The Fibre Channel Zone Manager allows FC SAN Zone/Access control management in conjunction with Fibre Channel block storage. The configuration of Fibre Channel Zone Manager and various zone drivers are described in this section.
If Block Storage is configured to use a Fibre Channel volume driver that
supports Zone Manager, update cinder.conf
to add the following
configuration options to enable Fibre Channel Zone Manager.
Make the following changes in the /etc/cinder/cinder.conf
file under a
[fc-zone-manager]
section.
Configuration option = Default value | Description |
---|---|
enable_unsupported_driver = False |
(Boolean) Set this to True when you want to allow an unsupported zone manager driver to start. Drivers that haven’t maintained a working CI system and testing are marked as unsupported until CI is working again. This also marks a driver as deprecated and may be removed in the next release. |
fc_fabric_names = None |
(String) Comma separated list of Fibre Channel fabric names. This list of names is used to retrieve other SAN credentials for connecting to each SAN fabric |
fc_san_lookup_service = cinder.zonemanager.drivers.brocade.brcd_fc_san_lookup_service.BrcdFCSanLookupService |
(String) FC SAN Lookup Service |
zone_driver = cinder.zonemanager.drivers.brocade.brcd_fc_zone_driver.BrcdFCZoneDriver |
(String) FC Zone Driver responsible for zone management |
zoning_policy = initiator-target |
(String) Zoning policy configured by user; valid values include “initiator-target” or “initiator” |
To use different Fibre Channel Zone Drivers, use the parameters described in this section.
Note
When multi backend configuration is used, provide the
zoning_mode
configuration option as part of the volume driver
configuration where volume_driver
option is specified.
Note
Default value of zoning_mode
is None
and this needs to be
changed to fabric
to allow fabric zoning.
Note
zoning_policy
can be configured as initiator-target
or
initiator
Brocade Fibre Channel Zone Driver performs zoning operations through HTTP, HTTPS, or SSH.
Set the following options in the cinder.conf
configuration file under the
[fc-zone-manager]
section.
Configuration option = Default value | Description |
---|---|
brcd_sb_connector = HTTP |
(String) South bound connector for zoning operation |
Configure SAN fabric parameters under a section matching the name used in
fc_fabric_names
as described in the example below:
Configuration option = Default value | Description |
---|---|
fc_fabric_address = <> |
(String) Management IP of fabric. |
fc_fabric_password = <> |
(String) Password for user. |
fc_fabric_port = 22 |
(Port(min=0, max=65535)) Connecting port |
fc_fabric_ssh_cert_path = <> |
(String) Local SSH certificate Path. |
fc_fabric_user = <> |
(String) Fabric user ID. |
fc_southbound_protocol = REST_HTTP |
(String(choices=[‘SSH’, ‘HTTP’, ‘HTTPS’, ‘REST_HTTP’, ‘REST_HTTPS’])) South bound connector for the fabric. |
fc_virtual_fabric_id = None |
(String) Virtual Fabric ID. |
zone_activate = True |
(Boolean) Overridden zoning activation state. |
zone_name_prefix = openstack |
(String) Overridden zone name prefix. |
zoning_policy = initiator-target |
(String) Overridden zoning policy. |
Note
Define a fabric group for each fabric using the fabric names used in
fc_fabric_names
configuration option as group name.
Note
To define a fabric group for a switch which has Virtual Fabrics
enabled, include the fc_virtual_fabric_id
configuration option
and fc_southbound_protocol
configuration option set to HTTP
,
HTTPS
, REST_HTTP
or REST_HTTPS
in the fabric group.
Zoning on VF enabled fabric using SSH
southbound protocol is
not supported.
Note
On switches running Fabric OS v8.2.1 or greater, the use of the
REST interface is recommended for southbound communication. Set
the fc_southbound_protocol
configuration option to REST_HTTP
or REST_HTTPS
in the fabric group.
Brocade Fibre Channel Zone Driver requires firmware version FOS v6.4 or higher.
As a best practice for zone management, use a user account with
zoneadmin
role. Users with admin
role (including the default
admin
user account) are limited to a maximum of two concurrent SSH
sessions.
For information about how to manage Brocade Fibre Channel switches, see the Brocade Fabric OS user documentation.
Cisco Fibre Channel Zone Driver automates the zoning operations through SSH. Configure Cisco Zone Driver, Cisco Southbound connector, FC SAN lookup service and Fabric name.
Set the following options in the cinder.conf
configuration file.
[fc-zone-manager]
zone_driver = cinder.zonemanager.drivers.cisco.cisco_fc_zone_driver.CiscoFCZoneDriver
fc_san_lookup_service = cinder.zonemanager.drivers.cisco.cisco_fc_san_lookup_service.CiscoFCSanLookupService
fc_fabric_names = CISCO_FABRIC_EXAMPLE
cisco_sb_connector = cinder.zonemanager.drivers.cisco.cisco_fc_zone_client_cli.CiscoFCZoneClientCLI
Configuration option = Default value | Description |
---|---|
cisco_sb_connector = cinder.zonemanager.drivers.cisco.cisco_fc_zone_client_cli.CiscoFCZoneClientCLI |
(String) Southbound connector for zoning operation |
Configure SAN fabric parameters under a section matching the name used in
fc_fabric_names
as described in the example below:
Configuration option = Default value | Description |
---|---|
cisco_fc_fabric_address = <> |
(String) Management IP of fabric |
cisco_fc_fabric_password = <> |
(String) Password for user |
cisco_fc_fabric_port = 22 |
(Port(min=0, max=65535)) Connecting port |
cisco_fc_fabric_user = <> |
(String) Fabric user ID |
cisco_zone_activate = True |
(Boolean) overridden zoning activation state |
cisco_zone_name_prefix = None |
(String) overridden zone name prefix |
cisco_zoning_policy = initiator-target |
(String) overridden zoning policy |
cisco_zoning_vsan = None |
(String) VSAN of the Fabric |
Note
Define a fabric group for each fabric using the fabric names used in
fc_fabric_names
configuration option as group name.
The Cisco Fibre Channel Zone Driver supports basic and enhanced
zoning modes.The zoning VSAN must exist with an active zone set name
which is same as the fc_fabric_names
option.
Cisco MDS 9000 Family Switches.
Cisco MDS NX-OS Release 6.2(9) or later.
For information about how to manage Cisco Fibre Channel switches, see the Cisco MDS 9000 user documentation.
Except where otherwise noted, this document is licensed under Creative Commons Attribution 3.0 License. See all OpenStack Legal Documents.