Hello, This is Jean Pompey Leo.
Welcome to Cyber Eri
or in the virtual ization installation configuration of management class
Model Six Lessons, too.
This last time we were working with configuring I scuzzy.
So we'll start with describing how I'd be stored. Works.
We'll go through the different components of I p scuzzy address ing
and we'll look at the nice cosy initiators,
so I'd be storage in general is very flexible, as I was starting to talk about in the last module
because you can use your existing
throughout the traffic through ah, redundant infrastructure. You might have
fail over switches fail over routers, and this gives a lot of flexibility for where those storage actually physically is located.
And it gives you the ability to absorb,
a different outages. So you don't have single point of failure if you lose a switch or if you lose it network adapter.
That's one really big advantage versus direct attacks, storage or even fibre channel, where you've got dedicated fiber optic cables going between your storage processor and the host.
All right, so starting off with some of the components here,
green box represents the ice cause you target.
So if you're working with your storage administrator, they would give you this information.
Or if you do a scan of your adaptors on your host, you would pop up some targets and some, uh, Luns.
So we've got our physical discs within the target that are mapped to the logical unit numbers.
This mapping is is arbitrary. It could be a 1 to 1 mapping of physical destro a lung, or you might have a bank of
perhaps 16 disks that maps to three Luns.
It just depends on how the storage administrator wants to subdivide the total amount of storage.
Then we have storage processors
that are connected to your I. P network
storage processor is basically a specialized network adapter
that is optimized for storage commands and has its own built in buffering and so on.
Since the traffic goals through your I P. Net, where we got multiple physical paths
and then with on the beach of individual host, we have our host busted afters
and then we'll get a different name. H P A 32 34 just depends on what kind of hardware you have and what?
Yes, yes, X. I hope software does decide your host plus adapter number should be.
We can also have different types of adapters.
This could be hardware or software,
and there we'll talk about some of the advantages and disadvantages of each of those
a little bit more detail on
storage processor has a naming convention. Either it's like U N or you, I prefix, depending on what kind of hardware you have, of course,
and we'll get some kind of information, you know, a date in a month
and perhaps a bit of your domain name
and a colon, and then the name
that you're choosing for the alias, followed by some other hex type characters.
And this gets generated wing. The
the target gets connected
to your system. When you do a scan of your adaptors and you see targets,
whatever the Target's configured with will pop up as your ice cosy Target name. It could be in this you lie for Metas. Well, it depends on whose hardware you're using.
There's also a nice, cosy alias, which we see as part of the ice cosy target name, so you can find that information in two different to different areas.
And then, of course, there's not P address associated with.
That's a nice cosy target for the labs that will be doing. This is the actual I P address. You'll see it's 100 to 1 68 1 68 dot too.
That's the address of the NASDAQ vice, which is used for NFS mounts.
Ah, and for ice cosy,
that's on your host. Whether it's hard, we're also or Software has its own naming convention, very similar to what we saw for the ice, because the target name
we've got like U N some information here your domain name, perhaps, and then your alias,
which, of course, becomes your ice Qazi alias. Whether it's software or hardware initiator
and another I P address might be defined here,
you'll notice we've got a DOD three and adopt to the particular sand that's being used has, ah
so I can assign an address to each one and take advantage of that multi path incapability.
As far as the eye scans the initiator, I have different types.
We start with software, which is already
included in the functionality of your VM Colonel Port For your bm colonel hyper visor,
you don't have to buy any additional hardware
I can use. The standard interface is that the host already has
all the ice cozy. Traffic
just goes through the existing network card in the network that's already in place.
So this is a great option if you don't have the money or the capability to add a hardware ice cosy Initiator,
uh, you can have a dependent hardware initiator.
uh, something that does have an added expense and does take up some of the capacity of your host toe add adapter cards.
the relies upon VM where to do it's networking. So we need to define of'em Colonel Port,
and we also have to use the configuration management interface is from Vienna, where
to configuration to configure the dependent hardware adapter.
If you have an independent ice cozy hard word after
this is the most expensive option but also have the highest performance. This is a dedicated hardware device
that will handle all of the processing requirements
four ice cosy traffic
and, according to best practices you would want to try Thio.
