data ontap clustermode setup

Data ONTAP® Cluster-ModeSoftware Setup Guide

NetApp, Inc.495 East Java DriveSunnyvale, CA 94089 USATelephone: +1 (408) 822-6000Fax: +1 (408) 822-4501Support telephone: +1 (888) 4-NETAPPDocumentation comments: [email protected] Web: http://www.netapp.com

Part number: 210-04816_A0February 2010

Contents

Copyright information ................................................................................. 5Trademark information ............................................................................... 9About this guide .......................................................................................... 11

Audience .................................................................................................................... 11

Terminology .............................................................................................................. 11

Where to enter commands ......................................................................................... 13

Keyboard and formatting conventions ...................................................................... 13

Special messages ....................................................................................................... 14

How to send your comments ..................................................................................... 14

Setting up a node ......................................................................................... 15Checking Ethernet ports ............................................................................................ 15

Ethernet connections ...................................................................................... 15

Obtaining installation and configuration information ............................................... 16

Installation and configuration information .................................................... 16

Checking node component connectivity .................................................................... 17

Powering on a node ................................................................................................... 18

Configuring a node .................................................................................................... 18

Creating a basic configuration .................................................................. 21Adding a node to a cluster ......................................................................................... 22

Adding a feature license ............................................................................................ 23

Enabling storage failover ........................................................................................... 24

Configuring high availability in a two-node cluster .................................................. 24

Enabling and configuring Network Time Protocol (NTP) for the cluster ................. 25

Creating an aggregate to hold the virtual server root volume ................................... 25

Creating a virtual server ............................................................................................ 26

Protecting a virtual server root volume ......................................................... 27

Creating a volume for user data ................................................................................. 30

Creating a logical interface ........................................................................................ 31

Creating a static route ................................................................................................ 32

Verifying the creation of the logical interface and static route ................................. 33

Enabling clients access to data on the virtual server ................................................. 34

Adding an export rule to the default export policy ........................................ 34

Table of Contents | 3

Enabling and configuring NFS services .................................................................... 34

Creating an NFS server .................................................................................. 35

Verifying NFS service ................................................................................... 35

Creating a Kerberos-realm configuration .................................................................. 36

Creating an LDAP configuration ............................................................................... 36

Enabling and configuring CIFS ................................................................................. 37

Adding preferred domain controllers ............................................................ 38

Displaying information about preferred domain controllers ......................... 38

Creating a CIFS server .................................................................................. 39

Displaying information about CIFS servers .................................................. 39

Displaying information about CIFS shares ................................................... 42

Creating a name mapping .......................................................................................... 42

Setting up your system for using third-party storage ............................. 45Index ............................................................................................................. 47

4 | Data ONTAP 8.0 Cluster-Mode Software Setup Guide

Copyright information

Copyright © 1994–2009 NetApp, Inc. All rights reserved. Printed in the U.S.A.

No part of this document covered by copyright may be reproduced in any form or by any means—graphic, electronic, or mechanical, including photocopying, recording, taping, or storage in anelectronic retrieval system—without prior written permission of the copyright owner.

Portions of this product are derived from the Berkeley Net2 release and the 4.4-Lite-2 release, whichare copyrighted and publicly distributed by The Regents of the University of California.

Copyright © 1980–1995 The Regents of the University of California. All rights reserved.

Portions of this product are derived from NetBSD, copyright © Carnegie Mellon University.

Copyright © 1994, 1995 Carnegie Mellon University. All rights reserved. Author Chris G.Demetriou.

Permission to use, copy, modify, and distribute this software and its documentation is herebygranted, provided that both the copyright notice and its permission notice appear in all copies of thesoftware, derivative works or modified versions, and any portions thereof, and that both noticesappear in supporting documentation.

CARNEGIE MELLON ALLOWS FREE USE OF THIS SOFTWARE IN ITS “AS IS”CONDITION. CARNEGIE MELLON DISCLAIMS ANY LIABILITY OF ANY KIND FOR ANYDAMAGES WHATSOEVER RESULTING FROM THE USE OF THIS SOFTWARE.

Software derived from copyrighted material of The Regents of the University of California andCarnegie Mellon University is subject to the following license and disclaimer:

Redistribution and use in source and binary forms, with or without modification, are permittedprovided that the following conditions are met:

Redistributions of source code must retain the above copyright notices, this list of conditions, and thefollowing disclaimer.

Redistributions in binary form must reproduce the above copyright notices, this list of conditions,and the following disclaimer in the documentation and/or other materials provided with thedistribution.

All advertising materials mentioning features or use of this software must display this text:

This product includes software developed by the University of California, Berkeley and itscontributors.

Neither the name of the University nor the names of its contributors may be used to endorse orpromote products derived from this software without specific prior written permission.

THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS “AS IS” ANDANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE

Copyright information | 5

IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULARPURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORSBE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, ORCONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OFSUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESSINTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHERIN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OROTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IFADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

This software contains materials from third parties licensed to NetApp Inc. which is sublicensed, andnot sold, and title to such material is not passed to the end user. All rights reserved by the licensors.You shall not sublicense or permit timesharing, rental, facility management or service bureau usageof the Software.

Portions developed by the Apache Software Foundation (http://www.apache.org/). Copyright © 1999The Apache Software Foundation.

Portions Copyright © 1995–1998, Jean-loup Gailly and Mark Adler

Portions Copyright © 2001, Sitraka Inc.

Portions Copyright © 2001, iAnywhere Solutions

Portions Copyright © 2001, i-net software GmbH

Portions Copyright © 1995 University of Southern California. All rights reserved.

Redistribution and use in source and binary forms are permitted provided that the above copyrightnotice and this paragraph are duplicated in all such forms and that any documentation, advertisingmaterials, and other materials related to such distribution and use acknowledge that the software wasdeveloped by the University of Southern California, Information Sciences Institute. The name of theUniversity may not be used to endorse or promote products derived from this software withoutspecific prior written permission.

Portions of this product are derived from version 2.4.11 of the libxml2 library, copyright © 1994–2002 World Wide Web Consortium, (Massachusetts Institute of Technology, Institut National deRecherche en Informatique et en Automatique, Keio University). All Rights Reserved. http://www.w3.org/Consortium/Legal/

NetApp modified the libxml2 software on December 6, 2001, to enable it to compile cleanly onWindows, Solaris, and Linux. The changes have been sent to the maintainers of libxml2. Theunmodified libxml2 software can be downloaded from http://www.xmlsoft.org/.

Software derived from copyrighted material of the World Wide Web Consortium is subject to thefollowing license and disclaimer:

Permission to use, copy, modify, and distribute this software and its documentation, with or withoutmodification, for any purpose and without fee or royalty is hereby granted, provided that you includethe following on ALL copies of the software and documentation or portions thereof, includingmodifications, that you make:


The full text of this NOTICE in a location viewable to users of the redistributed or derivative work.

Any pre-existing intellectual property disclaimers, notices, or terms and conditions. If none exist, ashort notice of the following form (hypertext is preferred, text is permitted) should be used within thebody of any redistributed or derivative code: “Copyright © [$date-of-software] World Wide WebConsortium, (Massachusetts Institute of Technology, Institut National de Recherche en Informatiqueet en Automatique, Keio University). All Rights Reserved. http://www.w3.org/Consortium/Legal/”

Notice of any changes or modifications to the W3C files, including the date changes were made.

