Distributed File System and its deployment

DFSIntroduction

With the distributed file system, you can easily locate and manage shared resources in the network, use a unified named path to access the required resource center, provide reliable load balancing, and file replication service (FR) the combination provides redundancy between multiple servers and integrates with windows permissions to ensure security.

The process of configuring a distributed file server is very simple. You can use the "DFS management" component for configuration or the "Distributed File System" component.

Distributed File System (DFS) combines scattered (distributed on various computers in the LAN) shared folders into a folder (virtual shared folder) using distributed folders. for users, to access these shared folders, you only need to open the virtual shared folder to view all the Shared Folders linked to the virtual shared folder. The user does not feel that these shared files are scattered on various computers. The benefit of a distributed file system is centralized access. Simplified operations. Improves file access efficiency.

Configure a Distributed File System

A Distributed File System component is available only when windows 2008 R2 or windows is installed. The win2003R2 system is described as follows:

Create DFSRoot

DFS defines a level for a shared folder. Similar to a standard directory structure, DFS only forms a directory structure that is not a folder, but multiple sharing points. You can use the Distributed File System to configure DFS in two steps: Create DFS root and create DFS link;

Click Start-management tools-distributed file system. On the displayed page, right-click the new root directory ,;

The create root directory wizard is displayed. Click Next. Select the root directory type. If you have an AD domain, we recommend that you select the root directory, as shown in;

The configuration information of the independent root is stored in the registry information of the root server. If the independent root server is unavailable, the DFS is unavailable. Fault Tolerance is not supported.

The configuration information of the domain root is stored in AD and copied to all the DC in the current domain for fault tolerance. When the root server is unavailable, other servers can still send DFS information to the client. Obviously, domain root is a safer solution, but it requires AD domain support. It is recommended that the number of connections cannot exceed 5000.

Click Next and enter the domain name information,

Enter the server name. Click Browse to find the server name in the selected root directory ;;

Enter the root directory name and comment. The root directory name is the top-level shared name for shared access. If a shared folder exists, use it directly. If the shared folder is not created, a shared folder is automatically created.

In root directory sharing, select the specified shared folder. If the file is not shared, the wizard automatically creates the corresponding file. After the root directory is created, DFS root directories are generated in the distributed file system;

Create DFSLink

After the DFS root directory is established, a DFS link must be established to ensure the normal operation of DFS. Right-click the DFS root and choose create DFS link. Name the link and point it to the appropriate shared resource .,

On the create link page, enter the Link name and target path. The Link name is the name of the shared folder under the root directory that the client wants to see. The target path is the shared folder path on the server ,;

Explanation of the time required for client cache reference:The client caches the obtained references. The default cache time for an independent root directory is 300 seconds, and the default cache time for the domain root directory is 1800 seconds. In general, you do not need to modify the cache time configuration. If the folder target in the namespace changes frequently, you should consider reducing the cache time; however, reducing the cache time will increase the load on the domain controller and namespace server and increase network access traffic.

Each time the client uses a cache reference to access a file or folder, It updates the reference cache duration value, which can be used infinitely until the client's reference cache is cleared or the client is restarted. The result is that the folder target in the namespace is updated, but the client continues to use the old folder. This allows the cache reference to expire after it reaches the cache duration value. When it is accessed again, it gets a new reference from the domain controller or namespace server, this allows you to quickly discover changes to namespaces and namespaces folders.

ClientYou only need to enter the UNC path (\ Domain Name \ root directory name) in the operation to use the file server for resource access. The client user does not need to know which service the shared file is in, implements simple resource access. For example, if multiple servers or computers have multiple shared folders, you only need to add new links as needed, which is simple and convenient for users to access.

Note: The new link is only a single layer, that is, the link cannot be created under the created link.

Configure Server redundancy/Load Balancing

Server redundancy/load balancing can be configured to store files in the same shared folder on different servers, and file synchronization can be achieved through replication. When a server goes down, DFS automatically points the shared file to the shared folder of another server, so that the client does not feel the impact of downtime on access to the shared folder. The client can access resources at any time.

That is, to create the same shared folder on different servers, DFS automatically directs the client to one of the shared folders. When one server goes down, the client is automatically directed to another shared folder, this facilitates shared access.

Click Distributed File System-new link mp3-right-click the new target ,;

In the target path, Click Browse to select the shared folder of another server ,;

Click OK to check whether the replication target needs to be configured. Click Yes to bring up the Configuration Wizard. You can also configure replication later.

Click Next on the new copy Wizard Page that appears. Select an initial host and select either. To complete configuration replication, the list must have at least two normal targets,If there is a red cross on one of the items, it indicates that the machine is not connected, or the related services are not running properly, checkDistributed File System,Distributed Transaction Coordinator,File Replication servicesWhether the three services are running.

