lvm+ssd缓存 附samba配置
注:一般不用在未挂载前创建samba,视实际情况而定(客户现场掉盘后samba服务异常,直接导致服务器掉盘卡死,先临时起samba服务,但需要考虑系统盘大小与业务持续写入情况,避免samba服务器根分区爆满)
parted -s /dev/nvme0n1 mklabel gpt mkpart CACHE 0% 100% parted -s /dev/mapper/mpathf mklabel gpt mkpart DATA 0% 100% parted -s /dev/mapper/mpathg mklabel gpt mkpart DATA 0% 100% vgcreate santiagodvg /dev/nvme0n1p1 /dev/mapper/mpathf1 /dev/mapper/mpathg1 lvcreate -l 100%PV -n nvmelv santiagodvg /dev/nvme0n1p1 lvcreate -l 100%FREE -n datalv santiagodvg lvconvert --type cache --chunksize 2M --cachevol nvmelv santiagodvg/datalv lvs -o cache_mode santiagodvg/datalv|grep writeback||lvchange --cachemode writeback santiagodvg/datalv mkfs.xfs -K /dev/mapper/santiagodvg-datalv echo "/dev/mapper/santiagodvg-datalv /data xfs defaults,_netdev 0 0" >> /etc/fstab mkdir -p /data/santiagod chmod 777 /data mount -a mkdir -p /data/santiagod chmod -R 777 /data
samba配置文件参考
# cat /etc/samba/smb.conf [global] aio read size = 4096 # aio read size = 0 workgroup = santiagod server string = THE nse1k Server Version %v log file = /var/log/samba/log.%m max log size = 5120 security = user passdb backend = tdbsam load printers = yes cups options = raw map to guest = Bad User guest account = crealife ntlm auth = yes ; include = /etc/samba/rhs-samba.conf kernel share modes = no kernel change notify = no ; ctdbd socket = /tmp/ctdb.socket ; include = /etc/samba/ctdb.conf kernel oplocks = no posix locking = no map archive = no map hidden = no map read only = no map system = no store dos attributes = yes load printers = no disable spoolss = yes show add printer wizard = no printing = bsd [santiagod] comment = santiagod path = /data/santiagod read only = no guest ok = yes force create mode = 0660 force directory mode = 02770 force user = santiagoddess case sensitive = Yes preserve case = No short preserve case = No systemctl restart smb
创建 samba用户
useradd -M -d /data/santiagod -s /usr/sbin/nologin santiagoddess smbpasswd -a santiagoddess systemctl restart smb
ls -Z SELinux provides a user (unconfined_u), a role (object_r), a type (user_home_t), and a level (s0). This information is used to make access control decisions. On DAC systems, access is controlled based on Linux user and group IDs. SELinux policy rules are checked after DAC rules. SELinux policy rules are not used if DAC rules deny access first.
附:firewalld防火墙配置
firewall-cmd --permanent --add-service=samba firewall-cmd --reload
#对应端口,!!!以下内容不用配置
firewall-cmd --zone=public --add-port=139/tcp --permanent
firewall-cmd --zone=public --add-port=445/tcp --permanent
firewall-cmd --zone=public --add-port=137/udp --permanent
firewall-cmd --zone=public --add-port=138/udp --permanent