This guide is intended for the IT administrator or person responsible for installing the File IQ Appliance on the Google Cloud platform.
General Information
This section provides general information about the File IQ Appliance, as well as its technical specifications.
File IQ
The File IQ feature is designed to provide insights and analytics on your file data usage patterns. File IQ enables you to quickly take advantage of several important capabilities, including:
File Usage Analytics: Track usage and collaboration patterns across users, departments, file types, volumes, and more. Gain visibility to optimize storage, plan capacity, and facilitate capacity-based chargeback.
Health Monitoring: Monitor system component metrics to proactively identify resource contention and capacity limits so administrators can take preventative measures.
Forensic Capabilities: Perform historical analysis of file, user, or application activity when troubleshooting issues or investigating information security events.
Automated Reporting: Leverage prebuilt reports and dashboards that deliver actionable intelligence to technical and business users and support chargeback reporting.
Key Terms
The following terms are helpful for understanding the File IQ Appliance:
Cache: The local storage of the File IQ Appliance. All volume metadata accessed regularly is kept locally in the File IQ Appliance cache. If the requested metadata is not locally resident, it is staged into the cache and provided for the request.
Cloud storage: Internet-based, highly protected, unlimited storage.
Event Hubs: A cloud-native data streaming service used to forward events between components of the File IQ Solution.
GCE Disk: Google Compute Engine Disk. Storage provided by Google for the File IQ Appliance. Nasuni recommends using SSD Persistent disks for both the File IQ Appliance cache and COW disks. For more information on GCE Disk https://gcloud-compute.com/disks.html.
Grafana: Grafana is a multi-platform open-source analytics and interactive visualization web application. It provides charts, graphs, and alerts for the web when connected to supported data sources.
Nasuni Edge Appliance (NEA): The virtual or physical Nasuni appliance in your data center that integrates with your infrastructure via CIFS (SMB), NFS, FTP/SFTP, or HTTPS/REST protocols. The Nasuni Edge Appliance can be mapped as a network drive.
Nasuni Edge Appliance user interface: The Web-based graphical user interface with which you configure and manage the Nasuni Edge Appliance. The Nasuni Edge Appliance user interface is accessible with supported Web browsers, including Mozilla Firefox, Microsoft Edge, Apple Safari, and Google Chrome.
File IQ: The File IQ Appliance contains the database, Grafana server, event processing, and volume scanning capabilities that the File IQ Solution uses to give insight into Nasuni Edge Appliance and volume usage across your Nasuni deployments.
Nasuni Management Console (NMC): The Web-accessible appliance with which you can configure and manage multiple Nasuni Edge Appliances. The Nasuni Management Console is accessible with supported Web browsers, including Mozilla Firefox, Microsoft Edge, Apple Safari, and Google Chrome.
Nasuni Orchestration Center (NOC): Nasuni’s zero-maintenance control path built on elastic, multi-region cloud services that enables file data to be shared across locations at any scale and without version conflict. The NOC, also called the Nasuni Account Dashboard, gives you access to File IQ Serial Numbers, which are used to install File IQ.
File IQ Dashboard: A custom dashboard deployed within the File IQ Appliance-hosted Grafana to display information gathered by the File System Metadata Service (FSMS) and the File System Event Processor (FSEP).
File IQ Service: The File IQ Service collects audit events on the NEA and forwards them to the File IQ Appliance via the Azure EventHub.
Note: The audit events collected by the File IQ Service are independent of the standard auditing feature enabled on the NEAs.
Share/export: An access point to a folder on a volume that can be shared or exported on your network. Access to a CIFS (SMB) share can be customized on a user-level or group-level basis. You can create many shares or exports on a volume for different purposes or audiences.
Volume: A set of files and directories (CIFS (SMB), NFS, and FTP/SFTP).
File IQ Solution Specifications
This section contains specifications for configuring the File IQ Appliance.
Supported Web Browsers
The File IQ Appliance supports the following Web browsers:
Virtual Machine Requirements
For virtual machine requirements on an already deployed File IQ appliance running version 10.0 and below, proceed directly to Verifying Size Requirements.
The File IQ Appliance must meet minimum specifications starting from the 10.1 release. Each installation of the File IQ Appliance should adhere to these specifications and follow the actions required for specific sizing, as outlined in the following scenarios:
New Installation of File IQ without any Prior Installations of File IQ
If this is a new installation of File IQ without any prior installations of File IQ, follow one of these sets of steps:
If the File IQ installation is licensed for the Basic version of File IQ.
Install the File IQ Appliance using the minimum specification.
Connect the Volumes until all Volumes are processed at least once.
Connect NEAs to the File IQ using the Nasuni Portal or your Nasuni Account.
Otherwise, if the File IQ installation is licensed for the Premium version of File IQ.
Install the File IQ Appliance using the minimum specification.
Connect the Volumes until all Volumes are processed at least once.
Run the sizing tool at https://FILE-IQ-FQDN:8443/niq/retention_configuration to validate the correct size.
If necessary, make any recommended sizing adjustments to the Virtual Machine.
Connect NEAs to the File IQ using the Nasuni Portal.
Wait for 7 calendar days of NEA activity to occur within the organization.
Run the sizing tool at https://FILE-IQ-FQDN:8443/niq/retention_configuration to validate the correct size.
If necessary, make any recommended sizing adjustments to the Virtual Machine.
New Installation of File IQ with a Prior Installation of File IQ
If this is a new installation of File IQ and you have a previous installation of File IQ, follow one of these sets of steps:
If the File IQ installation is licensed for the Basic version of File IQ.
Use the manual Sizing Tool to determine the right virtual machine requirements for your organization by taking into account Volume and Event estimates from the existing Grafana dashboard content.
Use the File IQ Events dashboard > Edge Appliance Activity panel and Volumes Summary dashboard > Volume Summary panel to derive the inputs for the Sizing Tool.
Install the File IQ Appliance using the Virtual Machine specification derived from the Sizing Tool.
Connect the Volumes until all Volumes are processed at least once.
Connect NEAs to the File IQ using the Nasuni Portal.
Otherwise, if the File IQ installation is licensed for the Premium version of File IQ.
Use the manual Sizing Tool to determine the right virtual machine requirements for your organization by taking into account Volume and Event estimates from the existing Grafana dashboard content.
Use the File IQ Events dashboard > Edge Appliance Activity panel and Volumes Summary dashboard > Volume Summary panel to derive the inputs for the Sizing Tool.
Install the File IQ Appliance using the specification from the Sizing Tool.
Connect the Volumes until all Volumes are processed at least once.
Run the sizing tool at https://FILE-IQ-FQDN:8443/niq/retention_configuration to validate the correct size.
If necessary, make any recommended sizing adjustments to the Virtual Machine.
Connect NEAs to the File IQ using the Nasuni Portal.
Run the sizing tool at https://FILE-IQ-FQDN:8443/niq/retention_configuration to validate the correct size.
If necessary, make any recommended sizing adjustments to the Virtual Machine.
Upgrade to an Existing Installation of File IQ
If this is an upgrade to an existing installation of File IQ, follow these steps:
If the File IQ installation is licensed for the Basic version of File IQ
Run the File IQ Status tool at https://FILE-IQ-FQDN:8443/niq/status to validate the health of your File IQ installation. For more information, see File IQ Health Status.
If necessary, make any of the tool’s recommended changes to the Virtual Machine and/or Nasuni systems.
Upgrade the File IQ Appliance.
Run the File IQ Status tool at https://FILE-IQ-FQDN:8443/niq/status to validate the health of your File IQ installation. For more information, see File IQ Health Status.
If necessary, make any of the tool’s recommended changes to the Virtual Machine and/or Nasuni systems.
Otherwise, if the File IQ installation is licensed for the Premium version of File IQ.
Run the File IQ Status tool at https://FILE-IQ-FQDN:8443/niq/status to validate the health of your File IQ installation. For more information, see File IQ Health Status.
If necessary, make any of the tool’s recommended changes to the Virtual Machine and/or Nasuni systems.
Upgrade the File IQ Appliance.
Run the sizing tool at https://FILE-IQ-FQDN:8443/niq/retention_configuration to validate the correct size.
If necessary, make any recommended sizing adjustments to the Virtual Machine.
Verifying Size Requirements
The NMC has a health check for File IQ that indicates whether sizing needs to be adjusted as a result of any of the previous steps, regardless of whether the license is Basic or Premium.
To determine the right virtual machine requirements for the Basic license, follow these steps:
Open the manual Sizing Tool.
Navigate to the File IQ Events dashboard.
Use the information from the Edge Appliance Activity panel to fill in the Sizing Tool fields.
Navigate to the Volumes Summary dashboard and use the Volume Summary panel to fill in the Sizing Tool fields.
The Sizing Tool displays your minimum sizing requirements.
Note: If needed, contact your Nasuni Account Manager for assistance using the Sizing Tool.
To determine the right virtual machine requirements for the Premium license, use the sizing tool at https://FILE-IQ-FQDN:8443/niq/retention_configuration to determine the appropriate virtual machine requirements for your organization.
Minimum Specifications
The minimum specifications for the File IQ Appliance are as follows:
Item | Size | Notes |
|---|---|---|
vCPUs | 16 | - |
Memory | 32 GiB | - |
Nasuni Cache Disk | 569 GB | MB/s 150 ; IOPS 2,300 |
Nasuni COW Disk | 64 GB | MB/s 150 ; IOPS 2,300 |
File IQ DB Disk | 1.1 TB | MB/s 150 ; IOPS 5,000 |
VM Size | N2D Custom | - |
On GCP an N2D Series 'Custom' machine type should be selected (see sizing tool guide and install guide for more details)
On GCP, for data disks, use 'SSD persistent disk' type (see sizing tool guide and install guide for more details)
Installing on the Google Cloud Platform
This chapter explains how to install the File IQ Solution on the Google Cloud Platform.
Tip: This document is about deploying virtual machines. It does not cover configuring a storage account for use with Nasuni volumes.
Warning: DO NOT attempt to restore from a virtual machine snapshot or backup. Attempting to restore from a virtual machine snapshot or backup puts the IQ Appliance in an unknown state in relation to the Nasuni Orchestration Center (NOC) and requires a recovery process. This might result in data loss.
Tip: You should leverage your cloud provider's role-based access and identity access management features as part of your security strategy. Based on your policies, such features can limit or prohibit administrative access to the cloud account.
Important: File IQ Appliances must be configured with operational DNS servers and a time server (internal or external) within your environment. The File IQ Appliance is configured with a default time server time.nasuni.com. If you need to use a different time server, the procedure to change the default time server is documented in the Nasuni Edge Appliance Time Configuration section of the Nasuni Edge Administration guide.
Note: The vendor changes their interfaces occasionally with little notice to the users. The exact screens and text on these platforms might change at any time.
Tip: Check out the File IQ Installation and Configuration videos for a general reference on the File IQ installation process. Your specific hypervisor installation will include unique steps not included in this video reference series.
Day 1 File IQ Installation Checklist
To complete a day 1 File IQ installation, follow this checklist:
Step | Action |
1 | Complete 1. Before you Begin section in this document. Your account manager can assist you with this item. |
2 | Complete 2. Installing File IQ using the GCP Virtual Hard Disk section in this document. |
3 | Complete 3. Running the File IQ Appliance First Boot Wizard section in this document. |
4 | Complete the 4a. Set the Escrow Passphrase for the File IQ Appliance section in this document. For File IQ Appliances on 10.0 and below, always complete the 4b. Add the File IQDB to the File IQ Appliance section in this document. |
5 | Complete 5. Connect the Nasuni Volumes to the File IQ Appliance section in this document. |
6 | Complete 6. Disabling Quality of Service for the File IQ Appliance section in this document. |
7 | Complete 7. Enabling the File IQ and Configure File IQ Service section in this document. |
8 | Complete 8. Accessing the File IQ Dashboards section in this document. |
9 | For more information, see the following sections: |
1. Before you Begin
The following items should be readily available to help you navigate the File IQ installation and setup process. It is recommended that you complete these requirements before starting or have a way to fulfill them during the installation process.
Note: File IQ does not support a proxy server.
Item | Description |
Contact Nasuni | Contact your Account Manager to enable the File IQ license and configure your account for the File IQ Appliance. |
Virtual Machine Requirements | Process the Virtual Machine Requirements section above to ensure you have the necessary sizing information before proceeding to installation or upgrade. The main information used for the Virtual Machine requirements will be:
Important: File IQ does not support disk striping on the Cache or File IQ DB disks. |
GCP Login | Authentication and Authorization to your organization’s GCP Account is needed to create the File IQ Virtual Machine. |
GCP Region | The GCP region that you wish to install the File IQ Appliance into. |
GCP Network Details for the File IQ virtual machine (VM) | When installing the File IQ Virtual Machine in GCP, the following items are required for the virtual machine network Interface:
Each organization has its own requirements for how the networking of the virtual machine is fulfilled. Nasuni recommends defining this before you start the installation process. |
NMC Login | Authentication and authorization to your organization’s Nasuni Management Console to configure the File IQ for your environment. |
Nasuni Portal or NOC Login | Authentication and authorization to your organization’s Nasuni Portal or Nasuni Orchestration Center account to retrieve your File IQ Serial Number and Authorization Code, and to configure the File IQ. |
Volumes List | Use at least one volume when setting up File IQ. Note: Some customers may not use this feature and will not require this item for setup. |
NEAs List | You need at least one Nasuni Edge Appliance to configure sending activity to the File IQ virtual machine. Ideally, pick an NEA from which you can mount volumes to generate traffic and see it in the File IQ dashboards. The NEA must be running version 9.14.3 or later. Note: Some customers may not use this feature and will not require this item for setup. |
File IQ Serial Number and Authorization Code | From the Nasuni Portal To locate the File IQ Appliance Serial Number from the Nasuni Portal, navigate to Setup > Serial Numbers > File IQ. It is paired with an associated Authorization Code (Auth Code). Configuration of the File IQ Appliance and NEAs for File IQ can be found by navigating to Appliance Services > File IQ Configuration. From Account.nasuni.com The File IQ Appliance Serial Number is located in your Nasuni Account. It is paired with an Authorization Code (Auth Code), which is located in a table at the bottom of the page. Note: Configuration of the File IQ Appliance and NEAs for File IQ can also be found in this location of your Nasuni Account. If the File IQ Config menu or File IQ Serial Numbers are unavailable, contact your Nasuni Account Manager to confirm that the File IQ License is correctly configured for your account. Note: To enable a single sign-on user to access the File IQ Config menu, follow these steps: 1. Log in to account.nasuni.com. |
File IQ Username and Password | The first boot setup of the File IQ Appliance requires a new username and password. These values are specific to the File IQ Appliance only. |
File IQ Hostname | When you go through the first boot wizard for the File IQ Appliance, you must provide a hostname for the machine. Note: Host names longer than 15 characters cannot be added to Active Directory services. |
File IQ Network Details | You must provide the machine's network details when you go through the first boot wizard for the File IQ Appliance. |
Grafana Password | The default password for the Grafana viewer account must be changed during the first usage. Nasuni recommends having a new password ready that aligns with your corporate processes and procedures. |
Active Directory Credentials | The File IQ Appliance must connect to the same Active Directory domains as the NEAs and volumes configured in the File IQ Appliance. The following information might be necessary:
|
NEA Firewall Requirements | The Nasuni Edge Appliance requires access to the Azure Event Hub when you enable File IQ. All network ports and access requirements for the File IQ Service on the NEA are documented in the Firewall and Port Requirements in the Nasuni Edge Appliance section. Before enabling the File IQ on the NEA, complete the NEA Firewall Requirements for File IQ Service. Important: File IQ Service does not support a proxy server. |
File IQ Firewall Requirements | When you enable File IQ, the Nasuni Edge Appliance requires access to the Azure Event Hub. The File IQ Appliance section of the Firewall and Port Requirements documents all network ports and access requirements for the File IQ Service on the NEA. Before you activate File IQ on the File IQ Appliance, complete the File IQ Firewall Requirements for File IQ. Important: File IQ does not support a proxy server. |
2. Installing File IQ using the GCP Virtual Hard Disk
Important: Nasuni does not have access to your GCP account; you must create and maintain your own GCP account. To create an account, go to the Google Cloud Platform site.
