Requesting a new qtree

Requesting a new qtree

Here is what I need to create a new qtree on our NetApp:
Name:
The name of the qtree. It will be mountable from koko.lcsr.rutgers.edu:/vol/vol<nn>/<name> . On our systems (eg, the research cluster) it would typically be mounted on /koko/<name> .
Size:
The initial usable size of the qtree (eg, 50G or 100G).
Protection:
The protection of the top level directory. Some typical protections would be
    775 (meaning owner/group read/write; other read)
    750 (owner read/write; group read; other none)
Owner:
The owner of the top level directory. If it is to be mounted on one of our clusters, this could be a NetID. If to be mounted somewhere which does not coordinate UID/GIDs, it should be a numeric UID. If you want to use just group access for write to the top level directory, you can leave root as owner.
Group:
The group for the top level directory. See owner for how to specify group name/number.
Exports:
A list of hostnames or netgroups who should be able to mount the qtree. You might specify specific hostnames of an entire cluster (eg, all the hosts in the research cluster).
RW/RO:
For each of the hostnames, whether they should have read/write or only read access.
Security flavor:
For each of the hostnames, whether user access should be controlled by UID/GID on the client machine (sys) or by cryptographic proof of identity (via a kerberos ticket) (krb5).
"krb5" prevents root on the NFS client host from being able to override protections and access files.
Snapshot policy:
Online snapshots are our mechanism for file restores should a file get accidentally corrupted or deleted. There are three types of snapshots: Our normal policy is 10 weekly, 12 daily, and 10 hourly snapshots giving us 2 days of hourly snapshots, 2 weeks of daily snapshots, and 2 months of weekly snapshots. We are only able to restore files from the oldest snapshot which would normally be about 2 months old.
Snapshot visibility:
Snapshots on our NetApp are read-only copies of the filesystem as it existed at the point in time when the snapshot was done. You should decide whether whether they are visible to anyone with read access to the qtree.

If snapshots are visible, you can do restores yourself (by copying the file out of a (normally hidden) .snapshot copy of the directory. If they're not visible, you can request a restore to be done, usually within a few hours of your request.

The reason we disable snapshot visibility on qtrees holding home directories on the faculty, research, grad and ilab clusters is for the protection of potentially misprotected files. Suppose you create a file, "secret" and put your bank account information and password in it. Later, you realize you left it protected so that anybody could read it, so you reprotect it. The file is still publicly protected in any snapshots in which it exists. Someone browsing through the snapshot copy of the filesystem will still be able to read the file. Even privileged users cannot change (eg, change permission or delete a file) in a snapshot.


This page last updated December 17, 2017.