Professional Documents
Culture Documents
6.1.x
Initialization Guide
Issue 07
Date 2022-12-15
and other Huawei trademarks are trademarks of Huawei Technologies Co., Ltd.
All other trademarks and trade names mentioned in this document are the property of their respective
holders.
Notice
The purchased products, services and features are stipulated by the contract made between Huawei and
the customer. All or part of the products, services and features described in this document may not be
within the purchase scope or the usage scope. Unless otherwise specified in the contract, all statements,
information, and recommendations in this document are provided "AS IS" without warranties, guarantees
or representations of any kind, either express or implied.
The information in this document is subject to change without notice. Every effort has been made in the
preparation of this document to ensure accuracy of the contents, but all statements, information, and
recommendations in this document do not constitute a warranty of any kind, express or implied.
Website: https://e.huawei.com
Purpose
This document describes how to initialize the storage system.
NOTE
OceanStor Dorado 2000 does not support file services, object services, RoCE networks,
HyperDetect, CloudBackup, SmartVirtualization, SmartDedupe, SmartMigration,
SmartCache, and SmartTier. For detailed product specifications, refer to Specifications
Query.
The following table lists the product models that this document is applicable to.
NOTICE
This document is updated periodically with the software version. The operations
described in this document use the latest version as an example. Note that the
supported functions and features vary according to the software version. The
content in this document is for reference only.
Intended Audience
This document is intended for:
● Maintenance engineers
Symbol Conventions
The symbols that may be found in this document are defined as follows.
Symbol Description
Change History
Changes between document issues are cumulative. The latest document issue
contains all the changes made in earlier issues.
Issue 07 (2022-12-15)
This issue is the seventh official release.
Issue 06 (2022-11-15)
This issue is the sixth official release. The updates are as follows:
Optimized descriptions about some operations.
Issue 05 (2022-10-20)
This issue is the fifth official release. The updates are as follows:
Issue 04 (2022-08-25)
This issue is the fourth official release.
Issue 03 (2022-04-15)
This issue is the third official release.
Issue 02 (2022-01-25)
This is the second official release. The updates are as follows:
Optimized descriptions about some operations.
Issue 01 (2021-09-30)
This issue is the first official release.
Contents
G Glossary.................................................................................................................................224
H Acronyms and Abbreviations...........................................................................................240
1 Overview
This chapter provides the documents and tips that may be helpful for you when
initializing your storage system.
Related Documentation
The following documents provide you reference on certain basic configurations
and subsequent operations. Reading these documents will also help you better
understand the storage system:
● Product description
Refer to the product description specific to your storage system if you want to
understand its market positioning, basic functions, and specifications.
● Installation guide
Refer to the guide specific to your storage system when installing the system
hardware or connecting cables.
● Basic storage service configuration guide for block
Refer to the guide specific to your storage system when configuring basic
storage services such as creating storage resources and mappings.
● Basic storage service configuration guide for file
Refer to the guide specific to your storage system when configuring basic
storage services such as file system sharing.
● Administrator guide
Refer to the guide specific to your storage system when managing access
permissions.
● Command reference
Refer to the guide specific to your storage system when configuring storage
services using the command-line interface (CLI).
● Account list
Refer to the guide specific to your storage system if you want to understand
the functions, user names, and passwords of different management accounts.
Tips
GUIs may vary slightly according to product versions and models. The actual GUIs
prevail.
This chapter describes how to log in to and initialize the storage system after it is
powered on.
2.1 Changing IP Addresses of Management Network Ports
2.2 Applying for Licenses
2.3 Logging In to DeviceManager
2.4 Initially Configuring a Storage Device
Prerequisites
A maintenance terminal is connected to the serial port on the storage device using
a serial cable.
Context
After connecting the storage device to the maintenance terminal by using a serial
cable, you can log in to the storage system by using remote login software, such
as PuTTY.
NOTE
● This section uses PuTTY as an example. You can download PuTTY from the chiark
website.
● You are advised to use the latest version of PuTTY. Otherwise, you may fail to log in to
the storage system.
Precautions
When changing the IP address of the management network port, note the
following:
● The maintenance terminal and storage device must be connected using a
serial port.
● For a 2 U controller enclosure, the default IP addresses of the management
network ports on controllers A and B are respectively 192.168.128.101 and
192.168.128.102, and the default subnet mask is 255.255.0.0.
● For a 4 U controller enclosure, the default IP address of network port 0 on
management module 0 is 192.168.128.101 and that of network port 0 on
management module 1 is 192.168.128.102. The default subnet mask is
255.255.0.0.
● The default IPv4 gateway address of the management network port is
192.168. 0.1.
● After the IP addresses of the management network ports are modified,
communication between the maintenance terminal and the storage device is
down. Therefore, you are advised to first modify the IP addresses of the
management network ports on the controllers that are not directly connected
to the maintenance terminal.
● The IP addresses of management network ports and internal heartbeat IP
addresses must be on different network segments. Otherwise, route conflicts
may occur.
For a 2 U controller enclosure, the default internal heartbeat IP addresses are
127.127.127.10 and 127.127.127.11, and the subnet mask is 255.255.255.0.
Therefore, you cannot use IP addresses that belong to the 127.127.127.XXX
network segment for the management network ports.
For a 4 U controller enclosure, The default internal heartbeat IP addresses are
127.127.127.10, 127.127.127.11, 127.127.127.12, and 127.127.127.13, and
the subnet mask is 255.255.255.0. Therefore, you cannot use IP addresses
that belong to the 127.127.127.XXX network segment for the management
network ports.
NOTE
● Heartbeats are packets transmitted between two devices for them to judge the
availability of the peer device. Heartbeats do not require acknowledgement. They are
usually used for node communication, fault diagnosis, and event triggering in an HA
system.
● Internal heartbeat links are established between controllers for these controllers to
detect each other's working status. You do not need to separately connect cables. In
addition, internal heartbeat IP addresses are configured before delivery, and cannot be
modified.
● When multiple controller enclosures are deployed, the default internal heartbeat IP
addresses of each controller enclosure are the same as those when a single controller
enclosure is deployed.
Procedure
Step 1 Run the PuTTY software.
Step 2 Set Connection type to Serial. In the Serial line text box, enter the name of the
serial port that connects the maintenance terminal to the storage system, for
example, COM1. In Speed, enter 115200.
You can query the serial port that connects the maintenance terminal to the
storage system as follows (Windows 7 is used as an example):
2. In the navigation tree of the Computer Manager dialog box, choose System
Tools > Device Manager.
3. Click Ports. The serial port that connects the maintenance terminal to the
storage system, for example, COM1, is displayed.
There may be multiple serial port names, such as COM1, COM2, and COM3,
on the maintenance terminal. Try these ports until you can successfully log in
to the storage system.
Step 3 Log in to the storage system using the serial port.
1. Click Open.
If the connectivity between the maintenance terminal and the controller is
normal, information similar to Figure 2-2 is displayed.
Figure 2-2 Successful connection between the controller and the maintenance
terminal
● Log in to the storage system as the super administrator (admin by default) for the first
time. For details about user names and passwords, see the OceanStor Dorado Account
List.
● The super administrator does not have a default password for 6.1.2 and later versions.
During the first login, press Enter directly when the system prompts you to input the
password. Then follow the instructions to set a password. To avoid password leakage,
periodically change your login password. For details about how to change the password,
see the Administrator Guide.
● For security purposes, the password is not visible when it is being entered during login.
When you initialize or change the password, it will be displayed in * on the screen.
● If the storage system fails to start and attempts to enter the minisystem mode, the
system prompts you to set a password for the super administrator if it has not been set
for the storage system. If setting the password fails, the system prompts you to set the
password of the super administrator for the current controller. Read and confirm the
command output carefully and initialize the password of the current controller as
prompted. If the setting is successful, the system enters the minisystem mode. If the
setting fails, the system disconnects the session.
Authorized users only. All activities may be monitored and reported.
Storage login: admin
password:
In Passwd_init mode.
*****Please enter new password for admin:*****
NOTE
When you log in to different devices, System Name, Product Model and Product Version
display different values. Obtain the correct value based on actual conditions.
NOTICE
NOTE
For example:
Set the IPv4 address of a specified management network port to 192.168.190.2,
the subnet mask to 255.255.0.0, and the gateway address to 192.168.0.1. The
command output varies depending on a specific product.
admin:/>change system management_ip eth_port_id=ENG0.MGMT0.0 ip_type=ipv4_address
ipv4_address=192.168.190.2 mask=255.255.0.0 gateway_ipv4=192.168.0.1
WARNING: You are about to change the IP address of management network port. If you enter an
unavailable IP address, the DeviceManager will become inaccessible.
Suggestion: Before performing this operation, ensure that the entered IP address is available .
Have you read warning message carefully?(y/n)
Are you sure you really want to perform the operation?(y/n)y
Command executed successfully.
----End
Follow-up Procedure
After changing the IP address of the management network port, you can run the
show system management_ip command to verify the IP address information.
Prerequisites
The maintenance terminal has been connected to the management network port
of the storage device, and the IP address of the maintenance terminal and the
default IP address of the management network port are on the same network
segment.
Context
For a 2 U controller enclosure, the default IP addresses of the management
network ports on controllers A and B are respectively 192.168.128.101 and
192.168.128.102, and the default subnet mask is 255.255.0.0.
For a 4 U controller enclosure, the default IP address of network port 0 on
management module 0 is 192.168.128.101 and that of network port 0 on
management module 1 is 192.168.128.102. The default subnet mask is
255.255.0.0.
Precautions
When changing the IP address of the management network port, note the
following:
● After the IP addresses of the management network ports are modified,
communication between the maintenance terminal and the storage device is
down. Therefore, you are advised to first modify the IP addresses of the
management network ports on the controllers that are not directly connected
to the maintenance terminal.
● The IP addresses of management network ports and internal heartbeat IP
addresses must be on different network segments. Otherwise, route conflicts
may occur.
● Heartbeats are packets transmitted between two devices for them to judge the
availability of the peer device. Heartbeats do not require acknowledgement. They
are usually used for node communication, fault diagnosis, and event triggering in
an HA system.
● Internal heartbeat links are established between controllers for these controllers to
detect each other's working status. You do not need to separately connect cables.
In addition, internal heartbeat IP addresses are configured before delivery, and
cannot be modified.
● When multiple controller enclosures are deployed, the default internal heartbeat IP
addresses of each controller enclosure are the same as those when a single
controller enclosure is deployed.
● The default IPv4 gateway address of the management network port is
192.168. 0.1.
● The IP addresses of management network ports and those of maintenance
network ports must be on different network segments. Otherwise, route
conflicts may occur. The default IP addresses of maintenance network ports
are 172.31.128.101 and 172.31.128.102, and the subnet mask is 255.255.0.0.
Therefore, you cannot use IP addresses that belong to the 172.31.XXX.XXX
network segment. For this reason, connect only the management network
ports to the network.
● By default, IP addresses of the management network ports and those of the
service network ports are on different network segments. You are advised to
set them to different network segments.
Procedure
Step 1 Log in to DeviceManager.
NOTE
For details about how to log in to DeviceManager, see 2.3 Logging In to DeviceManager.
NOTICE
----End
2.2.1 Preparations
The following table describes the preparations for license application.
GTS permission for the ESDP Users who have the GTS permission can
(applicable to Huawei service apply for licenses as described in 2.2.2.1
engineers) Applying for a License in Entitlement
Activation Mode. If you do not have the
GTS permission, click Permission
Application in the left navigation tree of
the ESDP home page to apply for the
permission.
ASP or Guest permission for the Users who have the ASP or Guest
ESDP (applicable to Huawei permission can apply for licenses as
partners or customers) described in 2.2.2.2 Applying for a
License in Password Activation Mode.
Click Register Now on the ESDP home
page and fill in related registration
information. Then you are granted the ASP
or Guest permission.
NOTE
Figure 2-3 Information plate position of a 2 U controller enclosure (25 disk slots)
For details about how to log in to DeviceManager, see 2.3 Logging In to DeviceManager.
NOTE
----End
For details about how to log in to the CLI, see A Logging In to the CLI.
Step 2 Run the show system general command to view the ESN, that is, the SN field in
the command output.
admin:/>show system general
----End
Prerequisites
An applicant can log in to the ESDP (website: http://app.huawei.com/isdp) and
has the GTS permission.
If the applicant has ASP or Guest permission only, apply for a license in password
activation mode. For details, see 2.2.2.2 Applying for a License in Password
Activation Mode.
Context
1. Concepts related to license application on the ESDP include the following:
– Entitlement
Entitlement is a form of agreement between a software provider and a
customer, which entitles the customer to the scope, functions, and
validity period of the product purchased or sold.
– Entitlement ID
An entitlement ID is a unique ID that identifies entitlement.
– Entitlement Line
An entitlement line is a unit of entitlement that can be activated. An
entitlement contains one or multiple entitlement lines.
– Activation ID
An activation ID is a unique ID that identifies an entitlement line.
– Equipment (Node)
A piece of equipment or a node is a system device, entity, or node.
2. On the ESDP, entitlement is managed by equipment (node). License
application is also based on equipment (node).
Procedure
Step 1 Select entitlement.
1. On the home page of the ESDP, choose License Activation > Entitlement
Activation. The Step 1: Select Entitlement page is displayed.
2. In the Delivery Status field, select Ready and click Search & Refresh.
The results are listed, as shown in Figure 2-4.
NOTE
To improve the accuracy of searching, you can input customer PO, product name,
version, and contract No. The ESDP supports fuzzy match.
3. Select one or more entitlement lines from the list (the Entitlement Status
must be Available). Click Next. The Step 2: Bind ESN page is displayed.
NOTICE
Ensure that you have input the correct ESN. An incorrect ESN will cause the
license to be unavailable.
2. Select the activation information you want to operate, and click Next.
If the entitlement information differs from the equipment (node) information,
the system displays an error and asks you to reset the information. If the
entitlement information is correct, the Step 3: Confirm Activation page is
displayed.
If you find any information incorrect, click Back and rectify the information. If all
information is correct, click Activate License. The Step 4: Download License page
is displayed.
----End
Follow-up Procedure
After applying for a license, keep it properly for later use. For details, see 2.4.1
Configuring Basic Information.
Prerequisites
An applicant can log in to the ESDP (website: http://app.huawei.com/isdp) and
has the ASP or Guest permission.
The applicant has a valid license certificate that contains the activation password.
NOTE
If the applicant does not have a valid license certificate, the applicant can send the contract
No. to the agent to obtain the license certificate.
Context
1. Concepts related to license application on the ESDP include the following:
– Entitlement
Entitlement is a form of agreement between a software provider and a
customer, which entitles the customer to the scope, functions, and
validity period of the product purchased or sold.
– Entitlement ID
An entitlement ID is a unique ID that identifies entitlement.
– Entitlement Line
An entitlement line is a unit of entitlement that can be activated. An
entitlement contains one or multiple entitlement lines.
– Activation ID
An activation ID is a unique ID that identifies an entitlement line.
– Equipment (Node)
A piece of equipment or a node is a system device, entity, or node.
2. On the ESDP, entitlement is managed by equipment (node). License
application is also based on equipment (node).
Procedure
Step 1 Enter your password for activation.
1. On the home page of the ESDP, choose License Activation > Password
Activation. The Step 1: Enter Password page is displayed, as shown in
Figure 2-6.
2. Confirm the information and select I have read the above carefully.
3. In the Password field, enter the password for activation.
NOTE
– Each activation password can be bound with the ESN only once. Therefore, ensure
that all information is correct to avoid unavailable licenses.
– To enter more activation passwords, click Add.
4. Select the activation password you want to bind, and click Next. The Step 2:
Enter ESN page is displayed.
NOTICE
Ensure that you have input the correct ESN. An incorrect ESN will cause the
license to be unavailable.
For a password activation task, the name of the task generated by the system
is Activate License By Password.
Step 4 Download the license.
● Method 1: Check the task status in the task list of Operation Record. When
the status becomes Success, click Download to download the license.
● Method 2: After the task is successfully completed, the system automatically
sends an email to your registered email account. You can obtain the license
from the email.
----End
Follow-up Procedure
After applying for a license, keep it properly for later use. For details, see 2.4.1
Configuring Basic Information.
Prerequisites
Verify that the maintenance terminal meets the following requirements before you
use DeviceManager:
● The operating system and browser are compatible with DeviceManager.
DeviceManager supports multiple operating systems and browsers. You can
query the compatibility using Huawei Storage Interoperability Navigator.
● The maintenance terminal communicates with the storage system properly.
● The super administrator can log in to the storage system only as a local user.
● To use a lightweight directory access protocol (LDAP) domain user account to
log in to DeviceManager, you must first configure the LDAP domain server,
and then set the LDAP server parameters and create an LDAP domain user
account on the storage system.
Context
● The storage system supports the GUI and CLI for configuring storage services.
– GUI
Log in to DeviceManager and configure and manage basic storage
services on the GUI. The operation procedure described in this document
is based on the GUI.
– CLI
Use a terminal program, for example, PuTTY, to log in to the CLI of the
storage system and configure storage services using commands. For
details, see A Logging In to the CLI.
● DeviceManager supports only the TLS 1.2 and TLS 1.3 protocols.
● For a 2 U controller enclosure, the default IP addresses of the management
network ports on controllers A and B are respectively 192.168.128.101 and
192.168.128.102, and the default subnet mask is 255.255.0.0.
● For a 4 U controller enclosure, the default IP address of network port 0 on
management module 0 is 192.168.128.101 and that of network port 0 on
management module 1 is 192.168.128.102. The default subnet mask is
255.255.0.0.
● This document uses Windows as an example to explain how to log in to
DeviceManager. The login operations on other operating systems need to be
adjusted accordingly.
● By default, DeviceManager allows 32 users to log in concurrently.
● If no operation is performed on DeviceManager for a period longer than the
timeout limit (the limit is 30 minutes by default and modifiable), the system
logs out automatically.
● If an account is not used to log in to the system for a certain period of time
(the period is 60 days by default and modifiable), it will be locked and can be
unlocked only by the super administrator.
● The storage system only supports secure OpenSSL cipher suites by default.
NOTE
If the client used by the user to access DeviceManager only supports insecure OpenSSL
cipher suites, the user may fail to log in to DeviceManager. To solve the problem, the
super administrator can run change devicemanager ciphersuite suite=compatible
(compatible is variable and can be changed to safe as required) to change the suite to
compatible mode and then run reboot storage service
service_name=DeviceManager to restart DeviceManager for the change to take
effect.
Procedure
Step 1 Open the browser on the maintenance terminal.
NOTE
● If a firewall is configured, you must enable port 8088 for the system to provide web
services.
● The web browser may prompt that the website has a security certificate issue. If the IP
address is correct, you can neglect the prompt and continue accessing the storage
system.
