Syncplicity Support

Follow

Prerequisites

Please read About Syncplicity StorageVaults before reading this article.

NOTE: If installing the Storage Connector in an AWS environment, see Prerequisites for AWS Deployment.

To configure on-premise StorageVault(s), you need to install one or more Syncplicity On-Premise Storage Connector(s). The On-premise Storage Connector is a server software that runs as a virtual machine and connects the Syncplicity orchestration layer in the cloud to your storage endpoint using NFSv3. For example, you can configure an on-premise Storage Connector to store data on EMC Isilon scale-out NAS, EMC VNX/VNXe file based or unified storage arrays, or any other NAS system that supports NFSv3. Additionally, Object Storage interfaces can be used for storage endpoints such as EMC Enterprise Cloud Storage (ECS), EMC Atmos or Amazon S3. 

You need at least two on-premise Storage Connectors but you can deploy more for Scalability and High Availability purposes.  As a best practice, an SSL offloading load-balancer is deployed in front of these Storage Connector virtual servers.

Before installing on-premise Storage Connector, make you meet the following prerequisites outlined on this page:

  1. Hardware Requirements
  2. Network Configuration
  3. Storage Vendor specific steps (Optional)

Hardware requirements

The Storage Connector must meet the following requirements:

  • A minimum of two (2) virtual machines hosted on VMware vSphere Hypervisor (i.e., ESXi) 5.0, 5.1, 5.5, 6.0 or 6.5
  • Each virtual machine must be configured with 8GB of RAM, 8 virtual cores (Intel Xeon E5 Family processors, 2.20 GHz), and a minimum of a 50GB HDD

Refer to the Network configuration section below for the network requirements, which includes an externally-addressable SSL-offloading load balancer in front of all virtual machines, an EMC Atmos (v2.1+) storage system or a storage backend that supports a standard NFS v3 interface, and various inbound and outbound open ports.

Network configuration

To configure on-premise storage, you need to install the Syncplicity On-Premise Storage Connector. 

The Storage Connector is supplied as an OVA file and installed on a virtual machine. The Storage Connector requires the following:

  • Each Storage Connector requires its own virtual machine hosted on VMware vSphere Hypervisor (i.e., ESXi).
  • You need at least two Storage Connectors but you can deploy more for scalability and high availability purposes.
  • You must deploy an externally-addressable SSL-offloading load balancer in front of all virtual machines, configured with a Certificate Authority (CA) signed (NOT self-signed) SSL certificate.
  • Make sure that TLS1.2 is used and that SSLv3 is disabled. (SSLv3 is disabled by default from the JDK.)
  • Make sure that each Syncplicity client or app that is to connect to the Storage Connector meets the minimum version as follows.

Syncplicity Client or app

Minimum version

Windows desktop

3.5.16.3073

Mac desktop

3.5.21

iOS

3.3.0

Android

3.2.5

Windows 8

1.6.0

Windows Phone 8

1.6.0

As shown in the diagram, a typical example is that the storage layer is in the private area of the corporate network, the Storage Connectors virtual machines are in the semi-private area, and the SSL-offloading load balancer is in the DMZ.

The Storage Connector requires specific inbound and outbound ports to be open, as specified in the following tables.

Inbound port requirements

In order for the Syncplicity clients to connect to the Storage Connector application from the Internet, the following inbound ports must be open.

Connection

Port #

Protocol

From the Internet to the SSL-offloading load balancer in the DMZ.

443

HTTPS

From the SSL-offloading load balancer to the Storage Connector virtual machines

9000

HTTP

Atmos Storage Requirements

If you want to enable the Storage Connector application to connect to an Atmos storage backend, then the following inbound ports must be open.

Connection

Port #

Protocol

From the Storage Connector to the Atmos Load Balancer

443 if SSL is used with Atmos
80 if SSL is not used with Atmos

HTTP or HTTPS

From the Storage Connector in the DMZ to the Network Time Protocol (NTP) server

123

UDP

EMC ECS Storage Requirements

If you want to enable the Storage Connector application to connect to an ECS storage backend, then the following inbound ports must be open.

Connection

Port #

Protocol

From the Storage Connector to the ECS Load Balancer

9021 if SSL is used to ECS
9020 if SSL is not used to ECS

HTTP or HTTPS

From the Storage Connector in the DMZ to the Network Time Protocol (NTP) server

123

UDP

NFS v3 -Based Storage

To enable the Storage Connector application to connect to an NFS storage backend, the following inbound ports must be open. This includes Isilon storage.

Connection

Port #

Protocol

Type of Traffic

From the Storage Connector virtual machines to the NFS Storage System

53

TCP

DNS for SmartConnect (Isilon)

111

TCP

SUN Remote Procedure Call

111

UDP

SUN Remote Procedure Call

300

TCP

NFS mount daemon

300

UDP

NFS mount daemon

302

TCP

NFS stat daemon

302

UDP

NFS stat daemon

304

TCP

NFS lock daemon

304

UDP

NFS lock daemon

2049

TCP

NFS server daemon

2049

UDP

NFS server daemon

Outbound Port Requirements

In general, traffic outbound to external hosts on port 443 should be allowed. If for some reason this is not so, at least the following should be allowed.

Connection

Port #

Protocol

From the Storage Connector virtual machines to xml.syncplicity.com, xml.eu.syncplicity.com and health.syncplicity.com

443

HTTPS

From the Syncplicity Storage Connector virtual machines to centos.org

Note: Only required during the upgrade procedure to allow for RPM dependency checking.

80

HTTP

Configuring Isilon Storage (Optional)

If using Isilon storage as the backend, you need to perform the following configuration procedure:

  1. Create a directory on EMC Isilon cluster where you want to store the Syncplicity data. This should be done via an ssh session to the Isilon Cluster.

Example: /ifs/syncp-data

  1. Configure the permissions on the directory via an ssh session to the Isilon Cluster.

chown 498:499 /ifs/syncp-data

chmod 770 /ifs/syncp-data

The commands lock down security access, specifically for the “syncp” and “syncp-storage” users.

  1. Create NFS Export via the WebUI.

The following screen shows the basic export settings that lock the export down to the Storage Connectors. Add the IP addresses of the Storage Connectors in the appropriate fields. The 10.111.158.3 and 10.111.158.4 are example IP addresses of the Storage Connectors.  Your IP addresses will be different.

 All other export settings should be left as the defaults and not change.

  1. If the Storage Connector is in the DMZ (Internet side of the firewall) and Isilon storage is inside of the firewall, you need to verify that specific ports are opened on the firewall to allow access via NFS from the Storage Connectors to the EMC/Isilon Storage. This does not apply if the Isilon Storage is not behind a firewall.
  2. Refer to Installing the Storage Connector, task 5a to check the NFS mount to the Isilon Storage.

This completes the basic configuration of the EMC Isilon Storage for the Syncplicity on-Premise Storage Connector.

Powered by Zendesk