Tip: In the Nasuni model, customers provide their own cloud accounts for storing their data. As part of their overall security strategy, customers should leverage their cloud provider's role-based access and identity access management features. Such features can be used to limit or prohibit administrative access to the cloud account based on customer policies.
Important: To access Active Directory-enabled volumes, the File IQ Appliance must be connected to an Active Directory server in the same Active Directory Forest. This requires part of your Active Directory infrastructure to also be running on the GCP Platform.
The File IQ Appliance can be deployed from a Google Compute Engine (GCE) disk file downloaded from the Nasuni account website.
There are several steps involved in installing the File IQ Appliance from the GCE disk file:
Download the GCE disk file from http://account.nasuni.com
Upload the GCE disk to Google Cloud Storage.
Create an image from the GCE disk file.
Installing the File IQ Appliance using an image.
Download the GCE Disk File
Go to http://account.nasuni.com.
Click Downloads.
In the File IQ area, click on Download Google Format.
Click the latest version. The download starts.
Once the GCE Disk is downloaded, go to the next section and upload it to Google Cloud Storage.
Upload the GCE Disk to Google Cloud Storage
Important: Do not uncompress the GCE Disk before the upload.
Log in to the Google Cloud console at https://console.cloud.google.com/. The Google Cloud Dashboard appears.
Click on Cloud Storage. The Cloud Storage view appears.
Select Buckets. The Buckets pane appears.
Click the name of the Bucket you wish to use for uploading the GCE Disk file. The Bucket details pane appears.
Click UPLOAD FILES, and the Operating System browser window opens.
Select the GCE Disk on your hard drive and click Open. The upload starts.
Once the GCE disk file is uploaded, go to the next section, and create an image.
Creating an Image from the GCE Disk File
To install the disk file on GCP as a Virtual Machine, Nasuni recommends creating an image from the disk file so that the image acts as a template and can be deployed multiple times.
To create an image of the installation software, follow this procedure:
Log in to the Google Cloud console at https://console.cloud.google.com/. The Google Cloud Dashboard appears.
From the GCP Dashboard Navigation menu, click Compute Engine, then Images. The image appears.
Click CREATE IMAGE. The Create an image pane appears.
Enter a Name for the image. The name must start with a lowercase letter, followed by up to 62 lowercase letters, numbers, or hyphens, and cannot end with a hyphen.
Set Source to Cloud Storage file.
Click BROWSE, and the Select an object pane appears with a list of Buckets.
Click the Bucket that contains the GCE Disk file. The list of files for that Bucket appears.
Select the image for the File IQ appliance (.tar.gz file).
Click SELECT. The Select an object pane closes.
Click CREATE. The Create an image pane closes, and the Images list appears, with the new image's status showing Pending.
Wait for the status indicator to become a green tick box.
The image is now created. Go to the next section to install File IQ using the image.
Installing the File IQ Virtual Machine using an image
After creating the image from the disk file, use the created image to deploy the File IQ Virtual Machine.
To create the Virtual Machine, follow this procedure:
Log in to the Google Cloud console at https://console.cloud.google.com/. The Google Cloud Dashboard appears.
Click the Search field and select Compute Engine. The VM Instances pane appears.
Click CREATE INSTANCE. The Create an Instance pane appears.
Enter an Instance Name for the File IQ Virtual Machine.
From the Zone drop-down list, select a zone for this deployment. Zones determine where data is stored and used. Also, different zones offer different resources and features. Choose a zone that is close to your point of service. For more information, see Regions and zones.
Click the General purpose tab and select the Series of the machine type as N2D.
Scroll down to the Machine type drop-down, and select Custom.
Using the Sizing Tool output entry for minimum vCPU in section 1. Before you Begin, set the number of Cores for the Instance.
Using the Sizing Tool output for minimum Memory in section 1. Before you Begin, set the Memory size for the Instance.
Click the OS and storage tab on the left-side navigation.
Click CHANGE. The Boot disk pane appears.
Click the CUSTOM IMAGES tab. The Custom Image pane appears.
From the Image dropdown list, select the File IQ image you previously created.
Click the Boot disk type drop-down, and select SSD persistent disk. Use the default disk size.
Click SELECT. The Boot disk pane closes. The name of the selected image is displayed in the Boot disk section.
Click the Networking tab on the left-side navigation.
From the Firewall area, enable Allow HTTPS traffic.
In the Network Interfaces section, expand the default interface. The Edit network interface pane appears.
Enter the corresponding fields from the GCP Network Details for the File IQ VM entry in the 1. Before you Begin section above: Network and Subnetwork.
(Optional) To disable the External IPv4 address based on your company security’s guidelines, navigate to Network Interfaces section and select None in the External IPv4 address drop down.
Click the OS and storage tab on the left-side navigation.
Click ADD NEW DISK. The Add new disk pane appears.
Enter a Name for the cache disk. Nasuni recommends as a best practice to prefix the disk name with the VM Instance name and use the -cache suffix: <instance_name>-cache.
From the Disk type drop-down, select SSD persistent disk.
Enter a Size for the cache disk that matches the outputs of the Nasuni Cache from the Virtual Machine Requirements section in the 1. Before you Begin section above.
Scroll down to Encryption. The default Encryption is Google-managed encryption key.
Scroll down to Attachment settings, and select Delete disk for the Deletion rule setting. This optional step ensures the File IQ disk is automatically deleted when the VM is deleted.
Click SAVE. The cache disk is defined and appears in the Additional disks section.
Click ADD NEW DISK. The Add new disk pane appears.
Enter a Name for the COW disk. Nasuni recommends as a best practice to prefix the disk name with the VM Instance name and use the -cow suffix: <instance_name>-cow.
From the Disk Type drop-down, select SSD persistent disk.
Enter a Size for the CoW disk that matches the outputs of the Nasuni CoW from the Virtual Machine Requirements section in the 1. Before you Begin section above.
Scroll down to Encryption. The default Encryption is Google-managed encryption key.
Scroll down to Attachment settings, and select Delete disk for the Deletion rule setting. This optional step ensures the File IQ disk is automatically deleted when the VM is deleted.
Click SAVE. The cow disk is created and appears in the list of disks. Two disks are now defined for the File IQ Virtual Machine.
Add the File IQ DB disk
Important: This step is only applicable to File IQ Appliances from the 10.1 release forwardClick ADD NEW DISK. The Add new disk pane appears.
Enter a Name for the File IQ DB disk. Nasuni recommends as a best practice to prefix the disk name with the VM Instance name and use the -fiqdb suffix: <instance_name>-fiqdb.
From the Disk Type drop-down, select SSD persistent disk.
Enter a Size for the File IQ DB disk that matches the outputs of the File IQ DB Disk from the Virtual Machine Requirements section in the 1. Before you Begin section above.
Scroll down to Encryption. The default Encryption is Google-managed encryption key.
Scroll down to Attachment settings, and select Delete disk for the Deletion rule setting. This optional step ensures the File IQ disk is automatically deleted when the VM is deleted.
Click SAVE. The file IQ DB disk is created and appears in the list of disks. Three disks are now defined for the File IQ Virtual Machine.
Click CREATE to create the new Virtual Machine. The File IQ Virtual Machine is created and automatically started.
Via the navigation menu, select VPC network then Firewall to define one additional firewall rule used to access the File IQ Dashboard via https on port 3000. The creation of the rule is done via the following procedure:
Click CREATE FIREWALL RULE. The firewall rule editor appears.
Enter the name of the rule. For example, “fiq-fw-dashboard”.
Enter a description. For example, “File IQ TCP Ingress for port 3000”.
Select the Network used by the File IQ Appliance.
For Direction of traffic, select Ingress.
For Action on match, select Allow.
For Targets, select All instances in the network.
For Source filter, select IPv4 ranges.
For Source IPv4 ranges, enter “0.0.0.0/0”. This is a default value and is not restrictive. You may restrict the IP range based on your network security settings.
For Protocol and ports, select Specified protocols and ports.
Select TCP and in the Port field, enter “3000”.
Click CREATE to create the ingress firewall rule
3. Running the File IQ Appliance First Boot Wizard
To access the newly installed File IQ Appliance, follow this procedure:
Open the GCP Dashboard. From the navigation menu, click Compute Engine, then VM instances. The VM instances pane appears.
From the Virtual machines list, find the internal IP and external IP columns for the File IQ Appliance virtual machine created above in the previous step.
