No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

eSight V300R009C00 Operation Guide 10

Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Connecting to a Device

Connecting to a Device

Support Device Access Protocol and Methods of Adding the Devices

Storage supported device access protocol and methods of adding the devices.

Table1 describes various protocols.

Table 10-1 Protocol description

Protocol

Description

SSL

Secure Socket Layer, a security protocol that works at a socket level. This layer exists between the TCP layer and the application layer to encrypt/decode data and authenticate concerned entities.

SMI-S

SMI-S, or the Storage Management Initiative – Specification, is a storage standard developed and maintained by the Storage Networking Industry Association (SNIA).

SNMP

A network management protocol of TCP/IP. It enables remote users to view and modify the management information of a network element. This protocol ensures the transmission of management information between any two points. The polling mechanism is adopted to provide basic function sets. According to SNMP, agents, which can be hardware as well as software, can monitor the activities of various devices on the network and report these activities to the network console workstation. Control information about each device is maintained by a management information block.

Telnet

A standard terminal emulation protocol in the TCP/IP protocol stack. Telnet allows users to log in to remote systems and use resources as if they were connected to a local system. Telnet is defined in RFC 854.

TLV

An encoding type that features high efficiency and expansibility. It is also called Code-Length-Value (CLV).

  • T indicates that different types can be defined through different values.
  • L indicates the total length of the value field.
  • V indicates the actual data of the TLV and is most important.

TLV encoding features high expansibility. New TLVs can be added to support new features, which is flexible in describing information loaded in packets.

REST

Representational State Transfer (REST) is a style of software architecture for distributed systems such as the World Wide Web. REST has emerged as a predominant Web service design model. REST facilitates the transaction between web servers by allowing loose coupling between different services.

SSH

Secure Shell, a set of standards and an associated network protocol that allows establishing a secure channel between a local and a remote computer. A feature to protect information and provide powerful authentication function for a network when a user logs in to the network through an insecure network. It prevents IP addresses from being deceived and simple passwords from being captured.

HTTPS

Hypertext Transfer Protocol Secure, an HTTP protocol that runs on top of transport layer security (TLS) and Secure Sockets Layer (SSL). It is used to establish a reliable channel for encrypted communication and secure identification of a network web server. For details, see RFC2818.

WMI

The Microsoft extension to the Distributed Management Task Force (DMTF) Web-based Enterprise Management (WBEM) initiative.

Table2 lists types of devices that can be connected to the eSight, specific device names, and methods of adding the devices to eSight.

Table 10-2 Methods to add devices and applications as well as used protocols

Type

Device

Can Be Automatically Discovered or Not (Y/N)

Support Automatic Registration of Trap IP Address or Not (Y/N)

Can Be Added in Batches or Not (Y/N)

Can Be Added One by One or Not (Y/N)

-

SNMP Protocol

SSH Protocol

SMI-S Protocol

TLV Protocol

REST Protocol

SNMP+Telnet Protocol

-

-

Huawei Storage(Enterprise Storage)

OceanStor T

OceanStor T series (V100R001/V100R002/V100R005)

N

N

Y

N

N

N

Y

Y

Y

OceanStor T series (V200R001)

N

N

N

Y

N

N

Y

Y

Y

OceanStor T series (V200R002)

N

N

N

N

Y

N

Y

Y

Y

OceanStor V3

2200 V3/2600 V3 (V300R005/V300R006C00/V300R006C01)/2600 V3 for Video (V300R005C01)

N

N

N

N

Y

N

Y

Y

Y

2800 V3 (V300R001C00/V300R003C10/V300R003C20/V300R006C00/V300R006C01)

N

N

N

N

Y

N

Y

Y

Y

5300 V3/5500 V3/5600 V3/5800 V3/6800 V3 (V300R001C10/V300R001C20/V300R002C10/V300R003C00/V300R003C10/V300R003C20/V300R006C00/V300R006C01)

N

N

N

N

Y

N

Y

Y

Y

2600F V3/5500F V3/5600F V3/5800F V3/6800F V3(V300R006C00)

N

N

N

N

Y

N

Y

Y

Y

2600F V3/18500 V3/5800F V3/5500 V3/6800 V3/2800 V3/2200 V3/2600 V3/5300 V3/5800 V3/5500F V3/5600 V3/5600F V3/6800F V3/18800F V3/18800 V3/18500F V3(V300R006C10)

N

N

N

N

Y

N

Y

Y

Y

OceanStor 2100 V3/2200 V3/2600 V3/2600F V3/2600 V3 for Video/2800 V3/5300 V3/5500 V3/5600 V3/5800 V3/6800 V3/18500 V3/18800 V3/5500F V3/5600F V3/5800F V3/6800F V3/18500F V3/18800F V3(V300R006C20/V300R006C30)

N

N

N

N

Y

N

Y

Y

Y

OceanStor V5

2800 V5/5300 V5/5500 V5/5500 V5 Elite/5600 V5/5800 V5/6800 V5/18500 V5/18800 V5/5300F V5/5500F V5/5600F V5/5800F V5/6800F V5/18500F V5/18800F V5(V500R007C00/V500R007C10/V500R007C20)

N

N

N

N

Y

N

Y

Y

Y

OceanStor 18000

OceanStor 18500/OceanStor 18800/OceanStor 18800F (V100R001/V300R003/V300R005/V300R006), 18500F V3/18800F V3 (V300R006C00/V300R006C01) and OceanStor HVS85T/OceanStor HVS88T (V100R001C00/V100R001C30SPC200)

N

N

N

N

Y

N

Y

Y

Y

OceanStor HVS85T/OceanStor HVS88T (V100R001C99)

N

N

N

Y

N

N

Y

Y

Y

OceanStor Dorado

OceanStor Dorado 2100 G2 (V100R001)

N

N

Y

N

N

N

Y

Y

Y

OceanStor Dorado 5100 (V100R001C00)

N

N

Y

N

N

N

Y

Y

Y

OceanStor Dorado V3

OceanStor Dorado 5000 (V300R001C01/V300R001C21/V300R001C30)

N

N

N

N

Y

N

Y

Y

Y

OceanStor Dorado 6000 (V300R001C00/V300R001C21/V300R001C30)

N

N

N

N

Y

N

Y

Y

Y

OceanStor Dorado 18000(V300R001C30)

N

N

N

N

Y

N

Y

Y

Y

OceanStor VIS

OceanStor VIS6000/OceanStor VIS6000T

N

N

Y

N

N

N

Y

Y

Y

OceanStor S2000

OceanStor S2600 (V100R002/V100R005)

N

N

Y

N

N

N

Y

Y

Y

OceanStor S5000

OceanStor S5000 (V100R005C02)

N

N

Y

N

N

N

Y

Y

Y

OceanStor S5000 (V100R001)

Y

N

N

N

N

N

Y

Y

Y

OceanStor VTL6900 (V100R005C00)

N

N

N

Y

N

N

Y

Y

Y

OceanStor VTL6900 (V100R005C10)

N

Y

N

N

N

N

Y

Y

Y

VTL Solution

N

Y

N

N

N

N

N

Y

Y

OceanStor HDP3500E

Y

N

N

N

N

N

Y

Y

Y

OceanStor UDS (V100R002)

N

N

N

N

Y

N

N

Y

Y

OceanStor CSS/OceanStor CSE

Y

N

N

N

N

N

Y

Y

Y

Huawei Storage(FusionStorage Block)

FusionStorage Block

N

N

N

N

Y

N

Y

Y

Y

Block Cluster

N

N

N

N

Y

N

Y

Y

Y

Huawei Storage(OceanStor 9000)

OceanStor 9000(V300R006C00/V300R006C10/V300R006C20)

N

N

N

N

Y

N

Y

Y

Y

Huawei Storage(OceanStor N8000)

OceanStor N8000

N

N

Y

N

N

N

Y

Y

Y

Huawei Storage(FusionStorage File/Object)

FusionStorage File/Object

N

N

N

N

Y

N

Y

Y

Y

Huawei Storage(FusionStorage Object)

FusionStorage Object (V100R006C00/V100R006C00SPC600/V100R006C10)

N

N

N

N

Y

N

Y

Y

Y

Huawei Storage(FusionStorage File)

FusionStorage File(V100R006C00/V100R006C01/V100R006C10)

N

N

N

N

Y

N

Y

Y

Y

Storage(Standard SMI-S)

OceanStor 5500 V3 (V300R006C10)

N

N

N

N

N

N

N

Y

Y

HP 3PAR 8200

N

N

N

N

N

N

N

Y

Y

EMC Unity 300

N

N

N

N

N

N

N

Y

Y

Third-party storage

NetApp (3992/3994/FAS3160/980C)

N

N

Y

N

N

N

N

Y

Y

Inspur (AS400)

N

N

N

N

N

Y

N

Y

Y

Inspur (AS2000 (OEM NetApp 7900)/AS1000–G6 (OEM NetApp 5480)/AS1000–G3 (OEM NetApp 4980))

N

N

Y

N

N

N

N

Y

Y

DFT (GS3992 (OEM NetApp 3992))

N

N

Y

N

N

N

N

Y

Y

EMC (CX3/CX4)

N

N

Y

N

N

N

N

Y

Y

IBM (DS8100)

N

N

Y

N

N

N

N

Y

Y

HP (EVA)

N

N

Y

N

N

N

N

Y

Y

HP_3PAR 8400

N

N

Y

N

N

N

N

Y

Y

Sugon (DS8348 (OEM NetApp 3994)/DS8340(OEM NetApp 3992)/DS800–F10(OEM NetApp 4980)/DS800–F20(OEM NetApp 4988))

N

N

Y

N

N

N

N

Y

Y

Sugon (DS600–F20(OEM Infortrend)/DS600–F10 (OEM Infortrend))

Y

N

N

N

N

N

N

Y

Y

Hitachi

N

N

Y

N

N

N

N

Y

Y

EMC(XtremIO)

N

N

N

N

Y

N

Y

Y

Y

NOTE:
  • The OceanStor 18000 device port is 8088.
  • The OceanStor 18500/OceanStor 18800 (V100R001C00) device port is 443.
  • After OceanStor HVS85T V100R001C99 or OceanStor HVS88T V100R001C99 is upgraded to V100R001C30SPC200, change the default port to 443 before discovering the device again.
  • After a device supporting automatic registration of the trap IP address is connected to eSight, eSight automatically registers the IP address and port number on the device for alarm reporting.
    • If eSight is deployed in a multi-subnet environment, the registered trap IP address of eSight must be on the same network as the device. For details about how to configure multiple subnets, see "Configuring Multi-subnet Management" in the eSight Installation Guide.
    • Some third-party storage devices and switches do not support automatic registration of the trap IP address. To enable these devices to report alarms, you need to manually register the trap IP address on these devices. For details about how to register the IP address and port number of eSight, see the product documentation on the device. The default port number is 162 or 10162.
    • If eSight is deployed in the southbound and northbound isolation scenario, the trap IP address registered on the device is the southbound IP address of eSight.

