About Xsan configuration profiles

If you're an advanced SAN administrator, you can set keys in configuration profile payloads to set up Xsan clients and control certain Xsan volume mount behaviors. 

Learn how to configure SAN clients.

Xsan Payload

An Xsan payload configures an Xsan client system. You can designate an Xsan payload by specifying com.apple.xsan as the PayloadType value. This payload is supported on OS X Yosemite, OS X El Capitan, and macOS Sierra.

Key Type Value
sanName
String
The name of the SAN. This key is required for all Xsan SANs. The name must match exactly the name of the SAN defined in Server app.
sanConfigURLs Array of Strings Each string in this array contains an LDAP URL where Xsan systems can obtain SAN configuration updates. This key is required for all Xsan SANs. There should be one entry for each Xsan MDC.

Example URL: ldaps://mdc1.example.com:389
fsnameservers Array of Strings This array contains one string value for each of the SAN's File System Name Server coordinators. This key is required for StorNext SANs. The list should contain the same addresses in the same order as the MDC's /Library/Preferences/Xsan/fsnameservers file.

Xsan SAN clients automatically receive updates to the fsnameservers list from the SAN configuration servers whenever this list changes. StorNext administrators should update their profile whenever the fsnameservers list changes.
sanAuthMethod String Determines authentication method for the SAN. This key is required for all Xsan SANs. This key is optional for StorNext SANs but it should be set if the StorNext SAN uses an auth_secret file. Only one value is accepted:

auth_secret
sharedSecret String The shared secret used for Xsan network authentication. This key is required when the sanAuthMethod key is present. The String value should equal the content of the MDC's /Library/Preferences/Xsan/.auth_secret file.

Notes:

  • Don't create Xsan payloads to configure Xsan MDCs. Only use Server app to configure Xsan MDCs.
  • A Mac can only have one Xsan payload installed.

Xsan Preferences payload

The Xsan preferences payload can be used to configure which volumes automatically mount at startup. For StorNext volumes this payload also determines whether the mount uses Fibre Channel or Distributed LAN Client (DLC). The Xsan preferences payload is designated by specifying com.apple.xsan.preferences as the PayloadType value. This payload is supported on OS X El Capitan and macOS Sierra.

Key Type Value
onlyMount Array of Strings
Each string in this array is an Xsan or StorNext volume name. If this key is present, the Xsan client attempts to automatically mount these volumes at startup. Volumes that don't appear in this list can be mounted manually by the system administrator using xsanctl(8)'s mount command.
denyMount Array of Strings Each string in this array is an Xsan or StorNext volume name. If this key is present and no onlyMount array is present, the Xsan client automatically attempts to mount all SAN volumes except the volumes in this array. Volumes in this array can be mounted manually by the system administrator using xsanctl(8)'s mount command.
denyDLC Array of Strings Each string in this array is a StorNext volume name. If this key is present and the Xsan client is attempting to mount a volume in this array, the client only mounts the volume if its LUNs are available via Fibre Channel. It does not attempt to mount the volume using Distributed LAN Client (DLC).
preferDLC Array of Strings Each string in this array is a StorNext volume name. If this key is present and the Xsan client is attempting to mount a volume in this array, the Xsan client attempts to mount the volume using Distributed LAN Client (DLC). If DLC is not available, the client attempts to mount the volume if its LUNs are available via Fibre Channel. In order for this to work, the volume name must not appear in denyDLC.
useDLC Boolean If this key is present, it controls the use of Distributed LAN Client (DLC) for all volumes not listed in the denyDLC array (if present) or the preferDLC array (if present). If this key is absent, the absence of any Fibre Channel interfaces triggers a preference for DLC when mounting all StorNext volumes.

Keys in the Xsan preferences payload can also be written with defaults(1) in the "/Library/Preferences/com.apple.xsan" preference domain as an alternative to using configuration profiles. For example, to prevent mounting a StorNext volume named "shared-EX0123456789ab" using Distributed LAN Client you could use this command:

sudo defaults write /Library/Preferences/com.apple.xsan.plist denyDLC '(shared-EX0123456789ab)'

Although a Mac can have more than one Xsan preferences payload installed, you should avoid setting the same key in different payloads. If more than one payload defines the same key, the resulting behavior is undefined.

Any Xsan filesystem mount always uses Fibre Channel connections to its LUNs when LUNs are visible to that client, even if the client is configured to mount the volume using DLC. Setting the mount option to use DLC when LUNs are available using Fibre Channel means that Xsan initiates a connection to the Distributed LAN client/server at mount. It then terminates this connection soon after. If you have a large number of clients engaging in this behavior, it can negatively impact the server's ability to serve your clients.

Published Date: