Highly Available Storage using Samba-AD and AD DFS
A Virtual Server example hosting a DFS namespace with multiple Samba-AD deployments for high availability
In this example, a Distributed File System (DFS) Namespace leveraging multiple Samba-AD deployments for high availability is provisioned onto CoreWeave Cloud.
This process consists of adding the Distributed File System Namespace role to a previously deployed Domain Controller, as well as deploying multiple Samba-AD instances presenting Shared Filesystem storage volumes. Each Samba-AD instance is added to the DFS Namespace so that shares are highly available.
Prerequisites
This example presumes that a Windows Server with an Active Directory Domain has already been deployed. It is also presumed that the user already has an active CoreWeave account and has configured their user credentials such that resources may be deployed to their namespace.
Create Storage Volumes
Before deploying the Samba-AD instance, there must be storage volumes to present. The Samba-AD instance will use three Shared HDD Filesystems. To create these, the user navigates to the Storage section of the CoreWeave Cloud UI.
.92affaa.445.png)
In this example, three volumes are used for the Samba-AD instance. They are each titled vol01, vol02, and vol03 respectively.
.a81f437.1200.png)
Deploy Samba-AD Instances
With the storage volumes allocated, they may now be presented with Samba-AD.
Samba-AD is installed from the Cloud UI Applications Catalog by searching samba-ad. Click the samba-ad card, then click the Deploy button to configure and launch Samba-AD.
.fa7bff5.1158.png)
Configure Samba-AD
The Samba-AD application requires some details prior to deploying. In this example, the same details provided in the Windows Server with Active Directory Domain example are used to fill out the form, including the instance name. At the bottom of the deployment form, the filesystem volumes created earlier (vol01, vol02, and vol03) are attached at the end of the form, before the application is deployed.
 (2).fc463dd.1055.png)
The post-deployment status page indicates when the deployed Samba-AD Pods are in a Ready state.
.cfbe28e.833.png)
Create a second Samba-AD instance
Repeating the steps above, a second Samba-AD instance is created, this one given the name smbad02.
.9840813.471.png)
Samba-AD includes an podAntiAffinity to prevent multiple instances from being scheduled on the same compute node.
Configure the Distributed File System
With both Samba-AD instances deployed, the DFS Namespace can be configured.
A new PowerShell session on the desired DFS Namespace server - usually, the Primary Domain Controller - is opened with an authenticated administrative Domain Account. The following commands are issued to configure the DFS Namespace.
Install the DFS Namespace role
First, the DFS Namespace role is created.
>Install-WindowsFeature -Name FS-DFS-Namespace,FS-DFS-Replication -IncludeManagementToolsSuccess Restart Needed Exit Code Feature Result------- -------------- --------- --------------True No Success {DFS Namespaces, DFS Replication, DFS Mana...
Setup DFS root folder structure
Next, the DFS root folder structure is created.
>New-Item -ItemType Directory $env:SystemDrive\DFSRoots\Shares -ForceDirectory: C:\DFSRootsMode LastWriteTime Length Name---- ------------- ------ ----d----- 3/31/2022 12:57 AM Shares
Create DFS root SMB share
Then, a DFS root SMB share is provisioned.
>New-SmbShare -Name "Shares" -Path $env:SystemDrive\DFSRoots\SharesName ScopeName Path Description---- --------- ---- -----------Shares * C:\DFSRoots\Shares
Create the DFS Namespace root
In this example, vs-pdc is the Domain Controller we are using for our DFS Namespace host. The directory Shares is the directory created and shared previously.
>New-DfsnRoot -TargetPath "\\vs-pdc\Shares" -Type DomainV2 -Path "\\ad\Shares"Path Type Properties TimeToLiveSec State Description---- ---- ---------- ------------- ----- -----------\\ad\Shares Domain V2 300 Online
Create DFS Targets
For each Samba-AD instance created, a DFS folder target is created. This process is repeated for each share the Samba-AD instance presents. In this example, the process must be replicated for volumes vol02 and vol03.
>New-DfsnFolderTarget -Path "\\ad\shares\vol01" -TargetPath "\\smbad01\vol01"Path TargetPath State ReferralPriorityClass ReferralPriorityRank---- ---------- ----- --------------------- --------------------\\ad\shares\vol01 \\smbad01\vol01 Online sitecost-normal 0>New-DfsnFolderTarget -Path "\\ad\shares\vol01" -TargetPath "\\smbad02\vol01"Path TargetPath State ReferralPriorityClass ReferralPriorityRank---- ---------- ----- --------------------- --------------------\\ad\shares\vol01 \\smbad02\vol01 Online sitecost-normal 0
Verify the results
Navigating to \\ad\Shares, each DFS folder target should now exist, as shown here:
.42db8d3.212.png)
Under Properties, in the DFS tab, smbad02 is shown as the currently active file server.
 (2).4f61e81.353.png)
Copying a file to the DFS Root Folder path demonstrates that the file gets copied to the shares presented by the Samba-AD instances:
.8832421.838.png)
Adding a secondary DFS Namespace Server
To mitigate any points of failure, we will use the secondary domain controller created earlier as an additional DFS Namespace server.
The following steps will be repeated in order to accomplish this:
- Install the DFS Namespace Role
- Setup DFS Root Folder Structure
- Create DFS Root SMB Share
- Create DFS Namespace Root (In this step,
vs-pdcis substituted withvs-dc2)
Once complete, multiple Root Target Paths are visible by using Get-DfsnRootTarget \\ad\shares:
>Get-DfsnRootTarget \\ad\sharesPath TargetPath State ReferralPriorityClass ReferralPriorityRank---- ---------- ----- --------------------- --------------------\\ad\shares \\vs-pdc.ad.tenant-orgname-namespace.svc.tenant.chi.local\Shares Online sitecost-normal 0\\ad\shares \\vs-dc2.ad.tenant-orgname-namespace.svc.tenant.chi.local\Shares Online sitecost-normal 0