Veritas Storage Foundationâ„¢ Scalable File Server Administrator's
Transcript of Veritas Storage Foundationâ„¢ Scalable File Server Administrator's
Veritas Storage Foundation™Scalable File ServerAdministrator's Guide
5.5
Veritas Storage Foundation Scalable File ServerAdministrator’s Guide
The software described in this book is furnished under a license agreement and may be usedonly in accordance with the terms of the agreement.
Documentation version 5.5.1
Legal NoticeCopyright © 2009 Symantec Corporation. All rights reserved.
Symantec, the Symantec Logo are trademarks or registered trademarks of SymantecCorporation or its affiliates in the U.S. and other countries. Other names may be trademarksof their respective owners.
This Symantec product may contain third party software for which Symantec is requiredto provide attribution to the third party (“Third Party Programs”). Some of the Third PartyPrograms are available under open source or free software licenses. The License Agreementaccompanying the Software does not alter any rights or obligations you may have underthose open source or free software licenses. Please see the Third Party Legal Notice Appendixto this Documentation or TPIP ReadMe File accompanying this Symantec product for moreinformation on the Third Party Programs.
The product described in this document is distributed under licenses restricting its use,copying, distribution, and decompilation/reverse engineering. No part of this documentmay be reproduced in any form by any means without prior written authorization ofSymantec Corporation and its licensors, if any.
THE DOCUMENTATION IS PROVIDED "AS IS" AND ALL EXPRESS OR IMPLIED CONDITIONS,REPRESENTATIONS AND WARRANTIES, INCLUDING ANY IMPLIED WARRANTY OFMERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT,ARE DISCLAIMED, EXCEPT TO THE EXTENT THAT SUCH DISCLAIMERS ARE HELD TOBE LEGALLY INVALID. SYMANTEC CORPORATION SHALL NOT BE LIABLE FOR INCIDENTALOR CONSEQUENTIAL DAMAGES IN CONNECTION WITH THE FURNISHING,PERFORMANCE, OR USE OF THIS DOCUMENTATION. THE INFORMATION CONTAINEDIN THIS DOCUMENTATION IS SUBJECT TO CHANGE WITHOUT NOTICE.
The Licensed Software and Documentation are deemed to be commercial computer softwareas defined in FAR 12.212 and subject to restricted rights as defined in FAR Section 52.227-19"Commercial Computer Software - Restricted Rights" and DFARS 227.7202, "Rights inCommercial Computer Software or Commercial Computer Software Documentation", asapplicable, and any successor regulations. Any use, modification, reproduction release,performance, display or disclosure of the Licensed Software and Documentation by the U.S.Government shall be solely in accordance with the terms of this Agreement.
Symantec Corporation350 Ellis StreetMountain View, CA 94043
http://www.symantec.com
Technical SupportSymantec Technical Support maintains support centers globally. TechnicalSupport’s primary role is to respond to specific queries about product featuresand functionality. The Technical Support group also creates content for our onlineKnowledge Base. The Technical Support group works collaboratively with theother functional areas within Symantec to answer your questions in a timelyfashion. For example, the Technical Support group works with Product Engineeringand Symantec Security Response to provide alerting services and virus definitionupdates.
Symantec’s maintenance offerings include the following:
■ A range of support options that give you the flexibility to select the rightamount of service for any size organization
■ Telephone and Web-based support that provides rapid response andup-to-the-minute information
■ Upgrade assurance that delivers automatic software upgrade protection
■ Global support that is available 24 hours a day, 7 days a week
■ Advanced features, including Account Management Services
For information about Symantec’s Maintenance Programs, you can visit our Website at the following URL:
www.symantec.com/techsupp/
Contacting Technical SupportCustomers with a current maintenance agreement may access Technical Supportinformation at the following URL:
www.symantec.com/techsupp/
Before contacting Technical Support, make sure you have satisfied the systemrequirements that are listed in your product documentation. Also, you should beat the computer on which the problem occurred, in case it is necessary to replicatethe problem.
When you contact Technical Support, please have the following informationavailable:
■ Product release level
■ Hardware information
■ Available memory, disk space, and NIC information
■ Operating system
■ Version and patch level
■ Network topology
■ Router, gateway, and IP address information
■ Problem description:
■ Error messages and log files
■ Troubleshooting that was performed before contacting Symantec
■ Recent software configuration changes and network changes
Licensing and registrationIf your Symantec product requires registration or a license key, access our technicalsupport Web page at the following URL:
www.symantec.com/techsupp/
Customer serviceCustomer service information is available at the following URL:
www.symantec.com/techsupp/
Customer Service is available to assist with the following types of issues:
■ Questions regarding product licensing or serialization
■ Product registration updates, such as address or name changes
■ General product information (features, language availability, local dealers)
■ Latest information about product updates and upgrades
■ Information about upgrade assurance and maintenance contracts
■ Information about the Symantec Buying Programs
■ Advice about Symantec's technical support options
■ Nontechnical presales questions
■ Issues that are related to CD-ROMs or manuals
Maintenance agreement resourcesIf you want to contact Symantec regarding an existing maintenance agreement,please contact the maintenance agreement administration team for your regionas follows:
[email protected] and Japan
[email protected], Middle-East, and Africa
[email protected] America and Latin America
Additional enterprise servicesSymantec offers a comprehensive set of services that allow you to maximize yourinvestment in Symantec products and to develop your knowledge, expertise, andglobal insight, which enable you to manage your business risks proactively.
Enterprise services that are available include the following:
These solutions provide early warning of cyber attacks, comprehensive threatanalysis, and countermeasures to prevent attacks before they occur.
Symantec Early Warning Solutions
These services remove the burden of managing and monitoring security devicesand events, ensuring rapid response to real threats.
Managed Security Services
Symantec Consulting Services provide on-site technical expertise fromSymantec and its trusted partners. Symantec Consulting Services offer a varietyof prepackaged and customizable options that include assessment, design,implementation, monitoring, and management capabilities. Each is focused onestablishing and maintaining the integrity and availability of your IT resources.
Consulting Services
Educational Services provide a full array of technical training, securityeducation, security certification, and awareness communication programs.
Educational Services
To access more information about Enterprise services, please visit our Web siteat the following URL:
www.symantec.com
Select your country or language from the site index.
Technical Support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
Chapter 1 Introducing the Veritas Storage FoundationScalable File Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
About Storage Foundation Scalable File Server ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15About the core strengths of SFS .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16About SFS features ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
Simple installation .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17Administration .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17Scalable NFS .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18NFS Lock Management (NLM) .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18Active/Active CIFS .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18Storage tiering .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18
SFS key benefits and other applications .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19High performance scaling and seamless growth .... . . . . . . . . . . . . . . . . . . . . . . . 19High availability ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20Consolidating and reducing costs of storage .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20Enabling scale-out compute clusters and heterogeneous sharing
of data ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
Chapter 2 Creating users based on roles . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
About user roles and privileges ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23About the naming requirements for adding new users ... . . . . . . . . . . . . . . . . . . . . . 24About using the SFS command-line interface ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25Logging in to the SFS CLI ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25About accessing the online man pages ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30About creating Master, System Administrator, and Storage
Administrator users ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32Creating Master, System Administrator, and Storage
Administrator users ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33About the support user ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35
Configuring the support user account ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36Displaying the command history .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37
Contents
Chapter 3 Displaying and adding nodes to a cluster . . . . . . . . . . . . . . . . . . . . . . 39
About the cluster commands .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39Displaying the nodes in the cluster ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40About adding a new node to the cluster ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43Installing the SFS software onto a new node .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43Adding a node to the cluster ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44Deleting a node from the cluster ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45Shutting down the cluster nodes ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 47Rebooting the nodes in the cluster ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 47
Chapter 4 Configuring SFS network settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49
About network mode commands .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 50Displaying the network configuration and statistics ... . . . . . . . . . . . . . . . . . . . . . . . . 51About bonding Ethernet interfaces ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52
Bonding Ethernet interfaces ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 53About DNS .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 54
Configuring DNS settings ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 56About IP commands .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 58About configuring IP addresses ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 58
Configuring IP addresses ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 60About configuring Ethernet interfaces ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 64
Configuring Ethernet interfaces ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 65About configuring routing tables ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 67
Configuring routing tables ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 69About LDAP .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 72Before configuring LDAP settings ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 72About configuring LDAP server settings ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 73
Configuring LDAP server settings ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 75About administering SFS cluster's LDAP client ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 79
Administering the SFS cluster's LDAP client ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . 80About NIS .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 81
Configuring the NIS-related commands .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 82About NSS .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 84
Configuring NSS lookup order ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 84About VLAN .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 85
Configuring VLAN .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 86
Chapter 5 Configuring your NFS server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 89
About NFS server commands .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 89Accessing the NFS server ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 90Displaying NFS statistics ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 92
Contents8
Displaying file systems and snapshots that can be exported .... . . . . . . . 93
Chapter 6 Configuring storage . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 95
About storage provisioning and management ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 95About configuring storage pools ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 96
Configuring storage pools ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 99About configuring disks ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 101
Configuring disks ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 103About displaying information for all disk devices ... . . . . . . . . . . . . . . . . . . . . . . . . . . 105
Displaying information for all disk devices associated with nodesin a cluster ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 106
Increasing the storage capacity of a LUN .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 108Printing WWN information .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 109Initiating SFS host discovery of LUNs .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 110About I/O fencing .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 111
Configuring I/O fencing .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 113
Chapter 7 Creating and maintaining file systems . . . . . . . . . . . . . . . . . . . . . . . . 117
About creating and maintaining file systems .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 117Listing all file systems and associated information .... . . . . . . . . . . . . . . . . . . . . . . . 120About creating file systems .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 120
Creating a file system .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 121Adding or removing a mirror to a file system .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 124Configuring FastResync for a file system .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 126Disabling the FastResync option for a file system .... . . . . . . . . . . . . . . . . . . . . . . . . . 127Increasing the size of a file system .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 127Decreasing the size of a file system .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 129Checking and repairing a file system .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 130Changing the status of a file system .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 131Destroying a file system .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 133About snapshots ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 133
Configuring snapshots ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 134About snapshot schedules ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 138
Configuring snapshot schedules ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 140
Chapter 8 Creating and maintaining NFS shares . . . . . . . . . . . . . . . . . . . . . . . . . 143
About NFS file sharing .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 143Displaying exported file systems .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 144Adding an NFS share .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 145Sharing file systems using CIFS and NFS protocols ... . . . . . . . . . . . . . . . . . . 148Unexporting a file system or deleting NFS options .... . . . . . . . . . . . . . . . . . . 151
9Contents
Chapter 9 Using SFS as a CIFS server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 153
About configuring SFS for CIFS .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 154About configuring CIFS for standalone mode .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 155
Configuring CIFS server status for standalone mode .... . . . . . . . . . . . . . . . 156About configuring CIFS for NT domain mode .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 159
Configuring CIFS for the NT domain mode .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . 160About leaving an NT domain .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 163Changing NT domain settings ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 163Changing security settings ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 165Changing security settings after the CIFS server is stopped .... . . . . . . . . . . . . 165About configuring CIFS for AD domain mode .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 165
Configuring CIFS for the AD domain mode .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . 167Leaving an AD domain .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 170Changing domain settings for AD domain mode .... . . . . . . . . . . . . . . . . . . . . . . . . . . . 171Removing the AD interface ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 173About setting NTLM ..... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 173
Setting NTLM ..... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 175About setting trusted domains .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 176
Setting AD trusted domains .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 176About storing account information .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 177
Storing user and group accounts ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 179About reconfiguring the CIFS service ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 180
Reconfiguring the CIFS service ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 181About managing CIFS shares ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 183
Setting share properties ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 184Sharing file systems using CIFS and NFS protocols ... . . . . . . . . . . . . . . . . . . . . . . . . 188About SFS cluster and load balancing .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 191
Splitting a share ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 192About managing home directories ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 194
Setting the home directory file systems .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 195Enabling quotas on home directory file systems .... . . . . . . . . . . . . . . . . . . . . . 196Setting up home directories and use of quotas ... . . . . . . . . . . . . . . . . . . . . . . . . 197Displaying home directory usage information .... . . . . . . . . . . . . . . . . . . . . . . . . 199Deleting home directories and disabling creation of home
directories ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 200About managing local users and groups .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 201
Creating a local CIFS user ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 202About configuring local groups .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 204
Configuring a local group .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 205
Contents10
Chapter 10 Using FTP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 207
About FTP .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 207Displaying FTP server ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 208About FTP server commands .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 208
Using the FTP server commands .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 209About FTP set commands .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 210
Using the set commands .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 213About FTP session commands .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 216
Using the FTP session commands .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 217Using the logupload command .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 219
Chapter 11 Configuring event notifications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 221
About configuring event notifications .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 221About severity levels and filters ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 222About email groups .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 223
Configuring an email group .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 225About syslog event logging .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 229
Configuring a syslog server ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 230Displaying events ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 231About SNMP notifications .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 232
Configuring an SNMP management server ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 233Configuring events for event reporting .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 236Exporting events in syslog format to a given URL .... . . . . . . . . . . . . . . . . . . . . . . . . . 237
Chapter 12 Configuring backup . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 239
About backup .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 239Configuring backups using NetBackup or other third-party backup
applications .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 240About NetBackup .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 241Adding a NetBackup master server to work with SFS .... . . . . . . . . . . . . . . . . . . . . 243Configuring or changing the virtual IP address used by NetBackup
and NDMP data server installation .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 244Configuring the virtual name of NetBackup .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 245About Network Data Management Protocol ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 246About NDMP supported configurations .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 247About the NDMP policies ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 249
Configuring the NDMP policies ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 250Displaying all NDMP policies ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 255About retrieving the NDMP data .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 255
Retrieving the NDMP data .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 257Restoring the default NDMP policies ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 259
11Contents
About backup configurations .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 259Configuring backup .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 260
Chapter 13 Configuring SFS Dynamic Storage Tiering . . . . . . . . . . . . . . . . . . . 263
About SFS Dynamic Storage Tiering (DST) ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 263How SFS uses Dynamic Storage Tiering .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 266About policies ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 267About adding tiers to file systems .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 268
Adding tiers to a file system .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 268Removing a tier from a file system .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 270About configuring a mirror on the tier of a file system .... . . . . . . . . . . . . . . . . . . 271
Configuring a mirror to a tier of a file system .... . . . . . . . . . . . . . . . . . . . . . . . . 271Listing all of the files on the specified tier ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 273Displaying a list of DST file systems .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 274Displaying the tier location of a specified file ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 274About configuring the policy of each tiered file system .... . . . . . . . . . . . . . . . . . . 274
Configuring the policy of each tiered file system .... . . . . . . . . . . . . . . . . . . . . 275Relocating a file or directory of a tiered file system .... . . . . . . . . . . . . . . . . . . . . . . . 277About configuring schedules for all tiered file systems .... . . . . . . . . . . . . . . . . . . 277
Configuring schedules for all tiered file systems .... . . . . . . . . . . . . . . . . . . . . . 279Displaying files that will be moved by running a policy ... . . . . . . . . . . . . . . . . . . . 280
Chapter 14 Configuring system information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 283
About system commands .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 283About setting the clock commands .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 284
Setting the clock commands .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 285About configuring the locally saved configuration files ... . . . . . . . . . . . . . . . . . . 288
Configuring the locally saved configuration files ... . . . . . . . . . . . . . . . . . . . . . 289Using the more command .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 292About coordinating cluster nodes to work with NTP servers ... . . . . . . . . . . . . 292
Coordinating cluster nodes to work with NTP servers ... . . . . . . . . . . . . . . . 293Displaying the system statistics ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 294Using the swap command .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 295About the option commands .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 296
Using the option commands .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 299
Chapter 15 Upgrading Storage Foundation Scalable FileServer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 305
About upgrading drivers ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 305Displaying the current version of SFS .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 307About installing patches ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 308
Contents12
Installing patches ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 310
Chapter 16 Troubleshooting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 313
About troubleshooting commands .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 313Retrieving and sending debugging information .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . 314About the iostat command .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 315
Generating CPU and device utilization reports ... . . . . . . . . . . . . . . . . . . . . . . . . 316About excluding the PCI ID prior to the SFS installation .... . . . . . . . . . . . . . . . . 317
Excluding the PCI IDs from the cluster ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 319Testing network connectivity ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 321About the services command .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 321
Using the services command .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 323Using the support login .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 325About network traffic details ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 325
Exporting and displaying the network traffic details ... . . . . . . . . . . . . . . . . 326Accessing processor activity ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 327Using the traceroute command .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 328
Glossary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 331
Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 335
13Contents
Contents14
Introducing the VeritasStorage FoundationScalable File Server
This chapter includes the following topics:
■ About Storage Foundation Scalable File Server
■ About the core strengths of SFS
■ About SFS features
■ SFS key benefits and other applications
About Storage Foundation Scalable File ServerStorage Foundation Scalable File Server (SFS) is a highly scalable and highlyavailable clustered Network Attached Storage (NAS) software appliance. It is basedon the Storage Foundation Cluster File System technology, and is a completesolution for multi-protocol file serving. SFS provides an open storage gatewaymodel, including a highly available and scalable Network File System (NFS), CIFSand FTP file serving platform and an easy-to-use administrative interface.
The product includes the following features:
■ Backup operations using both NDMP and/or the built-in NetBackup client
■ Active/Active CIFS, including integration with Active Directory operations
■ Global cluster administration through a single interface
■ Active/Active shared data NFS sharing including shared read/write andLDAP/NIS support
1Chapter
■ Simple administration of Fibre Channel Host Bus Adapters (HBAs), file systems,disks, snapshots, and Dynamic Storage Tiering (DST)
■ SNMP, syslog, and email notification
■ Seamless upgrade and patch management
■ Support information
■ Online man pages
■ Simple help
SFS provides sharing of NFS and CIFS file systems in a simple, highly scalable,and highly available manner.
The components of SFS include a security-hardened, custom-install SLES 10 SP2operating system, core Storage Foundation services including Cluster File System,and the SFS software platform. These components are provided on a single DVDor DVD ISO image.
About the core strengths of SFSSFS leverages all the capabilities and strengths of the Storage Foundation familyof products.
SFS contains all the key features of Storage Foundation Cluster File System 5.0MP3 including:
■ Dynamic Multipathing (DMP)
■ Cluster Volume Manager
■ Cluster File System (CFS)
■ Veritas Cluster Server (VCS)
■ Dynamic Storage Tiering (DST)
■ I/O Fencing
DMP provides Fibre Channel Host Bus Adapter load balancing policies and tightintegration with array vendors to provide in-depth failure detection and pathfailover logic. DMP is compatible with more hardware than any similar product.
Cluster Volume Manager provides a cluster-wide consistent virtualization layerthat leverages all the strengths of Veritas Volume Manager (VxVM) includingonline re-layout and resizing of volumes, and online array migrations. You canmirror your underlying SFS file systems across separate physical frames to ensuremaximum availability on the storage tier. This technique seamlessly adds orremoves new storage, whether single drives or entire arrays.
Introducing the Veritas Storage Foundation Scalable File ServerAbout the core strengths of SFS
16
Cluster File System complies with the Portable Operating System Interface (POSIX)standard. It also provides full cache consistency and global lock management ata file or sub-file level. CFS lets all nodes in the cluster perform metadata or datatransactions. This allows linear scalability in terms of NFS operations per second.
VCS monitors communication, and failover for all nodes in the cluster and theirassociated critical resources. This includes virtual IP addressing failover for allclient connections regardless of the client protocol.
DST dynamically and transparently moves files to different storage tiers to respondto changing business needs. DST is used in Storage Foundation Scalable File Serveras SFS Storage Tiering.
I/O fencing further helps to guarantee data integrity in the event of a multiplenetwork failure by using the SFS storage to ensure that cluster membership canbe determined correctly. This virtually eliminates the chance of a cluster split-brainfrom occurring.
About SFS featuresSFS has new features specific to being a clustered NAS product. A partial list ofthese features is discussed in the following sections.
Simple installationA single node in the cluster is booted from a DVD containing the operating systemimage, core Storage Foundation, and SFS modules. While the node boots, the othernodes are defined using IP addresses.
After you install SFS and the first node is up and running, the rest of the clusternodes are automatically installed with all necessary components. The key servicesare then automatically started to allow the cluster to begin discovering storageand creating file shares.
AdministrationSFS contains a role-based administration model consisting of the following keyroles:
■ Storage
■ Master
■ System
These roles are consistent with the operational roles in many data centers.
17Introducing the Veritas Storage Foundation Scalable File ServerAbout SFS features
For each role, the administrator uses a simple menu-driven text interface. Thisinterface provides a single point of administration for the entire cluster. A userlogs in as one of those roles on one of the nodes in the cluster and runs commandsthat perform the same tasks on all nodes in the cluster.
You do not need to have any knowledge of the Veritas Storage Foundationtechnology to install or administer an SFS cluster. If you are currently familiarwith core SFCFS or Storage Foundation in general, you will be familiar with thebasic management concepts.
Scalable NFSWith SFS, all nodes in the cluster can serve the same NFS shares as both read andwrite. This creates very high aggregated throughput rates, because you can usesum of the bandwidth of all nodes. Cache-coherency is maintained throughoutthe cluster.
NFS Lock Management (NLM)The NFS Lock Management (NLM) module allows a customer to use NFS advisoryclient locking in parallel with core SFCFS global lock management. The moduleconsists of failing over the locks among SFS nodes as well as forwarding all NFSclient lock requests to a single NFS lock master.
The result is that no data corruption occurs if a user or application needs to useNFS client locking with an SFS cluster.
Active/Active CIFSCIFS is active on all nodes within the SFS cluster. The specific shares are read/writeon the node they reside on, but can failover to any other node in the cluster. SFSsupports CIFS home directory shares.
Storage tieringSFS's built-in Dynamic Storage Tiering (DST) feature can reduce the cost of storageby moving data to lower cost storage. SFS storage tiering also facilitates the movingof data between different drive architectures.
DST lets you do the following:
■ Create each file in its optimal storage tier, based on pre-defined rules andpolicies.
■ Relocate files between storage tiers automatically as optimal storage changes,to take advantage of storage economies.
Introducing the Veritas Storage Foundation Scalable File ServerAbout SFS features
18
■ Retain original file access paths to minimize operational disruption, forapplications, backup procedures, and other custom scripts.
■ Handle millions of files that are typical in large data centers.
■ Automate these features quickly and accurately.
SFS key benefits and other applicationsSFS can be used with any application that requires the sharing of files using theNFS v3, CIFS, or FTP protocol. Use-cases such as home directories or decisionsupport applications that require sequential shared access, Web pages, andapplications are all ideal for SFS. SFS is also applicable when you want generalpurpose, high-throughput scale-out processing for your data, together withenterprise-class highly available cluster functionality.
High performance scaling and seamless growthSFS lets you scale storage and processing independently and seamlessly, online.Because an application may need to scale either storage or processing, or both,this capability gives you a lot of flexibility.
SFS automates the installation of new nodes into the running cluster, configuresthose nodes, and adds the nodes' capacity into the processing tier. SFS can scalefrom 1 to 16 nodes with near linear performance scaling. You can add processingone node at a time, rather than buying a large, expensive independent appliance.
A storage administrator can configure a new array or even add new LUNs froman existing array into the SFS cluster. SFS can then scan the storage, automaticallysee the new LUNs and place them under SFS control for use in the cluster. All ofthis is performed online.
At the storage end, resizing of existing file systems can be performed online withno interruption of service. A simple command is used to both add space to anexisting file system and to also reduce (dynamically shrink) the amount of freespace in a specified file system.
The product provides nearly linear scaling in terms of NFS operations per secondand total I/O throughput.
Figure 1-1 depicts this scaling capability.
19Introducing the Veritas Storage Foundation Scalable File ServerSFS key benefits and other applications
Figure 1-1 Example of near-linear performance scaling with SFS
When using 16-node clusters, extremely high throughput performance numberscan be obtained. This is due to the benefits of near linear SFS cluster scalability.
High availabilitySFS has an “always on" file service that provides zero interruption of file servicesfor company critical data.
The loss of single or even multiple nodes does not interrupt I/O operations on theclient tier. This is in stark contrast to the traditional NFS active/passive failoverparadigm.
The SFS architecture provides transparent failover for other key services suchas NFS lock state, CIFS and FTP daemons, reporting, logging, and backup/restoreoperations. The console service that provides access to the centralized menu-driveninterface is automatically failed over to another node.
The installation service is also highly available and can seamlessly recover fromthe initially installed node failing during the installation of the remaining nodesin the cluster.
The use of Veritas Cluster Server technology and software within SFS is key tothe ability of SFS to provide best-of-breed high availability, in addition toclass-leading scale-out performance.
Consolidating and reducing costs of storageThe value of consolidating several independent islands of NFS or NAS appliancesinto fewer, larger shared pools has many cost benefits.
A typical enterprise uses 30-40% of its storage. This low storage utilization rateresults in excessive spending on new storage when there is more than adequatefree space in the data center.
Introducing the Veritas Storage Foundation Scalable File ServerSFS key benefits and other applications
20
With SFS, you can group storage assets into fewer, larger shared pools. Thisincreases the use of backend LUNs and overall storage.
SFS also has built-in, pre-configured heterogeneous storage tiering. This lets youuse different types of storage in a primary and secondary tier configuration. Usingsimple policies, data can be transparently moved from the primary storage tierto the secondary tier. This is ideal when mixing drive types and architecturessuch as high-speed SAS drives with cheaper storage, such as SATA-based drives.Furthermore, data can be stored initially on the secondary tier and then promotedto the primary tier dynamically based on a pattern of I/O. This creates an optimalscenario when you use Solid State Disks (SSDs) because there will often be asignificant change between the amount of SSD storage available, and amount ofother storage availability, such as SATA drives. Data and files that are promotedto the primary tier are transferred back to the secondary tier in accordance withthe configured access time policy.
All of this results in substantially increased efficiency, and it can save you moneybecause you make better use of the storage you already have.
Enabling scale-out compute clusters and heterogeneous sharing ofdata
The trend toward scale-out, or grid computing continues to gain pace. There aresignificant performance and cost advantages of moving applications away fromlarge UNIX Symmetrical Multi-Processing (SMP) or mainframe environments andtowards a farm of commodity computer servers running a distributed application.
One of the key inhibitors to scale-out computing is the requirement to provide ashared storage infrastructure for the compute nodes, and enable you to shareheterogeneously as well as scale up as performance requires. SFS solves both ofthese issues by providing a highly scalable and shared storage platform at thestorage tier and by facilitating heterogeneous sharing on the compute tier.
SFS can provide the performance and availability you need for a large-scale NFScompute and storage tier. It provides enough throughput and seamless failoverfor this type of architecture – whether a few dozen compute nodes, or scaling toseveral hundred nodes.
21Introducing the Veritas Storage Foundation Scalable File ServerSFS key benefits and other applications
Introducing the Veritas Storage Foundation Scalable File ServerSFS key benefits and other applications
22
Creating users based onroles
This chapter includes the following topics:
■ About user roles and privileges
■ About the naming requirements for adding new users
■ About using the SFS command-line interface
■ Logging in to the SFS CLI
■ About accessing the online man pages
■ About creating Master, System Administrator, and Storage Administratorusers
■ About the support user
■ Displaying the command history
About user roles and privilegesYour privileges within Storage Foundation Scalable File Server (SFS) are basedon what user role (Master, System Administrator, or Storage Administrator) youhave been assigned.
The following table provides an overview of the user roles within SFS.
2Chapter
Table 2-1 User roles within SFS
DescriptionUser role
Masters are responsible for adding or deleting users, displaying users,and managing passwords. Only the Masters can add or delete otheradministrators.
Master
System Administrators are responsible for configuring andmaintaining the file system, NFS sharing, networking, clustering,setting the current date/time, and creating reports.
SystemAdministrator
Storage Administrators are responsible for provisioning storage andexporting and reviewing reports.
StorageAdministrator
The Support account is reserved for Technical Support use only, and it cannot becreated by administrators.
See “Using the support login” on page 325.
About the naming requirements for adding newusersThe following table provides the naming requirements for adding new SFS users.
Table 2-2 Naming requirements for adding new users
DescriptionGuideline
Letter or an underscore (_)
Must begin with an alphabetic character and the rest of the stringshould be from the following POSIX portable character set:([A-Za-z_][A-Za-z0-9_-.]*[A-Za-z0-9_-.$]).
Starts with
Can be up to 31 characters. If user names are greater than 31characters, you will receive the error, "Invalid user name."
Length
Command names are case sensitive: username and USERNAME arethe same. However, user-provided variables are case-sensitive.
Case
Hyphens (-) and underscores (_) are allowed.Can contain
Valid user names include:
■ Name:
■ a.b
■ a_b
■ ______-
Valid syntax
Creating users based on rolesAbout the naming requirements for adding new users
24
See “Creating Master, System Administrator, and Storage Administrator users”on page 33.
About using the SFS command-line interfaceYou can enter SFS commands on the system console or from any host that canaccess SFS through a session using Secure Socket Shell (SSH) .
SFS provides the following features to help you when you enter commands on thecommand line:
■ Command-line help by typing a command and then a question mark (?)
■ Command-line manual (man) pages by typingmanand the name of the commandyou are trying to find
Table 2-3 Conventions used in the SFS online command-line man pages
DescriptionSymbol
Indicates you must choose one of elements on either side of the pipe.| (pipe)
Indicates that the element inside the brackets is optional.[ ] (brackets)
Indicates that the element inside the braces is part of a group.{ } (braces)
Indicates a variable for which you need to supply a value. Variablesare indicated in italics in the man pages.
< >
Logging in to the SFS CLIWhen you first log in to the SFS CLI, use the default username/password ofmaster/master. After you have logged in successfully, change your password.
See “To change a user's password” on page 34.
By default, the initial password for any user is the same as the username. Forexample, if you logged in as user1, your default password would also be user1.
To use any of the CLI commands, first log in by using the user role you have beenassigned. Then enter the correct mode. These two steps must be performed beforeyou can use any of the commands.
25Creating users based on rolesAbout using the SFS command-line interface
To log in to the SFS CLI
1 Log in to SFS using the appropriate user role, System Admin, Storage Admin,or Master.
See “Logging in to the SFS CLI” on page 25.
2 Enter the name of the mode you want to enter.
For example, to enter the admin mode, you would enter the following:
admin
You can tell you are in the admin mode because you will see the following:
Admin>
The following tables describe all the available modes, commands associated withthat mode, and what roles to use depending on which operation you are performing.
Table 2-4 Admin mode commands
MasterStorageAdmin
SystemAdmin
Admin mode commands
XXXpasswd
XXXshow
Xsupportuser
Xuser
Table 2-5 Backup mode commands
MasterStorageAdmin
SystemAdmin
Backup mode commands
XXndmp
XXnetbackup
XXshow
XXstart
XXstatus
XXstop
XXvirtual-ip
Creating users based on rolesLogging in to the SFS CLI
26
Table 2-5 Backup mode commands (continued)
MasterStorageAdmin
SystemAdmin
Backup mode commands
XXvirtual-name
Table 2-6 CIFS mode commands
MasterStorageAdmin
SystemAdmin
CIFS mode commands
XXhomedir
XXlocal
XXserver
XXset
XXshare
XXshow
XXsplit
Table 2-7 Cluster mode commands
MasterStorageAdmin
SystemAdmin
Cluster mode commands
XXadd
XXdelete
XXreboot
XXshow
XXshutdown
Table 2-8 FTP mode commands
MasterStorageAdmin
SystemAdmin
FTP mode commands
XXlogupload
XXserver
XXsession
27Creating users based on rolesLogging in to the SFS CLI
Table 2-8 FTP mode commands (continued)
MasterStorageAdmin
SystemAdmin
FTP mode commands
XXset
XXshow
Table 2-9 History mode commands
MasterStorageAdmin
SystemAdmin
History mode commands
XXXhistory
Table 2-10 Network mode commands
MasterStorageAdmin
SystemAdmin
Network mode commands
XXbond
XXdns
XXip
XXldap
XXnis
XXnsswitch
XXping
XXshow
XXvlan
Table 2-11 NFS mode commands
MasterStorageAdmin
SystemAdmin
NFS mode commands
XXserver
XXshare
XXshow fs
XXstat
Creating users based on rolesLogging in to the SFS CLI
28
Table 2-12 Report mode commands
MasterStorageAdmin
SystemAdmin
Report mode commands
XXemail
XXevent
XXXexportevents
XXXshowevents
XXsnmp
XXsyslog
Table 2-13 Storage mode commands
MasterStorageAdmin
SystemAdmin
Storage mode commands
XXdisk grow
XXXdisk list
XXfencing
XXfs
XXhba
XXpool
XXscanbus
XXsnapshot
XXtier
Table 2-14 Support mode commands
MasterStorageAdmin
SystemAdmin
Support mode commands
Xdebuginfo
Xiostat
Xpciexclusion
29Creating users based on rolesLogging in to the SFS CLI
Table 2-14 Support mode commands (continued)
MasterStorageAdmin
SystemAdmin
Support mode commands
Xservices
Xtethereal
Xtop
Xtraceroute
Table 2-15 System mode commands
MasterStorageAdmin
SystemAdmin
System mode commands
XXclock
XXconfig
XXmore
XXntp
XXoption
XXstat
XXswap
Table 2-16 Upgrade mode commands
MasterStorageAdmin
SystemAdmin
Upgrade mode commands
XXpatch
XXshow
About accessing the online man pagesYou access the online man pages by typing man name_of_command at the commandline.
The example shows the result of entering the Network> man ldap command.
Creating users based on rolesAbout accessing the online man pages
30
Network> man ldap
NAME
ldap - configure LDAP client for authentication
SYNOPSIS
ldap enable
ldap disable
ldap show [users|groups|netgroups]
ldap set {server|port|basedn|binddn|ssl|rootbinddn|users-basedn|
groups-basedn|netgroups-basedn|password-hash} value
ldap get {server|port|basedn|binddn|ssl|rootbinddn|
users-basedn|groups-basedn|netgroups-basedn|password-hash}
You can also type a question mark (?) at the prompt for a list of all the commandsthat are available for the command mode that you are in. For example, if you arewithin the admin mode, if you type a question mark (?), you will see a list of theavailable commands for the admin mode.
sfs> admin ?
Entering admin mode...
sfs.Admin>
exit --return to the previous menus
logout --logout of the current CLI session
man --display on-line reference manuals
passwd --change the administrator password
show --show the administrator details
supportuser --enable or disable the support user
user --add or delete an administrator
To exit the command mode, enter the following: exit.
For example:
sfs.Admin> exit
sfs>
To exit the system console, enter the following: logout.
For example:
sfs> logout
31Creating users based on rolesAbout accessing the online man pages
About creating Master, System Administrator, andStorage Administrator users
Theadmin> user commands add or delete a user, display user settings, and renamethe password.
Note: By default, the password of the new user is the same as the username.
Table 2-17 Creating users
DefinitionCommand
Creates the different levels of administrator. You must have masterprivilege.
A user can be a Master user who has all the permissions, includingadd and deleting users. A Storage Administrator has access to onlystorage commands and is responsible for upgrading the cluster andapplying the patches. A System Administrator is responsible forconfiguring the NFS server and exporting the file system, adding anddeleting new nodes to the cluster, and configuring other networkparameters such as DNS and NIS.
See “To create a Master user” on page 33.
user add
Creates a password.
Passwords should be eight characters or less. If you enter a passwordthat exceeds eight characters, the password is truncated, and you needto specify the truncated password when re-entering the password.For example, if you entered "elephants" as the password, the passwordis truncated to "elephant," and you will need to re-enter "elephant"instead of "elephants" for the system to accept your password.
By default, the initial password for any user is the same as theusername. For example, if you logged in as user1, your defaultpassword would also be user1.
You will not be prompted to supply the old password.
See “To change a user's password” on page 34.
passwd
Displays a list of current users, or you can specify a particularusername and display both the username and its associated privilege.
See “To display a list of current users” on page 34.
show
Deletes a user.
See “To delete a user from SFS” on page 35.
user delete
Creating users based on rolesAbout creating Master, System Administrator, and Storage Administrator users
32
Creating Master, System Administrator, and Storage Administratorusers
To create the different levels of administrator, you must have master privilege.
To create a Master user
◆ To create a Master user, enter the following:
Admin> user add username master
For example:
Admin> user add master1 master
Creating Master: master1
Success: User master1 created successfully
To create a System Administrator user
◆ To create a System Administrator user, enter the following:
Admin> user add username system-admin
For example:
Admin> user add systemadmin1 system-admin
Creating System Admin: systemadmin1
Success: User systemadmin1 created successfully
To create a Storage Administrator user
◆ To create a Storage Administrator user, enter the following:
Admin> user add username storage-admin
For example:
Admin> user add storageadmin1 storage-admin
Creating Storage Admin: storageadmin1
Success: User storageadmin1 created successfully
33Creating users based on rolesAbout creating Master, System Administrator, and Storage Administrator users
To change a user's password
1 To change the password for the current user, enter the following command:
Admin> passwd
You will be prompted to enter the new password for the current user.
2 To change the password for a user other than the current user, enter thefollowing command:
Admin> passwd [username]
You will be prompted to enter the new password for the user.
To display a list of current users
1 To display the current user, enter the following:
Admin> show [username]
2 To display a list of all the current users, enter the following:
Admin> show
For example:
Admin> show
List of Users
-------------
master
user1
user2
To display the details of the administrator with the username master, enterthe following:
Admin> show master
Username : master
Privileges : Master
Admin>
Creating users based on rolesAbout creating Master, System Administrator, and Storage Administrator users
34
To delete a user from SFS
1 If you want to display the list of all the current users prior to deleting a user,enter the following:
Admin> show
2 To delete a user from SFS, enter the following:
Admin> user delete username
For example:
Admin> user delete user1
Deleting User: user1
Success: User user1 deleted successfully
About the support userThe supportuser commands are used to enable, disable, or view the status of thesupport user. Only an administrator logged in asmasterhas the privilege to enable,disable, change the password, or check the status of the support user.
You log into the system console and enter Admin> mode to access the commands.See “About using the SFS command-line interface” on page 25. for log ininstructions.
Table 2-18 Support user commands
DefinitionCommand
Enables the support user for the tracing and debugging of any node.The enable command lets the support user login remotely.
See “To enable the support user account” on page 36.
supportuserenable
Changes the support user password. The password can be changed atany time.
See “To change the support user password” on page 36.
supportuserpassword
Checks the status of the support user (whether it is enabled ordisabled).
Note: You must have master privilege to use this command.
See “To check the support user status” on page 37.
supportuser status
35Creating users based on rolesAbout the support user
Table 2-18 Support user commands (continued)
DefinitionCommand
Disables the support user without permanently removing it from thesystem. By default, the support user is in disablemode when SFS isinstalled.
See “To disable the support user account” on page 37.
supportuserdisable
Configuring the support user accountTo enable the support user account
◆ If you want to enable the support user, enter the following:
Admin> supportuser enable
For example:
Admin> supportuser enable
Enabling support user.
support user enabled.
Admin>
To change the support user password
◆ If you want to change the support user password, enter the following:
Admin> supportuser password
For example:
Admin> supportuser password
Changing password for support.
New password: Re-enter new password:
Password changed
Admin>
Creating users based on rolesAbout the support user
36
To check the support user status
◆ If you want to check the status of the support user, enter the following:
Admin> supportuser status
For example:
Admin> supportuser status
support user status : Enabled
Admin>
To disable the support user account
◆ If you want to disable the support user, enter the following:
Admin> supportuser disable
For example:
Admin> supportuser disable
Disabling support user.
support user disabled.
Admin>
Displaying the command historyThe history command displays the commands that you have executed. You canalso view commands executed by another user.
You must be logged in to the system to view the command history. For logininstructions, go to About using the SFS command-line interface.
37Creating users based on rolesDisplaying the command history
To display command history
◆ To display the command history, enter the following:
SFS> history [username] [number_of_lines]
Displays the command history for a particular user.username
Displays the number of lines of history you want to view.number_of_lines
For example:
SFS> history master 7
Username : master
Privileges : Master
Time Status Message Command
02-12-2009 11:09 Success NFS> server status (server status)
02-12-2009 11:10 Success NFS> server start (server start )
02-12-2009 11:19 Success NFS> server stop (server stop )
02-12-2009 11:28 Success NFS> fs show (show fs )
02-12-2009 15:00 SUCCESS Disk list stats completed (disk list )
02-12-2009 15:31 Success Network shows success (show )
02-12-2009 15:49 Success Network shows success (show )
SFS>
The information displayed from using the history command is:
Displays the time stamp as MM-DD-YYYY HH:MMTime
Displays the status of the command as Success, Error, or Warning.Status
Displays the command description.Message
Displays the actual commands that were executed by you oranother user.
Command
Creating users based on rolesDisplaying the command history
38
Displaying and addingnodes to a cluster
This chapter includes the following topics:
■ About the cluster commands
■ Displaying the nodes in the cluster
■ About adding a new node to the cluster
■ Installing the SFS software onto a new node
■ Adding a node to the cluster
■ Deleting a node from the cluster
■ Shutting down the cluster nodes
■ Rebooting the nodes in the cluster
About the cluster commandsThis chapter discusses the SFS cluster commands. You use these commands toadd or delete nodes to your cluster. The cluster commands are defined inTable 3-1.
To access the commands, log into the administrative console (for master,system-admin, or storage-admin) and enterCluster>mode. For login instructions,go to About using the SFS command-line interface.
3Chapter
Table 3-1 Cluster mode commands
DefinitionCommands
Displays the nodes in the SFS cluster, their states, CPU load, andnetwork load during the past 15 minutes.
See “Displaying the nodes in the cluster” on page 40.
cluster> show
Installs the SFS software onto the new node.
See “Installing the SFS software onto a new node” on page 43.
network> ip addradd
Adds a new node to the SFS cluster.
See “Adding a node to the cluster” on page 44.
cluster> add
Deletes a node from the SFS cluster.
See “Deleting a node from the cluster” on page 45.
cluster> delete
Shuts down one or all of the nodes in the SFS cluster.
See “Shutting down the cluster nodes” on page 47.
cluster> shutdown
Reboots a single node or all of the nodes in the SFS cluster. Use thenodename(s) that is displayed in the show command.
See “Rebooting the nodes in the cluster” on page 47.
cluster> reboot
Displaying the nodes in the clusterYou can display all the nodes in the cluster, their states, CPU load, and networkload during the past 15 minutes.
If you use the currentload option, you can display the CPU and network loadscollected from now to the next five seconds.
Displaying and adding nodes to a clusterDisplaying the nodes in the cluster
40
To display a list of nodes in the cluster
1 To display a list of nodes that are part of a cluster, and the systems that areavailable to add to the cluster, enter the following:
Cluster> show
For nodes already in the cluster, the following is displayed:
Node State CPU(15 min) pubeth0(15 min) pubeth1(15 min)
% rx(MB/s) tx(MB/s) rx(MB/s) tx(MB/s)
---- ----- ----------- -------- -------- -------- --------
sfs_1 RUNNING 1.35 0.00 0.00 0.00 0.00
sfs_2 RUNNING 1.96 0.00 0.00 0.00 0.00
For the nodes not yet added to the cluster, they are displayed with uniqueidentifiers.
Node
----
4dd5a565-de6c-4904-aa27-3645cf557119
bafd13c1-536a-411a-b3ab-3e3253006209
State
-----
INSTALLED 5.0SP2 (172.16.113.118)
INSTALLING-Stage-4-of-4
41Displaying and adding nodes to a clusterDisplaying the nodes in the cluster
2 To display the CPU and network loads collected from now to the next fiveseconds, enter the following:
Cluster> show [currentload]
Example output:
Node State CPU(5 sec) pubeth0(5 sec) pubeth1(5 sec)
% rx(MB/s) tx(MB/s) rx(MB/s) tx(MB/s)
---- ----- ---------- -------- -------- -------- --------
sfs_1 RUNNING 0.26 0.01 0.00 0.01 0.00
sfs_2 RUNNING 0.87 0.01 0.00 0.01 0.00
sfs_3 RUNNING 10.78 27.83 12.54 0.01 0.00
Displays the node name if the node has already been added tothe cluster. Displays the unique identifier for the node if it hasnot been added to the cluster.
Node
Example:
node_1
or
35557d4c-6c05-4718-8691-a2224b621920
Displays the state of the node or the installation state of thesystem along with an IP address of the system if it is installed.
State
Example:
INSTALLED (172.16.113.118)RUNNINGFAULTEDEXITEDLEAVINGUNKNOWN
Indicates the CPU loadCPU
Indicates the network load for the Public Interface 0pubeth0
Indicates the network load for the Public Interface 1pubeth1
If a system is physically removed from the cluster, or if you power off thesystem, you will not see the unique identifier for the system, installationstate, and IP address for the system when you issue the cluster> show
Displaying and adding nodes to a clusterDisplaying the nodes in the cluster
42
command. If you power the system back on, you will see the unique identifierfor the system, the installation state, and the IP address for the system.
You can then use the IP address to add the node back to the cluster.
See “About adding a new node to the cluster” on page 43.
About adding a new node to the clusterAfter you have installed the first node of the cluster, you need to complete twoseparate procedures to install additional nodes and add them to the cluster.
Procedures to install and add additional nodes:
■ You first need to install the SFS software binaries on the node.
■ You then add the node to your existing cluster. After the SFS software hasbeen installed, the node enters the INSTALLED state. It can then be added tothe cluster and become operational.
Note: Before proceeding, make sure that all of the nodes are physically connectedto the private and public networks. This allows the software installation to runconcurrently on each node.
See theVeritas StorageFoundationScalable File Server InstallationGuide for moreinformation.
Installing the SFS software onto a new nodeTo install the SFS software onto the new node
1 Log in to the master account through the SFS console and access the networkmode.
To log in to the SFS console:
■ Use ssh master@consoleipaddr where consoleipaddr is the console IPaddress.
■ For the password, enter the default password for the master account,master.You can change the password later by using the Admin> password
command.
2 If the nodes have not been preconfigured, you need to preconfigure them.
To preconfigure nodes:
43Displaying and adding nodes to a clusterAbout adding a new node to the cluster
■ Obtain the IP address ranges, as described in the Veritas StorageFoundation Scalable File Server InstallationGuide, for the public networkinterfaces of the nodes to be installed.
■ Add each IP address using the following command:Network> ip addr add ipaddr netmask type
IP is a protocol that allows addresses to be attached to an Ethernetinterface. Each Ethernet interface must have at least one address to usethe protocol. Several different addresses can be attached to one Ethernetinterface. Add the ipaddr and the netmask. And type is the type of IPaddress (virtual or physical).
3 Power up and press F12 for each new node to initiate a network boot.
The SFS software is automatically installed on all of the nodes.