THIS SOFTWARE AND DOCUMENTATION IS PROVIDED “AS IS,” AND COPYRIGHTHOLDERS MAKE NO REPRESENTATIONS OR WARRANTIES, EXPRESS OR IMPLIED,INCLUDING BUT NOT LIMITED TO, WARRANTIES OF MERCHANTABILITY OR FITNESSFOR ANY PARTICULAR PURPOSE OR THAT THE USE OF THE SOFTWARE ORDOCUMENTATION WILL NOT INFRINGE ANY THIRD PARTY PATENTS, COPYRIGHTS,TRADEMARKS OR OTHER RIGHTS.

COPYRIGHT HOLDERS WILL NOT BE LIABLE FOR ANY DIRECT, INDIRECT, SPECIALOR CONSEQUENTIAL DAMAGES ARISING OUT OF ANY USE OF THE SOFTWARE ORDOCUMENTATION.

The name and trademarks of copyright holders may NOT be used in advertising or publicitypertaining to the software without specific, written prior permission. Title to copyright in thissoftware and any associated documentation will at all times remain with copyright holders.

Portions copyright © 2007-2008 LSI Corporation and QLogic Corporation. All rights reserved.

Portions copyright © 1995-1998 WIDE Project. All rights reserved.

Redistribution and use in source and binary forms, with or without modification, are permittedprovided that the following conditions are met:

1. Redistributions of source code must retain the above copyright notice, this list of conditions andthe following disclaimer.

2. Redistributions in binary form must reproduce the above copyright notice, this list of conditionsand the following disclaimer in the documentation and/or other materials provided with thedistribution.

3. Neither the name of the project nor the names of its contributors may be used to endorse orpromote products derived from this software without specific prior written permission.

THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS "AS IS" ANDANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THEIMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULARPURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORSBE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, ORCONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OFSUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESSINTERRUPTION).

Copyright information | 7

Software derived from copyrighted material of NetApp, Inc. is subject to the following license anddisclaimer:

NetApp reserves the right to change any products described herein at any time, and without notice.NetApp assumes no responsibility or liability arising from the use of products described herein,except as expressly agreed to in writing by NetApp. The use or purchase of this product does notconvey a license under any patent rights, trademark rights, or any other intellectual property rights ofNetApp.

The product described in this manual may be protected by one or more U.S.A. patents, foreignpatents, or pending applications.

RESTRICTED RIGHTS LEGEND: Use, duplication, or disclosure by the government is subject torestrictions as set forth in subparagraph (c)(1)(ii) of the Rights in Technical Data and ComputerSoftware clause at DFARS 252.277-7103 (October 1988) and FAR 52-227-19 (June 1987).


Trademark information

All applicable trademark attribution is listed here.

NetApp; the NetApp logo; the Network Appliance logo; Cryptainer; Cryptoshred; DataFabric; DataONTAP; Decru; Decru DataFort; FAServer; FilerView; FlexCache; FlexClone; FlexShare; FlexVol;FPolicy; gFiler; Go further, faster; Manage ONTAP; MultiStore; NearStore; NetCache; NOW(NetApp on the Web); ONTAPI; RAID-DP; SANscreen; SecureShare; Simulate ONTAP;SnapCopy; SnapDrive; SnapLock; SnapManager; SnapMirror; SnapMover; SnapRestore;SnapValidator; SnapVault; Spinnaker Networks; Spinnaker Networks logo; SpinAccess;SpinCluster; SpinFlex; SpinFS; SpinHA; SpinMove; SpinServer; SpinStor; StoreVault; SyncMirror;Topio; vFiler; VFM; and WAFL are registered trademarks of NetApp, Inc. in the U.S.A. and/or othercountries. Network Appliance, Snapshot, and The evolution of storage are trademarks of NetApp,Inc. in the U.S.A. and/or other countries and registered trademarks in some other countries. TheStoreVault logo, ApplianceWatch, ApplianceWatch PRO, ASUP, AutoSupport, ComplianceClock,DataFort, Data Motion, FlexScale, FlexSuite, Lifetime Key Management, LockVault, NOW,MetroCluster, OpenKey, ReplicatorX, SecureAdmin, Shadow Tape, SnapDirector, SnapFilter,SnapMigrator, SnapSuite, Tech OnTap, Virtual File Manager, VPolicy, and Web Filer aretrademarks of NetApp, Inc. in the U.S.A. and other countries. Get Successful and Select are servicemarks of NetApp, Inc. in the U.S.A.

IBM, the IBM logo, and ibm.com are trademarks or registered trademarks of International BusinessMachines Corporation in the United States, other countries, or both. A complete and current list ofother IBM trademarks is available on the Web at http://www.ibm.com/legal/copytrade.shtml.

Apple is a registered trademark and QuickTime is a trademark of Apple, Inc. in the U.S.A. and/orother countries. Microsoft is a registered trademark and Windows Media is a trademark of MicrosoftCorporation in the U.S.A. and/or other countries. RealAudio, RealNetworks, RealPlayer,RealSystem, RealText, and RealVideo are registered trademarks and RealMedia, RealProxy, andSureStream are trademarks of RealNetworks, Inc. in the U.S.A. and/or other countries.

All other brands or products are trademarks or registered trademarks of their respective holders andshould be treated as such.

NetApp, Inc. is a licensee of the CompactFlash and CF Logo trademarks.

NetCache is certified RealSystem compatible.

Trademark information | 9

About this guide

You can use your product more effectively when you understand this document's intended audienceand the conventions that this document uses to present information.

Here you can learn what this document describes and who it is intended for, what specialterminology is used in the document, what command, keyboard, and typographic conventions thisdocument uses to convey information, and other details about finding and using information.

This document describes how to set up and configure storage systems that run Data ONTAP Cluster-Mode software. It covers all supported storage system models.

Note: This guide applies to systems running Data ONTAP 8.0 Cluster-Mode, including V-Seriessystems. If you are a Data ONTAP 8.0 7-Mode user, use the Data ONTAP 8.0 7-Mode guides.

Next topics

Audience on page 11

Terminology on page 11

Where to enter commands on page 13

Keyboard and formatting conventions on page 13

Special messages on page 14

How to send your comments on page 14

AudienceThis document is written with certain assumptions about your technical knowledge and experience.

This guide is for system administrators who need to configure and maintain a storage system runningData ONTAP 8.0 Cluster-mode. It assumes that you are familiar with UNIX® commands and have abasic knowledge of network access protocols such as the Network File System (NFS) and theCommon Internet File System (CIFS).

TerminologyTo understand the concepts in this document, you might need to know how certain terms are used.

Storage terms

array LUN Refers to storage that third-party storage arrays provide to storage systemsrunning Data ONTAP software. One array LUN is the equivalent of one disk ona native disk shelf.

About this guide | 11

LUN (logicalunit number)

Refers to a logical unit of storage identified by a number.

native disk Refers to a disk that is sold as local storage for storage systems that run DataONTAP software.

native disk shelf Refers to a disk shelf that is sold as local storage for storage systems that runData ONTAP software.

storagecontroller

Refers to the component of a storage system that runs the Data ONTAPoperating system and controls its disk subsystem. Storage controllers are alsosometimes called controllers, storage appliances, appliances, storage engines,heads, CPU modules, or controller modules.

storage system Refers to the hardware device running Data ONTAP that receives data from andsends data to native disk shelves, third-party storage, or both. Storage systemsthat run Data ONTAP are sometimes referred to as filers, appliances, storageappliances, V-Series systems, or systems.

third-partystorage

Refers to the back-end storage arrays, such as IBM, Hitachi Data Systems, andHP, that provide storage for storage systems running Data ONTAP.

Cluster and high-availability terms

cluster • In Data ONTAP 8.0 Cluster-Mode, refers to a group of connected nodes(storage systems) that share a global namespace and that you can manage as asingle virtual server or multiple virtual servers, providing performance,reliability, and scalability benefits.

