Basic Administration

ssh sanify@node

Connect a shell session to any node in the cluster.

show license

This command is used to display the current cluster license. It shows how much space the cluster is licensed to use.

set license <clusterid> <space> <key>

This command will modify the current license.

show daemons

6: ok
6: v12 core 363774
6: hostname -address--------- did mship s cc vector-times-------------------------
6: node51   192.168.1.51:6160 D1  m7         [58c5c] [11 e c e 9 8] [11 e c e 9 8]
6: node52   192.168.1.52:6160 D6  m6      ** [58c5c] [11 e c e 9 8] [11 e c e 9 8]
6: node53   192.168.1.53:6160 D5  m9         [58c5c] [11 e c e 9 8] [11 e c e 9 8]
6: node54   192.168.1.54:6160 D3  m4      *  [58c5c] [11 e c e 9 8] [11 e c e 9 8]
6: node55   192.168.1.55:6160 D2  m2      *  [58c5c] [11 e c e 9 8] [11 e c e 9 8]
6: node56   192.168.1.56:6160 D4  m3         [58c5c] [11 e c e 9 8] [11 e c e 9 8]
6: -------- ----------------- --- ----- - -- -------------------------------------
6: 6                          6   6     0 3

This command shows one line for each daemon in the cluster, including it's most recent hostname, port it is communicating on, id, whether or not it is a member of the group, is suspected, in the core, is the coordinator, and it's vector times. Check to make sure each node has a daemon and is a member of the group.

show space

7: ok
7: hostname -address--------- did mship s cid offline visible -space-
7: node51   192.168.1.51:6160 D1  m7      C1             160G   4.00T
7: node52   192.168.1.52:6160 D6  m6      C6             158G   4.00T
7: node53   192.168.1.53:6160 D5  m9      C5             160G   4.00T
7: node54   192.168.1.54:6160 D3  m4      C4             160G   4.00T
7: node55   192.168.1.55:6160 D2  m2      C2             159G   4.00T
7: node56   192.168.1.56:6160 D4  m3      C3             160G   4.00T
7: -------- ----------------- --- ----- - --- ------- ------- -------
7: 6                          6   6     0 6      0.00    957G   24.0T

This command shows how much space is used and how much exists. Each row is for a Cell and will show the daemon it is in, it's id, whether the used space is offline (a nonmember daemon) or visible (member daemons).

set tolerance 1

If the cluster has at least 5 daemons, this command will set it to allow no single point of failure.

create volume name example size 120GB

This will create a volume named 'example' using the default security policy of insecure, replicas, and stripes. You should now be able to discover the example volume using your initiator, as well as connect to and use it.

show volumes

8: ok
8: vid name------ size r s d steward lock------------------------------------
8: V1             120G 2 1   m7      D1 iqn.1991-05.com.microsoft:pc
8: --- ---------- ---- - - - ------- ----------------------------------------
8: 5              120G

This shows one row for each volume in the cluster, it's size, replicas, stripes, whether it is being deleted, which daemon has it available in a portal group, and the current lock holder.

destroy volume V1

This will destroy the volume and reclaim the space it used.

help

Syntax for the various commands.

quit

This will log you back out of the admin and shell.

Security Administration

It is not necessary to use Sanify iSCSI authentication and by default the security is set to insecure.

Configuring for one way iSCSI CHAP authentication causes a target to authenticate an initiator. This is done using a secret which initiators often refer to as a target secret, which is a misnomer. In order for the initiator to authenticate the target, mutual CHAP authentication additionally causes an initiator to authenticate a target with a secret which initiators often refer to as an initiator secret.

Since one way iSCSI CHAP authentication only authenticates the initiator, it therefor allows a rogue target. A rogue target can spoof a volume or engage in a "man in the middle" attack. One way iSCSI CHAP authentication is not very secure.

Although two way CHAP is secure if properly implemented, using the same secret to authenticate multiple targets in not very secure either since it allows any initiator or target with the secret to be a rogue target.

Microsoft iSCSI Initiator Notes and Limitations

• The initiator counter intuitively refers to the secret used to authenticate an initiator as the target secret, and the secret used to authenticate a target as the initiator secret.
• The Control Panel does not ask for a secret to authenticate a target when connecting to it. The secret must instead be specified on a separate tab before each connection, which seems to suggest the same secret should be used to authenticate multiple targets. For security reasons, a Sanify cluster does not allow different targets to use the same secret and it is better if each initiator uses a different secret to authenticate a target (Sanify discrete security).
• Although the Control Panel preserves 'favorite' connections and reconnects to them on reboot, it does not populate the 'connect' option with preserved authentication arguments.
• The Control Panel mutual authentication works for Connect, but after reboot, the persistent target will not authenticate the target as specified and performs one way authentication.

specify initiator iqn.1991-05.com.microsoft:pc
show initiator

9: ok
9: iqn.1991-05.com.microsoft:pc
9:     iqn.1991-05.com.microsoft:pc                      33BFE341632C71DD

This identifies an initiator to the cluster and generates a secret that will be used to authenticate it when it connects to a target in the cluster. Note that this may be referred to as the target secret by the initiator.

specify target V1 communal

This is the most basic authentication protocol a target can require. The target will authenticate the initiator and allows any initiator it can authenticate to connect. The target optionally allows the initiator to authenticate it.

show target

10: ok
10: V1 [communal]
10:     iqn.2003-08.com.sanify:vid.420481c294c3556a.1    2836A9F35D52B7A9

This shows the name and secret that the initiator should use to authenticate the target. It secret may be referred to by the initiator as the initiator secret.

specify target V1 restricted
specify auth initiator iqn.1991-05.com.microsoft:pc target V1
show initiator iqn.1991-05.com.microsoft

13: submitted
13: ok
13: iqn.1991-05.com.microsoft:pc
13:     iqn.1991-05.com.microsoft:pc                     33BFE341632C71DD
13:   V1 [restricted]
13:     iqn.1991-05.com.microsoft:pc                     33BFE341632C71DD
13:     iqn.2003-08.com.sanify:vid.420481c294c3556a.1    2836A9F35D52B7A9

This changed the target to restricted security, so only the subsequently specified initiator is allowed to connect to it. The show command displays the initiator credentials followed by the two name/secret pairs for each authorized connection. The first row pair are the name and secret used to authenticate the initiator, the second row pair are used to mutually authenticate the target.

remove auth target V1
specify target V1 discrete
specify auth initiator iqn.1991-05.com.microsoft:pc target V1
show target V1

17: V1 [discrete]
17:     iqn.2003-08.com.sanify:vid.420481c294c3556a.1    -
17:   iqn.1991-05.com.microsoft:pc
17:     iqn.1991-05.com.microsoft:pc                     33BFE341632C71DD
17:     iqn.2003-08.com.sanify:vid.420481c294c3556a.1    C9A861F7D9B28AB1

The discrete security mode takes this one step further and provides a unique chap secret for each initiator to authenticate a target with when it performs mutual authentication. This will prevent rogue targets from spoofing and engaging in man in the middle attacks.

specify security discrete
show security

19: ok
19:                        insecure     0
19:                        communal     0
19:                        restricted   0
19:                default discrete     1
19:                        --------------
19: Initiators    1        Targets      1

This sets the default security to be used when volumes are created, then shows the total initiators and total number of volumes with each security policy.