toasters

toasters@lists.teaparty.net

13513 discussions

node and cluster management network architecture, proxy, port forwarding
by Brian Parent 18 Apr '16

18 Apr '16

I'm running into some problems with the network layout on our AFF8020 running CDOT 8.2.3. It seems that using a private layer 2 vlan for node management provides the significant benefit of reducing potential attack sources to servers on that private vlan (where such vlan has a small number of hosts, all with lots of access restrictions, none of which run DNS, ntp, SMTP services). I was hoping to use port forwarding from a server in that vlan to enable things like https, DNS, ntp, and smtp, but have not been successful yet. Before I spend too much more time on it, I thought I should check to see whether others have had success with similar network topology. -- Brian Parent Information Technology Services Department IT Infrastructure Operations Group Workplace, Internal, Research, and Educational Platforms (WIRE) team UC San Diego (858) 534-6090

1 1

Netapp CDOT 8.3 and Peerlink software
by Sayla, Mustafa 18 Apr '16

18 Apr '16

Anyone using Peerlink software for File collaboration between offices? We have been using this software to real time sync data from Netapp to a windows server in our remote office. Software worked fine with many years but since January when we migrated our data to CDOT filer and upgrade the peerlink software to a cdot compatible version we have run into issues after issues. Anyone has experience with this software and if not is there another viable option out there for real time sync between netapp and windows server. Mustafa Visit us on the Web at mesirowfinancial.com This communication may contain privileged and/or confidential information. It is intended solely for the use of the addressee. If you are not the intended recipient, you are strictly prohibited from disclosing, copying, distributing or using any of this information. If you received this communication in error, please contact the sender immediately and destroy the material in its entirety, whether electronic or hard copy. Confidential, proprietary or time-sensitive communications should not be transmitted via the Internet, as there can be no assurance of actual or timely delivery, receipt and/or confidentiality. This is not an offer, or solicitation of any offer to buy or sell any security, investment or other product.

3 5

7-mode user account with no password, only ssh
by BERNTSEN Basil 15 Apr '16

15 Apr '16

Hi folks, Is it possible to create a user in 7-mode without specifying a password, or alternatively disallow password logins for a specific user? My goal is to create a user that must use an ssh key to run CLI commands. Cheers! Basil ************************************************************************* This message and any attachments (the "message") are confidential, intended solely for the addressee(s), and may contain legally privileged information. Any unauthorized use or dissemination is prohibited. E-mails are susceptible to alteration. Neither SOCIETE GENERALE nor any of its subsidiaries or affiliates shall be liable for the message if altered, changed or falsified. Please visit http://sgasdisclosure.com for important information regarding SG Americas Securities, LLC (“SGAS”). Please visit http://swapdisclosure.sgcib.com for important information regarding swap transactions with SOCIETE GENERALE. *************************************************************************

3 2

Showmount capability in 8.2.2?
by Robert Clark 13 Apr '16

13 Apr '16

Is anyone aware of a way to check which clients have a particular NFS export mounted, in 8.2.2? I've installed and worked with the showmount command written in python, but it appears to only output the export list. Thanks, [RC]

3 2

Listing NTFS style ACLs from unix client via NFS
by John Adams 13 Apr '16

13 Apr '16

Hello, Simple question here.. If a qtree is using NTFS style permissions, and that same qtree is exported via NFS to a unix client... Is there a way to see the NTFS acl's from that unix client? The usual "ls -l" just shows what looks like mode 777. Maybe an open source tool that could be installed on the unix client or something? Thanks.

5 4

running SAN on NetApp
by Eric Peng 13 Apr '16

13 Apr '16

Folks, Does anyone have experience with running production workloads on FC-based LUNs on NetApp? Am curious to know how performance of hosting virtual machines (including Exchange, database environments) compares to more traditional block-based SANs (EMC, 3Par, Hitachi, etc), since what I've read is that NetApp's LUNs feature still sits on top of WAFL? We have some native FAS NetApps, along with many N-series rebranded NetApps, but all are run in 7-Mode and using NFS connections. Also, how do you all implement data tiering in your NetApp environments? We are currently using IBM SAN (Storwize/V7000) and this has tiering capability. We'd consider moving some SAN workloads to NetApp if we could get as good SAN performance and also address the tiering capability. Thanks, Eric Peng | Enterprise Storage Systems Administrator Esri | 380 New York St. | Redlands, CA 92373 | USA T 909 793 2853 x3567 | M 909 367 1691 epeng(a)esri.com<mailto:epeng@esri.com> | esri.com<http://esri.com/>

6 7

badlock
by Weber, Mark A 12 Apr '16

12 Apr '16

Any NetApp people know if badlock will impact ONTAP? http://badlock.org/ http://www.theregister.co.uk/2016/03/22/badlock_bug/ thanks m

