There are potentially many different ways to connect a Linux client to a Linux network file server. The following solution is just one way to achieve success. It involves the use of a CIFS mount with credentials of a qualified Linux user, allowing CIC to see the desired mounted network directories. The examples below use an Ubuntu 20.04 as the Linux machine connecting to the Linux network (CentOS 8) and running the CIC Agent.
Procedure Overview
- Create a new Access Point (to get the Linux installation script) in CIC.
- Install and configure your CIC Agent.
-
Add new File System Endpoints in the CIC for both source and destination directories.
- Set up your Dataflows.
Assumptions
- File server shares of desired data directories and privileged users and groups are set up properly with Samba on the Linux file server. You can reference these guidelines to configure Samba on CentOS 8. Please note: these guidelines are for example purposes and should be adjusted for your particular environment.
- Linux server designated to run the CIC Agent is connected successfully to the network.
- The source and destination directory UNC paths are known and reachable.
Values used in this document for sample purposes only
Linux file server name and IP = centos8 and 192.168.1.20.
Linux user group (with read and write permissions to share) = cleoagents.
Linux user = cleo200 with a password of Password@2.
Linux network directory UNC path = \\192.168.1.20\secured\.
Procedure
Create an Access Point in CIC
Create and save an Access Point from the Network > Access page. As part of this process, an installation script is provided which, when installed as an administrator, ensures the CIC Agent has sufficient access to content on this Access Point. The status for this Access Point will be Pending, until the Agent is activated and successfully connected to the CIC Cloud.
Install and configure the CIC Agent
Install the CIC Agent via the Linux script. A new user “cleo” will be created which will have access to and run the agent.
Mount point configuration
- Create a directory to be used for the mount point:
sudo mkdir /mnt/cifs_linux
sudo chown -R cleo:cleo /mnt/cifs_linux - Mount to the network drive specifying permission for newly created “cleo" user. In this example, the mount is the parent directory of the source and destination sub-directories.
sudo mount -t cifs -o
username=cleo200,password=Password@2,uid=$(id -u
cleo),gid=$(id -g
cleo),forceuid,forcegid,defaults,noperm,dir_mode=0777,file_mode=0
777, //192.168.1.20/secured /mnt/cifs_linux
It is recommended to configure the mount to activate at startup (use of fstab file), so in the event the Linux OS is restarted, the CIC Agent will be able to resume reading and writing to the network share.
Note: To unmount the network drive you can use the umount command.
For example: sudo umount /mnt/cifs_windows
Add a new File System Endpoint in the CIC (for source directory)
These steps take place from the Network > Endpoints page in the CIC.
-
- Create a File System Endpoint and select the newly created Access Point (described above).
- Edit the Access Point path by clicking the button, and enter the UNC path.
For example: /mnt/cifs_linux/source/ - After entering the UNC path: click Go, Select, and then Save.
Add a new File System Endpoint in the CIC (for destination directory)
These steps take place from the Network > Endpoints page in the CIC.
-
- Create a File System Endpoint and select the newly created Access Point (described above).
- Edit the Access Point path by clicking the button, and enter the UNC path.
For example: /mnt/cifs_linux/dest/ - Once entered, click Go, Select, and then Save.
Setting up Dataflows
Proceed with setting up dataflows to utilize the newly created endpoints.
Regarding VPNs
CIC itself is unaware of VPN connections, but the CIC Agent can be used with a VPN if the network directories are only reachable by a VPN. The VPN connection must be turned on and operational in order for the CIC Agent to use it. It is recommended to use IP address in place of domain names, if possible, to help alleviate DNS issues related to VPN connectivity.
Comments
0 comments
Please sign in to leave a comment.