• Welcome to Overclockers Forums! Join us to reply in threads, receive reduced ads, and to customize your site experience!

What free NAS to use with ESXi? [ZFS, FreeNAS, XPEnology]

Overclockers is supported by our readers. When you click a link to make a purchase, we may earn a commission. Learn More.
g0dM@n said:
So because I don't have the ACL extension, I can't add users to the samba share. (I'm still within the 30-day eval, so I CAN create ZFS users).
I liked the idea you guys mentioned, and I'd tried it to no avail. That idea being, map a drive letter to the ZFS Samba share as ROOT, and then go into NTFS permissions and add the users you want in there. The samba share has share permissions to everyone, but NTFS locked down, so I figured all I needed to do was set NTFS perms via ROOT from Windows. No go. =/
.
Click to expand...

I will try to formulate a better response with more time, but remember napp-it is just a front end. It's like saying, because you have a problem with Firefox, that the internet is broken. napp-it just simplifies the command-line commands that you'd use to set everything up. What you have will still work for you.

Start here:
http://docs.oracle.com/cd/E23824_01/html/821-1449/managingsmbshares.html
 
cw823 said:
I will try to formulate a better response with more time, but remember napp-it is just a front end. It's like saying, because you have a problem with Firefox, that the internet is broken. napp-it just simplifies the command-line commands that you'd use to set everything up. What you have will still work for you.

Start here:
http://docs.oracle.com/cd/E23824_01/html/821-1449/managingsmbshares.html
Click to expand...

Yeah, it would be awesome if I knew the CLI, but I'm trying to find the time to invest. I have already printed out your tutorial thread and read it on the bus on my way to work last week.

Mpegger said:
I'm scratching my head right now as I'm unsure exactly how you are trying to add in users and create the shares. As confusing as permission can be, it's pretty easy to setup what you need in Napp-It.

First: ALL user accounts must already exist on a Windows box. They should all have a login password set as well. (Actually, you can create the accounts in Windows afterward, but it just makes things easier if you already know who you have to add in.)

Second: Add in all users that you want to give access to in Napp-It via the 'User' menu. Use the '++add local user' link and add in the same exact username/password as you have on your Windows box.

Third: Goto 'ZFS Filesystems' menu. You will see your root ZFS directory (usually denoted with a (pool)). Go back to 'ZFS Filesystems' drop down menu and click 'Create'. Create another directory in your root. This will be your share(s) that other systems will access. For instance my setup is:

  • ZFS-Raid10 (pool) [the root]
  • >Shares
  • >VMs
  • >WHS
  • >iSCSI

Fourth: Go back to the 'ZFS Filesystems'. You will again see the Root directory with all the directories under root. You will also now see a "off" option under the SMB column. Whatever directories you want to share via Samba, make sure to click it and enable it. I only shared my 'Shares' directory via SMB, and all other directories below it is what I changed permission for via Windows.

Fifth: Goto ACL extensions and setup the permissions for each top directory as you see fit. This is where the user account information you added into Napp-It will be used to set permissions for each user account on each directory. In my case, I setup permissions for 'Shares' to allow my Windows account to have full control over it.

Fifth: After all that, you should now be able to view the shared directories, change their permissions, add more directories, etc, etc, etc, in Windows.
Click to expand...

The instructions look great, but this is exactly what I've tried to do and told to add the ACL extension.
I decided to create a new ZFS Filesystem just like yours, called "Shares". I like that as it makes perfect sense for Windows. I'll set a top level access to "Garo" as full control, and then use the "Garo" account to administer the rest of the folders below via NTFS file permissioning.

So I began your steps (though I didn't have to enable SMB after b/c it enables it be default). Check out what I get after I click on the ZFS filesystem in the screenshot below. Remember, I just re-installed napp-it FRESH last week, so I'm within the 30-days... [See 1st screenshot of napp-it setup]
zfs1.png

I've already created the local user account through napp-it User menu for Garo and Jocelyn. [See screenshot]
zfs2.png

I mapped to the zGodman1\Shares directory from my Windows desktop (as "Garo", where I don't have to specify an account b/c it already matches the ZFS user account, and I've tried with specifying the Unix root account). I created two folders, my name and my wife's name, so that I could set appropriate NTFS perms. I wanted to start with allowing her modify access on her own directory. Her username is never found. [See screenshot].
zfs3.png

I then decided to do a search for account on ZFS-Godman (hostname of ZFS VM) and it only shows me built-in Windows accounts that I'm familiar with. [See screenshot] zfs4.png
 
In your first screenshot, it should allow you to add in a user and not give you an error that you need the ACL extension. I'm now wondering if Napp-it saves information on the ZFS pool that prevents being able to reinstall for another 30day trial. I was always able to add in a user at that screen, and its how I added in my account for access to that directory.

