Ontap 8 Sysadmin

Data ONTAP 8.
0 Cluster-Mode System Administration Guide
NetApp, Inc. 495 East Java Drive Sunnyvale, CA 94089 U.S.A. Telephone: +1 (408) 822-6000 Fax: +1 (408) 822-4501 Support telephone: +1 (888) 4-NETAPP Documentation comments: doccomments@netapp.com Information Web: http://www.netapp.com Part number: 215-05508_A0 Updated for Data ONTAP 8.0.1 on 13 January 2011
Table of Contents | 3
Contents
Copyright information ............................................................................... 11 Trademark information ............................................................................. 13 About this guide .......................................................................................... 15
Audience .................................................................................................................... 15 Terminology .............................................................................................................. 15 Where to enter commands ......................................................................................... 16 Keyboard and formatting conventions ...................................................................... 17 Special messages ....................................................................................................... 18 How to send your comments ..................................................................................... 18
How to access the storage system .............................................................. 19

Using the serial port to access the storage system .................................................... 19 Using SSH to access the storage system ................................................................... 19 Limit the number of concurrent SSH connections to 50 or less .................... 20 Using the remote management device to access the system console ........................ 21
What the management interface is ........................................................... 23

Command availability ............................................................................................... 23 Different shells that are available .............................................................................. 24 Types of privilege levels ........................................................................................... 24 The diagnostic account and the systemshell ............................................................. 24
Management interface basics .................................................................... 27

How to use the command-line interface .................................................................... 27 How to navigate CLI command directories .................................................. 27 How to specify values in the CLI .................................................................. 28 How to reissue CLI commands ..................................................................... 29 Keyboard shortcuts to edit CLI commands ................................................... 29 Setting the privilege level in the CLI ............................................................ 30 Setting display preferences in the CLI .......................................................... 31 How to access the Web interface .............................................................................. 31 How to navigate the Web interface ............................................................... 32 Setting the privilege level in the Web interface ............................................ 33 How to use queries, patterns, and wildcards ............................................................. 33 How to use extended queries ......................................................................... 34
4 | Data ONTAP 8.0 Cluster-Mode System Administration Guide Exiting the management interface ............................................................................. 35
What you need to know about the root volume ....................................... 37 What a cluster is ......................................................................................... 39
About the cluster management server ....................................................................... 40 Managing a cluster .................................................................................................... 40 Creating a cluster ....................................................................................................... 41 Displaying cluster status ............................................................................................ 42 Adding a node to an existing cluster ......................................................................... 43 Removing a node from a cluster ............................................................................... 43 Quorum in clusters .................................................................................................... 44 Cluster replication rings ............................................................................................ 45 Displaying cluster ring-replication status ...................................................... 45 Adding epsilon to a node ........................................................................................... 46 Marking a node's ability to participate in its cluster ................................................. 47 Configuring high availability in a two-node cluster .................................................. 47 Displaying high-availability status for a two-node cluster ............................ 48 Renaming a cluster .................................................................................................... 48 Displaying global attributes of a cluster .................................................................... 48
Security management ................................................................................. 51

How to manage audit settings ................................................................................... 51 Modifying audit settings ................................................................................ 51 Displaying audit settings ............................................................................... 52 How to enable or disable the Web interface ............................................................. 53 Enabling or disabling the Web interface ....................................................... 53 Displaying the state of the Web interface ..................................................... 54 How to manage login methods .................................................................................. 54 Creating a login method ................................................................................ 54 Displaying information about a login method ............................................... 55 Modifying a login method ............................................................................. 56 Deleting a login method ................................................................................ 57 How to manage user accounts ................................................................................... 58 Resetting a user password ............................................................................. 58 Locking a user account .................................................................................. 59 Unlocking a user account .............................................................................. 59 How to manage the access-control roles ................................................................... 60 Creating an access-control role ..................................................................... 60
Table of Contents | 5 Displaying information about an access-control role .................................... 62 Modifying an access-control role .................................................................. 63 Deleting an access-control role ..................................................................... 63 Modifying an access-control role configuration ........................................... 64 Displaying information about an access-control role configuration ............. 65 How to manage public key authentication ................................................................ 66 Associating a public key with a user account ............................................... 67 Loading a public key from a URI and associating it with a user .................. 68 Displaying information about public keys .................................................... 68 Modifying the public key associated with an user ........................................ 70 Deleting a public key associated with a user ................................................. 71 Displaying information about SNMP users .............................................................. 71
Local system management ......................................................................... 73

Displaying information about a node ........................................................................ 73 Setting node attributes ............................................................................................... 74 Renaming a node ....................................................................................................... 75 Setting the time zone, date, and time on a node ........................................................ 75 Displaying a node's time zone, date, and time settings ................................. 76 Restarting a node ....................................................................................................... 76 Shutting down a node ................................................................................................ 77
Software image management .................................................................... 79

Running the setup configuration wizard ................................................................... 79 Displaying information about software images ........................................................ 80 Setting the default software image ............................................................................ 81 Updating a software image ........................................................................................ 81 Displaying the progress of a software-image update .................................... 82 Performing a fresh software installation ................................................................... 83 Downloading new system firmware .......................................................................... 83
Feature license management ..................................................................... 85

Adding a feature license ............................................................................................ 85 Displaying feature licenses ........................................................................................ 86 Deleting a feature license .......................................................................................... 86
System services management .................................................................... 87

DNS management ..................................................................................................... 87 Enabling and configuring DNS ..................................................................... 87 Displaying information about DNS configurations ...................................... 88
6 | Data ONTAP 8.0 Cluster-Mode System Administration Guide Hosts table management ................................................................................ 89 Firewall service management .................................................................................... 91 Enabling and configuring the firewall service .............................................. 91 Displaying firewall configuration ................................................................. 92 Creating a firewall policy .............................................................................. 92 Modifying a firewall policy ........................................................................... 92 Displaying information about firewall policies ............................................. 93 Deleting a firewall policy .............................................................................. 93 NDMP management .................................................................................................. 94 Enabling and configuring NDMP ................................................................. 94 Displaying NDMP configuration information .............................................. 94 NTP management ...................................................................................................... 95 Enabling NTP ................................................................................................ 95 Displaying NTP status ................................................................................... 96 Associating a node with an NTP server ........................................................ 96 Modifying the attributes of an NTP server .................................................... 97 Displaying information about NTP servers ................................................... 97 Dissociating a node from an NTP server ...................................................... 98
Command-line interface session record management ............................ 99

Recording a command-line interface session ............................................................ 99 Uploading a record of a command-line interface session ....................................... 100 Displaying information about records of command-line interface sessions ........... 100 Deleting records of command-line interface sessions ............................................. 100
How to use dashboards ............................................................................ 103

Displaying the alarm dashboard .............................................................................. 103 Modifying alarm thresholds ........................................................................ 104 Displaying the virtual server health dashboard ....................................................... 104 Displaying the performance dashboard ................................................................... 106 Displaying the storage dashboard ........................................................................... 107
What ClusterView is ................................................................................ 109

System requirements ............................................................................................... 109 Accessing ClusterView ........................................................................................... 110
Node statistics ........................................................................................... 111

Viewing statistics settings ....................................................................................... 111 Modifying statistics settings .................................................................................... 112 Viewing statistics .................................................................................................... 112
Table of Contents | 7 Viewing periodic statistics ...................................................................................... 115 Viewing the size of requests per protocol ............................................................... 116 How to display CIFS statistics ................................................................................ 118 Displaying statistics about CIFS usage ....................................................... 118 Displaying the current statistics for CIFS service ....................................... 122 Displaying the highest statistics for CIFS service ....................................... 123 Displaying the statistics about CIFS Microsoft remote procedure calls (RPCs) ................................................................................................... 124 Displaying the total CIFS command count ................................................. 126 Displaying statistics about CIFS sessions ................................................... 127 Displaying statistics about CIFS nameserver usage .................................... 128
Client statistics .......................................................................................... 131

Enabling and configuring client statistics collection ............................................... 131 Displaying client statistics ....................................................................................... 132 Displaying periodic client statistics ......................................................................... 133
AutoSupport management ....................................................................... 137

AutoSupport transport protocols ............................................................................. 138 Enabling and configuring AutoSupport .................................................................. 139 Options for configuring AutoSupport ..................................................................... 139 Displaying AutoSupport settings ............................................................................ 142 Sending a test AutoSupport message ...................................................................... 143 AutoSupport messages ............................................................................................ 143 Getting AutoSupport message descriptions ................................................ 144 Contents of AutoSupport messages ............................................................. 144
Hardware component monitoring and management ............................ 145

Displaying information about tape drives ............................................................... 145 Displaying information about tape libraries ............................................................ 146 Displaying environmental information ................................................................... 147
Core dump management .......................................................................... 149

Configuring core dump attributes ........................................................................... 149 Displaying the core-dump configuration ................................................................. 150 Displaying information about core dumps .............................................................. 150 Saving a core dump ................................................................................................. 151 Saving all core dumps on a node ............................................................................. 152 Uploading core dumps ............................................................................................ 152 Displaying core-dump status ................................................................................... 153
8 | Data ONTAP 8.0 Cluster-Mode System Administration Guide Deleting a core dump .............................................................................................. 154 Deleting all core dumps from a node ...................................................................... 154
CLI timeout management ........................................................................ 155

Modifying the CLI timeout value ............................................................................ 155 Displaying the CLI timeout value ........................................................................... 155
Job and schedule management ................................................................ 157

Displaying information about jobs .......................................................................... 158 Displaying information about jobs on a per-node basis .............................. 158 Displaying information about cluster-affiliated jobs .................................. 159 Displaying information about completed jobs ............................................ 159 Displaying information about job progress ................................................. 160 Displaying information about jobs that are waiting on other jobs .............. 160 Displaying information about job history ............................................................... 160 Displaying information about jobs on a per-node basis .............................. 161 Displaying information about jobs on a reverse per-node basis ................. 162 Monitoring a job's progress ..................................................................................... 162 Pausing a job ........................................................................................................... 163 Resuming a paused job ................................................................................ 163 Stopping a job .......................................................................................................... 163 Deleting a job .......................................................................................................... 164 Deleting a job that is owned by an unavailable node .................................. 164 Reclaiming a cluster-affiliated job .......................................................................... 164 Private jobs management ........................................................................................ 165 Displaying information about completed private jobs ................................ 165 Displaying information about the progress of private jobs ......................... 166 Displaying information about private jobs that are waiting on other jobs . . 166 Monitoring a private job's progress ............................................................. 166 Pausing a private job ................................................................................... 167 Stopping a private job ................................................................................. 167 Deleting a private job .................................................................................. 168 Creating a cron schedule ......................................................................................... 168 Displaying information about cron schedules ............................................. 169 Modifying a cron schedule .......................................................................... 170 Deleting a cron schedule ............................................................................. 171 Creating an interval schedule .................................................................................. 171 Displaying information about interval schedules ........................................ 172
Table of Contents | 9
Modifying an interval schedule ................................................................... 172 Deleting an interval schedule ...................................................................... 173 Displaying information about all schedules ............................................................ 173 Deleting a cron or interval schedule ........................................................................ 174
Event management ................................................................................... 175

Creating an event destination .................................................................................. 176 Displaying information about event destinations ........................................ 176 Modifying an event destination ................................................................... 177 Deleting an event destination ...................................................................... 177 Modifying an event route ........................................................................................ 177 Adding destinations to event routes ............................................................ 178 Removing destinations from event routes ................................................... 179 Displaying information about event routes ................................................. 179 Displaying the event log .......................................................................................... 180 Displaying the configuration for event notification and logging ............................ 181 Modifying the configuration for event notification and logging ................. 182 Displaying information about event occurrences .................................................... 183 Displaying mail-history records .............................................................................. 184 Deleting a mail-history record ..................................................................... 185 Displaying SNMP trap-history records ................................................................... 185 Deleting an SNMP trap-history record ........................................................ 186 System administration commands that are available in the nodeshell .................... 186 Nodeshell system administration commands .............................................. 186
Copyright information | 11
Copyright information
Copyright 19942011 NetApp, Inc. All rights reserved. Printed in the U.S.A. No part of this document covered by copyright may be reproduced in any form or by any means graphic, electronic, or mechanical, including photocopying, recording, taping, or storage in an electronic retrieval systemwithout prior written permission of the copyright owner. Software derived from copyrighted NetApp material is subject to the following license and disclaimer: THIS SOFTWARE IS PROVIDED BY NETAPP "AS IS" AND WITHOUT ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE, WHICH ARE HEREBY DISCLAIMED. IN NO EVENT SHALL NETAPP BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. NetApp reserves the right to change any products described herein at any time, and without notice. NetApp assumes no responsibility or liability arising from the use of products described herein, except as expressly agreed to in writing by NetApp. The use or purchase of this product does not convey a license under any patent rights, trademark rights, or any other intellectual property rights of NetApp. The product described in this manual may be protected by one or more U.S.A. patents, foreign patents, or pending applications. RESTRICTED RIGHTS LEGEND: Use, duplication, or disclosure by the government is subject to restrictions as set forth in subparagraph (c)(1)(ii) of the Rights in Technical Data and Computer Software clause at DFARS 252.277-7103 (October 1988) and FAR 52-227-19 (June 1987).
Trademark information | 13
Trademark information
All applicable trademark attribution is listed here. NetApp, the NetApp logo, Network Appliance, the Network Appliance logo, ApplianceWatch, ASUP, AutoSupport, Bycast, Campaign Express, ComplianceClock, Cryptainer, CryptoShred, Data ONTAP, DataFabric, DataFort, Decru, Decru DataFort, FAServer, FilerView, FlexCache, FlexClone, FlexScale, FlexShare, FlexSuite, FlexVol, FPolicy, GetSuccessful, gFiler, Go further, faster, Imagine Virtually Anything, Lifetime Key Management, LockVault, Manage ONTAP, MetroCluster, MultiStore, NearStore, NetCache, NOW (NetApp on the Web), ONTAPI, OpenKey, RAID-DP, SANscreen, SecureAdmin, SecureShare, Select, Shadow Tape, Simulate ONTAP, SnapCopy, SnapDirector, SnapDrive, SnapFilter, SnapLock, SnapManager, SnapMigrator, SnapMirror, SnapMover, SnapRestore, Snapshot, SnapSuite, SnapValidator, SnapVault, StorageGRID, StoreVault, the StoreVault logo, SyncMirror, Tech OnTap, The evolution of storage, Topio, vFiler, VFM, Virtual File Manager, WAFL, and Web Filer are trademarks or registered trademarks of NetApp, Inc. in the United States, other countries, or both. IBM, the IBM logo, and ibm.com are trademarks or registered trademarks of International Business Machines Corporation in the United States, other countries, or both. A complete and current list of other IBM trademarks is available on the Web at www.ibm.com/legal/copytrade.shtml. Apple is a registered trademark and QuickTime is a trademark of Apple, Inc. in the U.S.A. and/or other countries. Microsoft is a registered trademark and Windows Media is a trademark of Microsoft Corporation in the U.S.A. and/or other countries. RealAudio, RealNetworks, RealPlayer, RealSystem, RealText, and RealVideo are registered trademarks and RealMedia, RealProxy, and SureStream are trademarks of RealNetworks, Inc. in the U.S.A. and/or other countries. All other brands or products are trademarks or registered trademarks of their respective holders and should be treated as such. NetApp, Inc. is a licensee of the CompactFlash and CF Logo trademarks. NetApp, Inc. NetCache is certified RealSystem compatible.
About this guide | 15
About this guide

You can use your product more effectively when you understand this document's intended audience and the conventions that this document uses to present information. This document describes how to configure, operate, and manage storage systems that run Data ONTAP software.
Note: This guide applies to systems running Data ONTAP 8.x Cluster-Mode, including V-Series systems. If you are a Data ONTAP 8.x 7-Mode user, you must use the Data ONTAP 8.x 7-Mode guides. Next topics
Audience on page 15 Terminology on page 15 Where to enter commands on page 16 Keyboard and formatting conventions on page 17 Special messages on page 18 How to send your comments on page 18
Audience
This document is written with certain assumptions about your technical knowledge and experience. This document is for storage administrators who need to configure and maintain a storage system running Data ONTAP 8 Cluster-Mode. It assumes that you are familiar with UNIX commands.
Terminology
To understand the concepts in this document, you might need to know how certain terms are used. Storage terms array LUN The storage that third-party storage arrays provide to storage systems running Data ONTAP software. One array LUN is the equivalent of one disk on a native disk shelf.
LUN (logical unit A logical unit of storage identified by a number. number) native disk A disk that is sold as local storage for storage systems that run Data ONTAP software.
16 | Data ONTAP 8.0 Cluster-Mode System Administration Guide
native disk shelf
A disk shelf that is sold as local storage for storage systems that run Data ONTAP software.
storage controller The component of a storage system that runs the Data ONTAP operating system and controls its disk subsystem. Storage controllers are also sometimes called controllers, storage appliances, appliances, storage engines, heads, CPU modules, or controller modules. storage system The hardware device running Data ONTAP that receives data from and sends data to native disk shelves, third-party storage, or both. Storage systems that run Data ONTAP are sometimes referred to as filers, appliances, storage appliances, V-Series systems, or systems. The back-end storage arrays, such as IBM, Hitachi Data Systems, and HP, that provide storage for storage systems running Data ONTAP.
third-party storage
Cluster and high-availability terms cluster In Data ONTAP 8.x Cluster-Mode, a group of connected nodes (storage systems) that share a global namespace and that you can manage as a single virtual server or multiple virtual servers, providing performance, reliability, and scalability benefits. In the Data ONTAP 7.1 release family and earlier releases, a pair of storage systems (sometimes called nodes) configured to serve data for each other if one of the two systems stops functioning.
HA (high availability) HA pair
In Data ONTAP 8.x, the recovery capability provided by a pair of nodes (storage systems), called an HA pair, that are configured to serve data for each other if one of the two nodes stops functioning. In Data ONTAP 8.x, a pair of nodes (storage systems) configured to serve data for each other if one of the two nodes stops functioning. In the Data ONTAP 7.3 and 7.2 release families, this functionality is referred to as an active/active configuration.
Where to enter commands

You can use your product more effectively when you understand how this document uses command conventions to present information. You can perform common administrator tasks in one or more of the following ways: You can enter commands either at the system console or from any client computer that can obtain access to the storage system using a Telnet or Secure Shell (SSH) session. In examples that illustrate command execution, the command syntax and output shown might differ from what you enter or see displayed, depending on your version of the operating system.
About this guide | 17 You can use the Element Manager graphical user interface. You can enter Windows, ESX, HP-UX, AIX, Linux, and Solaris commands at the applicable client console. In examples that illustrate command execution, the command syntax and output shown might differ from what you enter or see displayed, depending on your version of the operating system. You can use the client graphical user interface. Your product documentation provides details about how to use the graphical user interface. You can enter commands either at the switch console or from any client that can obtain access to the switch using a Telnet session. In examples that illustrate command execution, the command syntax and output shown might differ from what you enter or see displayed, depending on your version of the operating system.
Keyboard and formatting conventions

You can use your product more effectively when you understand how this document uses keyboard and formatting conventions to present information. Keyboard conventions Convention What it means
The NOW site Refers to the NetApp Support site at now.netapp.com.
Enter, enter
Used to refer to the key that generates a carriage return; the key is named Return on some keyboards. Used to mean pressing one or more keys on the keyboard and then pressing the Enter key, or clicking in a field in a graphical interface and then typing information into the field.
hyphen (-) type
Used to separate individual keys. For example, Ctrl-D means holding down the Ctrl key while pressing the D key. Used to mean pressing one or more keys on the keyboard.
18 | Data ONTAP 8.0 Cluster-Mode System Administration Guide Formatting conventions Convention What it means Words or characters that require special attention. Placeholders for information that you must supply. For example, if the guide says to enter the arp -d hostname command, you enter the characters "arp -d" followed by the actual name of the host. Book titles in cross-references. Command names, option names, keywords, and daemon names. Information displayed on the system console or other computer monitors. Contents of files. File, path, and directory names.
Italic font
Monospaced font
Bold monospaced Words or characters you type. What you type is always shown in lowercase
font
letters, unless your program is case-sensitive and uppercase letters are necessary for it to work properly.
Special messages
This document might contain the following types of messages to alert you to conditions that you need to be aware of.
Note: A note contains important information that helps you install or operate the system
efficiently.
Attention: An attention notice contains instructions that you must follow to avoid a system crash,
loss of data, or damage to the equipment.
How to send your comments

You can help us to improve the quality of our documentation by sending us your feedback. Your feedback is important in helping us to provide the most accurate and high-quality information. If you have suggestions for improving this document, send us your comments by e-mail to doccomments@netapp.com. To help us direct your comments to the correct division, include in the subject line the name of your product and the applicable operating system. For example, FAS6070 Data ONTAP 7.3, or Host UtilitiesSolaris, or Operations Manager 3.8Windows.
How to access the storage system | 19
How to access the storage system

You can access the storage system by using the serial console, by issuing SSH requests from a UNIX client, or by using the remote management device.
Next topics
Using the serial port to access the storage system on page 19 Using SSH to access the storage system on page 19 Using the remote management device to access the system console on page 21
Using the serial port to access the storage system

You can access a storage system directly from a console that is attached by a cable to the system's serial port.
Steps
1. At the console, press Enter. The storage system responds with the login or password prompt. 2. If the storage system displays the login prompt, do one of the following: To access the storage system with the system account, enter the following account name:
admin
To access the storage system with an alternative administrative user account, enter the following:
username username is the administrative user account.
The storage system responds with the password prompt. 3. Enter the password for the admin or administrative user account, or, if no password is defined, press Enter.
Using SSH to access the storage system

You can issue SSH requests to the storage system to perform administrative tasks .
Before you begin
20 | Data ONTAP 8.0 Cluster-Mode System Administration Guide Data ONTAP provides concurrent SSH administrative sessions. However, you can open only one SSH-interactive session at a time.
Step
1. From a UNIX client, enter the ssh command in one of the following formats:
ssh [-1|-2] username@{IP_addr|hostname} [command]
or
ssh [-1|-2] -l username {IP_addr|hostname} [command]
The option -1 forces SSH to use protocol version 1 only. The option -2 forces SSH to use protocol version 2 only. By default, SSH uses protocol version 2. command is not required for SSH-interactive sessions.
Examples of SSH requests The following examples show how the user named "joe" that has been set up on the storage system named "mysystem" can issue a SSH request:
ssh joe@mysystem version ssh joe@10.72.137.28 version ssh -l joe 10.72.137.28 version ssh -1 joe@mysystem version ssh -2 joe@mysystem version
Limit the number of concurrent SSH connections to 50 or less

Having large numbers of open SSH (Secure Shell) connections to a controller can cause problems. To avoid these problems, limit the number of concurrent open SSH connections to 50 or less. To determine the number of open SSH sessions, enter the following command in csh:
ps -Afww | grep ssh | grep -v tty | wc -l
To manually change the maximum number of SSH sessions permitted, you can edit the /etc/ inetd.conf file. For example, to set the max to 50 you would change the following line in the /etc/ inetd.conf file from:
ssh stream tcp nowait/75/100 root /usr/sbin/sshd sshd -i -4
to
ssh stream tcp nowait/50/100 root /usr/sbin/sshd sshd -i -4
How to access the storage system | 21
Using the remote management device to access the system console

You can access a system console remotely by using the system console redirection feature provided by the remote management device. Depending on your storage system, the remote management device can be the SP, the RLM, or the BMC.
About this task
To log in to the SP or the RLM, you can use the naroot account or a Data ONTAP nodeshell user account with the credentials of the admin role or a role with the login-sp capability. To log into the BMC, you can use the root, naroot, or Administrator account. For more information about the remote management device, see the Data ONTAP 7-Mode System Administration Guide.
Steps
1. From the administration host, log in to the remote management device by entering the following command:
ssh username@IP_for_remote_management_device
The storage system responds by displaying the CLI prompt for the remote management device. 2. Enter the following command at the CLI prompt for the remote management device:
system console
3. If the storage system displays the login prompt, enter an appropriate account name:
If you are using... The system admin account An administrative nodeshell user account Enter the following account name... admin username Note: username is the administrative nodeshell user account.
4. Enter the password for the account, or, if no password is defined, press Enter. The storage system prompt appears. 5. To exit the console, do one of the following. To exit the console redirection session and return to the SP prompt or the RLM prompt, press Ctrl-D.
22 | Data ONTAP 8.0 Cluster-Mode System Administration Guide To exit the console redirection session and return to the BMC prompt, press Ctrl-G.
What the management interface is | 23
What the management interface is

The management interface enables you to administer the storage system. Data ONTAP Cluster-Mode provides two kinds of management interfaces, the command-line interface (CLI) and the Web interface. The CLI provides a command-based mechanism that is similar to the UNIX tcsh shell in that it provides tab completion and advanced queries and UNIX-style patterns and wildcards. The Web interface provides a model with which you can interact by using a Web browser. Regardless of the interface you use (CLI or Web), a set of similar objects is displayed as rows in a table. Each object or row is identified by a set of key values, which occupy the first fields. The rest of the rows are occupied by values of other parameters. Data ONTAP Cluster-Mode commands are organized hierarchically into command sets by directories. Command directories can contain other directories. The commands contained within the directories enable you to manage the components of a Data ONTAP Cluster-Mode storage system.
Next topics
Command availability on page 23 Different shells that are available on page 24 Types of privilege levels on page 24 The diagnostic account and the systemshell on page 24
Command availability
All commands are available in either operational mode or maintenance mode. Operational mode commands are available during normal operation of a Data ONTAP Cluster-Mode storage system, after it has been initialized and configured. Almost all commands are available in operational mode. Maintenance mode commands are available when a Data ONTAP Cluster-Mode storage system is running but has not yet been initialized or configured, or when the system has failed and is not yet fully operational. You can use maintenance-mode commands to initialize and configure a system, and to diagnose and resolve problems. Most maintenance-mode commands are also available in operational mode, but a few commands are available only in maintenance mode.
Different shells that are available

The Data ONTAP Cluster-Mode CLI provides three different shells in which you can execute different commands. The native shell in which you can execute commands is referred to as the clustershell. This is the shell that is started automatically when you log in to a filer. It provides all of the commands you need to configure, manage, monitor, and maintain your cluster. In addition, a special shell exists that enables you to run a subset of 7-Mode commands from the Cluster-Mode. This special shell is called the nodeshell. The standard way to access the nodeshell is by typing the single verb run. However, the full syntax of this command is system node run and it is documented as such in the Data ONTAP Cluster-Mode Administration Reference. For more information about using the nodeshell and which networking, storage, and system administrative commands are supported, see the Data ONTAP Cluster-Mode Administration Reference. The systemshell is a low-level shell used for diagnostic and troubleshooting purposes. The systemshell is not intended for general administrative purposes. Use it only with guidance from technical support. For more information about using the system node systemshell command, see the Data ONTAP Cluster-Mode Administration Reference.
Related concepts
System administration commands that are available in the nodeshell on page 186
Types of privilege levels

