Loader Configuration
Some pointers on tuning loader machines.
Contents
Single Machine
Also known as a "laptop" configuration.
Install
We recommend you install Truxton on each loader node as follows:
- On the
D:
drive, make the following folders:Hashsets
Temp
Truxton Data\Search
(this is actually two folders)
- Run the PostgreSQL installer (
postgresql-12.4.1-windows-x64.exe
in thePrerequisites
folder of the installation media). Use the following settings:- Data Directory:
D:\Truxton Data\data
- Password:
Truxton4n6
- Locale to be used:
C
- Data Directory:
- Run
Truxton_Installer.exe
, do not use the defaults- Change the "Depot Data Directory" to
D:\Truxton Data
- Change the "Depot Data Directory" to
Temporary Folder
The tempdir
setting controls the folder where Truxton ETLs will write their temporary files.
In the case of PST files, this can be huge.
Choose a fast drive to hold this.
Hashsets
The hashsetdir
setting controls the folder where hashsets are stored.
Any ETL process that produces files will need fast access to the files in this folder.
Many reads will be performed on these files so this folder should be on a fast drive.
Truxton Forensic Rack
The Truxton Forensic Rack is a 7 foot tall rack populated with hardware dedicated to forensic processing. It has a Yellowbrick database appliance, seven dedicated loader/exploitation machines and 1PB of usable depot storage. With everything separated, it gives us many ways to configure processing.
Hardware
Here's how the hardware is stacked:
U42 | Network Switch |
U27 | Yellowbrick |
U26 | Yellowbrick Manager 0 |
U25 | Yellowbrick Manager 1 |
U23 | KVM Server |
U22 | Keyboard and Monitor |
U13 | Loader Node 7 |
U11 | Loader Node 6 |
U09 | Loader Node 5 |
U07 | Loader Node 4 |
U05 | Loader Node 3 |
U03 | Loader Node 2 |
U01 | Loader Node 1 |
Analyst Desktop
One of the things to turn off is the automatic ANALYZE
when the desktop starts.
This is controlled by the skip_update_db_stats_on_boot
desktop setting.
Edit the %localappdata%\probity\truxton\client.settings
file.
Search for skip_update_db_stats_on_boot
value.
It should look like this:
"skip_update_db_stats_on_boot": { "OriginalType": "System.Boolean, System.Private.CoreLib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=7cec85d7bea7798e", "Data": "false" },
Change the Data
field to true
"skip_update_db_stats_on_boot": { "OriginalType": "System.Boolean, System.Private.CoreLib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=7cec85d7bea7798e", "Data": "true" },
Server Architectures
With seven machines dedicated to forensic processing, we have a flexible platform to configure in a variety of ways.
Laptop
The "laptop" architecture uses the servers as seven individual machines. Each server hosts everything needed to run Truxton. The disadvantage of this configuration is that the other machines in the rack cannot help to process the data being loaded.
2x5
This configuration will dedicate two machines to database and message bus. The remaining 5 machines cooperate in exploiting the media being loaded.
Loader Node 1 (U01)
This machine hosts the singleton processes and low-volume processes.
- Load Status Monitor
- Message Bus
- SOLR Server
- Alert
- Identify
- Poly
- Report
- SOLR
- SOLRFile
Loader Node 2 (U03)
- Postgres Database Server - Configured for 1,000 connections
- Finished
Loader Nodes 3-7 (U05-U13)
These are the machines with lots to do. They host:
Maintenance
Steps to Update Truxton on a Loader Node
- Stop the Truxton Service
net stop truxton
- Uninstall Truxton
- Install new Truxton
- Stop Les
net stop les
- Stop the Truxton Service
net stop truxton
- Click on the Truxton Status Monitor icon in the Windows Status Bar and select "Exit"
- Validate that
TruxtonService.xml
andTruxtonSettings.xml
are correct - In the Services application, select the properties of "Truxton Monitor (Les)" and change the Startup Type to "Disabled"
- Start the Truxton Service
net start truxton
There should be only one Les on the rack and the Truxton Status Monitor tray application is something for a human to look at.
