Home
On Premises
ONTAP 9
Data Access
NAS
NAS KBs
How does the ONTAP NFS credential cache work?

How does the ONTAP NFS credential cache work?

Last updated
Save as PDF
Share
1. Share
2. Tweet
3. Share

Views:: 205

Visibility:: Public

Votes:: 0

Category:: not set

Specialty:: not set

Last Updated:

Applies to

ONTAP 9
NFS

Answer

When a client accesses the node (nblade), ONTAP will check if the cached entry exists.
- If the cache exists, the credential is served from the node cache.
- ONTAP will then check if the cache is expired.
  - If expired, ONTAP will then check the global cache otherwise known as the cluster cache.
    - If the global cache exists, ONTAP will check if the user (passwd) exists.
      - If the user exists, ONTAP will check if the user has group membership.
        
        If no group membership exists, ONTAP will query (group) for the groups.
        
        Upon successful query, ONTAP will synchronize the global cache.
        
        If yes, ONTAP will synchronize the global cache.
      - The user does not exist, ONTAP will query (passwd) for the user.
        
        Once the user is successfully queried, ONTAP will repeat the cycle and check if the user has group membership.
        
        If no group membership exists, ONTAP will query (group) for the groups.
        
        Upon successful query, ONTAP will synchronize the global cache.
        
        If yes, ONTAP will synchronize the global cache.
  - If not expired, access continues without further actions for the cache.

Additional Information

On cache expiration, unless the entry was harvested, reuse it and set the flag pending refresh.
- Do not reuse while pending refresh once refresh completes, the cache entry will be updated and the flag removed.
After the first for 914483, the expired NFS credential will continue to be used until refresh completes.
If the credential does not exist, it will be created in a partial state, and ONTAP will continually attempt refresh until it succeeds.