Temporary Folder means to enable replication,DFSThe copied content will be saved to this folder and copied from this folder;

Select the replication topology, select "staggered" as the fastest replication topology, and click "finish ".

Ring:Copy files from one computer to another in a circular manner. Each computer is connected to the other two computers in the ring topology.Advantages:Redundancy is provided.Disadvantages:Synchronization takes a long time.

Distribution:This topology requires three or more members; otherwise, it is unavailable. For each spoke member, you can select the required central member and (optional) the second central member for redundancy. This optional center ensures that the spoke members can still be copied when one central member is unavailable. If two central members are specified, the central members are staggered.Advantages:Fast network traffic,Disadvantages:It is easy to cause single point of failure.

Staggered:That is, the hybrid type, which combines the above two types. In this topology, each member is copied to all other members of the replication group. This topology is ideal if the number of members in a replication group is equal to or less than 10. If there are more than 10 members in the replication group, we recommend that you use the staggered topology.
Advantages:The maximum redundancy is provided due to the interconnection of two nodes;Disadvantages:The network traffic is large.

The topology diagram is as follows;

Because it is set in the domain environment, click \ test.com \ public on any domain member computer to put the files to be shared, you can find the corresponding backup on the computer where the replication topology is set. This enables automatic backup of the shared file server, effectively reducing the loss rate of important files;

Configure the replication priority and schedule

The DFS replication has been created. You can perform replication redundancy and load balancing. Right-click the configured shared destination attribute ,;

Select the copy tab ,;

You can click a schedule to customize the replication time. during a certain period of time, you can click custom to configure related information;

You can change the replication topology to view the replication relationship. If you select this option, you can disable replication from the server to another server. Click priority to set the replication priority .;

In the inbound connection area, select the check box under the alternative plan, select the priority, and select change. By default, the priority is low;

We recommend that you set the priority of file servers on the same site to high. The priority of file servers on different sites is medium/low. The priority of replication is determined based on the physical location and bandwidth;

If DFS points to a shared file that is located in different sites and replicated to each other, the server directs the client's shared access request to the smallest site in the cost based on the cost value between sites. If the server goes down, redirects to a site based on the cost value;

Click schedule to configure the copy time ,;

Avoid replication when the bandwidth usage is high based on the specific network bandwidth requirements.

Click Edit next to the file filter to set which files are not copied, for example, some temporary folders of the application are not copied.

*. Avi files are not copied. Click Add;

Click Edit next to the subfolder to set which subfolders under this folder are not copied; wildcards can be used;

Distribute the root directory on multiple servers

Click another server-start management tool-Distributed File System, right-click to display the root directory ,;

In the displayed dialog box, click trust domains, expand them to the root directory, and click OK;

At this time, the DFS root is distributed in two servers, and its configuration information is all stored in the Active Directory, because the creation is the root directory of the domain;

Configure top-level DFSRoot directoryAdd other DFS root as the link for Unified Access

, Click Distributed File System, select new root directory to create a new root directory by following the steps;

At this point, you can create multiple DFS root directories on the same server, which seems to be in violation of the unified command path principle. The client needs to remember multiple root paths to find the corresponding shared files. Otherwise, you can create a top-level DFS root directory on another server,

Select another server and click Distributed File System to create a new root directory ,;

Then create a linkDFSAdd the root path as the target path of the new link.;

Note: public is the DFS root directory of win2003r2.test.com, which is added as a link to the top-level DFS root directory;

You can create links in sequence to add the root directories on different servers,

For client access, you only need to remember the path of the top-level root directory, such as \ test.com \ root, to easily access Shared Folders;

Application Scenario: The Enterprise File Server creates multiple shared folders for each department and adds shared folders for different departments to the root directory, use a uniform named path for access. Note: a maximum of eight layers can be nested links in the root. We recommend that the DFS root of a domain contain no more than 5000 links;

Configure file server access permissions (allow specific users to access Shared Folders)

The distributed file system combines folder sharing permissions with NTFS permissions;

Set a specific folder to only allow access by specific department groups or users,

Select the folder for which permissions are to be set, right-click Properties-security-advanced, and cancel "allow the parent permission to be transmitted to this object and all sub-objects ". In the displayed window, select "delete ",

ClickAdvancedTabAddTo facilitate management, we recommend that you add the Domain Admins user group to the folder and grant the "Security Control" permission .;

If you want everyone to access shared folders, click Add on the Security tab to add everyone, and grant the read and list folder directories and read and run permissions .;

In the Security tab, Users and permissions are directly inherited from the parent directory, and test \ Users has only the read permission;

(Note: If you cancel the permission to inherit subfolders from the Advanced tab, Users of Users are not displayed)

Add the "deny" Write Permission to Users (test \ Users) to prevent Users from adding folders in the same directory as "this folder.