Machine IDs
Normally the machine identifier is derived from the operating system but in a rack situation we sacrifice some entropy to provide system administrators assistance. The Machine ID for rack configurations are made up of the following fields:
Field | Length | Meaning |
---|---|---|
Rack | 2 bytes | 5452 TR for Truxton Rack
|
Rack Serial Number | 2 bytes | The serial number of the rack in hex encoded decimal |
Rack Address Indicator | 1 byte | 55 U
|
Rack Address | 1 byte | Unit address in the rack of the machine |
Logical Processors | 2 bytes | The number of logical CPUs in the machine |
RAM | 2 bytes | The number of gigabytes of RAM in the machine |
IP Address | 6 bytes | The IP address of the machine |
For Example a Rack Machine ID of 54520001-5501-0072-0191-010010182131
tells us:
Bytes | Meaning |
---|---|
5452
|
ASCII TR, this is a Rack Machine ID |
0001
|
Serial Number 1 |
55
|
Unit Address |
01
|
The machine is in slot U01 in the rack |
0072
|
The machine has 72 logical processors |
0191
|
The machine has 191GB of RAM |
010010182131
|
The IP address of the machine is 10.10.182.131 |
The Machine ID corresponds to the [MachineID]
column of the [Statistics]
table.
This allows you to see how the different machines perform their loads.
Rack serial numbers in the 9000 range are development racks where new configurations are tested.
Loader Node Configuration Files
A pair of configuration files TruxtonSettings.xml
and TruxtonService.xml
are created and saved to make installation easy on virgin machines.
TruxtonSettings.xml
identifies the loader node and where the database and depots are.
TruxtonService.xml
governs which ETL processes will run on that machine.
Low-Volume Host
Low-volume is defined as something that isn't used very often. When it is, there's not much impact on the performance of this host machine. A low-volume ETL won't produce very many of anything.
TruxtonService.xml
The following is a sample configuration file for low-volume host.
<root>
<truxton_options>
<!-- This Truxton service configuration file was created 2020-07-09 17:30:09 by TruxtonService.exe running as SYSTEM from the machine named LOADER01 (10.10.10.131). -->
<service_configuration_version>1840023666788</service_configuration_version>
<!-- There should only be one purger of expired media on your network -->
<purger>yes</purger>
<work_schedule>
<!-- If this service is not employed, the service will run but no ETLs will be allowed to run -->
<employed>yes</employed>
<monday>
<on_duty>0000-2359</on_duty>
</monday>
<tuesday>
<on_duty>0000-2359</on_duty>
</tuesday>
<wednesday>
<on_duty>0000-2359</on_duty>
</wednesday>
<thursday>
<on_duty>0000-2359</on_duty>
</thursday>
<friday>
<on_duty>0000-2359</on_duty>
</friday>
<saturday>
<on_duty>0000-2359</on_duty>
</saturday>
<sunday>
<on_duty>0000-2359</on_duty>
</sunday>
</work_schedule>
<emptyqueuethresholdseconds>3600</emptyqueuethresholdseconds>
<etls>
<etl>
<description>This consumes BOLOs and creates Alerts.</description>
<exe controllable="yes" instances="1" queue="alert">Alert</exe>
</etl>
<etl>
<description>This expands archive files.</description>
<exe controllable="yes" instances="4" queue="archives">Archives</exe>
</etl>
<etl>
<description>This carves free space for files.</description>
<exe controllable="yes" instances="1" queue="carve">Carve</exe>
<arguments>-carve_threads 0</arguments>
</etl>
<etl>
<description>This generates video contact sheets, the 10x10 grid of images taken throughout the video.</description>
<exe controllable="yes" instances="4" queue="contactsheet">ContactSheet</exe>
</etl>
<etl>
<description>This parses MIME email files.</description>
<exe controllable="yes" instances="1" queue="email">EMail</exe>
</etl>
<etl>
<description>This is the main file expander service.</description>
<exe controllable="yes" instances="10" queue="expand">Expand</exe>
</etl>
<etl>
<description>This performs final processing after all files are present. It performs count queries and updates statistics.</description>
