The Fibre Channel Zone Manager allows FC SAN Zone/Access control management in conjunction with Fibre Channel block storage. The configuration of Fibre Channel Zone Manager and various zone drivers are described in this section.
If Block Storage is configured to use a Fibre Channel volume driver that supports Zone Manager, update cinder.conf to add the following configuration options to enable Fibre Channel Zone Manager.
Make the following changes in the /etc/cinder/cinder.conf file.
Configuration option = Default value | Description |
---|---|
[DEFAULT] | |
zoning_mode = None | (String) FC Zoning mode configured |
[fc-zone-manager] | |
fc_fabric_names = None | (String) Comma separated list of Fibre Channel fabric names. This list of names is used to retrieve other SAN credentials for connecting to each SAN fabric |
fc_san_lookup_service = cinder.zonemanager.drivers.brocade.brcd_fc_san_lookup_service.BrcdFCSanLookupService | (String) FC SAN Lookup Service |
zone_driver = cinder.zonemanager.drivers.brocade.brcd_fc_zone_driver.BrcdFCZoneDriver | (String) FC Zone Driver responsible for zone management |
zoning_policy = initiator-target | (String) Zoning policy configured by user; valid values include “initiator-target” or “initiator” |
To use different Fibre Channel Zone Drivers, use the parameters described in this section.
Note
When multi backend configuration is used, provide the zoning_mode configuration option as part of the volume driver configuration where volume_driver option is specified.
Note
Default value of zoning_mode is None and this needs to be changed to fabric to allow fabric zoning.
Note
zoning_policy can be configured as initiator-target or initiator
Brocade Fibre Channel Zone Driver performs zoning operations through HTTP, HTTPS, or SSH.
Set the following options in the cinder.conf configuration file.
Configuration option = Default value | Description |
---|---|
[DEFAULT] | |
zoning_mode = None | (String) FC Zoning mode configured |
[fc-zone-manager] | |
brcd_sb_connector = HTTP | (String) South bound connector for zoning operation |
Configure SAN fabric parameters in the form of fabric groups as described in the example below:
Configuration option = Default value | Description |
---|---|
[BRCD_FABRIC_EXAMPLE] | |
fc_fabric_address = | (String) Management IP of fabric. |
fc_fabric_password = | (String) Password for user. |
fc_fabric_port = 22 | (Port number) Connecting port |
fc_fabric_ssh_cert_path = | (String) Local SSH certificate Path. |
fc_fabric_user = | (String) Fabric user ID. |
fc_southbound_protocol = HTTP | (String) South bound connector for the fabric. |
fc_virtual_fabric_id = None | (String) Virtual Fabric ID. |
principal_switch_wwn = None | (String) DEPRECATED: Principal switch WWN of the fabric. This option is not used anymore. |
zone_activate = True | (Boolean) Overridden zoning activation state. |
zone_name_prefix = openstack | (String) Overridden zone name prefix. |
zoning_policy = initiator-target | (String) Overridden zoning policy. |
Note
Define a fabric group for each fabric using the fabric names used in fc_fabric_names configuration option as group name.
Note
To define a fabric group for a switch which has Virtual Fabrics enabled, include the fc_virtual_fabric_id configuration option and fc_southbound_protocol configuration option set to HTTP or HTTPS in the fabric group. Zoning on VF enabled fabric using SSH southbound protocol is not supported.
Brocade Fibre Channel Zone Driver requires firmware version FOS v6.4 or higher.
As a best practice for zone management, use a user account with zoneadmin role. Users with admin role (including the default admin user account) are limited to a maximum of two concurrent SSH sessions.
For information about how to manage Brocade Fibre Channel switches, see the Brocade Fabric OS user documentation.
Cisco Fibre Channel Zone Driver automates the zoning operations through SSH. Configure Cisco Zone Driver, Cisco Southbound connector, FC SAN lookup service and Fabric name.
Set the following options in the cinder.conf configuration file.
[fc-zone-manager]
zone_driver = cinder.zonemanager.drivers.cisco.cisco_fc_zone_driver.CiscoFCZoneDriver
fc_san_lookup_service = cinder.zonemanager.drivers.cisco.cisco_fc_san_lookup_service.CiscoFCSanLookupService
fc_fabric_names = CISCO_FABRIC_EXAMPLE
cisco_sb_connector = cinder.zonemanager.drivers.cisco.cisco_fc_zone_client_cli.CiscoFCZoneClientCLI
Configuration option = Default value | Description |
---|---|
[fc-zone-manager] | |
cisco_sb_connector = cinder.zonemanager.drivers.cisco.cisco_fc_zone_client_cli.CiscoFCZoneClientCLI | (StrOpt) Southbound connector for zoning operation |
Configure SAN fabric parameters in the form of fabric groups as described in the example below:
Configuration option = Default value | Description |
---|---|
[CISCO_FABRIC_EXAMPLE] | |
cisco_fc_fabric_address = | (StrOpt) Management IP of fabric |
cisco_fc_fabric_password = | (StrOpt) Password for user |
cisco_fc_fabric_port = 22 | (PortOpt) Connecting port |
cisco_fc_fabric_user = | (StrOpt) Fabric user ID |
cisco_zone_activate = True | (BoolOpt) overridden zoning activation state |
cisco_zone_name_prefix = None | (StrOpt) overridden zone name prefix |
cisco_zoning_policy = initiator-target | (StrOpt) overridden zoning policy |
cisco_zoning_vsan = None | (StrOpt) VSAN of the Fabric |
Note
Define a fabric group for each fabric using the fabric names used in fc_fabric_names configuration option as group name.
The Cisco Fibre Channel Zone Driver supports basic and enhanced zoning modes.The zoning VSAN must exist with an active zone set name which is same as the fc_fabric_names option.
Cisco MDS 9000 Family Switches.
Cisco MDS NX-OS Release 6.2(9) or later.
For information about how to manage Cisco Fibre Channel switches, see the Cisco MDS 9000 user documentation.
Except where otherwise noted, this document is licensed under Creative Commons Attribution 3.0 License. See all OpenStack Legal Documents.