• In the Data ONTAP 7.1 release family and earlier releases, refers to an entirelydifferent functionality: a pair of storage systems (sometimes called nodes)configured to serve data for each other if one of the two systems stopsfunctioning.

HA (highavailability)

In Data ONTAP 8.0, refers to the recovery capability provided by a pair of nodes(storage systems), called an HA pair, that are configured to serve data for eachother if one of the two nodes stops functioning.

HA pair In Data ONTAP 8.0, refers to a pair of nodes (storage systems) configured toserve data for each other if one of the two nodes stops functioning. In the DataONTAP 7.3 and 7.2 release families, this functionality is referred to as an active/active configuration.


Where to enter commandsYou can use your product more effectively when you understand how this document uses commandconventions to present information.

You can perform common administrator tasks in one or more of the following ways:

• You can enter commands either at the system console or from any client computer that can obtainaccess to the storage system using a Telnet or Secure Shell (SSH) session.In examples that illustrate command execution, the command syntax and output shown mightdiffer from what you enter or see displayed, depending on your version of the operating system.

• You can use the Element Manager graphical user interface.For information about accessing your system with Element Manager, see the Data ONTAP 8.0Cluster-Mode System Administration Guide.

Keyboard and formatting conventionsYou can use your product more effectively when you understand how this document uses keyboardand formatting conventions to present information.

Keyboard conventions

Convention What it means

The NOW site Refers to NetApp On the Web at http://now.netapp.com/.

Enter, enter • Used to refer to the key that generates a carriage return; the key is namedReturn on some keyboards.

• Used to mean pressing one or more keys on the keyboard and then pressing theEnter key, or clicking in a field in a graphical interface and then typinginformation into the field.

hyphen (-) Used to separate individual keys. For example, Ctrl-D means holding down theCtrl key while pressing the D key.

type Used to mean pressing one or more keys on the keyboard.

About this guide | 13

http://now.netapp.com/

Formatting conventions

Convention What it means

Italic font • Words or characters that require special attention.• Placeholders for information that you must supply.

For example, if the guide says to enter the arp -d hostname command,you enter the characters "arp -d" followed by the actual name of the host.

• Book titles in cross-references.

Monospaced font • Command names, option names, keywords, and daemon names.• Information displayed on the system console or other computer monitors.• Contents of files.• File, path, and directory names.

Bold monospaced

fontWords or characters you type. What you type is always shown in lowercaseletters, unless your program is case-sensitive and uppercase letters arenecessary for it to work properly.

Special messagesThis document might contain the following types of messages to alert you to conditions that youneed to be aware of.

Note: A note contains important information that helps you install or operate the systemefficiently.

Attention: An attention notice contains instructions that you must follow to avoid a system crash,loss of data, or damage to the equipment.

How to send your commentsYou can help us to improve the quality of our documentation by sending us your feedback.

Your feedback is important in helping us to provide the most accurate and high-quality information.If you have suggestions for improving this document, send us your comments by e-mail to [email protected]. To help us direct your comments to the correct division, include in thesubject line the name of your product and the applicable operating system. For example, FAS6070—Data ONTAP 7.3, or Host Utilities—Solaris, or Operations Manager 3.8—Windows.


mailto:[email protected]

Setting up a node

Setting up a node involves obtaining information about the node, checking Ethernet ports andcomponent connectivity, and applying power to the node.

Before you begin

Before continuing, ensure that all hardware components are installed and set up as described in theInstallation and Setup Instructions flyer.

1. Checking Ethernet ports on page 15

2. Obtaining installation and configuration information on page 16

3. Checking node component connectivity on page 17

4. Powering on a node on page 18

5. Configuring a node on page 18

Checking Ethernet portsYou must ensure that the node uses the correct Ethernet ports as cluster ports, data ports, andmanagement ports.

Step

1. Ensure that all hardware components are installed and set up correctly using the Ethernetconnections table.

Ethernet connectionsData ONTAP 8.0 Cluster-Mode systems use specific Ethernet connections for specific purposes.

At minimum, a Data ONTAP 8.0 Cluster-Mode system requires two networks, one for each of thefollowing purposes:

• A physically secure, dedicated network to connect to the cluster ports on each node

Note: NetApp strongly recommends that nodes' cluster ports are on a high-speed, high-bandwidth network deployed with jumbo frames with an MTU (maximum transmission unit)setting of 9000 bytes.

• A dedicated network to connect to the management ports on each node• A general corporate network to connect to the data ports on each node

Ports are configured with the following default port roles:

Setting up a node | 15

Default port role Ethernet ports by platform

30xx 31xx 60xx

Cluster port e0a e0a e0a e0a

Cluster port e0b e0b e0b e0b

Cluster port N/A N/A N/A e0c

Cluster port N/A N/A N/A e0d

Management port e0d and the RemoteManagement port (the portwith the wrench icon)

e1a e0M e4a

Data ports All other Ethernet ports are data ports by default.

Note: For the , the management network can connect to the data network, so the e0dport can be configured with both management LIFs and data LIFs.

Obtaining installation and configuration informationYou need information about the installation and configuration of the node before you can proceedwith the node setup.

Step

1. Contact your network administrator and obtain the information listed in the Installation andconfiguration information section.

Installation and configuration informationInformation from your network administrator about the configuration of a node is important to havewhen you are going through the setup and configuration processes.

Information required Your information

Node name

Management IP address (if not using Dynamic HostConfiguration Protocol (DHCP))

Management netmask (if not using DHCP)

Management maximum transmission unit (MTU)setting (for manual cluster creation only)

Cluster IP address 1


Information required Your information

Cluster netmask 1

Cluster MTU 1 (for manual cluster creation only)

Cluster IP address 2

Cluster netmask 2

Cluster MTU 2 (for manual cluster creation only)

Data IP address 1

Data netmask 1

Data MTU 1 (for manual cluster creation only)

Data IP address 2

Data netmask 2

Data MTU 2 (for manual cluster creation only)

Gateway IP address for management

Gateway IP address for data

Mailhost IP address

Cluster serial number

Cluster name

Whether the node is to use Domain Name Service(DNS)

If using DNS, the DNS domain name or names

If using DNS, IP address of the first name server

If using DNS, IP address of the second name server

Checking node component connectivityIn order to begin software initialization procedures, the node needs to be connected and configuredcorrectly.

Step

1. Ensure that all hardware has been correctly set up and cabled, checking all cables and cords forthe proper physical connections.

The software initialization procedures require the following connectivity and configuration:


• The cluster ports are connected to the cluster network.• The data ports are connected to the data network.• The management port is connected to the management network.

Note: You must configure the management port on each node, even if you do not use it tomanage the cluster.

• The Fibre Channel ports are connected to the ports of the disk shelf or shelves, disk-shelf IDsare set properly, and ports are configured and connected to third-party arrays as described inthe V-Series Installation Requirements and Reference Guide and the V-Series implementationguide for your vendor.

• The NVRAM adapters are connected to the identical adapters on the partner node.• The console port is connected to a console configured for ANSI-9600-8N1.

For more information, see the Installation and Setup Instructions flyer for your node.

Powering on a nodeYou power on a node in order to set it up and create a basic cluster configuration.

Steps

1. Turn on the power to any network switches.

2. Turn on the disk shelves within five minutes of one another.

3. Turn on any tape devices.

4. Turn on the power to the node.

Note: It takes the LEDs on the system power supplies a few seconds to illuminate.

The system boots to the login prompt.

After you finish

You can now set up a node and create a basic cluster configuration.

Configuring a nodeYou can create a cluster manually by entering environment-specific information on each node youintend to add.

Steps

1. Enter the user name admin and an empty password (that is, press Enter at the Password: prompt).


Example

The system then displays the following prompt:

node::>

where node is the name of the node.

