Top
PRIMECLUSTERGlobal Disk Services Configuration and AdministrationGuide 4.5
FUJITSU Software
Chapter 1 Functions > 1.3 Functions for High Manageability > 1.3.5 Access Control
PreviousNext

1.3.5 Access Control

GDS provides the following access control functions to prevent data damage from events such as an improper operation by the user.

Class Scope

In order to manage a disk unit with GDS, it must be registered with a certain class. A class is like a container that holds multiple disks.
By defining the class attribute called "scope", the user can specify which node set has access, or can perform operation on the disks registered to that class. Since operation on the disk is restricted to the nodes you specify, there is no risk of changing the configuration by mistake, or losing data consistency.

Suppose there are disks connected to two nodes; node A and B. The administrator wants node A to have access to some of the disks, while node B has access to the remaining disks.

Suppose the operation which has a certain disk unit group connected to three nodes; node A, node B, and node C. Some disk units are accessed only from node A and node B, and other disk units are accessed only from node B and node C.

In this case, two classes should be created to manage the disks shared separately by node A and B.

Figure 1.21 Class Scope


Starting and Stopping Volume

GDS's logical volume can be started or stopped for each node sharing the volume.

Since a stopped volume cannot be accessed from the node, there is no risk of losing data consistency by mistake.

Figure 1.22 Starting and Stopping Volume


Access Mode

Logical volume has an attribute called "Access mode", which can be defined for each node sharing the volume. There are two access modes; "Read and write possible" mode, and "Read only possible" mode.

For example, if a certain node will access the logical volume to create data backup, set the mode "Read only possible". That way, you can prevent writing to the volume by mistake.

Figure 1.23 Access Mode


Lock Volume

When the node or cluster application is activated, logical volume starts automatically and becomes accessible. Likewise, when the cluster application is terminated, logical volume will also stop. This prevents a node with terminated application from accessing the logical volume.

However, a volume may be started unexpectedly by rebooting a node.

In order to preclude the logical volume from starting in such a situation, the user can define the "Lock volume" attribute. When "Lock volume" is selected, volume will not be activated even when the node is rebooted, or cluster application activated.

Figure 1.24 Lock Volume

PreviousNext
Copyright FUJITSU LIMITED 2017-2019