.

How does this relate to the Avail SSD Bytes, Free SSD Bytes, and Total SSD Bytes? These should all read zero
due to no SSDs, and the setting for L3 Enabled should be No.

4. Minimize the PuTTY window.

Lab 2.2: Summary

Summary:

EMC Education Services

In this lab, you learned how to review cache information using the
three CLI commands. You learned how to view the settings from
isi status, how to view the default SSD settings for storage
pools, and how to view the L3 cache settings for node pools. You
learned where to read the available, free, and total SSD bytes for a
specific node pool.

88

Module 3
Access to the Cluster

EMC Education Services

89

Module 3 Access to the Cluster

Lab 3.0: Connecting Isilon to the Network
Scenario 3.0:

You have multiple customers that want isolation from everyone

else and yet want a large bandwidth into their storage. As the
senior IT Admin for Cloud9, use the customer descriptions below to
plan for which companies would use NIC aggregation, VLANs, and
access zones.
Using the training on network configuration, how would you apply
network protocols to the following needs:

References:

Live-Stream, a Windows multimedia customer who

streams media files via HTTP.
Sky Watch, a surveillance customer who uses Linux NFS
connections for storing their recordings.
Graphics-R-Us, a graphic design company that has four
divisions that must maintain isolation from each other
using mixed protocols on the same subnet. Additionally,
their Windows users need home directories.

Module 3, Lessons 1 2

1. Which company would you use NIC aggregation for?

2. Should you use NIC aggregation for everyone?

3. What company do you think should use VLANs?

EMC Education Services

90

4. Should all of these companies have their own access zones?

5. For the access zones, which protocols would you configure for each one?

6. Would you want 1GB or 10GB network interfaces?

7. Based on having a limited number of network ports, would you want to dedicate specific ports to a specific
customer? Explain your reasoning.

Lab 3.0: Summary

Summary:

EMC Education Services

In this lab, you learned about the various types of network

interfaces and speeds of the interfaces. You also learned how to
apply access zones to the needs of various customers. Now you are
able to design access zones with various network interface
protocols.

91

Lab 3.1: SmartConnect Settings

Scenario 3.1:

Tasks:

After identifying your network needs, configure SmartConnect

Basic and Advanced to meet the needs of your Cloud9 customers.
Then, once these are created, you will test the new SmartConnect
zones.

1. Configure SmartConnect.
2. Create required DNS records.
3. Test SmartConnect settings.
4. Configure additional SmartConnect Zone.
5. Create DNS records for NFS Zone.
6. Test new SmartConnect Zone settings.

References:

EMC Education Services

Module 3, Lesson 3

92

Task 1: Configure SmartConnect

In this task, you will enable the SmartConnect Service and configure the SmartConnect Service IP address.
1. From the Remote Desktop window, open a web browser and navigate to https://192.168.0.11:8080.

2. Log in to OneFS with user as root and password as Isilon2!.

If you get a prompt about the websites security certificate, click Continue to this website.

3. On the CLUSTER MANAGEMENT tab, on the Network Configuration tab, in the External Network Settings
section, click subnet0.

EMC Education Services

93

4. On the Network Configuration page, next to Settings, click Edit.

5. In the Configure Subnet window, for SmartConnect service IP, type 192.168.0.100, and then click Submit.

EMC Education Services

94

6. Back on the Network Configuration page, in the IP Address Pools section, next to SmartConnect settings, click
Edit

7. On the Configure Pool SmartConnect Settings dialog, do the following and then click Submit.

Zone name: Type Cloud9.isilon.training.com. Zone names are not case sensitive.

Connection policy: Leave the default setting of Round Robin.

SmartConnect service subnet: Select subnet0.

EMC Education Services

95

Task 2: Create Required DNS Records

In this task, you create two DNS records on a Microsoft DNS server, a host record for the SmartConnect Service, and an
NS (Delegation) record.
1. In the VMware Workstation, click the WinServer2008 tab.

2. To start the Windows log on, right-click the Win2008 tab, and then click Send Ctrl+Alt+Del.

3. Log on as Isilon\Administrator using the Isilon2! password.

EMC Education Services

96

4. On the WinServer2008 taskbar, click the DNS icon.

5. In DNS Manager, expand WINSERVER, and then expand Forward Lookup Zones.

EMC Education Services

97

6. In the navigation pane, click isilon.training.com to display DNS information.

In the details pane, right-click in an empty area, and then click New Host.

7. On the New Host dialog box, do the following, and then click Add Host.

Name: Type sip.

IP Address: Type 192.168.0.100.

Create associated pointer (PTR) record: Verify this box is checked.

8. When the success message displays, click OK. Close the New Host dialog box by clicking Done.

EMC Education Services

98

9. In the navigation pane, select isilon.training.com.

Then in the details pane, right-click in an empty area, and then click New Delegation.

10. The New Delegation Wizard starts.

a. On the welcome screen, click Next.

EMC Education Services

99

b. On the Delegated Domain Name screen, for Delegated domain, type cloud9, and then click Next.

c. On the Name Servers screen, click Add, then for the Server fully qualified domain name (FQDN), type
sip.isilon.training.com, and then click OK.

d. Back on the Name Servers page, click Next, and then click Finish to close the wizard.

EMC Education Services

100

11. In DNS Manager, the new delegation record displays with isilon.training.com selected.
Close the DNS Manager before continuing.

Task 3: Test SmartConnect Settings

In this task, you test the name-to-IP-address resolution of the cluster, and then connect to the cluster by name.
1. From the WinServer2008 taskbar, click the Command Prompt icon.

2. At the prompt, press ENTER after typing:

nslookup cloud9

Note the IP address that is returned.

Now press the UP ARROW key or type nslookup cloud9, press ENTER.
Note the IP address this time.

EMC Education Services

101

3. At the prompt, press ENTER after typing:

ping cloud9

Note the IP address that is returned.

Now use the UP ARROW key or type ping cloud9, press ENTER.
Note the IP address this time, and then minimize the Command Prompt window.

4. From the WinServer2008 taskbar, open a web browser

EMC Education Services

102

5. Navigate to https://cloud9:8080 to open OneFS. If a message appears indicating a certificate or security

problem, continue despite the warning.
6. Close the browser after you have verified access.

7. Minimize the VMware workstation session.

Lab 3.1: Summary

Summary:

EMC Education Services

In this lab, you learned how to configure SmartConnect, create DNS

records, and test DNS entries. You are now able to configure Basic
SmartConnect.

103

Lab 3.2: Set NTP Services

Scenario 3.2:

References:

Time synchronization is critical for cluster functionality. Set your

Network Time Protocol (NTP) services to sync with your Active
Directory server.

Module 3, Lesson 4

1. From the the Remote Desktop window, open a web browser and navigate to https://192.168.0.11:8080.

2. Log in to OneFS with user as root and password as Isilon2!.

If you get a prompt about the websites security certificate, click Continue to this website.

EMC Education Services

104

3. On the CLUSTER MANAGEMENT tab, click General Settings, and then click the NTP tab.

4. On the NTP tab, do the following, and then click Submit, then minimize the browser window.

NTP server: Type 192.168.0.201, and then click Add.

Server: You should see the NTP server IP address that you added in the NTP server field.

EMC Education Services

105

5. On the CLUSTER MANAGEMENT tab, click General Settings, and then click the Date & Time sub-tab.

6. In the Date & Time section, do the following steps, and then click Submit:
a. Compare the nodes Date and Time to the system time on the Windows client.
Notice that the node time is in 24-hour format.
b. If the node date and time is different from the Windows client, from the Date and time drop-down
lists, configure the date and time to match the Windows client time using 24-hour format.

7. Minimize the browser.

EMC Education Services

106

Lab 3.2: Summary

Summary:

EMC Education Services

In this lab, you learned how to set your NTP services to sync with
your Active Directory server. You are now able to configure the
NTP server.

107

Lab 3.3: Connect to LDAP Domain

Scenario 3.3:

Knowing that Cloud9 customers use a mix of NFS and SMB clients,
you need to configure your cluster to use LDAP following Isilon best
practices. Best practice dictates that you have the cluster join to
LDAP first.
In this lab, you configure the cluster to use LDAP to authenticate
clients using credentials stored on an LDAP server. Isilon best
practice is to always connect LDAP first, before joining the cluster
to an AD domain.
NOTE: During the course of this lab and the next, you will need to
occasionally update the NTP, as you did in the last lab, to keep the
cluster in sync with the domain controller. This is due to a
simulator bug.

Tasks:

1. Enable LDAP authentication.

2. Verify LDAP authentication.

References:

EMC Education Services

Module 3, Lesson 4

108

Task 1: Enable LDAP Authentication

In this task, you configure a base Distinguished Name (DN). The base DN identifies the entry in the directory where
LDAP clients begin their search. Base DNs can include the parameters common name (cn), locality (l), organizational
unit (ou), domain component (dc), and others. An example of a Distinguished Name is: cn=lab1 dc=isilon, dc=com.
1. In the the Remote Desktop window, open a web browser and navigate to https://192.168.0.11:8080.

2. Log in to OneFS with user as root and password as Isilon2!.

If you get a prompt about the websites security certificate, click Continue to this website.

3. On the ACCESS tab, click Authentication Providers, and then click the LDAP sub-tab.

EMC Education Services

109

4. In the Manage LDAP Providers section, click Add an LDAP Provider.

5. In the Add an LDAP Providers section, do the following, and then click Add LDAP Provider.

LDAP Provider Name: Type Isilon LDAP.

Server URIs: Type ldap://linuxserver.

Load balance servers: Clear this box.

Base Distinguished Name: Type dc=isilon, dc=training, dc=com.

EMC Education Services

110

6. On the LDAP tab, in the LDAP Providers table, verify the new LDAP provider is listed and that there is a green
dot in the Status column.

7. Minimize the browser window.

Task 2: Verify LDAP Authentication

In this task, you verify that the LDAP service is correctly configured on the cluster.
1. If not already open, launch PuTTY from the taskbar, type 192.168.0.11 for Host Name, and then click Open.
Log in as root using the Isilon2! password.

2. At the Cloud9 prompt, press ENTER after typing:

isi auth status

The output looks similar to the image below.

EMC Education Services

111

NOTE: Type isi auth status --verbose, and then press ENTER. Notice the additional information.

Lab 3.3: Summary

Summary:

EMC Education Services

In this lab, you learned how to configure and enable LDAP

authentication, and you are now able to configure and verify OneFS
LDAP settings.

112

Lab 3.4: Join an Active Directory Domain

Scenario 3.4:

Complete the Cloud9 authentication by joining the cluster to Active

Directory.
In this lab, you will join the cluster to a Windows 2008 AD domain,
create new shares, and test the share permissions.

Tasks:

1. Join cluster to Active Directory.

2. Check domain join status.
3. Create two shares and set permissions.
4. Access and review shares.
5. Restore stable cluster.

References:

Module 3, Lesson 4

Task 1: Join Cluster to Active Directory

1. From the Remote Desktop window, open a web browser and navigate to https://192.168.0.11:8080.

EMC Education Services

113

2. Log in to OneFS with user as root and password as Isilon2!.

If you get a prompt about the websites security certificate, click Continue to this website.

3. On the CLUSTER MANAGEMENT tab, click General Settings, and then click the Date & Time tab.

4. Verify the time on the nodes.

If there is more than a 2 minute difference, enter the current time in 24-hour format to match the Windows
clients time, and then click Submit.

EMC Education Services

114

5. On the ACCESS tab, click Authentication Providers, and then click the Active Directory tab.

6. On the Active Directory tab, click Join a domain.

7. On the Join a Domain page, enter the following, and then click Join.

Domain Name: Type Isilon.training.com.

User: Type administrator.
Password: Type Isilon2!.

EMC Education Services

115

8. Joining the domain may take several minutes. After your node successfully joins the domain, a notification
displays.

9. Staying on the ACCESS tab, click Access Zones to confirm the AD and LDAP providers.

10. Minimize the browser window.

Task 2: Check Domain Join Status

Before starting this task, know that it may take up to 10 minutes for the join process to complete.
1. Launch PuTTY from the taskbar, type 192.168.0.11 for Host Name, and then click Open.

2. Log in as root using the Isilon2! password.

EMC Education Services

116

3. To verify that you have joined the domain, at the Cloud9 prompt, press ENTER after typing:
isi auth ads view isilon.training.com

In the output, verify that the ADS is reported as online. Additional information that verifies the cluster is
properly joined to the domain includes the display of the domain controller.

4. Leave this SSH session open.

Task 3: Create Two Shares and Set Permissions

In this task, you create two shares in the web administration interface using slightly different security options, and then
you compare the differences.
1. Switch back to the web administration interface.
2. On the PROTOCOLS tab, click Windows Sharing (SMB), and then click Add a Share.

EMC Education Services

117

3. On the Add an SMB Share page, to create the first share, enter the following, and then click Create.

Share Name: Type studentshare1.

Description: Type Windows SMB share.

Directory to Be Shared: Type /ifs/data/studentshare1.

Directory ACLs: Select Apply Windows Default ACLs.

a. When prompted to Create New Path, click Create new Directory.

b. You should receive a notification that Your share has been created.

EMC Education Services

118

4. After you get the message saying Your share has been created, click Add a Share to add another share.

5. On the Add an SMB Share page, enter the following, and then click Create.

Share Name: Type studentshare2.

Description: Type Windows SMB share.

Directory to Be Shared: Type /ifs/data/studentshare2.

Directory ACLs: Select Do not change existing permissions.

Users and Group Account: Click Add a User or Group.

a. In the Select a User or Group window, do the following, and then click Search.

EMC Education Services

Provider: Select ADS:ISILON.TRAINING.COM.

Active Directory Domain: Verify isilon.training.com is selected.

Domain Credentials: Select Use Machine Credentials.

119

b. In the Search Results, select ISILON\student, and then click Select.

a. In the Users and Groups section, for the ISILON\student item, click Edit.
Check Full Control to give student the ability to create and delete files and folders, and click Create.
Next, for the Everyone item, click Delete, and then click Save at the bottom of the table.

b. When prompted to Create new path, click Create new directory.

6. On the FILE SYSTEM tab, click File System Explorer, and then in the Directories pane, click the data directory.

EMC Education Services

120

a. In the details pane, in the studentshare1 row, click Properties to access Permission Settings.

b. Examine the UNIX Permissions.

Which box does not have a check mark?
Other
c. Click Cancel after your examination.
d. In the details pane, in the studentshare2 row, click Properties to access Permission Settings.

e. Review the UNIX Permissions.

Which box does not have a check mark?
Other and Group
f.

After your review, click Cancel to return to the web administration interface.

7. Log out of the OneFS web administration interface by clicking Log out, and then close the browser window.

EMC Education Services

121

Task 4: Access and Review Shares

1. In the Remote Desktop window, launch Windows Explorer from the taskbar.

2. In the navigation pane, right-click This PC, and then click Map network drive.

EMC Education Services

122

3. In the Map Network Drive dialog box, do the following, and then click Finish.

Folder: Type \\cloud9\studentshare1.

Reconnect at logon: Confirm this box is checked.

Connect using different credentials: Check this box.

4. Log on to the new share as root using the Isilon2! password.

5. Right-click anywhere in the studentshare1 window that appears:

a. Point to New, and then click Text Document.
b. For the name of the document, type test_document1, and then press ENTER.

EMC Education Services

123

6. Right-click test_document1, and select Open.

7. In the document, type This is a test! several times, save and then close the file.
8. Create another share, studentshare2 on the cluster, repeat steps 2 - 7 above. Skip step 4 as you will
automatically use the local Windows Student account to map the drive.
Be sure to use \\cloud9\studentshare2 as the path, and create a new test_document2.txt document for it.
9. On the studentshare1, right-click on test_document1, and click Properties.
10. In the Properties dialog box, select the Security tab.
In the Group or user names section, click each entry and review the permissions for each.
Why are the permissions greyed-out instead of black?

11. Click Cancel to close the dialog box.

12. If not already open, launch PuTTY from the taskbar, type 192.168.0.11 for Host Name, and then click Open.
Log in as root using the Isilon2! password.

EMC Education Services

124

13. To change the directory, at the Cloud9 prompt, press ENTER after typing:
cd /ifs/data/studentshare1

Verify your position by typing pwd and pressing ENTER.

14. To display permissions, ownership, etc., for the test_document1.txt file, at the Cloud9 prompt, press ENTER
after typing:
ls -l test_document1.txt

The plus sign (+) that displays after the UNIX permissions denotes that the file also has ACL permissions.

15. To display the ACLs associated with the file, at the Cloud9 prompt, press ENTER after typing:
ls -le test_document1.txt

This command provides cluster administrators with a method of viewing ACLs from the cluster CLI. There are
also commands available to modify these ACLs.

16. Repeat the last three steps for your other share, using /ifs/data/studentshare2 for the path and
test_document2.txt for the file name.

EMC Education Services

125

17. From Windows Explorer, click each document and compare the permissions on test_document1 and
test_document2.
On the Security tab for the file created on studentshare2, notice that only the creator of the file is listed. This is
because you did not select and apply the default ACL when creating studentshare2. In environments joined to
an AD domain, it is recommended that you do not apply the default ACL when creating shares.

Lab 3.4: Summary

Summary:

EMC Education Services

In this lab, you learned how to join the cluster to and AD domain,
check the domain join status, create shares, and set permissions.
You are now able to configure OneFS authentication for AD, and
you are also familiar with creating and testing shares.

126

Lab 3.5: Advanced SmartConnect Settings

Scenario 3.5:

Tasks:

Now that the basic connectivity setting and authentication settings

are configured, use the skills taught in the module to configure
advanced SmartConnect settings for your Cloud9 customers. Make
sure to configure the additional SmartConnect Zone, and create the
proper DNS records and NFS zone, and then test the new
SmartConnect settings.

1. Configure additional SmartConnect Zones.

2. Create required DNS records for NFS Zone.
3. Test SmartConnect settings.

References:

Module 3, Lesson 3

Task 1: Configure Additional SmartConnect Zone

In this task, you create a SmartConnect zone for NFS and configure NFS failover.
1. In the the Remote Desktop window, open a web browser and navigate to https://192.168.0.11:8080.
Log in to OneFS with user as root and password as Isilon2!.
If you get a prompt about the websites security certificate, click Continue to this website.

EMC Education Services

127

2. Ask your instructor for the Isilon SmartConnect Advanced license.

a. Hover over Help menu, and select About This Cluster.
b. In the Licensed Modules section, click Activate license.
c. Type the license number. (License numbers are not case sensitive, but should not include mixed case
characters, and hyphens are allowed.)
d. Accept the EULA.
e. Click Submit.

f.

On the About This Cluster page, for SmartConnect Advanced, verify that Status is Evaluation.

EMC Education Services

128

3. On the CLUSTER MANAGEMENT tab, click Network Configuration.

4. In the Subnets section, click subnet0.

What new options are available?

5. In the IP Address Pools section, click Add pool.

6. On the Create new pool for subnet dialog box, enter the following, and then click Next:

Name: Type NFSZone.

Description: Type a useful description for this pool.

Access zone: Select System.

IP range (low-high): Click New, enter the following:

o

Low IP: Type 192.168.0.241.

High IP: Type 192.168.0.249.

EMC Education Services

129

7. On the Configure Pool SmartConnect Settings page, do the following, and then click Next.

SmartConnect Basic section:

o

Zone name: Type nfs.isilon.training.com.

Connection policy: Leave the default setting of Round Robin.

SmartConnect service subnet: Select subnet0.

SmartConnect Advanced section:

o

IP allocation method: Select Dynamic.

Rebalance policy: Leave the default setting of Automatic Failback.

IP Failover Policy: Select Connection Count.

EMC Education Services

130

8. On the Configure Pool Interface Members page, in the Available interfaces list, select ext-1, Node 1, and then
click the right arrow to move it to the Interfaces in current pool list.
Repeat for ext-1, Node 2 and ext-1, Node 3, and then click Submit.
You may select multiple entries in the list by pressing CTRL while selecting multiple items individually.

EMC Education Services

131

9. In the IP Address Pools section, verify that both the default pool, pool0, and your new IP address pool,
NFSZone.

Task 2: Create DNS Records for NFS Zone

In this task, you create a NS (Delegation) DNS record for the nfs on a Microsoft DNS server.
1. In the VMware Workstation, click the WinServer2008 tab.

EMC Education Services

132

2. To start the Windows log on, from the VMware Workstation menu bar, click VM, and then click Send
Ctrl+Alt+Del.

3. Log on as Isilon\Administrator using the Isilon2! password.

4. From the WinServer2008 taskbar, click the DNS icon.

5. In DNS Manager, expand WINSERVER, and then expand Forward Lookup Zones.

EMC Education Services

133

6. In the navigation pane, select isilon.training.com, then in an empty area in the details pane, right-click and then
select New Delegation.

7. The New Delegation Wizard starts. On the welcome page, click Next.
8. For the Delegated domain, type nfs, click Next, and then click Add.

