HP StoreEver MSL6480 Tape Library User and Service Guide Addendum (QU625-96016, October 2013)

ManualsBrandsHP ManualsStorageHP StorageWorks MSL4048 1 Ultrium 960 Fibre Channel Drive Library

HP StoreEver MSL6480 Tape Library

User and Service Guide Addendum

Abstract

This document provides information about features that were added to the HP StoreEver MSL6480 Tape Library after the HP

StoreEver MSL6480 Tape Library User and Service Guide (part number QU625-96001) was published. New features include

basic data and control path failover, a new graphical view of partition elements, support for the HP Enterprise Secure Key

Manager, a security user, a wellness test, and Japanese language option for the remote management interface (RMI).

HP Part Number: QU625-96016

Published: September 2013

Edition: 1

Summary of content (26 pages)

PAGE 1
HP StoreEver MSL6480 Tape Library User and Service Guide Addendum Abstract This document provides information about features that were added to the HP StoreEver MSL6480 Tape Library after the HP StoreEver MSL6480 Tape Library User and Service Guide (part number QU625-96001) was published.
PAGE 2
© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. The only warranties for HP products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. HP shall not be liable for technical or editorial errors or omissions contained herein.
PAGE 3
Contents 1 Introduction...............................................................................................4 Security user............................................................................................................................4 Performing the wellness test........................................................................................................5 Managing license keys..................................................................................................
PAGE 4
1 Introduction This document includes information about features added to the library after the user guide was published. These features include: • Basic control path and data path failover. See “Basic control path and data path failover” (page 12). • HP Enterprise Secure Key Manager support. See “HP Enterprise Secure Key Manager (ESKM) integration” (page 22). • Security user. See “Security user” (page 4). • Wellness test.
PAGE 5
The security password is required to log in as the security user. The default security password is security. If the security password is lost, the service password is required to change the security password. HP recommends changing the security password to avoid unauthorized access to library administrative and security functionality. Performing the wellness test The wellness test exercises basic library functionality. At the end of the test, cartridges will not be in their original storage slots.
PAGE 6
Viewing library or partition configuration settings In the Status > Partition Map > Configuration Status screen you can see the current configuration settings for a partition. Expand the sections for additional information. NOTE: 6 The configurations listed in this screen can be modified using the Expert Partition Wizard.
PAGE 7
Configuring the encryption key manager type The Configuration > Encryption screen displays the available data encryption key manager types along with the status of each type. Only one encryption manager type can be configured for the library at a time and it will be used for all tape drives and partitions. To change the configured encryption key manager, select the key manager and then click Submit.
PAGE 8
Changing the token PIN Figure 2 Changing the PIN or token name 1. 2. 3. Navigate to the Configuration > Encryption > USB — MSL Encryption Kit screen. Expand the Pin Management section. Enter the current and new PINs. The PIN must be at least 8 characters and no longer than 16 characters. The PIN must contain at least one lower case letter, one upper case letter, and at least two digits. 4. Click Submit. CAUTION: The key server token protects the encryption keys with a PIN.
PAGE 9
Generating a new write key Figure 3 Managing encryption keys 1. 2. 3. Navigate to the Configuration > Encryption > USB — MSL Encryption Kit screen. Expand the Key Management section. Click Apply. Enabling and configuring automatic key generation When automatic key generation is enabled, the library will automatically request the key server token to generate a new key periodically, according to the policy you configure.
PAGE 10
NOTE: A key is not generated when the library time is advanced past a time when a new key would have been generated. If you advance the library time, check the automatic key generation policy to see whether a new key is needed, and if so, manually generate it. One new key is generated if the library is off at a time when a new key would have been automatically generated. To prevent a new key from being generated in this case, disable automatic key generation before powering off the autoloader or library.
PAGE 11
Figure 4 Enabling or disabling encryption 1. 2. 3. Navigate to the Configuration > Encryption > USB — MSL Encryption Kit screen. Expand the Enable/Disable Encryption section. Click Enable or Disable. Errata The user guide contains the following errors and omissions: • All USB key interaction with the library should be done with FAT-32 formatted USB keys. The library does not support USB devices formatted with LTFS or other file formats.
PAGE 12
2 Basic control path and data path failover With today’s high dependency on access to business information, safe guarded data and limited backup windows, the reliability of the backup hardware and software is vital. Backup operations are usually automated, often done at night, and any first pass operator intervention is done remotely. To assist with these enterprise demands, Hewlett-Packard has introduced two reliability enhancements to MSL6480 tape libraries with LTO-5 and LTO-6 Fibre Channel tape drives.
