没有合适的资源?快使用搜索试试~ 我知道了~
AFF A800 - Replacing the boot media.pdf
需积分: 8 0 下载量 114 浏览量
2021-09-23
10:53:50
上传
评论
收藏 1.55MB PDF 举报
温馨提示
试读
23页
AFF A800 - Replacing the boot media.pdf
资源详情
资源评论
资源推荐
AFF A800 systems
Replacing the boot media
April 2021 | 215-12556_2021-04_en-us
doccomments@netapp.com
Contents
Replacing the boot media................................................................................................3
Pre-shutdown checks for onboard encryption keys........................................................................................................ 3
Checking NVE or NSE on systems running ONTAP 9.5 and earlier.................................................................4
Checking NVE or NSE on systems running ONTAP 9.6 and later....................................................................7
Shutting down the impaired controller........................................................................................................................... 9
Completing node shutdown..............................................................................................................................10
Removing the controller module.................................................................................................................................. 10
Replacing the boot media............................................................................................................................................. 12
Transferring the boot image to the boot media.............................................................................................................13
Booting the recovery image..........................................................................................................................................15
Post boot media replacement steps for OKM, NSE, and NVE.................................................................................... 17
Restoring NVE or NSE when Onboard Key Manager is enabled.................................................................... 17
Restoring NSE/NVE on systems running ONTAP 9.5 and earlier...................................................................19
Restoring NSE/NVE on systems running ONTAP 9.6 and later......................................................................20
Completing the replacement process............................................................................................................................22
Copyright, trademark, and machine translation........................................................23
Copyright......................................................................................................................................................................23
Trademark.....................................................................................................................................................................23
Machine translation...................................................................................................................................................... 23
AFF A800 systems: Replacing the boot media ii
Contents
Replacing the boot media
Before you begin
About this task
• You must replace the failed component with a replacement FRU component you received from
your provider.
• It is important that you apply the commands in these steps on the correct node:
◦ The
impaired node
is the node on which you are performing maintenance.
◦ The
healthy node
is the HA partner of the impaired node.
Steps
1.
Pre-shutdown checks for onboard encryption keys
on page 3
2.
Shutting down the impaired controller
on page 9
3.
Removing the controller module
on page 10
4.
Replacing the boot media
on page 12
5.
Transferring the boot image to the boot media
on page 13
6.
Booting the recovery image
on page 15
7.
Post boot media replacement steps for OKM, NSE, and NVE
on page 17
8.
Completing the replacement process
on page 22
Pre-shutdown checks for onboard encryption keys
Prior to shutting down the impaired node and checking the status of the onboard encryption keys,
you must check the status of the impaired node, disable automatic giveback, and check what
version of ONTAP the system is running.
Before you begin
• If you have a cluster with more than two nodes, it must be in quorum. If the cluster is not in
quorum or a healthy node shows false for eligibility and health, you must correct the issue
before shutting down the impaired node.
ONTAP 9 System Administration Reference
Steps
1. Check the status of the impaired node:
• If the impaired node is at the login prompt, log in as admin.
• If the impaired node is at the LOADER prompt and is part of HA configuration, log in as
admin on the healthy node.
• If the impaired node is in a standalone configuration and at LOADER prompt, contact
NetApp Support.
mysupport.netapp.com
2. If AutoSupport is enabled, suppress automatic case creation by invoking an AutoSupport
message:
system node autosupport invoke -node * -type all -message MAINT=number_of_hours_downh
The following AutoSupport message suppresses automatic case creation for two hours:
cluster1:*> system node autosupport invoke -node * -type all -message MAINT=2h
3. Check the version of ONTAP the system is running on the impaired node if up, or on the
partner node if the impaired node is down, using the version -v command:
AFF A800 systems: Replacing the boot media
3
Replacing the boot media
• If <lno-DARE> is displayed in the command output, the system does not support NVE, go
to
Shutting down the impaired controller
on page 9.
