Editing an Access Pool

These steps allow you to edit the management vault at the access pool level.

Procedure

  1. Click the Configure tab.
  2. In the left navigation panel, click Access Pools.
  3. Click the name of the Access Pool you want to configure to display the Access Pool page.
  4. Click Change to display the Editing: {Access Pool} page.
  5. If changes to the Access Pool are required:
    1. Change the name for Access Pool in the Name field.
    2. Change the description for Access Pool in the Description field.
    3. From the API Type drop-down menu, select the wanted programming interface:
      • Cloud Storage Object
      • Simple Object
      Note: When the system is in container mode, the Simple Object API Type, Protected Vaults, and Protected Objects are not supported.
      Note: Operations on Protected Vaults and Protected Objects are only supported via Cloud Object Storage.
    4. Check the check boxes in the Service Type list for the ports that should listen for requests on the Accesser® nodes in the Access Pool.
      Table 1. Service Type ports
      Port Secure Listening Service
      80 No HTTP port for specified API Type
      8080 No HTTP alternative port for specified API Type
      443 Yes Secure HTTPS port for specified API Type
      8443 Yes Secure HTTPS alternative port for specified API Type
      8337 No HTTP port for Service API
      8338 Yes HTTPS port for Service API
      8339 No HTTP port for Resource Configuration API
      8340 Yes HTTPS port for Resource Configuration API
      Note: By default all the ports for the specified API Type are checked. The Service API ports are not checked by default as it is usually not necessary to open the Service API on all access pools. However, Service API port 8338 must be open if the access pool is being used for file system vaults.

      The Service API is used to create or configure storage accounts and is normally used by storage-as-a-service portals. You must deploy a container vault to the access pool before you can use the Service API. Accounts that use the Service API must have the Service Account role.

      Attention: At least one service must remained checked to maintain I/O operations to the attached Vaults and Accesser nodes.
    5. Specify the S3 Virtual Host Suffix if virtual host styled addressing is wanted.
      • Cloud Storage Object must be selected from the API Type drop-down menu.
      • Vaults must have DNS-compliant names.
      • The provided name must also be set up in the DNS servers to route to Accesser nodes that are part of this access pool.
    6. If Static Website Hosting is wanted, specify the Static Website Virtual Host Suffix.
      • Static Website Hosting must be enabled on one or more vaults.
      • Vaults must have DNS-compliant names.
    7. Specify any required Additional Subject Alternative Names, which need to be added into the Accesser nodes certificates.
      By default, the certificates include the devices host name and IPs. If the External PKI feature is being used, this subject alternative name is added to the CSR.
    8. If External PKI feature is being used and the certificate is being signed by an external certificate authority, it might not be possible to include the Accesser node IPs in the certificate. In this case, clear Include default IPs in Subject Alternative Names to avoid failures when the certificate is loaded into the Manager Web Interface.
    9. If container mode is enabled, a Default Container Vault drop-down appears. Any deployed container vault can be selected. In which case, if a LocationConstraint is not specified during a PUT bucket request, Accessers in this access pool creates the container in this container vault. If no default container vault is selected, the LocationConstraint is a required parameter in the PUT bucket request.
    10. Under the Access Devices heading, check the check box to the left of each Accesser node from the available list that should be added to the Access Pool.

      Click the Select All link to add all of the Accesser nodes.

    11. In the Deployment section, there are four filters to limit the display of vaults to select:
      • Storage Pool
      • Item Type
      • Tag
      • Text Search
  6. Check or clear the check box to the left of each vault to be deployed or removed from the Deployment list.
    Note:
    • Click the Select All link to select all Vaults.
    • Click a vault, hold down the Shift key, then click another vault farther down the list to select a range of Vaults.
  7. If Detailed System Advanced Configuration has been enabled in the Settings > Support > Advanced configuration page, an Advanced Configuration Options box is displayed.
    CAUTION:
    Contact IBM Support to set Advanced Configuration Options.
  8. The Submit Confirmation dialog box displays if:
    • Accesser nodes were added or removed.
    • Vaults or Vault Mirrors were added or removed.

    The dialog box shows the count of vaults and mirrors that are deployed or removed.