Before connecting to the devices, you need to understand the specific device names, and methods of adding the Fibre Channel switches to eSight.

Type

Device

Can Be Automatically Discovered or Not (Y/N)

Support Automatic Registration of Trap IP Address or Not (Y/N)

Can Be Added in Batches or Not (Y/N)

Can Be Added One by One or Not (Y/N)

-

SNMP Protocol

SMI-S Protocol

SMI-S+SSH

TLV Protocol

REST Protocol

SNMP+Telnet Protocol

-

-

Brocade (SilkWorm series/48000/DCX 4S)

N

Y

N

N

N

N

N

Y

Y

Brocade(G620/X6-4/X6-8)

N

Y

Y

N

N

N

N

Y

Y

HUAWEI SNS5608/SNS5604/SNS3664

N

Y

Y

N

N

N

N

Y

Y

HUAWEI SNS5192 (V100R002C01)

N

Y

N

N

N

N

N

Y

Y

HUAWEI SNS2124/SNS2224/SNS2248 (V100R002C00)

N

Y

N

N

N

N

N

Y

Y

HUAWEI SNS2120 (V100R001)

Y

N

N

N

N

N

N

Y

Y

HUAWEI SNS5120

Y

N

N

N

N

N

N

Y

Y

QLogic

Y

N

N

N

N

N

N

Y

Y

Table3 lists types of devices that can be connected to the eSight, specific device names, and methods of adding the devices to eSight.

Table 10-3 Methods to add devices and applications as well as used protocols

Type

Device

Can Be Automatically Discovered or Not (Y/N)

Can Be Added in Batches or Not (Y/N)

Can Be Added One by One or Not (Y/N)

-

HTTPS Protocol

WMI Protocol

SSH Protocol

-

Windows

Y (Agent discovery)

Authentication mode: certificate

Port: 43156

Y (Agentless discovery)

N

Y

Linux

Y (Agent discovery)

N

Y (Agentless discovery)

Y

NOTE:

When the HTTPS protocol (Agent) is used for automatic discovery and the host firewall is enabled, enable port 43156 in the firewall. For details, see eSight Cannot Discover Hosts After the Agent is Configured. If alarms cannot be discovered after the connection, add port 10165 in the firewall to the exception list. For details, see host Alarms Cannot Be Reported to eSight After Agent Is Deployed.

Table4 compares Agent- and Agentless-based discovery.

Table 10-4 Comparison of Agent and Agentless-based discovery

Installation Mode

Supported Protocol

Function

Agent

HTTPS, ensuring security

Monitors the performance and alarms of hosts.

Agentless

  • WMI (Windows-based host)
  • SSH (Linux-based host)

Manages hosts, but does not monitors the performance and alarms of hosts.

Setting SNMP Parameters for Storage Devices

When adding storage devices to eSight, you need to set SNMP parameters so that alarms of the devices can be reported to eSight. This section uses Huawei OceanStor 5500 V3 (V300R003C20) as an example to describe how to query and set SNMP parameters on the device.

Prerequisites

  • You have obtained the IP address, user name, and password of the OceanStore 5500 V3 device.
  • The OceanStor 5500 V3 device is properly connected to and can communicate with the eSight server.
  • A cross-platform operation tool, such as XShell, PuTTY, or WinSCP, is available.

Context\

The command format varies depending on storage device model. You can download the product documentation of Huawei storage devices from Huawei technical support website. For non-Huawei devices, contact the after-sales personnel of the devices. To download the product documentation from Huawei technical website, perform the following operations:

To add a device to eSight, you need to collect the following SNMP parameters:

  • SNMPv3: port, user name (USM user name), authorization and authentication protocol, authorization and authentication password, data encryption protocol, and data encryption password
  • SNMPv2c: read community and write community

Procedure

  1. Set SNMPv3 parameters (through DeviceManager).

    NOTE:
    • For Huawei storage devices using the Integrated Storage Manager (ISM), see the product documentation of the devices.
    • The DeviceManager has compatibility requirements on the operating system and browser. For details, see the product documentation of the corresponding device.
    1. Open Internet Explorer, enter https://XXX.XXX.XXX.XXX:8088 in the address box, and press Enter to log in to the DeviceManager.
      NOTE:

      In the URL, XXX.XXX.XXX.XXX indicates the IP address of the storage device.

    2. In the navigation tree on the right, click Settings.
    3. Click Alarm Settings.
    4. Choose Manage USM User from the navigation tree on the left.

      The list of existing USM users and their authentication protocols and encryption protocols are displayed. You can add and modify USM users.

    5. In the navigation tree on the left, click Trap IP Address Management.

      The list of existing trap servers and alarm versions and port numbers are displayed. You can add and modify trap IP address information.

  2. Set SNMPv3 parameters (through commands).

    1. Enter the device IP address, user name, and password to log in to the CLI through SSH.
    2. Run the following command to query the configurations of all USM users:

      show snmp usm

      In the following example, the USM user name is Kaimse, the authentication protocol is SHA, and the encryption protocol is AES.

      admin:/>show snmp usm 
      User Name Is Default Authenticate Protocol Private Protocol User Level 
      --------- ---------- --------------------- ---------------- -----------  
      Kaimse    Yes        SHA                   AES              Read Only     
    3. If no USM user exists, run the following command to add one:

      add snmp usm user_name=? authenticate_protocol=? private_protocol=? [ user_level=? ]

      NOTE:
      • To ensure data security, you are advised to use SHA as the authentication protocol (authenticate_protocol) and AES as the data encryption protocol (private_protocol).
      • The operations of user_level include read_only or read_write. The default value is read_write. USM users of the read-only level can only read device information. USM users of the read-write level can read and write device information. All USM users can report trap messages.

      The following example is to add a USM user whose name is user, authentication protocol is SHA, and data encryption protocol is AES:

      admin:/>add snmp usm user_name=user authenticate_protocol=SHA private_protocol=AES 
      Please input your authenticate password:*************** 
      Please input your authenticate password again:*************** 
      Please input your private password:*************** 
      Please input your private password again:*************** 
      Command executed successfully. 
    4. Run the following command to modify the existing USM user information:

      change snmp usm user_name=? authenticate_protocol=? private_protocol=? [ user_level=? ]

      The following example is to change the authentication protocol to SHA and data encryption protocol to AES for the USM user whose name is user:

      admin:/>change snmp usm user_name=user authenticate_protocol=SHA private_protocol=AES 
      Please input your authenticate password:*************** 
      Please input your authenticate password again:*************** 
      Please input your private password:*************** 
      Please input your private password again:*************** 
      Command executed successfully. 
    5. Run the following command to query the port number of the SNMP service:

      show snmp port

      In the following example, the port number of the SNMP service is 161:

      admin:/>show snmp port 
        SNMP Listening Port : 161
    6. Run the following command to set the port number of the SNMP service:

      change snmp port port_number=?

      The following example is to set the port number of the SNMP service to 161:

      admin:/>change snmp port port_number=161 
      WARNING: You are about to change the listening port of the SNMP service. This operation may cause the restart of the SNMP service and use the newly configured listening port. 
      Suggestion: Before you perform this operation, disconnect the network management software and SNMP service. After the configuration is successful, use the new port to connect to SNMP service. 
      Have you read warning message carefully?(y/n)y 
      Are you sure you really want to perform the operation?(y/n)y 
      Command executed successfully.

  3. Set SNMPv2c parameters (through commands).

    1. Enter the device IP address, user name, and password to log in to the CLI through SSH.
    2. Run the following command to check the status of the SNMPv2c protocol:

      show snmp version

      The following example indicates that SNMPv2c is disabled:

      admin:/>show snmp version 
       SNMP V1V2C Switch : Off
      NOTE:
      • To ensure compatibility, the system reserves the support for SNMPv2c. For data transmission security, you are advised to use SNMPv3.
      • By default, SNMPv2c is disabled, and SNMPv3 is enabled.
      • The SNMPv2c protocol can be used to add storage devices to eSight only when SNMPv2c is enabled.
    3. Run the following command to enable or disable the SNMPv2c protocol:

      change snmp version v1v2c_switch=?

      The following example indicates to enable the SNMPv2c protocol:

      admin:/>change snmp version v1v2c_switch=On 
      CAUTION: You are about to enable SNMPv1 and SNMPv2c. But you are advised to use the secure SNMPv3 protocol only. 
      Do you wish to continue?(y/n)y 
      Command executed successfully.     
    4. Run the following command to change the read and write communities:

      change snmp community read_community=? write_community=?

