Fibre Channel Zone Manager

Fibre Channel Zone Manager

The Fibre Channel Zone Manager allows FC SAN Zone/Access control management in conjunction with Fibre Channel block storage. The configuration of Fibre Channel Zone Manager and various zone drivers are described in this section.

Configure Block Storage to use Fibre Channel Zone Manager

If Block Storage is configured to use a Fibre Channel volume driver that supports Zone Manager, update cinder.conf to add the following configuration options to enable Fibre Channel Zone Manager.

Make the following changes in the /etc/cinder/cinder.conf file under a [fc-zone-manager] section.

Description of zoning configuration options
Configuration option = Default value Description
enable_unsupported_driver = False (Boolean) Set this to True when you want to allow an unsupported zone manager driver to start. Drivers that haven’t maintained a working CI system and testing are marked as unsupported until CI is working again. This also marks a driver as deprecated and may be removed in the next release.
fc_fabric_names = None (String) Comma separated list of Fibre Channel fabric names. This list of names is used to retrieve other SAN credentials for connecting to each SAN fabric
fc_san_lookup_service = cinder.zonemanager.drivers.brocade.brcd_fc_san_lookup_service.BrcdFCSanLookupService (String) FC SAN Lookup Service
zone_driver = cinder.zonemanager.drivers.brocade.brcd_fc_zone_driver.BrcdFCZoneDriver (String) FC Zone Driver responsible for zone management
zoning_policy = initiator-target (String) Zoning policy configured by user; valid values include “initiator-target” or “initiator”

To use different Fibre Channel Zone Drivers, use the parameters described in this section.

Note

When multi backend configuration is used, provide the zoning_mode configuration option as part of the volume driver configuration where volume_driver option is specified.

Note

Default value of zoning_mode is None and this needs to be changed to fabric to allow fabric zoning.

Note

zoning_policy can be configured as initiator-target or initiator

Brocade Fibre Channel Zone Driver

Brocade Fibre Channel Zone Driver performs zoning operations through HTTP, HTTPS, or SSH.

Set the following options in the cinder.conf configuration file under the [fc-zone-manager] section.

Description of Brocade zoning manager configuration options
Configuration option = Default value Description
brcd_sb_connector = HTTP (String) South bound connector for zoning operation

Configure SAN fabric parameters under a section matching the name used in fc_fabric_names as described in the example below:

Description of Brocade zoning fabrics configuration options
Configuration option = Default value Description
fc_fabric_address = <> (String) Management IP of fabric.
fc_fabric_password = <> (String) Password for user.
fc_fabric_port = 22 (Port(min=0, max=65535)) Connecting port
fc_fabric_ssh_cert_path = <> (String) Local SSH certificate Path.
fc_fabric_user = <> (String) Fabric user ID.
fc_southbound_protocol = HTTP (String(choices=[‘SSH’, ‘HTTP’, ‘HTTPS’])) South bound connector for the fabric.
fc_virtual_fabric_id = None (String) Virtual Fabric ID.
zone_activate = True (Boolean) Overridden zoning activation state.
zone_name_prefix = openstack (String) Overridden zone name prefix.
zoning_policy = initiator-target (String) Overridden zoning policy.

Note

Define a fabric group for each fabric using the fabric names used in fc_fabric_names configuration option as group name.

Note

To define a fabric group for a switch which has Virtual Fabrics enabled, include the fc_virtual_fabric_id configuration option and fc_southbound_protocol configuration option set to HTTP or HTTPS in the fabric group. Zoning on VF enabled fabric using SSH southbound protocol is not supported.

System requirements

Brocade Fibre Channel Zone Driver requires firmware version FOS v6.4 or higher.

As a best practice for zone management, use a user account with zoneadmin role. Users with admin role (including the default admin user account) are limited to a maximum of two concurrent SSH sessions.

For information about how to manage Brocade Fibre Channel switches, see the Brocade Fabric OS user documentation.

Cisco Fibre Channel Zone Driver

Cisco Fibre Channel Zone Driver automates the zoning operations through SSH. Configure Cisco Zone Driver, Cisco Southbound connector, FC SAN lookup service and Fabric name.

Set the following options in the cinder.conf configuration file.

[fc-zone-manager]
zone_driver = cinder.zonemanager.drivers.cisco.cisco_fc_zone_driver.CiscoFCZoneDriver
fc_san_lookup_service = cinder.zonemanager.drivers.cisco.cisco_fc_san_lookup_service.CiscoFCSanLookupService
fc_fabric_names = CISCO_FABRIC_EXAMPLE
cisco_sb_connector = cinder.zonemanager.drivers.cisco.cisco_fc_zone_client_cli.CiscoFCZoneClientCLI
Description of Cisco zoning manager configuration options
Configuration option = Default value Description
cisco_sb_connector = cinder.zonemanager.drivers.cisco.cisco_fc_zone_client_cli.CiscoFCZoneClientCLI (String) Southbound connector for zoning operation

Configure SAN fabric parameters under a section matching the name used in fc_fabric_names as described in the example below:

Description of Cisco zoning fabrics configuration options
Configuration option = Default value Description
cisco_fc_fabric_address = <> (String) Management IP of fabric
cisco_fc_fabric_password = <> (String) Password for user
cisco_fc_fabric_port = 22 (Port(min=0, max=65535)) Connecting port
cisco_fc_fabric_user = <> (String) Fabric user ID
cisco_zone_activate = True (Boolean) overridden zoning activation state
cisco_zone_name_prefix = None (String) overridden zone name prefix
cisco_zoning_policy = initiator-target (String) overridden zoning policy
cisco_zoning_vsan = None (String) VSAN of the Fabric

Note

Define a fabric group for each fabric using the fabric names used in fc_fabric_names configuration option as group name.

The Cisco Fibre Channel Zone Driver supports basic and enhanced zoning modes.The zoning VSAN must exist with an active zone set name which is same as the fc_fabric_names option.

System requirements

Cisco MDS 9000 Family Switches.

Cisco MDS NX-OS Release 6.2(9) or later.

For information about how to manage Cisco Fibre Channel switches, see the Cisco MDS 9000 user documentation.

Creative Commons Attribution 3.0 License

Except where otherwise noted, this document is licensed under Creative Commons Attribution 3.0 License. See all OpenStack Legal Documents.