● If you have an available security certificate, run the import certificate ip=? user=?
password=? type=? command to import the security certificate to improve system
security. For details about this command, see the Command Reference.
● The GUI may vary slightly depending on the product version and model.
2 4 5 6 7 8
2 3 4 5 6 10 7 8
NOTE
● The GUI may vary slightly depending on the product version and model.
● To learn details about each step and operation, click to view online help.
● To log out of DeviceManager, click in the upper right corner and choose Log Out.
5 Alarm and task statistics The alarm statistics area displays the
area number of alarms by severity and helps
you learn about the running status of
the system.
The task statistics area displays all
executed tasks and helps you learn
whether the tasks are executed
successfully.
----End
Context
GUIs may vary slightly according to product versions and models. The actual GUIs
prevail.
Procedure
Step 1 Log in to DeviceManager. The Configure Basic Information page is displayed.
To access the initial configuration wizard, enter https://XXX.XXX.XXX.XXX:8088/
initialize in the web browser on your maintenance terminal. In this address,
XXX.XXX.XXX.XXX indicates the IP address of the management network port.
NOTE
The screenshot is for reference only and the actual GUI may vary.
Step 2 In the Device Information area, view and configure the basic information of the
storage device.
1. For 6.1.3 and later versions, click Query Recommended Version at the
Version field, and scan the QR code that is displayed using a mobile device to
view the recommended version and maintenance information of the device.
You can also download the eService app as prompted and complete the
device information to obtain more services.
2. In Name, enter a name for the storage device.
– The name must contain 1 to 127 characters.
– The name can contain only letters, digits, underscores (_), periods (.), and
hyphens (-).
3. In Location, enter the geographical location of the storage device.
The location must contain 1 to 511 characters.
Step 3 In the Device Time area, set the device time.
NOTICE
Changing the device time may have the following impacts on the system:
● If the changed device time exceeds the license validity period, the license may
be invalid.
● If the changed device time exceeds the certificate validity period, the certificate
may expire.
● If the changed device time exceeds the password validity period set by a user,
the system may force the user to change the login password.
Set the correct time zone and time. Otherwise, the time recorded in alarms or logs
may be different from the actual time, which affects fault locating.
You can set the device time using any of the following methods:
● Synchronize with the client time.
a. Select Synchronize with client time.
b. Specify Client Time Zone, which is the time zone where the client
resides.
● Change the time manually.
a. Select Change manually.
b. In Time After Change, set the device time and time zone.
● Set automatic NTP synchronization.
a. Select Synchronize with NTP server time.
b. Click Configure.
The Configure Auto NTP Sync page is displayed on the right.
c. In NTP Server Address, enter the IPv4 address, IPv6 address, or domain
name of the NTP server.
NOTE
NTP authentication can be enabled only when NTPv4 or later is used. After
authentication, the NTP server automatically synchronizes the time to the
storage device.
f. Select the time zone where the device is located from the Client Time
Zone drop-down list box.
g. Click OK.
Step 4 In the License Management area, import, activate, or update the license.
NOTE
● Depending on whether a license has been imported or activated, the license operation
displayed in the License Management area can be Import License, Activate License,
or Update License.
● You can also choose Settings > License Management on DeviceManager to access the
License Management page to import, activate, or update the license.
● For OceanStor Dorado 3000 of 6.1.2 and later, you must activate the file service to use it
after importing the NAS Foundation license. Activating the file service will cause all
controllers to restart. Ensure that you accept the impact. Choose Settings > File Service
> Activate Now, read the dialog box that is displayed, enter the password of the current
login user, and activate the file service as prompted.
i. Click .
ii. Select the license file, and click Open.
The button for file upload varies depending on browsers.
iii. Click Upload.
c. View Feature, Total Capacity, and Invalid Date of the imported license
in the information display area.
d. Click Activate.
Follow the prompts that appear to activate the license.
2. Activate the license.
If a license file has been imported but not activated, Activate License is
displayed in the License Management area.
Click Activate License, and follow the prompts that appear to activate the
license.
3. Update the license.
If a license file has been imported and activated, Update License is displayed
in the License Management area. Update the license as needed.
a. Click Update License.
The Update License page is displayed.
b. Import the license file.
i. Click .
ii. Select the license file, and click Open.
The button for file upload varies depending on browsers.
iii. Click Upload.
c. In the information displayed area, check the differences between active
and inactive license files.
Parameter Description
Parameter Description
Configure an IP address for the active or standby DNS service for system
management.
NOTE
On the Initialize Configuration page, this parameter is available only in 6.1.2 and later
versions. You can also choose Settings > Basic Information > DNS Service to configure the
DNS service. For details, see "Connecting a Storage System to the DNS Server" in
Administrator Guide.
1. Click Configure.
The Configure DNS Service page is displayed on the right.
2. Set Active DNS IP Address.
3. (Optional) Set Standby DNS IP Address 1.
4. (Optional) Set Standby DNS IP Address 2.
NOTE
Set Standby DNS IP Address 1 first and then Standby DNS IP Address 2.
5. (Optional) Test the connection between the DNS server and the storage
system.
– You can click Test next to a DNS IP address to test its availability.
– You can click Test All to test the connection between the DNS server and
the storage system.
6. Click OK.
Step 6 In the Alarm Settings area, configure email notification and SMS notification.
● Configure email notification.
For the prerequisites and precautions for configuring email notification, see
4.2.2 Setting Email Notification (Applicable to 6.1.3 and Later).
SMTP Port Port number of SMTP. The default value is 25, and
the value of this parameter ranges from 1 to
65535.
The SMTP port number configured on a storage
system must be consistent with that configured on
the SMTP server.
[Example]
3
Parameter Description
Parameter Description
Email Title Prefix Sender-defined email title field. If there are too
many emails, users can search for desired emails
using this field.
NOTE
iii. Click .
d. (Optional) Click Test to verify the connectivity between the storage
system and the SMTP server.
e. Click OK.
● Configure SMS notification.
For the prerequisites for configuring SMS notification, see 4.3 Configuring
SMS Notification.
a. Enable SMS Notification .
The Configure SMS Notification page is displayed on the right.
b. Set SMS Center Phone Number.
The value starts with a country code followed by digits.
c. Set a recipient phone number.
----End
Context
● When you create a storage pool, the default and recommended hot spare
policy is Low (1 disk). Possible options are None, Low (1 disk), High (2
disks), Custom (3 disks), Custom (4 disks), Custom (5 disks), Custom (6
disks), Custom (7 disks), and Custom (8 disks).
NOTE
● The storage system uses RAID 2.0+ virtualization technology, so hot spare capacity
is provided by all member disks in each storage pool. For ease of understanding,
the hot spare capacity is expressed in the number of hot spare disks on
DeviceManager.
● Even if the hot spare space is used up, the system can use the free space of the
storage pool to reconstruct data, ensuring storage system reliability.
● For details about storage resource planning, see "Planning Storage Resources"
in the Basic Storage Service Configuration Guide for Block.
You can log in to Huawei's technical support website (https://
support.huawei.com/enterprise/) and enter the product model + document
name in the search box to search for, browse, and download documents. You
can use the same method to search for and download other Huawei
documents referenced in this document.
NOTE
The information displayed on the interface is only for reference and is subject to the actual
situation.
To modify parameter settings, click . In the displayed Modify Storage Pool dialog box,
set the storage pool parameters.
Step 2 Determine whether to select Retain historical monitoring data. If you select this
option, historical monitoring data will be saved to the created storage pool.
Step 3 Click Next. The system creates the storage pool.
----End
NOTE
● The Provision page is displayed and the result of creating the storage pool is displayed.
● If you want to modify the properties of the created storage pool, click Previous to
return to the Create Storage Pool page and click .
● For details, see "Modifying the Properties of a Storage Pool" in the Basic Storage Service
Configuration Guide for Block.
NOTE
The information displayed on the interface is only for reference and is subject to the actual
situation.
Parameter Description
Data Encryption Indicates whether to enable data encryption for all self-
encrypting disks (SEDs) in the storage pool.
● If this function is disabled, the storage pool is not
encrypted.
● If this function is enabled, the storage pool is encrypted.
Ensure that you select only SEDs.
NOTE
If this function is enabled, the system automatically checks whether
the key service has been configured. If the key service has not been
configured, the system will prompt you to configure the key service.
For details, see the Disk Encryption User Guide specific to your
product model and version.
Parameter Description
RAID Policy RAID policy of the storage pool. Dynamic RAID is used.
Dynamic RAID reconstruction uses the erasure coding (EC)
algorithm, which dynamically adjusts the number of chunks
in a chunk group under all-SSD configurations to ensure
system reliability and capacity. If a chunk is faulty and no
chunk is available from disks outside the storage pool, the
system dynamically reconstructs the original N+M chunks to
(N-1)+M chunks. When a new SSD is inserted, the system
migrates data from the (N-1)+M chunks to the newly
constructed N+M chunks for efficient disk usage.
The RAID levels are defined as follows:
● RAID 5: Parity data is distributed on different chunks. In
each chunk group, the parity data occupies the space of
one chunk. RAID 5 is able to tolerate the failure on only
one chunk. If two or more chunks fail, data in the chunk
group cannot be recovered.
● RAID 6: Parity data is distributed on different chunks. In
each chunk group, the parity data occupies the space of
two chunks. RAID 6 is able to tolerate simultaneous
failures on two chunks. If three or more chunks fail, data
in the chunk group cannot be recovered.
● RAID-TP: Parity data is distributed on different chunks. In
each chunk group, the parity data occupies the space of
three chunks. RAID-TP is able to tolerate simultaneous
failures on three chunks. If four or more chunks fail, data
in the chunk group cannot be recovered.
NOTE
● When Redundancy Policy is set to Disk redundancy, possible
options for this parameter are RAID 5, RAID 6, and RAID-TP.
● When Redundancy Policy is set to Enclosure redundancy,
possible options for this parameter are RAID 6 and RAID-TP.
[Default value]
RAID 6 for disk redundancy and RAID-TP for enclosure
redundancy
Parameter Description
SmartTier Manually select drives of the SCM and SSD types to activate
SmartTier.
SCM drive types include SCM drives.
SSD drive types include SSDs and NVMe SSDs.
NOTE
This parameter is available only when Redundancy Policy is set to
Disk redundancy and the selected controller enclosure contains
SCM drives.
Parameter Description
Hot Spare Policy Hot spare policy of the storage pool. Hot spare space stores
data from the failed member disks to ensure system
continuity and reliability.
[Value range]
None, Low (1 disk), High (2 disks), Custom (3 disks),
Custom (4 disks), Custom (5 disks), Custom (6 disks),
Custom (7 disks), and Custom (8 disks)
[Default value]
Low (1 disk)
NOTE
● Hot spare capacity is provided by all member disks in each
storage pool because the storage system uses RAID 2.0+
virtualization technology. For ease of understanding, the hot
spare capacity is expressed in the number of hot spare disks on
DeviceManager.
● Even if the hot spare space is used up, the system can use the
free space of the storage pool to reconstruct data, ensuring
storage system reliability.
Parameter Description
NOTE
Step 3 Determine whether to select Retain historical monitoring data. If you select this
option, historical monitoring data will be saved to the created storage pool.
----End
Context
● When you create a storage pool, the default and recommended hot spare
policy is Low (1 disk). Possible options are None, Low (1 disk), High (2
● The storage system uses RAID 2.0+ virtualization technology, so hot spare capacity
is provided by all member disks in each storage pool. For ease of understanding,
the hot spare capacity is expressed in the number of hot spare disks on
DeviceManager.
● Even if the hot spare space is used up, the system can use the free space of the
storage pool to reconstruct data, ensuring storage system reliability.
● For details about storage resource planning, see "Planning Storage Resources"
in the Basic Storage Service Configuration Guide for Block.
NOTE
The information displayed on the interface is only for reference and is subject to the actual
situation.
To modify parameter settings, click . In the displayed Modify Storage Pool dialog box,
set the storage pool parameters.
Step 2 Determine whether to select Retain historical monitoring data. If you select this
option, historical monitoring data will be saved to the created storage pool.
Step 3 Click Next.
----End
NOTE
● The Provision page is displayed and the result of creating the storage pool is displayed.
● If you want to modify the properties of the created storage pool, click Previous to
return to the Create Storage Pool page and click .
● For details, see "Modifying the Properties of a Storage Pool" in the Basic Storage Service
Configuration Guide for Block.
NOTE
The information displayed on the interface is only for reference and is subject to the actual
situation.
Parameter Description
Encryption For non-SEDs, the storage system uses DEKs to encrypt data
Algorithm and then writes the encrypted data to disks. When data is
read, the storage system uses the DEKs to decrypt the data.
If only non-SEDs are used, you must select an encryption
algorithm after data encryption is enabled. Possible values
are SM4 and AES.
If both SEDs and non-SEDs are used, after data encryption is
enabled, the system uses the same algorithm as that used
by the SEDs to encrypt data on the non-SEDs by default.
NOTE
● This parameter is available only when Data Encryption is
enabled and the HyperEncryption license has been imported.
● Only the Sansec KMIP key server supports the SM4 encryption
algorithm.
● The SM4 encryption algorithm is supported only in the Chinese
Mainland.
● The encryption algorithm cannot be changed once being
specified during storage pool creation.
● Only 6.1.5 and later versions support this parameter.
Parameter Description
Parameter Description
RAID Policy RAID policy of the storage pool. Dynamic RAID is used.
Dynamic RAID reconstruction uses the erasure coding (EC)
algorithm, which dynamically adjusts the number of chunks
in a chunk group under all-SSD configurations to ensure
system reliability and capacity. If a chunk is faulty and no
chunk is available from disks outside the storage pool, the
system dynamically reconstructs the original N+M chunks to
(N-1)+M chunks. When a new SSD is inserted, the system
migrates data from the (N-1)+M chunks to the newly
constructed N+M chunks for efficient disk usage.
The RAID levels are defined as follows:
● RAID 5: The parity data in each chunk group occupies the
space of one chunk. The failure on any one chunk can be
tolerated. If two or more chunks fail, data in the chunk
group cannot be recovered.
● RAID 10: Failures on any two chunks can be tolerated. If
three or more chunks fail, data in the chunk group
cannot be recovered.
● RAID 6: In each chunk group, the parity data occupies the
space of two chunks. Failures on any two chunks can be
tolerated. If three or more chunks fail, data in the chunk
group cannot be recovered.
● RAID-TP: In each chunk group, the parity data occupies
the space of three chunks. Failures on any three chunks
can be tolerated. If four or more chunks fail, data in the
chunk group cannot be recovered.
NOTE
● For 6.1.2 and later versions, RAID 5 can be configured only in CLI
mode.
● When Redundancy Policy is set to Disk redundancy, possible
options for this parameter are RAID 6 and RAID-TP.
● When Redundancy Policy is set to Enclosure redundancy,
possible options for this parameter are RAID 10, RAID 6 and
RAID-TP.
[Default value]
RAID 6 for disk redundancy and RAID-TP for enclosure
redundancy
Parameter Description
SmartTier Manually select drives of the SCM and SSD types to activate
SmartTier.
SCM drive types include SCM drives.
SSD drive types include SSDs and NVMe SSDs.
NOTE
This parameter is available only when Redundancy Policy is set to
Disk redundancy and the selected controller enclosure contains
SCM drives.
Parameter Description
Hot Spare Policy Hot spare policy of the storage pool. Hot spare space stores
data from the failed member disks to ensure system
continuity and reliability.
[Value range]
None, Low (1 disk), High (2 disks), Custom (3 disks),
Custom (4 disks), Custom (5 disks), Custom (6 disks),
Custom (7 disks), and Custom (8 disks)
[Default value]
Low (1 disk)
NOTE
● Hot spare capacity is provided by all member disks in each
storage pool because the storage system uses RAID 2.0+
virtualization technology. For ease of understanding, the hot
spare capacity is expressed in the number of hot spare disks on
DeviceManager.
● Even if the hot spare space is used up, the system can use the
free space of the storage pool to reconstruct data, ensuring
storage system reliability.
Parameter Description
NOTE
Step 3 Determine whether to select Retain historical monitoring data. If you select this
option, historical monitoring data will be saved to the created storage pool.
Step 4 Click OK and follow the prompts that appear.
Step 5 Click Next.
----End
Parameter Description
Parameter Description
Port Type Type of the port to which the logical port belongs.
Possible values are Ethernet port, Bond port, VLAN,
and RoCE port.
NOTE
● When Data Protocol is NFS, CIFS, NFS + CIFS, or iSCSI,
you can select an Ethernet port, bond port, or VLAN.
● When Data Protocol is NVMe over RoCE, you can
select a VLAN or RoCE port.
● Only 6.1.5 and later versions support RoCE ports.
NOTE
You can also click More on the right of the logical port and select Manage
Route.
Paramet Description
er
NOTICE
This function requires Huawei's UltraPath multipathing software on the host side.
NOTE
The screenshot is for reference only and the actual GUI may vary.
● If the host uses Huawei UltraPath, enable Use UltraPath Host. After this
function is enabled:
– The storage system automatically detects the host.
– Configure UltraPath on the host as prompted. For details, see
Configuring UltraPath on Your Host.
● If the host uses the native multipathing software of the operating system,
disable Use Ultrapath Host and exit the initialization wizard.
● If the storage system is connected to your host over a Fibre Channel network,
query WWN information of the HBA on your host. If switches are used,
categorize HBA ports on your host and ports on the storage system into zones
based on the network planning.
– The Scan for Host function of the storage system is applicable only when Huawei
UltraPath has been installed on the host.
– The UltraPath and SmartKit versions must match the storage system version. For
details, refer to the version mapping table. To obtain the version mapping table,
log in to https://support.huawei.com/enterprise/, enter your storage model in
the search box, and select the associated path to the product documentation page.
Then find and download the version mapping table.
– During manual installation, run the install.sh script on Linux.
Step 3 Run the command for scanning LUNs on your host and ensure that the host
information is registered on the storage system.
NOTE
● The purpose of this operation is to register host information on the storage system
instead of discovering storage resources.
● The LUN scanning method varies with operating system. For common scanning
methods, see E LUN Scanning Methods in Different Operating Systems. For more
details, see the Host Connectivity Guide.
● If your host has not been mapped to a LUN, a 16 KB virtual disk will be displayed on
your operating system. This virtual disk will disappear if you map your host to a LUN.
Step 4 After UltraPath has been installed and LUN scanning is completed on the host,
select Installing UltraPath and scanning for LUNs are complete on
DeviceManager.
----End
Step 2 Click the number of discovered hosts. The Hosts page is displayed.
Step 3 View the host list for information about the scanned hosts. Table 2-10 describes
the related parameters.
----End
If a host running UltraPath has been scanned, click Create LUN Group to allocate
storage resources to the host.
