Welcome to the network technology community forum and interact with 2 million technical staff> back up SAN settings to the hard disk instead of in SAN. SAN generally does not have errors, but once an error occurs, the problem becomes serious. If you back up the SAN document to the server connected to the network driver and the driver is in the SAN, the storage team will lose the recovery.
Welcome to the network technology community forum and interact with 2 million technical staff> enter
Back up the SAN settings to the hard disk instead of the SAN.
SAN generally does not have errors, but once an error occurs, the problem becomes serious. If the SAN document is backed up to a server connected to the network driver and the driver is in the SAN, the storage team will lose the information required to recover the system.
Iacono said: "I can tell you that fortune's top 50 companies are doing the same thing, which is amazing ."
Many companies have not even updated SAN documents. They usually start to work from the Excel thread, with a good starting point, but almost never updated, because they are facing more urgent tasks.
"If they are asked to check for faults, they do not even know what information is connected to which ports ." Iacono said, "Everyone applies to such documents, but 50% to 70% of documents are not updated in time ."
Management: Personnel
Employ professional storage teams and complete change management procedures.
SAN problems are usually caused by human errors. Strict change management policies can reduce the error rate. Similarly, a professional storage team can actively manage the system to reduce error rates.
The server administrator needs to communicate and coordinate with the storage team because the storage is designed by the storage team. A storage expert writes down the process steps and settings, including the tasks of storage arrays and switches. Ideally, another storage expert will review the change design to ensure quality.
Gartner's Passmore said: "In fact, companies that follow these rules have been successful in the SAN field for many years ."
Set an independent user account and password for each administrator and third-party consultant accessing SAN.
Iacono said that in many cases, the Administrator did not tell his colleagues after adjusting the parameters of the new switch. He found that the same vswitch had different configurations and asked what happened. He often heard the answer "Joe did this, but Steve did it ".
Iacono believes: "Once the function is defined, these problems will no longer exist. We hope to audit all the processes ."
The IT team can not only clarify the source of the problem, but also does not have to reset the General password when SAN administrators leave the company.
Security
Create a region when the LUN mask and binding are complete.
When creating storage for a new server, you can use tools to create storage volumes and allocate addresses or SCSI Luns. If some entities do not have Luns, The LUN mask hides the LUN. The LUN binding only associates the LUN with the global ID of the HBA in the server.
When the LUN mask and binding are completed, storage experts should go deep into the vswitch, create a region, and only allow dedicated adapters to communicate with specific storage ports.
"In fact, the vswitch can enhance the LUN mask and binding through partitioning ." "Further, we can design a port switch that communicates with the server to check the global ID and enhance the LUN mask and binding in the storage array," Passmore said ."
Use the Secure Shell (SSH) Protocol to access SAN.
If the Administrator uses the Telnet protocol to log on to the SAN Switch, the password is not protected and may be blocked. SSH can provide secure channels.
"With SSH, everything is protected ." Iacono said, "If you manage Windows or Unix environments, this is a basic standard, but for some reason, no one uses SSH for the SAN environment ."
Virtual Server
Make sure that the inbound and outbound vswitches and the network bandwidth of the specified target are sufficient for the environment.
If the server is not fully utilized, but the workload of multiple applications running on the virtual machine is increased, the demand for network bandwidth will gradually expand. Users must keep this in mind when designing a SAN.
"Last year, typical x86 servers often needed to handle over one thousand MB of throughput per second ." Staimer pointed out that "the current x86 servers are generally quad-core. If the application permits, it can easily reach 10 GB. If you run 20 programs at the same time, it will reach 10 GB. The reason why the previous server did not reach 10 GB is that a program cannot be completed ."
Ensure that physical servers with virtual machines are located in the same region.
Administrators can use virtual server technology to transfer applications from one physical server to another without stopping services. However, these physical servers must be located in the same fiber channel region, to access the storage.
"The application cannot find the storage. Why? The program crashed !"
Use vswitches and hbas that support N_Port ID Virtualization (NPIV.
If a physical server runs five virtual machines, NPIV allows each virtual machine to obtain a unique HBA identifier, and a switch with the NPIV function can identify these unique IDs. This means that each virtual machine can access its own LUN.
If the device does not have the NPIV function, the physical server can only obtain one port ID.
Both the New vswitch and HBA support NPIV, but personnel using legacy hardware may need to check how the supplier updates the firmware. NPIV processes blade servers in a similar way as it processes virtual servers.
[1] [2]
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