9. For the Server fully qualified domain name (FQDN), type sip.isilon.training.com, and then click OK.

10. On the Name Servers page, click Next, and then click Finish.
In the Isilon.training.com directory, verify you see both the cloud9 and nfs forward lookup zones.
11. Leave the DNS Manager open.

EMC Education Services

134

Task 3: Test New SmartConnect Zone Settings

In this task, you test the name-to-IP-addresses resolution of the new zone.
1. On the Windows workstation client taskbar, click the Command Prompt icon.

2. At the prompt, press ENTER after typing:

nslookup nfs

Note the IP address that is returned.

3. To run the nslookup nfs command again, press the UP ARROW, and then press ENTER.
Compare the IP address that is returned this time.

4. At the prompt, press ENTER after typing:

ping nfs

Note the IP address that is returned.

EMC Education Services

135

5. To run the command again, press the UP ARROW, and then press ENTER.
ping nfs

Compare the IP address that is returned this time.

6. Leave this Command Prompt window open.

Lab 3.5: Summary

Summary:

EMC Education Services

In this lab, you learned how to configure SmartConnect, create DNS

records, test DNS entries, and create additional SmartConnect
zones. You are now able to configure Basic and Advanced
SmartConnect.

136

Lab 3.6: Creating Access Zones

Scenario 3.6:

Based on the following customers, create three access zones, one

for each customer:

Live-Stream: Windows multimedia customer who streams

media files via HTTP

Sky Watch: Surveillance customer who uses Linux NFS

connections for storing their recordings

Graphics-R-Us: Graphic design company that has 4 divisions

but must maintain isolation from each other using mixed
protocols on the same subnet

In this lab, you will learn to create access zones on a cluster by

creating an SMB access zone and an NFS access zone. NFS can only
authenticate against the System zone while SMB can authenticate
against any zone.

References:

Module 3, Lesson 3

1. From the Windows Workstation Open a web browser and navigate to https://192.168.0.11:8080.
Log in to OneFS with user as root and password as Isilon2!.
If you get a prompt about the websites security certificate, click Continue to this website.

EMC Education Services

137

2. On the FILE SYSTEM tab, click File System Explorer, and then click Add Directory.

3. In the New Directory Properties dialog box, do the following, and then click Submit.

Directory: Type Zone-SMB.

Permissions: In the Write column, select Group and Other. All Permissions should now be selected.

4. Repeat Steps 2 through 4 to create a directory named Zone-NFS.

5. In File System Explorer, verify both directories appear: /ifs/Zone-SMB and /ifs/Zone-NFS.
6. On the ACCESS tab, click Access Zones.
For System zone, and verify the Provider Status is green for Active Directory, LDAP, and Local.

EMC Education Services

138

7. In the upper right corner of the Access Zones section, click Create an access zone.
8. On the Create an Access Zone screen, do the following, and then click Create Access Zone.

Access Zone Name: Type Zone-SMB.

NOTE: Zone names cannot contain characters other than A-Z, a-z, 0-9, and - (dash).

Zone Base Directory: Type /ifs/Zone-SMB.

Authentication Providers: Select Manually select authentication providers.

Click Add an authentication provider, enter the following, and then click Create Access Zone.
o

New Authentication Provider Type: Select Active Directory.

Authentication Provider: Select ISILON.TRAINING.COM.

9. Verify that a success message displays, and that the Provider Status for the new zone is green.

EMC Education Services

139

10. On the CLUSTER MANAGEMENT tab, click Network Configuration, and then click subnet0.

11. In the IP Address Pools section, click Add pool.

12. In the Create new pool for subnet dialog box, enter the following, and then click Next.

Name: Type SMBZone.

Description: Type a useful description for this pool.

Access zone: Select Zone-SMB.

IP range (low-high): Click New, and then enter the following:

o

Low IP: Type 192.168.0.231.

High IP: Type 192.168.0.239.

NOTE: This process should be familiar to you; steps will continue without repeated screen
images.

In the SmartConnect Basic section, do the following, and then click Next.
o

Zone name: Type smb.isilon.training.com.

Connection policy: Leave the default setting of Round Robin.

SmartConnect service subnet: Select subnet0.

In the SmartConnect Advanced section, leave the default settings.

EMC Education Services

140

15. On the Configure Pool Interface Members page, in the Available interfaces list, select ext-1, Node 1, and then
click the right arrow to move it to the Interfaces in current pool list.
Repeat for ext-1, Node 2 and ext-1, Node 3, and then click Submit.
You may select multiple entries in the list by pressing CTRL while selecting multiple items individually.

16. Click Submit, and verify that your new IP address pool, SMBZone is in the IP Address Pools.
17. In the VMWare Workstation, on the WinServer2008 tab, go back to the DNS Manager.
18. If necessary, expand WINSERVER, and then expand Forward Lookup Zones.
19. In the navigation pane, click isilon.training.com, then in the details pane, right-click in an empty area, and then
select New Delegation.

EMC Education Services

141

20. The New Delegation Wizard starts. On the welcome screen, click Next.
21. For the Delegated domain, type smb, click Next, and then click Add.
22. For the Server fully qualified domain name (FQDN), type sip.isilon.training.com, and then click OK.
23. On the Name Servers page, click Next, and then click Finish.
In the Isilon.training.com directory, verify you see Cloud9, nfs, and smb forward lookup zones.
24. In the Windows client, return to the OneFS web administration interface.
25. On the ACCESS tab, click Access Zones. The Provider Status for the Zone-SMB zone should be green for Active
Directory.

26. Click Create an access zone.

27. Change the Access Zone Name to Zone-NFS.
28. To create the Access Zone, complete these steps:

Zone Base Directory: Type /ifs/Zone-NFS.

Authentication Providers: Leave this set to Manually select authentication providers.

Add an authentication provider: Select this box.

29. To finish creating the Access Zone, complete these steps, and then click Create Access Zone.

New Authentication Provider: Select LDAP.

Authentication Provider: Select Isilon LDAP.

30. Verify that a success message displays, and that the Provider Status for the new zone is green.

EMC Education Services

142

31. On the CLUSTER MANAGEMENT tab, click Network Configuration, and then click subnet0.

32. In the IP Address Pools section, expand the NFSZone.

33. In the Basic settings section, click the Edit link.

34. For the Access zone, select Zone-NFS, and then click Submit.

35. Refresh the browser window and verify that the Access zone now shows Zone-NFS.

EMC Education Services

143

Lab 3.6: Summary

Summary:

EMC Education Services

In this lab, you learned about connection types and how to create,
assign, and manage access zones. Having completed this lab you
are now able to create OneFS access zones.

144

Module 4
User Authentication and File Access

EMC Education Services

145

Module 4 Identity Management

Lab 4.0: Identity Management
Scenario 4.0:

Tasks:

As the Cloud9 administrator, use the OneFS CLI to identify UID, GID
UNIX SIDs and On Disk identity on the cluster in regards to user
accounts.

1. Viewing UID, GID, UNIX SIDs and On-Disk identity.

2. Use On-Disk identity mapping.

References:

Module 4, Lesson 1

Task 1: Viewing UID, GID, UNIX SIDs and On-Disk Identity

In this task, you use the isi auth mapping command to locate On-Disk Identities for users and groups, as well as
reverse lookup of accounts.
1. In the the Remote Desktop window, open a web browser and navigate to https://192.168.0.11:8080.
Log in to OneFS with user as root and password as Isilon2!.
If you get a prompt about the websites security certificate, click Continue to this website.

EMC Education Services

146

2. On the ACCESS tab, click Settings.

3. In the Access Management Settings section, verify that On-Disk Identity is set to native, which is usually best
for a network with both UNIX and Windows systems.
4. Minimize the browser window.
5. If not already open, launch PuTTY from the taskbar, type 192.168.0.11 for Host Name, and then click Open.

6. Log in as root using the Isilon2! password.

7. To view all of the clusters users, at the Cloud9 prompt, press ENTER after typing:
isi auth users list

8. At the Cloud9 prompt, press ENTER after typing:

isi auth mapping token student

a. Locate the On Disk identity for the student account.

b. Locate the UID, GID and SID for the student account.

EMC Education Services

147

9. At the Cloud9 prompt, press ENTER after typing:

isi auth mapping view --uid 10

c. What account is this On Disk identity for and what is the GID (if shown)?

10. At the Cloud9 prompt, press ENTER after typing:

isi auth mapping token root

Observe the Privileges list and Supplemental Identities.

11. To view a list of groups, at the Cloud9 prompt, press ENTER after typing:
isi auth groups list

12. At the Cloud9 prompt, press ENTER after typing:

isi auth groups view Isilon Users

d. What is the Domain identity for the Isilon Users group?

13. At the Cloud9 prompt, press ENTER after typing:

isi auth groups view admin

e. What is the Domain identity for the admin group?

14. At the Cloud9 prompt, press ENTER after typing:

isi auth groups view Users

f.

What is the Domain identity for the Users group?

g. What are the differences between the 3 Domain groups?

15. At the Cloud9 prompt, press ENTER after typing:

isi auth groups view --gid 1551

h. What is the name of the account that is assigned this GID?

EMC Education Services

148

Task 2: On-Disk Identity Mapping

In this task, you will compare LDAP and Windows users for their On-Disk Identity and SID.
1. Open the PuTTY session on the Isilon cluster.
2. To display the access token that is calculated for a user during authentication, at the Cloud9 prompt, press
ENTER after typing:
isi auth mapping token student10

Notice that the On Disk identity is the UID. Student10 is an LDAP user. An object that has an explicit UNIX
identity defined in an external source such as LDAP has that identity set as the On Disk identity.

3. At the Cloud9 prompt, press ENTER after typing:

isi auth mapping token student@isilon

The On Disk identity setting is the UID. We know the student exists in both Active Directory and LDAP because
the real SID as well as a real UID.
4. At the Cloud9 prompt, press ENTER after typing:
isi auth mapping token administrator@isilon

The On Disk identity is the SID. Administrator only exists in Active Directory. If an object lacks a UID or GID,
then its SID is set as the On Disk identity.

Lab 4.0: Summary

Summary:

EMC Education Services

In this lab, you learned about UID, GID, UNIX SIDs and On-Disk
Identity mapping. You should now be comfortable looking up users,
identifying them as OneFS users, LDAP, or Active Directory.

149

Lab 4.1: Permissions

Scenario 4.1:

Tasks:

Only the senior IT Admins for Cloud9 are allowed to create

accounts for access customers to their shares. You will create and
view permissions on an Isilon cluster. Understand how to remove
an Advanced ACL and impersonate a user in order to test
permissions.

1. Verify authentication providers.

2. View permissions.
3. Modify permissions.
4. Advanced ACL removal and user impersonation.

References:

Module 4, Lesson 2

Task 1: Verify Authentication Providers

In this task, you will verify that the authentication providers are online.
1. In the PuTTY session on the Isilon cluster, at the Cloud9 prompt, press ENTER after typing:
isi auth status

This command will display configured authentication providers and their status. Verify that the Status of the
LDAP and Active Directory providers are online.
2. To display a list of users by provider, at the Cloud9 prompt, press ENTER after typing:
isi auth users list --domain Isilon.training.com

In this example, you are viewing Active Directory users from the Isilon.training.com domain.
3. To query the LDAP server and output the various attributes for users, at the Cloud9 prompt, press ENTER after
typing (note there are no spaces after the commas):
ldapsearch -x -h linuxserver.isilon.training.com -b
dc=Isilon,dc=training,dc=com

EMC Education Services

150

Task 2: View Permissions

In this task, you will view permissions from the Isilon cluster command line.
1. On the Windows client taskbar, right-click the PuTTY icon, and select PuTTY to open a second SSH session.

2. Open the new PuTTY session to 192.168.0.212 (the IP address of the LinuxClient), and log in as root using the
Isilon2 password.
3. To create a mount point for an NFS export, press ENTER after typing:
mkdir /mnt/ifs

4. To mount the default ifs export to the mount point, press ENTER after typing:
mount 192.168.0.11:/ifs /mnt/ifs

5. Press ENTER after typing:

cd /mnt/ifs

6. Press ENTER after typing:

touch linux

7. To change the permissions on the linux file, press ENTER after typing:
chmod 777 linux

8. Now, go back to the PuTTY session on the Isilon cluster.

9. Press ENTER after typing:
ls -le /ifs/linux

The ls command is used to list directory contents.

The -l option lists files in the long format.

The -e option prints the Access Control List (ACL).

Notice the synthetic ACL. A synthetic ACL approximates the mode bits of a UNIX file for an SMB client.

EMC Education Services

151

10. Press ENTER after typing:

ls -len /ifs/linux

The -n option displays user and group IDs numerically.

11. In the Windows client, click Start, right-click This PC, and then click Map network drive.

12. For Folder, type \\192.168.0.12\ifs, and then click Finish. This will map a network drive to the default ifs share.
You might already have this mapped from earlier labs.

EMC Education Services

152

13. Right-click in an open area within the mapped network drives details pane, click New, and then click Text
Document.

14. Type windows and press ENTER to name the new document. Leave Windows Explorer open.
15. Return to the PuTTY session on the Isilon cluster.
16. Press ENTER after typing:
ls -le /ifs/windows.txt

Notice the + sign. This indicates an Advanced ACL. An Advanced ACL is a real (as opposed to synthetic) ACL.
17. Press ENTER after typing:
ls -len /ifs/windows.txt

What is the UID of this documents owner?

EMC Education Services

153

Task 3: Modify Permissions

In this task, you will use chmod +a and chmod +ai to change permissions on a file with an advanced ACL. You will
observe the effect of a Windows user changing the permissions on a file created by a Linux user, and vice versa.
1. In the PuTTY session on the Isilon cluster, press ENTER after typing:
ls -le /ifs/windows.txt

Note the permissions for later comparison.

2. Press ENTER after typing:
chmod +a user nobody allow generic_all /ifs/windows.txt

chmod +a parses a new ACL entry from the next argument on the command line and inserts it into the
canonical location in the ACL.

The +a mode strives to maintain the following correct canonical form for the ACL: local deny, local
allow, inherited deny, inherited allow.

The generic_all permission represents read, write, and execute access.

3. Press ENTER after typing:

ls -le /ifs/windows.txt

Compare the permissions to step 1.

4. Press ENTER after typing:
chmod +ai group domain users@isilon allow generic_all /ifs/windows.txt
chmod +a adds entries to the top of the local deny and local allow lists. Inherited entries can be added by
using chmod +ai.

5. Press ENTER after typing:

ls -le /ifs/windows.txt

Compare the permissions to step 3.

6. Press ENTER after typing:
ls -le /ifs/linux

Note the permissions in the output.

7. To change the owner of the linux file to Isilon\student, press ENTER after typing:
chown -s student@isilon /ifs/linux

EMC Education Services

154

8. To observe the owner of the linux file and the permissions, press ENTER after typing:
ls -le /ifs/linux

9. Go back to Windows Explorer and do the following:

a. In the left navigation pane, right-click the /ifs mapped network drive.
b. In the right pane, right-click the linux file, and then click Properties.
c. On the Security tab, and click Edit.

d. In the Group or user names section, make sure that Everyone is selected.
e. In the Permissions for Everyone section, for Full control, select Allow.

f.

Click OK, and then click OK again.

10. Return to the PuTTY session on the Isilon cluster, press ENTER after typing:
ls -le /ifs/linux

Compare permissions to step 8.

Notice that there is no longer a SYNTHETIC ACL but now there is an advanced ACL indicated by the + sign.
11. Press ENTER after typing:
ls -le /ifs/windows.txt

Note the output for comparison.

12. Go back to the LinuxClient PuTTY session. If needed, log in to the LinuxClient at 192.168.0.212 as root using the
Isilon2 password.

EMC Education Services

155

13. If your PuTTY session is open to your LinuxClient, press ENTER after typing:
chmod 755 windows.txt

If you had to log in to your LinuxClient, then press ENTER after typing:
chmod 755 /ifs/windows.txt

14. Return to the PuTTY session on the Isilon cluster, and press ENTER after typing:
ls -l /ifs/windows.txt

Compare these permissions to step 12.

The advanced ACL still exists. By default, chmod on files with existing ACLs results in the new permissions being
merged with the existing ACL.

Task 4: Advanced ACL Removal and User Impersonation

In this task, you will use chmod -b to remove an advanced ACL from the command line. You will impersonate a user
from the command line in order to test permissions.
1. In the PuTTY session on the Isilon cluster, press ENTER after typing:
ls -le /ifs/windows.txt

Advanced ACL indicated by the + sign.

2.

Press ENTER after typing:

chmod -b 644 /ifs/windows.txt

The -b option will remove the ACL and replace it with the specified UNIX permissions.
3. Press ENTER after typing:
ls -le /ifs/windows.txt

Observe the UNIX permissions and synthetic ACL.

4. Press ENTER after typing:
isi_run -l student@isilon

The isi_run command is used to impersonate a user so you can test permissions.
5. Press ENTER after typing:
whoami

EMC Education Services

156

6. Press ENTER after typing:

cd /ifs

7. Press ENTER after typing:

touch student

8. Press ENTER after typing:

ls -le student

Note the owner of the file.

9. Press ENTER after typing:
exit

Lab 4.1: Summary

Summary:

EMC Education Services

In this lab, you learned how to view permissions from the

command line and observe both an advanced and synthetic ACL.
You examined the difference between chmod +a and
chmod+ai when changing ACL permissions from the command
line. You removed an ACL and impersonated a user from the
command line. You should be comfortable with permissions,
modifying them, ACL removal, and impersonating a user for
testing.

157

Lab 4.2: ACL Policies

Scenario 4.2:

Tasks:

As the senior IT Admin for Cloud9 you will use the web
administration interface and CLI to review the Isilon cluster ACL
policy settings.

1. Default ACL policies.

2. ACL policy settings review.

References:

Module 4, Lesson 2

Task 1: Default ACL Policies

Review the default ACL policy settings from the web administration interface and cluster command line.
1. In the Windows client, if not open already, open a web browser.
Navigate to the web administration interface at https://192.168.0.11:8080.
Log in as root with password Isilon2!. If a message appears indicating a certificate or security problem, continue
despite the warning.

2. On the PROTOCOLS tab, click ACLs.

3. What is the default Environment setting?

EMC Education Services

158

4. Review the default Permission Policies settings, and then minimize the browser window.
5. Return to the PuTTY session on the Isilon cluster, press ENTER after typing:
sysctl -d efs.bam.acl_policies

The sysctl utility retrieves the kernel state and allows processes with appropriate privileges to set
the kernel state.

The -d option prints the description of the variable.

6. Press ENTER after typing:

sysctl efs.bam.acl_policies

Note the number displayed.

7. Go back to the web administration interface, and then on the PROTOCOLS tab, click ACLs.
8. For the Environment, select UNIX only.
Scroll down, and click Submit.
9. Return to the PuTTY session on the Isilon cluster, press ENTER after typing:
sysctl efs.bam.acl_policies

Note how the number changed.

Changing the ACL policies from the web administration interface is the recommended method, rather than
using the command line interface.
10. Go back to the web administration interface, and select Balanced for the Environment.
Scroll down, and click Submit.

Task 2: ACL Policy Settings Review

In this task, you examine various ACL policy settings and learn the impact of changing a setting.

Task 2A:
1. Return to the web administration interface, and on the PROTOCOLS tab, click ACLs.
2. In the Permission Policies section, notice that the setting for ACL creation over SMB is Allow the creation of
ACLs over SMB.
3. Go back to Windows Explorer and select the /ifs mapped network drive.

EMC Education Services

159

4. Right-click in an open area within the mapped network drives details pane, click New, and then select Text
Document.

5. Type SMB and press ENTER to name the new document.

6. Right-click the SMB file, and click Properties.
7. Click the Security tab, and click Edit.
8. Click Add.
9. In the Enter the object names to select field, type domain users, and click OK.
10. Click OK, and then click OK again. You have created an ACL over SMB.
11. Return to the web administration interface, and for the Environment, select Configure permission policies
manually.
12. For ACL creation over SMB, select Do not allow the creation of ACLs over Windows File Sharing (SMB).
Scroll down, and click Submit.
13. Go back to Windows Explorer, and select the /ifs mapped network drive.
14. Right-click the SMB file, and click Properties.
15. Click the Security tab, and click Edit.
16. In Group or user names section, make sure that Domain Users is selected.
In the Permissions for Domain Users section, click the box for allowing Full control.
Click OK, and then click OK again.
17. Right-click the SMB file, and then click Properties.

EMC Education Services

160

18. Click the Security tab. Make sure that Domain Users is selected in the Group or usernames field.
View the permissions for student, and notice that Allow Full control is still selected.
Click OK.
NOTE: When you tried to modify the ACL, it silently failed.

Task 2B:
1. Return to the web administration interface. Do the following, and then click Submit.

ACL creation over SMB: Select Allow the creation of ACLs over SMB.

chmod on files with existing ACLs: Select Merge the new permissions with the existing ACL.

2. Go back to the PuTTY session on the Isilon cluster, press ENTER after typing:
ls -le /ifs/SMB.txt

Observe the permissions and notice that there is an advanced ACL.