• If <lno-DARE> is not displayed in the command output, and the system is running ONTAP
9.5, go to
Checking NVE or NSE on systems running ONTAP 9.5 and earlier
on page 4
• If <lno-DARE> is not displayed in the command output,, and the system is running
ONTAP 9.6 or later, go to
Checking NVE or NSE on systems running ONTAP 9.6 and later
on page 7
4. If the impaired node is part of an HA configuration, disable automatic giveback from the
healthy node:
storage failover modify -node local -auto-giveback false
storage failover modify -node local -auto-giveback-after-panic false
Checking NVE or NSE on systems running ONTAP 9.5 and earlier
Before shutting down the impaired node, you need to check whether the system has either NetApp
Volume Encryption (NVE) or NetApp Storage Encryption (NSE) enabled. If so, you need to verify
the configuration.
Steps
1.
Connect the console cable to the impaired node.
2. Check whether NVE is configured for any volumes in the cluster:
volume show -is-encrypted true
If any volumes are listed in the output, NVE is configured and you need to verify the NVE
configuration. If no volumes are listed, check whether NSE is configured.
3. Check whether NSE is configured:
storage encryption disk show
• If the command output list the drive details with Mode & Key ID information, NSE is
configured and you need to verify the NSE configuration.
• If NVE and NSE are not configured, it's safe to shut down the impaired node.
Verifying NVE configuration
Steps
1. Display the key IDs of the authentication keys that are stored on the key management servers:
security key-manager query
• If the Restored column displays yes and all key managers display available, it's
safe to shut down the impaired node.
• If the Restored column displays anything other than yes, or if any key manager
displays unavailable, you need to complete some additional steps.
• If you see the message This command is not supported when onboard key
management is enabled, you need to complete some other additional steps.
2. If the Restored column displayed anything other than yes, or if any key manager displayed
unavailable:
a. Retrieve and restore all authentication keys and associated key IDs:
security key-manager restore -address *
If the command fails, contact NetApp Support.
mysupport.netapp.com
AFF A800 systems: Replacing the boot media
4
Replacing the boot media
b. Verify that the Restored column displays yes for all authentication keys and that all key
managers display available:
security key-manager query
c. Shut down the impaired node.
3. If you saw the message This command is not supported when onboard key
management is enabled, display the keys stored in the onboard key manager:
security key-manager key show -detail
• If the Restored column displays yes manually backup the onboard key management
information:
a.
Go to advanced privilege mode and enter y when prompted to continue:
set -priv advanced
b.
Enter the command to display the OKM backup information:
security key-manager backup show
c.
Copy the contents of the backup information to a separate file or your log file. You'll
need it in disaster scenarios where you might need to manually recover OKM.
d.
Return to admin mode:
set -priv admin
e. Shut down the impaired node.
• If the Restored column displays anything other than yes:
a. Run the key-manager setup wizard:
security key-manager setup -node target/impaired node name
Note: Enter the customer's onboard key management passphrase at the prompt. If the
passphrase cannot be provided, contact
mysupport.netapp.com
b. Verify that the Restored column displays yes for all authentication key:
security key-manager key show -detail
c. Go to advanced privilege mode and enter y when prompted to continue:
set -priv advanced
d. Enter the command to display the OKM backup information:
security key-manager backup show
e. Copy the contents of the backup information to a separate file or your log file. You'll
need it in disaster scenarios where you might need to manually recover OKM.
f. Return to admin mode:
set -priv admin
g. You can safely shutdown the node.
Verifying NSE configuration
Steps
1. Display the key IDs of the authentication keys that are stored on the key management servers:
security key-manager query
• If the Restored column displays yes and all key managers display available, it's
safe to shut down the impaired node.
• If the Restored column displays anything other than yes, or if any key manager
displays unavailable, you need to complete some additional steps.
AFF A800 systems: Replacing the boot media
5
Replacing the boot media
剩余22页未读,继续阅读
黑山老腰断了
- 粉丝: 5
- 资源: 427
上传资源 快速赚钱
- 我的内容管理 展开
- 我的资源 快来上传第一个资源
- 我的收益 登录查看自己的收益
- 我的积分 登录查看自己的积分
- 我的C币 登录后查看C币余额
- 我的收藏
- 我的下载
- 下载帮助
安全验证
文档复制为VIP权益,开通VIP直接复制
信息提交成功
评论0