Multiple Server Instances
== Multiple Server Hosting ==
The use of multiple server hosting involves running multiple separate instances of Samba, each with it's own configuration file. This method is complicated by the fact that each instance of nmbd, smbd and winbindd must have write access to entirely separate TDB files. The ability to keep separate the TDB files used by nmbd, smbd and winbindd can be enabled either by recompiling Samba for each server hosted so each has its own default TDB directories, or by configuring these in the smb.conf file, in which case each instance of nmbd, smbd and winbindd must be told to start up with its own smb.conf configuration file.
Each instance should operate on its own IP address (that independent IP address can be an IP Alias). Each instance of nmbd, smbd and winbindd should listen only on its own IP socket. This can be secured using the socket address parameter. Each instance of the Samba server will have its own SID also, this means that the servers are discrete and independent of each other.
As an alternative, you can setup Samba to run within Xen. Some Samba administrators may find it easier to set up, especially if you are going to set up more Samba and OpenLDAP instances on the same box.
Conventions
- this document will use the configuration file method
- this document is RHEL centric for the interfaces and file locations
- the domain will be kansai
- the instances will be named nara and heian
- nara will listen on eth0:1
- heian will listen on eth0:2
Preparation
To have multiple instances of samba running, you will need to setup at least one virtual interface per samba instance. We will setup two persistant virtual interfaces right now.
cd /etc/sysconfig/network-scripts cat << EOF > ifcfg-eth0:1 DEVICE=eth0:1 BOOTPROTO=static BROADCAST=192.168.255.255 HWADDR=00:08:02:91:2C:58 IPADDR=192.168.127.1 NETMASK=255.255.0.0 NETWORK=192.168.0.0 ONBOOT=yes TYPE=Ethernet EOF cat << EOF > ifcfg-eth0:2 DEVICE=eth0:2 BOOTPROTO=static BROADCAST=192.168.255.255 HWADDR=00:08:02:91:2C:58 IPADDR=192.168.127.2 NETMASK=255.255.0.0 NETWORK=192.168.0.0 ONBOOT=yes TYPE=Ethernet EOF ifup eth0:1 ifup eth0:2 cat << EOF >> /etc/hosts 192.168.127.1 nara.kansai nara 192.168.127.2 heian.kansai heian EOF
You will also need one separate set of directories per instance for the samba private files (pids, databases, ...) and shares:
mkdir -p /var/run/samba/nara /var/run/samba/heian mkdir -p /var/cache/samba/nara /var/cache/samba/heian mkdir -p /var/log/samba/nara /var/log/samba/heian mkdir -p /shares/nara/todaiji /shares/heian/jingu
Configuration files
Create two configuration files: /etc/samba/smb.conf.nara and /etc/samba/smb.conf.heian
cd /etc/samba cat <<EOF >smb.conf.nara [global] add share command = /usr/bin/modify_samba_config.pl delete share command = /usr/bin/modify_samba_config.pl socket options = TCP_NODELAY IPTOS_LOWDELAY SO_RCVBUF=8576 SO_SNDBUF=8576 change share command = /usr/bin/modify_samba_config.pl workgroup = kansai security = user bind interfaces only = yes interfaces = eth0:1 netbios name = nara pid directory = /var/run/samba/nara lock directory = /var/cache/samba/nara private dir = /var/cache/samba/nara [todaiji] path = /shares/nara/todaiji EOF cat <<EOF >smb.conf.heian [global] add share command = /usr/bin/modify_samba_config.pl delete share command = /usr/bin/modify_samba_config.pl socket options = TCP_NODELAY IPTOS_LOWDELAY SO_RCVBUF=8576 SO_SNDBUF=8576 change share command = /usr/bin/modify_samba_config.pl workgroup = kansai security = user bind interfaces only = yes interfaces = eth0:2 netbios name = heian pid directory = /var/run/samba/heian lock directory = /var/cache/samba/heian private dir = /var/cache/samba/heian [jingu] path = /shares/heian/jingu EOF
In /etc/sysconfig, create two files named samba.nara and samba.heian
cd /etc/sysconfig cat <<EOF >samba.nara # Options to smbd SMBDOPTIONS="-D -s /etc/samba/smb.conf.nara -l /var/log/samba/nara" # Options to nmbd NMBDOPTIONS="-D -s /etc/samba/smb.conf.nara -l /var/log/samba/nara" # Options for winbindd WINBINDOPTIONS="" EOF cat <<EOF >samba.heian # Options to smbd SMBDOPTIONS="-D -s /etc/samba/smb.conf.heian -l /var/log/samba/heian" # Options to nmbd NMBDOPTIONS="-D -s /etc/samba/smb.conf.heian -l /var/log/samba/heian" # Options for winbindd WINBINDOPTIONS="" EOF
Startup scripts
The default RHEL startup scripts have some issues that make them almost useless for the purpose of multiple servers. So we will use modified versions instead.
cat <<EOF > smb.nara #!/bin/sh # # chkconfig: - 91 35 # description: Starts and stops the Samba smbd and nmbd daemons \ # used to provide SMB network services. # # pidfile: /var/run/samba/nara/smbd.pid # pidfile: /var/run/samba/nara/nmbd.pid # config: /etc/samba/smb.conf.nara # Source function library. if [ -f /etc/init.d/functions ] ; then . /etc/init.d/functions elif [ -f /etc/rc.d/init.d/functions ] ; then . /etc/rc.d/init.d/functions else exit 0 fi # Avoid using root's TMPDIR unset TMPDIR # Source networking configuration. . /etc/sysconfig/network if [ -f /etc/sysconfig/samba.nara ]; then . /etc/sysconfig/samba.nara fi # Check that networking is up. [ ${NETWORKING} = "no" ] && exit 0 # Check that smb.conf exists. [ -f /etc/samba/smb.conf.nara ] || exit 0 # Check that we can write to it... so non-root users stop here [ -w /etc/samba/smb.conf.nara ] || exit 0 RETVAL=0 start() { KIND="SMB" echo -n $"Starting $KIND services: " daemon smbd $SMBDOPTIONS RETVAL=$? echo KIND="NMB" echo -n $"Starting $KIND services: " daemon nmbd $NMBDOPTIONS RETVAL2=$? echo [ $RETVAL -eq 0 -a $RETVAL2 -eq 0 ] && touch /var/lock/subsys/smb.nara || \ RETVAL=1 return $RETVAL } stop() { KIND="SMB" echo -n $"Shutting down $KIND services: " kill `cat /var/run/samba/nara/smbd.pid` RETVAL=$? echo KIND="NMB" echo -n $"Shutting down $KIND services: " kill `cat /var/run/samba/nara/nmbd.pid` RETVAL2=$? [ $RETVAL -eq 0 -a $RETVAL2 -eq 0 ] && rm -f /var/lock/subsys/smb.nara echo "" return $RETVAL } restart() { stop start } reload() { echo -n $"Reloading smb.conf file: " kill -HUP `cat /var/run/samba/nara/smbd.pid` RETVAL=$? echo return $RETVAL } rhstatus() { status smbd status nmbd } case "$1" in start) start ;; stop) stop ;; restart) restart ;; reload) reload ;; status) rhstatus ;; condrestart) [ -f /var/lock/subsys/smb.nara ] && restart || : ;; *) echo $"Usage: $0 {start|stop|restart|reload|status|condrestart}" exit 1 esac exit $? EOF cat <<EOF >smb.heian #!/bin/sh # # chkconfig: - 91 35 # description: Starts and stops the Samba smbd and nmbd daemons \ # used to provide SMB network services. # # pidfile: /var/run/samba/heian/smbd.pid # pidfile: /var/run/samba/heian/nmbd.pid # config: /etc/samba/smb.conf.heian # Source function library. if [ -f /etc/init.d/functions ] ; then . /etc/init.d/functions elif [ -f /etc/rc.d/init.d/functions ] ; then . /etc/rc.d/init.d/functions else exit 0 fi # Avoid using root's TMPDIR unset TMPDIR # Source networking configuration. . /etc/sysconfig/network if [ -f /etc/sysconfig/samba.heian ]; then . /etc/sysconfig/samba.heian fi # Check that networking is up. [ ${NETWORKING} = "no" ] && exit 0 # Check that smb.conf exists. [ -f /etc/samba/smb.conf.heian ] || exit 0 # Check that we can write to it... so non-root users stop here [ -w /etc/samba/smb.conf.heian ] || exit 0 RETVAL=0 start() { KIND="SMB" echo -n $"Starting $KIND services: " daemon smbd $SMBDOPTIONS RETVAL=$? echo KIND="NMB" echo -n $"Starting $KIND services: " daemon nmbd $NMBDOPTIONS RETVAL2=$? echo [ $RETVAL -eq 0 -a $RETVAL2 -eq 0 ] && touch /var/lock/subsys/smb || \ RETVAL=1 return $RETVAL } stop() { KIND="SMB" echo -n $"Shutting down $KIND services: " kill `cat /var/run/samba/heian/smbd.pid` RETVAL=$? echo KIND="NMB" echo -n $"Shutting down $KIND services: " kill `cat /var/run/samba/heian/nmbd.pid` RETVAL2=$? [ $RETVAL -eq 0 -a $RETVAL2 -eq 0 ] && rm -f /var/lock/subsys/smb.heian echo "" return $RETVAL } restart() { stop start } reload() { echo -n $"Reloading smb.conf file: " kill -HUP `cat /var/run/samba/heian/smbd.pid` RETVAL=$? echo return $RETVAL } rhstatus() { status smbd status nmbd } case "$1" in start) start ;; stop) stop ;; restart) restart ;; reload) reload ;; status) rhstatus ;; condrestart) [ -f /var/lock/subsys/smb.heian ] && restart || : ;; *) echo $"Usage: $0 {start|stop|restart|reload|status|condrestart}" exit 1 esac exit $? EOF