4 Enter Cluster> show to display the status of the node installation as itprogresses.
Cluster> show
The following is an example of the status messages that appear.
INSTALLING (Stage 1 of 4: Installing Linux)
INSTALLING (Stage 2 of 4: Copying SFS installation sources)
INSTALLING (Stage 3 of 4: First Boot)
INSTALLING (Stage 4 of 4: Installing SFS)
Installed/Installing Nodes
Node
----
4dd5a565-de6c-4904-aa27-3645cf557119
State
-----
INSTALLED 5.0SP2 (172.16.113.118)
Adding a node to the clusterAfter the SFS software is installed on a new node, the node is assigned a temporaryIP address. The address is displayed in the State field in the output for Cluster>show. In the example in Installing the SFS software onto a new node, the temporaryIP address is 172.16.113.118. The temporary IP address is only used to add the
Displaying and adding nodes to a clusterAdding a node to the cluster
44
node to the cluster. Only the nodes in the INSTALLED state can be added to thecluster.
Note: This command is not supported in a single-node cluster.
The coordinator disks must be visible on the newly added node as a prerequisitefor I/O fencing to be configured successfully. Without the coordinator disks, I/Ofencing will not load properly and the node will not be able to obtain clustermembership. For more information about I/O fencing, go to About I/O fencing.
To add the new node to the cluster
1 Log in to SFS using the master user role.
2 Enter the cluster mode.
3 To add the new node to the cluster, enter the following:
Cluster> add nodeip
where nodeip is the IP address assigned to the INSTALLED node.
For example:
Cluster> add 172.16.113.118
Checking ssh communication with 172.16.113.118 ...done
Configuring the new node .....done
Adding node to the cluster.........done
Node added to the cluster
New node's name is: sfs_1
Deleting a node from the clusterThis command deletes a node from the cluster. Use the nodename that is displayedin the Cluster> show command.
Note: This command is not supported in a single-node cluster.
If the deleted node was in the RUNNING state prior to deletion, that node wouldbe assigned an IP address that can be used to add the node back to the cluster.
See “About adding a new node to the cluster” on page 43.
If the deleted node was not in the RUNNING state prior to deletion, reboot thedeleted node to assign it an IP address which can be used to add the node back
45Displaying and adding nodes to a clusterDeleting a node from the cluster
into the cluster. You must first reinstall the operating system SFS software (usingthe PXE installation) onto the node before adding it to the cluster. Refer to VeritasStorage Foundation Scalable File Server Installation Guide.
After the node is deleted from the cluster, that node's IP address is free for useby the cluster for new nodes.
The state of each node can be:
■ RUNNING
■ FAULTED
■ EXITED
■ LEAVING
■ UNKNOWN
To delete a node from the cluster
1 To show the current state of all nodes in the cluster, enter the following:
Cluster> show
2 To delete a node from a cluster, enter the following:
Cluster> delete nodename
where nodename is the nodename that appeared in the listing from the showcommand.
For example:
Cluster> delete sfs_1
Stopping Cluster processes on sfs_1 ...........done
deleting sfs_1's configuration from the cluster .....done
Node sfs_1 deleted from the cluster
If you try to delete a node that is unreachable, you will receive the followingwarning message:
This SFS node is not reachable, you have to re-install the
SFS software via PXE boot after deleting it.
Do you want to delete it now? (y/n)
Displaying and adding nodes to a clusterDeleting a node from the cluster
46
Shutting down the cluster nodesYou can shut down a single node or all of the nodes in the cluster. Use thenodename(s) that is displayed in the Cluster> show command.
To shut down a node or all the nodes in a cluster
1 To shut down a node, enter the following:
Cluster> shutdown nodename
nodename indicates the name of the node you want to shut down.
For example:
Cluster> shutdown sfs_1
Stopping Cluster processes on sfs_1 .......done
Sent shutdown command to sfs_1
2 To shut down all of the nodes in the cluster, enter the following:
Cluster> shutdown all
Use all as the nodename if you want to shut down all of the nodes in thecluster.
For example:
Cluster> shutdown all
Stopping Cluster processes on all ...done
Sent shutdown command to sfs_1
Sent shutdown command to sfs_2
Rebooting the nodes in the clusterYou can reboot a single node or all of the nodes in the cluster. Use the nodename(s)that is displayed in the Cluster> show command.
47Displaying and adding nodes to a clusterShutting down the cluster nodes
To reboot a node
1 To reboot a node, enter the following:
Cluster> reboot nodename
nodename indicates the name of the node you want to reboot.
For example:
Cluster> reboot sfs_1
Stopping Cluster processes on sfs_1 .......done
Sent reboot command to sfs_1
2 To reboot all of the nodes in the cluster, enter the following:
Cluster> reboot all
Use all as the nodename if you want to reboot all of the nodes in the cluster.
For example:
Cluster> reboot all
Stopping Cluster processes on all ...done
Sent reboot command to sfs_1
Sent reboot command to sfs_2
Displaying and adding nodes to a clusterRebooting the nodes in the cluster
48
Configuring SFS networksettings
This chapter includes the following topics:
■ About network mode commands
■ Displaying the network configuration and statistics
■ About bonding Ethernet interfaces
■ About DNS
■ About IP commands
■ About configuring IP addresses
■ About configuring Ethernet interfaces
■ About configuring routing tables
■ About LDAP
■ Before configuring LDAP settings
■ About configuring LDAP server settings
■ About administering SFS cluster's LDAP client
■ About NIS
■ About NSS
■ About VLAN
4Chapter
About network mode commandsSFS network-mode commands let you specify and check the status of networkparameters for the SFS cluster.
Note: Before you use SFS network mode commands, you must have a generalunderstanding of IP addresses and networking. If you are not familiar with theterms or output, contact your Network Administrator for help.
As shown in Table 4-1, network node commands are organized into functionalgroups or submodes.
To access the commands, log into your administrative console (master,system-admin, or storage-admin) and enter Network> mode.
For information on how to login, go to About using the SFS command-line interface.
Table 4-1 Network submodes
FunctionNetworksubmode
Creates a logical association between two or more Ethernet interfaces.
See “About bonding Ethernet interfaces” on page 52.
Bond
Identifies enterprise DNS servers for SFS use.
See “About DNS” on page 54.
DNS
Manages the SFS cluster IP addresses.
See “About IP commands” on page 58.
IP
Identifies the LDAP servers thatSFS can use.
See “About LDAP” on page 72.
LDAP
Identifies the NIS server that SFS can use.
See “About NIS” on page 81.
NIS
Provides a single configuration location to identify the services (suchas NIS or LDAP) for network information such as hosts, groups, orpasswords.
See “About NSS” on page 84.
NSS
Views, adds, or deletes VLAN interfaces.
See “Configuring VLAN” on page 86.
VLAN
Configuring SFS network settingsAbout network mode commands
50
Displaying the network configuration and statisticsYou can use the Network> show command to display the current clusterconfiguration and related statistics of the cluster network configuration.
To display the network configuration and statistics
◆ To display the cluster's network configuration and statistics, enter thefollowing:
Network> show
Interface Statistics
--------------------
sfs_1
-------------
Interfaces MTU Metric RX-OK RX-DROP RX-ERR RX-FRAME
lo 16436 1 13766 0 0 0
priveth0 1500 1 452390 0 0 0
priveth1 1500 1 325940 0 0 0
pubeth0 1500 1 25806318 0 0 0
pubeth1 1500 1 25755262 0 0 0
TX-OK TX-DROP TX-ERR TX-CAR Flag
13766 0 0 0 LRU
953273 0 0 0 BMR
506641 0 0 0 BMRU
152817 0 0 0 BMRU
673 0 0 0 BMRU
Routing Table
-------------
sfs_1
-------------
Destination Gateway Genmask Flags MSS Window irtt Iface
172.27.75.0 0.0.0.0 255.255.255.0 U 0 0 0 priveth0
10.182.96.0 0.0.0.0 255.255.240.0 U 0 0 0 pubeth0
10.182.96.0 0.0.0.0 255.255.240.0 U 0 0 0 pubeth1
127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo
0.0.0.0 10.182.96.1 0.0.0.0 UG 0 0 0 pubeth0
For definitions of the column headings in the Routing Table, see To displaythe routing tables of the nodes in the cluster.
51Configuring SFS network settingsDisplaying the network configuration and statistics
About bonding Ethernet interfacesBond commands associate each set of two or more Ethernet interfaces with oneIP address. This association improves network performance on each SFS clusternode by increasing the potential bandwidth available on an IP address beyond thelimits of a single Ethernet interface and by providing redundancy for higheravailability. For example, you can bond two 1-gigabit Ethernet interfaces togetherto provide up to 2 gigabits per second of throughput to a single IP address.Moreover, if one of the interfaces fails, communication continues using the singleEthernet interface.
Bond commands let you create, remove, and display a cluster's bonds. When youcreate or delete a bond, it affects the corresponding Ethernet interfaces on theSFS cluster nodes.
Every node in the cluster has pubeth0 and pubeth1 interfaces. You can only bondpublic Ethernet interfaces.
Note:When you create or remove a bond, all of the SSH connections with Ethernetinterfaces may be dropped. When the operation is complete, you must restore thessh connections.
Table 4-2 Bond commands
DefinitionCommand
Displays a bond and the algorithm used to distribute traffic amongthe bonded interfaces.
See “To display a bond” on page 53.
show
Creates a bond between sets of two or more correspondingly namedEthernet interfaces on all SFS cluster nodes.
See “To create a bond” on page 53.
create
Removes a bond between two or more correspondingly named Ethernetinterfaces on all SFS cluster nodes. Thebond show command displaysthe names.
See “To remove a bond” on page 54.
remove
Configuring SFS network settingsAbout bonding Ethernet interfaces
52
Bonding Ethernet interfacesTo display a bond
◆ To display a bond and the algorithm used to distribute traffic among thebonded interfaces, enter the following:
Network> bond show
In this example, DEVICES refers to Ethernet interfaces.
BONDNAME MODE DEVICES
-------- ----- -------
bond0 1 pubeth1 pubeth2
To create a bond
◆ To create a bond between sets of two or more Ethernet interfaces on all SFScluster nodes, enter the following:
Network> bond create interfacelist mode
Specifies a comma-separated list of public Ethernet interfacesto bond. Bonds are created on correspondingly named sets ofEthernet interfaces on each cluster node.
interfacelist
Specifies how the bonded Ethernet interfaces divide the traffic.mode
For example:
Network> bond create pubeth1,pubeth2 broadcast
100% [#] Bonding interfaces. Please wait...
bond created, the bond name is: bond0
You can specify a mode either as a number or a character string, as follows:
This mode provides fault tolerance and load balancing. Ittransmits packets in order from the first available slavethrough the last.
balance-rr0
Only one slave in the bond is active. If the active slave fails,a different slave becomes active. To avoid confusing theswitch, the bond's MAC address is externally visible on onlyone port (network adapter).
active-backup1
53Configuring SFS network settingsAbout bonding Ethernet interfaces
Transmits based on the selected transmit hash policy.
The default policy is a simple.
This mode provides load balancing and fault tolerance. Youcan use the xmit_hash_policy option to select alternatetransmit policies.
balance-xor2
Transmits everything on all slave interfaces and providesfault tolerance.
broadcast3
Creates aggregation groups with the same speed and duplexsettings. It uses all slaves in the active aggregator based onthe 802.3ad specification.
802.3ad4
Provides channel bonding that does not require specialswitch support. The outgoing traffic is distributed accordingto the current load (computed relative to the speed) on eachslave. The current slave receives incoming traffic. If thereceiving slave fails, another slave takes over its MACaddress.
balance-tlb5
Includes balance-tlb plus Receive Load Balancing (RLB) forIPV4 traffic. This mode does not require any special switchsupport. ARP negotiation load balances the receive.
balance-alb6
To remove a bond
◆ To remove a bond from all of the nodes in a cluster, enter the following:
Network> bond remove bondname
where bondname is the name of the bond configuration.
For example:
Network> bond remove bond0
100% [#] Removing Bond bond0. Please wait...
bond removed : bond0
About DNSThe Domain Name System (DNS) service translates between numeric IP addressesand their associated host names.
The DNS commands let you view or change an SFS cluster 's DNS settings. Youcan configure an SFS cluster's DNS lookup service to use up to three DNS servers.
Configuring SFS network settingsAbout DNS
54
You must enable the SFS cluster's DNS name service before you specify the DNSservers it is to use for lookups.
Table 4-3 DNS commands
DefinitionCommand
Displays the current settings of an SFS cluster's DNS lookup service.
See “To display DNS settings” on page 56.
dns show
Enables SFS to perform DNS lookups.
When DNS is enabled, the SFS cluster's DNS service uses the datacenter's DNS server(s) to determine the IP addresses of networkentities such as SNMP, NTP, LDAP, and NIS servers with which thecluster must communicate.
See “To enable DNS settings” on page 56.
dns enable
Disables DNS lookups.
If the DNS services are already disabled, the command does notrespond.
See “To disable DNS settings” on page 56.
dns disable
Specifies the IP addresses of DNS name servers to be used by the SFSDNS lookup service. The order of the IP addresses is the order in whichthe name servers are to be used.
Enter the IP addresses of the name servers. The order of the IPaddresses is the order in which the name servers are to be used.
See “To specify IP addresses of DNS name servers” on page 57.
dns setnameservers
Removes the IP addresses of DNS name servers from the cluster's DNSlookup service database.
See “To remove name servers list used by DNS” on page 57.
dns clearnameservers
Enter the domain name that the SFS cluster will be in. For the requiredinformation, contact your Network Administrator.
This command clears any previously set domain name.
Before you use this procedure, you must enable the DNS server.
See “To set the domain name for the DNS server” on page 57.
dns setdomainname
Removes the DNS domain name.
See “To remove domain name used by DNS” on page 58.
dns cleardomainname
55Configuring SFS network settingsAbout DNS
Configuring DNS settingsTo display DNS settings
◆ To display DNS settings, enter the following:
Network> dns show
DNS Status : Disabled
nameserver : 172.16.113.118
domain : symantec.com
To enable DNS settings
◆ To enable DNS settings to allow SFS hosts to do lookups and verify the results,enter the following commands:
Network> dns enable
Network>
Network> dns show
DNS Status : Enabled
domain : cluster1.com
nameserver : 10.216.50.132
To disable DNS settings
◆ To disable DNS settings, enter the following:
Network> dns disable
Network>
Network> dns show
DNS Status : Disabled
Old Settings
------------
domain : cluster1.com
nameserver : 10.216.50.132
Configuring SFS network settingsAbout DNS
56
To specify IP addresses of DNS name servers
◆ To specify the IP addresses of DNS name servers to be used by the SFS DNSservice and verify the results, enter the following commands:
Network> dns set nameservers nameserver1 [nameserver2] [nameserver3]
For example:
Network> dns set nameservers 10.216.50.199 10.216.50.200
Network>
Network> dns show
DNS Status : Enabled
nameserver : 10.216.50.199
nameserver : 10.216.50.200
To remove name servers list used by DNS
◆ To remove the name servers list used by DNS and verify the results, enterthe following commands:
Network> dns clear nameservers
Network>
Network> dns show
DNS Status : Enabled
To set the domain name for the DNS server
◆ To set the domain name for the DNS server, enter the following:
Network> dns set domainname domainname
where domainname is the domain name for the DNS server.
For example:
Network> dns set domainname example.com
Network>
Network> dns show
DNS Status : Enabled
domain : example.com
nameserver : 10.216.50.132
57Configuring SFS network settingsAbout DNS
To remove domain name used by DNS
◆ To remove the domain name used by DNS, enter the following:
Network> dns clear domainname
Network>
Network> dsn show
DNS Status : Enabled
nameserver : 10.216.50.132
About IP commandsInternet Protocol (IP) commands configure your routing tables, Ethernet interfaces,and IP addresses, and display the settings.
The following sections describe how to configure the IP commands:
■ About configuring IP addresses
■ About configuring Ethernet interfaces
■ Configuring routing tables
About configuring IP addressesEach Ethernet interface must have a physical IP address associated with it. Theseare usually supplied when the SFS software is installed. Each Ethernet interfacealso requires one or more virtual IP addresses to communicate with other clusternodes and with the rest of the enterprise network.
Note: The operating system requires physical IP addresses. You should only addthe physical IP addresses when the cluster's hardware configuration changes.
Table 4-4 lists the commands you can use to configure your IP addresses.
Table 4-4 IP commands
DefinitionCommand
Displays the IP addresses, the devices (Ethernet interfaces) they areassigned to, and their attributes.
Note: Any Ethernet interfaces excluded during the initial SFSinstallation will not be displayed.
See “To display all the IP addresses for the cluster” on page 60.
ip addr show
Configuring SFS network settingsAbout IP commands
58
Table 4-4 IP commands (continued)
DefinitionCommand
Adds a virtual or physical IP address to the SFS cluster.
SFS assigns the newly added IP address to an Ethernet interface orone of its nodes. Virtual IP addresses are used for communicationamong cluster nodes and with clients on the enterprise network.
By default, this command does not use VLAN Ethernet interfacesunless they are specified in the device option.
SFS determines the node to which the IP address will be assigned.
After you add a virtual IP address, it takes a few seconds for it to comeonline. If you enter an IP address that is already used in the cluster,an error message is displayed. You cannot enter an invalid IP address(one that is not four bytes or has a byte value greater than 255).
Note: An IP address that does not go online may indicate a problemwith the SFS cluster. For help, see To display the state of the servicesor contact Symantec Technical Support.
See “To add an IP address to a cluster” on page 62.
ip addr add
Brings an IP address online on any running node in the cluster. TheIP address does not need to be in the offline mode for this commandto work. You can use this command to switch the IP address from anonline node to another specified node. You can change an IP addressto the online mode if it is in the OFFLINE/FAULTED state. Thiscommand also displays any faults for the IP address on the specifiednode.
If the command succeeds you do not receive a response at the prompt.
Note: An IP address that does not go online may indicate a problemwith the SFS cluster. For help, see To display the state of the servicesor contact Symantec Technical Support.
See “To change an IP address to the online mode on a specified node”on page 63.
ip addr online
Modifies an IP protocol address used by the cluster. You can changeboth the physical IP addresses and virtual IP addresses. If you changethe virtual IP address it terminates the NFS connection on oldipaddr.
See “To modify an IP address” on page 64.
ip addr modify
59Configuring SFS network settingsAbout configuring IP addresses
Table 4-4 IP commands (continued)
DefinitionCommand
Deletes an IP protocol address from the cluster. You can only deletephysical IP addresses if they are not being used by any interface ofthe cluster. You can also delete virtual IP addresses, except for theconsole IP address. When you add or delete an IP address from thecluster, the cluster automatically evens out the number of virtual IPaddresses on each node.
See “To remove an IP address from the cluster” on page 64.
ip addr del
Configuring IP addressesTo configure your IP addresses, perform the following commands.
To display all the IP addresses for the cluster
◆ To display all of a cluster's IP addresses, enter the following:
Network> ip addr show
IP Netmask Device Node Type Status
-- ------- ------ ---- ---- ------
10.182.107.53 255.255.240.0 pubeth0 sfs_1 Physical
10.182.107.54 255.255.240.0 pubeth1 sfs_1 Physical
10.182.107.55 255.255.240.0 pubeth0 sfs_2 Physical
10.182.107.56 255.255.240.0 pubeth1 sfs_2 Physical
10.182.107.65 255.255.240.0 pubeth0 sfs_1 Virtual ONLINE (Con IP)
10.182.107.201 255.255.240.0 pubeth0 sfs_2 Virtual ONLINE
10.182.107.202 255.255.240.0 pubeth0 sfs_1 Virtual ONLINE
10.182.107.203 255.255.240.0 pubeth1 sfs_2 Virtual ONLINE
10.182.107.204 255.255.240.0 pubeth1 sfs_1 Virtual ONLINE
The output headings are:
Displays the IP addresses for the cluster.IP
Displays the netmask for the IP address.Netmask
Displays the names of the Ethernet interfaces for the IP address.Device
Displays the node names associated with the interface.Node
Displays the type of the IP address: physical or virtual.Type
Configuring SFS network settingsAbout configuring IP addresses
60
Displays the status of the IP addresses:
■ ONLINE
■ ONLINE (console IP)
■ OFFLINE
■ FAULTED
A virtual IP can be in the FAULTED state if it is already beingused. It can also be in the FAULTED state if the correspondingdevice is not working on all nodes in the cluster (for example, adisconnected cable).
Status
61Configuring SFS network settingsAbout configuring IP addresses
To add an IP address to a cluster
◆ To add an IP address to a cluster, enter the following:
Network> ip addr add ipaddr netmask type [device]
Specifies the IP address to add to the cluster.
Do not use physical IP addresses to access the SFS cluster. Incase of failure, the IP addresses cannot move between nodes. Afailure could be either a node failure, an Ethernet interfacefailure, or storage failure.
ipaddr
Specifies the netmask for the IP address.netmask
Specifies the IP type, either virtual or physical.type
Only use this option if you entered virtual for the type.device
For example, to add a virtual IP address on a normal device, enter thefollowing:
Network> ip addr add 10.10.10.10 255.255.255.0 virtual pubeth0
SFS ip addr Success V-288-0 ip addr add successful.
Network>
For example, to add a virtual IP address on a bond device, enter the following:
Network> ip addr add 10.10.10.10 255.255.255.0 virtual bond0
SFS ip addr Success V-288-0 ip addr add successful.
Network>
For example, to add a virtual IP address on a VLAN device created over anormal device with VLAN ID 3, enter the following:
Network> ip addr add 10.10.10.10 255.255.255.0 virtual pubeth0.3
SFS ip addr Success V-288-0 ip addr add successful.
Network>
For example, to add a virtual IP address on a VLAN device created over a bonddevice with VLAN ID 3, enter the following:
Network> ip addr add 10.10.10.10 255.255.255.0 virtual bond0.3
SFS ip addr Success V-288-0 ip addr add successful.
Network>
Configuring SFS network settingsAbout configuring IP addresses
62
To change an IP address to the online mode on a specified node
◆ To change an IP address to the online mode on a specified node, enter thefollowing:
Network> ip addr online ipaddr nodename
Specifies the IP address that needs to be brought online.ipaddr
Specifies the nodename on which the IP address needs to bebrought online. If you do not want to enter a specific nodename,enter any with the IP address.
nodename
For example:
Network> ip addr online 10.10.10.15 node5_2
Network> ip addr show
IP Netmask Device Node Type Status
-- ------- ------ ---- ---- ------
10.216.114.212 255.255.248.0 pubeth0 node5_1 Physical
10.216.114.213 255.255.248.0 pubeth1 node5_1 Physical
10.216.114.214 255.255.248.0 pubeth0 node5_2 Physical
10.216.114.215 255.255.248.0 pubeth1 node5_2 Physical
10.216.114.217 255.255.248.0 pubeth0 node5_1 Virtual ONLINE (Con IP)
10.10.10.10 255.255.248.0 pubeth0 node5_1 Virtual ONLINE
10.10.10.11 255.255.248.0 pubeth1 node5_1 Virtual ONLINE
10.10.10.12 255.255.248.0 pubeth0 node5_2 Virtual ONLINE
10.10.10.13 255.255.248.0 pubeth1 node5_2 Virtual ONLINE
10.10.10.15 255.255.248.0 pubeth0 node5_2 Virtual ONLINE
63Configuring SFS network settingsAbout configuring IP addresses
To modify an IP address
◆ To modify an IP address, enter the following:
Network> ip addr modify oldipaddr newipaddr netmask
Specifies the old IP address to be modified.oldipaddr
Specifies what the new IP address will be.newipaddr
Specifies the netmask for the new IP address.netmask
A valid netmask has a "1" on the far right, with all "1's" to the left in bitwiseform.
If the specified oldipaddr is not assigned to the cluster, an error message isdisplayed.
If you enter an invalid IP address (one that is not four bytes or has a bytevalue greater than 255), an error message is displayed.
If the new IP address is already being used, an error message is displayed.
For example:
Network> ip addr modify 10.10.10.15 10.10.10.16 255.255.240.0
SFS ip addr Success V-288-0 ip addr modify successful.
To remove an IP address from the cluster
◆ To remove an IP address from the cluster, enter the following:
Network> ip addr del ipaddr
where ipaddr is the IP address to remove from the cluster.
For example:
Network> ip addr del 10.10.10.15
SFS ip addr Success V-288-0 ip addr del successful.
Network>
About configuring Ethernet interfacesYou can display and change the public Ethernet interfaces (pubeth0 and pubeth1)whether a link is up or down, and the Ethernet interface's Maximum TransmissionUnit (MTU) value.
Configuring SFS network settingsAbout configuring Ethernet interfaces
64
Table 4-5 Ethernet interface commands
DefinitionCommand
Displays each Ethernet interface's (device) status, if it connected toeach node in the cluster, the speed, and MTU.
Note: Any Ethernet interfaces excluded during the initial SFSinstallation will not be displayed.
See “To display current Ethernet interfaces and states” on page 65.
ip link show
Changes the network Ethernet interface's attributes or states.
See “To change an Ethernet interface” on page 66.
ip link set
Configuring Ethernet interfacesTo display current Ethernet interfaces and states
◆ To display current configurations, enter the following:
Network> ip link show [nodename] [device]
Specifies which node of the cluster to display the attributes.
Enter all to display all IP links.
nodename
Specifies which Ethernet interface on the node to display theattributes.
device
For example:
Network> ip link show sfs_1 pubeth0
Nodename Device Status MTU Detect Speed
-------- ------ ------ --- ------ ------
sfs_1 pubeth0 UP 1500 yes 100Mb/s
To display all configurations, enter the following:
Nodename Device Status MTU Detect Speed
-------- ------ ------ --- ------ ------
sfs_1 pubeth0 UP 1500 yes 100Mb/s
sfs_1 pubeth1 UP 1500 yes 100Mb/s
sfs_2 pubeth0 UP 1500 yes 100Mb/s
sfs_2 pubeth1 UP 1500 yes 100Mb/s
65Configuring SFS network settingsAbout configuring Ethernet interfaces
To change an Ethernet interface
◆ To change an Ethernet interface's configuration, enter the following:
Network> ip link set nodename device operation [argument]
Specifies which node of the cluster to configure.
If the node specified is not part of the cluster, then an errormessage is displayed.
To configure all nodes at once, use the all option in thenodename field.
nodename
Specifies the Ethernet interface to configure.
If you enter an Ethernet interface that cannot be configured, anerror message is displayed.
device
Enter one of the following operations:
■ up - Brings the Ethernet interface online.
■ down - Brings the Ethernet interface offline.
■ mtu MTU
- Changes the Ethernet interface's Maximum TransmissionUnit (MTU) to the value that is specified in the argument field.
■ detect- Displays whether the Ethernet interface is physicallyconnected or not.
■ speed- Displays the device speed.
operation
The argument field is used only when you enter mtu in theoperation field.
Setting the incorrect MTU value causes the console IP to becomeunavailable.
The argument field specifies what the MTU of the specifiedEthernet interface on the specified node should be changed to.
The MTU value must be an unsigned integer between 46 and9216.
If you enter the argument field, but do not enter an MTU in theoperation field, the argument is ignored.
argument
For example:
Network> ip link set all pubeth0 mtu 1600
sfs_1 : mtu updated on pubeth0
sfs_2 : mtu updated on pubeth0
Configuring SFS network settingsAbout configuring Ethernet interfaces
66
Network> ip link show
Nodename Device Status MTU Detect Speed
-------- ------ ------ --- ------ ------
sfs_1 pubeth0 UP 1600 yes 100Mb/s
sfs_1 pubeth1 UP 1500 yes 100Mb/s
sfs_2 pubeth0 UP 1600 yes 100Mb/s
sfs_2 pubeth1 UP 1500 yes 100Mb/s
About configuring routing tablesSometimes an SFS cluster must communicate with network services (for example,LDAP) using specific gateways in the public network. In these cases, you mustdefine routing table entries. These entries consist of the following:
■ The target network node's IP address and accompanying netmask.
■ Gateway’s IP address.
■ Optionally, a specific Ethernet interface via which to communicate with thetarget. This is useful, for example, if the demands of multiple remote clientsare likely to exceed a single gateway’s throughput capacity.
You add or remove routing table entries using the Network> mode ip route
command.
Table 4-6 lists the commands used to configure the routing tables of the nodes inthe cluster.
Table 4-6 Routing table commands
DefinitionCommand
Displays the routing table of the nodes in the cluster. You can entera specific nodename or use all to display the routing tables for allnodes in the cluster.
See “To display the routing tables of the nodes in the cluster”on page 69.
route show
67Configuring SFS network settingsAbout configuring routing tables
Table 4-6 Routing table commands (continued)
DefinitionCommand
Adds a new route for the cluster. The routing table containsinformation about paths to other networked nodes. You can makerouting table changes on each node of the cluster.
Use all for the nodename to add the route to all of the nodes in thecluster.
Use a netmask value of 255.255.255.255 for the netmask to add a hostroute to ipaddr.
Use a value of 0.0.0.0 for the gateway to add a route that does not useany gateway.
The dev device is an optional argument.
Use any of the public Ethernet interfaces for the device (pubeth0,pubeth1, or any).
See “To add to the route table” on page 70.
route add
Deletes a route used by the cluster. Use all for nodename to deletethe route from all of the nodes in the cluster. The combination ofipaddr and netmask specifies the network or host for which the routeis deleted. Use a value of 255.255.255.255 for the netmask to delete ahost route to ipaddr.
See “To delete route entries from the routing tables of nodes in thecluster” on page 72.
route del
Configuring SFS network settingsAbout configuring routing tables
68
Configuring routing tablesTo display the routing tables of the nodes in the cluster
◆ To display the routing tables of the nodes in the cluster, enter the following:
Network> ip route show [nodename]
where nodename is the node whose routing tables you want to display. Tosee the routing table for all of the nodes in the cluster, enter all.
For example:
Network> ip route show all
sfs_1
-------------
Destination Gateway Genmask Flags MSS Window irtt Iface
172.27.75.0 0.0.0.0 255.255.255.0 U 0 0 0 priveth0
10.182.96.0 0.0.0.0 255.255.240.0 U 0 0 0 pubeth0
10.182.96.0 0.0.0.0 255.255.240.0 U 0 0 0 pubeth1
127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo
0.0.0.0 10.182.96.1 0.0.0.0 UG 0 0 0 pubeth0
sfs_2
-------------
Destination Gateway Genmask Flags MSS Window irtt Iface
172.27.75.0 0.0.0.0 255.255.255.0 U 0 0 0 priveth0
10.182.96.0 0.0.0.0 255.255.240.0 U 0 0 0 pubeth0
10.182.96.0 0.0.0.0 255.255.240.0 U 0 0 0 pubeth1
127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo
0.0.0.0 10.182.96.1 0.0.0.0 UG 0 0 0 pubeth0
Displays the destination network or destination host for which theroute is defined.
Destination
Displays a network node equipped for interfacing with anothernetwork.
Gateway
Displays the netmask.Genmask
69Configuring SFS network settingsAbout configuring routing tables
The flags are as follows:
U - Route is up
H - Target is a host
G - Use gateway
Flags
Displays maximum segment size. The default is 0. You cannot modifythis attribute.
MSS
Displays the maximum amount of data the system accepts in a singleburst from the remote host. The default is 0. You cannot modify thisattribute.
Window
Displays the initial round trip time with which TCP connections start.The default is 0. You cannot modify this attribute.
irtt
Displays the interface. On UNIX systems, the device name lo refersto the loopback interface.
Iface
To add to the route table
◆ To add a route entry to the routing table of nodes in the cluster, enter thefollowing:
Network> ip route add nodename ipaddr netmask via gateway [dev device]
Specifies the node to whose routing table the route is to be added.
To add a route path to all the nodes, use all in the nodenamefield.
If you enter a node that is not a part of the cluster, an errormessage is displayed.
nodename
Specifies the destination of the IP address.
If you enter an invalid IP address, then a message notifies youbefore you fill in other fields.
ipaddr
Specifies the netmask associated with the IP address that isentered for the ipaddr field.
Use a netmask value of 255.255.255.255 for the netmask toadd a host route to ipaddr.
netmask
This is a required field. You must type in the word.via
Configuring SFS network settingsAbout configuring routing tables
70
Specifies the gateway IP address used for the route.
If you enter an invalid gateway IP address, then an error messageis displayed.
To add a route that does not use a gateway, enter a value of0.0.0.0.
gateway
Specifies the route device option. You must type in the word.dev
Specifies which Ethernet interface on the node the route path isadded to. This variable is optional.
You can specify the following values:
■ any - Default
■ pubeth0 - Public Ethernet interface
■ pubeth1 - Public Ethernet interface
The Ethernet interface field is required only when you specifydev in the dev field.
If you omit the dev and device fields, SFS uses a defaultEthernet interface.
dev device
For example:
Network> ip route add sfs_1 10.10.10.10 255.255.255.255
via 0.0.0.0 dev pubeth0
sfs_1: Route added successfully
71Configuring SFS network settingsAbout configuring routing tables
To delete route entries from the routing tables of nodes in the cluster
◆ To delete route entries from the routing tables of nodes in the cluster, enterthe following:
Network> ip route del nodename ipaddr netmask
Specifies the route entry from which the node is deleted.
To delete the route entry from all nodes, use the all option inthis field.
nodename
Specifies the destination IP address of the route entry to bedeleted.
If you enter an invalid IP address a message notifies you beforeyou enter other fields.
ipaddr
Specifies the IP address to be used.netmask
For example:
Network> ip route del sfs_1 10.216.128.0 255.255.255.255
sfs_1: Route deleted successfully
About LDAPThe Lightweight Directory Access Protocol (LDAP) is the protocol used tocommunicate with LDAP servers. The LDAP servers are the entities that performthe service. In SFS the most common use of LDAP is user authentication.
For sites that use an LDAP server for access or authentication, SFS provides asimple LDAP client configuration interface.
Before configuring LDAP settingsBefore you configure SFS LDAP settings, obtain the following LDAP configurationinformation from your system administrator:
■ IP address or host name of the LDAP server. You also need the port numberof the LDAP server.
■ Base (or root) distinguished name (DN), for example, cn=employees,c=us. LDAPdatabase searches start here.
Configuring SFS network settingsAbout LDAP
72
■ Bind distinguished name (DN) and password, for example, ou=engineering,c=us.This allows read access to portions of the LDAP database to search forinformation.
■ Base DN for users, for example, ou=users,dc=com. This allows access to theLDAP directory to search for and authenticate users.
■ Base DN for groups, for example, ou=groups,dc=com. This allows access to theLDAP database, to search for groups.
■ Root bind DN and password. This allows write access to the LDAP database,to modify information, such as changing a user's password.
■ Secure Sockets Layer (SSL). Configures an SFS cluster to use the Secure SocketsLayer (SSL) protocol to communicate with the LDAP server.
■ Password hash algorithm, for example md5, if a specific password encryptionmethod is used with your LDAP server.
The following sections describe how to configure LDAP:
■ Configuring LDAP server settings
■ Administering the SFS cluster's LDAP client
About configuring LDAP server settingsTable 4-7 lists the LDAP commands used to configure the LDAP server settings.
Table 4-7 LDAP commands
DefinitionCommand
Sets the base DN value for the LDAP server.
Note: Setting the base DN for the LDAP server is required.
See “To set the base DN for the LDAP server” on page 75.
set basedn
Sets the hostname or IP address for the LDAP server.
See “To set the LDAP server hostname or IP address” on page 76.
set server
Sets the port number for the LDAP server.
See “To set the LDAP server port number” on page 76.
set port
73Configuring SFS network settingsAbout configuring LDAP server settings
Table 4-7 LDAP commands (continued)
DefinitionCommand
Configures an SFS cluster to use the Secure Sockets Layer (SSL)protocol to communicate with the LDAP server.
If your LDAP server does not use SSL for authentication, sets thisvalue to off (the default value). Consult your system administrator forconfirmation.
If your LDAP server supports SSL, you must set SSL to on. This settingis mandatory. The certificates that are required for SSL areauto-negotiated with the LDAP server when the session is established.
See “To set SFS to use LDAP over SSL” on page 76.
set ssl
Sets the bind Distinguished Name (DN) and its password for the LDAPserver. This DN is used to bind with the LDAP server for read access.For LDAP authentication, most attributes need read access.
Note: Use the LDAP server password. Contact your NetworkAdministrator for assistance.
See “To set the bind DN for the LDAP server” on page 77.
set binddn
Sets the LDAP root bind DN and its password. This DN is used to bindwith the LDAP server for write access to the LDAP directory. Thissetting is not required for authentication.
To change some attributes of an LDAP entry, the root bind DN isrequired. For example, if a root user wants to change a user's password,the root user must have administrative privileges to write to the LDAPdirectory.
Note: Use the LDAP server password. Contact your NetworkAdministrator for assistance.
See “To set the root bind DN for the LDAP server” on page 77.
set rootbinddn
Sets the LDAP users, groups, and netgroups base Distinguished Name(DN). PAM/NSS uses this DN to search LDAP groups.
Note: You must set the LDAP users, groups, and netgroups base DN.
See “To set the LDAP users, groups, or netgroups base DN” on page 78.
set users-basedn
set groups-basedn
setnetgroups-basedn
Configuring SFS network settingsAbout configuring LDAP server settings
74
Table 4-7 LDAP commands (continued)
DefinitionCommand
Sets the LDAP password hash algorithm used when you set or changethe LDAP user's password. The password is encrypted with theconfigured hash algorithm before it is sent to the LDAP server andstored in the LDAP directory.
Note: Setting the LDAP password hash algorithm is optional.
See “To set the password hash algorithm” on page 78.
set password-hash
Displays the configured LDAP settings.
See “To display the LDAP configured settings” on page 79.
get
Clears a configured setting.
See “To clear the LDAP setting” on page 79.
clear
Configuring LDAP server settingsYou can set the LDAP base Distinguished Name (base DN). LDAP records arestructured in a hierarchical tree. You access records through a particular path,in this case, a Distinguished Name, or DN. The base DN indicates where in theLDAP directory hierarchy you want to start your search.
Note: For SFS to access an LDAP directory service, you must specify the LDAPserver DNS name or IP address.
To set the base DN for the LDAP server
◆ To set the base DN for the LDAP server, enter the following:
Network> ldap set basedn value
where value is the LDAP base DN in the following format:
dc=yourorg,dc=com
For example:
Network> ldap set basedn dc=example,dc=com
OK Completed
75Configuring SFS network settingsAbout configuring LDAP server settings
To set the LDAP server hostname or IP address
◆ To set the LDAP server hostname or IP address, enter the following:
Network> ldap set server value
where value is the LDAP server hostname or IP address.
For example:
Network> ldap set server ldap-server.example.com
OK Completed
For example, if you enter an IP address for the value you get the followingmessage:
Network> ldap set server 10.10.10.10
OK Completed
To set the LDAP server port number
◆ To set the LDAP server port number, enter the following:
Network> ldap set port value
where value is the LDAP server port number.
For example:
Network> ldap set port 555
OK Completed
To set SFS to use LDAP over SSL
◆ To set SFS to use LDAP over SSL, enter the following:
Network> ldap set ssl {on|off}
For example:
Network> ldap set ssl on
OK Completed
Configuring SFS network settingsAbout configuring LDAP server settings
76
To set the bind DN for the LDAP server
◆ To set the bind DN for the LDAP server, enter the following:
Network> ldap set binddn value
where value is the LDAP bind DN in the following format:
cn=binduser,dc=yourorg,dc=com
The value setting is mandatory.
You are prompted to supply a password. You must use your LDAP serverpassword.
For example:
Network> ldap set binddn cn
Enter password for 'cn': ***
OK Completed
To set the root bind DN for the LDAP server
◆ To set the root bind DN for the LDAP server, enter the following:
Network> ldap set rootbinddn value
where value is the LDAP root bind DN in the following format:
cn=admin,dc=yourorg,dc=com
You are prompted to supply a password. You must use your LDAP serverpassword.
For example:
Network> ldap set rootbinddn dc
Enter password for 'dc': ***
OK Completed
77Configuring SFS network settingsAbout configuring LDAP server settings
To set the LDAP users, groups, or netgroups base DN
◆ To set the LDAP users, groups, or netgroups base DN, enter the following:
Network> ldap set users-basedn value
Network> ldap set groups-basedn value
Network> ldap set netgroups-basedn value
Specifies the value for the users-basedn. For example:
ou=users,dc=example,dc=com (default)
users-basednvalue
Specifies the value for the groups-basedn. For example:
ou=groups,dc=example,dc=com (default)
groups-basednvalue
Specifies the value for the netgroups-basedn. For example:
ou=netgroups,dc=example,dc=com (default)
netgroups-basednvalue
For example:
Network> ldap set users-basedn ou=Users,dc=example,dc=com
OK Completed
To set the password hash algorithm
◆ To set the password hash algorithm, enter the following:
Network> ldap set password-hash {clear|crypt|md5}
For example:
Network> ldap set password-hash clear
OK Completed
Configuring SFS network settingsAbout configuring LDAP server settings
78
To display the LDAP configured settings
◆ To display the LDAP configured settings, enter the following:
Network> ldap get {server|port|basedn|binddn|ssl|rootbinddn|
users-basedn|groups-basedn|netgroups-basedn|password-hash}
For example:
Network> ldap get server
LDAP server: ldap-server.example.com
OK Completed
To clear the LDAP setting
◆ To clear the previously configured LDAP setting, enter the following:
Network> ldap clear {server|port|basedn|binddn|ssl|rootbinddn|
users-basedn|groups-basedn|netgroups-basedn|password-hash}
For example:
Network> ldap clear binddn
OK Completed
About administering SFS cluster's LDAP clientYou can display the Lightweight Directory Access Protocol (LDAP) clientconfigurations. LDAP clients use the LDAPv3 protocol to communicate with theserver.
Table 4-8 LDAP client commands
DefinitionCommand
Displays the SFS cluster's LDAP client configuration.
See “To display LDAP client configuration” on page 80.
ldap show
Enables the LDAP client configuration.
See “To enable LDAP client configuration” on page 81.
ldap enable
Disables the LDAP client configuration. This command stops SFS fromquerying the LDAP service.
See “To disable LDAP client configuration” on page 81.
ldap disable
79Configuring SFS network settingsAbout administering SFS cluster's LDAP client
Administering the SFS cluster's LDAP clientTo display LDAP client configuration
◆ To display LDAP client configuration, enter the following:
Network> ldap show [users|groups|netgroups]
Displays the LDAP users that are available in the Name ServiceSwitch (NSS) database.
users
Displays the LDAP groups that are available in the NSS database.groups
Displays the LDAP netgroups that are available in the NSSdatabase.
netgroups
If you do not include one of the optional variables, the command displays allthe configured settings for the LDAP client. For example:
Network> ldap show
LDAP client is enabled.
=======================
LDAP server: ldap_server
LDAP port: 389 (default)
LDAP base DN: dc=example,dc=com
LDAP over SSL: on
LDAP bind DN: cn=binduser,dc=example,dc=com
LDAP root bind DN: cn=admin,dc=example,dc=com
LDAP password hash: md5
LDAP users base DN: ou=Users,dc=example,dc=com
LDAP groups base DN: ou=Groups,dc=example,dc=com
LDAP netgroups base DN: ou=Netgroups,dc=example,dc=com
OK Completed
Network>
LDAP clients use the LDAPv3 protocol for communicating with the server. Enablingthe LDAP client configures the Pluggable Authentication Module (PAM) files touse LDAP. PAM is the standard authentication framework for Linux.
Configuring SFS network settingsAbout administering SFS cluster's LDAP client
80
To enable LDAP client configuration
◆ To enable LDAP client configuration, enter the following:
Network> ldap enable
For example:
Network> ldap enable
Network>
LDAP clients use the LDAPv3 protocol for communicating with the server. Thiscommand configures the PAM configuration files so that they do not use LDAP.
To disable LDAP client configuration
◆ To disable LDAP client configuration, enter the following:
Network> ldap disable
For example:
Network> ldap disable
Network>
About NISSFS supports Network Information Service (NIS), implemented in a NIS server,as an authentication authority. You can use NIS to authenticate computers.
If your environment uses NIS, enable the NIS-based authentication on the SFScluster.
Table 4-9 NIS commands
DefinitionCommand
Displays the NIS server name, domain name, the NIS users, groups,and netgroups that are available in the NIS database.
See “To display NIS-related settings” on page 82.
nis show
Sets the NIS domain name in the SFS cluster.
See “To set the NIS domain name on all nodes in the cluster”on page 82.
nis setdomainname
Sets the NIS server name in the SFS cluster.
See “To set NIS server name on all nodes in the cluster” on page 83.
nis set servername
81Configuring SFS network settingsAbout NIS
Table 4-9 NIS commands (continued)
DefinitionCommand
Enables the NIS clients in the SFS cluster. You must set the NIS domainname and NIS server name before you can enable NIS.
See “To enable NIS clients” on page 83.
nis enable
Disables the NIS clients in the SFS cluster.
See “To disable NIS clients” on page 83.
nis disable
Configuring the NIS-related commandsTo display NIS-related settings
◆ To display NIS-related settings, enter the following:
Network> nis show [users|groups|netgroups]
Displays the NIS users that are available in the SFS cluster's NISdatabase.
users
Displays the NIS groups that are available in the SFS cluster'sNIS database.
groups
Displays the NIS netgroups that are available in the SFS cluster'sNIS database.
netgroups
For example:
Network> nis show
NIS Status : Disabled
domain :
NIS Server :
To set the NIS domain name on all nodes in the cluster
◆ To set the NIS domain name on the cluster nodes, enter the following:
Network> nis set domainname [domainname]
where domainname is the domain name.
For example:
Network> nis domainname domain_1
Setting domainname: "domain_1"
Configuring SFS network settingsAbout NIS
82
To set NIS server name on all nodes in the cluster
◆ To set the NIS server name on all cluster nodes, enter the following:
Network> nis set servername servername
where servername is the NIS server name. You can use the server's name orIP address.
For example:
Network> nis servername 10.10.10.10
Setting NIS Server "10.10.10.10"
To enable NIS clients
◆ To enable NIS clients, enter the following:
Network> nis enable
For example:
Network> nis enable
Enabling NIS Client on all the nodes.....
Done. Please enable NIS in nsswitch settings for required services.
To view the new settings, enter the following:
Network> nis show
NIS Status : Enabled
domain : domain_1
NIS Server : 10.10.10.10
To disable NIS clients
◆ To disable NIS clients, enter the following:
Network> nis disable
For example:
Network> nis disable
Disabling NIS Client on all nodes
Please disable NIS in nsswitch settings for required services.
83Configuring SFS network settingsAbout NIS
About NSSName Service Switch (NSS) is an SFS cluster service which provides a singleconfiguration location to identify the services (such as NIS or LDAP) for networkinformation such as hosts, groups, or passwords.