NOTE
The screenshot is for reference only and the actual GUI may vary.
iii. Specify the LUN name prefix, capacity per LUN, and quantity. Table
2-11 describes the parameters.
Parameter Description
Name Prefix Name prefix of the LUN. The names of the new
LUNs are numbered in sequence based on the
name prefix.
Parameter Description
iv. (Optional) When creating LUNs in batches, click and specify Start
Number, from which the system incrementally adds a suffix number
to the name of each LUN for distinction.
NOTE
You can select Only show the LUNs that do not belong to any LUN group to
view LUNs that do not belong to any LUN group.
4. (Optional) Select a host group or host from Map To.
NOTE
If no host or host group exists in the system, click Create to create one.
5. (Optional) Select a Port Group.
NOTE
– To display this option, select the host or host group to which the LUN group is to
be mapped.
– If no port group exists in the system, click Create to create one.
6. (Optional) In the Host LUN ID area, select a method of setting the IDs.
– Automatic: The system assigns a host LUN ID to each LUN mapped to a
host.
– Start ID: Set a start ID ranging from 0 to 4095. The system assigns a host
LUN ID to each LUN mapped to a host, starting from Start ID.
– Specified ID: Manually assign a host LUN ID to each LUN mapped to a
host.
NOTE
Parameter Host LUN ID is hidden. To display it, click Advanced and select the host or
host group to which the LUN group is to be mapped.
----End
Follow-up Procedure
After allocating storage resources to a host, update and query the allocated LUNs
on your host.
● If your host is running Huawei UltraPath, see the OceanStor UltraPath for XXX
User Guide for the LUN management commands. (XXX indicates the
operating system.)
For example, on Linux, you can run upRescan or hot_add to update LUN
information and run upadmin show vlun to query the LUNs mapped to the
host.
linux:~ # upRescan
Begin to delete LUNs whose mappings do not exist
Begin to delete LUNs whose mappings are changed.
begin scan host1
begin scan host2
begin scan host3
begin scan host4
begin scan host5
begin scan host6
begin scan host7
begin scan host8
begin scan host9
The device scanning is complete.
linux:~ # upadmin show vlun
-----------------------------------------------------------------------------------------------------------------------
---------------------------------------------------------
Vlun ID Disk Name Lun WWN Status Capacity Ctrl(Own/Work)
Array Name Dev Lun ID No. of Paths(Available/Total)
0 sdb LUNGroup001_0000000 6203db2100d7b78b00668c2700000000 Normal 100.00GB
NOTICE
This function requires Huawei's UltraPath multipathing software on the host side.
NOTE
The screenshot is for reference only and the actual GUI may vary.
● If the host uses Huawei UltraPath, enable Use UltraPath Host. After this
function is enabled:
– The storage system automatically detects the host.
– Configure UltraPath on the host as prompted. For details, see
Configuring UltraPath on Your Host.
● If the host uses the native multipathing software of the operating system,
disable Use Ultrapath Host and exit the initialization wizard.
NOTICE
NOTE
The screenshot is for reference only and the actual GUI may vary.
● If the host uses Huawei UltraPath, enable UltraPath Host Auto Scan. After
this function is enabled:
– The storage system automatically detects the host.
– Configure UltraPath on the host as prompted. For details, see
Configuring UltraPath on Your Host.
● If the host uses the native multipathing software of the operating system,
disable UltraPath Host Auto Scan and exit the initialization wizard.
– The Scan for Host function of the storage system is applicable only when Huawei
UltraPath has been installed on the host.
– The UltraPath and SmartKit versions must match the storage system version. For
details, refer to the version mapping table. To obtain the version mapping table,
log in to https://support.huawei.com/enterprise/, enter your storage model in
the search box, and select the associated path to the product documentation page.
Then find and download the version mapping table.
– During manual installation, run the install.sh script on Linux.
Step 3 Run the command for scanning LUNs on your host and ensure that the host
information is registered on the storage system.
NOTE
● The purpose of this operation is to register host information on the storage system
instead of discovering storage resources.
● The LUN scanning method varies with operating system. For common scanning
methods, see E LUN Scanning Methods in Different Operating Systems. For more
details, see the Host Connectivity Guide.
● If your host has not been mapped to a LUN, a 16 KB virtual disk will be displayed on
your operating system. This virtual disk will disappear if you map your host to a LUN.
Step 4 After UltraPath has been installed and LUN scanning is completed on the host,
select Installing UltraPath and scanning for LUNs are complete on
DeviceManager.
NOTE
----End
Step 2 Click the number of discovered hosts. The Hosts page is displayed.
Step 3 View the host list for information about the scanned hosts. Table 2-12 describes
the related parameters.
Parameter Description
Parameter Description
----End
If a host running UltraPath has been scanned, click Create LUN Group to allocate
storage resources to the host.
NOTE
The screenshot is for reference only and the actual GUI may vary.
NOTE
The following preset application types are provided for typical applications:
Default, Oracle_OLAP, Oracle_OLTP, Oracle_OLAP&OLTP,
SQL_Server_OLAP, SQL_Server_OLTP, SQL_Server_OLAP&OLTP,
SAP_HANA, Vmware_VDI, Hyper-V_VDI, Others, and FusionAccess_VDI.
○ The preset application types specify the application request sizes. When
SmartCompression and SmartDedupe licenses are imported to the
system, the preset application types also display whether
SmartCompression and SmartDedupe are enabled. For details, see
SmartDedupe and SmartCompression Feature Guide for Block of the
desired product model and version.
○ After you have set an application type for a LUN, you are unable to
change it in follow-up operations.
○ If the application type configured for a LUN does not match the actual
I/O model, the LUN performance may deteriorate.
○ If none of the preset application types matches the actual I/O model,
you can run the create lun_workload_type general command to create
one. For details on this command, refer to the Command Reference.
○ Only 6.1.3 and later versions support Others.
ii. Specify the LUN name prefix, capacity per LUN, and quantity. Table
2-13 describes the parameters.
Name Prefix Name prefix of the LUN. The names of the new
LUNs are numbered in sequence based on the
name prefix.
Parameter Description
iii. (Optional) When creating LUNs in a batch, click and set the
suffixes of the LUNs. Related parameters include Suffix Digits and
Suffix (start number of the suffixes). The system adds a suffix to the
end of each LUN name in ascending order based on the specified
start suffix number.
NOTE
You can select Only show the LUNs that do not belong to any LUN group to
view LUNs that do not belong to any LUN group.
5. (Optional) Configure a mapping for the LUN group.
a. Select a host or host group.
NOTE
If no host or host group exists in the system, click Create to create one.
b. Select a port group.
NOTE
▪ To display this option, select the host or host group to which the LUN group is
to be mapped.
c. Select Advanced in the upper right corner and set how to assign host
LUN IDs.
▪ Start ID: Set a start ID ranging from 0 to 4095. The system assigns a
host LUN ID to each LUN mapped to a host, starting from Start ID.
----End
Follow-up Procedure
After allocating storage resources to a host, update and query the allocated LUNs
on your host.
● If your host is running Huawei UltraPath, see the OceanStor UltraPath for XXX
User Guide for the LUN management commands. (XXX indicates the
operating system.)
For example, on Linux, you can run upRescan or hot_add to update LUN
information and run upadmin show vlun to query the LUNs mapped to the
host.
linux:~ # upRescan
Begin to delete LUNs whose mappings do not exist
Begin to delete LUNs whose mappings are changed.
begin scan host1
begin scan host2
begin scan host3
begin scan host4
begin scan host5
begin scan host6
begin scan host7
begin scan host8
begin scan host9
The device scanning is complete.
linux:~ # upadmin show vlun
-----------------------------------------------------------------------------------------------------------------------
---------------------------------------------------------
Vlun ID Disk Name Lun WWN Status Capacity Ctrl(Own/Work)
Array Name Dev Lun ID No. of Paths(Available/Total)
0 sdb LUNGroup001_0000000 6203db2100d7b78b00668c2700000000 Normal 100.00GB
--/-- Huawei.Storage.testhy 0 2/2
1 sdd LUNGroup001_0000001 6203db2100d7b78b00668ca700000001 Normal 100.00GB
--/-- Huawei.Storage.testhy 1 2/2
2 sdf LUNGroup001_0000002 6203db2100d7b78b00668d2500000002 Normal 100.00GB
--/-- Huawei.Storage.testhy 2 2/2
3 sdg LUNGroup001_0000003 6203db2100d7b78b00668da500000003 Normal 100.00GB
--/-- Huawei.Storage.testhy 3 2/2
4 sdh LUNGroup001_0000004 6203db2100d7b78b00668e2000000004 Normal 100.00GB
--/-- Huawei.Storage.testhy 4 2/2
-----------------------------------------------------------------------------------------------------------------------
---------------------------------------------------------
Procedure
Step 1 Click Create File System.
NOTE
Parameter Description
Capacity Alarm Alarm threshold of the file system capacity. An alarm will be
Threshold (%) generated when the threshold is reached.
Application Type Application type of the file system. Preset application types
are provided for typical applications. In file service scenarios,
possible options are NAS_Default, NAS_Virtual_Machine,
NAS_Database, NAS_Large_File, Office_Automation, and
NAS_EDA.
NOTE
● The Application Request Size and File System Distribution
Algorithm parameters are set for preset application types. The
value of Application Request Size is 16 KB for NAS_Default,
NAS_Virtual_Machine, Office_Automation, and NAS_EDA, 8
KB for NAS_Database, and 32 KB for NAS_Large_File. If
Application Type is set to NAS_Default, NAS_Large_File, or
Office_Automation, File System Distribution Algorithm is
Directory balance mode. In this mode, directories are evenly
allocated to each controller by quantity. If Application Type is
set to NAS_Virtual_Machine, NAS_Database, or NAS_EDA, File
System Distribution Algorithm is Performance mode. In this
mode, directories and files are allocated to the access controller
preferentially to improve access performance of directories and
files.
● When SmartCompression and SmartDedupe licenses are
imported to the system, the preset application types also display
whether SmartCompression and SmartDedupe are enabled. For
details, see SmartDedupe and SmartCompression Feature Guide
for File specific to your product model and version.
● Application Type cannot be changed once being configured. You
are advised to set the value based on the service I/O model.
● To create an application type, run the create workload_type
general name=? io_size=? command. For details, see the
Command Reference specific to your product model and version.
● You can also run the create file_system general or change
file_system general command to create or modify a file system
respectively. For details, see the Command Reference specific to
your product model and version.
Parameter Description
Parameter Description
NOTE
NOTE
If LDAP, NIS, or AD domain servers for file services are deployed on the user
network, set required domain environment parameters on DeviceManager to add
the storage system to the corresponding domain environment. In this way, NAS
clients can access the shared storage space through authentication.
● To add the storage system to an LDAP domain, click Configure next to LDAP,
and set parameters on the Configure File Service LDAP Domain page that is
displayed.
● To add the storage system to an NIS domain, click Configure next to NIS, and
set parameters on the Configure File Service NIS Domain page that is
displayed.
● To add the storage system to an AD domain, click Configure next to AD, and
set parameters on the Configure File Service AD Domain page that is
displayed.
NOTE
● You can click on the configuration page to view the parameter description from the
online help, or see sections "Configuring LDAP Domain Authentication Parameters",
"Configuring NIS Domain Authentication Parameters", and "Configuring AD Domain
Authentication Parameters" in the Basic Storage Service Configuration Guide for File.
● The initial configuration wizard provides a quick entry for domain authentication. You
can skip domain authentication as required, and configure it when needed by referring
to the Basic Storage Service Configuration Guide for File.
NOTE
The screenshot is for reference only and the actual GUI may vary.
Parameter Description
Step 3 Set the capacity and tuning information of the file system.
Table 2-16 describes the parameters.
Capacity Alarm Alarm threshold of the file system capacity. An alarm will be
Threshold (%) generated when the threshold is reached.
NOTE
● Capacity Alarm Threshold (%) is hidden. To display hidden
parameters, click Advanced.
● The alarm is cleared only when the used capacity of the file
system is smaller than Max {90% of the threshold capacity,
threshold capacity - 1 GB}.
Parameter Description
Application Type Application type of the file system. Preset application types
are provided for typical applications. In file service scenarios,
possible options are NAS_Default, NAS_Virtual_Machine,
NAS_Database, NAS_Large_File, Office_Automation, and
NAS_EDA.
NOTE
● The Application Request Size and File System Distribution
Algorithm parameters are set for preset application types. The
value of Application Request Size is 16 KB for NAS_Default,
NAS_Virtual_Machine, Office_Automation, and NAS_EDA, 8
KB for NAS_Database, and 32 KB for NAS_Large_File. If
Application Type is set to NAS_Default, NAS_Large_File,
Office_Automation, or NAS_EDA, File System Distribution
Algorithm is Directory balance mode. In this mode, directories
are evenly allocated to each controller by quantity. If
Application Type is set to NAS_Virtual_Machine or
NAS_Database, File System Distribution Algorithm is
Performance mode. In this mode, directories and files are
allocated to the access controller preferentially to improve
access performance of directories and files.
● When SmartCompression and SmartDedupe licenses are
imported to the system, the preset application types also display
whether SmartCompression and SmartDedupe are enabled. For
details, see SmartDedupe and SmartCompression Feature Guide
for File specific to your product model and version.
● Application Type cannot be changed once being configured.
You are advised to set the value based on the service I/O model.
● To create an application type, run the create workload_type
general name=? io_size=? command. For details, see the
Command Reference of the desired model and version.
● You can also run the create file_system general or change
file_system general command to create or modify a file system
respectively. For details, see the Command Reference of the
desired model and version.
Step 4 If a HyperMetro vStore pair has been created for the selected vStore, you need to
configure HyperMetro for the newly created file system.
Specify Remote Storage Pool for creating a remote file system. The system will
create a remote file system on the remote device of the HyperMetro vStore pair
and add the local and remote file systems to a HyperMetro pair.
For details about HyperMetro, see HyperMetro Feature Guide (File Service) of the
corresponding version.
Step 5 Configure shares for the file system.
● Set NFS shares for the file system.
a. Enable NFS.
b. Set Creation Mode. Possible values are From template or New.
▪ From template
Select a share template from the drop-down list box. The system
presets the description and permission of the created share based on
the selected template. You can click Modify on the right of Share to
modify the share information.
▪ New
The system presets the read and write permissions of all clients. You
can click Modify on the right of Share to modify the share
information.
● Set CIFS shares for the file system.
a. Enable CIFS.
b. Set Creation Mode. Possible values are From template or New.
▪ From template
Select a share template from the drop-down list box. The system
presets the description and permission of the created share based on
the selected template. You can click Modify on the right of Share to
modify the share information.
▪ New
The system presets the full control permission for everyone. You can
click Modify on the right of Share to modify the share information.
Step 6 Set a quota for the file system.
NOTE
1. Enable Quota.
2. Click Create.
The Create Quota page is displayed on the right.
3. Specify Quota Type. Possible options are Directory quota, User quota, and
User group quota.
– Directory quota
NOTE
The directory quota takes effect for all dtrees in the file system.
– User quota
i. Click Select.
The Select User page is displayed.
ii. Select the users for which you want to create a quota.
○ If you select All users, the quota limits the space usage or file
quantity of each user in the system.
○ If you select Specified users, click Add. On the Add User page
that is displayed, select the UNIX Users or Windows Users tab,
and select one or more desired users. Then click OK.
NOTE
If you set User Type to Local authentication user, select the desired
users in the list below.
If you set User Type to LDAP domain user, NIS domain user, or AD
domain user, enter the user names in the Name text box.
To remove added users, click Remove on the right of a desired user, or
select one or more desired users and click Remove.
○ If you select Specified user groups, the quota limits the space
usage or file quantity of each specified user group. To add a user
group, click Add. On the Add User Group page that is displayed,
select a user group type and select the desired user groups. Then
click OK.
NOTE
NOTE
Hard Quota Space hard quota. If the quota is reached, the system
immediately forbids writes.
[Value range]
1 KB to 256 PB
The value must be larger than that of Soft Quota.
Soft Quota Space soft quota. If the quota is reached, the system
generates an alarm but still allows writes. After the hard
quota is reached, the system immediately forbids writes.
[Value range]
1 KB to 256 PB
The value must be smaller than that of Hard Quota.
Hard Quota File quantity hard quota. If the quota is reached, new
files cannot be added. Operations on existing files are
not affected.
[Value range]
1 file to 2 billion files
The value must be larger than that of Soft Quota.
Parameter Description
Soft Quota File quantity soft quota. If the quota is reached, the
system generates an alarm but new files can still be
added. After the hard quota is reached, new files cannot
be added.
[Value range]
1 file to 2 billion files
The value must be smaller than that of Hard Quota.
NOTE
– If you do not set the space quota or file quantity quota, the storage system only
collects statistics on but does not control the space usage or file quantity. To view
the statistics about used space quota and used file quantity quota, choose Services
> File Service > Quotas > Quota Reports, and select the desired file system.
– To modify a quota, click More on the right of the quota and select Modify.
– To delete a quota, select the quota and click Delete above the list or click More on
the right of the quota.
– The parameters for creating a quota are preset. A quota is created for a file system
only after the file system has been created.
NOTE
Advanced attributes are hidden options. To display hidden parameters, click Advanced.
----End
NOTE
The screenshot is for reference only and the actual GUI may vary.
If LDAP, NIS, or AD domain servers for file services are deployed on the user
network, set required domain environment parameters on DeviceManager to add
the storage system to the corresponding domain environment. In this way, NAS
clients can access the shared storage space through authentication.
● To add the storage system to an LDAP domain, click Configure next to LDAP,
and set parameters on the Configure File Service LDAP Domain page that is
displayed.
● To add the storage system to an NIS domain, click Configure next to NIS, and
set parameters on the Configure File Service NIS Domain page that is
displayed.
● To add the storage system to an AD domain, click Configure next to AD, and
set parameters on the Configure File Service AD Domain page that is
displayed.
NOTE
● You can click on the configuration page to view the parameter description from the
online help, or see sections "Configuring LDAP Domain Authentication Parameters",
"Configuring NIS Domain Authentication Parameters", and "Configuring AD Domain
Authentication Parameters" in the Basic Storage Service Configuration Guide for File.
● The initial configuration wizard provides a quick entry for domain authentication. You
can skip domain authentication as required, and configure it when needed by referring
to the Basic Storage Service Configuration Guide for File.
NOTE
The screenshot is for reference only and the actual GUI may vary.
Parameter Description
Step 3 Set the capacity and tuning information of the file system.
Table 2-21 describes the parameters.
Capacity Alarm Alarm threshold of the file system capacity. An alarm will be
Threshold (%) generated when the threshold is reached.
NOTE
● Capacity Alarm Threshold (%) is hidden. To display hidden
parameters, select Advanced.