Data ONTAP Cluster-Mode commands are classified into three privilege levels: admin, advanced, and diagnostic. adminMost commands fall into this category. These commands are used for routine tasks. advancedCommands in this category are used infrequently, require advanced knowledge to use, and can cause problems if used inappropriately. You should use advanced-level commands and parameters only with the advice of support personnel. diagnosticCommands in this category are potentially disruptive tools that are used only by support personnel to diagnose and fix serious problems. Diagnostic commands are the highest privilege commands available to customers.
The diagnostic account and the systemshell

A diagnostic account, named diag, is provided with your storage system. You can enable the diagnostic account to perform troubleshooting tasks in the systemshell. The diagnostic account and
What the management interface is | 25 the systemshell are intended only for low-level diagnostic purposes and should be used only with guidance from technical support. The diagnostic account is the only account that can be used to access the systemshell, through the advanced command system node systemshell. The diagnostic account is disabled by default. You must enable the account and set up its password before using it. Neither the diagnostic account nor the systemshell is intended for general administrative purposes.
Management interface basics | 27
Management interface basics

To manage a Data ONTAP Cluster-Mode storage system, you need to know about using the CLI and Web interface; about using queries, patterns, and wildcards in commands; about setting the command privilege level; and about exiting the management interface.
Next topics
How to use the command-line interface on page 27 How to access the Web interface on page 31 How to use queries, patterns, and wildcards on page 33 Exiting the management interface on page 35
How to use the command-line interface

The CLI provides a command-based view of the management interface. You enter commands at a command prompt, and command results are displayed in text. You can access the CLI from a terminal that is connected directly to a node's console port, or you can use secure shell (ssh) or Telnet to access a node and use the CLI to interact with the management interface remotely. The CLI's command prompt is represented as node::> in the documentation. On a running Data ONTAP Cluster-Mode storage system, the prompt shows the node name. For example, on a node named hr_data11, the CLI prompt is hr_data11::>.
Next topics
How to navigate CLI command directories on page 27 How to specify values in the CLI on page 28 How to reissue CLI commands on page 29 Keyboard shortcuts to edit CLI commands on page 29 Setting the privilege level in the CLI on page 30 Setting display preferences in the CLI on page 31
How to navigate CLI command directories

Commands in the CLI are organized into a hierarchy by command directories. You can run commands in the hierarchy either by entering the full command path or by navigating through the directory structure. When using the CLI, you can access a command directory by typing the directory's name at the prompt and then pressing Enter. The directory name is then included in the prompt text to indicate that you are interacting with the appropriate command directory. To move deeper into the command
28 | Data ONTAP 8.0 Cluster-Mode System Administration Guide hierarchy, you type the name of a command subdirectory followed by Enter; the subdirectory name is then included in the prompt text and the context shifts to that subdirectory. You can navigate through several command directories by entering the entire command. For example, you can display information about disk drives by entering the storage disk show command at the prompt. You can also run the command by navigating through one command directory at a time, as shown in the following example:
node::> storage node::storage> disk node::storage disk> show
You can abbreviate commands by entering only the minimum number of letters in a command that makes the command unique to the current directory. For example, to abbreviate the previous example, you can enter st d sh. You can use the Tab key to expand abbreviated commands and to display a command's parameters, including default parameter values. You can use the top command to go to the top level of the command hierarchy, and the up command or .. command to go up one level in the command hierarchy.
Note: Commands and command options preceded by an asterisk (*) in the CLI can be executed only at the advanced privilege level or higher.
How to specify values in the CLI

Most commands include one or more required or optional parameters; many parameters require you to specify a value for them. A value can be a number, a Boolean specifier, a selection from an enumerated list of predefined values, or a text string. Some parameters can accept a comma-separated list of two or more values. Comma-separated lists of values do not need to be double quoted. Whenever you specify text, a space, or a query character (when not meant as a query or text starting with a less-than or greaterthan symbol), you must enclose the entity in double quotes. The clustershell CLI interprets a question mark (?) as the command to display help information for a particular command. As a result, when you want a question mark in a command to be interpreted literally, you must type Esc+?. Some text that you enter in the CLI, like command names, parameters, and certain values, is caseinsensitive. For example, when entering parameter values for the vserver cifs commands, capitalization is ignored. However, most parameter values, like the names of nodes, virtual servers, aggregates, volumes, and logical interfaces are case-sensitive. If you want to clear the value of a parameter that takes a text string, you specify an empty set of quotation marks ("") or a dash ("-"). In the following example, a virtual server is created with a text comment. The virtual server is then modified to delete the comment.
node::> vserver create -vserver vs0 -rootvolume root_vs0 -aggregate aggr0 -ns-switch nis -nm-switch file -language en_US -rootvolume-security-style

unix -comment "My virtual server" node::> vserver modify -vserver vs0 -comment ""
How to reissue CLI commands

Each CLI session keeps a history of all commands issued in it. You can view the command history and reissue previous commands by using the history and redo commands, respectively. To view the command history, you can use the history command. To reissue a command, you can use the redo command with one of the following arguments: A string that matches part of a previous command; for example, if the only volume command you have run is volume show, you can use the redo vol command to reexecute the command. The numeric ID of a previous command, as listed by the history; for example, you can use the redo 4 command to reexecute the fourth command in the history list. A negative offset from the end of the history list; for example, you can use the redo -2 command to reexecute the command that you ran two commands ago.
For example, to redo the command that is third from the end of the command history, you enter the following command:
node::> redo -3
Keyboard shortcuts to edit CLI commands

The command at the current command prompt is the current active command. You can edit the command by using the following key combinations. These key combinations are similar to those of the UNIX tcsh shell and the Emacs editor. In the following table, a caret (^) indicates that you must press the Ctrl key with the specified key.
Edit Command ^b ^f â ê ^k Action Move the cursor back one character. Move the cursor forward one character. Move the cursor to the beginning of the line. Move the cursor to the end of the line. Remove the contents of the edit buffer, from the cursor to the end of the line, and save it in the cut buffer. Yank the contents of the cut buffer, pushing it into the edit buffer at the cursor. Move the cursor back one word. Move the cursor forward one word.
^y ESC b ESC f
Edit Command ESC d
Action Cut the contents of the edit buffer, beginning at the cursor and continuing to the end of the following word. Delete the word before the cursor. Delete the character before the cursor. Delete the character before the cursor. Delete the character after the cursor. Replace the current contents of the edit buffer with the previous entry on the history list. For each successive ^p action, the history cursor moves to the previous entry. Replace the current contents of the edit buffer with the next entry on the history buffer. Down history. Up history. Go backward one character. Go forward one character. TTY start output. TTY stop output. Clear the current edit buffer. Escapes a special mapping for the following character. For instance, to enter a question mark into a command's arguments, press ^v, then press ?. Display context-sensitive help.
ESC Backspace ^h Backspace ^d ^p
^n Down arrow Up arrow Back arrow Forward arrow ^q ^s û ^v
Setting the privilege level in the CLI

You can set the privilege level in the CLI by using the set command.
Step
1. To set the privilege level in the CLI, use the set command with the -privilege parameter.
Example
The following example sets the privilege level to advanced and then to admin:
node::> set -privilege advanced Warning: These advanced commands are potentially dangerous; use them only when directed to do so by NetApp personnel.

Do you wish to continue? (y or n): y node::*> set -privilege admin Related concepts
Types of privilege levels on page 24
Setting display preferences in the CLI

You can use the set command and rows command to set CLI display preferences.
Step
1. To set CLI display preferences, use the set command, the rows command, or both. Use the set command with one or more of the following parameters:
-confirmations {on | off}Specifies whether confirmations are issued for
potentially disruptive commands. The default is on. -showallfields {true | false}Specifies whether show commands display all fields by default. The default is false. -showseparator separatorSpecifies an alternative field separator for show commands. The separator can be from one to three characters in length. When using this parameter, specify the separator in double quotation marks. -units {auto | raw | B | KB | MB | GB | TB | PB}Specifies a default data-size unit. The default is auto. Use the rows command to specify the number of rows for the current CLI session. If you are connected to the system through a console connection, the default number of rows is 24. If you are connected to the system through an ssh connection, the number of default rows is determined by the terminal configuration.
Example
For example, to have fields separated by a comma and use GB as the default data-size unit and to set the number of rows to 50, run the following commands:
node::> set -showseparator "," -units GB node::> rows 50
How to access the Web interface

The Web interface provides a browser-based view of the management interface. You select commands from a menu of options, and command results are displayed in tables. You access the Web interface by pointing a supported Web browser to a nodefor example, http:// node1 or http://192.168.12.1. You enter a valid administrative user name and password into the appropriate fields and then click Login.

Note: To access the Web interface through a firewall or by using VPN, port 80 must be available and included in the URL when pointing your Web browser to a nodefor example, http:// node1:80 or http://192.168.12.1:80. Next topics
How to navigate the Web interface on page 32 Setting the privilege level in the Web interface on page 33
How to navigate the Web interface

Commands in the Web interface are organized in the same hierarchy used by the CLI. The left-most pane, also called the navigation pane, of the browser lists the available command directories. Command directories can be expanded to show their commands and subdirectories; you expand directories by clicking the plus sign (+). If a command directory is expanded, a minus sign (-) is displayed in the box to the left of the directory name; you can collapse the directory listing by clicking the minus sign. Clicking a command displays the command's objects or parameters in the right-most pane, also called the action pane, of the browser. You can then perform the following actions: To display a command's current objects and to perform operations on one or more of them, you click manage, then use the table and commands that are displayed in the action pane. To display a list of objects that match specific criteria, you click Query Table. You enter the appropriate values into the fields that you want to query and then click Show Matches. To create a new object, you select Create from the Actions menu, enter the appropriate values, and then click Create Entry.
Note: All of the objects that you can create by using the CLI, you can also create by using the
Web interface. In addition, you can "duplicate" an object in the Web interface. When you duplicate an object, the initial values for the new object are inherited from the existing one. Note that the fields of duplicated object initially include all of the attributes of the original object, including object names and other attributes that might or might not apply to the final duplicated object. Therefore, if you use the "duplicate" option, be sure to change the duplicated object's name and any other attributes that are different from the original object's. To perform an operation on an existing object, you select the appropriate command from the Actions menu and click on the object's name in the table (by default, linked names are displayed in blue text). Specific values for the object are displayed in the action pane. You make the appropriate changes and then click Run Command or the equivalent button to run the command.
The Web interface has links to many of the attributes in a table. You can use these links to navigate to different command directories. For example, if you are viewing the virtual server table, you can click on the link for a virtual server's root volume to go to the volume table. From the volume table, you can click on the root volume's aggregate link to go to the aggregate table. From the aggregate table, you can click on the aggregate's disk link to go to the disk table, which displays the names of the disks on which the aggregate is located.
Setting the privilege level in the Web interface

You can set the privilege level in the Web interface by using the PREFERENCES command.
About this task
See the reference page for the set command for information about setting other preferences.
Steps
1. Click PREFERENCES in the navigation pane. The Web Preferences panel is displayed in the action pane. 2. Select the appropriate privilege level from the Privilege Level menu, then click Apply Changes. 3. If you are setting the privilege level to a level other than admin, a warning page is displayed; click Please Continue to confirm the change.
Related concepts
Types of privilege levels on page 24
How to use queries, patterns, and wildcards

The management interface supports queries and UNIX-style patterns and wildcards to enable you to match multiple values in command-parameter arguments. The query operators in the following table are supported.
Operator * ! Description Wildcard that matches all entries. NOT operator. Indicates a value that is not to be matched; for example, !vs0 indicates not to match the value vs0. OR operator. Separates two values that are to be compared; for example, vs0 | vs2 matches either vs0 or vs2. You can specify multiple OR statements; for instance, a | b* | *c* matches the entry a, any entry that starts with b, and any entry that includes c. Range operator. For example, 5..10 matches any value from 5 to 10, inclusive. Less-than operator. For example, <20 matches any value that is less than 20.
.. <
Operator > <= >= {query}
Description Greater-than operator. For example, >5 matches any value that is greater than 5. Less-than-or-equal-to operator. Greater-than-or-equal-to operator. Extended query.
For example, to display a list of all volumes whose names include the string tmp, you run the command shown in the following example:
node::> volume show -volume *tmp* Note: If you want to parse query characters as literals, you must enclose the characters in double quotes (""). For example, if you are using a query to identify anti-virus policies that contain the characters ^.*$, you must enclose these charaters in double quotes ("^.*$ ") for the correct results to be returned. Related concepts
How to use extended queries on page 34
How to use extended queries

You can use extended queries to match and perform operations on objects that have specified values. Extended queries are specified by enclosing them within curly brackets ({}). An extended query must be specified as the first argument after the command name, before any other parameters. For example, to set offline all volumes whose names include the string tmp, you run the command in the following example:
node::> volume modify {-volume *tmp*} -state offline
Extended queries are generally useful only with modify and delete commands; they have no meaning in create or show commands.
Note: The combination of queries and modify operations is a useful tool; however, it can potentially cause confusion and errors if implemented incorrectly. For example, using the system image modify command to set a node's default software image automatically sets the other software image not to be the default. The command in the following example is effectively a null operation: node::> system image modify {-isdefault true} -isdefault false
This command sets the current default image as the non-default image, then sets the new default image (the previous non-default image) to the non-default image, resulting in the original default settings being retained. To perform the operation correctly, you can use the command in the following example:

node::> system image modify {-iscurrent false} -isdefault true
Exiting the management interface

When you are finished using the current management session, log out to prevent unauthorized access to the management interface.
Step
1. To exit from the management interface, use one of the following methods. To exit from a CLI session, enter the exit command. To exit from a Web-interface session, click LOG OUT.
What you need to know about the root volume | 37
What you need to know about the root volume

The storage system's root volume contains special directories and configuration files that help you administer your storage system. The root volume is installed at the factory on FAS systems and on V-Series systems ordered with disk shelves.
Note: For a V-Series system that does not have a disk shelf, you need to install the root volume on the third-party storage. You must ensure that the root volume has a space guarantee of volume. For more information, see the Data ONTAP Cluster-Mode Software Setup Guide.
The directory name for the root volume is /mroot. The root volume is reserved for system files, log files, and core files. User data is not stored in the root volume. You must not change the preconfigured size for the root volume or modify the content of the root directory, unless technical support instructs you to do so. If you need to modify system configurations, you use Data ONTAP commands to do so instead of editing configuration files directly in the root directory. The root aggregate contains the root volume. Your storage system is shipped with the root volume in a 32-bit aggregate.
What a cluster is | 39
What a cluster is
You can group pairs of nodes together to form a scalable cluster. Creating a cluster enables up to 24 individual nodes (or twelve pairs of nodes) to pool their resources and distribute work across the cluster, while presenting administrators with a single entity to manage. Clustering also enables continuous service to end users if individual nodes go offline or are taken offline. Each node in the cluster can access the same volumes as any other node in the cluster, assuming that a single virtual server exists across the entire cluster. The total file-system namespace, which comprises all of the volumes and their resultant paths, is global across the cluster. When a new node is added to a cluster, there is no need to update clients to point to the new server. The existence of the new nodes is transparent to the clients. The key concept in the cluster is quorum, which is a simple majority of nodes that participate in the cluster. Each node in the cluster participates in a voting protocol that elects one node master; each remaining node is a secondary. The master is responsible for synchronizing information across the cluster. When quorum is formed, it is maintained by continual voting; if the master goes offline, a new master is elected by the nodes that remain online. Quorum must be maintained for the cluster to function fully. Because there is the possibility of a tie in a cluster that has an even number of nodes, one node can be configured to hold epsilon, which is an extra fractional voting weight. For instance, in a four-node cluster, quorum can be maintained if two nodes cast the same vote and one of those nodes holds epsilon. The system administrator sets epsilon on one node at most. Epsilon can be unassigned and reassigned as needed. The nodes in a cluster communicate over a dedicated, secure Ethernet network. Cluster logical interfaces on the same node must be on the same subnet. The cluster logical interfaces on each node in the cluster should be on the same subnet; however, clusters can span subnets if there is a direct route for cluster communication among the nodes.
Next topics
About the cluster management server on page 40 Managing a cluster on page 40 Creating a cluster on page 41 Displaying cluster status on page 42 Adding a node to an existing cluster on page 43 Removing a node from a cluster on page 43 Quorum in clusters on page 44 Cluster replication rings on page 45 Adding epsilon to a node on page 46 Marking a node's ability to participate in its cluster on page 47 Configuring high availability in a two-node cluster on page 47 Renaming a cluster on page 48
Displaying global attributes of a cluster on page 48
About the cluster management server

You manage a cluster by accessing the cluster management server through the console, remote LAN manager, or the cluster management logical interface. A cluster management server is a specialized virtual server implementation that presents the cluster as a manageable entity. In addition to serving as the highest-level administrative domain, the cluster management server owns resources that dont logically belong with a traditional virtual server. Unlike a traditional virtual server, a cluster management server cannot have a root volume or host user volumes. Furthermore, a cluster management server can only have logical interfaces of the cluster management type. The cluster management server is always available on clusters. You can access the cluster management server through the console, remote LAN manager, or the cluster management logical interface. However, the cluster management logical interface might not be available if you deleted it or if you upgraded from a previous release of Data ONTAP. In those cases, you can create the cluster management logical interface manually using the network interface create command. Upon failure, the cluster management logical interface automatically fails over to another node in the cluster. Depending on the connectivity characteristics of the management protocol you are using, you may or may not notice the failover. If you are using a connectionless protocol (for example, SNMP) or have a limited connection (for example, HTTP), it is unlikely you will notice the failover. However, if you are using a long-term connection (for example, SSH), then you will have to reconnect to cluster management server after the failover. When you create a cluster using the cluster create command, you must specify all of the characteristics of the cluster management logical interface, including its IP address, netmask, gateway, and port. If you run the vserver show command on a node that is part of a cluster, the cluster management server will appear in the listing.
Managing a cluster
You can manage a cluster by connecting to the cluster management server by using the console, remote LAN manager, or an SSH client.
Before you begin
Before you can manage a cluster, you must create it. When you create a cluster, you must specify all of the characteristics of the cluster management logical interface, including its IP address, netmask, gateway, and port. If you upgraded from a previous version of Data ONTAP, you can create the cluster management logical interface manually using the network interface create command.
Step
1. Connect to a node by using the console if your cluster and cluster management server do not yet exist. If a cluster and cluster management server do exist, connect to the cluster by using the console, remote LAN manager, or an SSH client.
Creating a cluster
A cluster begins by defining interfaces for a single node; you can then add additional nodes to the cluster.
Before you begin
You need a base cluster license, which you can obtain from your sales or support representative, before you can create a cluster.
Steps
1. To create a single-node cluster, you use the cluster create command.

Note: The name of your cluster must begin with a letter. Any name more than 80 characters in
length is truncated. This command prompts you for confirmation before running.
Example
The following example creates a cluster named clus0. The cluster base license number is ABCDEFGHIJKLMN. The cluster management port is e0a, the IP address of the cluster management interface is 192.0.2.66, the netmask is 255.255.255.192, and the IP address of the cluster management gateway is 192.0.2.70. The MTU value is 9000. The first cluster interface has the IP address 192.0.2.67, the netmask 255.255.255.192, and cluster interfaces are set to MTU of 9000. No second cluster interface is defined in this example.
node::> cluster create -license ABCDEFGHIJKLMN -clustername clus0 -mgmtport e0a -mgmt-ip 192.0.2.66 -mgmt-netmask 255.255.255.192 -mgmt-gateway 192.0.2.70 -ipaddr1 192.0.2.67 -netmask 255.255.255.192 -mtu 9000
2. To add additional nodes to the cluster, you can use the cluster join command.
Related tasks
Adding a node to an existing cluster on page 43
Displaying cluster status

You can display information about the cluster status of one or more nodes.
Steps
1. To display general information about cluster status, use the cluster show command. The command displays the following information: Node name Whether the node is healthy Whether the node is eligible to participate in the cluster Whether the node holds epsilon (advanced privilege level or higher only)
Example
The following example displays information about all nodes in a four-node cluster:
node::> cluster show Node --------------------node0 node1 node2 node3 Health ------true true true true Eligibility -----------true true true true
2. To display detailed information about a specific node in a cluster, set the privilege level to advanced and use the cluster show command with the -node option.
Example
The following example sets the privilege level to advanced and displays detailed information about the node named node1:
node::> set -privilege advanced Warning: These advanced commands are potentially dangerous; use them only when directed to do so by NetApp personnel. Do you wish to continue? (y or n): y node::> cluster show -node node1 Node: Node UUID: Epsilon: Eligibility: Health: node1 a67f9f34-9d8f-11da-b484-000423b6f094 false true true
Adding a node to an existing cluster

After you have defined a cluster with a single node, you can add additional nodes to it.
Before you begin
A cluster must exist before you can add additional nodes to it.
Step
1. To add nodes to a cluster, you use the cluster join command. The command prompts you for confirmation before running.
Example
The following example adds a node to a cluster whose cluster interface IP address is 172.19.2.1:
node::> cluster join -clusteripaddr 172.19.2.1
Removing a node from a cluster

You can remove a node from a cluster.
Before you begin
Before a node can be successfully removed from a cluster, all of its shared resources, such as logical interfaces to clients, must be removed. The cluster unjoin command fails if any shared resources are still active.
About this task
If you experience difficulty unjoining a node from a cluster, or if you are planning to re-use the node that was part of the cluster, contact technical support for assistance.
Steps
1. Move or delete all volumes and member volumes from aggregates that are owned by the node to be unjoined by using the volume move or volume delete commands, respectively. 2. Delete all aggregates (except for the root aggregate) owned by the node to be unjoined by using the storage aggregate delete command. 3. Delete or re-home all data LIFs from the node to be unjoined to other nodes in the cluster by using the network interface delete or network interface modify commands, respectively.
44 | Data ONTAP 8.0 Cluster-Mode System Administration Guide 4. Modify all LIF failover rules to remove ports on the node to be unjoined by using the network interface failover modify command. 5. Disable storage failover on the node to be unjoined by using the storage failover modify command. 6. Move epsilon to a different node then the node to be unjoined by using the cluster modify command at the advanced privilege level. 7. Delete all VLANs on the node to be unjoined by using the network port vlan delete command. 8. Trigger an AutoSupport message from the node to be unjoined by running the system node autosupport invoke command. 9. Log in to a node different from the one that is to be unjoined from the cluster and run the cluster unjoin command. You must run this command on a node other than the one you are removing from the cluster. Also, this command will not work on the last node in a cluster. The command prompts you for confirmation before executing.
Example
The following example removes node node2 from cluster cluster1:

node::> cluster unjoin -node node2 -clustername cluster1
Quorum in clusters
Managing clusters requires a working familiarity with the concepts that provide the framework for cluster technology in Data ONTAP 8 Cluster-Mode. The primary concept that needs to be understood is the maintenance of quorum. Quorum is a precondition for a fully functioning cluster. When quorum is lost, the cluster loses the ability to accomplish normal cluster operations. For single-node clusters, a majority is achieved when the single node is configured with epsilon. Achieving majority defines whether quorum is maintained; without epsilon, the majority is lost for the single-node cluster. For this reason, a two-node cluster presents some unique challenges in maintaining quorum. In a twonode cluster, epsilon is not held by either node; instead, both nodes are continuously polled to ensure that if one node fails, the other has full read-write access to data as well as access to logical interfaces and management functions. In larger clusters, the effect of epsilon is most often felt when the cluster can be partitioned. In general, assuming reliable connectivity among the various nodes of the cluster, a larger cluster is more stable than a smaller cluster. The quorum requirement of a simple majority of half the nodes plus epsilon is easier to maintain in a cluster of 50 nodes than in a cluster of two nodes. However, when the connectivity between two equal portions of a large cluster fails, the group of nodes
What a cluster is | 45 containing epsilon maintains quorum, assuming that all nodes are healthy. For example, if a single link is established between 25 nodes in one room and 25 nodes in another room to compose a 50node cluster and the link fails, then the group of nodes that holds epsilon maintains quorum. Only one collection of nodes can have quorum at any one time because all of the nodes collectively share a single view of the data. Therefore, if two noncommunicating nodes are permitted to modify the data in divergent ways, it is no longer possible to reconcile the data into a singular data view.
Cluster replication rings

The basis of clustering is the replicated database (RDB). An instance of the RDB is maintained on each node in a cluster. There are a number of processes that use the RDB to ensure consistent data across the cluster; these processes include the management application (mgmt), volume location database (VLDB), logical-interface manager (lifmgr), and SpinAuth authentication (spinauth). A replication ring is a set of identical processes running on different nodes in the cluster. For instance, the VLDB replication ring for a given cluster consists of all instances of VLDB running in the cluster. RDB replication requires healthy cluster links among all nodes in the cluster; if the cluster network fails in whole or in part, file services can become unavailable. The cluster ring show displays the status of replication rings and can assist with troubleshooting efforts.
Related tasks
Displaying cluster ring-replication status on page 45
Displaying cluster ring-replication status

You can display a cluster's ring-replication status to help you diagnose cluster-wide problems.
Before you begin
This task requires you to be logged in at the advanced privilege level or higher.
About this task
If your cluster is experiencing problems, support personnel might ask you to run this command to assist with troubleshooting efforts.
Steps
1. Set the privilege level to advanced by using the set command.

Example
The following example sets the privilege level to advanced:

node::> set -privilege advanced Warning: These advanced commands are potentially dangerous; use them only when

directed to do so by NetApp personnel. Do you wish to continue? (y or n): y
2. To display a cluster's ring-replication status, use the cluster ring show command.
Example
The following example displays the status of the VLDB replication ring on a node named node0:
node::> cluster Node: Unit Name: Status: Epoch: Master Node: Local Node: DB Epoch: DB Transaction: Related concepts ring show -node node0 -unitname vldb node0 vldb master 5 node0 node0 5 56
Cluster replication rings on page 45
Adding epsilon to a node

You can add epsilon to, at most, one node in a cluster to give that node an extra fractional voting weight in the quorum.
Before you begin
This task requires you to be logged in at the advanced privilege or higher.

Steps
1. Set the privilege level to advanced by using the set command.

