toasters

toasters@lists.teaparty.net

3 participants
13514 discussions

Question regarding power controls for DS14 shelves in NetApp cabinets
by Sto Rage© 02 Apr '09

02 Apr '09

We recently had a brown out in one of our smaller data center, and when the power came back, the AC units did not kick in on time. The filers came online and promptly heated up, causing over temperature alarms to go off. These NetApp units are in standard NetApp cabinets so the only way (that we know of) to shutdown was to be physically on-site to turnoff the breakers to these cabinets. The question to all toasters is how do you remotely turn off the shelves when you have a situation like this? Most of the heat is generated by the shelves, and we couldn't find a way to shutdown the shelves remotely. Shutting down the heads don't help as the disks are still spinning and generating heat. Do you have remote controlled power outlets for these L6-20 /L6-30 power connectors that these shelves use? Can you recommend some solutions? thanks in advance -Sto Rage

5 6

Multpath for Fedora 4 Appliance
by Rob Borowicz 02 Apr '09

02 Apr '09

Excuse the non-filer related question, but I'm kinda desperate and I know some folks here probably diddled with this one. I work for a company that makes a Network Management appliance based on Fedora 4. Hey it had what they needed when they locked down the LAMP platform 5 years ago, and as the saying goes "it works for us". Next gen product beta's in about 2 weeks and is based on CentOS 5.2... So one of our major customers wants to locate our DB (MySQL) on a SAN fabric and they have purchased Qlogic QLE 2460's for the DB host. We include the drivers in the locked down minimalized Fedora so getting the cards going is as simple as "insert and boot". My question is: The customer (understandably) wants to use dual cards and Multipathing and EMC will laugh at us trying to consider PowerPath. So I'm looking at "device-mapper-multipath". Anybody mess with this ever? I'm just beginning my research, and as a wild stab I found an OLD version of the device-mapper package (0.4.4-2.3) and the Sysfsutils (1.1.0-1) that it needed and installed it on a lab version of our product. So at least the package would install. Now to try and get it working. The customer has the luxury of a lab instance of our set up and might be willing to take a stab at this with me if it'll come within100 yards of working at all reliably. I'd love to hear any comments of folks who've run this in the past or currently use Multipath in a Red Hat derivative. Thanks in advance! -Bob B.

2 1

Throttling
by David.Ashton＠rullion.co.uk 31 Mar '09

31 Mar '09

Hi Toasters We run our snapmirrors overnight mostly, to a DR site which just happens to be a working office. Sometimes they're still running in the morning, and they eat all the bandwidth. We throttle them in the snapmirror management. We do this manually and its a pain and sometime we forget etc. What I'd like to do is (probably) script and schedule some SSH commands to set the bandwidth throttle on the volumes so that they are restricted during working hours, but open out of hours. Is there a global method of doing this, or do I have configure each of my snapmirror vols separately? Also, never actually scripted SSH before, I cant find any decent pointers, is this a regular thing to do with filers? Thanks Dave Ashton ********************************************************************** The information contained in this e-mail and any attachments are intended for the named recipient(s) only. It may also be privileged and confidential. If you are not an intended recipient, you must take no action as a result of receiving it, including, but not limited to copying, distributing and amending it. If this communication has been sent to you in error, please contact us immediately and do not show the communication to any other party. Rullion shall have no liability whatsoever in respect of the content of the communication and makes no warranty as to accuracy. Any views or opinions presented are solely those of the author. Viruses:- Although we have taken steps to ensure that this e-mail and attachments are free from viruses, we advise that in keeping with good computing practice, the recipient should ensure they are actually virus free. ********************************************************************** ________________________________________________________________________ This e-mail has been scanned for all viruses by Star. The service is powered by MessageLabs. For more information on a proactive anti-virus service working around the clock, around the globe, visit: http://www.star.net.uk ________________________________________________________________________

5 4

Security best practice question
by Stephen C. Losen 30 Mar '09

30 Mar '09

Hello toasters, Our Oracle admins are replacing their old FC SAN storage and are considering going with NetApp and NFS. But they are concerned about security. They are really attracted to flex clone because they would like to instantly replicate a database on a secure, firewalled Oracle server, run a job to sanitize the clone and then serve the sanitized DB from a less secure Oracle server in a DMZ. They are concerned that if the DMZ server were hacked, could it be leveraged to gain unauthorized NFS access, perhaps by hijacking an IP address? I have suggested that they set up two separate private data Ethernets, one for the secure servers and one for the DMZ servers. Use two different address blocks (subnets) and plug the netapp into both networks with two different ethernet ports. That way the netapp would never send data exported to the secure servers out the interface for the DMZ servers. Am I on the right track here? Is this "secure enough"? Is there an easier way? We don't have any Kerberos infrastructure and we can't sacrifice performance, so I think NFSv4 is out. Steve Losen scl(a)virginia.edu phone: 434-924-0640 University of Virginia ITC Unix Support

