isilon onefs 7.1 _gui

7/26/2019 Isilon OneFS 7.1 _GUI

1/433

Isilon

OneFSVersion 7.1

Web Administration Guide


2/433

Copyright 2001-2014 EMC Corporation. All rights reserved. Published in USA.

Published March, 2014

EMC believes the information in this publication is accurate as of its publication date. The information is subject to change

without notice.

The information in this publication is provided as is. EMC Corporation makes no representations or warranties of any kind withrespect to the information in this publication, and specifically disclaims implied warranties of merchantability or fitness for a

particular purpose. Use, copying, and distribution of any EMC software described in this publication requires an applicablesoftware license.

EMC, EMC, and the EMC logo are registered trademarks or trademarks of EMC Corporation in the United States and othercountries. All other trademarks used herein are the property of their respective owners.

For the most up-to-date regulatory document for your product line, go to EMC Online Support (https://support.emc.com). Fordocumentation on EMC Data Domain products, go to the EMC Data Domain Support Portal (https://my.datadomain.com).

EMC CorporationHopkinton, Massachusetts 01748-91031-508-435-1000 In North America 1-866-464-7381www.EMC.com

2 OneFS7.1 Web Administration Guide


3/433

Introduction to this guide 17

About this guide............................................................................................18Isilon scale-out NAS overview........................................................................18Where to go for support.................................................................................18

Isilon scale-out NAS 19

OneFS storage architecture........................................................................... 20Isilon node components................................................................................20Internal and external networks......................................................................21Isilon cluster................................................................................................. 21

Cluster administration......................................................................21

Quorum............................................................................................21Splitting and merging.......................................................................22Storage pools...................................................................................23IP address pools.............................................................................. 23

The OneFSoperating system......................................................................... 23Data-access protocols......................................................................24Identity management and access control......................................... 24

Structure of the file system............................................................................25Data layout...................................................................................... 25Writing files......................................................................................26Reading files....................................................................................26Metadata layout...............................................................................26Locks and concurrency.....................................................................27

Striping............................................................................................27Data protection overview...............................................................................27

N+M data protection........................................................................ 28Data mirroring..................................................................................29The file system journal..................................................................... 29Virtual hotspare.............................................................................. 29Balancing protection with storage space..........................................29

VMware integration....................................................................................... 29The iSCSI option............................................................................................30Software modules......................................................................................... 30

General cluster administration 33

General cluster administration overview........................................................34User interfaces..............................................................................................34Connecting to the cluster...............................................................................35

Log in to the web administration interface........................................35Open an SSH connection to a cluster ................................................35

Licensing.......................................................................................................36License status..................................................................................36License configuration.......................................................................39Activate a license.............................................................................39View license information..................................................................40Unconfigure a license.......................................................................40

Certificates....................................................................................................40

Chapter 1

Chapter 2

Chapter 3

CONTENTS

OneFS7.1 Web Administration Guide 3


4/433

Replace or renew the SSL certificate.................................................41Verify an SSL certificate update........................................................42Self-signed SSL certificate data example..........................................42

General cluster settings.................................................................................42Set the cluster name........................................................................ 43Specify contact information..............................................................43

Configuring the cluster date and time...............................................43Set the cluster date and time........................................................... 44Specify anNTP time server............................................................... 44Configure SMTP email settings.........................................................45Specify thecluster join mode........................................................... 45Cluster join modes........................................................................... 45Enable or disable access time tracking.............................................46Specify the cluster character encoding.............................................46

Cluster statistics........................................................................................... 47Performance monitoring................................................................................47Cluster monitoring.........................................................................................47

Monitor the cluster...........................................................................48

View nodestatus............................................................................. 49Events andnotifications...................................................................49Monitoringcluster hardware..........................................................................57

View node hardware status.............................................................. 57Chassis and drive states.................................................................. 57SNMP monitoring............................................................................. 59

Cluster maintenance..................................................................................... 62Replacing node components............................................................62Upgrading node components........................................................... 63Managing cluster nodes...................................................................63

Remote support using SupportIQ...................................................................64Configuring SupportIQ......................................................................65Enable andconfigure SupportIQ.......................................................65Disable SupportIQ............................................................................66SupportIQ scripts.............................................................................66

Upgrading OneFS.......................................................................................... 68

Access zones 69

Access zones overview..................................................................................70Access zone features.....................................................................................70Managing access zones................................................................................ 71

Create an access zone......................................................................71Access zone settings........................................................................72Associate an IP address pool with an access zone............................73

Modify an access zone.....................................................................73Delete an access zone......................................................................74

Authentication and access control 75

Authentication andaccess control overview.................................................. 76Authentication and access control features......................................76

Data access control.......................................................................................77ACLs................................................................................................ 77UNIX permissions.............................................................................78Mixed-permission environments...................................................... 78

Roles.............................................................................................................79

Built-in roles.................................................................................... 79

Chapter 4

Chapter 5

CONTENTS



5/433

OneFS privileges.............................................................................. 82Command-line interface privileges...................................................84

Authentication.............................................................................................. 88Supported authentication providers.................................................88Authentication provider features......................................................89LDAP................................................................................................89

Active Directory................................................................................90NIS...................................................................................................90File provider.....................................................................................90Local provider.................................................................................. 91

Managing access permissions.......................................................................91Configure access management settings........................................... 91Modify ACL policy settings................................................................92ACL policy settings options.............................................................. 92Update cluster permissions..............................................................97

Managing roles............................................................................................. 99View roles ........................................................................................ 99View privileges.................................................................................99

Create a custom role...................................................................... 100Modify a role..................................................................................100Delete a custom role...................................................................... 100