3. To change the permissions on a file with an existing ACL, press ENTER after typing:
chmod 774 /ifs/SMB.txt

4. Press ENTER after typing:

ls -le /ifs/SMB.txt

Compare the permissions to step 2.

The new permissions have been merged with the existing ACL. Notice that there is still an advanced ACL.
5. Go back to the web administration interface, and select Configure permission policies manually.
6. Next to chmod on files with existing ACLs, select Remove the existing ACL and set UNIX permissions instead.
Scroll down, and click Submit.

EMC Education Services

161

7. Go back to the PuTTY session on the Isilon cluster, and press ENTER after typing:
chmod 774 /ifs/SMB.txt

8. Press ENTER after typing:

ls -le /ifs/SMB.txt
Compare the permissions to Step 4.
Notice that there is now a synthetic ACL instead of an advanced ACL. The existing ACL was removed and the
UNIX permissions were set. A synthetic ACL was generated from the new UNIX permissions.
9. Go back to the web administration interface.
Next to chmod on files with existing ACLs, select Remove the existing ACL and create an ACL equivalent to the
UNIX permissions.
Scroll down and click Submit.
10. Go back to Windows Explorer and select the /ifs share, right-click in an open area within the mapped network
drives details pane, click New, and then select Text Document.

11. To name the new document, type test and press ENTER.
12. Right-click the test file, and click Properties.
13. Click the Security tab, and click Edit.
14. Click Add.
15. In the Enter the object names to select field, type student, and click OK. You might have to use the isilon
domain account to add this account.
16. Click OK, and then click OK again.

EMC Education Services

162

17. Go back to the PuTTY session on the Isilon cluster, press ENTER after typing:
ls -le /ifs/test.txt

Observe the permissions.

18. Press ENTER after typing:
chmod 774 /ifs/test.txt

19. Press ENTER after typing:

ls -le /ifs/test.txt

Compare the permissions to Step 17.

Notice that an ACL equivalent to the UNIX permissions has been set. An advanced ACL still remains, and
isilon\student no longer exists in the ACL.

Task 2C:
1. Go back to the web administration interface. Next to chmod on files with existing ACLs, select Remove the
existing ACL and create an ACL equivalent to the UNIX permissions, for all users/groups referenced in old
ACL.
Scroll down and click Submit.
2. Go back to Windows Explorer and select the /ifs mapped network drive, right-click the test file, and then click
Properties.
3. Click the Security tab, and click Edit.
4. Click Add.
5. For Enter the object names to select, type student, and click OK. Use AD credentials to add account.
6. Click OK, and then click OK again.
7. Go back to the PuTTY session on the Isilon cluster, and press ENTER after typing:
ls -le /ifs/test.txt

8. Press ENTER after typing:

chmod 774 /ifs/test.txt

EMC Education Services

163

9. Press ENTER after typing:

ls -le /ifs/test.txt

Notice that an ACL equivalent to the UNIX permissions has been set, for all users/groups referenced in the old
ACL.
An advanced ACL still remains, and isilon\student still exists in the ACL.
10. Return to the web administration interface.
Next to chmod on files with existing ACLs, select Deny permission to modify the ACL.
Scroll down and click Submit.
11. Go back to the PuTTY session on the Isilon cluster, and then press ENTER after typing:
chmod 777 /ifs/test.txt

Note the permission denied response. This is a result of the ACL policy setting in the previous step.
12. Return to the web administration interface.
Next to chmod on files with existing ACLs, select Ignore operation if file has an existing ACL.
Scroll down and click Submit.
13. Go back to the PuTTY session on the Isilon cluster, and then press ENTER after typing:
ls -le /ifs/test.txt

Observe the permissions.

14. Press ENTER after typing:
chmod 777 /ifs/test.txt

15. Press ENTER after typing:

ls -le /ifs/test.txt

Compare the permissions to step 13.

Notice how the permissions have not changed. The chmod operation was ignored because the file had an
existing ACL.

EMC Education Services

164

Task 2D:
1. Go back to the web administration interface. Next to chmod on files with existing ACLs, select Merge the new
permissions with the existing ACL. Scroll down and click Submit.
2. Notice that the setting for ACLs created on directories by UNIX chmod is Do not make them inheritable.
3. Go back to Windows Explorer and select the /ifs mapped network drive, right-click in an open area within the
mapped network drives details pane, click New, and then select Folder.
4. Type sales, and press ENTER to name the new folder.
5. To view the directory permissions, return to the PuTTY session on the Isilon cluster, and then press ENTER after
typing:
ls -led /ifs/sales

6. Press ENTER after typing:

chmod 755 /ifs/sales

7. Press ENTER after typing:

ls -led /ifs/sales

Observe the permissions. Notice that there are no inheritable ACEs.

8. Go back to the web administration interface. Next to Environment, click Configure permission policies
manually.
9. Next to ACLs created on directories by UNIX chmod, select Make them inheritable. Scroll down, and click
Submit.
10. Return to the PuTTY session on the Isilon cluster, and then press ENTER after typing:
chmod 777 /ifs/sales

11. Press ENTER after typing:

ls -led /ifs/sales

12. Go back to the web administration interface. Next to ACLs created on directories by UNIX chmod, select Do
not make them inheritable. Scroll down, and click Submit.
13. Notice that the setting for chown/chgrp on files with existing ACLs is Modify the owner and/or group
permissions.

EMC Education Services

165

14. Return to the PuTTY session on the Isilon cluster, and then press ENTER after typing:
ls -le /ifs/test.txt

Note the owner and group.

15. In Windows Explorer, select the /ifs share, right-click test.txt, and then click Properties.
16. Click the Security tab, observe the users and groups in the Group or user names field, and then click OK.
17. Return to the PuTTY session on the Isilon cluster, and then press ENTER after typing:
chown nobody:nobody /ifs/test.txt

18. Press ENTER after typing:

ls -le /ifs/test.txt

Notice the owner and group change in the permissions.

19. In Windows Explorer select the /ifs share, right-click test.txt, and then click Properties.
20. Click the Security tab. Notice the change in users and groups in the Group or user names field. The ACL was
modified. Click OK.

Task 2E:
1. Return to the web administration interface. Next to Environment, click Configure permission policies
manually.
2. Next to chown/chgrp on files with existing ACLs, select Ignore operation if file has an existing ACL. Scroll
down, and click Submit.
3. Go back to the PuTTY session on the Isilon cluster, and then press ENTER after typing:
chown root:wheel /ifs/test.txt

4. Press ENTER after typing:

ls -le /ifs/test.txt

Notice the owner and group change in the permissions.

5. In Windows Explorer, select the /ifs share, right-click test.txt and click Properties.
6. Click the Security tab. Notice that there is no change in the users and groups in the Group or user names field.
The ACL was not modified. Click OK.

EMC Education Services

166

Task 2F:
1. Go back to the web administration interface. Next to chown/chgrp on files with existing ACLs, select Modify
the owner and/or group permissions. Scroll down, and click Submit.
2. Notice that the setting for Access checks (chmod, chown), select Allow only file owners to change the mode or
owner of the file (UNIX model). Scroll down, and click Submit.
3. In Windows Explorer, right-click the /ifs share, click New, and select Text Document.
4. Enter test2 and press ENTER to name the file test2.
5. Right-click test2, and click Properties.
6. Click the Security tab, and click Edit.
7. Click Add.
8. In the Enter the object names to select field, type student, and click OK. AD Credentials will be needed to add
account.
9. Click OK.
10. In the Group or user names field, make sure that student is selected, and click Advanced.
11. In the Permission entries field, select student, and click Edit.
12. For Basic permission field, click Show advanced permissions.
13. Click the Take ownership box, and then click OK.
14. Click OK, and then click OK.
15. Close Windows Explorer.
16. Return to the PuTTY session on the Isilon cluster, and then press ENTER after typing:
isi_run -l student@isilon

17. Press ENTER after typing:

chown -s student@isilon /ifs/test2.txt

Observe the response. The operation is not permitted because student is not the owner of the file. Only
owners are able to chown.
18. Go back to the web administration interface. Next to Environment, click Configure permission policies
manually.

EMC Education Services

167

19. Next to Access checks (chmod, chown), select Allow the file owner and users with WRITE_DAC and
WRITE_OWNER permissions to change the mode or owner of the file (Windows model). Scroll down, and click
Submit.
20. Return to the PuTTY session on the Isilon cluster, and then press ENTER after typing:
chown -s student@isilon /ifs/test2.txt

21. Press ENTER after typing:

ls -le /ifs/test2.txt

Note the owner. Because student had the right to take ownership, they were able to change the owner to
student.
22. Press ENTER after typing:
exit

Lab 4.2: Summary

Summary:

EMC Education Services

In this lab, you reviewed the ACL policy settings and their effect on
permissions if they are changed.

168

Lab 4.3: Configuring SMB Shares

Scenario 4.3:

Tasks:

Create a directory for Live-Stream as a share for the company and

test that the share is accessible from an SMB Client.

1. Create directories for SMB clients.

2. Share directories.
3. Access and review shares.

References:

Module 4, Lesson 3

Task 1: Create Directories for SMB Clients

In this task, you create a share for SMB clients named StudentShare1. You create StudentShare1 using File System
Explorer. Later you create StudentShare2 using the SMB Share page of the web administration interface.
1. In the web administration interface, on the FILE SYSTEM tab, click File System Explorer, and then select the
data directory in the navigation pane.
2. Above the details pane, click Add Directory.
3. Complete the New Directory Properties dialog box, and then click Submit:
a. Directory name: Type Share1.
b. Group: Select Isilon Users.
c. Permissions: Select all check boxes.
You have just created a directory at the /ifs/data/Share1 directory.
4. In the navigation pane, select Share1, and then for this directory, in the Actions column, click Properties.
5. In the Properties window, notice the path, contents, modified, accessed, and share parameters.
Scroll down and note the Group and Permissions parameters, and then click Cancel.

EMC Education Services

169

Task 2: Share Directories

In this task, you share the directory created in the previous task and you create a second directory that will be shared
using the web administration interface.
1. In the web administration interface, on the PROTOCOLS tab, click Windows Sharing (SMB), and then click Add
a Share.
2. On the Add an SMB Share page, do the following
a. Share Name: Type Share1.
b. Description: Type Share1.
c. Directory to be shared: Type /ifs/data/Share1.
3.

In the Directory ACLs section, note that Apply Windows Default ACLs is selected.

4.

For Home Directory Provisioning, select Allow Variable Expansion. This option allows path variables to be used
in the share directory path.

5.

Select Auto-Create Directories. This option allows directories to be automatically created when users access
the share for the first time.

6.

In the Users and Groups section, for the Everyone account, click Edit.
a.

Select Full Control to give everyone the ability to create and delete files and folders. These are the
share permissions.

b.

Click Save.

7.

Click Create to create the share, and observe the message verifying Your share has been created.

8.

Now create a second directory at /ifs/data/Share2 and share it from this page by repeating steps 1-7.
However, in step 2, select Do not change existing permissions for the Directory ACLs this time.

9.

On the File System Management tab, click File System Explorer, and then in the navigation pane, select the
data directory.

10. In the details pane, select Share2, and then in the Actions column for that row, click Properties.
11. In the UNIX Permissions section, select all of the Permissions boxes. These are file permissions.
12. Click Submit.

EMC Education Services

170

Task 3: Access and Review Shares

In this task, you access the share directories and create documents.
1. In the Remote Desktop window, on the Windows client desktop, click the Command Prompt icon.
2. At the prompt, press ENTER after typing:
net use * /d

Type y to disconnect the listed open connections, and then type y again to continue.

3. In the Remote Desktop window, launch Windows Explorer from the taskbar.

EMC Education Services

171

4. In the navigation pane, right-click This PC, and then click Map network drive.

5. In the Map Network Drive dialog, do the following, and then click Finish.

Folder: Type \\cloud9\Share1.

Reconnect at sign-in: Confirm this box is checked.

Connect using different credentials: Leave this box unchecked.

6. If a Windows Security box opens, log in as Isilon\student with the Isilon2! password. Notice, this time, you are
using the Active Directory student account.

EMC Education Services

172

7. Close Windows Explorer, and then reopen it from the taskbar.

8. To create a document in the new share, select the mapped drive in the navigation pane, and then right-click in
an open area in the details pane:
a. Click New.
b. Select Text Document.
c. Type test_document1.txt as the name of the document.
d. Press ENTER.
9. Right-click test_document1, and click Open.
10. Inside the document, type This is a test a few times.
a.

In the upper right corner, click the X icon to close the document.

b. In the dialog box, click Save.

11. In the navigation pane, click Computer.

Repeat the procedure from steps Error! Reference source not found.-7 to map a drive to the Share2 share. Be
sure to use \\cloud9\Share2 as the path.
12. Create test_document2.txt by repeating steps 8-10.
13. Right-click test_document2, select Properties, and click the Security tab.
14. In the Group or user names section, select student (student@isilon.com), review the permissions, and then
click Cancel to close the dialog box.
15. In the Windows client, right-click the PuTTY icon on the taskbar, and select PuTTY.
16. In the PuTTY Configuration dialog box, in the Host Name field, type cloud9, and then click Open.
17. If necessary, in the PuTTY Security Alert message, click Yes.
18. Log in as root with the Isilon2! password.

EMC Education Services

173

19. At the prompt, type pwd. This UNIX/Linux/FreeBSD command shows your present position in the file system. If
you just logged on you will be at the /root level.
20. To change the directory, press ENTER after typing:
cd /ifs/data/Share1

Verify your position by using the pwd command.

21. At the command prompt, press ENTER after typing:
ls l

A detailed list of permissions, ownership, etc., of the files in this directory displays. Only one file,
test_document1.txt, displays.
Notice the PLUS SIGN (+) that displays after the UNIX permissions. This denotes that the file also has ACL
permissions assigned.
22. To list the ACLs that are associated with the file, press ENTER after typing:
ls -le test_document1.txt

This command provides cluster administrators with a method of viewing ACLs from the cluster CLI. There are
also commands available to modify these ACLs.
23. Repeat the previous steps to access test_document2, but this time use the path /ifs/data/Share2 instead.
24. To close the PuTTY window, type exit.

Lab 4.3: Summary

Summary:

EMC Education Services

In this lab, you created SMB shares and set the access permissions.
After completing this lab you are now able to configure OneFS SMB
shares.

174

Lab 4.4: Home Directory Creation with SMB

Scenario 4.4:

Set up Home Directory Share for the Windows users of Graphics-RUs, and configure the cluster to automatically create home
directories for users accessing a home share for the first time.

References:

Module 4, Lesson 3

1. In the web administration interface, click the PROTOCOLS tab, select Windows Sharing (SMB), and then click
Add a Share.
2. On the Add an SMB Share page:
a. Share Name: Type home.
b. Description: Type home.
c. Directory to be shared: Type /ifs/home/%D/%U.

3. In the Directory ACLs, select Do not change existing permissions.

4. For Home Directory Provisioning, select Allow Variable Expansion. This option allows path variables to be used
in the share directory path.
5. Select Auto-Create Directories. This option allows directories to be automatically created when users access
the share for the first time.
6. Click Add a User or Group.
7. Complete the Select a User or Group dialog box:

Search for: Select Groups.

Group Name: Type Domain Users.

Provider: Select ADS:ISILON.TRAINING.COM, and then click Search.

i. Select ISILON\domain users, and then click Select.
ii. Click Edit for the ISILON\domain users account.
iii. Select Full Control.

EMC Education Services

175

iv. Click Save, and select the Everyone account check box.
v. From the "Select an Action" dropdown, Click Delete to remove the Everyone account.
8. Click Create to create the share, and observe the message verifying Your share has been created.
9. In the home directory row, click View details to make sure everything is configured correctly. Edit any settings
that are not correct.
10. To clear any existing SMB sessions, return to the Command Prompt window, and press ENTER after typing:
net use * /d

11. In the Remote Desktop window, launch Windows Explorer from the taskbar.

12. In the navigation pane, right-click This PC, and then click Map network drive.

EMC Education Services

176

13. In the Map Network Drive dialog, do the following, and then click Finish.

Folder: Type \\cloud9\home.

Reconnect at sign-in: Confirm this box is checked.

Connect using different credentials: Leave this box unchecked.

11. If a Windows Security box opens, log in as student with the Isilon2! password.
12. Close Windows Explorer, and then reopen it from the taskbar.
13. To create a directory in the new share, select the mapped drive in the navigation pane, and then right-click in
an open area in the details pane:
a. Click New.
b. Select Folder.
c. Type Test_Folder as the name of the directory.
d. Press ENTER.
14. Right-click Test_Folder, select Properties, click Security tab.
After viewing the permissions, click Cancel.
15. Close Windows Explorer. Disconnect the mapped network drive by returning to the Command Prompt window
and running the command below.
net use * /d

EMC Education Services

177

16. To connect to the \\cloud9\home share as a different user, press ENTER after typing:
net use p: \\cloud9\home /user:isilon\administrator

Enter Isilon2! for the password.

17. In the Windows client, return to Windows Explorer, and then in the navigation pane, select the P:\ mapped
drive.
Note that the directory created by the isilon\student account is not listed.
18. Right-click the P:\ drive, select Properties, click the Security tab.
Review permissions, and then click Cancel.
19. If necessary, open a PuTTY session to 192.168.0.11, log on to the cluster as root.
a. To change the directory, press ENTER after typing:
cd /ifs/home

b. To display a list of directories, press ENTER after typing:

ls al

One of the directories returned by this command is named ISILON because you used %D in the path for
the home share
c. To change the directory again, press ENTER after typing:
cd ISILON

d. To display a list of directories, press ENTER after typing:

ls al

There should be two directories, one for each account that you used to connect to the share.
The %U used in the share path filled in the names of these directories with the account name of the
connected user when they connected to the home share the first time.
e. To display the contents of /ifs/home/ISILON/student directory, press ENTER after typing:
ls -al student

f.

To display the contents of /ifs/home/ISILON/administrator directory, press ENTER after typing:

ls -al administrator

20. Exit the PuTTY session.

EMC Education Services

178

Lab 4.4: Summary

Summary:

EMC Education Services

In this lab, you created, configured, and tested home directories.

After completing this lab you are now able to configure the
automatic OneFS home directory shares.

179

Lab 4.5: Managing NFS Exports

Scenario 4.5:

Configure Sky Watch directory for receiving surveillance files from

their Linux server by creating the export and then mounting it. You
join the cluster to a Windows Server 2008 AD domain, create new
shares, and test the share permissions.

Tasks:

1. Create a directory.
2. Create an export.
3. Mount an export.

References:

Module 4, Lesson 4

Task 1: Create Directory

In this task you will create the NFS directory.
1. In the web administration interface, on the FILE SYSTEM tab, click File System Explorer.
2. In the navigation pane, click the data directory. At the top of the window, click Add Directory.
3. In the New Directory Properties dialog box, do the following, and then click Submit.

Directory name: Type studentNFS.

UNIX permissions section:

o

User: Type root.

In the Permissions section:

o
EMC Education Services

User: Select Read, Write, and Execute.

Group: Select Read, Write, and Execute.

Other: Select Read, Write, and Execute.

Leave the default values for all other settings.

180

Task 2: Create an Export

In this task you will create the Export to the NFS directory.
1. In the web administration interface, on the PROTOCOLS tab, click UNIX Sharing (NFS).
2. Click UNIX Sharing (NFS).
3. Click Add an NFS Export.
4. On the Add an NFS Export page, in the Description field, type studentNFS.
5. Leave the Clients box empty, which means that all clients can connect to this export.
6. Next to Directory Path, click Browse.
7. In the Select a Directory box, double-click to expand the data directory

Click the studentNFS directory.

Click Select. The directory that you clicked displays in the Directory Paths section, in the Path 1 box.

8. In the Permissions section, click the Enable mount access to subdirectories check box.
9. In the Map Root User section, do the following:

From the drop-down list, verify Use default is selected.

In the field below the drop-down list, verify Map root users to nobody is displayed. This setting will
squash root to nobody.
If you prefer not to squash root to nobody, select Use custom from the drop-down list and change
permissions on the directory in File System Explorer to better fit the scenario.

10. For Map Non Root User, Map Failure User, and Security Type(s), leave as Use default.
11. Leave the Advanced Export Settings as the default.
12. Click Save.

EMC Education Services

181

Task 3: Mount an Export

In this task, you mount the NFS export of the NFS directory on the cluster.
1. In the VMware Workstation, click the LinuxClient tab. Login with the root account and password Isilon2.
2. Expand the Applications menu to open a terminal. Hover over Accessories, and then click Terminal.
3. To verify that you are in the root home directory, type pwd.
The pwd command prints the working directory. The output should display as /root (pwd stands for print
working directory).
4. At the prompt, press ENTER after typing:
mkdir nfsmount

5. Press ENTER after typing:

sudo mount cloud9:/ifs/data/studentNFS nfsmount

6. To verify the mount, press ENTER after typing:

mount

The last line of the output should be the full path of the directory that you just mounted (including the server
address).
7. To view the contents of the mount, press ENTER after typing:
ls -lrt nfsmount

Verify that there are no files or folders currently in this directory.

