- How to configure VMware vSAN Direct on vSphere 7 U1 - Wed, Nov 25 2020
- Configure and manage SMB shares on vSAN 7 U1 - Wed, Nov 18 2020
- VMware vSAN 7 U1: Configure vSAN File Service - Wed, Nov 11 2020
File services started with the first version of vSphere 6.7; this is the second edition. The vSAN 7U1 offered the possibility of using NFS 4.1 and SMB 3.0, as well as Microsoft AD integration. The older versions of those protocols are also supported (NFS v3 and SMB v 2.1).
vSAN 7 U1 file services use very lightweight agent VMs that run containers or protocol stacks. There is one VM per host. With vSAN 7 U1, when you put a host in maintenance mode, this agent VM is shut down. After maintenance mode is exited, this VM is powered back on.
What are the management options for SMB shares? ^
Let's have a look at the options that are available. In fact, there is nothing more and nothing less than what you know already. MMC is a built-in Windows utility that can be used to do basic configuration tasks on an SMB server.
I assume that you know how to use Microsoft's MMC shares console. Basically, you can perform the following tasks on vSAN file system SMB shares using the MMC tool:
- Manage access control lists (ACLs) and permissions
- Close open files
- View active sessions
- View open files
- Close client connections
Where to create the vSAN share? ^
You can create SMB or NFS shares very easily in vSAN 7 U1. Simply connect via the vSphere client, and select vSAN Cluster > Configure > vSAN > File Shares. Then click the ADD button.
A new wizard-driven window will open. There are three sections that need to be completed:
- Name of the share—You'll need to provide the name of the share and choose the relevant protocol.
- Protocol—Choose between NFS and SMB.
- Storage Policy—There is also a storage policy you can choose if the default is not what you want.
Other than that, there is a storage space quota to limit the size of the shares and protocol encryption that, when enabled, ensures traffic to a share is encrypted.
A summary of the configuration is presented for review. We did not pick any storage space quotas for our example, but as you can see, these options are available.
After a couple of seconds, the new share will appear in the web client. You can see the type, protocol, storage policy, usage/quota (if any), and the actual usage in Kb.
How do we manage the share? ^
Now we're getting to the core of the system, and your question is certainly, "How do I manage it?" Let's have a look.
When you refresh the page, you'll see that new links have appeared. It is now possible to click Delete, Edit, Copy Path, or Copy MMC Command. It is the last one that is needed for our demonstration.
The command is copied to the clipboard. Log in to a Windows computer that is located in the same AD domain as the user configured in the vSAN file service. Open a CMD window as administrator (or PowerShell window as admin) and paste the command inside. In my case:
Then you can use the MMC to configure share permissions, view the number of client connections, and so on. The share name is appended with "$," so you must enter the exact path as it's invisible via the network browser.
It is the default standard Windows snap-in for managing shares that everyone knows. VMware did not provide their own tool here, but rather integrated pretty intelligently with the existing Microsoft tool.
Final words ^
For several years now, these two big companies, VMware and Microsoft, have stopped competing and have begun working together to create better products and provide better services. The vSAN file services integration is one of them.
In the cloud business, VMware has vSphere on AWS. There is the Google Cloud VMware engine, but VMware also works closely with Microsoft to offer the Azure VMware solution, which is a Microsoft service, verified by VMware, that runs on the Azure infrastructure.
At the end of the day, it does not really matter where your workloads are running, but which hypervisor your company is currently using and whether your IT admin team is mastering that technology. It's not easy to switch from one to the other when you have invested a lot of time and money into learning virtualization technologies.