      The following example indicates to change the read-only community and read-write community to Storage@Public1 and Storage@Private1, respectively.

      admin:/>change snmp community read_community=*************** write_community=**************** 
      Command executed successfully.

Adding a Single Huawei Storage Device

If you want a few Huawei storage devices to access the eSight, you can add Huawei storage devices one by one.

Prerequisites

  • You have obtain the IP address, user name, and password of the device.
    NOTE:

    You are advised to add the administrator account on the storage device. The account is used only for connecting to eSight. Keep it properly.

  • Storage manager has been installed.
  • If the storage certificate authentication function has been enabled, ensure that storage device certificates are imported. For details, see (Optional) Storage Certificate Authentication.

Context

For details about how to obtain configuration parameters for adding devices to eSight, see the product documents of related devices. The methods for obtaining related documents are as follows:

For details about how to configure parameters for SNMP, see JDK Parameter Setting Tool.

The storage arrays use the MD5 to encrypt device users' passwords. There is a possibility that device users' passwords are cracked and leaked.

You need to configure jdk parameters if you enable SSL for the first time. For details about how to configure the jdk parameter, see Configuring the jdk Parameter Tool.

Procedure

  1. Choose Resource > Common from the menu bar.

  2. Choose Add Resource > Add Resource.
  3. Choose Storage Subnet > Huawei Storage.
  4. In Basic Information, enter parameters of the storage device that you want to discover.

    Parameter

    Description

    Setting

    Subnet

    Indicates the subnet to which the storage device belongs.

    [Example]

    root

    IP

    Indicates the management IP address of the storage device.

    NOTE:

    When the high-end storage devices are discovered, you need set the IP address to bearing device management IP address. If OceanStor 18000 series devices are discovered, the IP address is the SVP server IP address.

    [Value range]

    • From left to right, the value of the first byte ranges from 1 to 255.
    • The values of the other bytes range from 0 to 255.

    [Example]

    10.10.10.70

    Name

    Set the name of the storage device.

    NOTE:
    • The name is a string of 1 to 128 characters.
    • The name contains letters, digits, _, -, ., (, ), or spaces.

    [Example]

    storageA

    Device series

    Indicates the storage device model.

    NOTE:

    The OceanStor 9000E belongs to OceanStor 9000.

    [Example]

    OceanStor T

    Version

    Indicates the storage device model.

    NOTE:

    This parameter is valid when the storage device model is OceanStor T, OceanStor 18000, or OceanStor S5000.

    [Example]

    V200R002

  5. Set protocol parameters based on selected Model.

    NOTE:
    • OceanStor VIS devices do not support certificate replacement. Accessing OceanStor VIS devices may cause security risks.
    • NFV device alarms can be reported through SNMPv3. Trap IP addresses cannot be automatically registered. Alarms cannot be manually synchronized. After an alarm is cleared, the alarm on the device cannot be cleared synchronously.
    • REST
    NOTE:
    • OceanStor UDS V100R002C00 does not support Alarm Notification.
    • The FusionStorage Object V100R006 device port is 8088.
    • The docking default user of FusionStorage BLOCK is cmdadmin.
    • The session timeout interval configured on the device must be longer than the ping period between eSight and the device. Otherwise, an alarm indicating that the device information fails to be obtained is generated when a device is connected to eSight. The default ping period between eSight and the device is 5 minutes. You are advised not to change the ping period. For details about the session timeout interval configured on the device, see the product documentation of the device.

    Parameter

    Description

    Setting

    Username

    Indicates the user name of the storage device management system.

    [Example]

    admin

    Password

    Indicates the password of the storage device management system.

    [Example]

    password

    Port

    Port number used for accessing a specific storage device.

    [Value range]

    The value ranges from 1 to 65535.

    [Example]

    28443

    • SMI-S
    NOTE:
    • You are advised to set SSL to Enabled, when choose SMI-S in the Protocol.
    • Keep default values of Port and Namespace.

    Parameter

    Description

    Setting

    Username

    Indicates the user name of the storage device management system.

    The default user name is admin, and user admin can create administrators.

    [Example]

    admin

    Password

    Indicates the password of the storage device management system.

    [Example]

    password

    SSL protocol

    NOTE:

    Before setting SSL to Enabled, check whether the device you want to discover supports the SSL mode. If the device does not support the SSL mode, the eSight may not discover it.

    Indicates whether to enable Secure Sockets Layer (SSL) for the storage device.

    [Example]

    Enabled

    Port

    Port number used for accessing a specific storage device.

    [Value range]

    The value ranges from 1 to 65535.

    [Example]

    5989

    Namespace

    Namespace of the storage device.

    [Example]

    interop

    • SNMP
    NOTE:
    • Before the SNMPv2c protocol is used, you must log in to the device and turn on the SNMPv2c protocol switch.For settings of different devices, see their product documentations on http://support.huawei.com.
    • If using the SNMPv3 protocol, Huawei storage devices do not provide default USM users. You can set SNMP parameters on DeviceManager or using CLI commands. For settings of different devices, see their product documentations on http://support.huawei.com.
    • The security of SNMPv2c is low. SNMPv3 is recommended. In the mean time, secure authentication protocol HMAC_SHA and data encryption protocol AES are recommended.

    Parameter

    Description

    Setting

    Type

    SNMP template used for storage device management, including SNMPv3 and SNMPv2c.

    [Example]

    SNMPv3

    The Type is SNMPv2c

    Port

    Port number used for accessing a specific storage device.

    [Value range]

    The value ranges from 1 to 65535.

    [Example]

    161

    Attempts

    Times for sending an SNMP operation. If this number of times is exceeded, the SNMP operation will be discarded.

    [Value range]

    The value ranges from 1 to 20.

    [Example]

    10

    Timeout

    Wait time after a protocol message is sent.

    [Value range]

    The value ranges from 1 to 60.

    [Example]

    10

    Read community

    Read community name that is used by eSight to send a GET request to an NE. The value must be the same as the read community name configured on devices.

    [Example]

    team1

    Write community

    Write community name that is used by eSight to send a SET request to an NE. The value must be the same as the write community name configured on devices.

    [Example]

    team1

    The Type is SNMPv3

    Port

    Port number used for accessing a specific storage device.

    [Value range]

    The value ranges from 1 to 65535.

    [Example]

    161

    Attempts

    Times for sending an SNMP operation. If this number of times is exceeded, the SNMP operation will be discarded.

    [Value range]

    The value ranges from 1 to 20.

    [Example]

    10

    Timeout

    Wait time after a protocol message is sent.

    [Value range]

    The value ranges from 1 to 60.

    [Example]

    10

    Username

    Indicates the user name specified in the SNMP protocol, and must be the same as that in the SNMP parameters configured for the storage device.

    [Example]

    admin

    Context name

    Name of the environment engine.

    NOTE:

    The context name is mandatory for the following devices:

    • OceanStor T series (V100R001, V100R002, and V100R005)
    • OceanStor VIS6000 and OceanStor VIS6000T
    • OceanStor 9000
    • OceanStor CSE
    • OceanStor N8500(V2R1/V2R2)
    • FusionStorage Block
    • FusionStorage File /FusionStorage Object

    [Example]

    cd

    NOTE:

    FusionStorage Block use Array.

    Context engine ID

    Unique identifier of an SNMP engine.

    This ID is used together with the environment name to determine an environment that uniquely identifies an SNMP entity.

    [Example]

    -

    Authentication protocol

    Protocol used for verifying messages, select HMAC_MD5, HMAC_SHA or None.

    NOTE:

    You are advised to use the HMAC_SHA protocol, the HMAC_MD5 protocol causes security risk.

    [Example]

    None

    Authentication password

    If the HMAC_MD5 or HMAC_SHA protocol is selected, you need to set the authentication password.

    [Example]

    -

    Privacy protocol

    Encryption protocol used when encapsulating data, select DES, AES or None.

    • DES: indicates the Data Encryption Standard (DES), which is an international encryption algorithm with the key length of 56 characters.
    • AES: indicates the Advanced Encryption Standard (AES). There are three types of key lengths, including 128 characters, 192 characters, and 256 characters. These types of key length can provide the security protection of different levels.
    NOTE:

    You are advised to select the AES protocol, the AES protocol has security more than the DES protocol.

    [Example]

    None

    Privacy password

    If the Privacy protocol is DES or AES, you need to set the data encryption password.

    [Example]

    -

    • TLV
    NOTE:

    OceanStor TLV (V100R005C00) devices use non-security channels for discovery, which may leak device information.

    Parameter

    Description

    Setting

    Username

    Indicates the user name of the storage device management system.

    [Example]

    admin

    Password

    Indicates the password of the storage device management system.

    [Example]

    password

    Port

    Port number used for accessing a specific storage device.

    [Value range]

    The value ranges from 1 to 65535.

    [Example]

    19001

    • SSH

      Parameter

      Description

      Setting

      Username

      Indicates the user name of the storage device management system.

      [Example]

      admin

      Password

      Indicates the password of the storage device management system.

      [Example]

      password

      Port

      Port number used for accessing a specific storage device.

      [Value range]

      The value ranges from 1 to 65535.

      [Example]

      22

  6. To access a storage device in non-SNMP mode, you must set alarm notification parameters.

    Set alarm notification based on the description of SNMP.

  7. Click OK.

    NOTE:
    • Click Apply to create more NEs.
    • When adding the Huawei storage device, the process is displayed in the page, you can operate other steps.
    • If the NE is created successfully, on the menu bar, choose Resource > Storage Subnet, choose Storage > Storage Device, the NE is displayed in the list.
    • If the NE cannot be created, the Error dialog box is displayed. Click OK to set the parameters again.

Follow-up Procedure

The access parameters and protocol parameters are required for the communication between the eSight and NE. If the access parameters or protocol parameters of the NE changes, synchronize the parameters of the eSight with that of the NE to ensure normal communication, refer to Configuring Huawei Storage Reporter Access Parameters or Configuring Huawei Storage Protocol Parameters and Event Notification.

