Unless otherwise noted, all references to STRM refer to STRM, STRM Log Manager, and STRM Network Anomaly Detection.

Similar documents
Reconfigure Offboard Storage During a JSA Upgrade

Offboard storage. Release Modified: Copyright 2016, Juniper Networks, Inc.

Juniper Secure Analytics Configuring Offboard Storage Guide

IBM QRadar Security Intelligence Version Offboard Storage Guide IBM

UPGRADING STRM TO R1 PATCH

JSA Common Ports Lists

Partition Splitting. Release Juniper Secure Analytics. Juniper Networks, Inc.

Restore Data. Release Juniper Secure Analytics. Juniper Networks, Inc.

Upgrading STRM to

High Availability Guide

iscsi storage is used as shared storage in Redhat cluster, VMware vsphere, Redhat Enterprise Virtualization Manager, Ovirt, etc.

Troubleshooting Guide

Forwarding Logs Using Tail2Syslog. Release Security Threat Response Manager. Juniper Networks, Inc.

Table 1 List of Common Ports Used by STRM Components. Port Direction Reason. components. your SMTP gateway

Setting Up an STRM Update Server

Managing User-Defined QID Map Entries

Customizing the Right-Click Menu

SETTING UP A JSA SERVER

Juniper Secure Analytics Patch Release Notes

Juniper Secure Analytics Patch Release Notes

Installing JSA Using a Bootable USB Flash Drive

Disks, Filesystems 1

Wireless LAN. SmartPass Quick Start Guide. Release 9.0. Published: Copyright 2013, Juniper Networks, Inc.

Juniper Secure Analytics Patch Release Notes

OPS235. Linux File Systems Partitioning Mounting File Systems

Deploying STRM in an IPV6 Environment

NSM Plug-In Users Guide

Juniper Secure Analytics Patch Release Notes

NSM Plug-In Users Guide

Production Installation and Configuration. Openfiler NSA

Disks, Filesystems Todd Kelley CST8177 Todd Kelley 1

Deploying JSA in an IPV6 Environment

Release Notes. Juniper Secure Analytics. Juniper Networks, Inc North Mathilda Avenue Sunnyvale, CA USA

Exadata Landing Pad: Migrating a Fibre Channel-based Oracle Database Using an Oracle ZFS Storage Appliance

Web Device Manager Guide

NSM Plug-In Users Guide

Steel-Belted Radius Installation Instructions for EAP-FAST Security Patch

Linux Library Controller Installation and Use

Chapter 6. Linux File System

Network and Security Manager (NSM) Release Notes DMI Schema

Reference Data Collections

Adding a block devices and extending file systems in Linux environments

Disks, Filesystems, Booting Todd Kelley CST8177 Todd Kelley 1

Intrusion Detection and Prevention IDP 4.1r4 Release Notes

Network Configuration Example

STRM Series to JSA Series

STRM Administration Guide

Network Configuration Example

Technical Configuration Example

Patch Release Notes. Release Juniper Secure Analytics. Juniper Networks, Inc.

Intel Cache Acceleration Software (Intel CAS) for Linux* v2.8 (GA)

Deploying Solaris 11 with EqualLogic Arrays

Intrusion Detection and Prevention Release Notes

Manual File System Check Linux Command Line

Veritas System Recovery 18 Linux Edition README

Cluster Upgrade. SRX Series Services Gateways for the Branch Upgrade Junos OS with Minimal Traffic Disruption and a Single Command APPLICATION NOTE

istorage Server: iscsi SAN for Linux

STRM Log Manager Administration Guide

Network Configuration Example

Step by Step Installation of CentOS Linux 7 and Active Circle

Release Notes Patch 1

Vertica on Microsoft Azure HPE Vertica Analytic Database. Software Version: 7.2.x

PiCloud. Building owncloud on a Raspberry PI

Juniper Secure Analytics Quick Start Guide

High Availability & Fault Tolerance of the Deployment Manager using NFS on Linux

Red Hat Enterprise Linux 6 or 7 Host Configuration and Backup with Auto- Snapshot Manager

Intrusion Detection and Prevention Release Notes

HP integrated Citrix XenServer 5.0 Release Notes

Contrail Release Release Notes

Linux Manually Mounting External Hard Drive Mac Terminal

This section describes the procedures needed to add a new disk to a VM. vmkfstools -c 4g /vmfs/volumes/datastore_name/vmname/xxxx.