For example, host information may be on an NIS server. Group information maybe in an LDAP database.
The NSS configuration specifies which network services the SFS cluster shoulduse to authenticate hosts, users, groups, and netgroups. The configuration alsospecifies the order in which multiple services should be queried.
Table 4-10 NSS commands
DefinitionCommand
Displays the NSS configuration.
See “To display the NSS configuration” on page 84.
nsswitch show
Configures the order of the NSS services.
See “To configure the NSS lookup order” on page 84.
nsswitch conf
Configuring NSS lookup orderTo display the NSS configuration
◆ To display the NSS configuration, enter the following:
Network> nsswitch show
group: files nis winbind ldap
hosts: files nis dns
netgroup: nis
passwd: files nis winbind ldap
shadow: files winbind
Network>
To configure the NSS lookup order
◆ To configure the NSS lookup order, enter the following:
Network> nsswitch conf {group|hosts|netgroups|passed|shadow}
value1 [[value2]] [[value3]] [[value4]]
Selects the group file.group
Configuring SFS network settingsAbout NSS
84
Selects the hosts file.hosts
Selects the netgroups file.netgroups
Selects the password.passed
Selects the shadow file.shadow
Specifies the following NSS lookup order with the followingvalues:
■ value1 (required)- { files/nis/winbind/ldap }
■ value2 (optional) - { files/nis/winbind/ldap }
■ value3 (optional) - { files/nis/winbind/ldap }
■ value4 (optional) - { files/nis/winbind/ldap }
To select DNS, you must use the following command:
Network> nsswitch conf hosts
nsswitch conf hosts <value1> [value2] [value3]--select hosts file
value1 : Choose the type (files) (files)value2 : Type the type (files/nis/dns) []value3 : Type the type (files/nis/dns) []
value
For example:
Network> nsswitch conf shadow files ldap
Network> nsswitch show
group: files nis winbind ldap
hosts: files nis dns
netgroup: nis
passwd: files nis winbind ldap
shadow: files ldap
About VLANThe virtual LAN (VLAN) feature lets you create VLAN interfaces on the SFS nodesand administer them as any other VLAN interfaces. The VLAN interfaces arecreated using Linux support for VLAN interfaces.
The Network> vlan commands view, add, or delete VLAN interfaces.
85Configuring SFS network settingsAbout VLAN
Table 4-11 VLAN commands
DefinitionCommand
Displays the VLAN interfaces.
See “To display the VLAN interfaces” on page 86.
vlan show
Adds a VLAN interface.
See “To add a VLAN interface” on page 87.
vlan add
Deletes a VLAN interface.
See “To delete a VLAN interface” on page 87.
vlan del
Configuring VLANTo display the VLAN interfaces
◆ To display the VLAN interfaces, enter the following:
Network> vlan show
For example:
VLAN DEVICE VLAN id
----- ------ -------
pubeth0.2 pubeth0 2
Configuring SFS network settingsAbout VLAN
86
To add a VLAN interface
◆ To add a VLAN interface, enter the following:
Network> vlan add device vlan_id
Specifies the VLAN interface on which the VLAN interfaces willbe added.
device
Specifies the VLAN ID which the new VLAN interface uses. Validvalues range from 1 to 4095.
vlan_id
For example:
Network> vlan add pubeth1 2
Network> vlan show
VLAN DEVICE VLAN id
----- ------ -------
pubeth0.2 pubeth0 2
pubeth1.2 pubeth1 2
To delete a VLAN interface
◆ To delete a VLAN interface, enter the following:
Network> vlan del vlan_device
where the vlan_device name combines the interface on which the VLAN isbased and the VLAN ID separated by '.'.
For example:
Network> vlan del pubeth0.2
Network> vlan show
VLAN DEVICE VLAN id
----- ------ -------
pubeth1.2 pubeth1 2
87Configuring SFS network settingsAbout VLAN
Configuring SFS network settingsAbout VLAN
88
Configuring your NFS server
This chapter includes the following topics:
■ About NFS server commands
About NFS server commandsThe clustered NFS Server provides file access services to UNIX and Linux clientcomputers via the Network File System (NFS) protocol.
You use the NFS commands to start and stop your NFS server. The NFS commandsare defined in Table 5-1.
Note: For the NFS> share commands, go to About NFS file sharing.
To access the commands, log into the administrative console (for master,system-admin, or storage-admin) and enter NFS>mode. For login instructions, goto About using the SFS command-line interface.
Table 5-1 NFS mode commands
DefinitionCommand
Displays the status of the NFS server.
See “To check on the NFS server status” on page 90.
server status
Starts the NFS server.
See “Starting the NFS server” on page 91.
server start
Stops the NFS server.
See “To stop the NFS server” on page 91.
server stop
5Chapter
Table 5-1 NFS mode commands (continued)
DefinitionCommand
Prints the NFS statistics.
See “To display statistics for all the nodes in the cluster on the NFSserver” on page 92.
stat
Displays all of the online file systems and snapshots that can beexported.
See “To display a file system and snapshots that can be exported”on page 93.
show fs
Accessing the NFS serverTo check on the NFS server status
◆ Prior to starting the NFS server, check on the status of the server by entering:
NFS> server status
For example:
NFS> server status
NFS Status on sfs_1 : OFFLINE
NFS Status on sfs_2 : OFFLINE
The states (ONLINE, OFFLINE, and FAULTED) correspond to each SFS nodeidentified by the node name. The states of the node may vary depending on thesituation for that particular node.
The possible states of the NFS> server status command are:
Indicates that the node can serve NFS protocols to the client.ONLINE
Indicates the NFS services on that node are down.OFFLINE
Indicates something is wrong with the NFS service on the node.FAULTED
You can run the NFS> server start command to restart the NFS services, andonly the nodes where NFS services have problems, will be restarted.
Configuring your NFS serverAbout NFS server commands
90
Starting the NFS server
◆ To start the NFS server, enter the following:
NFS> server start
You can use the NFS> server start command to clear an OFFLINE statefrom the NFS> server status output by only restarting the services that areoffline. You can run the NFS> server start command multiple times withoutit affecting the already-started NFS server.
For example:
NFS> server start
..Success.
Run the NFS> server status command again to confirm the change.
NFS> server status
NFS Status on sfs_1 : ONLINE
NFS Status on sfs_2 : ONLINE
To stop the NFS server
◆ To stop the NFS server, enter the following:
NFS> server stop
For example:
NFS> server stop
..Success.
You will receive an error if you try to stop an already stopped NFS server.
91Configuring your NFS serverAbout NFS server commands
Displaying NFS statisticsTo display statistics for all the nodes in the cluster on the NFS server
◆ To display NFS statistics, enter the following:
NFS> stat [nodename]
where nodename specifies the node name for which you are trying to obtainthe statistical information. If the nodename is not specified, statistics for allthe nodes in the cluster are displayed.
For example:
NFS> stat sfs_01
sfs_01
----------------
Server rpc stats:
calls badcalls badauth badclnt xdrcall
52517 0 0 0 0
Server nfs v2:
null getattr setattr root lookup readlink
10 100% 0 0% 0 0% 0 0% 0 0% 0 0%
read wrcache write create remove rename
0 0% 0 0% 0 0% 0 0% 0 0% 0 0%
link symlink mkdir rmdir readdir fsstat
0 0% 0 0% 0 0% 0 0% 0 0% 0 0%
Server nfs v3:
null getattr setattr lookup access readlink
11 0% 17973 35% 0 0% 5951 11% 6997 13% 1034 2%
read write create mkdir symlink mknod
4138 8% 4137 8% 3251 6% 1255 2% 1034 2% 0 0%
remove rmdir rename link readdir readdirplus
0 0% 1 0% 0 0% 0 0% 0 0% 1361 2%
fsstat fsinfo pathconf commit
0 0% 2 0% 0 0% 3067 6%
Configuring your NFS serverAbout NFS server commands
92
Displaying file systems and snapshots that can be exportedTo display a file system and snapshots that can be exported
◆ To display online file systems and the snapshots that can be exported, enterthe following:
NFS> show fs
For example:
NFS> show fs
FS/Snapshot
===========
fs1
93Configuring your NFS serverAbout NFS server commands
Configuring your NFS serverAbout NFS server commands
94
Configuring storage
This chapter includes the following topics:
■ About storage provisioning and management
■ About configuring storage pools
■ About configuring disks
■ About displaying information for all disk devices
■ Increasing the storage capacity of a LUN
■ Printing WWN information
■ Initiating SFS host discovery of LUNs
■ About I/O fencing
About storage provisioning and managementStorage provisioning in SFS focuses on the storage pool, which is comprised of aset of disks.
The file system commands accept a set of pools as an argument. For example,creating a file system takes one or more pools, and creates a file system over someor all of the pools. A mirrored file system takes multiple pools as an argumentand creates a file system such that each copy of the data resides on a differentpool.
To provision SFS storage, verify that the Logical Unit Numbers (LANS) ormeta-LANS in your physical storage arrays have been zoned for use with the SFScluster. The storage array administrator normally allocates and zones this physicalstorage.
6Chapter
Use the SFS Storage> pool commands to create storage pools using disks (thenamed LANS). Each disk can only belong to one storage pool. If you try to add adisk that is already in use, an error message is displayed.
With these storage pools, use the Storage> fs commands to create file systemswith different layouts (for example mirrored, striped, striped-mirror).
The storage commands are defined in Table 6-1.
To access the commands, log into the administrative console (master,system-admin, or storage-admin) and enter the Storage> mode. For logininstructions, go to About using the SFS command-line interface.
Table 6-1 Storage mode commands
DefinitionCommand
Configures storage pools.
See “About configuring storage pools” on page 96.
pool
Configures the disk(s) in the pool.
See “About configuring disks” on page 101.
pool adddisk, poolmvdisk, poolrmdisk
Prints the World Wide Name (WWN) information for all of the nodesin the cluster.
See “Printing WWN information” on page 109.
hba
Scans all of the SCSI devices connected to all of the nodes in thecluster.
See “Initiating SFS host discovery of LUNs ” on page 110.
scanbus
Protects the data integrity if the split-brain condition occurs.
See “About I/O fencing” on page 111.
fencing
Lists all of the available disks, and identifies which ones you want toassign to which pools.
See “About displaying information for all disk devices” on page 105.
disk list
About configuring storage poolsA storage pool is a group of disks from which SFS allocates capacity when youcreate or expand file systems. During the initial configuration, you use theStorage> commands to create storage pools, to “discover” disks, and to assign
Configuring storageAbout configuring storage pools
96
them to pools. Disk discovery and pool assignment are done once. SFS propagatesdisk information to all cluster nodes.
You must first create storage pools that can be used to build file systems on. Disksand pools can be specified in the same command provided the disks are part ofan existing storage pool.
The pool and disk specified first are allocated space before other pools and disks.
If the specified disk is larger than the space allocated, the reminder of the spaceis still utilized when another file system is created spanning the same disk.
Table 6-2 Configure storage pool commands
DefinitionCommand
Creates storage pools. You can build file systems on top of them.
Note:Disks being used for thepool create command must supportSCSI-3 PGR registrations if I/O fencing is enabled.
Note:The minimum size of disks required for creating a pool or addinga disk to the pool is 10 MB.
See “To create the storage pool used to create a file system” on page 99.
pool create
Lists all of the available disks, and identifies which ones you want toassign to which pools.
A storage pool is a collection of disks from shared storage; the pool isused as the source for adding file system capacity as needed.
Note:Your output for thepool list command depends upon whichnode console is running.
See “To list your pools” on page 100.
pool list
Renames a pool.
See “To rename a pool” on page 100.
pool rename
Destroys storage pools used to create file systems. Destroying a pooldoes not delete the data on the disks that make up the storage pool.
See “To destroy a storage pool” on page 101.
pool destroy
97Configuring storageAbout configuring storage pools
Table 6-2 Configure storage pool commands (continued)
DefinitionCommand
Lists the free space in each of the pools.
Free space information includes:
■ Disk name
■ Free space
■ Total space
■ Use %
See “To list free space for pools” on page 101.
pool free
Configuring storageAbout configuring storage pools
98
Configuring storage poolsTo create the storage pool used to create a file system
1 List all of the available disks, and identify which ones you want to assign towhich pools.
Storage> disk list
Disk sfs_01
==== ========
disk1 OK
2 To create a storage pool, enter the following:
Storage> pool create pool_name disk1[,disk2,...]
Specifies what the created storage pool will be named. Thestorage pool name should be a string.
pool_name
Specifies the disks to include in the storage pool. If thespecified disk does not exist, an error message is displayed.Use the Storage> disk list command to view theavailable disks.
Each disk can only belong to one storage pool. If you try toadd a disk that is already in use, an error message isdisplayed.
To specify additional disks to be part of the storage pool,use a comma with no space in between.
disk1, disk2,...
For example:
Storage> pool create pool1 Disk_0,Disk_1
SFS pool Success V-288-1015 Pool pool1 created successfully
100% [#] Creating pool pool1
99Configuring storageAbout configuring storage pools
To list your pools
◆ To list your pools, enter the following:
Storage> pool list
For example:
Storage> pool list
Pool List of disks
--------- ---------------------
pool1 Disk_0 Disk_1
pool2 Disk_2 Disk_3
pool3 Disk_4 Disk_5
To rename a pool
◆ To rename a pool, enter the following:
Storage> pool rename old_name new_name
Specifies the name for the existing pool that will be changed. Ifthe old name is not the name of an existing pool, an error messageis displayed.
old_name
Specifies the new name for the pool. If the specified new namefor the pool is already being used by another pool, an errormessage is displayed.
new_name
For example:
Storage> pool rename pool1 p01
SFS pool Success V-288-0 Disk(s) Pool rename successful.
Configuring storageAbout configuring storage pools
100
To destroy a storage pool
◆ To destroy a storage pool, enter the following:
Storage> pool destroy pool_name
where pool_name specifies the storage pool to delete. If the specifiedpool_name is not an existing storage pool, an error message is displayed.
For example:
Storage> pool destroy pool1
SFS pool Success V-288-988 Pool pool1 is destroyed.
Because you cannot destroy an Unallocated storage pool, you need to removethe disk from the storage pool using the Storage> pool rmdisk commandprior to trying to destroy the storage pool. Go to To remove a disk.
If you want to move the disk from the unallocated pool to another existingpool, you can use the Storage> pool mvdisk command. Go to To move disksfrom one pool to another.
To list free space for pools
◆ To list free space for your pool, enter the following:
Storage> pool free [pool_name]
where pool_name specifies the pool for which you want to display free spaceinformation.
If a specified pool does not exist, an error message is displayed.
If pool_name is omitted, the free space for every pool is displayed, butinformation for specific disks is not displayed.
For example:
storage> pool free
Pool Free Space Total Space Use%
==== ========== =========== ====
pool_1 0 KB 165.49M 100%
pool_2 0 KB 165.49M 100%
pool_3 57.46M 165.49M 65%
About configuring disksDisks and pools can be specified in the same command provided the disks are partof an existing storage pool.
101Configuring storageAbout configuring disks
The pool and disk that are specified first are allocated space before other poolsand disks.
If the specified disk is larger than the space allocated, the remainder of the spaceis still utilized when another file system is created spanning the same disk.
Table 6-3 Configure disks commands
DefinitionCommand
You can add a new disk to an existing pool. A disk can belong to onlyone pool.
The minimum size of disks required for creating a pool or adding adisk to the pool is 10 MB.
Note:Disks being used for thepool adddisk command must supportSCSI-3 PGR registrations if I/O fencing is enabled.
See “To add a disk” on page 103.
pool adddisk
You can move disks from one storage pool to another.
Note: You cannot move a disk from one storage pool to another if thedisk has data on it.
See “To move disks from one pool to another” on page 104.
pool mvdisk
You can remove a disk from a pool.
Note: You cannot remove a disk from a pool if the disk has data onit.
See “To remove a disk” on page 105.
If a specified disk does not exist, an error message is displayed. If oneof the disks does not exist, then none of the disks are removed.
A pool cannot exist if there are no disks assigned to it. If a diskspecified to be removed is the only disk for that pool, the pool isremoved as well as the assigned disk.
If the specified disk to be removed is being used by a file system, thenthat disk will not be removed.
pool rmdisk
Configuring storageAbout configuring disks
102
Configuring disksTo add a disk
◆ To add a new disk to an existing pool, enter the following:
Storage> pool adddisk pool_name disk1[,disk2,...]
Specifies the pool to be added to the disk. If the specified poolname is not an existing pool, an error message is displayed.
pool_name
Specifies the disks to be added to the pool.
To add additional disks, use a comma with no spaces between.
A disk can only be added to one pool, so if the entered disk isalready in the pool, an error message is displayed.
disk1,disk2,...
For example:
Storage> pool adddisk pool2 Disk_2
SFS pool Success V-288-0 Disk(s) Disk_2 are added
to pool2 successfully.
103Configuring storageAbout configuring disks
To move disks from one pool to another
◆ To move a disk from one pool to another, or from an unallocated pool to anexisting pool, enter the following:
Storage> pool mvdisk src_pool dest_pool disk1[,disk2,...]
Specifies the source pool to move the disks from. If the specifiedsource pool does not exist, an error message is displayed.
src_pool
Specifies the destination pool to move the disks to. If the specifieddestination pool does not exist, a new pool is created with thespecified name. The disk is moved to that pool.
dest_pool
Specifies the disks to be moved.
To specify multiple disks to be moved, use a comma with no spacein between.
If a specified disk is not part of the source pool or does not exist,an error message is displayed. If one of the disks to be moveddoes not exist, all of the specified disks to be moved will not bemoved.
If all of the disks for the pool are moved, the pool is removed(deleted from the system), since there are no disks associatedwith the pool.
disk1,disk2,...
For example:
Storage> pool mvdisk p01 pool2 Disk_0
SFS pool Success V-288-0 Disk(s) moved successfully.
Configuring storageAbout configuring disks
104
To remove a disk
1 To remove a disk from a pool, enter the following:
Storage> pool rmdisk disk1[,disk2,...]
where disk1,disk2 specifies the disk(s) to be removed from the pool.
An unallocated pool is a reserved pool for holding disks that are removedfrom other pools.
For example:
Storage> pool list
Pool Name List of disks
---------- ---------------------
pool1 Disk_0 Disk_1
pool2 Disk_2 Disk_5
pool3 Disk_3 Disk_4
Unallocated Disk_6
Storage> pool rmdisk Disk_6
SFS pool Success V-288-987 Disk(s) Disk_6 are removed successfully.
Storage> pool list
Pool Name List of disks
---------- ---------------------
pool1 Disk_0 Disk_1
pool2 Disk_2 Disk_5
pool3 Disk_3 Disk_4
The Disk_6 disk no longer appears in the output.
2 To remove additional disks, use a comma with no spaces in between.
For example:
Storage> pool rmdisk disk1,disk2
Storage>
About displaying information for all disk devicesThe Storage> disk list command displays the aggregated information of thedisk devices connected to all of the nodes in the cluster.
105Configuring storageAbout displaying information for all disk devices
Table 6-4 Disk devices commands
DefinitionCommand
Displays a list of disks and nodes in tabular form. Each rowcorresponds to a disk, and each column corresponds to a node.
■ If an OK appears in the table, it indicates that the disk thatcorresponds to that row is accessible by the node that correspondsto that column.
■ If an ERR appears in the table, it indicates that the disk thatcorresponds to that row is inaccessible by the node thatcorresponds to that column. This list does not include the internaldisks of each node.
See “To display a list of disks and nodes in tabular form” on page 107.
disk list stats(default)
Displays the disk information, including a list of disks and theirproperties. If the console server is unable to access any disk, but ifany other node in the cluster is able to access that disk, then that diskis shown as "---."
See “To display the disk information” on page 108.
disk list detail
Displays the list of multiple paths of disks connected to all of the nodesin the cluster. It also shows the status of each path on each node inthe cluster.
See “To display the disk list paths” on page 108.
disk list paths
Displays the enclosure name, array name, and array type for aparticular disk that is present on all of the nodes in the cluster.
See “To display information for all disk devices associated with nodesin a cluster” on page 108.
disk list types
Displaying information for all disk devices associated with nodes in acluster
Depending on which command variable you use, the column headings will differ.
Indicates the disk name.Disk
Indicates the serial number for the disk.Serial Number
Indicates the type of storage enclosure.Enclosure
Indicates the size of the disk.Size
Indicates the percentage of the disk that is being used.Use%
Configuring storageAbout displaying information for all disk devices
106
ID column consists of the following four fields. A ":" separates thesefields.
■ VendorID - Specifies the name of the storage vendor, for example,NETAPP, HITACHI, IBM, EMC, HP, and so on.
■ ProductID - Specifies the ProductID based on vendor. Each vendormanufactures different products. For example, HITACHI hasHDS5700, HDS5800, and HDS9200 products. These products haveProductIDs such as DF350, DF400, and DF500.
■ TargetID - Specifies the TargetID. Each port of an array is a target.Two different arrays or two ports of the same array have differentTargetIDs. TargetIDs start from 0.
■ LunID - Specifies the ID of the LUN. This should not be confusedwith the LUN serial number. LUN serial numbers uniquely identifya LUN in a target. Whereas a LunID uniquely identifies a LUN inan initiator group (or host group). Two LANS in the same initiatorgroup cannot have the same LunID. For example, if a LUN isassigned to two clusters, then the LunID of that LUN can bedifferent in different clusters, but the serial number is the same.
ID
Name of the enclosure to distinguish between arrays having the samearray name.
Enclosure
Indicates the name of the storage array.Array Name
Indicates the type of storage array and can contain any one of thethree values: Disk for JBODs, Active-Active, and Active-Passive.
Array Type
To display a list of disks and nodes in tabular form
◆ To display a list of disks and nodes in tabular form, enter the following:
Storage> disk list stats
Disk sfs_1 sfs_2
==== ======== ========
disk1 OK OK
107Configuring storageAbout displaying information for all disk devices
To display the disk information
◆ To display the disk information, enter the following:
Storage> disk list detail
Disk Pool Enclosure Size Use%
==== ==== ========== ==== ====
disk1 p2 OTHER_DISKS 10.00G 0.0%
ID Serial Number
== =============
VMware%2C:VMware%20Virtual%20S:0:0 -
To display the disk list paths
◆ To display the disks multiple paths, enter the following:
Storage> disk list paths
Disk Paths sfs_1 sfs_2
==== ===== ======== ========
disk1 Path 1 enabled,active enabled,active
To display information for all disk devices associated with nodes in a cluster
◆ To display information for all of the disk devices connected to all of the nodesin a cluster, enter the following:
Storage> disk list types
Disk Enclosure Array Name Array Type
==== ========== ========== ==========
Disk_0 Disk Disk Disk
Disk_1 Disk Disk Disk
Disk_3 Disk Disk Disk
Disk_4 Disk Disk Disk
Disk_5 Disk Disk Disk
Increasing the storage capacity of a LUNThe Storage> disk grow command lets you increase the storage capacity of apreviously created LUN on a storage array disk.
Configuring storageIncreasing the storage capacity of a LUN
108
Warning: When increasing the storage capacity of a disk, make sure that thestorage array does not reformat it. This will destroy the data. For help, contactyour Storage Administrator.
To increase the storage capacity of a LUN
1 Increase the storage capacity of the disk on your storage array. Contact yourStorage Administrator for assistance.
2 Run the SFS Storage> scanbus command to make sure that the disk isconnected to the SFS cluster.
See “Initiating SFS host discovery of LUNs ” on page 110.
3 To increase the storage capacity of the LUN, enter the following:
Storage> disk grow disk_name
where disk_name is the name of the disk.
For example:
Storage> disk grow Disk_0
SFS disk SUCCESS V-288-0 disk grow Disk_0 completed successfully
Printing WWN informationThe Storage> hba (host bus adapter) command prints World Wide Name (WWN)information for all of the nodes in the cluster. If you want to find the WWNinformation for a particular node, specify the node name.
109Configuring storagePrinting WWN information
To print WWN information
◆ To print the WWN information, enter the following:
Storage> hba [host_name]
where you can use the host_name variable if you want to find WWNinformation for a particular node.
Example output:
Storage> hba
Node Host Initiator HBA WWNs
==== =======================
sfs_1 21:00:00:e0:8b:9d:85:27, 21:01:00:e0:8b:bd:85:27
sfs_2 21:00:00:e0:8b:9d:65:1c, 21:01:00:e0:8b:bd:65:1c
sfs_3 21:00:00:e0:8b:9d:88:27, 21:01:00:e0:8b:bd:88:27
There are two WWN on each row that represent the two HBAs for each node.
Initiating SFS host discovery of LUNsThe Storage> scanbus command scans all of the SCSI devices connected to allof the nodes in the cluster. When you add new storage to your devices, you mustscan for new SCSI devices. You only need to issue the command once and all ofthe nodes discover the newly added disks. And the command updates the deviceconfigurations without interrupting the existing I/O activity. The scan does notinform you if there is a change in the storage configuration. You can see the lateststorage configuration using the Storage> disk list command.
You do not need to reboot after scanbus has completed.
To scan SCSI devices
◆ To scan the SCSI devices connected to all of the nodes in the cluster, enterthe following:
Storage> scanbus
For example:
Storage> scanbus
100% [#] Scanning the bus for disks
Storage>
Configuring storageInitiating SFS host discovery of LUNs
110
About I/O fencingIn the SFS cluster, one method of communication between the nodes is conductedthrough heartbeats over private links. If two nodes cannot verify each other'sstate because they cannot communicate, then neither node can distinguish if thefailed communication is because of a failed link or a failed partner node. Thenetwork breaks into two networks that cannot communicate with each other butdo communicate with the central storage. This condition is referred to as the"split-brain" condition.
I/O fencing (also referred to as disk fencing) protects data integrity if the split-braincondition occurs. I/O fencing determines which nodes are to retain access to theshared storage and which nodes are to be removed from the cluster, to preventpossible data corruption.
To protect the data on the shared disks, each system in the cluster must beconfigured to use I/O fencing by making use of special purpose disks calledcoordinator disks. They are standard disks or LUNs that are set aside for use bythe I/O fencing driver. You can specify three (or an odd number greater than three)disks as coordinator disks.
The coordinator disks act as a global lock device during a cluster reconfiguration.This lock mechanism determines which node is allowed to fence off data drivesfrom other nodes. A system must eject a peer from the coordinator disks beforeit can fence the peer from the data drives. Racing for control of coordinator disksis how fencing helps prevent split-brain. Coordinator disks cannot be used forany other purpose. You cannot store data on them, or include them in a disk groupfor user data.
To use the I/O fencing feature, you need to create a separate coordinator diskgroup, which will contain the three coordinator disks. Your minimum configurationmust be a two-node cluster with SFS software installed and have more than fiveshared disks. For the list of storage commands needed to perform I/O fencingrelated operations, go to Table 6-5.
Table 6-5 I/O fencing commands
DefinitionCommand
Checks the status of I/O fencing. It shows whether the coordinatordisk group is currently enabled or disabled. It also shows the statusof the individual coordinator disks.
See “To check status of I/O fencing” on page 113.
fencing status
111Configuring storageAbout I/O fencing
Table 6-5 I/O fencing commands (continued)
DefinitionCommand
Checks if the coordinator disk group has three disks. If not, you willneed to add disks to the coordinator disk pool until three are present.
The minimum LUN size is 10MB.
See “To add disks to coordinator disk group” on page 114.
fencing on
Replaces a coordinator disk with another disk. The command firstchecks the whether the replacement disks is in failed state or not. Ifits in the failed state, then an error appears.
After the command verifies that the replacement disk is not in a failedstate, it checks whether the replacement disk is already being usedby an existing pool (storage or coordinator). If it is not being used byany pool, the original disk is replaced.
See “To replace an existing coordinator disk” on page 115.
fencing replace
Disables I/O fencing on all of the nodes. This command does not freeup the coordinator disks.
See “To disable I/O fencing” on page 115.
fencing off
Destroys the coordinator pool if I/O fencing is disabled. This commandis not supported on a single-node setup.
See “To destroy the coordinator pool” on page 115.
fencing destroy
Configuring storageAbout I/O fencing
112
Configuring I/O fencingTo check status of I/O fencing
◆ To check the status of I/O fencing, enter the following:
Storage> fencing status
In the following example, the I/O fencing is configured on the three disksDisk_0,Disk_1 and Disk_4 and the column header Coord Flag On indicatesthat the coordinator disk group is in an imported state and these disks are ingood condition. If you check the Storage> disk list output, it will be in theOK state.
IO Fencing Status
=================
Disabled
Disk Name Coord Flag On
============== ==============
Disk_0 Yes
Disk_1 Yes
Disk_2 Yes
113Configuring storageAbout I/O fencing
To add disks to coordinator disk group
◆ To add disks to the coordinator disk group, enter the following:
Storage> fencing on [disk1,disk2,disk3]
The three disks are optional arguments and are required only if thecoordinator pool does not contain any disks. You may still provide three disksfor fencing with the coordinator pool already containing three disks. Thiswill however remove the three disks previously used for fencing from thecoordinator pool and configure I/O fencing on the new disks.
For example:
Storage> fencing on
SFS fencing Success V-288-0 IO Fencing feature now Enabled
100% [#] Enabling fencing
Storage> fencing status
IO Fencing Status
=================
Enabled
Disk Name Coord Flag On
============== ==============
Disk_0 Yes
Disk_1 Yes
Disk_2 Yes
Configuring storageAbout I/O fencing
114
To replace an existing coordinator disk
◆ To replace the existing coordinator disk, enter the following:
Storage> fencing replace src_disk dest_disk
where src_disk is the source disk and dest_disk is the destination disk.
For example:
Storage> fencing replace Disk_2 Disk_3
SFS fencing Success V-288-0 Replaced disk Disk_2
with Disk_3 successfully.
100% [#] Replacing disk Disk_2 with Disk_3
Storage> fencing status
IO Fencing Status
=================
Enabled
Disk Name Coord Flag On
============== ==============
Disk_0 Yes
Disk_1 Yes
Disk_3 Yes
To disable I/O fencing
◆ To disable I/O fencing, enter the following:
Storage> fencing off
For example, to disable fencing if it's already enabled:
Storage> fencing off
SFS fencing Success V-288-0 IO Fencing feature now Disabled
100% [#] Disabling fencing
To destroy the coordinator pool
◆ To destroy the coordinator pool, enter the following:
Storage> fencing destroy
Storage>
115Configuring storageAbout I/O fencing
Configuring storageAbout I/O fencing
116
Creating and maintainingfile systems
This chapter includes the following topics:
■ About creating and maintaining file systems
■ Listing all file systems and associated information
■ About creating file systems
■ Adding or removing a mirror to a file system
■ Configuring FastResync for a file system
■ Disabling the FastResync option for a file system
■ Increasing the size of a file system
■ Decreasing the size of a file system
■ Checking and repairing a file system
■ Changing the status of a file system
■ Destroying a file system
■ About snapshots
■ About snapshot schedules
About creating and maintaining file systemsThis chapter discusses the SFS file system commands. You use these commandsto configure your file system.
7Chapter
For more information on the fs commands, See Table 7-1 on page 118.
File systems consist of both metadata and file system data. Metadata containsinformation such as the last modification date, creation time, permissions, andso on. The total amount of space required for the metadata depends on the numberof files in the file system. A file system with many small files requires more spaceto store metadata. A file system with fewer larger files requires less space forhandling the metadata.
When you create a file system, you need to set aside some space for handling themetadata. The space required is generally proportional to the size of the filesystem. For this reason, after you create the file system with the Storage> fs
list command the output includes non-zero percentages. The space set aside forhandling metadata may increase or decrease as needed. For example, a file systemon a 1 GB volume takes approximately 35 MB (about 3%) initially for storingmetadata. In contrast, a file system of 10 MB requires approximately 3.3 MB (30%)initially for storing the metadata.
To access the commands, log into the administrative console (as a master,system-admin, or storage-admin) and enterStorage>mode. For login instructions,go to About using the SFS command-line interface.
Table 7-1 Storage mode commands
DefinitionCommand
Lists all file systems and associated information.
See “To list all file systems and associated information” on page 120.
fs list
Creates a file system.
See “About creating file systems” on page 120.
fs create
Adds a mirror to a file system.
See “To add a mirror to a file system” on page 124.
fs addmirror
Removes a mirror from a file system.
See “To remove a mirror from a file system” on page 126.
fs rmmirror
Keeps the mirrors in the file system in a consistent state.
See “To enable the FastResync option” on page 127.
fs setfastresync
Disables the FastResync option for a file system.
See “To disable the FastResync option” on page 127.
fs unsetfastresync
Creating and maintaining file systemsAbout creating and maintaining file systems
118
Table 7-1 Storage mode commands (continued)
DefinitionCommand
Increases the size of a file system to a specified size.
See “To increase the size of a file system to a specified size” on page 128.
fs growto
Increases the size of a file system by a specified size.
See “To increase the size of a file system by a specified size”on page 128.
fs growby
Decreases the size of a file system to a specified size.
See “To decrease the size of a file system to a specified size”on page 129.
fs shrinkto
Decreases the size of a file system by a specified size.
See “To decrease the size of a file system by a specified size”on page 130.
fs shrinkby
Checks and repair a file system.
See “To check and repair a file system” on page 131.
fs fsck
Mounts (places online) a file system.
See “To change the status of a file system” on page 132.
fs online
Unmounts (places offline) a file system.
See “To change the status of a file system” on page 132.
fs offline
Destroys a file system.
See “To destroy a file system” on page 133.
fs destroy
Copies a set of files and directories as they were at a particular pointin the past.
See “About snapshots” on page 133.
snapshot
Creates or remove a snapshot.
See “About snapshot schedules” on page 138.
snapshot schedule
119Creating and maintaining file systemsAbout creating and maintaining file systems
Listing all file systems and associated informationTo list all file systems and associated information
◆ To list all file systems and associated information, enter the following:
Storage> fs list [fs_name]
where fs_name is optional.
If you enter a file system that does not exist, an error message is displayed.
If you do not enter a specified file system, a list of file systems is displayed.
For example:
Storage> fs list fs1
General Info:
===============
Block Size: 1024 Bytes
Primary Tier
============
Size: 5.00G
Use%: 11%
Layout: simple
Mirrors: -
Columns: -
Stripe Unit: 0.00 K
FastResync: Disabled
Mirror 1:
List of pools: p2
List of disks: sda
About creating file systemsThe Storage> fs commands manage file system operations.
Creating and maintaining file systemsListing all file systems and associated information
120
Table 7-2 Create file systems commands
DefinitionCommand
Creates a simple file system of a specified size. You can specify a blocksize for the file system.
The default block size is determined based on the size of the file systemwhen the file system is created. For example, 1 KB is the default blocksize for up to a 2 TB file system size. There are other default blocksizes, 2 KB, 4 KB, and 8 KB for different ranges of file system sizes. Ifyou create a 1 TB file system, and then increase it to 3 TB, the filesystem block size remains at 1KB.
See “To create a simple file system of a specified size” on page 121.
fs create simple
Creates a mirrored file system with a specified number of mirrors, alist of pools, and online status. Each mirror uses the disks from thecorresponding pools as listed.
See “To create a mirrored file system” on page 122.
fs create mirrored
Creates a mirrored-stripe file system with a specified number ofcolumns, mirrors, pools, and protection options.
See “To create a mirrored-stripe file system” on page 122.
fs createmirrored-stripe
Creates a striped-mirror file system with a specified number of mirrorsand stripes.
See “To create a striped-mirror file system” on page 122.
fs createstriped-mirror
Creates a striped file system. A striped file system is a file system thatstores its data across multiple disks rather than storing the data onone disk.
See “To create a striped file system” on page 122.
fs create striped
Creating a file systemTo create a simple file system of a specified size
◆ To create a simple file system with a specified size, enter the following:
Storage> fs create simple fs_name size
pool1[,disk1,...] [blksize=bytes]
For example:
Storage> fs create simple fs2 10m sda
100% [#] Creating simple filesystem
121Creating and maintaining file systemsAbout creating file systems
To create a mirrored file system
◆ To create a mirrored file system, enter the following:
Storage> fs create mirrored fs_name size nmirrors
pool1[,disk1,...] [protection=disk|pool] [blksize=bytes]
For example:
Storage> fs create mirrored fs1 100M 2 pool1,pool2
100% [#] Creating mirrored filesystem
To create a mirrored-stripe file system
◆ To create a mirrored-stripe file system, enter the following:
Storage> fs create mirrored-stripe fs_name size nmirrors
ncolumns pool1[,disk1,...]
[protection=disk|pool] [stripeunit=kilobytes] [blksize=bytes]
To create a striped-mirror file system
◆ To create a striped-mirror file system, enter the following:
Storage> fs create striped-mirror fs_name size nmirrors
ncolumns pool1[,disk1,...]
[protection=disk|pool] [stripeunit=kilobytes] [blksize=bytes]
To create a striped file system
◆ To create a striped file system, enter the following:
Storage> fs create striped fs_name size ncolumns
pool1[,disk1,...] [stripeunit=kilobytes]
[blksize=bytes]
Specifies the name of the file system being created. The file systemname should be a string. If you enter a file that already exists, youreceive an error message and the file system is not created.
fs_name
Creating and maintaining file systemsAbout creating file systems
122
Specifies the size of a file system.
To create a file system, you need at least 10 MB of space.
Available units are the following:
■ MB
■ GB
■ TB
You can enter the units with either uppercase (10M) or lowercase(10m) letters.
To see how much space is available on a pool, use theStorage> pool
free command.
See “About configuring storage pools” on page 96.
size
Specifies the number of mirrors the file system has. You must entera positive integer.
nmirrors
Specifies the number of columns for the striped file system. Thenumber of columns represents the number of disks to stripe theinformation across. If the number of columns exceeds the number ofdisks for the entered pools, an error message is displayed. This messageindicates that there is not enough space to create the striped filesystem.
ncolumns
Specifies the pool(s) or disk(s) for the file system. If you specify a poolor disk that does not exist, you receive an error message. Specify morethan one pool or disk by separating the name with a comma; however,do not include a space between the comma and the name.
To find a list of pools and disks, use the Storage> pool list
command. To find a list of disks, use the Storage> disk list
command.
The disk must be part of the pool or an error message is displayed.
pool1[,disk1,...]
If you do not specify a protection option, the default is "disk."
The available options for this field are:
■ disk - Creates mirrors on separate disks.
■ pool - Creates mirrors in separate pools. If there is not enoughspace to create the mirrors, an error message is displayed, and thefile system is not created.
protection
123Creating and maintaining file systemsAbout creating file systems
Specifies a stripe width (in kilobytes).
Possible values are the following:
■ 128
■ 256
■ 512 (default)
■ 1024
■ 2048
stripeunit=kilobytes
Specifies the block size for the file system.
Possible values of bytes are the following:
■ 1024 (default)
■ 2048
■ 4096
■ 8192
blksize=bytes
Adding or removing a mirror to a file systemA mirrored file system is one that has copies of itself on other disks or pools.
To add a mirror to a file system
◆ To add a mirror to a file system, enter the following:
Storage> fs addmirror fs_name pool1[,disk1,...] [protection=disk|pool]
Specifies which file system to add the mirror. If the specified filesystem does not exist, an error message is displayed.
fs_name
Creating and maintaining file systemsAdding or removing a mirror to a file system
124
Specifies the pool(s) or disk(s) to use for the file system. If thespecified pool or disk does not exist, an error message isdisplayed, and the file system is not created. You can specifymore than one pool or disk by separating the name with a comma,but do not include a space between the comma and the name.
To find a list of existing pools and disks, use theStorage> pool
list command.
See “About configuring storage pools” on page 96.
To find a list of the existing disks, use theStorage> disk list
command.
See “About displaying information for all disk devices”on page 105.
The disk needs to be part of the pool or an error message isdisplayed.
pool1[,disk1,...]
The default value for the protection field is "disk."
Available options are:
■ disk - Creates mirrors on separate disks.
■ pool - Uses pools from any available pool.
protection
For example:
Storage> fs addmirror fs1 pool3,pool4
Storage>
125Creating and maintaining file systemsAdding or removing a mirror to a file system
To remove a mirror from a file system
◆ To remove a mirror from a file system, enter the following:
Storage> fs rmmirror fs_name [pool_or_disk_name]
Specifies the file system from which to remove the mirror.If you specify a file system that does not exist, an errormessage is displayed.
fs_name
Specifies the pool or disk name to remove from the mirroredfile system that is spanning on the specified pool or disk. Ifyou specify a pool or disk that is not part of the mirroredfile system, an error message is displayed, and no action istaken.
pool_or_disk_name
For a striped-mirror file system, if any of the disks are bad, the Storage> fs
rmmirror command disables the mirrors on the disks that have failed. If nodisks have failed, SFS chooses a mirror to remove.
For example:
Storage> fs rmmirror fs1 AMS_WMS0_0
Storage>
Configuring FastResync for a file systemIf the power fails or a switch fails mirrors in a file system may not be in a consistentstate.
The Storage> fs setfastresync (Fast Mirror Resynchronization (FastResync))command keeps the mirrors in the file system in a consistent state.
Note:You must have at least two mirrors on the file system to enable FastResync.The setfastresync command is enabled by default.
Creating and maintaining file systemsConfiguring FastResync for a file system
126
To enable the FastResync option
◆ To enable FastResync, enter the following:
Storage> fs setfastresync fs_name [pool_or_disk_name]
Specifies the name of the file system for which to enableFastResync. If you specify a file system that does not exist,an error message is displayed. If the FastResync on thespecified file system already has FastResync enabled, anerror message is displayed, and no action is taken.
fs_name
Specifies the pool or disk name to remove from the mirroredfile system that is spanning the specified pool or disk. If youspecify a pool or disk that is not part of the mirrored filesystem, an error message is displayed, and no action istaken.
pool_or_disk_name
For example, to enable for a file system, enter the following :
Storage> fs setfastresync fs6
Storage>
Disabling the FastResync option for a file systemYou can disable the FastResync option for a file system.
To disable the FastResync option
◆ To disable the FastResync option, enter the following:
Storage> fs unsetfastresync fs_name
where fs_name specifies the name of the file system for which to disableFastResync. If you specify a file system does not exist, an error message isdisplayed.
For example:
Storage> fs unsetfastresync fs6
Storage>
Increasing the size of a file systemTo increase the size of a file system it must be online. If the file system is notonline, an error message is displayed, and no action is taken.
127Creating and maintaining file systemsDisabling the FastResync option for a file system
To increase the size of a file system to a specified size
◆ To increase the size of a file system to a specified size, enter the following:
Storage> fs growto {primary|secondary} fs_name new_length
[pool1[,disk1,...]]
[protection=disk|pool]
For example:
Storage> fs growto primary fs1 1G
Storage>
To increase the size of a file system by a specified size
◆ To increase the size of a file system by a specified size, enter the following:
Storage> fs growby {primary|secondary} fs_name length_change
[pool1[,disk1,...]]
[protection=disk|pool]
For example:
Storage> fs growby primary fs1 50M
Storage>
Specifies the primary or secondary tier.primary|secondary
Specifies the file system whose size will be increased. If youspecify a file system that does not exist, an error message isdisplayed.
fs_name
Expands the file system to a specified size. The size specifiedmust be a positive number, and it must be bigger than the sizeof the existing file system. If the new file system is not largerthan the size of the existing file system, an error message isdisplayed, and no action is taken.
This variable is used with theStorage> fs growto command.
new_length
Expands the file system to a specified size. The size specifiedmust be a positive number, and it must be bigger than the sizeof the existing file system. If the new file system is not largerthan the size of the existing file system, an error message isdisplayed, and no action is taken.
This variable is used with theStorage> fs growby command.
length_change
Creating and maintaining file systemsIncreasing the size of a file system
128
Specifies the pool(s) or disk(s) to use for the file system. If youspecify a pool or disk that does not exist, an error message isdisplayed, and the file system is not resized. You can specify morethan one pool or disk by separating the name with a comma;however, do not include a space between the comma and thename.
To find a list of existing pools and disks, use theStorage> pool
list command.
See “About configuring storage pools” on page 96.
To find a list of the existing disks, use theStorage> disk list
command.
See “About displaying information for all disk devices”on page 105.
The disk needs to be part of the pool or an error message isdisplayed.
pool1[,disk1,...]
The default value for the protection field is "disk."
Available options are:
■ disk - New disks required for increasing the size of the filesystem must come from the same pool.
■ pool - Pools are used from any available pool.
protection
Decreasing the size of a file systemYou can decrease the size of the file system.
To decrease the size of the file system, it must be online. If the file system is notonline, an error message is displayed, and no action is taken.
To decrease the size of a file system to a specified size
◆ To decrease the size of a file system, enter the following:
Storage> fs shrinkto {primary|secondary} fs_name new_length
For example:
Storage> fs shrinkto primary fs1 10M
Storage>
129Creating and maintaining file systemsDecreasing the size of a file system
To decrease the size of a file system by a specified size
◆ To decrease the size of a file system, enter the following:
Storage> fs shrinkby {primary|secondary} fs_name length_change
For example:
Storage> fs shrinkby primary fs1 10M
Storage>
Specifies the primary or secondary tier.primary|secondary
Specifies the file system whose size will decrease. If youspecify a file system that does not exist, an error messageis displayed.
fs_name
Specifies the size to decrease the file system to. The sizespecified must be a positive number, and it must be smallerthan the size of the existing file system. If the new filesystem size is not smaller than the size of the existing filesystem, an error message is displayed, and no action istaken.
new_length
Decreases the file system by a specified size. The sizespecified must be a positive number, and it must be smallerthan the size of the existing file system. If the new filesystem size is not smaller than the size of the existing filesystem, an error message is displayed, and no action istaken.
length_change
Checking and repairing a file systemThe Storage> fs fsck command lets you check and repair a file system.
Warning: Using the Storage> fs fsck command on an online file system candamage the data on the file system. Only use the Storage> fs fsck commandon a file system that is offline.
Creating and maintaining file systemsChecking and repairing a file system
130
To check and repair a file system
◆ To check and repair a file system, enter the following:
Storage> fs fsck fs_name
where fs_name specifies the file system for which to check and repair.
For example:
Storage> fs fsck fs1
SFS fs ERROR V-288-693 fs1 must be offline to perform fsck.
Changing the status of a file systemThe Storage> fs online or Storage> fs offline command lets you mount(online) or unmount (offline) a file system. You cannot access an offline file systemfrom a client.
131Creating and maintaining file systemsChanging the status of a file system
To change the status of a file system
◆ To change the status of a file system, enter one of the following, dependingon which status you are using:
Storage> fs online fs_name
Storage> fs offline fs_name
where fs_name specifies the name of the file system that you want to mount(online) or unmount (offline). If you specify a file system that does not exist,an error message is displayed.
