I found a weakness in my use of a windows server to my NFS datastores when I went to migrate my SBS server to the NFS datastore as a part of my VI3.5 upgrade.
In an earlier post (Windows NFS with VI3) I linked to directions for setting up Microsoft Services for Unix too allow a Windows server to host an NFS datastore. I’ve used this to host low priority VMs and all of my ISO’s and templates and am really happy with it. I planned to use the NFS datastore as a staging point to get my SBS server VM from local storage in my ESX 3.0 server to shared Fibre Channel storage on my ESX 3.5 servers.
I used Mike Lavericks Free RTFM Guide: “What’s New & Different in Vi3.5” to look at Storage VMotion and moved a few VMs from local storage to the NFS datastore. Then I tried to move my SBS server, this started but never finished. Rather worryingly it left me with all sorts of odd VM’s in VC. After spending a while untangling the vmdk and vmx files that were created in the process I got my SBS server back in operation and on the original storage.
Then I started to think through what might have gone wrong. In the end I decided it must have been the NFS datastore requiring authentication at the wrong moment in the SVMotion. I looked at the NFS config and found two things:
- I had used a domain admin account to map to the Linux root userID, this would require a domain controller for authentication. Since my SBS server was my only DC if it was off the air even briefly the authentication would fail.
- I had accepted the default of “Renew authentication every: 600 seconds” in the “Server for NFS” “Server Settings” dialogue. This would require authentication to be refreshed every 10 minutes for the NFS datastore.
The moral of the story is that when the blog posting about NFS says use a local administrator account for the mapping then you should.
Now I use a local account for the mapping, I don’t require authentication to renew and I have a backup domain controller.
Even better my production VMs are all on a proper SAN.
© 2008 – 2011, Alastair. All rights reserved.
thanks for your blog, but you haven’t mentioned the user name mapping if you configure the NFS on Windows 2008.
I mean;;
On windows 2008 not a Domain Controller, just a workgroup server…
For an NFS datastore using Microsoft Services for Unix I would always map the root user to a local administrator on the windows server. The VMKernel always accesses NFS datastores as root.