When you say you re-installed Napp-It, you also re-installed the underlying OS, correct?
 
I used the napp-it all in one solution. I deleted the old vm and recreated the all-in-one solution from the downloaded zip file and imported the vmx. It's vanilla that way.

If what you're saying is true, I'll migrate all of my data out of zfs and just redo the whole thing from scratch.

I still don't get why I can't set ntfs perms based on my 3rd and 4th screenshots. How come it doesn't find the zfs Unix accounts I created if it's searching ZFS-Godman as the domain?
 
Mpegger said:
I'm scratching my head right now as I'm unsure exactly how you are trying to add in users and create the shares. As confusing as permission can be, it's pretty easy to setup what you need in Napp-It.

First: ALL user accounts must already exist on a Windows box. They should all have a login password set as well. (Actually, you can create the accounts in Windows afterward, but it just makes things easier if you already know who you have to add in.)

Second: Add in all users that you want to give access to in Napp-It via the 'User' menu. Use the '++add local user' link and add in the same exact username/password as you have on your Windows box.

Third: Goto 'ZFS Filesystems' menu. You will see your root ZFS directory (usually denoted with a (pool)). Go back to 'ZFS Filesystems' drop down menu and click 'Create'. Create another directory in your root. This will be your share(s) that other systems will access. For instance my setup is:

  • ZFS-Raid10 (pool) [the root]
  • >Shares
  • >VMs
  • >WHS
  • >iSCSI

Fourth: Go back to the 'ZFS Filesystems'. You will again see the Root directory with all the directories under root. You will also now see a "off" option under the SMB column. Whatever directories you want to share via Samba, make sure to click it and enable it. I only shared my 'Shares' directory via SMB, and all other directories below it is what I changed permission for via Windows.

Fifth: Goto ACL extensions and setup the permissions for each top directory as you see fit. This is where the user account information you added into Napp-It will be used to set permissions for each user account on each directory. In my case, I setup permissions for 'Shares' to allow my Windows account to have full control over it.

Fifth: After all that, you should now be able to view the shared directories, change their permissions, add more directories, etc, etc, etc, in Windows.
Click to expand...

Good news. I built OmniOS and Napp-It from scratch! It took me some time, but I got the basics done. I do still have to figure out how to properly set up the NICs the way I want them, which I'll come back to.

For now, I almost mirrored your setup (thought I'm doing 6x 3TB RaidZ2). I'm in EVAL mode for another 30 days, so I'm good on that. I set up usernames as Garo, Jocelyn, and a couple of others. For now, I'm testing Garo, and Jocelyn. Garo has FULL access on the "Shares" share. I created directories underneath, FROM WINDOWS, and was unable to add "Jocelyn" on NTFS perms. I decided to create directories (which I think is what you were getting at), and so it looks like this for now:
Pool\ZFS-Filesystem\TopDirectory
GKS1z2\Shares\Garo
GKS1z2\Shares\Jocelyn
GKS1z2\Shares\Media
GKS1z2\Shares\TV
GKS1z2\Shares\Movies

I gave "Garo" full access on all of those directories via ACL folder in ZFS.
From Windows, I go to NTFS perms and I now see "Everyone", root, and Garo listed.
I'm unable to add users still in NTFS perms. I don't get why. I'm trying to add "Jocelyn" but it won't find it... same error as one of the screenshots in my earlier posts.
 
If you aren't on a domain don't you have to have the Jocelyn account as an account on your machine in order for you to be able to add it as an account with perms?
 
g0dM@n said:
I gave "Garo" full access on all of those directories via ACL folder in ZFS.
From Windows, I go to NTFS perms and I now see "Everyone", root, and Garo listed.
I'm unable to add users still in NTFS perms. I don't get why. I'm trying to add "Jocelyn" but it won't find it... same error as one of the screenshots in my earlier posts.
Click to expand...