Example
The following example sets the privilege level to advanced:

node::> set -privilege advanced Warning: These advanced commands are potentially dangerous; use them only when directed to do so by NetApp personnel. Do you wish to continue? (y or n): y
2. To add epsilon to a node, use the cluster modify command with the -node and -epsilon parameters.
Example
The following example adds epsilon to a node named node0:

node::> cluster modify -node node0 -epsilon yes
Marking a node's ability to participate in its cluster

You can mark any node eligible or ineligible to participate in its cluster.
Step
1. To mark a node as eligible or ineligible to participate in its cluster, use the cluster modify command with the -node and -eligibility parameters. You should mark a node ineligible before performing potentially disruptive operations such as hardware maintenance on it.
Example
The following example makes a node named node1 ineligible to participate in the cluster.
node::> cluster modify -node node1 -eligibility no
Configuring high availability in a two-node cluster

You can configure high availability in a cluster if it contains only two nodes.
About this task
Cluster high availability differs from the high availability provided by storage failover. Cluster high availability is a special case of the clustering technology used in larger clusters; cluster highavailability communications occur over the cluster network, not over the Infiniband interconnection between controllers in a storage-failover pair.
Step
1. To enable high availability (HA) for a cluster, use the cluster ha modify command. If your cluster contains only two nodes, you should enable high availability (HA). If the cluster contains three or more nodes, you should not enable HA mode in the cluster. In a two-node cluster with HA enabled, epsilon is shared between the two nodes so that the failure of one node does not disable the cluster.
Example
The following example enables high availability in a two-node cluster:

node::> cluster ha modify -configured true
Displaying high-availability status for a two-node cluster

You can display high-availability status if your cluster has only two nodes.
Step
1. To display high-availability status, use the cluster ha show command.

Example
The following example shows a cluster that is not enabled for high availability:
node::> cluster ha show High Availability Configured: false
Renaming a cluster
You can rename a cluster after it has been created.
Step
1. To change the name of a cluster, use the cluster identity modify command. You cannot change a cluster's UUID, which is set when the cluster is created. Note that the name of a cluster must begin with a letter and that any name more than 80 characters in length is truncated.
Example
The following example renames the current cluster to cluster2:

node::> cluster identity modify -newname cluster2
Displaying global attributes of a cluster

You can display a cluster's name, serial number, physical location, and contact information.
Step
1. To display a cluster's global attributes, use the cluster identity show command.
Example
The following example displays the name, serial number, physical location, and contact information of a cluster.
node::> cluster identity show ClusterName Cluster Serial Number Contact Cluster Location Cluster
cluster2 1-80-123456 jsmith@example.com Sunnyvale
Security management | 51
Security management
The security commands enable you to manage security for the management interface.
Next topics
How to manage audit settings on page 51 How to enable or disable the Web interface on page 53 How to manage login methods on page 54 How to manage user accounts on page 58 How to manage the access-control roles on page 60 How to manage public key authentication on page 66 Displaying information about SNMP users on page 71
How to manage audit settings

Administrators can manage the audit logging settings for the management interface by using the security audit commands. Audit logging creates a chronological record of management activities. You can customize what types activities in the management interface are audited. Two types of requests, get and set requests, are commonly audited activities. Get requests occur when information is retrieved and displayed to a management interface. This is the type of request issued when you run a "show" command, for instance. Set requests typically apply to non-display commands, such as creating, modifying, or deleting an object. You can use security audit commands to Modify the audit logging settings for the management interface. Display the audit logging settings.
Next topics
Modifying audit settings on page 51 Displaying audit settings on page 52
Modifying audit settings

You can use the security audit modify command to set audit logging preferences for the management interface.
About this task
The security audit modify command sets the following audit logging preferences:
52 | Data ONTAP 8.0 Cluster-Mode System Administration Guide Whether set requests for the CLI are audited Whether set requests for the Web interface are audited Whether get requests for the CLI are audited Whether get requests for the Web interface are audited
Step
1. To set the audit logging, enter the following command:

security audit modify [-cliset {on | off}] [-httpset {on | off}] [cliget {on | off}] [-httpget {on | off}] -cliset specifies whether set requests for the CLI are audited. The default setting is on. -httpset specifies whether set requests for the Web interface are audited. The default setting is on. -cliget specifies whether get requests for the CLI are audited. The default setting is on. -httpget specifies whether get requests for the Web interface are audited. The default setting is on.
The following example turns off auditing of get and set requests for the Web interface:
node::> security audit modify -httpset off -httpget off
Displaying audit settings

You can get a display of the audit log settings using the security audit show command.
About this task
The security audit show command displays the following audit-logging settings for the management interface: Whether set requests for the CLI are audited Whether set requests for the Web interface are audited Whether get requests for the CLI are audited Whether set requests for the Web interface are audited
Step
1. To view the audit settings, enter the following command:

security audit show
This command does not have any parameters.
The following example displays the audit-logging settings for the management interface:
node::> security audit show Auditing State for Auditing State for Set Requests: Get Requests: ------------------ -------------------------------CLI: on on HTTP: off off
How to enable or disable the Web interface

You can manage the state of the Web interface by using the security http webserver command. Only an administrator can change the state of the Web interface, and the command is available in the operational mode. You can use the security http webserver commands to Set and modify the state of the Web interface Display the state of the Web interface
Next topics
Enabling or disabling the Web interface on page 53 Displaying the state of the Web interface on page 54
Enabling or disabling the Web interface

The security http webserver modify command enables or disables the Web interface.
Step
1. To set the state of the Web interface, enter the following command:
security http webserver modify [-state {on | off}]
To enable the Web interface, set the state to on; to disable it, set the state to off. By default, the Web interface is enabled. The following example disables the Web interface:

node::> security http webserver modify -state off
Displaying the state of the Web interface

You can view the the state of the Web interface using the security http webserver show command.
Step
1. To view the state of the Web interface, enter the following command:
security http webserver show
There are no parameters for this command. The following example displays the state of the Web interface:
node::>security http webserver show Web Server State: on
How to manage login methods

You can create and modify login methods for the management utility. You can also view and delete the login methods. Only an administrator can manage the login methods. The commands for managing the login methods are available in the operational mode.
Next topics
Creating a login method on page 54 Displaying information about a login method on page 55 Modifying a login method on page 56 Deleting a login method on page 57
Creating a login method

You can use the security login create command to create a login method for the management utility. A login method consists of a user name, an application (access method), and an authentication method. It can optionally include a role name.
Step
1. To create a login method, enter the following command:
security login create -username user_name -application application authmethod authentication_method [-role role_name] -username specifies that a user name is supplied in the command line. user_name is the user name of the login method. -application specifies that an application of the login method is supplied in the command line.
Possible values include snmp, http, ssh, telnet, and console.

application is the name of the application. -authmethod specifies that an authentication method of the login method is supplied in the
command line.
authentication_method is the authentication method of the login method, which can be one
of the following: allowallAny authentication method communitySNMP community strings kerberosKerberized telnet passwordPassword publickeyPublic-key authentication usmSNMP user security model
-role specifies that an access-control role for the login method is supplied in the command line. This parameter is optional. role_name is the name of the role
The following example creates a login method that has the user name monitor, the application ssh, the authentication method password, and the access-control role readonly.
node::> security login create -username monitor -application ssh authmethod password -role readonly
Displaying information about a login method

You can view information such as user name, application, authentication method, and access-control role name of a login method by using the security login show command.
Step
1. To get a display of information about a login method, enter the following command:
security login show [-instance] [-username user_name] [-application application] [-authmethod authentication_method] [-role role_name] [ acctlocked {yes|no} ] -instance specifies that a detailed information about all the login methods be displayed.

-username specifies that a user name is supplied in the command line. The command displays information only about the login method or methods that match the specified user name. user_name is the user name based on which you want to view the login method details. -application specifies that an application name is supplied in the command line. The
command displays information only about the login method or methods that use the specified login application.
application is the name of the application based on which you want to view the login method
details.
-authmethod specifies that an authentication method is supplied in the command line. The
command displays information only about the login method or methods that use the specified authentication method.
authentication_method is the authentication method based on which you want to view the
login method details. -role specifies that a role name is supplied in the command line. The command displays information only about the login method or methods that use the specified access-control role.
role_name is the name of the role based on which you want to view the login method details. acctlocked specifies that the information be displayed only about the login method or methods
that are locked or unlocked. The following example displays information about all user login methods:
UserName Locked -------------------------admin no admin no admin no admin no Authentication Application Method Acct Role Name
----------- -------------- -------------------console http ontapi ssh password password password password admin admin admin admin
Modifying a login method

You can modify the role name of a login method using the security login modify command.
Step
1. To modify the role name of a login method, enter the following command:
security login modify -username user_name -application application authmethod authentication_method [-role role_name]
-username specifies that the user name of the login method to be modified is supplied in the command line.
user_name is the user name for which you want to modify the role
-application specifies that the application of the login method is supplied in the command line.
application is the application of the login method. Possible values include SNMP, HTTP, ssh,
telnet, and console. -authmethod specifies that the authentication method of the login method is supplied in the command line.
authentication_method is the authentication method of the login method. Possible values
include the following: allowallAny authentication method communitySNMP community strings kerberosKerberized telnet passwordPassword publickeyPublic-key authentication usmSNMP user security model
-role specifies that a new access-control role name for the login method is supplied in the command line.
role_name is the new access-control role name for the login method.
The following example modifies a login method that has the user name root, the application telnet, and the authentication method kerberos to use the access-control role admin.
node::> security login modify -username root -application telnet authmethod kerberos -role admin
Deleting a login method

You can delete a login method using the security login delete command.
Step
1. To delete a login method, enter the following command:

security login delete -username user_name -application application authmethod authentication_method
-username specifies that a user name to be deleted is supplied in the command line.
user_name is the user name to be deleted.
58 | Data ONTAP 8.0 Cluster-Mode System Administration Guide -application specifies that the application of the login method is supplied in the command line.
application is the name of the application. Possible values include SNMP, HTTP, telnet, and
console. -authmethod specifies that an authentication method of the login method is supplied in the command line.
authmethod is the authentication method of the login method. Possible values include Securid,
Kerberos, SNMP Comm String, and Password. The following example deletes a login method that has the username guest, the application snmp, and the authentication method password:
node::> security login delete -username guest -application snmp authmethod password
How to manage user accounts

You can lock a user account and prevent it from accessing the management interface. Alternatively, you can enable a user account to access the management interface. Also, you can reset the password of a specific user. Only an administrator can manage the user accounts, and the commands are available in the operational mode.
Next topics
Resetting a user password on page 58 Locking a user account on page 59 Unlocking a user account on page 59
Resetting a user password

You can reset the password for a specific user by using the security login password command.
Step
1. To reset the password for a specific user, enter the following command:
security login password [-username user_name] -username specifies that the user name whose password is to be reset is supplied in the command line. user_name is the user name whose password is to be reset. Note: This command prompts you for the user's old and new passwords.
The following example resets the password for a user named admin:
node::> security login password -username admin
Locking a user account

You can lock a specific user account and prevent it from accessing the management interface by using the security login lock command.
Step
1. To lock a specific user account, enter the following command:

security login lock -username user_name
The -username option specifies that the user name of the account to be locked. The user_name variable denotes the user name of the account to be locked. The following example locks a user account named jdoe:
node::> security login lock -username jdoe
Unlocking a user account

You can unlock a specific user account and enable it to access the management interface by using the security login unlock command.
Step
1. To unlock a user account, enter the following command:

security login unlock -username user_name
The -username parameter specifies that the user name of the account to be unlocked is supplied in the command line. The user_name variable denotes the user name of the account to be unlocked. The following example unlocks a user account named jdoe:

node::> security login unlock -username jdoe
How to manage the access-control roles

You can manage the access-control roles by creating a new role, modifying an exisiting role, or by deleting an existing role. You can also modify the account restrictions for a management-utility user. Only an administrator can manage the access-control roles and the commands to manage the access control roles are available in the operational mode.
Next topics
Creating an access-control role on page 60 Displaying information about an access-control role on page 62 Modifying an access-control role on page 63 Deleting an access-control role on page 63 Modifying an access-control role configuration on page 64 Displaying information about an access-control role configuration on page 65
Creating an access-control role

You can create an access-control role by using the security login role create command. An access-control role consists of a role name and a command or directory to which the role has access. It optionally includes an access level (none, readonly, or all) and a query that applies to the specified command or command directory. After you create an access-control role, you can apply it to a management-utility login account by using the security login modify or security login create commands.
Step
1. To create an access-control role, enter the following command:

security login role create -role role_name -cmddirname command_or_directory_name [-access access_level] [-query query] -role specifies that the name of the role to be created is supplied in the command line. role_name is the name of the role to be created. -cmddirname specifies that the command or command directory to which the role has access is
supplied in the command line.

command_or_directory_name is the command or command directory to which the role has
access. The default setting is "default", which enables the role to have access to all commands and command directories.
-access specifies that an access level for the role is supplied in the command line.
access_level is the access level for the role. Possible access level settings are none, readonly, and all. The default setting is all . -query specifies that a query for the role is supplied in the command line. query is the query for the role. The query must apply to the specified command or directory
name. The following example creates an access-control role named admin that has volume command access and has the default access level.
node::> security login role create -role admin -cmddirname volume
Creating a restricted access-control role You can create a restricted access-control role and assign it to a user, preventing that user from performing certain actions.
About this task
In the example below, an access-control role named snapshot_delete is created and assigned to a new, restricted user named snapshot_admin.
Steps
1. Create a restricted profile that will be assigned to the new restricted user, for example: node::> security login role create -role snapshot_delete -cmddirname "volume snapshot" -access all -query 2. Create the restricted administrative user, assign the newly created profile, and assign a password, for example: node::> security login create -username snapshot_admin -application ssh -authmethod password profile snapshot_delete Please enter a password for user snapshot_admin: xxxxxxxx Please enter it again: xxxxxxx 3. Provide additional access methods as needed, for example: node::> security login create -username snapshot_admin -application http -authmethod password -profile snapshot_delete node::> security login create -username snapshot -application console -authmethod password profile snapshot_delete When the user named snapshot_admin logs into the console, via ssh, or accesses the Element Manager, the only commands available to that user are the commands assigned to the user's access-control role.
Displaying information about an access-control role

You can get a display of information about an access-control role such as role name, command or command directory to which a role has access, access level, and query by using the security login role show command
Step
1. To view the information about an access-control role, enter the following command:
security login role show [-instance] [-role role_name] [-cmddirname command_or_directory_name] [-access access_level] [-query query] -instance specifies that a detailed information about all access-control roles be displayed. -role specifies that a role name is supplied in the command line. The command displays
information only about the role that matches the specified role name.
role_name is the name of the role. -cmddirname specifies that a command name or a command directory name is supplied in the
command line. The command displays information only about the role or roles that have the specified command or command directory access.
command_or_directory_name is the name of the command or the command directory. Note: If both the role and the command or command directory name are supplied in the
command line, the command displays detailed information about the specified access-control role.
-access specifies that an access level is supplied in the command line. The command displays information only about the role or roles that have the specified access level. access_level is the access level. -query specifies that a query name is supplied in the command line. The command displays
information only about the role or roles that have the specified query.
query is the name of the query.
The following example displays information about all access-control roles:

node::> security login role show RoleName Command/Directory Query AccessLevel ------------- -------------------------------- ----- ----------admin DEFAULT all
readonly readonly DEFAULT volume readonly none
Modifying an access-control role

You can modify an access-control role using the security login role modify command.
Step
1. To modify an access-control role, enter the following command:

security login role modify -role role_name -cmddirname command_or_directory_name [-access access_level] [-query query] -role specifies that a role to be modified is supplied in the command line. role_name is the name of the role to be modified. -cmddirname specifies that the command or command directory to which the role has access is

command_or_directory_name is the command or command directory to which the role has
access. The default is setting is "default", which enables the role to have access to all commands and command directories.
-access specifies that a new access level for the role is supplied in the command line. access_level is the new access level for the role. Possible access level settings are none,
readonly, and all. The default setting is "all".

-query specifies that a new query for the role is supplied in the command line. query is the new query for the role.
The following example modifies an access-control role with the role name readonly and the command access DEFAULT to have the read only access level.
node::> security login role modify -role readonly -cmddirname DEFAULT -access readonly
Deleting an access-control role

You can delete an access-control role using the security login role delete command.
Step
1. To delete an access-control role, enter the following command:

security login role delete -role role_name -cmddirname command_or_directory_name

-role specifies that the role to be deleted is supplied in the command line. role_name is the role to be deleted. -cmddirname specifies that the command or command directory to which the role has access is supplied in the command line. command_or_directory_name is the command or command directory to which the role has
access. The default is setting is "default", which enables the role to have access to all commands and command directories. The following example deletes an access-control role with the role name readonly and the command access DEFAULT.
node::> security login role delete -role readonly -cmddirname DEFAULT
Modifying an access-control role configuration

You can modify the account restrictions for a management-utility user using the security login
role config modify command. Step
1. To modify the account restrictions, enter the following command:

security login role config modify -role role_name [-username-minsize username_minimum_size] [-username-alphanum {enabled | disabled}] [passwd-minsize password_minimum_size] [-passwd-alphanum {enabled | disabled}] [-disallowed-reuse number_of_passwords] [-change-delay interval_between_password_changes] -role specifies that the management-utility user whose account restrictions are to be modified is supplied in the command line. role_name is the management-utility user whose account restrictions are to be modified. -username-minsize specifies that the minimum length of user name is supplied in the
command line.
username_minimum_size is the minimum length of user name. Possible values range from 3 to
16 characters. The default setting is 6 characters.

-username-alphanum specifies whether only alphabetic and numeric characters are permitted
in the user name. The default setting is "disabled".

-passwd-minsize specifies that the minimum length of password is supplied in the command
line.
password_minimum_size is the minimum length of password. Possible values range from 3 to 64 characters. The default setting is 6 characters.
-passwd-alphanum specifies whether only alphabetic and numeric characters are permitted in
the user name. The default setting is "disabled".

-disallowed-reuse specifies that the number of previous passwords that are disallowed for
reuse is supplied in the command line.

number_of_passwords is the number of previous passwords that are disallowed for reuse. -change-delay specifies that the number of days that must pass between password changes is

interval_between_password_changes is the number of days that must pass between password changes. The default setting is 0 (zero).
The following example modifies the user-account restrictions for an account with the role name admin. The minimum size of the password is set to 12 characters.
node::> security login role config modify -role admin -passwd-minsize 12
Displaying information about an access-control role configuration

You can view the information about account restrictions for management-utility user accounts using the security login role config show command. This command displays information such as role name, minimum size of user name and password, and whether alphanumeric-only user names and passwords are enabled.
Step
1. To view the information about an access-control role, enter the following command:
security login role config show [-instance] [-role role_name] [username-minsize username_minimum_size] [-username-alphanum {enabled | disabled}] [-passwd-minsize password_minimum_size] [-passwd-alphanum {enabled | disabled}] [-disallowed-reuse number_of_passwords] [-changedelay interval_between_password_changes] -instance specifies that the command displays detailed information about restrictions for all
user accounts.
-role specifies that the specific role whose detailed account restrictions are to be displayed is

role_name is the name of the role whose detailed account restrictions are to be displayed. -username-minsize specifies that a minimum size for user names is supplied in the command
line. If this parameter is specified, the command displays information only about the user account or accounts that have the specified minimum user-name length.
username_minimum_size is the minimum length of user name.

-username-alphanum specifies that the command displays information only about the user account or accounts that have the specified setting for the use of non-alphanumeric characters in the user name.
-passwd-minsize specifies that a minimum size for passwords is supplied in the command line. If this parameter is specified, the command displays information only about the user account or accounts that have the specified minimum password length.
password_minimum_size is the minimum length of password. -passwd-alphanum specifies that the command displays information only about the user
account or accounts that have the specified setting for the use of non-alphanumeric characters in the password.
-disallowed-reuse specifies that the number of previous passwords that are disallowed for reuse is supplied in the command line. If this parameter is specified, the command displays information only about the user account or accounts that have the specified number of previous passwords that are disallowed for reuse. number_of_passwords is the number of previous passwords that are disallowed. -change-delay specifies that the number of days that must pass between password changes is supplied in the command line. If this parameter is specified, the command displays information only about the user account or accounts that have the specified number of days that must pass between password changes. interval_between_password_changes is the number of days that must pass between
password changes. The following example displays restriction information about all user accounts.
node::> security login role ----- Password Restrictions RoleName Size AlphaNum ------------- ---- -------admin 6 enabled readonly 6 enabled config show ----NoReuse ChangeDelay ------- ----------6 0 days 6 0 days
How to manage public key authentication

The public key management feature provides you the ability to manage and distribute public keys across all the nodes in the cluster. You do not have to login into all the nodes of the cluster and manually manage public keys. You can add, delete, or modify public keys from any of the nodes in the cluster.
Next topics
Associating a public key with a user account on page 67
Loading a public key from a URI and associating it with a user on page 68 Displaying information about public keys on page 68 Modifying the public key associated with an user on page 70 Deleting a public key associated with a user on page 71
Associating a public key with a user account

You can associate an existing public key with a user account using the security login publickey command. This command requires that you enter a valid OpenSSH-formatted public key, a user name, an index number, and an optional comment.
Step
1. To associate a public key to an user account, enter the following command:

security login publickey create-username user_name -index index_number publickey OpenSSH_public_key [-comment comment_text] -username specifies that the name of the user for whom you are adding the public key is supplied in the command line. user_name is the name of the user for whom you are adding the public key. -index specifies that an index number of the public key is supplied in the command line. index_number is the index number of the public key. The default index number is 1. -publickey specifies that the public key to be associated with the user account is supplied in the
command line.
OpenSSH_public_key is the the OpenSSH public key. The public key must be enclosed within
quotation marks.
-comment specifies that a comment text for the public key is supplied in the command line. comment_text is the comment text of the public key. It must be enclosed within quotation
marks. The following example associates a public key with a user named tsmith. The public key is assigned index number 5 and the comment text is This is a new key.
node::> security login publickey create -username tsmith -index 5 publickey "ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAspH64CYbUsDQCdW22JnK6J/ vU9upnKzd2zAk9C1f7YaWRUAF Ns2Qe5lUmQ3ldi8AD0Vfbr5T6HZPCixNAIzaFciDy7hgnmdj9eNGedGr/ JNrftQbLD1hZybX+72DpQB0tYWB

he6eDJ1oPLobZBGfMlPXh8VjeU44i7W4+s0hG0E=tsmith@publickey.example.com" -comment "This is a new key"
Loading a public key from a URI and associating it with a user

You can load a public key from a universal resource identifier, such as ftp or http, and associate it to an user account by using the security login publickey load-from-uri command. To do this, you must specify a user name, the URI from which to load it, and optionally, whether you want to overwrite the existing public key.
Step
1. To load a public key from a URI and associate it with a user account, enter the following command:
security login publickey load-from-uri -username user_name -uri universal_resource_identifier [-overwrite{true | false}] -usernamespecifies that the name of the user for whom you are loading the public key is supplied in the command line. user_name is the the name of the user for whom you are loading the public key. -uri specifies that the URI from which you want to load the public key. universal_resource_identifier is the URI from which you want to load the public key. -overwrite specifies whether you want to overwrite an existing public key with the one you are
loading. The default value for this parameter is true. Enter the result of your step here (optional). The following example loads a public key for the user named tsmith from the URI ftp:// ftp.example.com/publickey. This user's existing public key is not overwritten.
node::> security login publickey load-from-uri -username tsmith -uri ftp://ftp.example.com/publickey -overwrite false
Displaying information about public keys

You can view the information about public keys by using the security login publickey show command.
Step
1. To view the information about public keys, enter the following command:
security login publickey show [ {-ietf | -instance | -fields field_name_or_list_of_field_names}] [-username user_name] [-index index_ number] [ -publickey public_key] [ -publickey-ietf ietf_public_key_name]
[-fingerprint hex_fingerprint] [-bubblebabble bubblebabble_fingerprint] [-comment comment_text] [-privatekey private_key_name]
{-ietf | -instance | -fieldsfield_name_or_list_of_field_names} are optional parameters. Specifying one or more of these optional parameters indicates how the command output is displayed. For example, specifying the -ietf parameter displays only the IETF-formatted public key information.
-username specifies that a user name is supplied in the command line. If this parameter is
specified, the command displays public key information for only the user name you specify.
user_name is the user name based on which the public key information is dipslayed. -index specifies that an index number of the public key is supplied in the command line. index_ number is the index number of the public key. -publickey specifies that a public key is supplied in the command line. If this parameter is
specified, the command displays public key information for only the public key you specify.
public_key is the public key for which you want to view the details. -publickey-ietf specifies that an IETF public key is supplied in the command line. If this parameter is specified, the command displays public key information for only the IETF public key you specify. -fingerprint specifies that the hexadecimal fingerprint of the public key is supplied in the
command line. If this parameter is specified, the command displays public key information for only the public key having the hexadecimal fingerprint you specify.
hex_fingerprint is the hexadecimal fingerprint of the public key. -bubblebabble specifies that bubble babble fingerprint of the public key is supplied in the
command line. If this parameter is specified, the command displays information about public keys having the bubble babble representation you specify.
bubblebabble_fingerprint is the bubble babble fingerprint of the public key, -comment specifies that the comment text of the public key is supplied in the command line. If
this parameter is specified, the command displays information only for the public key having the comment text that you specify.
comment_text is the comment text of the public key. -privatekey specifies that the private key associated with the public key is supplied in the command line. If this parameter is specified, the command displays information only for the private key you specify. private_key_name is the private key.
The following example displays public key information for the user named tsmith.
node::> security login publickey show -username tsmith UserName: tsmith Index: 5

Public Key: ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAspH64CYbUsDQCdW22JnK6J /vU9upnKzd2zAk9C1f7YaWRUAFNs2Qe5lUmQ3ldi8AD0Vfbr5T6HZPCixNAIza FciDy7hgnmdj9eNGedGr/JNrftQbLD1hZybX+72DpQB0tYWBhe6eDJ1oPLob ZBGfMlPXh8VjeU44i7W4+s0hG0E=tsmith@publickey.example.com Fingerprint: 07:b4:27:52:ce:7f:35:81:5a:f2:07:cf:c1:87:91:97 264 | Clustered Administration Reference Bubblebabble fingerprint: xuzom-nelug-bisih-nihyr-metig-kemal-puhut-somyd-mumuh-zomis-syxex Comment: This is a new key
Modifying the public key associated with an user

You can modify the account restrictions for a management-utility user by using the security login role config modify command. You can use this command to modify the user name, index number, and optionally, the public key and comment.
Step
1. To modify the details of a public key, enter the following command:

security login publickey modify -username user_name -index index_number [-publickey public_key_name] [-comment comment_text] -username specifies that a user name is supplied in the command line. The command modifies the name of the user associated with the public key. user_name is the user name to be modified. The default user name is "root". -index specifies that the index number for the public key is supplied in the command line. index_number is the index number of the public key. The default index number is 1. -publickey specifies that the public key to be modified is supplied in the command line. public_key_name is the public key to be modified. The public key must be enclosed within
quotation marks.
-comment specifies that the comment text for the public is supplied in the command line.
The following example modifies the index number of the public key for the user named tsmith.
node::> security login publickey modify -username tsmith -index 10
Deleting a public key associated with a user

You can delete a public key associated with a user by using the security login publickey delete command. To delete a public key, you must specify a user name and index number.
Step
1. To delete a public key from a user, enter the following command:

security login publickey delete -username user_name -index index_number -username specifies that the name of the user for whom you are deleting the public key is

user_name is the name of the user for whom you are deleting the public key. -index specifies that the index number of the public key is supplied in the command line. index_number is the index number of the public key. The default index number is 1.
The following example deletes the public key for the user named tsmith with the index number 5.
node::> security login publickey delete -username tsmith -index 5
Displaying information about SNMP users

You can view the information about SNMP users in the cluster by using the security snmpusers command.
Step
1. To view the information about SNMP users in the cluster, enter the following command:
security snmpusers [-instance] [-username user_name] [-authmethod authentication_method] [-engineid hex_engine_ID] [-authprotocol authentication_protocol] [-privprotocol privacy_protocol] [securitygroup security_group] -instance specifies that a detailed information about all SNMP users be displayed. -username specifies that a user name is supplied in the command line. The command displays information only about the the specified SNMP user. user_name is the SNMP user name based on which you want to view the details.