Adding a Single Third Party Storage Device

If you want a few third party devices to access the eSight, you can add third party devices one by one.

Prerequisites

  • You have obtain the IP address, user name, and password of the device.
  • Storage manager has been installed.

Context

Before connecting to the devices, you need to understand the specific device names, and methods of adding the third party storage devices to eSight. For devices that have preset management functions, the supported protocols see Support Device Access Protocol and Methods of Adding the Devices. For devices that do not have preset management functions, the SMI-S protocol must be supported for the devices to connect to eSight.

For details about how to obtain configuration parameters for adding devices to eSight, see the product documents of related devices.

You need to configure jdk parameters if you enable SSL for the first time. For details about how to configure the jdk parameter, see JDK Parameter Setting Tool.

Procedure

  1. Choose Resource > Common from the menu bar.

  2. Choose Add Resource > Add Resource.
  3. Choose Storage Subnet > Third Party Storage.
  4. In Basic Information, enter parameters of the storage device that you want to discover.

    Parameter

    Description

    Setting

    Subnet

    Indicates the subnet where the storage device resides.

    [Example]

    root

    IP

    NOTE:

    If the third party storage devices are discovered by SMI-S protocol, you need set the IP address to bearing device management IP address. It is the Provider server IP address.

    Indicates the management IP address of the storage system.

    [Value range]

    • From left to right, the value of the first byte ranges from 1 to 255.
    • The values of the other bytes range from 0 to 255.

    [Example]

    10.10.10.70

    Name

    Set the name of the storage device.

    NOTE:
    • The name is a string of 1 to 128 characters.
    • The name contains letters, digits, _, -, ., (, ), or spaces.

    [Example]

    storageA

    Manufacturer

    Manufacturer of the third party storage device.

    Including EMC, HP, IBM, Hitachi, NetApp, Sugon, Inspur, DFT, or Other.

    [Example]

    NetApp

    Model

    Model of the third party storage device.

    NOTE:

    Sugon DS600 is discovered based on the SNMP, Inspur AS400 is discovered based on the SNMP and Telnet protocol, and EMC XtremIO is discovered based on the REST. Other third party storage devices are discovered based on the SMI-S protocol.

    [Example]

    DS600

    Alarm Proxy IP(Optional)

    IP address is used to transmit and report the alarm to the eSight, it is the eSight IP address of the device in common.

    NOTE:
    • The following devices need to configure the IP address:
    • NetApp: NetApp 3992, NetApp 3994, NetApp 4980, NetApp 4988, NetApp 5480, and NetApp 7900
    • Inspur: AS2000(OEM NetApp 7900), AS1000–G6(OEM NetApp 5480), and AS1000-G3(OEM NetApp 4980)
    • DFT: GS3992(OEM NetApp 3992)
    • Sugon: DS8384(OEM NetApp 3994), DS8380(OEM NetApp 3992), DS800-F10(OEM NetApp 4980), and DS800-F20(OEM NetApp 4988)
    • Please setting the correct IP address to ensure the eSight can receive the alarm information. If the IP address is not configured, you can configure the IP address in the Settings > Protocol Parameters page.

    [Value range]

    • From left to right, the value of the first byte ranges from 1 to 255.
    • The values of the other bytes range from 0 to 255.

    [Example]

    10.10.10.70

  5. Set protocol parameters based on selected Vendor and Model.

    • SMI-S
    NOTE:
    • You are advised to set SSL to Enabled, when choose SMI-S in the Protocol.
    • Keep default values of Port and Namespace.

    Parameter

    Description

    Setting

    Username

    Indicates the user name of the storage device management system.

    [Example]

    admin

    Password

    Indicates the password of the storage device management system.

    [Example]

    password

    SSL protocol

    NOTE:

    Before setting SSL to Enabled, check whether the device you want to discover supports the SSL mode. If the device does not support the SSL mode, the eSight may not discover it.

    Indicates whether to enable Secure Sockets Layer (SSL) for the storage device.

    [Example]

    Enabled

    Port

    Port number used for accessing a specific storage device.

    Default port: 5989

    [Value range]

    The value ranges from 1 to 65535.

    [Example]

    5989

    Namespace

    Namespace of the storage device.

    [Example]

    interop

    • SNMP
    NOTE:

    You are advised to use the SNMPv3 protocol, and to use Authentication protocol: HMAC_SHA; Privacy protocol: AES, when choose SNMP in the Protocol.

    Parameter

    Description

    Setting

    Type

    SNMP template used for storage device management, including SNMPv3 and SNMPv2c.

    [Example]

    SNMPv3

    The Type is SNMPv2c

    Port

    Port number used for accessing a specific storage device.

    Default port: 161

    [Value range]

    The value ranges from 1 to 65535.

    [Example]

    161

    Attempts

    Times for sending an SNMP operation. If this number of times is exceeded, the SNMP operation will be discarded.

    [Value range]

    The value ranges from 1 to 20.

    [Example]

    10

    Timeout

    Wait time after a protocol message is sent.

    [Value range]

    The value ranges from 1 to 60.

    [Example]

    10

    Trap Community

    The Trap community is used for alarm report.

    The Trap community entered in eSight must be the same as that in the server to ensure successful alarm report.

    [Value range]

    A string of 1 to 32 characters.

    [Example]

    public

    Confirm Trap Community

    Keep the value same as the Trap community.

    [Value range]

    A string of 1 to 32 characters.

    [Example]

    public

    The Type is SNMPv3

    Port

    Port number used for accessing a specific storage device.

    Default port: 161

    [Value range]

    The value ranges from 1 to 65535.

    [Example]

    161

    Attempts

    Times for sending an SNMP operation. If this number of times is exceeded, the SNMP operation will be discarded.

    [Value range]

    The value ranges from 1 to 20.

    [Example]

    10

    Timeout

    Wait time after a protocol message is sent.

    [Value range]

    The value ranges from 1 to 60.

    [Example]

    10

    Username

    Indicates the user name specified in the SNMP protocol, and must be the same as that in the SNMP parameters configured for the storage device.

    [Example]

    admin

    Context name

    Name of the environment engine.

    [Example]

    cd

    Context engine ID

    Unique identifier of an SNMP engine.

    This ID is used together with the environment name to determine an environment that uniquely identifies an SNMP entity.

    [Example]

    -

    Authentication protocol

    Protocol used for verifying messages, select HMAC_MD5, HMAC_SHA or None.

    NOTE:

    You are advised to use the HMAC_SHA protocol, the HMAC_MD5 protocol causes security risk.

    [Example]

    None

    Authentication password

    If the HMAC_MD5 or HMAC_SHA protocol is selected, you need to set the authentication password.

    [Example]

    -

    Privacy protocol

    Encryption protocol used when encapsulating data, select DES, AES or None.

    • DES: indicates the Data Encryption Standard (DES), which is an international encryption algorithm with the key length of 56 characters.
    • AES: indicates the Advanced Encryption Standard (AES). There are three types of key lengths, including 128 characters, 192 characters, and 256 characters. These types of key length can provide the security protection of different levels.
    NOTE:

    You are advised to select the AES protocol, the AES protocol has security more than the DES protocol.

    [Example]

    None

    Privacy password

    If the Privacy protocol is DES or AES, you need to set the data encryption password.

    [Example]

    -

    • Telnet
    NOTE:

    The Inspur AS400 is discovered on the Telnet protocol, could cause the device to sensitive information leakage.

    Parameter

    Description

    Setting

    Username

    Indicates the user name of the storage device management system.

    [Example]

    admin

    Password

    Indicates the password of the storage device management system.

    [Example]

    password

    • REST
    NOTE:

    The EMC device (XtremIO) is connected to eSight using the REST protocol, and the device does not have a port number.

    Parameter

    Description

    Setting

    Username

    Indicates the user name of the storage device management system.

    [Example]

    admin

    Password

    Indicates the password of the storage device management system.

    [Example]

    password

  6. To access a storage device in non-SNMP mode, you must set alarm notification parameters.

    Set alarm notification based on the description of SNMP.

  7. Click OK.

    NOTE:

    Click Apply to create more NEs.

    • If the NE is created successfully, on the menu bar, choose Resource > Storage Subnet, choose Storage > Storage Device, the NE is displayed in the list.
    • If the NE cannot be created, the Error dialog box is displayed. Click OK to set the parameters again.

Follow-up Procedure

The protocol parameters are required for the communication between the eSight and NE. If the protocol parameters of the NE changes, synchronize the parameters of the eSight with that of the NE to ensure normal communication, refer to Configuring Third-Party Storage Protocol Parameters and Event Notification.

Adding a Single Fibre Channel Switch

For the eSight to discover FC switches, first complete required configurations on the FC switches. The following explains how to configure an FC switch before performing device discovery.

Configuring Qlogic Switch Parameters

For the eSight to discover FC switches, first complete required configurations on the FC switches. The following explains how to configure an FC switch before performing device discovery.