For example, to bring a file system online:
Storage> fs list
FS STATUS SIZE LAYOUT MIRRORS COLUMNS USE%
=== ====== ==== ====== ======= ======= ====
fs1 online 5.00G simple - - 10%
fs2 offline 10.00M simple - - -
NFS CIFS SECONDARY
SHARED SHARED TIER
======= ======= =========
no no no
no no no
Storage> fs online fs2
100% [#] Online filesystem
Storage> fs list
FS STATUS SIZE LAYOUT MIRRORS COLUMNS USE%
=== ====== ==== ====== ======= ======= ====
fs1 online 5.00G simple - - 10%
fs2 online 10.00M simple - - 100%
NFS CIFS SECONDARY
SHARED SHARED TIER
======= ======= =========
no no no
no no no
For example, to place a file system offline:
Storage> fs offline fs1
100% [#] Offline filesystem
Creating and maintaining file systemsChanging the status of a file system
132
Destroying a file systemThe Storage> fs destroy command unmounts a file system and releases itsstorage back to the storage pool. You can only destroy an unshared file system.If a file system is shared by using the NFS> share add filesystem command,you must delete the share before you can destroy the file system.
To destroy a file system
◆ To destroy a file system, enter the following:
Storage> fs destroy fs_name
where fs_name specifies the name of the file system that you want to destroy.
For example:
Storage> fs destroy fs1
100% [#] Destroy filesystem
About snapshotsA snapshot is a virtual image of the entire file system. You can create snapshotsof a parent file system on demand. Physically, it contains only data thatcorresponds to changes made in the parent, and so consumes significantly lessspace than a detachable full mirror.
Snapshots are used to recover from data corruption. If files, or an entire filesystem, are deleted or become corrupted, you can replace them from the latestuncorrupted snapshot. You can mount a snapshot and export it as if it were acomplete file system. Users can then recover their own deleted or corrupted files.You can limit the space consumed by snapshots by setting a quota on them. If thetotal space consumed by snapshots remains above the quota, SFS rejects attemptsto create additional ones.
You can create a snapshot by either using the snapshot create command or bycreating a schedule that calls the snapshot create command depending on thevalues entered for the number of hours or minutes after which this commandshould run. This method automatically creates the snapshot by storing thefollowing values in the crontab: minutes, hour, day-of-month, month, andday-of-week.
133Creating and maintaining file systemsDestroying a file system
Table 7-3 Snapshot commands
DefinitionCommand
A storage snapshot is a copy of a set of files and directories as theywere at a particular point in the past. SFS supports file system levelsnapshots.
SFS limits the space a snapshot can use. Snapshots use free space inthe file system from which they were taken.
See “To create a snapshot” on page 134.
snapshot create
Lists all the snapshots for the specified file system. If you do notspecify a file system, snapshots of all the file systems are displayed.
See “To list snapshots” on page 136.
snapshot list
Deletes a snapshot.
See “To destroy a snapshot” on page 137.
snapshot destroy
Mounts a snapshot.
See “To mount or unmount snapshots” on page 137.
snapshot online
Unmounts a snapshot.
See “To mount or unmount snapshots” on page 137.
snapshot offline
Displays snapshot information for all the file systems.
See “To display snapshot quotas” on page 137.
snapshot quota list
Enables the creation of snapshots on the given file system when thespace used by all of the snapshots of that file system exceeds a givencapacity. The space used by the snapshots is not restricted.
See “To enable or disable a quota limit ” on page 138.
snapshot quota on
Disables the creation of snapshots on the given file system when thespace used by all of the snapshots of that file system exceeds a givencapacity. The space used by the snapshots is not restricted.
See “To enable or disable a quota limit ” on page 138.
snapshot quota off
Configuring snapshotsTo create a snapshot
◆ To create a snapshot, enter the following:
Storage> snapshot create snapshot_name fs_name
[removable]
Creating and maintaining file systemsAbout snapshots
134
Specifies the name for the snapshot.snapshot_name
Specifies the name for the file system.fs_name
Valid values are:
■ yes
■ no
If the removable attribute is yes, and the file system isoffline, the snapshot is removed automatically if the filesystem runs out of space.
The default value is removable=no.
removable
For example:
Storage> snapshot create snapshot1 fs1
100% [#] Create snapshot
135Creating and maintaining file systemsAbout snapshots
To list snapshots
◆ To list snapshots, enter the following:
Storage> snapshot list [fs_name] [schedule_name]
Displays all of the snapshots of the specified file system. If youdo not specify a file system, snapshots of all of the file systemsare displayed.
fs_name
Displays the schedule name. If you do not specify a schedulename, then snapshots created under fs_name are displayed.
schedule_name
For example:
Storage> snapshot list
Snapshot FS Status
=============================== == ======
schedule2_26_Feb_2009_00_15_01 fs2 offline
schedule2_26_Feb_2009_00_10_01 fs2 offline
presnap_schedule2_25_Feb_2009_18_00_02 fs2 offline
ctime mtime Removable Preserved
===== ===== ========= =========
2009.Feb.26.00:15:04 2009.Feb.26.00:15:04 no No
2009.Feb.26.00:10:03 2009.Feb.26.00:10:03 no No
2009.Feb.25.18:00:04 2009.Feb.25.18:00:04 no Yes
Displays the name of the created snapshots.Snapshot
Displays the file systems that correspond to each createdsnapshots.
FS
Displays whether or not the snapshot is mounted (that is, onlineor offline).
Status
Displays the time the snapshot was created.ctime
Displays the time the snapshot was modified.mtime
Determines if the snapshot should be automatically removes incase the underlying file system runs out of space. You enteredeither yes or no in the snapshot create snapshot_name
fs_name [removable]
Removable
Determines if the snapshot is preserved when all of the automatedsnapshots are destroyed.
Preserved
Creating and maintaining file systemsAbout snapshots
136
To destroy a snapshot
◆ To destroy a snapshot, enter the following:
Storage> snapshot destroy snapshot_name fs_name
Specifies the name of the snapshot to be destroyed.snapshot_name
Specifies the name of the file system to be destroyed.fs_name
For example:
Storage> snapshot destroy snapshot1 fs1
100% [#] Destroy snapshot
To mount or unmount snapshots
◆ To mount or unmount snapshots, enter one of the following commands,depending on which operation you want to perform:
Storage> snapshot online|offline snapshot_name fs_name
Specifies the name of the snapshot.snapshot_name
Specifies the name of the file system.fs_name
For example, to bring a snapshot online, enter the following:
Storage> snapshot online snapshot1 fs1
100% [#] Online snapshot
Storage>
For example, to place snapshot offline, enter the following:
Storage> snapshot offline snapshot fs1
100% [#] Offline snapshot
To display snapshot quotas
◆ To display snapshot quotas, enter the following:
Storage> snapshot quota list
FS Quota Capacity Limit
== ===== ==============
fs1 on 1G
fs2 off 0
fs3 off 0
137Creating and maintaining file systemsAbout snapshots
To enable or disable a quota limit
◆ To enable or disable a quota limit, enter the following:
Storage> snapshot quota on fs_name [capacity_limit]
Storage> snapshot quota off [fs_name]
Enables the quota limit, which disallows creation ofsnapshots on the given file system when the space used byall the snapshots of that file system exceeds a given capacitylimit. The space used b the snapshots is not restricted.
on
Specifies the name of the file system.fs_name
You can specify a capacity limit on the number of blocksused by all the snapshots for a specified file system. Entera number that needs to be followed by K, M, G, or T (for kilo,mega, giga, or terabyte).
capacity_limit
Disables the quota capacity limit for the specified filesystem.
off
For example, to enable the snapshot quota, enter the following:
Storage> snapshot quota on fs1 1024K
Storage> snapshot quota list
FS Quota Capacity Limit
== ===== ==============
fs1 ON 1024K
For example, to disable the snapshot quota, enter the following:
Storage> snapshot quota off fs1
Storage>
About snapshot schedulesThe Storage> snapshot schedule commands let you automatically create orremove a snapshot that stores the values for minutes, hour, day-of-the-month,month, and day-of-the-week in the crontab along with the name of the file system.
To distinguish the automated snapshots, a time stamp corresponding to theirtime of creation is appended to the schedule name. For example, if a snapshot iscreated using the name schedule1 on February 27, 2009 at 11:00 AM, the namebecomes: schedule1_Feb_27_2009_11_00_01_IST.
Creating and maintaining file systemsAbout snapshot schedules
138
The crontab interprets the numeric values in a different manner when comparedto the manner in which SFS interprets the same values. For example, snapshotschedule create schedule1 fs1 30 2 * * * automatically creates a snapshotevery day at 2:30 AM, and does not create snapshots every two and a half hours.If you wanted to create a snapshot every two and a half hours with at most 50snapshots per schedule name, then run snapshot schedule create schedule1
fs1 50 */30 */2 * * *, where the value */2 implies that the schedule runsevery two hours. You can also specify a step value for the other parameters, suchas day-of-month or month and day-of-week, as well and can use a range alongwith a step value. Specifying a range in addition to the numeric_value impliesthe number of times the crontab skips for a given parameter. For example, tocreate a snapshot every two and a half hours with no restrictions on the maximumnumber of snapshots per schedule name, run the following command:snapshotschedule create schedule1 fs1 0 0-59/30 0-23/2 * * *as crontab interpretsa step value and a step and range combination in a similar manner.
Table 7-4 Snapshot schedule commands
DefinitionCommand
Creates a schedule to automatically create a snapshot of a particularfile system.
See “To create a snapshot schedule” on page 140.
snapshot schedulecreate
Modifies the snapshot schedule of a particular filesystem.
See “To modify a snapshot schedule” on page 141.
snapshot schedulemodify
Creates a schedule to destroy all of the automated snapshots. Thisexcludes the preserved and online snapshots.
See “To remove all snapshots” on page 141.
snapshot scheduledestroyall
Preserves a limited number of snapshots corresponding to an existingschedule and specific file system name. These snapshots are notremoved as part of thesnapshot schedule autoremovecommand.
See “To preserve snapshots” on page 142.
snapshot schedulepreserve
Displays all schedules that have been set for automatically creatingsnapshots.
See “To display a snapshot schedule” on page 142.
snapshot scheduleshow
Deletes the schedule set for automatically creating snapshots for aparticular file system or for a particular schedule.
See “To delete a snapshot schedule” on page 142.
snapshot scheduledelete
139Creating and maintaining file systemsAbout snapshot schedules
Configuring snapshot schedulesTo create a snapshot schedule
◆ To create a snapshot schedule, enter the following:
Storage> snapshot schedule create schedule_name fs_name
max_snapshot_limit minute [hour] [day_of_the_month]
[month] [day_of_the_week]
For example, to create a schedule for an automated snapshot creation of agiven file system every 3 hours on a daily basis, enter the following:
Storage> snapshot schedule create schedule1 fs1 * 3 * * *
Storage>
When an automated snapshot is created, the entire date value is appended,including the time zone.
Specifies the name of the schedule corresponding to the automaticallycreated snapshot.
The schedule_name cannot contain an underscore ('_') as part of itsvalue. For example, sch_1 is not allowed.
schedule_name
Specifies the name of the file system. The file system name should bea string.
fs_name
Specifies the number of snapshots that can be created for a given filesystem and schedule name. This field only accepts numeric input.Entering 0 implies the snapshots can be created on a given file systemand schedule name without any restriction. Any other value wouldimply that only x number of snapshots can be created for a given filesystem and schedule name. If the number of snapshots correspondingto the schedule name is equal to or greater than the value of this field,then snapshots that are more than an hour old are automaticallydestroyed until the number of snapshots is less than the maximumsnapshot limit value.
The range allowed for this parameter is 0-999.
max_snapshot_limit
This parameter may contain either an asterisk, (*), which implies"every minute," or a numeric value between 0-59.
You can enter */(0-59), a range such as 23-43, or just the *.
minute
This parameter may contain either an asterisk, (*), which implies "runevery hour," or a number value between 0-23.
You can enter */(0-23), a range such as 12-21, or just the *.
hour
Creating and maintaining file systemsAbout snapshot schedules
140
This parameter may contain either an asterisk, (*), which implies "runevery day of the month," or a number value between 1-31.
You can enter */(1-31), a range such ass 3-22, or just the *.
day_of_the_month
This parameter may contain either an asterisk, (*), which implies "runevery month," or a number value between 1-12.
You can enter */(1-12), a range such as 1-5, or just the *. You can alsoenter the first three letters of any month (must use lowercase letters).
month
This parameter may contain either an asterisk (*), which implies "runevery day of the week," or a numeric value between 0-6. Crontabinterprets 0 as Sunday. You can also enter the first three letters of theweek (must use lowercase letters).
day_of_the_week
To modify a snapshot schedule
◆ To modify a snapshot schedule, enter the following:
Storage> snapshot schedule modify schedule_name fs_name
max_snapshot_limit minute [hour]
[day_of_the_month] [month] [day_of_the_week]
For example, to modify the existing schedule so that a snapshot is createdevery 2 hours on the first day of the week, enter the following:
Storage> snapshot schedule modify schedule1 fs1 *2**1
Storage>
To remove all snapshots
◆ To automatically remove all of the snapshots created under a given scheduleand file system name (excluding the preserved and online snapshots), enterthe following:
Storage> snapshot schedule destroyall schedule_name fs_name
For example:
Storage> snapshot schedule destroyall schedule1 fs1
Storage>
141Creating and maintaining file systemsAbout snapshot schedules
To preserve snapshots
◆ To preserve a number of snapshots corresponding to an existing scheduleand specific file system name, enter the following:
Storage> snapshot schedule preserve schedule_name fs_name
snapshot_name
For example, to preserve a snapshot created according to a given scheduleand file system name, enter the following:
Storage> snapshot schedule preserve schedule fs1
schedule1_Feb_27_16_42_IST
Storage>
To display a snapshot schedule
◆ To display all of the schedules for automated snapshots, enter the following:
Storage> snapshot schedule show [fs_name] [schedule_name]
Displays all of the schedules of the specified file system. If nofile system is specified, schedules of all of the file systems aredisplayed.
fs_name
Displays the schedule name. If no schedule name is specified,then all of the schedules created under fs_name are displayed.
schedule_name
For example, to display all of the schedules for creating or removing snapshotsto an existing file system, enter the following:
Storage> snapshot schedule show fs2
FS Schedule Name Max Snapshot Minute Hour Day Month WeekDay
== ============= ============ ====== ==== === ===== =======
fs2 schedule2 0 0 2 * * *
fs2 schedule2 10 5 * * * *
fs2 schedule1 20 30 16 * * 5
To delete a snapshot schedule
◆ To delete a snapshot schedule, enter the following:
Storage> snapshot schedule delete fs_name [schedule_name]
For example:
Storage> snapshot schedule delete fs1
Storage>
Creating and maintaining file systemsAbout snapshot schedules
142
Creating and maintainingNFS shares
This chapter includes the following topics:
■ About NFS file sharing
About NFS file sharingThe Network File System (NFS) protocol enables files hosted by an NFS server tobe accessed by multiple UNIX and Linux client systems.
Using NFS, a local system can mount and use a disk partition or file system froma remote system (an NFS server), as if it were local. The SFS NFS server exportsa disk partition or file system, with selected permissions and options, and makesit available to NFS clients.
The selected permissions and options can also be updated, to restrict or expandthe permitted use. To remove sharing, unexport the NFS file system.
The SFS NFS service is clustered. The NFS clients continuously retry during afailover transition. Even if the TCP connection is broken for a short time, thefailover is transparent to NFS clients, and NFS clients regain access transparentlyas soon as the failover is complete.
However, depending on client configuration and the nature of the failure, a clientoperation may time out, resulting in an error message such as: NFS server not
responding, still trying.
You use NFS commands to export or unexport your file systems. The NFS> share
commands are defined in Table 8-1.
8Chapter
To access the commands, log into the administrative console (for master,system-admin, or storage-admin) and enter the NFS>mode. For login instructions,go to About using the SFS command-line interface.
Table 8-1 NFS mode commands
DefinitionCommand
Display exported file systems.
See “To display exported file systems” on page 144.
share show
Export a file system.
See “Adding an NFS share ” on page 145.
share add
Unexport the file system of the exported file system.
See “Unexporting a file system or deleting NFS options” on page 151.
share delete
Displaying exported file systemsYou can display the exported file systems and the NFS options that are specifiedwhen the file system was exported.
To display exported file systems
◆ To display exported file systems, enter the following:
NFS> share show
For example:
NFS> share show
/vx/fs2 * (sync)
/vx/fs3 * (secure,ro,no_root_squash)
The command output displays two columns.
Displays the file system that was exported.
For example:
/vx/fs2
Left-hand column
Displays the system that the file system is exported to, and theNFS options with which the file system was exported.
For example:
* (secure,ro,no_root_squash)
Right-handcolumn
Creating and maintaining NFS sharesAbout NFS file sharing
144
Adding an NFS shareYou can export an NFS share with the specified NFS options that can then beaccessed by one or more client systems. The new NFS options are updated afterthe command is run.
If you add a file system that has already been exported with a different NFS option(rw, ro, async, or secure, for example), SFS provides a warning message sayingthat the file system has already been exported. SFS updates (overwrite) the oldNFS options with the new NFS options.
File system options appear in parentheses. File system options are exactly thesame as those given at the time of exporting the file system.
If a client was not specified when the NFS> share add command was used, then* is displayed as the system to be exported to, indicating that all clients can accessthe file system.
File systems that have been exported to different clients appear as differententries. File systems that are exported to <world> and other specific clients alsoappear as different entries.
For example:
Consider the following set of exported file systems where only the client (1.1.1.1)has read-write access to file system (fs2), while all other clients have read accessonly.
/vx/fs2 * (ro)
/vx/fs2 1.1.1.1 (rw)
When sharing a file system, SFS does not check whether the client exists or not.If you add a share for an unknown client, then an entry appears in the NFS> show
command output.
If the file system does not exist, you will not be able to export to any client. SFSgives the following error:
SFS nfs ERROR V-288-0 File system file_system_name
is offline or does not exist
You cannot export a non-existent file system. The NFS> show fs commanddisplays the list of exportable file systems.
Valid NFS options include the following:
Grants read and write permission to the file system. Hosts mountingthis file system will be able to make changes to the file system.
rw
145Creating and maintaining NFS sharesAbout NFS file sharing
Grants read-only permission to the file system. Hosts mounting thisfile system will not be able to change it.
ro
Grants synchronous write access to the file system. Forces the serverto perform a disk write before the request is considered complete.
sync
Grants asynchronous write access to the file system. Allows the serverto write data to the disk when appropriate.
async
Grants secure access to the file system. Requires that clients originatefrom a secure port. A secure port is between 1-1024.
secure
Grants insecure access to the file system. Permits client requests tooriginate from unprivileged ports (those above 1024).
insecure
Prevents the root user on an NFS client from having root privilegeson an NFS mount.
This effectively "squashes" the power of the remote root user to thelowest local user, preventing remote root users from acting as thoughthey were the root user on the local system.
root_squash
Disables theroot_squash option. Allows root users on the NFS clientto have root privileges on the NFS server.
no_root_squash
Causes the NFS server to delay writing to the disk if another writerequest is imminent. This can improve performance by reducing thenumber of times the disk must be accessed by separate writecommands, reducing write overhead.
wdelay
Disables the wdelay option.no_wdelay
The default NFS export options are: sync, ro, root_squash, and wdelay. Theno_wdelay option has no effect if the async option is set.
For example, you could issue the following commands:
NFS> share add rw,async fs2
NFS> share add rw,sync,secure,root_squash fs3 10.10.10.10
Note: With root_squash, the root user can access the share, but with 'nobody'permissions.
Creating and maintaining NFS sharesAbout NFS file sharing
146
To export a file system
1 To see your exportable online file systems and snapshots, enter the following:
NFS> show fs
For example:
NFS> show fs
FS/Snapshot
===========
fs2
fs3
2 To see your NFS share options, enter the following:
NFS> share show
For example:
NFS> share show
/vx/fs2 * (sync)
/vx/fs3 * (secure,ro,no_root_squash)
3 To export a file system, enter the following command:
NFS> share add nfsoptions filesystem [client]
Comma-separated list of export options from the set.nfsoptions
Specifies the name of the file system you want to export.filesystem
Clients may be specified in the following ways:
■ Single host - specify a host either by an abbreviated namethat is recognized by the resolver (DNS is the resolver), thefully qualified domain name, or an IP address.
■ Netgroups - netgroups may be given as@group. Only the hostpart of each netgroup member is considered for checkingmembership.
If the client is not given, then the specified file system can bemounted or accessed by any client. To re-export new options toan existing share, the new options will be updated after thecommand is run.
client
Example using NFS options:
147Creating and maintaining NFS sharesAbout NFS file sharing
NFS> share add sync fs4
Exporting *:/vx/fs4 with options sync
..Success.
Sharing file systems using CIFS and NFS protocolsSFS provides support for multi-protocol file sharing where the same file systemcan be exported to both Windows and UNIX users using the CIFS and NFSprotocols. The result is an efficient use of storage by sharing a single data setacross multi-application platforms.
Figure 8-1 shows how the file system sharing for the two protocols works.
Figure 8-1 Exporting and/or sharing CIFS and NFS file systems
SharedStorage
File SystemFS1
2-node SFScluster
Data access byCIFS protocol
Data access byNFS protocol
Windows user UNIX user
Creating and maintaining NFS sharesAbout NFS file sharing
148
Note:When a share is exported over both NFS and CIFS protocols, the applicationsrunning on the NFS and CIFS clients may attempt to concurrently read or writethe same file. This may lead to unexpected results since the locking models usedby these protocols are different. For example, an application reads stale data. Forthis reason, SFS warns you when the share export is requested over NFS or CIFSand the same share has already been exported over CIFS or NFS, when at leastone of these exports allows write access.
149Creating and maintaining NFS sharesAbout NFS file sharing
To export a file system to Windows and UNIX users
1 To export a file system to Windows and UNIX users with read-only andread-write permission respectively, go to CIFS mode and enter the followingcommands:
CIFS> show
Name Value
---- -----
netbios name mycluster
ntlm auth yes
allow trusted domains no
homedirfs
quota 0
idmap backend rid:10000-20000
workgroup SYMANTECDOMAIN
security ads
Domain SYMANTECDOMAIN.COM
Domain user administrator
Domain Controller SYMSERVER
CIFS> share add fs1 share1 ro
Exporting CIFS filesystem : share1...
CIFS> share show
ShareName FileSystem ShareOptions
share1 fs1 owner=root,group=root,ro
2 Enter the NFS mode and enter the following commands:
CIFS> exit
> nfs
Entering share mode...
NFS> share add rw fs1
SFS nfs WARNING V-288-0 Filesystem (fs1)
is already shared over CIFS with 'ro' permission.
Do you want to proceed (y/n): y
Exporting *:/vx/fs1 with options rw
..Success.
NFS> share show
/vx/fs1 * (rw)
NFS>
Creating and maintaining NFS sharesAbout NFS file sharing
150
Unexporting a file system or deleting NFS optionsYou can unexport the file system of the exported file system.
Note: You will receive an error message if you try to remove a file system thatdoes not exist.
To unexport a file system or delete NFS options
1 To see your existing exported file systems, enter the following command:
NFS> share show
Only the file systems that are displayed can be unexported.
For example:
NFS> share show
/vx/fs2 * (sync)
/vx/fs3 * (secure,ro,no_root_squash)
2 To delete a file system from the export path, enter the following command:
NFS> share delete filesystem [client]
For example:
NFS> share delete fs3
Removing export path *:/vx/fs3
..Success.
Specifies the name of the file system you want to delete.
Where filesystem can be a string of characters, but the followingcharacters are not allowed: / \ ( ) < >.
For example:
NFS> share delete "*:/vx/example"
You cannot include single or double quotes that do not enclosecharacters.
You cannot use one single quote or one double quote, as in thefollowing example:
NFS> share delete ' "filesystem
filesystem
151Creating and maintaining NFS sharesAbout NFS file sharing
Clients may be specified in the following ways:
■ Single host - specify a host either by an abbreviated namethat is recognized by the resolver (DNS is the resolver), thefully qualified domain name, or an IP address.
■ Netgroups - netgroups may be given as @group. Only the hostpart of each netgroup member is considered for checkingmembership.
If client is included, the file system is removed from the exportpath that was directed at the client.
If a file system is being exported to a specific client, the NFS>share delete command must specify the client to remove thatexport path.
If the client is not specified, then the specified file system can bemounted or accessed by any client.
client
Creating and maintaining NFS sharesAbout NFS file sharing
152
Using SFS as a CIFS server
This chapter includes the following topics:
■ About configuring SFS for CIFS
■ About configuring CIFS for standalone mode
■ About configuring CIFS for NT domain mode
■ About leaving an NT domain
■ Changing NT domain settings
■ Changing security settings
■ Changing security settings after the CIFS server is stopped
■ About configuring CIFS for AD domain mode
■ Leaving an AD domain
■ Changing domain settings for AD domain mode
■ Removing the AD interface
■ About setting NTLM
■ About setting trusted domains
■ About storing account information
■ About reconfiguring the CIFS service
■ About managing CIFS shares
■ Sharing file systems using CIFS and NFS protocols
■ About SFS cluster and load balancing
9Chapter
■ About managing home directories
■ About managing local users and groups
■ About configuring local groups
About configuring SFS for CIFSThe Common Internet File System (CIFS), also known as the Server Message Block(SMB), is a network file sharing protocol that is widely used on Microsoft andother operating systems. This chapter describes the initial configuration of theSFS CIFS service on three operating modes, and how to reconfigure the SFS CIFSservice when, some CIFS settings are changed.
SFS can be integrated into a network that consists of machines running thefollowing:
■ Windows 2000 Server
■ Windows XP
■ Windows Server 2003
■ Older Windows NT
■ Windows 9.x operating systems
You can control and manage the network resources by using Active Directory orNT workgroup domain controllers.
Before you use SFS with CIFS, you must have administrator-level knowledge ofthe Microsoft operating systems, Microsoft services, and Microsoft protocols(including Active Directory and NT services and protocols).
You can find more information about them at: www.microsoft.com.
To access the commands, log into your administrative console (master,system-admin, or storage-admin) and enter CIFS> mode.
For login instructions, go to About using the SFS command-line interface.
When serving the CIFS clients, SFS can be configured to operate in one of themodes described in Table 9-1.
Using SFS as a CIFS serverAbout configuring SFS for CIFS
154
Table 9-1 CIFS modes
DefinitionMode
Information about the user and group accounts is stored locally onSFS. SFS also authenticates users locally using the Linux passwordand group files. This mode of operation is provided for SFS testingand may be appropriate in other cases, for example, when SFS is usedin a small network and is not a member of a Windows security domain.In this mode of operation, you must create the local users and groups;they can access the shared resources subject to authorization control.
Standalone
SFS becomes a member of an NT4 security domain. The domaincontroller (DC) stores user and group account information, and theMicrosoft NTLM or NTLMv2 protocol authenticates.
NT Domain
SFS becomes a member of an AD security domain and is configuredto use the services of the AD domain controller, such as DNS, LDAP,and NTP. Kerberos, NTLMv2, or NTLM authenticate users.
Active Directory
When SFS operates in the NT or AD domain mode, it acts as a domain memberserver and not as the domain controller.
About configuring CIFS for standalone modeIf you do not have an AD server or NT domain controller, you can use SFS as astandalone server. SFS is used in standalone mode when testing SFS functionalityand when it is not a member of a domain.
Before you configure the CIFS service for the standalone mode, do the following:
■ Make sure that the CIFS server is not running.
■ Set security to user.
■ Start the CIFS server.
To make sure that the configuration has changed, do the following:
■ Check the server status.
■ Display the server settings.
Table 9-2 Configure CIFS for standalone mode commands
DefinitionCommand
Checks the status of the server.
See “To check the CIFS server status” on page 156.
server status
155Using SFS as a CIFS serverAbout configuring CIFS for standalone mode
Table 9-2 Configure CIFS for standalone mode commands (continued)
DefinitionCommand
Stops the server if it is running.
See “To check the CIFS server status” on page 156.
server stop
Checks the security setting.
See “To check the security setting” on page 157.
show
Sets security to user. This is the default value.
In standalone mode you do not need to set the domaincontroller,domainuser, or domain.
See “To check the security setting” on page 157.
set security user
Starts the service in standalone mode.
See “To start the CIFS service in standalone mode” on page 158.
server start
Configuring CIFS server status for standalone modeTo check the CIFS server status
1 To check the status of the server, enter the following:
CIFS> server status
Be default, security is set to user, the required setting for standalone mode.The following example shows that security was previously set to ads.
For example:
CIFS> server status
CIFS Status on sfs_1 : ONLINE
CIFS Status on sfs_2 : ONLINE
Security : ads
Domain membership status : Disabled
Domain : SYMANTECDOMAIN.COM
Domain Controller : symantecdomain_ad
Domain User : administrator
2 If the server is running, enter the following:
CIFS> server stop
Stopping CIFS Server.....Success.
Using SFS as a CIFS serverAbout configuring CIFS for standalone mode
156
To check the security setting
1 Check the current settings before setting security, enter the following:
CIFS> show
For example:
Name Value
---- -----
netbios name mycluster
ntlm auth yes
allow trusted domains no
homedirfs
quota 0
idmap backend rid:10000-20000
workgroup SYMANTECDOMAIN
security ads
Domain SYMANTECDOMAIN.COM
Domain user administrator
Domain Controller SYMSERVER
2 To set security to user, enter the following:
CIFS> set security user
Global option updated. Note: Restart the CIFS server.
157Using SFS as a CIFS serverAbout configuring CIFS for standalone mode
To start the CIFS service in standalone mode
1 To start the service in standalone mode, enter the following:
CIFS: server start
Starting CIFS Server.....Success.
2 To display the new settings, enter the following:
CIFS> show
For example:
Name Value
---- -----
netbios name mycluster
ntlm auth yes
allow trusted domains no
homedirfs
quota 0
idmap backend rid:10000-20000
workgroup SYMANTECDOMAIN
security user
Domain SYMANTECDOMAIN.COM
Domain user administrator
Domain Controller SYMSERVER
3 To make sure that the server is running in standalone mode, enter thefollowing:
CIFS> server status
For example:
CIFS> server status
CIFS Status on sfs_1 : ONLINE
CIFS Status on sfs_2 : ONLINE
Security : user
The CIFS service is now running in standalone mode.
To create local users and groups, go to About managing local users and groups.
To export the shares, go to About managing CIFS shares.
Using SFS as a CIFS serverAbout configuring CIFS for standalone mode
158
About configuring CIFS for NT domain modeBefore you configure the CIFS service for the NT domain mode, do the following:
■ Make sure that an NT domain has already been configured.
■ Make sure that SFS can communicate with the domain controller (DC) overthe network.
■ Make sure that the CIFS server is stopped.
■ Set the domain user, domain, and domain controller.
■ Set the security to domain.
■ Start the CIFS server.
To make sure that the configuration has changed, do the following:
■ Check the server status.
■ Display the server settings.
Table 9-3 Configure CIFS for NT domain mode commands
DefinitionCommand
Sets the name of the domain user. The credentials of the domain userwill be used at the domain controller while joining the domain.Therefore the domain user should be an existing NT domain user whohas permission to perform the join domain operation.
See “To set the domain user name for NT mode” on page 160.
set domainuser
Sets the name for the NT domain that you would like SFS to join andbecome a member.
See “To set the domain for the NT domain node” on page 160.
set domain
Sets the domain controller server name.
Note: If security is set to domain, you can use both the AD server andthe Windows NT 4.0 domain controller as domain controllers. However,if you use the Windows NT 4.0 domain controller, you can only usethe netbios name of the domain controller to set thedomaincontroller parameter.
See “To set the domain controller for the NT domain mode” on page 161.
setdomaincontroller
Before you set the security for the domain, you must set thedomaincontroller, domainuser, and domain.
See “To set security to domain for the NT domain mode” on page 161.
set security
159Using SFS as a CIFS serverAbout configuring CIFS for NT domain mode
Table 9-3 Configure CIFS for NT domain mode commands (continued)
DefinitionCommand
The server joins the NT domain only when the server is started afterissuing the CIFS> set security command.
See “To start the CIFS server for the NT domain mode” on page 162.
server start
Configuring CIFS for the NT domain modeTo set the domain user name for NT mode
1 To verify that the CIFS server is stopped, enter the following:
CIFS> server status
2 If the server is running, stop the server. enter the following:
CIFS> server stop
3 To set the user name, enter the following:
CIFS> set domainuser username
whereusername is an existing NT domain user who has permission to performthe join domain operation.
For example:
CIFS> set domainuser administrator
Global option updated. Note: Restart the CIFS server.
To set the domain for the NT domain node
◆ To set the domain, enter the following:
CIFS> set domain domainname
where domainname is the name of the domain that SFS will join.
For example:
CIFS> set domain SYMANTECDOMAIN.COM
Global option updated. Note: Restart the CIFS server.
Using SFS as a CIFS serverAbout configuring CIFS for NT domain mode
160
To set the domain controller for the NT domain mode
◆ To set the domain controller, enter the following:
CIFS> set domaincontroller servername
where servername is the netbios name if it is an Windows NT 4.0 domaincontroller.
For example, if the domain controller is in Windows NT 4.0, enter the servername SYMSERVER:
CIFS> set domaincontroller SYMSERVER
Global option updated. Note: Restart the CIFS server.
To set security to domain for the NT domain mode
◆ To set security to domain, enter the following:
CIFS> set security security
Enter domain for security.
CIFS> set security domain
Global option updated. Note: Restart the CIFS server.
161Using SFS as a CIFS serverAbout configuring CIFS for NT domain mode
To start the CIFS server for the NT domain mode
1 To start the CIFS server, enter the following:
CIFS> server start
You are prompted for a domainuser password by:
CIFS> server start
Trying to become a member in domain SYMANTECDOMAIN.COM ...
Enter password for user 'administrator':
When you enter the correct password, the following messages appear:
Joined domain SYMANTECDOMAIN.COM OK
Starting CIFS Server.....Success.
2 To find the current settings for the domain name, domain controller name,and domain user name, enter the following:
CIFS> show
3 To make sure that the service is running as a member of the NT domain, enterthe following:
CIFS> server status
For example:
CIFS> server status
CIFS Status on sfs_1 : ONLINE
CIFS Status on sfs_2 : ONLINE
Security : domain
Domain membership status : Enabled
Domain : SYMANTECDOMAIN.COM
Domain Controller : SYMSERVER
Domain User : administrator
The CIFS service is now running in the NT domain mode. You can export theshares, and domain users can access the shares subject to authentication andauthorization control.
Using SFS as a CIFS serverAbout configuring CIFS for NT domain mode
162
About leaving an NT domainThere is no SFS command that lets you leave an NT domain. It happensautomatically when the security or domain settings change, and then starts orstops the CIFS server. Thus, SFS provides the domain leave operation dependingon existing security and domain settings and new administrative commands.However, the leave operation requires the credentials of the old domain’s user.All of the cases for the domain leave operation are documented in Table 9-4.
Table 9-4 Change NT domain settings commands
DefinitionCommand
Sets the domain.
When you change any of the domain settings and you restart the CIFSserver, the CIFS server leaves the old domain. Thus, when a changeis made to either one or more of the domain, domain controller, ordomain user settings, and the next time the CIFS server is started, theCIFS server first attempts to leave the existing join, and then joinsthe NT domain with the new settings.
See “To change domain settings” on page 164.
set domain
Sets the security user.
When you change the security setting, and you start or stop the CIFSserver, the CIFS server leaves the existing NT domain. For example,if you change the security setting from domain to user and you stopor restart the CIFS server, it leaves the NT domain.
See “To change security settings” on page 165.
If the CIFS server is already stopped, and you change the security toa value other than domain, SFS leaves the domain. This method ofleaving the domain is provided so that if a CIFS server is alreadystopped, and may not be restarted soon, you have a way to leave anexisting join to the NT domain.
See “To change security settings for a CIFS server that has beenstopped” on page 165.
set security user
Changing NT domain settingsEach case assumes that the SFS cluster is part of an NT domain.
163Using SFS as a CIFS serverAbout leaving an NT domain
To verify if cluster is part of NT domain
◆ To verify if your cluster is part of the NT domain, enter the following:
CIFS> server status
CIFS Status on sfs_1 : ONLINE
CIFS Status on sfs_2 : ONLINE
Security : domain
Domain membership status : Enabled
Domain : SYMANTECDOMAIN.COM
Domain Controller : SYMSERVER
Domain User : administrator
To change domain settings
1 To stop the CIFS server, enter the following:
CIFS> server stop
Stopping CIFS Server.....Success.
2 To change the domain, enter the following:
CIFS> set domain newdomain.com
Global option updated. Note: Restart the CIFS server.
where newdomain.com is the new domain name.
When you start the CIFS server, the CIFS server tries to leave the existingdomain. This requires the old domainuser to enter their password. After thepassword is supplied, and the domain leave operation succeeds, the CIFSserver joins an NT domain with the new settings.
3 To start the CIFS server, enter the following:
CIFS> server start
Disabling membership in existing domain SYMANTECDOMAIN.COM
Enter password for user 'administrator' of domain SYMANTECDOMAIN.COM :
Left domain SYMANTECDOMAIN.COM
Trying to become a member in domain NEWDOMAIN.COM
Enter password for user 'administrator':
Using SFS as a CIFS serverChanging NT domain settings
164
Changing security settingsTo change security settings
◆ To set the security to user, enter the following:
CIFS> set security user
Global option updated. Note: Restart the CIFS server.
To stop the CIFS server:
CIFS> server stop
Disabling membership in existing domain SYMANTECDOMAIN.COM
Enter password for user 'administrator' of domain
SYMANTECDOMAIN.COM :
Stopping CIFS Server.....Success.
Left domain SYMANTECDOMAIN.COM
Changing security settings after the CIFS server isstopped
To change security settings for a CIFS server that has been stopped
◆ To set security to a value other than domain, enter the following:
CIFS> set security user
Disabling membership in existing domain SYMANTECDOMAIN.COM
Enter password for user 'administrator' of domain
SYMANTECDOMAIN.COM :
Left domain SYMANTECDOMAIN.COM
Global option updated. Note: Restart the CIFS server.
If the server is stopped, then changing the security mode will disable themembership of the existing domain.
About configuring CIFS for AD domain modeThis section assumes that an Active Directory domain has already been configuredand that SFS can communicate with the AD domain controller (DC) over thenetwork. The AD domain controller is also referred to as the AD server.
Before you configure the CIFS service for the AD domain mode, do the following:
165Using SFS as a CIFS serverChanging security settings
■ Make sure that the SFS and AD server clocks are reasonably synchronizedwith each other. The most commonly allowed maximum value of clockdifference would be 5 minutes, but it depends on the AD server settings. Oneof the ways to ensure this, is by configuring SFS to use the NTP service runningon the AD server. You can change the clock settings on the AD server bymodifying Kerberos Policy, which is a part of the Domain Security Policy.
■ Make sure that SFS is configured to use a DNS service that has entries for theAD domain controller and SFS nodes. You can also use the DNS service runningon the AD domain controller.
■ Make sure that the CIFS server is not running.
■ Set the AD domain user, AD domain, and domain controller.
■ Set security to ads.
■ Start the CIFS server.
■ Check the server status.
■ Display the server settings.
Table 9-5 Configure CIFS for AD domain mode commands
DefinitionCommand
Sets the name of the domain user. The domain user's credentials willbe used at the domain controller while joining the domain. Therefore,the domain user should be an existing AD user who has the permissionto perform the join domain operation.
See “To set the domain user for AD domain mode” on page 167.
set domainuser
Sets the name of the domain for the AD domain mode that SFS willjoin.
See “To set the domain for AD domain mode” on page 167.
set domain
Sets the domain controller server name.
See “To set the domain controller for AD domain mode” on page 168.
setdomaincontroller
Sets security for the domain.
You must first set the domaincontroller, domainuser, anddomain.
See “To set security to ads” on page 168.
set security
Using SFS as a CIFS serverAbout configuring CIFS for AD domain mode
166
Table 9-5 Configure CIFS for AD domain mode commands (continued)
DefinitionCommand
Starts the server.
The CIFS server joins the Active Directory domain only when theserver is started after issuing the CIFS> set security command.
See “To start the CIFS server ” on page 169.
server start
Configuring CIFS for the AD domain modeTo set the domain user for AD domain mode
1 To verify that the CIFS server is stopped, enter the following:
CIFS> server status
2 If the server is running, stop the server. enter the following:
CIFS> server stop
3 To set the domain user, enter the following:
CIFS> set domainuser username
where username is the name of an existing AD domain user who haspermission to perform the join domain operation.
For example:
CIFS> set domainuser administrator
Global option updated. Note: Restart the CIFS server.
To set the domain for AD domain mode
◆ To set the domain for AD domain mode, enter the following:
CIFS> set domain domainname
where domainname is the name of the domain.
For example:
CIFS> set domain SYMANTECDOMAIN.COM
Global option updated. Note: Restart the CIFS server.
167Using SFS as a CIFS serverAbout configuring CIFS for AD domain mode
To set the domain controller for AD domain mode
◆ To set the domain controller, enter the following:
CIFS> set domaincontroller servername
where servername is the server's IP address or DNS name.
For example, if the server SYMSERVER has an IP address of 172.16.113.118,you can specify one of the following:
CIFS> set domaincontroller 172.16.113.118
Global option updated. Note: Restart the CIFS server.
or
CIFS> set domaincontroller SYMSERVER
Global option updated. Note: Restart the CIFS server.
To set security to ads
◆ To set security to ads, enter the following:
CIFS> set security security
Enter ads for security.
CIFS> set security ads
Global option updated. Note: Restart the CIFS server.
Using SFS as a CIFS serverAbout configuring CIFS for AD domain mode
168
To start the CIFS server
1 To start the CIFS server, enter the following:
CIFS> server start
The skew of the system clock with respect to
Domain controller is: -17 seconds
Time on Domain controller : Thu Dec 4 05:21:47 2008
Time on this system : Thu Dec 4 05:22:04 PST 2008
If the above clock skew is greater than that allowed by the server,
then the system won't be able to join the AD domain
Trying to become a member in AD domain SYMANTECDOMAIN.COM ...
Enter password for user 'administrator':
After you enter the correct password for the user administrator belongingto AD domain SYMANTECDOMAIN.COM, the following message appears:
Joined domain SFSQA.COM OK
Starting CIFS Server.....Success.
2 To make sure that the service is running, enter the following:
CIFS> server status
CIFS Status on sfs_1 : ONLINE
CIFS Status on sfs_2 : ONLINE
Security : ads
Domain membership status : Enabled
Domain : SYMANTECDOMAIN.COM
Domain Controller : SYMSERVER
Domain User : administrator
The CIFS server is now running in the AD domain mode. You can export the shares,and the domain users can access the shares subject to the AD authentication andauthorization control.
169Using SFS as a CIFS serverAbout configuring CIFS for AD domain mode
Leaving an AD domainThere is no SFS command that lets you leave an AD domain. It happensautomatically as a part of change in security or domain settings, and then startsor stops the CIFS server. Thus, SFS provides the domain leave operation dependingon existing security and domain settings and new administrative commands.However, the leave operation requires the credentials of the old domain’s user.All of the cases for a domain leave operation have been documented in Table 9-6.
Table 9-6 Change AD domain mode settings commands
DefinitionCommand
Sets the domain.
When you change any of the domain settings and you restart the CIFSserver, the CIFS server leaves the old domain. Thus, when a changeis made to either one or more of domain, domain controller, or domainuser settings, and the next time the CIFS server is started, the CIFSserver first attempts to leave the existing join and then joins the ADdomain with the new settings.
See “To change domain settings for AD domain mode” on page 172.
set domain
Sets the security user.
If you change the security setting from ads to user and you stop orrestart the CIFS server, it leaves the AD domain.
When you change the security setting, and you stop or restart theCIFS server, the CIFS server leaves the existing AD domain. Forexample, the CIFS server leaves the existing AD domain if the existingsecurity isads, and the new security is changed touser, and the CIFSserver is either stopped, or started again.
See “To change the security settings for the AD domain mode”on page 173.
If the CIFS server is already stopped, changing the security to a valueother than ads causes SFS to leave the domain. Both the methodsmentioned earlier require either stopping or starting the CIFS server.This method of leaving the domain is provided so that if a CIFS serveris already stopped, and may not be restarted in near future, you shouldhave some way of leaving an existing join to AD domain.
See “Changing security settings with stopped server on the AD domainmode ” on page 173.
set security user
Using SFS as a CIFS serverLeaving an AD domain
170
Changing domain settings for AD domain modeEach case assumes that the SFS cluster is part of an AD domain.
To verify cluster is part of an AD domain
◆ To verify that you cluster is part of an AD domain, enter the following:
CIFS> server status
CIFS Status on SFS_1 : ONLINE
CIFS Status on SFS_2 : ONLINE
Security : ads
Domain membership status : Enabled
Domain : SYMANTECDOMAIN.COM
Domain Controller : symantecdomain_ad
Domain User : administrator
171Using SFS as a CIFS serverChanging domain settings for AD domain mode
To change domain settings for AD domain mode
1 To stop the CIFS server, enter the following:
CIFS> server stop
Stopping CIFS Server.....Success.
2 To change the domain, enter the following:
CIFS> set domain newdomain.com
When you start the CIFS server, it tries to leave the existing domain. Thisrequires the old domainuser to enter its password. After the password issupplied, and the domain leave operation succeeds, the CIFS server joins anAD domain with the new settings.
3 To start the CIFS server, enter the following:
CIFS> server start
Disabling membership in existing AD domain SYMANTECDOMAIN.COM
Enter password for user 'administrator' of domain SYMANTECDOMAIN.COM :
Left domain SYMANTECDOMAIN.COM
The skew of the system clock with respect to Domain controller is:
-18 seconds
Time on this system: Thu Dec 4 05:21:47 2008
Time on this system : Thu Dec 4 05:22:04 PST 2008
If the above clock skew is greater than that allowed by the server,
then the system won't be able to join the AD domain
Trying to become a member in AD domain NEWDOMAIN.COM...
Enter password for user 'administrator':
Using SFS as a CIFS serverChanging domain settings for AD domain mode
172
To change the security settings for the AD domain mode
◆ To set the security to user, enter the following:
CIFS> set security user
Global option updated. Note: Restart the CIFS server.
To stop the CIFS server:
CIFS> server stop
Disabling membership in existing AD domain SYMANTECDOMAIN.COM
Enter password for user 'administrator' of domain SYMANTECDOMAIN.COM :
Stopping CIFS Server.....Success.