-authmethod specifies that an authentication method is supplied in the command line. The
command displays information only about the SNMP user or users that use the specified authentication method. Possible values include the following: communitySNMP community strings passwordPassword publickeyPublic-key authentication usmSNMP user security model
authentication_method is the authentication method based on which you want to view the
SNMP user details.

-engineid specifies that a engine id is supplied in the command line. The command displays
information only about the SNMP user or users that use the specified engine ID in the hexadecimal format.
hex_engine_ID is the engine ID based on which you want to view the SNMP user details. -authprotocol specifies that an authentication protocol is supplied in the command line. The
command displays information only about the SNMP user or users that use the specified authentication protocol.
authentication_protocol is the authentication protocol based on which you want to view
the SNMP user details.

-privprotocol specifies that a privacy protocol is supplied in the command line. The command displays information only about the SNMP user or users that use the specified privacy protocol. privacy_protocol is the privacy protocol based on which you want to view the SNMP user
details.
-securitygroup specifies that a security group is supplied in the command line. The command
displays information only about the SNMP user or users that belong to the specified security group.
security_group is the security group based on which you want to view the SNMP user details.
The following example displays information about all SNMP users:

node::>security snmpusers UserName AuthMethod EngineId public 8000014603000000000000 SecurityGroup: readonly
AuthProt community -
PrivProt
Local system management | 73
Local system management

A node, sometimes called a controller, is a computer server that runs the Data ONTAP 8 ClusterMode software. In a cluster, it is attached to other nodes over a cluster network. A node is also connected to the disk shelves that provide physical storage for the Data ONTAP 8 Cluster-Mode system, to third-party storage arrays, that provide array LUNs for Data ONTAP use, or both. Services and components that are controlled by the node, not by the cluster, can be managed by using the system commands. These services and components include the following: Cluster nodes, including time setting Setup configuration wizard Software images Feature licenses Services including DNS, firewall configuration, NDMP, and NTP AutoSupport configuration Hardware components including FRUs and LCD displays Environmental sensors for the hardware platform Core dumps Timeout value for CLI sessions
Next topics
Displaying information about a node on page 73 Setting node attributes on page 74 Renaming a node on page 75 Setting the time zone, date, and time on a node on page 75 Restarting a node on page 76 Shutting down a node on page 77
Displaying information about a node

You can display information about one or more nodes in a cluster to determine the node's or nodes' characteristics.
Step
1. Use the system node show command to display information about a specified node or about all nodes in a cluster. The command displays the following information: Node name
74 | Data ONTAP 8.0 Cluster-Mode System Administration Guide Health Eligibility Uptime Model number Universal unique identifier (UUID) (detailed view and advanced privilege level or higher only) Owner Location Serial number (detailed view only) Asset tag (detailed view only) NVRAM system identifier (detailed view only) System identifier (detailed view only) Vendor (detailed view only)
Example
The following example displays detailed information about node node0:

node::> system show -node node0 Node: node0 Owner: Eng IT Location: Lab 5 Model: FAS3040 Serial Number: 30007404 Asset Tag: Uptime: 23 days 04:42 NVRAM System ID: 118051205 System ID: 0118051205 Vendor: NetApp Health: true Eligibility: true
Setting node attributes

You can modify the attributes of a node as needed for your organization.
Step
1. Use the system modify command to set attributes for a node. You can use the command to set the following attributes: Owner Location Asset tag
You can set the values of all attributes except for the node's eligibility to participate in cluster voting.

Example
The following example modifies the attributes of a node named node1a. The node's owner is set to Bankster Bananas and its asset tag to BB1234.
node::> system modify -node node1a -owner "Bankster Bananas" -assettag BB1234
Renaming a node
You can change a node's name to make it easier to access and associate it with other nodes in a cluster.
Step
1. Use the system rename command to change the name of a node.

Note: If you use the system rename command to rename a node, you must restart the node
for your changes to take effect.

Example
The following example changes the name of node node0a to dinsdale:

node::> system rename -node node0a -newname dinsdale
Setting the time zone, date, and time on a node

You can set the time zone, date, and time on a node to reflect the location of your preference.
Step
1. To set the time zone, date, and time on a node, use the system date modify command. You can determine the node's current settings by using the system date show command. The time zone is specified in the Olson format, or MM/DD/YYYY HH:MM:SS.
Example
The following example sets the date and time to July 1, 2009 at 3:00 p.m. on a node named node1b:
node::> system date modify -node node1b -date "07/01/2009 15:00:00"

Related information
www.twinsun.com/tz/tz-link.htm
Displaying a node's time zone, date, and time settings

You can display the time zone, date, and time settings of one or more nodes to determine the node's or nodes' settings.
Step
1. To display the time zone, date, and time settings, use the system date show command. To display the settings for all nodes in the cluster, run the command without any parameters; to display the settings for a single node, run the command with the -node parameter.
Example
The following example displays the settings for a node named node1b:
node::> system date show -node node1b Node: node1b Time Zone: Etc/UTC Date And Time: 9/16/2009 14:02:33 UTC Date And Time: 9/16/2009 14:02:33
Restarting a node
You can restart a node if it becomes unresponsive or if support personnel direct you to do so as part of troubleshooting efforts.
Step
1. To restart a node, use the system reboot command. The command has an optional -reason parameter that specifies the reason for the restart; this reason is logged and can assist with future troubleshooting efforts. You can force a restart by specifying the -inhibit-takeover true parameter with the command; forcing a restart disables restart checks. The command also has an optional -dump parameter that specifies whether the node attempts to create a core dump before restarting.
Example
The following example restarts the local node (that is, the node on which the command is run) for a software upgrade:
node::> system reboot -reason 'software upgrade'
Shutting down a node

You can shut down a node if it becomes unresponsive or if support personnel direct you to do so as part of troubleshooting efforts.
Step
1. To shut down a node, use the system halt command. The command has an optional -reason parameter that specifies the reason for the shutdown; this reason is logged and can assist with future troubleshooting efforts. You can force a shutdown by specifying the -inhibit-takeover true parameter with the command; forcing a shutdown prevents storage failover from occurring before the node shuts down. If you do not specify the -node parameter, the command shuts down the node on which you run the command.
Example
The following example shuts down the node named dinsdale for hardware maintenance:
node::> system halt -node dinsdale -reason 'hardware maintenance'
Software image management | 79
Software image management

The CompactFlash card on each node holds two Data ONTAP 8 Cluster-Mode software images. These images can be different. For example, you can download a new image while retaining the previous one. You can upgrade a node, restart it to run the new image, and either continue to run with the new image or, if you encounter problems, revert to the previous image.
Next topics
Running the setup configuration wizard on page 79 Displaying information about software images on page 80 Setting the default software image on page 81 Updating a software image on page 81 Performing a fresh software installation on page 83 Downloading new system firmware on page 83
Running the setup configuration wizard

You can run the setup configuration wizard as part of the initial system configuration or at any time afterwards to make modifications.
Step
1. To start the setup assistant, run the system setup command and enter information as you are prompted.
Example
The following example starts the setup configuration wizard but exits it before any changes are made.
node::> system setup Welcome to the setup configuration wizard. If at any time you wish to have a question clarified, type "help". You can abort the setup configuration at any time by typing "exit". Any changes made before typing "exit" will be saved. To skip a question (or accept the listed default), don't enter a value Please enter the node hostname [

current_node_name]: exit Aborting setup. Any changes made have been saved.
Displaying information about software images

You can display information about software images to determine whether the node is running the default image or an alternate image.
Step
1. To display information about currently installed software images, use the system image show command. The command displays the following information: Name of the node on which the image is located Image name Whether the image is the default image (that is, the image that is run when the node starts) Whether the image is the current image (that is, the image that is currently running on the node) Software version Installation date
Example
The following example shows detailed information about the software images on a node named node8:
node::> system image show -instance -node node8 Node: Image Name: Is Default Image: Is Current Image: Kernel Image Path: Root Filesystem Image Path: Software Version: Install Date: Node: Image Name: Is Default Image: Is Current Image: Kernel Image Path: Root Filesystem Image Path: node8 image1 true true /cfcard/x86/freebsd/image1/kernel /cfcard/x86/freebsd/image1/rootfs.img MainNG__10.0.99 3/21/2008 14:53:18 node8 image2 false false /cfcard/x86/freebsd/image2/kernel /cfcard/x86/freebsd/image2/rootfs.img

Software Version: MainNG__10.0.99 Install Date: 3/20/2008 21:27:52 2 entries were displayed.
Setting the default software image

You can set the default software image on a node.
About this task
The default software image is run when you restart the node. If you change the default image, the change occurs only when you restart the node.
Step
1. To set the default software image, use the system image modify command. When you set one of the node's software images as the default, the other image is automatically unset as the default. Conversely, if you unset a software image as the default, the other image is automatically set as the default.
Example
The following example sets the image named image2 to be the default image on a node named node8:
node::> system image modify -node node8 -image image2 -isdefault true Default image changed.
Updating a software image

You can replace the software image that is not currently running on a node with a different image. This enables you to make changes without disrupting the default software image.
Step
1. To upgrade or downgrade a software image, use the system image update command. The command requires the name of the node whose alternate software image (that is, the image that is not currently running) is to be updated and the FTP or HTTP URL from which the image is to be transferred. You can optionally specify the image that is to be replaced if the node is booted from the network. You can also specify whether the newly updated image is to be set as the default image. At the advanced privilege level, you can specify whether to disable versioncompatibility checking. You can specify the URL from which the image is to be transferred in any of the following ways:
82 | Data ONTAP 8.0 Cluster-Mode System Administration Guide As an HTTP URL in the form http:// host_name[: port]/ path_to_file. For example, http://now.netapp.com/downloads/software.tgz. The management utility prompts you for a user name and password before beginning the download.
Note: If you use HTTP to transfer software images, be aware that the management utility
does not check whether the Web server is password protected; if it is not, press Enter at the prompt for user name and password. As an FTP URL in the form ftp:// host_name[: port]/ path_to_file. For example, ftp:// now.netapp.com/downloads/software.tgz. If required, the management utility prompts you for a user name and password before beginning the download. As a TFTP URL in the form tftp:// host_name[: port]/ path_to_file. For example, tftp:// internal-server/downloads/software.tgz. TFTP does not require a user name or password. As a path to a mounted file system in the form file://localhost/ path_to_file. For example, file://localhost/mroot/image.tgz.
Note: If you use FTP or TFTP to transfer software images, you might need to specify an extra slash (/) before the path_to_file specification, depending on how the FTP server is configured. If the FTP server is configured to use the server's root directory (/) as its home directory, no extra slash is needed; if the FTP server does not use the server's root directory as its home directory, you might need to use the extra slash, thereby specifying the full path name. For example, if you are transferring a software image named /downloads/software/ DOT_10.0.tgz from an FTP server that does not use the server's root directory as its home directory, you need to specify the path ftp://ftp.example.com//downloads/software/ DOT_10.0.tgz rather than ftp://ftp.example.com/downloads/software/DOT_10.0.tgz. Example
The following example updates the alternate software image on a node named node04 from the location http://www.example.com/downloads/software/DOT_10.0.tgz:
node::> system image update -node node04 -package http://www.example.com/downloads/software/DOT_10.0.tgz Software Image Updated.
Displaying the progress of a software-image update

You can display the progress of a software-image update to monitor the status of the upgrade.
Step
1. To display the progress of a software-image update, use the system image show-updateprogress command. The command displays progress until the update is complete. You can interrupt the command by pressing Ctrl-C.

Example
The following example shows information about the progress of a software-image update:
node::> system image show-update-progress
Performing a fresh software installation

You can download a new software image from a specified location and install it on a CompactFlash card of a specified node. You can also perform a fresh software installation when replacing a CompactFlash card on a node.
Step
1. To perform a fresh installation of software, use the system image fresh-install command. The command requires the name of the node on which the image is to be installed and the FTP or HTTP URL where the image is located.
Example
The following example performs a fresh installation of a software image located at ftp:// ftp.example.com//downloads/software/DOT_8 onto the CompactFlash card of a node named node05:
node::> system image fresh-install -node node05 -package ftp://ftp.example.com//downloads/software/DOT_8 Related tasks
Updating a software image on page 81
Downloading new system firmware

You can update existing system firmware by downloading new system firmware to a CompactFlash card on one node or all nodes in a cluster.
Step
1. To download new system firmware to a CompactFlash card, use the system firmware download command. The command requires the name of the node containing a CompactFlash card on which the firmware is to be updated and the FTP or HTTP URL from which the firmware image is to be downloaded. You can specify a download to all nodes in the cluster by entering an asterisk (*) for the node name.

Example
The following example downloads firmware to node0a from the NOW Web site:
node::> system firmware download -node node0a -package http://now.netapp.com/NOW/download/tools/firmwareimages/packageversion /firmwareimage.tgz
Feature license management | 85
Feature license management

Feature licenses are provided for an entire cluster, based on the number of nodes in the cluster; they are not provided on a node-by-node basis. If you expand your cluster with new nodes, you need to obtain licenses for the total number of nodes in your cluster; contact your sales or support representative for details. Features that require licenses include the following: Base license, which includes storage failover (SFO) CIFS File striping Mirrors NFS SnapMirror Data Protection SnapMirror Load Sharing SnapRestore V-Series
You can add, delete, and display information about feature licenses by using the system license commands.
Next topics
Adding a feature license on page 85 Displaying feature licenses on page 86 Deleting a feature license on page 86
Adding a feature license

You can add a feature license with the license code provided to you by your sales or support representative.
Step
1. To add a feature license, use the system license add command.

Example
The following example adds a feature with the license code AAAAAAAAAAAAAA:
node::> system license add -license-code AAAAAAAAAAAAAA
Displaying feature licenses

You can display information about licensed features.
Step
1. To display feature licenses, use the system license show command.

Example
The following example displays feature licenses:

node::> system license show Feature Cluster SN --------------- ----------Base 1-80-123456 limit (nodes) Mirror 1-80-123456 CIFS 1-80-123456 SnapRestore 1-80-123456 NFS 1-80-123456 SnapMirror_DP 1-80-123456 License SnapMirror_LS 1-80-123456 Striped_Volume 1-80-123456 8 entries were displayed.s Limit ------666 666 666 666 666 666 666 666 Description ----------Base License w/cluster size Mirror License CIFS License SnapRestore License NFS License SnapMirror Data Protection SnapMirror Load Sharing License Striped Volume License
Deleting a feature license

You can delete a feature license.
Step
1. To delete a feature license, use the system license delete command.

Example
The following example deletes the feature license named CIFS:

node::> system license delete -feature CIFS
System services management | 87
System services management

System services include DNS, firewall, NDMP, and NTP. You can enable and configure these services by using the system services commands.
Next topics
DNS management on page 87 Firewall service management on page 91 NDMP management on page 94 NTP management on page 95
DNS management
You can manage DNS by using the system services dns commands.
Next topics
Enabling and configuring DNS on page 87 Displaying information about DNS configurations on page 88 Hosts table management on page 89
Enabling and configuring DNS

As part of configuring DNS, you can enable DNS on a node.
Step
1. To enable and configure DNS on a node, use the system services dns modify command. You can use the command to modify the following settings: List of domains DNS name server or servers Whether DNS is enabled or disabled DNS timeout value, in seconds Maximum number of DNS connection attempts
Example
The following example modifies the DNS configuration on a node named node8 to use the domains lab.eng.example.com, eng.example.com, and example.com. The node uses three DNS name servers that have the IP addresses 10.1.14.1, 10.1.15.1, and 10.1.100.1. DNS is enabled.
88 | Data ONTAP 8.0 Cluster-Mode System Administration Guide The timeout value for DNS requests is five (5) seconds; the maximum number of retries is two (2).
node::> system services dns modify -node node9 -domains lab.eng.example.com,eng.example.com,example.com -ns1 10.1.14.1 -ns2 10.1.15.1 -ns3 10.1.100.1 -state enabled -timeout 5 -attempts 2
Displaying information about DNS configurations

You can display information to determine the configuration of one or more nodes.
Step
1. To display information about the DNS configuration for one or more nodes, use the system services dns show command. The command displays the following information: Node name Whether DNS is enabled or disabled List of domains List of name servers Primary, secondary, and tertiary name servers (detailed view) DNS timeout value, in seconds (detailed view) Maximum number of DNS connection attempts (detailed view)
Example
The following example displays the DNS configuration for both nodes in a two-node cluster:
node::> Node State Domains (first is ours) --------------- ----------------------------------------------------------ptcsmoke01 enabled cnc.spin.eng.netapp.com NameServers: 10.98.200.100 10.98.200.101 ptcsmoke02 enabled cnc.spin.eng.netapp.com NameServers: 10.98.200.100 10.98.200.101 stealth1 enabled spin.eng.netapp.com NameServers: 10.98.16.43 10.98.16.76 stealth10 enabled netapp.com NameServers: 10.98.128.21 10.98.16.76 4 entries were displayed
Hosts table management

You can manage the DNS hosts table by using the system services dns hosts commands. The hosts table is cluster wide, so you do not need to specify a node name with these commands.
Next topics
Adding a server to the hosts table on page 89 Displaying the hosts table on page 89 Modifying an entry in the hosts table on page 90 Deleting an entry from the hosts table on page 90
Adding a server to the hosts table If you need to expand the cluster's DNS resolution, you can add a server to the DNS hosts table.
Step
1. To add a server to the hosts table, you use the system services dns hosts create command. When you add a server to the hosts table, you specify the host's IP address; you can optionally specify the host name and one or more aliases.
Example
The following example adds a server with the IP address 10.98.48.14 and the name cleese.example.com to the hosts table. The server has an alias named wanda.example.com.
node::> system services dns hosts create -address 10.98.48.14 -hostname cleese.example.com
Displaying the hosts table You can display information about the hosts table.
Step
1. To display the hosts table, you use the system services dns hosts show command. The command displays the following information about entries in the hosts table: Server IP address Host name, if any Aliases, if any
Example
The following example displays the hosts table:

node::> system services dns hosts show Address 10.98.48.14 10.98.48.15 10.98.48.16 10.98.48.17 Hostname cleese.example.com gilliam.example.com palin.example.com idle.example.com Aliases wanda.example.com brazil.example.com, monkeys.example.com
Modifying an entry in the hosts table You can change a server's host name, aliases, or both.
Step
1. To modify the attributes of a server that is listed in the hosts table, you use the system services dns hosts modify command.
Example
The following example adds an alias named travels.example.com to the server that has the IP address 10.98.48.16:
node::> system services dns hosts modify -address 10.98.48.16 -aliases travels.example.com node::> system services dns hosts show Address 10.98.48.14 10.98.48.15 10.98.48.16 10.98.48.17 Hostname cleese.example.com gilliam.example.com palin.example.com idle.example.com Aliases wanda.example.com brazil.example.com, monkeys.example.com travels.example.com
Deleting an entry from the hosts table You can delete a server from the hosts table.
Step
1. To delete a server from the hosts table, you use the system services dns hosts delete command. In order to delete the entry, you must specify the IP address of the server whose entry is to be deleted.

Example
The following example deletes a server that has the IP address 10.98.48.17 from the hosts table:
node::> system services dns hosts delete -address 10.98.48.17 node::> system services dns hosts show Address 10.98.48.14 10.98.48.15 10.98.48.16 Hostname cleese.example.com gilliam.example.com palin.example.com Aliases wanda.example.com brazil.example.com, monkeys.example.com travels.example.com
Firewall service management

The system services firewall commands allow you to enable, configure, and display information about firewall service for a node.
Next topics
Enabling and configuring the firewall service on page 91 Displaying firewall configuration on page 92 Creating a firewall policy on page 92 Modifying a firewall policy on page 92 Displaying information about firewall policies on page 93 Deleting a firewall policy on page 93
Enabling and configuring the firewall service

As part of configuring firewall service, you can enable or disable firewall service and logging on a node.
Step
1. To enable or disable firewall service and firewall logging on a node, you use the system services firewall modify command. The command is available only at the diagnostic privilege level.
Example
The following example turns on firewall service and logging for a node named node03:
node::*> system services firewall modify -node node03 -enabled true -logging true
Displaying firewall configuration

You can display information about firewall service to determine the configuration.
Step
1. To display information about firewall service on one or more nodes, you use the system services firewall show command.
Example
The following example displays information about firewall service:

node::> system services firewall show Node node01 node02 node03 node04 Enabled true true true true Logging false true true false
Creating a firewall policy

You can create a firewall policy specifying a policy name, a network service, and one or more IP addresses with their corresponding netmasks. Firewall policies can be used to control access to only management service protocols such as SSH, HTTPS, or SNMP, and not data protocols such as NFS or CIFS.
Step
1. To create a firewall policy, you use the system services firewall policy create command with the -policy , -service, and -allowed-ips parameters.
Example
The following example creates a policy named data_https that uses the HTTPS protocol and enables access from IP addresses on the 10.10 subnet:
node::> system services firewall policy create -policy data_https service https -allowed-ips 10.10.0.0/0
Modifying a firewall policy

You can modify IP addresses and netmasks used by a firewall policy.
About this task
If you want to change the service associated with the firewall policy, you must delete the policy by using the system services firewall policy delete command and then recreate it by using the system services firewall policy create command.

Step
1. To modify a firewall policy, use the system services firewall policy modify command.
Example
The following example modifies the firewall policy named data_https that uses the HTTP network service to enable access from all addresses on the 10 net:
node::> system services firewall modify -policy data_https -service https allowed-ips 10.0.0.0/0 Related tasks
Deleting a firewall policy on page 93 Creating a firewall policy on page 92
Displaying information about firewall policies

You can display information about firewall policies.
Step
1. To display information about firewall policies, you use the system services firewall policy show command.
Example
The following example displays information about all firewall policies:

node::> system services firewall policy show Policy Service Allowed-IPs ---------------- ------- -------------------cluster default data default data_https https 10.0.0.0/0 mgmt default 0.0.0.0/0 4 entries were displayed.
Deleting a firewall policy

You can delete a firewall policy that is not being used by a virtual server.
Step
1. To delete a firewall policy, you use the system services firewall policy create command with the -policy and -service parameters.
94 | Data ONTAP 8.0 Cluster-Mode System Administration Guide You cannot delete a policy that is being used by a virtual server; use the network interface modify command with the -firewall-policy parameter to change a virtual server's firewall policy.
Example
The following example deletes a firewall policy named data_https:

node::> system services firewall policy delete -policy data_https -service https
NDMP management
The system services ndmp commands enable you to manage the NDMP service on nodes.
Next topics
Enabling and configuring NDMP on page 94 Displaying NDMP configuration information on page 94
Enabling and configuring NDMP

As part of configuring NDMP, you can enable or disable NDMP.
Step
1. To enable or disable NDMP, to specify the NDMP user's ID and password, or to specify whether the NDMP user's password can be sent in clear text, you use the system services ndmp modify command.
Example
The following example enables NDMP on a node named node07. The NDMP user ID is tape1 and its password is tapedrive. The password cannot be sent in clear text.
node::> system services ndmp modify -node node07 -enable true -clear-text false -user-id tape1 -password tapedrive
Displaying NDMP configuration information

You can display information to determine the NDMP configuration.
Step
1. To display NDMP configuration information, use the system services ndmp show command.