Managing authentication providers............................................................. 100Configure an LDAP provider............................................................101Managing LDAP providers.............................................................. 102Configure an Active Directory provider............................................105Managing Active Directoryproviders.............................................. 106Managing NIS providers.................................................................108Configuring file providers...............................................................110Managing file providers..................................................................111Create a local user......................................................................... 114Create a local group....................................................................... 115Managing local users and groups...................................................115

Identity management 121

Identity management.................................................................................. 122Identity types.............................................................................................. 122Access tokens.............................................................................................123Access token generation............................................................................. 124

ID mapping.................................................................................... 124User mapping across systems and identities..................................125On-disk identity............................................................................. 130

Auditing 133

Auditing overview........................................................................................134Protocol audit events.................................................................................. 134Supported event types................................................................................ 134Supported audit tools................................................................................. 135Enable system configuration auditing..........................................................136Enable protocol access auditing..................................................................136Auditing settings.........................................................................................137Integrating with theEMC Common Event Enabler.........................................137

Install CEEfor Windows..................................................................138Configure CEE for Windows............................................................ 139

Chapter 6

Chapter 7

CONTENTS



6/433

File sharing 141

File sharing overview...................................................................................142SMB............................................................................................................142

Overlapping display names for SMB shares....................................143NFS............................................................................................................. 143

HTTP and HTTPS.......................................................................................... 143FTP..............................................................................................................144Mixed protocol environments......................................................................144Write caching with SmartCache................................................................... 144

Write caching for asynchronous writes........................................... 145Write caching for synchronous writes.............................................145

Managing the SMBservice.......................................................................... 146Configure SMB file sharing.............................................................146Limit access to /ifs share for the Everyone account........................ 146Snapshotsdirectory settings..........................................................147File and directory permission settings............................................147SMB performance settings............................................................. 148SMB security settings.....................................................................148

Managing SMB shares.................................................................................148Create an SMB share......................................................................149Modify SMB share permissions, performance, or security...............150Add a useror group to an SMB share..............................................151Configure overlapping share display names...................................151Configure multi-protocol home directory access.............................152Delete an SMB share......................................................................152

Managing the NFS service........................................................................... 152Configure NFS file sharing.............................................................. 152Create a root-squashing rule for the default NFS export.................. 153NFS service settings.......................................................................154NFS performance settings.............................................................. 154

NFS client compatibility settings.................................................... 155NFS exportbehavior settings..........................................................155

Managing NFS exports.................................................................................156View and configure default NFS export settings..............................156Create an NFS export......................................................................156Modify an NFS export..................................................................... 158Delete an NFS export......................................................................158Check NFSexports for errors.......................................................... 158

Enable and configure FTP file sharing.......................................................... 159Enable and configure HTTP..........................................................................159Home directories.........................................................................................160

Home directory permissions...........................................................161Home directory creation through SMB............................................ 161Home directory creation through SSH and FTP................................163Home directory creation in a mixed environment............................166Interactions between ACLs and mode bits......................................166Interactions with dot-file provisioning............................................166Default home directory settings in authentication providers...........167Supportedexpansion variables......................................................167Domain variables in home directory provisioning...........................168

Snapshots 171

Snapshotsoverview....................................................................................172Data protection with SnapshotIQ.................................................................172

Chapter 8

Chapter 9

CONTENTS



7/433

Snapshot disk-space usage........................................................................ 172Snapshot schedules....................................................................................173Snapshot aliases........................................................................................ 173File and directory restoration.......................................................................173Snapshot best practices..............................................................................174Best practices for creating snapshot schedules...........................................174

File clones...................................................................................................175Shadow store considerations.........................................................176iSCSI LUN clones............................................................................176

Snapshot locks........................................................................................... 176Snapshot reserve........................................................................................177SnapshotIQ license functionality.................................................................177Creating snapshots with SnapshotIQ...........................................................177

Create a SnapRevert domain..........................................................178Create a snapshot schedule...........................................................178Create a snapshot..........................................................................179Snapshot naming patterns.............................................................180

Managing snapshots ..................................................................................182

Reducing snapshot disk-space usage............................................ 182Delete snapshots...........................................................................183Modify snapshot attributes............................................................ 183Modify a snapshot alias.................................................................184View snapshots..............................................................................184Snapshot information.................................................................... 184

Restoring snapshotdata............................................................................. 184Revert a snapshot.......................................................................... 185Restore a file or directory using Windows Explorer..........................185Restore a file or directory through a UNIX command line.................186Clone a filefrom a snapshot...........................................................186

Managing snapshot schedules....................................................................186Modify a snapshot schedule.......................................................... 186Delete a snapshot schedule...........................................................187View snapshot schedules...............................................................187

Managing with snapshot locks....................................................................187Create a snapshot lock...................................................................187Modify a snapshot lock expiration date..........................................188Delete a snapshot lock...................................................................188Snapshot lock information.............................................................189

Configure SnapshotIQ settings....................................................................189SnapshotIQ settings.......................................................................189

Set the snapshot reserve.............................................................................190

Deduplication with SmartDedupe 193Deduplication overview...............................................................................194Deduplication jobs......................................................................................194Data replication and backup with deduplication..........................................195Snapshotswith deduplication.....................................................................195Deduplication considerations......................................................................195Shadow store considerations......................................................................196SmartDedupe license functionality..............................................................196Managing deduplication............................................................................. 197

Assess deduplication space savings..............................................197Specify deduplication settings.......................................................197View deduplication space savings..................................................198

View a deduplication report........................................................... 198

Chapter 10

CONTENTS



8/433

Deduplication job report information............................................. 198Deduplication information............................................................. 199

Data replication with SyncIQ 201

SyncIQ backup and recovery overview.........................................................202

