没有合适的资源?快使用搜索试试~ 我知道了~
AFF A250 - Replacing the boot media.pdf
需积分: 9 0 下载量 168 浏览量
2021-09-23
10:53:23
上传
评论
收藏 544KB PDF 举报
温馨提示
试读
21页
AFF A250 - Replacing the boot media.pdf
资源详情
资源评论
资源推荐
AFF A250 systems
Replacing the boot media
April 2021 | 215-14950_2021-04_en-us
doccomments@netapp.com
Contents
Replacing the boot media................................................................................................3
Pre-shutdown checks for onboard encryption keys........................................................................................................ 3
Checking NVE or NSE on systems running ONTAP 9.6 and later....................................................................4
Shutting down the impaired controller........................................................................................................................... 7
Completing node shutdown................................................................................................................................7
Removing the controller module.................................................................................................................................... 7
Replacing the boot media............................................................................................................................................... 9
Transferring the boot image to the boot media.............................................................................................................10
Booting the recovery image..........................................................................................................................................13
Post boot media replacement steps for OKM, NSE, and NVE.................................................................................... 15
Restoring NVE or NSE when Onboard Key Manager is enabled.................................................................... 15
Restoring NSE/NVE on systems running ONTAP 9.5 and earlier...................................................................17
Restoring NSE/NVE on systems running ONTAP 9.6 and later......................................................................18
Completing the replacement process............................................................................................................................20
Copyright, trademark, and machine translation........................................................21
Copyright......................................................................................................................................................................21
Trademark.....................................................................................................................................................................21
Machine translation...................................................................................................................................................... 21
AFF A250 systems: Replacing the boot media ii
Contents
Replacing the boot media
The boot media stores a primary and secondary set of system (
boot image
) files that the system
uses when it boots.
Before you begin
You must have a USB flash drive, formatted to MBR/FAT32, with the appropriate amount of
storage to hold the image_xxx.tgz
About this task
• You must replace the failed component with a replacement FRU component you received from
your provider.
• It is important that you apply the commands in these steps on the correct node:
◦ The
impaired node
is the node on which you are performing maintenance.
◦ The
healthy node
is the HA partner of the impaired node.
Steps
1.
Pre-shutdown checks for onboard encryption keys
on page 3
2.
Shutting down the impaired controller
on page 7
3.
Removing the controller module
on page 7
4.
Replacing the boot media
on page 9
5.
Transferring the boot image to the boot media
on page 10
6.
Booting the recovery image
on page 13
7.
Post boot media replacement steps for OKM, NSE, and NVE
on page 15
8.
Completing the replacement process
on page 20
Pre-shutdown checks for onboard encryption keys
Prior to shutting down the impaired node and checking the status of the onboard encryption keys,
you must check the status of the impaired node, disable automatic giveback, and check what
version of ONTAP the system is running.
Before you begin
• If you have a cluster with more than two nodes, it must be in quorum. If the cluster is not in
quorum or a healthy node shows false for eligibility and health, you must correct the issue
before shutting down the impaired node.
ONTAP 9 System Administration Reference
Steps
1. Check the status of the impaired node:
• If the impaired node is at the login prompt, log in as admin.
• If the impaired node is at the LOADER prompt and is part of HA configuration, log in as
admin on the healthy node.
• If the impaired node is in a standalone configuration and at LOADER prompt, contact
NetApp Support.
mysupport.netapp.com
2. If AutoSupport is enabled, suppress automatic case creation by invoking an AutoSupport
message:
system node autosupport invoke -node * -type all -message MAINT=number_of_hours_downh
The following AutoSupport message suppresses automatic case creation for two hours:
AFF A250 systems: Replacing the boot media
3
Replacing the boot media
cluster1:*> system node autosupport invoke -node * -type all -message MAINT=2h
3. Check the version of ONTAP the system is running on the impaired node if up, or on the
partner node if the impaired node is down, using the version -v command:
• If <lno-DARE> is displayed in the command output, the system does not support NVE, go
to
Shutting down the impaired controller
on page 7.