2. A series of prompts will appear. Answer the prompts according to the answers given in thefollowing example.

NetApp recommends that you enable all desired management-access protocols from this prompt.If you decide after initial system configuration that you need to enable additional management-access protocols, use the security login create command. See the Clustered-modeAdministration Reference for details about using this command.

Example

The following example displays the prompts and appropriate answers. When asked for IPaddresses or netmasks, use the configuration information collected about your node's managmentport, gateway, and so on.

Please enter the node hostname []: node1Where is the node located? []: SunnyvaleDo you want to configure a management interface? (no, yes) [yes]: yesWhich port do you want to use? (e1a) [e1a]: e1aPlease enter the IP Address for this interface: 10.70.200.106Please enter the Netmask for this interface: 255.255.255.0Please enter the IP address of the default gateway: 10.70.200.1Do you want to run DNS resolver? (no, yes) [no]: yesPlease enter DNS domain name(s): main.netapp.comPlease enter the IP address for the first nameserver: 10.70.199.10Please enter the IP address for the second nameserver: 10.70.150.40Do you want to enable remote management? (no, yes) [yes]: yesPlease specify the remote management username [admin]: adminWhich access protocol(s) can this user use? (console, http, ssh, telnet)[console, http, ssh]: console,http,ssh

Please enter a password for user 'admin':Please enter it again:

The node has now been configured.

The node is set up and you can log in using the admin user name and password you created.


Creating a basic configuration

You can create a basic cluster configuration by configuring your system.

About this task

The following steps must be performed for each node in the cluster.

Steps

1. Enter the user name admin and the password that you created for the node.

Example

The system then displays the following prompt:

node::>

where node is the name of the node.

2. Assign network ports the proper roles using the network port modify command. It isimportant that the ports to which you assign roles match the way the ports were cabled. Check theethernet connections to the ensure the roles you assign match.

ExampleThe following example assigns roles to ports and then displays the ports and assignments.

node1::> network port modify -node node1 -port e0c,e4c -role cluster

node1::> network port modify -node node1 -port e0a -role cluster-mgmt

node1::> network port modify -node node1 -port e0b,e4a -role node-mgmt

node1::> network port modify -node node1 -port e0d,e4d -role data

node1::> network port show

Auto-Negot Duplex Speed (Mbps)Node Port Role Link MTU Admin/Oper Admin/Oper Admin/Oper------ ------ ------------ ---- ----- ----------- ---------- ------------node1 e0a cluster-mgmt up 1500 true/true full/full auto/1000 e0b node-mgmt up 1500 true/true full/full auto/1000 e0c cluster up 1500 true/true full/full auto/1000 e0d data up 1500 true/true full/full auto/1000 e4a node-mgmt down 1500 true/true full/full auto/10 e4b data down 1500 true/true full/half auto/10 e4c cluster up 1500 true/true full/half auto/1000 e4d data up 1500 true/true full/half auto/10008 entries were displayed.

Creating a basic configuration | 21

3. Add the node to a cluster using the cluster create command.

Example

The following example creates a cluster. The cluster's base license is ABCDEFG (obtain licensesfor your cluster from your sales or support representative). The cluster is named clus1. The node'sfirst cluster port has the IP address 10.29.127.1, the netmask 255.255.240.0, and the MTU setting9000. The node's second cluster port has the IP address 10.29.127.2 and the same netmask andMTU setting as the first cluster port.

node::>cluster create-license ABCDEFG-clustername clus1 -mgmt-ip 10.29.228.10 -mgmt-netmask 255.255.255.0-mgmt-gateway 10.29.228.1 -ipaddr1 10.29.127.1 -netmask 255.255.255.0

Next topics

Adding a node to a cluster on page 22

Adding a feature license on page 23

Enabling storage failover on page 24

Configuring high availability in a two-node cluster on page 24

Enabling and configuring Network Time Protocol (NTP) for the cluster on page 25

Creating an aggregate to hold the virtual server root volume on page 25

Creating a virtual server on page 26

Creating a volume for user data on page 30

Creating a logical interface on page 31

Creating a static route on page 32

Verifying the creation of the logical interface and static route on page 33

Enabling clients access to data on the virtual server on page 34

Enabling and configuring NFS services on page 34

Creating a Kerberos-realm configuration on page 36

Creating an LDAP configuration on page 36

Enabling and configuring CIFS on page 37

Creating a name mapping on page 42

Adding a node to a clusterYou add nodes to a cluster when you first configure the cluster or when you add nodes to a cluster toimprove the performance of the cluster.

Steps

1. Create the node as you did when creating a basic configuration.

2. Join the node to the existing cluster using the cluster join command.


Example

The following example adds another node to the cluster created in the previous example; the -clusteripaddr parameter specifies the IP address of a cluster port of a node that is already amember of the cluster; in this case, the IP address 10.29.127.1 is used. The IP address of node1b'sfirst cluster port is 10.29.127.3, its netmask is 255.255.240.0, and its MTU setting is 9000. The IPaddress of its second cluster port is 10.29.127.4, with the same netmask and MTU setting as thefirst cluster port.

node::> cluster join -clusteripaddr 10.29.127.1-ipaddr1 10.29.127.3 -netmask 255.255.240.0 -mtu 9000-ipaddr2 10.29.127.4 -netmask 255.255.240.0 -mtu 9000

Note: Cluster virtual interfaces on the same node must be on the same subnet. NetApprecommends that the cluster virtual interfaces on each node in the cluster be on the samesubnet; however, clusters can span subnets if there is a direct route for cluster communicationamong the nodes.

3. To view the nodes that you added to the cluster, use the cluster show command.

Example

The following example shows that node1a has been added to the cluster.

node::> cluster showNode Health Eligibility--------------------- ------- ------------ node1 true truenode1a true true

Adding a feature licenseYou can add a feature license with the license code provided to you by your sales or supportrepresentative.

Step

1. To add a feature license, use the system license add command.

ExampleThe following example adds a feature with the license code AAAAAAAAAAAAAA:

node::> system license add -license-code AAAAAAAAAAAAAA


Enabling storage failoverYou enable storage failover to provide an additional level of security that data continues to be servedin the event of a hardware failure.

Before you begin

Both nodes in the failover pair must have a CF license installed.

About this task

You should enable storage failover for each set of failover pairs. Storage failover is described in theData ONTAP 8.0 Cluster-Mode Storage and Data Protection Management Guide.

Step

1. On one node of each failover pair in the cluster, enable storage failover by using the storagefailover modify command:

node::> storage failover modify -node node_name -enabled true

Enabling storage failover on one node of a failover pair automatically enables it on the partnernode.

Configuring high availability in a two-node clusterYou can configure high availability in a cluster if it contains only two nodes.

About this task

Cluster high availability differs from the high availability provided by storage failover. Cluster highavailability is a special case of the clustering technology used in larger clusters; cluster high-availability communications occur over the cluster network, not over the Infiniband interconnectionbetween controllers in a storage-failover pair.

Step

1. To enable high availability (HA) for a cluster, use the cluster ha modify command.

If your cluster contains only two nodes, you should enable high availability (HA). If the clustercontains three or more nodes, you should not enable HA mode in the cluster. In a two-nodecluster with HA enabled, epsilon is shared between the two nodes so that the failure of one nodedoes not disable the cluster.


Example

The following example enables high availability in a two-node cluster:

node::> cluster ha modify -configured true

Enabling and configuring Network Time Protocol (NTP) forthe cluster

You can enable and configure Network Time Protocol (NTP) for the cluster.

