Fibre Channel Zone Manager

The Fibre Channel Zone Manager allows FC SAN Zone/Access control management in conjunction with Fibre Channel block storage. The configuration of Fibre Channel Zone Manager and various zone drivers are described in this section.

Configure Block Storage to use Fibre Channel Zone Manager

If Block Storage is configured to use a Fibre Channel volume driver that supports Zone Manager, update cinder.conf to add the following configuration options to enable Fibre Channel Zone Manager.

Make the following changes in the /etc/cinder/cinder.conf file under a [fc-zone-manager] section.

Description of zoning configuration options

Configuration option = Default value

Description

enable_unsupported_driver = False

(Boolean) Set this to True when you want to allow an unsupported zone manager driver to start. Drivers that haven’t maintained a working CI system and testing are marked as unsupported until CI is working again. This also marks a driver as deprecated and may be removed in the next release.

fc_fabric_names = None

(String) Comma separated list of Fibre Channel fabric names. This list of names is used to retrieve other SAN credentials for connecting to each SAN fabric

fc_san_lookup_service = cinder.zonemanager.drivers.brocade.brcd_fc_san_lookup_service.BrcdFCSanLookupService

(String) FC SAN Lookup Service

zone_driver = cinder.zonemanager.drivers.brocade.brcd_fc_zone_driver.BrcdFCZoneDriver

(String) FC Zone Driver responsible for zone management

zoning_policy = initiator-target

(String) Zoning policy configured by user; valid values include “initiator-target” or “initiator”

To use different Fibre Channel Zone Drivers, use the parameters described in this section.

Note

When multi backend configuration is used, provide the zoning_mode configuration option as part of the volume driver configuration where volume_driver option is specified.

Note

Default value of zoning_mode is None and this needs to be changed to fabric to allow fabric zoning.

Note

zoning_policy can be configured as initiator-target or initiator

Brocade Fibre Channel Zone Driver

Brocade Fibre Channel Zone Driver performs zoning operations through HTTP, HTTPS, or SSH.

Warning

The Brocade Fibre Channel Zone Driver is being supported by the Cinder community on a best-effort basis. While it is tested with the first Release Candidate of each release, be aware that it is not continually tested by a third-party CI system. The driver was deprecated and marked as ‘unsupported’ in the Ussuri release, and is subject to immediate removal if the maintenance burden exceeds the community’s capacity.

Set the following options in the cinder.conf configuration file under the [fc-zone-manager] section.

Description of Brocade zoning manager configuration options

Configuration option = Default value

Description

brcd_sb_connector = HTTP

(String) South bound connector for zoning operation

Configure SAN fabric parameters under a section matching the name used in fc_fabric_names as described in the example below:

Description of Brocade zoning fabrics configuration options

Configuration option = Default value

Description

fc_fabric_address = <>

(String) Management IP of fabric.

fc_fabric_password = <>

(String) Password for user.

fc_fabric_port = 22

(Port(min=0, max=65535)) Connecting port

fc_fabric_ssh_cert_path = <>

(String) Local SSH certificate Path.

fc_fabric_user = <>

(String) Fabric user ID.

fc_southbound_protocol = REST_HTTP

(String(choices=[‘SSH’, ‘HTTP’, ‘HTTPS’, ‘REST_HTTP’, ‘REST_HTTPS’])) South bound connector for the fabric.

fc_virtual_fabric_id = None

(String) Virtual Fabric ID.

zone_activate = True

(Boolean) Overridden zoning activation state.

zone_name_prefix = openstack

(String) Overridden zone name prefix.

zoning_policy = initiator-target

(String) Overridden zoning policy.

Note

Define a fabric group for each fabric using the fabric names used in fc_fabric_names configuration option as group name.

Note

To define a fabric group for a switch which has Virtual Fabrics enabled, include the fc_virtual_fabric_id configuration option and fc_southbound_protocol configuration option set to HTTP, HTTPS, REST_HTTP or REST_HTTPS in the fabric group. Zoning on VF enabled fabric using SSH southbound protocol is not supported.

Note

On switches running Fabric OS v8.2.1 or greater, the use of the REST interface is recommended for southbound communication. Set the fc_southbound_protocol configuration option to REST_HTTP or REST_HTTPS in the fabric group.

System requirements

Brocade Fibre Channel Zone Driver requires firmware version FOS v6.4 or higher.

As a best practice for zone management, use a user account with zoneadmin role. Users with admin role (including the default admin user account) are limited to a maximum of two concurrent SSH sessions.

For information about how to manage Brocade Fibre Channel switches, see the Brocade Fabric OS user documentation.

Cisco Fibre Channel Zone Driver

Cisco Fibre Channel Zone Driver automates the zoning operations through SSH. Configure Cisco Zone Driver, Cisco Southbound connector, FC SAN lookup service and Fabric name.

Set the following options in the cinder.conf configuration file.

[fc-zone-manager]
zone_driver = cinder.zonemanager.drivers.cisco.cisco_fc_zone_driver.CiscoFCZoneDriver
fc_san_lookup_service = cinder.zonemanager.drivers.cisco.cisco_fc_san_lookup_service.CiscoFCSanLookupService
fc_fabric_names = CISCO_FABRIC_EXAMPLE
cisco_sb_connector = cinder.zonemanager.drivers.cisco.cisco_fc_zone_client_cli.CiscoFCZoneClientCLI
Description of Cisco zoning manager configuration options

Configuration option = Default value

Description

cisco_sb_connector = cinder.zonemanager.drivers.cisco.cisco_fc_zone_client_cli.CiscoFCZoneClientCLI

(String) Southbound connector for zoning operation

Configure SAN fabric parameters under a section matching the name used in fc_fabric_names as described in the example below:

Description of Cisco zoning fabrics configuration options

Configuration option = Default value

Description

cisco_fc_fabric_address = <>

(String) Management IP of fabric

cisco_fc_fabric_password = <>

(String) Password for user

cisco_fc_fabric_port = 22

(Port(min=0, max=65535)) Connecting port

cisco_fc_fabric_user = <>

(String) Fabric user ID

cisco_zone_activate = True

(Boolean) overridden zoning activation state

cisco_zone_name_prefix = None

(String) overridden zone name prefix

cisco_zoning_policy = initiator-target

(String) overridden zoning policy

cisco_zoning_vsan = None

(String) VSAN of the Fabric

Note

Define a fabric group for each fabric using the fabric names used in fc_fabric_names configuration option as group name.

The Cisco Fibre Channel Zone Driver supports basic and enhanced zoning modes.The zoning VSAN must exist with an active zone set name which is same as the fc_fabric_names option.

System requirements

Cisco MDS 9000 Family Switches.

Cisco MDS NX-OS Release 6.2(9) or later.

For information about how to manage Cisco Fibre Channel switches, see the Cisco MDS 9000 user documentation.