Huawei OceanStor 2000 V3 Series Features Manual page 80

Hypermetro feature guide for block

Hide thumbs Also See for OceanStor 2000 V3 Series:

Features manual (196 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

Table of Contents

OceanStor V3 Series

HyperMetro Feature Guide for Block

Step 5 (Optional) Configure a whitelist.

After you replace a certificate, you must configure a whitelist.

The arbitration software allows a storage system to connect to the quorum server only after

you configure a whitelist and add the SN of storage system to the arbitration software. If you

replace another certificate, you do not need to configure a whitelist anymore.

Issue 05 (2018-01-30)

NOTE

–

The certificates must be replaced in user mode.

–

The certificate request file of the quorum server can be used to generate certificates in a third-

party Certificate Authority (CA) organization. Copy the certificates to the /opt/

quorum_server/export_import directory of the quorum server. The certificates ensure

security of the quorum server.

–

After installing the arbitration software, you are advised to grant the Secure File Transfer

Protocol (SFTP) permission only to the /opt/quorum_server/export_import/ directory to

ensure that the security certificates can be imported and exported.

Use the certificate request file to generate certificates.

Send the qs_certreq.csr file to a third party for the third-party CA organization to

generate certificates.

Copy the certificates to the quorum server.

After the certificates are generated, copy the certificate (such as qs_cert.crt) of the

quorum server and the CA certificate (such as qs_cacert.crt) to the /opt/quorum_server/

export_import directory of the quorum server.

Import the certificates to the arbitration software.

In the CLI of the arbitration software, run the import tls_cert ca=qs_cacert.crt

cert=qs_cert.crt command to import the certificates to the arbitration software.

admin:/>import tls_cert ca=qs_cacert.crt cert=qs_cert.crt

Command executed successfully.

After replacing certificates on the quorum server, replace the certificates on the local and

remote storage arrays. For details, see Managing Certificates section.

NOTICE

In the CLI of the storage system, run the show system general command to query the

storage system SN.

admin:/>show system general

System Name

Health Status

Running Status

Total Capacity

Location

Product Model

Product Version

High Water Level(%) : 80

Low Water Level(%)

WWN

Time

In the CLI of the arbitration software, run the add white_list sn=? command to add the

storage system SN to the arbitration software for management.

Huawei Proprietary and Confidential

: reppub_10.103.20.176

: Normal

: 2.025TB

: XXXXXXXXXXXXXXXXXXXX

: S5800T

: V200R003C00

: 20

: 21000022a1072506

: 2015-06-27/15:11:15 UTC+08:00

4 Configuration

Table of Contents

Show Quick Links

Quick Links:
Overview
License Requirements and Compatible Products
Installation Process
Cable Connection
Storage Array Initialization

Hide quick links:

Table of Contents

Troubleshooting

This manual is also suitable for:

Oceanstor 6000 v3 series Oceanstor 5000 v3 series Oceanstor 5300 v3 Oceanstor 5500 v3 Oceanstor 5600 v3 Oceanstor 6800 v3 ... Show all

Huawei OceanStor 2000 V3 Series Features Manual page 80

Hide quick links:

Troubleshooting

Related Manuals for Huawei OceanStor 2000 V3 Series

Related Products for Huawei OceanStor 2000 V3 Series

This manual is also suitable for:

Table of Contents