Table of Contents

Overview

Hi all – Welcome to my channel, I’m Alex Hubbard, I’m a Senior System Administrator and Cybersecurity Engineer. I have over 15 years of experience in the IT field. If you’re new to the channel, please subscribe below. If you’ve been here before, welcome back. Be sure to check out my Instagram @ach_sysadmin.

 

Today we are going to take a look how to setup a Synology NAS as shared storage for a VMware vCenter cluster. My goal is to provide a full guide on how to set this configuration up in your homelab. These steps should work on just about any Synology that supports iSCSI. Hold on because this is going to be a rather…lengthy…tutorial. I will have a full write up over at my blog site, achubbard.com.

 

To give you a little background on my environment, I have 2 Dell hosts and a Synology RS1619xs+ NAS. My network stack is fully Ubiquiti Unifi. I have 2 Ubiquiti 10Gb switches providing the backbone for my storage network. 

Additionally, I’ve provided this article in PDF format  if you want to follow along in your lab. Click the “Download Article” button to open the PDF.

Download Article

Instructional Video

Network Topology

Let’s start off with looking at the layout of my storage network. This Visio diagram shows how both of my hosts and my Synology RS1619xs+ are connected. I find it helpful, when I am building out a network, to see how it is laid out physically. Each host has a 2-port Intel X520-DA2 10Gb NIC. The Synology has a 2-port Synology branded 10Gb NIC.

As I stated above, I have 2 Ubiquiti Unifi 10Gb switches. My 2 hosts and my Synology each connect 1 of their NICs to each switch. I have 2 VLANs for my storage network, VLAN100 and VLAN101. Each system has 1 connection VLAN100 and 1 connection VLAN101. Way overkill for a home network, I know.

 

It should be noted that I have chosen the below subnets (IP Ranges) for my storage network. You can use anything you’d like, but this is what I decided upon. I do not have DHCP configured on these networks, so you will need to assign static IPs.

Subnets:

VLAN100 – 10.10.100.x/24

VLAN101 – 10.10.101.x/24

UniFi Network Configuration

Login to your Unifi controller. In my case, I am logged into my UDM-Pro and am running the classic interface. Keep in mind, there are some difference between the current interface and the classic one. That is another conversation for another day. We need to create our storage VLANs.

Create VLANs 100 and 101

Navigate to Settings > Networks and click on the “Create New Network” button at the bottom.

Give your VLAN a name. I opted for “iSCSI-100” – it is set to “VLAN Only” and has a VLAN number of 100. You can call this whatever you’d like.

Repeat these steps for VLAN101.

Enable Jumbo Frames on both 10GB Switches

Next, we need to enable Jumbo Frames on both of our Ubiquiti 10Gb switches. A jumbo frame has a payload that is greater than 1,500 bytes, which is the standard MTU or Maximum Transmission Unit. Since we will be configuring our MTU to be 9,000 bytes across our 10Gb storage network, we need to enable this.

Go to Devices within your Unifi controller. Find your 10Gb switch(es). Click on either one.

Once in the configuration panel of your 10Gb switch, move to the settings button (1) and expand the “Services” tab. Enable Jumbo Frames (2).

You will need to enable Jumbo Frames on both switches. Repeat this for both 10Gb switches.

Configure Port Settings

On my first 10Gb switch, ACH-SW-10GB-1, I am using the first 3 ports for my iSCSI connections. I have configured each of the 3 ports (1 for ESX01, 1 for ESX02, 1 for SAN) that I am using to be on VLAN100. From Devices in your controller, find your first 10Gb switch. Click it. Navigate to the ports tab. Click the blue pencil edit button.

Give the port a name, this will help you distinguish it later on. Select your Switch Port Profile to be your VLAN that you created above. In this case, it will be iSCSI-100, which is my VLAN100.

Repeat this for the other 2 ports.

On my second switch, ACH-SW-10GB-2, the process is exactly the same, with the exception of the VLAN. We will set each port to use the Switch Port Profile of iSCSI-101, or VLAN101.

Go back to devices, find your second switch, select the ports menu. Find your port and hit the blue pencil edit button next to it. Name your port and set it’s Switch Port Profile to iSCSI-101.

Repeat these steps for each of the ports you will be using on your second switch.

Synology Network Configuration

Now that we have our VLANs and switch ports configured, let’s take a look at our Synology DS1619xs+. Login to the administrative interface, find the Control Panel icon and click it.

Click on the Network Icon within Control Panel.

Select Network Interface to display your network connections. On my Synology DS1619xs+, I have a 2-Port 10Gb NIC installed. It shows in DSM as LAN 5 and LAN 6. This is what we will use for our iSCSI traffic.

Start with LAN 5, highlight it by clicking on it. Hit the edit button. Assign it the IP information for VLAN100 indicated below. Click ok when you are finished populating the fields.

LAN 5 IP Information:

IP Address: 10.10.100.170

Subnet Mask: 255.255.255.0

Gateway: 10.10.100.1

DNS: 10.10.100.1 (Not really needed in this situation)

Additionally, you need to check off the box “Set MTU value manually” and assign it a value of 9000.

Repeat the above steps for LAN 6, they are identical, with the exception of the IP information. Populate LAN6’s fields and click ok.

 

LAN 6 IP Information:

IP Address: 10.10.101.180

Subnet Mask: 255.255.255.0

Gateway: 10.10.101.1

DNS: 10.10.101.1 (Not really needed in this situation)

Additionally, you need to check off the box “Set MTU value manually” and assign it a value of 9000.

Synology Storage Manager Configuration

Jump out of the networking section of your Synology and locate the Storage Manager icon. Click it. We need to create a storage pool and volume.

Since this is a new SAN and has nothing on it, we will need to run through the initial setup wizard. This requires us to create a storage pool, and then a volume. We need to do this prior to configuring our LUN or iSCSI target. Click the start button.

Presently I only have 2x 16TB Seagate Exos drives in my Synology RS1619xs+, as such, I am going to select the RAID type to be RAID 1. This is a mirrored array. Friendly reminder that RAID is not a backup. Give your storage pool a description. Click the next button.

Add the available drives to the storage pool array by dragging them from the left to the right. Then click the next button.

It should look like this when you are done. Click the next button again.

For this tutorial, I am going to skip the drive check as these drives brand new, and I’ve already run through this several times as I’ve taken screen shots and video. You may wish to have your Synology check your drives depending on your situation. Make your selection and hit the next button.

You can enter the allocated size of the volume. I opted to hit the max button to use the full capacity. Give your volume a description and then hit the next button.

You’ll want to select your file system. I am leaving it at the default of Btrfs. Do your homework on what file system will work best for your environment.

Confirm your settings and hit the apply button.

Note – when you create your storage pool and volume, any data on it will be wiped. You have been warned. 

At this point we’ve successfully created a storage pool and a volume. We can now move to the SAN Manager and create our target and LUN.

Synology SAN Manager Configuration

Find the SAN Manager icon on your Synology and click it.

If this is your first time opening the SAN Manager, you may see the help menu. Check off “Do not show this message again” and click ok

Click on LUN and then click the button Create.

Give your LUN a name and description. Select the volume on which your LUN will reside, it’s size and space allocation. Check the box for space reclamation and hit next.

Select iSCSI and choose the target you will use. Click next.

For now, select “Allow All” – we will come back later to configure permissions and tighten things up.

You will now see the summary of the changes that we’ve made. Click the done button.

You’ve now created your LUN.

Click on the Edit button.

Check off both “Enable CHAP” and “Enable Mutual CHAP” – Give each one a name and password

Move over to the Advanced tab. Check off the box “Allow multiple sessions from one or more iSCSI initiators” – this will allow you to present this LUN to both of your ESXi hosts.

Moving over to the Network Binding tab, check off the NICs that you will be using to present this LUN to Vmware. Click the Save button. You want to make sure it is limited to just your 10Gb NICs (if that is what you are using) – otherwise your Synology will use any of the available links.

VMware Network Configuration

ACH-ESX01 - Network Configuration

Login to your vCenter appliance. Select your first host. In my lab, I am using ACH-ESX01.

You’ll need to duplicate these steps on your second host.

 

ACH-ESX01 – iSCSI01 IP: 10.10.100.162

ACH-ESX01 – iSCSI02 IP: 10.10.101.163

 

ACH-ESX02 – iSCSI01 IP: 10.10.100.152

ACH-ESX02 – iSCSI02 IP: 10.10.101.153

 

Navigate to the configure tab. Scroll down until you find the Virtual switches section. Then click on Add Networking.

Select Vmkernel Network Adapter and click next.

Select New Standard Switch. Set the MTU to 9000. Click next.

Click the + sign to add your physical network adapter to your virtual switch. We will select vmnic5 for iSCSI01. We will use vmnic4 when repeating these steps for iSCSI02.

Select your network card. Click ok.

Click next.

Give your Vmkernel a label. I am labeling this one as iSCSI01. Click next.

Enter the IP information for iSCSI01 and click next. You can ignore the default gateway and DNS settings for this tutorial.

 

IP Information:

ACH-ESX01 – iSCSI01 IP: 10.10.100.162

ACH-ESX01 – iSCSI02 IP: 10.10.101.163

 

ACH-ESX02 – iSCSI01 IP: 10.10.100.152

ACH-ESX02 – iSCSI02 IP: 10.10.101.153

Verify your settings. You’re creating a new virtual switch called vSwitch1 (we’ll rename this later) and it is using physical NIC, vmnic5. It’s MTU is set to 9000. A new port group, iSCSI01, will be created. The port group will have an IP of 10.10.100.162. If you’re satisfied with your settings, click the finish button.

ACH-ESX01 - iSCSI1 Summary

ACH-ESX01 - iSCSI2 Summary

Repeat the above steps with these settings.

ACH-ESX02 - iSCSI01 Summary

ACH-ESX02 - iSCSI02 Summary

Renaming Virtual Switches - *OPTIONAL STEP*

If you pull the drop down, you’ll see our 2 new switches, vSwitch1 and vSwitch2. You can leave them as is, or, if you’re like me, and that general name drives you crazy, we can rename them. One thing you should note, if you are doing this right on ESXi, you can name these switches. But when building this out in vCenter, it doesn’t let you name the switch. To try and reduce the length of this tutorial, I am only showing how to rename vSwitch1 and vSwitch2 on ACH-ESX01. The process is identical for ACH-ESX02.

Open up PuTTY and SSH to your host.

Run the command:

configstorecli config current get -c esx -g network_vss -k switches > achswitches.json

This will create a json file. You can then use WinSCP to grab the file. Open up WinSCP and connect to your host.

Locate the file named: achswitches.json and copy that to your desktop.

Open the .json file in Notepad++, locate your vSwitch1 and vSwitch2. These are our iSCSI vSwitches.

 

vSwitch1 = iSCSI-SW01

vSwitch2 = iSCSI-SW02

Rename the switches and save the file. Copy it back to your ESXi host with WinSCP.

Jump back into your PuTTY session. Run the following command:

configstorecli config current set -c esx -g network_vss -k switches -i achswitches.json –overwrite

This will update the swi>tch names. You can check this by running:

configstorecli config current get -c esx -g network_vss -k switches

Look at the output, it should reflect the changes that you made. You should now see iSCSI-SW01 and iSCSI-SW02. *You will need to reboot your host for these changes to take effect and for you to see them in the vCenter web GUI*

If you can, go ahead and reboot your host and verify the changes in vCenter.

Testing iSCSI Network Connectivity

Since we’ve gotten the network portion of our configuration up, we should probably test and verify that it is working. You’ll need PuTTY for this. Your hosts should have SSH enabled.

Do this on both hosts. Go to Configure > Services > SSH and click the Start button.

Open a PuTTY session to each host. Run the following command:

 

Ping 10.10.100.170

 

This will test the connectivity between both hosts and LAN5 on our Synology.

Now, run the same command, but this time use LAN6’s IP:

Ping 10.10.101.180

We can take it one step further and run a similar check from our Synology. We will also need to enable SSH on that box as well. Login to the management interface of your Synology. Open Control Panel > Terminal & SNMP.

 

Check off the box “Enable SSH service” and click apply.

Open PuTTY and connect to the management interface of your Synology and login.

Let’s test the connection to ACH-ESX01 first.

 

Run the commands:

Sudo ping 10.10.100.162

Sudo ping 10.10.101.163

Finally, let’s test the connection to ACH-ESX02.

 

Run the commands:

Sudo ping 10.10.100.152

Sudo ping 10.10.101.153

We’ve proved out our network connections and that they’re functioning. We can now start to configure our iSCSI connections on our hosts.

VMware iSCSI Configuration

We are getting close to the end of our journey here. We’ve got to add an iSCSI adapter to our hosts so that we can create a new datastore. Navigate to Storage Adapters, click Add Software Adapter and then click Add iSCSI Adapter.

*Note this procedure is the same for your second host, ACH-ESX02*

Click Ok.

You will see a new adapter listed under storage adapters.

Select our new adapter, vmhba64. Select the Static Discovery tab and click on the Add button.

This is where we will add the two targets to our Synology.

*Note* – The iSCSI target name can be obtained by logging into your Synology, opening the SAN Manager application, click on iSCSI. Find the “Copy IQN” link. You will paste that into both iSCSI targets.

