Using the JFileServer Enterprise Docker Image

From FileSys.Org Wiki
Revision as of 09:16, 10 January 2019 by Tommygonk (talk | contribs)

The following JFileServer Enterprise Docker image are available :-

Image Description
filesysorg/jfileserver-enterprise JFileServer file server plus the Enterprise add-on to add support for SMB2 and SMB3

Using the filesysorg/jfileserver-enterprise Image

The filesysorg/jfileserver-enterprise Docker image extends the core JFileServer image by adding the JFileServer Enterprise add-on that enables support for the newer SMB2 and SMB3 protocols to the SMB server. SMB2 is a more efficient and higher performance version of the SMB protocol, SMB3 adds full encryption support to the SMB traffic to prevent snooping and relay attacks.

The default configuration of the JFileServer Enterprise file server is similar to the JFileServer but the SMB server is configured to negotiate the SMB2 protocol, via the JFSRV_SMB_DIALECTS environment variable.

To run the default JFileServer setup use the following command :-

docker run -d --rm --name jfileserver-ent -p 445:445 filesysorg/jfileserver-enterprise

The Docker image will be downloaded from the Docker hub if you have not already downloaded it. This will start JFileServer with the Enterprise add-on running the SMB server on the native SMB port 445. On linux, macOS and other Unix systems you should be able to connect to the SMB file server by using the host name or IP address in the UNC path when mapping the shared drive path. For example, if the host IP address is 192.168.1.2 you would use a UNC path of \\192.168.1.2\jfileshare to map to the default shared path of the JFileServer. There are two users configured for the file server, an administrator user with the username admin password jfilesrv, and a normal user with username user password java. You will need to use either the admin or normal username and password when connecting to the file server.

To stop the JFileServer use the command :-

docker stop jfileserver-ent

Using Volume Mapping To Override The Configuration

The JFileServer Enterprise Docker image has the following files and folder layout :-

/jfileserver
 |
 +- /jfileShare
     |
     +- sharedFile.txt
 +- /lib
     |
     +- bcprov-jdk5on-1.48.jar
     +- hazelcast-3.10.1.jar
     +- jfileserver-1.1.1.jar
     +- jfileserver-enterprise-1.0.0.jar
     +- jna-5.1.0.jar
     +- jna-platform-5.1.0.jar
     +- license4j-runtime-library-4.7.2.jar
 +- /licence
     |
     +- jfileserver.lic
 +- /logs
     |
     +- jfileserver.log
 +- fileSrvConfig.xml
 +- runsrv.sh

The JFileServer Enterprise add-on requires a licence to run, a time limited demo licence is included in the Docker image. If you have your own Enterprise licence file you can use volume mapping to map to your licence file on the host system using :-

docker run -d --rm --name jfileserver-ent -p 445:445 -v <path-to-your-licence-folder>:/jfileserver/licence filesysorg/jfileserver-enterprise

The licence folder on the host system must contain a licence file with the name jfileserver.lic.

We can use Docker volume mapping to override the default paths and map them to paths on the host system. To override the default shared folder to a folder on the host system we could use the command :-

docker run -d --rm --name jfileserver-ent -p 445:445 -v <path-to-host-folder>:/jfileserver/jfileShare filesysorg/jfileserver-enterprise

To have the JFileServer log written to a file on the host we can use the command :-

docker run -d --rm --name jfileserver-ent -p 445:445 -v <path-to-host-folder>:/jfileserver/logs filesysorg/jfileserver-enterprise

To override the default JFileServer configuration we can map the /jfileserver/fileSrvConfig.xml to a configuration file on the host system :-

docker run -d --rm --name jfileserver-ent -p 445:445 -v <path-to-host-config-file>:/jfileserver/fileSrvConfig.xml filesysorg/jfileserver-enterprise

You can use multiple volume maps on the command line, so the above examples could be combined into the command :-

docker run -d --rm --name jfileserver-ent -p 445:445 -v <path-to-host-folder>:/jfileserver/jfileShare -v <path-to-host-folder>:/jfileserver/logs
 -v <path-to-host-config-file>:/jfileserver/fileSrvConfig.xml filesysorg/jfileserver-enterprise

Note: On Windows the default Docker setup only allows host paths within the \Users folder so to redirect the logs folder to a host path you would use -v "/c/Users/<username>/logs:/jfileserver/logs". The log file jfileserver.log should appear within the hosts logs\ folder as the JFileServer starts up.

