Home » Adaptec Manuals » Network Storage Servers » Adaptec 5325302057 » Manual Viewer

Adaptec 5325302057 User Guide - Page 83

Controlling Access to Your IP SAN, Limiting Discovery of iSCSI Targets with Auto-discovery Control

UPC - 753253020577

View all Adaptec 5325302057 manuals

Add to My Manuals
Save this manual to your list of manuals

Page 83 highlights

Chapter 7 Controlling Access to Your IP SAN This chapter describes how to use Adaptec Storage Manager to restrict and control access to your IP SAN and iSCSI targets (logical devices) with auto-discovery control lists, authentication, and the Security Manager. Limiting Discovery of iSCSI Targets with Auto-discovery Control Lists If you want to limit which iSCSI initiators can discover an iSCSI target (logical device), you can create an auto-discovery control list which will allow one or more specified iSCSI initiators to discover an iSCSI target while preventing other iSCSI initiators from discovering it, as illustrated in this figure. iSCSI Target iSCSI Auto-discovery control list allows Initiator A to discover target Auto-discovery control list denies discovery to Initiator B iSCSI Initiator A iSCSI Initiator B Each iSCSI target can have its own auto-discovery control list, with specified iSCSI initiators that are permitted to discover it. Note Auto-discovery control lists don't prevent iSCSI initiators from logging into iSCSI targets that aren't on their control lists. If you are using iSNS to discover iSCSI targets and want to control which logical devices are logged into by which iSCSI initiators, you must set CHAP authentication. Without CHAP authentication, all iSCSI initiators will be able to log in to all iSCSI targets. See "Controlling Access to Your IP SAN with Authentication" on page 79 for more information. Snap Server 700i Series User's Guide 77

Section	Page
About this Guide	13
What’s Included in this User’s Guide	14
What You Need to Know Before You Begin	14
Terminology Used in this Guide	14
Service and Technical Support	15
Additional Resources	15
Notes and Cautions	16
Finding More Information	17
Planning Your IP SAN	19
Introduction to Adaptec Storage Manager for iSCSI Storage	19
iSCSI Storage Feature Support	20
Understanding Adaptec Storage Manager’s Main Components	22
The GUI and the Agent	22
The Management Service	22
Windows Support	23
Planning Your IP SAN Configuration and Setup	24
Maximum Supported Connections	24
Sample IP SAN Configurations	25
Basic Configuration #1	25
Basic Configuration #2	26
Configuration with Mirroring	27
Configuration with Two Subnets	28
Configuration with Multipath Access	29
Building an IP SAN Without a DHCP Server	30
System Requirements	31
Installing Adaptec Storage Manager	33
Before You Begin	33
Installing on Windows	33
Installing on Linux	36
Before You Begin	36
Installing Adaptec Storage Manager	37
Creating an Administrator and Starting the Management Service	37
Using Adaptec Storage Manager with a Firewall	38
Setting Up Your iSCSI Storage Appliance and IP SAN	39
An Overview of the Setup Process	39
Before You Begin	40
Step 1: Starting Adaptec Storage Manager	41
Step 2: Configuring the iSCSI Storage Appliance	42
Step 3: Creating RAID Pools	44
Step 4: Provisioning Storage to Your Systems	46
Provisioning Storage Automatically	46
Provisioning Storage Manually	48
Step 5: Continuing to Build Your IP SAN	52
Step 6: Logging in to the iSCSI Storage	52
Step 7: Registering Your iSCSI Storage Appliance	53
Beginning to Use Your IP SAN	53
Logging In To Adaptec Storage Manager Next Time	53
Allowing Other Users To Log In To Your IP SAN	54
Setting Up VSS/VDS Access	54
Adding a System to the VDS/VSS Host List	55
Removing a System from the VDS/VSS Host List	55
Next Steps	56
Adding More Components	56
Protecting Your IP SAN	56
Modifying, Maintaining, and Monitoring Your IP SAN	56
Managing Adaptec Direct Attached Storage	56
Getting to Know Adaptec Storage Manager	57
Working in Adaptec Storage Manager	57
About the Actions Menu	57
Navigating the Main Window	58
The Enterprise View	58
The iSCSI Storage Branch	59
The Direct Attached Storage Branch	59
The Network Attached Storage Branch	60
The Physical Devices View	61
The Logical Devices View	62
The Volumes View	63
The Snapshots View	63
Revealing More Information	64
Checking System Status from the Main Window	65
Getting Help	66
Uninstalling Adaptec Storage Manager	66
Uninstalling From Windows Systems	66
Uninstalling From Linux Systems	66
Protecting Your Data	67
Protecting Your Data with Hot Spares	67
Hot Spare Limitations	67
Creating a Global Hot Spare for a Pool	68
Assigning a Hot Spare to a Logical Device	68
What Do the Hot Spare Icons Mean?	69
Deleting a Hot Spare	69
Backing Up Your Data with Snapshots	70
Before You Begin	70
Creating a Snapshot from an iSCSI Storage Host Volume	70
Mounting a Snapshot Set	72
Deleting a Snapshot Set	72
Ensuring Pool Capacity for Your Snapshots	73
Recovering from a Pool Capacity Warning	73
Recovering from a Pool Capacity Failure	73
Scheduling a Snapshot Job	73
Checking on Scheduled Jobs	74
Modifying a Scheduled Job	75
What if a job misses its start time?	75
Deleting a Scheduled Job	75
Backing Up Your Data with Mirrored Volumes	75
Mirror Managers and Mirror Plexes	76
Creating a Mirrored Volume	77
Extending a Mirrored Volume	78
Changing Mirror Priorities	78
Failing Over a Mirrored Volume	79
Failing Back a Mirrored Volume	79
Breaking a Mirrored Volume	80
Removing an Unavailable Mirror Plex	80
Deleting a Mirrored Volume	81
Controlling Access to Your IP SAN	83
Limiting Discovery of iSCSI Targets with Auto-discovery Control Lists	83
Modifying an Auto-discovery Control List	84
Controlling Access to Your IP SAN with Authentication	85
Modifying the Authentication Settings	86
Limiting User Access to Your IP SAN with the Security Manager	86
Understanding Access Privilege Levels	87
Administrator Level	87
Operator Level	87
Opening the Security Manager	88
Adding a User to the Security Manager	88
Modifying a User’s Information	89
Removing a User from the Security Manager	89
Modifying Your iSCSI Storage	91
Adding More Components to Your IP SAN	91
Adding a Management Service	91
Adding an iSCSI Storage Appliance	92
Using the Wizard	92
Adding an iSCSI Storage Host	92
Using the iSCSI Storage Appliance Wizard	93
Capacity Limitations	93
Creating and Modifying Pools	94
Creating a New Pool	94
Creating Pools Using Express Configuration	95
About the Express Configuration Method	95
Creating Pools with the Express Method	95
Adding Capacity to a Pool	96
Changing a Pool’s RAID Level	96
Moving a Pool to Another iSCSI Storage Appliance	97
About Foreign and Alien Pools	97
Moving a Pool	98
Resetting Authentication on Imported Logical Devices	99
Changing the Controller Cache Settings for a Pool	100
Enabling or Disabling the Controller Write Cache	100
Enabling or Disabling the Controller Read Cache	100
Deleting an Individual Pool	100
Deleting All Pools	101
Creating and Modifying Volumes	101
Creating a New Volume	102
Adding Capacity to a Volume	103
Reassigning a Volume to Another iSCSI Storage Host	103
Deleting a Volume	104
Creating and Modifying Logical Devices	104
Creating a New Logical Device	104
Modifying a Logical Device	105
Deleting a Logical Device	106
Maintaining Your iSCSI Storage Appliance	107
Configuring the Uninterruptible Power Supply (UPS) Monitor	107
Blinking Appliances, Enclosures, and Disk Drives	109
Shutting Down the iSCSI Storage Appliance	110
Shutting Down and Restarting the iSCSI Storage Appliance	110
Changing the iSCSI Storage Appliance’s Settings	110
Updating the Adaptec OnTarget Operating System	111
Applying a New Image	111
Checking the Current Image	112
Reverting to the Previous Image	112
Monitoring Status and Activity	115
Monitoring Jobs in Progress	115
Opening the Job Manager	116
Cancelling a Job in Progress	116
Resuming a Cancelled Job	117
Undoing a Failed Job	117
Viewing Status and Activity	118
Using the Event Viewer and Event Log	118
What Do the Status Icons Mean?	119
Viewing Enclosure Status	119
Viewing Component Properties	120
Using Status and Drive Light Behavior to Monitor Components	121
Snap Server 700i Series	121
Power, System, and LAN LEDs	121
Disk Drive LEDs	123
Power Supply Module Indicator Lights	123
SANbloc S50 Enclosure, Disk Drive, APC Module, and Controller Behavior	124
Enclosure LEDs	124
Disk Drive LEDs	124
APC Unit LEDs	125
Controller LEDs	126
Notifying Users By Email About Status and Activity	126
Setting Up Email Notifications	127
Sending a Test Message	128
Modifying a Recipient’s Information or Removing a Recipient	128
