Panzura Filer Quick Start Guide

This quick start guide is an abbreviated version of the Installation Guide. For additional information, see the Installation Guide for your filer platform.

 

Only pertains to those running Panzura Cloud FS Version 8. 

Web Browser Requirement: The Panzura Filer’s WebUI and setup wizard are supported only on Google Chrome version 59.03071 or above.

Deployment Mode: One-arm or Inline

The filer can be deployed in either of the following modes:

  • One-arm mode: Client and cloud traffic pass through the same interface. Connect LAN1 to clients and to your Cloud Storage Provider (CSP).
  • Inline: Client and cloud traffic use separate interfaces. Connect LAN1 to clients and WAN1 to your CSP. The LAN and WAN ports must be on different subnets.

One-arm Mode

Inline Mode

The following diagrams show the features on the front and back control panels of physical Panzura Filers.

Pre‐installation Checklist

Before you log onto the filer for initial setup using the wizard, see the tables in Gather Information. Filling in a copy of the tables prior to starting the setup wizard on the filer can help make the initial deployment process easier and quicker.

The following table lists the information items you will need to enter or select when using the setup wizard. To simplify deployment, you may want to fill out the table before you log onto the filer for initial setup using the wizard.

Deployment Setting Enter Your Values Here 
End User License Agreement (EULA) and Admin Info

You will need to agree to the EULA, and enter the following contact information:

  • Name
  • Email
  • Title
 
Login Credentials for the Filer(s)

Administrator username and password for the Master Filer.

Default: adminadmin

Note: For AWS AMI and Microsoft Azure VM platforms, the filer does not have a default password. Instead, the initial password for the admin login comes from one of the following sources:

  • AMI: The initial admin password is dynamically generated by encrypting the key file (*.pem).
  • Azure: The password is entered by the user during Azure VM deployment.

Note: After initial deployment using the setup wizard, all filers within the CloudFS require the Master Filer's admin username and password for login.

 
Operational Mode

Function that the filer will serve:

  • Master: The managing filer for a group of distributed filers deployed as a CloudFS. All licenses and configuration settings are added to the Master Filer and automatically propagate to the Subordinate Filers.
  • Subordinate: By default, all filers are set as Subordinates, and are managed by the designated Master.
  • HA‐Local: The filer will be a standby for another, active filer. The HA-Local filer is a dedicated backup for only one other filer, and both filers must be in the same IP subnet.
  • HA‐Global: The filer will be a backup for n active filers. The active filers can be located remotely or in the same subnet as the HA-Global filer.
 

Type of network deployment (one‐arm or inline):

  • Inline: If the cloud traffic and client traffic are on different networks, then this is the recommended deployment option. In an inline deployment, the filer is connected to the network by separate LAN and WAN interfaces.
  • One‐arm: In a one‐arm deployment, the filer is connected to the network through a single interface (LAN). The filer is not directly in the traffic path between the internal and external networks. Use this method only if the cloud and client traffic are on the same network.
 
LAN (Client-side) Addresses

The filer's IP address can be assigned by DHCP or statically.

Tip Best practice is to use static addressing. For static addressing, gather the following information:

  • Filer IP address and subnet mask
  • Default gateway
  • Primary DNS
  • Secondary (backup) DNS

 

 
WAN (Cloud) Addresses

For inline deployment only:

  • Host IP address and subnet mask of filer
  • Default gateway
 
General Filer Settings
Filer hostname  
File system name  
Filer domain name  
NTP server address  

Master Filer information (used when setting up non-Master filers):

  • Master Filer's hostname
  • Login username and password for Master Filer's WebUI
 
Hostname/IP address and filesystem name of the active filer, if this filer is an HA‐Local standby.  
Licenses

You can install Panzura licenses using a license token or individual license files.

  • License Token: A single license token contains the license to operate, along with licenses for additional storage services. During setup, the wizard communicates with the license server to validate the token. This is the simpler method and is recommended for new deployments.
  • Individual License Files: License files apply to individual features. A typical installation requires multiple license files.

To obtain a license token or individual license files for your filer, please contact Panzura or your Panzura representative.

 

Cache Sizing

Cloud Storage To Allocate: Estimate how much storage will be moved to the cloud. The default is 1 TB.  
Percentage of Cache: Estimate the percentage of cloud-stored data to keep in the filer's cache for local access. This depends upon the use case typically 10% is a good starting point.  
Virtual Disk Settings (VM Filers only)

For VM platforms, you will need information to assign disk capacity for metadata and cache.