Step

1. To enable and configure NTP, use the system services ntp commands.

Example

The following examples enable NTP in the cluster and configure the node named node1a to usean NTP server named ntp1.example.com that uses NTP version 4:

node::> system services ntp config modify -enabled true

node::> system services ntp server create -node node1a-server ntp1.example.com -version 4

Creating an aggregate to hold the virtual server root volumeYou must create an aggregate for the user volume and its virtual server.

Step

1. Create a storage aggregate to hold the virtual server's root volume using the storageaggregate create command. Storage aggregate names must be unique in the cluster, and thenumber of disks specified cannot exceed the number of available spare disks.

See the Data ONTAP 8.0 Cluster-Mode Storage and Data Protection Management Guide formore information about storage aggregates.

ExampleThe following example creates a storage aggregate named node1a_aggr1 with 10 disks:

node::> storage aggregate create -aggregate node1a_aggr1 -diskcount 10


Creating a virtual serverYou can create both a virtual server and its root volume to provide data access to clients.

Steps

1. Create a virtual server using the vserver create command.

Example

The following example creates a virtual server named vs1 with a root volume named vs1_root onthe storage aggregate named node1a_aggr1. A file is used for network name inquiries, the defaultlanguage used on the volume is U.S. English, and the volumes' security style is mixed (that is, itsupports both NFS and CIFS).

Note: For NIS to be used for network name inquiries, the NIS service must be configured afterthe creation of the vserver.

node::> vserver create -vserver vs1 -rootvolume vs1_root-aggregate node1a_aggr1 -ns-switch file -language en_US-rootvolume-security-style unix

2. Verify the creation of the virtual server and its root volume using the vserver show andvolume show commands, respectively.

Example

The following examples show the creation of a vserver and its root volume:

node::> vserver showVirtual Root Name Name NIS LDAPServer Type Volume Aggregate Service Mapping Domain Client-------- ------- ---------- ---------- ------- ------- ------- -------vs1 cluster vs1_root node1a_aggr1 file file - -node::> volume showVserver Volume Aggregate State Type Size Available Used%-------- ---------- ------------ --------- ----- ------- ----------------vs1 vs1_root node1a_aggr1 online RW 100GB 79.99GB 0%

Note: After creating a virtual server root volume, you should define load-sharing mirrors on allnodes to protect it.

3. Create a NIS-domain configuration using the vserver services nis-domain createcommand.

The NIS domain must already exist; this command does not create an independent NIS domain,but configures the cluster to use an existing domain.


Example

The following example configures a virtual server named vs1 to use an NIS domain namedexample.com, which uses NIS servers that have the IP addresses 10.98.10.0 and 10.98.12.0.

node::> vserver services nis-domain create -vserver vs1-domain example.com -active true -servers 10.98.l0.0,10.98.12.0

4. Verify the NIS-domain configuration using the vserver services nis-domain showcommand.

Example

The following example shows the NIS-domain configuration that was created:

node::> vserver services nis-domain showVirtual NISServer Domain Active Server------------- ------------------- ------ -----------------------vs1 example.com true 10.98.10.0,10.98.12.0

5. Turn NIS services on the vserver using the vserver modify command.

Example

The following example shows that NIS services are turned on for the vserver:

node::> vserver modify -vserver vs1 -ns-switch file,nis

6. Verify that the virtual server is using the specified NIS domain using the vserver showcommand.

Example

The following example shows that the vserver is using the specified NIS domain:

node::> vserver showVirtual Root Name Name NIS LDAPServer Type Volume Aggregate Service Mapping Domain Client-------- ------- ---------- ---------- ------- ------- ------- -------vs1 cluster vs1_root node1a_aggr1 file, file example.- nis com

Protecting a virtual server root volumeYou protect a virtual server root volume by using load-sharing mirrors. Load-sharing mirrors protecta virtual server root volume by replicating the point of entry into the global namespace and bypreventing users from accidentally filling up the virtual server root volume with data.

Next topics

Creating a volume for load-sharing on page 28

Creating load-sharing mirror relationships on page 28


Creating a baseline for a set of load-sharing mirrors on page 29

Creating a volume for load-sharing

You must create a volume and designate it as a load-sharing mirror before you can create mirrorrelationships for load-sharing.

Steps

1. Enter the following command to create a volume that will become the load-sharing mirror:

volume create -vserver vserver_name -volume volume_name -aggregateaggregate_name -size volume_size -state online -type DP -unix-permissions 777

ExampleThe following example creates a load-sharing mirror volume named dept_eng_ls_mirror1. Themirror volume is located on a virtual server named vs0. The mirror volume is located on anaggregate named aggr3.

node::> volume create -vserver vs0 -volume dept_eng_ls_mirror1 -aggregate aggr3 -type DP

See the Data ONTAP 8.0 Cluster-Mode Administration Reference for details about the volumecreate command.

2. Repeat the previous step for each load-sharing mirror that you want.

ExampleThe following example creates two more volumes that will be used as load-sharing mirrors.

node::> volume create -vserver vs0 -volume dept_eng_ls_mirror2 -aggregate aggr4 -type DP

node::> volume create -vserver vs0 -volume dept_eng_dr_mirror3 -aggregate aggr5 -type DP

Creating load-sharing mirror relationships

Before you can replicate data from the source read-write volume to the load-sharing mirrors, youcreate the mirror relationship using the snapmirror create command.

Steps

1. Enter the following command to create a load-sharing mirror relationship between the sourceendpoint and a destination endpoint:

snapmirror create -source-path source_endpoint -destination-pathdestination_endpoint -type LS


ExampleThe following example creates a load-sharing mirror of the source volume named dept_eng. Thesource volume and the mirrors are located on a virtual server named vs0.

node::> snapmirror create -source-path //vs0/dept_eng -destination-path //vs0/dept_eng_ls_mirror1 -type LS[Job 171] Job is queued: snapmirror create the relationship with destination //v[Job 171] Job succeeded: SnapMirror: done

Note: You can use one of the available default cron jobs or you can create your ownSnapMirror schedule using the job schedule cron create command.

When you create a relationship for a load-sharing mirror, the attributes for that load-sharingmirror ( throttles, update schedules, and so on) are shared by all of the load-sharing mirrors in thegroup.

2. Repeat Step 1 to add load-sharing mirror relationships to the source volume, up to the maximumnumber allowed for a load-sharing mirror fanout.

ExampleThe following example creates load-sharing mirror relationships between the source volumenamed dept_eng and the destination volumes dept_eng_ls_mirror2 and dept_eng_ls_mirror3.



Creating a baseline for a set of load-sharing mirrors

You initialize the set of load-sharing mirrors to replicate data on a source volume to the load-sharingmirrors.

Step

1. Enter the following command to initialize all of the load-sharing mirrors in the set:

snapmirror initialize-ls-set -source-path source_endpoint

Note: Do not use the snapmirror initialize command to initialize a set of load-sharingmirrors. The snapmirror initialize command is for initializing individual volumes.


ExampleThe following example creates a baseline copy of the source volume named dept_eng to all of theload-sharing mirrors created for the source volume. The source volume is located on a virtualserver named vs0.

node::> snapmirror initialize-ls-set //vs0/dept_eng[Job 174] Job is queued: snapmirror load-share initialize for source //vs1/dept_eng.

Creating a volume for user dataYou create a volume to hold user data.