Example
The following example displays NDMP configuration information:

node::> system services ndmp show Node Enabled -------------------- --------node04 true node05 true node06 true node07 true 4 entries were displayed. Clear text ----------true true false false User Id --------ndmp ndmp tape1 tape1 Password -------ndmp ndmp tapedrive tapedrive
NTP management
The system services ntp commands enable you to manage the NTP service.
Next topics
Enabling NTP on page 95 Displaying NTP status on page 96 Associating a node with an NTP server on page 96 Modifying the attributes of an NTP server on page 97 Displaying information about NTP servers on page 97 Dissociating a node from an NTP server on page 98
Enabling NTP
You can enable or disable the use of NTP in a cluster.
Step
1. To enable or disable the use of NTP, you use the system services ntp config modify command.
Example
The following example enables NTP in the cluster:

node::> system services ntp config modify -enabled true
Displaying NTP status

You can display NTP status to determine whether NTP is enabled in a cluster.
Step
1. To display NTP status, you use the system services ntp config show command.
Example
The following example shows that NTP is enabled in a cluster:

node::> system services ntp config show NTP Enabled: true
Associating a node with an NTP server

You can associate an individual node with one or more NTP servers.
Step
1. To associate a node with an NTP server, you use the system services ntp server create command. NTP service is enabled or disabled for a cluster as a whole. When you run the command, you specify the node name and the NTP server's name or IP address; you can optionally specify whether the NTP server is the node's preferred NTP server (at the advanced privilege level or higher) and the version of NTP that the server is running.
Example
The following example associates a node named node01 with an NTP server named ntp.example.com. The NTP server is the preferred server for the node, and the server runs NTP version 4.
node::> set -privilege advanced Warning: These advanced commands are potentially dangerous; use them only when directed to do so by NetApp personnel. Do you wish to continue? (y or n): y node::*>

system services ntp server create -node node01 server ntp.example.com -preferred true -version 4
Modifying the attributes of an NTP server

You can use the command to specify the version of NTP running on the server; at the advanced privilege level or higher, you can specify whether the server is the node's preferred NTP server.
Step
1. To modify a node's association with an NTP server,you use the system services ntp server modify command.
Example
The following example specifies the version of NTP as max (the highest available version) on an NTP server named ntp.example.com that is associated with a node named node01:
node::> system services ntp server modify -node node01 -server ntp.example.com -version max
Displaying information about NTP servers

You can display information about NTP servers to determine the attributes associated with nodes.
Step
1. To display information about NTP servers associated with nodes, you use the system services ntp server show command. The command displays the following information: Node name NTP server name or IP address Version of NTP running on the NTP server Whether the NTP server is the node's preferred NTP server (advanced privilege level or higher only)
Example
The following example displays information about NTP servers associated with nodes:
system services ntp server show Node Server ------ -----------------------------node01 ntp.example.com node02 ntp.example.com alt-ntp.example.com 3 entries were displayed. Version --------------------------------max max 4
Dissociating a node from an NTP server

You can dissociate a node from an NTP server, which enables you to associate the node with a different NTP server.
Step
1. To dissociate a node from an NTP server, you use the system services ntp server delete command.
Example
The following example dissociates a node named node02 from an NTP server named altntp.example.com:
node::> system services ntp server delete -node node02 -server alt-ntp.example.com
Command-line interface session record management | 99
Command-line interface session record management

You can record a command-line session into a file, then upload the file to an FTP or HTTP destination. You can also display and delete files in which you previously recorded command-line sessions. Recording a command-line session is useful, for example, if you are troubleshooting an issue and want to save detailed information or if you want to create a permanant record of space usage at a specific point in time.
Next topics
Recording a command-line interface session on page 99 Uploading a record of a command-line interface session on page 100 Displaying information about records of command-line interface sessions on page 100 Deleting records of command-line interface sessions on page 100
Recording a command-line interface session

You can use the system script start and system script stop commands to record a command-line interface session.
Steps
1. Enter the following command:

system script start file_name
Here, file_name is the name of the file into which to record the command-line interface session. You can also specify the -size-limit parameter to limit the size of the record. By default, the size limit is 1 MB. For more information, see the Cluster-Mode Administration Reference. Data ONTAP starts recording your command-line interface session into the file. 2. Complete your command-line interface session. 3. Enter the following command:
system script stop
Data ONTAP stops recording your command-line interface session.
Uploading a record of a command-line interface session

You can use the system script upload command to upload a record of a command-line interface session to an FTP or HTTP destination.
Step

system script upload file_namedestination
Here, file_name is the file name of the record to upload and destination is the FTP or HTTP destination for the file. If the log file you are uploading is not your own, you must also use the username parameter to specify the owner of the log file. For more information, see the ClusterMode Administration Reference. Data ONTAP uploads the record to the destination you specify.
Displaying information about records of command-line interface sessions

You can use the system script show command to display information about records of command-line interface sessions.
Step

system script show
By specifying appropriate parameters, you can view only those records that are associated with a specific user, have a specific file name, are in a specific state, were modified on a particular date, or that have a specific size or size limit. For more information, see the Cluster-Mode Administration Reference. Data ONTAP displays information about all records or the records you specify.
Deleting records of command-line interface sessions

You can use the system script delete command to delete records of command-line interface sessions.
Step
Command-line interface session record management | 101

system script delete file_names
Here, filenames is a single file name or a comma-delimited list of file names. The file name(s) can include wild cards. You can also specify the -username parameter to delete all of the records of command-line interfaces that are associated with a specific user. For more information, see the Cluster-Mode Administration Reference. Data ONTAP deletes the records of command-line interface sessions contained in the file(s) that you specify.
How to use dashboards | 103
How to use dashboards

Dashboards provide visibility into the most critical aspects of your system including virtual server health, system and cluster performance, and storage space utilization. In addition, you can configure alarm thresholds for the cluster and view information about over-threshold alarms.
Next topics
Displaying the alarm dashboard on page 103 Displaying the virtual server health dashboard on page 104 Displaying the performance dashboard on page 106 Displaying the storage dashboard on page 107
Displaying the alarm dashboard

You can display the alarm dashboard which shows information about alarms that are over-threshold.
Step
1. To display the alarm dashboard, use the dashboard alarm show command. By default, the alarm dashboard displays the following information: Object name Node name Aggregate name Alarm state Last value, as a percentage High value, as a percentage
The command can display additional information about alarms; see the reference page for the command for further details.
Example
The following example shows the default alarm-dashboard information displayed when an alarm is over its threshold:
node::> dashboard alarm show Oject Type Node Name State Last Value High Value -------------- ----------- ---------- --------------- -----------------

aggregate-used node1 57% aggr0 critical 57%
Modifying alarm thresholds

You can modify the thresholds for warning and critical alarms, whether an EMS (Event Management System) message is sent when an alarm is generated, and the interval at which objects are monitored by the alarm dashboard.
Step
1. To modify alarm thresholds for a cluster, use the dashboard alarm thresholds modify command.
Example
The following example modifies the warning and critical alarm thresholds for space used on aggregates. When 50% of the aggregate's space is consumed, a warning is generated; when 60% of the aggregate is consumed, a critical message is generated. EMS messages are sent when these thresholds are exceeded and the system is checking them every 5 minutes.
node::> dashboard alarm thresholds modify -type aggregate-used -warning 50 -critical 60 -send-ems true -interval 300
Displaying the virtual server health dashboard

You can display information about virtual server health, including information about aggregates, ports, protocols, logical interfaces, and volumes.
Step
1. To display the virtual server health dashboard, use the dashboard health vserver show command. By default, the virtual server health dashboard displays the following information: Virtual server name Virtual server operational status and state Number of critical, warning, and informational issues Comments about health issues
The command can display a wide range of information about virtual server health, see the reference pages for the commands for further details.
Example
The following example displays the default virtual server health dashboard output.:
node::>

dashboard health vserver show EMS Issues Virtual Server Status Health Crit Warn Info ----------------- -------- ------- ----- ----- ----vs0 online warning 0 0 0 Issues: The vserver root volume is online however there are no mirrors of the root volume. Example
The following example shows detailed virtual server health information:

node::> dashboard health vserver show -instance Virtual Server -------------- ------------------------------------------------------vs0 Status: online EMS Critical: 0 Health: warning Warning: 0 Infomational: 0 Issues: The vserver root volume is online however there are no mirrors of the root volume. Protocols NFS CIFS LIFs Total: 8 Status: configured Status: configured Health: ok Health: ok 8 0 0 0 0
Online: Offline: LIFs Not Home: LIFs Without Failover Rules: LIFs Not Hosted:
Volumes Total: 0
Online: 0 Offline: 0 Restricted: 0 Full:
0 Root Volume State: online Health: warning Mirrors: 0 Mirrors Online: 0 Resources Aggregates

Total: 0 0 Offline: 0 Failed Over To Partner: 0 Full: 0 Network Ports Total: 8 Ports With LIFs Not Home: 0 Online:
Displaying the performance dashboard

You can display information about system and cluster performance.
Step
1. To display the performance dashboard, use the dashboard performance show command. By default, the performance dashboard displays the following information: Node name or cluster summary Average operation latency, in microseconds Total number of operations Percentage of data network utilization Data received on the data network, in MB per second Data sent on the data network, in MB per second Percentage of cluster network utilization Data received on the cluster network, in MB per second Data sent on the cluster network, in MB per second Data read from storage, in MB per second Data written to storage, in MB per second
The command can display a wide range of performance information; see the reference page for the command for further details.
Example
The following example shows detailed performance-dashboard information for a node named node13:
node::> dashboard performance show -node node13 Node: node13 Average Latency (usec): 624us CPU Busy: 84% Total Ops/s: 27275

NFS Ops/s: CIFS Ops/s: Data Network Utilization: Data Network Received (MB/s): Data Network Sent (MB/s): Cluster Network Utilization: Cluster Network Received (MB/s): Cluster Network Sent (MB/s): Storage Read (MB/s): Storage Write (MB/s): CIFS Average Latency: NFS Average Latency: 27275 0 0% 0 0 0% 0 0 0 0 0us 624us
Displaying the storage dashboard

You can display information about storage space utilization and trend.
Step
1. To display the storage dashboard, use the dashboard storage show command. By default, the storage dashboard displays the following information: Aggregate name Size, in GB Available space, in GB Used space, in GB Percentage of space used Number of volumes 4hour change in used size 4hour change in number of volumes 8hour change in used size 8hour change in number of volumes Operational status
The command can display a wide range of information; see the reference page for the command for further details.
Example
The following example shows storage utilization trend information for all aggregates during the past seven days:
node::> dashboard storage show -week ~1 day ~2 days ~3 days ~7 days Aggregate Size Used Vols Used Vols Used Vols Used Vols Used Vols --------- -------- ------- ---- ----------- ------- --- ------- --------- --aggr0 176.5 GB 100.2 GB 19 0 B 0 0 B 0 2.00 MB 2

2.00 MB aggr1 0 B 0 stripe1 1.00 MB stripe2 0 B 0 4 entries 2 176.5 GB
940 KB
1 2 2
0 B 48 KB 0 B
0 0 0
0 B 296 KB 0 B
0 0 0
0 B 484 KB 0 B
0 0 0
353.0 GB 4.81 GB 0 176.5 GB 1.67 MB were displayed.
What ClusterView is | 109
What ClusterView is
ClusterView is a Web application that enables you to view the health, performance, and resource utilization of your Data ONTAP 8 Cluster-Mode system. You can launch ClusterView by using your Web browser. You can view the following statistics by using ClusterView: Operations Latency Network throughput Storage throughput Network resource utilization CPU utilization Storage space utilization
Next topics
System requirements on page 109 Accessing ClusterView on page 110
System requirements
ClusterView supports Mozilla Firefox, Microsoft Internet Explorer, and Safari Web browsers. To run ClusterView on your Web browser, you must install Adobe Flash Player. ClusterView supports the following Web browsers based on the operating system running on your computer: Windows: Mozilla Firefox 1.x, Mozilla Firefox 2.x, Microsoft Internet Explorer 6, and Microsoft Internet Explorer 7 Linux: Mozilla Firefox 1.x and Mozilla Firefox 2.x MacOS: Safari 2.0
You must install the Adobe Flash Player (version 9 or later) plug-in for your Web browser. When you launch ClusterView for the first time and you do not have Adobe Flash Player, you are redirected to the Adobe Web site for downloading Adobe Flash Player.
Accessing ClusterView
You can access ClusterView from your Web browser.
Before you begin
Your storage system must be running Data ONTAP 8 Cluster-Mode.

Steps
1. In the address bar of your Web browser, enter the following:

http://IP_address/clusterview/index.html IP_address is the IP address of your storage system. Example
For example, if the IP address of your storage system is 192.0.2.1, you can enter http://192.0.2.1/ clusterview/index.html in the address bar of your Web browser to launch ClusterView.
Note: You can also access ClusterView from the Element Manager.
2. Enter your Username and Password.

Note: Contact technical support for the default user name and password.
3. Click Login.
Node statistics | 111
Node statistics
You can view statistics about nodes in a cluster. You can view the following details about the nodes in a cluster. The current statistics settings. The performance statistics on a per-node basis. The periodic status of a specific statistic. The information about read and write requests for nodes in a cluster. The information about standard CIFS operations on the nodes in a cluster. The current and highest statistics for the CIFS service. The statistics about CIFS Microsoft remote procedure calls (RPCs). The total number of CIFS commands for each node in the cluster. The statistics about the CIFS sessions. The statistics about the CIFS nameserver usage.
Next topics
Viewing statistics settings on page 111 Modifying statistics settings on page 112 Viewing statistics on page 112 Viewing periodic statistics on page 115 Viewing the size of requests per protocol on page 116 How to display CIFS statistics on page 118
Viewing statistics settings

You can view the current settings for all of the statistics commands by using the statistics settings show command. This command is available in the operational mode only to an administrator.
Step
1. To view the current settings for the statistics commands, enter the following command:
statistics settings show
There are no parameters for this command. The following example displays the default settings for all statistics commands:
node::> statistics settings show Update Delta Base Value on Show: enabled

Display rate Counters in rate/sec: true Collect Per-Client Statistics: disabled Max Number of Clients to View: 50
Modifying statistics settings

You can modify the current settings of the statistics commands by using the statistics settings modify command. This command is available in the operational mode only to an administrator.
Step
1. To modify the current settings of the statistics commands, enter the following command:
statistics settings modify [-update-delta-base {enabled | disabled}] display-rates {true | false} -client-stats {enabled | disabled} -maxclients-to-view number_of_clients -update-delta-base specifies whether the statistics commands update base values that have
already been displayed. The default is "enabled".

-display-rates specifies whether the statistics commands display rate counters in rates/ second. The default is "true". -client-stats specifies whether statistics commands display per-client information. The default is "disabled". -max-clients-to-view specifies that the maximum number of clients to view is supplied in
the command line.

number_of_clients is the maximum number of clients to view. You can specify a positive integer between 1 and 10240. The default number of clients to view is 50.
The following example keeps the default value of the -display-rates parameter, but enables the collection of per-client statistics and sets the number of client to view to 10:
node::> statistics settings modify -display-rates true -client-stats enabled -max-clients-to-view 10
Viewing statistics
You can view the performance statistics on a per-node basis by using the statistics show command. The command displays information such as node name, statistics counter name, current statistics value, and delta changes from last check point. This command is available both in the
Node statistics | 113 maintenance mode and operational mode and is available in the administrator level and advanced level.
Step
1. To view the performance statistics of the nodes in the cluster, enter the following command:
statistics show {-descriptions | -instance | fieldsfield_or_list_of_field_names} [-node node_name] [-category category_name] [-object object_name] [-counter counter_name] [-value counter_value] [-description description] [-prop properties] [-labels label_or_list_of_labels] [-values value_or_list_of_values] [-base-value integer] [-base-delta integer] [-base-rate rate_per_sec] [-base-units integer]
{-descriptions | -instance | -fieldsfield_or_list_of_field_names} specify how the output of command is displayed. For example, to display all statistics information for all nodes in the cluster, use the -instance option. To display information about a specific field or fields for all nodes in the cluster, use the -fields option.
-node specifies that the statistics for the specified node_name alone be displayed. -category specifies that the statistic that has the specified category_name alone be displayed. To view a list of valid category names, at the command prompt, type statistics periodic category ? -object specifies that the statistic that has the specified object_name alone be displayed. -counter specifies that the command displays only the statistic that has the specified counter_name. -value specifies that the command displays only the statistic or statistics that have the specified counter_value. -description specifies that the command displays only the statistics that has the specified description. -prop specifies that the command displays only the statistic or statistics that have the specified properties. -labels specifies that the command displays only the statistic or statistics that have the specified label_or_list_of_labels. This option is available only at the advanced privilege level and
higher.
-values specifies that the command displays only the statistic or statistics that have the specified value_or_list_of_values. This option is available only at the advanced privilege level and
higher.
-base-value specifies that the command displays only the statistic or statistics that have the
specified base value. This option is available only at the advanced privilege level and higher.

-base-delta specifies that the command displays only the statistic or statistics that have the
specified base delta. This option is available only at the advanced privilege level and higher.
-base-rate specifies that the command displays only the statistic or statistics that have the specified rate_per_sec base rate. This option is available only at the advanced privilege level
and higher.
-base-units specifies that the command displays only the statistic or statistics that have the
specified base units. This option is available only at the advanced privilege level and higher. The following example displays system statistics for all nodes in the cluster:
node::> statistics show -category system Node: node0 Category.Object.Counter ----------------------------------------------------system.system.avg_processor_busy 6% -18410888 system.system.cifs_ops system.system.cpu_busy system.system.disk_data_read system.system.disk_data_written system.system.nfs_ops system.system.num_processors system.system.total_processor_busy Node: node1 Category.Object.Counter -----------------------------------------------------system.system.avg_processor_busy 2% system.system.cifs_ops system.system.cpu_busy system.system.disk_data_read system.system.disk_data_written system.system.nfs_ops system.system.num_processors system.system.total_processor_busy Node: node2 Category.Object.Counter -----------------------------------------------------system.system.avg_processor_busy system.system.cifs_ops system.system.cpu_busy system.system.disk_data_read system.system.disk_data_written system.system.nfs_ops system.system.num_processors system.system.total_processor_busy Node: node3 Category.Object.Counter
Value -------------
Delta
138459333 21% 149TB 33.4TB 10240926977 2 32% Value -------------
37/s:63s -176 674KB/s:63s 601KB/s:63s 160/s:63s 0 -18410402 Delta
207472 1% 7.06TB 233GB 9600399 4 9% Value ------------3% 0 1% 6.77TB 153GB 450 2 6% Value
Delta Delta

-----------------------------------------------------system.system.avg_processor_busy system.system.cifs_ops system.system.cpu_busy system.system.disk_data_read system.system.disk_data_written system.system.nfs_ops system.system.num_processors system.system.total_processor_busy ------------3% 135790 1% 6.80TB 188GB 4785213 2 6% -
Viewing periodic statistics

You can view and update periodic statistics by using the statistics periodic command. This command is in the operational mode and is available in the administrator level and advanced level.
Step
1. To view and update specific statistics periodically, enter the following command:
statistics periodic [-node node_name] [-category category_name] [-object object] [-interval interval_in_seconds] [-iterations number_of_iterations] [-summary {true | false}] -node specifies that the statistics be displayed only for node_name. -category specifies that the statistic that has the specified category_name alone be displayed.
To view a list of valid category names, at the command prompt, type

statistics periodic -category ? -object specifies that the statistic that has the specified object_name alone be displayed. -interval specifies that the time interval, in seconds, between statististics updates is interval_in_seconds. The default time interval is 1 second. -iterations specifies the number of iterations the command runs before terminating. The command terminates after number_of_iterations. -summary specifies whether the command prints a final summary of statistics after the command has gone through all of its iterations. The default setting is true.
The following example displays all statistics for a node named node1. Because no number of iterations is specified, this command would continue to run until it was interrupted by a user pressing Ctrl-C.
node::> statistics periodic -node node1 cpu total data data disk busy ops nfs-ops cifs-ops busy recv write ---- ------ ------- -------- ---- ---------data sent -----cluster busy ------cluster recv ------cluster sent -----disk read -----

54% 10378 24.7KB 49% 8156 7.92KB 49% 6000 56% 10363 24.0KB 54% 10460 54% 7894 11.0MB 56% 7135 32.3KB 60% 11374 56% 10458 56% 10130 24.0KB 55% 9814 54% 7776 8.16KB 52% 7400 23.8KB 55% 9459 56% 10529 57% 9950 2.65MB 54% 8287 8.16KB 54% 7612 54% 8728 23.8KB 57% 9944 [...] 10378 8156 6000 10363 10460 7894 7135 11374 10458 10130 9814 7776 7400 9459 10529 9950 8287 7612 8728 9944 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 59% 47% 54% 71% 66% 62% 65% 78% 72% 59% 52% 49% 49% 65% 65% 62% 48% 40% 60% 70% 66.9MB 48.0MB 24.3MB 62.3MB 65.8MB 40.1MB 30.5MB 67.7MB 65.7MB 64.9MB 63.8MB 41.2MB 38.0MB 56.4MB 65.8MB 64.9MB 51.9MB 41.4MB 48.9MB 59.4MB 99.6MB 82.0MB 87.0MB 110MB 106MB 101MB 104MB 126MB 112MB 98.9MB 76.4MB 80.7MB 80.8MB 105MB 107MB 95.3MB 77.2MB 68.2MB 92.8MB 108MB 72% 79% 76% 57% 59% 78% 86% 87% 86% 84% 94% 91% 87% 65% 69% 89% 95% 95% 89% 74% 78.8MB 83.9MB 109MB 96.8MB 94.7MB 99.0MB 93.3MB 172MB 190MB 182MB 136MB 141MB 186MB 206MB 8.25KB 7.92KB 15.8KB 8.00KB 0B 2.68MB 16.2KB 0B 16.0KB 8.00KB 0B 24.5KB 7.92KB 0B 16.2KB 2.32MB 8.16KB 15.8KB 7.92KB 0B 0B 0B 0B 0B 0B 0B 0B 0B 0B
88.5MB 209MB 87.1MB 205MB 81.0MB 200MB 71.2MB 86.4MB 98.7MB 96.6MB 89.0MB 81.8MB 73.3MB 88.6MB 103MB 95.7MB 224MB 218MB 208MB 155MB 165MB 213MB 226MB 228MB 214MB 176MB
Viewing the size of requests per protocol

You can view the information about read and write requests using the statistics protocolrequest-size show command. The command displays information such as node name, statistic type, average size of request, total request count, current number of requests in each category of request size, and number of requests after the command was last executed. This command is available in the maintenance and operational mode and can be executed only by an administrator.
Step
1. To view the information about read and write requests, enter the following command:
statistics protocol-request-size show {-instance | -fields <fieldname>, ...} [-node node_name] [-stat-type statistics_type] [total-req-count number_total_requests] [-average-size average_request_size] [-histo08 number_of_requests_0_511] [-histo09 number_of_requests_512_1023] [-histo10 number_of_requests_1024_2047] [histo11 number_of_requests_2048_4095] [-histo12 number_of_requests_4096_8191] [-histo13 number_of_requests_8192_16K] [histo14 number_of_requests_16K_32K] [-histo15 number_of_requests_32K_64K] [-histo16 number_of_requests_64K_128K] [histo17 number_of_requests_over_128K]
{-instance | -fields <fieldname>, ...} specifies how the output of the command is displayed. For example, to display all protocol request information for all nodes in the cluster, use the -

instance option. To display information about a specific field or fields for all nodes in the cluster, use the -fields option. -node specifies that the statistics for the specified node_name alone be displayed. -stat-type specifies that the command displays only the statistics of the specfied statistics_type. For example, cifs_read, cifs_write, nfs2_read, nfs2_write, nfs3_read, and
nfs3_write.
-total-req-count specifies that the statistics with the total request count specified by number_total_requests alone be displayed. -average-size specifies that the command displays only the statistic that has the specified
average size.
-histo09 specifies that number of requests that are in the size range of 512 to 1023 bytes be
displayed.
number_of_requests_512_1023 is the number of requests in the size range 512 to 1023
bytes.
displayed.
bytes.
displayed.
bytes.
displayed.
bytes.
-histo13 specifies that number of requests that are in the size range of 8192 bytes to 16 KB be
displayed.
number_of_requests_8192_16K is the number of requests in the size range8192 bytes to 16
KB.
-histo14 specifies that number of requests that are in the size range of 16 KB to 32 KB be
displayed.
number_of_requests_16K_32K is the number of requests in the size range 16 KB to 32 KB. -histo15 specifies that number of requests that are in the size range of 32 KB to 64 KB be
displayed.
number_of_requests_32K_64K is the number of requests in the size range 32 KB to 64 KB.

-histo16 specifies that number of requests that are in the size range of 64 KB to 128 KB be
displayed.
number_of_requests_64K_128K is the number of requests in the size range 64 KB to 128 KB. -histo17 specifies that number of requests that greater than 128 KB be displayed. number_of_requests_over_128K is the number of requests in the size range greater than 128
KB.
How to display CIFS statistics

You can view the current and highest statistics for the CIFS services using the statistics cifs command. You can also view the CIFS usage statistics, CIFS nameserver usage statistics, total CIFS command count, and CIFS sessions for each node in the cluster using the statistics cifs command.
Next topics
Displaying statistics about CIFS usage on page 118 Displaying the current statistics for CIFS service on page 122 Displaying the highest statistics for CIFS service on page 123 Displaying the statistics about CIFS Microsoft remote procedure calls (RPCs) on page 124 Displaying the total CIFS command count on page 126 Displaying statistics about CIFS sessions on page 127 Displaying statistics about CIFS nameserver usage on page 128
Displaying statistics about CIFS usage

You can view the information about standard CIFS operations on the nodes in a cluster by using the
statistics cifs show command. This command is available only in the advanced privilage
level and in the operational mode.

