Share NTFS USB Hard Drive on VMware vSphere/ESX 4

posted by Damien Ramé in Best Practices on Jun 29, 2010

The other day, I was discussing virtualization in email security (for example, anti spam virtual appliance).  One of the drawbacks of ESX (and ESXi) is the lack of support for external data storage (non Data Store). Of course, you can add a multitude of data stores, local and remote, and it is THE way to go.

But I needed to be able to backup my virtual appliances to an external hard drive using NTFS (so that it can be read on my Windows machines).  My VMware physical server is based off a simple (and cheap) quad core AMD and not a Xeon, so I do not have the USB Passthrough technology to virtualize the USB hub.  But I needed to have a way to access my external NTFS USB hard drive from either the host or any of the guests. And I needed to this locally because we’re talking hundreds of Gigabytes of data I was not willing to go through my Gigabit network.  USB-IP adapters (also called Network USB hubs) are not an option because they are still using the network and generally offer poor performance/dollar.

It is possible. I’m not saying it is the best solution, or the most stable solution.  But I have been running this on my ESX host (with 6 VMs) for 2 months now, without a single glitch, so I thought I’d share this howto (source material in reference below).

STEP 1: INSTALL THE NTFS DRIVER ON ESX 4

First, we will download the RPM for the NTFS-3G driver, and install it:

[root@localhost ~]# mkdir ntfstemp
[root@localhost ~]# cd ntfstemp
[root@localhost ~]# lwp-download http://marush.com/wp-content/uploads/2009/04/ntfs-3g-200944-el5i686.rpm
[root@localhost ~]# rpm -i ntfs-3g-200944-el5i686.rpm

Following that, we will mount the USB hard drive.  Assuming it is already plugged in the USB port and powered on, it should be mapped to a device name.

[root@localhost ~]# fdisk -l

This will give you a list of drives and partitions.  In this example, I will assume the drive is mapped to /dev/sdj with a single partition (/dev/sdj1) as illustrated in the partial fdisk output below:

Disk /dev/sdj: 500.1 GB, 500107862016 bytes
255 heads, 63 sectors/track, 60801 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes

  Device Boot     Start       End     Blocks   Id System
/dev/sdj1           1     60801   488384001   7 HPFS/NTFS

To mount the USB hard drive, you need to create a mountpoint (where the drive contents will be mapped to). Let’s say we want to mount it to /mnt/seagate500gb

[root@localhost ~]# ntfs-3g /dev/sdj1 /mnt/seagate500gb

The driver will return the following warning.  Read it carefully.

WARNING: Deficient Linux kernel detected. Some driver features are
      not available (swap file on NTFS, boot from NTFS by LILO), and
      unmount is not safe unless it’s made sure the ntfs-3g process
      naturally terminates after calling ‘umount’. If you wish this
      message to disappear then you should upgrade to at least kernel
      version 2.6.20, or request help from your distribution to fix
      the kernel problem. The below web page has more information:
      http://ntfs-3g.org/support.html#fuse26

Next, we will verify the drive is mounted properly:

[root@localhost ~]# mount | grep sdj1

/dev/sdj1 on /mnt/seagate500gb type fuse (rw,allow_other)

It’s all good, let’s see the contents of the drive with a ‘ls’ command:

[root@localhost ~]# ls -l /mnt/seagate500gb

drwxrwxrwx 1 root root   0 Apr 18 10:47 $RECYCLE.BIN
drwxrwxrwx 1 root root   0 Mar 27 15:33 RECYCLER
drwxrwxrwx 1 root root   0 Mar 27 22:16 System Volume Information

You can then copy some files to the USB drive for testing.  I was able to get very good speeds out of it (50 MB/s if I recall correctly).

STEP 2: INSTALL THE SAMBA SERVER ON ESX 4

Now that the ESX host can R/W access the external NTFS drive, we need to make that available for the guests (and the rest of the network in this case, but you can restrict access by IP and by using a username/password).

You first need to download a few RPM from the CentOS 5.2 distribution (which is what ESX is based on), specifically:

  • samba-common-3.0.28-1.el5_2.1.x86_64.rpm
  • cups-libs-1.2.4-11.18.el5_2.3.x86_64.rpm
  • samba-3.0.28-1.el5_2.1.x86_64.rpm

Locating these can be a problem as 5.2 has been replaced by newer revisions and many mirrors tend to keep only the latest revision. I suggest Googling the RPM file (it needs to be x86_64 RPM with the proper revision, I haven’t tested any newer version).  Or you can go to CentOS mirror list and search for version 5 in 64-bit here:
http://www.centos.org/modules/tinycontent/index.php?id=30

Once they are downloaded, you need to install/upgrade these.  Ignore any warning or message saying that the package is already installed in the commands below:

[root@localhost ~]# rpm -Uvh samba-common-3.0.28-1.el5_2.1.x86_64.rpm
[root@localhost ~]# rpm -Uvh—nodeps cups-libs-1.2.4-11.18.el5_2.3.x86_64.rpm
[root@localhost ~]# rpm -Uvh samba-3.0.28-1.el5_2.1.x86_64.rpm

Next, you need to tell ESX to open the incoming port 445 on the host so that other computers (virtual or physical) can connect to the Samba server.  Open the firewall in ESX using command-line tool:

esxcfg-firewall -o 445,tcp,in,smb-server

You can also use the vSphere client instead.

STEP 3: SHARE THE EXTERNAL USB HARD DRIVE

Finally, you need to tell Samba to share your mounted USB drive (mounted on /mnt/seagate500gb in this example).  Do a search on “vi” if you are not used to it.  It is an old text editor in Unix and is everything but user friendly.  Alternately, you can edit the file on a remote computer with a GUI and just copy the file back to its location (/etc/samba/smb.conf)

[root@localhost ~]# vi /etc/samba/smb.conf

In the [global] section, you can (optionally) change these:

      workgroup = WORKGROUP_NAME
      server string = ESX 4 Server

At the end of the file, add this section:

# Seagate 500GB
[Seagate 500gb]
      comment = Seagate 500GB Hard Drive
      browseable = yes
      writable = yes
      valid users = root,otherusername
      path = /mnt/seagate500gb


I also added these so that I can have access to the data store files directly:

# VMFS
[vmfs]
      comment = vmfs
      browseable = yes
      writable = yes
      valid users = root,otherusername
      path = /vmfs/volumes

# VM Images
[vmimages]
      comment = vmimages
      browseable = yes
      writable = yes
      valid users = root,otherusername
      path = /vmimages

Now, you need to create a Samba password for root as it needs to be synchronized with the ESX username DB (for security purposes, it would be even better to use “otherusername” for the Samba password sync, and for the share in smb.conf - the “valid users” option), start the Samba service and restart the Firewall.

[root@localhost ~]# smbpasswd -a root
[root@localhost ~]# /etc/init.d/smb start
[root@localhost ~]# /etc/init.d/firewall restart

Test your new external NTFS USB hard drive share on your Windows clients and/or guest VMs and once you have everything working, you can configure Samba to automatically start when the ESX server is booted (to avoid having to manually start the Samba server, which is still a valid option if you want to have it up and running occasionally only):

[root@localhost ~]# chkconfig—level 3 smb on

Assuming you’re using the automatic start up of Samba, it would be also a good idea to automatically mount your NTFS hard drive at startup (see /etc/fstab for more information).

Have fun.  And remember the NTFS-3G warning above.

REFERENCES


Share this article


Share

Comments