Left AD domain SYMANTECDOMAIN.COM
Changing security settings with stopped server on the AD domain mode
◆ To set security to a value other than ads, enter the following:
CIFS> set security user
Disabling membership in existing AD domain SYMANTECDOMAIN.COM
Enter password for user 'administrator':
Left AD domain SYMANTECDOMAIN.COM
Global option updated. Note: Restart the CIFS server.
Removing the AD interfaceYou can remove the SFS cluster from the AD domain by using the Active Directoryinterface.
To remove the SFS cluster
1 Open the interface Active Directory Users and Computers.
2 In the domain hierarchy tree, click on Computers.
3 In the details pane, right-click the computer entry corresponding to SFS (thiscan be identified by the SFS cluster name) and click Delete.
About setting NTLMWhen you use SFS in NT or AD domain mode, there is an optional configurationstep that can be done. You can disable the use of Microsoft NTLM (NT LANManager) protocol for authenticating users.
173Using SFS as a CIFS serverRemoving the AD interface
When SFS CIFS service is running in the standalone mode (with security set touser) some versions of the Windows clients require NTLM authentication to beenabled. You can do this by setting CIFS> set ntlm_auth to yes.
When NTLM is disabled and you use SFS in the NT domain mode, the only protocolavailable for user authentication is Microsoft NTLMv2. When NTLM is disabledand you use SFS in AD domain mode, the available authentication protocols isKerberos and NTLMv2. The one used depends on the capabilities of both the SFSclients, and domain controller. If no special action is taken, SFS allows the NTLMprotocol to be used.
For any specific CIFS connection, all the participants, that is the client machine,SFS and domain controller select the protocol that they all support and thatprovides the highest security. In the AD domain mode, Kerberos provides thehighest security. In the NT domain mode, NTLMv2 provides the highest security.
Table 9-7 Set NTLM commands
DefinitionCommand
Disables NTLM.
See “To disable NTLM ” on page 175.
set ntlm_auth no
Enables NTLM.
See “To enable NTLM” on page 175.
set ntlm_auth yes
Using SFS as a CIFS serverAbout setting NTLM
174
Setting NTLMTo disable NTLM
1 If the server is running, enter the following:
CIFS> server stop
Stopping CIFS Server.....Success.
2 To disable NTLM, enter the following:
CIFS> set ntlm_auth no
For example:
CIFS> set ntlm_auth no
Global option updated. Note: Restart the CIFS server.
3 To start the CIFS service, enter the following:
CIFS> server start
Starting CIFS Server.....Success.
To enable NTLM
1 If the server is running, enter the following:
CIFS> server stop
Stopping CIFS Server.....Success.
2 To enable the NTLM protocol, enter the following:
CIFS> set ntlm_auth yes
For example:
CIFS> set ntlm_auth yes
Global option updated. Note: Restart the CIFS server.
3 To start the CIFS service, enter the following:
CIFS> server start
Starting CIFS Server.....Success.
175Using SFS as a CIFS serverAbout setting NTLM
About setting trusted domainsThe Microsoft Active Directory supports the concept of trusted domains. Whenyou authenticate users, you can configure domain controllers in one domain totrust the domain controllers in another domain. This establishes the trust relationbetween the two domains. When SFS is a member in an AD domain, both SFS andDC are involved in authenticating the clients. You can configure SFS to supportor not support trusted domains.
Table 9-8 Set trusted domains commands
DefinitionCommand
Enables the use of trusted domains in the AD domain mode.
Note:Depending on the value you specify foridmap_backend it mayor it may not be possible to enable AD trusted domains.
See “To enable AD trusted domains” on page 176.
setallow_trusted_domainsyes
Disables the use of trusted domains in the AD domain mode.
See “To disable trusted domains” on page 177.
setallow_trusted_domainsno
Setting AD trusted domainsTo enable AD trusted domains
1 If the server is running, enter the following:
CIFS> server stop
Stopping CIFS Server.....Success.
2 To enable trusted domains, enter the following:
CIFS> set allow_trusted_domains yes
For example:
CIFS> set allow_trusted_domains yes
Global option updated. Note: Restart the CIFS server.
3 To start the CIFS server, enter the following:
CIFS> server start
Starting CIFS Server.....Success.
Using SFS as a CIFS serverAbout setting trusted domains
176
To disable trusted domains
1 If the server is running, enter the following:
CIFS> server stop
Stopping CIFS Server.....Success.
2 To disable trusted domains, enter the following:
CIFS> set allow_trusted_domains no
For example:
CIFS> set allow_trusted_domains no
Global option updated. Note: Restart the CIFS server.
3 To start the CIFS server, enter the following:
CIFS> server start
Starting CIFS Server.....Success.
About storing account informationSFS maps between the domain users and groups (their identifiers) and localrepresentation of these users and groups. Information about these mappings canbe stored locally on SFS or remotely using the DC directory service. SFS uses theidmap_backend configuration option to decide where this information is stored.
This option can be set to one of the following:
Stores the user and group information locally.rid
Stores the user and group information in the LDAP directory service.ldap
The rid value can be used in any of the following modes of operation:
■ standalone
■ NT domain
■ AD domain
It is the default value for idmap_backend in all of these operational modes. Theldap value can be used if the AD domain mode is used.
177Using SFS as a CIFS serverAbout storing account information
Table 9-9 Store account information commands
DefinitionCommand
Configures SFS to store information about users and groups locally.
Note: This command requires that the allow_trusted_domainsvariable be set to no, as the command is not compatible with trusteddomains.
See “To set idmap_backend to rid” on page 179.
set idmap_backendrid
Configures SFS to store information about users and groups in aremote LDAP service. You can only use this command when SFS isoperating in the AD domain mode. The LDAP service can run on thedomain controller or it can be external to the domain controller.
Note: For SFS to use the LDAP service, the LDAP service must includeboth RFC 2307 and Samba schema extensions.
When the idmap_backend command is set to ldap you can enableor disable trusted domains.
If idmap_backend is set to ldap, you must first configure the SFS LDAPoptions using the Network> ldap commands.
See “About LDAP” on page 72.
See “To set idmap_backend to LDAP” on page 179.
set idmap_backendldap
Using SFS as a CIFS serverAbout storing account information
178
Storing user and group accountsTo set idmap_backend to rid
1 If the server is running, enter the following:
CIFS> server stop
Stopping CIFS Server.....Success.
2 To store information about user and group accounts locally, enter thefollowing:
CIFS> set idmap_backend rid [uid_range]
where the uid_range represents the range of identifiers which are used bySFS when mapping domain users and groups to local users and groups. Thedefault range is 10000-20000.
3 To start the CIFS server, enter the following:
CIFS> server start
Starting CIFS Server.....Success.
To set idmap_backend to LDAP
1 To make sure that you have first configured LDAP, enter the following:
Network> ldap
2 If the server is running, enter the following:
CIFS> server stop
Stopping CIFS Server.....Success.
3 To use the remote LDAP store for information about the user and groupaccounts, enter the following:
CIFS> set idmap_backend ldap
4 To start the CIFS server, enter the following:
CIFS> server start
Starting CIFS Server.....Success.
179Using SFS as a CIFS serverAbout storing account information
About reconfiguring the CIFS serviceSometime after you have configured the CIFS service, and used it for awhile, youneed to change some of the settings. For example, you may want to allow the useof trusted domains or you need to move SFS from one security domain to another.To carry out these changes, set the new settings and then start the CIFS server.As a general rule, you should stop the CIFS service before making the changes.
An example where SFS is moved to a new security domain (while the mode ofoperation stays unchanged as, AD domain) is shown in Reconfiguring the CIFSservice. This example deals with reconfiguring CIFS. So make sure that if any ofthe other AD services like DNS or NTP are being used by SFS, that SFS has alreadybeen configured to use these services from the AD server belonging to the newdomain.
Make sure that the DNS service, NTP service and, if used as ID mapping store,also the LDAP service, are configured as required for the new domain.
To reconfigure the CIFS service, do the following:
■ Make sure that the server is not running.
■ Set the domain user, domain, and domain controller.
■ Start the CIFS server.
Table 9-10 Reconfigure the CIFS service commands
DefinitionCommand
Changes the configuration option to reflect the values appropriatefor the new domain.
See “To set the user name for the AD” on page 181.
set domainuser
Changes the configuration option to reflect the values appropriatefor the new domain.
See “To set the AD domain” on page 181.
set domain
Changes the configuration option to reflect the values appropriatefor the new domain.
See “To set the AD server” on page 182.
setdomaincontroller
Starts the server and causes it to leave the old domain and join thenew Active Directory domain.
You can only issue this command after you enter the CIFS> set
security command.
See “To start the CIFS server ” on page 183.
server start
Using SFS as a CIFS serverAbout reconfiguring the CIFS service
180
Reconfiguring the CIFS serviceTo set the user name for the AD
1 To verify that the CIFS server is stopped, enter the following:
CIFS> server status
2 If the server is running, stop the server. enter the following:
CIFS> server stop
3 To set the user name for the AD, enter the following:
CIFS> set domainuser username
where username is the name of an existing AD domain user who haspermission to perform the join domain operation.
For example:
CIFS> set domainuser administrator
Global option updated. Note: Restart the CIFS server.
To set the AD domain
◆ To set the AD domain, enter the following:
CIFS> set domain domainname
where domainname is the name of the domain. This command also sets thesystem workgroup. For example:
CIFS> set domain NEWDOMAIN.COM
Global option updated. Note: Restart the CIFS server.
181Using SFS as a CIFS serverAbout reconfiguring the CIFS service
To set the AD server
◆ To set the AD server, enter the following:
CIFS> set domaincontroller servername
where servername is the AD server IP address or DNS name.
For example, if the AD server SYMSERVER has an IP address of172.16.113.118, you can specify on of the following:
CIFS> set domaincontroller 172.16.113.118
Global option updated. Note: Restart the CIFS server.
or
CIFS> set domaincontroller SYMSERVER
Global option updated. Note: Restart the CIFS server.
If you use the AD server name, you must configure SFS to use a DNS serverwhich can resolve this name.
Using SFS as a CIFS serverAbout reconfiguring the CIFS service
182
To start the CIFS server
1 To start the CIFS server, enter the following:
CIFS> server start
The skew of the system clock with respect to Domain controller is:
3 seconds
Time on Domain controller : Fri May 30 06:00:03 2008
Time on this system : Fri May 30 06:00:00 PDT 2008
If the above clock skew is greater than that allowed by the server,
then the system won’t be able to join the AD domain
Enter password for user 'administrator':
Trying to become a member in AD domain SYMANTECDOMAIN.COM ...
Joined domain SYMANTECDOMAIN.COM OK
Starting CIFS Server..
2 To make sure that the service is running, enter the following:
CIFS> server status
3 To find the current settings, enter the following:
CIFS> show
About managing CIFS sharesYou can export the SFS file systems to the clients as CIFS shares. When a shareis created, it is given a name. The name is different from the file system name.Clients use the share name when they import the share. You create and export ashare with one command. The same command binds the share to a file system,and you can also use it to specify share properties.
In addition to exporting file systems as CIFS share, you can use SFS to store theusers' home directories. Each of these home directories is called a home directory
share. Shares which are used to export ordinary file systems (that is, file systemswhich are not used for home directories), are called ordinary shares to distinguishthem from the home directory shares.
183Using SFS as a CIFS serverAbout managing CIFS shares
Table 9-11 Manage the CIFS shares commands
DefinitionCommand
Displays information on one or all exported shares. The informationis displayed for a specific share includes the name of the file systemwhich is being exported and the values of the share options.
See “To display share properties” on page 187.
share show
Exports a file system with the given sharename or re-export newoptions to an existing share. The new options are updated after thiscommand is run.
This CIFS command, which creates and exports a share, takes as inputthe name of the file system which is being exported, the share name,and optional attributes. You can use the same command for a sharethat is already exported. You can do this if it is required to modify theattributes of the exported share.
A file system used for storing users home directories cannot beexported as a CIFS share, and a file system that is exported as a CIFSshare cannot be used for storing users' home directories.
See “To export a file system” on page 184.
share add
Stops the associated file system from being exported. Any files anddirectories which may have been created in this file system remainintact; they are not deleted as a result of this operation.
See “To delete a CIFS share” on page 187.
share delete
Setting share propertiesTo export a file system
◆ To export a file system, enter the following:
CIFS> share add filesystem sharename [cifsoptions]
An SFS file system that you want to export as a CIFS share. Thegiven file system must not be currently used for storing the homedirectory shares.
filesystem
The name for the newly exported share. Names of the SFS sharesare case sensitive and can consist of the following characters:lower and upper case letters "a" - "z" and "A" - "Z," numbers "0"- "9" and special characters: "_" and "-". ( "-", cannot be used asthe first character in a share name).
sharename
Using SFS as a CIFS serverAbout managing CIFS shares
184
A comma-separated list of export options. This part of thecommand is optional. If it is not given, SFS uses the default value.
(Example:ro,rw,guest,noguest,oplocks,nooplocks,owner=ownername,group=groupname,ip=virtualip).
The default values are: ro, noguest, oplocks,
owner=root, group=root.
cifsoptions
For example, an existing file system called fsA being exported as a sharecalled ABC:
CIFS> share add fsA ABC rw,guest,owner=john,group=abcdev
There is a share option which specifies if the files in the share will be read-onlyor if both read and write access will be possible, subject to the authenticationand authorization checks when a specific access is attempted. This shareoption can be given one of these values:
Grants read-only permission to the exported share. Files cannotbe created or modified. This is the default value.
ro
Grants read and write permission to the exported share.rw
Another configuration option specifies if a user trying to establish a CIFSconnection with the share must always provide the user name and password,or if they can connect without it. In this case, only restricted access to theshare will be allowed. The same kind of access is allowed to “anonymous” or“guest” user accounts. This share option can have one of the following values:
SFS allows restricted access to the share when no user name orpassword is provided.
guest
SFS always requires the user name and password for all of theconnections to this share. This is the default value.
noguest
SFS supports the CIFS opportunistic locks. You can enable or disable themfor a specific share. The opportunistic locks improve performance for someworkloads, and there is a share configuration option which can be given oneof the following values:
SFS supports opportunistic locks on the files in this share. Thisis the default value.
oplocks
185Using SFS as a CIFS serverAbout managing CIFS shares
No opportunistic locks will be used for this share.
Disable the oplocks when:
■ 1) A file system is exported over both CIFS and NFS protocols.
■ 2) Either CIFS or NFS protocol has read and write access.
nooplocks
There are more share configuration options that can be used to specify theuser and group who own the share. If you do not specify these options for ashare, SFS uses the default values for these options, which are the privilegedor “root” SFS user and group. You may want to change the default values toallow a specific user or group to be the share owner.
By default, the SFS root owns the root directory of the exportedshare. This lets CIFS clients create folders and files in the share.However, there are some operations which require ownerprivileges; for example, changing the owner itself, and changingpermissions of the top-level folder (that is, the root directory inUNIX terms). To enable these operations, you can set the owneroption to a specific user name, and this user can perform theprivileged operations.
owner
By default, the SFS root is the primary group owner of the rootdirectory of the exported share. This lets CIFS clients createfolders and files in the share. However, there are some operationswhich require the group privileges; for example, changing thegroup itself, and changing permissions of the top level folder(that is, the root directory in UNIX terms). To enable theseoperations you can set the group option to a specific group nameand this group can perform the privileged operations.
group
SFS lets you specify a virtual IP address. This address must bepart of the SFS cluster, and is used by the system to serve theshare internally.
ip
After a file system is exported as a CIFS share, you can decide to change one ormore share options. This is done using the same share add command, giving thename of an existing share and the name of the file system exported with thisshare. SFS will realize the given share has already been exported and that it isonly required to change the values of the share options.
For example, to export the file system fs1with name share1, enter the following:
CIFS> share add fs1 share1 "owner=administrator,group=domain users,rw"
Exporting CIFS filesystem : share1 ...
CIFS> share show
Using SFS as a CIFS serverAbout managing CIFS shares
186
ShareName FileSystem ShareOptions
share1 fs1 owner=administrator,group=domain users,rw
To display share properties
1 To display the information about all of the exported shares, enter thefollowing:
CIFS> share show
For example:
CIFS> share show
ShareName FileSystem ShareOptions
share1 fs1 owner=root,group=root
2 To display the information about one specific share, enter the following:
CIFS> share show sharename
For example:
CIFS> share show share1
ShareName VIP Address
share1 10.10.10.10
To delete a CIFS share
1 To delete a share, enter the following:
CIFS> share delete sharename
where sharename is the name of the share you want to delete.
For example:
CIFS> share delete share1
Unexporting CIFS filesystem : share1 ..
CIFS>
2 To confirm the share is no longer exported, enter the following:
CIFS> share show
ShareName FileSystem ShareOptions
CIFS>
187Using SFS as a CIFS serverAbout managing CIFS shares
Sharing file systems using CIFS and NFS protocolsSFS provides support for multi-protocol file sharing, where the same file systemcan be exported to both Windows and UNIX users using the CIFS and NFS (NetworkFile System) protocols. The result is an efficient use of storage by sharing a singledata set across multi-application platforms.
Figure 9-1 shows how file system sharing for the two protocols works.
Figure 9-1 Exporting files systems
SharedStorage
File SystemFS1
2-node SFScluster
Data access byCIFS protocol
Data access byNFS protocol
Windows user UNIX user
It is recommended that you disable the oplocks option when the following occurs:
■ A file system is exported over both the CIFS and NFS protocols.
■ Either the CIFS and NFS protocol is set with read and write permission.
Using SFS as a CIFS serverSharing file systems using CIFS and NFS protocols
188
To disable oplocks refer to Setting share properties
Note:When a share is exported over both NFS and CIFS protocols, the applicationsrunning on the NFS and CIFS clients may attempt to concurrently read or writethe same file. This may lead to unexpected results since the locking models usedby these protocols are different. For example, an application reads stale data. Forthis reason, SFS warns you when the share export is requested over NFS or CIFSand the same share has already been exported over CIFS or NFS, when at leastone of these exports allows write access.
189Using SFS as a CIFS serverSharing file systems using CIFS and NFS protocols
To export a file system to Windows and UNIX users
1 Go to the NFS mode and enter the following commands:
NFS> share add ro fs1
Exporting *:/vx/fs1 with options ro
..Success.
NFS> share show
/vx/fs1 * (ro)
NFS> exit
2 To export a file system to Windows and UNIX users with read-only permission,go to CIFS mode and enter the following commands:
CIFS> show
Name Value
---- -----
netbios name mycluster
ntlm auth yes
allow trusted domains no
homedirfs
quota 0
idmap backend rid:10000-20000
workgroup SYMANTECDOMAIN
security ads
Domain SYMANTECDOMAIN.COM
Domain user administrator
Domain Controller SYMSERVER
CIFS> share add fs1 share1 rw
SFS cifs WARNING V-288-0 Filesystem (fs1) is already shared over NFS
with 'ro' permission.
Do you want to proceed (y/n): y
Exporting CIFS filesystem : share1 ..
CIFS> share show
ShareName FileSystem ShareOptions
share1 fs1 owner=root,group=root,rw
CIFS>
When the file system in CIFS is set to homedirfs, the SFS software assumes thatthe file system is exported to CIFS users in read and write mode. SFS does notallow you to export the same file system as an CIFS share and a home directoryfile system (homedirfs). For example, if the file system fs1 is already exportedas a CIFS share then you cannot set it as homedirfs.
Using SFS as a CIFS serverSharing file systems using CIFS and NFS protocols
190
To export a file system set as homedirfs
◆ To request that a file system be used for home directories, you need to exportthe file system. Go to the CIFS mode and enter the following:
CIFS> share show
ShareName FileSystem ShareOptions
share1 fs1 owner=root,group=root,rw
CIFS> set homedirfs fs1
SFS cifs ERROR V-288-615 Filesystem (fs1) is already exported
by another CIFS share.
CIFS>
About SFS cluster and load balancingCIFS users can access an exported share on any of the SFS nodes. All of the nodescan concurrently perform file operations. All of the file systems are mounted onevery node. The exported shares are also exported from every node. However,there is a restriction: only one node at a time can perform file operations on asingle share. The decision which node is currently allowed to perform the fileoperations for a specific share is made by the SFS software and is transparent tothe CIFS users.
When a CIFS share is accessed by a node that is not the owner of that share, SFStransparently redirects the access to the node that is the owner of that share. Soall of the processing for a CIFS share is performed by the node that is designatedas the owner of that share.
If the SFS work load is found to be too high on a node that owns a share, you can"split" the share by using the CIFS> split command.
By splitting a share:
■ Each share's top-level directories is treated as a single share. Each top-leveldirectory becomes like a root of a new share and only one node at a time canperform the file operations on this new share.
■ The ownership of different top-level directories is assigned to different nodesin the SFS cluster, balancing the CIFS-related workload.
Caution: You cannot specify which node owns the split share. If the node gettingthe ownership already has a heavy load, the new load distribution may worsenyour situation.
191Using SFS as a CIFS serverAbout SFS cluster and load balancing
Use the CIFS> share show command to view which virtual IP is assigned to ashare.
Use the Network> ip addr show command to view which node is assigned avirtual IP. This shows which node is the current owner of the exported shares.
Splitting a shareYou can split an exported share with the split command. This changes the waya CIFS-related workload is allocated to the SFS nodes.
The purpose of the split command is to have multiple nodes serving a largeshare. Although the command can balance the subdirectory share in a round-robinfashion, the split is not based on the actual load.
Restrictions for split command include the following:
■ You cannot split a sharename more than once.
■ You cannot delete the subdirectory share of a split share.
■ You cannot undo the effects of the split command.
Using SFS as a CIFS serverAbout SFS cluster and load balancing
192
To split a share
1 To split a share, enter the following:
CIFS> split sharename [DirName]
The name of the share you want to split. It distributes thetop-level directories of a file system across the SFS nodes.
sharename
You must first split the share before you can enter a directoryname. After you have split the share, enterCIFS> share show
split share name for a list of directories.
The name of the new top-level share directory in the split share.This optional variable adds a top-level directory to a file system,whose corresponding share may or may not have been split.
DirName
For example:
CIFS> split share1
Splitting share splitshare : .........Success.
2 To display the list of all of the CIFS shares, enter the following command.The output, the asterisk and the word split indicate that a share is split.
CIFS> share show
ShareName FileSystem ShareOptions
share1* fs3 split,rw
share2 fs2 rw,guest
share3 fs3 ro,oplocks
3 To display the details of a share name, enter the following:
CIFS> share show share1
DirName VIP Address
Finan 172.16.113.116
HR 172.16.113.117
Mark 172.16.113.118
Prod 172.16.113.119
193Using SFS as a CIFS serverAbout SFS cluster and load balancing
4 To create a new top-level directory in a split share, enter the followingcommand. To create a new top-level directory called newdir in an alreadysplit share called share1, enter the following:
CIFS> split share1 newdir
Creating directory: newdir
Success: Directory 'newdir' created
About managing home directoriesYou can use SFS to store the home directories of CIFS users.
The home directory share name is identical to the SFS user name. When SFSreceives a new CIFS connection request, it checks if the requested share is one ofthe ordinary exported shares. If it is not, SFS checks if the requested share nameis the name of an existing SFS user (either local user or domain user, dependingon the current mode of operation). If a match is found, it means that the receivedconnection request is for a home directory share.
You can access your home directory share the same way you access the file systemordinary shares. A user can connect only to his or her own home directory.
Table 9-12 Home directory commands
DefinitionCommand
Specifies one or more file systems to be used for home directories.
See “To specify one or more file systems as the home directories”on page 195.
set homedirfs
Enables use of quotas on home directory file systems.
See “To enable use of quotas on home directory file systems”on page 197.
homedir quota
Manually creates a home directory.
See “To manually create a home directory” on page 198.
homedir set
Sets the quota for all of the users. The command also modifies thevalue of the global quota.
See “To set the quota value for all of the home directories” on page 199.
homedir setall
Displays information about home directories.
See “To display information about home directories” on page 200.
homedir show
Using SFS as a CIFS serverAbout managing home directories
194
Table 9-12 Home directory commands (continued)
DefinitionCommand
Deletes a home directory share.
See “To delete a home directory share” on page 200.
homedir delete
Deletes the home directories.
See “To delete the home directories” on page 201.
homedir deleteall
Setting the home directory file systemsHome directory shares are stored in one or more file systems. A single homedirectory can exist only in one of these file systems, but a number of homedirectories can exist in a single home directory file system. The file systems whichare to be used for home directories are specified using the CIFS> set homedirfs
command.
To specify one or more file systems as the home directories
1 To reserve one or more file systems for home directories, enter the following:
CIFS> set homedirfs [filesystemlist]
where filesystemlist is a comma-separated list of names of the file systemswhich are used for the home directories.
For example:
CIFS> set homedirfs fs1,fs2,fs3
Global option updated. Note: Restart the CIFS server.
2 If you want to remove the file systems you previously set up, enter thecommand again, without any file systems:
CIFS> set homedirfs
3 To find which file systems (if any) are currently used for home directories,enter the following:
CIFS> show
After you select one or more of the file systems to be used in this way, youcannot export the same file systems as ordinary CIFS shares.
If you want to change the current selection, for example, to add an additionalfile system to the list of home directory file systems or to specify that no file
195Using SFS as a CIFS serverAbout managing home directories
system should be used for home directories, you have to use the same CIFS>set homedirfs command. In each case you must enter the entire new list ofhome directory file systems, which may be an empty list when no homedirectory file systems are required.
SFS treats home directories differently from ordinary shares. The differencesare as follows:
■ An ordinary share is used to export a file system, while a number of homedirectories can be stored in a single file system.
■ The file systems used for home directories cannot be exported as ordinaryshares.
■ The CIFS> split command can be used for an ordinary share but not fora home directory share.
■ Exporting a home directory share is done differently than exportingordinary share. Also, removing these two kinds of shares is donedifferently.
■ The configuration options you specify for an ordinary share (such asread-only or use of opportunistic locks) are different from the ones youspecify for a home directory share.
Enabling quotas on home directory file systemsYou can use the CIFS> homedir quota command to enable or disable the use ofquotas and check if the quotas are enabled or disabled.
Note:When quotas on home directory file systems are disabled, theCIFS> homedir
show command does not show values for quotas.
Using SFS as a CIFS serverAbout managing home directories
196
To enable use of quotas on home directory file systems
◆ To enable the use of quotas, enter the following:
homedir quota quotaoption
where quotaoption is the variable you want to enter for the command.
To enable the use of quotas, enter the following:
CIFS> homedir quota on
To disable the use of quotas, enter the following:
CIFS> homedir quota off
To check the status of quotas, enter the following:
CIFS> homedir quota status
Setting up home directories and use of quotasYou can manually create a home directory with the CIFS> homedir set command,or SFS can create it automatically when it accesses the home directory for thefirst time.
The homedir set command lets you specify or change a quota value for the givenhome directory. The other method is automatic, but does not let you specify aquota value at the time of creation.
You can specify a global quota value by using the CIFS> homedir setall quota
command.
See “To set the quota value for all of the home directories” on page 199.
Once the global quota value is specified, the value applies to the automaticallycreated homedir. For example, if you set the global quota value to CIFS> homedir
setall 100M and you then create a new homedir in Windows, then the 100Mquota value is assigned to that homedir.
197Using SFS as a CIFS serverAbout managing home directories
To manually create a home directory
1 To manually create a home directory, enter the following:
CIFS> homedir set username [domainname] [quota]
The name of the new home directory.username
The domain for the new home directory.domainname
The storage space quota to be used for this home directory.
The allowed values for quota are:
0 - Enter zero if there is no quota for this home directory.
N - Enter a number greater than zero optionally followed by: k,K, m, M, g, G, t, or T (for kilo, mega, giga, or terabyte). If you donot enter a letter, the value is in bytes.
quota
2 To find the current settings for a home directory, including the quota, enterthe following:
CIFS> homedir show [username] [domainname]
The name of the home directory.username
The Active Directory/Windows NT domain name or specify 'local'for the SFS local user [local].
domainname
3 To find the current settings for all home directories, including quotas, enterthe following:
CIFS> homedir show
When you connect to your home directory for the first time, and if the homedirectory has not already been created, SFS selects one of the available homedirectory file systems and creates the home directory there. The file systemis selected in a way that tries to keep the number of home directories balancedacross all available home directory file systems. The automatic creation of ahome directory does not require any commands, and is transparent to boththe users and the SFS administrators.
The quota limits the amount of disk space you can allocate for the files in ahome directory. You can set the same quota value for all home directoriesusing the CIFS> homedir setall command.
Using SFS as a CIFS serverAbout managing home directories
198
To set the quota value for all of the home directories
◆ To set the quota value which will be applied to all home directories, enter thefollowing:
CIFS> homedir setall quota
where quota is the number you want to set.
0 - Enter zero if there is no quota for this home directory.quota
N - Enter a number greater than zero optionally followed by: k,K, m, M, g, G, t, or T (for kilo, mega, giga, or terabyte). If you donot enter a letter, the value is in bytes.
For example:
CIFS> homedir setall 6M
Setting quota for CIFS local user: usr1
Setting quota for CIFS local user: usr2
Setting quota for SFSQA domain user: administrator
Setting quota for SFSQA domain user: smith
Done
CIFS>
SFS CIFS currently uses soft quotas for home directories. This means thatthe storage space quota can be exceeded, but only for a period of time. Thisperiod is seven days and it cannot be changed. After this period has expired,if the allocated space is still over the limit, any new request to allocate spacefor files in the same home directory fails.
Displaying home directory usage informationYou can display information about home directories using the CIFS> homedir
show command.
Note: Information about home directory quotas is up to date only when you enablethe use of quotas for the home directory file systems.
199Using SFS as a CIFS serverAbout managing home directories
To display information about home directories
1 To display information about a specific user's home directory, enter thefollowing:
CIFS> homedir show [username] [domainname]
The name of the home directory.username
The domain where the home directory is located.domainname
2 To display information about all home directories, enter the following:
CIFS> homedir show
Deleting home directories and disabling creation of home directoriesYou can delete a home directory share. This also deletes the files andsub-directories in the share.
After a home directory is deleted, if you try to access the same home directoryagain, a new home directory will automatically be created.
If you have an open file when the home directory is deleted, and you try to savethe file, a warning appears:
Warning: Make sure the path or filename is correct.
Save dialog?
Click on the Save button which saves the file to a new home directory.
To delete a home directory share
◆ To delete the home directory of a specific user, enter the following:
CIFS> homedir delete username [domainname]
Do you want to delete homedir for username(y/n):
The name of the home directory you want to delete.
Respond with y(es) or n(o) to confirm the deletion.
username
The domain it is located in.domainname
You can delete all of the home directory shares with theCIFS> homedir deleteall
command. This also deletes all files and subdirectories in these shares.
Using SFS as a CIFS serverAbout managing home directories
200
After you delete the existing home directories, you can again create the homedirectories manually or automatically.
To delete the home directories
◆ To delete all home directories, enter the following:
CIFS> homedir deleteall
Do you want to delete all home directories (y/n):
Respond with y(es) or n(o) to confirm the deletion.
After you delete the home directories, you can stop SFS serving homedirectories by using the CIFS> set homedirfs command.
To disable creation of home directories
◆ To specify that there are no home directory file systems, enter the following:
CIFS> set homedirfs
After these steps, SFS does not serve home directories.
About managing local users and groupsWhen SFS is operating in the standalone mode, only the local users and groupsof users can establish CIFS connections and access the home directories andordinary shares. The SFS local files store the information about these user andgroup accounts. Local procedures authenticate and authorize these users andgroups based on the use of names and passwords. You can manage the local usersand groups as described in the rest of this topic.
Accounts for local users can be created, deleted, and information about them canbe displayed using the CIFS> local user commands.
Table 9-13 Manage local users and groups commands
DefinitionCommand
Adds a new user to CIFS. You can add the user to a local group, byentering the group name in the optional grouplist variable. Before youadd the user to a grouplist, you must create the grouplist.
When you create a local user, SFS assigns a default password to thenew account. The default password is the same as the user name. Forexample, if you enter usr1 for the user name, the default password isalso usr1.
See “To create the new local CIFS user” on page 202.
local user add
201Using SFS as a CIFS serverAbout managing local users and groups
Table 9-13 Manage local users and groups commands (continued)
DefinitionCommand
The default password for a newly-created account is the same as theuser name. You can change the default password using the CIFS>local password command.
The maximum password length is eight characters.
See “To set the local user password” on page 203.
local password
Deletes local user accounts.
See “To delete the local CIFS user” on page 204.
local user delete
Displays the user ID and lists the groups to which the user belongs.If you do not enter an optional username, the command lists all CIFSexisting users.
See “To display the local CIFS user(s)” on page 203.
local user show
Adds a user to one or more groups. For existing users, this commandchanges a user's group membership.
See “To change a user's group membership” on page 204.
local usermembers
Creating a local CIFS userTo create the new local CIFS user
◆ To create a local CIFS user, enter the following:
CIFS> local user add username [grouplist]
where username is the name of the user. The grouplist is a comma-separatedlist of group names.
For example:
CIFS> local user add usr1 grp1,grp2
Adding USER : usr1
Success: User usr1 created successfully
Using SFS as a CIFS serverAbout managing local users and groups
202
To set the local user password
◆ To set the local password, enter the following:
CIFS> local password username
where username is the name of the user whose password you are changing.
For example, to reset the local user password for usr1, enter the following:
CIFS> local password usr1
Changing password for usr1
New password:*****
Re-enter new password:*****
Password changed for user: 'usr1'
To display the local CIFS user(s)
1 To display local CIFS users, enter the following:
CIFS> local user show [username]
where username is the name of the user.
For example, to list all local users:
CIFS> local user show
List of Users
-------------
usr1
usr2
usr3
2 To display one local user, enter the following:
CIFS> local user show usr1
Username : usr1
UID : 1000
Groups : grp1
203Using SFS as a CIFS serverAbout managing local users and groups
To delete the local CIFS user
◆ To delete a local CIFS user, enter the following:
CIFS> local user delete username
where username is the name of the local user you want to delete.
For example:
CIFS> local user delete usr1
Deleting User: usr1
Success: User usr1 deleted successfully
To change a user's group membership
◆ To change a user's group membership, enter the following:
CIFS> local user members username grouplist
where username is the local user name being added to the grouplist. Groupnames in the grouplist must be separated by commas.
For example:
CIFS> local user members usr3 grp1,grp2
Success: usr3's group modified successfully
About configuring local groupsA local user can be a member of one or more local groups. This group membershipis used in the standalone mode to determine if the given user can perform somefile operations on an exported share. You can create, delete, and displayinformation about local groups using the CIFS> local group command.
Table 9-14 Configure local groups commands
DefinitionCommand
Creates a local CIFS group.
See “To create a local group” on page 205.
local group add
Displays the list of available local groups you created.
See “To list all local groups” on page 205.
local group show
Using SFS as a CIFS serverAbout configuring local groups
204
Table 9-14 Configure local groups commands (continued)
DefinitionCommand
Deletes a local CIFS group.
See “To delete the local CIFS groups” on page 206.
local group delete
Configuring a local groupTo create a local group
◆ To create a local group, enter the following:
CIFS> local group add groupname
where groupname is the name of the local group.
For example:
CIFS> local group add grp1
Adding GROUP: grp1
Success: Group grp1 created successfully
To list all local groups
◆ To list all existing local groups, enter the following:
CIFS> local group show [groupname]
where groupname lists all of the users that belong to that specific group.
For example:
CIFS> local group show
List of groups
-------------
grp1
grp2
grp3
For example:
CIFS> local group show grp1
GroupName UsersList
--------- ---------
grp1 usr1, usr2, usr3, urs4
205Using SFS as a CIFS serverAbout configuring local groups
To delete the local CIFS groups
◆ To delete the local CIFS group, enter the following:
CIFS> local group delete groupname
where groupname is the name of the local CIFS group.
For example:
CIFS> local group delete grp1
Deleting Group: grp1
Success: Group grp1 deleted successfully
Using SFS as a CIFS serverAbout configuring local groups
206
Using FTP
This chapter includes the following topics:
■ About FTP
■ Displaying FTP server
■ About FTP server commands
■ About FTP set commands
■ About FTP session commands
■ Using the logupload command
About FTPThe File Transfer Protocol (FTP) server feature allows clients to access files onthe SFS servers using the FTP protocol. The FTP service providessecure/non-secure access via FTP to files in the SFS servers. The FTP service runson all of the nodes in the cluster and provides simultaneous read/write access tothe files. The FTP service also provides configurable anonymous access to thefiler. The FTP commands are used to configure the FTP server.
By default, the FTP server is not running. You can start the FTP server using theFTP> server start command. The FTP server starts on the standard FTP port21.
FTP mode commands are listed in Table 10-1.
To access the commands, log into the administrative console (master,system-admin, or storage-admin) and enter FTP>mode. For login instructions, goto About using the SFS command-line interface.
10Chapter
Table 10-1 FTP mode commands
DefinitionCommand
Displays the FTP server settings.
See “Displaying FTP server” on page 208.
show
Starts, stops, and displays the status of the FTP server.
See “About FTP server commands” on page 208.
server
Configures the FTP server.
See “About FTP set commands” on page 210.
set
Displays and terminates the FTP sessions.
See “About FTP session commands” on page 216.
session
Uploads the FTP logs to a URL.
See “Using the logupload command” on page 219.
logupload
Displaying FTP serverTo display the FTP settings
◆ To display the FTP settings, enter the following:
FTP> show
Parameter Current Value
--------- -------------
max_connections 2000
anonymous_logon no
anonymous_write no
allow_non_ssl yes
anonymous_login_dir /vx/
passive_port_range 30000:40000
idle_timeout 15 minutes
About FTP server commandsThe FTP> server commands start, stop, and display the status of the FTP server.
Using FTPDisplaying FTP server
208
Note: All configuration changes made using the FTP> set commands come intoeffect only when the FTP server is restarted.
Table 10-2 FTP server commands
DefinitionCommand
Displays the status of the FTP server.
See “To display the FTP server status” on page 209.
server status
Starts the FTP server on all nodes. If the FTP server is already started,the SFS software clears any faults and tries to start the FTP server.
See “To start the FTP server” on page 209.
server start
Stops the FTP server and terminates any existing FTP sessions. Bydefault, the FTP server is not running.
See “To stop the FTP server” on page 210.
server stop
Using the FTP server commandsTo display the FTP server status
◆ To display the FTP server status, enter
FTP> server status
FTP Status on sfs_1 : OFFLINE
FTP Status on sfs_2 : OFFLINE
To start the FTP server
◆ To start the FTP server, enter the following:
FTP> server start
FTP>
To check server status, enter the following:
FTP> server status
FTP Status on sfs_1 : ONLINE
FTP Status on sfs_2 : ONLINE
209Using FTPAbout FTP server commands
To stop the FTP server
◆ To stop the FTP server, enter the following:
FTP> server stop
FTP>
To check the server status, enter the following:
FTP> server status
FTP Status on sfs_1 : OFFLINE
FTP Status on sfs_2 : OFFLINE
About FTP set commandsThe FTP> set commands let you set various configurable options for the FTPserver.
Table 10-3 FTP set commands
DefinitionCommand
Tells the FTP server whether or not to allow anonymouslogons. Enter yes to allow anonymous users to log on to theFTP server. Enter no (default) to not allow anonymouslogons.
For the changes to take effect you will need to restart theFTP server. Enter FTP> server stop followed by FTP>server start.
See “To set anonymous logons” on page 213.
set anonymous_logon
Specifies the login directory for anonymous users. Thedefault value of this parameter is /vx/. Valid values of thisparameter start with /vx/. Make sure that the anonymoususer (UID:40 GID:49 UNAME:ftp) has the appropriatepermissions to read files in login_directory.
For the changes to take effect, you need to restart the FTPserver. Enter FTP> server stop followed by FTP>server start.
See “To set anonymous logins” on page 214.
set anonymous_login_dir
Using FTPAbout FTP set commands
210
Table 10-3 FTP set commands (continued)
DefinitionCommand
Specifies whether or not anonymous users have the [write]value in their login_directory. Enter yes to allow anonymoususers to modify contents of their login_directory. Enter no(default) to not allow anonymous users to modify thecontents of their login_directory. Make sure that theanonymous user (UID:40 GID:49 UNAME:ftp) has theappropriate permissions to modify files in theirlogin_directory.
For the changes to take effect, you need to restart the FTPserver. Enter FTP> server stop followed by FTP>server start.
See “To set anonymous write access” on page 214.
set anonymous_write
Specifies whether or not to allow non-secure (plain-text)logins into the FTP server. Enter yes (default) to allownon-secure (plain-text) logins to succeed. Enter no to allownon-secure (plain-text) logins to fail.
For the changes to take effect you need to restart the FTPserver. Enter FTP> server stop followed by FTP>server start.
See “To set non-secure logins” on page 214.
set allow_non_ssl
Specifies the maximum number of simultaneous FTP clientsallowed. Valid values for this parameter range from 1-9999.The default value is 2000. It affects the entire cluster.
For the changes to take effect, you need to restart the FTPserver. Enter FTP> server stop followed by FTP>server start.
See “To set maximum connections” on page 215.
set max_connections
211Using FTPAbout FTP set commands
Table 10-3 FTP set commands (continued)
DefinitionCommand
Specifies the range of port numbers to listen on for passiveFTP transfers. The port_range defines a range specified asstartingport:endingport. A port_range of 30000:40000specifies that port numbers starting from 30000 to 40000can be used for passive FTP. Valid values for port numbersrange from 30000 to 50000. The default value of this optionis 30000:40000.
For the changes to take effect, you need to restart the FTPserver. Enter FTP> server stop followed by FTP>server start.
See “To set range of port numbers” on page 215.
set passive_port_range
Specifies the amount of time in minutes after which an idleconnection is disconnected. Valid values for time_in_minutesrange from 1 to 600 (default value is 15 minutes).
For the changes to take effect, you need to restart the FTPserver. Enter FTP> server stop followed by FTP>server start.
See “To set idle timeout” on page 215.
set idle_timeout
Using FTPAbout FTP set commands
212
Using the set commandsTo set anonymous logons
◆ To enable anonymous logons, enter the following:
FTP> set anonymous_logon yes|no
Allows anonymous users to log on to the FTP server.yes
Does not allow anonymous logons.no (default)
You need to stop and then start the server for the new setting to take affect.
For example:
FTP> set anonymous_logon yes
FTP> show
Parameter Current Value New Value
--------- ------------- ---------
max_connections 2000
anonymous_logon no yes
anonymous_write no
allow_non_ssl yes
anonymous_login_dir /vx/
passive_port_range 30000:40000
idle_timeout 15 minutes
FTP> server stop
FTP> server start
FTP> show
Parameter Current Value
--------- -------------
max_connections 2000
anonymous_logon yes
anonymous_write no
allow_non_ssl yes
anonymous_login_dir /vx/
passive_port_range 30000:40000
idle_timeout 15 minutes
213Using FTPAbout FTP set commands
To set anonymous logins
◆ To set anonymous logins, enter the following:
FTP> set anonymous_login_dir login_directory
where the login_directory is the login directory of the anonymous users onthe FTP server.
To set anonymous write access
◆ To set anonymous write access, enter the following:
FTP> set anonymous_write yes|no
Allows anonymous users to modify the contents of theirlogin_directory.
yes
Does not allow anonymous users to modify the contents of theirlogin_directory.
no (default)
For example:
FTP> set anonymous_write yes
FTP>
To set non-secure logins
◆ To set non-secure login access to the FTP server, enter the following:
FTP> set allow_non_ssl yes|no
Allows non-secure (plain-text) logins to succeed.yes (default)
Allows non-secure (plain-text) logins to fail.no
For example:
FTP> set allow_non_ssl no
FTP>
Using FTPAbout FTP set commands
214
To set maximum connections
◆ To set the maximum number of allowed simultaneous FTP clients, enter thefollowing:
FTP> set max_connections connections_number
where connections_number is the number of concurrent FTP connectionsallowed on the FTP server.
For example:
FTP> set max_connections 3000
FTP>
To set range of port numbers
◆ To set the range of port numbers to listen on for passive FTP transfers, enterthe following:
FTP> set passive_port_range port_range
where port_range is the range of port numbers to listen on for passive FTPtransfers.
For example:
FTP> set passive_port_range 35000:45000
FTP>
To set idle timeout
◆ To set the amount of time a connection can stay idle before disconnecting,enter the following:
FTP> set idle_timeout time_in_minutes
where time_in_minutes is the amount of time you want the connection to stayidle before disconnecting.
For example:
FTP> set idle_timeout 30
FTP>
215Using FTPAbout FTP set commands
To implement set command changes
1 To view all of the FTP> set command changes, enter the following:
FTP> show
Parameter Current Value New Value
--------- ------------- ---------
max_connections 2000 3000
anonymous_logon no yes
anonymous_write no yes
allow_non_ssl yes no
anonymous_login_dir /vx/
passive_port_range 30000:40000 35000:45000
idle_timeout 15 minutes 30 minutes
2 To implement the new changes, enter the following:
FTP> server stop
FTP> server start
3 To view the new command settings, enter the following:
FTP> show
Parameter Current Value
--------- -------------
max_connections 3000
anonymous_logon yes
anonymous_write yes
allow_non_ssl no
anonymous_login_dir /vx/
passive_port_range 35000:45000
idle_timeout 30 minutes
About FTP session commandsThe FTP> session commands allow you to view or terminate the FTP sessionsthat are currently active.
Using FTPAbout FTP session commands
216
Table 10-4 FTP session Commands
DefinitionCommand
Displays the number of current FTP sessions to each node.
See “To display the current FTP sessions” on page 217.
session show
Displays the details of each session that matches the filter_optionscriteria. If no filter_options are specified, all sessions are displayed. Ifmultiple filter options are provided then sessions matching all of thefilter options are displayed. Filter options can be combined by using','.
The details displayed include: Session ID, User, Client IP, Server IP,State (UL for uploading; DL for downloading, or IDLE), and File (thename of the files that appear are either being uploaded or downloaded).If an '?' appears under User, the session is not yet authenticated.
See “To display the FTP session details” on page 218.
session showdetail
Terminates the session entered for the session_id variable. What youenter is the same session displayed under Session ID with the FTP>session showdetail command.
See “To terminate an FTP session” on page 218.
session terminate
Using the FTP session commandsTo display the current FTP sessions
◆ To display the current FTP sessions, enter the following:
FTP> session show
Max Sessions : 2000
Nodename Current Sessions
-------- ----------------
sfs_1 4
sfs_2 2
217Using FTPAbout FTP session commands
To display the FTP session details
◆ To display the details in the FTP sessions, enter the following:
FTP> session showdetail [filter_options]
where filter_optionsdisplay the details of the sessions under specific headings.Filter options can be combined by using ','. If multiple filter options are used,sessions matching all of the filter options are displayed.