Using Environment Variables To Override The Configuration

The default configuration can be overridden using environment variables. Also the shared folder and the logs folder can be redirected to use host folders via volume mapping.

As the JFileServer is running in a Docker container it can use the default privileged ports for the various file servers. The SMB server will use TCP ports 139 and 445, and UDP ports 137 and 138, by default. The FTP server will use port 21 by default.

The following environment variables are used, with variables specific to the Enterprise add-on setup shown in bold :-

Variable Name Description Default Value
JFSRV_SMB_ENABLE Enable the SMB server true
JFSRV_FTP_ENABLE Enable the FTP server false
JFSRV_NFS_ENABLE Enable the NFS server false
JFSRV_SMB_SERVERNAME Name of the SMB server, for NetBIOS connections jfilesrv
JFSRV_SMB_DOMAIN Domain or workgroup that the SMB server belongs to domain
JFSRV_SMB_DIALECTS SMB dialects that the SMB server will negotiate SMB2
JFSRV_SMB_DEBUGFLAGS SMB debug flags Negotiate,Socket,State
JFSRV_FTP_PORT Port that the FTP server listens on 21
JFSRV_FTP_DEBUGFLAGS FTP debug flags File,Search,Error,DataPort,Directory
JFSRV_NFS_DEBUGFLAGS NFS debug flags File,FileIO
JFSRV_SHARE_NAME Shared filesystem name jfileshare
JFSRV_SHARE_COMMENT Comment for the shared filesystem Test shared filesystem
JFSRV_ADMIN_USER Administrator user name admin
JFSRV_ADMIN_PASSWORD Administrator user password jfilesrv
JFSRV_NORMAL_USER Normal user name user
JFSRV_NORMAL_PASSWORD Normal user password java
JFSRV_DEBUG_OUTPUT Debug output destination, 'File' or 'Console' File
JFSRV_DEBUG_LOGPATH Log file path when using 'File' debug output /jfileserver/logs/jfileserver.log
JFSRV_LICENCE_PATH Path to the licence file required to enable the Enterprise add-on /jfileserver/licence/jfileserver.lic

We can specify overrides for the environment variables on the Docker command line, for example, to enable SMB3 support we would use :-

docker run -d --rm --name jfileserver-ent -e JFSRV_SMB_DIALECTS=SMB2,SMB3 -p 445:445 filesysorg/jfileserver-enterprise

If you are having problems with the JFileServer you can redirect the log output to the console and run the Docker image interactively using :-

docker run --rm --name jfileserver-ent -e JFSRV_DEBUG_OUTPUT=Console -p 445:445 filesysorg/jfileserver-enterprise

You should then see the debug log output to the console, and the JFileServer waiting for a client to connect or any errors from the file server startup :-

Enterprise Java File Server starting
*** JFileServer Enterprise edition licenced to FileSys.Org (Evaluation/eval@filesys.org/5)
***  For version 1.*
***  Licence expires in 61 days, at Mon Mar 11 12:05:34 UTC 2019
Starting server NetBIOS ...
Starting server SMB ...
[SMB] SMB Server JFILESRV starting
[SMB] Version 1.0.0, Java VM 25.181-b13, OS Linux, version 4.9.125-linuxkit
[SMB] Using authenticator org.filesys.server.auth.EnterpriseSMBAuthenticator, mode=USER
[SMB] Server timezone offset = 0hrs
[SMB] Dialects enabled = [SMB 2.002,SMB 2.210,SMB 2.ANY]
[SMB] Shares:
[SMB]  [jfileshare,DISK,,[/jfileserver/fileShare]] [/jfileserver/fileShare]
[SMB] Binding TCP-SMB session handler to address : ALL
[SMB] Binding NetBIOS session handler to address : ALL
[SMB] Request handler SMBRequestHandler_1 waiting for session ...
[SMB] Listening for connections on [SMB,TCP-SMB,ALL:445]
[SMB] Listening for connections on [SMB,NetBIOS,ALL:139]
[SMB] Waiting for new connection ...

To stop the JFileServer when running in interactive mode use <Ctrl-C>, the file server should shutdown cleanly, this may take from a few seconds to a minute or so.