Cluster vs SVM Admins
---------------------
SVM Admins
- can only administer their own SVM
- SVMs are short for Storage Virtual Machines
(formerly called vservers)
- manages resources to that SVM (volumes,
protocols, lifs, etc..)
Cluster Admins
- can administer both the cluster and all SVMs
underneath
- can setup SVMs and delegate roles to SVM
admins
How to manage DataONTAP?
------------------------
Ways:
1. command line (tcsh
shell)
cluser admins:
a. serial port (default admin account:
admin)
b. ssh
- enabled by default
- account must be permitted via ssh
login (`security login -application`)
- if using AD, domain ssh access methos
must be "domain"
- if using ipv6, ipv6 must be configure
on the cluster
c. rsh/telnet
- disabled by default since they are
insecure protocols
- to enable, see tutorial below
2. url
Some notes on SSH
-----------------
- SSHv1 is not supported, only SSHv2 (cDOT
8.3)
- DOT supports 64 concurrent SSH connections
per node
- if rate of incoming connections is higher
than 10 per second,
service is temporarily disabled for 60
seconds
- if using AD, use same username and domain
create from DOT
Privileged Levels
-----------------
Levels:
|
admin
|
cluster_name::>
- most commands and
parameters are available
- used for common
routine tasks
|
|
advanced
|
cluster_name::*>
- commands here are
infrequently used
- requires advanced
knowledge
|
|
diagnostics
|
what does the
prompt looks like??
- commands here are
potentially disruptve
- used by support
personnel to diagnose and fix problems
|
note:
- command preceded by `*` can only be
executed under advanced
privileged level or higher
Different Shells
----------------
* for cluster admins
only *
1. clustershell
- default shell when you log in
- used to manage the cluster
2. nodeshell
- shell for a specific node
- many commands from nodeshell can be
accessed from clustershell
3. systemshell
- used for diagnostics/troubleshooting
purposes
- requires diag priveleged level
- intended for technical support use
Display Preferences
-------------------
What preferences can
I set?
- privilege level of
the command session
- whether
confirmations are issued for potentially disruptive commands
- whether show
commands display all fields
- the character or
characters to use as the field separator
- the default unit
when reporting data sizes
- the number of rows
the screen displays in the current cli session
before the interface pauses output (if the
preferred number of rows
is not specified, it is automatically
adjusted based on the actual
height of the terminal. if the actual height
is undefined, the default
number of rows is 24)
- the default storage
virtual machine (svm) or node
- whether a
continuing command should stop if it encounters an error
Ways of executing Commands
--------------------------
1. full path
cluster1::>
storage disk show
2. per directory
cluster1::>
storage
cluster1::storage>
disk
cluster1::storage
disk> show
* use `top` to go to top level
* use `up` or `..` to go one level higher
3. abbreviating
commands
cluster1::> st d
sh
Rules for specifying values in CLI
----------------------------------
- a value can be a
number, string, boolean specifier
- some accepts a
comma-separated list (doesn't need "")
- enclose values with
spaces inside ""
- `?` is interpreted
as help
- example of
case-insensitive command is `vserver cifs
- nodenames, volumes,
aggregates, LIFs, etc .. are case-sensitive
- to clear a value,
use "" or -
- lines starting with
# are comments
some examples:
# sets a comment then
deletes it
cluster1::>
vserver create -vserver vs0 -subtype default -rootvolume root_vs0
-aggregate aggr1
-rootvolume-security-style unix -language C.UTF-8 -is-repository
false -ipspace
ipspaceA -comment "My SVM"
cluster1::>
vserver modify -vserver vs0 -comment ""
# tells that the
command do
cluster1::>
security login create -vserver vs0 -user-or-group-name new-admin
-application ssh
-authmethod password #This command creates a new user account
Query operators
---------------
|
*
|
match all entries
# list all volumes
with "tmp" on their name
volume show -volume
*tmp*
|
|
!
|
NOT operator
# indicates not to
match vs0
!vs0
|
|
|
|
OR operator
# vs0 or vs1
vs0 | vs1
# matches a,
anything that starts with b, or those with c
a | b* | *c*
|
|
..
