Monitoring IBM Storage Virtualize for Public Cloud with on-premises data collection (Site to Site VPN IPsec)

You can connect and monitor IBM Storage Virtualize for Public Cloud storage with IBM Spectrum Control by using the site-to-site virtual private network (VPN) IPSec tunnel that exists between the on-premises environment and the IBM Storage Virtualize for Public Cloud instances.

About this task

The VPN IPSec site-to-site tunnel is a secure communication network between the cloud infrastructure and the on-premises environment. Network communication between the private subnets is controlled by the access control list (ACL) that is populated when you create the VPN IPSec site-to-site tunnel.

Typically, a bi-directional, IPsec site-to-site tunnel is limited to the subnets that contain the following IP addresses:
  • On-premises IBM Storage Virtualize cluster and replication target
  • Cloud-based IBM Storage Virtualize for Public Cloud cluster and replication target

To use the IPsec site-to-site tunnel for communication between IBM Spectrum Control and IBM Storage Virtualize for Public Cloud, you must include the IP addresses of your IBM Spectrum® Control servers (or the subnet in which they reside) in the tunnel definition as one of the on-premises endpoints.

For example, in the AWS Management Console, you can define the following:
  • The external (internet-routable) IP address of the on-premises IPsec tunnel endpoint.
  • The subnet / IP addresses for the on-premises IBM Spectrum Controlservers, IBM Storage Virtualize cluster, and replication target that will communicate through the tunnel.
  • The IP addresses of the IBM Storage Virtualize for Public Cloud cluster and replication target in AWS that will communicate through the tunnel.
When defined, you can export a configuration file that can be used in different IPsec VPN devices, such as Vyatta and Juniper (Junos VPN Site Secure).

Contact your network and firewall administrators to help set up this communication between IBM Spectrum Control and IBM Storage Virtualize for Public Cloud.

Procedure

After configuring the connection between IBM Storage Virtualize for Public Cloud and IBM Spectrum Control, add the storage system for monitoring by completing the following steps:

  1. In IBM Spectrum Control, go to Storage > Block Storage Systems.
  2. Click Add Storage Systems.
  3. Click the SVC or Storage Virtualize icon.
  4. Specify the IP address and authentication credentials for the IBM Storage Virtualize for Public Cloud instance that you want to monitor.
  5. Click Connect.

Results

The storage system is added for monitoring and is automatically added to the default alert policy for the storage system type. Data collection is automatically run to collect status, configuration, capacity, and performance metadata about the storage system.

What to do next

By default, asset, capacity, and configuration metadata is aggregated and collected daily. Performance metadata is collected every 5 minutes. You can schedule daily capacity and inventory reports to gain insights about your IBM Storage Virtualize for Public Cloud storage systems.