If an external IP address was configured, copy the external IP address. If an external IP address was not configured, get an internal IP address. If an external IP address is not configured, you must use the internal IP address assigned to the VM.
Navigate to the First Boot Wizard for the File IQ Appliance by opening a new browser window.
To access the File IQ Appliance, enter the address in this form: https://<IP address>, where <IP address> is the IP address from step 3 immediately above this step.
The File IQ Appliance user interface appears.
.png)
Enter the Hostname you defined in the File IQ Hostname. This was defined in the 1. Before you Begin section above.
Complete the remainder of the System Settings defined in the File IQ Network Details as part of the 1. Before you Begin section above.
Click Continue. The Review the Network Settings pane appears.
If all fields are correct, click Continue. The next pane confirms if the File IQ Appliance is Configuring Network Settings. If the File IQ Appliance does not automatically reconnect, try refreshing the page and checking if the File IQ Appliance’s IP address has changed. If so, update the browser address bar.
The Nasuni Filer Software Update pane appears. Click Continue.
Enter the File IQ Serial Number and Authorization Code obtained under the File IQ Serial Number and Authorization Code as part of the 1. Before you Begin section above.
Click Continue. The Add a New Nasuni Filer to your account pane appears.
Note: If you get an Invalid serial number or access code provided during this step, it is because you have used a NEA Serial Number instead of an File IQ Serial Number. Nasuni recommends double-checking your Serial Number and trying again. See the 1. Before you Begin section for the correct location to the File IQ Serial Number and Authorization Code values.
Enter Install New Filer into the Confirmation textbox.
Click Continue. The Accept the Terms of Service and License Agreement pane appears.
Accept the Terms of Service and click Continue. The Enter or accept Filer Name pane appears.
Click Continue. The Nasuni Management Console Detected pane appears.
Enable the Join NMC Management checkbox and click Continue. Enter a username and password for Administration of this Filer pane appears.
Enter your NMC local account Username, Password, and Confirm Password. These were obtained in the File IQ Username and Password section of the 1. Before you Begin section above.
Click Continue, the First Boot Wizard is complete, and the File IQ Appliance Management window appears.
3.a. Joining the File IQ appliance to Active Directory
If the volumes you want to scan are protected by Active Directory, you must join your File IQ Appliance to the Active Directory domains to secure these volumes.
Note: The configuration of Active Directory can vary based on several factors, and your specific configuration may require additional settings that are not mentioned in this section. If you encounter any issues while connecting to Active Directory, reach out to your Nasuni Account Manager for assistance.
Follow this procedure to join Active Directory:
Open a Web Browser and access the File IQ Appliance. Enter the address in this form: https://<IP address>:8443, where <IP address> is the IP address from step 3 in the previous section. The File IQ Appliance user interface appears.
Ensure that the hostname of your File IQ Appliance is shorter than 16 characters:
From the Configuration menu, select Network Configuration under the Networking section.
Verify that the hostname in Hostname or FQDN is 15 characters or less.
If required, shorten the hostname and click Save Network Configuration.
Enter your Nasuni admin account details, confirm, and wait for the File IQ Appliance to apply the new settings.
Enter the IP address for your primary DNS server in the Primary DNS server text box. You must enter a valid hostname or IP address.
From the Configuration menu, select Network Configuration under the Networking section.
In Settings Source, under System Settings, select DHCP with Custom DNS.
Leave the Search Domain empty.
Set the Primary DNS server to your Active Directory PDC’s IP address.
Click Save Network Configuration. You must enter your Nasuni admin account details, confirm, and wait for the appliance to apply the new settings.
Join the File IQ Appliance to Active Directory by following these steps:
From the Configuration menu, select Directory Services under the CIFS & Directory Services section.
Enter the fully qualified Active Directory domain name in the Domain entry field.
Unless instructed by your Nasuni Account Manager, do not change any other fields.
Click Continue. The Confirm/Authenticate Directory Service dialog box appears.
In the Confirm/Authenticate Directory Service dialog box, enter your Active Directory administrator username and password and click Submit.
Wait until the joining process is complete and the Volume Selection page is displayed.
Select all volumes you wish to access from the File IQ appliance and click Continue.
Wait until the volume configuration is complete and the Domain Configuration page is displayed.
Enable all the trusted domains you wish to monitor users from and click Continue.
Wait until the trusted domain configuration is complete and the “Complete the Configuration” page is displayed.
Click Finish to finish the Active Directory configuration.
The display then returns to the Directory Services page, displaying Active Directory domain information.
You have successfully joined Active Directory.
4a. Set the Escrow Passphrase for the File IQ Appliance (10.0+)
Important: In order to use DR capabilities a backup of the File IQ Appliance configuration needs to happen. Setting the escrow passphrase enables the backup.
Note: In order to use the Nasuni File IQ Database backup feature DR needs to be configured for the File IQ Appliance.
To set the escrow key for the File IQ Appliance, follow this procedure:
Log in to the Nasuni Management Console associated with the File IQ Appliance.
Click Filers.
Click Escrow Passphrase. The Filer Escrow Passphrase pane appears.
Select the File IQ Appliance entry in the table and click Edit 1 Filer. The Set Escrow Passphrase dialog box appears.
Enter the same passphrase for both Escrow Passphrase and Confirm Passphrase.
Click Set Passphrase. The dialog box closes and returns to the Filer Escrow Passphrase pane.
If you do not use the Nasuni Escrow Service, instead of setting an escrow passphrase, you can upload your own encryption keyfile and set it as a recovery backup key:
Log in to the File IQ appliance web UI.
From the Configuration menu, select Encryption Keys.
Click Upload Encryption Keys.
Choose your externally generated OpenPGP keyfile.
Enter the Key Passphrase, if the keyfile has been secured with a passphrase.
Click Import Key.
Make sure the key has been imported, and click "Set backup key" to set it as a recovery backup key.
4b. Add the File IQDB Disk to the File IQ Appliance
Important: These steps are only applicable to File IQ Appliances prior to the 10.1 release.
Before enabling the File IQ Appliance, add another disk for the File IQ Database, by following this procedure:
Log in to the Nasuni Management Console associated with the File IQ Appliance.
Click Filers.
Click Shutdown & Reboot.
The Shutdown and Reboot pane appears.
For the File IQ Appliance, click the associated Shutdown/Reboot action.
The Initiate Shutdown/Reboot of File IQ Appliance pane appears.
Enter ‘Change Filer Power State’ into the Confirmation Phrase textbox.
Select Shut down immediately. Click Shutdown.
The Shutdown and Reboot pane appears. Wait until the Status column for the File IQ Appliance changes to a checkmark before proceeding; at that point, the File IQ Appliance is shut down.
Log in to the Google Cloud console at https://console.coud.google.com/. The Google Cloud Dashboard appears.
From the GCP Dashboard Navigation menu, click Compute Engine, then VM Instances.
Click the File IQ Appliance virtual machine in the list. The virtual machine pane opens.
Click Stop to stop the virtual machine.
Click Edit. The edit virtual machine pane opens
Scroll down to the Additional disks sections and click Add new disk. The Add new disk pane appears.
Enter a Name for the File IQ DB disk. Nasuni recommends as a best practice to prefix the disk name with the VM Instance name and use the -fiqdb suffix: <instance_name>-fiqdb.
From the Disk Type drop-down, select SSD persistent disk.
Enter a Size for the File IQ DB disk that matches the output of the File IQ DB Disk Size from the Virtual Machine Requirements section
Select a type of Encryption. The default Encryption is Google-managed key.
(Optional) Scroll down to Attachment settings and select Delete disk for the Deletion rule setting. This optional step ensures the File IQ disk is automatically deleted when the VM is deleted.
Click Save. The file IQ DB disk is created and appears in the list of disks. Three disks are now defined for the File IQ Virtual Machine.
Click Save to save changes to the virtual machine.
Click Start/Resume to start the virtual machine.
The File IQ Appliance Virtual Machine starts.
5. Connect the Nasuni Volumes to the File IQ Appliance
Important: For the Basic version of File IQ a maximum of 19 volumes can be connected to a File IQ Appliance for metadata analysis. For the Premium version of File IQ a maximum of 47 volumes can be connected to a File IQ Appliance for metadata analysis. If these limits are exceeded, then the metadata analysis stops until the number of connected volumes for metadata analysis falls within the specific range.