  • Amazon: You will need the private key file, AWS access key and AWS secret key.
  • Azure: Make sure that you added disk capacity when setting up the VM. For information on setting up a VM in Azure, see the installation guide for your Panzura Filer platform.
  • VMware: You will need the ESX host IP address or hostname, username and password to access the host. The ESX host must be managed by a vCenter/vSphere. The username and password ESX credentials are required to access the vCenter/vSphere server to provide and choose a list of datastores. They are not used to access the host (through SSH).
 
Cloud Storage Provider (CSP)
Gather the information required for your cloud provider. (See the Panzura Administration Guide.) (Cloud Provider Information.)  

Site Preparation

Panzura Filers use certain protocol ports as part of its normal operation. The firewall through which traffic to or from the filer will pass may need to be configured to allow this traffic. The table below lists the protocol ports that Panzura Filers use.

The table in Required Ports lists the protocol ports that Panzura Filers use.

Table Notes

For each protocol port, the table lists the filer's physical port (LAN or WAN) on which the traffic is expected, and whether sessions are initiated by the filer or by another device:

  • In: Session traffic is initiated by another device and received by the filer on the indicated port.
  • Out: Session traffic is initiated by the filer and sent out the indicated port.
  • Both: Session traffic may be initiated locally or remotely.

In One-arm mode, local traffic (LAN) and cloud traffic (WAN) uses the LAN port. For this reason, the LAN column applies to both LAN and WAN traffic.

Port Inline One-Arm Description
LAN WAN LAN
22/TCP Both   Both SSH (used for management traffic between filers)
80/TCP
443/TCP
In   In WebUI

22/TCP
80/TCP
443/TCP

  Out Out

Support Assistance (SA)

SA access requires at least 1 of these ports.

Note: SA is optional but recommended. To use SA, the following also is required:

  • A route from the filer to the Internet.
  • Access to DNS. SA is located at the following URL: saconnect.panzura.com

53/TCP
53/UDP

Out   Out DNS

80/TCP
443/TCP

  Out Out HTTP/HTTPS access to object store in cloud

88/TCP
88/UDP

Out   Out Kerberos

111/TCP
111/UDP
2049/TCP
2049/UDP
4045/TCP
4045/UDP

In   In

Network File System (NFS) protocols: RPC, NFS, and lockd

Note: Required only if NFS support will be enabled on the filer(s).

123/UDP Out   Out Network Time Protocol (NTP)

137/UDP
138/UDP
139/UDP

Out   Out NetBIOS (WINS)

161/TCP
161/UDP
162/TCP
162/UDP

Both   Both

SNMP

SNMP traps

389/TCP
389/UDP

Both   Both

LDAP

Active Directory (AD)

445/TCP
445/UDP

In   In SMB file protocol

514/TCP
514/UDP

Out   Out

Syslog

Note: Optional. Needed only if the filer will send its logs to a remote syslog server.

35357/TCP   Out Out

HP Cloud object store

Note: Required only if HP Cloud object store is used.

ICMP In   In Ping replies

Cloud Storage Provider Requirements

Check with your CSP or Panzura Support. Or see the Panzura Administration Guide.) Cloud Provider Information.

Filer IP Address

You will need to navigate to the filer's IP address to start the setup wizard. The LAN1 port on physical platform filers is configured for DHCP by default. If a DHCP server is not available, the filer uses the following default addresses:

  • Management (WebUI, CLI, API): 192.168.88.88
  • iDRAC interface: 192.168.88.89

VM platform filers receive their IP settings from the VM host.

Finding the Filer IP Address

On a physical filer, do any of the following:

  • Connect to the iDRAC port and log in (adminadmin). Java is required.
  • Connect to the CLI console on the Serial port, log in (adminadmin), and enter the following command: show mgmt-if-addr

On a VM filer, see the VM host or VM manager.

Changing the Filer IP Address (using the CLI)

If you plan to change the IP address when using the setup wizard, skip this section. Otherwise, to change the filer IP address using the CLI:

  1. Power on the filer.
  2. Attach a laptop PC to the filer:
  • To use iDRAC, attach a laptop PC to the iDRAC port and open a terminal emulator. Enter console com2 followed by the commands shown in step 3.
  • To use the CLI, attach a laptop PC to the Serial port. Open a terminal emulator and enter the commands shown in step
3.Enter the following commands:

    cloudfs> enable

    Password: enable

    cloudfs# configure terminal

    cloudfs(config)# mgmt-if-mode Static

    cloudfs(config)# mgmt-if-addr <filer-ip> <subnet-mask> <gateway-ip>

    cloudfs(config)# exit

    cloudfs# write memory

    cloudfs# logout

    Running the Setup Wizard

    Browser Requirement: The Panzura Filer’s WebUI is supported only on Google Chrome version 59.03071 or above.

