Summary
Netapp cDOT instructions for creating an SVM and adding it into DPX
Step By Step
1. Each SVM that is intended for use with DPX Block backup must be configured as follows:Open Netapp Oncommand and go to Storage > SVM > Create
- Name your SVM
- Choose an IP Space your SVM will use or select an existing
- Ensure NFS and ISCSI are enabled
- Security style must be mixed or UNIX
- Choose an Aggregate and fill out all DNS settings
- <Submit & Continue>
- Make sure that NFS/ISCSI LIFs are applied to the SVM with routable IP addresses and dedicated ports (Create additional LIFs for each Protocol on the 2nd Cluster node after the creation of the SVM under Storage > Network > Network Interfaces)
- <Submit & Continue>
- Make sure the vsadmin user is unlocked and you set the password
- Set up a Management LIF for the SVM
- Name the policy, for example: DPX_EXPORT_POLICY
- <Add Export Rules>
- Client specification 0.0.0.0/0
- Read/Write
- Superuser all
Command line example steps below:
- vserver export-policy create -vserver SVM_Name –policyname DPX_EXPORT_POLICY
- vserver export-policy rule create -vserver SVM_Name –policyname DPX_EXPORT_POLICY -ruleindex 1 -protocol any -clientmatch 0.0.0.0/0 –rorule any -rwrule any -anon 65534 -superuser any
2. Create a Volume with the following attributes:
Oncommand System Manager > Storage > Volumes > [Drop Down: SVM Name] > Create
- Choose a Volume name
- Choose an Aggregate
- Storage Type NAS
- <Create>
- Edit Volume
- Set Security style to either mixed or UNIX. NTFS security style should not be selected
- Read/Write/Execute permissions must be 0777
- volume create -volume vol_name -policy DPX_Export_Policy -security-style unix -junction-path "/vol_name" -unix-permissions 0777 -aggregate Aggr_Name -size 500GB
* A screenshot of a NetApp CDOT volume created using the above attributes via NetApp On-Command Manager is below. The volume in this example is SS_newNFS_Vol.
* Example of Volume Permissions:
3. Change/Verify the correct Export Policy is applied:
- Select your Volume > Verify DPX_EXPORT_POLICY is applied or use “Change Export Policy” Button to change
- Verify the Volume is mounted at root of SVM namespace “/”
4. Verify the SVM can be accessed
- The following command checks read/write access for an NFSv3 client with the IP address 1.2.3.4 to the volume home2 on vserver vs1. The command output shows that the volume uses the export policy exp-home-dir and that access is denied.
5. Add SVM into DPX
- From the DPX GUI, go to Configure > Enterprise > right click > Add Node
- Make sure you use STORAGE_CTL as access method
- A vsadmin type user should be used to add the Node
- Resolvable Node name can be the NFS address or the MGMT IP
- TEST the settings before applying to make sure the connection settings are correct
6. Troubleshooting
a) Qtree Permissions
Once you’ve run a backup to this SVM and it fails during transfer, please make sure the Qtree permissions were inherited correctly and the export policy used is correct
- Run “volume qtree show -vserver [SVM name] -volume [Volume Name] -qtree [qtree Name] -fields unix-permissions” to find the permission
The output should look like this:
vserver volume qtree unix-permissions
-------------- ---------- --------------- ----------------
b) SSL Certificate
- ssl show -vserver svm-name
- security certificate show -instance -vserver svm-name
- Example: security ssl modify -vserver svm-name -ca name.cert -serial 5A5A5A5A –server-enabled true
c) Aggregate assigned?
- Run “vserver show –vserver <NameOfVserver> –fields aggr-list” to check if any aggregate is assigned.
- If not, run “vserver modify –vserver <NameOfVserver> -aggr-list <NamesOfAggregatesSeparatedByComma>” to add aggregate(s).
- system services firewall policy show
- You can modify the firewall policy used by an SVM by using the ‘network interface modify’ command.
- To modify an existing firewall policy use the 'system services firewall policy modify -policy...' command
e) Access Permissions
If the volume is not created properly, an error message similar to the following displays in the DPX Job Report:
Message: Task 10 NDMP_LOG: id(1,744), type(NDMP_LOG_ERROR), text(Backup Err: [Failed to create file [/vol/c_ewh_Prod3/[cEHPROD3]EH-
PROD3@{2249A237}/BEXIMAGE.RAW] due to file/access permission.
- Review Volume Permissions from Step 2 of this Guide