Install or upgrade the ONTAP Mediator service

Contributors netapp-folivia netapp-ahibbard thrisun

To install the ONTAP Mediator service, you must ensure all prerequisites are met, get the installation package and run the installer on the host. This procedure is used for an installation or an upgrade of an existing installation.

About this task
  • Beginning with ONTAP 9.7, you can use any version of ONTAP Mediator to monitor a MetroCluster IP configuration.

  • Beginning with ONTAP 9.8, you can use any version of ONTAP Mediator to monitor an SM-BC relationship.

Before you begin

You must meet the following prerequisites.

Mediator version

Supported Linux versions

1.4

  • Red Hat Enterprise Linux: 7.6, 7.7, 7.8, 7.9, 8.1, 8.2, 8.3, 8.4, 8.5

  • CentOS: 7.6, 7.7, 7.8, 7.9

1.3

  • Red Hat Enterprise Linux: 7.6, 7.7, 7.8, 7.9, 8.1, 8.2, 8.3

  • CentOS: 7.6, 7.7, 7.8, 7.9

1.2

  • Red Hat Enterprise Linux: 7.6, 7.7, 7.8, 8.1

  • CentOS: 7.6, 7.7, 7.8

Note The kernel version must match the operating system version.
  • 64-bit physical installation or virtual machine

  • 8 GB RAM

  • User: Root access

Upgrade the host operating system and then the Mediator

The following table provides the upgrade guidelines if you are upgrading from RHEL/CentOS 7.6 to a later RHEL/CentOS release in addition upgrading the Mediator version.

Target Linux version

Target Mediator version

Upgrade notes

  • Red Hat Enterprise Linux: 7.6, 7.7, 7.8, 8.1

  • CentOS: 7.6, 7.7, 7.8

1.2

  • The upgrade must be performed in the following order:

    1. Upgrade the operating system from RHEL/CentOS version.

    2. Reboot the host to apply the kernel module changes.

    3. Upgrade the Mediator from the immediately prior version to the current version.

  • For MetroCluster:

    1. The storage iscsi-initiator show command will report that the connection to the Mediator service is down during the upgrade.

    2. The ONTAP operating system will generate the following EMS events:

      1. cf.mccip.med.auso.stDisabled during the upgrade

      2. cf.mccip.med.auso.stEnabled when automatic unplanned switchover is re-enabled

  • Red Hat Enterprise Linux: 7.6, 7.7, 7.8, 7.9, 8.1, 8.2, 8.3

  • CentOS: 7.6, 7.7, 7.8, 7.9

1.3

  1. Upgrade the operating system from RHEL/CentOS version.

  2. Reboot the host to apply the kernel module changes.

  3. Upgrade the Mediator from the immediately prior version to the current version.

  • Red Hat Enterprise Linux: 7.6, 7.7, 7.8, 7.9, 8.1, 8.2, 8.3, 8.4, 8.5

  • CentOS: 7.6, 7.7, 7.8, 7.9

1.4

  1. Upgrade the operating system from RHEL/CentOS version.

  2. Reboot the host to apply the kernel module changes.

  3. Upgrade the Mediator from the immediately prior version to the current version.

The best practices for installing Red Hat Enterprise Linux or CentOS and the associated repositories on your system are listed below. Systems installed or configured differently might require additional steps.

  • You must install Red Hat Enterprise Linux or CentOS according to Red Hat best practices. Due to end-of-life support for CentOS 8.x versions, compatible versions of CentOS 8.x are not recommended.

  • While installing the ONTAP Mediator service on Red Hat Enterprise Linux or CentOS, the system must have access to the appropriate repository so that the installation program can access and install all the required software dependencies.

  • For the yum installer to find dependent software in the Red Hat Enterprise Linux repositories, you must have registered the system during the Red Hat Enterprise Linux installation or afterwards by using a valid Red Hat subscription.

    See the Red Hat documentation for information about the Red Hat Subscription Manager.

  • The following ports must be unused and available for the Mediator:

    • 31784

    • 3260

  • If using a third-party firewall: refer to Firewall requirements for ONTAP Mediator

  • If the Linux host is in a location without access to the internet, you must ensure that the required packages are available in a local repository.

    You can use the following link for information about setting up a repository.

    If you are using Link Aggregation Control Protocol (LACP) in a Linux environment, you must correctly configure the kernel and make sure the sysctl net.ipv4.conf.all.arp_ignore is set to "2".

    The following packages are required by the ONTAP Mediator service:

    All RHEL/CentOS versions

    Additional packages for RHEL/CentOS 7.x

    Additional packages for RHEL 8.x

    • openssl

    • openssl-devel

    • kernel-devel

    • gcc

    • libselinux-utils

    • make

    • redhat-lsb-core

    • patch

    • bzip2

    • python36

    • python36-devel

    • perl-Data-Dumper

    • perl-ExtUtils-MakeMaker

    • python3-pip

    • policycoreutils-python

    • python36-pip

    • elfutils-libelf-devel

    • policycoreutils-python-utils

The Mediator installation package is a self-extracting compressed tar file that includes:

  • An RPM file containing all dependencies that cannot be obtained from the supported release’s repository.

  • An install script.

A valid SSL certification is recommended, as documented in this procedure.

Enable access to the repositories

If your operating system is…​

You must provide access to these repositories…​

RHEL 7.x

rhel-7-server-optional-rpms

CentOS 7.x

C7.6.1810 - Base repository

RHEL 8.x

  • rhel-8-for-x86_64-baseos-rpms

  • rhel-8-for-x86_64-appstream-rpms

Enable access to the repositories listed above so Mediator can access the required packages during the installation process. Use the procedure below for your operating system.

Procedure for RHEL 7.x operating system

If your operating system is RHEL 7.x:

Steps
  1. Subscribe to the required repository:

    subscription-manager repos --enable rhel-7-server-optional-rpms

    The following example shows the execution of this command:

    [root@localhost ~]# subscription-manager repos --enable rhel-7-server-optional-rpms
    Repository 'rhel-7-server-optional-rpms' is enabled for this system.
  2. Run the yum repolist command.

    The following example shows the execution of this command. The "rhel-7-server-optional-rpms" repository should appear in the list.

    [root@localhost ~]# yum repolist
    Loaded plugins: product-id, search-disabled-repos, subscription-manager
    rhel-7-server-optional-rpms | 3.2 kB  00:00:00
    rhel-7-server-rpms | 3.5 kB  00:00:00
    (1/3): rhel-7-server-optional-rpms/7Server/x86_64/group                                               |  26 kB  00:00:00
    (2/3): rhel-7-server-optional-rpms/7Server/x86_64/updateinfo                                          | 2.5 MB  00:00:00
    (3/3): rhel-7-server-optional-rpms/7Server/x86_64/primary_db                                          | 8.3 MB  00:00:01
    repo id                                      repo name                                             status
    rhel-7-server-optional-rpms/7Server/x86_64   Red Hat Enterprise Linux 7 Server - Optional (RPMs)   19,447
    rhel-7-server-rpms/7Server/x86_64            Red Hat Enterprise Linux 7 Server (RPMs)              26,758
    repolist: 46,205
    [root@localhost ~]#

Procedure for RHEL 8.x operating system

If your operating system is RHEL 8.x:

Steps
  1. Subscribe to the required repository:

    subscription-manager repos --enable rhel-8-for-x86_64-baseos-rpms

    subscription-manager repos --enable rhel-8-for-x86_64-appstream-rpms

    The following example shows the execution of this command:

    [root@localhost ~]# subscription-manager repos --enable rhel-8-for-x86_64-baseos-rpms
    [root@localhost ~]# subscription-manager repos --enable rhel-8-for-x86_64-appstream-rpms
    Repository 'rhel-8-for-x86_64-baseos-rpms' is enabled for this system.
    Repository 'rhel-8-for-x86_64-appstream-rpms' is enabled for this system.
  2. Run the yum repolist command.

    The newly subscribed repositories should appear in the list.

