Remote Data Drives - theunissenlab/lab-documentation GitHub Wiki

Remote data drives

Physical Access

Our drives tdrive and zdrive are located remotely in the colo (Earl Warren Hall) at the bottom of Rack F10, tdrive in slots 3-4 and zdrive in slots 5-6. They are connected by LAN 1 to port 29 of the Gallant lab switch in rack F11. Tdrive is connected to LAN1 port 1 and 2 on the lower switch

To physically access it, you need to get to the 3rd floor of the colo which is restricted access. You need to call them to let you up. There is a phone on the wall of the first floor; dial the last 5 digits of the phone number posted by the phone, state your business, and someone will answer and let you up. If its your first time, you may need to have them add you to their system when you get there.

The relevant contact people there (as of Nov 2019) are Debbie Meads and Agustin.

Remote Access

zdrive

Access the Synology Assistant remotely by going to zdrive:5000 in a browser while connected to the lab network. Log in as theunissen and fff (with an inch on the last one).

Configuration notes are below.

Configuration Notes

Here are all the notes on how zdrive is configured for remote access. These are just the things that we actively changed from the default settings. Note that we didn't really understand a lot of what these settings meant so they could be wrong or missing important things.

  • Storage Manager > Storage Pool

    • Created storage pool (Storage Pool 1) with RAID type 5.

  • Storage Manager > Volume

    • Created Volume 1 on Storage Pool 1 with btrfs file system

  • Control Panel > Connectivity > Network > General

    • Server Name: zdrive

    • Default Gateway: 10.0.1.1 (LAN 1)

    • Preferred DNS Server: 10.0.2.1

  • Control Panel > Connectivity > Network > Network Interface > LAN 1 > IPv4

    • Use manual configuration:

      • IP Address: 10.0.1.204

      • Subnet mask: 255.255.0.0

      • Gateway: 10.0.1.1

  • Control Panel > Connectivity > Network > Static Route

    • Created static route with following settings (this is needed so that all workstations can access the server)

      • Network Destination: 10.0.2.0

      • Netmask: 255.255.255.0

      • Gateway: 10.0.1.1

      • Interface: LAN 1

  • Control Panel > File Sharing > SMB/AFP/NFS

    • Enable NFS is checked as well as NFSv4.1 support

    • In advanced settings, default UNIX permissions is checked

  • Control Panel > File Sharing > Domain/LDAP > LDAP

    • Enable LDAP Client (Lets the system know about our network's users and groups)

      • LDAP Server Address: 10.0.1.11 (this is zebra)

      • Base DN: dc=fet,dc=local

  • Control Panel > File Sharing > Shared Folder

    • Created shared drive called "zdrive" on Volume 1

    • Under the folder's NFS Permissions, created the following access rule:

      • Client: *

      • Privilege: Read/Write

      • Squash: No mapping (don't map users to root, did that by accident at first)

      • Asynchronous: Yes

      • Cross-mount: Allowed

  • File Station > zdrive/zdrive > Permission

    • Created two rules at the top level directory (/volume1/zdrive) that allow the owner (creator) of subdirectories to have full ownership and read/write access to their own folder, and read access on all other user's folders.

      • Read access for [email protected] (everyone can read data from anyone else's directories)

      • Full Control for Owner (users can do anything they want on their own subdirectories)