Replication policiesand jobs...................................................................... 202Automatedreplication policies.......................................................203Source and target cluster association.............................................203Full and differential replication.......................................................204Controlling replication job resource consumption.......................... 204Replicationreports.........................................................................205

Replication snapshots.................................................................................205Source cluster snapshots...............................................................205Target cluster snapshots................................................................206

Data failover and failback with SyncIQ.........................................................206Data failover.................................................................................. 207Data failback..................................................................................207

Recovery times andobjectives for SyncIQ....................................................207SyncIQ license functionality........................................................................ 208Creating replication policies........................................................................208

Excluding directories in replication.................................................208Excluding files in replication.......................................................... 209File criteriaoptions........................................................................ 210Configure default replication policy settings...................................212Create a replication policy..............................................................212Create a SyncIQ domain.................................................................217Assess a replication policy.............................................................218

Managing replication to remote clusters......................................................218Start a replication job.....................................................................218Pause a replication job...................................................................219Resume a replication job................................................................219Cancel a replication job..................................................................219View active replication jobs............................................................219Replicationjob information............................................................219

Initiating data failover and failback with SyncIQ.......................................... 220Fail over data to a secondary cluster ...............................................220Revert a failover operation............................................................. 220Fail back data to a primary cluster..................................................221

Performingdisaster recovery for SmartLock directories................................222Recover SmartLock directories on a target cluster...........................222Migrate SmartLock directories........................................................223

Managing replication policies..................................................................... 224

Modify a replication policy............................................................. 224Delete a replication policy..............................................................224Enable or disable a replication policy.............................................224View replication policies................................................................ 225Replication policy information........................................................225Replicationpolicy settings............................................................. 225

Managing replication to the local cluster.....................................................228Cancel replication to the local cluster.............................................228Break local target association........................................................ 229View replication policies targeting the local cluster........................ 229Remote replication policy information............................................229

Managing replication performance rules..................................................... 230

Create a network traffic rule........................................................... 230

Chapter 11

CONTENTS



9/433

Create a file operations rule........................................................... 230Modify a performance rule............................................................. 230Delete a performance rule..............................................................231Enable or disable a performance rule............................................. 231View performance rules..................................................................231

Managing replication reports.......................................................................231

Configure default replication report settings...................................231Delete replication reports...............................................................232View replication reports................................................................. 232Replicationreport information........................................................232

Managing failed replication jobs................................................................. 233Resolve a replication policy............................................................234Reset a replication policy............................................................... 234Perform a full or differential replication.......................................... 234

Data layout with FlexProtect 237

FlexProtect overview....................................................................................238

File striping................................................................................................. 238Requested data protection..........................................................................238FlexProtect data recovery.............................................................................239

Smartfail........................................................................................239Node failures................................................................................. 239

Requesting data protection......................................................................... 240Requested protection settings.....................................................................240Requested protection disk space usage...................................................... 241

NDMP backup 243

NDMP backup and recovery overview.......................................................... 244NDMP two way backup................................................................................244Snapshot-based incremental backups........................................................ 245NDMP protocol support...............................................................................246Supported DMAs......................................................................................... 246NDMP hardware support............................................................................. 247NDMP backup limitations............................................................................247NDMP performance recommendations........................................................ 247Excluding files and directories from NDMP backups.................................... 249Configuring basic NDMP backup settings.................................................... 250

Configure and enable NDMP backup.............................................. 250Disable NDMP backup....................................................................250View NDMP backup settings...........................................................250NDMP backup settings...................................................................251

Managing NDMP user accounts................................................................... 251Create an NDMP user account........................................................ 251Modify the password of an NDMP user account.............................. 251Delete an NDMP user account........................................................ 251View NDMP user accounts..............................................................252

Managing NDMP backup devices.................................................................252Detect NDMP backup devices.........................................................252Modify thename of an NDMP backup device..................................252Delete an entry for an NDMP backup device................................... 253View NDMP backup devices........................................................... 253NDMP backup device settings........................................................253

Managing NDMP backup ports.................................................................... 254

Modify NDMP backup port settings................................................ 254

Chapter 12

Chapter 13

CONTENTS



10/433

Enable or disable an NDMP backup port.........................................254View NDMP backup ports...............................................................254NDMP backup port settings............................................................254

Managing NDMP backup sessions...............................................................255End an NDMP session.................................................................... 255View NDMP sessions......................................................................255

NDMP session information.............................................................256Managing restartable backups....................................................................257

Configure restartable backups....................................................... 257Delete a restartable backup context...............................................258View restartable backup contexts...................................................258Configure restartable backup settings............................................259View restartable backup settings................................................... 259

Sharing tape drivesbetween clusters..........................................................259Managing default NDMP settings.................................................................259

Set default NDMP settings for a directory....................................... 260Modify default NDMP settings for a directory..................................260View default NDMP settings for directories.....................................260

NDMP environment variables......................................................... 261Managing snapshot based incremental backups.........................................263Enable snapshot-based incremental backups for a directory.......... 263Delete snapshots for snapshot-based incremental backups...........263View snapshots for snapshot-based incremental backups............. 264

View NDMP backup logs..............................................................................264

File retention with SmartLock 265

SmartLockoverview.................................................................................... 266Compliance mode....................................................................................... 266SmartLockdirectories................................................................................. 266Replicationand backup with SmartLock......................................................267

SmartLock replication and backup limitations................................267SmartLocklicense functionality...................................................................268SmartLockconsiderations...........................................................................268Set the compliance clock............................................................................ 268View the compliance clock.......................................................................... 269Creating a SmartLock directory ....................................................................269

Retention periods...........................................................................269Autocommit time periods...............................................................269Create a SmartLock directory..........................................................270

Managing SmartLock directories................................................................. 271Modify a SmartLock directory.........................................................271View SmartLock directory settings..................................................271

SmartLockdirectory configuration settings.....................................272Managing files in SmartLock directories...................................................... 274

Set a retention period through a UNIX command line..................... 274Set a retention period through Windows Powershell.......................275Commit a file to a WORM state through a UNIX command line........ 275Commit a file to a WORM state through Windows Explorer..............275Override the retention period for all files in a SmartLock directory.. 276Delete a file committed to a WORM state .......................................276View WORM status of a file.............................................................277

Protection domains 279

Protection domainsoverview...................................................................... 280

Chapter 14

Chapter 15

CONTENTS



11/433

Protection domain considerations...............................................................280Create a protection domain......................................................................... 281Delete a protection domain.........................................................................281View protection domains.............................................................................281Protection domain types............................................................................. 281

Data-at-rest-encryption 283

Data-at-rest encryption overview.................................................................284Self-encrypting drives..................................................................................284Data security on self-encrypted drives.........................................................284Data migration to a self-encrypted-drives cluster.........................................285Chassis and drive states............................................................................. 285Smartfailed drive ERASE and REPLACE state examples................................ 287

SmartQuotas 291

SmartQuotas overview................................................................................ 292

Quota types................................................................................................ 292Default quota type.......................................................................................293Usage accounting and limits....................................................................... 294Disk-usage calculations.............................................................................. 296Quota notifications..................................................................................... 297Quota notification rules...............................................................................297Quota reports..............................................................................................298Creating quotas...........................................................................................298

Create an accounting quota........................................................... 299Create an enforcement quota.........................................................299

Managing quotas........................................................................................ 300Search for quotas...........................................................................300Manage quotas..............................................................................301Export a quota configuration file.................................................... 302Import a quota configuration file....................................................302

Managing quota notifications......................................................................303Configure default quota notification settings..................................303Configure custom quota notification rules......................................304Map an email notification rule for a quota...................................... 305Configure a custom email quota notification template....................305

Managing quota reports .............................................................................. 306Create a quota report schedule...................................................... 306Generate a quota report................................................................. 307Locate a quota report .....................................................................307

Basic quota settings....................................................................................307

Advisory limit quota notification rules settings............................................308Soft limit quota notification rules settings...................................................309Hard limit quota notification rules settings..................................................309Limit notification settings............................................................................310Quota report settings.................................................................................. 310Custom email notification template variable descriptions........................... 311

Storage Pools 313

Storage pools overview............................................................................... 314About storage pools....................................................................................314Autoprovisioning.........................................................................................315

Virtual hot spare..........................................................................................316

Chapter 16

Chapter 17

Chapter 18

CONTENTS



12/433

Spillover..................................................................................................... 316Node pools................................................................................................. 317

Manual node pool management.....................................................317SSD pools................................................................................................... 318Tiers............................................................................................................319File pools.................................................................................................... 319

File pool policies......................................................................................... 319Managing node pools..................................................................................320

Add or move node pools in a tier....................................................320Change the name or requested protection of a node pool...............320

Managing tiers............................................................................................ 321Create a tier................................................................................... 321Rename a tier.................................................................................321Delete a tier................................................................................... 321

Creating file pool policies............................................................................322Add a file pool policy......................................................................323File pool file-matching options.......................................................324Valid wildcard characters...............................................................325

Default file pool requested protection settings...............................326Default file pool I/O optimization settings......................................327Managing file pool policies......................................................................... 327

Configure default file pool policy settings.......................................328Configure default file pool protection settings................................328Configure default I/O optimization settings....................................328Modify a file pool policy................................................................. 329Copy a file pool policy ....................................................................329Prioritize afile pool policy..............................................................329Use a file pool template policy....................................................... 330Delete a file pool policy..................................................................330SmartPools settings.......................................................................331

Monitoring storagepools............................................................................ 332Monitor storage pools....................................................................333View unhealthy subpools...............................................................333View file pool job results ................................................................333

System jobs 335

System jobs overview..................................................................................336System jobs library......................................................................................336

Job operation.............................................................................................. 339Job performance impact.............................................................................. 340Job priorities............................................................................................... 340Managing system jobs................................................................................ 341

View active jobs ............................................................................. 341View job history............................................................................. 341Start a job......................................................................................341Pause a job....................................................................................342Resume a job................................................................................. 342Cancel a job...................................................................................342Update a job.................................................................................. 342Modify jobtype settings.................................................................343

Managing impact policies........................................................................... 343Create an impact policy..................................................................343Copy an impact policy....................................................................344Modify an impact policy................................................................. 344

Delete an impact policy..................................................................345

Chapter 19

CONTENTS



13/433

View impact policy settings............................................................345Viewing job reports and statistics................................................................345

View statistics for a job in progress................................................ 346View a report for a completed job...................................................346

Networking 347Networking overview...................................................................................348About the internal network..........................................................................348

Internal IP address ranges..............................................................348Internal network failover................................................................ 349

External client network overview................................................................. 349External network settings...............................................................349IP address pools............................................................................ 350Connection balancing with SmartConnect...................................... 350External IP failover......................................................................... 351NIC aggregation............................................................................. 352VLANs............................................................................................ 353

DNS name resolution..................................................................... 353IPv6 support.................................................................................. 353

Configuring the internal network................................................................. 353Modify theinternal IP address range.............................................. 354Modify the internal network netmask............................................. 354Configure and enable an internal failover network..........................355Disable internal network failover....................................................355

Configuring an external network..................................................................356Adding a subnet.............................................................................356Managing external network subnets...............................................361Managing IP address pools............................................................364Managing network interface members............................................366

Managing external client connections with SmartConnect........................... 370Configure client connection balancing............................................370

Managing network interface provisioning rules............................................372Create a node provisioning rule......................................................372Modify a node provisioning rule.....................................................373Delete a node provisioning rule ......................................................374