<exe controllable="yes" instances="4" queue="finishedstage">Finished</exe>
</etl>
<etl>
<description>This identifies file contents and routes accordingly.</description>
<exe controllable="yes" instances="1" queue="identify">Identify</exe>
</etl>
<etl>
<description>This is a loader as an ETL. It has the responsibility to expand files and load media.</description>
<exe controllable="yes" instances="4" queue="load">Load</exe>
<arguments>-lq load</arguments>
</etl>
<etl>
<description>This coordinates the poly file expansion process.</description>
<exe controllable="yes" instances="1" queue="poly">Poly</exe>
</etl>
<etl>
<description>This finds the all of the pieces of multi-part archives and expands them.</description>
<exe controllable="yes" instances="1" queue="pfe">PolyFileExpander</exe>
</etl>
<etl>
<description>This exploits Windows registry files.</description>
<exe controllable="yes" instances="1" queue="registry">Registry</exe>
</etl>
<etl>
<description>This exports registry files to the local filesystem, spawns RegRipper.exe, grabs the result and makes it a child file of the registry file.</description>
<exe controllable="yes" instances="1" queue="regripper">RegRipper</exe>
</etl>
<etl>
<description>This spawns executables to expand files then kills them when done.</description>
<exe controllable="yes" instances="1" queue="remoteexpand">RemoteFileExpander</exe>
</etl>
<etl>
<description>This generates the reports.</description>
<exe controllable="yes" instances="1" queue="report">Report</exe>
</etl>
<etl>
<description>This keeps the SOLR service running.</description>
<exe controllable="yes" instances="1" queue="solrcontentstage">SOLR</exe>
</etl>
<etl>
<description>This sends files to SOLR for content indexing.</description>
<exe controllable="yes" instances="1" queue="solrfile">SOLRFile</exe>
</etl>
<etl>
<description>This reassembles fragments of carved files into the correct order for viewing.</description>
<exe controllable="yes" instances="1" queue="stitch">Stitch</exe>
</etl>
<etl>
<description>This extracts text from files.</description>
<exe controllable="yes" instances="1" queue="tqueue">TextExtract</exe>
</etl>
<etl>
<description>This generates small thumbnail images from larger images.</description>
<exe controllable="yes" instances="8" queue="thumbnail">Thumbnail</exe>
</etl>
<etl>
<description>This uses Yara to scan files for the rules you specify. Normally this is a malware scanner.</description>
<exe controllable="yes" instances="1" queue="yara">Yara</exe>
</etl>
</etls>
<services>{Solr 5 Server||$TextIndexerData$Search/bin/solr.cmd|start -p 8983 -m 32533m -a "-XX:-UsePerfData"|$TextIndexerData$Search/bin/solr.cmd|stop -p 8983|java.exe|jetty.port=8983},</services>
<!-- The shutdownmachine boolean value tells Truxton if it should power down the server once all ETLs go idle -->
<shutdownmachine>false</shutdownmachine>
</truxton_options>
</root>
TruxtonSettings.xml
The following is a sample low-volume configuration file.
<truxton_options>
<hashsetdir>D:\Hashsets</hashsetdir>
<tempdir>D:\Temp</tempdir>
<fct>1201</fct>
<mqconcentrator>Yes</mqconcentrator>
<mbp>MBCConnie.dll</mbp>
<xsyslog>127.0.0.1</xsyslog>
<xsyslogport>514</xsyslogport>
<FileGroupsHaveBeenInitialized>1</FileGroupsHaveBeenInitialized>
<dbserver>10.10.10.103</dbserver>
<dbport>5432</dbport>
<dbname>Truxton</dbname>
<dbuser>postgres</dbuser>
<dbpassword>Truxton4n6</dbpassword>
<mqserver>10.10.10.131</mqserver>
<mqport>5432</mqport>
<mqname>TruxtonMessageBus</mqname>
<mquser>postgres</mquser>
<mqpassword>Truxton4n6</mqpassword>
<datadir>C:\ClusterStorage\Depot01\Depot</datadir>
<machineid>54520001-5501-0072-0191-010010010131</machineid>
<solr_url>http://10.10.10.131:8983/solr/truxton-core</solr_url>
<CreateTheDatabase>1</CreateTheDatabase>
</truxton_options>
High-Volume Host
High-volume is when an ETL will consume significant host machine resources or produce lots of files.
TruxtonService.xml
TruxtonSettings.xml
<truxton_options>
<hashsetdir>D:\Hashsets</hashsetdir>
<tempdir>D:\Temp</tempdir>
<fct>1201</fct>
<mqconcentrator>Yes</mqconcentrator>
<mbp>MBCConnie.dll</mbp>
<xsyslog>127.0.0.1</xsyslog>
<xsyslogport>514</xsyslogport>
<FileGroupsHaveBeenInitialized>1</FileGroupsHaveBeenInitialized>
<dbserver>10.10.10.103</dbserver>
<dbport>5432</dbport>
<dbname>Truxton</dbname>
<dbuser>postgres</dbuser>
<dbpassword>password</dbpassword>
<mqserver>10.10.10.131</mqserver>
<mqport>5432</mqport>
<mqname>TruxtonMessageBus</mqname>
<mquser>postgres</mquser>
<mqpassword>Truxton4n6</mqpassword>
<datadir>C:\ClusterStorage\Depot01\Depot</datadir>
<machineid>54520001-5501-0072-0191-010010010131</machineid>
<CreateTheDatabase>1</CreateTheDatabase>
<solr_url>http://10.10.10.131:8983/solr/truxton-core</solr_url>
</truxton_options>
Loader Node Installation Checklist
Here are the steps for installing Truxton as a loader node on the rack.
We recommend that each loader node have an SSD dedicated to Truxton.
This SSD, we will call it the D:
drive, can be in the 200GB range or larger.
Truxton will use it to host the hashsets and for temporary files.
We do this because hashsets require a lot of seek and reads.
If it is on an SSD, the speed will be dramatically improved over having it on a shared folder.
Likewise, the temporary files folder should be on an SSD for improved IO performance.
- Make sure FIPS mode is off. FIPS is a standard for secure computing. When Windows FIPS mode is on, it makes sure that only approved cryptographic algorithms are used for high level tasks like signing documents or encrypting files. Specifically, Windows will disable the use of non-approved algorithms. The problem is, Microsoft gave developers a Crypto API that provided a common approach to low level tasks such as hashing. Other libraries (like .Net) depend on the Crypto API for performing MD5 hashing. When FIPS mode is on, MD5 is no longer part of the Crypto API and any code that relied on the Crypto API is now broken. This can lead to many hours of developer hilarity figuring out why programs stop working...
- Create
C:\ProgramData\Truxton\Settings
folder - Copy the two configuration files into the Settings folder
- Modify the
TruxtonSettings.xml
file to set themachineid
, set the rack and IP address fields - Install Truxton
- Run
Truxton_Installer.exe
- If asked "Should I install Java?" click the "No" button. Do not install Java
- If asked "Should I install PostgreSQL Database Server?" click the "No" button. Do not install PostgreSQL
- When asked "Would you like to use the default options when installing Truxton?" click the "Yes" button. Yes install with the default options (since we copied the settings files already)
- Run
- Stop the Truxton service
- Stop Les
- Set Les (Truxton Monitor) service to be Disabled from the Windows Services control panel.
- Create
D:\Hashsets
folder - Create the
D:\Temp
folder - Remove permissions from
D:\Temp
so the ETL processes can write to it. - Copy the hashsets from the installation media to
D:\Hashsets
- Restart the Truxton service
- Exit the tray app
Rack Management
There is a folder in the clustered storage named Rack Management
which contains scripts and configuration files to ease the management of the rack.
Configurations
This sub-folder is home to the customized versions of TruxtonService.xml
and TruxtonSettings.xml
for each node.