Procedure for CentOS 7.x operating system

If your operating system is CentOS 7.x:

Note The following examples are showing a repository for CentOS 7.6 and may not work for other CentOS versions. Use the base repository for your version of CentOS.
Steps
  1. Add the C7.6.1810 - Base repository. The C7.6.1810 - Base vault repository contains the kernel-devel package needed for ONTAP Mediator.

  2. Add the following lines to /etc/yum.repos.d/CentOS-Vault.repo.

    [C7.6.1810-base]
    name=CentOS-7.6.1810 - Base
    baseurl=http://vault.centos.org/7.6.1810/os/$basearch/
    gpgcheck=1
    gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
    enabled=1
  3. Run the yum repolist command.

    The following example shows the execution of this command. The CentOS-7.6.1810 - Base repository should appear in the list.

    Loaded plugins: fastestmirror
    Loading mirror speeds from cached hostfile
     * base: distro.ibiblio.org
     * extras: distro.ibiblio.org
     * updates: ewr.edge.kernel.org
    C7.6.1810-base                                                   | 3.6 kB  00:00:00
    (1/2): C7.6.1810-base/x86_64/group_gz                            | 166 kB  00:00:00
    (2/2): C7.6.1810-base/x86_64/primary_db                          | 6.0 MB  00:00:04
    repo id                                           repo name                                                                                                    status
    C7.6.1810-base/x86_64                             CentOS-7.6.1810 - Base                                                                                       10,019
    base/7/x86_64                                     CentOS-7 - Base                                                                                              10,097
    extras/7/x86_64                                   CentOS-7 - Extras                                                                                               307
    updates/7/x86_64                                  CentOS-7 - Updates                                                                                            1,010
    repolist: 21,433
    [root@localhost ~]#

Download the Mediator installation package

Steps
  1. Download the Mediator installation package from the ONTAP Mediator page.

  2. Confirm that the Mediator installation package is in the target directory:

    ls

    [root@mediator-host ~]#ls
    ontap-mediator

    If you are at a location without access to the internet, you must ensure that the installer has access to the required packages.

  3. If necessary, move the Mediator installation package from the download directory to the installation directory on the Linux Mediator host.

Install the ONTAP Mediator installation package

About this task
  • Beginning with ONTAP Mediator 1.4, the Secure Boot mechanism is enabled on UEFI systems. When Secure Boot is enabled, you must take additional steps to register the security key after installation:

    • Follow instructions in the README file: /opt/netapp/lib/ontap_mediator/ontap_mediator/SCST_mod_keys/README.module-signing to sign the SCST kernel module.

    • Locate the required keys: /opt/netapp/lib/ontap_mediator/ontap_mediator/SCST_mod_keys

    Note After installation, the README files and key location are also provided in the system output.
Step
  1. Install the Mediator installation package and respond to the prompts as required:

    ./ontap-mediator

    The installation process proceeds to create the required accounts and install required packages. If you have a previous version of Mediator installed on the host, you will be prompted to confirm that you want to upgrade.

Example of ONTAP Mediator 1.4 installation (console output)
[root@scs000065018 ~]# ./ontap-mediator
ONTAP Mediator: Self Extracting Installer
ONTAP Mediator requires two user accounts. One for the service (netapp), and one for use by ONTAP to the mediator API (mediatoradmin).
Would you like to use the default account names: netapp + mediatoradmin? (Y(es)/n(o)): y
Enter ONTAP Mediator user account (mediatoradmin) password:
Re-Enter ONTAP Mediator user account (mediatoradmin) password:
Checking if SELinux is in enforcing mode
Checking for default Linux firewall
Linux firewall is running. Open ports 31784 and 3260? y(es)/n(o): y
success
success



Preparing for installation of ONTAP Mediator packages.
Do you wish to continue? Y(es)/n(o): y
+ Installing required packages.
Last metadata expiration check: 1:56:17 ago on Thu 07 Apr 2022 11:35:42 AM EDT.
Package openssl-1:1.1.1k-6.el8_5.x86_64 is already installed.
Package openssl-devel-1:1.1.1k-6.el8_5.x86_64 is already installed.