● Capacity threshold = File system capacity x (1 - Reserved
snapshot space ratio (%)) x Capacity alarm threshold (%)
● The alarm is cleared only when the used capacity of the file
system is smaller than Max {90% of the threshold capacity,
threshold capacity - 1 GB}.
Parameter Description
Auto Expansion When the ratio of the used capacity to the total capacity of
Trigger Threshold a file system is greater than this threshold, the storage
(%) system automatically triggers file system capacity
expansion.
NOTE
● This parameter is displayed only when Capacity Auto-
negotiation Policy is set to Auto expansion or Auto
expansion/reduction.
● The value of Auto Expansion Trigger Threshold (%) must be
greater than that of Auto Reduction Trigger Threshold (%).
● Only 6.1.5 and later versions support this parameter.
Auto Reduction When the ratio of the used capacity to the total capacity of
Trigger Threshold a file system is smaller than this threshold, the storage
(%) system automatically triggers space reclamation to reduce
the file system capacity.
NOTE
● This parameter is displayed only when Capacity Auto-
negotiation Policy is set to Auto expansion/reduction.
● Only 6.1.5 and later versions support this parameter.
Parameter Description
Application Type Application type of the file system. Preset application types
are provided for typical applications. In file service scenarios,
possible options are NAS_Default, NAS_Virtual_Machine,
NAS_Database, NAS_Large_File, Office_Automation,
NAS_Others, and NAS_EDA.
NOTE
● The Application Request Size and File System Distribution
Algorithm parameters are set for preset application types. The
value of Application Request Size is 16 KB for NAS_Default,
NAS_Virtual_Machine, Office_Automation, NAS_Others, and
NAS_EDA, 8 KB for NAS_Database, and 32 KB for
NAS_Large_File. If Application Type is set to NAS_Default,
NAS_Large_File, Office_Automation, NAS_Others, or
NAS_EDA, File System Distribution Algorithm is Directory
balance mode. In this mode, directories are evenly allocated to
each controller by quantity. If Application Type is set to
NAS_Virtual_Machine or NAS_Database, File System
Distribution Algorithm is Performance mode. In this mode,
directories are preferentially allocated to the controller to which
the shared IP address belongs, improving access performance of
directories and files.
● When SmartCompression and SmartDedupe licenses are
imported to the system, the preset application types also display
whether SmartCompression and SmartDedupe are enabled. For
details, see SmartDedupe and SmartCompression Feature Guide
for File of the desired product model and version.
● Application Type cannot be changed once being configured.
You are advised to set the value based on the service I/O model.
● To create an application type, run the create workload_type
general name=? io_size=? command. For details, see the
Command Reference of the desired model and version.
● You can also run the create file_system general or change
file_system general command to create or modify a file system
respectively. For details, see the Command Reference of the
desired model and version.
Parameter Description
Step 4 If a HyperMetro vStore pair has been created for the selected vStore, you need to
configure HyperMetro for the newly created file system.
Specify Remote Storage Pool for creating a remote file system. The system will
create a remote file system on the remote device of the HyperMetro vStore pair
and add the local and remote file systems to a HyperMetro pair.
For details about HyperMetro, see HyperMetro Feature Guide (File Service) of the
corresponding version.
Step 5 Configure shares for the file system.
● Set NFS shares for the file system.
a. Enable NFS.
b. Set Create From. Possible values are Template or New.
▪ Template
Select a share template from the drop-down list box. The system
presets the description and permission of the created share based on
the selected template. You can click Modify on the right of Share to
modify the share information.
▪ New
The read/write permission of all clients is preset in the system, and
the default root permission of clients is root_squash. You can click
Modify on the right of Share to modify the share information.
● Set CIFS shares for the file system.
a. Enable CIFS.
b. Set Create From. Possible values are Template or New.
▪ Template
Select a share template from the drop-down list box. The system
presets the description and permission of the created share based on
the selected template. You can click Modify on the right of Share to
modify the share information.
▪ New
The system presets the full control permission for everyone. You can
click Modify on the right of Share to modify the share information.
1. Enable Quota.
NOTE
The directory quota of a file system takes effect only for dtrees whose quota
function is enabled. In addition, the quota of each dtree is limited separately.
– User quota
User quota: limits the space usage or file quantity used by a single user.
i. Click Select.
The Select User page is displayed.
ii. Select the users for which you want to create a quota.
○ If you select All users, the quota limits the space usage or file
quantity of each user in the system.
○ If you select Specified users, click Add. On the Add User page
that is displayed, select the UNIX Users or Windows Users tab,
and select one or more desired users. Then click OK.
NOTE
If you set User Type to Local authentication user, select the desired
users in the list below.
If you set User Type to LDAP domain user, NIS domain user, or AD
domain user, enter the user names in the Name text box.
To remove added users, click Remove on the right of a desired user, or
select one or more desired users and click Remove.
○ If you select Specified user groups, the quota limits the space
usage or file quantity of each specified user group. To add a user
group, click Add. On the Add User Group page that is displayed,
select a user group type and select the desired user groups. Then
click OK.
NOTE
Parameter Description
Hard Quota Space hard quota. If the quota is reached, the system
immediately forbids writes.
[Value range]
1 KB to 256 PB
The value must be larger than that of Soft Quota.
Parameter Description
Soft Quota Space soft quota. If the quota is reached, the system
generates an alarm but still allows writes. After the hard
quota is reached, the system immediately forbids writes.
[Value range]
1 KB to 256 PB
The value must be smaller than that of Hard Quota.
Parameter Description
Hard Quota File quantity hard quota. If the quota is reached, new
files cannot be added. Operations on existing files are
not affected.
[Value range]
1 to 2 billion
The value must be larger than that of Soft Quota.
Soft Quota File quantity soft quota. If the quota is reached, the
system generates an alarm but new files can still be
added. After the hard quota is reached, new files cannot
be added.
[Value range]
1 to 2 billion
The value must be smaller than that of Hard Quota.
NOTE
– If you do not set the space quota or file quantity quota, the storage system only
collects statistics on but does not control the space usage or file quantity. To view
the statistics about used space quota and used file quantity quota, choose Services
> File Service > Quotas > Quota Reports, and select the desired file system.
– To modify a quota, click More on the right of the quota and select Modify.
– To delete a quota, select the quota and click Delete above the list or click More on
the right of the quota.
– The parameters for creating a quota are preset. A quota is created for a file system
only after the file system has been created.
NOTE
Atime Update Indicates the Atime update frequency. The options can be
Frequency Hourly and Daily.
----End
o Organization
ou Organization Unit
c Country Name
dc Domain Component
sn Surname
cn Common Name
OpenLDAP Introduction
OpenLDAP is a free and open implementation of LDAP that is now widely used in
various popular Linux releases. OpenLDAP requires licenses.
OpenLDAP mainly consists of the following four components:
● slapd: an independent LDAP daemon
● slurpd: an independent LDAP update and replication daemon
● Library implementing LDAP
● Tool software and illustration client
NOTE
No OpenLDAP installation packages that support the Windows operating system are
provided on the OpenLDAP official website. The Userbooster website provides an open-
source OpenLDAP installation package that supports the following Windows operating
systems: Windows XP, Windows Server 2003, Windows Server 2008, Windows Vista,
Windows 7, Windows 8, and Windows Server 2012.
rootpw XXXXXXXXXXXX
– dc=example,dc=com corresponds to Base DN on the storage system
configuration page.
– cn=Manager,dc=example,dc=com corresponds to Bind DN on the
storage system configuration page.
– XXXXXXXXXXXX corresponds to Bind Password on the storage system
configuration page. If the password is in cipher text, contact LDAP server
administrators to obtain the password.
4. Find configuration files (with .ldif as the file name extension) of users and
user groups that need to access storage systems.
NOTE
LDAP Interchange Format (LDIF) is one of the most common file formats for LDAP
applications. It is a standard mechanism that represents directories in the text format,
and it allows users to import data to and export data from the directory server. LDIF
files store LDAP configurations and directory contents, and you can obtain parameter
information from LDIF files.
5. Use text editing software to open the configuration file and find the DNs of a
user and a user group that correspond to User Directory and Group
Directory respectively on the storage system configuration page.
#root on the top
dn: dc=example,dc=com
dc: example
objectClass: domain
objectClass: top
#First organization unit name: user
dn: ou=user,dc=example,dc=com
ou: user
objectClass: organizationalUnit
objectClass: top
#Second organization unit name: groups
dn: ou=group,dc=example,dc=com
ou: group
objectClass: organizationalUnit
objectClass: top
#The first user represents user1 that belongs to organization unit user in the organizational structure
topology.
dn: cn=user1,ou=user,dc=example,dc=com
cn: user1
objectClass: posixAccount
objectClass: shadowAccount
objectClass: inetOrgPerson
sn: user1
uid: user1
uidNumber: 2882
gidNumber: 888
homeDirectory: /export/home/ldapuser
loginShell: /bin/bash
userPassword: {ssha}eoWxtWNl8YbqsulnwFwKMw90Cx5BSU9DRA==xxxxxx
#The second user represents user2 that belongs to organization unit user in the organizational
structure topology.
dn: cn=user2,ou=user,dc=example,dc=com
cn: user2
objectClass: posixAccount
objectClass: shadowAccount
objectClass: inetOrgPerson
sn: client
uid: client
uidNumber: 2883
gidNumber: 888
homeDirectory: /export/home/client
loginShell: /bin/bash
userPassword: {ssha}eoWxtWNl8YbqsulnwFwKMw90Cx5BSU9DRA==xxxxxx
#The first user group represents group1 that belongs to organization unit group in the organizational
structure topology. The group contains user1 and user2.
dn: cn=group1,ou=group,dc=example,dc=com
cn: group1
gidNumber: 888
memberUid: user1#Belongs to the group.
memberUid: user2#Belongs to the group.
objectClass: posixGroup
3. Run the ls command to view system configuration file slapd.conf and the
configuration file (with .ldif as the file name extension) of users and user
groups who want to access storage systems.
linux-ldap:/etc/openldap #ls
example.ldif ldap.conf schema slap.conf slap.con slapd.conf
4. Run the cat command to open system configuration file slapd.conf where
you can view related parameters.
linux-ldap:/etc/openldap #cat slapd.conf
suffix "dc=example,dc=com"
rootdn "cn=Manager,dc=example,dc=com"
rootpw XXXXXXXXXXXX
Prerequisites
The LDAP domain server or Windows AD domain server has been deployed.
Context
LDAP is a TCP/IP network protocol that enables users to access directory system
agents (DSAs). LDAP functionalities are reduced from X.500 Directory Access
Protocol (DAP).
For storage applications, client hierarchy information is stored on the LDAP server,
and users are authenticated by the LDAP server when accessing the storage
system.
LDAP over SSL (LDAPS) is used for communication between clients and the LDAP
server if the server supports SSL.
NOTE
Procedure
Step 1 Choose Settings > User and Security > Domain Authentication > Management
LDAP Domain.
Step 2 Enable LDAP Service.
NOTE
Server Type Indicates the type of a server. Possible values are Windows
AD domain server and LDAP server.
Client hierarchy information is stored on a domain
authentication server. Users are authenticated by the domain
authentication server when they attempt to access shared
resources.
Address Type The LDAP domain server of the management plane can be
configured by IP address or domain name.
Parameter Description
Step 4 Set LDAP user parameters. Table 3-3 describes related parameters.
Parameter Description
Name Attribute Indicates the name attribute of a user. This parameter defines
the name of a user object and allows the query of a specific
user based on the given name.
[Default value]
● uid (LDAP server)
● sAMAccountName (Windows AD server)
Object Class Class of a user object. Each entry under the LDAP directory is
associated with one or more object types, including user,
group, email, and maintenance terminal.
[Default value]
● posixAccount (LDAP server)
● user (Windows AD server)
Step 5 Enable LDAP Groups and set related parameters. Table 3-4 describes related
parameters.
Parameter Description
Object Class Indicates the class of a group object. Each entry under the
LDAP directory is associated with one or more object types,
including user, group, email, and maintenance terminal.
[Default value]
● groupOfUniqueNames (LDAP server)
● group (AD server)
Step 6 (Optional) Click Test in the upper right corner to test the availability of the
domain authentication server.
NOTE
When Protocol is set to LDAPS, you need to import and save the CA certificate before
performing the test.
----End
Follow-up Procedure
● If you want to create an LDAP user or LDAP user group, see "Creating a
Domain User" in the Administrator Guide.
NOTE
After you have configured the LDAP server on the storage system, you must use an
LDAP user name or LDAP user group name when logging in to the storage system.
Therefore, you must create the LDAP user name or LDAP user group name on the
storage system.
● If you want to configure security policies, accessible IP addresses, and user
permissions, see "Managing Access Permissions of a Storage System" in the
Administrator Guide.
This chapter describes how to configure alarm and event log policies.
4.1 Setting System Status Notification
4.2 Setting Email Notification
4.3 Configuring SMS Notification
4.4 Configuring the Syslog Notification
4.5 Configuring Trap Notification
4.6 Setting Alarm Dump
4.7 Setting Alarm Masking
4.8 Setting Event Notification
Prerequisites
● The email, SMS, and Syslog notification services have been correctly
configured.
● The system notification function has been enabled.
Procedure
Step 1 Choose Settings > Alarm Settings > Alarm Notification.
Step 2 Enable System Notification.
NOTE
Step 3 Set Sending Cycle (h). This value is an integer ranging from 1 to 168 by hour.
Step 4 In Custom Info, enter correct customer information, including the customer name
and contact information, helping maintenance engineers search and locate faults.
NOTE
In Custom Info, 1 to 511 characters can be entered and a single quotation mark (') cannot
be contained.
----End
Prerequisites
● The connectivity between each Simple Mail Transfer Protocol (SMTP) server
and each controller is normal.
● SMTP servers are available. Otherwise, the specified email addresses will not
be able to receive any alarm or event messages.
● The alarm and event email notification function supports PLAIN and LOGIN
authentication mechanisms. Otherwise, the email notification function for
alarms and events is unavailable.
● You have logged in to DeviceManager as an administrator or a super
administrator.
● A storage system sends only the alarms and events generated after the email
notification function is configured to the SMTP server.
● Before configuring a domain name for a server, ensure that the DNS server
can communicate normally with the storage system or the server.
● You are advised to deploy only one SMTP server on a host; otherwise you may
not receive email notification due to port conflict.
● The server certificate has been imported to the SMTP server. If the encryption
mode is SSL/TLS or STARTTLS, the email client CA certificate should have
been imported to the storage system. For details, see 8.3 How Do I Obtain
and Import the Email Certificates?.
Precautions
● To ensure that email notifications can be sent properly, the sender email
address must match the SMTP server address and can send emails to the
recipient email address.
For example, if a Gmail SMTP server is used, the sender email address must
be a Gmail address.
● When two SMTP servers are configured, the sender email address must match
the two SMTP server addresses and can send emails to the recipient email
address.
For example, if the sender email address is a Gmail address, the two SMTP
server addresses must be SMTP server addresses provided by the Gmail
supplier.
Procedure
Step 1 Choose Settings > Alarm Settings > Alarm Notification.
NOTE
SMTP server configurations take effect for both eService and alarm email notification.
SMTP Port SMTP port number. The value ranges from 1 to 65535, and
the default value is 25.
NOTE
The SMTP port number configured on the storage system must be
the same as that configured on the SMTP server.
Parameter Description
Parameter Description
Email Title Prefix Sender-defined email title field. If there are too many
emails, users can search for desired emails using this field.
NOTE
● The length ranges from 0 to 511 bytes and cannot contain
single quotation marks (').
● In addition to user-defined fields, you can also select Device
name, Alarm ID, Alarm severity, or Alarm description. After
an option is selected, the selected information is displayed in
the title of the alarm email notification.
Prerequisites
● The connectivity between each Simple Mail Transfer Protocol (SMTP) server
and each controller is normal.
● SMTP servers are available. Otherwise, the specified email addresses will not
be able to receive any alarm or event messages.
● The alarm and event email notification function supports PLAIN and LOGIN
authentication mechanisms. Otherwise, the email notification function for
alarms and events is unavailable.
● You have logged in to DeviceManager as an administrator or a super
administrator.
● A storage system sends only the alarms and events generated after the email
notification function is configured to the SMTP server.
● Before configuring a domain name for a server, ensure that the DNS server
can communicate normally with the storage system or the server.
● You are advised to deploy only one SMTP server on a host; otherwise you may
not receive email notification due to port conflict.
● The server certificate has been imported to the SMTP server. If the encryption
mode is SSL/TLS or STARTTLS, the email client CA certificate should have
been imported to the storage system. For details, see 8.3 How Do I Obtain
and Import the Email Certificates?.
Precautions
● To ensure that email notifications can be sent properly, the sender email
address must match the SMTP server address and can send emails to the
recipient email address.
For example, if a Gmail SMTP server is used, the sender email address must
be a Gmail address.
● When two SMTP servers are configured, the sender email address must match
the two SMTP server addresses and can send emails to the recipient email
address.
For example, if the sender email address is a Gmail address, the two SMTP
server addresses must be SMTP server addresses provided by the Gmail
supplier.
The SMTP server configuration takes effect for eService, report email notification, and
alarm email notification at the same time.
SMTP Port SMTP port number. The value ranges from 1 to 65535, and
the default value is 25.
NOTE
The SMTP port number configured on a storage system must be
consistent with that configured on the SMTP server.
Parameter Description
Max. Size of Email Maximum size of an email attachment. The value ranges
Attachment from 1 MB to 100 MB.
----End
If Email Service is disabled, click Configure Email Service to complete the SMTP server
configuration. For details, see Setting Email Service.
Email title prefix is a sender-defined email title field. If there are too many emails,
users can search for desired emails using this field.
NOTE
● The value contains 0 to 511 characters and cannot contain single quotation marks (').
● In addition to sender-defined fields, you can select Device name, Alarm ID, Alarm
severity, or Alarm description. After you select this option, the selected information is
displayed in the title of the alarm email notification.
a. Click Add.
b. Specify Recipient Email Address.
c. In Alarm Severity, select the desired alarm severity.
d. Select whether to enable Event Notification.
e. Click .
● Modify a recipient email address.
Step 5 (Optional) Click Test to verify the connectivity between the storage system and
the SMTP server.
----End
Prerequisites
You need to connect the storage device with a GSM modem. Make sure you have
installed a GSM modem.
Context
To demonstrate how to configure a GSM modem, the COM1 serial port (baud rate
= 115200 bit/s) on the host and the DB9 serial port on the GSM modem (default
baud rate = 9600 bit/s) are used as an example.
NOTICE
Procedure
Step 1 Insert a SIM card into the GSM modem.
Step 2 Connect GSM modem to the maintenance terminal serial port through a DB9
serial cable.
Step 3 Insert the power cable of the GSM modem into the power supply outlet, and then
power on the GSM modem.
