Windows Server 2012R2 as Host and FreeNAS as VM Guest

[Mirfster]

It seems you need to add one Controller per HDD (going to try that again, can't be right (?)

That very well may be the case where each drive is its own SCSI Controller. But, I have not actually tested it myself.

As far as some relevance of testing, see what output you get from SMART

Example: smartctl -a /dev/xxx (replace xxx with your disk, like "da1" or "da2")

Then you may want to continue with running a short test or even a long test

 

[SecCon]

The number of moving parts involved in that passthrough setup seems prone to breaking. It's totally possible that Microsoft took care of the little details, but it's equally possible that they didn't - let's face it, it's a highly unusual setup.

Happy to provide insight, even if it means a disaster in the long run we all learn from it. Just tested the Beta UI. Looks grrrrreat so far!

smart tests, coming up

Humpf...

[root@freenas ~]# smartctl -a /dev/da0
smartctl 6.5 2016-05-07 r4318 [FreeBSD 11.1-STABLE amd64] (local build)
Copyright (C) 2002-16, Bruce Allen, Christian Franke, www.smartmontools.org

=== START OF INFORMATION SECTION ===
Vendor: Msft
Product: Virtual Disk
Revision: 1.0
User Capacity: 136,365,211,648 bytes [136 GB]
Logical block size: 512 bytes
LU is thin provisioned, LBPRZ=0
>> Terminate command early due to bad response to IEC mode page
A mandatory SMART command failed: exiting. To continue, add one or more '-T permissive' options.


That was for da0, which is system disk.
Hang on, the system disk IS virtual (vhd file). But that should be ok. It kinda has to be.

However, and more relevant, the smartctl for da1 and da2 also fails.

[root@freenas ~]# smartctl -a /dev/da1
smartctl 6.5 2016-05-07 r4318 [FreeBSD 11.1-STABLE amd64] (local build)
Copyright (C) 2002-16, Bruce Allen, Christian Franke, www.smartmontools.org

=== START OF INFORMATION SECTION ===
Vendor: WDC WD10
Product: 01FALS-00E8B0
Revision: 05.0
User Capacity: 1,000,204,886,016 bytes [1.00 TB]
Logical block size: 512 bytes
Device type: disk
Local Time is: Thu Dec 28 07:46:27 2017 CET
SMART support is: Unavailable - device lacks SMART capability.

=== START OF READ SMART DATA SECTION ===
Current Drive Temperature: 0 C
Drive Trip Temperature: 0 C

Error Counter logging not supported

Device does not support Self Test logging

Which seems a bit werd.

Just to make sure I tested running the same commands directly in shell in the virtual session.

OK, cant be done from what I gather via some searches. Not even in HyperV 2016.

 

[SecCon]

Ok, using an external application on the Host will give SMART status for involved drives, even if Windows has them offline.

In this case I used https://www.passmark.com/products/diskcheckup.htm which has e-mail notifications and free for private use.

Consider that a workaround. Continuing with Volume later...

 

[SecCon]

@Mirfster I forgot, I remade the controller layout, and all got snugly into the one, single.

I blame my screen resolution for not seeing the small + by the controller icon. :p

Also, got all my hardware for the standalone FreeNAS machine. See signature.

 

[Ericloewe]

Happy to provide insight, even if it means a disaster in the long run we all learn from it. Just tested the Beta UI. Looks grrrrreat so far!

smart tests, coming up

Humpf...

[root@freenas ~]# smartctl -a /dev/da0
smartctl 6.5 2016-05-07 r4318 [FreeBSD 11.1-STABLE amd64] (local build)
Copyright (C) 2002-16, Bruce Allen, Christian Franke, www.smartmontools.org

=== START OF INFORMATION SECTION ===
Vendor: Msft
Product: Virtual Disk
Revision: 1.0
User Capacity: 136,365,211,648 bytes [136 GB]
Logical block size: 512 bytes
LU is thin provisioned, LBPRZ=0
>> Terminate command early due to bad response to IEC mode page
A mandatory SMART command failed: exiting. To continue, add one or more '-T permissive' options.


That was for da0, which is system disk.
Hang on, the system disk IS virtual (vhd file). But that should be ok. It kinda has to be.

However, and more relevant, the smartctl for da1 and da2 also fails.