8. To create an empty file, at the prompt, press ENTER after typing:
touch nfsmount/testfile

9. To confirm that the test file was created and to review the permissions that are associated with the file, press
ENTER after typing:
ls -lrt nfsmount/testfile

NOTE: The nfsnobody account is the owner, but the group is root for the file and has read and write
permissions.
10. Switch to the remote desktop window for the Windows client that has your clusters web administration
interface open.
EMC Education Services

182

11. In the web administration interface:

a. Click FILE SYSTEM.
b. Click File System Explorer.
c. In the navigation pane, expand the data directory.
12. Click the studentNFS directory, and in the Actions column of the studentNFS row, click Properties.
13. On the Properties dialog box, in the Unix Permissions section, in the others section, clear the RWX check boxs,
and then click Submit.
14. Switch to the LinuxClient console.
15. At the prompt, press ENTER after typing:
rm -f nfsmount/testfile

This command should fail due to insufficient permissions.

If you check the permissions on the file you should see that root is still the owner of the file and has write
permission. The root account, however, no longer has permission to create or delete data because of the
permission change to the higher-level directory.
16. To create a new directory, press ENTER after typing:
mkdir nfsmount/directory2

This command should fail due to insufficient permissions.

17. To restore the permissions to their original settings, switch to the web administration interface.
18. In File System Explorer, browse to the studentNFS directory, right-click the directory, and then click Properties.
19. In the Unix Permissions section, in the Permissions section, click to select the Write check box, and then click
Submit.
20. Switch to the LinuxClient console.
21. Press ENTER after typing:
mkdir nfsmount/directory2

This command should succeed.

EMC Education Services

183

22. Press ENTER after typing:

ls nfsmount

This should now list the new directory and test file.

Lab 4.5: Summary

Summary:

EMC Education Services

In this lab, you created, configured, and tested NFS Exports. After
completing this lab you are now able to configure the NFS Exports
on OneFS.

184

Lab 4.6: Remote File Access Protocol

Scenario 4.6:

Based on the companies that Cloud9 will be servicing, the use of

HTTP and FTP by the customers will be an important need. As the
administrator, configure up HTTP and FTP on your OneFS Isilon
cluster and test the connection.

Tasks:

1. Configure and enable HTTP.

2. Connect using HTTP.
3. Configure and enable FTP access.
4. Connect using FTP.

References:

Module 4, Lesson 5

Task 1: Configure and Enable HTTP

In this lab, you will configure and enable HTTP.
1. In the Remote Desktop window, on the Windows client, in the web administration interface, click PROTOCOLS,
and then click HTTP Settings.
2. On the HTTP Protocol page, in the Service section, click Enable HTTP.
3. Verify that the Document root directory is set to the default setting of /ifs.
4. In the Server hostname field, type Cloud9.
5. In the Administrator email address field, type student@isilon.com.
6. Click Submit. The HTTP page refreshes and the message HTTP has been enabled displays.

EMC Education Services

185

Task 2: Connect Using HTTP

In this lab, you will test your HTTP configuration and ensure it works properly.
1. Open a new web browser window.
2. In the address bar, type http://cloud9, and then press ENTER.
NOTE: Do not append port 8080 to the address. Appending 8080 to the address, connects you to the web
administration interface.
3. In the directory listing, click the data directory to view the contents.
NOTE: You are accessing the data anonymously, so you can only view data that has read and execute
permissions set for Other or that has an ACL that gives the Everyone group read access.
4. Close the browser window.

Task 3: Configure and Enable FTP Access

In this lab, you will configure and enable FTP access.
1. To enable the FTP service, in the Remote Desktop window, on the Windows client, open a web browser.
Navigate to the web administration interface at https://192.168.0.11:8080.
Log in as root using the Isilon2! password.
2. On the PROTOCOLS tab, click FTP Settings.
3. In the Service section, click Enable, and then click Submit.
4. On the ACCESS tab, click Membership & Roles.
5. Click Users.
6. At the top of the page, in the Current Access Zone box, click System.
7. In the Providers list, click FILE:System.
8. Next to FTP, click View details.
9. Under User Details, in the Password box, click Edit.
10. In the Password box, type Isilon2!, and then click Save.

EMC Education Services

186

11. In the Home directory, click Edit, change default directory to /ifs/home/studentftp. Click save when done.
12. In the Enable Account section, Click Edit, check the box to Enable the Account, and then click Save.
13. In the web administration interface, on the FILE SYSTEM tab, and then click File System Explorer.
14. In the navigation pane, click the home directory.
15. In the studentftp row, click Properties.
16. In the UNIX permissions section, select Isilon Users for the Group. For User, select all three permissions check
boxes. For Group and Other, clear all check boxes. This prevents other FTP users from accessing or modifying
studentftps data. Leave all other settings at the default values, and then click Submit.

Task 4: Connect Using FTP

In this lab, you will test your FTP connection to the Isilon cluster.
1. In the Remote Desktop window, on the Windows client taskbar, click the Command Prompt icon.
2. At the prompt, type ftp and the IP address of one of the nodes in the cluster or any hostname for the cluster.
3. At the user prompt, type ftp. At the password prompt, enter Isilon2!.
4. Type pwd to confirm the current directory. The output should be /ifs/home/studentftp.
5. Type quit (or bye) to end the FTP session.
6. Close the Command Prompt window.

Lab 4.6: Summary

Summary:

EMC Education Services

In this lab, you learned how to configure and enable HTTP and FTP.
You then tested both connections to make sure they worked. After
completing this lab you should be comfortable configuring,
enabling and testing HTTP and FTP.

187

This page intentionally left blank.

EMC Education Services

188

Module 5
Storage Administration

EMC Education Services

189

Module 5 Storage Administration

Lab 5.0: Configure SmartPools
Scenario 5.0:

Tasks:

As senior IT Admin for Cloud9, you will need to use SmartPools and
the policies that work with it in setting up your customers with
access to the cluster. Using what was taught in the class, validate
the SmartPools Settings and Default File Pool Policies. Once you
have validated these areas, build a new File Pool Policy to meet the
needs of Live-Stream, your multimedia customer.

1. Validate SmartPools settings and default file pool policies.

2. Create new file pool policy.
3. Create new node pools & disk pools instructor demo.

References:

Module 5, Lesson 1

Task 1: Validate SmartPools Settings and Default File Pool Policies

In this task, you will review your storage clusters default file pool policy. Ask the instructor for your SmartPools license
which will be used later in these labs.
1. If not open already, in the Remote Desktop window, open a web browser.
Navigate to the web administration interface at https://192.168.0.11:8080.
Log in as root with password Isilon2!. If a message appears indicating a certificate or security problem, continue
despite the warning.
2. On the FILE SYSTEM tab, click Storage Pools. The Summary sub-tab displays disk pool usage statistics and lists
the available disk pools in your cluster.
3.

Click the File Pool Policies sub-tab. No File Pool Policies are displayed. Why?

EMC Education Services

190

4. Click the SmartPools Settings sub-tab to open the Edit SmartPools Settings page.
5. Where can you set protection levels for cluster data?

6. Minimize the web administration interface.

Task 2: Create New File Pool Policy

In this task, you will create a new file pool policy.
1. Ask your instructor for the SmartPools license key.
2. In the Remote Desktop window, open a PuTTY session to the cluster, and log on as root with the Isilon2!
password.
3. At the prompt, press ENTER after typing:
isi license activate <license key>

where the <license key> is the instructor provided license number.

4. Press the SPACEBAR to scroll to the bottom of the EULA.
5. At the end of the EULA, type yes.
NOTE: If you do not type yes at the end of the EULA, the command fails. If the activation is successful a success
message displays.
6. Return to the web administration interface. On the FILE SYSTEM tab, click Storage Pools, and then click the
SmartPools sub-tab.
7. In the Tiers & Node Pools section, in the State column, if the node pool is provisioned, a green Good icon
indicates that the disk pool is healthy and Node column displays 1-3 nodes.
If the node pool is underprovisioned, in the State column, a gray icon indicates that the disk pool is empty or
has fewer than three nodes.
8. Click the File Pool Policies sub-tab. The page lists all file pool policies in the cluster, and they are sorted in the
order that they are applied.
If you scroll down, youll see the Policy Templates that are available and a history of when the file pool policies
were applied.

EMC Education Services

191

9. In the File Pool Policies section, click Create a File Pool Policy.
NOTE: If you get a message that SmartPools is not activated either refresh the web page or navigate to the
main dashboard, then back to the storage pools page.
10. On the Create a File Pool Policy page, configure the following settings:

Policy name: Type a name for the policy (such as student-test-policy).

Description: Type a useful description of the policy.

11. In the Select Files to Manage section, select Path for the IF Condition, select matches for the next field, and
then in the last field, type /ifs/data/student*.
12. Click Add an AND condition, select File Type, select does not match for the next field, and then select
Directory for the last field.
13. Leave the default Storage Settings and I/O Optimization Settings unchanged.
14. Click Create Policy and a success message displays.
15. On the CLUSTER MANAGEMENT tab, click Job Operations, and then click the Job Types sub-tab.
16. Scroll down Job Types and locate the SmartPools job, click More, and then click Start Job.
17. On the Start a Job page, click Start Job.

Task 3: Create new Node Pools & Disk Pools Instructor Demo if time permits.
In this task, you will observe the instructor as they take a six node cluster and create two node pools using the
NodePools720 vApp.

1. If not already logged in, log into the ESDEV vCloud Director.
2. Add vApp NodePools720 to your My Cloud, and then start it.
3. In the Remote Desktop window, on the Windows client, open a browser window and log onto the web
administration interface as root using the Isilon2! password.
4. In the upper-right corner of the window, hover over Help, and select About This Cluster.
5. Click Activate license.
6. Type the SmartPools license number for the License key; accept the EULA, and then click Submit.
7. Confirm the SmarPools license installed in Evaluation mode.

EMC Education Services

192

8. On the FILE SYSTEM tab, click SmartPools.

9. Next to the iq_vmware node pool, click View/Edit.
NOTE: Observe the settings for the default node pool
10. Click Close.
11. Open a new PuTTY session to node 192.168.0.14, and log on as root using the Isilon2! password.
12. Press ENTER after typing:
isi storagepool nodepools list

13. Press ENTER after typing:

isi storagepool nodepools create iq_2 --lnns 4 --lnns 5 --lnns 6

14. Press ENTER after typing:

isi storagepool nodepools list

NOTE: Point out that iq_vmware shows up as a No under manual and iq_2 shows up as a yes.
15. Go back to the web administration interface and then refresh the browser so both node pools show up on the
SmartPools.
16. Click Create a Tier.
17. For the Tier Name, type HR-Finance.
18. Select iq_2, and then click Add.
19. Click Create Tier.
20. Verify HR-Fianace tier shows up in the Tiers & NodePools list.
NOTE: iq_2 node pool will show up under the HR-Finance tier.

Lab 5.0: Summary

Summary:

EMC Education Services

In this lab, you configured licensed SmartPools options. You

licensed SmartPools, verified that advanced SmartPools was
activated, and then configured new file pool policies. After
completing this lab, you are now able to configure OneFS advanced
SmartPools features.

193

Lab 5.1: Configure SmartQuotas

Scenario 5.1:

Tasks:

Cloud9 customers all purchase set space to use on your Isilon

cluster. From the material covered in class, you need to put Quotas
in place for their user accounts, start with setting up Report
Generation and Event Notifications. Then you will proceed to
create a directory with Quota and the User Quota applied to a
generic directory, and then test these settings. Some customers
will need Directory quotas and others will have a general directory
but want User Quotas.

1. Report generation and event notification.

2. Configure SmartQuotas directory.
3. Add user quota to a directory.
4. Test quota directory.

References:

Module 5, Lesson 2

Task 1: Report Generation and Event Notification

In this task, you will license SmartQuotas and then configure report generation and event notification.
1. Ask your instructor for the SmartQuotas license key.
2. In the Remote Desktop window, open a PuTTY session to the cluster, and log on as root with the Isilon2!
password.
3. At the prompt, press ENTER after typing:
isi license activate <license key>

where <license key> is the instructor provided license number.

4. Press the SPACEBAR to scroll to the bottom of the EULA.

EMC Education Services

194

5. At the end of the EULA, type yes, and a success message displays.
6. Return to the web administration interface, on the FILE SYSTEM tab, click SmartQuotas and review the Quotas
& Usage tab.
7. Click the Settings sub-tab and verify that the Scheduled Reporting option is ON.
8. In the Report Frequency section, click Change schedule.
9. In the Report Frequency section, select Daily, and in the Generate report every box, type 1, and verify Day(s) is
selected.
10. Select the Generate multiple reports per specified day option.
11. In the Generate report every box, type 3, and then select Minutes.
12. Leave the default time settings. These are the start and stop times for the scheduling of reports.
13. Click Select.
14. In Scheduled Report Archiving and Manual Report Archiving sections, leave the default settings.
15. Leave the Email Mapping setting empty for this lab.
16. Click Advisory Limit Notification Rules, and then complete the following steps:
a. Select the Notify Owner box.
b. Select the Create Cluster Event box.
c. Click Event: While Advisory Limit Remains Exceeded.
d. Select the Notify Owner box.
e. Select the Create Cluster Event box.
f.

Set Frequency to Send email daily.

g. Select Send multiple emails per specified day.

h. Set Send email every to 1 and change Hours to Minutes.
17. Click Soft Limit Notification Rules, and then complete the following steps:
a. Select the Notify Owner box.
b. Select the Create Cluster Event box.
c. Click Event: While Soft Limit Remains Exceeded.
d. Select the Notify Owner box.
EMC Education Services

195

e. Select the Create Cluster Event box.

f.

Set Frequency to Send email daily.

g. Select Send multiple emails per specified day.

h. Set Send email every to 1 and change Hours to Minutes.
i.

Click Event: Soft Limit Grace Period Expired.

j.

Select the Notify Owner box.

k. Select the Create Cluster Event box.

l.

Set Frequency to Send email daily.

m. Click Send multiple emails per specified day.

n. Set Send email every to 1 and change Hours to Minutes.
o. Click Event: Soft Limit Write Access Denied.
p. Select the Notify Owner box.
q. Select the Create Cluster Event box.
18. Click Hard Limit Notification Rules, and then complete the following steps:
a. Select the Notify Owner box.
b. Select the Create Cluster Event box.
c. Click Event: While Hard Limit Remains Exceeded.
d. Select the Notify Owner box.
e. Select the Create Cluster Event box.
f.

Set Frequency to Send email daily.

g. Click Send multiple emails per specified day.

h. Set Send email every to 1 and change Hours to Minutes.
i.

Click Event: Hard Limit Write Access Denied.

j.

Select the Notify Owner box.

k. Select the Create Cluster Event box.

19. Click Save and verify that a success message displays at the top of the page.

EMC Education Services

196

Task 2: Configure SmartQuotas Directory

In this task you will configure a directory for SmartQuotas.
1. In the OneFS web administration interface, on the PROTOCOLS tab, click Windows Sharing (SMB), click SMB
Shares sub-tab, and then click Add a share.
2. In the Add an SMB Share section, in the Share Name field, type studentquota.
3. In the Description field, type quota share.
4. In the Directory to Be Shared field, type /ifs/data/studentquota.
5. In the Directory ACLs section, click Do not change existing permissions.
6. To add the student account to the ACL for the new share, complete the following steps:
a. In the Users and Groups section, click Add a User or Group.
b. On the Select a User or Group page, verify Users is selected.
c. In the Provider list, click ADS:ISILON.TRAINING.COM.
d. Click Search.
e. Click ISILON\student, and then click Select.
7. In the Users and Groups section, click Edit for the ISILON\student account.
8. Select Full Control, and then click Save. Notice the changed permissions for your account.
9. Click Create. In the Create New Path dialog box, click Create new directory, and verify the success message is
Your share has been created.
10. Go to a PuTTY window, and then press ENTER after typing:
chmod 777 /ifs/data/studentquota

11. To add a quota to the new directory, switch back to the web administration interface. On the FILE SYSTEM tab,
click SmartQuotas, and then click Create a storage quota.
12. From the Quota Type list, select Directory Quota.
13. In the Directory Path field, type /ifs/data/studentquota or use Browse to navigate to the directory.
14. In the Usage Accounting section, leave this area unselected.
15. In the Usage Limits section, select Specify Usage Limits.
16. Select Set a hard limit, and in the Hard Limit Value box, type 300, and verify MB displays for units.

EMC Education Services

197

17. For Show available Space as, verify the default selection Size of hard threshold.
18. In the Limit Notifications section, leave Use Default Notification Rules selected.
19. Click Create Quota. A Quotas & Usage page displays a success message. If you require a custom notification for
this quota, you may change the configuration in the Quotas & Usage table.
20. In the Quotas & Usage table, click View details for the directory and review all of you settings.
21. To test the quota, in the Remote Desktop window, from the Windows client desktop, click Start, right-click This
PC, and then click Map network drive.
22. In the Folder field, type \\cloud9\studentquota, and then click Finish.
23. In Windows Explorer, right-click the newly mapped drive, and then click Properties. Note that the capacity is
300 MB.
24. Close the Properties page.
25. Right-click the mapped drive and then click Disconnect. If you see a warning dialog that reports that you have
files open on the share you are about to disconnect, click Yes.

Task 3: Add User Quota to a Directory

In this task you will configure a User Quota on a directory.
1. In the web administration interface, return to the Storage Quotas & Usage page, and click Create a storage
quota.
2. For the Quota Type, select User Quota.
3. Select Apply this quota to a specific user.
4. In the User field, type isilon\student, or click Select a user and navigate to the user.
5. In the Directory Path field, type /ifs/data/studentquota, or click the Browse button and navigate to the folder.
6. In the Usage Accounting section, leave this area unselected.
7. In the Usage Limits section, select Specify Usage Limits.
8. Click Set a hard limit and in the Hard Limit Value field, type 10, and verify MB displays for units.
9. In the Limit Notifications section, leave Use Default Notification Rules selected.
10. Click Create Quota. The Storage Quotas & Usage page displays a success message.
If you require a custom notification for this quota, you may change the configuration in the Quotas & Usage
table.
EMC Education Services

198

Task 4: Test Quota Directory

In this task you will test the quota of the directory, remove the mapped drive and check the report.
1. In the Windows Workstation taskbar, click the CMD icon.
2. Type net use * /D and press ENTER. This will disconnect all existing mapped drives.
3. In the Remote Desktop window, on the Windows taskbar, click the Windows Explorer icon.
A window showing all local and remote mapped drives displays.
4. In the navigation pane, right-click This PC, and then select Map Network Drive.
5. In the Folder field, type \\cloud9\studentquota, click Connect using different credentials, and then click Finish.
6. When prompted for authentication, use Isilon\student for user and Isilon2! for password.
7. Copy data to the mapped drive. This data should be more than 100 bytes, but less than 300 MB. Sample files
are located in the Demo Data directory on the local C:\ drive.
8. Start copying files and try to continue copying more than 300MB to the mapped drive.
9. In the Copy Item dialog box, click Cancel to stop the copying.
10. In the web administration interface, on the DASHBOARD tab, click Events, and observe the updated events and
violations that are documented on the Cluster Events page.
When more than one of the same event occurs, they are coalesced into one event. If you still have questions
about coalesced events, ask your instructor to review it quickly at the end of the lab.
11. Go back to Windows Explorer, right-click the studentquota mapped drive, and select Disconnect.
12. Return to the web administration interface. On the FILE SYSTEM tab, click SmartQuotas, and then click the
Generated Reports Archive sub-tab.
13. Note the Report Generations listed. You can list them by first or last created time and the ability to generate a
quota report as well as delete reports.
14. Click the Quotas & Usage tab. This displays a list of all quota reports and details.
15. Click Define quota display. To find archived quotas, click Show archived quota report, and then select one of
the archived reports.
16. Click Update Display. Observe the changes to the quota info.
17. Click Search for specific quotas within this report.
18. In the Quota Type list, click User Quota.

EMC Education Services

199

19. For User or Group, leave the default setting of *.

20. In the Directory Path box, change to /ifs/data.
21. Click Update Display. Notice that:
a. The student has exceeded his or her advisory quota
b. You can filter the list to show only violations

Lab 5.1: Summary

Summary:

EMC Education Services

In this lab, you learned how to configure SmartQuotas and

generate reports and event notifications for the cluster and for
specific directories. You configured SmartQuotas for a user and
applied it to a directory, tested that quota from a Windows client
for a mapped drive, removed a mapped drive and quota and
checked the generated reports. After completing this lab you are
now able to configure the OneFS SmartQuotas and User Quotas.

200

Lab 5.2: Configure SnapshotIQ

Scenario 5.2:

Tasks:

Cloud9 security customer that is constantly recording video also

has asked for specific point in times Snapshots using SnapshotIQ.
Use the training material to create a SnapshotIQ schedule and then
view said snapshots including restoring.