2 2

aix san boot lun - no lun id 0
by Rhodes, Richard L. 11 Apr '16

11 Apr '16

Hi Everyone, We have a AIX server that boots from a NetApp (IBM nSeries) for which we need to upgrade AIX. The AIX Admins want me to allocate a alt_boot lun, which they will make the new boot lun after upgrading. Currently the server has two luns: lun show -m LUN path Mapped to LUN ID Protocol ----------------------------------------------------------------------- /vol/v_rsxxxx_boot/q_rsxxxx_boot/lun0_boot rsxxxx 0 FCP /vol/v_rsxxxx_boot/q_rsxxxx_boot/lun1_boot rsxxxx 1 FCP lun 0 = rootvg boot lun lun 1 = non-rootvg lun with paging space If I create a new lun at id 2, we cut over to it and I delete the old boot vol at id 0, I then have a lun id gap - no lun 0. Is this a problem with NetApp storage? (I know we have problems with EMC VNX storage with LUNZ devices if no lun id at 0.) Rick ----------------------------------------- The information contained in this message is intended only for the personal and confidential use of the recipient(s) named above. If the reader of this message is not the intended recipient or an agent responsible for delivering it to the intended recipient, you are hereby notified that you have received this document in error and that any review, dissemination, distribution, or copying of this message is strictly prohibited. If you have received this communication in error, please notify us immediately, and delete the original message.

4 3

cDOT 8.2: share NFS volume with CIFS too problems
by John Stoffel 01 Apr '16

01 Apr '16

Guys, I'm banging my head on the wall trying to setup an NFS filesystem on a cDOT 8.2 VServer to also be shared using CIFS. I can see the volume and look at it from Windows, but I can't create any files or directories. Just to make sure I'm not smoking anything, here's what I did: > vol create -vserver flsm-fs01 -vol data310 -size 1t -junction-path /data310 -aggr sas1n2 > vol modify -vserver flsm-fs01 -vol data310 -unix-permissions 777 And here's now it looks now: flsm-ntap1::> vol show (volume show) Vserver Volume Aggregate State Type Size Available Used% --------- ------------ ------------ ---------- ---- ---------- ---------- ----- flsm-fs01 data310 sas1n2 online RW 5TB 4.75TB 5% And I can see it just fine with NFS, etc. My unix username is 'stoffj' and my windows username is 'TAEC_IRV1\stoffj' so it should just map cleanly over using the defaults. > cifs show Server Status Domain/Workgroup Authentication Vserver Name Admin Name Style ----------- --------------- --------- ---------------- -------------- flsm-fs01 FLSM-FS01 up TAEC_IRV1 domain > cifs share show Vserver Share Path Properties Comment ACL -------------- ------------- ----------------- ---------- -------- ----------- flsm-fs01 data310 /data310 oplocks - Everyone / Full Control browsable changenotify I even setup and looked at the "security trace" stuff to try and figure it out. And it complains that my UNIX security is messed up. I've tried to cut'n'paste this info, but all the tabs keep expanding in wierd ways and cause all kinds of havoc here. Here's an example error: n2 1 User: TAEC_IRV1\stoffj Access is denied by UNIX permissions while creating the directory. Security Style: UNIX permissions Path: /john/dir2/New folder Now the interesting thing is that the path shown looks to be at the level UNDER the CIFS share. But it should be ok, right? Here's my permission settings: flsm-ntap1::> file-directory show -vserver flsm-fs01 -path /data310/john/dir2 (vserver security file-directory show) Vserver: flsm-fs01 File Path: /data310/john/dir2 Security Style: unix Effective Style: unix DOS Attributes: 10 DOS Attributes in Text: ----D--- Expanded Dos Attributes: - Unix User Id: 61255 Unix Group Id: 4901 Unix Mode Bits: 2775 Unix Mode Bits in Text: rwxrwsr-x ACLs: - The mode bits are what we want, so that directories and files inherit their group ownership properly. I haven't setup any local users or groups, nor have I done any mappings, since it supposedly will do that for me. On the Unix side we're using NIS to authenticate, and that seems to be working just fine. Any hints? John

3 4

NetApp SDK for cDOT: any API call fails if a cluster node is not available
by Momonth 31 Mar '16

31 Mar '16

Hi All, We extensively use NetApp API calls to monitor 7Mode filers, and took the same approach for cDOT monitoring. Here is a very unpleasant discovery: 1. Take one node (or more nodes) *offline*, eg power it off for maintenance. 2. Try to run *any* API call against cluster interface and get the following error: OUTPUT: <results reason="RPC: Port mapper failure - RPC: Timed out" status="failed" errno="13001"></results> It effectively makes your cluster wide monitoring useless. Any ideas? Is it a feature or a bug? Cheers, Vladimir

3 9

Jump to page:

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

2001

2000

1999

1998

1997

toasters