Step
1. To view the statistics about CIFS usage, enter the following command:
statistics cifs show [-instance] [-node node_name] [-create-directory directory_creations] [-delete-directory directory_deletions] [-open file_open_operations] [-create file_creation_operations] [-close file_close_operations] [-flush file_flush_operations] [-delete file_deletion_operations] [-rename file_rename_operations] [-queryinformation query_information_operations] [-set-information set_information_operations] [-read file_read_operations] [-write file_write_operations] [-lock-byte-range lock_byte_range_operations] [unlock-byte-range unlock_byte_range_operations] [-create-temporary create_temporary_operations] [-create-new create_new_operations] [check-directory directory_check_operations] [-process-exit process_exit_operations] [-seek seek_operations] [-lock-and-read

lock_and_read_operations] [-write-and-unlock write_and_unlock_operations] [-read-raw raw_read_operations] [-read-mpx multiplex_read_operations] [-read-mpx-secondary secondary_multiplex_read_operations] [-write-raw raw_write_operations] [-write-mpx multiplex_write_operations] [-write-complete completed_write_operations] [-set-information2 set_information_2_operations] [-query-information2 query_information_2_operations] [-locking-andx locking_andX_operations] [-transaction transactions] [-transaction-secondary secondary_transactions] [-ioctl ioctl_operations] [-ioctl-secondary secondary_ioctl_operations] [-copy copy_operations] [-move move_operations] [-echo echo_operations] [-write-and-close write_and_close_operations] [-open-andx open_andX_operations] [-readandx read_andX_operations] [-write-andx write_andX_operations] [-closeand-tree-disc close_and_tree_disconnection_operations] [-find-close2 find_and_close_2_operations] [-find-notify-close find_notify_and_close_operations] [-tree-connect tree_connection_operations] [-tree-disconnect tree_disconnection_operations] [-negotiate negotiation_operations] [session-setup-andx session_setup_andX_operations] [-logoff-andx logoff_andX_operations] [-tree-connect-andx tree_connection_andX_operations] [-query-information-disk query_information_disk_operations] [-search search_operations] [-find find_operations] [-find-unique find_unique_operations] [-nttransactsecondary secondary_NT_transactions] [-ntcreate-andx NT_create_andX_operations] [-ntcancel NT_cancellations] [-ntrename NT_rename_operations] [-open-print-file open_print_file_operations] [write-print-file write_print_file_operations] [-close-print-file close_print_file_operations] [-get-print-queue get_print_queue_operations] [-read-bulk bulk_read_operations] [-writebulk bulk_write_operations] [-write-bulk-data bulk_data_write_operations] [-trans2 trans2_operations] [-trans2-open trans2_open_operations] [-trans2-find-first trans2_find_first_operations] [-trans2-find-next trans2_find_next_operations] [-trans2-query-fs-info trans2_query_FS_information_operations] [-trans2-rsvd trans2_reserved_operations] [-trans2-query-path-info trans2_query_path_information_operations] [-trans2-set-path-info trans2_set_path_information_operations] [-trans2-fsctl trans2_fsctl_operations] [-trans2-ioctl2 trans2_ioctl_2_operations] [trans2-find-notify-first trans2_find_notify_first_operations] [-trans2find-notify-next trans2_find_notify_next_operations] [-trans2-createdirectory trans2_directory_creations] [-trans2-session-setup trans2_session_setup_operations] [-trans2-rsvd2 trans2_reserved_2_operations] [-trans2-get-dfs-referral trans2_get_DFS_referral_operations] [-trans2-report-dfs-inconsistency trans2_report_DFS_inconsistency_operations] [-trans2-secondary secondary_trans2_operations] [-nttransact NT_transactions] [-nttransactrsvd reserved_NT_transactions] [-nttransact-create NT_transaction_creations] [-nttransact-ioct

lNT_transaction_ioctl_operations] [-nttransact-set-security-desc NT_transaction_set_security_descriptor_operations] [-nttransact-notifychange NT_transaction_change_notifications] [-nttransact-rename NT_transaction_rename_operations] [-nttransarc-query-security-desc NT_transaction_query_security_descriptor_operations] Note: Use this command only with the assistance of technical support to help analyze performance and diagnose problems.
The following example displays CIFS usage statistics for a node named node1:
node::*> statistics cifs show Node: CreateDirectory: DeleteDirectory: Open: Create: Close: Flush: Delete: Rename: QueryInformation: SetInformation: Read: Write: LockByteRange: UnlockByteRange: CreateTemporary: CreateNew: CheckDirectory: ProcessExit: Seek: LockAndRead: WriteAndUnlock: ReadRaw: ReadMpx: ReadMpxSecondary: WriteRaw: WriteMpx: WriteComplete: SetInformation2: QueryInformation2: Locking AndX: Transaction: TransactionSecondary: Ioctl: IoctlSecondary: Copy: Move: Echo: WriteAndClose: OpenAndX: Read AndX: Write AndX: CloseAndTreeDisconnect: FindClose2: -node node1 node1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 2 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0

FindNotifyClose: TreeConnect: TreeDisconnect: Negotiate: SessionSetupAndX: LogOffAndX: TreeConnectAndX: QueryInformationDisk: Search: Find: FindUnique: NTTransactSecondary: NTCreate AndX: NTCancel: NTRename: OpenPrintFile: WritePrintFile: ClosePrintFile: GetPrintQueue: ReadBulk: WriteBulk: WriteBulkData: Trans2: Trans2Open: Trans2FindFirst: Trans2FindNext: Trans2QueryFsInformation: Trans2Rsvd: Trans2QueryPathInformation: Trans2SetPathInfo: Trans2QueryFileInfo: Trans2SetFileInfo: Trans2Fsctl: Trans2Ioctl2: Trans2FindNotifyFirst: Trans2FindNotifyNext: Trans2CreateDirectory: Trans2SessionSetup: Trans2Rsvd2: Trans2GetDfsReferral: Trans2ReportDfsInconsistency: Trans2Secondary: NTTransact: NTTransactRsvd: NTTransactCreate: NTTransactIoctl: NTTransactSetSecurityDesc: NTTransactNotifyChange: 0 0 2 7 18 2 9 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 213 0 6 0 0 0 215 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 -

NTTransactRename: 0 NTTranactQuerySecurity Des: 0 -
Displaying the current statistics for CIFS service

You can view the current statistics for the CIFS service by using the statistics cifs currvalues show command. This command is available only in the advanced privilage level and in the operational mode.
Step
1. To view the current statistics for the CIFS service, enter the following command:
statistics cifs currvalues show [-instance] [-node node_name] [-currconnections current_connections] [-curr-name-server-connections current_name_server_connections] [-curr-outbound-connections current_outbound_connections] [-curr-users current_users] [-curr-shares current_shares] [-curr-open-files current_open_files] [-curr-command-cnt current_command_count] [-curr-files-to-close-list-cnt current_files_to_close_count] -curr-connections displays the current number of CIFS connections. -curr-name-server-connections displays the current number of CIFS name-server
connections.
-curr-outbound-connections displays the current number of CIFS outbound connections. -curr-users displays the current number of CIFS users. -curr-shares displays the current number of CIFS shares. -curr-open-files displays the current number of files opened by CIFS clients.
-curr-command-cnt displays the current number of CIFS commands.

-curr-files-to-close-list-cnt displays the current number of files opened by CIFS
clients that need to be closed.

Note: Use this command only with the assistance of technical support to help analyze
performance and diagnose problems. The following example displays current CIFS usage statistics for a node named node1:
node::*> statistics cifs currvalues show -node node1 Node: node1 Value Delta --------------------------- --------- --------CurrConnections: 11 0/s:124s CurrNameServerConnections: 4 CurrOutboundConnections: 8 CurrUsers: 4 0/s:124s CurrShares: 5 0/s:124s CurrOpenFiles: 6 0/s:124s

CurrCommandCnt: CurrFilesToCloseListCnt: 1 0 0/s:124s -
Displaying the highest statistics for CIFS service

You can view the highest statistics for the CIFS service by using the statistics cifs maxvalues show command. This command is available only in the advanced privilage level and in the operational mode.
Step
1. To view the highest statistics for the CIFS service, enter the following command:
statistics cifs maxvalues show [-instance] [-node node_name] [-maxconnections maximum_connections] [-max-name-server-connections maximum_name_server_connections] [-max-outbound-connections maximum_outbound_connections] [-max-users maximum_users] [-max-shares maximum_shares] [-max-open-files maximum_open_files] [-max-command-cnt maximum_command_count] [-max-users-per-connection maximum_users_per_connection] [-max-overbook-users maximum_overbooked_users] [-max-shares-per-users maximum_shares_per_user] [-max-files-open-per-share maximum_files_open_per_share] [-max-files-to-close-list-cnt maximum_files_to_close_count] -max-connections displays the maximum number of CIFS connections. -max-name-server-connections displays the maximum number of CIFS name-server
connections
-max-outbound-connections displays the maximum number of outbound CIFS connections. -max-users displays the maximum number of CIFS users. -max-shares displays the maximum number of CIFS shares. -max-open-files displays the maximum number of files opened by CIFS clients. -max-command-cnt displays the maximum number of CIFS commands. -max-users-per-connection displays the maximum number of CIFS users per connection. -max-overbook-users displays the maximum number of overbooked CIFS users. -max-shares-per-users displays the maximum number of CIFS shares per user. -max-files-open-per-share displays the maximum number files per share opened by the
CIFS clients.
-max-files-to-close-list-cnt displays the maximum number of files opened by CIFS
clients that need to be closed.

Note: Use this command only with the assistance of technical support to help analyze performance and diagnose problems.
The following example displays maximum CIFS statistics for a node named node1:
node::*> statistics cifs maxvalues show -node node1 Node: node1 4 MaxNameServerConnections: 6 MaxOutboundConnections: 0 MaxUsers: 3 MaxShares: 3 0 1 MaxUsersPerConnection: 2 0 1 0 0 0 MaxOverbookUsers: MaxSharesPerUser: MaxOverbookShares: MaxFilesOpenPerShare: MaxFilesToCloseListCnt: MaxConnections: MaxOpenFiles: MaxCommandCnt: -
Displaying the statistics about CIFS Microsoft remote procedure calls (RPCs)
You can view the statistics about CIFS Microsoft remote procedure calls (RPCs) by using the statistics cifs msrpc show command. This command is available only in the advanced privilage level and in the operational mode.
Step
1. To view the statistics about CIFS Microsoft RPCs, enter the following command:
statistics cifs msrpc show [-instance] [-node node_name] [-categoryinstance category_instance] [-rap-get-wks-info RapGetWksInfo] [-rap-getsvr-info RapGetSvrInfo] [-rap-unknown RapUnknown] [-wks-svc-query-info WksSvcQueryInfo] [-wks-svc-unknown WksSvcUnknown] [-win-reg-open-hklm WinRegOpenHKLM] [-win-reg-open-key WinRegOpenKey] [-win-reg-close-key WinRegCloseKey] [-win-reg-unknown WinRegUnknown] [-svr-query-info SvrQueryInfo] [-svr-share-enum SvrShareEnum] [-svr-share-get-info

SvrShareGetInfo] [-svr-share-add SvrShareAdd] [-svr-share-delete SvrShareDelete] [-svr-session-enum SvrSessionEnum] [-svr-session-close SvrSessionClose] [-svr-open-file-enum SvrOpenFileEnum] [-svr-close-openfile SvrCloseOpenFile] [-svr-unknown SvrUnknown] [-spoolss-open-printerex SpoolssOpenPrinterEx] [-spoolss-unknown SpoolssUnknown] [-lsarpcopen-policy LsarpcOpenPolicy] [-lsarpc-open-policy2 LsarpcOpenPolicy2] [-lsarpc-query-info-policy LsarpcQueryInfoPolicy] [-lsarpc-lookup-sidsreq LsarpcLookupSidsReq] [-lsarpc-lookup-names-req LsarpcLookupNamesReq] [-lsarpc-get-user-name LsarpcGetUserName] [-lsarpc-close LsarpcClose] [lsarpc-unknown LsarpcUnknown] [-lsarpc-ds-role-get-domain-info LsarpcDsRoleGetDomainInfo] [-lsarpc-ds-unknown LsarpcDsUnknown] [unknown-rpc UnknownRpc] Note: Use this command only with the assistance of technical support to help analyze performance and diagnose problems. Also, contact technical support for an explanation of the parameters.
The following example displays CIFS Microsoft RPC information for a node named node1:
node::*> statistics cifs msrpc show -node node1 Node: node1 Value -------------------------- ---------- ------------RapGetWksInfo: 0 RapGetSvrInfo: 0 RapUnknown: WksSvcQueryInfo: WksSvcUnknown: WinRegOpenHKLM: WinRegOpenKey: WinRegCloseKey: WinRegUnknown: SvrQueryInfo: SvrShareEnum: SvrShareGetInfo: SvrShareAdd: SvrShareDelete: SvrSessionEnum: SvcSessionClose: SvrOpenFileEnum: SvrCloseOpenFile: SvrUnknown: SpoolssOpenPrinterEx: SpoolssUnknown: LsarpcOpenPolicy: LsarpcOpenPolicy2: LsarpcQueryInfoPolicy: LsarpcLookupSidsReq: LsarpcLookupNamesReq: LsarpcGetUserName: LsarpcClose: 0 310 0 4 4 4 0 152 27 598 0 0 0 0 0 0 0 4 0 0 0 0 0 0 0 0 0/s:74s 0/s:74s 0/s:74s 0/s:74s 0/s:74s 0/s:74s 0/s:74s 0/s:74s -
Delta

LsarpcUnknown: LsarpcDsRoleGetDomainInfo: LsarpcDsUnknown: UnknownRpc: 0 0 0 0 -
Displaying the total CIFS command count

You can view the total number of CIFS commands for each node in the cluster by using the
statistics cifs total show command. This command is available only in the advanced
privilage level and in the operational mode.

Step
1. To view the total number of CIFS commands for each node in the cluster, enter the following command:
statistics cifs total show [-instance] [-node node_name] [-totalcommand-count total_command-count] -total-command-count displays information only about the node or nodes that have the
specified total number of CIFS commands.

The following example displays the total CIFS-command count for all nodes in the cluster:
node::*> statistics cifs total show Node: node0 Value Delta -------------------------------- --------- ------------TotalCommandCount: 293478127 Node: node1 Value Delta -------------------------------- --------- ------------TotalCommandCount: 441579 Node: node2 Value Delta -------------------------------- --------- ------------TotalCommandCount: 101566 Node: node3 Value Delta

-------------------------------- --------- ------------TotalCommandCount: 51284 -
Displaying statistics about CIFS sessions

You can view the statistics about the CIFS sessions using the statistics cifs session show command. This command is available only in the advanced privilage level and in the operational mode.
Step
1. To view the statistics about the CIFS sessions, enter the following command:
statistics cifs session show [-instance] [-node node_name] [-sessionrequests session_requests] [-session-keep-alives session_keep_alives] [unknown-packet-type unknown_packet_type] -session-requests displays the number of session requests. -session-keep-alives displays the number of sessions kept active. -unknown-packet-type displays the number of unknown packet types. Note: Use this command only with the assistance of technical support to help analyze performance and diagnose problems.
The following example displays CIFS-session statistics for all nodes in the cluster:
node::> statistics cifs session show Node: node0 Value Delta --------------------------- --------- ------------SessionRequests: 2931 SessionKeepAlives: 990 UnknownPacketType: 0 Node: node1 Value Delta --------------------------- --------- ------------SessionRequests: 303 SessionKeepAlives: 78 UnknownPacketType: 0 Node: node2 Value Delta --------------------------- --------- ------------SessionRequests: 168 SessionKeepAlives: 33 UnknownPacketType: 0 Node: node3 Value Delta --------------------------- --------- ------------SessionRequests: 53 SessionKeepAlives: 10 -

UnknownPacketType: 0 -
Displaying statistics about CIFS nameserver usage

You can view the statistics about the CIFS nameserver usage by using the statistics cifs nameserver show command. This command is available only in the advanced privilage level and in the operational mode.
Step
1. To view the statistics about the CIFS nameserver usage, enter the following command:
statistics cifs nameserver show [-instance] [-node node_name] [-nameserver-query-requests name_server_query_requests] [-matching-nameserver-query-requests matching_name_server_query_requests] [-nameserver-registration-responses name_server_registration_responses] [name-server-unregistration-responses name_server_unregistration_responses] [-name-server-wack-responses name_server_wack_responses] [-matching-name-server-registration-requests matching_name_server_registration_requests] [-name-conflict-detected name_conflict_detected] [-name-server-registration-requests name_server_registration_requests] [-name-defense-needed name_defense_needed] [-lm-browser-announcements LM_browser_announcements] [-broadcast-name-registrations broadcast_name_registrations] [-broadcast-name-over-writes broadcast_name_overwrites] [-broadcast-name-unregistration-finished broadcast_name_unregistration_finished] [-wins-name-registration-success WINS_name_registration_success] [-wins-name-registration-response-error WINS_name_registration_response_error] [-wins-name-registration-failure WINS_name_registration_failure] [-wins-name-unregistration-success WINS_name_unregistration_success] [-wins-name-unregistration-responseerror WINS_name_unregistration_response_error] [-wins-nameunregistration-failure WINS_name_unregistration_failure] [-wins-nameunregistration-finished WINS_name_unregistration_finished]
The statistics cifs nameserver show command displays the following information about CIFS nameserver usage for each node in the cluster: Number of name-server query requests Number of matching name-server query requests Number of name-server registration responses Number of name-server unregistration responses Number of name-server wack responses Number of matching name-server registration requests Number of name conflicts detected Number of name-server registration requests Number of name defense operations needed
Node statistics | 129 Number of LM browser announcements Number of broadcast name registrations Number of broadcast name overwrites Number of completed broadcast name unregistration operations Number of successful WINS name registration operations Number of WINS name registration response errors Number of failed WINS name registration operations Number of successful WINS name unregistration operations Number of WINS name unregistration response error Number of failed WINS name unregistration operations Number of completed WINS name unregistration operations
The following example displays statistics about CIFS name-server usage for a node named node1:
node::*> statistics cifs nameserver show -node node1 Node: node1 NameServerQueryRequests: 225 MatchingNameServerQueryRequests: 0 NameServerRegistrationResponses: 12 NameServerUnregistrationResponses: 0 NameServerWackResponses: 0 MatchingNameServerRegistrationRequests: 12 NameConflictDetected: 0 NameServerRegistrationRequests: 0 NameDefenseNeeded: 0 LmBrowserAnnouncements: 72 BroadcastNameRegistrations: 0 BroadcastNameOverWrites: 0 BroadcastNameUnregistrationFinished: 0 WinsNameRegistrationSuccess: 6 WinsNameRegistrationResponseError: 0 WinsNameRegistrationFailure: 0 WinsNameUnregistrationSuccess: 0 WinsNameUnregistrationResponseError: 0 WinsNameUnregistrationFailure: 0 WinsNameUnregistrationFinished: 0
Client statistics | 131
Client statistics
You can view statistics about clients that are connected to the cluster. The following client statistics are tracked when client statistics gathering is enabled: Total number of requests (or operations) served Total number of requests served for each protocol type, including NFSv2, NFSv3, NFSv4, CIFS, NLM, Mount, and RC Total number of requests that were satisfied locally Average latency of requests Last four volumes a client requested data from Total bytes and packets received Total bytes and packets sent
Next topics
Enabling and configuring client statistics collection on page 131 Displaying client statistics on page 132 Displaying periodic client statistics on page 133
Enabling and configuring client statistics collection

You can enable or disable the gathering of per-client statistics.
About this task
The collection of per-client statistics is disabled by default. But for monitoring or troubleshooting purposes, you can enable collection of per-client statistics for up to 10,240 clients connecting to a cluster. However, because the gathering of client statistics can affect performance, per-client statistics collection should be disabled during normal operation.
Steps
1. To enable the gathering of client statistics, use the statistics settings modify command.
Example
The following example enables collection of client statistics and sets the maximum number of clients to view to 25:
node::> statistics settings modify -client-stats enabled -max-clients 25
2. You can verify that the client statistics configuration is correct by using the statistics settings show command.

Example
The following example displays information about the settings for statistics:
node::> statistics settings show Update Delta Base Value on Show: enabled Display rate Counters in rate/sec: true Collect Per-Client Statistics: enabled Max Number of Clients to View: 25
3. To disable the gathering of client statistics, use the statistics settings modify command.
Example
The following example disables collection of client statistics:

node::> statistics settings modify -client-stats disabled
Displaying client statistics

You can display statistics for clients connected to the cluster.
Before you begin
Ensure that the collection of client statistics is enabled.

Steps
1. You can use the statistics show command with the -category parameter to view default client statistics for each node in the cluster. By default, the command displays the following information: Node name Object name Value Delta
Example
The following example shows the default client information for a node named node1:
node::> statistics show -category client Node: node1 Category.Object.Counter Value Delta ---------------------------------------- ------- --------client.192.0.2.250.hostname node1 client.192.0.2.250.total-ops 0 client.192.0.2.250.nfs2-ops 0 client.192.0.2.250.nfs3-ops 0 client.192.0.2.250.nfs4-ops 0 client.192.0.2.250.cifs-ops 0 client.192.0.2.250.recv-data 21.1KB -

client.192.0.2.250.sent-data client.192.0.2.250.recv-packets client.192.0.2.250.sent-packets client.192.0.2.250.avg-latency client.192.0.2.250.nlm-ops client.192.0.2.250.mount-ops client.192.0.2.250.local-ops client.192.0.2.250.remote-ops client.192.0.2.250.avg-latency-local client.192.0.2.250.avg-latency-remote [...] 0B 348 0 0us 0 0 0 0 0us 0us -
2. To display statistics for a single client, use the statistics show command with the -node, category, and -object parameters. 3. To display statistics for a single object on all clients, use the statistics show command with the -node, -category, and -counter parameters. 4. To display statistics for a single object on a single client, use the statistics show command with the -node, -category, -object, and -counter parameters.
Related tasks
Enabling and configuring client statistics collection on page 131
Displaying periodic client statistics

You can display periodic statistics for a client connected to a node.
Before you begin
Ensure that the collection of client statistics is enabled.

Step
1. You can use the statistics periodic command with the -node, -category, and -object parameters to view periodic client statistics for a specific client connected to a specific node in the cluster. By default, the command displays the following information: Data received Number of packets received Data sent Number of packets sent Total operations NFSv2 operations NFSv3 operations NFSv4 operations
134 | Data ONTAP 8.0 Cluster-Mode System Administration Guide CIFS operations NLM operations RC operations Mount operations Local operations Remote operations Average latency
Example
The following example shows the default periodic client information for a client with the IP address 192.0.2.250 connected to a node named node1:
node::> statistics periodic -node node1 -category client -object 192.0.2.250 node1: client.192.0.2.250: 2/19/2008 15:02:46 recv recv sent sent total nfs2 nfs3 nfs4 cifs data packets data packets ops ops ops ops ops -------- -------- ---------- -------- -------- -------- --------------- -------83B 0 83B 0 0 0 0 0 0 84B 1 84B 1 1 0 1 0 0 9.88KB 2 84B 1 1 0 1 0 0 9.79KB 1 0B 0 1 0 0 0 0 9.70KB 0 0B 0 0 0 0 0 0 9.79KB 1 0B 0 1 0 1 0 0 9.79KB 1 0B 0 1 0 1 0 0 0B 0 0B 0 0 0 0 0 0 0B 0 0B 0 0 0 0 0 0 0B 0 0B 0 0 0 0 0 0 0B 0 0B 0 0 0 0 0 0 0B 0 0B 0 0 0 0 0 0 nlm rc mount local remote avg ops ops ops ops ops latency -------- -------- ---------- -------- -------- -------0 0 0 0 0 0 0 0 0 1 0 20us 0 0 0 1 0 15us 0 0 0 1 0 10us 0 0 0 0 0 0

0 0 0 0 0 0 0 [...] Related tasks 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 1 0 0 0 0 0 0 0 0 0 0 0 0 10us 20us 0 0 0 0 0
Enabling and configuring client statistics collection on page 131
AutoSupport management | 137
AutoSupport management
AutoSupport is a mechanism that proactively monitors the health of your cluster and automatically sends e-mail messages to your internal support organization, NetApp support personnel, or both. AutoSupport messages are generated and sent at the following times: When specific events occur within your cluster, such as wafl.dir.size.warning, which indicates that a directory is approaching its maximum size. Each day; an AutoSupport message containing management /mroot/etc/log/mlog files is generated and sent for each node in your cluster. Each week; the following summaries are generated and sent for each node in your cluster between 12 a.m. and 1 a.m. Sunday: The weekly AutoSupport message provides the same system information as regular AutoSupport messages. The performance AutoSupport message provides technical support with comprehensive performance information about your storage system for the preceding week. The performance message can be quite large, so by default it is sent only to technical support. The NetApp Health Trigger (NHT) message provides information about any failed disk drives. If no drives failed during the past week, no weekly drive NHT message is sent. By default, the drive NHT message is sent only to technical support. When your system reboots
Note: If you reboot a live node in takeover mode, two reboot AutoSupport messages are
generated. The live node sends one message, and the failed node sends the other message. The live node also sends an AutoSupport message after it completes the takeover process. When you initiate a test message using the system node autosupport invoke command
AutoSupport is enabled by default when you configure your storage system for the first time. AutoSupport begins sending messages to technical support 24 hours after AutoSupport is enabled. You can cut short the 24-hour period by upgrading or reverting the system, modifying the AutoSupport configuration, or changing the time of the system to be outside of the 24-hour period.
Note: You can disable AutoSupport at any time, but you should leave it enabled. Enabling AutoSupport can significantly help speed problem determination and resolution should a problem occur on your storage system.
Although AutoSupport messages to technical support are enabled by default, you need to set the correct options and have a valid mail host to have messages sent to you and your internal support organization.

