Attaching external FC storage

The OpenStack Cinder Fibre Channel (FC) driver allows you to mount multiple FC LUNs to your compute cluster and use them as external FC storages. As the driver is based on the FC storage protocol, compute nodes must be configured to support multipathing.

Note that each third-party storage might have its own recommended settings for multipath configuration. The instructions below describe how to configure multipathing for Pure Storage1 and NetApp® devices, as well as any storage system compatible with OpenStack.

Once you connect external storage to the compute cluster, you can start using it by creating storage policies and applying them on VM volumes.

Limitations

  • If a compute node already has a custom multipath configuration, you can only overwrite it using the vinfra service compute multipath config set --force command.

To attach an external Pure Storage device

Admin panel

  1. On the Compute > Storage > External storages tab, click Multipath configuration.
  2. Turn on the toggle switch Multipath configuration to enable multipathing with the predefined options for a Pure Storage device.
  3. When multipath configuration is enabled, click Add external storage.
  4. On the Protocol step, select the Fibre Channel protocol.
  5. On the Name and external storage step, specify a name for your external storage and select Pure Storage®.
  6. On the Configuration step, do the following:

    1. Specify the management IP address or DNS name.
    2. Select Image-volume cache to improve performance of image-to-volume transfers.
    3. Select Multipath to increase reliability and performance by using multiple paths to the storage.
    4. Copy the API token from your Purity user account and paste it in the API token field. This token will be used to authorize actions performed by the volume driver.
    5. Select the transport type between HTTP and HTTPS.
    6. If you selected HTTPS, upload an SSL certificate that will be used to verify the external storage.
    7. Click Advanced and add other volume driver parameters as key/value pairs.

    Ensure that the specified data is valid. Incorrectly configuring the storage will result in a critical state of the corresponding cinder-volume service for that storage. Other services, including cinder-volume services for different storage systems, will remain unaffected.

  7. On the Summary step, review the configuration, and then click Add.

Command-line interface

  1. Enable multipathing by running:

    # vinfra service compute multipath config set predefined

    The command updates the /etc/multipath.conf file on each compute node with the predefined configuration for Pure Storage and NetApp devices.

    You can check the multipath configuration in the vinfra service compute multipath config show output:

    # vinfra service compute multipath config show --max-value-length 2000
    +----------+--------------------------------------------------------+
    | Field    | Value                                                  |
    +----------+--------------------------------------------------------+
    | contents | defaults {                                             |
    |          |         find_multipaths yes                            |
    |          |         polling_interval 10                            |
    |          |         user_friendly_names no                         |
    |          | }                                                      |
    |          | devices {                                              |
    |          |     device {                                           |
    |          |         vendor                   "PURE"                |
    |          |         product                  "FlashArray"          |
    |          |         path_selector            "service-time 0"      |
    |          |         hardware_handler         "1 alua"              |
    |          |         path_grouping_policy     group_by_prio         |
    |          |         prio                     alua                  |
    |          |         failback                 immediate             |
    |          |         path_checker             tur                   |
    |          |         fast_io_fail_tmo         10                    |
    |          |         no_path_retry            0                     |
    |          |         features                 0                     |
    |          |         dev_loss_tmo             600                   |
    |          |     }                                                  |
    |          |     device {                                           |
    |          |         vendor                  "NETAPP"               |
    |          |         product                 "LUN.*"                |
    |          |         detect_prio             yes                    |
    |          |         dev_loss_tmo            "infinity"             |
    |          |         failback                immediate              |
    |          |         fast_io_fail_tmo        5                      |
    |          |         features                "2 pg_init_retries 50" |
    |          |         flush_on_last_del       "yes"                  |
    |          |         hardware_handler        "0"                    |
    |          |         no_path_retry           queue                  |
    |          |         path_checker            "tur"                  |
    |          |         path_grouping_policy    "group_by_prio"        |
    |          |         path_selector           "service-time 0"       |
    |          |         prio                    "ontap"                |
    |          |         retain_attached_hw_handler      yes            |
    |          |         rr_weight               "uniform"              |
    |          |     }                                                  |
    |          | }                                                      |
    |          | blacklist {                                            |
    |          |   device {                                             |
    |          |     vendor "QEMU"                                      |
    |          |     product ".*"                                       |
    |          |   }                                                    |
    |          | }                                                      |
    |          |                                                        |
    | type     | predefined                                             |
    +----------+--------------------------------------------------------+
  2. Attach the device to the compute cluster by using the following command:

    vinfra service compute storage add <storage_name> --params volume_backend_name=<backend_name>,
                                   volume_driver=<openstack_volume_driver_name>,san_ip=<ip_address>,
                                   image_volume_cache_enabled=True,use_multipath_for_image_xfer=True
                                   --secret-params pure_api_token=<token> [--param <param=value>]
                                   [--secret-param <key=value>] [--ssl-ca-cert-bundle <file>] --enable
    <storage_name>
    Custom name of external storage. The name may only contain letters, numbers, and underscores, and must be 3 to 64 characters long.
    volume_backend_name=<backend_name>
    Must be the same as <storage_name>.
    volume_driver=<openstack_volume_driver_name>
    Name of the OpenStack volume driver. For example, cinder.volume.drivers.pure.PureFCDriver.
    san_ip=<ip_address>
    IP address of the external storage to connect to.
    image_volume_cache_enabled=True
    Enables image-volume caching for the external storage, to improve the performance of creating a volume from an image.
    use_multipath_for_image_xfer=True
    Used for multipath setups. Do not specify this parameter if multipathing is disabled.
    --secret-params <key>=<value>[,<key2>=<value2>,...
    Intended to be used for sensitive data, like passwords or tokens. For example, pure_api_token=<token> is the API token for a Pure Storage solution.
    --param <param=value>
    Single parameter in the format key=value. The parameter value can contain the comma symbol. For example, replication_device=backend_id:<storage_name>,san_ip:<ip_address>,api_token:<token>,type:<replication_type>. This option can be used multiple times.
    --secret-param <param=value>
    Single secret parameter in the format key=value. The parameter value can contain the comma symbol. This option can be used multiple times.
    --ssl-ca-cert-bundle <file>
    Specifies the path to an SSL certificate that is used to verify the external storage. Use this option if driver_ssl_cert_verify=True and/or driver_use_ssl=True.

    For example, to add the external storage pure_storage with the IP address 10.10.10.11, run:

    # vinfra service compute storage add pure_storage --params volume_backend_name=pure_storage,\
    volume_driver=cinder.volume.drivers.pure.PureFCDriver,san_ip=10.10.10.11,use_multipath_for_image_xfer=True,\
    image_volume_cache_enabled=True --secret-params pure_api_token=7acb5db8-d312-4f66-b076-f556d6fa1232 --enable

    Ensure that the specified data is valid. Incorrectly configuring the storage will result in a critical state of the corresponding cinder-volume service for that storage. Other services, including cinder-volume services for different storage systems, will remain unaffected.

  3. Check that the external storage is successfully attached by running:

    # vinfra service compute storage list
    +--------------+--------------------------------------------------------+-----------------------+---------+------------+
    | name         | params                                                 | secret_params         | enabled | configured |
    +--------------+--------------------------------------------------------+-----------------------+---------+------------+
    | pure_storage | san_ip: 10.10.10.11                                    | pure_ip_token: ****** | True    | True       |
    |              | use_multipath_for_image_xfer: True                     |                       |         |            |
    |              | image_volume_cache_enabled: True                       |                       |         |            |
    |              | volume_backend_name: pure_storage                      |                       |         |            |
    |              | volume_driver: cinder.volume.drivers.pure.PureFCDriver |                       |         |            |
    +--------------+--------------------------------------------------------+-----------------------+---------+------------+

To attach an external NetApp storage device

Admin panel

  1. On the Compute > Storage > External storages tab, click Multipath configuration.
  2. Turn on the toggle switch Multipath configuration to enable multipathing with the predefined options for a NetApp device.
  3. When multipath configuration is enabled, click Add external storage.
  4. On the Protocol step, select the Fibre Channel protocol.
  5. On the Name and external storage step, specify a name for your external storage and select NetApp®.
  6. On the Configuration step, do the following:

    1. Specify the management IP address or DNS name.
    2. Select Image-volume cache to improve performance of image-to-volume transfers.
    3. Select Multipath to increase reliability and performance by using multiple paths to the storage.
    4. Specify the storage VM name on the storage cluster where provisioning of block storage volumes should occur.
    5. Specify the credentials of the administrator account used to access the storage system.
    6. Select the transport type between HTTP and HTTPS.
    7. If you selected HTTPS, upload an SSL certificate that will be used to verify the external storage.
    8. Click Advanced and add other volume driver parameters as key/value pairs.

    Ensure that the specified data is valid. Incorrectly configuring the storage will result in a critical state of the corresponding cinder-volume service for that storage. Other services, including cinder-volume services for different storage systems, will remain unaffected.

  7. On the Summary step, review the configuration, and then click Add.

Command-line interface

  1. Enable multipathing by running:

    # vinfra service compute multipath config set predefined

    The command updates the /etc/multipath.conf file on each compute node with the predefined configuration for Pure Storage and NetApp devices.

