2 fibre channel switch zoning, 4 server security policy, 5 release notes – HP StorageWorks Scalable File Share User Manual
Page 17: 1 new and changed information in this edition, 4 server security policy 1.5 release notes
IMPORTANT:
Memory requirements for HP SFS G3.2-0 have increased from previous versions.
Before deciding whether to upgrade to HP SFS G3.2-0, please determine whether additional
memory is needed for your systems. Insufficient memory can cause poor performance, or can
cause the system to become unresponsive and/or crash.
A new default feature called OSS Read Cache in Lustre V1.8 increases performance for read
intensive workloads at the expense of additional memory usage on the OSS servers. If you don't
have sufficient memory for proper operation of the OSS Read Cache feature, or don't want to
use the functionality, see the Lustre Operations Manual section 22.2.7.1 for instructions on disabling
the capability.
1.3.1.2 Fibre Channel Switch Zoning
If your Fibre Channel is configured with a single Fibre Channel switch connected to more than
one server node failover pair and its associated MSA storage devices, you must set up zoning
on the Fibre Channel switch. Most configurations are expected to require this zoning. The zoning
should be set up such that each server node failover pair only can see the MSA2000 storage
devices that are defined for it, similar to the logical view shown in
. The
Fibre Channel ports for each server node pair, and its associated MSA storage devices should
be put into the same switch zone.
For the commands used to set up Fibre Channel switch zoning, see the documentation for your
specific Fibre Channel B-series switch available from:
1.4 Server Security Policy
The HP Scalable File Share G3 servers run a generic Linux operating system. Security
considerations associated with the servers are the responsibility of the customer. HP strongly
recommends that access to the SFS G3 servers be restricted to administrative users only. Doing
so will limit or eliminate user access to the servers, thereby reducing potential security threats
and the need to apply security updates. For information on how to modify validation of user
credentials, see
“Configuring User Credentials” (page 33)
.
HP provides security updates for all non-operating-system components delivered by HP as part
of the HP SFS G3 product distribution. This includes all rpm's delivered in /opt/hp/
sfs
. Additionally, HP SFS G3 servers run a customized kernel which is modified to provide
Lustre support. Generic kernels cannot be used on the HP SFS G3 servers. For this reason, HP
also provides kernel security updates for critical vulnerabilities as defined by CentOS kernel
releases which are based on RedHat errata kernels. These kernel security patches are delivered
via ITRC along with installation instructions.
It is the customer's responsibility to monitor, download, and install user space security updates
for the Linux operating system installed on the SFS G3 servers, as deemed necessary, using
standard methods available for CentOS. CentOS security updates can be monitored by subscribing
to the CentOS Announce mailing list.
1.5 Release Notes
1.5.1 New and Changed Information in This Edition
•
CentOS 5.3 support on clients and servers (required on servers)
•
Lustre 1.8.0.1 support (required on servers)
•
OFED 1.4.1 support (required for IB servers)
•
Mellanox 10GbE MLNX_EN driver version 1.4.1 (required for 10 GigE servers)
•
InfiniBand Quad Data Rate (QDR) support
1.4 Server Security Policy
17