没有合适的资源?快使用搜索试试~ 我知道了~
FAS9000 - Replacing the boot media.pdf
需积分: 5 1 下载量 13 浏览量
2021-09-23
11:04:45
上传
评论
收藏 500KB PDF 举报
温馨提示
试读
25页
FAS9000 - Replacing the boot media
资源详情
资源评论
资源推荐
FAS9000 and AFF A700 systems
Replacing the boot media
April 2021 | 215-10446_2021-04_en-us
doccomments@netapp.com
Contents
Replacing the boot media................................................................................................3
Pre-shutdown checks for onboard encryption keys........................................................................................................3
Checking NVE or NSE on systems running ONTAP 9.5 and earlier.................................................................4
Checking NVE or NSE on systems running ONTAP 9.6 and later....................................................................7
Shutting down the impaired controller......................................................................................................................... 10
Completing node shutdown..............................................................................................................................10
Shutting down a node in a two-node MetroCluster configuration....................................................................10
Opening the controller module.....................................................................................................................................12
Replacing the boot media............................................................................................................................................. 13
Transferring the boot image to the boot media.............................................................................................................14
Booting the recovery image..........................................................................................................................................16
Booting the recovery image in most systems................................................................................................... 16
Booting the recovery image in a two-node MetroCluster configuration..........................................................18
Switching back aggregates in a two-node MetroCluster configuration........................................................................19
Post boot media replacement steps for OKM, NSE, and NVE.................................................................................... 20
Restoring NVE or NSE when Onboard Key Manager is enabled....................................................................20
Restoring NSE/NVE on systems running ONTAP 9.5 and earlier...................................................................22
Restoring NSE/NVE on systems running ONTAP 9.6 and later......................................................................23
Completing the replacement process............................................................................................................................24
Copyright, trademark, and machine translation........................................................25
Copyright......................................................................................................................................................................25
Trademark.....................................................................................................................................................................25
Machine translation...................................................................................................................................................... 25
FAS9000 systems: Replacing the boot media ii
Contents
Replacing the boot media
The boot media stores a primary and secondary set of system (
boot image
) files that the system
uses when it boots. Depending on your network configuration, you can perform either a
nondisruptive or disruptive replacement.
Before you begin
You must have a USB flash drive, formatted to FAT32, with the appropriate amount of storage to
hold the image_xxx.tgz.
About this task
• The nondisruptive and disruptive methods for replacing a boot media both require you to
restore the var file system:
◦ For nondisruptive replacement, the HA pair must be connected to a network to restore the
var file system.
◦ For disruptive replacement, you do not need a network connection to restore the var file
system, but the process requires two reboots.
• You must replace the failed component with a replacement FRU component you received from
your provider.
• It is important that you apply the commands in these steps on the correct node:
◦ The
impaired node
is the node on which you are performing maintenance.
◦ The
healthy node
is the HA partner of the impaired node.
Steps
1.
Pre-shutdown checks for onboard encryption keys
on page 3
2.
Shutting down the impaired controller
on page 10
3.
Opening the controller module
on page 12
4.
Replacing the boot media
on page 13
5.
Transferring the boot image to the boot media
on page 14
6.
Booting the recovery image
on page 16
7.
Switching back aggregates in a two-node MetroCluster configuration
on page 19
8.
Post boot media replacement steps for OKM, NSE, and NVE
on page 20
9.
Completing the replacement process
on page 24
Pre-shutdown checks for onboard encryption keys
Prior to shutting down the impaired node and checking the status of the onboard encryption keys,
you must check the status of the impaired node, disable automatic giveback, and check what
version of ONTAP the system is running.
Before you begin
• If you have a cluster with more than two nodes, it must be in quorum. If the cluster is not in
quorum or a healthy node shows false for eligibility and health, you must correct the issue
before shutting down the impaired node.
ONTAP 9 System Administration Reference
Steps
1. Check the status of the impaired node:
• If the impaired node is at the login prompt, log in as admin.
FAS9000 systems: Replacing the boot media
3
Replacing the boot media
• If the impaired node is at the LOADER prompt and is part of HA configuration, log in as
admin on the healthy node.
• If the impaired node is in a standalone configuration and at LOADER prompt, contact
NetApp Support.
mysupport.netapp.com
2. If AutoSupport is enabled, suppress automatic case creation by invoking an AutoSupport
message:
system node autosupport invoke -node * -type all -message MAINT=number_of_hours_downh
The following AutoSupport message suppresses automatic case creation for two hours:
cluster1:*> system node autosupport invoke -node * -type all -message MAINT=2h
3.