For example, to display all of the session details, enter the following:
FTP> session showdetail
Session ID User Client IP Server IP State File
---------- ---- --------- --------- ----- ----
sfs_1.1111 user1 10.209.105.219 10.209.105.111 IDLE
sfs_1.1112 user2 10.209.106.11 10.209.105.111 IDLE
sfs_2.1113 user3 10.209.107.21 10.209.105.112 IDLE
sfs_1.1117 user4 10.209.105.219 10.209.105.111 DL file123
sfs_2.1118 user1 10.209.105.219 10.209.105.111 UL file345
sfs_1.1121 user5 10.209.111.219 10.209.105.112 IDLE
For example, to display the details of the current FTP sessions to the ServerIP (10.209.105.112), originating from the Client IP (10.209.107.21), enter thefollowing:
FTP> session showdetail server_ip=10.209.105.112,client_ip=10.209.107.21
Session ID User Client IP Server IP State File
---------- ---- --------- --------- ----- ----
sfs_2.1113 user3 10.209.107.21 10.209.105.112 IDLE
To terminate an FTP session
◆ To terminate one of the FTP sessions displayed in the FTP> session
showdetail command, enter the following:
FTP> session terminate session_id
where session_id is the unique identifier for each FTP session displayed inthe FTP> session showdetail output.
FTP> session terminate sfs_2.1113
Session sfs_2.1113 terminated
Using FTPAbout FTP session commands
218
Using the logupload commandThe FTP> logupload command allows you to upload the FTP server logs to aspecified URL.
To upload the FTP server logs
◆ To upload the FTP server logs to a specified URL, enter the following:
FTP> logupload url [nodename]
The URL where the FTP logs will be uploaded. The URL supportsboth FTP and SCP (secure copy protocol). If a nodename isspecified, only the logs from that node are uploaded.
The default name for the uploaded file is ftp_log.tar.gz.
url
The node on which the operation occurs. Enter the value all forthe operation to occur on all of the nodes in the cluster.
nodename
Use the password you already set up on the node to which youare uploading the logs.
password
For example, to upload the logs from all of the nodes to an SCP-based URL:
FTP> logupload scp://user@host:/path/to/directory all
Password:
Collecting FTP logs, please wait.....
Uploading the logs to scp://root@host:/path/to/directory,
please wait...done
For example, to upload the logs from sfs_1 to an FTP-based URL:
FTP> logupload ftp://user@host:/path/to/directory sfs_1
Password:
Collecting FTP logs, please wait.....
Uploading the logs to ftp://root@host:/path/to/directory,
please wait...done
219Using FTPUsing the logupload command
Using FTPUsing the logupload command
220
Configuring eventnotifications
This chapter includes the following topics:
■ About configuring event notifications
■ About severity levels and filters
■ About email groups
■ About syslog event logging
■ Displaying events
■ About SNMP notifications
■ Configuring events for event reporting
■ Exporting events in syslog format to a given URL
About configuring event notificationsEvent notifications link applications that generate messages (the "events") toapplications that monitor the associated conditions and respond when triggeredby the events.
This chapter discusses the SFS report commands. The Report commands aredefined in Table 11-1.
To access the commands, log into the administrative console (for master,system-admin, or storage-admin) and enter Report>mode. For login instructions,go to About using the SFS command-line interface.
11Chapter
Table 11-1 Report mode commands
DefinitionCommand
Configures an email group.
See “Configuring an email group” on page 225.
Configures a syslog server.
See “Configuring a syslog server” on page 230.
syslog
Displays events.
See “Displaying events” on page 231.
showevents
Configures an SNMP management server.
See “Configuring an SNMP management server” on page 233.
snmp
Configures events for event reporting.
See “Configuring events for event reporting” on page 236.
event
Exports events in syslog format to a given URL.
See “Exporting events in syslog format to a given URL” on page 237.
exportevents
About severity levels and filtersEach group can have its own severity definition. You can define the lowest levelof the severity that will trigger all other severities higher than it.
The following table describes the valid SFS severity levels.
Table 11-2 Severity levels
DescriptionValid value
Indicates that the system is unusableemerg
Indicates that immediate action is requiredalert
Indicates a critical conditioncrit
Indicates an error conditionerr
Indicates a warning conditionwarning
Indicates a normal but significant conditionnotice
Indicates an informational messageinfo
Configuring event notificationsAbout severity levels and filters
222
Table 11-2 Severity levels (continued)
DescriptionValid value
Indicates a debugging messagedebug
Valid filters include:
■ network - if an alert is for a networking event, then selecting the "network"filter triggers that alert. If you select the "network" filter only, and an alert isfor a storage-related event, the "network" alert will not be sent.
■ storage - is for storage-related events, for example, file systems, snapshots,disks, and pools
■ all
About email groupsTheemail commands configure the email notifications of events. These commandssupport the following:
■ Adding email groups.
■ Adding filters to the group.
■ Adding email addresses to the email group.
■ Adding event severity to the group.
■ Configuring an external email server for sending the event notification emails.
Table 11-3 Email group commands
DefinitionCommand
Displays an existing email group or details for the email group.
See “To display an existing email group or details for the email group”on page 225.
email show
Uses email groups to group multiple email addresses into one entity;the email group is used as the destination of the SFS email notification.Email notification properties can be configured for each email group.
When an email group is added initially, it has the all default filter.When a group is added initially, the default severity is info.
See “To add an email group” on page 225.
email add group
223Configuring event notificationsAbout email groups
Table 11-3 Email group commands (continued)
DefinitionCommand
Adds an email address to a group.
See “To add an email address to a group” on page 226.
email addemail-address
Adds a severity level to an email group.
See “To add a severity level to an email group” on page 226.
email add severity
Adds a filter to a group.
See “To add a filter to a group” on page 227.
email add filter
Deletes an email address.
See “To delete an email address from a specified group” on page 227.
email delemail-address
Deletes a filter from a specified group.
See “To delete a filter from a specified group” on page 228.
email del filter
Deletes an email group.
See “To delete an email group” on page 228.
email del group
Deletes a severity from a specified group.
See “To delete a severity from a specified group ” on page 228.
email del severity
Displays the details of the configured email server.
Obtain the following information:
■ Name of the configured email server
■ Email user's name
■ Email user's password
See “To display the details of the configured email server” on page 229.
email get
Displays details for the configured email server and the email user.
See “To set the details of the email server” on page 229.
email set
Deletes the configured email server by specifying the commandwithout any options to delete the email server.
See “To delete the configured email server” on page 229.
email set
Configuring event notificationsAbout email groups
224
Configuring an email groupTo display an existing email group or details for the email group
◆ To display an existing email group or details for the email group, enter thefollowing:
Report> email show [group]
group is optional, and it specifies the group for which to display details. Ifthe specified group does not exist, an error message is displayed.
For example:
Report> email show root
Group Name: root
Severity of the events: info,debug
Filter of the events: all,storage
Email addresses in the group: adminuser@localhost
OK Completed
To add an email group
◆ To add an email group, enter the following:
Report> email add group group
where group specifies the name of the added group and can only contain thefollowing characters:
■ Alpha characters
■ Numbers
■ Hyphens
■ Underscores
Entering invalid characters results in an error message. If the entered groupalready exists, then no error message is displayed.
For example:
Report> email add group alert-grp
OK Completed
225Configuring event notificationsAbout email groups
To add an email address to a group
◆ To add an email address to a group, enter the following:
Report> email add email-address group email-address
For example:
Report> email add email-address alert-grp symantecexample.com
OK Completed
Specifies the group to which the email address is beingadded. If the email group specified does not exist, thenan error message is displayed.
group
Specifies the email address to be added to the group.If the email address is not a valid email address, forexample, [email protected], a messageis displayed. If the email address has already beenadded to the specified group, a message is displayed.
email-address
To add a severity level to an email group
◆ To add a severity level to an email group, enter the following:
Report> email add severity group severity
For example:
Report> email add severity alert-grp alert
OK Completed
Specifies the email group for which to add the severity.If the email group specified does not exist, an errormessage is displayed.
group
Indicates the severity level to add to the email group.
See “About severity levels and filters” on page 222.
Entering an invalid severity results in an errormessage, prompting you to enter a valid severity.
Only one severity level is allowed at one time.
You can have two different groups with the sameseverity levels and filters.
Each group can have its own severity definition. Youcan define the lowest level of the severity that willtrigger all other severities higher than it.
severity
Configuring event notificationsAbout email groups
226
To add a filter to a group
◆ To add a filter to a group, enter the following:
Report> email add filter group filter
Specifies the email group for which to apply the filter.If the specified email group does not exist, an errormessage is displayed.
group
Specifies the filter for which to apply to the group.
See “About severity levels and filters” on page 222.
The default filter is all.
A group can have more than one filter, but there maynot be any duplicate filters for the group.
filter
For example:
Report> email add filter root storage
OK Completed
To delete an email address from a specified group
◆ To delete an email address, enter the following:
Report> email del email-address group email-address
Specifies the group from which to delete the emailaddress. If the entered group does not exist, an errormessage is displayed.
group
Specifies the email address from which to delete fromthe group. If the email address entered does not existfor the group, an error message is displayed.
email-address
For example, to delete an existing email address from the email group, enterthe following:
Report> email del email-address root testuser@localhost
227Configuring event notificationsAbout email groups
To delete a filter from a specified group
◆ To delete a filter from a specified group, enter the following:
Report> email del filter group filter
Specifies the group to remove the filter from. If theentered email group does not exist, an error messageis displayed.
group
Specifies the filter to be removed from the group.
See “About severity levels and filters” on page 222.
The default filter is all.
If the specified filter is not in the specified group, anerror message is displayed.
filter
To delete an email group
◆ To delete an email group, enter the following:
Report> email del group group
group specifies the name of the email group to be deleted. If the email groupspecified does not exist, an error message is displayed.
To delete a severity from a specified group
◆ To delete a severity from a specified group, enter the following:
Report> email del severity group severity
Specifies the name of the email group from which theseverity is to be deleted. If the specified email groupdoes not exist, an error message is displayed.
group
Specifies the severity to delete from the specifiedgroup.
See “About severity levels and filters” on page 222.
A severity cannot be deleted from a group if it does notexist for that group. If this occurs, an error message isdisplayed.
severity
Configuring event notificationsAbout email groups
228
To display the details of the configured email server
◆ To display the details of the configured email server, enter the following:
Report> email get
E-Mail Server: smtp.symantec.com
E-Mail Username: adminuser
E-mail User's Password: ********
OK Completed
To set the details of the email server
◆ To set the details of the email server, enter the following:
Report> email set [email-server] [email-user]
Specifies the external email server for which you want todisplay the details for. For example, you would specify thefollowing command:
Report> email set smtp.symantecexample.com
email-server
Specifies the email user for which you want to display detailsfor. For example, you would specify the following command:
email-user
For example:
Report> email set smtp.symantec.com adminuser
Enter password for user 'adminuser': ********
To delete the configured email server
◆ To delete the configured email server, enter the following command withoutany options:
Report> email set
About syslog event loggingReporting of events by writing a message to the system log file is one of the optionsfor administrators to report any significant occurrence in the system or in anapplication.
In SFS, options include specifying the syslog messages for the event reporting,selecting the types of events to report, and selecting the severity of the occurrencesto report.
229Configuring event notificationsAbout syslog event logging
For the syslog messages, options can be selected to report about storage, networks,or all.
For the list of severities to report syslog messages, go to Table 11-2.
Table 11-4 Syslog commands
DefinitionCommands
Displays the list of syslog servers.
See “To display the list of syslog servers” on page 230.
syslog show
Adds a syslog server
See “To add a syslog server” on page 230.
syslog add
Sets the severity for the syslog server.
See “To set the severity of the syslog server” on page 231.
syslog set severity
Sets the syslog server filter.
See “To set the filter of the syslog server” on page 231.
syslog set filter
Displays the values of the configured syslog server.
See “To display the values of the configured syslog server” on page 231.
syslog get filter
Deletes a syslog server.
See “To delete a syslog server” on page 231.
syslog delete
Configuring a syslog serverTo display the list of syslog servers
◆ To display the list of syslog servers, enter the following:
Report> syslog show
To add a syslog server
◆ To add a syslog server, enter the following:
Report> syslog add syslog-server-ipaddr
syslog-server-ipaddr specifies the hostname or the IP address of the externalsyslog server.
Configuring event notificationsAbout syslog event logging
230
To set the severity of the syslog server
◆ To set the severity of the syslog server, enter the following:
Report> syslog set severity value
For example:
Report> syslog set severity warning
value for severity indicates the severity for the syslog server.
See “About severity levels and filters” on page 222.
To set the filter of the syslog server
◆ To set the filter of the syslog server, enter the following:
Report> syslog set filter value
value for filter indicates the filter for the syslog server.
See “About severity levels and filters” on page 222.
To display the values of the configured syslog server
◆ To display the values of the configured syslog server, enter the following:
Report> syslog get filter|severity
To delete a syslog server
◆ To delete a syslog server, enter the following:
Report> syslog delete syslog-server-ipaddr
syslog-server-ipaddr specifies the hostname or the IP address of the syslogserver.
Displaying eventsTo display events
◆ To display events, enter the following:
Report> showevents [number_of_events]
number of events specifies the number of events that you want to display. Ifyou leave number_of_events blank, or if you enter 0, SFS displays all of theevents.
231Configuring event notificationsDisplaying events
About SNMP notificationsSimple Network Management Protocol (SNMP) is a network protocol to simplifythe management of remote network-attached devices such as servers and routers.SNMP is an open standard system management interface. Information from theManagement Information Base (MIB) can also be exported.
SNMP messages enable the reporting of a serious condition to a managementstation. The management station is then responsible for initiating furtherinteractions with the managed node to determine the nature and extent of theproblem.
In SFS, options include specifying the SNMP messages for the event reporting,selecting the types of events to report, and selecting the severity of the occurrencesto report. The SNMP server must be specified during configuration.
See “About severity levels and filters” on page 222.
Table 11-5 SNMP commands
DefinitionCommand
Adds an SNMP management server.
See “To add an SNMP management server” on page 233.
snmp add
Displays the current list of SNMP management servers.
See “To display the current list of SNMP management servers”on page 233.
snmp show
Deletes an already configured SNMP management server.
See “To delete an already configured SNMP server” on page 234.
snmp delete
Sets the severity for SNMP notifications.
See “To set the severity for SNMP notifications” on page 234.
snmp set severity
Sets the filter for SNMP notifications.
See “To set the filter for SNMP notifications” on page 235.
snmp set filter
Displays the values of the configured SNMP notifications.
See “To display the values of the configured SNMP notifications ”on page 235.
snmp getfilter|severity
Configuring event notificationsAbout SNMP notifications
232
Table 11-5 SNMP commands (continued)
DefinitionCommand
Uploads the SNMP Management Information Base (MIB) file to thegiven URL. The URLs support FTP and SCP.
If the url specifies a remote directory, the default filename issfsfs_mib.txt.
See “To export the SNMP MIB file to a given URL” on page 235.
snmp exportmib
Configuring an SNMP management serverTo add an SNMP management server
◆ To add an SNMP management server, enter the following:
Report> snmp add snmp-mgmtserver-ipaddr
snmp-mgmtserver-ipaddr specifies the host name or the IP address of theSNMP management server.
For example, if using the IP address, enter the following:
Report> snmp add 10.10.10.10
OK Completed
For example, if using the host name, enter the following:
Report> snmp add mgmtserv1.symantec.com
OK Completed
To display the current list of SNMP management servers
◆ To display the current list of SNMP management servers, enter the following:
Report> snmp show
Configured SNMP management servers:
10.10.10.10,mgmtserv1.symantec.com
OK Completed
233Configuring event notificationsAbout SNMP notifications
To delete an already configured SNMP server
◆ To delete an already configured SNMP server, enter the following:
Report> snmp delete snmp-mgmtserver-ipaddr
specifies the host name or the IP address of the SNMP management server.
For example:
Report> snmp delete 10.10.10.10
OK Completed
If you input an incorrect value for snmp-mgmtserver-ipaddr you will get anerror message.
For example:
Report> snmp delete mgmtserv22.symantec.com
SFS snmp delete ERROR V-288-26 Cannot delete SNMP management server,
it doesn't exist.
To set the severity for SNMP notifications
◆ To set the severity for SNMP notifications, enter the following:
Report> snmp set severity value
where value for indicates the severity level of the notification.
For example:
Report> snmp set severity warning
OK Completed
See “About severity levels and filters” on page 222.
Notifications are sent for events having the same or higher severity.
Configuring event notificationsAbout SNMP notifications
234
To set the filter for SNMP notifications
◆ To set the filter for SNMP notifications, enter the following:
Report> snmp set filter value
For example:
Report> snmp set filter network
OK Completed
value for filter indicates the filter for the notification.
See “About severity levels and filters” on page 222.
Notifications are sent for events matching the given filter.
To display the values of the configured SNMP notifications
◆ To display the values of the configured SNMP notifications, enter thefollowing:
Report> snmp get filter|severity
For example:
Report> snmp get severity
Severity of the events: warning
OK Completed
Report> snmp get filter
Filter for the events: network
OK Completed
To export the SNMP MIB file to a given URL
◆ To export the SNMP MIB file to a given URL, enter the following:
Report> snmp exportmib url
url specifies the location the SNMP MIB file is exported to.
For example:
Report> snmp exportmib
scp://[email protected]:/tmp/sfsfs_mib.txt
Password: *****
OK Completed
If the url specifies a remote directory, the default filename is sfsfs_mib.txt.
235Configuring event notificationsAbout SNMP notifications
Configuring events for event reportingThe event commands configure the settings for the event reporting.
To set the time interval or the number of duplicate events sent for notifications
◆ To set the time interval or the number of duplicate events sent fornotifications, enter the following:
Report> event set dup-frequency number
For the event set dup-frequency command, number indicates the timeinterval for which only one event of duplicate events is sent for notifications.
For example:
Report> event set dup-frequency 120
OK Completed
For the event set dup-number command, number indicates the number ofduplicate events to ignore during notifications.
Report> event set dup-number number
For example:
Report> event set dup-number 10
OK Completed
Configuring event notificationsConfiguring events for event reporting
236
Todisplay the time interval or the number of duplicate events sent for notifications
◆ To display the time interval, enter the following:
Report> event get dup-frequency
For example:
Report> event get dup-frequency
Duplicate events frequency (in seconds): 120
OK Completed
To set the number of duplicate events sent for notifications, enter thefollowing:
Report> event get dup-number
For example:
Report> event get dup-number
Duplicate number of events: 10
OK Completed
Exporting events in syslog format to a given URLYou can export events in syslog format to a given URL.
You can export audit events in syslog format to a given URL.
Supported URLs for upload include:
■ FTP
■ SCP
To export events in syslog format to a given URL
◆ To export events in syslog format to a given URL, enter the following:
Report> exportevents url
url specifies the location to which the events in syslog format are exportedto.
For example:
scp://[email protected]:/exportevents/event.1.
If the URL specifies a remote directory, the default filename is sfsfs_event.log.
237Configuring event notificationsExporting events in syslog format to a given URL
To export audit events in syslog format to a given URL
◆ To export audit events in syslog format to a given URL, enter the following:
Report> exportevents url [audit]
url specifies the location to which the audit events in syslog format areexported to.
For example:
scp://[email protected]:/exportauditevents/auditevent.1.
If the URL specifies a remote directory, the default filename is sfsfs_audit.log.
Configuring event notificationsExporting events in syslog format to a given URL
238
Configuring backup
This chapter includes the following topics:
■ About backup
■ Configuring backups using NetBackup or other third-party backup applications
■ About NetBackup
■ Adding a NetBackup master server to work with SFS
■ Configuring or changing the virtual IP address used by NetBackup and NDMPdata server installation
■ Configuring the virtual name of NetBackup
■ About Network Data Management Protocol
■ About NDMP supported configurations
■ About the NDMP policies
■ Displaying all NDMP policies
■ About retrieving the NDMP data
■ Restoring the default NDMP policies
■ About backup configurations
About backupThe Backup commands are defined in Table 12-1.
To access the commands, log into the administrative console (for master,system-admin, or storage-admin) and enter Backup>mode. For login instructions,go to About using the SFS command-line interface.
12Chapter
Table 12-1 Backup mode commands
DefinitionCommand
Configures the local NetBackup installation of SFS to use an externalNetBackup master server, Enterprise Media Manager (EMM) server,or media server.
See “About NetBackup” on page 241.
netbackup
Configures the NetBackup and NDMP data server installation on SFSnodes to use ipaddr as its virtual IP address.
See “Configuring or changing the virtual IP address used by NetBackupand NDMP data server installation” on page 244.
virtual-ip
Configures the NetBackup installation on SFS nodes to use name asits hostname.
See “Configuring the virtual name of NetBackup” on page 245.
virtual-name
Transfers data between the data server and the tape server under thecontrol of a client. The Network Data Management Protocol (NDMP)is used for data backup and recovery.
See “About Network Data Management Protocol” on page 246.
ndmp
Displays settings of the configured servers.
See “About backup configurations” on page 259.
show
Displays status of configured servers.
See “About backup configurations” on page 259.
status
Starts the configured servers.
See “About backup configurations” on page 259.
start
Stops the configured servers.
See “About backup configurations” on page 259.
stop
Configuring backups using NetBackup or otherthird-party backup applications
You can backup SFS using the Veritas NetBackup 6.5 client capability, or otherthird-party backup applications that use the standard NFS mount to backup overthe network. The SFS ISO image includes the Netbackup 6.5 SFS client code.
Configuring backupConfiguring backups using NetBackup or other third-party backup applications
240
For information about the Veritas NetBackup 6.5 client capability, refer to theVeritas NetBackup 6.5 product documentation set.
The Backup> netbackup commands configure the local NetBackup installationof SFS to use an external NetBackup master server, Enterprise Media Manager(EMM) server, or media server. When NetBackup is installed on SFS, it acts as aNetBackup client to perform IP-based backups of SFS file systems.
Note:A new public IP address, not an IP address that is currently used, is requiredfor configuring the NetBackup client. Use the Backup> virtual-ip and Backup>
virtual-name commands to configure the NetBackup client.
About NetBackupSFS includes built-in client software for Symantec’s NetBackup data protectionsuite. If NetBackup is the enterprise’s data protection suite of choice, file systemshosted by SFS can be backed up to a NetBackup media server. To configure thebuilt-in NetBackup client, you need the names and IP addresses of the NetBackupmaster and media servers. Backups are scheduled from those servers, usingNetBackup’s administrative console.
Consolidating storage reduces the administrative overhead of backing up andrestoring many separate file systems. With a 256 TB maximum file system size,SFS makes it possible to collapse file storage into fewer administrative units, thusreducing the number of backup interfaces and operations necessary. All criticalfile data can be backed up and restored through the NetBackup client softwareincluded with SFS (separately licensed NetBackup master and media serversrunning on separate computers are required), or through any backup managementsoftware that supports NAS systems as data sources.
241Configuring backupAbout NetBackup
Table 12-2 Netbackup commands
DefinitionCommand
Provides a functioning external NetBackup master server to work withSFS. SFS only includes the NetBackup client code on the SFS nodes.If you want to use NetBackup to back up your SFS file systems, youmust add an external NetBackup master server.
For NetBackup clients to be compliant with the NetBackup End-UserLicense Agreement (EULA), you must have purchased and enteredvalid license keys on the external NetBackup master server prior toconfiguring NetBackup to work with SFS.
For more information on entering NetBackup license keys on theNetBackup master server, refer to the Veritas NetBackup InstallationGuide, Release 6.5.
See “To add an external NetBackup master server ” on page 243.
netbackupmaster-server
Adds an external NetBackup Enterprise Media Manager (EMM) server(which can be the same as the NetBackup master server) to work withSFS.
Note: If you want to use NetBackup to backup SFS file systems, youmust add an external NetBackup EMM server.
See “To add a NetBackup EMM server” on page 243.
netbackupemm-server
Adds an external NetBackup media server (if the NetBackup mediaserver is not co-located with the NetBackup master server).
Note: Adding an external NetBackup media server is optional. If youdo not add one, then SFS uses the NetBackup master server as theNetBackup media server.
See “To add a NetBackup media server” on page 243.
netbackupmedia-server add
Deletes an already configured NetBackup media server.
See “To delete an already configured NetBackup media server”on page 244.
netbackupmedia-serverdelete
Configuring backupAbout NetBackup
242
Adding a NetBackup master server to work with SFSTo add an external NetBackup master server
◆ To add an external NetBackup master server, enter the following:
Backup> netbackup master-server server
where server is the hostname of the NetBackup master server. Make sure thatserver can be resolved through DNS, and its IP address can be resolved backto server through the DNS reverse lookup.
For example:
Backup> netbackup master-server nbumaster.symantecexample.com
Ok Completed
To add a NetBackup EMM server
◆ To add the external NetBackup EMM server, enter the following:
Backup> netbackup emm-server server
where server is the hostname of the NetBackup EMM server. Make sure thatserver can be resolved through DNS, and its IP address can be resolved backto server through the DNS reverse lookup.
For example:
Backup> netbackup emm-server nbumedia.symantecexample.com
OK Completed
To add a NetBackup media server
◆ To add an NetBackup media server, enter the following:
Backup> netbackup media-server add server
where server is the hostname of the NetBackup media server. Make sure thatserver can be resolved through DNS, and its IP address can be resolved backto server through the DNS reverse lookup.
For example:
Backup> netbackup media-server add nbumedia.symantecexample.com
OK Completed
243Configuring backupAdding a NetBackup master server to work with SFS
To delete an already configured NetBackup media server
◆ To delete an already configured NetBackup media server, enter the following:
Backup> netbackup media-server delete server
where server is the hostname of the NetBackup media server you want todelete.
For example:
Backup> netbackup media-server delete nbumedia.symantecexample.com
OK Completed
Configuring or changing the virtual IP address usedby NetBackup and NDMP data server installation
You can configure or change the virtual IP address used by NetBackup and theNDMP data server installation on SFS nodes. This is a highly available virtual IPaddress in the cluster.
For information about the Veritas NetBackup 6.5 client capability, refer to theVeritas NetBackup 6.5 product documentation set.
Note: If you are using NetBackup and the NDMP data server installation on SFSnodes, configure the virtual IP address using the Backup> virtual-ip commandso that it is different from all of the virtual IP addresses, including the consoleserver IP address and the physical IP addresses used to install SFS.
Configuring backupConfiguring or changing the virtual IP address used by NetBackup and NDMP data server installation
244
To configure or change the virtual IP address used by NetBackup and NDMP dataserver installation
◆ To configure or change the virtual IP address used by NetBackup and theNDMP data server installation on SFS nodes, enter the following:
Backup> virtual-ip ipaddr
where ipaddr is the virtual IP address to be used with the NetBackup and theNDMP data server installation on the SFS nodes. Make sure that ipaddr canbe resolved back to the hostname that is configured by using the Backup>
virtual-name command.
For example:
Backup> virtual-ip 10.10.10.10
OK Completed
See “Configuring the virtual name of NetBackup” on page 245.
Configuring the virtual name of NetBackupTo configure or change the NetBackup hostname
◆ To configure the NetBackup installation on SFS nodes to use name as itshostname, enter the following:
Backup> virtual-name name
where name is the hostname to be used by the NetBackup installation on SFSnodes.
Backup> virtual-name nbuclient.symantecexample.com
Make sure that name can be resolved through DNS, and its IP address can beresolved back to name through the DNS reverse lookup. Also, make sure thatname resolves to an IP address configured by using the Backup> virtual-ip
command.
For example:
Backup> virtual-name nbuclient.symantecexample.com
OK Completed
See “Configuring or changing the virtual IP address used by NetBackup andNDMP data server installation” on page 244.
245Configuring backupConfiguring the virtual name of NetBackup
About Network Data Management ProtocolThe Network Data Management Protocol (NDMP) is an open protocol fortransferring data between the data server and the tape server under the controlof a client. NDMP is used for data backup and recovery.
NDMP is based on a client-server architecture. The Data Management Applicationis the client and the data and tape services are the servers. The Data ManagementApplication initiates the backup session. A single control connection from theData Management Application to each of the data and tape services and a dataconnection between the tape and the data services creates a backup session.
Note: The information in this section assumes you have the correct backupinfrastructure in place that will support the NDMP environment.
NDMP provides the following services:
■ Defines a mechanism and protocol for controlling backup, recovery, and othertransfers of data between the data server and the tape server.
■ Separates the network attached Data Management Application, Data Servers,and Tape Servers participating in archival, recovery, or data migrationoperations.
■ Provides low-level control of tape devices and SCSI media changers.
Table 12-3 NDMP terminology
DefinitionTerminology
The host computer system that executes the NDMP server application.Data is backed up from the NDMP host to either a local tape drive orto a backup device on a remote NDMP host.
host
The virtual state machine on the NDMP host that is controlled usingthe NDMP protocol. This term is used independently ofimplementation. There are three types of NDMP services: data service,tape service, and SCSI service.
service
An instance of one or more distinct NDMP services controlled by asingle NDMP control connection. Thus a Data/Tape/SCSI Server is anNDMP server providing data, tape, and SCSI services.
server
The configuration of one client and two NDMP services to perform adata management operation such as a backup or a recovery.
session
Configuring backupAbout Network Data Management Protocol
246
Table 12-3 NDMP terminology (continued)
DefinitionTerminology
The application that controls the NDMP server. Backup and restoreare initiated by the NDMP client. In NDMP version 4, the client is theData Management Application.
client
An application that controls the NDMP session. In NDMP there is amaster-slave relationship. The Data Management Application is thesession master; the NDMP services are the slaves. In NDMP versions1, 2, and 3 the term "NDMP client" is used instead of the DataManagement Application.
Data ManagementApplication
The Backup> ndmp commands configure the default policies that will be usedduring the NDMP backup and restore sessions. In SFS, NDMP supports two setsof commands.
■ setenv commands. The set environment commands let you configure thevariables that make up the NDMP backup policies for your environment.
■ getenv commands. The get environment commands display what you haveset up with the setenv commands or the default values of all of the NDMPenvironment variables.
■ showenv command. The show environment command displays all of the NDMPpolicies.
■ restoredefaultenv command. The restore default environment commandrestores the NDMP policies back to their default values.
About NDMP supported configurationsSFS currently supports the three-way NDMP backup. The data and tape servicesreside on different nodes on a network. The Data Management Application hastwo control connections, one to each of the data and tape services. There is alsoa data connection between the data and the tape services.
Data travels from the disk on an NDMP host to a tape device on another NDMPhost. Backup data is sent over the local network. The tape drives must be inNDMP-type storage units.
247Configuring backupAbout NDMP supported configurations
Figure 12-1 Illustration of three-way NDMP SFS backup
Tape Library
ControlFlow
NFS clients
DataFlow
NBU MediaServer withNDMP
Primary Storage Array
SFSFS – Cluster– NDMP Server
NBU / TSM / EMCLegato withNDMP
ControlFlow
The NDMP commands configure the default policies that are used during theNDMP backup or restore sessions. The Data Management Application (client)initiating the connection for NDMP backup and restore operations to the NDMPdata/tape server can override these default policies by setting the same policyname as environment variable and using any suitable value of that environmentvariable.
The SFS NDMP server supports MD5 and text authentication. The DataManagement Application that initiates the connection to the server uses masterfor the username and for the password for the NDMP backup sessionauthentication. The password can be changed using the Admin> passwd command.
To change the password, Creating Master, System Administrator, and StorageAdministrator users.
Configuring backupAbout NDMP supported configurations
248
About the NDMP policiesThe Backup> ndmp commands configure the default policies which will be usedduring the NDMP backup/restore sessions. The DMA (NDMP client) initiating theconnection for the NDMP backup/restore operation to the SFS NDMP data servercan override these default policies by setting the same policy name as environmentvariable and using any suitable value of that environment variable.
Table 12-4 NDMP set commands
DefinitionCommand
Defines how new data is recorded over old data. There are three optionsavailable to configure this command:
See “To configure the overwrite policy” on page 251.
ndmp setenvoverwrite_policy
Continues the backup and restore session even if an error conditionoccurs.
During a backup or restore session, if a file or directory cannot bebacked up or restored, setting value to yes lets the session continuewith the remaining specified files and directories in the list. A logmessage is sent to the Data Management Application about the error.Refer to the Data Management Application documentation for thelocation of the NDMP logs.
Some conditions, such as an I/O error, will not let the commandcontinue the backup and restore session.
See “To configure the failure resilient policy” on page 251.
ndmp setenvfailure_resilient
Configures the dynamic storage tiering (DST) restore policy.
Note: During the restore session, the DST policy only applies to thefile system, but it does not become effective until you run it throughthe storage tier policy commands.
See “To configure the restore DST policy” on page 252.
ndmp setenvrestore_dst
Configures the NDMP recursive restore policy to restore the contentsof a directory each time you restore.
See “To configure the recursive restore policy” on page 252.
ndmp setenvrecursive_restore
Contains the file system backup information for the backup command.In the SFS NDMP environment, the dumpdates file is/etc/ndmp.dumpdates.
See “To configure the update dumpdates policy” on page 253.
ndmp setenvupdate_dumpdates
249Configuring backupAbout the NDMP policies
Table 12-4 NDMP set commands (continued)
DefinitionCommand
States whether or not you want the file history of the backed up datato be sent to the Data Management Application.
See “To configure the send history policy” on page 253.
ndmp setenvsend_history
Lets you bring back previous versions of the files for review or to beused. A snapshot is a virtual copy of a set of files and directories takenat a particular point in time. The NDMP use snapshot policy enablesthe backup of a point-in-time image of a set of files and directoriesinstead of a continuous changing set of files and directories.
See “To configure the use snapshot policy” on page 253.
ndmp setenvuse_snapshot
Enables the configuration of the NDMP backup method policy. Thispolicy enables an incremental backup.
See “To configure the backup method policy” on page 254.
ndmp setenvbackup_method
Configures the masquerade as EMC policy.
See “To configure the masquerade as EMC policy” on page 254.
ndmp setenvmasquerade_as_emc
Configuring the NDMP policies
Caution: No checks are made when overwriting the directory with the file or viceversa. The destination path being overwritten is removed recursively.
Configuring backupAbout the NDMP policies
250
To configure the overwrite policy
◆ To configure the overwrite policy, enter the following:
Backup> ndmp setenv overwrite_policy value
where the variables for value are listed in the following table.
Checks if the file or directory to be restored already exists. If itdoes, the command responds with an error message. A logmessage is returned to the Data Management Application. Referto the Data Management Application documentation for thelocation of the NDMP log messages. The file or directory is notoverwritten.
no_overwrite
Checks if the file or directory already exists. If it does, it isrenamed with the suffix.#ndmp_old and a new file or directoryis created.
rename_old(default)
If the file or directory already exists, it will be overwritten. It isrecommended that while doing a restore from incrementalbackups, the value is set to overwrite_always.
No checks are made when overwriting a directory with files. Thedestination path being overwritten is removed recursively.
overwrite_always
For example:
Backup> ndmp setenv overwrite_policy rename_old
Ok Completed
To configure the failure resilient policy
◆ To configure the failure resilient policy, enter the following:
Backup> ndmp setenv failure_resilient value
where the variables for value are yes or no.
The backup and restore session continues even if an errorcondition is encountered. However some conditions, such as theI/O error, will cause the backup and restore session to stop.
yes (default)
The backup and restore session terminates immediately when itencounters any error condition.
no
251Configuring backupAbout the NDMP policies
To configure the restore DST policy
◆ To configure the restore DST policy, enter the following:
Backup> ndmp setenv restore_dst value
where the variables for value are yes or no.
During the backup session, if the specified directory set up forbackup is a directory in the file system mount point, then theDST policy will be backed up. During the restore session, if theDST policy exists in the backup stream, the DST policy that wasbacked up will be applied to the restore destination path if thatpath is a mount point (full file system restore). The DST policywill not be restored if the secondary tier does not exist on thedestination path. If the DST policy could not be restored, a logmessage is returned to the Data Management Application (referto the Data Management Application documentation for thelocation of the NDMP logs).
During the restore, the DST policy will only be applied to the filesystem, but it will not be effective until you run it through theStorage> tier policy commands.
yes (default)
The DST policy is not applied even if all of the other conditionsare met.
no
To configure the recursive restore policy
◆ To configure the recursive restore policy, enter the following:
Backup> ndmp setenv recursive_restore value
where the variables for value are yes or no.
If the name list (names of the files and directories to be restoredfrom the backup) specifies a directory, the contents of thatdirectory will be restored recursively.
yes (default)
Restores the directory, but not the contents of the directory.no
Configuring backupAbout the NDMP policies
252
To configure the update dumpdates policy
◆ To configure the update dumpdates policy, enter the following:
Backup> ndmp setenv update_dumpdates value
where the variables for value are yes or no.
Updates the dumpdates files by the SFS NDMP data server withthe details of the current backup which includes the time at whichthe backup was taken, the directory that was backed up, and thelevel of the backup. This information can be later used for thenext backup session for the incremental and differential backups.
yes (default)
The dumpdates files will not be updated.no
To configure the send history policy
◆ To configure the send history policy, enter the following:
Backup> ndmp setenv send_history value
where the variables for value are yes or no.
Sends the history of the backed up data to the Data ManagementApplication. The history includes information for every file anddirectory that was backed up, such as name, stat, positioningdata (used for DAR restore), and inode information.
yes (default)
The file history information will not be sent to the DataManagement Application.
no
To configure the use snapshot policy
◆ To configure the use snapshot policy, enter the following:
Backup> ndmp setenv use_snapshot value
where the variables for value are yes or no.
The backup session will first take the snapshot of the file systemwhich is being backed up. The snapshot will also be taken if anydirectory of the file system is being backed up. The snapshottaken uses the same storage space as that of the main file system.
yes (default)
The backup session takes the backup of only the live file system.no
253Configuring backupAbout the NDMP policies
To configure the backup method policy
◆ To configure the backup method policy, enter the following:
Backup> ndmp setenv backup_method value
where the variables for value are fcl or mtime.
File Change Log. FCL can be used to directly get the list ofmodified files in the file system and they can then be backed up.However, since FCL is finite in size, it is possible that not all ofthe changes could be recorded in the FCL. In that case, use themtime backup method.
FCL (default)
Time of last modification. By checking the mtimes of the files inthe file system, the time of last backup can be stored reliablysomewhere in the file system, and the time can be used to findall of the modified files since last backup. The location where the'time of last backup' is stored is /etc/ndmp.dumpdates. Thefilename is mentioned when you configure theupdate_dumpdates command.
mtime
For example:
Backup> ndmp setenv backup_method mtime
OK Completed
To configure the masquerade as EMC policy
◆ To configure the masquerade as the EMC policy, enter the following:
Backup> ndmp setenv masquerade_as_emc value
where the variables for value are yes or no.
The SFS NDMP server masquerades as an EMC-compatible devicefor certain NDMP backup applications.
yes
The SFS NDMP server does not masquerade as anEMC-compatible device.
no (default)
For example:
Backup> ndmp setenv masquerade_as_emc yes
OK Completed
Backup>
Configuring backupAbout the NDMP policies
254
Displaying all NDMP policiesTo display all of the NDMP policies
◆ To display the NDMP policies, enter the following:
Backup> ndmp showenv
For example:
Backup> ndmp showenv
Overwrite policy: Rename old
Failure Resilient: yes
Restore DST policies: yes
Recursive restore: yes
Update dumpdates: yes
Send history: yes
Use snapshot: yes
Backup method: fcl
Masquerade as EMC: yes
OK Completed
About retrieving the NDMP dataTable 12-5 NDMP get commands
DefinitionCommand
Defines how new data is recorded over old data. To retrieve the settingsfor the policy that you set up, use the ndmp getenv
overwrite_policy command.
See “To retrieve the overwrite backup data” on page 257.
ndmp getenvoverwrite_policy
Enables the continuation of the backup and restore session even if anerror condition occurs because a file or directory cannot be backed upor restored. To retrieve the settings for the policy that you set up, usethe ndmp getenv failure_resilient command.
See “To retrieve the failure resilient backup data” on page 257.
ndmp getenvfailure_resilient
Configures the dynamic storage tiering (DST) restore policy. Toretrieve the settings for the policy that you set up, use the ndmpgetenv restore_dst command.
See “To retrieve the restore DST data” on page 257.
ndmp getenvrestore_dst
255Configuring backupDisplaying all NDMP policies
Table 12-5 NDMP get commands (continued)
DefinitionCommand
Enables the configuration of the restore session to restore the contentsof a directory. To retrieve the settings for the policy that you set up,use the ndmp getenv recursive_restore command.
See “To retrieve the recursive restore data” on page 257.
ndmp getenvrecursive_restore
Enables the configuration of the dumpdates file. To retrieve thesettings for the policy that you set up, use the ndmp getenv
update_dumpdates command.
See “To retrieve the update dumpdates data” on page 258.
ndmp getenvupdate_dumpdates
States whether or not you want the file history of the backed up datato be sent to the Data Management Application. To retrieve the settingsfor the policy that you set up, use the ndmp getenv send_history
command.
See “To retrieve the send history data” on page 258.
ndmp getenvsend_history
Enables how much of the files and directories you want to copy duringthe back up session. To retrieve the settings for the policy that youset up, use the ndmp getenv use_snapshot command.
See “To retrieve the NDMP use snapshot data” on page 258.
ndmp getenvuse_snapshot
Enables the configuration of the method to back up the file system.To retrieve the settings for the policy that you set up, use the ndmpgetenv backup_method command.
See “To retrieve the NDMP backup method” on page 258.
ndmp getenvbackup_method
Configures the NDMP server to masquerade as an EMC-compatibledevice for certain NDMP backup applications.
See “To retrieve the masquerade as EMC policy” on page 259.
ndmp getenvmasquerade_as_emc
Configuring backupAbout retrieving the NDMP data
256
Retrieving the NDMP dataTo retrieve the overwrite backup data
◆ To retrieve the overwrite backup data, enter the following:
Backup> ndmp getenv overwrite_policy
For example:
Backup> ndmp getenv overwrite_policy
Overwrite policy: Rename old
OK Completed
To retrieve the failure resilient backup data
◆ To retrieve the failure resilient data, enter the following:
Backup> ndmp getenv failure_resilient
For example:
Backup> ndmp getenv failure_resilient
Failure Resilient: yes
OK Completed
To retrieve the restore DST data
◆ To retrieve the restore DST data, enter the following:
Backup> ndmp getenv restore_dst
For example:
Backup> ndmp getenv restore_dst
Restore DST policies: no
OK Completed
To retrieve the recursive restore data
◆ To retrieve the recursive restore data, enter the following:
Backup> ndmp getenv recursive_restore
For example:
Backup> ndmp getenv recursive_restore
Recursive restore: yes
OK Completed
257Configuring backupAbout retrieving the NDMP data
To retrieve the update dumpdates data
◆ To retrieve the update dumpdates data, enter the following:
Backup> ndmp getenv update_dumpdates
For example:
Backup> ndmp getenv update_dumpdates
Update dumpdates: yes
OK Completed
To retrieve the send history data
◆ To retrieve the send history data, enter the following:
Backup> ndmp getenv send_history
For example:
Backup> ndmp getenv send_history
Send history: no
OK Completed
To retrieve the NDMP use snapshot data
◆ To retrieve the send history data, enter the following:
Backup> ndmp getenv use_snapshot
For example:
Backup> ndmp getenv use_snapshot
Use snapshot: yes
OK Completed
To retrieve the NDMP backup method
◆ To retrieve the configured backup method policy, enter the following:
Backup> ndmp getenv backup_method
For example:
Backup> ndmp getenv backup_method
Backup Method: fcl
OK Completed
Configuring backupAbout retrieving the NDMP data
258
To retrieve the masquerade as EMC policy
◆ To retrieve the configured masquerade as EMC policy, enter the following:
Backup> ndmp getenv masquerade_as_emc
For example:
Backup> ndmp getenv masquerade_as_emc
Masquerade as EMC: yes
OK Completed
Backup>
Restoring the default NDMP policiesTo restore the NDMP policies to default values
◆ To restore the NDMP policies to default values, enter the following:
Backup> ndmp restoredefaultenv
About backup configurationsTable 12-6 Backup configuration commands
DefinitionCommand
Displays the NetBackup configured settings. If the settings wereconfigured while backup and restore services were running, then theymay not be currently in use by the SFS nodes. To display all of theconfigured settings, first run thestop command, then run thestartcommand.
See “To display NetBackup configurations” on page 260.
show
Displays if the NetBackup and the NDMP data server has started orstopped on the SFS nodes. If the NetBackup and the NDMP data serverhas currently started and is running, thenBackup> status displaysany on-going backup or restore jobs.
See “Configuring the virtual name of NetBackup” on page 245.
See “To display the status of backup services” on page 261.
status
259Configuring backupRestoring the default NDMP policies
Table 12-6 Backup configuration commands (continued)
DefinitionCommand
Starts processes that handle backup and restore. You can also changethe status of a virtual IP address to online after it has been configuredusing the Backup> virtual-ip command. This applies to anycurrently active node in the cluster that handles backup and restorejobs.
TheBackup> start command does nothing if the backup and restoreprocesses are already running.
See “To start backup services” on page 262.
start
Enables the processes that handle backup and restore. You can alsochange the status of a virtual IP address to offline after it has beenconfigured using the Backup> virtual-ip command.
TheBackup> stop command does nothing if backup jobs are runningthat involve SFS file systems.
See “To stop backup services” on page 262.
stop
Configuring backupTo display NetBackup configurations
◆ To display NetBackup configurations, enter the following:
Backup> show
For example:
Backup> show
Virtual name: nbuclient.symantec.com
Virtual IP: 10.10.10.10
NetBackup Master Server: nbumaster.symantec.com
NetBackup EMM Server: nbumaster.symantec.com
NetBackup Media Server(s): not configured
Ok Completed
Configuring backupAbout backup configurations
260
To display the status of backup services
◆ To display the status of backup services, enter the following:
Backup> status
An example of the status command when no backup services are running:
Backup> status
Virtual IP state : up
NDMP server state : running
NetBackup client state : running
No backup/restore jobs running.
OK Completed
An example of the status command when backup services are running withfile systems on the SFS nodes:
Backup> status
Virtual IP state : up
NDMP server state : running
NetBackup client state : running
Following filesystems are currently busy in
backup/restore jobs by NDMP: myfs1
OK Completed
An example of the status command when the backup jobs that are runninginvolve file systems using the NetBackup client.
Backup> status
Virtual IP state : up
NDMP server state : running
NetBackup client state : running
Some filesystems are busy in backup/restore jobs by NetBackup Client
OK Completed
261Configuring backupAbout backup configurations
To start backup services
◆ To start backup processes, enter the following:
Backup> start
For example:
Backup> start
OK Completed
To stop backup services
◆ To stop backup services, enter the following:
Backup> stop
For example:
Backup> stop
SFS backup ERROR V-288-0 Cannot stop, some backup jobs are running.
Configuring backupAbout backup configurations
262
Configuring SFS DynamicStorage Tiering
This chapter includes the following topics:
■ About SFS Dynamic Storage Tiering (DST)
■ How SFS uses Dynamic Storage Tiering
■ About policies
■ About adding tiers to file systems
■ Removing a tier from a file system
■ About configuring a mirror on the tier of a file system
■ Listing all of the files on the specified tier
■ Displaying a list of DST file systems
■ Displaying the tier location of a specified file
■ About configuring the policy of each tiered file system
■ Relocating a file or directory of a tiered file system
■ About configuring schedules for all tiered file systems
■ Displaying files that will be moved by running a policy
About SFS Dynamic Storage Tiering (DST)The SFS Dynamic Storage Tiering (DST) feature makes it possible to allocate twotiers of storage to a file system.
13Chapter
The following features are part of the SFS Dynamic Storage Tiering Solution:
■ Relocate files between primary and secondary tiers automatically as files ageand become less business critical.
■ Promote files from a secondary storage tier to a primary storage tier based onI/O temperature.
■ Retain original file access paths to eliminate operational disruption, forapplications, backup procedures, and other custom scripts.
■ Allow you to manually move folders/files and other data between storage tiers.
■ Enforce policies that automatically scan the file system and relocate files thatmatch the appropriate tiering policy.
In SFS, there are two predefined tiers for storage:
■ Current active tier 1 (primary) storage.
■ Tier 2 (secondary) storage for aged or older data.
To configure SFS DST, add tier 2 (secondary) storage to the configuration. Specifywhere the archival storage will reside (storage pool) and the total size.
Files can be moved from the active storage after they have aged for a specifiednumber of days, depending on the policy selected. The number of days for filesto age (not accessed) before relocation can be changed at any time.
Note: An aged file is a file that exists without being accessed.
Figure 13-1 depicts the features of SFS and how it maintains applicationtransparency.
Configuring SFS Dynamic Storage TieringAbout SFS Dynamic Storage Tiering (DST)
264
Figure 13-1 Dynamic Storage Tiering
/one-file-system
/sales /sales/financial /sales/development
/current /forecast /current /forecast/current /forecast/2007 /2008 /current /forecast/current /forecast/new /history
storage
Primary Tier Secondary Tier
mirrored
RAID5
If you are familiar with Veritas Volume Manager (VxVM), every SFS file systemis a multi-volume file system (one file system resides on two volumes). The DSTtiers are predefined to simplify the interface. When an administrator wants toadd storage tiering, a second volume is added to the volume set, and the existingfile system is encapsulated around all of the volumes in the file system.
This chapter discusses the SFS storage commands. You use these commands toconfigure tiers on your file systems. The Storage commands are defined inTable 13-1.
You log into the administrative console (for master, system-admin, orstorage-admin) and enter Storage> mode to access the commands. For logininstructions, go to About using the SFS command-line interface.
265Configuring SFS Dynamic Storage TieringAbout SFS Dynamic Storage Tiering (DST)
Table 13-1 Storage mode commands
DefinitionCommand
Adds different types of storage tier to the file system.
See “About adding tiers to file systems” on page 268.
tier add
Removes a tier from a file system.
See “Removing a tier from a file system” on page 270.
tier remove
Adds a mirror to a tier of a file system.
See “About configuring a mirror on the tier of a file system”on page 271.
tier addmirror
Removes a mirror from a tier of a file system.
See “About configuring a mirror on the tier of a file system”on page 271.
tier rmmirror
Lists all of the files on the specified tier.
See “Listing all of the files on the specified tier” on page 273.
tier listfiles
Displays the tier location of a specified file.
See “Displaying the tier location of a specified file” on page 274.
tier mapfile
Configures the policy of each tiered file system.
See “About configuring the policy of each tiered file system”on page 274.
tier policy
Relocates a file or directory.
See “Relocating a file or directory of a tiered file system” on page 277.
tier relocate
Creates schedules for all tiered file systems.
See “About configuring schedules for all tiered file systems”on page 277.
tier schedule
Displays a list of files that will be moved by running a policy.
See “Displaying files that will be moved by running a policy”on page 280.
tier query
How SFS uses Dynamic Storage TieringSFS provides two types of tier:
■ Primary tier
Configuring SFS Dynamic Storage TieringHow SFS uses Dynamic Storage Tiering
266
■ Secondary Tier
Each newly created file system has only one primary tier initially. This tier cannotbe removed.
For example, the following operations are applied to the primary tier:
Storage> fs addmirror
Storage> fs growto
Storage> fs shrinkto
The Storage> tier commands manage file system DST tiers.
AllStorage> tier commands take a file system name as an argument and performoperations on the combined construct of that file system.
The SFS file system default is to have a single storage tier. An additional storagetier can be added to enable storage tiering. A file system can only support amaximum of two storage tiers.
Storage> tier commands can be used to perform the following:
■ Adding/removing/modifying the secondary tier
■ Setting policies
■ Scheduling policies
■ Locating tier locations of files
■ Listing files that are located on the primary or secondary tier
■ Moving files from the secondary tier to the primary tier
About policiesEach tier can be assigned a policy.
The policies include:
■ Specify on which tier (primary or secondary) the new files get created.
■ Relocate files from the primary tier to the secondary tier based on any numberof days of inactivity of a file.
■ Relocate files from the secondary tier to the primary tier based on the AccessTemperature of the file.
267Configuring SFS Dynamic Storage TieringAbout policies
About adding tiers to file systemsYou can add different types of tiers to file systems.
Table 13-2 Tier add commands
DefinitionCommand
Adds a second tier to a file system. The storage type of the second tieris independent of the protection level of the first tier.
See “To add a second tier to a file system” on page 268.
tier add simple
Adds a mirrored second tier to a file system.
See “To add a mirrored tier to a file system” on page 268.
tier add mirrored
Adds a striped second tier to a file system.
See “To add a striped tier to a file system” on page 269.
tier add striped
Adds a mirrored-striped second tier to a file system.
See “To add a mirrored-striped tier to a file system” on page 269.
tier addmirrored-stripe
Adds a striped-mirror second tier to a file system.
See “To add a striped-mirror tier to a file system” on page 269.
tier addstriped-mirror
Adding tiers to a file systemTo add a second tier to a file system
◆ To add a tier to a file system where the volume layout is "simple"(concatenated), enter the following:
Storage> tier add simple fs_name size pool1[,disk1,...]
For definitions of the command variables, go to Table 13-3.
To add a mirrored tier to a file system
◆ To add a mirrored tier to a file system, enter the following:
Storage> tier add mirrored fs_name size nmirrors
pool1[,disk1,...] [protection=disk|pool]
For definitions of the command variables, go to Table 13-3.
For example:
Storage> tier add mirrored fs1 100M 2 pool3,pool4
100% [#] Creating mirrored secondary tier of filesystem
Configuring SFS Dynamic Storage TieringAbout adding tiers to file systems
268
To add a striped tier to a file system
◆ To add a striped tier to a file system, enter the following:
Storage> tier add striped fs_name size ncolumns
pool1[,disk1,...] [stripeunit=kilobytes]
For definitions of the command variables, go to Table 13-3.
To add a mirrored-striped tier to a file system
◆ To add a mirrored-striped tier to a file system, enter the following:
Storage> tier add mirrored-stripe fs_name size nmirrors ncolumns
pool1[,disk1,...] [protection=disk|pool] [stripeunit=kilobytes]
For definitions of the command variables, go to Table 13-3.
To add a striped-mirror tier to a file system
◆ To add a striped-mirror tier to a file system, enter the following:
Storage> tier add striped-mirror fs_name size nmirrors ncolumns
pool1[,disk1,...] [protection=disk|pool] [stripeunit=kilobytes]
For definitions of the command variables, go to Table 13-3.
Table 13-3 Definitions of tier add command variables
DefinitionCommandvariable
Specifies the name of the file system to which the mirrored tier willbe added. If the specified file system does not exist, an error messageis displayed.
fs_name
Specifies the size of the tier to be added to the file system, for example,10m, 10M, 25g, 100G.
size
Specifies the numbers of columns to add to the striped tiered filesystem.
ncolumns
Specifies the number of mirrors to be added to the tier for the specifiedfile system.
nmirrors
Specifies the pool(s) or disk(s) that will be used for the specified tieredfile system. If the specified pool or disk does not exist, an error messageis displayed. You can specify more than one pool or disk by separatingthe pool or disk name with a comma, but do not include a spacebetween the comma and the name.
The disk needs to be part of the pool or an error message is displayed.
pool1[,disk1,...]
269Configuring SFS Dynamic Storage TieringAbout adding tiers to file systems
Table 13-3 Definitions of tier add command variables (continued)
DefinitionCommandvariable
If no protection level is specified, disk is the default protection level.
The protection level of the second tier is independent of the protectionlevel of the first tier.
Available options are:
■ disk - If disk is entered for the protection field, then mirrors willbe created on separate disks. The disks may or may not be in thesame pool.
■ pool - If pool is entered for the protection field, then mirrors willbe created in separate pools. If not enough space is available, thenthe file system will not be created.
protection
Specifies a stripe width of either 128K, 256k, 512K, 1M, or 2M. Thedefault stripe width is 512K.
stripeunit=kilobytes
Removing a tier from a file systemThe Storage> tier remove command removes a tier from the file system andreleases the storage used by the file system back to the storage pool. This commandrequires that the file system be online, and that no data resides on the secondarytier.
If the storage tier to be removed contains any data residing on it, then the tiercannot be removed from the file system.
To remove a tier from a file system
◆ To remove a tier from a file system, enter the following:
Storage> tier remove fs_name
where fs_name specifies the name of the tiered file system that you want toremove.
For example:
Storage> tier remove fs1
Storage>
Configuring SFS Dynamic Storage TieringRemoving a tier from a file system
270
About configuring amirror on the tier of a file systemThese commands add or remove mirrors to the tier of the file system.
Table 13-4 Tier mirror commands
DefinitionCommand
Adds a mirror to a tier of a file system.
See “To add a mirror to a tier of a file system” on page 271.
tier addmirror
Removes a mirror from a tier of a file system.
Note: For a striped-mirror file system, if any of the disks are bad, thiscommand disables the mirrors from the tiered file system for whichthe disks have failed. If no disks have failed, SFS chooses a mirror toremove from the tiered file system.
See “To remove a mirror from a tier of a file system” on page 272.
tier rmmirror
Configuring a mirror to a tier of a file systemTo add a mirror to a tier of a file system
◆ To add a mirror to a tier of a file system, enter the following:
Storage> tier addmirror fs_name pool1[,disk1,...]
[protection=disk|pool]
Specifies the file system to which the a mirror will be added. Ifthe specified file system does not exist, an error message isdisplayed.
fs_name
Specifies the pool(s) or disk(s) that will be used as a mirror forthe specified tiered file system. You can specify more than onepool or disk by separating the name with a comma. But do notinclude a space between the comma and the name.
The disk needs to be part of the pool or an error message isdisplayed.
pool1[,disk1,...]
271Configuring SFS Dynamic Storage TieringAbout configuring a mirror on the tier of a file system
If no protection level is specified, disk is the default protectionlevel.
Available options are:
■ disk - If disk is entered for the protection field, then mirrorswill be created on separate disks. The disks may or may notbe in the same pool.
■ pool - Ifpool is entered for the protection field, then mirrorswill be created in separate pools. If not enough space isavailable, then the file system will not be created.
protection
For example:
Storage> tier addmirror fs1 pool5
100% [#] Adding mirror to secondary tier of filesystem
To remove a mirror from a tier of a file system
◆ To remove a mirror from a tier of a file system, enter the following:
Storage> tier rmmirror fs_name
where fs_name specifies the name of the tiered file system from which youwant to remove a mirror.
For example:
Storage> tier rmmirror fs1
Storage>
This command provides another level of detail for the remove mirror operation.You can use the command to specify which mirror you want to remove byspecifying the pool name or disk name.
Note: The disk must be part of a specified pool.
Configuring SFS Dynamic Storage TieringAbout configuring a mirror on the tier of a file system
272
To remove a mirror from a tier spanning a specified pool or disk
◆ To remove a mirror from a tier that spans a specified pool or disk, enter thefollowing:
Storage> tier rmmirror fs_name [pool_or_disk_name]
Specifies the name of the file system from which to remove amirror. If the specified file system does not exist, an errormessage is displayed.
fs_name
Specifies the pool or disk from which the mirror of the tiered filesystem spans.
pool_or disk_name
The syntax for the Storage> tier rmmirror command is the same for bothpool and disk. If you try to remove a mirror using Storage> fs rmmirror
fs1 abc, SFS first checks for the pool with the name abc, then SFS removesthe mirror spanning on that pool. If there is no pool with the name abc, thenSFS removes the mirror that is on the abc disk. If there is no disk with thename abc, then an error message is displayed.
Listing all of the files on the specified tierYou can list all of the files that reside on either the primary tier or the secondarytier.
Note: If the tier contains a large number of files, it may take some time before theoutput of this command is displayed.
To list all of the files on the specified tier
◆ To list all of the files on the specified tier, enter the following:
Storage> tier listfiles fs_name {primary|secondary}
where fs_name indicates the name of the tiered file system from which youwant to list the files. You can specify to list files from either the primary orsecondary tier.
For example:
Storage> tier listfiles fs1 secondary
Storage>
273Configuring SFS Dynamic Storage TieringListing all of the files on the specified tier
Displaying a list of DST file systemsYou can display a list of DST file systems using the Storage> fs list command.
See “Listing all file systems and associated information” on page 120.
Displaying the tier location of a specified fileTo display the tier location of a specified file
◆ To display the tier location of a specified file, enter the following:
Storage> tier mapfile fs_name file_path
Specifies the name of the file system for which the specified fileon the tiered file system resides. If the specified file system doesnot exist, an error message is displayed.
fs_name
Specifies the tier location of the specified file. The path of thefile is relative to the file system.
file_path
For example, to show the location of a.txt, which is in the root directory ofthe fs1 file system, enter the following:
tier mapfile fs1 /a.txt
Tier Extent Type File Offset Extent Size
==== =========== =========== ===========
Primary Data 0 Bytes 1.00 KB
About configuring the policy of each tiered file systemYou can configure the policy of each tiered file system.
Table 13-5 Tier policy commands
DefinitionCommand
Displays the policy for each tiered file system. You can have one policyfor each tiered file system.
See “To display the policy of each tiered file system” on page 275.
tier policy list
Modifies the policy of a tiered file system.
See “To modify the policy of a tiered file system” on page 276.
tier policy modify
Configuring SFS Dynamic Storage TieringDisplaying a list of DST file systems
274
Table 13-5 Tier policy commands (continued)
DefinitionCommand
Runs the policy of a tiered file system.
See “To run the policy of a tiered file system” on page 276.
tier policy run
Removes the policy of a tiered file system.
See “To remove the policy of a tiered file system” on page 277.
tier policy remove
Configuring the policy of each tiered file systemTo display the policy of each tiered file system
◆ To display the policy of each tiered file system, enter the following:
Storage> tier policy list
For example:
Storage> tier policy list
FS Create on Days MinAccess Temp PERIOD
== ========= ==== ============== ======
fs1 primary 2 3 4
Each tier can be assigned a policy. A policy assigned to a file system has threeparts:
Specifies on which tier the new files are created.file creation
Indicates when a file has to be moved from the primary tier to thesecondary tier. For example, if the days option of the tier is set to 10,and if a file has not been accessed for more than 10 days, then it ismoved from the primary tier of the file system to the secondary tier.
inactive files
Measures the number of I/O requests to the file during the perioddesignated by the period. In other words, it is the number of read orwrite requests made to a file over a specified number of 24-hourperiods divided by the number of periods. If the access temperatureof a file exceeds minacctemp (where the access temperature iscalculated over a period of time previously specified) then this file ismoved from the secondary tier to the primary tier.
accesstemperature
275Configuring SFS Dynamic Storage TieringAbout configuring the policy of each tiered file system
To modify the policy of a tiered file system
◆ To modify the policy of a tiered file system, enter the following:
Storage> tier policy modify fs_name {primary|secondary} days
minacctemp period
The name of the tiered file system from which you want to modifya policy.
fs_name
Causes new files to be created on the primary or secondary tier.You need to input either primary or secondary.
tier
Number of days from which the inactive files move from theprimary to the secondary tier.
days
The minimum access temperature value for moving files fromthe secondary to the primary tier.
minacctemp
The number of past days used for calculating the accesstemperature.
period
For example:
Storage> tier policy modify fs1 primary 6 5 3
SFS fs SUCCESS V-288-0 Successfully modifies
tiering policy for File system fs1
To run the policy of a tiered file system
◆ To run the policy of a tiered file system, enter the following:
Storage> tier policy run fs_name
where fs_name indicates the name of the tiered file system for which youwant to run a policy.
For example:
Storage> tier policy fs1
SFS fs SUCCESS V-288-0 Successfully ran
tiering policy for File system fs1
Configuring SFS Dynamic Storage TieringAbout configuring the policy of each tiered file system
276
To remove the policy of a tiered file system
◆ To remove the policy of a tiered file system, enter the following:
Storage> tier policy remove fs_name
where fs_name indicates the name of the tiered file system from which youwant to remove a policy.
For example:
Storage> tier policy remove fs1
SFS fs SUCCESS V-288-0 Successfully removed
tiering policy for File system fs1
You can run the policy of a tiered file system, which would be similar to schedulinga job to run your policies, except in this case running the policy is initiatedmanually. The Storage> tier policy run command moves the older files fromthe primary tier to the secondary tier according to the policy setting.
Relocating a file or directory of a tiered file systemTo relocate a file or directory
◆ To relocate a file or directory, enter the following:
Storage> tier relocate fs_name dirPath
The name of the tiered file system from which you want torelocate a file or directory. The relocation of the file or directoryis done from the secondary tier to the primary tier.
fs_name
Enter the relative path of the directory (dirPath) you want torelocate. Or enter the relative path of the file (FilePath) that youwant to relocate.
dirPath
About configuring schedules for all tiered file systemsThetier schedule commands display, modify, and remove the tiered file systems.
277Configuring SFS Dynamic Storage TieringRelocating a file or directory of a tiered file system
Table 13-6 Tier schedule commands
DefinitionCommand
Modifies the schedule of a tiered file system.
See “To modify the schedule of a tiered file system” on page 279.
tier schedulemodify
Displays the schedules for all tiered file systems.
You can have one schedule for each tiered file system.
You cannot create a schedule for a non-existent or a non-tiered filesystem.
See “To display schedules for all tiered file systems” on page 280.
tier schedule list
Removes the schedule of a tiered file system.
See “To remove the schedule of a tiered file system” on page 280.
tier scheduleremove
Configuring SFS Dynamic Storage TieringAbout configuring schedules for all tiered file systems
278
Configuring schedules for all tiered file systemsTo modify the schedule of a tiered file system
◆ To modify the schedule of a tiered file system, enter the following:
Storage> tier schedule modify fs_name minute hour
day_of_the_month month day_of_the_week
For example, enter the following:
Storage> tier schedule modify fs1 1 1 1 * * *
SFS fs SUCCESS V-288-0 Command 'tier schedule modify'
executed successfully for fs1
Specifies the file system where the schedule of the tieredfile system resides. If the specified file system does not exist,an error message is displayed.
fs_name
This parameter may contain either an asterisk, (*), whichimplies "every minute," or a numeric value between 0-59.
You can enter */(0-59), a range such as 23-43, or just the *.
minute
This parameter may contain either an asterisk, (*), whichimplies "run every hour," or a number value between 0-23.
You can enter */(0-23), a range such as 12-21, or just the *.
hour
This parameter may contain either an asterisk, (*), whichimplies "run every day of the month," or a number valuebetween 1-31.
You can enter */(1-31), a range such ass 3-22, or just the *.
day_of_the_month
This parameter may contain either an asterisk, (*), whichimplies "run every month," or a number value between 1-12.
You can enter */(1-12), a range such as 1-5, or just the *. Youcan also enter the first three letters of any month (must uselowercase letters).
month
This parameter may contain either an asterisk (*), whichimplies "run every day of the week," or a numeric valuebetween 0-6. Crontab interprets 0 as Sunday. You can alsoenter the first three letters of the week (must use lowercaseletters).
day_of_the_week
279Configuring SFS Dynamic Storage TieringAbout configuring schedules for all tiered file systems
To display schedules for all tiered file systems
◆ To display schedules for all tiered file systems, enter the following:
Storage> tier schedule list [fs_name]
where fs_name indicates the name of the tiered file system for which youwant to run a policy.
For example:
Storage> tier schedule list
FS Minute Hour Day Month WeekDay
=== ====== ==== === ===== =======
fs1 1 1 1 * *
To remove the schedule of a tiered file system
◆ To remove the schedule of a tiered file system, enter the following:
Storage> tier schedule remove fs_name
where fs_name is the name of the tiered file system from which you want toremove a schedule.
For example:
Storage> tier schedule remove fs1
SFS fs SUCCESS V-288-0 Command tier schedule remove
executed successfully for fs1
Displaying files thatwill bemoved by running a policyYou can display the list of files that will be moved by running a policy. This is veryuseful as a "what if" type of analysis. The command does not physically move anyfile blocks.
Configuring SFS Dynamic Storage TieringDisplaying files that will be moved by running a policy
280
To display a list of files that will be moved by running a policy
◆ To display a list of files that will be moved by running a policy, enter thefollowing:
Storage> tier query fs_name
where fs_name is the name of the tiered file system for which you want todisplay a list of files that will be moved by running a policy.
For example:
Storage> tier query fs1
/a.txt
/b.txt
/c.txt
/d.txt
281Configuring SFS Dynamic Storage TieringDisplaying files that will be moved by running a policy
Configuring SFS Dynamic Storage TieringDisplaying files that will be moved by running a policy
282
Configuring systeminformation
This chapter includes the following topics:
■ About system commands
■ About setting the clock commands
■ About configuring the locally saved configuration files
■ Using the more command
■ About coordinating cluster nodes to work with NTP servers
■ Displaying the system statistics
■ Using the swap command
■ About the option commands
About system commandsThe system commands set or show the date and time of the system, and start,stop, or check the status of the NTP server. The system command class also allowsyou to display cluster-wide performance statistics, swap network interfaces, andenable or disable the more filter on output of the administrative console. It alsocontains option command display and configure the tunable parameters. Thesystem commands are listed in Table 14-1.
To access the commands, log into the administrative console (for master,system-admin, or storage-admin) and enter the System> mode. For logininstructions, go to About using the SFS command-line interface.
14Chapter
Table 14-1 System mode commands
DefinitionCommand
Sets or shows the date and time of the system, including setting timezones and displaying the list of regions.
See “About setting the clock commands” on page 284.
clock
Imports or exports the SFS configuration settings.
See “About configuring the locally saved configuration files”on page 288.
config
Enables, disables, or checks the status of the more filter.
See “Using the more command” on page 292.
more
Sets the Network Time Protocol (NTP) server on all of the nodes inthe cluster.
See “About coordinating cluster nodes to work with NTP servers”on page 292.
ntp
Displays the system, Dynamic Multipathing (DMP), and process-relatednode wide statistics.
See “Displaying the system statistics” on page 294.
stat
Swaps two network interfaces of a node in a cluster.
See “Using the swap command” on page 295.
swap
Adjusts a variety of tunable variables that affect the global SFSsettings.
See “Using the option commands” on page 299.
option
About setting the clock commandsThese commands set or show the date and time of the system, including settingtime zones and displaying the list of regions.
Table 14-2 Clock commands
DefinitionCommand
Displays the current system date and time.
See “To display the current date and time of the system” on page 285.
clock show
Configuring system informationAbout setting the clock commands
284
Table 14-2 Clock commands (continued)
DefinitionCommand
Sets the system date and time.
See “To set the system date and time” on page 286.
clock set
Sets the time zone for the system.
Note: This command only accepts the name of a city or GMT(Greenwich Mean Time).
See “To set the time zone and region for the system” on page 287.
clock timezone
Sets the region for the system.
See “To set the region for the system” on page 287.
clock regions
Setting the clock commandsTo display the current date and time of the system
◆ To display the current system date and time, enter the following:
System> clock show
For example:
System> clock show
Fri Feb 20 12:16:30 PST 2009
You can set the current date and time of the system on all of the nodes in thecluster.
285Configuring system informationAbout setting the clock commands
To set the system date and time
◆ To set the system date and time, enter the following:
System> clock set time day month year
HH:MM:SS using a 24-hour clock
Pacific Daylight Time (PDT) is the time zone used for the system.Greenwich Mean Time (GMT) is the time zone used for the BIOS.
time
1..31day
January, February, March, April, May, June, July, August,September, October, November, December
month
YYYYyear
For example:
System> clock set 12:00:00 17 July 2009
.Done.
Fri Jul 17 12:00:00 PDT 2009
System>
Configuring system informationAbout setting the clock commands
286
To set the time zone and region for the system
1 To set the time zone for the system, enter the following:
System> clock timezone timezone
2 To reset the time zone on your system, enter the following:
System> clock timezone region
The system will reset to the time zone for that specific region.
For example:
System> clock show
Thu Apr 3 09:40:26 PDT 2008
System> clock timezone GMT
Setting time zone to: GMT
..Done.
Thu Apr 3 16:40:37 GMT 2008
System> clock show
Thu Apr 3 16:40:47 GMT 2008
System> clock timezone Los_Angeles
Setting time zone to: Los_Angeles
..Done.
Thu Apr 3 09:41:06 PDT 2008
System> clock show
Thu Apr 3 09:41:13 PDT 2008
To set the region for the system
◆ To set the region for the system, enter the following:
System> clock regions [region]
287Configuring system informationAbout setting the clock commands
Specifies the region for the system.
Valid values include:
■ Africa
■ America
■ Asia
■ Australia
■ Canada
■ Europe
■ GMT-offset - (this includes GMT, GMT +1, GMT +2)
■ Pacific
■ US
region
For example:
System> clock regions US
The software responds with the areas included in the US region.
System> clock regions US
Alaska
Aleutian
Arizona
Central
East-Indiana
Eastern
Hawaii
Indiana-Starke
Michigan
Mountain
Pacific
Samoa
About configuring the locally saved configuration filesTable 14-3 Configuration commands
DefinitionCommand
Views locally saved configuration files.
See “To list configuration settings” on page 289.
config list
Configuring system informationAbout configuring the locally saved configuration files
288
Table 14-3 Configuration commands (continued)
DefinitionCommand
Exports configuration settings locally.
See “To export configuration settings either locally or remotely”on page 290.
config export local
Exports configuration settings remotely.
See “To export configuration settings either locally or remotely”on page 290.
config exportremote
Imports configuration settings locally.
Warning: Running the system> config import commandoverwrites all of your existing configuration settings except clustername.
See “To import configuration settings either locally or remotely”on page 290.
config import local
Imports configuration settings remotely.
Warning: Running the system> config import commandoverwrites all of your existing configuration settings except clustername.
See “To import configuration settings either locally or remotely”on page 290.
config importremote
Deletes the locally saved configuration file.
See “To delete the locally saved configuration file” on page 291.
config delete
Configuring the locally saved configuration filesTo list configuration settings
◆ To view locally saved configuration files, enter the following:
System> config list
289Configuring system informationAbout configuring the locally saved configuration files
To export configuration settings either locally or remotely
◆ To export configuration settings locally, enter the following:
System> config export local file_name
For example:
System> config export local 2007_July_20
To export configuration settings remotely, enter the following:
System> config export remote URL
For example:
System> config export remote
ftp://[email protected]/configs/config1.tar.gz
Password: *******
Specifies the saved configuration file.file_name
Specifies the URL of the export file (supported protocols are FTPand SCP).
URL
You can import the configuration settings saved in a local file or saved to a remotemachine specified by a URL.
To import configuration settings either locally or remotely
◆ To import configuration settings locally, enter the following:
System> config import local file_name {network|admin|all|
report|system|cluster_specific|all_except_cluster_specific|
nfs|cifs|ftp|backup|replication|storage_schedules}
For example:
System> config import local 2008_July_20 network
Backup of current configuration was saved as 200907150515
network configuration was imported
Configuration files are replicated to all the nodes
To import configuration settings remotely, enter the following:
System> config import remote URL {network|admin|all|
report|system|cluster_specific|all_except_cluster_specific|
nfs|cifs|ftp|backup|replication|storage_schedules}
Configuring system informationAbout configuring the locally saved configuration files
290
For example:
System> config import remote ftp://[email protected]/home/user1/
2008_July_20.tar.gz report
Password: *******
Specifies the saved configuration file.file_name
Specifies the saved configuration at a remote machine specifiedby a URL.
URL
Available import configuration options are:
■ network - Imports DNS, LDAP, NIS, nsswitch settings (doesnot include IP).
■ admin - Imports list of users, passwords.
■ all - Imports all configuration information.
■ report - Imports report settings.
■ system - Imports NTP settings.
■ cluster_specific - Imports public IP addresses, virtualIP addresses, and console IP addresses. Be careful before usingthis import option. The network connection to the consoleserver will be lost after performing an import. You need toreconnect to the console server after importing theconfiguration option.
■ all_except_cluster_specific - Imports allconfiguration information except for cluster-specificinformation.
■ nfs - Imports NFS settings.
■ cifs - Imports CIFS settings.
■ ftp - Imports the FTP setting.
■ backup - Imports the NBU client and NDMP configuration,excluding the virtual-name and virtual-ip.
■ replication - Imports replication settings.
■ storage_schedules - Imports dynamic storage tiering(DST) and automated snapshot schedules.
importconfigurationoptions
To delete the locally saved configuration file
◆ To delete the locally saved configuration file, enter the following:
System> config delete file_name
file_name specifies the locally saved configuration file for which to delete.
291Configuring system informationAbout configuring the locally saved configuration files
Using the more commandThe System> more command enables, disables, or checks the status of the morefilter. The default setting is enable, which lets you page through the text onescreen at a time.
To set the more command
◆ To use the more command, enter the following:
System> more enable|disable|status
Enables the more filter on all of the nodes in the cluster.enable
Disables the more filter on all of the nodes in the cluster.disable
Displays the status of the more filter.status
For example:
System> more status
Status : Enabled
System> more disable
SFS more Success V-288-748 more deactivated on console
System> more enable
SFS more Success V-288-751 more activated on console
About coordinating cluster nodes to work with NTPservers
You can set the Network Time Protocol (NTP) server on all of the nodes in thecluster.
The Storage Foundation Cluster File Server (SFCFS) configuration recommendssetting the NTP server, though setting the NTP server is optional.
Note: Use 127.127.1.0 as the IP address for selecting the local clock as the timesource for the NTP server.
Configuring system informationUsing the more command
292
Table 14-4 NTP commands
DefinitionCommand
Sets the NTP server on all of the nodes in the cluster.
See “To set the NTP server on all of the nodes in the cluster”on page 293.
ntp servername
Displays NTP status and server name.
See “To display the status of the NTP server” on page 293.
ntp show
Enables the NTP server on all of the nodes in the cluster.
See “To enable the NTP server” on page 294.
ntp enable
Disables the NTP server on all of the nodes in the cluster.
See “To disable the NTP server” on page 294.
ntp disable
Coordinating cluster nodes to work with NTP serversTo set the NTP server on all of the nodes in the cluster
◆ To set the NTP server on all of the nodes in the cluster, enter the following:
System> ntp servername server-name
where server-name specifies the name of the server or IP address you wantto set.
For example:
System> ntp servername ntp.symantec.com
Setting NTP server = ntp.symantec.com
..Done.
To display the status of the NTP server
◆ To display NTP status and server name, enter the following:
System> ntp show
Example output:
System> ntp show
Status: Enabled
Server Name: ntp.symantec.com
293Configuring system informationAbout coordinating cluster nodes to work with NTP servers
To enable the NTP server
◆ To enable the NTP server on all of the nodes in the cluster, enter the following:
System> ntp enable
For example:
System> ntp enable
Enabling ntp server: ntp.symantec.com ..Done.
To disable the NTP server
◆ To disable the NTP server on all of the nodes in the cluster, enter the following:
System> ntp disable
For example:
System> ntp disable
Disabling ntp server:..Done.
System> ntp show
Status : Disabled
Server Name: ntp.symantec.com
Displaying the system statisticsThe System> stat command displays the system, Dynamic Multipathing (DMP),and process-related node-wide statistics. The load in the displayed output is theload from the last 1, 5, and 15 minutes.
Configuring system informationDisplaying the system statistics
294
To display the system statistics
◆ To display cluster wide or node wide statistics, enter the following:
System> stat sys|dmp|all|cluster [node]
Displays the system-related statistics.sys
Displays the DMP-related statistics.dmp
Displays the aggregate of the I/O and network performancesfrom each node and averages out the number of nodes in thecluster to show the statistics at the cluster level. The variablenode does not apply to this option.
cluster
Displays the system and DMP-related statistics of one node at atime in the cluster or all of the nodes in the cluster.
all
The name of the node in the cluster.node
To view the cluster-wide network and I/O throughput, enter the following:
System> stat cluster
Gathering statistics...
Cluster wide statistics::::
=======================================
IO throughput :: 0
Network throughput :: 1.205
Using the swap commandIf you set up a single-node cluster, and you were not able to ping the gatewaythrough the private or public interface, then the cables may have been attachedincorrectly. To correct this problem, you first need to switch the cables back tothe correct connectors. You then need to run the System> swap command. Forexample, if the public switch is 'priveth0' and the private switch is 'pubeth0,' theSystem> swap command switches the MAC addresses for 'priveth0' and 'pubeth0.'After running the System> swap command, all Secure Shell (SSH) connectionshosted on the input interfaces will terminate. You can check the status of theSystem> swap command using the > history command.
The System> swap command works only on a single-node cluster. No other serviceshould be running.
295Configuring system informationUsing the swap command
Note: Do not use this command if you have exported CIFS/NFS shares.
To use the swap command
◆ To use the swap command, enter the following:
System> swap interface1 interface2
For example:
System> swap pubeth0 priveth0
All ssh connection(s) need to start again after this command.
Do you want to continue [Enter "y/yes" to continue]...
Check status of this command in history.
Wait.......
About the option commandsThe option commands were created to allow you to adjust a variety of tunablevariables that affect the global SFS settings. The tunable variables that can bechanged or displayed are listed in Table 14-5.
Note: Only system administrators with advanced knowledge of DynamicMultipathing (DMP) I/O policies should use the System> option commands. Forassistance, contact Technical Support.
Table 14-5 Option commands
DefinitionCommand
Displays the number of Network File System (NFS) daemons for eachnode in the cluster.
See “Displaying the NFS daemons” on page 299.
option show nfsd
Modifies the number of Network File System (NFS) daemons on all ofthe nodes in the cluster. The range for the number of daemons youcan modify is 16 to 1892.
Warning: The option modify nfsd command overwrites theexisting configuration settings.
See “Changing the NFS daemons” on page 299.
option modify nfsd
Configuring system informationAbout the option commands
296
Table 14-5 Option commands (continued)
DefinitionCommand
Displays the type of Dynamic Multipathing (DMP) I/O policy and theenclosure for each node in a cluster.
See “To display the DMP I/O policy” on page 300.
option show dmpio
Modifies the Dynamic Multipathing (DMP) I/O policy, correspondingto the enclosure, arrayname, and arraytype.
Warning: Check the sequence before modifying the I/O policy. Thepolicies need to be applied in following sequence: arraytype,arrayname, and enclosure. The enclosure-based modification ofthe I/O policy overwrites the I/O policy set using the arrayname andthe arraytype for that particular enclosure. In turn, thearrayname-based modification of the I/O policy overwrites the I/Opolicy set using the arraytype for that particular arrayname.
See “To change the DMP I/O policy” on page 300.
option modifydmpio
Resets the Dynamic Multipathing (DMP) I/O policy setting for thegiven input (enclosure, arrayname, and arraytype). Use thiscommand when you want to change the I/O policy from the previouslyset enclosure to arrayname. The settings hierarchy is enclosure,arrayname, and arraytype, so to modify the I/O policy to arraytype,you need to reset arrayname and enclosure.
Note: This command does not set the default I/O policy.
See “To reset the DMP I/O policy” on page 301.
option reset dmpio
Displays the ninodes cache size in the cluster.
See “To display the ninodes cache size” on page 302.
option showninodes
Changes the cache size of the global inodes. If your system is cachinga large number of metadata transactions, or if there is significantvirtual memory manager usage, modifying some of the variables mayimprove performance. The range for the inode cache size is from 10000to 2097151.
Warning: The option modify ninodes command requires acluster-wide reboot.
See “To change the ninodes cache size” on page 302.
option modifyninodes
Displays the global value of the write_throttle parameter.
See “To display the tunefstab parameter” on page 302.
option showtunefstab
297Configuring system informationAbout the option commands
Table 14-5 Option commands (continued)
DefinitionCommand
Modifies the global write_throttle parameter for all the mounted filesystems.
The write_throttle parameter is useful in situations where a computersystem combines a large amount of memory and slow storage devices.In this configuration, sync operations (such as fsync()) may take solong to complete that a system appears to hang. This behavior occursbecause the file system is creating dirty buffers (in-memory updates)faster than they can be asynchronously flushed to disk without slowingsystem performance.
Lowering the value of write_throttle limits the number of dirty buffersper file that a file system generates before flushing the buffers to disk.After the number of dirty buffers for a file reaches the write_throttlethreshold, the file system starts flushing buffers to disk even if freememory is available.
The default value of write_throttle is zero, which puts no limit on thenumber of dirty buffers per file.
See “To modify the tunefstab parameter” on page 303.
option modifytunefstab
Configuring system informationAbout the option commands
298
Using the option commandsDisplaying the NFS daemons
◆ To display the NFS daemons, enter the following:
System> option show nfsd
For example:
System> option show nfsd
NODENAME NUMBER_DAEMONS
-------- --------------
sfs_1 96
sfs_2 96
If you want to view your current enclosure names, use the followingcommand:
Storage> disk list detail
For example:
Storage> disk list detail
Disk Pool Enclosure Size
==== ==== ========== ====
sda p1 OTHER_DISKS 10.00G
ID Serial Number
== =============
VMware%2C:VMware%20Virtual%20S:0:0 -
Changing the NFS daemons
◆ To display the number of NFS daemons, enter the following:
System> option modify nfsd number [nodename]
For example:
System> option modify nfsd 97
System>
299Configuring system informationAbout the option commands
To display the DMP I/O policy
◆ To change the dmpio policy, enter the following:
System> option show dmpio
For example:
NODENAME TYPE ENCLR/ARRAY IOPOLICY
-------- --------- ----------- --------
rama_01 arrayname disk balanced
rama_01 enclosure disk minimumq
To change the DMP I/O policy
◆ To change the DMP I/O policy, enter the following:
System> option modify dmpio
{enclosure enclr_name|arrayname array_name|arraytype {A/A|A/P|...}}
iopolicy={adaptive|adaptiveminq|balanced|minimumq|priority|
round-robin|singleactive}
The dmpio policy variables are the following:
Name of the enclosure to distinguish between arrayshaving the same array name.
enclr_nameenclosure
Name of the array. Two physical array boxes of thesame make will have the same array name.
array_namearrayname
A multipathing type of array. Use one of thefollowing:
active-active, active-active-A, active-active-A-HDS,active-active-A-HP, APdisk, active-passive,active-passive-C, active-passiveF-VERITAS,active-passiveF-T3PLUS, active-passiveF-LSI,active-passiveG, active-passiveG-C, Disk, CLR-A-P,CLR-A-PF
array_typearraytype
Configuring system informationAbout the option commands
300
In storage area network (SAN) environments, thisoption determines the paths that have the leastdelays, and schedules the I/O on paths that areexpected to carry a higher load. Priorities areassigned to the paths in proportion to the delay.
adaptiveiopolicy
The I/O is scheduled according to the length of theI/O queue on each path. The path with the shortestqueue is assigned the highest priority.
adaptiveminq
Takes into consideration the track cache whenbalancing the I/O across paths.
balanced
Uses a minimum I/O queue policy. The I/O is senton paths that have the minimum number of I/Orequests in the queue. This policy is suitable forlow-end disks or JBODs where a significant trackcache does not exist. This is the default policy forActive/Active (A/A) arrays.
minimumq
Assigns the path with the highest load carryingcapacity as the priority path. This policy is usefulwhen the paths in a SAN have unequalperformances, and you want to enforce loadbalancing manually.
priority
Sets a simple round-robin policy for the I/O. Thisis the default policy for Active/Passive (A/P) andAsynchronous Active/Active (A/A-A) arrays.
round-robin
The I/O is channeled through the single active path.The optional attribute use_all_paths controlswhether the secondary paths in an AsymmetricActive/Active (A/A-A) array are used for schedulingI/O requests in addition to the primary paths. Thedefault setting is no, which disallows the use of thesecondary paths.
singleactive
To reset the DMP I/O policy
◆ To reset the DMP I/O policy, enter the following:
System> option reset dmpio
{enclosure enclr_name|arrayname array_name|arraytype {A/A|A/P|...}}
301Configuring system informationAbout the option commands
To display the ninodes cache size
◆ To display the ninodes cache size, enter the following:
System> option show ninodes
For example:
System> option show ninodes
INODE_CACHE_SIZE
----------------
2000343
To change the ninodes cache size
◆ To change the ninodes cache, enter the following:
System> option modify ninodes number
For example:
System> option modify ninodes 2000343
SFS option WARNING V-288-0 This will require cluster wide reboot.
Do you want to continue (y/n)?
To display the tunefstab parameter
◆ To display the tunefstab parameter, enter the following:
System> option show tunefstab
For example:
System> option show tunefstab
NODENAME ATTRIBUTE VALUE
-------- --------- -----
sfs_01 write_throttle Default
sfs_02 write_throttle Default
Configuring system informationAbout the option commands
302
To modify the tunefstab parameter
◆ To modify the tunefstab parameter, enter the following:
System> option modify tunefstab write_throttle value
where value is the number you are assigning to the write_throttle parameter.
For example:
System> option modify tunefstab write_throttle 20003
System> option show tunefstab
NODENAME ATTRIBUTE VALUE
-------- --------- -----
sfs_01 write_throttle 20003
sfs_02 write_throttle 20003
System>
303Configuring system informationAbout the option commands
Configuring system informationAbout the option commands
304
Upgrading StorageFoundation Scalable FileServer
This chapter includes the following topics:
■ About upgrading drivers
■ Displaying the current version of SFS
■ About installing patches
About upgrading driversThe upgrade commands install or uninstall upgrades to the SFS software. Theupgrades can be patches or drivers. The software is installed or uninstalled on allof the nodes. The upgrade commands are defined in Table 15-1 .
To access the commands, log into the administrative console (for master,system-admin, or storage-admin) and enter the Upgrade> mode. For logininstructions, go to About using the SFS command-line interface.
Note:The Upgrade> patch install command can also be used for DUD upgradesin case the new node you want to add into the cluster has a separate set of driverrequirements compared to the first node.
15Chapter
Table 15-1 Upgrade mode commands
DefinitionCommand
Displays the current version of SFS, the patch level, and the DUDupgrade(s). The Upgrade> show detail command displaysinformation about major upgrades.
Error messages are displayed if any of the nodes in the cluster do nothave matching software versions, operating system packages installed,or any DUD upgrade(s) installed.
See “Displaying the current version of SFS” on page 307.
show
Downloads the patch from the specified URL and installs it on all ofthe nodes.
See “About installing patches” on page 308.
patch install
Uninstalls the software upgrade from all of the nodes up to thespecified version.
See “About installing patches” on page 308.
patchuninstall-upto
Synchronizes the specified node.
See “About installing patches” on page 308.
patch sync
Removes all of the driver updates previously added to the cluster andreverts back to the original driver update image.
See “About installing patches” on page 308.
patch duduninstall
Upgrading Storage Foundation Scalable File ServerAbout upgrading drivers
306
Displaying the current version of SFSTo display the current version of SFS
1 To display the current version of SFS and the patch level, enter the following:
Upgrade> show
For example:
Upgrade> show
5.5 (Tue Aug 11 08:40:23 2009),
Installed on Tue Aug 11 17:21:18 EDT 2009
2 To display the current version of SFS, the DUD upgrades, the patch level, andmajor upgrades, enter the following:
Upgrade> show detail
For example:
Upgrade> show detail
5.5SP1RP1 (Tue Dec 15 08:40:23 2009)
5.5SP1 (Tue Aug 11 08:40:23 2009),
Installed on Tue Aug 11 17:21:18 EDT 2009
5.5SP1RP1 (Tue Dec 15 08:40:23 2009),
Installed on Tue Dec 15 19:19:54 EDT 2009
Major Upgrade(s)
================
Upgraded from 5.5 to 5.5SP1 (Tue Aug 11 08:40:23 2009)
on Tue Aug 11 17:21:18 EDT 2009
307Upgrading Storage Foundation Scalable File ServerDisplaying the current version of SFS
About installing patchesTable 15-2 Patch commands
DefinitionCommand
Downloads the patch from a specified URL and install it on all of thenodes. TheUpgrade> patch install command first synchronizesthe nodes that have different software versions compared to the othernodes. If the remaining nodes (nodes other then first node added intothe cluster) have a different set of driver requirements, then you canalso use the same patch install command to add drivers in the driverupdate image present in the install server.
The driver update image present in the install server acts as a DriverUpdate Disk (DUD) image during the installation for any node usingthe PXE boot. To use the same patch install interface for the DUDupdate process, along with the URL path of the DUD patch (the DUDISO), you have to specify the list of drivers you want to add.
Note: After you have installed, uninstalled, or synchronized a newSFS patch into your cluster, the list of available commands may havechanged. Please re-login to the CLI to access the updated features.
See “To install the latest patches on your system” on page 310.
patch install
Uninstalls the software upgrade from all of the nodes up to thespecified version. You must specify the versions of software up to theversion that you want to uninstall. This command first synchronizesthe nodes that have different software versions compared to othernodes in the cluster.
See “To uninstall patches” on page 311.
patchuninstall-upto
Forcefully synchronizes the specified node, bringing it up to thecurrently installed software version of the remaining nodes in thecluster.
You only need to install the patch on one node, and then run theUpgrade> patch sync command to synchronize all of the nodes.
See “To forcefully synchronize software upgrades on a node”on page 311.
patch sync
Upgrading Storage Foundation Scalable File ServerAbout installing patches
308
Table 15-2 Patch commands (continued)
DefinitionCommand
Removes all of the driver updates previously added to the cluster andreverts back to the original driver update image. This process doesnot remove the drivers that were added during the installation of thefirst node. The DUD uninstall process is not incremental, unlike theDUD upgrade process where you can add different drivers by usingthe patch install commands multiple times.
See “To uninstall driver updates” on page 312.
patch duduninstall
309Upgrading Storage Foundation Scalable File ServerAbout installing patches
Installing patchesTo install the latest patches on your system
◆ To install the latest patches, enter the following:
Upgrade> patch install URL [driver_list]
For example, you can download a DUD ISO from an HTTP server withauthentication and install it. The following output shows the update of thedriver update image (on all of the nodes present in the cluster) with the tg3
driver of version 3.71b and the megaraid-sas.ko driver of version 00.00.03.16.
http://[email protected]/DRIVER_UPDATES/SFS_DUD.iso
tg3.ko:3.71b,megaraid_sas.ko:00.00.03.16
Enter password for user 'admin': **********
Please wait. Upgrade is in progress...
Patch upgraded on all nodes of cluster.
The URL of the location from where you can download thesoftware patch. The URL supports HTTP, FTP, and SCP protocolsfor download. The username and password for the HTTP andFTP protocols are supported.
URL
An optional variable that you can use for DUD upgrades. Entera list of comma-separated [drivername:versionnumber] pairswhen you want to apply the DUD upgrade.
You can exit the patch DUD upgrade process by entering no/noat the prompt.
For example:
Upgrade> patch install scp://[email protected]:/home/support/SFS.isoEnter password for user 'support':********No input driver given...List of drivers present in DUD::Drivername:Versionnumber**************************e1000.ko:7.6.9.1tg3.ko:3.71bmegaraid_sas.ko:00.00.03.16
Please enter driver list you want to add[Enter "No" to exit from here]:: noSorry...Patch driverupgrade processis terminated by you.
driver_list
Upgrading Storage Foundation Scalable File ServerAbout installing patches
310
To uninstall patches
◆ To uninstall the software upgrades, enter the following:
Upgrade> patch uninstall-upto version
where version specifies the versions of software up to the version that youwant to uninstall.
For example:
Upgrade> patch uninstall-upto 5.5RP1
OK Completed
To forcefully synchronize software upgrades on a node
◆ To forcefully synchronize software upgrades on a node, enter the following:
Upgrade> patch sync nodename
wherenodename specifies the node that needs to be synchronized to the samesoftware version as the one currently installed in the cluster.
For example:
Upgrade> patch sync node2
...............
Syncing software upgrades on node2...
SFS patch SUCCESS V-288-122 Patch sync completed.
This command lists all of the drivers updated on the cluster and asks you toconfirm the uninstall on each one by entering y or yes. If you decide not touninstall the drivers, press any key other than y or yes to exit the uninstall process.
311Upgrading Storage Foundation Scalable File ServerAbout installing patches
To uninstall driver updates
◆ To uninstall the driver updates, enter the following:
Upgrade> patch duduninstall
You will be asked to confirm the uninstallation of the drivers.
For example:
Upgrade> patch duduninstall
patch duduninstall
DUD updated with following drivers ::
===================================
tg3.ko:3.71b
megaraid_sas.ko:00.00.03.16
Do you really want to continue with uninstallation
[Enter "y/yes" to continue]::
y
Uninstalling DUD...
DUD uninstall completed successfully.
Upgrading Storage Foundation Scalable File ServerAbout installing patches
312
Troubleshooting
This chapter includes the following topics:
■ About troubleshooting commands
■ Retrieving and sending debugging information
■ About the iostat command
■ About excluding the PCI ID prior to the SFS installation
■ Testing network connectivity
■ About the services command
■ Using the support login
■ About network traffic details
■ Accessing processor activity
■ Using the traceroute command
About troubleshooting commandsThis chapter discusses the SFS troubleshooting commands. You use thesecommands to check the status of the nodes and the SFS cluster. Thetroubleshooting mode commands are in Table 16-1.
To access the a particular troubleshooting submode command, log into theadministrative console (for master, system-admin, or storage-admin) and enterthe appropriate mode. For login instructions, go to About using the SFScommand-line interface.
16Chapter
Table 16-1 Support mode commands
DefinitionCommand
Retrieves SFS debug information from an SFS node and send theinformation to a server using an external FTP or SCP server.
See “Retrieving and sending debugging information” on page 314.
debuginfo
Generates CPU statistical information.
Generates the device utilization report.
See “About the iostat command” on page 315.
iostat
Excludes the Peripheral Component Interconnect (PCI) IDs from thenodes in a cluster prior to installing the SFS software. The PCI IDsmust be excluded prior to the PXE boot.
See “About excluding the PCI ID prior to the SFS installation ”on page 317.
pciexclusion
Tests whether a particular host or gateway is reachable across an IPnetwork.
See “Testing network connectivity” on page 321.
network> ping
Brings services that are OFFLINE or FAULTED back into the ONLINEstate.
See “Using the services command” on page 323.
services
Reports SFS technical support issues.
See “Using the support login” on page 325.
support login
Exports the network traffic details to the specified location.
Displays captured packet data from a live network.
See “About network traffic details” on page 325.
tethereal
Displays the dynamic real-time view of currently running tasks.
See “Accessing processor activity” on page 327.
top
Displays all of the intermediate nodes on a route between two nodes.
See “Using the traceroute command” on page 328.
traceroute
Retrieving and sending debugging informationYou can retrieve SFS debug information from an SFS node and send theinformation to a server using an external FTP or SCP server.
TroubleshootingRetrieving and sending debugging information
314
To upload debugging information
◆ To upload debugging information from a specified node to an external server,enter the following:
Support> debuginfo nodename debug-url
For example:
Support> debuginfo sfsnode scp://[email protected]:/tmp
Specifies the nodename from which to collect the debugginginformation.
nodename
Specifies the URL where you want to upload the debugginginformation. Depending on the type of server from which youare uploading debugging information, use one of the followingexample URL formats:
ftp://[email protected]/patches/
scp://[email protected]:/tmp/
If debug-url specifies a remote directory, the default filename issfsfs_debuginfo.tar.gz.
debug-url
About the iostat commandThe iostat commands display the CPU and I/O statistics.
Table 16-2 Iostat commands
DefinitionCommand
Generates CPU statistical information. When the command is usedfor the first time, it contains information since the system was booted.Each subsequent report shows the details since the last report.
See “To use the iostat command” on page 316.
iostat cpu
Generates the device utilization report. This information can be usedto balance the load among the physical disks by modifying the systemconfiguration. When this command is executed for the first time, itcontains information since the system was booted. Each subsequentreport shows the details since the last report. There are two optionsfor this command.
See “To use the iostat device command” on page 317.
iostat device
315TroubleshootingAbout the iostat command
Generating CPU and device utilization reportsTo use the iostat command
◆ To use the iostat cpu command, enter the following:
Support> iostat cpu [nodename] [interval] [count]
The name of the node from where the report will be generated.The default is console for the Management Console.
nodename
The duration between each report in seconds. The default is 2seconds.
interval
The number of reports generated at the interval entered inseconds. The default is one report.
count
where the nodename option asks for the name of the node from where thereport will be generated. The default is console for the Management Console.
For example, to generate the CPU utilization report of the console node, enterthe following:
Support> iostat cpu sfs_01
Linux 2.6.16.60-0.21-smp (sfs_01) 07/09/09
avg-cpu: %user %nice %system %iowait %steal %idle
1.86 0.07 4.53 0.13 0.00 93.40
TroubleshootingAbout the iostat command
316
To use the iostat device command
◆ To use the iostat device command, enter the following:
Support> iostat device [nodename] [dataunit]
[interval] [count]
The nodename option asks for the name of the node from wherethe report will be generated. The default is console for theManagement Console.
nodename
The dataunit option lets you generate the report in block(s) orkilobytes(s). The default is block(s).
dataunit
The duration between each report in seconds. The default is twoseconds.
interval
The number of reports generated at the interval entered inseconds. The default is one report.
count
For example, to generate a device utilization report of a node, enter thefollowing:
Support> iostat device sfs_01 Blk
Linux 2.6.16.60-0.21-smp (sfs_01) 07/09/09
Device: tps Blk_read/s Blk_wrtn/s Blk_read Blk_wrtn
hda 4.82 97.81 86.11 1410626 1241992
sda 1.95 16.83 4.05 242712 58342
hdc 0.00 0.01 0.00 136 0
About excluding the PCI ID prior to the SFSinstallation
During the initial SFS software installation, you excluded certain PCI IDs in yourcluster to reserve them for future use. This action applied only to the first node.Use the commands in this section to exclude additional PCI IDs from the secondnode or subsequent nodes before you install SFS software on the second orsubsequent nodes.
The PXE boot installation excludes the same PCI IDs you entered during the initialSFS software installation on the second node or subsequent nodes. Before the PXEboot, you can delete the PCI IDs from being excluded on the second node by usingthe Support> pciexclusion delete command.
317TroubleshootingAbout excluding the PCI ID prior to the SFS installation
Note: If you decide to include the PCI IDs you previously excluded you need toreinstall SFS on your cluster.
Table 16-3 PCI exclusion commands
DefinitionCommand
Displays the list of PCI IDs that have been excluded during the initialSFS installation. The status of the PCI IDs is designated by a y (yes)or n (no). The yes option means they have been excluded. The nooption means they have not yet been excluded.
See “To display the list of excluded PCI IDs” on page 319.
pciexclusion show
Allows you to add specific PCI IDs for exclusion. You must enter thevalues in this command before the PXE boot installation for the PCIIDs to be excluded from the second node installation.
See “To add a PCI ID for exclusion” on page 320.
pciexclusion add
Deletes a specified PCI ID from being excluded. If you do not want thesame PCI ID excluded on additional nodes, you must delete them here.You must perform this command before doing the PXE bootinstallation.
See “To delete a PCI ID” on page 320.
pciexclusion delete
TroubleshootingAbout excluding the PCI ID prior to the SFS installation
318
Excluding the PCI IDs from the clusterTo display the list of excluded PCI IDs
◆ To display the list of PCI IDs that you excluded during the SFS installation,enter the following:
Support> pciexclusion show
PCI ID EXCLUDED NODENAME/UUID
------ -------- -------------
0000:0e:00.0 y sfs_1
0000:0e:00.0 y a79a7f43-9fe2-4eeb-aa1f-27a70e7a0820
0000:04:00:1 n
The PCI IDs you entered to be excluded during the initial SFSinstallation.
The PCI ID is made up of the following:
[ [<domain>] : ] [ [ <bus> ] : ] [ <slot > ] [ . [ <func> ] ]
PCI ID
(y) means the PCI ID has been excluded.
(n) means the PCI ID has not been excluded.
EXCLUDED
The node names corresponding to the PCI IDs.NODENAME
The ID of the node which is in the installed state but not yet addedinto the cluster.
UUID
319TroubleshootingAbout excluding the PCI ID prior to the SFS installation
To add a PCI ID for exclusion
◆ To add a PCI ID for exclusion, enter the following:
Support> pciexclusion add pci_list
where pci_list is a comma-separated list of PCI IDs. The format of the PCI IDis in hexadecimal bits (XXXX:XX:XX.X).
For example:
Support> pciexclusion add 0000:00:09.8
Support> pciexclusion show
PCI ID EXCLUDED NODENAME/UUID
------ -------- -------------
0000:0e:00.0 y sfs_1
0000:0e:00.0 y a79a7f43-9fe2-4eeb-aa1f-27a70e7a0820
0000:04:00:1 n
0000:00:09.0 n
To delete a PCI ID
◆ To delete a PCI ID that you excluded during the SFS installation so that thePCI ID is now available for use, enter the following:
Support> pciexclusion delete pci
where pci is the PCI ID in hexadecimal bits. For example: XXXX:XX:XX.X.
You can only delete a PCI ID exclusion that was not already used on any ofthe nodes in the cluster. In the following example, you cannot delete PCI IDswith the NODENAME/UUID sfs_1 ora79a7f43-9fe2-4eeb-aa1f-27a70e7a0820.
For example:
Support> pciexclusion delete 0000:04:00:1
Support> pciexclusion show
PCI ID EXCLUDED NODENAME/UUID
------ -------- -------------
0000:0e:00.0 y sfs_1
0000:0e:00.0 y a79a7f43-9fe2-4eeb-aa1f-27a70e7a0820
0000:00:09.0 n
TroubleshootingAbout excluding the PCI ID prior to the SFS installation
320
Testing network connectivityYou can test whether a particular host or gateway is reachable across an IPnetwork.
To use the ping command
◆ To use the ping command, enter the following:
Network> ping destination [nodename] [devicename] [packets]
For example, you can ping host1 using node1:
Network> ping host1 node1
Specifies the host or gateway to send the information to.
The destination field can contain either a DNS name or an IPaddress.
destination
Specifies thenodename to ping from. To ping from any node, useany in the nodename field. The nodename field is an optionalfield, and if omitted, any node is chosen to ping from.
nodename
Specifies the device through which you will ping. To ping fromany device in the cluster, use theany variable in thedevicenamefield.
devicename
Specifies the number of packets that should be sent to thedestination.
If the packets field is omitted, five packets are sent to thedestination by default.
The packets field must contain an unsigned integer.
packets
About the services commandThe Support> services command lets you bring services that are OFFLINE orFAULTED back into the ONLINE state.
Note: If after using the services command, a service is still offline or faulted, youneed to contact Technical Support.
These services include:
■ NFS server
321TroubleshootingTesting network connectivity
■ CIFS server
■ Console service
■ Backup
■ NIC information
■ FS manager
■ IP addresses
Table 16-4 Services commands
DefinitionCommand
Attempts to fix any service that is offline or faulted, running on all ofthe nodes in the cluster.
See “To display the state of the services” on page 323.
services autofix
Fixes a specific service. Enter the servicename and this option willattempt to bring the service back online. If the servicename is alreadyonline, no action is taken. If the servername is a parallel service, anattempt is made to online the service on all nodes. If the servicenameis a failover service, an attempt is made to online the service on anyof the running nodes of the cluster.
See “To display the state of all of the services” on page 324.
services online
Lists the state of important services. The state of the IPs and filesystems are only shown if they are not online. When the show optionis used, the program will attempt to online any services that are offlineor faulted. There is a timeout of 15 minutes. If you run a servicesshow command and then run the command again before 15 minuteshas elapsed, the command will not attempt to online any services.
See “To fix any service fault” on page 324.
services show
Lists the state of all of the services. When the show option is used, theprogram will attempt to online any services that are offline or faulted.There is a timeout of 15 minutes. If you run a services show
command and then run the command again before 15 minutes haselapsed, the command will not attempt to online any services.
See “To bring a service online” on page 324.
services showall
TroubleshootingAbout the services command
322
Using the services commandTo display the state of the services
◆ To display the important services running on the nodes, enter the following:
Support> services show
Verifying cluster state...........done
sfs
Service 1 2
------- -------- --------
nfs ONLINE ONLINE
cifs OFFLINE OFFLINE
ftp OFFLINE OFFLINE
backup ONLINE OFFLINE
console ONLINE OFFLINE
nic_pubeth0 ONLINE ONLINE
nic_pubeth1 ONLINE ONLINE
fs_manager ONLINE ONLINE
323TroubleshootingAbout the services command
To display the state of all of the services
◆ To display all of the services running on the nodes, enter the following:
Support> services showall
sfs
Service 1 2
------- -------- --------
nfs ONLINE ONLINE
cifs OFFLINE OFFLINE
ftp OFFLINE OFFLINE
backup ONLINE OFFLINE
console ONLINE OFFLINE
nic_pubeth0 ONLINE ONLINE
nic_pubeth1 ONLINE ONLINE
fs_manager ONLINE ONLINE
10.182.107.201 OFFLINE ONLINE
10.182.107.202 ONLINE OFFLINE
10.182.107.203 OFFLINE ONLINE
10.182.107.204 ONLINE OFFLINE
/vx/fs1 ONLINE ONLINE
/vx/fs2 ONLINE ONLINE
/vx/fs3 ONLINE ONLINE
To fix any service fault
◆ To fix any service fault, enter the following:
Support> services autofix
Attempting to fix service faults...........done
To bring a service online
◆ To bring a service online on the nodes, enter the following:
Support> services online servicename
where servicename is the name of the service you want to bring online.
For example:
Support> services online 10.182.107.203
Support>
TroubleshootingAbout the services command
324
Using the support loginThere is a support login used for reporting SFS technical support issues.
Note: The support account is intended for Technical Support use only. It cannotbe created by administrators.
To use the support login
1 Log in to the CLI as the support account by entering:
support
and then entering:
symantec
For example,
login as: support
Password:
Last login: Fri Dec 14 12:09:49 2007 from 172.16.113.118
sfs_1:~ #
2 After having logged in as the support account, it is recommended that youchange your password.
See “To change a user's password” on page 34.
3 To use the supportuser commands refer to:
See “About the support user” on page 35.
About network traffic detailsThe tethereal command exports and displays network traffic data.
Table 16-5 Tethereal commands
DefinitionCommand
Exports the network traffic details to the specified location.
See “To use the tethereal command” on page 326.
tethereal export
Displays captured packet data from a live network.
See “To use the tethereal show command” on page 327.
tethereal show
325TroubleshootingUsing the support login
Exporting and displaying the network traffic detailsTo use the tethereal command
◆ To use the tethereal export command, enter the following:
Support> tethereal export url [nodename] [interface] [count] [source]
Provides the location to export the network traffic details. Thedefault filename tethereal.log is used if a filename is notspecified in the url.
url
The name of the node from where the traffic details aregenerated. Unless a name is enter, the default is console forthe Management Console.
nodename
Specifies the network interface for the packet capture.interface
Specifies the maximum number of packets to read.
The maximum allowed file size to capture the network trafficdetails is 128 MB. For a very large 'count' value, if the file sizeexceeds 128 MB, then the command stops capturing the networktraffic details.
count
Specifies the node to filter the packets.source
For example, to export the network traffic details, enter the following:
Support> tethereal export scp://[email protected]:˜/
Password: *******
Capturing on pubeth0 ...
Uploading network traffic details to scp://[email protected]:˜/
is completed.
TroubleshootingAbout network traffic details
326
To use the tethereal show command
◆ To use the tethereal show command, enter the following:
Support> tethereal show [nodename] [interface] [count] [source]
The name of the node from where the traffic details are displayed.The default is console for the Management Console.
nodename
Specifies the network interface for the packet capture.interface
Specifies the maximum number of packets to read.
If you do not specify a count value, the network traffic continuesto be displayed until you interrupt it.
count
Specifies the node to filter the packets.source
For example, the traffic details for five packets, for the Management Consoleon the pubeth0 interface are:
Support> tethereal show sfs_01 pubeth0 5 172.31.168.140
0.000000 172.31.168.140 -> 10.209.105.147 ICMP Echo (ping) request
0.000276 10.209.105.147 -> 172.31.168.140 ICMP Echo (ping) reply
0.000473 10.209.105.147 -> 172.31.168.140 SSH Encrypted response
packet len=112
0.000492 10.209.105.147 -> 172.31.168.140 SSH Encrypted response
packet len=112
Accessing processor activityThe top command displays the dynamic real-time view of currently running tasks.It shows the resources being consumed by users and processes at a given time fora specified node.
327TroubleshootingAccessing processor activity
To use the top command
◆ To use the top command, enter the following:
Support> top [nodename] [iterations] [delay]
Displays the resources and processes at a given time for thespecified node.
nodename
Specifies the number of iterations you want to run. The defaultis three.
iterations
Specifies the delay between screen updates that you want to see.The default is five seconds.
delay
For example, to show the dynamic real-time view of tasks running on thenode sfs_01, enter the following:
Support> top sfs_01 1 1
top - 16:28:27 up 1 day, 3:32, 4 users, load average: 1.00, 1.00, 1.00
Tasks: 336 total, 1 running, 335 sleeping, 0 stopped, 0 zombie
Cpu(s): 0.1% us, 0.1% sy, 0.0% ni, 99.7% id, 0.0% wa, 0.0% hi, 0.0% si
Mem: 16405964k total, 1110288k used, 15295676k free, 183908k buffers
Swap: 1052248k total, 0k used, 1052248k free, 344468k cached
PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND
6314 root 15 0 5340 1296 792 R 3.9 0.0 0:00.02 top
1 root 16 0 640 260 216 S 0.0 0.0 0:04.86 init
Using the traceroute commandThe traceroute command displays all of the intermediate nodes on a routebetween two nodes.
TroubleshootingUsing the traceroute command
328
To use the traceroute command
◆ To use the traceroute command, enter the following:
Support> traceroute destination [source] [maxttl]
The target node. To display all of the intermediate nodes locatedbetween two nodes on a network, enter the destination node.
destination
Specifies the source node name from where you want to beginthe trace.
source
Specifies the maximum number of hops. The default is sevenhops.
maxttl
For example, to trace the route to the network host, enter the following:
Support> traceroute www.symantec.com sfs_01 10
traceroute to www.symantec.com (8.14.104.56), 10 hops max, 40 byte
packets
1 10.209.104.2 0.337 ms 0.263 ms 0.252 ms
2 10.209.186.14 0.370 ms 0.340 ms 0.326 ms
3 puna-spi-core-b02-vlan105hsrp.net.symantec.com (143.127.185.130)
0.713 ms 0.525 ms 0.533 ms
4 143.127.185.197 0.712 ms 0.550 ms 0.564 ms
5 10.212.252.50 0.696 ms 0.600 ms 78.719 ms
329TroubleshootingUsing the traceroute command
TroubleshootingUsing the traceroute command
330
CFS (cluster file system) A file system that can be simultaneously mounted on multiple nodes. CFS is usedas the underlying file system within the Scalable File Server.
CIFS (Common Internet
File System)
A network protocol that provides the foundation for Windows-based file sharingand other network utilities. The Scalable File Server supports CIFS file sharing.
console IP address A virtual IP address that is configured for administrative access to the ScalableFile Server cluster management console.
coordinator disks Three or more LUNs designated to function as part of the I/O fencing mechanismof the Scalable File Server. Coordinator disks cannot be used to store user data.
DAR (Direct Access
Recovery)
An optional capability of NDMP Data and Tape Services where only relevantportions of the secondary media are accessed during Recovery Operations.
data connection (NDMP) The connection between the two NDMP servers that carry the data stream. Thedata connection in NDMP is either an NDMP interprocess communicationmechanism (for local operations) or a TCP/IP connection (for 3-way operations).
data service (NDMP) An NDMP service that transfers data between primary storage and the dataconnection.
data stream (NDMP) A unidirectional byte stream of data that flows over a data connection betweentwo peer NDMP services in an NDMP session. For example, in a backup, the datastream is generated by the data service and consumed by the tape service. Thedata stream can be backup data, recovered data, etc.
data management
application (NDMP)
An application that controls the NDMP session. In NDMP there is a master-slaverelationship. The data management application is the session master; the NDMPservices are the slaves. In NDMP versions 1, 2, and 3 the term "NDMP client" isused instead of data management application.
DMP (Dynamic
Multipathing)
An enhancement technique that provides the load balancing and path failover todisks that are connected to the Scalable File Server cluster nodes.
DST (Dynamic Storage
Tiering)
A feature that allows the files and directories to be automatically and seamlesslytransferred to different types of storage technology that may originate fromdifferent hardware vendors.
DUD (Driver Update
Disk)
An ISO image or media that contains one or more additional drivers that areneeded to install the Scalable File Server on specific hardware, if the base ScalableFile Server installer did not include the necessary drivers.
Glossary
failover The capability to have the service of a failed computer resource made availableautomatically with little or no interruption. With the Scalable File Serverconfigured as a cluster, the services provided by any failed node are automaticallyprovided by the remainder of functioning nodes.
hard limit A file system quota for file and block consumption which can be established forindividual users or groups. When the hard limit is reached no further files orblocks can be allocated.
I/O fencing An optional Scalable File Server feature that configures a specific group of LUNswith (to have) an additional layer of data protection. This extra protection preventsdata loss from occurring in the rare case that the redundant cluster interconnectand public low-priority interconnect fails.
media server A NetBackup server that provides storage within a master and a media servercluster. See also NetBackup.
mirrored file system A file system that is constructed and managed by a technique for automaticallymaintaining one or more copies of the file system, using separate underlyingstorage for each copy. If a storage failure occurs, then access is maintained throughthe remaining accessible mirrors.
NAS (Network Attached
Storage)
A file-level computer data storage that is connected to a network that providesdata access to network-capable clients.
NDMP (Network Data
Management Protocol)
An open standard protocol that is used to control the data backup and the recoverycommunications between primary and secondary storage in a heterogeneousnetwork environment. NDMP specifies a common architecture for the backup ofnetwork file servers. It enables the creation of a common agent which a centralizedprogram can use to back up the data on file servers that run on different platforms.
NDMP client An application that controls the NDMP session. See also data managementapplication.
NDMP host The host computer system that executes the NDMP server application. Data isbacked up from the NDMP host to either a local tape drive or to a backup deviceon a remote NDMP host.
NDMP server An instance of one or more distinct NDMP services controlled by a single NDMPcontrol connection. Thus a data/tape/SCSI server is an NDMP server providingdata, tape, or SCSI services.
NDMP service The state computer on the NDMP host accessed with the Internet protocol andcontrolled using the NDMP protocol. This term is used independently ofimplementation. The three types of NDMP services are: data service, tape service,and SCSI service.
NDMP session The configuration of one data management application and two NDMP servicesto perform a data management operation such as a backup or a recovery.
Glossary332
NetBackup A Veritas software product that backs up, archives, and restores files, directories,or raw partitions that reside on a client system.
NFS (Network File
System)
A protocol that lets the user on a client computer access files over a network. Tothe client's applications the files appear as if they resided on one of the localdevices.
NFS lock management A feature that lets a customer use the Network File System (NFS) advisory clientlocking feature in parallel with core Cluster File System (CFS) global lockmanagement.
no root_squash An NFS sharing option. Does not map requests from the UID 0. This option is onby default.
NTP (Network Time
Protocol)
A protocol for synchronizing computer system clocks over packet-switched,variable-latency data networks.
oplocks A file-locking mechanism that is designed to improve performance by controllingthe caching of files on the client.
private interconnect An internal IP network that is used by the Scalable File Server to facilitatecommunications between the Scalable File Server server nodes.
PXE (Pre-boot eXecution
Environment)
An environment to boot computers using a network interface independent ofavailable data storage devices (such as hard disks) or installed operating systems.
round robin DNS A technique in which a DNS server, not a dedicated computer, performs the loadbalancing.
Samba An open-source implementation of the SMB file sharing protocol. It provides fileand print services to SMB/CIFS clients.
share A specification of a file system or proper subset of a file system, which supportsshared access to a file system through an NFS or CIFS server. The specificationdefines the folder or directory that represents the file system along with accesscharacteristics and limitations.
snapshot A point-in-time image or replica of a file system that looks identical to the filesystem from which the snapshot was taken.
soft limit A file system quota for file and block consumption which can be established forindividual users or groups. If a user exceeds the soft limit, there is a grace period,during which the quota can be exceeded. After the grace period has expired, nomore file or data blocks can be allocated.
storage pool A logical construct that contains one or more LUNs from which file systems canbe created.
stripe unit The granularity at which data is stored on one drive of the array before subsequentdata is stored on the next drive of the array.
333Glossary
syslog A standard for forwarding log messages in an IP network. The term refers to boththe syslog protocol and the application sending the syslog messages.
tape service (NDMP) An NDMP service that transfers data between secondary storage and the dataconnection and allows the data management application to manipulate and accessthe secondary storage.
WWN (World Wide
Name)
A 64-bit identifier that is used in Fibre Channel networks to uniquely identifyeach element in the network (i.e., nodes and ports).
Glossary334
Aabout
backup configurations 259changing share properties 184configuring CIFS for AD domain mode 165configuring disks 101configuring locally saved configuration files 288configuring SFS for CIFS 154configuring storage pools 96creating and maintaining file systems 117creating file systems 120disk lists 105DNS 54FTP 207FTP server 208FTP session 216FTP set 210I/O fencing 111installing patches 308iostat 315leaving AD domain 170leaving NT domain 163managing CIFS shares 183managing home directories 194NDMP policies 249NDMP supported configurations 247Network Data Management Protocol 246network services 50network traffic details 325NFS file sharing 143NIS 81option commands 296reconfiguring CIFS service 180retrieving the NDMP data 255services command 321setting NTLM 173setting trusted domains 176SFS cluster and load balancing 191snapshot schedules 138snapshots 133storage provisioning and management 95
about (continued)storing account information 177support user 35troubleshooting 313
about bonding Ethernet interfaces 52accessing
man pages 30processor activity 327
Active Directorysetting the trusted domains for 176
AD domain modechanging domain settings 171configuring CIFS 165security settings 171
CIFS server stopped 171setting domain 167setting domain controller 167setting domain user 167setting security 167starting CIFS server 167
AD interfaceusing 173
AD trusted domainsdisabling 176
addinga severity level to an email group 225a syslog server 230an email address to a group 225an email group 225CIFS share 184disks 103external NetBackup master server to work with
SFS 243filter to a group 225IP address to a cluster 60mirror to a file system 124mirror to a tier of a file system 271mirrored tier to a file system 268mirrored-striped tier to a file system 268NetBackup Enterprise Media Manager (EMM)
server 243NetBackup media server 243
Index
adding (continued)new nodes to the cluster 43NFS share 145second tier to a file system 268SNMP management server 233striped tier to a file system 268striped-mirror tier to a file system 268users
naming requirements for 24vlan 86
Bbackup configurations
about 259backup services
displaying the status of 260starting 260stopping 260
bind distinguished namesetting for LDAP server 75
Cchange
security settings 165after CIFS server stopped 165
changingan IP address to online
on any running node 60configuration of an Ethernet interface 65DMP I/O policy 299domain settings 163local CIFS user password 202NFS daemons 299ninodes cache size 299status of a file system 131support user password 36
changing domain settingsAD domain mode 171
changing share propertiesabout 184
checkingand repairing a file system 130I/O fencing status 113on the status of the NFS server 90support user status 36
CIFSstandalone mode 155
CIFS and NFS protocolsshare file systems 148, 188
CIFS serverstarting 181
CIFS server statusstandalone mode 156
CIFS server stoppedchange security settings 165
CIFS servicestandalone mode 156
CIFS shareadding 184deleting 184
clearingDNS domain names 56DNS name servers 56LDAP configured settings 75
CLIlogging in to 25
client configurationsdisplaying 80LDAP server 80
clusteradding an IP address to 60adding new nodes 43adding the new node to 44changing an IP address to online for any running
node 60deleting a node from 45displaying a list of nodes 40displaying all the IP addresses for 60rebooting a nodes or all nodes 47shutting down a node or all nodes in a cluster 47
command historydisplaying 37
Command-Line Interface (CLI)how to use 25
configurationof an Ethernet interface
changing 65configuration files
deleting the locally saved 289viewing locally saved 289
configuration settingsexporting either locally or remotely 289importing either locally or remotely 289
configuringbackup using NetBackup 240CIFS for standalone mode 155
Index336
configuring (continued)IP routing 69masquerade as EMC policy 250NDMP backup method policy 250NDMP failure resilient policy 250NDMP overwrite policy 250NDMP recursive restore policy 250NDMP restore DST policy 250NDMP send history policy 250NDMP update dumpdates policy 250NDMP use snapshot policy 250NetBackup virtual IP address 244NetBackup virtual name 245NSS 84NSS lookup order 84SFS for CIFS 154vlan 86
configuring CIFSNT domain mode 159
configuring disksabout 101
configuring locally saved configuration filesabout 288
configuring storage poolsabout 96
coordinatingcluster nodes to work with NTP servers 293
coordinator disksreplacing 113
CPU utilization reportgenerating 316
createsnapshot schedule 140
creatinglocal CIFS group 205local CIFS user 202Master, System Administrator, and Storage
Administrator users 33mirrored file systems 121mirrored-stripe file systems 121simple file systems 121storage pools 99striped file systems 121striped-mirror file systems 121users 33
creating and maintaining file systemsabout 117
creating file systemsabout 120
creating snapshots 134current Ethernet interfaces and states
displaying 65current users
displaying list 33
Ddebugging information
retrieving and sending 314decreasing
size of a file system 129default
passwordsresetting Master, System Administrator,
and Storage Administrator users 33delete
snapshot schedule 140deleting
a node from the cluster 45already configured SNMP management
server 233CIFS share 184configured email server 225configured NetBackup media server 243email address from a specified group 225email group 225filter from a specified group 225home directories 200home directory of given user 200local CIFS group 205local CIFS user 202locally saved configuration file 289NFS options 151route entries from routing tables of nodes in
cluster 69severity from a specified group 225syslog server 230users 33vlan 86
destroyI/O fencing 113
destroyinga file system 133storage pools 99
destroying snapshots 134device utilization report
generating 316disabling
AD trusted domains 176
337Index
disabling (continued)creation of home directories 200DNS settings 56FastResync option 127I/O fencing 113LDAP clients
configurations 80NIS clients 82NTLM 175NTP server 293quota limits used by snapshots 134support user account 36
disk listsabout 105
disksadding 103removing 103
displayFTP server 208
displayingall the IP addresses for cluster 60command history 37current Ethernet interfaces and states 65current list of SNMP management servers 233current version 307DMP I/O policy 299DNS settings 56events 231existing email groups or details 225exported file systems 144file systems that can be exported 93files moved by running a policy 280home directory usage information 199information for all disk devices for nodes in a
cluster 106LDAP client configurations 80LDAP configured settings 75list of current users 33list of DST file systems 274list of nodes in a cluster 40list of syslog servers 230local CIFS group 205local CIFS user 202NDMP backup method 257NDMP failure resilient data 257NDMP masquerade as EMC 257NDMP overwrite data 257NDMP recursive restore data 257NDMP restore DST data 257
displaying (continued)NDMP send history data 257NDMP update dumpdates data 257NDMP use snapshot data 257NDMP variables 255NetBackup configurations 260network configuration and statistics 51NFS daemons 299NFS statistics 92ninodes cache size 299NIS-related commands 82node-specific network traffic details 326NSS configuration 84option tunefstab 299policy of each tiered file system 275routing tables of the nodes in the cluster 69schedules for all tiered file systems 279share properties 184snapshot quotes 134snapshots that can be exported 93status of backup services 260status of the NTP server 293system date and time 285system statistics 294tier location of a specified file 274time interval or number of duplicate events for
notifications 236values of the configured SNMP notifications 233values of the configured syslog server 230vlan 86
DMP I/O policychanging 299displaying 299resetting 299
DNSabout 54domain names
clearing 56name servers
clearing 56specifying 56
settingsdisabling 56displaying 56enabling 56
domainsetting 181setting user name 181
Index338
domain controllersetting 181
domain namefor the DNS server
setting 56domain settings
changing 163domain user
NT domain mode 160DUD driver updates
uninstalling 310
Eemail address
adding to a group 225deleting from a specified group 225
email groupadding 225deleting 225displaying existing and details 225
email serverdeleting the configured email server 225obtaining details for 225setting the details of external 225
enablingDNS settings 56FastResync for a file system 126I/O fencing 113LDAP client configurations 80NIS clients 82NTLM 175NTP server 293quota limits used by snapshots 134support user account 36
enabling quotashome directory file systems 196
Ethernet interfacechanging configuration of 65
Ethernet interfacesbonding 52
event notificationsdisplaying time interval for 236
event reportingsetting events for 236
eventsdisplaying 231
excludingPCI IDs 319
exclusionPCI 317
exportingaudit events in syslog format to a given URL 237configuration settings 289events in syslog format to a given URL 237network traffic details 326SNMP MIB file to a given URL 233
Ffile systems
adding a mirror to 124changing the status of 131checking and repairing 130creating 121decreasing the size of 129destroying 133disabling FastResync option 127displaying exported 144DST
displaying 274enabling FastResync 126increasing the size of 127listing with associated information 120removing a mirror from 124that can be exported
displayed 93unexporting 151
filterabout 222adding to a group 225deleting from a specified group 225
FTPabout 207logupload 219server start 209server status 209server stop 209session show 217session showdetail 217session terminate 217set anonymous login 213set anonymous logon 213set anonymous write 213set non-secure logins 213
FTP serverabout 208display 208
339Index
FTP sessionabout 216
FTP setabout 210
Ggenerating
CPU utilization report 316device utilization report 316
group membershipmanaging 202
Hhistory command
using 37home directories and use quotas
setting up 197home directory file systems
enabling quotas 196setting 195
home directory of given userdeleting 200
home directory usage informationdisplaying 199
hostname or IP addresssetting for LDAP server 75
how to useCommand-Line Interface (CLI) 25
II/O fencing
about 111checking status 113destroy 113disabling 113enabling 113
importingconfiguration settings 289
increaseLUN storage capacity 108
increasingsize of a file system 127
initiating host discovery of LUNs 110installing patches 310
about 308iostat
about 315
IP addressesadding to a cluster 60displaying for the cluster 60modifying 60removing from the cluster 60
IP routingconfiguring 69
LLDAP
before configuring settings 72configuring server settings 73
LDAP password hash algorithmsetting password for 75
LDAP serverclearing configured settings 75disabling client configurations 80displaying client configurations 80displaying configured settings 75enabling client configurations 80setting over SSL 75setting port number 75setting the base distinguished name 75setting the bind distinguished name 75setting the hostname or IP address 75setting the password hash algorithm 75setting the root bind DN 75setting the users, groups, and netgroups base
DN 75leaving AD domain
about 170leaving NT domain
about 163list of DST file systems
displaying 274list of nodes
displaying in a cluster 40listing
all file systems and associated information 120all of the files on the specified tier 273free space for storage pools 99storage pools 99
listing snapshots 134local CIFS group
creating 205deleting 205displaying 205
local CIFS groupsmanaging 204
Index340
local CIFS usercreating 202deleting 202displaying 202
local CIFS user passwordchanging 202
local user and groupsmanaging 201
loggingin to CLI 25
loginTechnical Support 325
loguploadFTP 219
LUN storage capacityincrease 108
LUNsinitiating host discovery 110
Mman pages
how to access 30managing
group membership 202local CIFS groups 204local users and groups 201
managing CIFS sharesabout 183
managing home directoriesabout 194
masquerade as EMC policyconfiguring 250
Master, System Administrator, and StorageAdministrator users
creating 33mirrored file systems
creating 121mirrored tier
adding to a file system 268mirrored-stripe file systems
creating 121mirrored-striped tier
adding to a file system 268modify
snapshot schedule 140modifying
an IP address 60option tunefstab 299policy of a tiered file system 275
modifying (continued)schedule of a tiered file system 279
more commandusing 292
mounting snapshots 134moving disks
from one storage pool to another 103
Nnaming requirements for
adding users 24NDMP backup method
displaying 257NDMP backup method policy
configuring 250NDMP failure resilient data
displaying 257NDMP failure resilient policy
configuring 250NDMP masquerade as EMC
displaying 257NDMP overwrite data
displaying 257NDMP overwrite policy
configuring 250NDMP policies
about 249ndmp policies
restoring 259NDMP recursive restore data
displaying 257NDMP recursive restore policy
configuring 250NDMP restore DST data
displaying 257NDMP restore DST policy
configuring 250NDMP send history data
displaying 257NDMP send history policy
configuring 250NDMP supported configurations
about 247NDMP update dumpdates data
displaying 257NDMP update dumpdates policy
configuring 250NDMP use snapshot data
displaying 257
341Index
NDMP use snapshot policyconfiguring 250
NDMP variablesdisplaying 255
NetBackupconfiguring NetBackup virtual IP address 244configuring virtual name 245displaying configurations 260
NetBackup EMM server. See NetBackup EnterpriseMedia Manager (EMM) server
NetBackup Enterprise Media Manager (EMM) serveradding to work with SFS 243
NetBackup master serverconfiguring to work with SFS 243
NetBackup media serveradding 243deleting 243
networkconfiguration and statistics 51testing connectivity 321
Network Data Management Protocolabout 246
network servicesabout 50
network traffic detailsabout 325exporting 326
NFS daemonschanging 299displaying 299
NFS file sharingabout 143
NFS optionsdeleting 151
NFS serverchecking on the status 90starting 90stopping 90
NFS shareadding 145
NFS statisticsdisplaying 92
ninodes cache sizechanging 299displaying 299
NISabout 81clients
disabling 82
NIS (continued)clients (continued)
enabling 82domain name
setting on all the nodes of cluster 82related commands
displaying 82server name
setting on all the nodes of cluster 82node
adding to the cluster 43–44in a cluster
displaying information for all diskdevices 106
installing SFS software onto 43node-specific network traffic details
displaying 326NSS
configuring 84displaying configuration 84lookup order
configuring 84NT domain mode
configuring CIFS 159domain user 160setting domain 160setting domain controller 160setting security 160starting CIFS server 160
NTLMdisabling 175enabling 175
NTP servercoordinating cluster nodes to work with 293disabling 293displaying the status of 293enabling 293
Oobtaining
details of the configured email server 225option commands
about 296option tunefstab
displaying 299modifying 299
Index342
Ppassword
changing a user's password 33patch level
displaying current versions of 307patches
installing 310synchronizing 310uninstalling 310
PCIexclusion 317
PCI IDsexcluding 319
policiesabout 267
policydisplaying files moved by running 280displaying for each tiered file system 275modifying for a tiered file system 275relocating from a tiered file system 277removing from a tiered file system 275running for a tiered file system 275
preservesnapshot schedule 140
printing WWN information 109privileges
about 23processor activity
accessing 327
Qquota limits
enabling or disabling snapshot 134
Rrebooting
a node or all nodes in cluster 47reconfiguring CIFS service
about 180regions and time zones
setting 285relocating
policy of a tiered file system 277remove
snapshot schedule 140removing
disks 103IP address from the cluster 60
removing (continued)mirror from a file system 124mirror from a tier spanning a specified disk 271mirror from a tier spanning a specified pool 271mirror from a tiered file system 271policy of a tiered file system 275schedule of a tiered file system 279tier from a file system 270
renamingstorage pools 99
replacingcoordinator disks 113
resettingdefault passwords
Master, System Administrator, and StorageAdministrator users 33
DMP I/O policy 299restoring
ndmp policies 259retrieving
debugging information 314retrieving the NDMP data
about 255roles
about 23route entries
deleting from routing tables 69routing tables
of the nodes in the clusterdisplaying 69
runningpolicy of a tiered file system 275
Sschedule
displaying for all tiered file systems 279modifying for a tiered file system 279removing from a tiered file system 279
second tieradding to a file system 268
securitystandalone mode 156
security settingsAD domain mode 171
CIFS server stopped 171change 165
sendingdebugging information 314
343Index
server startFTP 209
server statusFTP 209
server stopFTP 209
services commandabout 321using 323
session showFTP 217
session showdetailFTP 217
session terminateFTP 217
set anonymous loginFTP 213
set anonymous logonFTP 213
set anonymous writeFTP 213
set non-secure loginsFTP 213
settingbase distinguished name for the LDAP server 75bind distinguished name for LDAP server 75details of the external email server 225domain 181domain controller 181domain name for the DNS server 56domain user name 181events for event reporting 236filter of the syslog server 230home directory file systems 195LDAP password hash algorithm 75LDAP server hostname or IP address 75LDAP server over SSL 75LDAP server port number 75LDAP users, groups, and netgroups base DN 75NIS domain name on all the nodes of cluster 82regions and time zones 285root bind DN for the LDAP server 75severity of the syslog server 230SNMP filter notifications 233SNMP severity notifications 233system date and time 285the NIS server name on all the nodes of
cluster 82trusted domains for the Active Directory 176
setting domainAD domain mode 167NT domain mode 160
setting domain controllerAD domain mode 167NT domain mode 160
setting domain userAD domain mode 167
setting NTLMabout 173
setting securityAD domain mode 167NT domain mode 160
setting trusted domainsabout 176
setting uphome directories and use quotas 197
severity levelsabout 222adding to an email group 225
severity notificationssetting 233
SFS cluster and load balancingabout 191
SFS Dynamic Storage Tiering (DST)about 263
SFS softwareinstalling onto a new node 43
sharesplitting 192
share file systemsCIFS and NFS protocols 148, 188
share propertiesdisplaying 184
showsnapshot schedule 140
shutting downnode or all nodes in a cluster 47
snapshot schedulecreate 140delete 140modify 140preserve 140remove 140show 140
snapshot schedulesabout 138
snapshotsabout 133
Index344
snapshots (continued)creating 134destroying 134displaying quotas 134enabling or disabling quota limits 134listing 134mounting 134that can be exported
displayed 93unmounting 134
SNMPfilter notifications
setting 233management server
adding 233deleting configured 233displaying current list of 233
MIB fileexporting to a given URL 233
notificationsdisplaying the values of 233
serversetting severity notifications 233
specified groupdeleting a severity from 225
specifyingDNS name servers 56
splitting a share 192SSL
setting the LDAP server for 75standalone mode
CIFS server status 156CIFS service 156security 156
startingbackup services 260CIFS server 181NFS server 90
starting CIFS serverAD domain mode 167NT domain mode 160
stoppingbackup services 260NFS server 90
storage poolscreating 99destroying 99listing 99listing free space 99
storage pools (continued)moving disks from one to another 103renaming 99
storage provisioning and managementabout 95
storinguser and group accounts in LDAP 179user and group accounts locally 179
storing account informationabout 177
striped file systemscreating 121
striped tieradding to a file system 268
striped-mirror file systemscreating 121
striped-mirror tieradding to a file system 268
support userabout 35
support user accountdisabling 36enabling 36
support user passwordchanging 36
support user statuschecking 36
swap commandusing 295
synchronizing patches 310syslog event logging
about 229syslog format
exporting audit events to a given URL 237exporting events to a given URL 237
syslog serveradding 230deleting 230displaying the list of 230displaying the values of 230setting the filter of 230setting the severity of 230
system date and timedisplaying 285setting 285
system statisticsdisplaying 294
345Index
Ttechnical support
login 325testing
network connectivity 321tier
adding a tier to a file system 271displaying location of a specified file 274listing all of the specified files on 273removing a mirror from 271removing a mirror spanning a specified pool 271removing from a file system 270removing from a tier spanning a specified
disk 271traceroute command
using 328troubleshooting
about 313
Uunexporting
file systems 151uninstalling
DUD driver updates 310patches 310
unmounting snapshots 134user and group accounts in LDAP
storing 179user and group accounts locally
storing 179user roles and privileges
about 23users
adding new 24changing passwords 33creating 33deleting 33
usingAD interface 173history command 37more command 292services command 323swap command 295traceroute command 328
Vviewing
list of locally saved configuration files 289
virtual IP addressconfiguring or changing for NetBackup 244
virtual nameconfiguring for NetBackup 245
vlanadding 86configuring 86deleting 86displaying 86
WWWN information
printing 109
Index346