Hadoop 375

Hadoop overview........................................................................................ 376OneFS Hadoop support............................................................................... 376Hadoop cluster integration..........................................................................377Managing HDFS...........................................................................................377

Configure the HDFS protocol.......................................................... 377Create a local user......................................................................... 378Enable or disable the HDFS service................................................ 379

Securing HDFS connections through Kerberos............................................. 379Configuring HDFS authentication with MIT Kerberos....................... 379Configuring HDFS authentication with Active Directory Kerberos.....381Modifying Hadoop configuration files for Kerberos authentication..383Sample commands for configuring MIT Kerberos authentication overHDFS..............................................................................................387Troubleshooting Kerberos authentication.......................................388

Antivirus 389

Chapter 20

Chapter 21

Chapter 22

CONTENTS



14/433

Antivirus overview.......................................................................................390On-access scanning.................................................................................... 390Antivirus policy scanning............................................................................ 391Individual file scanning...............................................................................391Antivirus scan reports................................................................................. 391ICAP servers................................................................................................ 392

SupportedICAP servers...............................................................................392Anitvirus threat responses...........................................................................392Configuring global antivirus settings........................................................... 393

Exclude files from antivirus scans.................................................. 393Configure on-access scanning settings...........................................394Configure antivirus threat response settings.................................. 395Configure antivirus report retention settings...................................395Enable or disable antivirus scanning..............................................395

Managing ICAP servers................................................................................395Add andconnect to an ICAP server................................................. 395Test an ICAP server connection.......................................................396Modify ICAP connection settings.................................................... 396

Temporarily disconnect from an ICAP server................................... 396Reconnectto an ICAP server...........................................................396Remove anICAP server...................................................................396

Create an antivirus policy............................................................................ 397Managing antiviruspolicies.........................................................................397

Modify an antivirus policy.............................................................. 397Delete an antivirus policy...............................................................398Enable or disable an antivirus policy.............................................. 398View antivirus policies................................................................... 398

Managing antivirusscans............................................................................398Scan a file......................................................................................398Manually run an antivirus policy.....................................................398Stop a running antivirus scan .........................................................399

Managing antivirusthreats..........................................................................399Manually quarantine a file..............................................................399Rescan a file.................................................................................. 399Remove a file from quarantine........................................................399Manually truncate a file..................................................................399View threats...................................................................................400Antivirus threat information........................................................... 400

Managing antivirus reports..........................................................................401Export an antivirus report...............................................................401View antivirus reports.................................................................... 401View antivirus events..................................................................... 401

iSCSI 403

iSCSI overview............................................................................................ 404iSCSI targets and LUNs................................................................................404

SmartConnect and iSCSI targets.....................................................405iSNS client service.......................................................................................405Access control for iSCSI targets................................................................... 405

CHAP authentication...................................................................... 405Initiator access control...................................................................406

iSCSI considerations and limitations...........................................................406SupportedSCSI mode pages.......................................................................406SupportediSCSI initiators...........................................................................407

Configuring the iSCSI and iSNS services...................................................... 407

Chapter 23

CONTENTS



15/433

Configure the iSCSI service.............................................................407Configure the iSNS client service....................................................408View iSCSI sessions and throughput.............................................. 408

Managing iSCSI targets............................................................................... 409Create an iSCSI target.................................................................... 409Modify iSCSI target settings........................................................... 410

Delete an iSCSI target.....................................................................411View iSCSI target settings...............................................................411

Configuring iSCSI initiator access control.................................................... 411Configure iSCSI initiator access control.......................................... 412Control initiator access to a target..................................................412Modify initiator name.....................................................................413Remove an initiator from the access list......................................... 413Create a CHAP secret......................................................................413Modify a CHAP secret.....................................................................414Delete a CHAP secret......................................................................414Enable or disable CHAP authentication.......................................... 414

Creating iSCSI LUNs.................................................................................... 415

Create an iSCSI LUN....................................................................... 415Clone an iSCSI LUN........................................................................ 417iSCSI LUN cloning operations.........................................................418

Managing iSCSI LUNs..................................................................................418Modify an iSCSI LUN.......................................................................419Delete an iSCSI LUN....................................................................... 419Migrate aniSCSI LUN to another target...........................................419Import an iSCSI LUN.......................................................................420View iSCSILUN settings................................................................. 420

VMware integration 423

VMware integration overview.......................................................................424VAAI............................................................................................................424

VAAI support for block storage....................................................... 424VAAI support for NAS......................................................................425

VASA...........................................................................................................425Isilon VASA alarms.........................................................................425VASA storage capabilities.............................................................. 425

Configuring VASA support........................................................................... 426Enable VASA.................................................................................. 426Download the Isilon vendor provider certificate..............................426Add the Isilon vendor provider....................................................... 426

Disable or re-enable VASA...........................................................................427

File System Explorer 429

File System Explorer overview......................................................................430Browse the file system................................................................................ 430Create a directory........................................................................................430Modify file and directory properties.............................................................431View file and directory properties................................................................ 431File and directory properties........................................................................431

Chapter 24

Chapter 25

CONTENTS



16/433

CONTENTS



17/433

CHAPTER 1

Introduction to this guide

This section contains the following topics:

u About this guide....................................................................................................18u Isilon scale-out NAS overview................................................................................18u Where to go for support.........................................................................................18

Introduction to this guide 17


18/433

About this guideThis guide describes how the Isilon OneFS web administration interface provides accessto cluster configuration, management, and monitoring functionality.

Isilon scale-out NAS overviewThe EMC Isilon scale-out NAS storage platform combines modular hardware with unifiedsoftware to harness unstructured data. Powered by the distributed OneFS operatingsystem, an EMC Isilon cluster delivers a scalable pool of storage with a globalnamespace.