Procedure

  1. Configure an IP address for the Qlogic FC switch.

    1. On the CLI of the switch, run the admin start to open Admin session.
    2. For example, run the set setup system ipv4 command to configure IPv4 parameters.
      SNS2120 (admin) #> set setup system ipv4 
        A list of attributes with formatting and current values will follow. 
        Enter a new value or simply press the ENTER key to accept the current value. 
        If you wish to terminate this process before reaching the end of the list 
        press 'q' or 'Q' and the ENTER key to do so. 
        Current Values: 
          EthIPv4NetworkEnable    True 
          EthIPv4NetworkDiscovery Static 
          EthIPv4NetworkAddress xxx.xxx.xxx.xxx 
          EthIPv4NetworkMask     xxx.xxx.xxx.xxx 
          EthIPv4GatewayAddress xxx.xxx.xxx.xxx 
        New Value (press ENTER to accept current value, 'q' to quit, 'n' for none): 
        EthIPv4NetworkEnable    (True / False)                   :True  
        EthIPv4NetworkDiscovery (1=Static, 2=Bootp, 3=Dhcp, 4=Rarp) :1     
        EthIPv4NetworkAddress (dot-notated IP Address) :192.168.24.130  
        EthIPv4NetworkMask (dot-notated IP Address) :255.255.0.0       
        EthIPv4GatewayAddress  (dot-notated IPv4 Address)     :192.168.0.1  
        Do you want to save and activate this system setup? (y/n): [n] y     

  2. Run the set setup services command to enable the SNMP Agent function. Examples are as follows.

    SNS2120 (admin) #> set setup services 
      A list of attributes with formatting and current values will follow. 
      Enter a new value or simply press the ENTER key to accept the current value. 
      If you wish to terminate this process before reaching the end of the list 
      press 'q' or 'Q' and the ENTER key to do so. 
      PLEASE NOTE: 
      -----------  
      * Further configuration may be required after enabling a service. 
      * If services are disabled, the connection to the switch may be lost. 
      * When enabling SSL, please verify that the date/time settings 
        on this switch and the workstation from where the SSL connection 
        will be started match, and then a new certificate may need to be 
        created to ensure a secure connection to this switch. 
      TelnetEnabled        (True / False)  [True ] 
      SSHEnabled           (True / False)  [True ] 
      GUIMgmtEnabled      (True / False)  [True ] 
      SSLEnabled           (True / False)  [False] 
      EmbeddedGUIEnabled (True / False)  [True ] 
      SNMPEnabled          (True / False)  [True ] 
      NTPEnabled           (True / False)  [False] 
      CIMEnabled           (True / False)  [True ] 
      FTPEnabled           (True / False)  [True ] 
      MgmtServerEnabled    (True / False)  [True ] 
      CallHomeEnabled      (True / False)  [True ] 
      Do you want to save and activate this services setup? (y/n): [n] y     

  3. Run the following command to enable the switch to support the SNMP protocol. After the command execution, the switch can receive SNMP requests of all versions.

    Run the set setup snmp common command, set the SNMPv3Enabled parameter is True to activate SNMP V3. Examples are as follows.

    SNS2120 (admin) #> set setup snmp common 
    A list of attributes with formatting and current values will follow. 
      Enter a new value or simply press the ENTER key to accept the current value. 
      If you wish to terminate this process before reaching the end of the list 
      press 'q' or 'Q' and the ENTER key to do so. 
      Current Values: 
        SnmpEnabled      True 
        Contact          <sysContact undefined> 
        Location         <sysLocation undefined> 
        ReadCommunity    public 
        WriteCommunity private 
        AuthFailureTrap  False 
        ProxyEnabled     True 
        SNMPv3Enabled    False 
      New Value (press ENTER to not specify value, 'q' to quit): 
        SnmpEnabled      (True / False)         : 
        Contact          (string, max=64 chars) : 
        Location         (string, max=64 chars) : 
        ReadCommunity    (string, max=32 chars) : 
        WriteCommunity (string, max=32 chars) : 
        AuthFailureTrap  (True / False)         : 
        ProxyEnabled     (True / False)         : 
        SNMPv3Enabled    (True / False)         : t 
      Do you want to save and activate this snmp setup? (y/n): [n] y     

  4. Create parameters for discovering switch SNMP V3.

    Run the snmpv3user add command to Creating an SNMP user account, examples are as follows.

    SNS2120 (admin) #> snmpv3user add 
          A list of SNMPV3 user attributes with formatting and default values as 
          applicable will follow. 
          Enter a new value OR simply press the ENTER key where-ever allowed to 
          accept the default value. 
          If you wish to terminate this process before reaching the end of the list, 
          press "q" or "Q" and the ENTER OR "Ctrl-C" key to do so. 
      Username        (8-32 chars)                           : snmpuser1 
      Group           (0=ReadOnly, 1=ReadWrite) [ReadOnly  ] : 1 
      Authentication  (True/False)              [False     ] : t 
      AuthType        (1=MD5, 2=SHA)            [MD5       ] : 1 
      AuthPhrase      (8-32 chars)                           : *********** 
      Confirm AuthPhrase                                     : *********** 
      Privacy         (True/False)              [False     ] : t 
      PrivType        (1=DES)                   [DES       ] : 1 
      PrivPhrase      (8-32 chars)                           : ******** 
      Confirm PrivPhrase                                     : ******** 
      Do you want to save and activate this snmpv3user setup ? (y/n): [n] y 
      SNMPV3 user added and activated.     

  5. Run the admin stop command to exit from Admin session.
  6. Run the quit command to quit the current network settings.

Setting Parameters for Brocade or Huawei SNS FC Switches

Before eSight discovers Brocade or Huawei SNS FC switches, you need to install the Brocade Network Advisor (BNA) and perform related configurations on the switches.

Prerequisites

  • You have downloaded the BNA software package of 14.3 or a later version from the Brocade official website (www.brocade.com).
    NOTE:

    The BNA is a third-party switch management software. The operations in this section are for reference only. For details, see the Brocade official website (www.brocade.com).

  • The BNA and eSight are deployed on different servers.
  • The user-provided servers or VMs, FC switches, and eSight server can properly communicate with each other. Interaction ports have been enabled on the firewall between nodes to ensure normal communication.
  • A server or VM where the BNA is installed has been prepared, and port 80 is not in use.
    • For details about the software and hardware requirements on the server for installing the BNA, see "Installation > System requirements" in the Installation_Guide (Installation_Guide.pdf). Generally, the Installation Guide is stored in the documentation directory of the BNA installation package.
    • Preconfigurations are required for the Linux operating system. For details, see "Installation > Pre-installation requirement" in the Installation Guide (Installation_Guide.pdf).

  • The JRE 1.7 has been installed on the BNA server. If the operating system is of the 64-bit version, the 64-bit JRE1.7 must be installed.

Network Topology

The following figure shows the topology between FC switches and eSight.

Procedure

  • Running the installation program

    You need to run the installation program as the Administrator user in the Windows operating system and as the root user in the Linux operating system.

    • Linux operating system
      1. Upload the BNA software package to the server and decompress it.
      2. Go to the Decompressed directory/Linux_64 directory and run the following command to change the permission on install.bin to executable:

        chmod +x install.bin

      3. Run the following commands to run the installation program:

        sh install.bin

    • Windows operating system
      1. Upload the BNA software package to the server and decompress it.
      2. Run install.exe in the BNA software package name\Windows directory.
  • Installing the management software
    1. When the Select Install Folder window is displayed, select an installation path, as shown in Figure 1.
      Figure 10-5 Select Install Folder window
    2. In the Package window, select SMI Agent Only, as shown in Figure 2.
      Figure 10-6 Package window
    3. On the Server IP Configuration page, set the IP address to the operating system IP address of the PC where the installation software is located. If you do not need to change the IP address, use the default value, as shown in Figure 3.
      Figure 10-7 Server IP Configuration window
    4. In the Server Configuration window, enter the port number. If you do not need to change the port number, use the default value, as shown in Figure 4.
      Figure 10-8 Server Configuration window
    5. On the SMI Agent Configuration page, select the management scale based on the site requirements, as shown in Figure 5.
      Figure 10-9 Server Configuration window
    6. Use default values for parameters in other windows and click Finish.
  • Setting switch parameters
    1. In the bin directory of the BNA installation path, double-click smc.bat. The Server Management Console window is displayed, as shown in Figure 6.
      Figure 10-10 Server Management Console window
    2. Click Configure SMI Agent. The window shown in Figure 7 is displayed.
      Figure 10-11 Configuration window
    3. Set User ID and Password, and click Login. The window shown in Figure 8 is displayed.

      The default user name and password are administrator and password, respectively.

      Figure 10-12 SMIA Configuration Tool window
    4. Click Options. The window shown in Figure 9 is displayed.
      Figure 10-13 Options window
    5. Choose Software Configuration > Product Communication from the navigation tree on the left.
    6. Click HTTPS then HTTP.
    7. Click OK.
    8. Click Fabric Discovery in the SMIA Configuration Tool window. The window shown in Figure 10 is displayed.
      Figure 10-14 Discover Fabrics window
    9. Click Add, configure switch information including the name, IP address, user name, and password, and click OK. The switch is added to the agent and the window shown in Figure 11 is displayed.
      Figure 10-15 Add Fabric Discovery window
    10. Click OK. The window shown in Figure 12 is displayed.
      Figure 10-16 Configuration success
    11. Log in to eSight and set Brocade switch parameters, as shown in Figure 13.
      Figure 10-17 Setting Brocade switch parameters
      NOTE:
      • The IP address is the IP address of the operating system where the agent is installed instead of the IP address of the switch. You are advised to use the SMI-S protocol, and set the user name and password to administrator and password, respectively.
      • If Enable SSL is selected during the installation, you need to select the discovery parameter Enable SSL and set the port number to that configured during the installation. (By default, 5989 is enabled and 5988 is disabled.)
      • To enable SSL for the first time, you need to set JDK parameters. For details, see JDK Parameter Setting Tool.
    12. Click OK.
  • Configuring the alarm reporting

    To ensure that eSight can properly receive alarms reported by Brocade switches, you need to manually add eSight trap information to Brocade switches. The procedure is as follows:

    1. Open the Web Tools tool of the Brocade switch and choose Configure > Switch Admin.
    2. In the Switch Administration dialog box that is displayed, click Show Advanced Mode and click the SNMP tab. For SNMPv1 alarm reporting, configure the SNMPv1 Community/Trap Recipient list. Add the eSight IP address to Recipient in the SNMPv1 Community/Trap Recipient list and click Apply.
      NOTE:

      If southbound and northbound services are separated for eSight, the eSight IP address here refers to the southbound IP address.