The naming convention for the files is the rack address, underscore, last octet of the server's IP address, underscore, and XML filename.
For example, the TruxtonSettings.xml
file to be used on the U01 machine at 10.10.182.131 will be named U01_131_TruxtonSettings.xml
Create a new sub-folder for each configuration you want the rack to use.
The default configuration is in a sub-folder named Nodes
Installing Truxton
The InstallTruxton.cmd
batch file will install the latest version of Truxton onto the machines in the rack.
It assumes that Truxton is not running on the rack.
You can stop Truxton by using the StopTruxton.cmd
batch file.
@ECHO OFF
start wmic /node:10.10.182.131 product call install true,"","C:\ClusterStorage\SampleData\Rack Management\Truxton Software\Truxton_Updates\Truxton.msi"
start wmic /node:10.10.182.132 product call install true,"","C:\ClusterStorage\SampleData\Rack Management\Truxton Software\Truxton_Updates\Truxton.msi"
start wmic /node:10.10.182.134 product call install true,"","C:\ClusterStorage\SampleData\Rack Management\Truxton Software\Truxton_Updates\Truxton.msi"
start wmic /node:10.10.182.135 product call install true,"","C:\ClusterStorage\SampleData\Rack Management\Truxton Software\Truxton_Updates\Truxton.msi"
start wmic /node:10.10.182.136 product call install true,"","C:\ClusterStorage\SampleData\Rack Management\Truxton Software\Truxton_Updates\Truxton.msi"
start wmic /node:10.10.182.137 product call install true,"","C:\ClusterStorage\SampleData\Rack Management\Truxton Software\Truxton_Updates\Truxton.msi"
start wmic /node:10.10.182.138 product call install true,"","C:\ClusterStorage\SampleData\Rack Management\Truxton Software\Truxton_Updates\Truxton.msi"
ECHO All nodes told to install, should be done in a couple of minutes
TIMEOUT /T 103
REM At this point, the default installations have been done
REM All nodes are local, we need them to team together
CALL StopTruxton.cmd
CALL ConfigTruxton.cmd
ECHO Finished.
Starting Truxton
The StartTruxton.cmd
will start Truxton on all of the nodes of the rack.
@ECHO OFF
ECHO Starting Truxton service on U01
sc \\10.10.182.131 start Truxton
ECHO Starting Truxton service on U03
sc \\10.10.182.132 start Truxton
ECHO Starting Truxton service on U05
sc \\10.10.182.134 start Truxton
ECHO Starting Truxton service on U07
sc \\10.10.182.135 start Truxton
ECHO Starting Truxton service on U09
sc \\10.10.182.136 start Truxton
ECHO Starting Truxton service on U11
sc \\10.10.182.137 start Truxton
ECHO Starting Truxton service on U13
sc \\10.10.182.138 start Truxton
Stopping Truxton
The StopTruxton.cmd
batch file will stop Truxton on all of the nodes in the rack.
@ECHO OFF
ECHO Stopping Truxton service on U01
sc \\10.10.182.131 stop Les
sc \\10.10.182.131 stop Truxton
ECHO Stopping Truxton service on U03
sc \\10.10.182.132 stop Les
sc \\10.10.182.132 stop Truxton
ECHO Stopping Truxton service on U05
sc \\10.10.182.134 stop Les
sc \\10.10.182.134 stop Truxton
ECHO Stopping Truxton service on U07
sc \\10.10.182.135 stop Les
sc \\10.10.182.135 stop Truxton
ECHO Stopping Truxton service on U09
sc \\10.10.182.136 stop Les
sc \\10.10.182.136 stop Truxton
ECHO Stopping Truxton service on U11
sc \\10.10.182.137 stop Les
sc \\10.10.182.137 stop Truxton
ECHO Stopping Truxton service on U13
sc \\10.10.182.138 stop Les
sc \\10.10.182.138 stop Truxton
TIMEOUT /T 7
REM Now go kill any hung processes
CALL KillETLProcesses.cmd 10.10.182.131
CALL KillETLProcesses.cmd 10.10.182.132
CALL KillETLProcesses.cmd 10.10.182.134
CALL KillETLProcesses.cmd 10.10.182.135
CALL KillETLProcesses.cmd 10.10.182.136
CALL KillETLProcesses.cmd 10.10.182.137
CALL KillETLProcesses.cmd 10.10.182.138
Configuring Truxton
The ConfigTruxton.cmd
batch file will push the configuration files out to the nodes on the rack.