Network and Security Manager (NSM) Release Notes DMI Schema

vsphere Installation and Setup Update 2 Modified on 10 JULY 2018 VMware vsphere 6.5 VMware ESXi 6.5 vcenter Server 6.5

Network and Security Manager (NSM) Release Notes DMI Schema

Juniper Secure Analytics Virtual Appliance Installation Guide

Juniper Secure Analytics

Juniper Networks CTPOS Release 7.0R1 Software Release Notes

Technology Overview. Retrieving VLAN Information Using SNMP on an EX Series Ethernet Switch. Published:

J-Care Agility Services Advanced Options

Junos Pulse Mobile Security Dashboard

Novell SUSE Linux Enterprise Server

NetApp Data Ontap Simulator Cookbook

High Availability. Prepared by Vaibhav Daud

Linux Host Utilities 6.2 Quick Start Guide

Critical Analysis and last hour guide for RHCSA/RHCE Enterprise 7

Setting Up the DR Series System as a CIFS, NFS, or VTL Target on Networker Technical White Paper

Network and Security Manager (NSM) Release Notes DMI Schema

C2000 and C4000 Hardware Quick Start Guide

Tutorial : Confguring a micro SD memory card as both swap and storage area for the DragonBoard 410c (DB410C)

Novell Open Enterprise Server

DM-Multipath Guide. Version 8.2

RHCE BOOT CAMP. Various Additional Topics

Vendor: RedHat. Exam Code: EX200. Exam Name: Red Hat Certified System Administrator - RHCSA. Version: Demo

IBM Security QRadar SIEM Version 7.2. Installation Guide

Junos Pulse Access Control Service

DX 32xx and DX 36xx Quick Start

Juniper Networks Certification Program

exacqvision Virtual Appliance User Manual

Linux Command Line Primer. By: Scott Marshall

vsphere Upgrade Update 2 Modified on 4 OCT 2017 VMware vsphere 6.0 VMware ESXi 6.0 vcenter Server 6.0

Transcription:

TECHNICAL CONFIGURING iscsi AUGUST 2012 You can use a iscsi storage network in your STRM deployment. This document provides information on configuring and using iscsi devices with your deployment. Unless otherwise noted, all references to STRM refer to STRM, STRM Log Manager, and STRM Network Anomaly Detection. The procedures in this document assume an advanced knowledge of a Linux operating system. For assistance, please contact Juniper Networks Customer Support. Your network configuration may differ, however, for the purposes of the document, we assume that your management interface is ETH0 and your iscsi interface is ETH1. This document provides information on configuring iscsi, including: iscsi Configuration Types Configuring iscsi Troubleshooting iscsi Configuration Types You can configure iscsi for use in a standard deployment or in a High Availability (HA) environment. This section identifies the procedures for the following configuration types: Configuring iscsi in a Standard Deployment Configuring iscsi HA Configuring iscsi When Restoring a Failed Primary HA Console

