We're currently transitioning to storing all of our organization's user information in Red Hat IDM (FreeIPA). We have several thousand users, and mount user home directories over NFS from a NetApp filer. On the filer, home directories are stored in 50+ subdirectories spread across more than a dozen volumes depending on their account type & organizational role.
We would like to change where we mount user home directories on NFS clients. Doing so as part of the migration to IDM seems to make sense, since we'll be reinstalling clients or changing their configs, anyway.
In our legacy configuration, NFS clients mount home directories either one or two subdirectories down from /home/, at a path that matches where the homedir is stored on the NFS server.
We would like clients to instead mount all user home directories at /home/$USERNAME.
Here are some made-up examples of where user home directories might live on the NFS server and where they would be mounted (in our current configuration) on an NFS client:
- nfs:/vol/home_d/81/jim->- /home/d/81/jim
- nfs:/vol/home_d/red93/isabelle->- /home/d/red93/isabelle
- nfs:/vol/home_z/samantha->- /home/z/samantha
- nfs:/vol/home_z/blue/robert->- /home/z/blue/robert
In the future, we'd like to mount robert's home directory at /home/robert, isabelle's at /home/isabelle, and so on. We haven't set up automount maps in FreeIPA yet, but we tried the following with flat files in /etc/ on a RHEL client:
auto.master:
/home /etc/auto.home --timeout 60
auto.home:
*       -tcp,vers=3,nosuid,nodev,sync,rsize=32768,wsize=32768,intr,noatime,acl nfs:/vol/home_d/81
*       -tcp,vers=3,nosuid,nodev,sync,rsize=32768,wsize=32768,intr,noatime,acl nfs:/vol/home_d/red93
*       -tcp,vers=3,nosuid,nodev,sync,rsize=32768,wsize=32768,intr,noatime,acl nfs:/vol/home_z
*       -tcp,vers=3,nosuid,nodev,sync,rsize=32768,wsize=32768,intr,noatime,acl nfs:/vol/home_z/blue
Unfortunately, it didn't work as desired. Only the first entry (in this case, the mapping to nfs:/vol/home_d/81) was searched, when we were hoping that automount would continue iterating over the keys until it found a match.
Given the layout of our NFS server, what would be the most logical and performant way of automounting user home directories on-demand at /home? Ideally, we'd like to store automount information in IDM/FreeIPA.
- Should we use the cn=automount,dc=example,dc=comtree that's part of FreeIPA already? If so, can we just have entries for the ~50 directories that hold user home directory folders, or do we need one entry for each user? (We're prepared to do the latter. Creating them programmatically would be easy, but we're unsure of the performance & long-term management implications.)
- Should we create & use nisMapobjects?
- Should we add a custom attribute to user records, and use that?
- Is there something better we didn't think of?
Our NFS clients include RHEL, Ubuntu, and a smattering of macOS. (Retaining macOS support/compability would be nice, but is not required. We're prepared to drop it from our list of supported platforms.)
If necessary, we could re-organize the layout on the NFS server somewhat, but we'd still want to keep homedirectories in several different volumes (and ideally several different subdirectories).