Fill out the pertinent information:

1.  The iSCSI Server IP is the IP of LAN 5 on my Synology, 10.10.100.170
2.  iSCSI Target Server Name – this is the IQN link we copied above. Paste it here.
3.  Uncheck “Inherit authentication settings from parent”
4.  Set the Authentication Method to “Use bidirectional CHAP” (This requires both the SAN and the Host  to   authentication against each other)
5.  Enter the CHAP name and password
6.  Enter the Mutual CHAP name and password
7.  Click OK

Fill out the pertinent information:

1.  The iSCSI Server IP is the IP of LAN 5 on my Synology, 10.10.101.180
2.  iSCSI Target Server Name – this is the IQN link we copied above. Paste it here.
3.  Uncheck “Inherit authentication settings from parent”
4.  Set the Authentication Method to “Use bidirectional CHAP” (This requires both the SAN and the Host  to   authentication against each other)
5.  Enter the CHAP name and password
6.  Enter the Mutual CHAP name and password
7.  Click OK

Under Static Discovery, you should now see both entries that you created.

Click on the Network Port Binding tab and click on the Add button.

Select both of your 10Gb NICs/vSwitches/Port Groups and click ok.

You will see the path status as Not Used, this will change shortly.

Move over to the Advanced Options tab and click Edit.

Find the following values and set them accordingly:

LoginTimeOut = 60

DelayedAck = Unchecked (Disabled)

Click Ok.

Rescan the storage adapter after you’ve made the changes.

You will see that the Path Status is now set as Active.

After rescanning your adapter, if you move over to the Storage Devices menu, you should see your Synology iSCSI Disk. We can work on create a datastore.

Creating Your Datastore

We have to create the datastore on one host, then it will be presented to both hosts. I will use ACH-ESX01 to create the datastore. In the actions menu at the top, to the right of your hostname, click it and find the Storage menu. Click New Datastore to run through the datastore wizard.

Select VMFS and click Next.

Give your datastore a name. Keeping with my naming schemes, I am going with ACH-SAN-DS01. Select the Synology iSCSI Disk and click next.

Select VMFS 6 and hit next.

I am going to use all of the available space for this Datastore. If you were going to split it up, this is where you would do so. Adjust the size of your Datastore and hit the next button.

Just like in the vSwitch section, VMware doesn’t give you the option to name your Datastore. Take a look at the summary page and verify your settings are correct. Hit the finish button.

You’ll now see your brand new Datastore and can begin using it if you’d like.

Renaming Your Datastore

We will take a quick look at renaming your Datastore. I want mine to match the naming scheme of my other Datastores. In vCenter, select the Datastore icon. Right click on your new Datastore and hit the Rename button.

Enter the name you want to rename your Datastore too. In my case, I will call it ACH-SAN-DS01. I like to be able to look at an object and know what it is. Click the ok button.

Your Datastore should now show its new name.

At this point, ACH-ESX01 should see your new datastore and be able to use it. You can migrate or create VMs on it. Let’s add our new datastore to ACH-ESX02.

In vCenter, select host ACH-ESX02. Click on Configure and go to Storage Devices. You MAY need to hit the Refresh button in order to see the Synology iSCSI Disk.

Now, if you move over to the Datastores tab, you should see the Datastore, ACH-SAN-DS01, that we created above. Now both hosts can see and use the Datastore.

Synology Hosts Configuration

At this point, your setup is functioning. You can use it as it is. But I want to take a little further. Let’s tighten up our configuration. This will allow only the configured hosts access to the SAN. Within the SAN Manager, click on Host and then Add.

Click Start.

Enter the name of the host and a description. I will start with ACH-ESX01. Leave the operating system as Vmware ESXi and the protocol as iSCSI. Check off one of your initiators. Click next.

Set the LUN permissions as Read/Write and click next.

Confirm your settings and click done.

Repeat this process for ACH-ESX02. Click the Add button and run through the above steps to add ACH-ESX02.

ACH-ESX02 Synology Host Summary

You should now see the hosts (ACH-ESX01 and ACH-ESX02) that you just added in the host section of your Synology.

Still in SAN Manager, click the LUN button on the left hand side. You should notice under the permission section it is currently set to allow all. This will allow any initiator to communicate with the LUN. We want to lock it down so that only our hosts can connect to it. Click the edit button.

Go to the Permission tab. Again, you will see that it is set to Allow all.

Switch Allow all to Custom. Set both hosts permission to Read/Write. Click Save.

You will receive a warning message. Press yes or no accordingly.

Looking at the LUN section of the SAN Manager, you can now see under the permission section that only ACH-ESX01 has access to this LUN.

If you go to the iSCSI tab in the left hand column, under Service Status, you should see both of your hosts listed.

Summary

In summary, I hope this guide helps you get shared storage with your Synology and VMware cluster setup in your environment. If you liked this video, please consider subscribing and liking it below. You can follow along in two places, on Instagram @ach_sysadmin and on my blog site, achubbard.com where I will have a full write up on the project. Thanks for watching and I will see you in the next video.

 

Amazon affilifate links are used throughout this article. These links help support the blog and the channel.