The platform's unified software provides centralized web-based and command-lineadministration to manage the following features:

u A symmetrical cluster that runs a distributed file system

u

Scale-out nodes that add capacity and performanceu Storage options that manage files, block data, and tiering

u Flexible data protection and high availability

u Software modules that control costs and optimize resources

Where to go for supportYou can contact EMC Isilon Technical Support for any questions about EMC Isilonproducts.

Online Support Live Chat

Create a Service Request

Telephone Support United States: 800-782-4362 (1-800-SVC-4EMC)

Canada: 800-543-4782

Worldwide: +1-508-497-7901

For local phone numbers in your country, see EMC CustomerSupport Centers.

Help with onlinesupport

For questions specific to EMC Online Support registration oraccess, email [email protected].

Introduction to this guide

mailto:[email protected]://support.emc.com/servicecenter/createSR/mailto:[email protected]://www.emc.com/collateral/contact-us/h4165-csc-phonelist-ho.pdfhttp://www.emc.com/collateral/contact-us/h4165-csc-phonelist-ho.pdfhttps://support.emc.com/servicecenter/createSR/https://support.emc.com/servicecenter/liveChat/


19/433

CHAPTER 2

Isilon scale-out NAS

This section contains the following topics:

u OneFS storage architecture................................................................................... 20u Isilon node components........................................................................................20u Internal and external networks.............................................................................. 21u Isilon cluster......................................................................................................... 21u The OneFS operating system................................................................................. 23u Structure of the file system....................................................................................25

u Data protection overview.......................................................................................27u VMware integration...............................................................................................29u The iSCSI option....................................................................................................30u Software modules................................................................................................. 30

Isilon scale-out NAS 19


20/433

OneFS storage architectureEMC Isilon takes a scale-out approach to storage by creating a cluster of nodes that runsa distributed file system. OneFS combines the three layers of storage architecturefile

system, volume manager, and data protectioninto a scale-out NAS cluster.Each node adds resources to the cluster. Because each node contains globally coherentRAM, as a cluster becomes larger, it becomes faster. Meanwhile, the file system expandsdynamically and redistributes content, which eliminates the work of partitioning disksand creating volumes.

Nodes work as peers to spread data across the cluster. Segmenting and distributing dataa process known as stripingnot only protects data, but also enables a userconnecting to any node to take advantage of the entire cluster's performance.

OneFS uses distributed software to scale data across commodity hardware. Each nodehelps control data requests, boosts performance, and expands the cluster's capacity. Nomaster device controls the cluster; no slaves invoke dependencies. Instead, each node

helps control data requests, boosts performance, and expands the cluster's capacity.

Isilon node componentsAs a rack-mountable appliance, a node includes the following components in a 2U or 4Urack-mountable chassis with an LCD front panel: memory, CPUs, RAM, NVRAM, networkinterfaces, InfiniBand adapters, disk controllers, and storage media. An Isilon clustercomprises three or more nodes, up to 144.

When you add a node to a cluster, you increase the cluster's aggregate disk, cache, CPU,RAM, and network capacity. OneFS groups RAM into a single coherent cache so that adata request on a node benefits from data that is cached anywhere. NVRAM is grouped to

write data with high throughput and to protect write operations from power failures. Asthe cluster expands, spindles and CPU combine to increase throughput, capacity, andinput-output operations per second (IOPS).

EMC Isilon makes several types of nodes, all of which can be added to a cluster tobalance capacity and performance with throughput or IOPS:

Node Use Case- -S-Series IOPS-intensive applications

X-Series High-concurrency and throughput-driven workflows

NL-Series Near-primary accessibility, with near-tape value

The following EMC Isilon nodes improve performance:

Node Function- -Performance Accelerator Independent scaling for high performance

Backup Accelerator High-speed and scalable backup-and-restore solution




21/433

Internal and external networksA cluster includes two networks: an internal network to exchange data between nodesand an external network to handle client connections.

Nodes exchange data through the internal network with a proprietary, unicast protocolover InfiniBand. Each node includes redundant InfiniBand ports so you can add a secondinternal network in case the first one fails.

Clients reach the cluster with 1 GigE or 10 GigE Ethernet. Since every node includesEthernet ports, the cluster's bandwidth scales with performance and capacity as you addnodes.

Isilon clusterAn Isilon cluster consists of three or more hardware nodes, up to 144. Each node runs theIsilon OneFS operating system, the distributed file-system software that unites the nodes

into a cluster. A clusters storage capacity ranges from a minimum of 18 TB to a maximumof 15.5 PB.

Cluster administration

OneFS centralizes cluster management through a web administration interface and acommand-line interface. Both interfaces provide methods to activate licenses, check thestatus of nodes, configure the cluster, upgrade the system, generate alerts, view clientconnections, track performance, and change various settings.

In addition, OneFS simplifies administration by automating maintenance with a jobengine. You can schedule jobs that scan for viruses, inspect disks for errors, reclaim disk

space, and check the integrity of the file system. The engine manages the jobs tominimize impact on the cluster's performance.

With SNMP versions 1, 2c, and 3, you can remotely monitor hardware components, CPUusage, switches, and network interfaces. EMC Isilon supplies management informationbases (MIBs) and traps for the OneFS operating system.

OneFS also includes a RESTful application programming interfaceknown as the PlatformAPIto automate access, configuration, and monitoring. For example, you can retrieveperformance statistics, provision users, and tap the file system. The Platform APIintegrates with OneFS role-based access control to increase security. See the IsilonPlatform API Reference.

QuorumAn Isilon cluster must have a quorum to work properly. A quorum prevents data conflictsfor example, conflicting versions of the same filein case two groups of nodes becomeunsynchronized. If a cluster loses its quorum for read and write requests, you cannotaccess the OneFS file system.