1. Create SnapshotIQ schedule.

2. View Snapshots.

References:

Module 5, Lesson 3

Task 1: Create SnapshotIQ Schedule

In this task, you will license SnapshotIQ and then create a snapshot schedule.
1. If not open already, in the Remote Desktop window, open a web browser.
Navigate to the web administration interface at https://192.168.0.11:8080.
Log in as root with password Isilon2!. If a message appears indicating a certificate or security problem, continue
despite the warning.
2. On the DATA PROTECTION tab, the SnapshotIQ is the default page.
3. Obtain a SnapshotIQ license key from the instructor.
4. Scroll down, and click Activate SnapshotIQ. This opens the About This Cluster page.
5. Click Activate license.
6. For the License key, type the SnapshotIQ license number; accept the EULA, and then click Submit.
7. On the About This Cluster page, confirm the SnapshotIQ license installed in Evaluation mode.
8. Click the DATA PROTECTION tab. Notice the change to the SnapshotIQ page.

EMC Education Services

201

9. On the SnapshotIQ page, click each of the 4 sub-tabs to review SnapshotIQ capabilities:

Summary

Snapshots

Snapshot Schedules

Settings

10. Click the Snapshot Schedules sub-tab.

11. On the Snapshot schedules page, click Create a snapshot schedule.
12. To create the schedule, complete the following, and then click Create:

Schedule Name: Type Student daily.

Naming Pattern for Generated Snapshots: Type student-%H-%M.

Directory Path: Type /ifs/data/studentshare1.

Snapshot Frequency: Select Daily, and then configure the following settings:
o Generate snapshot every: Type 1, and leave Day(s) selected.
o Generate multiple snapshots per specified day: Select this option.

Generate snapshot every: Type 2, and then select Minutes.

Leave default settings for the rest of the time and date information.

Create an Alias: Leave default setting of No.

Snapshot Expiration: Select Snapshots expire, type 2, and select Hours.

NOTE: When creating a snapshot policy, keep in mind the length of time that you want to set for expiration
of the snapshots. If you are taking a snapshot every two minutes as you do in our lab, you may not want to
keep each snapshot more than one hour. If you use a setting that takes a snapshot every few days, then
you may want to set the expiration time so that you have at least one saved snapshot when the next
snapshot is taken.
If you manually delete the policy, the snapshots are not deleted because a service running in the
background monitors the snapshots and does not allow them to be deleted or removed until the expiration
time that you set in the policy.
13. After the Snapshot Schedule is created, in the Snapshot Schedules table, click View details to review the
settings for your new schedule.
14. Leave the web administration interface open.

EMC Education Services

202

Task 2: View Snapshots

In this task, you will review the snapshots, the attributes and methods of restoring the snapshots.
1. In the web administration interface, on the DATA PROTECTION tab, click the Snapshots sub-tab.
You should see one or more snapshots that references the most recent version. The snapshot does not
consume any space because no data has changed or been deleted. (It could take up to 2-3 min for snapshots to
appear).
2. Log on to the cluster at the command line or connect by using a mapped drive from your computer, and delete
several files and/or directories.
3. Wait two minutes.
4. To can view the amount of space that the snapshot uses after data is modified in one of two ways:
a. In the web administration interface, on the DATA PROTECTION tab, click SnapshotIQ, and then on the
Summary sub-tab, and review the Most Recent Snapshots table.
b. Open a PuTTY session to the cluster, log on as root using the Isilon2! password, and at the prompt,
press ENTER after typing:
isi snapshot snapshots list -v

5. To review the attributes of the directories snapshots, complete the following:

a. In the PuTTy session, press ENTER after typing:
cd /ifs/data/studentshare1/.snapshot

b. To list all snapshots, press ENTER after typing:

ls

c. Use the cd command to navigate to any of the listed directories.

d. If you want to replace the data that is now missing, you can copy it from this directory.
6. To review the attributes of all snapshots, complete the following steps:
a. To change to the global snapshot directory, press ENTER after typing:
cd /ifs/.snapshot

b. To list all snapshots that are available, press ENTER after typing:
ls -l

EMC Education Services

203

7. To review the snapshots from a Windows clients SMB connection, complete the following steps using root:
a. Click Start, and then right-click This PC.
b. Select Map Network Drive.
c. In the Map Network Drive dialog box, in the Drive box, leave the default drive letter.
d. In the Folder box, type \\Cloud9\ifs.
e. Click Finish.
8. In Windows Explorer, in the navigation pane, select the mapped drive, and double-click the .snapshot directory.
You should see a complete view of all of the snapshots that have taken on the cluster. Review the content of
these snapshots.
9. For an alternate method of restoring a snapshot, complete the following steps:
a. In Windows Explorer, browse to the mapped drive that contains the studentshare1 folder.
b. Right-click the studentshare1 folder, and then click Properties.
c. In the Properties dialog box, click the Previous Version tab. A list of all the snapshots that have been
taken of the directory displays.
You have three options when navigating to and highlighting a snapshot:

Open View a read-only copy of that snapshot to ensure that it is the correct one.

Copy Copy the contents of the snapshot to a new location.

Restore Restore the directory to the state it was when the selected snapshot was taken.

Lab 5.2: Summary

Summary:

EMC Education Services

In this lab, you licensed, configured, and created a SnapshotIQ

schedule. You then ran the schedule and reviewed the results,
attributes and restore options. After completing this lab you should
be comfortable with configuring OneFS SnapshotIQ.

204

Lab 5.3: Configuring SyncIQ

Scenario 5.3:

Tasks:

Graphics-R-Us a Cloud9 customer has requested that their financial

group have their data syncd between two places as their backup.
Apply the classroom training to achieve the following; create
SyncIQ policy, run SyncIQ policy and view results, edit SyncIQ policy
and then re-run the policy and view the updated results to achieve
the customer request of a sync of their data.

1. Create SyncIQ policy.

2. Run SyncIQ policy and view results.
3. Edit SyncIQ policy.

References:

Module 5, Lesson 4

Task 1: Create SyncIQ Policy

In this task, you will license and then create a SyncIQ policy that replicates data.
1. Obtain a SyncIQ license from the instructor.
2. To install the SyncIQ license:
a. In the web administration interface, expand the Help menu, click About This Cluster, and then click
Activate license.
b. In the License key field, type the license key for SyncIQ.
c. Agree to the EULA.
d. Click Submit.
e. On the About This Cluster page, for SyncIQ, verify the Status is Evaluation.
3. On the FILE SYSTEM tab, click File System Explorer.
NOTE: You must be logged in to the web administration interface as root to use File System Explorer.

EMC Education Services

205

4. To create a demo_archive subdirectory, in the navigation pane, click the /ifs folder, and then in the details
pane, click Add Directory.
5. In the New Directory Properties box, in the Directory name field, type demo_archive.
6. Select all Permissions boxes, and then click Submit.
7. On the DATA PROTECTION tab, click SyncIQ, and then click the Policies sub-tab.
8. On the SyncIQ Policies page, click Create a SyncIQ Policy.
9. On the Create SyncIQ Policy page, in the Settings section, in the Policy name box, type a name for the policy.
(for example, PolicyTest)
NOTE: Policy names can include letters, numbers, hyphens, and underscore characters only, but they cannot
contain spaces.
10. In the Description field, type a detailed description about the policy. (for example, My Test Policy).
11. In the Action section, select Copy.
12. In the Run job section, select Only manually.
13. To configure the source directory, in the Source Cluster section, for the Source Root directory box, browse to
/ifs/data/studentshare1.
By default, no file criteria settings display. However, the default file criteria definition is file name is equal to '*'
where the wildcard character * represents any value. This criteria defines all files.
14. For the IF Condition:
a. In the first field, select Created.
b. In the second field, select newer than.
c. In the third field, select 5.
d. In the final field, select days.
15. In the Target Cluster section, for Target Host, type cloud9.
16. In the Target directory field, type the absolute path (beginning with /ifs) for the target-cluster directory to
which files will be replicated. For this lab, use /ifs/demo_archive.
17. In the Target Snapshot section, because SnapshotIQ is licensed and enabled on the target cluster:
a. In the Snapshot Alias Name field, leave the default entry, SIQ-%<SrcCluster>-%<PolicyName>.
b. In the Snapshot Naming Pattern field, leave the default naming pattern, SIQ-%<SrcCluster>%<PolicyName>-%Y-%m-%d_%H-%M.

EMC Education Services

206

c. In the Snapshot expiration section, click Snapshots expire after, type 1, and select Days for the unit.
NOTE: This will control the virtual cluster from running out of space due to the amount of snapshots.
18. In the Advanced Settings section, review the default settings. Do not modify these settings without assistance
from Isilon Technical Support.
19. Click Create Policy. The SyncIQ Policies page then displays a list of all configured SyncIQ policies.

Task 2: Run SyncIQ Policy and View Results

In this task, you will view the results of running your SyncIQ policy.
1. In the OneFS web administration interface, on the DATA PROTECTION tab, click SyncIQ.
2. Click the Policies sub-tab, and then in the Actions column for the policy that you just created, click More, and
then select Assess Sync.
3. Click the Summary sub-tab, scroll down to the SyncIQ Recent Reports section to verify that the policy ran
successfully.
4. Click the Policies sub-tab, in the Actions column for the policy that you want to run, click More and, then select
Start Job. The SyncIQ job runs in the background.
5. To view the running job, click the Summary sub-tab. The Active Jobs section displays the status and outcome of
SyncIQ jobs.
6. The current status of the SyncIQ job displays in the Status column.
After the job finishes running, it displays in the SyncIQ Recent Reports section.
To view details of the report, click View details in the row that contains the SyncIQ job.
After viewing the details, click Close.
7. On the FILE SYSTEM tab, click File System Explorer.
8. In the navigation pane, select the /ifs directory, and then for the row that contains demo_archive, click
Properties.
9. Click Cancel to close the Properties window.

Task 3: Edit SyncIQ Policy

In this task, you will edit the SyncIQ policy.
1. In the OneFS web administration interface, on the DATA PROTECTION tab, click SyncIQ, and then click Policies
sub-tab.
2. In the SyncIQ Policies table, for the policy that you created, click View/Edit.

EMC Education Services

207

3. On the View SyncIQ Policy Details page, click EDIT POLICY.

4. In the Settings section, in the Policy name box, change the name for the policy.
NOTE: Policy names can include letters, numbers, hyphens, and underscore characters.
5. In the Source Cluster section, note the warning message informing you that changes to this policy require a full
synchronization.
6. For the IF Condition:
a. In the first field, select Created.
b. In the second field, select older than.
c. In the third field, select 6.
d. In the last field, select months.
7. In the Target Cluster section, in the Target Host field, type cloud9.isilon.training.com.
8. Leave the rest of settings unchanged, and click Save Changes.
9. Note the success message, and then click Close.

Task 4: Re-run Policy and View Results

In this task, you will view the results after re-running your edited SyncIQ policy.
1. In the OneFS web administration interface, on the SyncIQ Policies page, in the Actions column for the policy
that you want to run, click More, and then click Start Job. The SyncIQ job runs in the background.
2. To view the running job, click the Summary sub-tab. The SyncIQ Summary sub-tab displays the status and
outcome of SyncIQ jobs.
3. On the SyncIQ Summary page, in the Active Jobs section, the current status of the SyncIQ job displays.
a. After the job moves to the SyncIQ Recent Reports section, click View details in the row that contains
your SyncIQ job.
b. After viewing the details, click Close.
4. Go to the FILE SYSTEM tab, and then click File System Explorer.
5. Select the /ifs directory in the navigation pane, for the row that contains demo_archive, click Properties.
6. In the UNIX Permissions section, change the user to Guest and the group to Users, and then click Submit.
7. Was the permission change successful?

EMC Education Services

208

Lab 5.3: Summary

Summary:

EMC Education Services

In this lab, you licensed and configured SyncIQ. You created a

SyncIQ Policy, ran the policy, viewed the results, made
modifications to the policy, and viewed the results.

209

Lab 5.4: Implement Isilon Deduplication

Scenario 5.4:

Tasks:

As the Cloud9 Senior IT admin, you know that storage space costs
and those customers are always looking for ways to save money.
Apply the training in running an assessment on the Isilon cluster,
specifying settings and view the deduplication report showing the
savings a company like Live-Stream, a multimedia customer can
achieve due to duplication of files across the cluster.

1. Assess space savings.

2. Specify settings and view space savings.
3. Test SmartConnect settings.

References:

Module 5, Lesson 5

Task 1: Assess Space Savings

In this task, you assess the amount of disk space saved by deduplicating a directory.
1. In the Remote Desktop window, click the Windows Explorer icon. A window showing all local and remote
mapped drives displays.
2. In Windows Explorer:
a. In the navigation pane, click Local Disk (C:).
b. Find the Demo_Data folder.
3. In the OneFS UI under FILE SYSTEM > File System Exlorer > /ifs/data directory, create multiple folders. At least
3 folders are needed.
NOTE: The steps needed to create SMB shares are in lab 4.3.
4. From the Demo Data folder on the Windows Workstation C:\ drive, copy a folder or two into each folder you
created.

EMC Education Services

210

5. In the OneFS web administration interface, click File System Management, and then click Deduplication.
NOTE: Observe that deduplication is not enabled.
6. Click Settings.
7. In the Assess Deduplication section, click Browse.
8. On the Select a Directory page, click the data folder, and then click Select.
If you assess multiple directories, disk savings are not differentiated by directory in the deduplication report.
9. Click Save Changes. You should see a green success message at the top of the window.
10. On the CLUSTER MANAGEMENT tab, click Job Operations.
11. Click the Job Types sub-tab.
12. In the Job Types table, in the DedupeAssessment row, in the Actions column, click More, and then click Start
Job.
13. On the Start a Job dialog box, click Start Job.
14. A Starting Job message displays briefly.
15. Under Job Operations, click Job Summary.
16. When the DedupeAssessment job completes, the job is removed from the Active Jobs table.
NOTE: This may take a few minutes to complete.
17. On the FILE SYSTEM tab, click Deduplication.
18. Click the Summary sub-tab.
In the Deduplication Assessment Reports table, in the row of the most recent assessment job, click View
Details.
19. On the Deduplication Report page, view the amount of disk space that will be saved if you deduplicate the
directory. The number of blocks that will be deduplicated is displayed in the Deduped blocks value.
20. When you have completed viewing the report, click Close.

Task 2: Specify Settings and View Space Savings

In this task, you specify which directories you want to deduplicate, and view the amount of disk space that you are
currently saving with deduplication. You will need to add the Deduplication license to perform this task.
1. In the OneFS web administration interface, on the FILE SYSTEM tab, click Deduplication, and then click Activate
Deduplication.
EMC Education Services

211

2. Ask your instructor for the Isilon SmartDedupe license.

a. Hover over Help menu, and select About This Cluster.
b. In the Licensed Modules section, click Activate license.
c. Type the license number. (License numbers are not case sensitive, but should not include mixed case
characters, and hyphens are allowed.)
d. Accept the EULA.
e. Click Submit.
f.

On the About This Cluster page, verify that SmartDedupe Status is Evaluation.

3. On the FILE SYSTEM tab, click Deduplication.

4. Click Settings.
5. In the Deduplication Settings section, click Browse.
6. On the Select a Directory page, click the data folder, and then click Select.
7. Optional: Specify additional directories.
a. Click Add another directory path.
b. Click Browse and navigate to a directory that you want to deduplicate.
8. Click Save Changes. A green success message displays at the top of the window.
9. Click Cluster Management, and then click Job Operations.
10. Click Job Types.
11. In the Jobs Types table, in the row of the Dedupe job, click View/Edit.
12. In the View Job Type Details window, click Edit Job Type.
13. Leave all settings at the defaults, and then click Scheduled, and then select Daily.
In the Run policy at box, set the time to be as close to the current time thats currently on the Windows client
so that the deduplication runs.
Click Save Changes, and then click Close.
14. On the Job Operations page, click the Job Summary tab, and verify your Deduplication job is running.
15. On the FILE SYSTEM tab, click Deduplication.
16. On the Summary sub-tab, in the Deduplication Savings section, view the amount of disk space saved. Wait for
the refresh or manually refresh the page to observe the increase in space.

EMC Education Services

212

Task 3: View Deduplication Report

In this task, you will view information about the job in a deduplication report after the job completes.
1. In the OneFS web administration interface, on the FILE SYSTEM tab, click Deduplication, and then click the
Summary sub-tab.
Scroll down to the Deduplication Reports section.
NOTE: If no deduplication reports are listed, verify that the job is running. To do this, on the CLUSTER
MANAGEMENT tab, click Job Operations, and then click Job Summary.
2. On the FILE SYSTEM tab, click Deduplication.
3. On the Summary page, scroll down to the Deduplication Reports section. To view a report about a
deduplication job, in the Deduplication Reports table, click View Report.
4. On the Deduplication Report page, view the Duration and Savings values. After you review the report details,
click Close.

Lab 5.4: Summary

Summary:

EMC Education Services

In this lab, you assessed deduplication space savings, configured

deduplication for OneFS, and viewed the space savings from
deduplication. After completing this lab you are now able to
configure OneFS deduplication.

213

Lab 5.5: SmartLock Compliance

Scenario 5.5:

Cloud9 is looking at expanding their customer base with healthcare

and the financial industry storage. In these industries, federal
regulations specify security requirements for data storage, and
Isilons SmartLock and SmartLock Compliance were designed to
meet these requirements. SmartLock Compliance mode enables
you to protect your data in compliance with the regulations
defined by U.S. Securities and Exchange Commission rule 17a-4.
Using the training you received, you will build a SmartLock
Enterprise cluster and SmartLock compliance cluster. You will then
compare and contrast the differences of these two SmartLock
options.
DNS settings for building a compliance cluster have already been
entered. Your Cloud9 Nodes 1-3 are your Enterprise Cluster, which
is already built for you in the virtual environment. Compliance
Nodes 1-3 will be used to create a compliance cluster.
DNS settings for building a compliance cluster have already been
entered. Your Cloud9 Nodes 1-3 are your Enterprise Cluster, which
is already built for you in the virtual environment. Compliance
Nodes 1-3 will be used to create a Compliance cluster.

Tasks:

1. Compliance Mode Wizard.

2. Web administration interface account comparisons.
3. SmartLock enterprise cluster.
4. SmartLock compliance mode cluster.

References:

EMC Education Services

Module 5, Lesson 6

214

Task 1: Compliance Mode Wizard

In this task you run the Isilon wizard in compliance mode and build a three node compliance mode cluster. Name the
cluster compliance and use the SmartConnect IP address of 192.168.0.102.
1. In the VMware Workstation, right-click the Compliance-Node1 tab, select Power, and then click Power On.

2. Wait for the node to reach the Wizard prompt, and then repeat Step 1 for the Compliance-Node2 and
Compliance-Node3 tabs, waiting each time for the VM to reach the Wizard prompt.
3. On Compliance-Node3, at the Wizard prompt, type 4, and then type yes to confirm the operation. This will
cause the node to reboot into Compliance mode.
4. Repeat step 3 for Compliance-Node2 and Compliance-Node1 to boot all three nodes into Compliance mode.
Wait until all three nodes are at the Wizard prompt before continuing to the next step.
5. After all three nodes have rebooted, on the Compliance-Node1 tab at the Wizard prompt, type 1 to create a
new cluster.
6. A request for a SmartLock Compliance license is displayed. Type the license key provided by the instructor, and
then press ENTER.

7. Press the SPACEBAR to scroll to the bottom of the EULA.

8. At the end of the EULA, type yes.

EMC Education Services

215

9. The license is verified and you are prompted to change the compadmin password. Use the Isilon2! password
and then verify the password by retyping.
10. At the prompt for UI admin password change, use the Isilon2! password, and then verify the password by
retyping it.
11. At the prompt, type yes to enable Support IQ.
12. At the prompt for company name, type Isilon.
13. At the prompt for contact name, type Employee.
14. At the prompt for contact phone, type 2063157500.
15. At the prompt for the contact email, type employee@isilon.com.
16. At the Configure Name prompt, type Compliance.
17. Press ENTER to accept the default encoding, utf-8.
18. Type 1 to configure the netmask, and enter 255.255.255.0.
19. Type 3 to configure the int-a IP ranges, and then type 1 to Add an IP range.
20. Type 128.221.252.21 for the Low IP address.
21. Press BACKSPACE as necessary to type 128.221.252.29 for the High IP address. (The range is 128.221.252.21 to
128.221.252.29).
22. Press ENTER at the int-a IP ranges prompt to confirm the range.
23. Press ENTER at the interface int-a prompt to confirm the current configuration.
24. Type 1 at the prompt for the external subnet.
25. Type 1 to configure the netmask. Type 255.255.255.0 for the ext-1 netmask.
26. Type 3 to configure the ext-1 IP range, and then type 1 to add an IP range.
27. Type 192.168.0.21 for the Low IP address.
28. Press BACKSPACE as necessary to type 192.168.0.29 for the High IP address. (The range is 192.168.0.21 to
192.168.0.29.).
29. Press ENTER at the ext-1 IP ranges prompt to confirm the entered IP.
30. Press ENTER at the interface ext-1 prompt to confirm the current configuration.
31. Type 192.168.0.1 for the default gateway.