      If the option is dimmed, you need to log in to the Brocade switch as the admin user and run the snmpconfig --enable snmpv1 command to enable the SNMPv1 protocol. After the command is executed, you need to log in to the BNA, choose Server Management Console, and click Restart on the Services tab page to restart the service.

      If SNMPv1 is used, you need to deselect Enable Authentication trap, as shown in Figure 14.

      Figure 10-18 Switch Administration window
      NOTE:

      The SNMPv1 protocol is configured on the Brocade switch. However, the SNMPv2 protocol is used when you connect the switch to eSight.

Adding Fibre Channel Switch

If you want a few Fibre Channel switches to access the eSight, you can add Fibre Channel switches one by one.

Prerequisites

  • Storage manager has been installed.
  • You have obtain the IP address, user name, and password of the device.
  • For the eSight to discover Fibre Channel switches, first complete required configurations on the Fibre Channel switches. The following explains how to configure a Fibre Channel switch before performing device discovery.

You need to configure jdk parameters if you enable SSL for the first time. For details about how to configure the jdk parameter, see JDK Parameter Setting Tool.

Procedure

  1. Choose Resource > Common from the menu bar.

  2. Choose Add Resource > Add Resource.
  3. Choose Storage Subnet > FC Switch in the function panel.
  4. In Basic Information, enter parameters of the Fibre Channel switch that you want to discover.

    Parameter

    Description

    Setting

    Subnet

    Indicates the subnet where the Fibre Channel switch resides.

    [Example]

    root

    IP

    Indicates the management IP address of the Fibre Channel switch.

    NOTE:

    [Value range]

    • From left to right, the value of the first byte ranges from 1 to 255.
    • The values of the other bytes range from 0 to 255.

    [Example]

    10.10.10.70

    Name

    Set the name of the Fibre Channel switch.

    NOTE:
    • The name is a string of 1 to 128 characters.
    • The name contains letters, digits, _, -, ., (, ), or spaces.

    [Example]

    fcswitchA

    Factory

    Vendor of the Fibre Channel switch.

    • If Qlogic is selected, set the SNMP protocol parameters.
    • If Brocade is selected, set the SMI-S protocol parameters.
    • If Huawei is selected, set the SNMP and SMI-S protocol parameters.

    [Example]

    Qlogic

  5. Set protocol parameters based on selected Vendor.

    NOTE:

    Add the Huawei switch in the SNMP protocol. If the switch uses the SNMPv2c protocol, you need to select the SNMPv2c protocol to discover the switch. If the switch uses the SNMPv3 protocol, you need to select the SNMPv3 protocol.

    • SMI-S
    NOTE:
    • You are advised to set SSL to Enabled, when choose SMI-S in the Protocol.
    • Keep default values of Port and Namespace.

    Parameter

    Description

    Setting

    Username

    Indicates the user name of the Fibre Channel switch management system.

    [Example]

    administrator

    Password

    Indicates the password of the Fibre Channel switch management system.

    [Example]

    password

    SSL protocol

    NOTE:

    Before setting SSL to Enabled, check whether the device you want to discover supports the SSL mode. If the device does not support the SSL mode, the eSight may not discover it.

    Indicates whether to enable Secure Sockets Layer (SSL) for the storage device.

    [Example]

    Enabled

    Port

    Port number used for accessing a specific Fibre Channel switch.

    Default port: 5989

    [Value range]

    The value ranges from 1 to 65535.

    [Example]

    5989

    Namespace

    Namespace of the Fibre Channel switch.

    [Example]

    interop

    • SSH
      Used to get device flow information.

      Parameter

      Description

      Setting

      Username

      Indicates the user name of the storage device management system.

      [Example]

      admin

      Password

      Indicates the password of the storage device management system.

      [Example]

      password

      Port

      Port number used for accessing a specific storage device.

      [Value range]

      The value ranges from 1 to 65535.

      [Example]

      22

    • SNMP
    NOTE:

    You are advised to use the SNMPv3 protocol, and to use Authentication protocol: HMAC_SHA; Privacy protocol: AES, when choose SNMP in the Protocol.

    Parameter

    Description

    Setting

    Type

    SNMP type for a Fibre Channel switch. Possible values are SNMPv1/SNMPv3/SNMPv2c.

    [Example]

    SNMPv3

    The Type is SNMPv2c

    Port

    Port number used for accessing a specific Fibre Channel switch.

    Default port: 161

    [Value range]

    The value ranges from 1 to 65535.

    [Example]

    161

    Attempts

    Times for sending an SNMP operation. If this number of times is exceeded, the SNMP operation will be discarded.

    [Value range]

    The value ranges from 1 to 20.

    [Example]

    10

    Timeout

    Wait time after a protocol message is sent.

    [Value range]

    The value ranges from 1 to 60.

    [Example]

    10

    Trap Community

    The Trap community is used for alarm report.

    The Trap community entered in eSight must be the same as that in the server to ensure successful alarm report.

    [Value range]

    A string of 1 to 32 characters.

    [Example]

    public

    Confirm Trap Community

    Keep the value same as the Trap community.

    [Value range]

    A string of 1 to 32 characters.

    [Example]

    public

    The Type is SNMPv3

    Port

    Port number used for accessing a specific Fibre Channel switch.

    Default port: 161

    [Value range]

    The value ranges from 1 to 65535.

    [Example]

    161

    Attempts

    Times for sending an SNMP operation. If this number of times is exceeded, the SNMP operation will be discarded.

    [Value range]

    The value ranges from 1 to 20.

    [Example]

    10

    Timeout

    Wait time after a protocol message is sent.

    [Value range]

    The value ranges from 1 to 60.

    [Example]

    10

    Username

    User name specified in the SNMP protocol, and must be the same as that in SNMP parameters configured for the system.

    [Example]

    admin

    Context name

    Name of the environment engine.

    [Example]

    cd

    Context engine ID

    Unique identifier of an SNMP engine.

    This ID is used together with the environment name to determine an environment that uniquely identifies an SNMP entity.

    [Example]

    -

    Authentication protocol

    Protocol used for verifying messages, select HMAC_MD5, HMAC_SHA or None.

    NOTE:

    You are advised to use the HMAC_SHA protocol, the HMAC_MD5 protocol causes security risk.

    [Example]

    None

    Authentication password

    If the HMAC_MD5 or HMAC_SHA protocol is selected, you need to set the authentication password.

    [Example]

    -

    Privacy protocol

    Encryption protocol used when encapsulating data, select DES, AES or None.

    • DES: indicates the Data Encryption Standard (DES), which is an international encryption algorithm with the key length of 56 characters.
    • AES: indicates the Advanced Encryption Standard (AES). There are three types of key lengths, including 128 characters, 192 characters, and 256 characters. These types of key length can provide the security protection of different levels.
    NOTE:

    You are advised to select the AES protocol, the AES protocol has security more than the DES protocol.

    [Example]

    None

    Privacy password

    If the Privacy protocol is DES or AES, you need to set the data encryption password.

    [Example]

    -

    Trap Community

    The Trap community is used for alarm report.

    The Trap community entered in eSight must be the same as that in the server to ensure successful alarm report.

    [Value range]

    A string of 1 to 32 characters.

    [Example]

    public

    Confirm Trap Community

    Keep the value same as the Trap community.

    [Value range]

    A string of 1 to 32 characters.

    [Example]

    public

  6. To access a storage device in non-SNMP mode, you must set alarm notification parameters.

    Set alarm notification based on the description of SNMP.

  7. Click OK.

    NOTE:

    Click Apply to create more NEs.

    • If the NE is created successfully, on the menu bar, choose Resource > Storage Subnet, choose FC Switch, the NE is displayed in the list.
    • If the NE cannot be created, the Error dialog box is displayed. Click OK to set the parameters again.

Follow-up Procedure

The protocol parameters are required for the communication between the eSight and NE. If the protocol parameters of the NE changes, synchronize the parameters of the eSight with that of the NE to ensure normal communication, refer to Configuring Protocol Parameters and Event Notification.

Adding a Single Host

If you want to add a few hosts to eSight, you can add them one by one.

Prerequisites

  • You have obtained the IP address, user name, and password of the host, and the user name and password of the database.
  • The host management component has been installed.
  • The ethtool and dmidecode component packages have been installed on the host running the Euler operating system.
    NOTE:

    You can log in to the host as the administrator and run the rpm -q ethtool dmidecode command to check whether the ethtool and dmidecode component packages have been installed on the host. If the packages have not been installed, contact Huawei technical support.

Context

Before adding a host, you need to understand the operating system supported by the host, protocol type, and adding mode. The following table describes the information.

Operating System

Support the Protocol (Y/N)

Support Batch Import (Y/N)

Support Single Addition (Y/N)

-

HTTPS

WMI

SSH

-

Windows

Y (agent discovery)

Y (agentless discovery)

N

Y

Y

Linux

Y (agent discovery)

N

Y (agentless discovery)

Y

Y

NOTE:
  • When the HTTPS protocol (agent) is used for automatic discovery, the authentication mode is certificate and the port number is 43156. If the firewall on the host is enabled, you need to configure the firewall to exclude port 43156. For details, see eSight Cannot Discover Hosts After the Agent is Configured.
  • Resources added in the host mode are used for storage network analysis.

Procedure

  1. Choose Resource > Common from the menu bar.

  1. Choose Add Resource > Add Resource.
  2. Choose Storage Subnet > Host in information display area on the right.
  3. Set basic parameters for the host to be discovered in Basic Information.

    Parameter

    Description

    Setting

    Subnet

    Subnet of the host.

    [Example]

    root

    IP address

    Host IP address.