Note: The File IQ Appliance Administration UI Status > Subscription Status pane will not accurately reflect the Max Volumes / Filer values based on the settings above. You should ignore the value Max Volumes / Filer in the Status > Subscription Status pane.
Note: You might see a "File IQ unhealthy" alert displayed prior to enabling the File IQ service in step 7. This alert is expected and resolves itself after a successful File IQ service enablement.
To share and connect a volume to the File IQ Appliance for metadata analysis, follow this procedure:
Log in to the Nasuni Management Console associated with the File IQ Appliance.
Set up remote access for the Volume by following this procedure:
Click Volumes.
Click Remote Access. The Volume Remote Access Setting pane appears.
Select the volumes that you want to share. These should match the Volumes in the Volumes List section in the 1. Before you Begin section above.
Click Edit Volumes. The Edit Volume Remote Access Settings dialog box appears.
Ensure that the Enabled toggle is set to On.
For Remote Access Permissions, select Custom.
For the File IQ Appliance entry in the Custom Remote Access Permissions section, select Read Only.
Caution: Ensure that you change only the Remote Access entry for the File IQ appliance to Read Only. Be sure to leave the Remote Access entries for the other volumes unchanged.Unselect all sharing options and click Save Remote Access Settings. The Volume Remote Access Setting pane appears.
Wait until the Status for each of the selected volumes changes to a checkmark before proceeding.
Connect the Volumes to the File IQ Appliance by following these steps:
Click Volumes.
Click Connect Volume. The Remotely Accessible Volumes pane appears.
Click Refresh Connections and wait for the process to complete.
For the volumes for which you set up remote access to the File IQ Appliance (step 2 above), click Edit Connections. The Connect/Disconnect Volume dialog box appears.
In the Filers section, enable the File IQ Appliance checkbox.
In the Storage Access section, select Skip creating storage access point.
In the Inherit Setting section, untick the three inherit setting checkboxes.
Click Save Connections. The dialog box closes and returns to the Remotely Accessible Volumes pane.
Wait until the Status column for the Volume changes to a checkmark before proceeding.
Disable Snapshot Schedule for the FILE IQ Appliance and volume pairs by following one of these sets of steps:
For volumes not managed by GFA, follow these steps:
Click Volumes.
Click Snapshot Schedule.
The Volume Snapshot Schedule pane appears.
Expand the volumes for which you configured remote access in step 2.
For each volume expanded, select each item that is a File IQ Appliance.
Click Edit Volumes.
The Snapshot Schedule dialog box appears.
Click Select/Deselect all until all of the Days turn from color to grey.
Click Save Configuration.
The changes are saved.
Note: The changes might take up to 10 minutes to apply.
For volumes managed by GFA, follow these steps:
Click Volumes.
Click Snapshot Schedule.
The Volume Snapshot Schedule pane appears.
Select the volumes for which you configured remote access in step 2.
For each selected volume, expand its list to display the associated NEAs and File IQ Appliances.
Deselect each item that is not a File IQ Appliance.
Click Edit Volumes.
The Snapshot Schedule dialog box appears.
Set the Enablement Window to On.
Deselect all until all the Days turn from color to grey.
Click Save Configuration. The changes are saved.
Note: The changes might take up to 10 minutes to apply.
Disable Sync Schedule for the File IQ Appliance and Volumes pairs by following these steps:
Click Volumes.
Click Sync Schedule.
The Sync Schedule pane appears.
Select a volume for which you configured remote access in step 2.
Expand the volume's list to display the associated NEAs and File IQ Appliances.
Deselect each item that is not a File IQ Appliance.
Click Edit Volumes.
The Sync Schedule dialog box appears.
Click Select/Deselect all until all of the Days turn from colored to grey.
Click Save Schedule.
The changes are saved.
The changes might take up to 10 minutes to apply.
Note: Repeat steps c-h in this section for each Volume connected to File IQ.
6. Disabling Quality of Service (QoS) for the File IQ Appliance
It is recommended to disable the Quality of Service (QoS) for the File IQ Appliance as the main workloads involve synchronization of content to the File IQ Appliance and the system wants to ensure this happens as quickly as possible.
To disable the Quality of Service (QoS) for the File IQ Appliance, follow these steps:
Log in to the Nasuni Management Console associated with the File IQ Appliance.
Click Filers.
Click Quality of Service. The Filer Quality of Service pane appears.
Select the File IQ Appliance entry in the table and click Edit Filers. The Quality of Service Settings dialog box appears.
For all existing Quality of Service rules, click Delete.
Click Save Rules. The dialog box closes and returns to the Filer Quality of Service pane.
7. Enabling the File IQ Appliance and Configuring File IQ Service
By default, your File IQ service is turned off on the File IQ Appliance. Additionally, the File IQ Service on the NEA is off and is not configured to use any File IQ Appliance.
This section outlines how to enable File IQ Product on the File IQ Appliance and then configure one or more NEAs to send activity information to the File IQ Appliance.
The Nasuni Portal or Nasuni Orchestration Center (NOC) User Interface is used to enable File IQ on the File IQ Appliance and the NEA.
Use this section to perform the following:
Enable the File IQ Product on the new File IQ Appliance.
Enable File IQ Service and Assign the File IQ Appliance for the NEA.
Before getting started, ensure that the following items from the 1. Before You Begin section are complete for this specific area:
NMC Login
NEA(s) List
Note: Before proceeding, confirm that the NMC, File IQ Appliance, and NEAs are all started and running.
a. Enabling the File IQ on the New File IQ Appliance
Use either the Nasuni Portal or the Nasuni Orchestration Center to enable File IQ on the File IQ Appliance.
Nasuni Portal
To enable the File IQ Appliance from the Nasuni Portal, follow these steps:
Log in to the Nasuni Portal.
Navigate to Appliance Services > File IQ Configuration.
Click on the File IQ Appliance in the table list. The checkbox becomes Enabled.
From the Enable/Disable drop-down menu, click on Enable Selected. The State changes to Enabled for the File IQ Appliance in the table list.
This action is automatically saved.
Nasuni Orchestration Center
To enable the File IQ Appliance from the Nasuni Orchestration Center (NOC) UI, follow these steps:
Log in to Nasuni Orchestration Center.
Click the File IQ Config tab. The File IQ pane appears.
In the Configuration section, select the Disabled toggle for the new File IQ Appliance. The toggle becomes enabled, and the label changes to Enabled.
Click Save.
The configuration change is stored.
b. Enabling File IQ Service and Assigning the File IQ Appliance for the NEA
Important: The Nasuni Edge Appliance(s) that are used for data migration or third-party integration purposes should not be enabled to send events to File IQ Appliance(s).
In this section, enable the File IQ Service for each of the NEAs that you have chosen to report activity to the File IQ Appliance. You should have defined each NEA as part of the NEAs List entry in the 1. Before you Begin section above.
Use either the Nasuni Portal or the Nasuni Orchestration Center to enable the File IQ service and assign the File IQ Appliance for the NEA.
Nasuni Portal
To enable the File IQ Service and assign the File IQ Appliance for each of these Nasuni Edge Appliances from the Nasuni Portal, follow these steps:
Log in to Nasuni Portal.
Navigate to Appliance Services > File IQ Configuration
Click on the Edge entry in the Configuration items on the left of the page
Click on the Edge name in the table list. The checkbox becomes Enabled.
From the Enable/Disable drop down menu click on Enable Selected. The State changes to Enabled for the Edge name in the table list.
This action is automatically saved.
Click on the Assign/Unassign File IQ button. The File IQ Assignment panel appears.
From the drop down list select the name of the File IQ Appliance that you want to assign the previously selected Edge entries.
Click Save.
Nasuni Orchestration Center
To enable the File IQ Service and assign the File IQ Appliance for each of these Nasuni Edge Appliances from the Nasuni Orchestration Center, follow these steps:
Log in to Nasuni Orchestration Center.
Click the File IQ Config tab. The File IQ pane appears.
In the Enable File IQ Service on appliances section, click the Disabled toggle for the specific NEAs. The toggle becomes enabled, and its label changes to Enabled.
