Settings

General

Volumes Recycle Bin

The Recycle Bin is enabled by default, but you can also disable it. When enabled, deleted Volumes are kept in the Pool’s Recycle Bin and can be restored. If the Recycle Bin is disabled deleted Volumes are immediately destroyed and cannot be recovered.

Public IPs

This displays any Public IPs assigned to the Controllers. A Public IP allows host connectivity from outside of the VPSA VPN.

Datamover Concurrency Level

You can control the load allowed for datamovers such as mirroing, cloning, etc… by setting the concurrency level. Default is Medium

Zadara Container Services Engine

This displays which, if any, ZCS Engine has been configured via the Provisioning Portal.

Zadara IO Engine

This displays which VPSA IO Engine (Model) has been configured via the Provisioning Portal.

Server Connectivity Monitoring

Server connectivity monitoring allows the VPSA administrator to modify the default settings for all servers records that are set with “Connectivity monitoring” option.

Available configuration:

  • Status:

    • Enabled - feature is enabled and notifications (emails) are allowed

    • Enabled (Tickets Disabled) - the feature is enabled however notifications will not be sent to the administrator. Connectivity status can be reviewed in the scope of the server in the VPSA servers view

    • Disabled - feature is disabled globally and will not be present per server

  • Connection attempts - number of connection attempts to a server record (default: 10)

  • Success threshold - the number of successful attempt that will be considered as normal (default: 6)

Security

settings-security

Password Policy

The VPSA Admin can control the VPSA Password expiration policy and password history policy.

Dual Factor Authentication

The VPSA Admin can force all users to login to the VPSA GUI using dual factor authentication. For details see: Dual Factor Authentication

Global VPSA CHAP

This gives you a uniform username and password to use when you create Servers.

Encryption

This sets the Volume encryption password for the VPSA’s data-at-rest encryption.

For more information on managing encrypted volumes see Managing Encrypted Volumes.

Support Privilege Access

This controls the ability of Zadara support engineers to access the VPSA virtual controllers with privileged rights. Only the VPSA Admin can change this setting. If enabled, the VPSA Admin gets notification every time the privileged access is used.

Cloud Admin Access

This sets the cloud admin’s VPSA GUI access (via the Command Center) to Enabled/Disabled status.

File Access Audit

The VPSA provides the option to enable audit logging of specific file system events. File access audit can be leveraged to comply with organizational security demands and to assist in root cause analysis of specific data access related events.

To implement file access auditing, it must first be enabled globally, and then applied to each volume that should be audited.

To enable file access auditing globally, or to edit the existing file access audit policy:

  1. In the Security tab in the Settings page, click Edit on the right of File Access Auditing. The File Access Auditing configuration dialog box opens.

  2. Mark the checkboxes of the access operations to be audited.

  3. Click Save.

To apply file access auditing to a volume, see Creating a NAS Share under Creating and Deleting a Volume.

IPsec Key

This displays the key to be used when configuring IPsec tunneling for secured host connections.

Allow iSCSI over Public IP

Allow VPSA iSCSI connectivity over Public IP interface (default = False)

NAS

NFS Domain

This sets the domain name for NFS shares. This defaults to localdomain. (NFS4 Only)

NFS ID mapping

If enabled, each UNIX (Linux) User must be defined as a NAS User in the VPSA. If disabled, UNIX Users are authenticated on the UNIX host side.

SMB NetBios Name

This gives the VPSA Admin the option to change the default name of the VPSA as it apears in Active Directory. This field must be modified before the VPSA joins AD.

SMB Character Set

This gives you the default Character Sets used by the SMB service for SMB Volumes. Unix charset - indicates the local character set used by the System. DOS Charset - indicates the Character sets used to communicate with DOS(windows) clients connecting to SMB shares. If you plan to use filenames with different encoding in the filename (other than English), you may want to change the Character Set. The default value for the unix character set is UTF-8 and the default value for the DOS character set is CP850. It is important to note that some character sets can be selected using the listbox items in the setup dialog but all other character sets can be also specified by directly editing the settings field.

image144

Changing this value while clients are connected will cause them to temporarily lose access to all SMB shares.

Defragmentation

You can enable/disable background file system defragmentation. This also allows on-demand defragmentation.

File System Trim

  • Periodic fstrim is triggered every weekend (On Saturday 00:00)

  • Can be manually started and stopped via the settings page.

Default Filesystem Write Policy

Set the default write policy for new volumes (can be applied for existing volumes in a bulk operation as well. The Write Policy refers to different ways in which data is written to the underlying VPSA volume filesystem during filesystem operations.

  • Asynchronous Writing (default) When the filesystem is mounted with the “Asynchronous Writing” option, data modifications are not immediately synchronized with the volume file-system. Instead, the system buffers these changes in memory and may perform the actual write to the filesystem at a later time. This can lead to faster write performance as the system doesn’t need to wait for each individual write to complete before proceeding with other tasks.

  • Synchronous Writing When a filesystem is mounted with the “Synchronous Writing” option, all data modifications (writes) are immediately synchronized with the storage device. This means that before a write operation is considered complete, the data is physically written to the VPSA filesystem, ensuring that changes are safely stored on stable storage. This can ensure data integrity but can also lead to slower write performance, as the system waits for the filesystem to confirm the write operation before proceeding.

Metering

The VPSA provides an option to download its performance metering database which contains per-minute performance statistics about all active and monitored Objects – Drives, RAID Groups, Pools, Volumes and Servers. The database is downloaded in a binary format and is accompanied with a tool (meter2csv) to convert the raw binary database to a csv formatted file.

Container Service

Container Network

This displays the internal IP range of the ZCS and is accessible only by the host VPSA.

Exposed Ports

This displays the Ports ranges that are exposed for host access.

Image Repository

This displays the Status, Pool and Capacity of the Image Repository that stores all of the ZCS containers and images.

Network

The VPSA supports Jumbo Frames. MTU size can be set to values from 1500 to 9000 for both the Front End (data) network, and the public network & VNIs (Public & VNI network MTU). The default is 1500 for both.

Note

Changing the MTU can be disruptive for ongoing traffic. Existing iSCSI server sessions may require a restart for the new MTU setting to take effect.

File Lifecycle Management

The VPSA supports file lifecycle management and analytics. When file lifecycle management is enabled for a VPSA, a toggle is provided to pause or resume global file lifecycle management indexing on volumes.

settings-file-lifecycle-edit

In the File Lifecycle Management tab on the Settings page, click Edit.

settings-file-lifecycle-pause

In the dialog that opens, click Pause or Resume, according to the context.

Note

To disable file lifecycle management globally for the VPSA, use the VPSA’s Disable File Lifecycle operation in the Provisioning Portal.

Diagnostics

Network Diagnostics

A common issue storage administrators pace is the ability to verify connectivity between the storage system and the servers using the storage. Connectivity might be even harder to verify in a cloud environment, depending on the network topology. VPSA Network Diagnostic allows you to check connectivity over the selected network to any server:

  • Go to the Diagnostics page.

  • Select the VPSA network interface

  • Enter the target IP address of the server in question.

  • select if you want to ping the server, traceroute or both

  • Click Run.

It take a minute or so until the results show up in the output box.