Modifying Email Settings	129
Disabling Email Notifications	129
Notifying Users By SNMP Trap About Status and Activity	130
Setting Up SNMP Trap Notifications	130
Sending a Test Trap	131
Modifying a System’s Information or Removing a System	131
Disabling SNMP Traps	131
Monitoring Your GuardianOS-Powered Snap Servers	132
Viewing Network Attached Storage Status	132
What do the colors mean?	132
What do the icons mean?	133
Viewing GuardianOS-Powered Snap Server Properties	134
Discovering New or Additional GuardianOS-Powered Snap Servers	134
Removing Offline Servers from Adaptec Storage Manager	135
Disabling Remote Discovery of GuardianOS-Powered Snap Servers	135
Opening the GuardianOS Administration Tool	136
Changing the Network Attached Storage Management Settings	136
Specifying a Web Browser:	137
Adjusting the Server Offline Time-out Setting	137
Displaying No-Link Status Warnings	137
Activating Autoscanning of All Remote GuardianOS-Powered Snap Servers	138
Using an HTTP Proxy Server	138
Updating and Customizing Adaptec Storage Manager	139
Updating Adaptec Storage Manager	139
Customizing Adaptec Storage Manager	139
Sorting Systems in the Enterprise View	140
Setting the Standard Unit of Measure	140
Changing the Main Window Appearance	141
Creating and Working with Display Groups	141
Adding a System to a Display Group	142
Viewing Display Group Status	142
Modifying Display Groups	142
Solving Problems	143
General Troubleshooting Tips	143
Troubleshooting Questions and Answers	144
Adaptec Storage Manager is installed properly. Why won’t it open?	144
Why am I prompted for a password when I add an iSCSI Storage Appliance to the Management Service?	144
Why can’t I add an iSCSI Storage Host to a Management Service?	144
Why am I prompted for a user name and password when I add an iSCSI Storage Host to a Management Service?	145
Why are some of my pools greyed-out in Adaptec Storage Manager?	145
Why did my volume creation/reassign job fail or seem to fail?	145
Why can’t I connect to a newly imported pool?	145
Why did all the snapshots in my pool suddenly go offline?	146
How do I recover storage space from a mirror plex that’s gone offline?	146
Why aren’t email notifications being received properly?	146
Why am I getting an error message that says ‘N-way mirroring not supported’?	146
How can I stop Adaptec Storage Manager from generating ‘Terminating connection’ messages about my VMware systems?	146
Why did all the other disk drives in my pool disappear when I only removed one disk drive?	147
Why don’t the configuration changes I made using the CLI appear in Adaptec Storage Manager?	147
Why can’t my system connect to the VDS Provider?	147
How do I create a support archive file?	148
Silencing an Alarm	148
Identifying Failed or Failing Components	149
Identifying Which Fan has Failed	150
Hot Swapping Disk Drives	150
Recovering from a Disk Drive Failure	151
Failed Disk Drive Protected by a Hot Spare	151
Failed Disk Drive Not Protected by a Hot Spare	152
Failure in Multiple Pools Simultaneously	152
Disk Drive Failure in a RAID 0 Pool	152
Multiple Failures in the Same Pool	152
Removing a Failed Disk Drive’s Icon from Adaptec Storage Manager	153
Rebuilding Pools	153
Recovering Snapshots After a Pool Capacity Failure	154
Using the Reset Button to Perform a Limited Reset of the Appliance	154
Recovering from an iSCSI Storage Appliance Failure	155
Recovery on iSCSI Storage Hosts	156
Enabling Authentication	156
Removing iSCSI Targets and Adding the Appliance IP Address	157
Logging into the iSCSI Targets	157
Reconnecting Mirrored Volumes	158
Last Step	159
Recovery on Systems Running Windows XP, Linux, or VMware	159
Recovering from a Flash Drive Failure in a Mirrored Environment	159
Configuring iSCSI Initiators	161
Configuring iSNS with the CLI	161
iSCSI Configuration for Microsoft Windows	163
Configuring the MS Initiator Connection to the iSCSI Storage Appliance (Target Portal)	164
Connecting to a Logical Device (iSCSI Target) Using the MS Initiator	165
Formatting a Logical Device Using the Windows Disk Management Tool	166
Configuring Microsoft Services Installed on Logical Devices to Start Automatically (MS Initiator)	167
Configuring Shares to Logical Devices (MS Initiator)	168
Configuring Dynamic Disks to Persistently Reconnect (MS Initiator)	169
Configuring the QLogic QLA4050 and QLA4052 iSCSI Initiators for Microsoft Windows	170
Installing the Adapter	170
Configuring the QLA4050/QLA4052 iSCSI Initiator	170
Preparing Logical Devices for Windows Deployment	174
iSCSI Configuration for Red Hat or SUSE Linux	175
Installing and Configuring the In-box iSCSI Initiator	175
Setting up an In-box iSCSI Initiator	175
Using CHAP Authentication to Enable Multiple Linux Systems to Share Logical Devices on a Snap Server	179
iSCSI Configuration for VMware	179
Using the VI Client to Configure iSCSI Services	180
iSCSI Configuration for Solaris	180
Configuring iSCSI Target Discovery	180
Accessing iSCSI Logical Devices	181
Using the CLI	183
Accessing the CLI	183
Access Levels and Passwords	184
Operator-level Access	184
Administrator-level Access	184
Switching Access Levels	184
Using the Wizard to Configure Your iSCSI Storage Appliance	185
About CLI Commands and Parameters	187
About Parameters	187
About Manage Commands	187
Command Abbreviation	187
About the Command Format in This Guide	188
Command Completion	188
Command and Parameter Separation	189
Character Case and White Space	189
Command Line Editing	189
Viewing Long Reports	190
The CLI and Adaptec Storage Manager	190
Getting Help	191
Your Snap Server 700i Series	193
Hardware Components	193
Product Descriptions	194
Identifying the Ethernet Ports	195
Basic Hardware Shipped with Snap Server 700i Series	196
Basic Hardware To Be Acquired from Third-Party Vendors	197
Optional Expansion Cards and Cables	197
Optional Expansion Arrays	197
Snap Server and Expansion Array Hardware Checklists	198
Snap Server 700i Series Hardware Checklists	198
Legend for Checklists	198
Snap Server 720i Hardware Checklist	199
Snap Server 730i and 750i Hardware Checklist	200
SANbloc S50 Hardware Checklist	201
Snap Server and Expansion Array Hardware Specifications	202
Snap Server 700i Series Specifications	202
SANbloc S50 Specifications	203
Safety Precautions	204
RAID Quick Reference	205
Comparing RAID Levels	205
Selecting a RAID Level by Size of Pool	206
Expanding Pool Capacity	206
Changing from One RAID Level to Another	206
OS Support Quick Reference	207
iSCSI Initiator Support by OS	208
Adaptec Storage Manager Feature Support by OS	209
Completing a Silent Windows Installation	211
Completing a Silent Installation	211
Available Properties and Values	212