I am way past my 30 days, so I cannot test to see why that would be the case. I do however, have the same problem of not seeing anything other then the default accounts listed in the Permissions when I try to search for users just as you do. I would suggest just adding every user to every directory. This way you can at least edit their permissions how you see fit. I did the same, adding my account with full permissions to every directory, and adding in the other users, editing their permissions for read only, no access, etc. It might be that you can only edit Permissions on a Windows box, but have to add users in OpenIndiana.
 
Janus67 said:
If you aren't on a domain don't you have to have the Jocelyn account as an account on your machine in order for you to be able to add it as an account with perms?
Click to expand...
I'm going to test that. Good call.
Mpegger said:
I am way past my 30 days, so I cannot test to see why that would be the case. I do however, have the same problem of not seeing anything other then the default accounts listed in the Permissions when I try to search for users just as you do. I would suggest just adding every user to every directory. This way you can at least edit their permissions how you see fit. I did the same, adding my account with full permissions to every directory, and adding in the other users, editing their permissions for read only, no access, etc. It might be that you can only edit Permissions on a Windows box, but have to add users in OpenIndiana.
Click to expand...

Gotcha. Dump in every user with read perms, so at least they're listed as users, and then deal with perms later. I'll test this also.

Thanks, guys! I'm definitely in a much better place now than before. Now I just have to find a good method of backing up my VMs (on a single SSD) to the ZFS pool. Veeam doesn't work with the free hypervisor and free vSphere.
 
So I'm toying with a test VM and the only way I can do a FIND NOW to find the usernames in napp-it is if I play with the Windows Firewall and hosts file. I followed cw823's tut about the setup and I set up two vmxnet3 NICs, so I'm wondering if that's a problem. I may not have done it correctly, but either way, I've turned off the firewall, used the hosts file to point to the napp-it VM's static IP, and it worked.

I then turned the Windows firewall back on and removed the hosts file entry and it's still working. So weird b/c adjusting one of those two options is what fixed it for me. This may be a networking problem afterall. I've tried disabling the Kaspersky firewall on my main box and that didn't help... going to toy more later.
 
Windows maintains a cache of resolved host names. I've had it happen plenty of times, where a freshly booted up machine cannot be found or accessed at all even if the IP address itself is used, and then minutes later everything works just fine, including the internal DQN and all is hunky dory in networking land. Windows and networking is just weird like that, and I wish it wasn't.

Be careful with VMXNet3 NICs. I've ran into various problem with them because they are not working 100% flawless in each and every OS. Heck, even if it is working fine in one VM, trying to access another VM can have trouble.
 
SO WEIRD!!!!

I have two VMs, both with VMXnet3 and on the same VLAN. Both of them have "Garo" as an admin locally, and my "Garo" account on all of my desktops (and in napp-it) all have the same passwords set.
One VM is able to see the napp-it accounts and the other can't. The one that can see has Microsoft Security Essentials and the one that can't doesn't have MSE. That's one of the main key differences I see. Both are Win7 pro sp1. Disabling the Windows firewall on the one that doesn't work didn't help at all.

So inconsistent. This is why I've been going crazy. So I have one VM that works... I'm trying to figure out WHY this one VM is being nice, and all other machines aren't. All of them have the "Garo" account, which in napp-it has full access in Unix and Samba shares.

To help with the DNS issue, I removed all but one NIC on the ZFS VM (vmxnet3 with static IP). Pinging the hostname ("omni-napp") works like a charm.
 
One of my VMs was in a homegroup (creator). After I disjoined that, all other VMs are now able to see the napp-it users when I do a search through NTFS perms. I did disconnect all mapped drives and restart the VMs too. I re-mapped everything (even to another NAS) and all is good.

Just my physical desktop now is unable to find napp-it users, but I'll deal with that. One of my VMs is serving as my "server" per se, so that'll be my goto.
I'm surprised no one else ever had this issue. Glad I finally figured it out. I've burned so many hours, man... but I just had to find out wth was going on!
 
The problem is back. I'm no longer able to find users on the napp-it vm by doing find now in the ntfs permissions. Are all of you able to see the napp-it users from windows, based on previous screenshots of mine?
 
I created a Windows account "root" and assigned it the same password as for OmniOS. I'm now seeing the users I mentioned. This is EXACTLY what I want, so that I have full control over adding, removing users, even after the eval period. In RED are the accounts I created in napp-it. In blue are the built-in accounts. I blocked out the accounts I didn't mention, for security purposes:
zfs6.png
 
Things seem to be going great! <fingers crossed>

I just realized that I haven't done any snapshots. I see I can create one, but do deltas grow indefinitely if I do? How can I set this up properly (scheduled, cleaning it up, how much space is lost, etc.)?
 
