asked on
CHAP on storage/ESX hosts
I'm about to set mutual CHAP authentication up on my storage and then my ESXi hosts but was wondering if I can set it up on my storage first for both incoming and outgoing without blocking any new LUNs coming online? We won't be setting CHAP up on the ESXi hosts until later.
My other question was since all our LUNs are already connected, will a temporary disconnect of storage reconnect them using CHAP or does CHAP initiate only for new LUNs?
Thanks
My other question was since all our LUNs are already connected, will a temporary disconnect of storage reconnect them using CHAP or does CHAP initiate only for new LUNs?
Thanks
StorageVMware
Last Comment
snyderkv
thanks for the update.
ASKER CERTIFIED SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
1. No VMs using datastore
2. Remove datastore
3. Remove LUNs from all hosts
4. Enable CHAP
5. Reconfigure ESXi with Chap
6. Reconnect LUNs
7. Recreate datastores
Otherwise LUNs will disconnect datastores will become inassessible and turn into a mess and can cause iSCSI to retry causing host to spin out of control with high CPU polling