Check the version of ONTAP the system is running on the impaired node if up, or on the
partner node if the impaired node is down, using the version -v command:
• If <lno-DARE> is displayed in the command output, the system does not support NVE, go
to
Shutting down the impaired controller
on page 10.
• If <lno-DARE> is not displayed in the command output, and the system is running ONTAP
9.5, go to
Checking NVE or NSE on systems running ONTAP 9.5 and earlier
on page 4
• If <lno-DARE> is not displayed in the command output,, and the system is running
ONTAP 9.6 or later, go to
Checking NVE or NSE on systems running ONTAP 9.6 and later
on page 7
4. If the impaired node is part of an HA configuration, disable automatic giveback from the
healthy node:
storage failover modify -node local -auto-giveback false
storage failover modify -node local -auto-giveback-after-panic false
Checking NVE or NSE on systems running ONTAP 9.5 and earlier
Before shutting down the impaired node, you need to check whether the system has either NetApp
Volume Encryption (NVE) or NetApp Storage Encryption (NSE) enabled. If so, you need to verify
the configuration.
Steps
1. Connect the console cable to the impaired node.
2. Check whether NVE is configured for any volumes in the cluster:
volume show -is-encrypted true
If any volumes are listed in the output, NVE is configured and you need to verify the NVE
configuration. If no volumes are listed, check whether NSE is configured.
3. Check whether NSE is configured:
storage encryption disk show
• If the command output list the drive details with Mode & Key ID information, NSE is
configured and you need to verify the NSE configuration.
• If NVE and NSE are not configured, it's safe to shut down the impaired node.
Verifying NVE configuration
Steps
1. Display the key IDs of the authentication keys that are stored on the key management servers:
security key-manager query
• If the Restored column displays yes and all key managers display available, it's
safe to shut down the impaired node.
FAS9000 systems: Replacing the boot media
4
Replacing the boot media
• If the Restored column displays anything other than yes, or if any key manager
displays unavailable, you need to complete some additional steps.
• If you see the message This command is not supported when onboard key
management is enabled, you need to complete some other additional steps.
2. If the Restored column displayed anything other than yes, or if any key manager displayed
unavailable:
a. Retrieve and restore all authentication keys and associated key IDs:
security key-manager restore -address *
If the command fails, contact NetApp Support.
mysupport.netapp.com
b. Verify that the Restored column displays yes for all authentication keys and that all key
managers display available:
security key-manager query
c. Shut down the impaired node.
3.
If you saw the message This command is not supported when onboard key
management is enabled, display the keys stored in the onboard key manager:
security key-manager key show -detail
• If the Restored column displays yes manually backup the onboard key management
information:
a. Go to advanced privilege mode and enter y when prompted to continue:
set -priv advanced
b. Enter the command to display the OKM backup information:
security key-manager backup show
c. Copy the contents of the backup information to a separate file or your log file. You'll
need it in disaster scenarios where you might need to manually recover OKM.
d. Return to admin mode:
set -priv admin
e. Shut down the impaired node.
• If the Restored column displays anything other than yes:
a. Run the key-manager setup wizard:
security key-manager setup -node target/impaired node name
Note: Enter the customer's onboard key management passphrase at the prompt. If the
passphrase cannot be provided, contact
mysupport.netapp.com
b. Verify that the Restored column displays yes for all authentication key:
security key-manager key show -detail
c. Go to advanced privilege mode and enter y when prompted to continue:
set -priv advanced
d. Enter the command to display the OKM backup information:
security key-manager backup show
e. Copy the contents of the backup information to a separate file or your log file. You'll
need it in disaster scenarios where you might need to manually recover OKM.
f. Return to admin mode:
set -priv admin
FAS9000 systems: Replacing the boot media
5
Replacing the boot media
剩余24页未读,继续阅读
黑山老腰断了
- 粉丝: 5
- 资源: 427
上传资源 快速赚钱
- 我的内容管理 展开
- 我的资源 快来上传第一个资源
- 我的收益 登录查看自己的收益
- 我的积分 登录查看自己的积分
- 我的C币 登录后查看C币余额
- 我的收藏
- 我的下载
- 下载帮助
安全验证
文档复制为VIP权益,开通VIP直接复制
信息提交成功
评论0