EMC Education Services

216

32. To Configure SmartConnect settings, enter 1.

33. For the SmartConnect zone name, type compliance.isilon.training.com.
34. At the Configure SmartConnect settings prompt, type 2.
35. At the SmartConnect service IP prompt, type 192.168.0.102.
36. Press ENTER at the Configure SmartConnect settings prompt.
37. Type 1 to configure the DNS server, and then type 192.168.0.201.
38. Type 2 to configure the Search domains, and then type Isilon.training.com.
39. Press ENTER at the Configure DNS settings prompt.
40. Press ENTER at the Configure external subnet prompt.
41. Press ENTER at the Configure date prompt, type 1.
42. Type 5, and press ENTER for Pacific Time Zone.
43. Press ENTER at the Configure join mode prompt to accept Manual mode.
44. Type yes at the Commit changes prompt. This will confirm your acceptance of the configuration of the node.
Let the job run until you are back at a login prompt.
45. Click the Compliance-Node2 tab.
46. At the Wizard prompt, type 2 to Join an existing cluster.
47. At the Join cluster prompt, type 2. You will see cloud9 listed as choice 1 and compliance as choice 2. Let the job
run until you are back at a login prompt.
48. Click the Compliance-Node3 tab.
49. At the Wizard prompt, type 2 to Join an existing cluster.
50. At the Join cluster prompt, type 2 to join the Compliance cluster. Wait until youre back at the login prompt.
51. In the Remote Desktop window, open a web browser.
Navigate to the web administration interface at https://192.168.0.21:8080.
Log in as admin with password Isilon2!. If a message appears indicating a certificate or security problem,
continue despite the warning.
52. On the DASHBOARD tab, click Cluster Overview.
On the Cluster Status sub-tab, your cluster overview should show a yellow status, 3-node cluster with an IP
range from 192.168.0.21-29.
EMC Education Services

217

53. On the DASHBOARD tab, click Events.

54. On the Summary sub-tab, in the New Events section, click Quiet all events.
55. On the DASHBOARD tab, click Cluster Overview. Your cluster should be green.
56. Log out of the web administration interface, and minimize the browser window.
57. In the Remote Desktop window, on the Windows client, click Start, and then click Run.
In the Run popup window, type cmd, and then press ENTER.
58. Press ENTER after typing:
nslookup compliance

Verify that the cluster resolves.

59. Press ENTER after typing:
ping compliance

Verify the cluster responds with one of the IPs.

Repeat this a few more times to verify that the IPs in our range, 192.168.0.21-29, respond.
53. Close the Command Prompt window.

Task 2: Web Administration Interface Account Comparisons

In this task, you compare account web administration interface differences between the two available cluster modes.
1. In the Remote Desktop window, go back to the browser window, and navigate to the web administration
interface for the Cloud9 cluster at https://192.168.0.11:8080.
Log in as root with password Isilon2!. If a message appears indicating a certificate or security problem, continue
despite the warning.
2. Open a second browser tab, navigate to the web administration interface for the Compliance cluster at
https://192.168.0.21:8080.
Log in as root with password Isilon2!.
What happens?
3. Log on to the Compliance cluster as compadmin with the Isilon2! password.
What is the response from the cluster?

EMC Education Services

218

4. List the specific areas you can access with the compadmin account?
5. Log out of the Compliance cluster web administration interface, and log back in as admin with the Isilon2!
password. Notice the full access of admin vs. compadmin, and the lack of root.
Minimize all web administration interface browser windows.

Task 3: SmartLock Enterprise Cluster

In this task, you explore the SmartLock settings on the Cloud9 Enterprise cluster. Take some time to explore CLI
subcommands options.
1. In the Remote Desktop window, click the PuTTY icon, enter 192.168.0.11 in the Host Name field, and then click
Open.
If you get a PuTTY Security Alert, click Yes to accept.
2. Log on to the cluster as root using the Isilon2! password.
3. Press ENTER after typing:
isi smartlock -h

What happens and why?

4. Press ENTER after typing:
isi worm -h

Write down the subcommands.

5. Verify if you have a SmartLock license installed. If not add it.
6. To create a SmartLock directory with a commitment after every 10 minutes and a minimum data retention for
one month , press ENTER after typing:
isi worm domains create /ifs/data/SmartLock/sl1 -autocommit-offset 10m min-retention 1M --mkdir

7. Press ENTER after typing:

yes

Your SmartLock directory is now created.

8. Go to your browser session for your Cloud9 cluster.
9. On the FILE SYSTEM tab, click File System Explorer.

EMC Education Services

219

10. Click /ifs/data/SmartLock.

On the right side of the page, verify that you see sl1 directory with a red lock.
11. Hover the mouse over the red lock and observe the popup bubble confirming this is a SmartLock directory.
12. Return to your PuTTY session.

13. Press ENTER after typing:

isi worm domains modify /ifs/data/SmartLock/sl1 -default-retention 1Y

14. Press ENTER after typing:

isi worm domains list

15. Press ENTER after typing:

isi worm domains modify /ifs/data/SmartLock/sl1 -override-date 20160704
You have changed the file retention date for the worm domain. Files will be retained for the greater of the override
date and the individual file retention date.

16. Now create either an smb or nfs connection to this directory and copy some files from the client system to the
directory.
17. In PuTTY, press ENTER after typing:
isi worm domains list -v

What do you see and is the information provided correct?

18. Look at your directory and select a file name. This can be done through Windows Explorer, a Linux client, or the
CLI.
19. Press ENTER after typing:
isi worm files view /ifs/data/SmartLock/sl1/<file name>

What information is displayed? Is the file committed or not?

20. Press ENTER after typing:
isi worm domains modify /ifs/data/SmartLock/sl1 -privileged-delete true

This command works for deleting WORM committed files before the expiration date only if you are logged in as
root on the Enterprise cluster through the CLI. Privileged delete functionality must not be permanently disabled
for the SmartLock directory that contains the file.

EMC Education Services

220

21. Press ENTER after typing:

isi worm files delete /ifs/data/SmartLock/sl1/<file name>

At the confirmation prompt, type yes.

You can verify the file is gone by looking in Windows Explorer, or using a Linux client, or doing a listing from the
CLI.
Close the PuTTY window and the web browser before proceeding to the next task.

Task 4: SmartLock Compliance Mode Cluster

In this task, you explore the SmartLock settings on a compliance mode cluster. Take some time to explore the CLI
subcommands options.
1. Install the SmartLock license. Refer to Adding Application Licenses in the Lab Configuration section (see Lab
3.5, Task 1 in the lab guide) if you do not remember how to install a license.
2. Open a new PuTTY window to 192.168.0.21, and log in as compadmin using the Isilon2! password.
If you get a PuTTY Security Alert pop-up window, click Yes to accept.
3. Press ENTER after typing:
isi worm -h

Write down the subcommands.

4. Press ENTER after typing:
isi worm cdate set

5. Press ENTER after typing:

isi worm cdate view

6. Press ENTER after typing:

sudo isi worm domains create /ifs/data/SmartLock/sl1 -autocommit-offset
10m -min-retention 1M --mkdir

7. Press ENTER after typing:

yes

You now have created a SmartLock directory with a commitment after 10 minutes and a minimum retention of
the data for 1 month.

EMC Education Services

221

8. Press ENTER after typing:

sudo isi worm domains modify /ifs/data/SmartLock/sl1 -default-retention
1Y

9. Press ENTER after typing:

sudo isi worm domains list

10. Press ENTER after typing:

sudo isi worm domains modify /ifs/data/SmartLock/sl1 -override-date
20160704

You have changed the file retention date for the worm domain. Files will be retained for the greater of the
override date and the individual file retention date.
11. Now create either an smb or nfs connection to this directory and copy some files from the client system to the
directory. Use the compadmin/Isilon2! user account and password to map the drive.
12. In PuTTY, press ENTER after typing:
sudo isi worm domains list -v

What do you see and is the information provided correct?

13. Look at your directory and select a file name. This can be done through Windows Explorer, or a Linux client, or
the CLI.
14. Press ENTER after typing:
sudo isi worm files view /ifs/data/SmartLock/sl1/<file name>

What information is displayed? Is the file committed or not?

15. Press ENTER after typing:
sudo isi worm domains modify /ifs/data/SmartLock/sl1 -privileged-delete
true

This command works for deleting WORM committed files before the expiration date only if you are logged in as
compadmin on the compliance cluster through the CLI. Privileged delete functionality must not be permanently
disabled for the SmartLock directory that contains the file.
16. Press ENTER after typing:
sudo isi worm files delete /ifs/data/SmartLock/sl1/<file name>

At the confirmation prompt, type yes.

You can verify the file is gone by looking in Windows Explorer, using a Linux client, or doing a listing from the
CLI.
EMC Education Services

222

Lab 5.5: Summary

Summary:

EMC Education Services

In this lab, you created, configured, and reviewed both enterprise

and compliance mode clusters. You should be comfortable with
configuration of enterprise and compliance mode clusters as well
as managing them via the web administration interface or CLI.

223

This page intentionally left blank.

EMC Education Services

224

Module 7
Monitoring

EMC Education Services

225

Module 7 - Monitoring
Lab 7.0: Cluster Events
Scenario 7.0:

Tasks:

Cloud9 has always had the admin team jointly monitor the
hardware and report to the senior IT issues with the hardware.
With your new Isilon cluster, you need to explain to your team
about cluster events. Using the training you just received, review
events looking for any failures, warnings, etc. Understand what is
being relayed by looking at details of events and Access Overview.
Practice displaying events from the web administration interface
and CLI as well as analysis what events belong to which event
categories. You will also practice event management on how to
quiet/unquiet or cancel/uncancel events.

1. View System Events in the web administration interface.

2. View System Events in the CLI.

References:

Module 7, Lessons 1 2

Task 1: System Events in web administration interface

In this task, you review system events to validate issues and resolve them.
1. In the Remote Desktop window, in the web administration interface, click the DASHBOARD tab.
2. Click the Events sub-tab.
3. Review the events listed on the New Events page.
4. What Events are Green? _______________________________________________________

EMC Education Services

226

5. On the right side of the page, in the Action column, click View details.
6. Review the Event type, Message, Scope, and Severity.
7. Write down the Event type. _____________________________________________________
8. Using the Reading Event Type slide in your Student guide, validate the Event Category that this Event Type
belongs to.
_______________________________________________________________________________________
9. What Events are Yellow? _______________________________________________________
10. Review the Event type, Message, Scope, and Severity.
11. Write down the Event type. _____________________________________________________
12. Using the Reading Event Type slide in your Student guide, validate the Event Category that this Event Type
belongs to.
_______________________________________________________________________________________
13. What Events are red? _________________________________________________________
14. Review the Event type, Message, Scope, and Severity.
15. Write down the Event type. _____________________________________________________
16. Using the Reading Event Type slide in your Student guide, validate the Event Category that this Event Type
belongs to.
_______________________________________________________________________________________
17. Mouse over Help, Click Help on This Page in the upper right corner of your web browser.
18. Use the Event Type from step 15 to find the Event ID information in Help. Compare this information to what
you had read on the View details page.
19. Click the Events sub-tab.
20. Click the Type column header to get all Coalesced Events to the top of the New Events section.
21. Click one of the Coalescing Event dots.

EMC Education Services

227

22. Scroll down to review the Event Details but also to see the Coalesced Events listed at the bottom of the web
page.
23. Click the Events sub-tab.
24. Choose an Event and click the Quiet link in the Actions column on the far right side.
25. Scroll down and validate your event shows up in the Quieted Events list.

Task 2: System Events in CLI

In this task, you will review System Events and their purpose from the CLI.
1. In the Remote Desktop window, if you have a PuTTY window open, click it to bring it to the front of your
desktop.
2. Press ENTER after typing:
isi events -h

Validate your list and show commands.

3. Press ENTER after typing:
isi events list
OR if no events list, type the following:
isi events list -history |more

4. Record an ID from the list. ________________________________________

5. Press ENTER after typing:
isi events show -w #.##

6. Does this match the event information you had reviewed in the web administration interface? Yes or No
NOTE: This should match the majority of the information if not identical to what you saw in the web
administration interface.
7. Press ENTER after typing:
isi events quiet #.##

NOTE: Use the ID from step 4.

EMC Education Services

228

8. Press ENTER after typing:

isi events list

Is the Event gone from the list?

9. Press ENTER after typing:
isi events unquiet #.##

NOTE: Use the ID from step 7.

10. Press ENTER after typing:
isi events list

Is the Event listed again?

11. Press ENTER after typing:
isi events cancel #.##

NOTE: Use the ID from step 9.

12. Press ENTER after typing:
isi events list

Is the Event listed?

13. Press ENTER after typing:
isi events list --history

Is the event listed and what does the message say about the event?
Some events are recurring and when canceled can pop right back into the event list. As such to keep the event
from showing up in the event list one would want to quiet the event rather than cancel said event.
14. Press ENTER after typing:
isi_classic events notifications

You will have 4 options that will help you with notifications.

EMC Education Services

229

15. Press ENTER after typing:

isi_classic events notifications list

You will only see default Isilon event notifications at this time.
16. Press ENTER after typing:
isi events settings

You should have two options.

17. Press ENTER after typing:
isi events settings list

This will show you the default settings.

18. Press ENTER after typing:
isi_classic events notifications create --name=TEST -email=student@isilon.com --include-warn=all

19. Press ENTER after typing:

isi events notifications list

You should see your new notification created with 10 categories and 269 event types listed in the description.

Lab 7.0: Summary

Summary:

EMC Education Services

In this lab, you learned how to view events, understand the event
and address the event from the web administration interface and
the CLI. After completing this lab you should be comfortable
displaying events, reading and interpreting and acting to either
quiet or cancel said events.

230

Lab 7.1: Installation on InsightIQ 3.1

Scenario 7.1:

Tasks:

Understanding InsightIQ and the benefits it brings to Cloud9 for

monitoring and managing the cluster.

1. Activate InsightIQ.
2. Configure local user and administrator account.
3. Configure network settings and time zone.
4. Configure datastore.
5. Add a cluster.
6. Enable and configure FSA.
7. Manage IIQ instance.

References:

Module 7, Lesson 3

Task 1: Activate InsightIQ

Your instructor will give you a license key for InsightIQ. Use this number to activate InsightIQ on your training cluster.
1. In the Remote Desktop window, using PuTTY, open an SSH session to the first node of your training cluster. Use
the IP address 192.168.0.11 to connect.
NOTE: If your prompted for domain credential, use the administrator account with password Isilon2!.
2. Log on to the node using the root account with password Isilon2!.
3. Press ENTER after typing:
isi license activate <key>

where <key> is the InsightIQ license key provided by your instructor.

EMC Education Services

231

4. Press the SPACEBAR or PAGE DOWN key to scroll through the eleven paragraphs of the license agreement
(EULA).
To agree to the terms of the EULA, at the end of the agreement, press ENTER after typing:
yes

If successful, the screen displays InsightIQ has been successfully activated.

5. To confirm that InsightIQ is activated as an evaluation license and the expiration date, press ENTER after typing:
isi license status

6. To close the connection to the node, press ENTER after typing:

exit

Task 2: Configure Local User Account

In this task, InsightIQ connects to the monitored cluster as a local user of the monitored cluster.
1. In the Remote Desktop window, open a browser session.
2. In the browsers address bar, type https://<IP Address>:8080, where <IP Address> is the IP address of a node
on the training cluster (i.e., https://192.168.0.11:8080).
3. Log on to the web administration interface using the root account credentials.
4. On the ACCESS tab, click Membership & Roles.
5. In the Current Access Zone field, verify System is selected.
6. On the Users tab, from the Users drop-down list, select FILE:System.
7. In the username list, locate insightiq, and then click View details.
8. Next to Password, click Edit.
9. In the Password field, type Isilon2!, and then click Save.
10. Next to Enable Account, click Edit.
11. Check the Enable the account box, and then click Save.
12. Log out from the web administration interface, and minimize the web browser.

EMC Education Services

232

Task 3: Configure Administrator Account

In this task, you will configure an InsightIQ administrator account. The InsightIQ administrator has all privileges to view
and modify InsightIQ configuration settings.
1. Click the InsightIQ_v3.2 VM tab.
2. Click the Green arrow to power on the VM.
3. Open the VMware console for the InsightIQ virtual appliance by clicking the InsightIQ_v3.2 tab.
You need to click inside of the window, and then press CTRL+ALT to activate the console.
4. At the New Password prompt, type Isilon2!, and then press ENTER.
NOTE: A warning that the password is based on a dictionary word displays. This is okay for this lab.
5. At the Re-Enter Password prompt, type Isilon2!, and then press ENTER.

Task 4: Configure Network Settings and Time Zone

In this task, you configure the network environment. InsightIQ, by default, is installed using DHCP mode. You can,
however, specify a static IP address for the InsightIQ virtual appliance. Use of a static IP address is recommended. Using
dynamic addressing is useful when setting up InsightIQ for the first time, but in practice static mode is recommended.
1. On the EMC Isilon InsightIQ Login page, Login is highlighted. Press ENTER.
2. Type administrator, and then press ENTER.
3. Type Isilon2!, and then press ENTER.
4. At the prompt, type iiq_network, and then press ENTER.
5. You are prompted for a password. Type the password you created for IIQ, (Isilon2!), and then press ENTER.
6. Type 4, and then press ENTER. At the prompt, type 192.168.0.201, and then press ENTER.
7. At the prompt for a 2nd DNS IP address, press ENTER.
8. Type 6, and then press ENTER.
9. At the Configure IPv4 prompt, type y and press ENTER.
10. At the DHCP prompt, press ENTER to accept the default [n].
11. Type 192.168.0.221, and then press ENTER.
12. Type 255.255.255.0, for the netmask, and then press ENTER.

EMC Education Services

233

13. Review the IP address and netmask, and then press ENTER to accept the default of y.
14. Type 2, and then press ENTER. You are prompted to choose an interface option. Accept the default option of 0,
and then press ENTER.
NOTE: If you have multiple Ethernet interfaces, repeat the steps.
15. For the Default Gateway, type 192.168.0.1, and then press ENTER.
16. Once the reconfiguration of eth0 is completed, press 0, and then press ENTER.
Review to make sure the following settings are configured correctly:

Gateway: 192.168.0.1

IP address: 192.168.0.221

Netmask: 255.255.255.0

DNS server IP address: 192.168.0.201

17. Type 1, and then press ENTER. You are returned to the local administrator prompt.
18. Type exit, and then press ENTER.
19. You are returned to the IIQ Login main page. Two addresses display; one for the InsightIQ application and one
to manage the VM.
20. Press the DOWN ARROW to set the Set Timezone option, and then press ENTER.
21. Type 2 to select Americas, and then press ENTER.
22. Type 49 for United States, and then press ENTER.
23. Type 21 for Pacific Time, and then press ENTER.
24. You are shown local and universal time. Check the local time against the time on the Windows Client system to
make sure it is current and correct.
NOTE: If the time is not correct, type 2 for No, and then press ENTER.
25. Type 1, and then press ENTER.
26. You are returned to the Login page. Close the VM.

EMC Education Services

234

Task 5: Log on and Accept EULA

A new installation of InsightIQ requires you to accept or decline the EULA the first time you log on. In this task you
accept the EULA.
1. In the Remote Desktop window, open the Google Chrome web browser.
2. Connect to the InsightIQ application at http://<ipaddress or host name>, where <ipaddress or host name> is
either the IP address or the host name of the InsightIQ virtual appliance.
For this lab, use the IP address 192.168.0.221.
The InsightIQ application login page displays.
Note: If you wanted to connect to the InsightIQ application by host name, you must first configure a host name
for the IP address in DNS.
3. Log in to the InsightIQ application with the user name administrator / Isilon2!. The one-time InsightIQ EULA
page appears.
4. Review the EULA, click I have read and agree to, and then click Submit. The Welcome to InsightIQ page
displays.

Task 6: Configure Data Store

In this task, you have the option of configuring a local or remote NFS data store. The local data store option is included
by default with the InsightIQ virtual appliance. If you want to place a data store an Isilon storage cluster or on an NFSmounted server, you can specify the cluster or server in this task. You will configure a local data store for this lab.
1. For the InsightIQ appliance local data store:
a. Local Datastore: The Datastore path displays by default: /datastore.
2. Click Submit. The Add Cluster dialog box displays.

Task 7: Add Cluster

In this task you specify an initial cluster to monitor. While you will identify the cluster by an IP address or a host name in
this lab, alternatively you could specify the name of a SmartConnect zone.
1. In the Add Cluster dialog box, verify that I want to monitor a new cluster is selected.
2. In the Isilon cluster field, type the host name or IP address of any node in the cluster that you want to monitor.
Use IP address 192.168.0.12.
3. In the Username field, type the user name for the corresponding local user on the monitored cluster. For a
monitored cluster running OneFS 6.0 or later, type insightiq.
4. In the Password field, type the local InsightIQ user's password exactly as it is configured on the monitored
cluster. Isilon2! if you used the lab manual.