This script will stop the tray application on all nodes and it will configure Les to be disabled on the worker nodes.
@ECHO OFF
ECHO Configuring Truxton on U01
taskkill /s \\10.10.182.131 /FI "IMAGENAME eq TruxtonStatus.exe"
wmic /node:10.10.182.131 process call create "cmd.exe /C copy \"C:\ClusterStorage\SampleData\Rack Management\Configurations\Nodes\U01_TruxtonService.xml\" \"C:\ProgramData\Truxton\Settings\TruxtonService.xml"
wmic /node:10.10.182.131 process call create "cmd.exe /C copy \"C:\ClusterStorage\SampleData\Rack Management\Configurations\Nodes\U01_TruxtonSettings.xml\" \"C:\ProgramData\Truxton\Settings\TruxtonSettings.xml"
ECHO Configuring Truxton on U03
taskkill /s \\10.10.182.132 /FI "IMAGENAME eq TruxtonStatus.exe"
sc \\10.10.182.132 config Les start=disabled
wmic /node:10.10.182.132 process call create "cmd.exe /C copy \"C:\ClusterStorage\SampleData\Rack Management\Configurations\Nodes\U03_TruxtonService.xml\" \"C:\ProgramData\Truxton\Settings\TruxtonService.xml"
wmic /node:10.10.182.132 process call create "cmd.exe /C copy \"C:\ClusterStorage\SampleData\Rack Management\Configurations\Nodes\U03_TruxtonSettings.xml\" \"C:\ProgramData\Truxton\Settings\TruxtonSettings.xml"
ECHO Configuring Truxton on U05
taskkill /s \\10.10.182.134 /FI "IMAGENAME eq TruxtonStatus.exe"
sc \\10.10.182.134 config Les start=disabled
wmic /node:10.10.182.134 process call create "cmd.exe /C copy \"C:\ClusterStorage\SampleData\Rack Management\Configurations\Nodes\U05_TruxtonService.xml\" \"C:\ProgramData\Truxton\Settings\TruxtonService.xml"
wmic /node:10.10.182.134 process call create "cmd.exe /C copy \"C:\ClusterStorage\SampleData\Rack Management\Configurations\Nodes\U05_TruxtonSettings.xml\" \"C:\ProgramData\Truxton\Settings\TruxtonSettings.xml"
ECHO Configuring Truxton on U07
taskkill /s \\10.10.182.135 /FI "IMAGENAME eq TruxtonStatus.exe"
sc \\10.10.182.135 config Les start=disabled
wmic /node:10.10.182.135 process call create "cmd.exe /C copy \"C:\ClusterStorage\SampleData\Rack Management\Configurations\Nodes\U07_TruxtonService.xml\" \"C:\ProgramData\Truxton\Settings\TruxtonService.xml"
wmic /node:10.10.182.135 process call create "cmd.exe /C copy \"C:\ClusterStorage\SampleData\Rack Management\Configurations\Nodes\U07_TruxtonSettings.xml\" \"C:\ProgramData\Truxton\Settings\TruxtonSettings.xml"
ECHO Configuring Truxton on U09
taskkill /s \\10.10.182.136 /FI "IMAGENAME eq TruxtonStatus.exe"
sc \\10.10.182.136 config Les start=disabled
wmic /node:10.10.182.136 process call create "cmd.exe /C copy \"C:\ClusterStorage\SampleData\Rack Management\Configurations\Nodes\U09_TruxtonService.xml\" \"C:\ProgramData\Truxton\Settings\TruxtonService.xml"
wmic /node:10.10.182.136 process call create "cmd.exe /C copy \"C:\ClusterStorage\SampleData\Rack Management\Configurations\Nodes\U09_TruxtonSettings.xml\" \"C:\ProgramData\Truxton\Settings\TruxtonSettings.xml"
ECHO Configuring Truxton on U11
taskkill /s \\10.10.182.137 /FI "IMAGENAME eq TruxtonStatus.exe"