For a quorum, more than half the nodes must be available over the internal network. Aseven-node cluster, for example, requires a four-node quorum. A 10-node cluster requiresa six-node quorum. If a node is unreachable over the internal network, OneFS separatesthe node from the cluster, an action referred to as splitting. After a cluster is split, clusteroperations continue as long as enough nodes remain connected to have a quorum.

In a split cluster, the nodes that remain in the cluster are referred to as the majority

group. Nodes that are split from the cluster are referred to as the minority group.


Internal and external networks 21


22/433

When split nodes can reconnect with the cluster and resynchronize with the other nodes,the nodes rejoin the cluster's majority group, an action referred to as merging.

A OneFS cluster contains two quorum properties:

u read quorum (efs.gmp.has_quorum)

u

write quorum (efs.gmp.has_super_block_quorum)By connecting to a node with SSH and running the sysctlcommand-line tool as root,

you can view the status of both types of quorum. Here is an example for a cluster that hasa quorum for both read and write operations, as the command's output indicates with a1, for true:

sysctl efs.gmp.has_quorum efs.gmp.has_quorum: 1sysctl efs.gmp.has_super_block_quorum efs.gmp.has_super_block_quorum: 1

The degraded states of nodessuch as smartfail, read-only, offline, and so onaffectquorum in different ways. A node in a smartfail or read-only state affects only writequorum. A node in an offline state, however, affects both read and write quorum. In a

cluster, the combination of nodes in different degraded states determines whether readrequests, write requests, or both work.

A cluster can lose write quorum but keep read quorum. Consider a four-node cluster inwhich nodes 1 and 2 are working normally. Node 3 is in a read-only state, and node 4 isin a smartfail state. In such a case, read requests to the cluster succeed. Write requests,however, receive an input-output error because the states of nodes 3 and 4 break thewrite quorum.

A cluster can also lose both its read and write quorum. If nodes 3 and 4 in a four-nodecluster are in an offline state, both write requests and read requests receive an input-output error, and you cannot access the file system. When OneFS can reconnect with thenodes, OneFS merges them back into the cluster. Unlike a RAID system, an Isilon nodecan rejoin the cluster without being rebuilt and reconfigured.

Splitting and merging

Splitting and merging optimize the use of nodes without your intervention.

OneFS monitors every node in a cluster. If a node is unreachable over the internalnetwork, OneFS separates the node from the cluster, an action referred to as splitting.When the cluster can reconnect to the node, OneFS adds the node back into the cluster,an action referred to as merging.

When a node is split from a cluster, it will continue to capture event information locally.You can connect to a split node with SSH and run the isi events listcommand to

view the local event log for the node. The local event log can help you troubleshoot the

connection issue that resulted in the split. When the split node rejoins the cluster, localevents gathered during the split are deleted. You can still view events generated by asplit node in the node's event log file located at /var/log/

isi_celog_events.log .

If a cluster splits during a write operation, OneFS might need to re-allocate blocks for thefile on the side with the quorum, which leads allocated blocks on the side without aquorum to become orphans. When the split nodes reconnect with the cluster, the OneFSCollect system job reclaims the orphaned blocks.

Meanwhile, as nodes split and merge with the cluster, the OneFS AutoBalance jobredistributes data evenly among the nodes in the cluster, optimizing protection andconserving space.




23/433

Storage pools

Storage pools segment nodes and files into logical divisions to simplify the managementand storage of data.

A storage pool comprises node pools and tiers. Node pools group equivalent nodes toprotect data and ensure reliability. Tiers combine node pools to optimize storage byneed, such as a frequently used high-speed tier or a rarely accessed archive.

The SmartPools module groups nodes and files into pools. If you do not activate aSmartPools license, the module provisions node pools and creates one file pool. If youactivate the SmartPools license, you receive more features. You can, for example, createmultiple file pools and govern them with policies. The policies move files, directories, andfile pools among node pools or tiers. You can also define how OneFS handles writeoperations when a node pool or tier is full. SmartPools reserves a virtual hot spare toreprotect data if a drive fails regardless of whether the SmartPools license is activated.

IP address pools

Within a subnet, you can partition a cluster's external network interfaces into pools of IPaddress ranges. The pools empower you to customize your storage network to servedifferent groups of users. Although you must initially configure the default external IPsubnet in IPv4 format, you can configure additional subnets in IPv4 or IPv6.

You can associate IP address pools with a node, a group of nodes, or NIC ports. Forexample, you can set up one subnet for storage nodes and another subnet for acceleratornodes. Similarly, you can allocate ranges of IP addresses on a subnet to different teams,such as engineering and sales. Such options help you create a storage topology thatmatches the demands of your network.

In addition, network provisioning rules streamline the setup of external connections.After you configure the rules with network settings, you can apply the settings to new

nodes.

As a standard feature, the OneFS SmartConnect module balances connections amongnodes by using a round-robin policy with static IP addresses and one IP address pool foreach subnet. Activating a SmartConnect Advanced license adds features, such asdefining IP address pools to support multiple DNS zones.

The OneFS operating systemA distributed operating system based on FreeBSD, OneFS presents an Isilon cluster's filesystem as a single share or export with a central point of administration.

The OneFS operating system does the following:

u Supports common data-access protocols, such as SMB and NFS.

u Connects to multiple identity management systems, such as Active Directory andLDAP.

u Authenticates users and groups.

u Controls access to directories and files.


Storage pools 23


24/433

Data-access protocols

With the OneFS operating system, you can access data with multiple file-sharing andtransfer protocols. As a result, Microsoft Windows, UNIX, Linux, and Mac OS X clients canshare the same directories and files.