For the same NEAs, from the Assign File IQs to NEAs dropdown menu, select the new File IQ Appliance.
The dropdown shows the new File IQ Appliance as assigned to the NEAs.Click Save.
The configuration change is stored.
c. Forcing the Configuration to be Applied to the File IQ Appliance and Nasuni Edge Appliance
After the configuration is saved, it can take up to 1 hour for the configuration to become active on the File IQ Appliance and NEAs. Instead, you can force the configuration to immediately refresh using the Refresh License feature in the NMC so that you can move on to 8. Accessing the File IQ Dashboards immediately.
To force the configuration to become active, follow these steps:
Log in to the Nasuni Management Console associated with your account.
Click Filers.
Click Refresh License. The Refresh Subscription License pane appears.
Select the same File IQ Appliance and NEAs that you used in steps a and b above, and click Update Filers. The Refresh Subscription License dialog box appears.
Click Refresh License. The dialog box closes, and you return to the Refresh Subscription License pane. Wait until the Status column for the values you selected in step 4 has changed to a checkmark before proceeding.
Important: The initial scanning of your volume files begins immediately. This process can take a while, depending on the number of files and directories to be scanned initially. It can take on the order of 1 hour per million files and directories for this first scan.
Subsequent scans occur every 24 hours after the initial scan. Subsequent scans are much faster, because they only deal with changes to the existing volumes. To view the progress of the Volume scans use the System Status dashboard > Volume Scan Detailed Status panel and Service Support dashboard > Volume Scan State Logs panel.
8.Accessing the File IQ Dashboards
The results of scanning the selected volumes appear in numerical and graphical form on the File IQ Dashboards. For more information about the File IQ Dashboards, see File IQ Dashboards.
The File IQ Dashboards contain all the information for NEA activity and volume metadata that the File IQ Appliance receives and produces.
To access the File IQ Dashboards, follow this procedure:
Open a new browser window.
Enter the address in this form:
https://<FILE-IQ-FQDN>:3000where <FILE-IQ-FQDN> is the FQDN of the File IQ Appliance, assigned in 3. Running the File IQ Appliance First Boot Wizard. The File IQ Dashboard user interface appears.
In the Email or username field, enter “Viewer”.
Caution: Do not rename the Grafana viewer account. The Initialization program expects the viewer account to be present. If the viewer account is not present, the Initialization of the viewer account recreates the viewer account with the default password.
In the Password field, enter “nasuni_IQ_2024!”.
Note: Nasuni highly recommends updating the default password for the Grafana viewer account during the first usage.
Click Log in. The system logs you into the File IQ Dashboard, and the Home page appears.
It is important to change the default password. To change the password, follow this procedure:
Click the avatar icon at the top right of the File IQ Dashboard. A context menu is displayed.
In the context menu, click Change password. The Change Password pane appears.
In the Old Password textbox, enter the original default password “nasuni_IQ_2024!”.
Enter the new password into the New password and Confirm password text boxes. Click Change Password.
The password is saved, and a dialog appears in the top right corner with the text User password changed.
Click Home in the top left corner to return to the Home page.
9. Nasuni File IQ Status and File IQ Appliance Health
This section describes the Nasuni File IQ Status tool that is shipped with the File IQ Appliance.
a. File IQ Status Tooling
The File IQ Status tool, shipped with the File IQ Appliance, offers key insights into the operational health of the File IQ Appliance installation. At any point during the setup of the File IQ Appliance or afterward, the File IQ Status displays the health of key sections of the File IQ Appliance.
Each line has three possible status values:
Healthy: Indicated by a Green tick symbol. No action is required in this case.
Unhealthy: Indicated by a Red x symbol. Action is required in this case.
Informational: Indicated by a Yellow triangle with an exclamation point inside. Action may be required depending on the organization’s use case for File IQ.
Note: Informational items do not cause a health check to return as an error condition.
The Unhealthy and Information points are accompanied by a detailed text on the problem space and links to the Nasuni documentation to address them.
As the installation of File IQ progresses, it is recommended to run File IQ Status to ensure the setup is functional. Depending on when you run the File IQ Status tool, warnings and errors may be expected. For example, before enabling File IQ on the NOC or Portal, it is expected that the check for this does not pass.
b. File IQ Appliance Health
The File IQ Appliance reports its health to the NMC and uses the File IQ Status Tooling as the basis for the information. If the NMC reports a File IQ Appliance as unhealthy, the File IQ Status tool provides the customer with the cause of the problem, as well as remediation materials.
To view the current health of the File IQ Appliance in the NMC, follow this procedure:
Log in to the Nasuni Management Console (NMC) associated with your account.
Click Filers.
Click the name of the File IQ Appliance in the table at the bottom of the page. The File IQ Appliance Details pane appears.
The Health section is displayed at the bottom right of the pane.
c. File IQ Status Messaging
The list of health items that the File IQ Status can provide is outlined in the following table:
Name | Description | Since version | Health Item * | Premium Only ** |
|---|---|---|---|---|
Nasuni File IQ Enabled in NOC | Indicates that the File IQ appliance has been enabled in the Nasuni Portal UI or NOC UI. | 10.0 | Yes | No |
Nasuni File IQ database filesystem created | Indicates that the file system for the File IQ DB has been created. | 10.0 | Yes | No |
Nasuni Appliance filesystem sizes | Indicates that the size of the disks on the File IQ Appliance meet the expected size ratios. | 9.15 | Yes | No |
Nasuni File IQ sizing | Indicates that the virtual machine is sized appropriately based on the data stored in the system at the time the tool is run. | 10.1 | Yes | No |
Nasuni File IQ database filesystem usage | Indicates that there is a problem with the File IQ DB disk has adequate space. When the File IQ disk is ≥90% full it will show unhealthy. When the File IQ DB disk reaches ≥85% full it will show as an information point. | 9.15 | Yes | No |
Nasuni File IQ database created | Indicates that the File IQ Database has been created on the File IQ Appliance. | 9.15 | Yes | No |
Nasuni File IQ database running | Indicates that that File IQ Database service is running successfully. | 9.15 | Yes | No |
Nasuni File IQ Appliance connected to Directory Service | Indicates that the File IQ Appliance is connected to an Active Directory service. | 9.15 | No | No |
Nasuni volumes mounted | Indicates that volumes have been connected to the File IQ Appliance for metadata analysis. | 9.15 | Yes | No |
Nasuni volumes mounted Read-only | Indicates that the volumes connected to the File IQ Appliance for metadata analysis are connected as Read Only. | 9.15 | Yes | No |
Nasuni File IQ event queue created | Indicates that the File IQ Appliance has successfully created the Event Queue required for communicating with the NEAs for activity data. | 9.15 | No | No |
Nasuni File IQ event queue connectivity | Indicates that the File IQ Appliance has successfully connected to the Event Queue required for communicating with the NEAs for activity data. | 9.15 | No | No |
Nasuni audit events received | Indicates that the File IQ Appliance is successfully receiving activity data from one or more NEAs. | 9.15 | No | No |
Nasuni volumes have snapshot and sync disabled | Indicates that all of the volumes connected to the File IQ Appliance for metadata analysis have their sync and snap schedules disabled. | 10.0 | No | No |
Nasuni File IQ system memory size check | Indicates that there has been no recent cores for the File IQ process and that the File IQ Appliance recently has not experienced an Out of Memory (OOM) situation. | 10.1 | Yes | Yes |
Nasuni File IQ cache usage | Indicates that the Cache disk on the File IQ Appliance has adequate space. | 10.0 | Yes | No |
Nasuni File IQ Event Hub Partitions check | Indicates that the Event Queue processing is utilizing all of the capacity available to the system. | 10.0 | Yes | No |
Nasuni File IQ Database Backup Configuration | Indicates the File IQ Database backup is configured and enabled on the system. | 10.1 | Yes | No |
Nasuni File IQ Database Backup Status | Indicates that the File IQ Database backup has been successfully run on the File IQ Appliance. | 10.1 | Yes | No |
Nasuni File IQ Database Backup Available | Indicates that the File IQ Database backup is accessible in the cloud storage. | 10.1 | Yes | No |
Nasuni File IQ Database WAL Archiving Status | Indicates that the File IQ Database backup of the Write Ahead Logs (WAL) is keeping up with the workload on the File IQ Appliance. | 10.1 | Yes | No |
Nasuni Appliance Backup Key set up | Indicates that the Escrow Passphrase has been set for the File IQ Appliance. | 10.1 | Yes | No |
Nasuni Appliance Backup available | Indicates that the File IQ Appliance’s configuration has been backed up to the NOC and it is in a DR ready state. | 10.1 | Yes | No |
Nasuni File IQ Reporting Service running | Indicates that the Reporting Service is running on the File IQ Appliance. | 10.1 | Yes | Yes |
Nasuni File IQ Reporting cron job configured | Indicates that the cron job that schedules the Reports has been configured on the File IQ Appliance. | 10.1 | Yes | Yes |
Nasuni File IQ Report staging volume configured | Indicates that a Volume has been connected to the File IQ Appliance to store reports and the Reporting Service has been configured to use this Volume to store the reports that the service generates. | 10.1 | Yes | Yes |
Nasuni File IQ Report staging path configured | Indicates that an absolute directory path on the volume used by the Reporting Service has been configured and checked for ability to store reports. | 10.1 | Yes | Yes |
Nasuni File IQ Report execution failures during previous 24 hours | Indicate that the Reporting Service has had no failures in executing reports within the past 24 hours. | 10.1 | Yes | Yes |
Nasuni File IQ Single Sign-On Configuration | Indicates that the SSO feature has been configured for the File IQ Dashboard. | 10.1 | Yes | Yes |
Nasuni File IQ Single Sign-On health check | Indicates that the SSO feature for the File IQ Dashboard is passing the health checks which ensures that the feature is operational. | 10.1 | Yes | Yes |
* The Health Item indicates whether this item may raise a health problem to the NMC.