Match case Limit results 1 per page

Snap Server 700i Series User’s Guide

Chapter 7

Controlling Access to Your IP SAN

This chapter describes how to use Adaptec Storage Manager to restrict and control

access to your IP SAN and iSCSI targets (logical devices) with auto-discovery

control lists, authentication, and the Security Manager.

Limiting Discovery of iSCSI Targets with Auto-discovery

Control Lists

If you want to limit which iSCSI initiators can discover an iSCSI target (logical

device), you can create an auto-discovery control list which will allow one or more

specified iSCSI initiators to discover an iSCSI target while preventing other iSCSI

initiators from discovering it, as illustrated in this figure.

Each iSCSI target can have its own auto-discovery control list, with specified iSCSI

initiators that are permitted to discover it.

Note

Auto-discovery control lists don’t prevent iSCSI initiators from logging into

iSCSI targets that aren’t on their control lists. If you are using iSNS to discover iSCSI

targets and want to control which logical devices are logged into by which iSCSI

initiators, you must set CHAP authentication. Without CHAP authentication, all

iSCSI initiators will be able to log in to all iSCSI targets. See “Controlling Access to

Your IP SAN with Authentication” on page 79 for more information.

iSCSI

Auto-discovery control

list denies discovery to

Initiator B

Auto-discovery control list

allows Initiator A to

discover target

iSCSI Initiator A

iSCSI Initiator B

iSCSI Target