Steps

1. Create a volume using the volume create command.

Example

The following example creates a volume named src on a virtual server named vs1 and a storageaggregate named clus1_aggr1. The volume is placed online upon its creation. The volume'sexport policy is named default. The volume is owned by a user named admin and a group namedeng; both the user and the group need to exist in the NIS domain specified in the previous step.The security style on the volume is unix (that is, it supports UNIX mode bits). Regardless of thesecurity style, both NFS and CIFS clients can read from and write to the volume. The volume'sjunction path is named /src. The volume's parent volume is vs1_root. The volume is 50 GB in sizeand uses the volume style of space guarantee. The volume uses the default snapshot policy.

node::> volume create -vserver vs1 -volume src -aggregate clus1_aggr1 -state online -policy default -user admin -group eng-security-style unix -junction-path /src -size 50g-space-guarantee volume -snapshot-policy default

See "Volume Concepts" and the volume create command reference page for moreinformation.

2. Verify the creation of the volume using the volume show command.

Example

This example displays information about all volumes:

node::> volume showVirtual Server Volume Aggregate State Type Size Available Used%------- ----------- ------------ -------- ---- -------- --------- ----- vs1 src clus1_aggr1 online RW 50GB 40.00GB 20%


vs1 vs1_root clus1_aggr1 online RW 20MB 15.91MB 20%2 entries were displayed.

Example

This example displays detailed information about the new volume.

node::> volume show -vserver vs1 -volume src Virtual Server Name: vs1 Volume Name: src Volume Data Set ID: 1047 Volume Master Data Set ID: 2147484695 Aggregate Name: clus1_aggr1 Volume State: online Volume Type: RW Volume Style: flex Export Policy: default User ID: admin Group ID: eng Security Style: unix Unix Permissions: ---rwx------ Junction Path: /src Junction Path Source: RW_volume Junction Active: true Parent Volume: vs1_root Comment: Volume Size: 50GB Available Size: 40.00GB Total Size: 40GB Used Size: 104KB Used Percentage: 20% Total Files: 1556480 Files Used: 97 Space Guarantee Style: volume Space Guarantee In Effect: trueMinimum Percent of Space Reserved For Snapshots: 20% Snapshot Policy: default Creation Time: Fri May 15 08:59:40 2009

Creating a logical interfaceTo create a logical interface, you can use the network interface create command.

Step

1. Enter the following command: network interface create -servernode_or_virtual_server_name [-lif] logical_interface_name [-role] {cluster |data | node-mgmt} [-home-node] home_node_name [-home-port]home_port_or_port_ifgrp [-address] IP_address [-netmask] netmask


To further customize the logical interface, you can specify one or more additional parameters. Formore information, see the Data ONTAP 8.0 Cluster-Mode Administration Reference.

Creating a static routeTo create a static route, you can use the network routing-groups route create command.

About this task

A static route is a defined route between a logical interface and a specific destination IP address; theroute can use a gateway IP address. Therefore, by creating static routes, you can control how LIFsuse your network.

Steps

1. To create a static route for a logical interface, first use the network routing-groups createcommand to create a routing group.

Example

The following example creates a routing group originating from server node1b.

node1::> network routing-groups create -server node1b -routing-group d192.0.2.167/24 -subnet 192.40.8.1 -role data -metric 10

The -metric parameter optionally specifies a metric (hop count) for the logical interface youare creating. The default settings for this parameter are 10 for management interfaces, 20 for datainterfaces, and 30 for cluster interfaces. For more information, see the Cluster-ModeAdministration Reference.

2. Create a static route within the routing group by using the network routing-groups routecreate command.

Example

The following example creates a static route for a logical interface named mgmtif2 on a nodenamed node1b. The routing group uses the destination IP address 192.40.8.1, the network mask255.255.255.0, and the gateway IP address 192.40.0.1.

node::> network routing-groups route create -server node1b -routing-group d192.0.2.167/24 -destination 192.40.8.1 -gateway 192.40.0.1 -metric 10


Verifying the creation of the logical interface and staticroute

After you create a logical interface and static route for the interface, you should ensure that theyexist.

Steps

1. Verify that the logical interface exists using the network interface show command.

Example

node::> network interface show Logical Status Network Current Current IsServer Interface Admin/Oper Address/Mask Node Port Home----------- ---------- ---------- ------------------ -------- ------- ----node1a clus1 up/up 10.29.127.1/24 node1a e0a true clus2 up/up 10.29.127.2/24 node1a e0b true mgmt1 up/up 10.29.205.131/24 node1a e1a truenode1b clus1 up/up 10.29.127.3/24 node1b e0a true clus2 up/up 10.29.127.4/24 node1b e0b true mgmt1 up/up 10.29.205.129/24 node1b e01 truevs1 vs1_data1 up/up 10.29.204.99/24 node1b e0c true

2. Verify the static route using the network routing-groups route show command.

Example

node::> network routing-groups route show RoutingServer Group Destination Gateway Metric--------- --------- --------------- --------------- ------node1a n10.29.127.3/24 0.0.0.0/0 10.29.127.1 10node1b n10.29.127.4/24 0.0.0.0/0 10.29.127.1 10vs1


d192.0.2.167/24 0.0.0.0/0 192.40.0.1 10

Enabling clients access to data on the virtual serverYou need to allow clients access to data on the virtual server before they can use the virtual server.

Adding an export rule to the default export policyYou can create an export rule to enable client access to data on the virtual server.

Steps

1. To create an export rule, use the vserver export-policy rule create command.

Example

The following example provides full access to all clients:

node::> vserver export-policy rule create -vserver vs1-policyname default -clientmatch 0.0.0.0/0 -rorule any -rwrule any-superuser any -anon 0 -allow-suid true -allow-dev true

2. To verify the creation of the export rule, use the vserver export-policy rule showcommand.

Example

The following example shows the creation of the export rule:

node::> vserver export-policy rule showVirtual Policy Rule Access Client ROServer Name Index Protocol Match Rule------------ -------- ------ -------- ----------- ---------vs1 default 1 any 0.0.0.0/0 any

Enabling and configuring NFS servicesEnable and configure the NFS service on the virtual server.

Next topics

Creating an NFS server on page 35

Verifying NFS service on page 35


Creating an NFS serverTo provide NFS clients with access to a virtual server, you can create an NFS server.

Before you begin

Before creating an NFS server, you may wish to configure a NIS domain for the virtual server. If not,the NFS server will use local-users and local-groups.

Step

1. To create an NFS server, use the vserver nfs create command.

For more information, see the Cluster-Mode Administration Reference.

ExampleThe following example creates an NFS server on virtual server vs0. Default values are used forall parameters and no default Windows users are specified.

Note: The -rpcsec-ctx-high and rpcsec-ctx-idle options are available in advanced mode only.

node::> vserver nfs create -vserver vs0 -access true -rpcsec-ctx-high 0-rpcsec-ctx-idle 0 -v2-enable true -v3-enable true -udp-enable true-tcp-enable true

Verifying NFS serviceYou should ensure that NFS services are running on the virtual server.

Step

1. Verify NFS service by using the vserver nfs show command

Example

node::> vserver nfs showVirtual General DefaultServer Access v2 v3 UDP TCP SpinAuth Windows User------- ------- ------- -------- -------- -------- -------- ------------vs1 true enabled enabled enabled enabled enabled Guest


Creating a Kerberos-realm configurationYou can create a Kerberos-realm configuration.