Set the permission for the share tab. By default, the shared user is Everyone and the permission is read-only. Click share tab-permission;

Select allow change to grant the permission to change, and grant the write permission to the client as required;

DFSConfigure sharing with the Active Directory

Click AD user and computer-any OU-right-click New-shared folder ,;

The client and server can search for shared folders by searching for AD-shared folders;

Right-click the shared folder attribute to set which users can/cannot find the shared folder ;;

Tip: Switch to advanced function mode for viewing;

On the General tab, click the keyword to add the subfolders under the shared folder as the keyword, so that the client can forget the name of the root directory and search only when the name of a shared folder is remembered;

Click the Security tab to set which users or groups allow/deny searching for this folder, which ensures the security of the AD shared folder,

, User sky is forbidden to search for shared folders in AD,

Client click Network Neighbor-search Active Directory, click find-shared folder, then the shared folder cannot be found.

Create an independent root directory

As mentioned above, the configuration information of an independent root directory exists in the registry, and that of the domain root directory exists in the AD;

Click the created root directory to view the release tab, click, and select publish in AD to publish the root directory to AD. You can also set keywords for query;

DFS only organizes shared resources through a unified interface. All permissions set for shared folders are reserved;

FRConflict handling

When the replication shared folder is enabled in DFS, because replication cannot be updated in real time, some replication conflicts will occur. The process of the WordPress conflict is as follows:

For files with duplicate names: when the same files are created on different hosts, "last writer wins" is used to save the files written;

For folders with duplicate names: Use "frist writer wins", that is, the name of the created folder remains the same, and a suffix of "_ NTFRS_XXXXXXXX" will be added to the created folder, X is a random hexadecimal number.

FRPossible problems

When the network is unstable, the client cannot determine which server to be directed;

The "last writer wins" mechanism of WordPress may cause loss of user data without knowing it; that is, the content of the duplicate file written first is lost, although it has been saved, but only the content of the file written after saving.

The file is copied only when it is closed;

If only a small part of the file is changed, the WordPress copies the entire file;

The virus may spread faster through WordPress, so it is necessary to install anti-virus software;

The Win2003 cluster service does not support WordPress;

Remote Storage is not compatible with WordPress;

Fr does not copy EFS encrypted files, and no prompt is given;

The disk quota is not supported;

Staging directory: temporary space during DFS replication. When replication starts, DFS will generate a copy of the file to this folder and then copy it to other servers. Advantages: if you need to modify the copied file during the copy process, the file will not be affected.

The maximum file size that DFS can copy is determined by the segmented directory (temporary space). The default value is 660 MB;

The minimum temporary space is 10 MB and the maximum space is 2 TB;

You can modify the Registry to change the size of the temporary space;

Modify the following key values. After the change, you need to restart the ntfr service for the setting to take effect. net stop ntfr;

AboutUSN journal wrapError

USN logs are fixed-size logs that record all changes made on the NTFS 5.0 format partition. As long as the WordPress is running, ntfr will monitor the ntfs usn log file to see if there are closed files in the directory copied by the WordPress.
If a large number of changes occur during the WordPress shutdown process, so that the last USN change recorded during the WordPress shutdown process no longer exists in the USN log during startup, the journal wrap error occurs. There is a risk that during the service's shutdown, changes may occur to the files and folders of the WordPress replication tree, but the USN log does not have a record for this change. To prevent data inconsistency, the WordPress decides to enter a journal wrap state.
Options to reduce journal wrap errors include:

Store the copied content on a less busy volume, keep the WordPress service running, avoid modifying the copied Content During the disconnection of the WordPress service, and increase the size of the USN log.

The WordPress is a service that needs to run on the domain controller and the DFS set members copied by the WordPress.
We recommend that you configure a log capacity of 0.1 million MB for every 128 files on the volume managed by the replication mechanism.

You can change the USN Log Size by setting the following registry key:

HKLM \ System \ CCS \ Services \ ntfr \ Parameters \ "Ntfs Journal size in MB" (REG_DWORD)

Create a New DWORD Value Ntfs Journal size in MB and set it to decimal 128;

DFS can help you create logical file systems out of multiple physical systems for ease of use. DFS users can create a single file sharing directory tree that contains multiple file servers in a group, department, or enterprise, this allows you to easily search for files or folders distributed anywhere on the network.

1: Through DFS, shared folders in multiple different locations in the network can be accessed using a unified path. If conditions are met in the production environment, we recommend that you use only one independent server as a full-time file server.
2: for DFS, although only the DFS root must be on the NTFS Volume, we recommend that you create the DFS link folder in the NTFS Volume for security considerations.
3: theoretically, DFS can contain unlimited subfolders. The actual DFS path length cannot exceed 260 bytes. We recommend that you use a simple naming scheme when creating a folder.
4: The same DFS root cannot create a sublink from an existing link. The basic DFS namespace only has a level-1 depth.