VMware Cloud Community
ranjitcool
Hot Shot
Hot Shot
‎01-05-2011 09:29 AM

Lun Masking in ESXi

Hey Guys,

Lun Masking - From what I understand is if I have a host connected to a SAN (Over FC or iSCSI) and being presented with 10 LUNS for 10 different VM's on that host, I can use lun masking to let vm1 see lun1 and nothing else to avoid unauth access.

Is my understanding accurate? If so how do I do this.

Please advice.

Thanks

RJ

Please award points if you find my answers helpful Thanks RJ Visit www.rjapproves.com
Tags (2)
Reply
0 Kudos
6 Replies
a_p_
Leadership
Leadership
‎01-05-2011 09:34 AM

You can only present all LUNs to the ESX(i) host and either format them as VMFS datastores or assign them as RDM's to the VMs. The VMs themselves have no direct access to the LUNs.

André

EDIT: For iSCSI you could use an initiator in the guest and access a LUN directly.

Reply
0 Kudos
Zakcar1
Contributor
Contributor
‎01-05-2011 01:32 PM

Lun masking is the way to present disks to hosts from the san side. The hosts will see luns (same has scsi devices to make it simple).

A lun can be use to create a datastore from the storage option under the configuration tab or do a "raw disk map" from the vm configuration window.

Multiple VMs need to have the same RDM set in their config to be able to see the same LUN. Same apply to .vmdk disks.

Back to lun masking....

you can use lun masking to assign a lun to a single Host (dedicated disk like the ESX boot partition) or to a group of hosts to share the lun (like a datastore or RDM to a vm with vmotion).

Reply
0 Kudos
RaulJBA
Contributor
Contributor
‎01-23-2011 08:17 PM

But how can I disable the access to LUN used for a VM as RDM disk? In a case as it I until can delete the content of this LUN using the wizard the add vDisk for another VM or by adding other datastore because this LUN until is showed.

Any ideas?

Raul

Reply
0 Kudos
Josh26
Virtuoso
Virtuoso
‎01-23-2011 09:45 PM

Hi,

Having spent quite a bit of time studying LUN masking on ESXi as part of the troubleshoot course.. I couldn't imagine a situation where it wouldn't be preferable to perform all masking on the SAN.

edit: Every SAN worth considering will support this feature.

Reply
0 Kudos
kish09
Enthusiast
Enthusiast
‎01-24-2011 05:37 AM

Hi,

What u said is called NPIV where every vm has its dedicated wwpn no and lun is presented on vm also it requires the RDM Disks.

while

Masking is an authorization process that makes a LUN available to some hosts not vm and unavailable to other hosts.

kish

Reply
0 Kudos
Zakcar1
Contributor
Contributor
‎01-24-2011 06:44 AM

[Quote] But how can I disable the access to LUN used for a VM as RDM disk?  [/Quote]

Simply remove the RDM from the VM Config (it's showing has a vDisk with "Mapped Raw LUN" in the summary). Then you can remove the access to the lun from the storage unit lun masking, or keep it available for reassignment at a later time. In the 2nd option, make sure no one else assign that volume before the old data can be deleted.

Reply
0 Kudos