    1. Power on the filer (if not already on).
    2. Use a browser to navigate to the filer's management address (WebUI address).
    3. Follow the instructions on the wizard screens. (Make sure to click Help to display the help text!)
    • The Panzura Filer’s WebUI is supported only on Google Chrome version 59.03071 or above.
    • Depending on the filer model, the LAN1 interface may have any of the following names: LAN1, bge0, ix0. Likewise, the WAN1 interface may have any of the following names: WAN1, bge1, ix1.
    • If the filer includes the optional 10GB NIC, the 10BG ports are used for LAN1 and WAN1 instead of the 1GB ports.
    • If NIC teaming is used, the teamed ports (GB1 and GB2) can both be LAN ports or WAN ports, based on configuration.
    • In inline deployment mode, the LAN and WAN ports must be on different subnets.
    • The capitalization used when first configuring the filer host name persists for all CloudFS configuration operations. You cannot change the capitalization at a later time. However, you can change to a different host name.
    • If you are using SMB/CIFS, make sure your AD Server hostname is resolved by your DNS server and reachable on the LAN1 network.
    • Either static or DHCP address assignment is supported. However, for all filer platforms, Panzura recommends using a static address.
    • Setup of a physical platform filer's IP address requires either a direct Ethernet connection to the filer (to the iDRAC port or serial console), or access to the IP subnet of the WebUI IP address.
    • When you deploy an AMI or Azure filer, a private IP address is required to access the filer's setup wizard. This is because Secure Private Network Mode, which is enabled by default, blocks public IP access. After you disable Private Secure Network Mode from within the wizard, you can change to a public IP address.
    • All WAN accelerators, such as the Riverbed Steelhead and Cisco WAAS, must bypass all Panzura network traffic. This includes all of the following.
      • WAN accelerators must not be in the network path between Panzura filers.
      • WAN accelerators must not be in the network path between Panzura filers and the cloud.
      • WAN accelerators must not be in the network path between Panzura filers and clients.
    • For SMB, the filer needs to join the AD domain that enforces the RBAC policies. Enabling a storage device to join the AD domain can be delegated to any user with this privilege. Panzura has found that in most cases, AD administrators tend to manage the devices that can join the AD domain. For this reason, AD administrator credentials are required during initial setup of a filer.

    • The Panzura Filer’s WebUI is supported only on Google Chrome version 59.03071 or above.
    • Depending on the filer model, the LAN1 interface may have any of the following names: LAN1, bge0, ix0. Likewise, the WAN1 interface may have any of the following names: WAN1, bge1, ix1.
    • If the filer includes the optional 10GB NIC, the 10BG ports are used for LAN1 and WAN1 instead of the 1GB ports.
    • If NIC teaming is used, the teamed ports (GB1 and GB2) can both be LAN ports or WAN ports, based on configuration.
    • In inline deployment mode, the LAN and WAN ports must be on different subnets.
    • The capitalization used when first configuring the filer host name persists for all CloudFS configuration operations. You cannot change the capitalization at a later time. However, you can change to a different host name.
    • If you are using SMB/CIFS, make sure your AD Server hostname is resolved by your DNS server and reachable on the LAN1 network.
    • Either static or DHCP address assignment is supported. However, for all filer platforms, Panzura recommends using a static address.
    • Setup of a physical platform filer's IP address requires either a direct Ethernet connection to the filer (to the iDRAC port or serial console), or access to the IP subnet of the WebUI IP address.
    • When you deploy an AMI or Azure filer, a private IP address is required to access the filer's setup wizard. This is because Secure Private Network Mode, which is enabled by default, blocks public IP access. After you disable Private Secure Network Mode from within the wizard, you can change to a public IP address.
    • All WAN accelerators, such as the Riverbed Steelhead and Cisco WAAS, must bypass all Panzura network traffic. This includes all of the following.
      • WAN accelerators must not be in the network path between Panzura filers.
      • WAN accelerators must not be in the network path between Panzura filers and the cloud.
      • WAN accelerators must not be in the network path between Panzura filers and clients.
    • For SMB, the filer needs to join the AD domain that enforces the RBAC policies. Enabling a storage device to join the AD domain can be delegated to any user with this privilege. Panzura has found that in most cases, AD administrators tend to manage the devices that can join the AD domain. For this reason, AD administrator credentials are required during initial setup of a filer.