Searching: firmware - 177 Results Found

VTrak Family Best Practices for VMware for VTrak Ex30 & Ex50
PROMISE Technology Inc. posted this 10 January 2018 - Last edited 10 January 2018

The following is a best practice guide for the use of a VTrak Ex30/Ex50 for VMware ESXi version 5 or higher.

Topics covered for this article are RAID Levels, Expansion Chassis, LUN Affinity, ALUA, VAAI Support and Thin Provisioning.

RAID: RAID is an acronym for Redundant Array Of Independent Disks.
For VMware usage, we recommend one of the following two RAID configurations to be used:

  • RAID 5 (Stripe With Parity): Optimal Read/write speeds with less overhead. Superior Performance.
  • RAID 6 (Stripe with Dual Parity): Good for Archival Storage that offers Dual Redundancy and superior fault tolerance.

RAID 0 (Stripe): It is not recommended to run a stripe volume as it will offer little performance benefit and it will not provide any fault tolerance for the volume.

Jx30/J5000 Expansion Chassis: If you have an expansion chassis (i.e. J-Class units such as the J630,830,930/J5000) attached to your VTrak Ex30/Ex50 unit, you can add more storage space to your VM configuration; however, it is not recommended to span enclosures under a single large RAID array volume using the VTrak RAID Engine.

For best practice purposes, it is recommended to have each enclosure contain separate disk arrays (RAID configurations which span enclosures, will require either RAID 50 or RAID 60)

LUN Affinity: For optimization, LUN Affinity should be enabled for Dual controller VTrak Ex30/Ex50 units. LUN Affinity will enable write performance to be faster, and increase stability. Although VMware has been certified with LUN Affinity disabled, Promise Technology recommends that LUN Affinity be enabled to provide the best performance.

ALUA: ALUA is an acronym for Asynchronous Logical Unit Access (ALUA) must be enabled for VMWare to be optimized. VMware 5x and higher is ALUA aware, and it is recommended to have this feature enabled for better overall performance on the unit.

Thin Provisioning:  This VMware feature is to a VM that is available in the LUN to provide higher utilization by letting you dedicate more storage capacity than the actual purchased capacity.  With VAAI enabled, the VTrak Ex30/Ex50 can provide hardware support to thin provisioned LUNs by allowing freed up space on the LUN to be reclaimed.

VAAI: VMware API Array Integration (VAAI) is a VMware special configuration API which offloads some storage tasks for the ESXi server. This is also known as hardware acceleration. (Older VTrak Ex30 firmware versions support VAAI by default)
In the newer VTrak Ex30 firmware versions offer VAAI support which can be either enabled or disabled as only VMware makes use of VAAI. The same is applicable to the Ex50 units.

Note that if VAAI was in use prior to upgrading to VMware, it is important that VAAI be re-enabled after updating to continue to access the volume. If VAAI is not enabled after the upgrade of the VMware host, the LUN(s) will be seen but the datastore will not be accessible. This is due to the datastore being originally created with VAAI enabled.
With VAAI enabled, the datastore will have support use for AB file locking. Therefore, the datastore will only be seen if VAAI is enabled.

To enable the VAAI feature on the Ex30/Ex50, you may use the Command Line Interface (CLI).

To access the CLI, you can use the serial console or via terminal thru SSH:

ssh administrator@Virtual_IP_Address

To enable VAAI in the CLI, type the following commands:

administrator@cli> ctrl -a mod -s "VAAIsupport=enable" 
Note: The VAAIsupport setting will take affect only after next reboot

After enabling the VAAI module, you will need to reboot the VTrak and the ESXi server.