2 TECHNICAL Configuring iscsi in a Standard Deployment To configure iscsi in a standard deployment: 1 Prepare STRM to connect to the iscsi network. See Preparing STRM to Connect to iscsi Network. 2 Assign and configure the iscsi volumes. See Assigning and Configuring iscsi Volumes. 3 Migrate the /store/ariel directory to the iscsi storage solution. See Migrating Data to the iscsi Storage Solution. 4 Configure the system to auto-mount the iscsi volume. See Configuring the System to Auto-mount the iscsi Volume. 5 Verify the iscsi mount. See Verifying the iscsi Mount. Configuring iscsi HA In a HA deployment, the secondary host maintains the same data as the primary host by one of two methods: data replication or shared external storage. If you use the shared external storage method, you must configure your secondary host with the same external iscsi device as the primary host. To configure iscsi for use with HA, you must: 1 Configure iscsi on the primary host: This step must be performed before adding the secondary host. a Prepare the primary host to connect to the iscsi network. See Preparing STRM to Connect to iscsi Network. b Assign and configure the iscsi volumes on the primary host. See Assigning and Configuring iscsi Volumes. c Migrate the /store/ariel directory on the primary host to the iscsi storage solution. See Migrating Data to the iscsi Storage Solution. d Configure the primary host to auto-mount the iscsi volume. See Configuring the System to Auto-mount the iscsi Volume. e Verify the iscsi mount on the primary host. See Verifying the iscsi Mount. 2 Install the secondary host. See the STRM Installation Guide or the STRM Log Manager Installation Guide. 3 Configure iscsi on the secondary host: a Prepare the primary host to connect to the iscsi network. See Preparing STRM to Connect to iscsi Network. b Assign and configure the iscsi volumes on the primary host. See Assigning and Configuring iscsi Volumes. Skip Step 5. c Migrate the /store/ariel directory on the primary host to the iscsi storage solution. See Migrating Data to the iscsi Storage Solution. Only perform Step 2 through Step 9.

Configuring iscsi 3 d Configure the secondary host to auto-mount the iscsi volume. See Configuring the System to Auto-mount the iscsi Volume. 4 Access STRM and configure the HA cluster. For more information about configuring HA, see the STRM Administration Guide or the STRM Log Manager Administration Guide. Configuring iscsi When Restoring a Failed Primary HA Console To configure iscsi when restoring a failed primary HA Console: 1 Prepare the primary host to connect to the iscsi network. See Preparing STRM to Connect to iscsi Network. 2 Assign and configure the iscsi volumes on the primary host. See Assigning and Configuring iscsi Volumes. Skip Step 5. 3 Migrate the /store/ariel directory on the primary host to the iscsi storage solution. See Migrating Data to the iscsi Storage Solution. Only perform through Step 9. 4 Configure the system to auto-mount the iscsi volume. See Configuring the System to Auto-mount the iscsi Volume. Configuring iscsi Preparing STRM to Connect to iscsi Network This section includes: Preparing STRM to Connect to iscsi Network Assigning and Configuring iscsi Volumes Migrating Data to the iscsi Storage Solution Configuring the System to Auto-mount the iscsi Volume Verifying the iscsi Mount To prepare STRM to connect to an iscsi network: From the Admin interface, configure a secondary network interface with a private IP address to connect to the iscsi SAN. Network interface address information, from your SAN network manager, is required. For more information on configuring a network interface, see the STRM Administration Guide. Step 3 Log in to STRM as root. To open the following file for editing, type the following vi /etc/iscsi/initiatorname.iscsi

4 TECHNICAL Step 4 Step 5 Step 6 To add the iscsi qualified name for your host to the initiatorname.iscsi file, type the following line: iqn.<yyyy-mm>.{reversed domain name}:<hostname>.<directoryname> For example: InitiatorName=iqn.2008-11.com.q1labs:pl13 Save and close the file. To restart the iscsi service to open a session to the server, type the following service iscsi restart You are now ready to assign and configure the iscsi volumes. See Assigning and Configuring iscsi Volumes. Assigning and Configuring iscsi Volumes Step 3 To assign and configure iscsi volumes: To detect volumes on the iscsi server, type the following iscsiadm -m discovery --type sendtargets --portal <IP address>:<port> Where: <IP address> is the IP address of the iscsi server. <port> is the port number of the iscsi server. This is an optional parameter. A list of iscsi volumes available to your host is displayed. The output should resemble the following: 172.16.151.142:3260,1 iqn.2008-10.lab.q1labs:iscsivol To verify that the login for your iscsi server is functional, type the following iscsiadm -l -m node -T <target iqn name> The output from this command should resemble: Logging in to [iface: default, target: iqn.2008-10.lab.q1labs:iscsivol, portal: 172.16.151.142,3260] Login to [iface: default, target: iqn.2008-10.lab.q1labs:iscsivol, portal: 172.16.151.142,3260]: successful To verify that your STRM system detects the new disks, type the following dmesg tail -20 grep 'Attached' The output from this command should resemble: sd 0:0:1:0: Attached scsi disk sdd1