PAGE 13
Figure 5 Data path port failover example configuration 1. Primary data path 2. Standby data path 3. Primary data path 4. Standby data path 5. Dual-port FC tape drive 6.
PAGE 14
Figure 6 Control path port failover example configuration 3 5 2 1 6 4 8 7 1. Library drive 1 (embedded in library) 2. Primary data path for drive 1 and active library control path 3. Standby data path 4. Primary data path for drive 2 and standby library control path 5. Standby data path 6. Library drive 2 (embedded in library) 7. Standby library control path (logical via control 8.
PAGE 15
Technology for data path port failover The HP LTO-5 and LTO-6 Fibre Channel tape drives configure both ports with identical worldwide names but only one port will connect to the fabric. By default the port that completes speed negotiation first will become the active port. If the ports on the drive are connected to different speed fabric the port connected to the highest speed fabric will typically complete speed negotiation first.
PAGE 16
In the typical bridged library controller connection each tape drive has one physical link to the SAN switch and connects to the SAN switch as one Fibre Channel device. The tape drive hosting the library controller path connects as one Fibre Channel device containing two logical units. The tape drive is logical unit number zero and the tape library is logical unit number one. Both devices are considered to be in the same Fibre Channel device which is called a “Node”.
PAGE 17
The library controller appears as a third independent device even though it is sharing the physical connection with one of the tape drives. The logical view and physical connections for a library using NPIV and configured to use library control path port failover is shown in Figure 9 (page 17). Figure 9 NPIV virtual library connection 1 1. Physical link to switch sharing drive link 2 2.
PAGE 18
Figure 10 NPIV library connection following failover 2 1. Physical link to switch sharing drive link 1 2. Logical direct link to switch “NPIV library connection following failover” (page 18) shows that the logical link for the library has moved and now shares the same physical link as the top drive. No changes to the physical cabling were required and any other activity on the links was not disrupted. Failover licenses The control path and data path failover features are licensed.
PAGE 19
1. 2. Navigate to the Configuration > System > License Key Handling screen. In the Add License Key pane, enter the License Key and then click Add License. You can also use Command View for Tape Libraries 3.7 or newer versions to manage licenses. Configuring and verifying control path failover The library only supports control path failover when used in a Fibre Channel SAN and connected as fabric devices. Control path failover is enabled independently for each partition in the library.
PAGE 20
Figure 11 Library world wide name displayed on the Status > Library Status screen • Hosts connecting to the library might need to be rebooted if the operating system does not support dynamic device detection. • Applications on hosts might need to be reconfigured to recognize the new library world wide name. Verifying control path failover After enabling control path failover, verify the configuration of both ports.
PAGE 21
Configuring data path port failover Enabling data path port failover Data path failover can be used with the drive ports configured in loop mode or fabric mode. For best results and compatibility with control path failover, HP recommends that the drive ports be configured in fabric mode and connected to a switch. 1. Launch the Expert Partition Wizard from Configuration→Partitions→Expert Wizard. 2. Select the partition that you want to configure and then click Edit. 3.
PAGE 22
3 HP Enterprise Secure Key Manager (ESKM) integration The library now supports the ESKM, which allows encryption keys and encrypted tapes to be shared with other tape libraries that support the ESKM. ESKM license The ESKM feature requires a license.
PAGE 23
Using the ESKM Wizard 1. 2. 3. 4. 5. 6. Click Encryption→ESKM Wizard to start the wizard. The Wizard Information screen displays information about the wizard. If the library configuration is complete, click Next. The Certificate Authority Information screen displays prerequisites for using the ESKM certificate. When the prerequisites are met, click Next. The Certificate Authority Certificate Entry screen displays instructions for obtaining the certificate for the ESKM server.
PAGE 24
4 Support and other resources Contacting HP For worldwide technical support information, see the HP support website: http://www.hp.
PAGE 25
Table 3 Document conventions (continued) Convention Element Monospace text • File and directory names • System output • Code • Commands, their arguments, and argument values Monospace, italic text • Code variables • Command variables Monospace, bold text WARNING! CAUTION: IMPORTANT: NOTE: TIP: Emphasized monospace text Indicates that failure to follow directions could result in bodily harm or death. Indicates that failure to follow directions could result in damage to equipment or data.
PAGE 26
5 Documentation feedback HP is committed to providing documentation that meets your needs. To help us improve the documentation, send any errors, suggestions, or comments to Documentation Feedback (docsfeedback@hp.com). Include the document title and part number, version number, or the URL when submitting your feedback.