Well, for one thing, you want to use a separate
interface for your ice kind of traffic to begin with.
If you could use an independent hardware or dependent hard winter face, that's even better. Because now all of the traffic goes through a dedicated piece of hardware that doesn't interfere with the the other network interface cards on the system that are used for things like the motion traffic or mangement network or just regular user,
uh, client server type traffic.
the guy scares the initiators. Some of the things that we need to think about when we're configuring this and we'll see this in the upcoming lab
is first. You have to configure the VM Colonel Port.
You have to designate a port on your switch. Four. I, Scotty traffic. Same same thing we have to do for fault, tolerance, traffic or for high availability traffic.
You can actually do all three of those capabilities through one VM Colonel Port.
That is possible, although it's not recommended for performance and redundancy reasons,
and I have to enable the adapter
configure the name and when you do that in the lab. You'll you'll pop up with a name there were similar to this,
and your host name will end up being part of the alias with some other information. And when you see in the lab, you have to actually removal of evidence of that information in order to get the host to connect properly.
It's just a quirk of the way that the configuration of the ice cosy adapter happens.
Then you configure your adapter properties,
and what we see here is a static discovery or dynamic discovery.
Static discovery means that I know what my I P addresses. You know this case 0.2 or 0.3,
and I can enter that into the field for the configuration of the adapter.
when I do that, the adaptor will go
the ice, goes the target on the address that I give it.
And that's that's based on the fact that I know the address and I can tell it what which one to use
if I use dynamic discovery on the other hand. Now the adaptor will just send requests
two to the network to look for I Scott, your targets to see which targets respond
and the targets that respond
well, very depending on the zoning and the masking of those targets when they were
built by the storage administrator.
So for our purposes, using a static discovery is is just fine. We know the I P address.
We're not doing anything dynamic, so we could just access that directly.
And then you can also pick the port binding
four ice because the traffic is TCP 30 to 60.
But you can pick a different port if there's a conflict in your environment of that ports already in use, for instance, by another application.
And then the last thing we have to think about when configuring our ice cosy adapter is the security profile.
So be aware supports Chap, which is a challenge handshake, authentication protocol
and chap is very flexible.
You can have a several different ways of using chap. You can do
to target authentication,
basically some credentials, a password, the user name and password.
Um, I'm sorry, just a password, or I can have the target authenticate to the host
and also using a pre pre determined password. Or you could do mutual authentication where both sides authenticate each other,
and these air security features that are very useful because you don't want,
any host to be able to connect to your eyes. Close your target without any kind of of
authentication being done.
That would mean that a rogue host on your network could potentially connect to your storage and be able to access file that that that host is not authorized to access.
That's my chapters involved
or or available, I should say, as an option, to give you the ability to authenticate both directions or either direction, depending on what your requirements are
for our lab. We're not going to use Chap
because the storage device that
that's available doesn't support that. So we'll just kind of talk about it here instead.
All right, and then last lead.
We have the concept of multi path thing.
So multi path thing is very useful. If I if I've got my my host connected to
the ice cosy storage and I've got multiple storage processors, multiple paths to get to that storage,
I can designate one is a fail over for the other
If if I've got a problem in the network
and one of these connections goes away,
the remaining connection can then take all the traffic.
This also gives you options for load balancing. You could do a round robin or other techniques to balance the traffic between those two storage processors
to get the most use of your hardware.
the traffic ALS over your TCP network
so I can have independent hardware ice cosy adapters, as you see here. Or I can have
some software or or ah
dependent hardware adaptors by going
through one of'em Colonel ports to the actual host itself.
All right, so to review, we talked about
some of the configuration options for ice kaze was we see over there.
How would you look at the different components that are involved?
We also looked at the naming conventions
for the different components and what those look like when you're actually using the ice causing adapter.
And then we learned a little bit about the different types of initiators.
These basically go from lowest performance to medium performance to highest performance and, of course, no cost some costs and higher costs if you want to drink them that way.
Okay, that concludes. Lesson number two for module six. Thank you.