** The Health Item varies between the Basic and Premium versions of the File IQ Appliance.
Appendix A: Firewall Configuration
The File IQ Appliance and Nasuni Edge Appliance both require access to the Microsoft Azure Event Hub API. For configuration instructions, see the Firewall and Port Requirements.
Appendix B: Deletion Security
The Google Cloud Platform offers several safeguards to prevent or mitigate unwanted deletion. You might choose to employ some or all these safeguards.
For specific recommendations and guidelines on managing and safeguarding GCP instances and associated disks, GCP provides targeted documentation that can help ensure that these resources are protected from accidental or unauthorized deletion. Here are some useful links related to managing GCP instances and GCP disks:
GCP Documentation. This section includes detailed information on managing instances, including permissions and lifecycle considerations: GCP Documentation
GCP Disk Documentation. Covers all aspects of managing GCP disks including replication, performance, and reliability: GCP Disk Documentation
GCP Using IAM to Manage Access to GCP Resources. Provides guidelines on how to create and manage IAM policies for GCP resources, crucial for preventing unauthorized access or deletion: GCP Identity and Access Management Documentation
Preventing Accidental VM deletion. This guide explains how to prevent accidental VM deletion GCP Guide to prevent accidental VM deletion
Appendix C: Installing File IQ using Google Cloud Marketplace
To deploy the File IQ appliance using a virtual machine in GCP, use the Google Cloud Marketplace.
Alternatively, to deploy the File IQ appliance using the GCP Virtual Hard Disk, see 2. Installing File IQ using the GCP Virtual Hard Disk.
Important: If Nasuni File IQ is not yet available on the Google Marketplace when you wish to install it, use the 2. Installing File IQ using the GCP Virtual Hard Disk alternative instead.
Important: Nasuni does not have access to your GCP account; you must create and maintain your own GCP account. To create an account, go to the Google Cloud Platform site.
Tip: In the Nasuni model, customers provide their own cloud accounts for storing their data. As part of their overall security strategy, customers should leverage their cloud provider's role-based access and identity access management features. Such features can be used to limit or prohibit administrative access to the cloud account based on customer policies.
Important: To access Active Directory-enabled volumes, the File IQ Appliance must be connected to an Active Directory server in the same Active Directory Forest. This requires part of your Active Directory infrastructure to also be running on the GCP platform.
Important: Similarly, to access LDAP-enabled volumes, the File IQ Appliance must be able to access LDAP and Kerberos in the same LDAP domain. You cannot enable Active Directory and LDAP Directory Services for a File IQ Appliance.
To install File IQ from the Google Cloud Marketplace, navigate to the File IQ offer on the Google Cloud Marketplace and create the Virtual Machine for File IQ from that location. You do not need to upload the Virtual Hard Disk file and create an image as part of the process below.
To begin the installation of File IQ, follow these steps:
Log in to the Google Cloud console at https://console.cloud.google.com/. The Google Cloud Dashboard appears.
Click the Navigation menu icon (three horizontal lines in the upper-left corner). The Navigation menu appears.
Click Marketplace. The Marketplace page appears.
In the Search Marketplace box, enter “Nasuni”. A list of Nasuni products appears.
Click File IQ. The File IQ page appears.
Click LAUNCH. The New File IQ Appliance deployment page appears.
Enter a Deployment name for this deployment. Alternatively, you can accept the default name generated.
From the Zone dropdown list, select a zone for this deployment. Zones determine where data is stored and used. Also, different zones offer different resources and features. Choose a zone that is close to your point of service. For more information, see Regions and zones.
Scroll down to the Machine type area, and click the General-purpose tab.
From the Series dropdown list, select the series of the machine type: N2D.
From the Machine type dropdown list, select Custom.
Enter the Number of Core recommended by the Nasuni Sizing Tool.
Enter the Memory size recommended by the Nasuni Sizing Tool.
Scroll down to the Boot Disk area.
From the Boot disk type drop-down list, select the boot disk type. Select SSD Persistent Disk.
From the Boot disk size in GB field, enter “32”.
Scroll down to the Networking area.
Enter the corresponding fields from the GCP Network Details for the File IQ VM entry in the 1. Before you Begin section above.
Configure the other settings as appropriate for your solution, including, but not limited to, security group and virtual private cloud.
In the Network Interface section, you may choose as an optional step to disable the External IPv4 address based on your company security’s guidelines.
Select your Network Interface. The Edit network interface pane appears.
For the External IPv4 address, select None.
Go to the Firewall area.
Select Allow TCP port 8443 traffic from the Internet.
Important: Please ensure that this option is selected.Scroll down to the bottom. If this is your first deployment, the Terms of Service are displayed. Accept the Terms of Service.
Click DEPLOY. The virtual machine is deployed. This might take several minutes.
This virtual machine becomes available in the Deployment Manager list (available from the Navigation menu). Go to the navigation menu, click Compute Engine, and then VM instances. The VM instance details page appears.
Select the new VM and click STOP. A confirmation dialog appears. Click STOP.
Wait for the VM to be stopped.
Click on the new File IQ Appliance name in the Name column. The details of the VM Instance are displayed.
Click Edit. An editable version of the VM instance details appears.
In the Firewalls area, select Allow HTTPS traffic.
In the Storage area, define three additional disks for the VM Instance using the following procedure.
To define a cache disk for the instance, follow these steps:
In the Additional disks area, click ADD NEW DISK. The Add new disk pane appears.
Enter a Name for the cache disk. Nasuni recommends as a best practice to prefix the disk name with the VM Instance name and use the -cache suffix: <instance_name>-cache.
From the Type drop-down list, select the type of disk. Select SSD persistent disk.
Enter a Size for the cache disk that matches the outputs of the Nasuni Cache from the Virtual Machine Requirements section in the 1. Before you Begin section above.
Select a type of Encryption. The default Encryption is Google-managed key.
In the Attachment setting section, select Delete disk for the Deletion rule setting. This is an optional step used to ensure the File IQ disk will be deleted automatically when the VM is deleted.
Click SAVE. The cache disk is defined and appears in the Additional disks section.
To define a COW disk for the instance, follow these steps:
In the Additional disks area, click ADD NEW DISK. Additional fields become available.
Enter a Name for the COW disk. Nasuni recommends as a best practice to prefix the disk name with the VM Instance name and use the -cow suffix: <instance_name>-cow.
From the Type dropdown list, select the type of disk. Select SSD persistent disk.
Enter a Size for the CoW disk that matches the outputs of the Nasuni CoW from the Virtual Machine Requirements section in the 1. Before you Begin section above
Select a type of Encryption. The default Encryption is Google-managed key.