After you reboot the VTrak Ex30/Ex50, run the following command to ensure that VAAI is enabled on both controllers:

administrator@cli> ctrl -v

-------------------------------------------------------------------------------
CtrlId: 1
Alias: 
OperationalStatus: OK                  PowerOnTime: 453 hours 50 minutes
ControllerRole: Primary                ReadinessStatus: Active
LUNAffinity: Enabled                   LunmappingMethod: Name Based
CacheUsagePercentage: 0%               DirtyCachePercentage: 0%

PartNo: F29000020000127                SerialNo: XXXXXXXXXXXXXXX
HWRev: A5                              WWN: XXXX-XXXX-XXXX-XXXX
CmdProtocol: SCSI-3
MemType:        N/A (Slot 1)           MemSize: N/A (Slot 1)
       : DDR3 SDRAM (Slot 2)                  : 2 GB (Slot 2)
FlashType: Flash Memory                FlashSize: 2 GB
NVRAMType: SRAM                        NVRAMSize: 512 KB
BootLoaderVersion: 0.19.0000.37        BootLoaderBuildDate: Jan 20, 2017
FirmwareVersion: 10.18.2270.00         FirmwareBuildDate: Feb 25, 2017
SoftwareVersion: 10.18.2270.00         SoftwareBuildDate: Feb 25, 2017

DiskArrayPresent: 1                    OverallRAIDStatus: OK
LogDrvPresent: 9                       LogDrvOnline: 9
LogDrvOffline: 0                       LogDrvCritical: 0
PhyDrvPresent: 32                      PhyDrvOnline: 28
PhyDrvOffline: 0                       PhyDrvPFA: 0
GlobalSparePresent: 0                  DedicatedSparePresent: 0
RevertibleGlobalSparePresent: 0        RevertibleDedicatedSparePresent: 0
RevertibleGlobalSpareUsed: 0           RevertibleDedicatedSpareUsed: 0

WriteThroughMode: No                   MaxSectorSize: 512 Bytes
PreferredCacheLineSize: 64 KB          CacheLineSize: 64 KB
Coercion: Enabled                      CoercionMethod: GBTruncate
SMART: Disabled                        SMARTPollingInterval: 10 minutes
MigrationStorage: DDF                  CacheFlushInterval: 3 second(s)
PollInterval: 15 second(s)             AdaptiveWBCache: Enabled
HostCacheFlushing: Disabled            ForcedReadAhead: Enabled
ALUA: Enabled                          PowerSavingIdleTime: Never
PowerSavingStandbyTime: Never          PowerSavingStoppedTime: Never
PerfectRebuildAvailable: 64
VAAIsupport: Enabled                   SSDTrimSupport: Enabled

-------------------------------------------------------------------------------
CtrlId: 2
Alias: 
OperationalStatus: OK                  PowerOnTime: 453 hours 50 minutes
ControllerRole: Secondary              ReadinessStatus: Active
LUNAffinity: Enabled                   LunmappingMethod: Name Based
CacheUsagePercentage: 0%               DirtyCachePercentage: 0%
 
PartNo: F29000020000127                SerialNo: XXXXXXXXXXXXXXX
HWRev: A5                              WWN: XXXX-XXXX-XXXX-XXXX
CmdProtocol: SCSI-3
MemType:        N/A (Slot 1)           MemSize: N/A (Slot 1)
       : DDR3 SDRAM (Slot 2)                  : 2 GB (Slot 2)
FlashType: Flash Memory                FlashSize: 2 GB
NVRAMType: SRAM                        NVRAMSize: 512 KB
BootLoaderVersion: 0.19.0000.37        BootLoaderBuildDate: Jan 20, 2017
FirmwareVersion: 10.18.2270.00         FirmwareBuildDate: Feb 25, 2017
SoftwareVersion: 10.18.2270.00         SoftwareBuildDate: Feb 25, 2017
 
DiskArrayPresent: 1                    OverallRAIDStatus: OK
LogDrvPresent: 9                       LogDrvOnline: 9
LogDrvOffline: 0                       LogDrvCritical: 0
PhyDrvPresent: 32                      PhyDrvOnline: 28
PhyDrvOffline: 0                       PhyDrvPFA: 0
GlobalSparePresent: 0                  DedicatedSparePresent: 0
RevertibleGlobalSparePresent: 0        RevertibleDedicatedSparePresent: 0
RevertibleGlobalSpareUsed: 0           RevertibleDedicatedSpareUsed: 0