|
range operator
# any value from 5
to 10
5..10
|
|
<
|
less than operator
|
|
>
|
greater than
operator
|
|
<=
|
less then or equal
to
|
|
>=
|
greater than or
equal to
|
|
{query}
|
extended query
- must be specified as the 1st argument
after
the command name before any other
parameters
- can only be used in `modify` and `delete`
commands
- not applicable on `create` or `show`
commands
- example of confusing exended query: p.22
of
"ONTAP 9 System Administration
Reference"
# offlines all
volumes whose names contain "tmp"
volume modify
{-volume *tmp*} -state offline
|
|
"string
literal"
|
you may also query
any characters as literals by
enclosing them in
""
e.g
"^"
"*"
|
|
using multiple
query operators
|
# displays all
volumes whose size is greater than 1GB,
# percent used is
less than 50% and not in SVM vs1
volume show -size
>1GB -percent-used <50 -vserver="" p="" vs1="">
|
Commands
--------
|
nodeshell/clustershell
|
# querying
clustershell cli
vserver options
-vserver
# accessing vserver
man page
man vserver options
# cluster shell
help
help
# node shell help
help
# accessing node
shell
system node run
-node
* local - node you use to access the
cluster
* `system node run` alias is `run`
# exits/return to
previous shell (if there is any)
exit
CTRL+D
|
|
ssh
|
# connecting using
local ssh account
ssh joe@cluster.ip
# connecting using
AD account
ssh
DOMAIN\\joe@cluster.ip
ssh
"DOMAIN\joe"@cluster.ip
# executing remote
command via ssh
ssh joe@cluster.ip
cluster show
|
|
history/redo/reissue
|
# prints history
history
# redo nth command
in history
redo
# redo command
executed Nth number ago
redo -
|
|
privelege levels
|
# changes privilege
level
set -privilege
|
|
setting display
preferences
|
# key command
set
# sets number of
rows on the current session
rows
# changes separator
and units used
set -showseparator
"," -units GB
|
|
displaying
|
# displays full
details
cluster1::>
volume show -instance
Vserver Name:
cluster1-1
Volume Name: vol0
Aggregate Name:
aggr0
...
Space Guarantee
Style: volume
Space Guarantee in
Effect: true
...
Press
...
cluster1::>
# displays only the
fields you specify
cluster1::>
volume show -fields space-guarantee,space-guarantee-enabled
vserver volume
space-guarantee space-guarantee-enabled
-------- ------
--------------- -----------------------
cluster1-1 vol0
volume true
cluster1-2 vol0
volume true
...
cluster1::>
# show valid fields
|
Command Shortcuts
-----------------
- DataOntap shell is
based on unix tcsh
- below are copy
pasted from the pdf
|
If you want to ..
|
Use the ff keyboard
shortcut
|
|
move the cursor
back by one character
|
Ctrl-B / Back arrow
|
|
move the cursor
forward by one character
|
Ctrl-F / Forward
arrow
|
|
move the cursor
back by one word
|
Esc-B
|
|
move the cursor
forward by one word
|
Esc-F
|
|
move the cursor to
the beginning of the line
|
Ctrl-A
|
|
move the cursor to
the end of the line
|
Ctrl-E
|
|
Remove the content
of the command line from the beginning of the
line to the cursor,
and save it in the cut buffer
The cut buffer acts
like temporary memory, similar to what is called a
clipboard in some
programs.
|
Ctrl-U
|
|
Remove the content
of the command line from the cursor to the end
of the line, and
save it in the cut buffer
|
Ctrl-K
|
|
Remove the content
of the command line from the cursor to the end
of the following
word, and save it in the cut buffer
|
Esc-D
|
|
Remove the word
before the cursor, and save it in the cut buffer
|
Ctrl-W
|
|
Yank the content of
the cut buffer, and push it into the command line
at the cursor
|
Ctrl-Y
|
|
Delete the
character before the cursor
|
Ctrl-H / Backspace
|
|
Delete the
character where the cursor is
|
Ctrl-D
|
|
Clear the line
|
Ctrl-C
|
|
Clear the screen
|
Ctrl-L
|
|
Replace the current
content of the command line with the previous
entry on the
history list
With each
repetition of the keyboard shortcut, the history cursor
moves to the
previous entry.
|
Ctrl-P / Esc-P / Up
arrow
|
|
Replace the current
content of the command line with the next entry
on the history list
With each
repetition of the keyboard shortcut, the history cursor
moves to the next
entry
|
Ctrl-N / Esc-N /
Down arrow
|
|
Expand a partially
entered command or list valid input from the
current editing
position
|
Tab / Ctrl-I
|
|
Display
context-sensitive help
|
?
|
|
Escape the special
mapping for the question mark (“?”) character
For instance, to
enter a question mark into a command's argument,
press Esc and then
the “?” character.
|
Esc-?
|
|
Start TTY output
|
Ctrl-Q
|
|
Stop TTY output
|
Ctrl-S
|
Tutorials
---------
|
Enabling rsh/telnet
|
1. Use `system
services firewall policy clone` command to create
a new management firewall policy based
from the default which
is "mgmt" firewall policy
2. Use `system
services firewall policy create` command to enable
telnet or rsh on the new firewall policy
3. Use `network
interfaces modify` command to associate the new
policy with the cluster management LIF
4. Then to access
your cluster:
telnet cluster.ip
rsh cluster.ip -l username:password
|
No comments:
Post a Comment