In the Attachment setting section, select Delete disk for the Deletion rule setting. This is an optional step used to ensure the File IQ disk will be deleted automatically when the VM is deleted.
Click SAVE. The CoW disk is created and appears in the list of disks.
To define a File IQ DB disk for the instance, follow these steps:
In the Additional disks area, click ADD NEW DISK. Additional fields become available.
Enter a Name for the File IQ DB disk. Nasuni recommends as a best practice to prefix the disk name with the VM Instance name and use the -fiqdb suffix: <instance_name>-fiqdb.
From the Type dropdown list, select the type of disk. Select SSD persistent disk.
Enter a Size for the File IQ DB disk that matches the outputs of the File IQ DB Disk from the Virtual Machine Requirements section in the 1. Before you Begin section above
Select a type of Encryption. The default Encryption is a Google-managed key.
In the Attachment setting section, select Delete disk for the Deletion rule setting. This is an optional step used to ensure the File IQ disk is deleted automatically when the VM is deleted.
Click SAVE. The File IQ DB disk is created and appears in the list of disks.
Click SAVE. The changes are saved. This step can take some time.
Via the navigation menu, select VPC network -> Firewall to define one additional firewall rule used to access the File IQ Dashboard via https on port 3000. The creation of the rule is done via the following procedure:
Click CREATE FIREWALL RULE. The firewall rule editor appears.
Enter the name of the rule. For example, File IQ-fw-dashboard.
Enter a description. For example, “File IQ TCP Ingress for port 3000”.
Select the Network used by the File IQ Appliance.
For Direction of traffic, select Ingress.
For Action on match, select Allow.
For Targets, select All instances in the network.
For Source filter, select IPv4 ranges.
For Source IPv4 ranges, enter “0.0.0.0/0”. This is a default value and is not restrictive. You may restrict the IP range based on your network security settings.
For Protocol and ports, select Specified protocols and ports.
Select TCP, and in the Ports text field, enter “3000”.
Using the navigation panel on the left-hand side, select Compute Engine, then VM Instances. The VM Instances pane appears.
Select the VM Instance for File IQ.
Navigate to the top of the screen and click START / RESUME. A confirmation dialog appears. Click START. A message indicates that the VM is starting. Another message appears once the VM is started.
Important: Once you have completed all the steps in this appendix, proceed to step 3. Running the File IQ Appliance First Boot Wizard to continue the File IQ Installation process.
Appendix D: Controlling the GCP File IQ VM
Virtual platforms allow you to control various aspects of your File IQ Appliance. This chapter presents procedures for these control functions. Because these controls depend on third-party virtual platforms, follow the procedures for your specific virtual platform.
Note: The vendor changes their interfaces occasionally with little notice to the users. The exact screens and text on these platforms might change at any time.
Starting the GCP VM
Start a stopped VM of the File IQ Appliance on the virtual platform.
To start a stopped VM, follow these steps:
Log in to the Google Cloud console at https://console.cloud.google.com/. The Google Cloud Dashboard appears.
Click Compute Engine, then VM instances. The VM Instances pane appears.
Select the File IQ Virtual Machine you want to start.
Navigate to the top of the screen and click START / A confirmation dialog appears. Click START. A message is displayed indicating that the VM is starting. Another message appears once the VM is started.
Status of the GCP VM
You can view the status of the GCP VM of the File IQ Appliance on the virtual platform.
To view the status of File IQ Appliance Virtual Machine, follow these steps:
Navigate to the GCP dashboard and click Compute Engine, then VM instances. The VM Instances pane appears.
A status indication is provided in the table component indicating if the VM is running or stopped.
Click Observability. Select Overview in the navigation pane of Observability, and information for the VMs appears, including graphs including CPU Utilization, Memory Utilization, Network Traffic, Disk Throughput and Utilization, and a list of the Top 5 processes by CPU usage.
For more information on Google Cloud Observability: https://cloud.google.com/stackdriver/docs#observability
Shutting down the GCP VM
The File IQ Appliance Virtual Machine can be shut down from the virtual platform.
To shut down the VM, follow these steps:
Log in to the Nasuni Management Console associated with the File IQ Appliance.
Click the Filers menu item.
Click Shutdown & Reboot. The Shutdown and Reboot pane appears.
For the File IQ Appliance, click the associated Shutdown/Reboot action. The Initiate Shutdown/Reboot of File IQ Appliance pane appears.
Enter ‘Change Filer Power State’ into the Confirmation Phrase textbox.
Select the Option to Shut down immediately. Click Shutdown.
The Shutdown and Reboot pane appears. Wait until the File IQ Appliance's Status column changes to a checkmark before proceeding; at that point, the File IQ Appliance is shut down.
Appendix E: Uninstalling the GCP VM
This section describes uninstalling the File IQ Appliance from the GCP platform.
Note: The vendor changes their interfaces occasionally with little notice to the users. The exact screens and text on these platforms might change at any time.
Caution: Deleting a File IQ Appliance deletes the GCP VM and all data.
To uninstall the File IQ Appliance on the GCP platform, follow these steps:
Log in to the Google Cloud console at https://console.cloud.google.com/. The Google Cloud Dashboard appears.
Open the GCP Dashboard. From the navigation menu, select Compute Engine, then VM instances.
The VM instances pane appears. Select the File IQ virtual machine.
Navigate to the top of the screen and click DELETE. A dialog box appears, confirming whether you are sure you want to delete the virtual machine.
Click DELETE.
A confirmation dialog appears, asking if you want to delete the virtual machine. Click DELETE.
Deleting a virtual machine does not automatically delete the disks associated with the Virtual Machine unless the Deletion rule of the disk was set to Delete disk when it was created.
To delete the VM disks, follow these steps:
Open the GCP dashboard.
From the navigation menu, select Compute Engine, then Disks. The Disks pane appears.
A list of disks appears. To identify the list of disks to delete:
Select the disk(s) that were previously associated with the deleted File IQ Virtual machine.
Navigate to the top of the screen and click DELETE.
A dialog box appears, confirming if you want to delete the disk(s). Click DELETE.
Appendix F: Resizing the File IQ Disks
This section describes resizing the File IQ Appliance disks from the Google Cloud platform.
Note: The vendor changes their interfaces occasionally with little notice to the users. The exact screens and text on these platforms might change at any time.
Important: You can only increase the size of GCP disks. For more information: https://cloud.google.com/compute/docs/disks/resize-persistent-disk.
Pre-requisites:
The File IQ Instance installation is complete.
The File IQ Disks are correctly named using the best practice that consists of prefixing the disk names with the File IQ Instance name and using a suffix that indicates the role name for the disk (one of: os, cow, cache, and File IQdb).
To resize the File IQ disks, follow these steps:
Log into the Nasuni Management Console associated with the File IQ Appliance.
Click Filers.
Click Shutdown & Reboot. The Shutdown and Reboot pane appears.
For the File IQ Appliance, click the associated Shutdown/Reboot action.
The Initiate Shutdown/Reboot of File IQ Appliance pane appears.
Enter “Change Filer Power State” into the Confirmation Phrase textbox.
Select Shut down immediately. Click Shutdown. The Shutdown and Reboot pane appears.
Wait until the File IQ Appliance's Status column changes to a checkmark before proceeding; then, the File IQ Appliance is shut down.
Log in to the Google Cloud console at https://console.cloud.google.com/. The Google Cloud Dashboard appears.
From the navigation menu, select Compute Engine, then Disks. The Disks pane appears.
Locate the File IQ disk(s) that need to be resized by filtering the list of disks using the File IQ Instance name.
For each of the disk(s) displayed in the list that you want to resize, execute the following:
Click on the disk name in the Name column. The Manage Disk pane appears.
In the menu bar, select More Actions, then Edit. The editor for the disk appears.
c. Using the disk editor, update the disk's size. Use the File IQ Sizing Tool to estimate the size of the Nasuni Cache and File IQ DB disks.
Click Save. A message appears at the bottom of the screen to confirm that the update has been triggered and that the disk was successfully updated.
Click Virtual Machines, then VM instances on the left pane. The list of Instances is displayed.
Select the File IQ Virtual Machine Instance.
Navigate to the top of the screen and click START/RESUME. A confirmation dialog appears. Click START. A message displays indicating that the VM is starting. Another message appears once the VM is started.