Steps

1. To define a Keberos realm, use the vserver services kerberos-realm create command.

Example

The following example creates a Kerberos-realm configuration named AUTH. The configurationuses the Kerberos realm SECURITY.EXAMPLE.COM. The permitted clock skew is 300 secondsand the active directory server and IP address are SUSAN and 10.10.3.1, respectively. TheKerberos Distribution Center (KDC) IP address is 10.10.2.1 and its port is 88. The KDC vendor isMicrosoft. The administrative server's IP address is 10.10.2.1 and its port is 749. The passwordserver's IP address is 10.10.2.1 and its port is 464.

node::> vserver services kerberos-realm create -configname AUTH-realm SECURITY.EXAMPLE.COM -clock-skew 300 -adserver-name SUSAN-adserver-ip 10.10.3.1 -kdc-ip 10.10.2.1 -kdc-port 88-kdc-vendor Microsoft -adminserver-ip 10.10.2.1 -adminserver-port 749-passwordserver-ip 10.10.2.1 -passwordserver-port 464

2. To verify that the Kerberos realm is defined, use the vserver services kerberos-realmshow command.

Example

The following example shows that the Kerberos realm has been defined:

kerberos-realm show command.node::> vserver services kerberos-realm showConfiguration Kerberos Active Directory KDC KDCName Realm Server Vendor IP Address-------------- --------- ----------------- ------- ------------AUTH SECURITY SUSAN Microsoft 10.10.2.1

Creating an LDAP configurationYou can configure an LDAP domain for the virtual server.

Before you begin

An LDAP domain must already exist within the network and must be accessible to the virtual server'scluster.


Steps

1. Create an LDAP configuration using the vserver services ldap create command.

Example

The following example configures a virtual server called vs1 to use an LDAP client configurationcalled corpLDAP.

node::> vserver services ldap create -vserver vs1 -client-config corpLDAP

2. Turn on the LDAP service using the vserver modify command.

Example

node::> vserver modify -vserver vs1 -ns-switch file,nis,ldap

node::> vserver showVirtual Root Name Name NIS LDAPServer Type Volume Aggregate Service Mapping Domain Client-------- ------- ---------- ---------- ------- ------- -------- -------vs1 cluster vs1_root node1a_aggr1 file, file example. - nis com ldap

Enabling and configuring CIFSYou can enable and configure CIFS services on a virtual server to allow CIFS clients access to thevirtual server.

About this task

Enabling and configuring CIFS services consists of tasks such as adding domain controllers, creatingCIFS servers, and creating CIFS shares. The Data ONTAP 8.0 Cluster-Mode Network and FileAccess Management Guide contains a complete list of tasks you can perform to configure CIFSservices.

1. Adding preferred domain controllers on page 38

2. Displaying information about preferred domain controllers on page 38

3. Creating a CIFS server on page 39

4. Displaying information about CIFS servers on page 39

5. Displaying information about CIFS shares on page 42


Adding preferred domain controllersYou can use the vserver cifs preferred-dc add command to add one or more domaincontrollers to the list of preferred domain controllers for a specific logical interface.

Step

1. Use the vserver cifs domain preferred-dc add command to add one or more domaincontrollers to the list of preferred domain controllers for a specific logical interface.

The command requires the following information:

• The name of the virtual server• The NetBIOS name of the CIFS domain• The addresses of the preferred domain controllers, as a comma-delimited list, in order of

preference.

In addition, you can optionally specify the name of a logical interface. If you don't specify alogical interface, the domain controller(s) you specify will be added to the list of preferreddomain controllers for all logical interfaces on the virtual server.

ExampleThe following example adds domain controllers 172.17.102.25 and 172.17.102.24 to the list ofpreferred domain contollers that the CIFS server on virtual server vs0 uses to manage externalaccess to the CIFSLAB domain over logical interface data1.

ngsh::> vserver cifs domain preferred-dc add -vserver vs0 -lif data1 -domain CIFSLAB -preferred-dc 172.17.102.25,172.17.102.24

Displaying information about preferred domain controllersYou can display information about preferred domain controllers by using the vserver cifsdomain preferred-dc show command.

Step

1. Use thevserver cifs domain preferred-dc show command to display all or a subset ofthe information about the preferred domain contollers matching the criteria you specify.

By default, this command displays all information about the preferred domain controllers for alllogical interfaces:

• Virtual server name• Logical interface name• CIFS domain name• Addresses of the preferred domain controllers, as a comma-delimited list, in order of

preference.


ExampleThe following example displays all information about the preferred domain controllers for CIFSservers on all virtual servers:

vserver cifs domain preferred-dc show

Creating a CIFS serverYou can create a CIFS server by using the vserver cifs create command to allow CIFS clientsto access a virtual server.

Step

1. Use the vserver cifs create command to allow CIFS clients to access a virtual server.

The command requires the following information:

• The name of the virtual server on which to create the CIFS server.

Note: A virtual server can have only one CIFS server.

• The name of the Active Directory domain that the CIFS server will join.

Note: If a Machine Trust Account already exists in the domain you specify, Data ONTAPwill prompt you to reuse the account.

• The NetBIOS name of the CIFS server. This is the name that the CIFS server uses to identifyitself to CIFS clients. This name can be the same as or different from the virtual server name.

You can optionally specify an organizational unit name and default site name for the CIFS server.By default, the organizational unit name is CN=Computers.

Example

The following example creates a CIFS server CIFSSERVER1 on virtual server vs0 and joins theCIFS server to the cifs.lab.netapp.com domain.

node::> vserver cifs create -vserver vs0 -name CIFSSERVER1 -domain cifs.lab.netapp.com

Displaying information about CIFS serversYou can display information about CIFS servers by using the vserver cifs show command.

Step

1. Use the vserver cifs show command to display all or a subset of the information about theCIFS servers matching the criteria you specify.

By default, this command displays the following information about CIFS servers:


• Virtual server name• CIFS server name• Domain or workgroup name• Authentication style

If you specify the -instance parameter, the command displays all information about the CIFSservers matching the criteria you specify. For more information, see the Cluster-ModeAdministration Reference.

Creating a CIFS share

To share data on a virtual server with CIFS clients, you must create a CIFS share.

A CIFS share is a named access point in a volume that enables CIFS clients to view, browse, andmanipulate files on a file server. The name of each share must be unique for the virtual server.

You can create up to 128 shares on a single CIFS-enabled virtual server. The maximum length of ashare name is 32 characters.

Step

1. Use the vserver cifs share create command to create a CIFS share.

When you create a share, you specify the following information:

• The CIFS-enabled virtual server on which the share is to be created.• The name of the CIFS share.• The directory path to the CIFS share. This path must exist in a volume. A directory path name

can be up to 255 characters long. If there is a space in the path name, the entire string must bequoted (for example,"/new volume/mount here").

• Optionally, a list of properties for the share. The list can include one or more of the following:

• oplocks—This specifies that the share uses opportunistic locks, also known as client-sidecaching. Oplocks are enabled on shares by default; however, some applications do notwork well when oplocks are enabled. In particular, database applications such as MicrosoftAccess are vulnerable to corruption when oplocks are enabled. An advantage of shares isthat a single path can be shared multiple times, with each share having different properties.For instance, if a path named /dept/finance contains both a database and other types offiles, you can create two shares to it, one with oplocks disabled for safe database accessand one with oplocks enabled for client-side caching.

• browsable—This specifies that the share is can be browsed by Windows clients. This isthe default initial property for all shares.

• showsnapshot—This specifies that Snapshot copies can be viewed and traversed byclients.

• changenotify—This specifies that the share supports ChangeNotify requests.


Note: The dynamicshare and dynamicpath properties are also available in the interface;however, as of the Data ONTAP 8.0 release, the cifs home-directory commandfamily has been provided to replace the functionality of these properties.

• Optionally, how UNIX symbolic links (symlinks) are presented to CIFS clients. Possiblevalues include enabled for read-write access, read_only for read-only access, and hide toprevent CIFS clients from seeing symlinks. You can specify the symlink property only at theadvanced privilege level or higher.

• Optionally, default UNIX umask for new files created on the share. If not specified, the umaskdefaults to 022.

• Optionally, default UNIX umask for new directories created on the share. If not specified, theumask defaults to 000.