EMC Education Services

235

5. Click OK. The cluster is added to the list of monitored clusters.

6. On the Settings tab, the monitored clusters display.

Task 8: Enable and Configure FSA

In this task, you will enable and configure the File System Analytics feature of InsightIQ.
1. For the cluster whose File System Analytics settings you want to configure, in the Actions column, click
configure.
2. On the Configuration for Cluster page, click the Enable FSA tab.
3. On the File System Analytics Job Control page, enable the File System Analytics feature in order to view chart
information in the Data Usage and Data Properties views.
Select the Enabled box, and then click Submit.
4. Click the FSA Configuration tab.
5. On the File System Analytics Job Settings page, configure the Result Set Options settings:

Directory chart maximum depth: Type an integer that represents the maximum depth of the
directories that you want InsightIQ to analyze. To specify an unlimited depth, type -1.

File/directory list size: Leave the default value of 1000, or type an integer that represents the
maximum number of top-contributing files and directories to list in the InsightIQ Data Usage view.

Path squash depth: Leave the default value of 5, or type an integer that represents the maximum
number of directory levels to include in a path.

6. Configure Result Set Retention settings:

Maximum result set age in days: Type an integer that represents, in days, how long to retain each data
set before automatically deleting it.
To retain data sets indefinitely, type 0. You can manually delete a data set at any time.

Maximum result set count: Type an integer that represents the maximum number of data sets to
retain.
To retain an unlimited number of data sets, type 0.

7. Click Submit.
8. Click the DASHBOARD tab to review your monitored cluster.
9. Log out of the browser session.

EMC Education Services

236

Task 9: Manage IIQ Instance

In this task, you will log into your management screen for this instance of InsightIQ.
1. In the Google Chrome browser address box, type https://192.168.0.221:5480, and then press ENTER.
2. On the Sites Security Certificate page, click Proceed Anyway.
3. Log on using the administrator account.
4. Observe System Information, and options for Time Zone and Actions. Reboot or shut down.
5. Click Time Zone. The current system time zone should read America / Los_Angeles.
6. Click the Network tab. Review the Network Status.
7. Click the Address button. View the Network Address Settings.
8. Click the Proxy button. Look at the various fields that can be used for setting up a Proxy.
9. In the upper right corner, click the Application Home link. Notice the new browser tab that opens to allow you
to log into IIQ.
10. Click the X in the tab to close the IIQ web page.
11. Click Logout user administrator.

Lab 7.1: Summary

Summary:

EMC Education Services

In this lab, you learned how to configure InsightIQ. This included

activating IIQ, configuring the local account, IIQ admin account,
network settings, data store, adding the cluster for monitoring and
configuring and enabling FSA. Your final overview was of the IIQ
Management web page. After completing this lab you will be able
to install and management InsightIQ.

237

Lab 7.2: Using InsightIQ

Scenario 7.2:

Isilon training has supplied an IIQ 3.1 image with captured

historical data. Using this demo image, use what was taught to you
to get base line reports on the clusters supplied. Then build custom
reports that will cover multiple companies and the data on the
cluster.
NOTE: Use the IIQ31DEMO image for this lab. Log in as
administrator using the Password123! password.

Tasks:

1. Interface overview.
2. View InsightIQ performance reports.
3. View InsightIQ file system reports.

References:

Module 7, Lesson 4

Task 1: Interface Overview

In this task, you will use the IIQ31DEMO vApp image which has a canned IIQ 3.1 machine plus a Windows and Linux
client machine.
1. Click theVMware Workstation IIQv3.1.DEMO tab. Start the InsightIQ vApp by clicking the green Start icon.
2. On the windows workstation, launch a browser. Type https://192.168.0.222 in the address field and press
ENTER.
3. At the security certificate message, click Proceed anyway.
4. On the InsightIQ Console Welcome page, type the user name administrator and password Password123!.
The InsightIQ Console displays, showing data from Sunday, 10/28/ 2014.
5. On the InsightIQ Console, the Dashboard tab is highlighted.

EMC Education Services

238

6. On the InsightIQ Dashboard, locate the Aggregated Cluster Overview shown by #1. These are recent trend
charts for the last 12 hours, sometimes known as sparklines #2.
7. Scroll down on the dashboard and highlight the following:
a. Similar statistics are displayed for each cluster as is displayed at an aggregate level above.
b. Performance details for this specific cluster can be jumped to by clicking Performance details.
c. File system details for this specific cluster can be jumped to by clicking File system details.
d. Estimated usable capacity will display on clusters OneFS 7.2 that have run an FSA job. Click Capacity
Reporting to provide details of the origin of the Usable Capacity number.
e. Click the + icon to expand the details for that cluster.
f.

The order can be changed by clicking and dragging the handle on the right.

Task 2: InsightIQ Performance Reports

In this task, you will examine the features of Performance Reporting.

Task 2.1 Select the Performance Report and Cluster

1. Select the PERFORMANCE REPORTING tab.
2. On the Select a report menu, select Cluster Performance.
3. On the Apply to cluster menu, select cribsbiox.

Task 2.2 Select the Date Range and View the Report
1. For best results in this lab, select the date range of 10/26/2014 - 11/1/2014.
2. Click View Report.

Task 2.3 Using the Chart View

1. Any of the report views created here can be scheduled, automatically generating a PDF and emailing it.
2. The report can be customized allowing administrators to choose exactly which charts to include in the report.
3. The zoom level can be changed here as well as moving forward and backward in time.
4. Custom filters can be made here allowing administrators to quickly view the data they are interested in.
5. Any of the charts can be collapsed here.
6. Breakouts are a very powerful way to show some of the details of what is going on in the chart.

EMC Education Services

239

7. Any chart can be downloaded as a CSV by clicking this link. Administrators can also SSH to the InsightIQ server
and dump large sections of performance data to CSV file. This can, also, be automated with cron.
8. The charts are all interactive and allow data detail to be shown by simply hovering over that part of the chart.
Administrators can also click and drag to move the timeline, double-click to zoom in and double-click while
holding the shift key to zoom out.

Task 2.4 Examine the Charts in this Report

In this task, scroll through the whole page to show all the charts that are included.

Scroll down to the Connect Client section, in the Breakout by section above the chart, click Node.
Here the administrator can see that there is some imbalance in the cluster. They could explore this data during
different time periods to see if Node 13 is constantly having more connects and if so, consider change
SmartConnect to balance the connects better. The administrator could easily automate this report get a daily or
weekly email with this chart in the PDF.
NOTE: Details can be seen by hovering not only over the chart, but on the heat maps for each client.

Task 2.5 Explore the Throughput Spike

1. Scroll back up to the External Network Throughput Rate chart, and double-click several times on the spike in
the middle.
2. Observe the greater detail as you zoom into the spike.
3. Beyond the first 24 hours, the data is down sampled to a data point for each 10 minute period, but shows the
maximum and minimum data values during the 10 minute period. The hard blue line is the average for the 10
minutes and the light blue lines show the range during the 10 minutes.
4. Click and drag from left to right to go forward in time.
5. Notice that all the charts in the report are updated also.

Task 2.6 Find the Heaviest Client

1. In the Breakout by section, click Client link.
NOTE: This makes it very clear that 10.7.189.141 is using most of the throughput during this time window.
2. Filter on the client by clicking IP address.
NOTE: If in production, the system will reverse look up address to display DNS names here.

EMC Education Services

240

Task 2.7 Identify Operations Running on this Client

In this task, you will examine how a filter was instantly created for this report and how all the charts are looking at load
from just this client.
1. In the External Network Throughput Rate chart, click Op Class.
Here the breakdown of operations that the client is doing is very clear. In this example, the majority of the
operations are reads. Very little of the operations are namespace related. These details tell us that SSD for
metadata will not help this client get better performance in this workflow.
2. To remove the filter, click X next to the Client IP.

Task 2.8 Identify Operations Running on All Clients

In this task, now that the client filter is removed, the breakdown of operation types is seen for all clients during this
time period.

To see what data flow looks like, in the Breakout by section, click Direction.

Task 2.9 Find the Direction Data is Moving

Observe the Out and In to determine the data direction.

NOTE: Here it is clear that the majority of the data being transferred is coming into the cluster.

Task 2.10 Share Views with Other Administrators

1. In the top right corner of the page, click PERMALINK.
NOTE: Highlight the fact that it is simple to get a URL that can be sent to an individual. When that person clicks
on it, they can login to the InsightIQ server and see the exact same view.
2. Click OK when done.

Task 2.11 Create a Custom Performance Report

Scroll to the top and click Create a New Performance Report.

Start with a blank report

There are many standard templates in the lower half of this page that can be used as starting point for a custom
report.

To start with blank slate, click Create from Blank Report.

Choose options for this report

1. Give the report a name.

EMC Education Services

241

2. Check the Live Performance Reporting box. This will make the report show up as an option in Live Performance
Reporting.
3. Check the Scheduled Performance Report box. This generates a report at a specific frequency on a specific
cluster. When this is selected, more scheduling options will appear.
4. Select cribsbiox as the cluster the scheduled report will be generated against.
5. Leave the default period of 24 hours to be displayed in the report.
6. Leave the default of Daily for how often to generate the report.
7. Select the Email this report as a PDF attachment each time it is generated box.
Optionally enter the email address of who should receive this report.
NOTE: Because this lab is on an isolated network, the email will not be delivered.

Choose to include specific performance modules

1. From the menu, select the Data You Want to See.
In the Select a Module for this Position field, select Active Client.

For the scheduled report, the choices are displayed for data breakdown options.
2. Select Protocol.
3. Click Add another performance module.
4. From the menu, select Protocol Operations Average Latency.
5. Select to break out the date by Protocol here, as well.
6. Highlight that changing the order of data displayed in the report is as easy as dragging the handle in the upperright of the module and moving it up and down.
7. Click Finish.
This generates reports that show both active clients, broken down by the protocols they are using. The second
chart shows the average latency of those protocols. Confirmation of successfully saving the report is displayed.

EMC Education Services

242

Task 2.12 Making Changes to Live Performance Reports

Click Manage Performance Reporting.

The links to the right of the report name allow for quick changes to the report and building new reports based
on it.

Task 2.13 Making Changes to Scheduled Performance Reports

Click Scheduled Performance Reports.

The links to the right of the report name allow for quick changes to the report, the schedule and building new
reports based on it.

Task 2.14 Export Data using CLI (Optional)

In this task, besides using the Download as CSV link in the web administration interface, administrators can also SSH to
the InsightIQ server and export data via the command line.
1. Launch the PuTTY program.
2. Type 192.168.0.222 to connect to the IIQ, using the username as administrator and password as
Password123!.
3. Press ENTER after typing:
iiq_data_export --help

4. Press ENTER after typing:

iiq_data_export perf --help

There are three main sub commands: export, list, and describe. As of 3.1, both performance data and
file system data can be exported.
In this example, you will create an export of the same type that you did for creating a custom report. This lab
will only cover export of performance data; the next lab will cover export of files system data.

Show all the modules that can be exported

Press ENTER after typing:

iiq_data_export perf list --data-modules

The same options that are in the web administration interface are here, but they have a short name by which
to call them from the command line.

EMC Education Services

243

Show all the breakout by options for a specific Active Clients

Press ENTER after typing:

iiq_data_export perf list --breakouts

This displays all the breakout options for all the data modules. Like the web administration interface, the
breakout options for Active Clients are node and protocol.

Show the full description of the Protocol Operations Average Latency data module

Press ENTER after typing:

iiq_data_export perf describe --data-module proto_latency

This provides a detailed description of the module as well as the format and breakout options.

Show the iiq_data_export export command help

Press ENTER after typing:

iiq_data_export perf export --help

This highlights all the options administrators have to export all performance data. Many more options exist
here than is in this demonstration.

Export a report

Press ENTER after typing:

iiq_data_export perf export --cluster=dog-puddles -name=my_report_for_clients --interval=2H --min-max --data-module
client_active --breakout-by protocol

This will export the active clients data in a file called my_report_for_clients. This creates a CSV file of the first
part of the same report as earlier configured in the web interface previously except the interval is 2 hours
instead of 24, to make the export go faster.

Export a second report

Press ENTER after typing:

iiq_data_export perf export --cluster=dog-puddles -name=my_report_for_latency --interval=2H --min-max --data-module
proto_latency --breakout-by protocol

This will export the protocol latency data in a file called my_report_for_latency. This creates a CSV file of the
second part of the same report as earlier configured in the web administration interface previously, except the
interval is 2 hours instead of 24, to make the export go faster.

EMC Education Services

244

Show the report details

Press ENTER after typing:

more my_report_for_*

This will show each report. The heading and the data by default show everything is in UNIX time. This can be
easily changed in tools like Excel or by specifying a time zone in the export command.

Delete those reports

Press ENTER after typing:

rm -rf my_report_*

Export a report with simpler time formatting

Press ENTER after typing:

iiq_data_export perf export --cluster=dog-puddles -name=my_report_for_clients --interval=2H --min-max --data-module
client_active --breakout-by protocol --fmt-time

By adding --fmt-time, the tool generates a more human-readable format.

Show the report details with simpler time formatting

Press ENTER after typing:

more my_report_for_clients

The Time headings now have the time zone in them. The time data shows date and time in 24-hour time
formatting. This makes it easier to examine and digest the data.

Export a report using short hand commands

Some administrators prefer their commands be as short as possible without having to type out full words for each
option. This is possible by running the following command, which is exactly the same as the previously run
command, but using short hand options.

Press ENTER after typing:

iiq_data_export perf export -c=dog-puddles -n=my_report_for_clients -i=2H
-x -d client_active -b protocol -f

EMC Education Services

245

Delete Report
1. Press ENTER after typing:
rm -rf my_report_*

2. Press ENTER after typing:

exit

Task 3: InsightIQ File System Reports

In this task, you will explore the IIQ User Interface and apply what you learned in understanding the layout of the
interface and reports.

Task 3.1 Create a Capacity Report

1. On the FILE SYSTEM REPORTING tab, click Capacity Reporting.
2. From the Apply to cluster menu, select dog-puddles.
3. Click View Report.

Task 3.2 Read a Capacity Report

In this task, there is a lot of data, but it does help administrators understand what is currently consumed for storage
and how the estimated value of more capacity is calculated. This is very useful, as the adaptive nature of OneFS is so
different from other storage systems, it can bring a lot of clarity to administrators. This page is laid out and calculated
like a simple subtraction equation to make it easy to follow.
NOTE: All numbers expressed in base 2.

Total Capacity - This is the total raw capacity of the entire cluster, not including overhead.

Unallocated Capacity - In the context of Isilon OneFS, there should only be a number here with there is a new
node type add that is not yet 3 more nodes. So there is capacity on that new node, but data cannot be put on it
until there are at least 3 of that node time.

Allocated Capacity - This is the capacity available for data to be stored on. This is usually the same and Total
Capacity.

Reserved for Virtual Hot Spares - This is reservation of space at a cluster level for drive failures to insure there
is enough capacity for a drive rebuilt to complete as OneFS does not have stand-by hot spares and uses all the
drives, all the time.

Writeable Capacity - This is the capacity in which data can be written.

User Data including Protection - This is all the physical space consumed by the data currently stored on the
cluster, including the protection overhead to store it safely.

EMC Education Services

246

Snapshots Usage - This is the space consumed by all the snapshots on the cluster.

Remaining Capacity - This is the left over raw capacity that can still have data written to.

Estimated Additional Protection Overhead - This number is based on the latest File System Analytics job that
was run. This tells InsightIQ how much data physically vs logically is being consumed, which is used to give an
estimate for future data that will be added. This assumes that the data to be added will be similar to the data
currently stored. Not this number is very low because there are many thin provisioned files on the cluster. That
means they are logically very large, but physically very small. This makes the number small, however, if the data
to be added is similar to what is stored, this should not be an issue.

Overhead estimation based on FSA Report - This is drop-down list that shows all the File System Analytics
(FSA) jobs and gives the option to choose an estimation-based on a report other than that latest.

Estimated XXX of Usable Capacity - This is estimation of how much more logical (what the end user would
understand) data can be added to the cluster.

Task 3.3 Creating Quota Reports

1. On the FILE SYSTEM REPORTING tab, click Quota Reporting.
2. From the Apply to cluster menu, select Angus.
3. Click View Latest Reports.

Task 3.4 Reading Quota Reports

1. In the full version (non-demo), there is a path browser that lets administrators filter down the quota list to
specific paths
2. On the Select a report menu, different reports can be selected. The system defaults to the latest.
3. You can click a column to sort those quotas within the path specified. Viewing a reverse sort of % is very useful
in finding quota that are over or near their threshold. This number is based on the Hard Limit. If no Hard Limit is
set, then the Soft Limit is used for this calculation.
4. Select any one of the rows to get the details of that quota and how it has change over time in chart below this
table.
5. Here the administrator can easily see that this user has been steadily increasing their data usage and are very
close to the soft limit. They can also see that these calculations and threshold are not including snapshots.

EMC Education Services

247

Task 3.5 Examine Data Usage File System Reporting

Create the Data Usage Report
1. On the FILE SYSTEM REPORTING tab, select File System Analytics
2. On the Select a report type menu, select Data Usage.
3. On the Apply to cluster menu, select dog-puddles cluster.
4. On the Select a report menu, select Aug 07 2013, 10:00pm (EDT).
5. Click View Report.

View the Data Usage Report

1. Click the pie chart.
NOTE: Any of the slices can be selected and the display on the right while shows the detail of the directory.
2. The right shows the details of directory selected and the /ifs path above the pie chart is updated also. All the
columns can be selected to change how the data is sorted.
3. With this 3.1 release, the data form these tables can be downloaded via the Download as CSV or via the
command line.
NOTE: To make it easier to follow this guide, it is best before moving forward to have the default of a reverse
sort on Logical size set on the Logical column heading until the arrow is pointing down.
4. Click Logical column till the arrow points down.

Show the Largest Physical files on the cluster

Scroll down the page and select Largest Physical Size from the Top 2000 Files by menu.
NOTE: The extension of the files here. In later steps, you will create filters that will change these results.

Show the Largest Logical files on the cluster

Scroll down the page and select Largest Logical Size from the Top 2000 Files by menu.
NOTE: The extension of the files here. In later steps, you will create filters that will change these results.

EMC Education Services

248

Find most inactive directories on the cluster

Scroll down the page and select Oldest Modified Time from the Top 2000 Directories by menu.
NOTE: By hovering over any of the directory buttons a full path can be displayed.

Show the power of filters

Scroll back up and click /ifs/vmware path.

Add the /ifs/vmware directory to the filters

Click vmware/ + button.

NOTE: This shows the change in data being.

Open the Data Filters editor

1. Click Create/manage data filters link.
2. Click Add Rule button.
3. Select File Extension from the options on the Type menu.
4. Type .vmdk in the match field and press ENTER.
5. Click Apply button.
NOTE: All reports will filter the results to only match the path of /ifs/vmware and files that have the .vmdk
extension. The same filters can be used on performance reports also, but different types will be available.

Find the largest files on the cluster that meet the filter rules

Scroll down and select Largest Physical Size filter again from the Top 2000 Files by menu.
NOTE: This time, the previous files are not showing because they do not meet the filter rules. Only .vmdk files
in the /ifs/vmware path are shown here.

Task 3.6 Explore Data Properties File System Reporting

1. From the Select a report type menu, select Data Properties.
2. From the Apply to cluster menu, select dog-puddles cluster.
3. From the Select a report menu, select Aug 07 2014, 10:00pm (EDT).

EMC Education Services

249

4. From the Compare to menu, leave the default option of No comparison.

5. Click View Report button.

Show Charts with filter still applied

Scroll down and notice that in these charts you can easily see what the size of all the files are in the /ifs/vmware
directory that have a .vmdk extension.

Hover over any of the bars, and the details are displayed.
NOTE: In this example, there are 194 files that are included in the filter between 10GB and 100GB.

Remove the filters

Click Reset All.

NOTE: This could also be done by clicking the red X on the two filters in the above charts. In the Manage menu,
this custom filter can be saved and easily recalled.

Task 3.7 Examine Unfiltered Charts

Observe how different this chart is without the filter applied. Also notice that there are now many different Breakout
by options.

Explore the size and age of the data being stored

In the Breakout by section, click Modified Time.

NOTE: Review how clearly the activity level of the data can be seen at a cluster level as well as a file size level.
Observe in this example, a vast majority of the files that have not been modified are between 180 days and 1
year, but the next largest group has been modified between 1 year and 2 years, etc.
Notice In this example, you can see that a majority of the files that have not been modified for 180 days and 1
year are between 8 and 128KB, and the next large file size group is between 0 and 8KB.
NOTE: With charts like this, it's very easy to see files that haven't been used in a long time and what sizes they
are.

Explore the size and extensions of the data being stored

In the Breakout by section, click File Extension.

NOTE: Highlight how clearly the type of files being stored on the cluster can be seen as well as the size of these
files. These are engineering clusters from where the data was gathered and becomes quite clear by the .svnbase files.

