Archive for the ‘Netapp’ Category

Upgrade ACP firmware on Netap 6240

Monday, June 20th, 2011

netapp1a> priv set advanced

mount /vol/vol0 of the filer to another host and copy ACP firmware files to etc/acpp_fw/directory.

# ls -al /6240_ntap_1/etc/acpp_fw/
total 10668
drwxrwxrwx 2 root root 4096 Jun 20 17:18 .
drwxr-xr-x 28 root root 4096 Jun 20 17:10 ..
-r–r–r– 1 root root 10886984 Jun 20 17:17 ACP-IOM3.0120.AFW
-r–r–r– 1 root root 128 Jun 20 17:17 ACP-IOM3.0120.AFW.FVF

netapp1a*>
netapp1a*> storage download acp 7a.54.B ### 7a.54.B is disk shelf which I am upgrading with new firmware

Downloading ACP firmware will not disrupt client access during that time.
However, normal ACP recovery capabilities will not be
available while the firmware upgrade is in progress.

Are you sure you want to continue with ACP processor firmware update? y
netapp1a*> Mon Jun 20 17:19:14 EDT [netapp1a: acp.command.sent:info]: Sent firmware download (image: ACP-IOM3.0120.AFW) command to 7a.54.B (192.168.1.71), (disk shelf serial number: SHJ000000002096).
Mon Jun 20 17:19:14 EDT [netapp1a: acp.command.response:info]: Command firmware download to 7a.54.B (192.168.1.71) was successful, (disk shelf serial number: SHJ000000002096).

netapp1a*> storage show acp

Alternate Control Path: Enabled
Ethernet Interface: e0P
ACP Status: Active
ACP IP Address: 192.168.3.130
ACP Domain: 192.168.0.1
ACP Netmask: 255.255.252.0
ACP Connectivity Status: Full Connectivity

Shelf Module Reset Cnt IP Address FW Version Module Type Status
—————– ———— ————— ———— ———— ——-
…..
7a.54.A 000 192.168.2.63 01.20 IOM3 active
7a.54.B 000 192.168.1.71 01.05 IOM3 inactive (upgrading firmware)P firmware can take several minutes
…..

then you’ll see console message: “netapp1a*> netapp1a Mon Jun 20 17:24:49 EDT [netapp1a: acp.upgrade.successful:info]: ACP module 7a.54.B (192.168.1.71) successfully upgraded firmware, (disk shelf serial number: SHJ000000002096).

netapp1a*> storage show acp

Alternate Control Path: Enabled
Ethernet Interface: e0P
ACP Status: Active
ACP IP Address: 192.168.3.130
ACP Domain: 192.168.0.1
ACP Netmask: 255.255.252.0
ACP Connectivity Status: Full Connectivity

Shelf Module Reset Cnt IP Address FW Version Module Type Status
—————– ———— ————— ———— ———— ——-
……
7a.53.B 000 192.168.2.11 01.20 IOM3 active
7a.54.A 000 192.168.2.63 01.20 IOM3 active
7a.54.B 000 192.168.1.71 01.20 IOM3 active
……

netapp1a*> priv set admin

Done.

Enable NFS v4 on Netapp filers

Thursday, February 4th, 2010

If you run: “options nfs” you can see list of tunables related to NFS present in Ontap (I used Ontap 7.3.2), you’ll notice that NFS v4 is off by default

netapp> options nfs
nfs.acache.persistence.enabled on
nfs.assist.queue.limit       40
nfs.export.allow_provisional_access on
nfs.export.auto-update       on
nfs.export.exportfs_comment_on_delete on
nfs.export.harvest.timeout   1800
nfs.export.neg.timeout       3600
nfs.export.pos.timeout       36000
nfs.export.resolve.timeout   6
nfs.hide_snapshot            off
nfs.ipv6.enable              off
nfs.kerberos.enable          off
nfs.locking.check_domain     on
nfs.max_num_aux_groups       32
nfs.mount_rootonly           on
nfs.mountd.trace             off
nfs.netgroup.strict          off
nfs.notify.carryover         on
nfs.ntacl_display_permissive_perms off
nfs.per_client_stats.enable  off
nfs.require_valid_mapped_uid off
nfs.response.trace           off
nfs.response.trigger         60
nfs.tcp.enable               on
nfs.thin_prov.ejuke          off
nfs.udp.enable               on
nfs.udp.xfersize             32768
nfs.v2.df_2gb_lim            off
nfs.v3.enable                on
nfs.v4.acl.enable            off
nfs.v4.enable                off
nfs.v4.id.domain             mydomain.com
nfs.v4.read_delegation       off
nfs.v4.setattr_acl_preserve  off
nfs.v4.write_delegation      off
nfs.webnfs.enable            off
nfs.webnfs.rootdir           XXX
nfs.webnfs.rootdir.set       off