sc \\10.10.182.137 config Les start=disabled
wmic /node:10.10.182.137 process call create "cmd.exe /C copy \"C:\ClusterStorage\SampleData\Rack Management\Configurations\Nodes\U11_TruxtonService.xml\" \"C:\ProgramData\Truxton\Settings\TruxtonService.xml"
wmic /node:10.10.182.137 process call create "cmd.exe /C copy \"C:\ClusterStorage\SampleData\Rack Management\Configurations\Nodes\U11_TruxtonSettings.xml\" \"C:\ProgramData\Truxton\Settings\TruxtonSettings.xml"
ECHO Configuring Truxton on U13
taskkill /s \\10.10.182.138 /FI "IMAGENAME eq TruxtonStatus.exe"
sc \\10.10.182.138 config Les start=disabled
wmic /node:10.10.182.138 process call create "cmd.exe /C copy \"C:\ClusterStorage\SampleData\Rack Management\Configurations\Nodes\U13_TruxtonService.xml\" \"C:\ProgramData\Truxton\Settings\TruxtonService.xml"
wmic /node:10.10.182.138 process call create "cmd.exe /C copy \"C:\ClusterStorage\SampleData\Rack Management\Configurations\Nodes\U13_TruxtonSettings.xml\" \"C:\ProgramData\Truxton\Settings\TruxtonSettings.xml"
Removing Truxton
The UninstallTruxton.cmd
batch file will remove Truxton from all the nodes on the rack.
@ECHO OFF
CALL StopTruxton.cmd
ECHO Uninstalling Truxton
START wmic /node:10.10.182.131 product where name="Truxton" call uninstall /nointeractive
START wmic /node:10.10.182.132 product where name="Truxton" call uninstall /nointeractive
START wmic /node:10.10.182.134 product where name="Truxton" call uninstall /nointeractive
START wmic /node:10.10.182.135 product where name="Truxton" call uninstall /nointeractive
START wmic /node:10.10.182.136 product where name="Truxton" call uninstall /nointeractive
START wmic /node:10.10.182.137 product where name="Truxton" call uninstall /nointeractive
START wmic /node:10.10.182.138 product where name="Truxton" call uninstall /nointeractive
ECHO All nodes told to uninstall
Updating Truxton
When you receive a new version of Truxton, update the MSI file and run UpdateTruxton.cmd
@ECHO OFF
ECHO Updating Truxton
CALL UninstallTruxton.cmd
CALL InstallTruxton.cmd
CALL StartTruxton.cmd
Useful Batch Files
Remove Permissions
Here's the PowerShell script to remove security from a folder.
$folder_path = "D:\Temp"
$security_descriptor = Get-Acl -Path $folder_path
# This is the SDDL for a NULL DACL
$sddl_for_a_null_dacl = ""
$security_descriptor.SetSecurityDescriptorSddlForm($sddl_for_a_null_dacl)
Set-Acl -Path $folder_path -AclObject $security_descriptor
Storage Spaces Direct
The Truxton rack uses Microsoft's Storage Spaces Direct (aka S2D) for managing disk space.
Planning Volumes
Here is a calculator to use when planning on creating a volume.
Creating a Volume
Here's how to create a 64TB volume for depots using the Powershell command New-Volume
New-Volume -FriendlyName "GoldCopy" -Size 250TB -ResiliencySettingName Mirror -NumberOfDataCopies 2 -FileSystem CSVFS_ReFS -StoragePoolFriendlyName S2D*
Repairing a Volume
Sometimes you may see "Needs Repair" as its status.
List Resources
To see what's on the cluster:
Get-ClusterResource