Next topics
AutoSupport transport protocols on page 138 Enabling and configuring AutoSupport on page 139 Options for configuring AutoSupport on page 139 Displaying AutoSupport settings on page 142 Sending a test AutoSupport message on page 143 AutoSupport messages on page 143
AutoSupport transport protocols

AutoSupport supports HTTPS, HTTP, and SMTP as the transport protocols for delivering AutoSupport messages to technical support. If you enable AutoSupport messages to your internal support organization, those messages are sent by SMTP. AutoSupport supports the following types of transport protocols: HTTPS (This is the default transport protocol used by AutoSupport; you should use it whenever possible.) HTTP SMTP
Because SMTP can introduce limitations on message length and line length, you should use HTTP or, preferably, HTTPS for your AutoSupport transport protocol if possible. HTTP uses port 80; HTTPS uses port 443. If the network connection does not allow HTTPS or HTTP, you need to configure AutoSupport for SMTP. SMTP uses port 25. To use HTTP or HTTPS to send AutoSupport messages, you might need to configure an HTTP or HTTPS proxy. The AutoSupport feature requires an external mail host if you use SMTP. The storage system does not function as a mail hostit requires an external mail host at your site to send mail. The mail host is a host that runs a mail server that listens on the SMTP port (25). Examples of mail servers include the following: A UNIX host running an SMTP server such as the sendmail program A Windows NT server running the Microsoft Exchange server
The storage system uses the mail hosts mail server to send periodic e-mail messages automatically to technical support about the systems status. You can configure AutoSupport to use one or more mail hosts.
Note: Make sure that mail hosts in the AutoSupport e-mail delivery pathway are configured to send and receive the 8-bit Multipurpose Internet Mail Extensions (MIME) encoding.
Enabling and configuring AutoSupport

You can enable AutoSupport and specify settings to turn on different AutoSupport features on a specified node.
Step
1. To enable and configure AutoSupport, you use the system node autosupport modify command and one or more options. The AutoSupport settings that you can enable include: Identifying one or more SMTP mail hosts through which the node can send AutoSupport messages Identifying the e-mail address from which the node sends AutoSupport messages Identifying one or more e-mail addresses to which the node sends AutoSupport messages Determining whether the node sends AutoSupport messages to support personnel Determining the protocol for sending AutoSupport messages to support personnel
Example
The following example enables AutoSupport on a node named node02. The node uses an SMTP mail host named mailhost.example.com, an e-mail "from" address of alerts@node02.example.com, an e-mail "to" address of internal_support@example.com, and an e-mail short-note address of pda@example.com. HTTPS is set as the transport protocol to support personnel.
node::> system node autosupport modify -node node02 -state enable -mail-hosts mailhost.example.com -from alerts@node02.example.com -to internal_support@example.com -support enable -transport https noteto pda@example.com
Options for configuring AutoSupport

You can use one or more options with the system node autosupport modify command to configure the AutoSupport feature on the nodes in your cluster. The following table lists and describes the options for the system node autosupport modify command.
AutoSupport option -node node_name Description Specifies the node whose AutoSupport configuration is to be modified.
AutoSupport option -state [enable | disable]
Description Optionally specifies whether AutoSupport is enabled or disabled on the node. The default setting is enable. Optionally specifies one or more SMTP mail hosts through which the node can send AutoSupport messages. The host names should be entered as a comma-separated list. Optionally specifies the e-mail address from which the node sends AutoSupport messages. The addresses should be entered as a commas-separated list. Optionally specifies one or more e-mail addresses to which the node sends AutoSupport messages. The addresses should be entered as a comma-separated list. You can have AutoSupport messages sent to your internal support organization by correctly setting this option ( or the -noteto option) and having a valid mail host. Optionally specifies one or more partner addresses. AutoSupport messages not sent to the -to and noteto lists are sent to the -partner-address list. They also are sent to technical support if AutoSupport is enabled. The addresses should be entered as a comma-separated list. Optionally specifies whether to send AutoSupport messages to technical support. The default setting is enable. Optionally specifies the protocol for delivering AutoSupport messages to support personnel. Optionally specifies whether the NetApp Health Trigger (NHT) disk drive data is sent to addresses in the to list. The default setting is false. For this option to work, you also need to specify a mail host with the -mail-hosts option and an address with the -to option.
-mail-hosts list_of_mail_hosts
-from from_address
-to list_of_to_addresses
-partner-address list_of_partner_addresses
-support [enable | disable]
-transport protocol -local-nht [true | false]
-nht [true | false]
Optionally specifies whether the NetApp Health Trigger (NHT) disk drive data is sent to technical support. The default setting is true.
AutoSupport option -local-perf [true | false]
Description Optionally specifies whether the weekly performance AutoSupport message is sent to addresses in the to list. The default setting is false. For this option to work, you also need to specify a mail host with the -mail-hosts option and an address with the -to option.
-perf [true | false]
Optionally specifies whether the weekly performance AutoSupport message is sent to technical support. The default setting is true. Optionally specifies the destination address or addresses for short-note e-mail messages. Short-note e-mail consists only of the subject line of the AutoSupport message, which is easily viewed on a cell phone or other text device. The addresses should be entered as a comma-separated list. You can have AutoSupport messages sent to your internal support organization by correctly setting this option ( or the -to option) and having a valid mail host. Optionally specifies an HTTP or HTTPS proxy URL. The URL is entered without an http:// or https:// prefix. Optionally specifies the amount of time to delay before trying to send the AutoSupport message again. Values may end with "s," "m," or "h" to indicate seconds, minutes, or hours, respectively. The minimum is 30 seconds and the maximum is one day. The default is four minutes. Optionally specifies the number of times to try resending the mail before dropping the mail. The minimum is five and the maximum is 4,294,967,294. The default is 15. Specifies the randomized delay window for periodic AutoSupport messages. Values can range from 0 seconds to 240 (4 hours). The default is 60 (1 hour). Setting the value to 0 disables the randomized delay, which is intended to prevent bottlenecks.
-noteto mail_address
-proxy-url url_name
-retry-interval time_interval
-retry-count integer
-periodic-tx-window time_interval
For detailed information about AutoSupport configuration options, see the Data ONTAP ClusterMode Administration Reference on the NOW site.
Displaying AutoSupport settings

You can display settings to determine the AutoSupport configuration for one or more nodes.
Step
1. To display AutoSupport settings, use the system node autosupport show command and its options. The command and its options display the following information: Node name AutoSupport state (enable or disable) List of mail hosts (detailed view only) E-mail "from" address List of e-mail "to" addresses Whether AutoSupport messages are sent to NetApp support personnel (enable or disable) (detailed view only) External support address (detailed view only) Subject of last AutoSupport message (detailed view only) Date and time of last AutoSupport message (detailed view only) Protocols for sending AutoSupport messages The URL for messages delivered through HTTP or HTTPS Whether the NetApp Health Trigger (NHT) (disk drive) data is sent to addresses in the "to" list or to technical support Whether the weekly performance AutoSupport message is sent to addresses in the "to" list or to technical support.
Example
The following example shows the output of the system node autosupport show -node command, which displays detailed information about a node:
node::> system node autosupport show -node node3 Node: node 3 State: enable SMTP Mail Hosts: smtp.example.com From Address: alerts@node3.example.com List of To Addresses: support@example.com List of Partner Addresses: partner@node4.example.com Support: enable Support Protocol: https Support URL for http/https: support.example.com Support Address: support@example.com Last Subject: WEEKLY Last Time: 7/14/2009 00:21:52 Hostname Subject: true Local NHT Enable: false

NHT Enable: Local Perf Enable: Perf Enable: List of Noteto Addr: Support Proxy URL: Retry Interval: Retry Count: Current Trigger Event: true false true support.proxy.example.com 4m 60 -
Note: See the Data ONTAP Cluster-Mode Administration Reference for detailed information about the system node autosupport show command and its options.
Sending a test AutoSupport message

After you configure AutoSupport, you can send an AutoSupport message to test the configuration.
Step
1. To send a test AutoSupport message, you use the system node autosupport invoke command.
Example
The following example sends a message with the text "ASUP test" from a node named node14 to test whether AutoSupport messages are being sent and received:
node::> system node autosupport invoke -node node14 -message "ASUP test" type -test
The system node autosupport invoke command requires that you enter a -type argument. The test argument tests AutoSupport send and receive only. The all argument sends all AutoSupport data without time or size limit.
AutoSupport messages
AutoSupport messages help you understand the status and operations of your storage system. The AutoSupport message includes a log level that indicates the priority assignment from technical support. The log level that indicates the priority assignment can be one of the following: CRITICALPriority 1 ERRORPriority 2 WARNINGPriority 3 NOTICEInformational, no response expected INFOInformational, no response expected DEBUGInformational, no response expected
144 | Data ONTAP 8.0 Cluster-Mode System Administration Guide If you are using AutoSupport locally, you will see the log levels in the subject lines of the AutoSupport e-mail that you receive.
Next topics
Getting AutoSupport message descriptions on page 144 Contents of AutoSupport messages on page 144
Getting AutoSupport message descriptions

The descriptions of the AutoSupport messages that you receive are available through the online Message Matrices page.
Steps
1. Go to the NOW site and find the Message Matrices page. 2. On the Message Matrices page under Select a Release, select your version of Data ONTAP and click View Matrix. All AutoSupport message descriptions are listed alphabetically by subject line.
Related information
http://now.netapp.com/
Contents of AutoSupport messages

AutoSupport messages contain information about the node and cluster, contents of certain /mroot/etc directory files, and output of nodeshell commands that provide system information. The messages also contain additional information in the form of attachments. Each AutoSupport message contains the following information: Date and timestap of the message Version of Data ONTAP on the node that generated the message Hostname, ID, and serial number of the node that generated the message Hostname, ID, and serial number of the partner of the node that generated the message Status of the cluster SNMP contact name and location, if specified Contents of selected /mroot/etc directory files Output of nodeshell commands providing system information Attachments A compressed XML file containing detailed configuration information about the node and cluster A compressed text file containing Event Management System (EMS) log data Selected /mroot/log, /var/etc, and /var/log files
Hardware component monitoring and management | 145
Hardware component monitoring and management

The system hardware commands enable you to monitor and manage field-replaceable units (FRUs), tape drives and libraries, and node LCD displays.
Next topics
Displaying information about tape drives on page 145 Displaying information about tape libraries on page 146 Displaying environmental information on page 147
Displaying information about tape drives

You can display information to determine the attributes of the tape drives.
Step
1. To display information about tape drives, you use the system hardware tape drive show command. The command displays the following information: Node to which the tape drive is attached Device ID of the tape drive Description of the tape drive NDMP path of the tape drive World-wide name of the tape drive (detailed view only) Serial number of the tape drive (detailed view only)
Example
The following example displays detailed information about the tape drives attached to a node named node01:
node::> system hardware tape drive show -instance -node node01 Node: Device Id: Description: World Wide Name: Serial Number: NDMP Path: node01 swd77~1.126 HP Ultrium 3-SCSI WWN[5:006:0b0000:2e314e] HU105277R2 /tape/nr.swd77~1.126.a

Node: Device Id: Description: World Wide Name: Serial Number: NDMP Path: Node: Device Id: Description: World Wide Name: Serial Number: NDMP Path: node01 swd77~2.126 HP Ultrium 3-SCSI WWN[5:006:0b0000:2e31de] HU105277TF /tape/nr.swd77~2.126.a node01 swd77~3.126 HP Ultrium 3-SCSI WWN[5:006:0b0000:2e5f32] HU105377J0 /tape/nr.swd77~3.126.a
Node: node01 Device Id: swd77~4.126 Description: HP Ultrium 3-SCSI World Wide Name: WWN[5:006:0b0000:2e31ee] Serial Number: HU105277TM NDMP Path: /tape/nr.swd77~4.126.a 4 entries were displayed.
Displaying information about tape libraries

You can display information to determine the attributes of tape libraries.
Step
1. To display information about tape libraries, use the system hardware tape library show command. The command displays the following information: Node to which the tape library is attached Device ID of the tape library Description of the tape library NDMP path of the tape library World-wide name of the tape library (detailed view only) Serial number of the tape library (detailed view only)
Example
The following example displays detailed information about the tape libraries attached to a node named node01:
node::> system hardware tape library show -node01 node01 GA060000243:1.126L1 /robot/GA060000243~1.126L1
Hardware component monitoring and management | 147

ADIC i500 Scalar
Displaying environmental information

You can display information about environmental sensors by using the system node environment sensors show command.
Core dump management | 149
Core dump management

Core dumps are generated when a node panics; panics can be caused by hardware or software failures. When a core dump is generated, support and engineering personnel can use it to determine the problem that caused the panic. Use the system coredump commands to manage core dumps.
Next topics
Configuring core dump attributes on page 149 Displaying the core-dump configuration on page 150 Displaying information about core dumps on page 150 Saving a core dump on page 151 Saving all core dumps on a node on page 152 Uploading core dumps on page 152 Displaying core-dump status on page 153 Deleting a core dump on page 154 Deleting all core dumps from a node on page 154
Configuring core dump attributes

You can configure core dumps for a cluster. Every node in a cluster uses the same core-dump configuration.
Step
1. To modify core-dump configuration settings, you use the system coredump config modify command. The command configures the following information: Whether sparse cores (that is, cores that omit all buffers that contain user data) are enabled. The default is true (that is, sparse cores are enabled). The minimum number of bytes that the core dump leaves available on the root-volume file system. If the minimum number of bytes cannot be guaranteed, core dumps are not generated. The default is 250 MB. The maximum number of times the core-dump process attempts to generate a core dump when encountering repeated disk failures. The default is 2. The maximum number of times the core-dump process attempts to save a core dump. The default is 2. Whether core dumps are automatically saved when a node restarts. The default is true. A URL to which core dumps are uploaded. The default is ftp://ftp.netapp.com/to-ntap/.

Example
The following example disables sparse cores and sets the upload location to ftp:// ftp.example.com/intsup/netapp_cores.
node::> system coredump config modify -sparsecore-enabled false -upload-location ftp://ftp.example.com/intsup/netapp_cores
Displaying the core-dump configuration

You can display a cluster's core-dump configuration to determine how it was configured.
Step
1. To display a cluster's core-dump configuration, you use the system coredump config show command.
Example
The following example shows a cluster's core-dump configuation:

node::> system coredump config show Autosave Sparse Min Max Max On Core Free Dump Save Startup Node Enabled Bytes Attempts Attempts Enabled Coredump Location ----- ------- -------- -------- -------- ----------------------------------node10 true 250MB 2 2 true ftp://ftp.netapp.com/ to-ntap/ node11 true 250MB 2 2 true ftp://ftp.netapp.com/ to-ntap/ 2 entries were displayed.
Displaying information about core dumps

You can display information about core dumps to determine their attributes.
Step
1. To display information about core dumps, use the system coredump show command. The command displays the following information:
Core dump management | 151 Node name Core dump name Whether the core is saved The time the panic that generated the core occurred Whether the core is a partial core Number of attempts to save the core
Example
The following example displays information about the core dumps on all nodes in a cluster:
node::> system coredump show Node Core Name -------- ----------------------------------------------------------node01 core.101276713.2008-02-17.04_22_10.nz 04:22:10 node02 core.101182345.2007-02-01.14_19_08.nz 09:19:08 Partial Core: false Number of Attempts to Save Core: 2 Space Needed To Save Core: 4.45GB core.101182345.2008-01-24.13_35_10.nz 08:35:10 node04 core.101270930.2008-01-09.16_40_32.nz 11:40:32 4 entries were displayed. Saved Panic Time ------true false 2/17/2008 2/1/2007
true true
1/24/2008 1/9/2008
Saving a core dump

You can save a specific core dump rather than all core dumps on a node.
About this task
You must save a core dump before you can upload it.
Step
1. To save a specific core dump, use the system coredump save command. You will need to specify the name of the core dump and the node on which the core dump is located in order to save it.

Example
The following example saves a core dump named core.101180243.2006-02-17.12_26_34.nz on a node named node14:
node::> system coredump save -node node14 -corename core.101180243.2006-02-17.12_26_34.nz
Saving all core dumps on a node

You can save all core dumps on a specified node rather than a single core dump on a node.
Step
1. To save all core dumps on a specified node, use the system coredump save-all command.
Example
The following example saves all cores on a node named node15:

node::> system coredump save-all -node node15
Uploading core dumps

You can upload a saved core dump to a remote site for support analysis.
Before you begin
You must save a core dump before you can upload it.
Step
1. To upload a saved core dump, use the system coredump upload command. When you run the command, specify the node on which the core dump is located and the name of the core dump. You can optionally specify the URL to which the core dump is to be uploaded; if a URL is not specified, the command uploads the core to the location specified by the -uploadlocation parameter of the system coredump config modify command.
Example
The following example uploads a core dump named core.101170979.2006-01-09.17_00_44.nz from a node named node01 to the URL ftp://ftp.netapp.com/to-ntap/:
node::>
Core dump management | 153

system coredump upload -node node01 -corename core.101170979.2006-01-09.17_00_44.nz -location ftp://ftp.netapp.com/to-ntap/
Displaying core-dump status

You can display information to determine the status of a core dump.
Step
1. To display information about core-dump status, use the system coredump status command. If a core is in the process of being saved, the command also displays the name of the core being saved, the total number of blocks that are to be saved, and the current number of blocks saved. You can specify additional parameters to display other information. See the reference page for more information. The command shows the following information: Node name State Space available on the internal file system Number of unsaved complete cores Number of unsaved partial cores Core-dump type
Example
The following example displays core-dump status information for a two-node cluster:
node::> system coredump status Space Space Needed No. of Unsaved No. of Unsaved Node State Available For Unsaved Cores Complete Cores Partial Cores -------- ------- ---------- ------------------ ----------------------------node01 nocore 77.61GB 0 0 node02 nocore 78.75GB 0 0 node03 idle 71.42GB 4.45GB 1 0 node04 nocore 78.46GB -

0 0 4 entries were displayed.
Deleting a core dump

After you have uploaded a core dump for support analysis, you can delete it to reclaim space on its node's root-volume file system.
Step
1. To delete a specific core dump, use the system coredump delete command.
Example
The following example deletes a core dump named core.101170979.2006-01-09.17_00_44.nz from a node named node01:
node::> system coredump delete -node node01 -corename core.101170979.2006-01-09.17_00_44.nz
Deleting all core dumps from a node

You can delete all core dumps from a specified node.
Step
1. To delete all core dumps on a specified node, use the system coredump delete-all command.
Example
The following example deletes all cores from a node named node15:
node::> system coredump delete-all -node node15
CLI timeout management | 155
CLI timeout management

The timeout value specifies how long a CLI session remains idle before being automatically terminated. The CLI timeout value is cluster-wide; that is, every node in a cluster uses the same CLI timeout value. You can set the timeout value for CLI sessions by using the system timeout commands.
Next topics
Modifying the CLI timeout value on page 155 Displaying the CLI timeout value on page 155
Modifying the CLI timeout value

You can modify the CLI timeout value for all nodes in a cluster.
Step
1. To modify the CLI timeout value, use the system timeout modify command. The default is 30 minutes. To prevent CLI sessions from timing out, specify a value of 0 (zero).
Example
The following example sets the timeout value to 0:

node::> system timeout modify -timeout 0
Displaying the CLI timeout value

You can display the timeout value for CLI sessions on all nodes in a cluster.
Step
1. To display the CLI timeout value, you use the system timeout show command.
Example
The following example displays the CLI timeout value:

node::> system timeout show CLI session timeout: 0 minute(s)
Job and schedule management | 157
Job and schedule management

A job is defined as any asynchronous task. Jobs are typically long-running volume operations such as copy, move, and mirror. Jobs are placed into a job queue and run when resources are available. If a job is consuming too many system resources, you can stop it or pause it until there is less demand on the system. A job can be in any of the following categories: A server-affiliated job is queued by the management framework to a specific node to be run. A cluster-affiliated job is queued by the management framework to any node in the cluster to be run. A private job is specific to a node and does not use the replicated database (RDB) or any other cluster mechanism. The commands that manage private jobs require the advanced privilege level or higher.
Many tasksfor instance, volume snapshots and mirror replicationscan be configured to run on specified schedules. Schedules that run at specific times are known as cron schedules because of their similarity to UNIX cron schedules; schedules that run at intervals are known as interval schedules. You can define cron schedules by using the job schedule cron commands and interval schedules by using the job schedule interval commands. To determine the outcome of a completed job, check the event log.
Next topics
Displaying information about jobs on page 158 Displaying information about job history on page 160 Monitoring a job's progress on page 162 Pausing a job on page 163 Stopping a job on page 163 Deleting a job on page 164 Reclaiming a cluster-affiliated job on page 164 Private jobs management on page 165 Creating a cron schedule on page 168 Creating an interval schedule on page 171 Displaying information about all schedules on page 173 Deleting a cron or interval schedule on page 174
Related tasks
Creating a cron schedule on page 168 Creating an interval schedule on page 171 Displaying the event log on page 180
Displaying information about jobs

You can display different views of job information depending on the parameters you specify with the command.
Step
1. To display information about jobs, use the job show command. By default, the command displays the following information about all current jobs: Numeric job ID Job name Node that owns the job Job priority Job description
For more information on the various parameters within the command, see the reference page for details.
Example
The following example displays information about all current jobs:

node::> job show ID 2 Name Node License Job Instance Priority Low Description cluster license validation
Next topics
Displaying information about jobs on a per-node basis on page 158 Displaying information about cluster-affiliated jobs on page 159 Displaying information about completed jobs on page 159 Displaying information about job progress on page 160 Displaying information about jobs that are waiting on other jobs on page 160
Displaying information about jobs on a per-node basis

You can display information about jobs on a per-node basis to determine its configuration.
Step
1. To display information about jobs on a per-node basis, use the job show-bynode command.
Job and schedule management | 159 The command displays the following information: Node that owns the job Job ID Job name Job description Whether the job is cluster affiliated
Displaying information about cluster-affiliated jobs

You can display information about cluster-affliated jobs depending on the parameters that you specify with the command.
Step
1. To display information about cluster-affiliated jobs, use the job show-cluster command. The command displays the following information: Job ID Job name Node that owns the job Job priority Job description
Displaying information about completed jobs

You can display information about completed jobs depending on the parameters you specify with the command.
Step
1. To display information about completed jobs, use the job show-completed command. The command displays the following information: Job ID Job name End time Status code Completion string
Displaying information about job progress

You can display information about a job's progress to determine the status of the job.
Step
1. To display information about job progress, use the job show-progress command. The command displays the following information: Job ID Job name Progress state
Displaying information about jobs that are waiting on other jobs

You can display information about jobs that cannot run until another job runs.
Step
1. To display information about jobs that are waiting, use the job show-waiton command. The command displays the following information: ID of the waiting job Name of the waiting job ID of the job that the waiting job is waiting on Name of the job that the waiting job is waiting on
Displaying information about job history

You can display historical information about completed jobs.
Step
1. To display information about a job history, use the job history show command. By default, the command displays the following information about all completed jobs: Month and date on which the job was completed Hour, minute, and second at which the job was completed Node name Job name Job identifier Job description Job UUID (advanced privilege level and higher)
Job and schedule management | 161 Variants of the job history show command display different views of completed job information. See the reference page for the command for details.
Example
The following example displays information about completed jobs:

node::> job history show End Time Node Name -------------- ----------- ---------------------------------------2/27 13:15:52 node1 Mirror Repl mirror(s) 2/27 13:16:25 node1 Mirror Repl mirror(s) 2/27 13:51:00 node1 Mirror Repl mirror(s) 2/27 15:15:59 node1 Mirror Create 2/27 15:16:49 node1 Mirror Repl mirror(s) 2/27 15:21:39 node1 Mirror Repl mirror(s) 2/27 15:56:22 node1 Mirror Repl mirror(s) 2/27 15:56:49 node1 Mirror Repl mirror(s) 2/27 15:56:50 node1 Mirror Repl mirror(s) 2/27 15:57:29 node1 Mirror Create 2/27 15:58:05 node1 Mirror Repl mirror(s) 2/27 15:59:00 node1 Mirror Repl mirror(s) 2/27 16:56:12 node1 Mirror Repl mirror(s) 13 entries were displayed. Next topics Job ID Description ------124 125 126 127 128 129 130 132 131 133 134 135 136 Replicate root to 1 Replicate root to 2 Replicate root to 1 Create nroot3 Replicate root to 1 Replicate root to 1 Replicate root to 1 Replicate root to 1 Replicate root to 1 Create nroot4 Replicate root to 1 Replicate root to 1 Replicate root to 1
Displaying information about jobs on a per-node basis on page 161 Displaying information about jobs on a reverse per-node basis on page 162
Displaying information about jobs on a per-node basis

You can display historical information about completed jobs on a per-node basis.
Step
1. To display information about completed jobs on a per-node basis, use the job history showbynode command. The command displays the following information: Node name
162 | Data ONTAP 8.0 Cluster-Mode System Administration Guide Record number Job identifier Job name Month and date on which the job was completed Hour, minute, and second at which the job was completed Job description Job UUID (advanced privilege level and higher)
Displaying information about jobs on a reverse per-node basis

You can display information about completed jobs in reverse order and on a per-node basis.
Step
1. To display information about completed jobs on a per-node basis, in reverse order, use the job history show-bynode command. The command displays the following information: Node name Record number Job identifier Job name Month and date on which the job was completed Hour, minute, and second at which the job was completed Job description Job UUID (advanced privilege level and higher)
Monitoring a job's progress

You can specify the job that is to be monitored and the frequency of the updates. When the command is run, it continues to report progress on the job until the job has ended or been terminated, or until you interrupt the command.
Step
1. To monitor a job's progress, use the job watch-progress command.

Example
The following example monitors the progress of a job that has the ID 12; the progress is updated every five seconds:
node::> job watch-progress -id 12 -interval 5
Queued
Pausing a job
You can pause a running job.
Step
1. To pause a job, use the job pause command.

Example
The following example pauses a job with the ID 15:

node::> job pause -id 15
Resuming a paused job

You can resume running a paused job.
Step
1. To resume a paused job, use the job resume command.

Example
The following example resumes a job with the ID 15:

node::> job resume -id 15
Stopping a job
You can stop a job permanently to prevent the job from being restarted.
Step
1. To stop a job, use the job stop command.

Example
The following example stops a job with the ID 28:

node::> job stop -id 28
Deleting a job
You can delete a job which stops any current or future instances of the job.
Step
1. To delete a job, use the job delete command.

Example
The following example deletes a job that has the ID 32:

node::> job delete -id 32
Deleting a job that is owned by an unavailable node

You can delete a public, or non-private server or cluster-affliated job when the node on which it is running becomes unavailable.
Step
1. To delete a a job that is owned by an unavailable job, use the job expunge command . Use this command when a running job causes the node to fail, restarts when the node restarts, and then causes the node to fail again. The command requires that at least one healthy node in the cluster and that the cluster is in quorum. The command requires the advanced privilege level or higher.
Example
The following example deletes a job that has the ID 14:

node:*> job expunge -id 14
Reclaiming a cluster-affiliated job

You can reclaim a job to allow another node to take ownership of the job If a cluster-affiliated job is owned by a node that becomes unavailable.
Step
1. To reclaim a job, use the job unclaim command.
Job and schedule management | 165 The command requires the advanced privilege level or higher.
Example
The following example reclaims a cluster-affiliated job that has the ID 39:
node:*> job unclaim -id 39
Private jobs management

Private jobs are run on a specific node and use no clustering facilities. To manage private jobs, use the job private commands, all of which require the advanced privilege level or higher.
Next topics
Displaying information about completed private jobs on page 165 Displaying information about the progress of private jobs on page 166 Displaying information about private jobs that are waiting on other jobs on page 166 Monitoring a private job's progress on page 166 Pausing a private job on page 167 Stopping a private job on page 167 Deleting a private job on page 168
Displaying information about completed private jobs

You can display information about completed private jobs.
Step
1. To display information about completed private jobs, use the job private show-completed command. The command displays the following information: Node name Job ID Job name End time Status code Completion string
Displaying information about the progress of private jobs

You can display information about the progress of a private job to determine the status of the job.
Step
1. To display information about the progress of private jobs, use the job private showprogress command. The command displays the following information: Node name Job ID Job name Progress status
Displaying information about private jobs that are waiting on other jobs
You can display information about private jobs that cannot run until another job runs.
Step
1. To display information about private jobs that are waiting, use the job private show-waiton command. The command displays the following information: Node name ID of the waiting private job Name of the waiting private job ID of the job that the waiting job is waiting on Name of the job that the waiting job is waiting on
Monitoring a private job's progress

You can monitor a private job's progress by specifying the node on which the job is running, the job that is to be monitored, and the frequency of the updates. When the command is run, it continues to report progress on the job until the job has ended or been terminated, or until you interrupt the command.
Step
1. To monitor a private job's progress, use the job private watch-progress command.
Example
The following example monitors the progress of a private job on a node named node0a that has the ID 9; the progress is updated every ten seconds:

node:*> job private watch-progress -node node0a -id 9 -interval 10 Unclaimed
Pausing a private job

You can pause a running private job.
Step
1. To pause a private job, use the job private pause command.

Example
The following example pauses a job with the ID 6 on a node named node1b:
node:*> job private pause -node node1b -id 6
Resuming a paused private job you can resume a paused private job.
Step
1. To resume a paused job, use the job resume command.

Example
The following example resumes a job with the ID 6 on a node named node1b:
node:*> job private resume -node node1b -id 6
Stopping a private job

You can stop a private job to prevent the job from being restarted.
Step
1. To stop a job permanently, use the job stop command.

Example
The following example stops a job with the ID 8 on a node named node1a:
node:*> job private stop -node node1a -id 8
Deleting a private job

You can delete a private job which stops any current instances of the job as well as any future instances.
Step
1. To delete a private job, use the job private delete command.

Example
The following example deletes a job that has the ID 5 on a node named node0a:
node:*> job private delete -node node0a -id 5
Creating a cron schedule

You can create a schedule that runs at a specified time or times.
Step
1. To create a cron schedule, use the job schedule cron create command. When you create a cron schedule, you specify a name for the schedule and the time or times at which it is to run. You can specify time in the following units: As a month or months. Possible values include January, February, March, April, May, June, July, August, September, October, November, and December, or all for an unspecified month setting. As a day or days of the week. Possible values include Sunday, Monday, Tuesday, Thursday, Friday, and Saturday, or all for an unspecified day-of-the-week setting. As a day or days of the month. Possible values range from 1 to 31. As an hour or hours. Possible values range from 0 (midnight) to 23 (11:00 p.m.), or all for an unspecified hour setting. As a minute or minutes. Possible values range from 0 to 59.
If values are specified for both day or days of the month and day or days of the week, they are considered independently; for example, a cron schedule with the day specification Friday, 13 runs every Friday and on the 13th day of each month, not just on every Friday the 13th. If a schedule specifies a nonexistent time, any tasks associated with the schedule do not run on the nonexistent time. For example, if you specify a schedule that runs each month on the 30th, a task associated with the schedule does not run in February; that is, the task runs on January 30 and not again until March 30.