To enable NFS v4 run:
netapp> options nfs.v4.enable on

netapp> options nfs
nfs.acache.persistence.enabled on
nfs.assist.queue.limit       40
nfs.export.allow_provisional_access on
nfs.export.auto-update       on
nfs.export.exportfs_comment_on_delete on
nfs.export.harvest.timeout   1800
nfs.export.neg.timeout       3600
nfs.export.pos.timeout       36000
nfs.export.resolve.timeout   6
nfs.hide_snapshot            off
nfs.ipv6.enable              off
nfs.kerberos.enable          off
nfs.locking.check_domain     on
nfs.max_num_aux_groups       32
nfs.mount_rootonly           on
nfs.mountd.trace             off
nfs.netgroup.strict          off
nfs.notify.carryover         on
nfs.ntacl_display_permissive_perms off
nfs.per_client_stats.enable  off
nfs.require_valid_mapped_uid off
nfs.response.trace           off
nfs.response.trigger         60
nfs.tcp.enable               on
nfs.thin_prov.ejuke          off
nfs.udp.enable               on
nfs.udp.xfersize             32768
nfs.v2.df_2gb_lim            off
nfs.v3.enable                on
nfs.v4.acl.enable            off
nfs.v4.enable                on
nfs.v4.id.domain             mydomain.com
nfs.v4.read_delegation       off
nfs.v4.setattr_acl_preserve  off
nfs.v4.write_delegation      off
nfs.webnfs.enable            off
nfs.webnfs.rootdir           XXX
nfs.webnfs.rootdir.set       off

While you are at it, it is useful to enable stats to be collected on per client basis:

netapp> options nfs.per_client_stats.enable on
netapp> options nfs
nfs.acache.persistence.enabled on
nfs.assist.queue.limit       40
nfs.export.allow_provisional_access on
nfs.export.auto-update       on
nfs.export.exportfs_comment_on_delete on
nfs.export.harvest.timeout   1800
nfs.export.neg.timeout       3600
nfs.export.pos.timeout       36000
nfs.export.resolve.timeout   6
nfs.hide_snapshot            off
nfs.ipv6.enable              off
nfs.kerberos.enable          off
nfs.locking.check_domain     on
nfs.max_num_aux_groups       32
nfs.mount_rootonly           on
nfs.mountd.trace             off
nfs.netgroup.strict          off
nfs.notify.carryover         on
nfs.ntacl_display_permissive_perms off
nfs.per_client_stats.enable  on
nfs.require_valid_mapped_uid off
nfs.response.trace           off
nfs.response.trigger         60
nfs.tcp.enable               on
nfs.thin_prov.ejuke          off
nfs.udp.enable               on
nfs.udp.xfersize             32768
nfs.v2.df_2gb_lim            off
nfs.v3.enable                on
nfs.v4.acl.enable            off
nfs.v4.enable                on
nfs.v4.id.domain             mydomain.com
nfs.v4.read_delegation       off
nfs.v4.setattr_acl_preserve  off
nfs.v4.write_delegation      off
nfs.webnfs.enable            off
nfs.webnfs.rootdir           XXX
nfs.webnfs.rootdir.set       off

As you can see there are many NFS tunables on in Ontap, so you may experiment with them to get better performance, out of whcich nfs.v4.read_delegation and nfs.v4.write delegation  may be interesting to help with the performance. Also don’t forget to mount shares on your client with appropriate mount options to use NFS v4:

Solaris:

# mount -o vers=4 192.168.1.200:/vol/myvol /mnt/myvol

Linux:

# mount -t nfs4 192.168.1.200:/vol/myvol  /mnt/myvol

Some interesting articles on tuning network parameters for faster transfers can be found here http://www.psc.edu/networking/projects/tcptune/ and here http://fasterdata.es.net/TCP-tuning//tcp-wan-perf.pdf. Good overview on NFS and list of client mount options can be found here http://www.troubleshooters.com/linux/nfs.htm

Enable ssh in Netapp’s Ontap

Wednesday, February 3rd, 2010

When connected via console type:

netapp> secureadmin setup ssh
SSH Setup
———
Determining if SSH Setup has already been done before…no

SSH server supports both ssh1.x and ssh2.0 protocols.

SSH server needs two RSA keys to support ssh1.x protocol. The host key is
generated and saved to file /etc/sshd/ssh_host_key during setup. The server
key is re-generated every hour when SSH server is running.

SSH server needs a RSA host key and a DSA host key to support ssh2.0 protocol.
The host keys are generated and saved to /etc/sshd/ssh_host_rsa_key and
/etc/sshd/ssh_host_dsa_key files respectively during setup.

SSH Setup will now ask you for the sizes of the host and server keys.
For ssh1.0 protocol, key sizes must be between 384 and 2048 bits.
For ssh2.0 protocol, key sizes must be between 768 and 2048 bits.
The size of the host and server keys must differ by at least 128 bits.

Please enter the size of server key for ssh1.x protocol [512] :
Please enter the size of host keys for ssh2.0 protocol [768] :

You have specified these parameters:
host key size = 2048 bits
server key size = 512 bits
host key size for ssh2.0 protocol = 768 bits
Is this correct? [yes]

Setup will now generate the host keys. It will take a minute.
After Setup is finished the SSH server will start automatically.

netapp> Wed Feb  3 11:35:51 EST [netapp: secureadmin.ssh.setup.success:info]: SSH setup is done and ssh2 should be enabled. Host keys are stored in /etc/sshd/ssh_host_key, /etc/sshd/ssh_host_rsa_key, and /etc/sshd/ssh_host_dsa_key.

netapp> Wed Feb  3 11:36:14 EST [netapp: openssh.invalid.channel.req:warning]: SSH client (SSH-2.0-OpenSSH_4.3) from 192.168.1.25 sent unsupported channel request (10, env).

To verify that ssh1 has been disabled, run:

netapp> secureadmin status
ssh2    – active
ssh1    – inactive
ssl     – inactive