.
.
.
.

Dependencies resolved.
Nothing to do.
Complete!
OS package installations finished
+ Installing ONTAP Mediator. (Log: /tmp/ontap_mediator.5gmxnI/ontap-mediator/install_20220407133105.log)
    This step will take several minutes. Use the log file to view progress.
Sudo include verified
ONTAP Mediator logging enabled
+ Install successful. (Moving log to /opt/netapp/lib/ontap_mediator/log/install_20220407133105.log)
+ WARNING: This system supports UEFI
           Secure Boot (SB) is currently enabled on this system.
           The following action need be taken:
           Using the keys in /opt/netapp/lib/ontap_mediator/ontap_mediator/SCST_mod_keys follow
           instructions in /opt/netapp/lib/ontap_mediator/ontap_mediator/SCST_mod_keys/README.module-signing
           to sign the SCST kernel module. Note that reboot will be needed.
     SCST will not start automatically when Secure Boot is enabled and not configured properly.
+ Note: ONTAP Mediator uses a kernel module compiled specifically for the current
        system OS. Using 'yum update' to upgrade the kernel may cause a service
        interruption.
    For more information, see /opt/netapp/lib/ontap_mediator/README
[root@scs000065018 ~]#

Verify the installation

Steps
  1. Run the following commands to view the status of the ONTAP Mediator services:

    1. Run: systemctl status ontap_mediator

      [root@scspr1915530002 ~]# systemctl status ontap_mediator
      
       ontap_mediator.service - ONTAP Mediator
      Loaded: loaded (/etc/systemd/system/ontap_mediator.service; enabled; vendor preset: disabled)
      Active: active (running) since Mon 2022-04-18 10:41:49 EDT; 1 weeks 0 days ago
      Process: 286710 ExecStop=/bin/kill -s INT $MAINPID (code=exited, status=0/SUCCESS)
      Main PID: 286712 (uwsgi)
      Status: "uWSGI is ready"
      Tasks: 3 (limit: 49473)
      Memory: 139.2M
      CGroup: /system.slice/ontap_mediator.service
            ├─286712 /opt/netapp/lib/ontap_mediator/pyenv/bin/uwsgi --ini /opt/netapp/lib/ontap_mediator/uwsgi/ontap_mediator.ini
            ├─286716 /opt/netapp/lib/ontap_mediator/pyenv/bin/uwsgi --ini /opt/netapp/lib/ontap_mediator/uwsgi/ontap_mediator.ini
            └─286717 /opt/netapp/lib/ontap_mediator/pyenv/bin/uwsgi --ini /opt/netapp/lib/ontap_mediator/uwsgi/ontap_mediator.ini
      
      [root@scspr1915530002 ~]#
    2. Run: systemctl status mediator-scst

      [root@scspr1915530002 ~]# systemctl status mediator-scst
         Loaded: loaded (/etc/systemd/system/mediator-scst.service; enabled; vendor preset: disabled)
         Active: active (running) since Mon 2022-04-18 10:41:47 EDT; 1 weeks 0 days ago
        Process: 286595 ExecStart=/etc/init.d/scst start (code=exited, status=0/SUCCESS)
       Main PID: 286662 (iscsi-scstd)
          Tasks: 1 (limit: 49473)
         Memory: 1.2M
         CGroup: /system.slice/mediator-scst.service
                 └─286662 /usr/local/sbin/iscsi-scstd
      
      [root@scspr1915530002 ~]#
  2. Confirm the ports the ONTAP Mediator service is using: netstat

    [root@scspr1905507001 ~]# netstat -anlt | grep -E '3260|31784'
    
             tcp   0   0 0.0.0.0:31784   0.0.0.0:*      LISTEN
    
             tcp   0   0 0.0.0.0:3260    0.0.0.0:*      LISTEN
    
             tcp6  0   0 :::3260         :::*           LISTEN

Result

The ONTAP Mediator service is now installed and running. Further configuration must be performed in the ONTAP storage system to use the Mediator features: