17 April, 2016

Configuring SAN on OpenFiler

Gone are the days when hardware SAN was the only option. In today`s world of virtualization, it just takes few minutes to setup a virtual SAN. Even though, by no means yo can compare software and hardware SAN, still for lab purpose you can easily use a software SAN. There are few vendors which you can use. For this lab, I will be using "OpenFiler". However, with Windows 2012, you can create a virtual SAN on the Windows 2012 Server itself.

You can download the OpenFiler SAN from the following link:-
https://www.openfiler.com/community/download 

Once installed, the UI since being Linux Based will look like this. You don`t have to enter the credentials here, instead use another machine to connect to this SAN using IE/Chrome


Enter the IP Address. Now an important thing to remember is that the login credentials are NOT the one which you have used while installing the SAN. The login credentials will be:

- Username: openfiler
- Password: password


And here you go... Ready to configure the SAN

Following tabs will be available:-

- Status
- System
- Volumes
- Cluster
- Quota
- Shares
- Services
- Accounts

System Tab

The System Tab will give you the details about the SAN Virtual Machine Configuration



System Tab

Hostname
DNS
Gateway
Network Interface Configuration
Network Access Configuration



Volumes Tab

List all the Volume Groups created on the SAN


Cluster Tab

You can create a cluster of disk on SAN and make them replicate with each other


Shares Tab

Lists all the Network Shares created on the SAN


Services Tab

Lists all the services available



Accounts Tab

We can specify a LDAP Server to which we can connect this SAN
This tab lists all the settings required to connect to a LDAP Server and to join this SAN to a domain



My VM Configuration

This is the SAN (A Virtual Machine) configuration. There are three disk attached to this SAN
On one disk we have the SAN Operating System Installed
The other two disk will be used as a Quorum (10 GB) and Storage disk (100 GB) for clusters in another post



Lets try to understand the SAN terminology. Suppose you bought a Hard Disk for your computer. You will attach that HDD (A Physical Disk) which will then be detected by the computer. Once detected, you will Initialize the disk. You will then format that disk, assign a letter, choose a file system (FAT or NTFS) and create a volume. The volume can be of different size. These volumes will then form partitions

Creating New Physical Volumes

Similar to the above example, you attach a virtual hard disk to this SAN. The Hard Disk will be detected and will get listed in the "Block Device Management"  under the Volume Tab. Indeed, the Block Device Management will list all the disk attached with the SAN

You will then select one hard disk and will create a Physical Volume. Here you can specify the size of the volume by specifying the start cylinder and end cylinder

So out of one physical hard disk (which is a virtual hard disk in this scenario), we can create multiple hard disks or physical volumes



Click on Edit Disk (/dev/sdc)



Specify the starting cylinder and ending cylinder range to create multiple physical volumes out of one hard disk


Also, you can choose if you want a physical volume or RAID member array



Once you click the create button, the physical volume will be created



Creating a New Volume Group

Once the physical volume has been created, we can then create a volume group. We can add multiple physical volumes to one volume group

So suppose we have two disks 100 GB Each. We can then add both the disks in a volume group and then "Present" them as a single disk of 200 GB (Or any custom size up to 200 GB)



Specify a volume name and select the required disk listed


The volume group has been created now


Lets move on to shares tab to create the file system on the volume created above


Creating a New File System Volume

Click on "Create a New File System Volume"


Select the volume group (Select the one which we have created above)


Specify a name, space and volume type

Just like in Windows we have FAT and NTFS, here is SAN we have XFS, EXT, btrfs, and Block)

So earlier we had add a disk. We could have added few disks. Then we created a volume group. We could have used multiple disks to create one volume group. Out of this volume group, we now have an option to use a part of that volume

Take a simple example where you are a Storage Admin. You have 5 Physical Disks (200 GB each). You created a volume group using all the 5 disks (Volume - 1 TB). You have set the following policies / limits for different sites (depending upon the number of users per site)

- US (200 GB)
- Delhi (300 GB)
- Banglore (300 GB)
- Reserve (200 GB)

Now there are two options or approach which you can follow. You can assign these volumes in one go. The disadvantage of this would be that the administrators of each site might use all the space and then would come back to you asking for more. So why not give them 75% of their space for now and once they need more, will allocate the rest 25%

So we will now create the following volumes:-

- US (150 GB)
- Delhi (225 GB)
- Banglore (225 GB)

This way, we now have the following unused space:-

- US (50 GB)
- Delhi (75 GB)
- Banglore (75 GB)
- Reserve (200 GB)

I hope the concept of Physical Disks, Merging them to create a Physical Volume and then creating a volume of a specific size is clear







Allowing Access from a Particular Network

SAN is a network device which users can access if they are on the network. It could be a possibility that there could be some sites / network from where I don`t want my users to access the SAN drive. So here in network configuration, I can specify which all networks will have access to the SAN






Starting the iSCSI Target Services

Just like in Windows, In SAN we do have services which control what all this SAN can do. Here we are working on accessing data/volumes/drives on this SAN. Client machine and SAN will use iSCSI protocol for data access from client machine to the SAN drive. For this, we need to have iSCSI Initiator and iSCSI Target. iSCSI needs to be installed on the file server where the drive will be presented and iSCSI Target needs to be enabled on the SAN

So here we will enable and start the iSCSI Target







Creating the Targets

Once the iSCSI Target service has been started on SAN in services, we now need to create iSCSI targets

Under the Volume Tab, Click on iSCSI Targets on right pane


Click on Add




And the Target is Added


LUN (Logical Unit Number) - "Number used to identify a logical unit, which is a device addressed by the SCSI protocol or SAN"

So a LUN is like a MAC address. You created a volume, now you need to assign a number or an address. There could be many volumes created on SAN. How would a client machine knows which volume to connect to. So the client machine will use a LUN to connect to a particular volume/disk



Network ACL

To define which network will be able to connect to this LUN




CHAP Authentication

We can enable CHAP authentication for this LUN


One Final Practical Implementation

We Created a LUN (Starting with 1027)


On a Windows 2003 / 2008 Server we can download iSCSI Initiator and on Windows 2012 this is Built-In

On Windows Server 2003, Install the iSCSI Initiator


Once Installed, Double click on the Initiator Icon


In the Discovery Tab, Click Add


Specify the IP Address of the SAN Server




On The Target Tab, You will see the same LUN (Starting with 1027) getting populated automatically


Click on Log-On




This got connected now


And here you go, the same drive/disk (10 GB) getting listed in Disk Management on this Server