Configuring iscsi 5 Step 4 Determine the iscsi device name: a To clear the kernel ring buffer, type the following dmesg -c b To reload the iscsi service, type the following /etc/init.d/iscsi restart c To locate the device name, type the following dmesg grep Attached scsi disk The output from this command should resemble: sd 4:0:0:0: Attached scsi disk sdd1 If you are configuring iscsi for a secondary host in an HA deployment, you do not need to reformat the volume. Go to Migrating Data to the iscsi Storage Solution. Step 5 To reformat the volume, if it has not previously been used, choose one of the following: CAUTION If the volume has been used before, do not partition or reformat the volume if you want to retain the data already stored on the volume. a b Create a partition. For information about creating a partition, see your Linux documentation. Reformat the volume using one of the following options: - Recommended option. To reformat the volume using a volume label, type the following mkfs.ext4 -L <volume label> /dev/<device name> Where <device name> is the name of the iscsi device including the partition number. For example: sdd1 - To reformat the volume without a volume label, type the following mkfs.ext4 <device name> You can create one or more partitions on the volume and mount them separately as required. If the new volume is larger than 2 TB, you must create a GUID Partition Table (GPT). If you are using Red Hat Enterprise Linux, the new volume must be smaller than 2 TB. You are now ready to migrate the data to the iscsi storage solution. See Migrating Data to the iscsi Storage Solution.

6 TECHNICAL Migrating Data to the iscsi Storage Solution This section includes instructions for how to migrate your data to the iscsi storage solution. You can choose which directory level you want to migrate: /store or /store/ariel. We recommend that you migrate /store/ariel because this provides less performance impact to your system. CAUTION Unless you are configuring iscsi in an HA deployment, we do not recommend mounting all of the /store partition on external storage. Mounting all of the /store partition may cause serious performance degradation on your system. This section includes instructions for how to migrate your data to the iscsi storage solution, including: Migrating /store/ariel to the iscsi Storage Solution Migrating /store to the iscsi Storage Solution Migrating /store/ariel to the iscsi Storage Solution To migrate /store/ariel to the iscsi storage solution: To stop the services, type the following command to stop the Hostcontext service: service hostcontext stop Skip this step if you are configuring iscsi on a secondary host in an HA deployment. Go to. Step 3 Step 4 To move the existing mount point aside, type the following cd /store my ariel ariel_old To open the fstab file for editing: vi /etc/fstab Add the mount line for the new ariel mount point. Choose one of the following options: We recommend that you use the UUID or volume label option, if configured, to edit the mount line. a b Type the blkid command to located the UUID of the iscsi device, and then add the UUID by typing the following UUID=<uuid> /store/ariel ext4 noatime,noauto,nobarrier 0 0 If you reformatted the volume using a volume label, type the following line: LABEL=<volume label> /store/ariel ext4 noatime,noauto,nobarrier 0 0

Configuring iscsi 7 Step 5 c If you reformatted the volume without a volume a label, type the following line: <device name> /store/ariel ext4 noatime,noauto,nobarrier 0 0 Save and close the file. If you are configuring iscsi on a secondary host in an HA deployment, do not try to mount the volume if it is in use by the primary host. Go to Configuring the System to Auto-mount the iscsi Volume. Step 6 Step 7 To mount the new iscsi /store/ariel, type the following mount /store/ariel To move the data from the local volume to the external disk, type the following mv /store/ariel_old/* /store/ariel Moving data from the local volume to the external disk can take an extended period of time, depending on the amount of data being moved. To reduce system down time, consider moving the data from the local volume to the external disk after STRM is restarted. Step 8 Step 9 To remove the /store/ariel_old directory, type the following rmdir /store/ariel_old To restart the Hostcontext services, type the following commands: service hostcontext restart For most situations, you only need to mount a single /store/ariel on you iscsi storage solution. If, however, you need a different configuration for your iscsi mount points, contact Customer Support. You are now ready to configure the system to automatically mount the iscsi volume. See Configuring the System to Auto-mount the iscsi Volume. Migrating /store to the iscsi Storage Solution To migrate /store to the iscsi storage solution: To stop the services, type the following commands in the specified order: Skip this step if you are configuring iscsi on a secondary host in an HA deployment. Go to. service hostcontext stop service tomcat stop service imq stop service postgresql stop

8 TECHNICAL Step 3 Step 4 Step 5 Step 6 Step 7 Step 8 service systemstabmon stop To unmount /store/tmp, type the following umount /store/tmp To unmount your existing /store directory, type the following umount /store To create the /store_old directory, type the following mkdir /store_old To open the following file for editing, type the following vi /etc/fstab To locate the existing /store mount line, type the line: LABEL=/store /store ext4 noatime,nobarrier 1 2 To modify the line to match the following line: LABEL=/store /store_old ext4 noatime,nobarrier 1 2 Choose one of the following options: We recommend that you use the UUID or volume label option, if configured, to edit the mount line. Step 9 a b c Type the blkid command to located the UUID of the iscsi device, and then add the UUID by typing the following UUID=<uuid> /store ext4 noatime,noauto,nobarrier 0 0 If you reformatted the volume using a volume label, type the following line: LABEL=<volume label> /store ext4 noatime,noauto,nobarrier 0 0 If you reformatted the volume without a volume a label, type the following line: <device name> /store ext4 noatime,noauto,nobarrier 0 0 Save and close the file. If you are configuring iscsi on a secondary host in an HA deployment, go to Configuring the System to Auto-mount the iscsi Volume. 0 1 2 To mount the new iscsi /store, type the following mount /store To mount the old /store, type the following mount /store_old To move the data from the existing /store/ariel to the /san directory, type the following mv /store_old/* /store/

Configuring iscsi 9 Moving data from the existing /store/ to the /san directory can take an extended period of time, depending on the amount of data being moved. 3 4 5 To re-mount /store/tmp, type the following mount /store/tmp To unmount /store_old, type the following umount /store_old To restart the services, type the following commands in the specified order: service systemstabmon restart service postgresql restart service imq restart service tomcat restart service hostcontext restart For most situations, you only need to mount a single /store on you iscsi storage solution. If, however, you need a different configuration for your iscsi mount points, contact Customer Support. You are now ready to configure the system to automatically mount the iscsi volume. See Configuring the System to Auto-mount the iscsi Volume. Configuring the System to Auto-mount the iscsi Volume Step 3 Step 4 To configure the system to auto-mount the iscsi volume: To open the /etc/rc3.d directory, type the following cd /etc/rc3.d To add the iscsi script to the startup, type the following commands: chkconfig --add iscsi chkconfig --level 345 iscsi on To create a link to /opt/qradar/init/iscsi-mount script from the /etc/init.d directory, type the following ln -s /opt/qradar/init/iscsi-mount /etc/init.d To add iscsi-mount script to be part of the startup, type the following commands: chkconfig --add iscsi-mount chkconfig --level 345 iscsi-mount on You must restart the system to complete the auto-mount process.

10 TECHNICAL Step 5 To restart the system, type the following reboot You are now ready to verify the iscsi mount. See Verifying the iscsi Mount. Verifying the iscsi Mount To verify that the iscsi mounts properly: This procedure is not required when configuring iscsi on a secondary HA host. Type the following df -h Review the screen output and look for the newly added volume. For example: # df -h Filesystem Size Used Avail Use% Mounted on /dev/sda2 12G 5.4G 6.5G 46% / /dev/sda1 99M 50M 44M 54% /boot /dev/sda3 11G 406M 9.7G 4% /var/log /dev/sdc1 910G 558M 663G 1% /store/temp /dev/sda5 10G 33M 10G 1% /store/ # Troubleshooting To prevent iscsi disk and communication issues, we recommend that you connect the STRM, the iscsi server, and network switches to an Uninterruptable Power Supply (UPS) to prevent power loss. Power failure in a network switch may result in your iscsi volume reporting disk errors or remaining in a read-only state. This section provides basic troubleshooting information for iscsi communications and includes: Detecting Disk Errors Unmounting and Remounting the iscsi Volume Verifying iscsi Connections Detecting Disk Errors After Power failure in a network switch, we recommend that you perform the following test to detect disk errors: Log in to STRM as root. Type the following touch /store/ariel/filename.txt or touch /store/filename.txt