OneFS supports the following protocols.

Protocol Description

- -SMB Server Message Block gives Windows users access to the cluster. OneFS works with

SMB 1, SMB 2, and SMB 2.1. With SMB 2.1, OneFS supports client opportunity locks

(oplocks) and large (1 MB) MTU sizes. The default file share is /ifs.

NFS The Network File System enables UNIX, Linux, and Mac OS X systems to remotely

mount any subdirectory, including subdirectories created by Windows users. OneFS

works with versions 2 through 4 of the Network File System protocol (NFSv2, NFSv3,

NFSv4). The default export is /ifs.

FTP File Transfer Protocol lets systems with an FTP client connect to the cluster to exchange

files.

iSCSI The Internet Small Computer System Interface protocol provides access to block

storage. iSCSI integration requires you to activate a separate license.

HDFS The Hadoop Distributed File System protocol makes it possible for a cluster to work

with Apache Hadoop, a framework for data-intensive distributed applications. HDFS

integration requires you to activate a separate license.

HTTP Hyper Text Transfer protocol gives systems browser-based access to resources. OneFS

includes limited support for WebDAV.

Identity management and access control

OneFS works with multiple identity management systems to authenticate users andcontrol access to files. In addition, OneFS features access zones that allow users fromdifferent directory services to access different resources based on their IP address. Role-based access control, meanwhile, segments administrative access by role.

OneFS authenticates users with the following identity management systems:

u Microsoft Active Directory (AD)

u Lightweight Directory Access Protocol (LDAP)

u Network Information Service (NIS)u Local users and local groups

u A file provider for accounts in /etc/spwd.dband /etc/groupfiles. With the file

provider, you can add an authoritative third-party source of user and groupinformation.

You can manage users with different identity management systems; OneFS maps theaccounts so that Windows and UNIX identities can coexist. A Windows user accountmanaged in Active Directory, for example, is mapped to a corresponding UNIX account inNIS or LDAP.

To control access, an Isilon cluster works with both the access control lists (ACLs) ofWindows systems and the POSIX mode bits of UNIX systems. When OneFS must




25/433

transform a file's permissions from ACLs to mode bits or from mode bits to ACLs, OneFSmerges the permissions to maintain consistent security settings.

OneFS presents protocol-specific views of permissions so that NFS exports display modebits and SMB shares show ACLs. You can, however, manage not only mode bits but alsoACLs with standard UNIX tools, such as the chmodand chowncommands. In addition,

ACL policies enable you to configure how OneFS manages permissions for networks thatmix Windows and UNIX systems.

Access zones

OneFS includes an access zones feature. Access zones allow users from differentauthentication providers, such as two untrusted Active Directory domains, to accessdifferent OneFS resources based on an incoming IP address. An access zone cancontain multiple authentication providers and SMB namespaces.

RBAC for administration

OneFS includes role-based access control (RBAC) for administration. In place of aroot or administrator account, RBAC lets you manage administrative access by role.A role limits privileges to an area of administration. For example, you can createseparate administrator roles for security, auditing, storage, and backup.

Structure of the file systemOneFS presents all the nodes in a cluster as a global namespacethat is, as the defaultfile share, /ifs.

In the file system, directories are inode number links. An inode contains file metadataand an inode number, which identifies a file's location. OneFS dynamically allocatesinodes, and there is no limit on the number of inodes.

To distribute data among nodes, OneFS sends messages with a globally routable block

address through the cluster's internal network. The block address identifies the node andthe drive storing the block of data.

Note

It is recommended that you do not save data to the root /ifsfile path but in directories

below /ifs. The design of your data storage structure should be planned carefully. A

well-designed directory optimizes cluster performance and cluster administration.

Data layout

OneFS evenly distributes data among a cluster's nodes with layout algorithms that

maximize storage efficiency and performance. The system continuously reallocates datato conserve space.

OneFS breaks data down into smaller sections called blocks, and then the system placesthe blocks in a stripe unit. By referencing either file data or erasure codes, a stripe unithelps safeguard a file from a hardware failure. The size of a stripe unit depends on thefile size, the number of nodes, and the protection setting. After OneFS divides the datainto stripe units, OneFS allocates, or stripes, the stripe units across nodes in the cluster.

When a client connects to a node, the client's read and write operations take place onmultiple nodes. For example, when a client connects to a node and requests a file, thenode retrieves the data from multiple nodes and rebuilds the file. You can optimize howOneFS lays out data to match your dominant access patternconcurrent, streaming, orrandom.


Structure of the file system 25


26/433

Writing files

On a node, the input-output operations of the OneFS software stack split into twofunctional layers: A top layer, or initiator, and a bottom layer, or participant. In read andwrite operations, the initiator and the participant play different roles.

When a client writes a file to a node, the initiator on the node manages the layout of thefile on the cluster. First, the initiator divides the file into blocks of 8 KB each. Second, theinitiator places the blocks in one or more stripe units. At 128 KB, a stripe unit consists of16 blocks. Third, the initiator spreads the stripe units across the cluster until they span awidth of the cluster, creating a stripe. The width of the stripe depends on the number ofnodes and the protection setting.

After dividing a file into stripe units, the initiator writes the data first to non-volatilerandom-access memory (NVRAM) and then to disk. NVRAM retains the information whenthe power is off.

During the write transaction, NVRAM guards against failed nodes with journaling. If anode fails mid-transaction, the transaction restarts without the failed node. When the

node returns, it replays the journal from NVRAM to finish the transaction. The node alsoruns the AutoBalance job to check the file's on-disk striping. Meanwhile, uncommittedwrites waiting in the cache are protected with mirroring. As a result, OneFS eliminatesmultiple points of failure.

Reading files

In a read oper

isilon onefs 7.1 _gui

Documents