5 Essential Tips for Maximizing Your Experience at Nutanix .NEXT for Bloggers
We run Exchange 2013 with about 1.6TB of mail split between 30+ databases on a 4-node 6020 cluster using NFS with zero issue. I definitely agree that the Exchange/NFS support statement by Microsoft is more political than technical - there is no need to muck around with iSCSI. The only inconvenient thing about Exchange on Nutanix is that rebooting a CVM causes enough IO Latency to initiate a failover across the Exchange DAG as the hypervisor waits quite a few seconds before directing IO to another Stargate, but it's not like we go around rebooting CVM's every day so it's not that significant of an issue. Its probably a best practice to vacate a node before you initiate a planned CVM reboot anyway. =)
Have you verified the integrity of your physical cabling? Unless the switchports are misconfigured or not configured for autonegotiation, the only common thing that would muck up autonegotiation of 100MB Full Duplex is physical fault along the cabling. Beyond that, if you [i]really[/i] want to force Full Duplex you might be able to find some command documenatation by googling for Super Micro IPMI Command Line references as that is what your OEM IPMI actually is. Rough googling got me to this Super Micro KB, but it may or may not be relevant depending on your IPMI firmware revision: http://www.supermicro.com/support/faqs/faq.cfm?faq=15867
Yes there is a firewall - the CentOS flavour of IPtables is running on your CVM's. As far as an official hardening guide goes I do not believe one exists, but if you fish through the discussion boards here you will find a few nuggets of wisdom. The most common recommendation is probably to isolate your CVM's from standard VM's on their own management network. Also - you can install SSL Certificates through Prism, but if your question is specific to using SSL certs for SSH auth that may not be very helpful. I know that 2FA and key-based access is a component of Cluster Shield, but I'm uncertain if that reaches all the way to SSH.
It may be possible but it's definitely not supported/recommended.
Per conversation with my SRE, it sounds like Nutanix will be pulling the hotfix down from CentOS and porting it into an upcoming release. Specific timing should be disclosed later today.
Already have an account? Login
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.
Sorry, we're still checking this file's contents to make sure it's safe to download. Please try again in a few minutes.
Sorry, our virus scanner detected that this file isn't safe to download.