A file server is a computer that provides services relating to the organization of information on persistent storage devices, such memories, tapes or disks. The file server or filer may be embodied as a storage system including a storage operating system that implements a file system to logically organize the information as a hierarchical structure of directories and files on, e.g., the disks. Each “on-disk” file may be implemented as set of data structures, e.g., disk blocks, configured to store information, such as the actual data for the file. A directory, on the other hand, may be implemented as a specially formatted file in which information about other files and directories are stored.
One type of file system is a write-anywhere file system that does not overwrite data on disks. If a data block on disk is retrieved (read) from disk into memory and “dirtied” with new data, the data block is stored (written) to a new location on disk to thereby optimize write performance. A write-anywhere file system may initially assume an optimal layout such that the data is substantially contiguously arranged on disks. The optimal disk layout results in efficient access operations, particularly for sequential read operations, directed to the disks. An example of a write-anywhere file system that is configured to operate on a storage system, such as a filer, is the Write Anywhere File Layout (WAFL®) file system available from Network Appliance, Inc., Sunnyvale, Calif. The WAFL file system is implemented as a microkernel within an overall protocol stack of the filer and associated disk storage. The disk storage is typically implemented as one or more storage “volumes” that comprise a cluster of physical storage devices (disks), defining an overall logical arrangement of disk space.
Certain storage systems provide the ability to create and maintain, with substantial flexibility and fine granularity, multiple instances of virtual servers, (vfilers), within a filer embodied as a physical storage system platform. A vfiler is a logical partitioning of network and storage resources of the physical storage system to establish an instance of a multi-protocol server. Each vfiler is maintained and executed independent of other vfilers on the platform. Storage system resources, such as units of storage and network addresses of network interfaces, may be grouped, partitioned and allocated to the vfilers to establish security domains within the storage system. Each of these per-vfiler security domains is defined by a vfiler context. Operations performed within a particular vfiler context may not access resources allocated to other vfilers. However, common storage system resources, such as a storage operating system and a file system, may be shared among the vfilers.
In operation, a storage service provider (SSP) may acquire a number of physical storage systems and configure them to operate as a plurality of vfilers. Customers of the SSP may lease one or more of the vfilers for use in provisioning storage for the customers' needs. In this way, the SSP leverages the high powered physical storage systems to share them across a plurality of customers without requiring customers to purchase such systems. Using the security features inherent within vfilers, customers of a SSP may not access data served by those vfilers to which they do not have permissions. However, a noted disadvantage arises when dealing with administration and/or management of the vfilers.
Typically, administration of a physical storage system enables administration of the vfilers operating thereon. However, in a SSP environment, customers may desire to manage their own vfilers despite not having permissions to manage the physical storage system, which is maintained by the SSP. Customers may individually log into their vfilers and execute configuration commands for their respective vfilers. However, such manual management increases the complexity of the system administrators' job and increases the likelihood of errors and/or mis-configurations arising due to, e.g., typographical errors when entering large numbers of commands into a plurality of vfilers. Furthermore, graphical administration tools may not be available by individually logging into each vfiler.