WriteThroughMode: No                   MaxSectorSize: 512 Bytes
PreferredCacheLineSize: 64 KB          CacheLineSize: 64 KB
Coercion: Enabled                      CoercionMethod: GBTruncate
SMART: Disabled                        SMARTPollingInterval: 10 minutes
MigrationStorage: DDF                  CacheFlushInterval: 3 second(s)
PollInterval: 15 second(s)             AdaptiveWBCache: Enabled
HostCacheFlushing: Disabled            ForcedReadAhead: Enabled
ALUA: Enabled                          PowerSavingIdleTime: Never
PowerSavingStandbyTime: Never          PowerSavingStoppedTime: Never
PerfectRebuildAvailable: 64
VAAIsupport: Enabled                   SSDTrimSupport: Enabled

Other Enhancements: In addition to the VMware configuration, other improvements for Best Practices can be considered when implementing the VTrak Ex30/Ex50 in your VMware solution.

Best Practice Guide for the VTrak Ex30/Ex50

Contact Promise Technology Support
Need more help? Save time by starting your support request online and a technical support agent will be assigned to your case.

Promise Technology Technical Support >

VTrak G-Class (NAS Gateway) External LDAP Server Configuration
PROMISE Technology Inc. posted this 27 October 2017 - Last edited 27 October 2017

Table of Contents
A. macOS Open Directory (GUI)
B. Windows Active Directory (GUI)
  Appendix I - Setup Windows Active Directory with IDMU (Identity Management for UNIX)
  Appendix II - Add the IDMU role to Windows Server (Example illustrated with Windows Server 2008)
  Appendix III - Add UNIX Attributes to AD | User and Group
C. Linux Open LDAP with PDC
D. Samba Login Tool Instructions (Only applicable to macOS Open Directory)
E. Adding Permissions to the NAS Gateway SMB Share

Scope

The purpose of this article is to provide an A-Class SAN administrator the appropriate instructions on binding their 
A-Class and NASGW to an External LDAP server.

Internal and External LDAP servers cannot be enabled at same time. There are three LDAP statuses:

  1. Internal LDAP enabled while External LDAP is disabled
  2. Internal LDAP disabled while External LDAP is enabled
  3. Internal and External LDAP servers are both disabled

There are (3) types of External LDAP servers that are supported:

  • Windows Active Directory
  • macOS Open Directory or Linux LDAP without PDC
  • Linux LDAP with PDC

Select “Enable External LDAP Server” to enable the external LDAP module. If the Internal LDAP module is enabled, it will be disabled when the External LDAP is selected.

Setting Description

The table below demonstrates the external LDAP settings in the A-Class GUI. 
Note: Some of the settings are common for all the supported LDAP servers; however, certain settings may not be supported on some of the LDAP servers. For more information, please contact Technical Support.

Setting Item

Description

SSL

Possible value: True or False. It should be set to False if LDAP server doesn’t support SSL.

Timeout

Timeout value in second. Value is from 1 to 30 seconds.

Default is 10 seconds

BaseDN

The BaseDN of LDAP server. If the server is ptu.promise.com, the value shall be “dc=ptu,dc=promise,dc=com”. Note that there shouldn’t have space character in the value.

Server

The IP address of LDAP server.

Port

The port of LDAP server. Default value is 389

SAMBANetBIOSName

NetBIOS name for Samba server running in NAS Gateway. Optional value if there isn’t NAS gateway configured.

ServerType

LDAP server type. Three types are supported: Windows AD, Mac OD and Linux OpenLDAP.

Samba NetBIOS

This setting is enabled for “Linux LDAP with PDC” only.

AnonymousBind

Possible values: True or False.

True: Bind LDAP server by using anonymous. LDAP server must support it.

False: Don’t use anonymous user to bind LDAP server. BindDN (username) and BindPassword must be provided.

BindDN

Bind username

When Windows AD is set up, four types of BindDN can be used:

1. <Domain_Name>\<Username>

Such as: example.com\Administrator

2. <Username>@<Domain_Name>

Such as: Administrator@example.com

3. CN=<Username>,CN=users,DC=<Domain_name>

For example:
CN=Administrator,CN=users,DC=example,DC=com

 

Note: “users” must be lower case. “Users” doesn’t work for NAS gateway

 

If Windows AD is on Windows 2000 or earlier version, type #1 is suggested. For other versions, all 3 types can be used.