Note: Accessing an existing directory or file through multiple CIFS shares that havedifferent values for the file umask and directory-umask parameters returns consistentpermissions and access rights. For instance, assume you have a share named share1 that hasa file umask of 000 and a share named share2 that has a file umask of 022, and that theseshares overlap (that is, can access the same directories). If you create a file named \\server\share1\foo, the umask for that file is 000. If you create a file named \\server\share2\bar, the umask for that file is 022. If a user accesses the file namedfoo through the path \\server\share2\foo, the access permissions are 000; if a useraccesses the file named bar through the path \\server\share1\bar, the accesspermissions are 022.

• Optionally, a text description of the share. The description can be up to 255 characters long. Ifthere is a space in the description, the entire string must be quoted (for example, "This isengineering's share.").

• dynamicshare—This specifies that the share name is dynamic. Specify this value with thedynamic-path option for a dynamic share. In a dynamic share, the share's name and path canbe generated by substituting the user's name and domain with the %u and %d variables,respectively, specified as the values of the -share-name and -path parameters when theshare is created. For instance, if a dynamic share is defined with a name of %d_%u, a userlogged on as barbara from a domain named FIN sees the share as FIN_barbara. Using thedynamic-share value specifies that the share name is dynamically expanded but the path nameis not. For a full dynamic share, specify both the dynamic-path and the dynamic-share values.

• dynamicpath—This specifies that the path name is dynamic.

Note: A share is tied to the CIFS configuration of its virtual server and is deleted if either thevirtual server or its CIFS configuration with which it is associated is removed from the system.

Example

The following example creates a CIFS share named SHARE1 on a virtual server named vs1. Itsdirectory path is /u/eng. Opportunistic locks and browsability are specified on the share, and theUNIX umask is explicitly set as 022 on files and 000 on directories.


node::> vserver cifs share create -vserver vs0 -share-name SHARE1-path /u/eng -share-properties browsable,oplocks -file-umask 022-dir-umask 000

Displaying information about CIFS sharesYou can display information about CIFS shares.

Step

1. Use the vserver cifs share show command to display information about CIFS shares.

By default, the command displays the following information:

• Virtual server name• CIFS share name• Directory path• Share properties• Description, if applicable

Other information is displayed in a detailed view and if other parameters are specified. See thereference page for the command for details.

ExampleThe following example displays information about all CIFS shares:

node::> vserver cifs share showVirtual Share Path Share Description Server Name Propertiesvs0 ADMIN$ / browsable -vs0 IPC$ / browsable -vs0 ROOTSHARE / browsable -vs1 ADMIN$ / browsable -vs1 IPC$ / browsable -vs1 ROOTSHARE / oplocks - browsable

Creating a name mappingYou must create name mappings between UNIX and Windows accounts so that users can access dataregardless of the operating system of their client.

Steps

1. To create a name mapping, use the vserver name-mapping create command.


Example

The following example creates a name mapping that maps Windows account names in the formENG\user_name to the UNIX form user_name:

node::> vserver name-mapping create -vserver vs1 -type user-direction win-unix -position 1 -pattern ENG\\(.+) -replacement \1

Example

The following example creates a name mapping that maps UNIX account names in the formuser_name to the Windows form ENG\user_name:

node::> vserver name-mapping create -vserver vs1 -type user-direction unix-win -position 1 -pattern (.+) -replacement ENG\\\1

2. To verify the creation of the name mappings, use the vserver name-mapping showcommand.

Example

The following example shows the creation of the name mapping:

node::> vserver name-mapping showVirtual Mapping Direction Pos Pattern ReplacementServer Typevs1user win-unix 1 ENG\\(.+) \1user unix-win 1 (.+) ENG\\\1


Setting up your system for using third-partystorage

After setting up the basic cluster configuration, you can connect the system to third-party storagearrays. There are a number of tasks that must be complete to prepare your system for connection tothird-party storage arrays.

Before you can access your third-party storage array through Data ONTAP, you must do thefollowing:

• On the storage array, create LUNs and make them available to Data ONTAP, as described in thefollowing documentation:

• V-Series Installation Requirements and Reference Guide• V-Series Implementation Guide for your storage array. (The process of making array LUNs

available to Data ONTAP varies among storage array types.)• Your storage array documentation

• Connect your V-Series system and storage array using the V-Series Installation Requirements andReference Guide

• Assign the array LUNs to specific storage systems, as described in the Data ONTAP 8.0 Cluster-Mode Storage and Data Protection Management Guide.

After you have assigned array LUNs to specific storage systems running Data ONTAP, you canperform storage management tasks such as creating and managing aggregates and volumes. See theData ONTAP 8.0 Cluster-Mode Storage and Data Protection Management Guide for moreinformation.

Setting up your system for using third-party storage | 45

IndexA

Aggregatescreating 25

C

CIFSadding preferred domain controllers 38creating a CIFS share 40creating server 39showing CIFS server information 39showing CIFS share information 42showing preferred domain controllers 38

Client accessenabling on virtual server 34

clustercreating a logical interface 31creating a static route 32

Clusteradding license 23assigning network ports for a node 21checking cluster port connectivity 17configuring high availability 24configuring NTP 25creating a virtual server 26creating a volume 30creating aggregates 25creating with first node 21default port assignments 15enabling NTP 25setting storage failover 24verifying creation of logical interface 33verifying creation of static route 33viewing its nodes 22

Console portchecking connectivity 17

D

Data accessmapping between UNIX and Windows accounts 42

Data portschecking connectivity 17default assignments 15

Disk shelves

turning on power 18Domain controllers

adding preferred 38showing preferred 38

E

Ethernet portsdefault assignments 15

Ethernet ports, using correct ports 15Export policy

adding and export rule 34Export rule

adding to export policy 34

F

Fibre Channel portschecking connectivity 17

H

High availabilityconfiguring 24

I

Installation and configuration information worksheet 16

K

Kerberoscreating a Kerberos realm 36

L

LDAP configurationcreating 36

Licenseadding 23

load-sharing mirrorscreating destination volume 28creating relationships 28initializing relationship 29

Index | 47

logical interfacecreating 31creating a static route 32

Logical interfaceverifying creation of 33

M

Management portschecking connectivity 17default assignments 15

mirrorscreating load-sharing destination volume 28creating load-sharing mirror relationships 28initializing load-sharing relationship 29

N

Name mappingscreating 42

Network Time Protocolconfiguring 25enabling 25

NFS servicescreating 35verifying 35

Noderecommendation for management-access protocols

18viewing nodes in cluster 22adding license 23adding to a cluster 22applying gathered configuration information 18assigning network ports 21checking component connectivity 17configuring 18creating initial cluster 21installation and configuration information 16setting storage failover 24setting up 18turning on power 18

NVRAM adapterschecking connectivity 17

P

Powerorder to turn on devices 18

Preferred domain controllers

adding 38showing 38

S

SnapMirrorinitializing relationship 29

static routecreating 32

Static routeverifying creation of 33

Storage aggregatecreating 25

Storage failoversetting 24

T

Tape devicesturning on power 18

Third party storagesetting up 45

V

virtual servercreating a CIFS server 39creating a CIFS share 40creating an NFS server 35showing CIFS server information 39showing CIFS share information 42

Virtual serveradding CIFS preferred domain controllers 38creating 26creating a Kerberos realm 36creating an LDAP configuration 36enabling client access 34name mapping between UNIX and Windows

accounts 42showing CIFS preferred domain controllers 38verifying NFS services 35

Volumecreating for user data 30

W

Worksheetinstallation and configuration information 16


data ontap clustermode setup

Documents

mode administration reference

dc show command

preferred domain controllers

sharing mirror relationships

setup instructions flyer

nodes stops functioning

realm show command

party storage arrays