• If <lno-DARE> is not displayed in the command output,, and the system is running
ONTAP 9.6 or later, go to
Checking NVE or NSE on systems running ONTAP 9.6 and later
on page 4
4. If the impaired node is part of an HA configuration, disable automatic giveback from the
healthy node:
storage failover modify -node local -auto-giveback false
storage failover modify -node local -auto-giveback-after-panic false
Checking NVE or NSE on systems running ONTAP 9.6 and later
Before shutting down the impaired node, you need to check whether the system has either NetApp
Volume Encryption (NVE) or NetApp Storage Encryption (NSE) enabled. If so, you need to verify
the configuration.
Steps
1.
Check whether NVE is configured for any volumes in the cluster:
volume show -is-encrypted true
If any volumes are listed in the output, NVE is configured and you need to verify the NVE
configuration. If no volumes are listed, check whether NSE is configured.
2. Check whether NSE is configured:
storage encryption disk show
• If the command output list the drive details with Mode & Key ID information, NSE is
configured and you need to verify the NSE configuration.
• If no disks are shown, NSE is not configured.
• If NVE and NSE are not configured, it's safe to shut down the impaired node.
Verifying NVE configuration
Steps
1. Display the key IDs of the authentication keys that are stored on the key management servers:
security key-manager query
• If the Key Manager type displays external and the Restored column displays
yes, it's safe to shut down the impaired node.
• If the Key Manager type displays onboard and the Restored column displays yes,
you need to complete some additional steps.
• If the Key Manager type displays external and the Restored column displays
anything other than yes, you need to complete some additional steps.
• If the Key Manager type displays onboard and the Restored column displays
anything other than yes, you need to complete some additional steps.
2. If the Key Manager type displays onboard and the Restored column displays yes,
manually backup the OKM information:
a. Go to advanced privilege mode and enter y when prompted to continue:
set -priv advanced
AFF A250 systems: Replacing the boot media
4
Replacing the boot media
b. Enter the command to display the key management information:
security key-manager onboard show-backup
c. Copy the contents of the backup information to a separate file or your log file. You'll need it
in disaster scenarios where you might need to manually recover OKM.
d. Return to admin mode:
set -priv admin
e. Shut down the impaired node.
3. If the Key Manager type displays external and the Restored column displays
anything other than yes:
a. Restore the external key management authentication keys to all nodes in the cluster:
security key-manager external restore
If the command fails, contact NetApp Support.
mysupport.netapp.com
b. Verify that the Restored column equals yes for all authentication keys:
security key-manager key query
c. Shut down the impaired node.
4.
If the Key Manager type displays onboard and the Restored column displays anything
other than yes:
a. Enter the onboard security key-manager sync command:
security key-manager onboard sync
Note: Enter the customer's onboard key management passphrase at the prompt. If the
passphrase cannot be provided, contact NetApp Support.
mysupport.netapp.com
b. Verify the Restored column shows yes for all authentication keys:
security key-manager key query
c. Verify that the Key Manager type shows onboard, manually backup the OKM
information.
d. Go to advanced privilege mode and enter y when prompted to continue:
set -priv advanced
e. Enter the command to display the key management backup information:
security key-manager onboard show-backup
f. Copy the contents of the backup information to a separate file or your log file. You'll need it
in disaster scenarios where you might need to manually recover OKM.
g. Return to admin mode:
set -priv admin
h. You can safely shutdown the node.
Verifying NSE configuration
Steps
1. Display the key IDs of the authentication keys that are stored on the key management servers:
security key-manager query
• If the Key Manager type displays external and the Restored column displays
yes, it's safe to shut down the impaired node.
• If the Key Manager type displays onboard and the Restored column displays yes,
you need to complete some additional steps.
AFF A250 systems: Replacing the boot media
5
Replacing the boot media
剩余20页未读,继续阅读
黑山老腰断了
- 粉丝: 5
- 资源: 427
上传资源 快速赚钱
- 我的内容管理 展开
- 我的资源 快来上传第一个资源
- 我的收益 登录查看自己的收益
- 我的积分 登录查看自己的积分
- 我的C币 登录后查看C币余额
- 我的收藏
- 我的下载
- 下载帮助
安全验证
文档复制为VIP权益,开通VIP直接复制
信息提交成功
评论0