You can setup a snap job in Napp-it. Jobs > Snap > Create new. They generally do not take up to much space, and if nothing changed between the previous and current job, no space at all. It's up to you how you setup the frequency of the job, but I have daily keep last 30, weekly keep last 12, and monthly, keep last 6.

Btw, did you get the Jumbo frames to work? I tried everything to try and make it work (editing the configuration files, the drivers, E1000, vmxnet3, etc) to no avail. I finally just passed through the NICs directly to the VM and was able to easily change the MTU without any problems. If you have enough processing power though, Jumbo Frames are not a necessity as 1500MTU is still capable of saturating a Gigabit link.
 
jumbo frames is done by editing the appropriate config file, and in the case of the pro/1000, just a reboot. For vmxnet3 however, you will need to:

ndd -set /dev/vmxnet3s0 accept-jumbo 1

and then do it for each additional vmxnet adapter (ie /dev/vmxnet3s1) as well.
 
Mpegger said:
You can setup a snap job in Napp-it. Jobs > Snap > Create new. They generally do not take up to much space, and if nothing changed between the previous and current job, no space at all. It's up to you how you setup the frequency of the job, but I have daily keep last 30, weekly keep last 12, and monthly, keep last 6.

Btw, did you get the Jumbo frames to work? I tried everything to try and make it work (editing the configuration files, the drivers, E1000, vmxnet3, etc) to no avail. I finally just passed through the NICs directly to the VM and was able to easily change the MTU without any problems. If you have enough processing power though, Jumbo Frames are not a necessity as 1500MTU is still capable of saturating a Gigabit link.
Click to expand...

Awesome!
I just set up snap jobs for daily keep 30 (# of days to keep 0, since it seems OPTIONAL and I assume it overrides the "keep" option). Also set up monthly to save 6 months.

I'm starting to think that since you can choose these snaps based on pools, I should have created a separate ZFS pool for my movies, since they're such large files. If I delete 20 movies, they'll still take up data for another 6 months. I followed your design of setting up "SHARES" as a pool and then creating folders underneath. The problem now is I have about 2TB of data in shares\movies, so I don't know if I could move it into a new pool "movies" unless I do a copy job...

jumbo I gave up on and will have to get back to later. I couldn't get it to work.
 
g0dM@n said:
jumbo I gave up on and will have to get back to later. I couldn't get it to work.
Click to expand...

Here's one thing I can tell you. If you have jumbo frames enabled for your storage network in ESX, and enabled in your storage VM, you can map the drives to ESX via NFS. However, when you try to start VMs, it will just hang. VMs won't start, and your NFS storage will disconnect.

This is where the ndd -set command comes in. Do that, then your VMs stored on that NFS storage will work flawlessly
 
cw823 said:
jumbo frames is done by editing the appropriate config file, and in the case of the pro/1000, just a reboot. For vmxnet3 however, you will need to:

ndd -set /dev/vmxnet3s0 accept-jumbo 1

and then do it for each additional vmxnet adapter (ie /dev/vmxnet3s1) as well.
Click to expand...

Been there, done that, spent days trying multiple configurations, work arounds, and "fixes" (even re-installing OI from scratch), but nothing worked. And I'm not the only one with that problem of not being able to enable Jumbo Frames in a virtualized OpenIndiana on ESXi, as the posts I kept on finding the configurations, work arounds, and "fixes", were the post that started with the same "How do I enable Jumbo Frames in OI in ESXi?" type of question.
 
You must log in or register to reply here.

Similar threads

Railgun
Consolodating/improving/simplifying storage. HW RAID to ZFS
Replies
0
Views
366
Railgun
Railgun
G
media and file server build: FreeNAS, RAID, ZFS?
Replies
13
Views
2K
gsrcrxsi
G
Stratus_ss
[Build Log] Building out a home lab
Replies
4
Views
2K
Stratus_ss
Stratus_ss
cw823
ZFS All-In-One Instructions (complete)
2
Replies
20
Views
9K
g0dM@n
g0dM@n
cullam3n
Project Baby Rack
2
Replies
32
Views
7K
cullam3n
cullam3n
Back