    [Value range]

    • The value of the first field from left to right ranges from 1 to 255.
    • The value of other fields ranges from 0 to 255.

    [Example]

    10.10.10.70

    Name

    Name of the host to be discovered.

    NOTE:
    • The name can contain 1 to 128 characters.
    • The name can contain only letters, digits, Chinese characters, underscores (_), hyphens (-), periods (.), brackets, and space characters.

    [Example]

    host00

    Operating system

    Operating system type of the host to be discovered. The options include Windows and Linux.

    [Example]

    Windows

  4. Set protocol parameters for based on the value of Operating system.

    NOTE:

    The host agent is installed on the managed host. For details about the host agent deployment, see Managing Host Agent.

    • Windows
    NOTE:

    When the WMI protocol is used to discover devices, data may be cracked. If the agent is deployed on the target device, the agent mode is recommended.

    Parameter

    Description

    Setting

    Agent discovery

    HTTPS

    Database authentication method

    Identity authentication mode. The options include Database authentication and Operating system authentication.

    [Example]

    Operating system authentication

    Database username

    Database user name.

    [Example]

    user1

    Database password

    Password of the database.

    [Example]

    password

    Agentless discovery

    WMI

    Host username

    Host name. Enter the administrator name of the host operating system.

    [Example]

    user1

    Host password

    Host password. Enter the administrator password of the host operating system.

    [Example]

    password

    Database authentication method

    Identity authentication mode. The options include Database authentication and Operating system authentication.

    [Example]

    Operating system authentication

    Database username

    Database user name.

    [Example]

    user1

    Database password

    Password of the database.

    [Example]

    password

    • Linux

      Parameter

      Description

      Setting

      Agent discovery

      HTTPS

      For details, see HTTPS parameters for the Windows operating system.

      Agentless discovery

      SSH

      Host username

      Host name. Enter the administrator name of the host operating system.

      [Example]

      host

      Host password

      Host password. Enter the administrator password of the host operating system.

      [Example]

      password

      Database authentication method

      Identity authentication mode. The options include Database authentication and Operating system authentication.

      [Example]

      Operating system authentication

      Database username

      Database user name.

      [Example]

      user1

      Database password

      Password of the database.

      [Example]

      password

  5. Click OK.

    NOTE:

    You can click Apply and continue to create more devices.

    • If the NE is created successfully, the NE is displayed in the managed object list.
    • If the NE fails to be created, an error message is displayed. In this case, click OK and reset the parameters.

Follow-up Procedure

Protocol parameters are required to implement communication between NEs and eSight. When protocol parameters are modified on the NEs, you need to modify parameters on eSight accordingly. For details, see Configuring Protocol Parameters.

After adding a host, create a performance collection task for the host based on the following table.

Scenario

Host Quantity

Collection Period

High configuration

  • CPU: 40 core, 2 GHz or above
  • Memory: 64 GB or above

1000≤ Host quantity ≤2000

One hour or longer

500≤ Host quantity <1000

30 minutes or longer

Host quantity < 500

15 minutes or longer

Standard configuration

  • CPU: 12 core, 2 GHz or above
  • Memory: 32 GB or above

200≤ Host quantity < 500

30 minutes or longer

Host quantity < 200

15 minutes or longer

NOTE:

In the Windows operating system, performance indicators of the original network port cannot be collected when network ports are bound. The bond port does not support the packet per second (PPS) indicator.

Auto Discovery for Devices

You can apply the automatic device discovery function to discover devices in batches if all devices in an IP network segment need to be connected to and establish communication with the eSight. The function saves time.

Prerequisites

  • You have the operation rights for Access Resource.
  • Protocol settings have been complete.
  • The storage device management component has been installed if storage devices or Fibre Channel switches need to be discovered automatically.
  • The host management component has been installed if hosts need to be discovered automatically.
  • If the storage certificate authentication function has been enabled, ensure that storage device certificates are imported. For details, see (Optional) Storage Certificate Authentication.

Context

The eSight provides three automatic device discovery modes by network segment, by ARP, and by router. You can also add network segments or IP addresses of the devices that do not need to be discovered to an exclusion list. During automatic device discovery, the eSight automatically skips the network segments or IP addresses in the exclusion list.

Automatic discovery tasks are classified into one-off tasks and scheduled tasks. One-off tasks are executed immediately but you can determine whether to execute scheduled tasks immediately.

You need to configure jdk parameters if you enable SSL for the first time. For details about how to configure the jdk parameter, see Configuring the jdk Parameter Tool.

Procedure

  1. Plan the automatic device discovery mode, discovery task type, and exclusion list.

    NOTE:

    The passwords of hosts that are connected in Agentless mode can be changed, whereas those of hosts that are connected in Agent mode cannot be changed.

  2. Add the network segments or IP addresses of the devices that do not need to be discovered to the exclusion list. The task will automatically skip the network segments or IP addresses.

    Choose Resource > Common from the main menu. Choose Add Resource > Automatic Task Management. On the Exclusion List tab page, create excluded network segments or IP addresses.

  3. Select an automatic device discovery method.

    Choose Resource > Common from the main menu. Choose Add Resource > Automatic Discovery. On the Automatic Discovery page, click Switch to Another Mode in the upper right corner to select a desired mode.

    Most storage devices employ non-SNMP access protocols. For this reason, By network segment (advanced) is recommended.

  4. Set the tasks of an automatic discovery task and create the task.
  5. Confirm the discovery results.

    • You can immediately view the results for the task with Type as Once and the scheduled task that is immediately executed.
    • For the scheduled task that is not immediately executed, choose Resource > Common from the main menu and choose Add Resource > Automatic Task Management, view the discovery results in Discovery Result List.

Adding Storage Devices in Batches

To add a batch of such devices to the eSight, you can enter the device information in an Excel template and import the template to eSight. Then, the eSight adds the devices to the matching subnets automatically.

Prerequisites

  • You have collected the device data.
  • The storage device management component has been installed if storage devices or Fibre Channel switches need to be discovered automatically.
  • The host management component has been installed if hosts need to be discovered automatically.
  • If the storage certificate authentication function has been enabled, ensure that storage device certificates are imported. For details, see (Optional) Storage Certificate Authentication.

Context

  • The batch import may take several minutes.
  • Resources that are added as hosts are used to implement Storage Network Analysis functions.
  • You need to configure jdk parameters if you enable SSL for the first time. For details about how to configure the jdk parameter, see Configuring the jdk Parameter Tool.
  • If you need to batch import more than 500 storage devices after more than 3000 servers are imported, wait one day after the servers are imported. Import a maximum of 100 storage devices at a time and the import interval cannot be shorter than one hour. During the import, do not click a device to open the device page. Otherwise, the page may become blank because too many Oracle resources are occupied. The storage devices can be imported successfully after two days. After the import is completed, the information on the device page can be displayed.

Use the template provided by eSight, and do not perform any modifications on the template structure when entering data; otherwise, devices cannot be imported.

Procedure

  1. Choose Resource > Common from the menu bar.

  1. Choose Add Resource > Import Resource.
  2. In the function pane, select the devices type which need to add..
  3. In the Download template area, click the Excel file template.

    The File Download dialog box is displayed.

  4. Click Save to save the Excel file template locally.
  5. In the configuration file template, enter discovery information about storage devices that need to be batch imported and save the entered information as a configuration file.

    NOTE:
    • Carefully read requirements and restrictions on the Instructions tab of the template and fill in the contents based on the requirements in the template.
    • The Type and Manufacturer content validity are not checked, the background configure the device information from the configuration information when obtaining access device.

  6. On the import device page, click next to Upload File and select the saved Excel file.
  7. Click Upload to upload the Excel file.

    After the configuration file is uploaded, the information about devices that need to be batch imported is displayed.

    NOTE:

    If an entry of information is incorrectly entered, this entry is dimmed, and the error information is displayed.

  8. Select the devices and click Create.

    The system starts to import the devices.

    • If the device is created successfully, the Result column is the resource is created successfully.
    • If some devices fail to be discovered, modify the information about those devices and import and discover them again.
    NOTE:

    You can select a connected device and click Modify Password to change its password to the password in the uploaded template. (The passwords of hosts that are connected in Agentless mode can be changed, whereas those of hosts that are connected in Agent mode cannot be changed.)

(Optional) Storage Certificate Authentication

To enhance the security of communication between eSight and storage devices connected to eSight, you can use the storage certificate authentication function.

Prerequisites

  • The storage certificate authentication function applies to storage devices, except for UDS, that use the REST protocol for connection.
  • The JDK has been installed and configured on the eSight server. The keytool command is a JRE command, which must be executed in the JDK.

Procedure

  • Setting parameters
    1. Open the eSight installation directory\AppBase\etc\esight.storage\certificate\CertificateVerify.xml file.
    2. Modify parameters in the CertificateVerify.xml file. The following table describes the parameters.

      Parameter

      Description

      Value Example

      isVerify

      Indicates whether to enable the storage certificate verification function. The default value is false.

      NOTE:
      • If this parameter is set to true, the storage certificate authentication function is enabled. Storage devices can communicate with eSight only after their certificates are imported to the eSight trust store.
      • If this parameter is set to false, the storage certificate authentication function is disabled. You do not need to import the certificates of storage devices. After disabling the function, you need to restart eSight for the configuration to take effect.

      true or false

      pollingInterval

      Certificate polling period, in days. The default value is 7.

      3

      overdueInterval

      Certificate expiration warning period, in days. The default value is 30.

      10

      • The certificate polling period cannot be greater than the certificate expiration warning period.
      • Before connecting a third-party storage device EMC (XtremIO) to eSight for management, you must import certificate of the third-party device. The device certificate has been imported to the trust store when eSight is delivered. After the certificate expires, you need to import a new certificate.
    3. Save the modification and restart eSight for the modification to take effect.
  • Viewing the certificate
    1. Log in to eSight as the Administrator user in the Windows operating system or as the ossuser user in the Linux operating system.
      NOTE:

      If security hardening has been performed for the Windows operating system, you need to log in to the eSight server as the SWMaster user.