If the red indicator blinks, the GSM modem is successfully installed.
Step 4 Run the PuTTY software on the maintenance terminal. In the Category navigation
tree, choose Connection > Serial. The Options controlling local serial lines page
for configuring the GSM modem is displayed, as shown in Figure 4-1.
Step 8 Reset the baud rate of the GSM modem until running the at command responds
with OK.
NOTE
● If the baud rate of the GSM modem is not known, reconfigure it to ensure that the baud
rate of the GSM modem and that of the serial port are consistent. In this condition,
PuTTY can be used to configure the GSM modem.
● The baud rate can be configured using the at+ipr=115200 command.
at
OK
at+ipr=115200
OK
ats0=1
OK
at&w
OK
Step 11 Upon successful configuration, connect the GSM modem to the serial port of the
storage system for use.
NOTE
For details about configuring the GSM modem, see the manual supplied with the GSM
modem.
----End
Prerequisites
● You have logged in to DeviceManager as an administrator or a super
administrator.
● An SMS modem has been installed for the system or maintenance terminal.
The COM port of the SMS modem has been configured to send short
messages.
● A storage system sends only the alarms and events generated after the SMS
notification function is configured to the SMS modem.
Procedure
Step 1 Choose Settings > Alarm Settings > Alarm Notification.
Step 2 Enable SMS Notification.
NOTE
----End
Start
Is the TCP+SSL/TLS No
protocal used?
Yes
No Is certificate verification
configured?
Yes
Export the certificate and
CA certificate on the Syslog
server.
End
Prerequisites
The signed CA certificate already exists.
Procedure
Step 1 Choose Settings > Certificates > Certificate Management.
NOTE
----End
Prerequisites
● You have logged in to DeviceManager as an administrator or a super
administrator.
● Before configuring a domain name for a server, ensure that the DNS server
can communicate normally with the storage system or the server.
● A storage system sends only the alarms generated after Syslog notification
has been configured to the Syslog server.
● You are advised to configure only one Syslog server on a host to prevent
failure in receiving syslog notifications caused by port conflict.
Context
In 6.1.3 and later versions, Syslog content can be displayed in the default format
or CEF format.
NOTE
● You can check the log display format in the Format Type field in the output of the
show notification syslog command.
● You can run the change notification syslog format_type=? command to change the
log display format. In the command, the value of format_type can be default or cef.
● In versions earlier than 6.1.3, Syslog content can be displayed only in the default format.
Procedure
Step 1 Choose Settings > Alarm Settings > Alarm Notification.
Step 2 Enable Syslog Notification.
NOTE
Step 3 Set Syslog notification parameters. Table 4-4 describes the parameters.
Alarm Severity The lowest severity of a Syslog alarm that can be sent.
Possible options are Info, Warning, Major, and Critical.
Parameter Description
Send Device Name Indicates whether the device name needs to be sent to
the Syslog server.
NOTE
If Send Device Name is enabled, the system sends the device
----End
Follow-up Procedure
After Syslog notification has been configured, alarms will be sent to a specified
application server or maintenance terminal.
● A Syslog alarm displayed in the default format is as follows:
Info Receive Time | IP Address | Facility | Severity | Info
2021/10/26 15:39:29 | 192.168.2.6 | Local7 | Info | alarm: <189>2021-10-26 15:39:29 x.x.x.x
Huawei.Storage 6384 0x200F00CA0005 Informational(0): admin:x.x.x.x succeeded in switching from
the user view to developer view.
NOTE
Info Receive Time, IP Address, Facility, and Severity are defined by the Syslog server.
The parsing result may vary with tools.
● A Syslog alarm displayed in the CEF format is as follows:
NOTE
The CEF log display format is supported in 6.1.3 and later versions.
Info Receive Time | IP Address | Facility | Severity | Info
2021/11/9 19:44:07 | 192.168.2.6 | Local7 | Info | CEF:0|huawei|OceanStor Dorado 5300 V6|
6.1.3RC2|0x200F00310069|Succeeded In Testing The Connectivity Of The Syslog Server|2|
dst=192.168.2.6 src=192.168.10.9 duser=admin msg=admin:192.168.10.9 succeeded in testing the
connectivity of the syslog server (receiving address 192.168.15.7, server port 514, channel UDP).
cs1Label=AlarmCsn cs1=2562 cs2Label=AlarmType cs2=OperationLog cs3Label=AlarmLevel
cs3=Informational
NOTE
Info Receive Time, IP Address, Facility, and Severity are defined by the Syslog server.
The parsing result may vary with tools.
After configuring SNMP, you can query and configure storage system information
and receive alarms from the storage system. There are SNMPv1, SNMPv2c, and
SNMPv3 protocols. This section describes how to configure them.
A third-party network management tool must meet the following configuration
requirements:
● If SNMPv1 or SNMPv2c is used, the community strings used by the tool must
be the same as those configured on the storage system.
● If SNMPv3 is used, the SNMPv3 user name, authentication protocol, and
encryption protocol used by the tool must be the same as those configured
on the storage system.
Context
● SNMP supports SNMPv1, SNMPv2c, and SNMPv3.
● When SNMPv1 or SNMPv2c is used, you need to configure SNMP
communities on the storage system for interconnection with a third-party
network management system. For details, see Step 3.
● When SNMPv3 is used, you need to configure a USM user on the storage
system for logging in to the upper-level external network management
system (such as the SNMP network management system). For details, see
Step 4.
Procedure
Step 1 Choose Settings > SNMP Management > SNMP Protocol.
Step 2 Click Modify in the upper right corner of the SNMP Protocol Settings area.
Step 3 Configure SNMP.
Set the basic information of SNMP. Table 4-5 describes the parameters.
Context Name When the SNMP protocol is used for connection, the
entered context name must be the same as this
name.
The value is fixed to Array and cannot be changed.
Parameter Description
▪ Read-only
Parameter Description
Parameter Description
Data Encryption Data encryption password of the USM user. You can
Password set the password rules in Settings > SNMP
Management > SNMP Security Policy.
[Default rules]
c. Click OK.
● Delete a USM user.
a. Select the desired user and click Delete User.
b. Confirm your operation as prompted.
● Modify USM user information.
a. Select the desired user and click Modify.
b. The Modify USM User page is displayed on the right. For details about
the parameters, see Table 4-6.
----End
Procedure
Step 1 Choose Settings > SNMP Management > SNMP Security Policy.
Step 2 Click Modify in the upper right corner of the page.
Step 3 Set the parameters listed in Table 4-7.
Min. Password Length Minimum length of the community and USM user
password.
[Value range]
The value must be an integer from 8 to 32.
Max. Password Length Maximum length of the community and USM user
password.
[Value range]
The value must be an integer from 8 to 32.
Allow the USM user name When this parameter is selected, the password of a
and password to be the USM user can be the same as the USM user name
same or the reverse of the USM user name.
Set different read and When this parameter is selected, the read and
write community strings write communities must be different.
Parameter Description
IP Address Lockout Time Lockout time for the IP address of the network
management software.
[Value range]
The value must be an integer from 10 to 3600. The
unit is second.
----End
Prerequisites
● The SNMP service has been enabled on the storage system.
● The SNMP service has been enabled on the application server.
● If SNMPv3 is used, a USM user should have been created. For details, see
4.5.2 Configuring the SNMP Protocol.
● The storage system sends only the alarms and events generated after the trap
server address has been configured.
● Before configuring a domain name for a server, ensure that the DNS server
can communicate normally with the storage system or the server.
Context
Trap is a type of Simple Network Management Protocol (SNMP) message that
indicates the occurrence of an event. These types of messages are sent using User
Datagram Protocol (UDP) and are not reliable.
DeviceManager provides the trap function to send the alarm and event messages
of managed storage devices to another network management system or to a
device at a specific server address. If alarm and event messages are reported using
SNMP, you must configure a trap server address.
NOTE
● To enable the trap function, install the associated software on application servers. For
example, you must install MIB interface software on the application servers that run
Windows 2003. To download the software, click this (Link), and see MIB Interface Files
of the corresponding product model to download software.
● After the IP address of the trap server is set, the storage system reports the generated
alarms. You can modify the notification of specific events. For details, see "Managing
Alarms and Events" in the Administrator Guide.
Procedure
Step 1 Choose Settings > Alarm Settings > Alarm Notification.
Step 2 View trap server information. Table 4-8 describes the parameters.
Parameter Description
Version SNMP version used by the Trap server. Possible options are
SNMPv1, SNMPv2c, and SNMPv3.
NOTE
● SNMPv1 and SNMPv2c use communities for authentication.
● SNMPv3 supports the authentication and encryption of data. USM
users need to be configured to implement data authentication
and encryption.
● For security concerns, SNMPv3 is recommended.
Type Type of alarms sent by the storage device to the Trap server.
Possible options are:
● Parsed: The storage device sends parsed alarms to the
Trap server.
● Original: The storage device sends original alarms that are
not parsed to the Trap server.
● Parsed time string: The storage device sends parsed
alarms to the Trap server. All alarm IDs correspond to the
same OID. The data type of event fields generated by
alarms is OCTET STRING.
● Original time string: The storage device sends original
alarms that are not parsed to the Trap server. The data
type of alarm occurrence time (character string) and
alarm clearing time (character string) is OCTET STRING.
● All: The storage device sends all types of alarms to the
Trap server including Parsed, Original, Parsed time
string, and Original time string.
Follow-up Procedure
A storage system can send multiple types of alarms and events to the trap server,
and each alarm or event has its own push format. For details, click this (Link), and
see MIB Interface Files of the corresponding product model to download software.
Prerequisites
● If events and cleared alarms are stored on an FTP server, communication
between the FTP server and the storage system is normal. To enhance
communication reliability, you are advised to configure the FTP server and
storage system on the same LAN and their IP addresses on the same network
segment.
● If events and cleared alarms are stored on an SFTP server, communication
between the SFTP server and the storage system is normal. To enhance
communication reliability, you are advised to configure the SFTP server and
storage system on the same LAN and their IP addresses on the same network
segment.
● If events and cleared alarms are stored on an FTP server and a firewall is
configured on the network, port 21 is enabled.
● If events and cleared alarms are stored on an SFTP server and a firewall is
configured on the network, port 22 is enabled.
● Before configuring a domain name for the server, ensure that the DNS server
can communicate normally with the storage system or third-party server.
Context
● The storage system is not configured with the alarm dump and operation log
storage policies.
– When the number of generated alarms, operation logs, or run logs
reaches 45,000, alarm The Space That Stores Event Logs Is To Be Used
Up will be triggered.
– When the number of generated alarms, operation logs, or running logs
reaches the upper limit (50,000), the first 10,000 alarms, operation logs,
or running logs are deleted automatically. When the number of
generated login/logout logs reaches the upper limit (20,000), the first
10,000 login/logout logs are deleted automatically.
● The storage system is configured with alarm dump and but not configured
with operation log storage policies.
– When the number of generated alarms, operation logs, or run logs
reaches 45,000, alarm The Space That Stores Event Logs Is To Be Used
Up will not be triggered. When the number of generated alarms,
operation logs, or run logs reaches the upper limit (50,000), the first
10,000 alarms, operation logs, or run logs are dumped automatically to
the specified FTP server or SFTP server.
– When the number of generated login/logout logs reaches the upper limit
(20,000), the first 10,000 login/logout logs are automatically dumped to
the specified FTP server or SFTP server.
● The storage system is not configured with alarm dump and but configured
with operation log storage policies.
– When the number of generated alarms, operation logs, or run logs
reaches 45,000, alarm The Space That Stores Event Logs Is To Be Used
Up will be triggered.
– When the number of generated alarms or run logs reaches the upper
limit (50,000), the first 10,000 alarms or run logs are deleted
automatically. When the number of generated login/logout logs reaches
the upper limit (20,000), the first 10,000 login/logout logs are deleted
automatically. When the number of generated operation logs reaches the
upper limit (50,000) or their retention period reaches the preset
threshold, the first 10,000 operation logs or the operation logs whose
retention period reaches the preset threshold are deleted automatically.
● The storage system is configured with alarm dump and operation log storage
policies.
– When the number of generated alarms or run logs reaches 45,000, alarm
The Space That Stores Event Logs Is To Be Used Up will not be
triggered. When the number of generated alarms or run logs reaches the
upper limit (50,000), the first 10,000 alarms or run logs are dumped
automatically to the specified FTP server or SFTP server.
– When the number of generated operation logs reaches 45,000, alarm The
Space That Stores Event Logs Is To Be Used Up will not be triggered.
When the number of generated operation logs reaches the upper limit
(50,000) or their retention period reaches the preset threshold, the first
10,000 operation logs or the operation logs whose retention period
reaches the preset threshold are dumped automatically to the specified
FTP server or SFTP server.
– When the number of generated login/logout logs reaches the upper limit
(20,000), the first 10,000 login/logout logs are automatically dumped to
the specified FTP server or SFTP server.
NOTE
● The generated alarms refer to the events generated and the alarms cleared by the
storage system.
● To ensure that the information recorded by the storage system is complete, you are
advised to configure alarm dump and operation log storage policies.
Procedure
Step 1 Choose Settings > Alarm Settings > Alarm Dump.
Step 2 Configure alarm dump.
1. Enable the alarm dump function.
NOTE
Parameter Description
File Save Path Path for storing the dumped storage system
information. A save path has been set on the SFTP or
FTP software. You must create a folder in the save path
and enter the folder name in File Save Path on
DeviceManager.
[Value range]
– The value can contain 1 to 255 characters.
– The value cannot contain the following special
characters: !':;|`$<>&-()#?"\*. The first character
cannot be a period (.). The first and last characters
cannot be spaces. The first character after a slash (/)
in the path cannot be a period (.).
If operation log storage policies are enabled, click Modify in the upper right corner.
2. Set the retention days of operation logs.
NOTE
Procedure
Step 1 Log in to DeviceManager.
Step 2 Choose Settings > Alarm Settings > Alarm Masking.
Step 3 View all alarms in the system. Table 4-10 describes the parameters.
Parameter Description
Alarm ID ID of an alarm.
NOTE
● Select one or more alarms and click Enable. The system will not report the selected
alarms.
● Select one or more alarms and click Disable. The system will not mask the selected
alarms.
----End
Procedure
Step 1 Choose Settings > Alarm Settings > Event Notification.
Parameter Description
Parameter Description
NOTE
----End
You can enable this function if you have purchased the effective capacity license
and want to predict the trend of the effective capacity usage.
Procedure
Step 1 Choose Settings > Monitoring Settings.
Step 2 On the Retention Settings page, select Retain historical monitoring data and
set the Retention Period and Data Storage Location.
NOTE
● The Data Storage Location can be an existing storage pool in the storage system.
● The historical performance data occupies at most 200 GB space of the storage pool.
Step 3 After Retain historical performance data has been enabled for seven days, you
can query the effective capacity trend on the DeviceManager home page or by
choosing Insight > Forecast on DeviceManager.
NOTE
● One half of the capacity usage trend chart shows the historical capacity usage (green
solid line) and the other half shows the predicted capacity usage trend (green dotted
line).
● When the predicted capacity usage trend (green dotted line) reaches 80% and 100%,
you can query the predicted time when the effective capacity usage will reach 80% and
100%.
● You can choose Insight > Forecast > Storage Pool to query the capacity usage trend of
each single storage pool.
----End
After completing initial configuration, you may need to continue with other
configurations based on your service requirement.
Modifying the alarm or event See "Managing Alarms and Events" in the
notification mode Administrator Guide.
Configuring the eService See "Enabling and Managing the eService" in
the Administrator Guide.
Installing host software See the software user guide for specific
installation and configuration.
For example:
● Third-party multipathing software
See Host Connectivity Guide.
During site deployment, you can use SmartKit on your maintenance terminal to
inspect the software and hardware status, value-added services, and alarms of the
storage system.
Prerequisites
● SmartKit of a correct version has been installed on the maintenance terminal.
You can check the version information in the version mapping table. To obtain
the version mapping table, log in to https://support.huawei.com/
enterprise/, enter your storage model in the search box, and select the
associated path to the product documentation page. Then find and download
the version mapping table.
● You have obtained the IP address of the management network port and the
login username and password.
Procedure
Step 1 Log in to SmartKit. On the Storage tab, select Site Deployment Quality
Inspection in Site Deployment Delivery.
NOTE
The screenshot is for reference only and the actual GUI may vary.
Step 5 On the Inspection Wizard Step 2-1: Select Check Items page, select the device
and check items as required.
NOTE
The information displayed on the interface is only for reference and is subject to the actual
situation.
Step 6 On the Inspection Wizard Step 2-2: Start Inspection page, check the task status
and inspection result.
NOTE
● After the inspection is complete, the inspection results are automatically saved and an
inspection report is generated. You can:
– Click Open the result directory to view the inspection result data.
– Click View the report to view the inspection report.
● If any check item has failed, rectify the fault according to the handling suggestions.
----End
8 FAQs
Prerequisites
The web service has been enabled for the Windows AD domain server.
Procedure
Step 1 Access http://localhost/certsrv/ on the Internet Explorer.
Step 2 Click Download a CA certificate, certificate chain, or CRL.
Step 3 Select the CA certificate you want to export, set the encoding mode to DER, and
click Download CA certificate.
The exported CA certificate uses the default format of Windows. You must convert
it to the pem format before importing it to the storage system.
NOTE
To convert the format, copy the CA certificate to a Linux server and run the openssl x509 -
in ./XXX.cer -inform DER -out YYY.pem -outform PEM command in the directory where
the CA certificate is saved.
In the preceding command, XXX represents the name of the CA certificate before
conversion, and YYY represents the name after conversion.
1. Log in to DeviceManager.
2. Choose Settings > Certificates > Certificate Management.
NOTE
----End
Prerequisites
● Before building a remote maintenance environment, ensure that PSTN phones
and external modems are configured in equipment rooms.
● Each controller is configured with one serial port connected to one modem.
Select the external modem based on your requirements.
Context
You can log in to the CLI through a storage system serial port to perform remote
management and maintenance. This document uses 56K modems that remotely
access the storage system in PSTN dialup mode (on Windows) as an example to
describe configuring modems for remote maintenance.
NOTE
The PSTN ensures enhanced data security as its data is not transmitted over the Internet.
Meanwhile, you are advised to power off the modem to further ensure security when you
do not need to perform remote maintenance.
To implement remote maintenance, one remote modem and one local modem are
required.
Figure 8-1 shows the network topology.
● Remote modem
The remote modem is connected to the serial port of the storage system as
an answer end.
● Local modem
The local modem is connected to the serial port of the maintenance terminal
as a call end.
Procedure
Step 1 Configure a remote modem.
NOTE
To configure the remote modem, connect the remote modem to a maintenance terminal
temporarily.