Testing
stop and disable the default samba, start the instances
root@naniwa: # service smb stop Shutting down smb: [ OK ] root@naniwa: # chkconfig smb off root@naniwa: # chkconfig --list smb smb 0:off 1:off 2:off 3:off 4:off 5:off 6:off root@naniwa: # service smb.nara start Starting SMB: [ OK ] Starting NMB: [ OK ] root@naniwa: # service smb.heian start Starting SMB: [ OK ] Starting NMB: [ OK ]
enumerate the shares on each instance
root@naniwa: # smbclient -L nara -k Domain=[kansai] OS=[Unix] Server=[Samba 3.0.9-1.3E.5] Sharename Type Comment --------- ---- ------- todaiji Disk IPC$ IPC IPC Service (Samba 3.0.9-1.3E.5) ADMIN$ IPC IPC Service (Samba 3.0.9-1.3E.5) Domain=[kansai] OS=[Unix] Server=[Samba 3.0.9-1.3E.5] Server Comment --------- ------- nara Samba 3.0.9-1.3E.5 Workgroup Master --------- ------- kansai root@naniwa: # smbclient -L heian -k Domain=[kansai] OS=[Unix] Server=[Samba 3.0.9-1.3E.5] Sharename Type Comment --------- ---- ------- jingu Disk IPC$ IPC IPC Service (Samba 3.0.9-1.3E.5) ADMIN$ IPC IPC Service (Samba 3.0.9-1.3E.5) Domain=[kansai] OS=[Unix] Server=[Samba 3.0.9-1.3E.5] Server Comment --------- ------- heian Samba 3.0.9-1.3E.5 Workgroup Master --------- ------- kansai
Play with instances and test connectivity
root@naniwa: # service smb.nara stop Shutting down SMB services: Shutting down NMB services: root@naniwa: # smbclient -L nara -k Error connecting to 192.168.127.1 (Connection refused) Connection to nara failed root@naniwa: # smbclient -L heian -k Domain=[kansai] OS=[Unix] Server=[Samba 3.0.9-1.3E.5] Sharename Type Comment --------- ---- ------- jingu Disk IPC$ IPC IPC Service (Samba 3.0.9-1.3E.5) ADMIN$ IPC IPC Service (Samba 3.0.9-1.3E.5) Domain=[kansai] OS=[Unix] Server=[Samba 3.0.9-1.3E.5] Server Comment --------- ------- heian Samba 3.0.9-1.3E.5 Workgroup Master --------- ------- kansai root@naniwa: # service smb.nara start Starting SMB services: [ OK ] Starting NMB services: [ OK ] root@naniwa: # service smb.heian stop Shutting down SMB services: Shutting down NMB services: root@naniwa: # smbclient -L nara -U% Domain=[kansai] OS=[Unix] Server=[Samba 3.0.9-1.3E.5] Sharename Type Comment --------- ---- ------- todaiji Disk IPC$ IPC IPC Service (Samba 3.0.9-1.3E.5) ADMIN$ IPC IPC Service (Samba 3.0.9-1.3E.5) Domain=[kansai] OS=[Unix] Server=[Samba 3.0.9-1.3E.5] Server Comment --------- ------- nara Samba 3.0.9-1.3E.5 Workgroup Master --------- ------- kansai root@naniwa: # smbclient -L heian -U% Error connecting to 192.168.127.2 (Connection refused) Connection to heian failed root@naniwa: # service smb.heian start root@naniwa: # smbclient -L heian -k Domain=[kansai] OS=[Unix] Server=[Samba 3.0.9-1.3E.5] Sharename Type Comment --------- ---- ------- todaiji Disk IPC$ IPC IPC Service (Samba 3.0.9-1.3E.5) ADMIN$ IPC IPC Service (Samba 3.0.9-1.3E.5) Domain=[kansai] OS=[Unix] Server=[Samba 3.0.9-1.3E.5] Server Comment --------- ------- heian Samba 3.0.9-1.3E.5 Workgroup Master --------- ------- kansai
Wrapup
As you can see, you now have two totally independent instances of samba running on the same host.
Mpetre 13:40, 14 March 2006 (CST)