    2. Go to the eSight installation directory\AppBase\jre\bin directory.
    3. Run the following command to view the existing device certificate file:
  • Windows:

    keytool -list -v -keystore ..\..\etc\esight.storage\certificate\trustStore.jks

  • Linux:

    ./keytool -list -v -keystore ../../etc/esight.storage/certificate/trustStore.jks

NOTE:

The initial trust store password is Huawei@123.

Existing device certificates in the trust certificate are displayed in the command output.

  • (Optional) Changing the trust store password
    1. Log in to eSight as the Administrator user in the Windows operating system or as the ossuser user in the Linux operating system.
      NOTE:

      If security hardening has been performed for the Windows operating system, you need to log in to the eSight server as the SWMaster user.

    2. Go to the eSight installation directory\AppBase\jre\bin directory.
    3. Run the following command:
      • Windows:

        keytool -storepasswd -keystore ..\..\etc\esight.storage\certificate\trustStore.jks

      • Linux:

        ./keytool -storepasswd -keystore ../../etc/esight.storage/certificate/trustStore.jks

        The system prompts you to enter the KeyStore password.

    4. Enter the initial password, enter a new password twice as prompted, and press Enter.
    5. Go to the eSight installation directory/AppBase/tools/bmetool/encrypt directory where the encryption tool encrypt is located.
      NOTE:

      The command is executed by the Administrator user in the Windows operating system and by the ossuser user in the Linux operating system.

    6. Run the following command to encrypt the new key store password:
      • Windows: encrypt.bat 0
      • Linux: ./encrypt.sh 0
    7. Enter a new password, and confirm the password as prompted.
    8. Copy the new ciphertext, and replace the original password ciphertext in the eSight installation directory/AppBase/etc/esight.storage/certificate/security.properties file with the new ciphertext.
  • Importing a certificate
    1. Obtain the storage device certificate. For details, contact the storage device vendor.
    2. Log in to eSight as the Administrator user in the Windows operating system or as the ossuser user in the Linux operating system.
      NOTE:

      If security hardening has been performed for the Windows operating system, you need to log in to the eSight server as the SWMaster user.

    3. Back up the trustStore.jks file in eSight installation directory\AppBase\etc\esight.storage\certificate.
    4. Go to the eSight installation directory\AppBase\jre\bin directory.
    5. Run the following command to import the obtained device certificate:
      • Windows:

        keytool -import -alias Certificate alias -keystore ..\..\etc\esight.storage\certificate\trustStore.jks -storepass KeyStore password -file Certificate path and name -trustcacerts

      • Linux:

        ./keytool -import -alias Certificate alias -keystore ../../etc/esight.storage/certificate/trustStore.jks -storepass KeyStore password -file Certificate path and name -trustcacerts

      • The certificate alias must be unique.
      • The certificate path and name can be customized. You are advised not to save the certificate to the eSight installation directory.l

      Command example:

      • Windows:

        "keytool -import -alias devicemanger_ca -keystore ..\..\etc\esight.storage\certificate\trustStore.jks -storepass Huawei@123 -file D:\cert\ca.crt -trustcacerts"

      • Linux:

        " ./keytool -import -alias devicemanger_ca -keystore ../../etc/esight.storage/certificate/trustStore.jks -storepass Huawei@123 -file /opt/cert/ca.crt -trustcacerts"

        Enter Y when a prompt is displayed, asking you whether to trust the certificate.

        If "Certificates have been added to the trust store" is displayed in the command output, the certificate is added successfully.

    6. Restart eSight after all device certificates are imported.

      If the certificate of a device is updated, you need to import the latest certificate to the trust store. To ensure communication security, you are advised to periodically update the storage certificate.

Typical Example: Adding an OceanStor V3 Device

This section describes how to add an OceanStor 5500 V3 (V300R003C20) device to eSight. After the device is added, eSight can monitor and manage the device.

Procedure

  1. Collect information about the OceanStor 5500 V3 device.

    Parameter

    Description

    Setting

    IP Address

    Management IP address of the device.

    [Example] 10.10.10.70

    User Name

    Login user name of the device management system.

    NOTE:

    The default user name is admin. You can also use an administrator user created by the admin user. For details about how to create a user, see "Creating a Local User" in the device product documentation.

    [Default value] admin

    Password

    Login password of the device management system.

    [Default value] password

    Port

    REST protocol port of the device.

    [Default value] 8088

  2. Choose Resource > Common from the menu bar.

  3. Choose Add Resource > Add Resource.
  4. Choose Storage Subnet > Huawei Storage.
  5. In Basic Information, set basic parameters of the V3 device.

    Parameter

    Description

    Setting

    Subnet

    Subnet to which a V3 device belongs. Use the default value.

    [Example]

    root

    IP Address

    Management IP address of the V3 device.

    [Example]

    10.10.10.70

    Name

    Name of the V3 device.

    NOTE:
    • The name can contain 1 to 128 characters.
    • The name can contain only letters, digits, Chinese characters, underscores (_), hyphens (-), periods (.), brackets, and space characters.

    [Example]

    storageA

    Device Series

    Model of the V3 device.

    [Example]

    OceanStor V3

  6. Select the device protocol to be connected and set different protocol parameters.

    NOTE:

    The V3 device supports the following access modes: REST and SMI-S. When the REST protocol is used to connect devices, the alarm protocol can be SNMPv2c or SNMPv3. When the SMI-S protocol is used to connect devices, the alarm protocol can only be SNMPv3.

    SNMPv2c has low security. Therefore, SNMPv3 is recommended, and the secure authentication protocol HMAC_SHA and data encryption protocol AES are used.

    You can select an access protocol as required.

    • REST

    Parameter

    Description

    Setting

    User Name

    Login user name of the V3 device management system.

    NOTE:

    The default user name is admin. You can also use an administrator user created by the admin user. For details about how to create a user, see "Creating a Local User" in the device product documentation.

    [Example]

    admin

    Password

    Login password of the V3 device management system.

    [Example]

    password

    Port

    Destination port of the V3 device. Use the default value.

    [Value range]

    The value ranges from 1 to 65535.

    [Example]

    8088

    • SNMP
    NOTE:

    If SNMPv3 is used, Huawei storage devices do not provide default USM users. You can log in to DeviceManager to create users or run commands to set SNMP parameters. For details about how to create a user and obtain related parameters, see Setting SNMP Parameters for Storage Devices.

    Parameter

    Description

    Setting

    Type

    SNMP type of the V3 device.

    [Example]

    SNMPv3

    Set Type to SNMPv3.

    Port

    Destination port of the V3 device. Use the default value.

    [Value range]

    The value ranges from 1 to 65535.

    [Example]

    161

    Retry Times

    Number of attempts to resend an SNMP operation. If this number is exceeded, the resending is abandoned.

    [Value range]

    The value ranges from 1 to 20.

    [Example]

    10

    Timeout Period

    Wait time after the protocol message is sent.

    [Value range]

    The value ranges from 1 to 60 seconds.

    [Example]

    10

    User Name

    User name set in the SNMP protocol, which must be the same as the SNMP parameter settings of the device.

    [Example]

    admin

    Environment Name

    Environment engine name. Optional.

    [Example]

    cd

    Environment Engine ID

    SNMP engine. This parameter is used together with the environment engine name to determine an environment that uniquely identifies an SNMP entity.

    The SNMP message packet is processed only when the environment of the sender terminal is the same as that of the recipient terminal. Otherwise, the SNMP message packet will be discarded. Optional.

    [Example]

    -

    Authentication and authorization protocol

    Protocol used for verifying messages. You can select the HMAC_MD5 or HMAC_SHA protocol, or do not use any protocol.

    NOTE:

    The HMAC_MD5 encryption algorithm is insecure. You are advised to use the secure encryption algorithm HMAC_SHA.

    [Example]

    None

    Authentication and authorization password

    Set this parameter when Authentication Protocol is set to HMAC_MD5 or HMAC_SHA.

    [Example]

    -

    Data encryption protocol

    Encryption protocol used for data encapsulation. You can select DES or AES, or do not use encryption.

    • DES: indicates the Data Encryption Standard. It is an international encryption algorithm, and the key is 56 bits long.
    • AES: indicates the Advanced Encryption Standard. There are three kinds of key lengths: 128, 192, and 256. Each kind of key length provides the security protection for different levels.
    NOTE:

    AES is recommended for encryption because it has higher security than DES.

    [Example]

    None

    Data encryption password

    The encryption password must be set if the data encryption protocol is set to DES or AES.

    [Example]

    -

  7. Click OK.

    NOTE:
    • Click Apply and continue to create more devices.
    • When you add a Huawei storage device, the discovery progress is displayed and you can perform other operations.
    • If the NE is successfully created, choose Resource > Storage Subnet on the menu bar and choose Storage > Storage Device. The new NE is displayed in the list.
    • If the NE fails to be created, an error message is displayed. Click OK to reset the parameters.

  8. Open Internet Explorer, enter https://XXX.XXX.XXX.XXX:8088 in the address box, and press Enter to log in to the DeviceManager.

    NOTE:

    In the URL, XXX.XXX.XXX.XXX indicates the IP address of the storage device.

    1. In the navigation tree on the right, click Settings.
    2. Click Alarm Settings.
    3. In the navigation tree on the left, click Trap IP Address Management. The trap information about the interconnected eSight server is displayed in the list. You can add and modify trap IP address information.

Translation
Download
Updated: 2019-09-07

Document ID: EDOC1100011877

Views: 335726

Downloads: 671

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next