Troubleshooting 11 If your iscsi volume is mounted properly and you have write permission to the volume, the touch command creates an empty file named filename.txt on your iscsi volume. If you receive a read-only error message, see Unmounting and Remounting the iscsi Volume Unmounting and Remounting the iscsi Volume Step 3 Step 4 Step 5 If you detected a disk error, such as the file system in a read-only state, you can attempt to correct the disk error by unmounting and remounting the iscsi volume: Log in to STRM as root. To stop the services, choose one of the following options: If you migrated /store to the iscsi storage solution, type the following commands in the specified order: service hostcontext stop service tomcat stop service imq stop service postgresql stop service systemstabmon stop If you migrated /store/ariel to the iscsi storage solution, type the following service hostcontext stop To unmount the iscsi volume, choose one of the following options: If you migrated /store to the iscsi storage solution, type the following umount /store If you migrated /store/ariel to the iscsi storage solution, type the following umount /store/ariel This attempts to unmount the data on the iscsi volume. To mount the iscsi volume, choose one of the following options: If you migrated /store to the iscsi storage solution, type the following mount /store If you migrated /store/ariel to the iscsi storage solution, type the following mount /store/ariel This attempts to re-mount the data on the iscsi volume. To test the mount, choose one of the following options:

12 TECHNICAL Step 6 Verifying iscsi Connections Step 3 If you migrated /store to the iscsi storage solution, type the following touch /store/filename.txt If you migrated /store/ariel to the iscsi storage solution, type the following touch /store/ariel/filename.txt If you continue to receive a read-only error message after remounting the disk, we recommend that you reconfigure your iscsi volume, see Configuring iscsi. Alternatively, you can unmount the file system again and run a manual file system check with the following fsck /dev/<disk>, where <disk> is the volume ID of the external storage volume. If you do not know the drive name, remount the volume and then check the mounted volumes with the mount grep command. To start the services, choose one of the following options: If you migrated /store to the iscsi storage solution, type the following commands in the specified order: service systemstabmon start service postgresql start service imq start service tomcat start service hostcontext start If you migrated /store/ariel to the iscsi storage solution, type the following command service hostcontext start To verify that the iscsi connection is still responding on your network: Log in to STRM as root. To test the connection to your iscsi storage, type the following ping <iscsi_storage_ip_address> To verify the iscsi service is running and that the iscsi port is available, type the following telnet <iscsi_storage_ip_address> 3260 Port 3260 is the default listen port for iscsi storage. Step 4 To verify that the iscsi device has a valid target and connections, type the following iscsiadm list target

Troubleshooting 13 Step 5 Step 6 The output from this command may resemble: Target: iqn.2008-11.com.q1labs:p113 TPGT: default ISID: 1001143c0000 Connections: 0 Review the screen output to verify the iscsi device has a valid target and connections. If your iscsi volume shows no target or 0 (zero) connections, access and review the /var/log/messages folder for specific errors occurring in your iscsi storage configuration. If you do not locate errors in the error log, we recommend that you contact your Network Administrator to confirm iscsi server availability or network configuration changes. If your network configuration has changed, you must reconfigure your iscsi volume, see Configuring iscsi.

Juniper Networks, Inc. 1194 North Mathilda Avenue Sunnyvale, CA 94089 USA 408-745-2000 www.juniper.net Copyright 2012 Juniper Networks, Inc. All rights reserved. Juniper Networks, Junos, Steel-Belted Radius, NetScreen, and ScreenOS are registered trademarks of Juniper Networks, Inc. in the United States and other countries. The Juniper Networks Logo, the Junos logo, and JunosE are trademarks of Juniper Networks, Inc. All other trademarks, service marks, registered trademarks, or registered service marks are the property of their respective owners. All specifications are subject to change without notice. Juniper Networks assumes no responsibility for any inaccuracies in this document or for any obligation to update information in this document. Juniper Networks reserves the right to change, modify, transfer, or otherwise revise this publication without notice.

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback