• Configuring IP multi-tenancy


    Configuring IP multi-tenancy

    About IP multi-tenancy

    IP multi-tenancy provides the ability to assign isolated, file-based storage partitions to the NAS servers on a storage processor. Tenants are used to enable the cost-effective management of available resources, while at the same time ensuring that tenant visibility and management is restricted to assigned resources only.

    With IP multi-tenancy, each tenant can have its own:

    • IP addresses and port numbers.
    • VLAN domain.
    • Routing table.
    • IP firewall.
    • DNS server or other administrative servers to allow the tenant to have its own authentication and security validation.

    IP multi-tenancy is implemented by adding a tenant to the storage system, associating a set of VLANs with the tenant, and then creating one NAS server for each of the tenant's VLANs, as needed. It is recommended that you create a separate pool for the tenant and that you associate that pool with all of the tenant's NAS servers.

    Note the following about the IP multi-tenancy feature:

    • There is a one-to-many relationship between tenants and NAS servers. A tenant can be associated with multiple NAS servers, but a NAS server can be associated with only one tenant.
    • You can associate a NAS server with a tenant when you create the NAS server. Once you create a NAS server that is associated with a tenant, you cannot change this association. (You cannot associate this NAS server with any other tenant or remove the association with this tenant.)
    • During replication, data for a tenant is transferred over the service provider's network rather than the tenant's network.
    • Because multiple tenants can share the same storage system, a spike in traffic for one tenant can negatively impact the response time for other tenants.

    Configuring IP multi-tenancy

    To configure IP multi-tenancy, follow this process:

    1. Create a storage pool for each tenant (recommended).
    2. Add the tenants to the system. When you add tenants, you assign each one a non-overlapping set of VLANs.
    3. Create a NAS server for each tenant. When you create a NAS server, select the tenant to associate with the NAS server, and select the tenant's pool, which will be used to store the NAS server's metadata. You can add network interface information for the tenant now or later on.
      Note:  In a network interface, each subnet must be unique for a given VLAN. Using the same subnet for different VLANs can cause connectivity issues.
    4. Create the file systems and shares for each tenant.
    5. Configure hosts access for the tenant's NFS shares.

    The following table shows the Unity components used for tenants T1 and T2. In this example, each tenant has two VLANs and separate NAS servers for the Engineering (eng) and Human Resources (hr) departments. Each NAS server has one file system and one share.

    Table 1. Unity components for tenant T1
    NAS servers
    File systems
    Table 2. Unity components for tenant T2
    NAS servers
    File systems

    Add a tenant

    Before you begin

    Obtain the VLAN IDs to associate with the tenant.

    1. Under Storage, select File > Tenants.
    2. Select the Add icon.
    3. Specify the information on the Add Tenant window. If this is the first creation of a tenant in your environment, have the system automatically generate a UUID value for this tenant. Otherwise, for existing tenants in your environment that have a system generated UUID value, enter that UUID value manually.

    Change tenant properties

    1. Under Storage, select File > Tenants.
    2. Select the Edit icon.
    3. Change the tenant name, and add or remove associated VLANs. You can add a VLAN ID to a tenant if:
      • The VLAN ID is not associated with an existing tenant.
      • No network interfaces use the VLAN ID.

    Configure file replication for a tenant

    In a multi-tenancy environment, you can replicate the NAS servers, routes, and file systems for a specific tenant.

    For general information about replication, see the Unity online help and Configuring Replication, which is available from the UnityOE Features Info Hub.

    1. Create a pool for the tenant on the destination system.
    2. Add the tenant to the destination system. When you add the tenant, use the same UUID and VLANs as the tenant on the source system.
    3. If you are configuring remote replication, perform the following steps to set up the remote connection. Once you set this up, the same connection can be used again for subsequent replication sessions between the same systems.
      1. Configure a mobility interface on the source and destination systems. The IP addresses of both systems should be on the same subnet.
      2. Configure a replication connection on the source system using the Asynchronous connection mode.
    4. On the NAS server properties page, create a replication session for the NAS server associated with the file storage. When you configure this session, specify the pool you created in Step 1.
      Storage resources included in a NAS server automatically get replicated when a replication session is first configured for the NAS server. The replication session for the storage resources will inherit the same attributes as the associated replication session of the associated NAS server. For the storage resources you do not want participating in replication, you can choose to remove the associated replication sessions manually.
    5. To configure automatic synchronization of the NAS server and all of its files, select Sync on the Replication tab of the source NAS server.
    6. To replicate the NAS server and a specific file system, access the properties page for the source file system, and select Sync on the Replication tab.