ONTAP Discussions

cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

ONTAP Discussions

Ask a Question

how to appropirately manage default export policy on cdot?

dragontiger
‎2015-04-23 08:51 AM
6,609 Views

The default export policy is wild open to all hosts (0.0.0.0/0), if a rule is created under this policy with specified clients, then we should be alright, this is how I understood.

 

My question is, should we ever use the default policy, or in what situation, it could be used. I would say we should not use it.

 

What would you say?

0 Kudos
View By:
5 REPLIES 5

aborzenkov
‎2015-04-24 02:02 AM
6,579 Views

Default policy does not contain any rule, so access is denied by default. There no universal answer whether you should add rules to default policy or define your own - it all depends on your specific requirements.

dragontiger
‎2015-05-21 03:55 AM
In response to aborzenkov
6,487 Views

OK. Would it cause any issues if I use one volume - one policy, which means everytime I create a volume I will assigned a new policy specifically to the volume?

0 Kudos

chott
NetApp
‎2015-05-21 04:50 AM
In response to dragontiger
6,480 Views

The idea behind having central policies is to enable easier administration by reusing policies.

 

In my opinion adding one policy per volume would defeat that purpose and would make your system cumbersom to administrate.

 

Just as a side note: There is a limit to the maximum number of export policies you can create depending on the cluster size:

https://fieldportal.netapp.com/Core/DownloadDoc.aspx?documentID=139294&contentID=273354

https://fieldportal.netapp.com/Core/DownloadDoc.aspx?documentID=139296&contentID=273359

https://fieldportal.netapp.com/Core/DownloadDoc.aspx?documentID=139298&contentID=273360

 

I think there is no one answer fits it all, as already posted.

 

hope that helps.

cheers chriz

 

 

P.S. if you feel this post is useful, please KUDO or “accept as a solution" so other people may find it faster.

netappmagic
‎2015-05-21 06:34 AM
In response to chott
6,468 Views

Understand that there is no one answer fits it all.

 

However, I am looking for a rule of thumb in creating exporting policy, if there is such. For instance, may be one policy for all related applications / projects /clients? Would that be a common rule?

 

Thanks for sharing.

0 Kudos

chott
NetApp
‎2015-05-21 06:41 AM
In response to netappmagic
6,466 Views

Yes I think your suggestion is great.

Create an export-policy per Client / Application

 

cheers chriz

P.S. if you feel this post is useful, please KUDO or “accept as a solution" so other people may find it faster.
0 Kudos
Announcements
All Community Forums
Public