Appendix F. Sample Storage Configuration Scenarios for Meta Disk KitsAppendix F. Sample Storage Configuration Scenarios for Meta Disk Kits

This appendix illustrates the examples of how to configure a Meta Disk Kit described in Configure Block devices for Drive pack section for Network Decoder in the below scenarios.

• Meta-Only: No Externally Attached Storage

• Maximize PowerVault Storage capacity for Network Decoder

Meta-Only (One kit – 3 SED drives configured as RAID 5)Meta-Only (One kit – 3 SED drives configured as RAID 5)

Configure one Meta Disk kit as decodersmall volume for Network Decoder:

Note:
1. The configuration for Log Decoder is the similar as that of a Network Decoder. Substitute the service and volume names that correspond to Log Decoder.
2. A single Meta Disk pack is configured as RAID5 (3 drives) and two Meta Disk packs (6 drives) are configured as RAID6.
3. When configuring two Meta Disk Packs or adding the second Meta Disk pack, use appropriate disk slot numbers when creating the virtual drive (step 5 below).

On the Series 6 (RSA R640) appliance, the Meta Drive Pack disks are installed in slots 4, 5 and 6. The virtual drive configuration requires identifying the controller ID and Enclosure ID (EID). On Series 6 appliance, the controller ID and Enclosure IDs are 0 and 64. However, the nwraidtool.py script that is installed on every server can help to confirm these ID numbers, or the PercCLI commands as shown in the below steps.

Identify controller/enclosures:

1. Identify the controller ID (Ctl) for the internal controller (PERC H740P Mini/ PERC H750). In the below figure the controller ID is 0 and highlighted in yellow. The drive count is displayed under PDs.

   /opt/MegaRAID/perccli/perccli64 show

   

2. Identify the Enclosure ID (EID) for controller ‘0’. In this case the EID is ‘64’ and highlighted in yellow.

   /opt/MegaRAID/perccli/perccli64 /c0 /eall show

   

3. Identify the new Meta Disk kit disk slot numbers (Slots 4 through 9) on the controller PERC H740P Mini. These drives do not belong to any Drive Group (DG). The DG column for these drives display a dash ‘-‘, the State column shows ‘UGood’, and the SED value as ‘Y’. See the entries highlighted in yellow.

   

4. Identify the existing block devices (sda and sdb) on the host used by the OS and NetWitness. Use the command ‘lsblk’ to list out the block devices.

   lsblk

   

   Configure the virtual drive(s) on the installed Meta Disk kit (slots 4,5, and 6):

5. Create the Virtual Drive/Drive Group (DG) on the internal controller using the disks in slot 4 through 6 using the below command.

   /opt/MegaRAID/perccli/perccli64 /c0 add vd type=raid5 drives=64:4-6 strip=128

   

6. The new virtual drive shows up as ‘2/2’ under DG/VD column. See the entry highlighted in yellow.

   /opt/MegaRAID/perccli/perccli64 /c0 /vall show

   

7. Identify the new block device on the host. The block device name is identified under the NAME column. In this example the new block device is 'sdc'. This block device name is required when configuring storage. Use ‘lsblk’ to list the block devices. See entry highlighted in yellow.

   lsblk

   

8. Now, you must Configure the above block device as decodersmall for Network Decoder. Use the REST API (Ex: https://<HostIP>:50106, HostIP is the ip address of the decoder host) to retrieve the existing raid list. Note the block device name corresponding to the Meta Disk kit. In this case it is ‘sdc’.

   Note: If a second Meta Disk kit is being configured, the block device would be ‘sdd’.

   

9. Make partitions on the block device (‘sdc’) for decoder service with the following parameters:

   name=sdc service=decoder volume=decodersmall commit=1

   For logdecoder use: name=sdc service=logdecoder volume=logdecodersmall commit=1

   Note: If a second Meta Disk kit is being configured, the volume for decoder would be ‘decodersmall0’. For logdecoder, it is ‘logdecodersmall0’.

   

10. Allocate the decodersmall to Decoder service using ‘srvAlloc’.

    service=decoder volume=decodersmall commit=1

    Note: For logdecoder: service=logdecoder volume=logdecodersmall commit=1

    

    

    Maximize PowerVault Storage Capacity (One Kit – 3 SED Drives Configured as RAID 5)Maximize PowerVault Storage Capacity (One Kit – 3 SED Drives Configured as RAID 5)

    Configure one Meta Disk kit as decodersmall volume for Network Decoder maximizing the PowerVault Storage.

    Note:
    1. Best practice – when 1-4 PowerVaults are configured, a single Meta Disk kit is recommended and when 5-8 PowerVaults are configured two (2) Meta Disk kits are recommended (optional).
    2. The configuration for Log Decoder is the similar as that of a Network Decoder. Substitute the service and volume names that correspond to Log Decoder.
    3. A singe Meta Disk kit is configured as RAID5 (3 drives) and two Meta Disk kits (6 drives) are configured as RAID6.
    4. When configuring two Meta Disk kits or adding thea second Meta Disk kit, use appropriate disk slot numbers when creating the virtual drive (step 5 below).

    On the Series 6 (RSA R640) appliance, the Meta Drive Pack disks are installed in slots 4, 5 and 6. The virtual drive configuration requires identifying the controller ID and Enclosure ID (EID). On Series 6 appliance, the controller ID and Enclosure IDs are 0 and 64. However, the nwraidtool.py script that is installed on every server can help to confirm these ID numbers, or the PercCLI commands as shown in the below steps.

    Identify controller/enclosures:

    1. Identify the controller ID (Ctl) for the internal controller (PERC H740P Mini/ PERC H750). In the below figure the controller ID is 0 and highlighted in yellow. The drive count is displayed under PDs.

       /opt/MegaRAID/perccli/perccli64 show

       

    2. Identify the Enclosure ID (EID) for controller ‘0’. In this case the EID is ‘64’ (highlighted in yellow).

       /opt/MegaRAID/perccli/perccli64 /c0 /eall show

       

    3. Identify the new Meta Disk kit disk slot numbers (Slots 4 through 9) on the controller PERC H740P Mini. These drives do not belong to any Drive Group (DG). The DG column for these drives display a dash ‘-‘, the State column shows ‘UGood’, and the SED value as ‘Y’. See the entries highlighted in yellow.

       

    4. Identify the existing block devices (sda and sdb) on the host used by the OS and NetWitness. Use the command ‘lsblk’ to list out the block devices.

       lsblk

       

       Configure virtual drive(s) on installed meta pack disks (slots 4,5 and 6):

    5. Create the Virtual Drive/Drive Group (DG) on the internal controller using the disks in slot 4 through 6 using the below command.

       /opt/MegaRAID/perccli/perccli64 /c0 add vd type=raid5 drives=64:4-6 strip=128

       

    6. The new virtual drive shows up as ‘2/2’ (highlighted in yellow) under DG/VD column.

       /opt/MegaRAID/perccli/perccli64 /c0 /vall show

       

    7. Identify the new block device on the host. The block device name is identified under the NAME column. In this example the new block device is 'sdc'. This block device name is required when configuring storage. Use ‘lsblk’ to list the block devices.

       lsblk

       

    8. Configure the above block device as decodersmall volume for Decoder (volume name for Log Decoder is logdecodersmall). Use REST API (Ex: https://<HostIP>:50106, HostIP is the ip address of the decoder host) to retrieve the existing raid list. Note the block device name corresponding to the Meta Disk kit. In this case, it is ‘sdc’ (highlighted in yellow)

       Note: If a second Meta Disk kit is being configured, the block device would be ‘sdd’.

       

    9. Make partitions on the block device (‘sdc’) with the following parameters:

       name=sdc service=decoder volume=decodersmall commit=1

       For logdecoder service, use: name=sdc service=logdecoder volume=logdecodersmall commit=1

       Note: If a second Meta Disk kit is being configured, the volume for decoder service is ‘decodersmall0’ and ‘logdecodersmall0’ for logdecoder service.

       

    10. Allocate the decodersmall to Decoder service

        service=decoder volume=decodersmall commit=1For logdecoder use: service=logdecoder volume=logdecodersmall commit=1

        Note: If a second Meta Pack is being configured, the volume for decoder is ‘decodersmall0’ and ‘logdecodersmall0’ for logdecoder service.

        

        

        Configure external storage (PowerVault) as packetDB for Decoder:

    11. Use REST API (Ex: https://<HostIP>:50106, HostIP is the ip address of the decoder host) to configure raid on the attached PowerVault. Identify the controller and enclosure information using raidList. In this example, two PowerVaults are connected to the Decoder appliance (controller 1 with enclosure 246 and 249). REST API is used in the next steps to configure the PowerVault (Enclosure 246) connected to Controller 1.

        

    12. Create the raid on the attached PowerVault. Identify the controller and enclosure from ‘raidList’. Use appropriate value for preferSecure to enable encryption. To turn on encryption on SED capable drives, use preferSecure=1 after setting the security key on the controller. Encryption can also be turned on after configuring storage using the steps listed in Appendix B. Encrypt a Series 6E Core or Hybrid Host of the storage guide.

        controller=1 enclosure=246 scheme=packet-expansion preferSecure=0 commit=1

        

    13. Identify the block device created in the earlier step. Use ‘raidList’ to retrieve all the block devices. In this case, it is ‘sdd’.

        

    14. Make partitions on the block device (‘sdd’) using ‘partNew’.

        name=sdd service=decoder volume=decoder commit=1

        

        

    15. Allocate the decoder volume to Decoder service using ‘srvAlloc’.

        service=decoder volume=decoder commit=1

        

        Note: Additional PowerVaults shall be configured using REST API as outlined in the Storage Guide.