EMC Education Services

250

Explore the extensions and the age of the data being stored

Scroll down to the File Count by Last Modified chart and click File Extension link.
NOTE: Notice how clearly the type of files being stored on the cluster can be seen as it relates to their age. In
this example, that 219K files have .svn-base extension and are between 180 days and 1 year of age.

Explore the directory location and the age of the data being stored

Click Directory link in the Breakout by section.

NOTE: Observe how easy it is to determine the directory that is storing most of these old files. Hovering over a
filter, the full path will be displayed. Here, it can be seen that 295 thousand files are in the directory
/ifs/home/bbrown2/svn/head and those files are between 180 days and 1 year. This directory seems to be a
good candidate for archival.

Task 3.8 Show the Comparison Data Properties

1. From the Select a report type menu, select Data Properties.
2. From the Apply to cluster menu, select dog-puddles cluster.
3. From the Select a report menu, select Aug 07 2014, 10:00 pm (EDT).
4. From the Compare to menu, select Aug 07 2014, 12:58 pm (EDT).
5. Click the View Report button.

Changes in time highlighted

This view is the same as before, but not only are the changes shown, they are also clearly highlighted in color. In
this example, it is clear that the directory is .ifsvar as added and grew the most in this small window of time (+33M
GB Logically) in between the two FSA jobs running on the cluster. In this example, the vmware directory has grown
logically, but decreased physically. This is not uncommon in virtual environment that uses thin provisioning.

Scroll down to the "File Count by Physical Size" chart and click File Extension link in the Breakout by heading.
NOTE: Observe again that the same charts are used, but the differences are being clearly highlighted. In this
example, over a total of 6 files were added with no extension. 6 between 8 KB and 128KB, 4 between 128 KB
and 1 MB, while 4 files of larger size were deleted.

EMC Education Services

251

Task 3.9 Understanding the Effectiveness of Deduplication

View the space saving over a period of time
1. Click the FILE SYSTEM REPORTING tab.
2. Click the Deduplication Reporting link.
3. From the Apply to cluster menu, select Angus.
4. Click the View Last 10 Reports button.
NOTE: Optionally, a date range can be specified.

Deduplication Summary

On the left side is:

o

Deduplicated Data - This is the total data that exists within paths that have had deduplication
enabled, labeled.

Space Used - This is the space that data is now consuming. In this example, what was once 6.01 TB
is now 1.54 TB.

There is also the pie chart this shows only the data that is been deduplicated.

On the right side:

o

Total Cluster Capacity - This is the clusters entire raw capacity.

Total Usage - This is the cluster's use space, which includes deduplicated and data that has not
been deduplicated.

This is a link to historical deduplication data. This will be examined shortly.

Graphs of Deduplication jobs

Scroll down to review Physical Deduplicated Blocks per Job, Files Scanned for Deduplication per Job and
Input/Output Operations per Job.
NOTE: These charts show various details of each job in a visual way to allow administrators to see how much
work deduplication jobs are doing. Any chart can be hovered over to get details, such as Deduplication saving
from the job.

Click any of the bar graphs to get full details for that job.

EMC Education Services

252

Job Details
1. Observe the details displayed here, including Duration and Deduplication percentage. This can help
administrators to see if the value and impact of deduplication.
2. Click Close to dismiss pop-up window.

Historical Deduplication Summary Reports

1. Click the Historical Deduplication Summary link.
2. Click PERFORMANCE REPORTING.
3. Click Live Performance Reporting. Review these charts.
NOTE: They enable administrators to view the effectiveness of deduplication overtime from both a logical and
physical level. As with performance charts, these allows users to easily zoom in and out and back and forth
through time.

Task 3.10 Export Data Using CLI

In this task, besides using the Download as CSV link in the web administration interface, administrators can also SSH to
the InsightIQ server and export data via the command line.
1. Launch the PuTTY program.
2. Press ENTER after typing:
192.168.0.222

3. Accept security message.

4. Login using administrator / Password123!.

Show the iiq_data_export command help

1. Press ENTER after typing:
iiq_data_export --help

2. Press ENTER after typing:

iiq_data_export fsa --help

There are three main sub commands, export, list, and describe to be used for exporting all performance data.
Reminder as of 3.1 both performance data and file system data can be exported.

EMC Education Services

253

Show all the modules that can be exported

Press ENTER after typing:

iiq_data_export fsa list --data-modules

The same options that are in the web administration interface are here, but they have a short name by which
to call them from the command line.

Show the breakout by options for a specific Active Clients

For FSA, the --breakouts options requires a cluster to be specified as this option can vary by the version of the
OneFS cluster that the data is gathered from.

Press ENTER after typing:

iiq_data_export fsa list --breakouts dog-puddles

This displays all the breakout options for all the data modules. Like the web interface, the breakout options for
Active Clients are node and protocol.

Show the full description of the Top Files data module

Press ENTER after typing:

iiq_data_export fsa describe --data-module top_files -c dog-puddles

This provides a detailed description of the module as well as the format and breakout options.

List the reports available

Because File System Data is using specific reports, report IDs are needed for exports.

Press ENTER after typing:

iiq_data_export fsa list --reports dog-puddles

Show the iiq_data_export export command help

Press ENTER after typing:

iiq_data_export fsa export --help

Observe all the options administrators have to export all performance data. Many more options exist here than
is in this demonstration.

Export a Top Files

Press ENTER after typing:

iiq_data_export fsa export --cluster dog-puddles --data-module top_files
--breakout-by phys_size --report 8244 --name my_report_for_top_files -number-breakouts 20

This will export the top files sorted by Physical Size.

EMC Education Services

254

In the case of top files and top directories, breakout-by is really a sort.
Notice from the options that a filter could have been applied as well.
For example, you can filter by path. If you add --filter directory:vmware, it would show only the total
top 1000 files that are within the path /ifs/vmware.
Also note that the document will have 20 lines, if not specified in the --number-breakouts, the system will
return the default of 12.

Show the report details

Press ENTER after typing:

more my_report_for_top_files

This should match the data seen in the web administration interface when looking at the top files sort by
physical size.

Export File Count by Logical Size

This will show the same view that was seen in the web administration interface earlier of File Count by Physical Size
with a breakout by file extension.

Press ENTER after typing:

iiq_data_export fsa export --cluster dog-puddles --data-module
file_count_by_logical_size --breakout-by path_ext --report 8244 --name
my_report_for_file_count --number-breakouts 20

Show the report details

Press ENTER after typing:

more my_report_for_file_count

Export File Count by Logical Size Changes

This will show the same view that was seen in the web interface earlier of File Count by Physical Size with a
breakout by file extensions, but now with just the changes between the two reports.

Press ENTER after typing:

iiq_data_export fsa export --cluster dog-puddles --data-module
file_count_by_logical_size --breakout-by path_ext --report 8244 --name
my_report_for_file_count_changes --number-breakouts 20 --cmp-report
8239

EMC Education Services

255

Show the report details

Press ENTER after typing:

more my_report_for_file_count_changes

This should match what is seen in the web administration interface. There are more filter options that can be
applied here.

Task 3.11: InsightIQ Troubleshooting

In this task, you will locate where to review the logs for troubleshooting.
1. In PuTTY, press ENTER after typing:
cd /var/log

2. Press ENTER after typing:

ls

Observe the various logs.

3. Locate insightiq.log, insightiq_stdio.log and insightiq_paste.log.
NOTE: These 3 are the core logs that will show you issues with InsightIQ.
4. Press ENTER after typing:
cd insightiq_clusters

5. Press ENTER after typing:

ls

Verify you see the 4 clusters listed here: Dog_puddles, Angus, cribsbiox and cert2-long234567.
If this was not a demo vApp, you would want to log onto your cluster and review events either from the web
administration interface or CLI. Look for events that deal with IIQ.

Lab 7.2: Summary

Summary:

EMC Education Services

In this lab, you connected to InsightIQ Demo, gained an overview

of the interface, generated and reviewed Performance and File
System Reports using InsightIQ to monitor specified OneFS
clusters. After completing this lab you are now able to use
InsightIQ to configure and read reports.

256

Lab 7.3: Using isi statistics

Scenario 7.3:

Tasks:

Knowing that Cloud9 has always used the CLI as much as the web
administration interface, apply the training you just received to
gather the status of the cluster using the isi statistics
command. If needed, use h to refresh the various subcommands,
but use these subcommands to gather the status of the seven
areas that cover the Isilon cluster.

1. isi statistics options.

2. Using isi statistics.
3. Manipulating isi statistics output.

References:

Module 7, Lesson 5

Task 1: isi statistics Options

In this task, you look at the options when running isi statistics from the CLI.
1. From a PuTTY session to a node, log in using root/Isilon2!.
2. Press ENTER after typing:
isi statistics -h |more

3. Confirm the options you will use in the next task. Identify the options for client statistics, history, clients by
degraded active clients, degraded connected clients, system, and drive.
4. To list valid arguments to a given option, press ENTER after typing:
isi statistics list

5. To see you the specific options for using orderby, press ENTER after typing:
isi statistics list orderby

EMC Education Services

257

Task 2: Using isi statistics

In this task, you use isi statistics to confirm client statistics, history, clients by degraded active clients and
degraded connected clients.
1. To show the average for client throughput, press ENTER after typing:
isi statistics client --orderby=InAvg

2. To show you by node which clients are connected to which node, press ENTER after typing:
isi statistics client --orderby=Node

3. To show over all SMB history statistics, press ENTER after typing:
isi statistics history -d --stats=node.clientstats.connected.smb |more

4. To show overall NFS history statistics, press ENTER after typing:

isi statistics history -d --stats=node.clientstats.connected.nfs |more

5. To view of the overall performance of the cluster, press ENTER after typing: You can also do this per node.
isi statistics system

6. To see the performance per drive for the node you are logged into by your SSH session, press ENTER after
typing:
isi statistics drive --type=sas

7. To see the performance per drive for the whole cluster, press ENTER after typing:
isi statistics drive --type=sas --nodes=all

Task 3: isi statistics Output Manipulation

In this task, you use the CLI isi commands to manipulate additional information about the cluster.
1. To constantly monitor your nodes, press ENTER after typing:
isi statistics system --top --nodes --interval=2

Press CTRL+C to exit out of system monitoring.

2. To show you your read/writes by class, press ENTER after typing:
isi statistics heat --classes=read,write

3. To show your performance for the top active results per node, press ENTER after typing:
isi_for_array "isi statistics drive | head -5"

EMC Education Services

258

4. To show you your stats options, press ENTER after typing:

isi statistics list stats |more

5. To show your node uptime, press ENTER after typing:

isi statistics query --stats node.uptime

6. To show basic consolidated cache stats, press ENTER after typing:

isi_cache_stats

7. To get detailed broken down cache reads and prefetches, press ENTER after typing:
isi_cache_stats -v

Lab 7.3: Summary

Summary:

EMC Education Services

In this lab, you verified the options for isi statistics and
then you used a set of the most common isi statistics
commands to practice gathering cluster data and then use various
output manipulation to record this data. After completing this lab
you should be comfortable with using the OneFS CLI to gather
statistics.

259

This page intentionally left blank.

EMC Education Services

260

Module 8
Job Engine

EMC Education Services

261

Module 8 Job Engine

Lab 8.0: Job Engine
Scenario 8.0:

As the senior IT Admin for Cloud9 you have a monthly report

to the CTO for status of jobs on each of your storage systems.
Using the training you received, check the state of jobs from
the web administration interface, and then apply the use of
isi job to get the current state of the job engine, history
and schedule on the Isilon cluster from the CLI.

Tasks:

1. Check job status in the web administration interface.

2. Check job status in the CLI.

References:

Module 8, Lesson 1

Task 1: Web Administration Interface Status of Jobs

In this task, you will check the status of jobs from the web administration interface.
1. Open the web administration interface. If needed, log in again using root/Isilon2!
2. On the CLUSTER MANAGEMENT tab, click Job Operations.
3. Click the Job Events sub-tab.
4. Scroll down and review the State column for jobs that have succeeded: Phase, Running, and Waiting.
5. Click the Filters box, and then click ShadowStoreProtect.
6. Next to one of the messages, click View Details.
7. Observe the Job Event Details.
NOTE: Here you have the Time, Event and Job ID, State, Message, Phase, Policy, Progress and Running Time.
Leave this window pane open for comparison to the CLI.
EMC Education Services

262

Task 2: CLI Status of Jobs

In this task, you will check the status of jobs from the CLI.
1. Click on your PuTTY session to a node; if you closed it, open a new PuTTY session to a node. Log in using
root/Isilon2!.
2. Press ENTER after typing:
isi job

3. Press ENTER after typing:

isi job events list

A column approach is used for the listing but notice that the state is not fully lined up so carefully observe that
the state is always after the number for the job.
4. Press ENTER after typing:
isi job events list -v

This is equal to clicking on the View Details button in the web administration interface. You can use |more to
review all the detailed.
5. Press ENTER after typing:
isi job events list --job-id ##

The ## will be for whichever job ID number you choose to view.

6. Press ENTER after typing:
isi job events list --job-type ShadowStoreProtect

You can use any job type title to get this list and use a -v for more details.

Lab 8.0: Summary

Summary:

EMC Education Services

In this lab, you learned about the job engine and how to view it
from the web administration interface and CLI. After completing
this lab you should be comfortable getting status on the job engine,
history and schedule from either the web administration interface
or CLI.

263

Lab 8.1: Job Engine Priorities and Impact Policies

Scenario 8.1:

Tasks:

Based on the training, use isi job config and isi job
impact to get the current status on the cluster and individual
nodes.

1. Review and modify impact policies.

2. Review and modify job priorities.
3. Analyze and troubleshoot job status.

References:

Module 8, Lesson 2 3

Task 1: Review and Modify Impact Policies

In this task, you will review the impact policies you modify. This can be done from both the web administration
interface and the CLI. You will review the policies in the web administration interface and then compare that to what
you see in the CLI.
1. In the Remote Desktop window, in the browser window, close the View Job Event Details window.
2. On the Job Operations page, click the Impact Policies tab.
3. Review the default HIGH, LOW, MEDIUM and OFF_HOURS policies that are listed.
4. On the Impact Policies tab, in the top right corner, click Add an Impact Policy.
5. In the Name field, type a name of your choice, such as "Test Policy".
6. In the Description field, type a description of your choice.
7. Click the Add an Impact Policy Interval button.
8. In the pop-up window, click the Impact field, and then click Low.
9. Click Start field, and select Sunday 00:00.

EMC Education Services

264

10. Click the End field, and select Saturday 23:59.

11. Click Add Impact Policy Interval.
12. Click the Create Impact Policy button.
13. To the right of your policy, click the View/Edit button.
NOTE: Observe the Impact Schedule stated for the 7 day cycle compared to what you entered.
14. Click Close.
15. On the Job Operations page, click the Job Types tab.
16. In the Job Types list, to the far right for AVScan job, click View/Edit.
17. Validate the Default Impact Policy is set to LOW. Click the Edit Job Type button.
18. Click Default Impact Policy, and select your Policy you just created.
19. Click Scheduled and Daily for the Currently set to field.
20. Select Run multiple policies per specified day.
21. Change 12 to 2 and hours to Minutes.
22. Click the Save Changes button.
23. Confirm success confirmation message.
24. Click Close.
25. Verify on the Job Types listing the changes for AVScan.
26. Next to the View/Edit button, click More.
27. Click Start Job, and then click Start Job on the pop-up window.
28. Verify the job start succeeded.
29. Click the Job Reports tab.
30. Click the View Details button to review the Job Details.

EMC Education Services

265

Task 2: Review and Modify Job Priorities

In this task, you will review the job priorities and how you would modify them. This can be done from both the web
administration interface and CLI. For this lab, you will focus on using the CLI.
1. Click on your PuTTY session to the cluster.
2. Press ENTER after typing:
isi job policies list

Validate you have the four built-in Isilon Template Policies and your test Policy, for a total of five policies.
3. Press ENTER after typing:
isi job type list

Verify you have your list of ID type, Enabled status and Policy showing.
4. Press ENTER after typing:
isi job type view AVScan

Observe Priority setting.

5. Press ENTER after typing:
isi job type modify AVScan -priority 3

6. At the confirmation prompt, type yes, and press ENTER.

7. Press ENTER after typing:
isi job type view AVScan

Observe Priority setting.

Task 3: Analyze and Troubleshoot Job Status

In this task, you will analyze and troubleshoot job status via the web administration interface and CLI.
1. Press ENTER after typing:
isi job status

2. Press ENTER after typing:

isi job status -v

Review the additional information provided about the job engine.

EMC Education Services

266

3. Press ENTER after typing:

isi job events list

Review the messages on the jobs listed.

4. Press ENTER after typing:
isi job reports list

Observe the Job type and Phase for the jobs.

Pick a Job ID for the next step.
5. Press ENTER after typing:
isi job reports view ###

Put your Job ID number from step 4 in place of the ###.

6. Press ENTER after typing:
isi job types list

This will show you all the job types so you can easily view other job reports.
Select a job to use in the next step.
7. Press ENTER after typing:
isi job events list --job-type "Name of job type"

Observe the ID for your Job type. This is a number in brackets [###].
8. Press ENTER after typing:
isi job reports view ###

Use the number from the previous step.

9. Go back to the web administration interface. Log into the cluster using root/Isilon2! if needed.
10. Click CLUSTER MANAGEMENT.
11. Click Job Operations.
12. Click Job Reports.
13. Click Filters, and select a Job Type.
NOTE: This is a solid way to review just one type of job for failed jobs, paused, etc.
EMC Education Services

267

14. Click the Job Events tab.

NOTE: Default listing is all current jobs in ID order. You can review all jobs by clicking through the pages at the
bottom.
15. Click the Filters second field, type 34, and then press ENTER.
NOTE: You can search the job events by ID number if you know what you are looking for or you can select Job
Type and get a full listing.

Lab 8.1: Summary

Summary:

EMC Education Services

In this lab, you learned how to us the OneFS CLI and web
administration interface to review the status of the job engine,
impact policies, review and modify job priorities and
analyze/troubleshoot job status. After completing this lab you
should be comfortable with reviewing and modifying job policies as
well as analyzing and troubleshooting job status.

268

Appendix A Reset Virtual Environment

Instructors can use the procedure in this section to reset the VMware Workstation. You have the following two reset
points available:

Reset to start Lab 1.0 Reset the VMware Workstations virtual machines back to the very beginning of Lab 1.0,
as if you had logged in for the first time.

Reset to start Lab 3.5 Reset the VMware Workstations virtual machines back to the beginning of Lab 3.5. The
virtual environment will be configured as if Labs 1.0-3.4 were all configured properly.

To reset the VMware Workstation environment:

1. In the VMware Workstation, turn off all virtual machines. Right-click PPAM_720, then on the toolbar, click
Power Off.
NOTE: You need to Power Off not Suspend.

2. For each virtual machine, you will be prompted to confirm that you really want to shut down the virtual
machine. When prompted, click Power Off.

3. Wait until all virtual machines have a Status of Powered off.

EMC Education Services

269

4. Reset the WinServer2008 to its original configuration. Right-click the WinServer2008 tab, select Snapshot, and
then click WinServer2008Original.

5. Repeat steps 3-4 using the Snapshots listed in the Snapshots for Lab Resets table. You need to reset the VMs in
the order listed.

To reset to beginning of Lab 1.0, use the Snapshots listed in the Snapshot to Original VM Configuration
column.

To reset to beginning of Lab 3.4, use the Snapshots listed in the Snapshot to Beginning of Lab 3.5
column.

TIP: For both resets, all machines are reset to original configuration except for Cloud9-Node1, Cloud9Node2, and Cloud9-Node3.

EMC Education Services

270

Snapshots for Lab Resets

Virtual Machine

Snapshot to Original VM
Configuration

Snapshot to Beginning of Lab 3.5

WinServer2008

WinServer2008Original

WinServer2008Original

LinuxServer

LinuxServerOriginal

LinuxServerOriginal

LinuxClient

LinuxClientOriginal

LinuxClientOriginal

InsightIQ_v3.1

IIQ31_Unconfigured

IIQ31_Unconfigured

IIQv3.1.DEMO

IIQ31_Demo

IIQ31_Demo

Cloud9-Node1

Cloud9-Node1-Unconfigured

Cloud9-Node1-AD-LDAP

Cloud9-Node2

Cloud9-Node2-Unconfigured

Cloud9-Node2-AD-LDAP

Cloud9-Node3

Cloud9-Node3-Unconfigured

Cloud9-Node3-AD-LDAP

Compliance-Node1

Compliance-Node1-Unconfigured

Compliance-Node1-Unconfigured

10

Compliance-Node2

Compliance-Node2-Unconfigured

Compliance-Node2-Unconfigured

11

Compliance-Node3

Compliance-Node3-Unconfigured

Compliance-Node3-Unconfigured

6. Turn all virtual machines on. In the left navigation pane, click PPAM_720, and then on the toolbar, click the
start arrow.

EMC Education Services

271

7. After the Status for each virtual machine is Powered On, depending on the set of Snapshots you selected, you
can now start Lab 1.0 or Lab 3.5.

EMC Education Services

272