The purpose of this thread is to try an recreate what we already have stood up in my environment, however the steps i am having to produce my own.
I have got multiple applications that dump the data to various LUNs, the LUNs are managed by an Enterprise SAN Storage System (Compellent). My backup server currently in place has all of the LUNs above mounted as RO, the LUN ACL's from the SAN are set such that the Backup server is RO and everything else is RW to the respective server and lun that it writes to.
Question 1) Give the above, if i setup a new rhel6 server, set the LUN ACL as RO from the SAN Server. Will I be able to map the existing lun into the server? I have been battling this for awhile, i assume the answer is no because in order import the VG and LVM you need limited write access to the partition table, correct?
Using test volumes and servers I was able to generate a work around, but unsure if i want apply to production data:
The LUN ACL's are Read Only rights from the SAN to the backup server. (this is how its setup on current backup server)
I have found a convoluted method but im concerned about data corruption
Using a test linux box and a test lun:
Mounted the lun to vm as raw mapped lun,
Create volume group vg0
Created the lvm volume lvol0
Put some dumb data
Go to new backup server:
Iscsiadm -m node -R
Pvscan
Vgscan
Lvscan
Vgchange -ay vg0
Lvchange -ay lvol0
(not mounting the lun just creating the links)
Go back to compellent remove mapping for lun on the new backup server, and then re add as read only.
Now go to backup server and mount.
I think a setup where there is concurrent access to the same lun ( or rather the underlying storage ) will lead to corruption unless something like for example a shared logical volume is being used, but even then you would need some kind of shared filesystem. This is because of caching/buffering that going on on the various hosts and they need to make each other aware of changes. I think you need to use something like snapshots for backup..
Question rephrase: Given the above, if i setup a new rhel6 server, set the LUN ACL as RO from the SAN Server. Can I map the existing lun (RO ACL from the SAN) into the server, if so how?
Using iscsi initiator on the rhel6 backup server, I can see the luns, vgscan shows the vg's for the lun's, lvscan same. But I cannot activate the VG or LV. In /dev/ their isnt a corrosponding directory for the vg (and sub symbolic link), their arent any entries for the volumes in /dev/mapper.
When I did the work around when i activated the vg, it created the folder in /dev/ and then when i activated the lvm, it created the symbolic link in the /dev/vg-lun and in /dev/mapper.
Im trying to following good practices, im worried that my hacked method may lead to data corruption on my production luns.
The RO mounts are to dump the data on the LUN to LTO Tape.
The backup server is where I am mounting it RO.
Note: this is already in place on an older backup server, which we are trying to replace.
If this practice is far from best, then now is the time to change the process and get on pace with the rest of the world.
Note: This was setup prior to my taking over this process.
First, to do this properly you need a shared file system on the LUNs. Period.
But, if you can get read-only access to the LUNs, you might be able to make it work on a non-shared if you're willing to play with fire somewhat. Just realize that because of caching you can not guarantee that the read-only host(s) will see any changes made to the file system after they're mounted on the read-only hosts.
So you will get better results if you unmount the file systems before you read from them.
FWIW I tested "export iscsi mount as read-only with nfs" and it didn't have any problems (other than that it was a little slower over NFS than iscsi, but that's predictable). My understanding is that NFS goes through the VFS so it won't care if it's local or remote.
Doesn't your backup system have some method by which to backup over the network, or your SAN to snapshot and then hand a snapshot off the the backup server?