What does the Trellis NAS Bridge Appliance Do?

Trellis NBA is an appliance that makes it easier to access files from one location (i.e., a client) even though the files may be stored on different computers, different file servers, and different operating systems. The servers might also be under the control of different systems admnistrators. With Trellis NBA, files can be accessed by applications and interactively as if they were local files.

Below are three use-case scenarios to help explain a situation in which the Trellis NBA can provide a solution.

Use-Case Scenario 1:

I have a Windows machine/client at home. Some of my files are on a server at work. My work does not allow me to mount my folders directly on my home machine (usually for security reasons). But, I can Secure Shell into the server at work. Trellis NBA allows my Windows client at home to mount my folders/files from work so that I can directly use them with my applications. My alternative is to use, say, WinSCP to copy the files from work to home, work with them, and then (remember to) copy them back. With Trellis NBA, I simply mount and use, like a normal file server.

Use-Case Scenario 2:

I have a Linux machine/client at home. Some of my files are on a server at work. My work does not allow me to NFS mount my folders directly on my home machine (for security and performance reasons). But, I can Secure Shell into the server at work. Trellis NBA allows my Linux client at home to mount my folders/files from work so that I can directly use them with my applications. My alternative was to use, say, Secure Copy to copy the files from work to home, work with them, and then (remember to) copy them back. With Trellis NBA, I simply mount and use, like a normal file server.

Use-Case Scenario 3:

I have either a Windows or a Linux machine/client. I need to access some files from Department A on their Windows server. I need to access some files from Department B on their Unix server. Specifically, the Unix server will not allow me to NFS mount the files because of security reasons. With Trellis NBA, I can set it up so that I can mount and access files from *both* servers with one step.

How do I use the Trellis NAS Bridge Appliance?

To begin using the appliance, boot it up. On the console, you will required to provide a root password and password for the web GUI. The default username for the web GUI is 'trellis'. The web GUI password can be changed via the web GUI. For security, the root password can only changed on the console.

Once this basic setup is done, point a web browser to https://<IP address from console>. Simply login into the web GUI and follow the 3 steps that are in the left hand "Getting Started" menu. These simple steps are:

1) Create users and groups for the Trellis NBA appliance itself. These are the accounts that will be mounted by a client of the TNBA.

2) Add SSH Keys. One method of access to remote servers is SSH. We use ssh-agents and load keys into them to provide automatic access to remote systems.

3) Add Remote Servers. In this step, specify the remote systems that you would like a created user to access by providing a fully qualified domain name of the server, a username and a share name or directory name. You also choose whether to use the SMB protocol (via Samba) or SSH to access the remote server. If you choose SMB, you must also provide your Samba password. If you choose SSH, the SSH keys provided in Step 2) will handle authentication.

To begin browsing your remote directories, connect your CIFS/SMB client to the Trellis NBA. The share name on the appliance is called 'share'.

With Unix Clients

To use smbclient: smbclient -U <username on appliance> //<IP address from console>/share

To mount the Samba share: mount -t smbfs //<appliance_IP_address>/share <local_mount_point> -o username=<username_on_appliance> uid=<local_UNIX_uid> gid=<local_UNIX_gid> fmask=700
(e.g. sudo mount -t smbfs //192.168.107.200/share /mnt/smbvmr -o username=user1,uid=bill,gid=bgroup,fmask=700)

With Windows Clients

  1. From Windows Explorer, select Tools, Map Network Drive.
  2. Select "Connect using a different user name".
  3. Enter the username and password for the account you created in the web GUI.
  4. Use Folder: \\<IP address from console>\share
  5. If all goes well, you should see the mount point you created.

Accessing Remote Directories via Trellis NBA
When you list the entries of the directory of the mount point you will see directories that correspond to each of the remote servers you specified above in Step 3). These directories behave like normal local directories, however by traversing and listing them you will see your remote files as if they were on the bridge appliance.

The remote server myhome.mydomain.ca:/ accessed via the SSH protocol as user 'user1' would appear as

scp_user1@myhome.mydomain.ca

By cd'ing into that directory you will see the files in the ROOT(/) directory on myhome.mydomain.ca. If the HOME directory was specified when the remote directory was set up, the directory name would be (note the underscore at the end).

scp_user1@myhome.mydomain.ca_

If the SMB protocol is specified the directory to access that server would be named

smb_user1@myhome.mydomain.ca_<remote share name>

The directory names are listed with the servers on the web GUI.

Need more help?
For additonal documentation, check out the full documentation on the Trellis NBA website: http://www.cs.ualberta.ca/~paullu/TrellisNBA/
Changes in version 1.0.6
  • Remote server passwords are stored in encrypted form.
  • Support for clients that open files multiple times simultaneously.
  • Multiple bugfixes.
What are the known issues with the TrellisNBA?
  • The TrellisNBA supports all the standard POSIX file system operations except chmod(), chown(), link(), symlink() and readlink().
  • Renaming (moving) directories is not supported.
  • Renaming (moving) open files is not supported.
  • There is a known issue with the Linux smbfs module. Sometimes smbfs will miss sending a close RPC to the TNBA, if this happens the TNBA will no longer see external updates to a file and the file cannot be renamed (since the TNBA will always think it is open). The cifs module (version 1.37 or higher) is recommended for Linux users.
  • We have identified some correctness issues with the Linux cifs client for versions below 1.37. We recommend users use Linux-CIFS version 1.37 or higher.
  • Linux-CIFS and Linux-SMBFS have an internal timeout for slow server operations. If a remote operation takes longer then 30 seconds (for example, copying a large file) the client will timeout and the operation will fail. Windows clients also have an internal timeout, but it is greater then 30 seconds.