 

Note: <Username> only doesn’t work for NAS gateway. NAS gateway will report “LDAP connection failed” if type in username only.

 

BindPassword

Bind password. The password of the username which is used in BindDN

UIDAttribute

Attribute containing the LDAP username.

Default values for different LDAP servers:

-        Mac OD: uid

-        Windows AD: uid (Identity Management for UNIX must be installed and UNIX Attributes must be configured)

-        Linux OpenLDAP: uid

Other possible values can be checked on different LDAP server setup:

-        Windows AD: sAMAccountName, cn

ObjectClass

The object class to get user entries from LDAP server.

The below hierarchy of object classes, the value can be user, organizationalPerson or person. Value cannot be top, because top is the root class and cannot be used to filter user.

objectClass: top 
objectClass: person 
objectClass: organizationalPerson
objectClass: user

 

Default values for different LDAP servers:

-        macOS OD: posixAccount

-        Windows AD: user

-        Linux OpenLDAP: posixAccount

GroupIDAttribute

Attribute containing the LDAP group name.

Default values for different LDAP servers:

-        Mac OD: cn

-        Windows AD: cn

-        Linux OpenLDAP: cn

Other possible values can be checked on different LDAP server setup:

-        Windows AD: sAMAccountName

ObjectClass ofGroup

The object class to get group entries from the LDAP server.

The below hierarchy of object classes, the value can be group. Value cannot be top, because top is the root of the class hierarchy and cannot be used to filter group.

objectClass: top

objectClass: group

 

Default values for different LDAP servers:

-        macOS OD: posixGroup

-        Windows AD: group

-        Linux OpenLDAP: posixGroup

EmailNotification forEvent

True: enable email notification for event. New event will be sent to the email address provided by EmailAddrAttribute.

False: disable

FullNameAttribute

The LDAP attribute to get the full name of email recipient.

EmailAddrAttribute

The LDAP attribute to get the email address for email notification. With this setting, new events will be sent to the email address automatically.

Privilege for LDAP Users

Default: Use default privilege selected from next item.

Role Mapping: Map LDAP role to subsystem privilege

DefaultPrivilege

The default privilege for all LDAP users. Used only when previous setting is select to Default.

 

A. macOS Open Directory (GUI)

Note: The Samba Login Tool is required. If you don't authenticate your users, the OD users will not be able to login to the SMB shares on the NAS Gateway.

CLI Output

administrator@cli> ldap -v
-------------------------------------------------------------------------------
ExternalLDAP: Enabled 
SSL: Disabled Timeout: 10 seconds
BaseDN: dc=macserver,dc=promise,dc=com
Server: 192.168.252.159 Port: 389
SAMBANetBIOSName: promise
ServerType: MAC Open Directory or Linux LDAP without PDC 
AnonymousBind: Disabled
BindDN: uid=test,cn=users,dc=macserver,dc=promise,dc=com
BindPassword: ******
UIDAttribute: uid
ObjectClass: posixAccount
GroupIDAttribute: cn
ObjectClassOfGroup: posixGroup
EmailNotificationForEvent: Enabled
FullNameAttribute: displayName
EmailAddrAttribute: mail
RolePolicy: default DefaultPrivilege: View
-------------------------------------------------------------------------------

 B. Windows Active Directory (GUI)
Please make sure that the AD bind account is part of the Domain Admins group or has sufficient privileges to join the Domain. If you use a standard user (with no Domain Admin Privileges), the LDAP connection will fail.

