Changes to HyperStore Configuration
All students should now be aware that the configuration method has been changed as we moved from CentOS to Rocky Linux and deployed HyperStore Version 8.x. Historically Cloudian utilised Puppet for configuration changes. Puppet is an efficient system management tool for centralizing and automating the configuration management process, however it brings in complexities that can allow for user error during a configuration process as there is no input validation when editing one of the numerous config files. For this reason you no longer need to manually edit configuration files. Cloudian has expanded the hsctl tool which leverages Salt configuration management technology to automatically control configuration throughout your HyperStore cluster.
Welcome SALT
SALT is an open source solution and was developed in order to bring the best solutions found in the world of remote execution together and make them better, faster, and more malleable. Salt accomplishes this through its ability to handle large loads of information, and not just dozens but hundreds and even thousands of individual servers quickly through a simple and manageable interface. Salt is the new configuration management system utilized by Cloudian. Salt is capable of maintaining remote nodes in defined states. For example, it can ensure that specific configuration settings are implemented and that specific services are running.
Salt is also a distributed remote execution system used to execute commands and query data on remote nodes. Salt can query and execute commands either on individual nodes or by using an arbitrary selection criteria.
General Advantages of Salt over Puppet
As environments grow, Puppet has performance and scaling issues. Salt offers much better choice to configure Cloudian's HyperStore Cluster, it is event driven and has significant scalability. It is quite common to find Salt solutions with over 10,000 minions to a single Salt master in production environments.
Salt has the ability to apply configuration to a specified section, for example, "s3" or "logging" This is all contained in the same configuration database.
Most notably for experienced users of Cloudian HyperStore is that the configuration is applied in seconds, not minutes as with Puppet.
Common Configuration Commands
| Configuration Setting | Old Config File Entry | New HSCTL Command |
|---|---|---|
| Enable FIPS | fips_enabled | common.fips.enabled |
| GDPR | phonehome_gdpr | common.phoneHome.concealPrivateData.enabled |
| GDPR | phonehome_gdpr_bucket | common.phoneHome.concealPrivateData.bucketObjectNames |
| Password Length | user_password_min_length | common.user.password.minLength |
| Enable IAM | iam_service_enabled | iam.enabled |
| AES 256 Encryption | cloudian_s3_aes256encryption_enabled | s3.sse.aes256 |
| CMC group dropdown | cmc_login_grouplist_enabled | cmc.login.groupList.enabled |
| CMC View user data | cmc_view_user_data | cmc.ui.admin.manageUsers.view.objectDataGrantees |
| CMC Purge Bucket | cmc_purgebucket_enabled | cmc.purgeBucket.enabled |
| Enable Cross System Replication | cmc_crr_external_enabled | cmc.externalCRR.enabled |
| Number of Storage Policies | cloudian.protection.policy.max=25 | hyperstore.storagePolicy.max |
| Metadata protection policy | cloudian.protection.policy.enable.2mplus1 | hyperstore.storagePolicy.EC.metadataRF |