Example
The following example creates a cron schedule named midnight that runs every day at 12:00 a.m.:
node::> job schedule cron create -name midnight -hour 0 -minute 0 Example
The following example creates a cron schedule named triweekly that runs every Monday, Wednesday, and Friday at 3:00 a.m.:
node::> job schedule cron create -name triweekly -dayofweek Monday,Wednesday,Friday -hour 3 Example
The following example creates a cron schedule named biyearly that runs on March 1 and September 1 at 8:30 p.m.:
node::> job schedule cron create -name biyearly -month March,September -day 1 hour 20 -minute 30
Next topics
Displaying information about cron schedules on page 169 Modifying a cron schedule on page 170 Deleting a cron schedule on page 171
Displaying information about cron schedules

You can display the schedule name and the schedule's description, or when it runs.
Step
1. To display information about cron schedules, use the job schedule cron show command. Other information is displayed in a detailed view and if other parameters are specified. See the reference page for the command for details.
Example
The following example displays information about all cron schedules:

node::> job schedule cron show Name Description

biyearly logrotationsched midnight triweekly Example Mar,Sep 1@20:30 Sun@0:00 @0:00 Mon,Wed,Fri@3:00
The following example displays detailed information about the cron schedule named triweekly:
node::> job schedule cron show -name triweekly Name: Month: Day of Week: Day: Hour: Minute: Description: triweekly Monday, Wednesday, Friday 3 0 Mon,Wed,Fri@3:00
Modifying a cron schedule

You can modify the time parameters associated with a schedule but not the schedule's name.
Step
1. To modify a cron schedule, use the job schedule cron modify command. To change a schedule's name, delete it and recreate it with the new name.
Example
The following example modifies the cron schedule named biyearly to run in January and July:
node::> job schedule cron modify -name biyearly -month January,July node::> job schedule cron show -name biyearly Name: Month: Day of Week: Day: Hour: Minute: Description: biyearly January, July 1 20 30 Jan,Jul 1@20:30
Deleting a cron schedule

You can delete a cron schedule.
Step
1. To delete a cron schedule, use the job schedule cron delete command.
Example
The following example deletes a cron schedule named triweekly:

node::> job schedule cron delete -name triweekly
Creating an interval schedule

You can create an interval schedule by specifying the interval in units of days, hours, minutes, and seconds. An interval schedule runs jobs at a specified interval after the previous job finishes.
Step
1. To create an interval schedule, use the job schedule interval create command. For instance, if a job uses an interval schedule of 12 hours and takes 30 minutes to complete, the job runs at the following times: Day one at 8:00 a.m. (the job's initial run) Day one at 8:30 p.m. Day two at 9:00 a.m. Day two at 9:30 p.m.
Example
The following example creates an interval schedule named interval8 that runs a job eight hours after the completion of the previous occurrence of the job:
node::> job schedule interval create -name interval8 -hours 8 Example
The following example creates an interval schedule named interval2.30.30 that runs a job two hours, 30 minutes, and 30 seconds after the completion of the previous occurrence of the job:
node::>

job schedule interval create -name interval2.30.30 -hours 2 -minutes 30 -seconds 30
Next topics
Displaying information about interval schedules on page 172 Modifying an interval schedule on page 172 Deleting an interval schedule on page 173
Displaying information about interval schedules

You can display the name and description of interval schedules.
Step
1. To display information about interval schedules, use the job schedule interval show command. Other information is displayed in a detailed view and if other parameters are specified. See the reference page for the command for details.
Example
The following examples display information about all interval schedules, and then detailed information about the interval schedule named interval2.30.30.
node::> job schedule interval show Name interval2.30.30 interval8 node::> job schedule interval show -name interval2.30.30 Name: Days: Hours: Minutes: Seconds: Description: interval2.30.30 0 2 30 30 Every 2h30m30s Description Every 2h30m30s Every 8h
Modifying an interval schedule

You can modify the time intervals for an interval schedule.
Step
1. To modify an interval schedule, use the job schedule interval modify command.
Job and schedule management | 173 To change an interval schedule's name, delete it and recreate it.
Example
The following example modifies an interval schedule named interval8 to run at an interval of seven hours and 45 minutes:
node::> job schedule interval modify -name interval8 -hours 7 -minutes 45 node::> job schedule interval show -name interval8 Name: Days: Hours: Minutes: Seconds: Description: interval8 0 7 45 0 Every 7h45m
Deleting an interval schedule

You can delete an interval schedule.
Step
1. To delete an interval schedule, use the job schedule interval delete command.
Example
The following example deletes an interval schedule named interval8:

node::> job schedule interval delete -name interval8
Displaying information about all schedules

You can display a schedule's name, type, and description, as well as other detailed information if other parameters are specified.
Step
1. To display information about both cron and interval schedules, use the job schedule show command. For more information about displaying a detailed view and other parameters, see the reference page for the command.

Example
The following example displays information about all schedules:

node::> job schedule show Name biyearly interval2.30.30 logrotationsched midnight Type cron interval cron cron Description Jan,Jul 1@20:30 Every 2h30m30s Sun@0:00 @0:00
Deleting a cron or interval schedule

You can delete either a cron schedule or an interval schedule.
Step
1. To delete a cron schedule or an interval schedule, use the job schedule delete command. You need to specify only the schedule's name, not its type, when issuing the command.
Example
The following example deletes a schedule named interval2.30.30:

node::> job schedule delete -name interval2.30.30
Event management | 175
Event management
Events provide information about the operations that occur on a Data ONTAP 8 Cluster-Mode system. An event consists of the following elements: Message name Severity level. Possible values include the following, listed in decreasing order of urgency: EMERGENCY: The system is unusable ALERT: Action must be taken immediately to prevent system failure CRITICAL: A critical condition has occurred ERROR: An error condition has occurred WARNING: A warning condition has occurred NOTICE: A normal but significant condition has occurred INFORMATIONAL: An informational message DEBUG: A debugging message Description Corrective action, if applicable
Events are written to the event log. You can display the event log by using the event log show command and modify its configuration by using the event config modify command.
Next topics
Creating an event destination on page 176 Modifying an event route on page 177 Displaying the event log on page 180 Displaying the configuration for event notification and logging on page 181 Displaying information about event occurrences on page 183 Displaying mail-history records on page 184 Displaying SNMP trap-history records on page 185 System administration commands that are available in the nodeshell on page 186
Related tasks
Modifying an event route on page 177 Displaying the event log on page 180 Modifying the configuration for event notification and logging on page 182
Creating an event destination

You can create an event destination, which consists of a name and one or more destinations for event messages.
Step
1. To create an event destination, use the event destination create command. After you create an event destination, use the event route modify to associate the event destination with the event or events that you want to be sent to the destination. Possible destinations include e-mail addresses, SNMP clients, remote syslog daemons, or a syslog facility.
Example
The following example creates an event destination named admin that sends events to the e-mail address admin@example.com, a remote syslog daemon with the IP address 10.98.27.90, and an SNMP client with the IP address 10.98.12.234.
node::> event destination create -name admin -mail admin@example.com -syslog 10.98.27.90 -snmp 10.98.12.234 Next topics
Displaying information about event destinations on page 176 Modifying an event destination on page 177 Deleting an event destination on page 177
Related tasks
Modifying an event route on page 177
Displaying information about event destinations

You can display the destination name and any e-mail addresses, SNMP clients, and remote syslog daemons associated with the destination.
Step
1. To display information about event destinations, use the event destination show command.
Example
The following example displays the default information about all event destinations:
node::> event destination show Name Mail SNMP Destination Destination ------------- ----------------------allevents 10.0.2.20, Syslog Destination -----------10.0.2.22

10.0.2.21 10.0.2.20, 10.0.2.21 10.0.2.20, 10.0.2.21 -
criticals snmp.hosts
support.email supportmgr @example.com, techsupport @example.com, oncall @example.com pager pager @example.com 5 entries were displayed.
Modifying an event destination

You can modify an event destination's target e-mail addresses, SNMP client addresses, syslog daemon addresses, or syslog facility.
Step
1. To modify an event destination, use the event destination modify command.

Example
The following example modifies a destination named admin to use SNMP clients with the addresses 10.10.4.1 and 10.10.5.1:
node::> event destination modify -name admin -snmp 10.10.4.1,10.10.5.1
Deleting an event destination

You can delete an event destination.
Step
1. To delete an event destination, use the event destination delete command.

Example
The following example deletes an event destination named admin:

node::> event destination delete -name admin
Modifying an event route

An event is associated with one or more event destinations, a frequency threshold, and a time threshold. You can specify the destination and thresholds for an event.
About this task
Events are identified by their message names. The frequency threshold specifies the number of event occurrences between notifications for an event; for instance, a frequency threshold of 5 indicates that
178 | Data ONTAP 8.0 Cluster-Mode System Administration Guide a notification is sent every fifth time an event occurs. The time threshold specifies the number of seconds between notification for an event; for instance, a time threshold of 120 indicates that a notification is sent only if it has been two minutes or more since the last notification was sent. If both the frequency threshold and time threshold are set, a notification if either threshold is met. For instance, if the frequency threshold is set to 5 and the time threshold is set to 120, and the event occurs more than five times within two minutes, a notification is sent. If both thresholds are set to 0 (zero) or empty ("-" or ""), multiple event notifications are not suppressed.
Step
1. To modify an event route, use the event route modify command.

Example
The following example modifies all messages named disk.* to go to a destination named diskadmin with a frequency threshold of 2 events and a time threshold of 5 minutes.
node::> event route modify -messagename disk* -destination diskadmin frequencythreshold 2 -timethreshold 300 Example
The following example modifies all messages named callhome.* with a severity of CRITICAL or EMERGENCY to go to a pager and an autosupport message.
node::> event route modify {-messagename callhome.* -severity CRITICAL| EMERGENCY} -destinations pager,asup 98 entries were modified. Next topics
Adding destinations to event routes on page 178 Removing destinations from event routes on page 179 Displaying information about event routes on page 179
Related tasks
Displaying information about event routes on page 179
Adding destinations to event routes

You can add an existing destination or destinations for an event.
Step
1. To add an existing destination or destinations to an event route, use the event route adddestinations command. The command requires the following information: The message name of the event for which you want to add destinations.
Event management | 179 The destination or a comma-separated list of destinations to which the specified event notification is sent.
Example
The following example demonstrates how to execute the command so that all RAID events go to the destinations named eventdest1, eventdest2, and eventdest3:
node::> event route add-destinations -messagename raid* -destinations eventdest1,eventdest2,eventdest3
Removing destinations from event routes

You can remove a destination or destinations for an event.
Step
1. To remove a destination or destinations from an event route, use the event route removedestinations command. The command requires the following information: The message name of the event for which you want to remove destinations. The destination or a comma-separated list of destinations to which the specified event notification was sent.
Example
The following example removes all RAID events going to the destinations named eventdest1, eventdest2, and eventdest3:
node::> event route modify -messagename raid* -destinations eventdest1,eventdest2,eventdest3
Displaying information about event routes

You can display a description about event routes.
Step
1. To display information about event routes, use the event route show command. The command displays the following information: Message name Severity Destination or destinations
180 | Data ONTAP 8.0 Cluster-Mode System Administration Guide Frequency threshold Time threshold
A detailed view of a single event route also displays a full description of the event and, if applicable, the action that can be taken to address the event. See the reference page for the command for further information.
Example
The following example displays information about all events that have message names matching the pattern disk.*:
node::> event route show -messagename disk.* Message Time Severity Destinations Freq Threshd Threshd disk.dynamicqual.failure.cleared NOTICE disk.dynamicqual.failure.invalidFile ALERT disk.dynamicqual.failure.missingFile ALERT disk.dynamicqual.failure.occurred ALERT disk.dynamicqual.failure.shutdown EMERGENCY disk.fw.autodownrev INFORMATIONAL disk.fw.downrevWarning WARNING disk.healthTrigger WARNING disk.init.badSectorSize ERROR disk.init.failureBytes ERROR disk.init.unknownDisk ERROR disk.ioReassignFailed ALERT disk.lun.LDEVMappingError ERROR disk.lun.allMemoryAvailable NOTICE disk.lun.outOfMemory WARNING disk.lun.sizeTooLarge ERROR disk.lun.sizeTooSmall ERROR disk.senseError ERROR -
Displaying the event log

You can display the contents of an event log depending on the parameters you specify with the command.
Step
1. To display the event log, use the event log show command.

Example
The following example displays an event log:

node::> event log show Time Node ---------------------- ----------------------------4/17/2009 19:10:26 node1 rdb.ha.verified 4/17/2009 19:10:26 node2 rdb.ha.verified 4/17/2009 19:10:25 node1 rdb.ha.verified 4/17/2009 19:10:25 node1 rdb.ha.verified 4/17/2009 19:10:25 node1 rdb.ha.verified 4/17/2009 19:10:25 node1 api_dpool_02 od.rdb.mbox.debug 4/17/2009 19:10:25 node1 ems.engine.suppressed 4/17/2009 19:10:25 node2 ... Example Sequence# Severity Source --------- ------------4884 5005 4883 4882 4881 4880 4879 5004 NOTICE NOTICE NOTICE NOTICE NOTICE DEBUG INFORMATIONAL ontap: cpu0 NOTICE mgwd vifmgr vifmgr mgwd spinauthd vldb
The following example displays detailed information about the event with sequence number 414 on the node named node1:
node::> event Node: Sequence#: Time: Severity: Source: Message Name: Event: DOWN log show -node node1 -seqnum 414 node1 414 9/13/2008 21:02:37 WARNING ontap: cpu1 cf.nm.nicTransitionDown cf.nm.nicTransitionDown: Cluster Interconnect link 0 is
Displaying the configuration for event notification and logging

You can view the configuration for event notification and logging.
Step
1. To view the configuration for event notification and logging, use the event config show command.
182 | Data ONTAP 8.0 Cluster-Mode System Administration Guide Other information is displayed in a detailed view at different privilege levels. See the reference page for the command for details.
Example
The following example shows the configuration for an event notification and logging:
node::> event config show Mail From: Mail Server: admin@localhost localhost
Modifying the configuration for event notification and logging

You can modify attributes for the cluster-wide configuration for event notification and logging.
About this task
Attributes you can modify include the mail-from address, the mail-server name, the rotation schedule for log files, and the number of log files kept on each node. At the advanced privilege level and higher, you can also modify whether chatter suppression is used, the maximum number of events in the log before the log rotates, and whether log events are written to the console.
Step
1. To modify the configuration for event notification and logging, use the event config modify command.
Example
The following example modifies the event-notification configuration to use the mail-from address admin@example.com and the mail server named smtp.example.com. It also turns on chatter suppression, which requires the advanced privilege level.
node::> set -privilege advanced node::*> event config modify -mailfrom admin@example.com -mailserver smtp.example.com -suppression on node::*> event config show Mail From: Mail Server: Suppression: Local Rotation Schedule: Max Local Log Size: Number Local Logs: Console: admin@example.com smtp.example.com on logrotationsched 5000 5 on
Displaying information about event occurrences

You can display information about event occurrences depending on the parameters you specify with the command.
Step
1. To display information about event occurrences, use the event status show command. The command displays the following information: Node name Message name of the event Number of event occurrences Number of dropped event notifications Time the event last occurred
Other information is displayed in a detailed view and if other parameters are specified. See the reference page for the command for details.
Example
The following example displays information about all event occurrences:

node::> event status show Node node1a 14:35:55 node1a 14:35:57 node1a 14:35:55 node1a 14:36:07 node1a 14:36:05 node1a 14:36:07 node1a 14:35:57 node1a 14:36:07 node1a 14:36:00 node1a 14:36:05 node1a 14:35:57 Message cf.fm.launch cf.fm.notkoverBadMbox Occurs Drops Last Time 2 0 9/13/2005 2 0 0 0 0 0 0 0 0 0 0 9/13/2005 9/13/2005 9/13/2005 9/13/2005 9/13/2005 9/13/2005 9/13/2005 9/13/2005 9/13/2005 9/13/2005
cf.fm.notkoverClusterDisable 2 cf.fm.partner cf.fm.partnerSysid cf.fm.timeMasterStatus cf.fsm.backupMailboxError cf.fsm.backupMailboxOk cf.fsm.partnerNotResponding cf.fsm.partnerOk 1 1 1 2 1 2 1
cf.fsm.takeoverOfPartnerDisabled 2

node1a 20:00:01 node1a 20:21:03 node1a 14:35:14 node1a 20:21:03 node1a 14:36:05 node1a 14:35:51 node1a 14:36:00 ... cf.ic.hourlyNicDownTime cf.nm.nicTransitionDown cf.nm.nicTransitionUp cf.rv.notConnected config.BadSlot config.noPartnerDisks coredump.findcore.nocore 24 1 3 1 3 2 8 0 0 0 0 0 0 0 9/13/2005 9/12/2005 9/13/2005 9/12/2005 9/13/2005 9/13/2005 9/13/2005
Displaying mail-history records

You can display a list of e-mailed event nofications.
Step
1. To display mail-hostory records, use the event mailhistory show command. The command displays the following information: Sequence number of the e-mailed event notification Message name Address to which the event notification was sent Node name Time the event notification was sent
Example
The following example displays the list of e-mailed event notifications:

node::> event mailhistory show Seq # Message Name Address 1 app.log.emerg admin@example.com 2 3 4 5 6 app.log.emerg app.log.emerg wafl.vol.full wafl.vol.full wafl.vol.full admin@example.com admin@example.com admin@example.com admin@example.com admin@example.com Node node0a node0a node0a node1b node1b node1b Time 12/8/2005 22:44:12 12/8/2005 22:51:43 12/9/2005 00:56:28 1/5/2006 12:52:23 1/5/2006 12:52:36 1/5/2006 12:52:51

7 1/5/2006 12:53:06 Press <space> to page down, <return> for next line, or 'q' to quit... wafl.vol.full admin@example.com node1b
Deleting a mail-history record

You can delete a single record by specifying its node name, sequence number, or multiple records by specifying a pattern.
Step
1. To delete mail-history records, use the event mailhistory delete command.

Example
The following example deletes all mail-history records on node1:

node::> event mailhistory delete -node node1 -seqnum *
Displaying SNMP trap-history records

You can view a list of event notifications that have been sent to SNMP traps.
Step
1. To display SNMP trap-history records, use the event snmphistory show command. The command displays the following information: Sequence number of the event notification Message name IP address of the SNMP host to which the event notification was sent Node name Time the event notification was sent
Example
The following example displays the list of event notifications that have been sent to SNMP traps:
node::> event snmphistory show Seq # Message Name 12 raid.mirror.bigio.restrict 15:11:04 11 aggrcopy.dst.noMemory 14:52:54 10 raid.mirror.bigio.restrict 14:41:04 Address 10.98.12.1 10.98.12.1 10.98.12.1 Node node0a node0a node0b Time 4/14/2005 4/14/2005 4/14/2005
Deleting an SNMP trap-history record

You can delete a single record by specifying its sequence number, or multiple records by specifying a pattern.
Step
1. To delete SNMP trap-history records, use the event snmphistory delete command.
Example
The following example deletes the SNMP trap-history record with the sequence number 10:
node::> event snmphistory delete -seqnum 10
System administration commands that are available in the nodeshell

The system node run command enables you to run a subset of 7-Mode (the nodeshell) system administration commands from Cluster-Mode (the clustershell). The system node run command enables you to run certain system administration commands from the nodeshell CLI on a specified node in the cluster. The nodeshell is the CLI that is available with Data ONTAP 7-Mode deployments. You can run a single nodeshell command from the clustershell that returns immediately. Or, you can switch within the clustershell to a nodeshell session from which you can run multiple nodeshell commands interactively. For more information about using the system node run command to access the nodeshell, see its reference page in the Data ONTAP Cluster-Mode Administration Reference.
Nodeshell system administration commands

A list of system administration commands that are available in the nodeshell.
Command name Purpose More information Parameter changes Notes is available in these or limitations documents: Admin privilege level
Displays a list of Data ONTAP 8.0 7available commands Mode System
Administration Guide
availtime Displays service statistics Advanced privilege level
Command name
Purpose
More information Parameter changes Notes is available in these or limitations documents:
bmc
Controls the Baseboard Management Controller (BMC)
Data ONTAP 8.0 7Mode System Administration Guide

na_bmc(1) man page
Admin privilege level
bootfs
Controls the boot file system Displays the date and time
Advanced privilege level
date

na_date(1) man page
echo
Displays commandline arguments

na_echo(1) man page
ems
Controls the event Data ONTAP 8.0 7management system Mode System
Administration Guide
na_ems(1) man page environ Displays information about the node's physical environment na_environ(1) man page Advanced privilege level. Deprecated; use the environmentco mmand command instead.
Command name
Purpose
environment
Displays information about the node's physical environment

na_environment(1) man page
exit
Exits the node shell and returns to the cluster shell Displays the security settings on a file or directory Stops the node
system node runexit reference page na_fsecurity(1) man page
fsecurity show
halt

na_halt(1) man page
help
Displays command summaries and help strings
Data ONTAP 8.0 7Mode System Administration Guide Data ONTAP 8.0 7Mode System Administration Guide
na_hostname(1) man page
hostname
Displays the node name
license
Licenses Data ONTAP services

na_license(1) man page
Command name
Purpose
logger
Records messages in system logs

na_logger(1) man page
man
Displays manual pages

na_man(1) man page
mbstat
Displays mbuf statistics Displays memory scrubber statistics Controls magnetic tape operations
na_mbstat(1a) man page na_mem_scrub_stat s(1a) man page
Advanced privilege level Advanced privilege level Admin privilege level
mem_scrub_sta ts mt

na_mt(1) man page
options
Sets system options
na_options(1) man page
Admin privilege level; To see the list of available options, enter the options command with no arguments. Admin privilege level
passwd
Sets the Data ONTAP 8.0 7administrative user's Mode System password Administration
Guide
na_passwd(1) man page perf Displays performance statistics na_perf(1) man page Advanced privilege level
Command name
Purpose
priv
Sets the command privilege level

na_priv(1) man page
ps
Displays a list of processes Displays, sets, or controls the registry
na_ps(1) man page
Advanced privilege level Advanced privilege level Advanced privilege level Admin privilege level
registry
na_registry(1) man page
result
Displays the result na_result(1) man of the last command page Controls the Remote LAN Module (RLM)
rlm

na_rlm(1) man page
rtag
Displays resource tags Saves a core-dump file
na_rtag(1) man page
Advanced privilege level Admin privilege level
savecore

na_savecore(1) man page
setral
Sets the resource agitation level Installs or upgrades Data ONTAP software
Advanced privilege level
software

na_software(1) man page
Command name
Purpose
source
Reads and runs a file containing commands

na_source(1) man page
sp
Enables you to access, monitor, and troubleshoot the storage system remotely. Collects and displays statistical information
Data ONTAP 8.0 7Mode System Administration Guide Data ONTAP 8.0 7Mode System Administration Guide
na_stats(1) man page
stats
sysconfig
Displays node configuration information

na_sysconfig(1) man page
sysstat
Displays node performance statistics

na_sysstat(1) man page
timezone
Displays or sets the local time zone
Data ONTAP 8.0 7- Only the -v Mode System parameter is Administration supported Guide
na_timezone(1) man page
Command name
Purpose
ups
Controls the monitoring of uninterruptible power supplies (UPSs)

na_ups(1) man page
uptime
Displays the length Data ONTAP 8.0 7of time the node has Mode System been running Administration
Guide
na_uptime(1) man page useradmin Administers nodeaccess controls

na_useradmin(1) man page
version
Displays the current Data ONTAP 8.0 7version of Data Mode System ONTAP Administration
Guide
na_version(1) man page

Ontap 8 Sysadmin

Încărcat de

Informații document

Descriere originală:

Titlu original

Drepturi de autor

Formate disponibile

Partajați acest document

Partajați sau inserați document

Opțiuni de partajare

Vi se pare util acest document?

Este necorespunzător acest conținut?

Drepturi de autor:

Formate disponibile

Ontap 8 Sysadmin

Încărcat de

Drepturi de autor:

Formate disponibile

Data ONTAP 8.

0 Cluster-Mode System Administration Guide

How to access the storage system .............................................................. 19

What the management interface is ........................................................... 23

Management interface basics .................................................................... 27

Security management ................................................................................. 51

Local system management ......................................................................... 73

Software image management .................................................................... 79

Feature license management ..................................................................... 85

System services management .................................................................... 87

Command-line interface session record management ............................ 99

How to use dashboards ............................................................................ 103

What ClusterView is ................................................................................ 109

Node statistics ........................................................................................... 111

Client statistics .......................................................................................... 131

AutoSupport management ....................................................................... 137

Hardware component monitoring and management ............................ 145

Core dump management .......................................................................... 149

CLI timeout management ........................................................................ 155

Job and schedule management ................................................................ 157

Event management ................................................................................... 175

About this guide | 15

About this guide

16 | Data ONTAP 8.0 Cluster-Mode System Administration Guide

native disk shelf

HA (high availability) HA pair

Where to enter commands

Keyboard and formatting conventions

The NOW site Refers to the NetApp Support site at now.netapp.com.

hyphen (-) type

loss of data, or damage to the equipment.

How to send your comments

How to access the storage system | 19

How to access the storage system

Using the serial port to access the storage system

Using SSH to access the storage system

Limit the number of concurrent SSH connections to 50 or less

How to access the storage system | 21

Using the remote management device to access the system console

What the management interface is | 23

What the management interface is

24 | Data ONTAP 8.0 Cluster-Mode System Administration Guide

Different shells that are available

Types of privilege levels

The diagnostic account and the systemshell

Management interface basics | 27

Management interface basics

How to use the command-line interface

How to navigate CLI command directories

How to specify values in the CLI

Management interface basics | 29

How to reissue CLI commands

Keyboard shortcuts to edit CLI commands

30 | Data ONTAP 8.0 Cluster-Mode System Administration Guide

Edit Command ESC d

ESC Backspace ^h Backspace ^d ^p

^n Down arrow Up arrow Back arrow Forward arrow ^q ^s ^u ^v

Setting the privilege level in the CLI

Management interface basics | 31

Types of privilege levels on page 24

Setting display preferences in the CLI

How to access the Web interface