    You can check the multipath configuration in the vinfra service compute multipath config show output:

    # vinfra service compute multipath config show --max-value-length 2000
    +----------+--------------------------------------------------------+
    | Field    | Value                                                  |
    +----------+--------------------------------------------------------+
    | contents | defaults {                                             |
    |          |         find_multipaths yes                            |
    |          |         polling_interval 10                            |
    |          |         user_friendly_names no                         |
    |          | }                                                      |
    |          | devices {                                              |
    |          |     device {                                           |
    |          |         vendor                   "PURE"                |
    |          |         product                  "FlashArray"          |
    |          |         path_selector            "service-time 0"      |
    |          |         hardware_handler         "1 alua"              |
    |          |         path_grouping_policy     group_by_prio         |
    |          |         prio                     alua                  |
    |          |         failback                 immediate             |
    |          |         path_checker             tur                   |
    |          |         fast_io_fail_tmo         10                    |
    |          |         no_path_retry            0                     |
    |          |         features                 0                     |
    |          |         dev_loss_tmo             600                   |
    |          |     }                                                  |
    |          |     device {                                           |
    |          |         vendor                  "NETAPP"               |
    |          |         product                 "LUN.*"                |
    |          |         detect_prio             yes                    |
    |          |         dev_loss_tmo            "infinity"             |
    |          |         failback                immediate              |
    |          |         fast_io_fail_tmo        5                      |
    |          |         features                "2 pg_init_retries 50" |
    |          |         flush_on_last_del       "yes"                  |
    |          |         hardware_handler        "0"                    |
    |          |         no_path_retry           queue                  |
    |          |         path_checker            "tur"                  |
    |          |         path_grouping_policy    "group_by_prio"        |
    |          |         path_selector           "service-time 0"       |
    |          |         prio                    "ontap"                |
    |          |         retain_attached_hw_handler      yes            |
    |          |         rr_weight               "uniform"              |
    |          |     }                                                  |
    |          | }                                                      |
    |          | blacklist {                                            |
    |          |   device {                                             |
    |          |     vendor "QEMU"                                      |
    |          |     product ".*"                                       |
    |          |   }                                                    |
    |          | }                                                      |
    |          |                                                        |
    | type     | predefined                                             |
    +----------+--------------------------------------------------------+
  2. Attach the device to the compute cluster by using the following command:

    vinfra service compute storage add <storage_name> --params volume_backend_name=<backend_name>,
                                   volume_driver=<openstack_volume_driver_name>,netapp_server_hostname=<hostname>,
                                   netapp_storage_protocol=fc,netapp_transport_type={http|https},netapp_vserver=<vm_name>
                                   --secret-params netapp_login=<username>,netapp_password=<password>
                                   [--param <param=value>] [--secret-param <key=value>] [--ssl-ca-cert-bundle <file>] --enable
    <storage_name>
    Custom name of external storage. The name may only contain letters, numbers, and underscores, and must be 3 to 64 characters long.
    volume_backend_name=<backend_name>
    Must be the same as <storage_name>.
    volume_driver=<openstack_volume_driver_name>
    Name of the OpenStack volume driver. For example, cinder.volume.drivers.netapp.common.NetAppDriver.
    netapp_server_hostname=<hostname>
    Hostname or IP address of the storage system.
    netapp_storage_protocol=fc
    Specifies the Fibre Channel storage protocol to be used.
    netapp_transport_type={http|https}
    Defines the transport protocol for communicating with the storage system. Valid options are http and https.
    netapp_vserver=<vm_name>
    Storage VM name on the storage cluster where provisioning of block storage volumes should occur.
    --secret-params <key>=<value>[,<key2>=<value2>,...
    Intended to be used for sensitive data, like passwords or tokens. For example, netapp_login=<username> and netapp_password=<password> are the credentials of the administrator account used to access the storage system.
    --param <param=value>
    Single parameter in the format key=value. The parameter value can contain the comma symbol. This option can be used multiple times.
    --secret-param <param=value>
    Single secret parameter in the format key=value. The parameter value can contain the comma symbol. This option can be used multiple times.
    --ssl-ca-cert-bundle <file>
    Specifies the path to an SSL certificate that is used to verify the external storage. Use this option if netapp_transport_type=https.

    For example, to add the external storage netapp_storage with the IP address 10.10.10.12 and the VM name storage_vm, run:

    # vinfra service compute storage add netapp_storage --params volume_backend_name=netapp_storage,\
    volume_driver=cinder.volume.drivers.netapp.common.NetAppDriver,netapp_server_hostname=10.10.10.12,\
    netapp_storage_protocol=fc,netapp_transport_type=https,netapp_vserver=storage_vm \
    --secret-params netapp_login=admin,netapp_password=password --enable

    Ensure that the specified data is valid. Incorrectly configuring the storage will result in a critical state of the corresponding cinder-volume service for that storage. Other services, including cinder-volume services for different storage systems, will remain unaffected.

  3. Check that the external storage is successfully attached by running:

    # vinfra service compute storage list
    +----------------+-----------------------------------------------------------------+---------------------------+---------+------------+
    | name           | params                                                          | secret_params             | enabled | configured |
    +----------------+-----------------------------------------------------------------+---------------------------+---------+------------+
    | netapp_storage | netapp_server_hostname: 10.10.10.12                             | netapp_login: '******'    | True    | True       |
    |                | netapp_storage_protocol: fc                                     | netapp_password: '******' |         |            |
    |                | netapp_transport_type=https                                     |                           |         |            |
    |                | netapp_vserver: storage_vm                                      |                           |         |            |
    |                | volume_backend_name: netapp_storage                             |                           |         |            |
    |                | volume_driver: cinder.volume.drivers.netapp.common.NetAppDriver |                           |         |            |
    +----------------+-----------------------------------------------------------------+---------------------------+---------+------------+

To attach an external OpenStack-compatible storage device

Admin panel

  1. On the Compute > Storage > External storages tab, click Multipath configuration.
  2. In the window that opens, click Advanced and turn on the toggle switch Custom multipath configuration.
  3. In the Add custom multipath configuration window, specify your custom multipath configuration or load it from a file, and then click Add.

    If you have already enabled multipathing for the Pure Storage and NetApp storage systems, your custom multipath configuration will overwrite the current configuration.

  4. On the Protocol step, select the Fibre Channel protocol.
  5. On the Name and external storage step, specify a name for your external storage and select OpenStack-compatible storage.
  6. On the Configuration step, do the following:

    1. Specify the management IP address or DNS name.
    2. Select Image-volume cache to improve performance of image-to-volume transfers.
    3. Select Multipath to increase reliability and performance by using multiple paths to the storage.
    4. Select the transport type between HTTP and HTTPS.
    5. If you selected HTTPS, upload an SSL certificate that will be used to verify the external storage.
    6. Select the driver for your storage from the Volume driver drop-down menu.
    7. Add the required volume driver parameters and secret volume driver parameters as key/value pairs.

      If you selected Multipath, it is recommended to specify the force_active_active=True parameter to use the Active/Active configuration.

    Ensure that the specified data is valid. Incorrectly configuring the storage will result in a critical state of the corresponding cinder-volume service for that storage. Other services, including cinder-volume services for different storage systems, will remain unaffected.

  7. On the Summary step, review the configuration, and then click Add.

Command-line interface

  1. Create a multipath configuration file for your FC storage. For example:

    # touch multipath.conf

    To configure the required parameters, refer to your storage documentation.

  2. Enable multipathing by running:

    # vinfra service compute multipath config set custom --filename multipath.conf

    The command updates the /etc/multipath.conf file on each compute node with the specified configuration.

  3. Attach the device to the compute cluster by using the following command:

    vinfra service compute storage add <storage_name> --params volume_backend_name=<backend_name>,
                                   volume_driver=<openstack_volume_driver_name>,[image_volume_cache_enabled=True],
                                   [use_multipath_for_image_xfer=True],force_active_active=True
                                   --secret-params <key>=<value>,[<key2>=<value2>] [--param <param=value>]
                                   [--secret-param <key=value>] [--ssl-ca-cert-bundle <file>] --enable
    <storage_name>
    Custom name of external storage. The name may only contain letters, numbers, and underscores, and must be 3 to 64 characters long.
    volume_backend_name=<backend_name>
    Must be the same as <storage_name>.
    volume_driver=<openstack_volume_driver_name>
    Name of the OpenStack volume driver.
    image_volume_cache_enabled=True
    Enables image-volume caching for the external storage, to improve the performance of creating a volume from an image.
    use_multipath_for_image_xfer=True
    Used for multipath setups. Do not specify this parameter if multipathing is disabled.
    force_active_active=True
    Should be specified to use the Active/Active configuration.
    --secret-params <key>=<value>[,<key2>=<value2>,...
    Intended to be used for sensitive data, like passwords or tokens.
    --param <param=value>
    Single parameter in the format key=value. The parameter value can contain the comma symbol. This option can be used multiple times.
    --secret-param <param=value>
    Single secret parameter in the format key=value. The parameter value can contain the comma symbol. This option can be used multiple times.
    --ssl-ca-cert-bundle <file>
    Specifies the path to an SSL certificate that is used to verify the external storage. Use this option if driver_ssl_cert_verify=True and/or driver_use_ssl=True. Some drivers may use different parameter names, refer to the OpenStack documentation to confirm the correct settings.

    Ensure that the specified data is valid. Incorrectly configuring the storage will result in a critical state of the corresponding cinder-volume service for that storage. Other services, including cinder-volume services for different storage systems, will remain unaffected.