CLI Output

administrator@cli> ldap -v
-------------------------------------------------------------------------------
ExternalLDAP: Enabled
SSL: Disabled Timeout: 10 seconds
BaseDN:dc=ptb,dc=local
Server:192.168.252.111 Port: 389
ServerType: Windows Active Directory
DNS: 192.168.252.111
AnonymousBind: Disabled
BindDN: ptb\test
BindPassword: ******
UIDAttribute: uid 
ObjectClass: user
GroupIDAttribute: cn
ObjectClassOfGroup: group
EmailNotificationForEvent: Enabled
FullNameAttribute: displayName
EmailAddrAttribute: mail
RolePolicy: default DefaultPrivilege: View
-------------------------------------------------------------------------------

Appendix I - Setup Windows Active Directory with IDMU (Identity Management for UNIX)

Windows Active Directory is heavily dependent upon DNS. If a DNS IP address has been established in the A-Class, it is recommended that an administrator configures the DNS server to support AD.

If the A-Class is configured with a Linux DNS server, the administrator should create a DNS zone on the DNS server for the AD domain.

If the A-Class is configured with a Windows DNS server, the administrator can configure AD in following (3) ways:

  1. Install AD on the DNS server; AD and DNS are on the same server.
  2. Install AD without DNS settings on another server, and use the primary DNS.
  3. Install AD with DNS settings on another machine, create a DNS zone on the DNS server for the AD domain.

In order to store UNIX attributes in Active Directory, you must install Active Directory and then add the “Identity Management for UNIX” role service (this can be downloaded in Server Manager). Once the role service has been installed, the AD schema now includes a partially RFC 2307-compliant set of UNIX attributes. A new tab labeled “UNIX Attributes” will appear in the properties dialog box for users and groups in Active Directory. Each Active Directory account that will authenticate via Linux must be configured in the new “UNIX Attributes” tab.

Appendix II - Add the IDMU role to Windows Server (Example illustrated with Windows Server 2008)





Appendix III - Add UNIX Attributes to AD | User and Group
If you don't execute this step, the AD users and groups won't populate in the Folder Share setting when applying permissions for the NAS Gateway SMB share(s).

Note: The Samba Login Tool is not required when using Active Directory for authentication.





> Install IDMU for Windows Server 2008/2012

C. Linux Open LDAP with PDC


CLI Output

administrator@cli> ldap -v
-------------------------------------------------------------------------------
ExternalLDAP: Enabled 
SSL: Disabled Timeout: 10 seconds
BaseDN: dc=test,dc=com
Server: 192.168.252.143 Port: 389
SAMBANetBIOSName: test
ServerType: Linux LDAP with PDC 
AnonymousBind: Disabled
BindDN: cn=lily,dc=test,dc=com
BindPassword: ******
UIDAttribute: uid 
ObjectClass: posixAccount
GroupIDAttribute: cn 
ObjectClassOfGroup: posixGroup
EmailNotificationForEvent: Enabled
FullNameAttribute: displayName
EmailAddrAttribute: mail
RolePolicy: default DefaultPrivilege: View
-------------------------------------------------------------------------------

D. Samba Login Tool Instructions (Only applicable to macOS Open Directory)

  1. Using your web browser, enter the Virtual IP Address of the NAS Gateway Cluster to access the Promise NAS Gateway Samba Login Tool.
  2. You can retrieve the Virtual IP Address of the cluster by going to NAS Gateway > Detail.


  3. Enter the user's credentials that you will be authenticating and Login:
    If you don’t execute this step, your Open Directory users will not be able to access the SMB share. 
  4. You will receive a message stating that the user has been successfully authenticated.

E. Adding Permissions to the NAS Gateway SMB Share

  1. Go to NAS Gateway > Mount Point.
  2. Click the gear and select Folder Share:

  3. You can set permissions by User or Group.
    A. User = Read-Write Example:

    B. Group = Read-Write Permission Example
  4. Click Submit to save the changes and you will receive the following notification message:

Related Articles:
Disable SMB Signing on OS X (10.11.5 > 10.12.x)
Unable to Save File on the NASGW from a File Created by a FC Client - Internal/External LDAP Configurations
VTrak G-Class NAS Gateway Firmware Release Notes

Contact Promise Technology Support
Need more help? Save time by starting your support request online and a technical support agent will be assigned to your case.

Promise Technology Technical Support >

Search
Popular Tags
Categories
Close