Configure a remote modem as the answer end. The configuration steps are as
follows:
1. Connect the remote modem to the power supply, connect the serial port of
the remote modem to that of the maintenance terminal using a serial cable,
and connect the LINE port of the remote modem to the PSTN with a
telephone cable.
2. Run the PuTTY software.
The PuTTY Configuration dialog box is displayed, as shown in Figure 8-2.
Configure a local modem as the call end. The configuration steps are as follows:
1. Connect the modem to the nearest power supply. Connect the local modem
serial port to the maintenance terminal serial port with a serial cable. Connect
the local modem LINE port to the PSTN with a telephone cable.
2. Run the PuTTY software, and repeat Step 1.2 to Step 1.4 in Step 1.
3. Type at and press Enter. The screen displays:
OK!
4. Set initial parameters for the local modem.
Type at&f&w and press Enter. The screen displays:
OK!
NOTICE
Before setting up the connection, ensure that the remote modem is disconnected
from the storage device. Otherwise, the storage system serial port will stop
responding because a large amount of data is sent from the remote modem
during modem dialup. When both the remote modem and the local modem have
dialed up to the network, connect the remote modem to the storage device with a
serial cable.
1. Run the PuTTY software on the maintenance terminal, and repeat Step 1.2 to
Step 1.4 in Step 1.
2. Type at and press Enter. The screen displays:
OK!
3. Type atdt XXX-YYYYYYYYY and press Enter for dialup.
When both the remote modem and the local modem have been dialed up to
the network, the baud rate is CONNECT. (For modems of different
manufacturers, the screen displays vary.)
NOTE
– For security purposes, the password is not visible when it is being entered during
login. When you initialize or change the password, it will be displayed in * on the
screen.
– You must set an initial password for the super administrator during the first login.
To avoid password leakage, you are advised to change your login password
periodically by using the change user_password command.
6. The CLI login succeeds.
The storage device can now be remotely managed and maintained.
----End
Procedure
Step 1 Obtain the client CA certificate and server certificate using either of the following
methods:
● Download the client CA certificate from the third-party CA center. After it is
signed, export the server certificate.
● Obtain the CA certificates using the certificate management software. The
following uses OpenSSL as an example. For details on how to use OpenSSL,
refer to its documentation.
a. Run the openssl command to generate the self-signed client CA
certificate.
b. Run the openssl command to generate the server certificate using the
client CA.
NOTE
The information displayed on the interface is only for reference and is subject to the
actual situation.
7. Click Save.
----End
Procedure
Step 1 Obtain the client CA certificate and server certificate using either of the following
methods:
● Download the client CA certificate from the third-party CA center. After it is
signed, export the server certificate.
● Obtain the CA certificates using the certificate management software. The
following uses OpenSSL as an example. For details on how to use OpenSSL,
refer to its documentation.
a. Run the openssl command to generate the self-signed client CA
certificate.
b. Run the openssl command to generate the server certificate using the
client CA.
NOTE
NOTE
The information displayed on the interface is only for reference and is subject to the
actual situation.
7. Click Save.
----End
Figure 8-3 Certificate authentication process for website access using HTTPS
1. First, the CA provides its own CA root certificate to the browser developer, and
the browser developer adds the CA root certificate to the trusted list of the
browser. After users download and install the browser, the browser will trust
the certificates signed by this CA by default.
2. If a website is accessed using HTTPS, the website must send an authentication
request to the CA. The CA approves and signs the certificate of the website.
3. When a user accesses the website on the browser, the browser requests the
server to provide the signed certificate of the website. Then the browser
checks whether the website's root certificate is in its trusted list, and verifies
whether the signature is correct. If the verification is successful, the browser
sets up an HTTPS connection with the server.
If the website certificate is not signed by the CA, the browser prompts a privacy
warning when the user accesses the website, stating that the security certificate of
the website is not trusted and asking the user whether to continue accessing the
website.
You can use either of the following methods to remove the privacy warning when
you log in to DeviceManager:
NOTE
d. For a certificate signed by the CA, you only need to import the certificate
file in .crt format in Certificate File and import the private key file
in .key format in Private Key File.
e. Click OK.
f. Log in to the storage system again. No privacy warning is prompted.
[ req_distinguished_name ]
countryName = Country Name (2 letter code)
countryName_default = CN
stateOrProvinceName = State or Province Name (full name)
stateOrProvinceName_default = SC
[ req_ext ]
subjectAltName = @alt_names
[alt_names]
IP.1 = xx.xx.xx.xx
IP.2 = yy.yy.yy.yy
DNS.1 = aaa.bbb
DNS.2 = ccc.ddd
[ x509_ext ]
subjectKeyIdentifier = hash
authorityKeyIdentifier = keyid,issuer
[ v3_ca ]
subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid:always,issuer
basicConstraints = CA:true
▪ device_manager.crt
▪ device_manager_ca.crt
▪ device_manager_plain.key
b. Import the generated self-signed certificates to the storage system.
i. Log in to DeviceManager.
ii. Choose Settings > Certificates > Certificate Management.
NOTE
NOTICE
● The connections between the Simple Mail Transfer Protocol (SMTP) server and
all primary and secondary controllers must be working properly.
● The SMTP server must have been configured and is running properly.
Otherwise, specified email addresses cannot receive any authentication
messages.
● Before configuring a domain name for a server, ensure that the DNS server can
communicate normally with the storage system or the server.
Step 2 Choose Settings > User and Security > Multi-Factor Authentication.
SMTP Port Port number of the SMTP server. The default value is
25.
CA Certificate
Email OTP certificate. Click , select a CA certificate
file, and click OK.
NOTE
You can click Re-upload to upload a new CA certificate file.
Parameter Description
3. Click Save.
NOTE
You can click Test to test the connectivity between the storage system and SMTP
server.
----End
Step 4 Select Login password + email one-time password, specify the Recipient Email
Address to which a one-time password will be sent upon a login attempt.
NOTE
● To use Login password + email one-time password, you must first enable multi-factor
authentication.
● After you select Login password + email one-time password, you need only password
authentication if your login method is RESTful or SFTP.
----End
– LDAP user: You will log in to the storage system in LDAP domain
authentication mode.
You can log in to the storage system in LDAP domain authentication
mode only after an LDAP server is properly configured.
2. Choose a language in the upper right corner. DeviceManager supports English
and simplified Chinese.
Step 4 Enter the username and password of the administrator account that uses multi-
factor authentication.
Step 6 Log in to your email box and find the one-time password.
NOTE
If you have not received the email after a long time, try to manually refresh your inbox.
Step 7 Return to the DeviceManager login page and input the one-time password found
in your email box. Then click Log In.
The password is changed successfully. The system prompts you to log in again.
Step 10 Input your username and new password, and click Log In.
The system sends another one-time password to your email box again.
Step 11 Log in to your email box and find the one-time password.
NOTE
If you have not received the email after a long time, try to manually refresh your inbox.
Step 12 Return to the DeviceManager login page and input the one-time password found
in your email box. Then click Log In.
You have successfully logged in to DeviceManager.
----End
● This section uses PuTTY as an example. You can download PuTTY from the chiark
website.
● You are advised to use the latest version of PuTTY. Otherwise, you may fail to log in to
the storage system.
Step 2 Select Session. Type the IP address of the management network port in the Host
Name (or IP address) text box in the Specify the destination you want to
connect to area. The IP address 192.168.6.96 is used as an example. Set
Connection type to SSH.
Step 3 Click Open. The CLI prompts you to input the login information.
login as:
Step 4 Enter the username (using testuser1 as an example) and password of the
administrator account that uses multi-factor authentication.
The system sends the one-time password to your email box.
login as: testuser1
Pre-authentication banner message from server:
|
| Authorized users only. All activities may be monitored and reported.
End of banner message from server
testuser1@X.XX.XX.XXX's password:
Step 5 Log in to your email box and find the one-time password.
NOTE
If you have not received the email after a long time, try to manually refresh your inbox.
Step 6 Input the one-time password. Upon the first login, change the initial password as
prompted for better system security.
email otp:******
For security purposes, please change the initial password and log in to the syst em using the new
password.
Old password:*********
New password:***********
Reenter password:***********
Step 8 Log in to your email box and find the one-time password.
NOTE
If you have not received the email after a long time, try to manually refresh your inbox.
NOTE
Product Model and Product Version vary with the actual device you have logged in to.
----End
● This section uses PuTTY as an example. You can download PuTTY from the chiark
website.
● You are advised to use the latest version of PuTTY. Otherwise, you may fail to log
in to the storage system.
Precautions
After initializing the password of the root administrator (_super_admin), ensure
that you will remember the password. If you forget the password, you cannot
perform operations that require the corresponding permissions. For example, if the
password of the root administrator (_super_admin) is lost, you cannot reset the
password of the super administrator admin. If you want to retrieve the password
of the root administrator (_super_admin), you must return the storage device to
the factory.
Procedure
Step 1 Run the PuTTY software.
The PuTTY Configuration dialog box is displayed, as shown in Figure 8-5.
Step 2 Set Connection type to Serial. In the Serial line text box, enter the name of the
serial port that connects the maintenance terminal to the storage system, for
example, COM1. In Speed, enter 115200.
You can query the serial port that connects the maintenance terminal to the
storage system as follows (Windows 7 is used as an example):
1. Right-click the Computer icon on the desktop of the maintenance terminal
and choose Manage from the shortcut menu.
2. In the navigation tree of the Computer Manager dialog box, choose System
Tools > Device Manager.
3. Click Ports. The serial port that connects the maintenance terminal to the
storage system, for example, COM1, is displayed.
There may be multiple serial port names, such as COM1, COM2, and COM3,
on the maintenance terminal. Try these ports until you can successfully log in
to the storage system.
Step 3 Log in to the storage system using the serial port.
1. Click Open.
If the connectivity between the maintenance terminal and the controller is
normal, information similar to Figure 8-6 is displayed.
Figure 8-6 Successful connection between the controller and the maintenance
terminal
NOTE
● For 6.1.0, see the OceanStor Dorado Account List for details about user names and
passwords.
● For 6.1.2 and later versions, the root administrator does not have a default password.
During the first login, press Enter directly when the system prompts you to input the
password. Then follow the instructions to set a password. To avoid password leakage,
periodically change your login password. For details about how to change the password,
see the Administrator Guide.
● For security purposes, the password is not visible when it is being entered during login.
When you initialize or change the password, it will be displayed in * on the screen.
● After initializing the password of the root administrator (_super_admin), ensure that
you will remember the password.
Authorized users only. All activities may be monitored and reported.
Storage login: _super_admin
password:
In Passwd_init mode.
*****Please enter new password for _super_admin:*****
----End
After logging in to the CLI of a storage system, you can query, set, manage, and
maintain the storage system. On any maintenance terminal connected to a
storage system, you can log in to the CLI by using PuTTY to access the IP address
of the management network port on the controller of a storage system. The
authentication modes for the SSH protocol are Password and Public key. This
section describes how to use the authentication modes to log in to the CLI.
NOTE
● Before using SSH to connect to the storage system, use tools that support encryption
algorithms to ensure communication security. For details about encryption algorithms
supported by the storage system, see "Encryption Algorithm Suite" in the Security
Configuration Guide of the specific version.
Context
● For details about CLI commands, see the Command Reference of the
corresponding product model and version.
● The operation procedure varies depending on the operating system. This
section uses the Windows and Linux operating systems as an example.
● GUIs may vary with software versions. The actual GUIs prevail.
● If login authentication is Login password + email one-time password, email
authentication is required. For details, see 8.6 How Do I Log In to the
Storage System Through Multi-Factor Authentication?.
● This section uses PuTTY as an example. You can download PuTTY from the chiark
website.
● You are advised to use the latest version of PuTTY. Otherwise, you may fail to log in to
the storage system.
4. Enter the user name and password as prompted. The super administrator
(admin by default) does not have a default password for 6.1.2 and later
versions. During the first login, press Enter directly when the system prompts
you to input the password. Then follow the instructions to set a password.
Authorized users only. All activities may be monitored and reported.
Storage login: admin
password:
In Passwd_init mode.
*****Please enter new password for admin:*****
NOTE
● To reduce the risk of password leakage, you are advised to change your login password
periodically by using the change user_password command.
● If you forget the password of an administrator account, the super administrator can run
change user to reset the password. If you forget the password of a super administrator
account, use the root administrator account to log in to the CLI through a serial port
and run initpasswd to reset the password. For details, see "Managing Users" in the
Administrator Guide.
● For a domain authentication user, the method for logging in to the storage system
varies according to the software used for login:
● If PuTTY is used, the user can log in to the storage system by entering domain/
Domain user name and the domain user's password. For example, the login page
for domain user storage37 is as follows:
login as: domain/storage37
● This document uses the Minicom software as an example. You can download Minicom
from its official website.
● This document uses SSH Secure Shell Client to upload the Minicom installation package
to the Linux host. You can download SSH Secure Shell Client from its official website.
● You must enable SSH on the Linux host. The default port ID is 22.
Go to 5 to configure Minicom.
– If Minicom is not installed, no information will be returned. Perform 2 to
4 to install it.
2. Upload the Minicom and rzsz installation packages to the Linux host. This
document uses SSH Secure Shell Client on a Windows host to upload the
packages to the Linux host.
a. Install SSH Secure Shell Client on a Windows host. Double-click the
Secure File Transfer Client shortcut to run the software.
b. Click Quick Connect on the menu bar. Input the Host Name, User
Name, Port, and Authentication of the Linux host and click Connect.
Then enter the password to access the Linux host.
NOTE
d. Select the Minicom and rzsz installation packages on the Windows host,
right-click on them, and select upload to upload the installation
packages to the Linux host.
3. Install the rzsz software.
On the Linux client, run the rpm -ivh Installation package name command.
[root@localhost minicom]# rpm -ivh rzsz-0.12.20-853.2.i586.rpm
Preparing... #############################################[100%]
1:rzsz #############################################[100%]
5. Configure Minicom.
After Minicom has been installed, configure Minicom to connect the Linux
host to the storage system.
a. Log in to the Linux client and run the minicom -s command. The
configuration page is displayed.
c. Enter the user name and password as prompted. The super administrator
(admin by default) does not have a default password for 6.1.2 and later
versions. During the first login, press Enter directly when the system
prompts you to input the password. Then follow the instructions to set a
password.
Authorized users only. All activities may be monitored and reported.
Storage login: admin
password:
In Passwd_init mode.
*****Please enter new password for admin:*****
NOTE
● To reduce the risk of password leakage, you are advised to change your login
password periodically by using the change user_password command.
● If you forget the password of an administrator account, the super
administrator can run change user to reset the password. If you forget the
password of a super administrator account, use the root administrator
account to log in to the CLI through a serial port and run initpasswd to reset
the password. For details, see "Managing Users" in the Administrator Guide.
● For a domain authentication user, the method for logging in to the storage
system varies according to the software used for login:
● If PuTTY is used, the user can log in to the storage system by entering
domain/Domain user name and the domain user's password. For
example, the login page for domain user storage37 is as follows:
login as: domain/storage37
● This section uses PuTTY as an example. You can download PuTTY from the chiark
website.
● You are advised to use the latest version of PuTTY. Otherwise, you may fail to log in to
the storage system.
2. Select Session. Type the IP address of the management network port in the
Host Name (or IP address) text box in the Specify the destination you
want to connect to area. The IP address 192.168.6.96 is used as an example.
Set Connection type to SSH.
3. Click Open, and the interface is displayed, and the following output is
displayed.
login as:
New password:*********
Reenter password:*********
NOTE
● Log in to the storage system as the super administrator (admin by default) for the first
time. Then follow the instructions to set a password. For details about user names and
passwords, see the OceanStor Dorado Account List.
● Product Model and Product Version vary with the actual device you have logged in to.
● To reduce the risk of password leakage, you are advised to change your login password
periodically by using the change user_password command.
● If you forget the password of an administrator account, the super administrator can run
change user to reset the password. If you forget the password of a super administrator
account, use the root administrator account to log in to the CLI through a serial port
and run initpasswd to reset the password. For details, see "Managing Users" in the
Administrator Guide.
● For a domain authentication user, the method for logging in to the storage system
varies according to the software used for login:
● If PuTTY is used, the user can log in to the storage system by entering domain/
Domain user name and the domain user's password. For example, the login page
for domain user storage37 is as follows:
login as: domain/storage37
Prerequisites
● Only a super administrator has the permission to modify users' authentication
mode for logging in to the CLI.
● Public key authentication for logging in to the CLI is configured for local users
only, not for domain users.
Precautions
● After a private key is generated, keep it secure.
● Change the public key periodically. Use the new private-public key pair for
login authentication to improve system security.
Context
GUIs may vary with software versions. The actual GUIs prevail.
Procedure
Step 1 The super administrator generates a private-public key pair for a local user.
1. Run the puttygen.exe file.
Go to the PuTTY Key Generator main window, as shown in Figure A-3.
Figure A-3 Main window of the generator for a private-public key pair
2. Click Key, and set Key to SSH-2 RSA key or SSH-2 DSA key, and set Number
of bits in a generated key to an integer in the range from 2048 to 8192.
NOTE
GUIs may vary with software versions. The actual GUIs prevail.
3. Click Generate and move the cursor over the blank area in the lower part of
the Key area to generate a public key.
The public key will be displayed in the area, as shown in Figure A-5.
For the security of the private key file, you are advised to configure a secure password
to encrypt the private key file.
6. The method to generate the private key file varies with the tool used to log in
to the CLI.
a. If you use PuTTY to log in to the CLI, click Save private key and save the
private key file to the local path, as shown in Figure A-6.
b. If you use the other tools to log in to the CLI, choose Conversions >
Export OpenSSH key and save the private key file to the local path, as
shown in Figure A-7.
Step 2 The super administrator modifies the login authentication mode of local users.
1. Log in to the CLI of a storage system as the super administrator.
2. Run the change user_ssh_auth_info general user_name=testuser1
auth_mode=publickey command to change the user authentication mode to
public key. user_name indicates the user name of the login authentication
mode to be modified.
3. Copy the locally saved public key to Public key on the CLI as instructed, and
press Enter.
After executing the command successfully, users map the private key to the
public key to log in to the CLI.
admin:/>change user_ssh_auth_info general user_name=testuser1 auth_mode=publickey
CAUTION: Only public keys generated using the SSH-2 RSA/DSA encryption algorithm and using keys
whose lengths range from 2048 to 8192 bits are supported.
Public Key:ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAgQvrzP1a5QZjOts
+VVaqu0KaEx7ssZdsZ766laRo0sBJuF7NHcVE2/azu0HZN8gg0f0iYHFeqkiMYPN4DBD3DKcOB
+Hno6TYK2dqhYKzj+M0cs/hwi2dq0yZQNqvZDAT
+6LjRzPhN5xYKFEvOBDY8gEABXzNaWQGDNgH6GQp+fhtu2I486Hz
+3034QmAYBdVjUuajRd4vO71tABgB8ykhgJfFkSffRRS5njQyRrFNQOin
+y5ug5vCOeHngVtzoBqRpRRjaQOiYAL/BvoYiWaJuGjlAOZUTIzLYfyx3GX/
lLZy2MYGsUaq63j2tb8823yEs1TTKHMmQscBz5/kNEEHQ== rsa-key-20191024
Command executed successfully.
admin:/>
Step 3 Local users configure PuTTY and log in to the storage system.
1. Start PuTTY.
Go to the PuTTY Configuration window.
2. Click Session. In the right pane, type the IP address of a storage system's
management network port in the Host Name (or IP address) text box. Set
Port and Connection type to 22 and SSH respectively.
3. Choose Connection > Data. In the Login details text box in the right pane,
type the user name of the login authentication mode to be modified.
4. Choose Connection > SSH > Auth. In the right pane, click Browse. Select and
open the locally saved private key file.
5. Click Open to log in to the CLI.
NOTE
If the password of the private key is encrypted in Step 1.5, type the password when logging
in to the CLI, and then press Enter.
Using username "testuser1".
Pre-authentication banner message from server:
|
| Authorized users only. All activities may be monitored and reported.
End of banner message from server
Authenticating with public key "rsa-key-20191024"
Passphrase for key "rsa-key-20191024":
Last login: Thu Oct 24 15:05:32 XXXX from 192.168.6.96
SN : XXXXXXXXXXXXXXXXXXXX
Location : XXXXXX
Product Model : XXXXXX
Product Version : XXXXXX
Time : XXXX-XX-XX/15:07:22 UTC+08:00
Patch Version :
testuser1:/>
----End
Follow-up Procedure
To modify a user's login authentication mode to Password, run the change
user_ssh_auth_info general user_name=testuser1 auth_mode=password
command and use the original password to log in to the CLI of a storage system.
Prerequisites
● Only a super administrator has the permission to modify users' authentication
mode for logging in to the CLI.
● Public key authentication for logging in to the CLI is configured for local users
only, not for domain users.
Precautions
● After a private key is generated, keep it secure.
● Change the public key periodically. Use the new private-public key pair for
login authentication to improve system security.
Procedure
Step 1 Log in to the SUSE application server.
Step 2 Run the ssh-keygen -t rsa command to generate a private key file and a public
key file.
linux:~ # ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): //Enter the path for saving the key files. Alternatively,
you can directly press Enter to save the files to the default path in the brackets.
/root/.ssh/id_rsa already exists.
Overwrite (y/n)? y //If key files have been generated, this step is displayed. You can enter n to use the
existing key files or enter y to regenerate key files.
Enter passphrase (empty for no passphrase): //Enter the password. You can also press Enter without setting
a password.
Enter same passphrase again: //Enter the password again. You can also press Enter without setting a
password.
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
f5:7f:c5:db:da:0f:37:69:ba:ac:fe:23:ad:98:70:51 [MD5] root@linux
The key's randomart image is:
+--[ RSA 2048]----+
| |
| |
| .E |
| ... . |
| S. . o|
| . . =|
| . . . o=+|
| o o..oo*.|
| o.+==+ +|
+--[MD5]----------+
linux:~ #
Step 3 After the command is successfully executed, go to the save path of the key files
and view the public key information. Copy and save the public key information for
authentication on the storage system.
NOTE
In this example, the public key file is /root/.ssh/id_rsa.pub, and the private key file is /
root/.ssh/id_rsa.
linux:~ # cat /root/.ssh/id_rsa.pub
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC1SmSBfUoo4esGZIot6wldLIjD+T46WJp3l1G3Isppd+YH2qD
+TlluisR7UW9oAWwYkeSrvEBMDVxhmKHSmh2rGmbV8SnKVAj5t5MpFTyPr0eMh2hoUC3BbSuJhmo066K8Vm
NYq3OeIPAuHqj9SFSOCYtnfxzaKM5mSatqDZJWvxIDO0oK6nbFiiFGsQXkIsB3wdNbMN7rZA3pWmWAlPbw1ox
CUm5WeHclt+OUX0soFK4c6OSxr0JD9dYGvZx2kazUO0lIvWE9+el0GVqrmByK2Tq2NTUcp6OmDeGH/
GQTeO2rXpOgiE8/IKnEQog20RucCLJ1zO+lRKw+DHCZj8UX root@linux
linux:~ #
Step 4 The super administrator modifies the login authentication mode of local users.
1. Log in to the CLI of a storage system as the super administrator.
2. Run the change user_ssh_auth_info general user_name=auto_user
auth_mode=publickey command to change the user authentication mode to
public key. user_name indicates the user name of the login authentication
mode to be modified.
3. Copy the locally saved public key to Public key on the CLI as instructed, and
press Enter.
After executing the command successfully, users map the private key to the
public key to log in to the CLI.
admin:/>change user_ssh_auth_info general user_name=auto_user auth_mode=publickey
CAUTION: Only public keys generated using the SSH-2 RSA/DSA encryption algorithm and using keys
whose lengths range from 2048 to 8192 bits are supported.
Public Key:ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC1SmSBfUoo4esGZIot6wldLIjD
+T46WJp3l1G3Isppd+YH2qD
+TlluisR7UW9oAWwYkeSrvEBMDVxhmKHSmh2rGmbV8SnKVAj5t5MpFTyPr0eMh2hoUC3BbSuJhmo066
K8VmNYq3OeIPAuHqj9SFSOCYtnfxzaKM5mSatqDZJWvxIDO0oK6nbFiiFGsQXkIsB3wdNbMN7rZA3pWm
WAlPbw1oxCUm5WeHclt
+OUX0soFK4c6OSxr0JD9dYGvZx2kazUO0lIvWE9+el0GVqrmByK2Tq2NTUcp6OmDeGH/
GQTeO2rXpOgiE8/IKnEQog20RucCLJ1zO+lRKw+DHCZj8UX root@linux
Command executed successfully.
admin:/>
Step 5 Use the auto_user on the server to log in to the storage system.
1. Log in to the SUSE application server.
2. Run ssh auto_user@Management IP address of the storage system to log in
to the storage system.
linux:~ # ssh auto_user@xxx.xxx.xxx.xxx
Authorized users only. All activities may be monitored and reported.
----End
Follow-up Procedure
To modify a user's login authentication mode to Password, run the change
user_ssh_auth_info general user_name=auto_user auth_mode=password
command and use the original password to log in to the CLI of a storage system.
The NTP service allows you to obtain the NTP server certificate and related private
keys while synchronizing the NTP server time to the storage system. It can be
deployed on a Windows or Linux operating system.
NOTE
On DeviceManager, you can synchronize NTP server time to the storage system using either
of the following ways:
● Configure basic information on the initialization wizard. For details, see 2.4.1
Configuring Basic Information.
● Choose Settings > Basic Information > Device Time.
Prerequisites
● You have logged in to the Windows server through the management network
port.
● The NTP server has been set up on the Windows server. You can download
the NTP software from the Meinberg website.
NOTE
● Before installation, run the net stop w32Time command to disable the Windows Time
(w32Time) service.
● In this section, NTP is installed in C:\Tools\ as an example.
Procedure
Step 1 Remotely log in to the Windows server from the maintenance terminal.
1. Choose Start > All Programs > Accessories > Remote Desktop Connection.
The Remote Desktop Connection dialog box is displayed.
2. In Computer, enter the IP address of the management network port on the
Windows server and press Enter.
3. Enter the user name and password, and press Enter.
The main interface of the server is displayed.
Step 2 On the Windows desktop, double-click Computer, select a suitable drive, and
create a directory for saving the certificate and key file.
For example, create an ntp_config directory in drive D.
Step 3 Generate the certificate and key file.
1. Open the Command Prompt.
a. Press Windows+R to open the Run dialog box.
b. Type cmd and press Enter.
The Command Prompt is displayed.
2. Run d: to enter drive D.
3. Run the cd ntp_config command to open the ntp_config directory.
4. Run the ntp-keygen -c RSA-SHA256 -m 2048 -p server_password -T -H -l
3650 command to generate the key file.
server_password is the key encryption password used for generating the
certificate; 3650 indicates the validity period of the certificate and is variable.
The execution result is as follows:
C:\Users\xxx>D:
D:\>cd ntp_config
D:\ntp_config>ntp-keygen -c RSA-SHA256 -m 2048 -p server_password -T -H -l 3650
Unable to initialize .rnd file
Using OpenSSL version OpenSSL 1.0.2k 26 Jan 2017
Using host ctuy5y002941131 group ctuy5y002941131
Generating RSA keys (2048 bits)...
RSA 312
Generating new host file and link
ntpkey_host_ctuy5y002941131->ntpkey_RSAhost_ctuy5y002941131.3707467127
Using host key as sign key
Generating new certificate ctuy5y002941131 RSA-SHA256
X509v3 Basic Constraints: critical,CA:TRUE
X509v3 Key Usage: digitalSignature,keyCertSign
X509v3 Extended Key Usage: trustRoot
Generating new cert file and link
ntpkey_cert_ctuy5y002941131->ntpkey_RSA-SHA256cert_ctuy5y002941131.3707467127
NOTICE
The NTP server on the Windows operating system has a problem. When the
certificate length is set to 2048, the generated certificate fails to be signed,
causing the storage system synchronization time to be slow. In addition, an alarm
indicating that the time server cannot be used is reported. If the certificate length
is set to 1024, such problem will not occur but the certificate security decreases. If
a certificate with higher security level is required, you are advised to use the NTP
server on the Linux operating system and generate related certificates on this
server.
Enter C:\Tools\NTP\etc\, open the ntp.conf file in a text editor, and add the
following information at the beginning and end of the file:
server_password is the key encryption password used for generating the certificate (which
can be specified by the user), Storage is the host name, and D:\ntp_config is the directory
where the certificate and key file are saved.
Step 6 On the Command Prompt, run the net stop ntp and net start ntp commands to
restart the NTP service.
NOTE
If multiple NTP servers need to be configured, you can copy the ntpkey_cert_Storage and
ntpkey_host_Storage files generated in Step 3 to the corresponding directories on other
NTP servers and change the file permission to be the same as on the original server.
Configure the ntp.conf file under this server and restart the NTP service.
6. Click Done and click Close in the Properties dialog box. The ntp_config
folder has been shared.
----End
Prerequisites
● The IP address of an NTP server has been obtained.
● The user name and password for logging in to the NTP server have been
obtained.
● You have prepared a Windows maintenance terminal.
● The maintenance terminal communicates with the storage system properly.
● The communication between the NTP server IP address and the management
IP address of the storage system is normal.
Procedure
Step 1 Obtain the certificate from the NTP server and copy it to the maintenance
terminal.
1. On the maintenance terminal, press Win+R.
The Run dialog box is displayed.
2. Enter \\NTP server IP address and click OK.
The maintenance terminal attempts to remotely access the NTP server.
3. Enter Username and Password of the NTP server and click OK to enter the
shared folder.
4. Enter the ntp_config folder, select the NTP certificate that contains the
ntpkey_cert field, and press Ctrl+C to copy the certificate.
5. Go back to the maintenance terminal desktop and press Ctrl+V to copy the
NTP certificate to the maintenance terminal.
6. Right-click the NTP certificate file and select Rename from the shortcut
menu. Add the .crt extension to the file name and press Enter.
The Import Certificate page is displayed. Select the NTP certificate and click
Open.
4. Click OK.
The Warning dialog box is displayed.
5. Confirm the information in the dialog box and select I have read and
understand the consequences associated with performing this operation.
Then click OK.
The Execution Result dialog box is displayed.
6. Click OK.
The imported certificate is displayed on the certificate list.
Step 4 Configure NTP parameters.
1. Choose Settings > Basic Information > Device Time.
– A maximum of two NTP servers can be added. If the system cannot synchronize
the time from one NTP server, it synchronizes the time from the other one.
– Ensure that the time of the two NTP servers is consistent.
4. (Optional) Click Test.
5. (Optional) Select Enable next to NTP Authentication.
NOTE
– NTP authentication can be enabled only when NTPv4 or later is used. After
authentication, the NTP server automatically synchronizes the time to the storage
device.
– You must import a CA certificate after enabling NTP authentication.
6. (Optional) Check the CA certificate status. If the status is invalid, upload a
new CA certificate.
Step 5 Confirm the NTP configuration.
1. Click Save.
The Warning dialog box is displayed.
2. Confirm the information in the dialog box, and select I have read and
understand the consequences associated with performing this operation.
3. Click OK.
The Execution Result dialog box is displayed, indicating that the operation
succeeded.
----End
Prerequisites
● The NTP server has been enabled.
● The maintenance terminal has been connected to the Linux server through a
management network port.
● GNU Compiler Collection (GCC) has been installed on the server running
Linux.
Context
This section uses PuTTY as an example. You can download PuTTY from the chiark
website.
Procedure
Step 1 Start PuTTY.
The PuTTY Configuration dialog box is displayed, as shown in Figure B-1.
Step 2 Select Session. In Host Name (or IP address) of the Specify the destination you
want to connect to area, enter the IP address of the Linux server's management
network port that connects to the maintenance terminal and set Connection type
to SSH.
Step 3 Click Open. The CLI login page is displayed, as shown in the following:
login as:
Step 4 Enter the user name and password of the Linux server as prompted. The following
figure shows the result of a successful login.
Last login: Mon Apr 10 10:38:06 2017 from XXX.XXX.XXX.XXX
[storage ~]#
Step 5 Create the directory for saving certificate and private key files.
1. Run the cd /etc command to open the etc directory.
2. Run the mkdir ntp_config command to create the ntp_config directory.
The execution result is as follows:
Storage:~ # cd /etc/
Storage:/etc # mkdir ntp_config
NOTE
If a message shows that the parameter -l is not supported, upgrade the NTP on the server
to a version later than 4.2.8.
Step 9 Run the vi /etc/ntp.conf command to modify the NTP configuration file.
keysdir /etc/ntp_config
NOTE
server_password is the private key encryption password used in generating the certificate
(which can be specified by the user), Storage is the host name, and /etc/ntp_config is the
directory where the certificate and private key files are saved.
NOTE
If multiple NTP servers need to be configured, you can copy the ntpkey_cert_Storage and
ntpkey_host_Storage files generated in Step 6 to the corresponding directories on other
NTP servers and change the file permission to be the same as on the original server.
Configure the ntp.conf file under this server and restart the NTP service.
NOTE
In write list=@root root, the root and root are the account and password of the samba
user that were just added. Set the codes as required.
----End
Prerequisites
● The IP address of an NTP server has been obtained.
● You have obtained the samba user name and password for logging in to the
NTP server.
● You have prepared a Windows maintenance terminal.
● The maintenance terminal communicates with the storage system properly.
● The communication between the NTP server IP address and the management
IP address of the storage system is normal.
Procedure
Step 1 Obtain the certificate from the NTP server and copy it to the maintenance
terminal.
1. On the maintenance terminal, press Win+R.
The Run dialog box is displayed.
2. Enter \\NTP server IP address and click OK.
The maintenance terminal attempts to remotely access the NTP server.
3. Enter the samba Username and Password for logging to the NTP server and
click OK to enter the shared directory.
4. Enter the ntp_config folder, select the NTP certificate that contains the
ntpkey_cert field, and press Ctrl+C to copy the certificate.
5. Go back to the maintenance terminal desktop and press Ctrl+V to copy the
NTP certificate to the maintenance terminal.
6. Right-click the NTP certificate file and select Rename from the shortcut
menu. Add the .crt extension to the file name and press Enter.
Step 2 Log in to DeviceManager through the maintenance terminal.
Step 3 Import the NTP certificate.
1. Choose Settings > Certificates > Certificate Management.
NOTE
– A maximum of two NTP servers can be added. If the system cannot synchronize
the time from one NTP server, it synchronizes the time from the other one.
– Ensure that the time of the two NTP servers is consistent.
4. (Optional) Click Test.
5. (Optional) Select Enable next to NTP Authentication.
NOTE
– NTP authentication can be enabled only when NTPv4 or later is used. After
authentication, the NTP server automatically synchronizes the time to the storage
device.
– You must import a CA certificate after enabling NTP authentication.
6. (Optional) Check the CA certificate status. If the status is invalid, upload a
new CA certificate.
Step 5 Confirm the NTP configuration.
1. Click Save.
The Warning dialog box is displayed.
2. Confirm the information in the dialog box, and select I have read and
understand the consequences associated with performing this operation.
3. Click OK.
The Execution Result dialog box is displayed, indicating that the operation
succeeded.
----End
Prerequisites
● The UltraPath and SmartKit versions match the storage system version.
NOTE
You can query the version information in the version mapping table:
1. Log in to https://support.huawei.com/enterprise/, enter your storage model in
the search box, and select the associated path to the product documentation page.
2. Find and download the version mapping table.
3. Query the UltraPath and SmartKit versions in the version mapping table.
● You have used PGP Verify to check the integrity of the UltraPath software
package. (If the check fails, ensure that you have obtained the correct
UltraPath software package.)
● You have obtained the management IP address, and login username and
password of the host and verified that the host hardware and software meet
the software installation requirements. For details, see "Environment
Requirements" in the OceanStor UltraPath for XXX User Guide.
NOTE
To obtain the UltraPath user guide, log in to Huawei's technical support website
(https://support.huawei.com/enterprise/), enter UltraPath in the search box, and
select the associated path to the documentation page. Then find and download the
desired document. To download software, click the Software Download tab and find
the desired software.
Context
The GUI may vary slightly with the tool version.
Procedure
Step 1 Start and log in to SmartKit. Click the Storage tab. In the Site Deployment
Delivery area, select UltraPath Installation.
Step 2 In the UltraPath installation wizard, select Check before UltraPath Installation.
Step 3 In the displayed Installation Preparation dialog box, complete the following
preparations as prompted:
1. Click download the UltraPath software package. On the support website,
download the corresponding UltraPath software package. In addition, download
the signature verification tool and verify the digital signature. If the UltraPath
software package has been obtained, skip this step.
2. Select the operating systems of the hosts on which UltraPath is to be installed.
3. Manually complete a pre-installation check for all hosts and select Confirmed
from the Operation drop-down list box on the right.
4. Click Finish.
After the devices are added successfully, the tool displays the device information.
Click Next.
NOTE
● After hosts are added, they are displayed in the main window. If any host is incorrectly
added, select it and click Remove Host to delete the host.
● After all the selected hosts have executed the installation policy, the system
automatically generates a report. To specify a report directory, click Set Directory.
● To modify an installation policy, click Modify in the Installation Policy column.
Step 8 Confirm the precautions in the displayed dialog box, select I have read the
previous information and understood consequences of the operation, and click
OK.
NOTE
The installation process consists of four steps. You can click each tab to view details about
the corresponding step.
● UltraPath Software Package Import: This step automatically uploads the software
package to a host.
● Pre-Install Check: This step checks that a host allows UltraPath to be installed on it.
● Install: This step installs the main program of the UltraPath software.
● Post-Install Verification: This step checks, activates, and validates the UltraPath
software.
2. If some check items are not passed or need to be optimized, the system will
suspend the installation and Paused will be displayed in the Operation column in
the upper pane. You can click View Details to view the current status. For a
specific check item or operation item, click Details in the Operation column in the
lower pane to view information.
3. The system provides a check method, check criteria, and recovery suggestion. If
a check item fails, you can handle the problem according to the check result.
NOTE
Each check item can be retried, ignored, or terminated according to the policy
requirements. If the current item does not support an operation, the corresponding button
is unavailable.
● Retry: After the fault is rectified, click Retry to check the current item again.
● Ignore: Ignore this item and proceed with subsequent operations if the current check
item or operation item can be ignored.
● Terminate: If you want to terminate the installation process, click this button. This may
cause UltraPath software exceptions on the host. Exercise caution when performing this
operation.
Step 10 After UltraPath has been installed on all the selected hosts, the system
automatically generates an installation report in Excel format. Click View Report
to view detailed information. Click Close to finish the installation.
NOTICE
Step 11 The main window is displayed, and the UltraPath software installation is complete.
----End
Context
The GUI may vary with the version.
Procedure
Step 1 Run and log in to SmartKit. On the Storage tab page, click Compatibility
Evaluation for Site Deployment in the Site Deployment Delivery area.
Step 2 On the page that is displayed, choose Compatibility Information Collection for
Site Deployment.
Step 3 On the Compatibility Information Collection for Site Deployment page that is
displayed, perform the following operations as prompted:
– Add a host.
i. Set Device Type to Host and select an operating system.
ii. Enter basic information, including the IP address and proxy. In the
Add Policy and Select Proxy areas, Specify IP Address (add a
device by the IP address) and No Proxy are selected by default. You
can also specify an IP network segment or add devices in batches.
Click Next.
iii. In the Login Information area, enter the user name, password, and
port number of the device to be added. The default port number is
22.
iv. Click Finish.
The newly added device is displayed in the device list.
2. Select the devices to be evaluated and click Start Grab. The tool
automatically collects the compatibility information about the storage system
and host.
Step 5 On the Storage Compatibility Assessment page that is displayed, view the
compatibility information query result.
----End
Windows For example, on Windows Server 2012, choose File and Storage
Services > Disks in the Server Manager window and choose
Rescan Storage from TASKS.
SUSE 1. Run the rpm -qa | grep sg3_utils command to check whether
the sg3_utils tool has been installed. The tool is usually installed
by default on SUSE.
● If the tool has been installed, go to 2.
● If the tool has not been installed, obtain the rpm package
from the iso image package for your operating system,
upload the rpm package, and run the rpm -ivh command to
install the tool.
2. Run the rescan-scsi-bus.sh command.
Red Hat 1. Run the rpm -qa | grep sg3_utils command to check whether
the sg3_utils tool has been installed.
● If the tool has been installed, go to 2.
● If the tool has not been installed, configure Yum following
the instructions in the Red Hat deployment guide. After
installing the tool, go to 2.
2. Run the rescan-scsi-bus.sh command.
NOTE
The LUN scanning methods are for reference only. For details, see the Host Connectivity
Guide.
G Glossary
A
AC power module The module that transfers the external AC power
supply into the power supply for internal use.
Application server A service processing node (a computer device) on the
network. Application programs of data services run
on the application server.
Asynchronous remote A kind of remote replication. When the data at the
replication primary site is updated, the data does not need to be
updated synchronously at the mirroring site to finish
the update. In this way, performance is not reduced
due to data mirroring.
Air baffle It optimizes the ventilation channels and improves
the heat dissipation capability of the system.
Audit log guarantee A mode for recording audit logs. This mode
mode preferentially ensures that the audit log function is
normal and no audit log is missing.
Audit log non- A mode for recording audit logs. In this mode,
guarantee mode services are running properly. Audit logs may be
missing.
B
Backup A collection of data stored on (usually removable)
non-volatile storage media for purposes of recovery
in case the original copy of data is lost or becomes
inaccessible; also called a backup copy. To be useful
for recovery, a backup must be made by copying the
source data image when it is in a consistent state.
The act of creating a backup.
C
Cache hit ratio The ratio of the number of cache hits to the number
of all I/Os during a read task, usually expressed as a
percentage.
Captive screw Specially designed to lock into place on a parent
board or motherboard, allowing for easy installation
and removal of attached pieces without release of
the screw.
Challenge Handshake A password-based authentication protocol that uses a
Authentication challenge to verify that a user has access rights to a
Protocol system. A hash of the supplied password with the
challenge is sent for comparison so the cleartext
password is never sent over the connection.
Compliance mode A protection mode of WORM. In compliance mode,
files within their protection period cannot be changed
or deleted by either the file user or by the system
administrator. Files with expired protection periods
can be deleted but not changed by the file user or
the system administrator.
Controller The control logic in a disk or tape that performs
command decoding and execution, host data transfer,
serialization and deserialization of data, error
detection and correction, and overall management of
device operations. The control logic in a storage
subsystem that performs command transformation
and routing, aggregation (RAID, mirroring, striping, or
other), high-level error recovery, and performance
optimization for multiple storage devices.
Controller enclosure An enclosure that accommodates controllers and
provides storage services. It is the core component of
a storage system and generally consists of
components, such as controllers, power supplies, and
fans.
Copying A pair state. The state indicates that the source LUN
data is being synchronized to the target LUN.
Container root Space used to store the metadata for running
directory container images and container instances.
Container image An image is a special file system, which provides the
programs, libraries, resources, and configuration files
required for running containers. It also contains
configuration parameters, for example, for
anonymous disks, environment variables, and users.
The image does not contain dynamic data, and its
content will not be modified after construction.
Containerized An image can start multiple containers, and an
application application can contain one or a group of containers.
D
Data compression The process of encoding data to reduce its size. Lossy
compression (i.e., compression using a technique in
which a portion of the original information is lost) is
acceptable for some forms of data (e.g., digital
images) in some applications, but for most IT
applications, lossless compression (i.e., compression
using a technique that preserves the entire content of
the original data, and from which the original data
can be reconstructed exactly) is required.
Data flow A process that involves processing data extracted
from the source system. These processes include:
filtering, integration, calculation, and summary,
finding and solving data inconsistency, and deleting
invalid data so that the processed data meets the
requirements of the destination system for the input
data.
Data migration A movement of data or information between
information systems, formats, or media. Migration is
performed for reasons such as possible decay of
storage media, obsolete hardware or software
(including obsolete data formats), changing
performance requirements, the need for cost
efficiencies etc.
Data source A system, database (database user; database
instance), or file that can make BOs persistent.
Deduplication The replacement of multiple copies of data — at
variable levels of granularity — with references to a
shared copy in order to save storage space and/or
bandwidth.
Dirty data Data that is stored temporarily on the cache and has
not been written onto disks.
E
eDevLUN Logical storage array space created by a third-party
storage array.
Expansion module A component used for expansion.
Expansion Connects a storage system to more disk enclosures
through connection cables, expanding the capacity of
the storage system.
F
Field replaceable unit A unit or component of a system that is designed to
be replaced in the field, i.e., without returning the
system to a factory or repair depot. Field replaceable
units may either be customer-replaceable or their
replacement may require trained service personnel.
Firmware Low-level software for booting and operating an
intelligent device. Firmware generally resides in read-
only memory (ROM) on the device.
Flash Translation Layer Flash Translation Layer (FTL) organizes and manages
host data, enables host data to be allocated to NAND
flash chips of SSDs in an orderly manner, maintains
the mapping relationship between logical block
addresses (LBAs) and physical block addresses
(PBAs), and implements garbage collection, wear
leveling, and bad block management.
Front-end port The port that connects the controller enclosure to the
service side and transfers service data. Front-end port
types are Fibre Channel and iSCSI.
Front-end interconnect On a storage device, all controllers share the front-
I/O module (FIM) end interface modules.
G
Garbage collection The process of reclaiming resources that are no
longer in use. Garbage collection has uses in many
aspects of computing and storage. For example, in
flash storage, background garbage collection can
improve write performance by reducing the need to
perform whole block erasures prior to a write.
Gateway A device that receives data via one protocol and
transmits it via another.
Global garbage With a view to defragmentation of storage arrays
collection and garbage collection of disks, global garbage
collection reduces garbage of disks by enabling
storage arrays to inform disks of not implementing
invalid data relocation and of controlling space
release so that disks and controllers consume less
space, reducing costs and prolonging the useful life
of storage arrays.
H
Hard disk tray The tray that bears the hard disk.
Heartbeat Heartbeat supports node communication, fault
diagnosis, and event triggering. Heartbeats are
protocols that require no acknowledgement. They are
transmitted between two devices. The device can
judge the validity status of the peer device.
Hit ratio The ratio of directly accessed I/Os from the cache to
all I/Os.
Hot swap The substitution of a replacement unit (RU) in a
system for a defective unit, where the substitution
can be performed while the system is performing its
normal functioning normally. Hot swaps are physical
operations typically performed by humans.
HyperMetro A value-added service of storage systems.
HyperMetro means two datasets (on two storage
systems) can provide storage services as one dataset
to achieve load balancing among applications and
failover without service interruption.
HyperMetro domain A HyperMetro configuration object generally; made
up of two storage arrays and one quorum server.
HyperMetro services can be created on a HyperMetro
domain.
HyperMetro vStore A HyperMetro vStore pair consists of two vStores,
pair that is, two tenants. After a HyperMetro relationship
is set up for a pair of vStores, the datasets in the two
vStores work in redundancy mode and provide
storage services in one dataset view, achieving hitless
service failover.
I
In-band management The management control information of the network
and the carrier service information of the user
network are transferred through the same logical
channel. In-band management enables users to
manage storage arrays through commands.
Management commands are sent through service
channels, such as I/O write and read channels. The
advantages of in-band management include high
speed, stable transfer, and no additional
management network ports required.
Initiator The system component that originates an I/O
command over an I/O interconnect. The endpoint
that originates a SCSI I/O command sequence. I/O
adapters, network interface cards, and intelligent I/O
interconnect control ASICs are typical initiators.
I/O Shorthand for input/output. I/O is the process of
moving data between a computer system's main
memory and an external device or interface such as a
storage device, display, printer, or network connected
to other computer systems. This encompasses
reading, or moving data into a computer system's
memory, and writing, or moving data from a
computer system's memory to another location.
L
Load balance A method of adjusting the system, application
components, and data to averagely distribute the
applied I/Os or computing requests to physical
resources of the system.
Logical unit The addressable entity within a SCSI target that
executes I/O commands.
Logical unit number The SCSI identifier of a logical unit within a target.
Industry shorthand, when phrased as "LUN", for the
logical unit indicated by the logical unit number.
LUN formatting The process of writing 0 bits in the data area of the
logical drive and generating related parity bits so that
the logical drive can be in the ready state.
LUN mapping A storage system maps LUNs to application servers
so that application servers can access storage
resources.
LUN migration A method for the LUN data to migrate between
different physical storage spaces while ensuring data
integrity and uninterrupted operation of host
services.
LUN snapshot A type of snapshot created for a LUN. This snapshot
is both readable and writable and is mainly used to
provide a snapshot LUN from point-in-time LUN
data.
Lever A lever resides on the structural part of a module. It
is used to insert or remove a module into or from a
chassis, saving efforts.
Local image repository A private repository used to store the container
images and Helm charts imported by users. It is
different from the standard image repository. The
imported images and Helm charts must meet the
compatibility requirements of the system.
M
Maintenance terminal A computer connected through a serial port or
management network port. It maintains the storage
system.
Management interface The module that integrates one or more
module management network ports.
Management network An entity that provides means to transmit and
process network management information.
Management network The network port on the controller enclosure
port connected to the maintenance terminal. It is provided
for the remote maintenance terminal. Its IP address
can be modified with the change of the customer's
environment.
N
NVM Express A host controller interface with a register interface
and command set designed for PCI Express-based
SSDs.
NVMe SSD A solid state disk (SSD) with a non-volatile memory
express (NVMe) interface. Compared with other
SSDs, such SSDs can deliver higher performance and
shorter latency.
O
Out-of-band A management mode used during out-of-band
management networking. The management and control
information of the network and the bearer service
information of the user network are transmitted
through different logical channels.
P
Power failure When an external power failure occurs, the AC PEM
protection depends on the battery for power supply. This
ensures the integrity of the dirty data in the cache.
Pre-copy When the system monitors a failing member disk in a
RAID group, the system copies the data from the disk
to a hot spare disk in advance.
Q
Quorum server A server that can provide arbitration services for
clusters or HyperMetro to prevent the resource access
conflicts of multiple application servers.
Quorum Server Mode A HyperMetro arbitration mode. When a HyperMetro
arbitration occurs, the quorum server decides which
site wins the arbitration.
R
RAID level The application of different redundancy types to a
logical drive. A RAID level improves the fault
tolerance or performance of the logical drive but
reduces the available capacity of the logical drive.
You must specify a RAID level for each logical drive.
Ransomware file When launching attacks, ransomware usually
interception generates encrypted files with special file name
extensions. In light of this, the system intercepts the
write to files with specific file name extensions to
block the extortion from known ransomware and
protect file systems in the storage system.
Real-time ransomware Ransomware has similar I/O behavior characteristics.
detection By analyzing file I/O behavior characteristics, the
system quickly filters out abnormal files and
performs deep content analysis on the abnormal files
to detect files attacked by ransomware. Then, secure
snapshots are created for file systems where files
have been attacked, and alarms are reported to
notify the data protection administrator, limiting the
impact of ransomware and reducing losses.
Reconstruction The regeneration and writing onto one or more
replacement disks of all of the user data and check
data from a failed disk in a mirrored or RAID array. In
most arrays, a rebuild can occur while applications
are accessing data on the array's virtual disks.
Redundancy The inclusion of extra components of a given type in
a system (beyond those required by the system to
carry out its function) for the purpose of enabling
continued operation in the event of a component
failure.
S
Script A parameterized list of primitive I/O interconnect
operations intended to be executed in sequence.
Often used with respect to ports, most of which are
able to execute scripts of I/O commands
autonomously (without policy processor assistance).
A sequence of instructions intended to be parsed and
carried out by a command line interpreter or other
scripting language. Perl, VBScript, JavaScript and Tcl
are all scripting languages.
Serial port An input/output location (channel) that sends and
receives data (one bit at a time) to and from the CPU
of a computer or a communications device. Serial
ports are used for serial data communication and as
interfaces for some peripheral devices, such as mouse
devices and printers.
Service data The user and/or network information required for the
normal functioning of services.
Service network port The network port that is used to store services.
Simple network An IETF protocol for monitoring and managing
management protocol systems and devices in a network. The data being
monitored and managed is defined by an MIB. The
functions supported by the protocol are the request
and retrieval of data, the setting or writing of data,
and traps that signal the occurrence of events.
Single point of failure One component or path in a system, the failure of
which would make the system inoperable.
Smart disk enclosure Being compared with traditional disk enclosures, the
smart disk enclosures are equipped with Arm chips
and DDR memories or other computing modules to
achieve powerful computing capabilities. With such
capabilities, the smart disk enclosures can help
controllers to share some computing loads,
accelerating data processing.
Share authentication During vStore configuration synchronization, the
share authentication information (including the share
information and domain controller configuration) is
synchronized to the secondary end.
T
Target The endpoint that receives a SCSI I/O command
sequence.
Target LUN The LUN on which target data resides.
Thin LUN A logic disk that can be accessed by hosts. It
dynamically allocates storage resources from the thin
pool according to the actual capacity requirements of
users.
Topology The logical layout of the components of a computer
system or network and their interconnections.
Topology deals with questions of what components
are directly connected to other components from the
standpoint of being able to communicate. It does not
deal with questions of physical location of
components or interconnecting cables. The
communication infrastructure that provides Fibre
Channel communication among a set of PN_Ports
(e.g., a Fabric, an Arbitrated Loop, or a combination
of the two).
Trim A method by which the host operating system may
inform a storage device of data blocks that are no
longer in use and can be reclaimed. Many storage
protocols support this functionality via various
names, e.g., ATA TRIM and SCSI UNMAP.
U
User interface The space where users interact with a machine.
W
Wear leveling A set of algorithms utilized by a flash controller to
distribute writes and erases across the cells in a flash
device. Cells in flash devices have a limited ability to
survive write cycles. The purpose of wear leveling is
to delay cell wear out and prolong the useful life of
the overall flash device.
Write amplification Increase in the number of write operations by the
device beyond the number of write operations
requested by hosts.
Write amplification The ratio of the number of write operations on the
factor device to the number of write operations requested
by the host.
Write back A caching technology in which the completion of a
write request is signaled as soon as the data is in the
cache. Actual writing to non-volatile media occurs at
a later time. Write back includes inherent risks: an
application will take action predicated on the write
completion signal, and a system failure before the
data is written to non-volatile media will cause
media contents to be inconsistent with that
subsequent action. For these reasons, sufficient write
back implementations include mechanisms to
preserve cache contents across system failures
(including power failures) and a flushed cache at
system restart time.
Write Once Read Many A type of storage, designed for fixed content, that
preserves what is written to it in an immutable
fashion. Optical disks are an example of WORM
storage.
Write through A caching technology in which the completion of a
write request is not signaled until data is safely
stored on non-volatile media. Write performance
equipped with the write through technology is
approximately that of a non-cached system. However,
if the written data is also held in a cache, subsequent
read performance may be dramatically improved.
Z
Zone A collection of Fibre Channel N_Ports and/or
NL_Ports (i.e., device ports) that are permitted to
communicate with each other via the fabric. Any two
N_Ports and/or NL_Ports that are not members of at
least one common zone are not permitted to
communicate via the fabric. Zone membership may
be specified by: 1) port location on a switch, (i.e.,
Domain_ID and port number); or, 2) the device's
N_Port_Name; or, 3) the device's address identifier;
or, 4) the device's Node_Name. Well-known
addresses are implicitly included in every zone.
C
CHAP Challenge Handshake Authentication Protocol
CLI Command-Line Interface
F
FC Fiber Channel
G
GPT GUID Partition Table
GUI Graphical User Interface
H
HBA Host Bus Adapter
I
IE Internet Explorer
IP Internet Protocol
IQN iSCSI Qualified Name
iSCSI Internet Small Computer Systems Interface
iSNS Internet Storage Name Service
L
LDAP Lightweight Directory Access Protocol
LUN Logical Unit Number
W
WWN World Wide Name
WWPN World Wide Port Name