3 2

ESX utilty problem
by steve klise 27 Mar '09

27 Mar '09

I have an ESX 3.5 release 2 5 ESX servers in HA, DRS, etc 1 HA 3070 (filer1 filer2) 1 HA 6030 (filer3 filer4) For naming purposes, filers are called filer1, 2, etc with my favorite password all head have the same password The utilty runs, excpet for what is noted below: I have Datastores from 2 filers that are part of 2 different Netapp clusters. FIler1 (from the 3070) and Filer 3 (from the 6030). WHen I run the -- secure --access I get this.. [root@ESXSERVER netapp_esx_host_utilities_5_0R2]# /opt/netapp/santools/config_hba --configure --secure --access filer1:ilovemyfilers --access filer2:ilovemyfilers --access FILER3:ilovemyfilers --access filer4:ilovemyfilers Secure connection enabled Checking for installed HBAs.......................................DONE Verifying firewall ports are open.................................DONE Determining NetApp storage systems OS versions....................FAILED Setting HBA timeout setting for qla2300_707_vmw...................DONE Updating BOOT RAM disk............................................DONE For the HBA settings to take effect, please Reboot now. WARNING: The script was unable to determine the OS version of the following NetApp storage system(s). The script could not determine the correct settings for your configuration. One possible cause is SSL might not be configured properly. Please login to your NetApp storage controller and run 'secureadmin setup ssl'. Once you have verified SSL is configured properly, run the following commands to ensure the correct settings are being used: /opt/netapp/santools/config_hba --configure --secure --access <controller>:<password> Any help is greatly appreciated. -- View this message in context: http://www.nabble.com/ESX-utilty-problem-tp22709305p22709305.html Sent from the Network Appliance - Toasters mailing list archive at Nabble.com.

3 3

Re: Question regarding power controls for DS14 shelves in NetApp cabinets
by Sto Rage© 27 Mar '09

27 Mar '09

On Fri, Mar 27, 2009 at 11:17 AM, Young, Darren <darren.young(a)chicagobooth.edu> wrote: > Do you have L6's from the shelves themselves? > The L6 connections are for the cabinets themselves and are connected to a large UPS that powers the entire data center. So what I am hearing from you guys is to install an IP addressable power outlets for these L6 connectors. I haven't seen any that do this for L6 out lets. I think NetApp should look at providing IP addressable PDU within their cabinets. -Sto Rage

2 1

Re: Security best practice question
by Fox, Adam 27 Mar '09

27 Mar '09

Sounds like a solid plan. Plus since ONTAP-NFS sees the clone as a separate volume you only need to export the clone to the less secure network. If you really want to split it security-wise, you could implement multistore and assign the clone to a vfiler which is managed administratively like a separate box and gives you an even bigger firewall. I think that may be overkill, but it's there if you want it. -- Adam Fox ------------------------ Typed with my thumbs on a very small keyboard. ----- Original Message ----- From: Stephen C. Losen <scl(a)sasha.acc.virginia.edu> To: toasters(a)mathworks.com <toasters(a)mathworks.com> Sent: Fri Mar 27 10:04:56 2009 Subject: Security best practice question Hello toasters, Our Oracle admins are replacing their old FC SAN storage and are considering going with NetApp and NFS. But they are concerned about security. They are really attracted to flex clone because they would like to instantly replicate a database on a secure, firewalled Oracle server, run a job to sanitize the clone and then serve the sanitized DB from a less secure Oracle server in a DMZ. They are concerned that if the DMZ server were hacked, could it be leveraged to gain unauthorized NFS access, perhaps by hijacking an IP address? I have suggested that they set up two separate private data Ethernets, one for the secure servers and one for the DMZ servers. Use two different address blocks (subnets) and plug the netapp into both networks with two different ethernet ports. That way the netapp would never send data exported to the secure servers out the interface for the DMZ servers. Am I on the right track here? Is this "secure enough"? Is there an easier way? We don't have any Kerberos infrastructure and we can't sacrifice performance, so I think NFSv4 is out. Steve Losen scl(a)virginia.edu phone: 434-924-0640 University of Virginia ITC Unix Support

2 1

OSSV & Hyper-V?
by Nicholas Bernstein 20 Mar '09

20 Mar '09

Hi all, I was wondering if anyone knew of a solution similar to OSSV for vmware for hyper-v. I know, it's a long shot, but I've got a student asking about it. I couldn't find anything about an ossv solution for it. Anyone know of something on its way? Thanks! Nick

3 2

Running a snapmirror over an stunnel
by George T Chen 20 Mar '09

20 Mar '09

Has anyone been able to get a snapmirror running across an stunnel, and have it run at normal speeds (10, 20, 30 MB/s)? I can get it functional, but the speeds I'm getting are in the 40KB/s range.

1 0

FCP Partner Path Misconfigured - Host I/O access through a non-primary and non-optimal path was detected.
by Linux Admin 18 Mar '09

18 Mar '09

Hello Toasters. I am receiving the following message from auto support: FCP Partner Path Misconfigured - Host I/O access through a non-primary and non-optimal path was detected. I have a single cluster acting in single fabric mode and it is wired up in the following way. Each host has an i-group on each node of the cluster for. Each of the netapp node is connected to sw1 and sw2 and hosts also has a path to sw1 and sw2. Why would the host access luns on N2 via partner node N1 --------------- --------------- { n1 } { n2 } | \ / | | \ / | | \ / | | \ / | --------------- --------------- { s1 } { s2 } \ / \ / --------------- { host }

6 9

Jump to page:

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

2001

2000

1999

1998

1997

toasters