[root@freenas ~]# smartctl -a /dev/da1
smartctl 6.5 2016-05-07 r4318 [FreeBSD 11.1-STABLE amd64] (local build)
Copyright (C) 2002-16, Bruce Allen, Christian Franke, www.smartmontools.org

=== START OF INFORMATION SECTION ===
Vendor: WDC WD10
Product: 01FALS-00E8B0
Revision: 05.0
User Capacity: 1,000,204,886,016 bytes [1.00 TB]
Logical block size: 512 bytes
Device type: disk
Local Time is: Thu Dec 28 07:46:27 2017 CET
SMART support is: Unavailable - device lacks SMART capability.

=== START OF READ SMART DATA SECTION ===
Current Drive Temperature: 0 C
Drive Trip Temperature: 0 C

Error Counter logging not supported

Device does not support Self Test logging

Which seems a bit werd.

Just to make sure I tested running the same commands directly in shell in the virtual session.

OK, cant be done from what I gather via some searches. Not even in HyperV 2016.

Yeah, it's not providing any useful information.

 

[Chris Moore]

Yeah, it's not providing any useful information.

It might be interesting to know if you can successfully virtualize FreeNAS in Hyper-v. I have a system at work that is massively under utilized. If the storage pool can be virtual, and I can run a couple of other VMS reliably, it would be better.

Sent from my SAMSUNG-SGH-I537 using Tapatalk

 

[Chris Moore]

@Mirfster I forgot, I remade the controller layout, and all got snugly into the one, single.

I blame my screen resolution for not seeing the small + by the controller icon. [emoji14]

Also, got all my hardware for the standalone FreeNAS machine. See signature.

The thing that would be more useful is if you are able to pass an existing ZFS pool into the virtual instance of FreeNAS.

Sent from my SAMSUNG-SGH-I537 using Tapatalk

 

[Mirfster]

Agree with EricLoewe, doesn't look like FreeNAS truly has direct access to the drives. That to me would be a major "red flag"; unless you find another method I would pretty much call it a "bust".

FWIW in Server 2016, there is supposed to be "Discrete Device Assignment" which may do passthrough more similar to VMWare.

For further consideration, think about DR (Disaster Recovery) in the event the Host OS went down:

• Say you are properly keeping Config Backups of FreeNAS for arguments sake
• How long would it take you to standup a new Hyper-V, Re-Create the FreeNAS VM, Attach the Drives, Restore the Config and Be Back In Business?
• MS VMs are not normally stored in an easily deciphered structure (unless you have gone through steps to make it so). However, on my ESXi I simply have a full copy of the VM Folder for FreeNAS and if I wanted to be lazy could simply copy that whole folder to a new ESXi DataStore and pretty much fire it up (then answer the question with "I Moved It" when prompted)
• In ESXi, I can use vCli/PowerCLI/vicfg-cfgbackup to both create a backup and restore the Host; not sure about MS Hyper-V (might be something similar - and come to think of it I need to check for myself)

 

[Mirfster]

[root@freenas ~]# smartctl -a /dev/da1
smartctl 6.5 2016-05-07 r4318 [FreeBSD 11.1-STABLE amd64] (local build)
Copyright (C) 2002-16, Bruce Allen, Christian Franke, www.smartmontools.org

=== START OF INFORMATION SECTION ===
Vendor: WDC WD10
Product: 01FALS-00E8B0
Revision: 05.0
User Capacity: 1,000,204,886,016 bytes [1.00 TB]
Logical block size: 512 bytes
Device type: disk
Local Time is: Thu Dec 28 07:46:27 2017 CET
SMART support is: Unavailable - device lacks SMART capability.

=== START OF READ SMART DATA SECTION ===
Current Drive Temperature: 0 C
Drive Trip Temperature: 0 C

Error Counter logging not supported

Device does not support Self Test logging

Hmmm, I don't use WD (all HGST here); but I would think that they would have SMART enabled/available.. Maybe someone else can provide info on that.

Also, wonder what you would get if you did a "short" SMART test?

 

[SecCon]

SMART is working, I can monitor it on those WD drives, but via my workaround using software on Host. Did you miss my post on that or did I fail to mention it actually works? Outside FreeNAS though. See attached text file. Short tests are successful.

I am not expecting anything but a rudimentary setup here, those are "scrap drives", replaced two-three years ago with larger ones. My goal is to get a volume up, write to it, maybe half a TB, read, and measure I/O.

DR is not very relevant with redundancy, however it should probably be tested at some point, but right now I am still very early in this, you guys with tons of experience may jump ahead with FreeNAS specific scenarios, in that I am total n00b. Transferring a storage pool? Well, once I have one and two running FreeNAS systems, I guess that might be a requirement to try that out. I will not go for ESXi since I just don't have the hardware for it. Or maybe a Virtual ESXi, with a few Virtual FreeNAS in it? ;)

I did get an interesting error though, kinda verifying direct access if you will:

The error specifies I am using "pass-through" disks. Now, is that the same as direct access?

Thus I am unable to save state or images of the running machine. Options remaining might be replication, thus two servers (?) or an inbuilt FreeNAS backup system I have yet to figure out.

BTW thanks for the thread rename, @Ericloewe

 

[Mirfster]

SMART is working, I can monitor it on those WD drives, but via my workaround using software on Host. Did you miss my post on that or did I fail to mention it actually works? Outside FreeNAS though.

Nah, I caught that. The thing is that with it not functioning in FreeNAS you are dependent on something else outside and thus FreeNAS will may not be able to run the recommend routine maintenance or SMART checks. Which will not allow it to notify you in the event of potential issues.

The error specifies I am using "pass-through" disks. Now, is that the same as direct access?

I would assume it is Microsoft's method of direct access, but as you have seen with SMART (from within FreeNAS) it is not 'truly' direct access.

Thus I am unable to save state or images of the running machine.

Per this article (a bit dated): "Unfortunately, you can't take snapshots/checkpoints when using pass-through disks. It's as simple as that, really."

Maybe if you removed the disks, you could snapshot and then re-add them after? Not sure how viable or convenient that would be. Instead, you could simply have backups of the FreeNAS Configs and apply those to restore somewhat?

Or you could have the VM shutdown and try to see if the Checkpoint would ignore the other disks when the VM is off?

Thus I am unable to save state or images of the running machine. Options remaining might be replication, thus two servers (?) or an inbuilt FreeNAS backup system I have yet to figure out.

In all honesty, you may potentially already have the means to "have your cake and eat it too" (might need just a couple pieces).

• You already have an existing FreeNAS box/server
• Use your Server 2012 R2 box to "house" the drives you wish to use for MS VMs; but have them connected to your existing FreeNAS
• Within FreeNAS, make a Volume/DataSet out of the drives housed on the Server 2012 R2 box
• Have the MS Box connect via iSCSI (or NFS) and tell it to store the VMs there

Again this is very similar to my setup, but should be possible without running ESXi on the box that houses FreeNAS (just my current method). Now you can get the benefits of having FreeNAS handling the NAS duties and MS can do the VM duties.

Here are some screenshots for reference:

Storage for VMs on my FreeNAS (*Note the "MS-ISCSI-ZVOL" drives are physically housed in the MS Box)

FreeNAS Volume attached to my MS Hyper-V Server

Of course at the end of the day, I understand you are wanting to test the viability of virtualizing FreeNAS on HyperV so you may want to go that route and press on. :)

 

[SecCon]

More Snags minor...:

Do not connect to SMB shares as root, and do not add the root user in the SMB user database. There are security implications in attempting to do so, and Samba 4 and later take measures to prevent such actions. This can produceauth_check_ntlm_password and FAILED with error NT_STATUS_WRONG_PASSWORD errors.

Yeah, explains some issues I had. Guessing here, but I assume this goes to show the differences in user management between *nix and Windows. I never bothered with extra users for this test scenario but I guess I have to, or just resort to Guest.

Samba is single threaded, so CPU speed makes a big difference in SMB performance. A typical 2.5Ghz Intel quad core or greater should be capable of handling speeds in excess of Gb LAN while low power CPUs such as Intel Atoms and AMD C-30sE-350E-450 will not be able to achieve more than about 30-40MB/sec typically. Remember that other loads such as ZFS will also require CPU resources and may cause Samba performance to be less than optimal.

Single thread is one thing, multichannel another. SMB 3 and later are Multichannel. Where do we handle this and how?

The Account Configuration section of the administrative GUI describes how to manually create and manage users and groups. This section contains these entries... etc ...

This is a clusterfuck in my opinion. Over worked, too much information, to complex. Windows has service accounts, but it does not force me to rub my nose in to them unless I really have to. You really really need to know what you are doing in here and have printouts of the manual at hand or you will mess up if you are not used to *nix (which I am not). Even considering I am not using anything but local accounts.
I have been trying to figure out what the "wheel" group does and an explanation to it and why it pops up in user accounts but I can see nothing on it in the manual only occurrences with little to no explanations. And what is "Staff" group?

Or let me ask this in other words: which accounts tied to which services are accessible outside my private network and how do I lock them down?

Still can't browse over Explorer from within W10 but I need to review settings for that.

 

[SecCon]

I would just like to say that that has been working for 8 months now, just left it running and did some updates, with some file transfers now and then but not in production environment so to speak. I accidentally changed train (WTF you call it Train for, is should be Development Branch or Tree) so latest upgrade became 11.2 Beta. File transfer speed is hardly above 100MB but stable and, well, it works.

Still having issues with Windows credentials, no more info in the manuals, will search a bit and make separate post about this. Target Prod system will run NFS, I just need to figure out what setting is required for Windows to actually use a cred prompt, since when mapping it does not for some stupid reason. Yes, I have enabled NFS in my desktop... also filecopy is werd, maybe due to NFS, since it creates loads of 0 kb files.

 

[Chris Moore]

File transfer speed is hardly above 100MB but stable and, well, it works.

It has been quite a while since you posted about this. Would you mind giving a recap of any configuration changes you made or is the way you have described it in the thread still accurate?
What kind of network connection are you dealing with? That would cap your File transfer speed. Also, if you are still using the mirrored pair of older 1TB hard drives, their transfer speed may not be as fast as some newer drives. Lots of factors there.

Or let me ask this in other words: which accounts tied to which services are accessible outside my private network and how do I lock them down?

If you are still having problems with the configuration, there are a number of configuration guides that you might find in the forum with a quick search. This one is pretty comprehensive:

Uncle Fester's Basic FreeNAS Configuration Guide
https://www.familybrown.org/dokuwiki/doku.php?id=fester:intro

 

[SecCon]

Chris, I have not made any significant changes and I am not planning on optimizing this virtual scenario. It is a test bed and a very convenient one. It shows me that FreeNAS runs stable over time, not freak errors or crashes. I always work long term with these things, since it has to work long term in production. Years. My current branded box NAS (Asustor606T) has worked flawlessly for ...7 years I think, but is beyond any cpu or ram upgrades. Thanks for asking.

Yes I have read the share part of Festers guide. Frankly a bit of a nightmare.: https://www.familybrown.org/dokuwiki/doku.php?id=fester:shares_basic
Despite for version 9 I do recognize most of it for 11. So many steps....a lot feels just irrelevant, Workgroup in W7? I dont have an AD and I certainly don't use any workgroups, but if still needed...

In any case I am reconfiguring this for NFS and doing it a bit on and off. I have searched and browsed but find no explanation as to the lack of input of User credentials when mapping the share in Windows, despite being there, but I am trying different ways of doing it and I am reading the manual, and other sources, until my eyes bleed but none the wiser. Trial and error despite all. Ah, I should have asked about that in the appropriate forum section, but I did not really expect any reply here. I just posted to let you guys now this is still an active project.

 

[Chris Moore]

a lot feels just irrelevant, Workgroup in W7?

It isn't irrelevant. It is part of how network sharing is designed to work. Even if you don't think you use it, all the Windows systems I have ever setup were a member of the 'workgroup' workgroup by default and if you only ever have a few windows systems with default configuration on your network, you never have to worry about it. All the *nix based operating systems take it a bit more seriously.
Be sure to explore the resources section of the forum: https://forums.freenas.org/index.php?resources/

 

[SecCon]

Sorry for bickering about this but what does it have to do with having a network share behind user : pwd?

To me those are entirely different scenarios
- You have a resource in your Workgroup / AD and automatically have access to it
OR
- You have a resource you need usr : pwd for.

Yes, I understand you can have a combination of these, but in the most basic approach those should not be interdependent. You say Unix take this a bit "more seriously" but I don't care, I am running Windows X clients and only looking at FreeNAS because of ZFS.

 

[Chris Moore]

Sorry for bickering about this but what does it have to do with having a network share behind user : pwd?

You are arguing about why the sky is blue. This is the way the protocol was designed by other people decades ago. We are just users.

 

[SecCon]

Update
I have cancelled this and deleted the Guest OS, since I am preparing FreeNAS on its own hardware, as specified in signature. Ultimately a corrupted vdisk caused the image to cease so I kinda blame Hyper-V. No major effort was made to diagnose or restore it. While it worked for a long time in to 11.2 I have no conclusive results as if this is a viable solution.