+ Admin Guide Overview

From OSNEXUS Online Documentation Site
Revision as of 22:36, 6 July 2010 by Qadmin (Talk | contribs)

Jump to: navigation, search

The QuantaStor Administrators Guide is intended for all administrators and cloud users who plan to manage their storage using QuantaStor Manager as well as for those just looking to get a deeper understanding of how the QuantaStor Storage System Platform (SSP) works.

Definitions

The following series of definitions are here to lay the ground work and context for the rest of the document. Here we define all the various objects and elements that can be managed using QuantaStor.

Storage System

The storage system is the object that represents the entire iSCSI server both from a physical and logical standpoint. This includes all the physical disks, fans, enclosures, power supplies and other physical elements of the system as well as all the logical elements including the storage pools, volumes, users, and storage clouds.

Storage Pool

The storage pool is an aggregation of one or more physical disks into a larger entity. Each storage pool has a single RAID type associated with it, and all storage volumes that are created within that storage pool inherit RAID type. For example, if a given storage pool of type RAID1 (mirroring) is made up to two 1TB disks, then there is 1TB of usable storage available to create storage volumes (LUNs) with.

Storage Volume

The storage volume is the most important object in the system as it represents the virtual disk device that is presented to the host a LUN. Each storage volume has a unique name and a unique target number and a unique IQN associated with it. Storage volumes can be created "thin" which means they do not use up any disk space until the device has been written to. Or "thick" which means that all the space for the storage volume is pre-reserved up front.

Storage Volume Group

Often times hosts and virtual machines will be comprised of more than one storage volume. Sometimes one storage volume is dedicated as a boot disk and another as a swap disk. In other cases there are multiple disks utilized to separate out the elements of a database application (index, data, log) into separate storage volumes for improved performance. Whatever the reason, it can become difficult to manage you storage system without a way to group these storage volumes together so that they can be operated on as a single unit. That's what Storage Volume Groups provide. They're simple containers for collecting together an arbitrary set of storage volumes so that they can be cloned, snapshot, or even deleted as a group.

Snapshot Schedules

Snapshot schedules are a powerful tool for automatically generating recovery points (snapshots), on a schedule so that you don't have to think about it. The snapshot schedule consists of a list of storage volumes to be snapshot, and a list of days of the week and hours of the day at which the snapshots are to be taken. A 'max snapshots' parameter sets the point at which the oldest snapshot created by the schedule should be cleaned up (default: 10).

Host

A host represents a server, workstation, laptop, or virtual machine that has a software or hardware iSCSI initiator by which it can access storage volumes (iSCSI targets) exposed by the storage system. Hosts are identified by one or more initiator IQNs and IP addresses. We recommend that you identify your hosts by IQN as that has the most flexibility since IP addresses can frequently change, especially if a host is using DHCP to acquire it's IP address.

Host Group

A host group is an arbitrary collection of hosts that have been grouped together for some purpose. Sometimes they're grouped together by location, but more ofter Host Groups are used to group together hosts that have been formed into a cluster such as a Microsoft Fail-over Cluster / MSCS. In other cases as with VMWare or XenServer multiple hosts can be combined together to form "resource pools" in which the virtual machines can live migrate from one host to another. In all these cases, each host typically needs access to all the same storage volumes in order to facilitate fail-over. This can be a tedious process with many storage systems as most require that an assignment operation be executed for each host and each volume. If you have 10 hosts and 100 volumes, that amounts to 1000 storage assignment tasks and potentially days of work. With QuantaStor we've tried our best to make that a snap, and Host Groups are key to making that possible. Using the same scenario but with 1 host group and 100 volumes, the storage assignment to the group of 10 hosts can be done in a single operation through QuantaStor manager in less than a minute.

Storage Cloud

Storage Clouds are essentially virtual storage systems. One of the key unique offerings that QuantaStor brings to storage management, storage clouds make it so that you can give groups of users private storage clouds so that the storage system effectively support multi-tenancy.

Storage Quota

Storage quotas go hand-in-hand with storage clouds. Quotas define a set amount of storage that can be provisioned from a Storage Pool from a specific Storage Cloud. More specifically, storage quotas allow you to define the amount of storage that can be thin-provisioned as well as the amount that can be utilized/reserved. The also allow the administrator to set the maximum number of volumes that can be created by a given cloud.

Roles

There are four (4) predefined roles that come with the initial storage system configuration which include:

  • Administrator
    • Administrators have full access to manage all aspects of the storage system. They can create new roles, users, storage pools, reconfigure target ports, everything.
  • Cloud Administrator
    • Cloud administrators are limited to managing just the resources contained within the storage cloud to which they are a member. This includes the storage volumes, snapshot schedules, and hosts within their cloud. Cloud administrators can only view the resources that are within the cloud to which they are a member, all other resources in the system are private and invisible to the cloud admin.
  • Cloud User
    • Cloud users can only view the resources within their cloud, just like the Cloud Administrator, but they have limited ability to manage storage volumes. More specifically, they can only snapshot, clone, and delete storage volumes they've access rights to. (By default when a user creates a storage volume or other resource they have access rights to modify that resource but the Administrator can add/remove rights afterward).
  • System Monitor
    • System monitors can only view the objects within the system. This role is useful for creating monitoring agents or for providing people in administrative roles a way of viewing the storage system without being able to change its configuration.

Besides the include roles outlined above, you can create as many custom roles as you like. Each role consists of a list of object action permissions coupled with a scope at which that action can be exercised. For example, there's a permission for "Storage Volume : view" which allows users to view storage volumes. If you add this permission to a role and assign it at a scope of 'system' then the user associated with that role can view all storage volumes in the system. If on the other hand the scope is set to 'user' then the user will only be able to view storage volumes that he/she created. This RBAC system with scoping is unique to QuantaStor & QuantaGrid and is a core technology behind our Storage Clouds.

Permissions

Permissions are simply a combination of an object and an action. For example here are some of the permissions associated with the Storage Volume object:

  • storage volume : view
  • storage volume : create
  • storage volume : delete
  • storage volume : snapshot
  • storage volume : clone
  • storage volume : restore
  • storage volume : assign
  • storage volume : unassign

When permissions are assigned to a role there is another element that's added, and that's the permission scope. The permission scope defines at what level the user is allowed to exercise the granted permission. Permission scopes include 'none', 'user', 'cloud', 'system', and 'grid'.

Users

Each user is given a unique user name and password so that they may login and share in managing the storage system, and each users is associated with a specific role. Some roles like the Cloud User and Cloud Administrator are only truly effective when the user is associated with a storage cloud. Once associated with a cloud, cloud users and admins can access, view, or modify resources within that cloud within the permission limits of their role. All other resources in the system are invisible.

  Note: Today QuantaStor does not support external authentication mechanisms 
  like Active Directory but that is planned for a future release.

User Groups

Often times a given group of users will be associated with more than one storage cloud. The user group object represents an arbitrary collection of users and provides a simple way to keep track of groups of users thereby making it easier add large groups of users to/from storage clouds.

Target Port

Sessions

CHAP Authentication

Alerts

Events

Tasks

Target Port Configuration

NIC Bonding / Trunking

Alert Settings

Managing Hosts

Managing Snapshot Schedules

Near Continuous Data Replication (N-CDP)

Managing Sessions

Dropping Sessions

Managing Storage Volumes

Creating & Deleting Storage Volumes

Creating Snapshots

Creating Clones

Restoring from Snapshots

Converting a Snapshot into a Primary