Manage the ONTAP mediator service
-
PDF of this doc site
- Cluster administration
-
Volume administration
- Logical storage management with the CLI
-
NAS storage management
- Configure NFS with the CLI
- Manage NFS with the CLI
-
Manage SMB with the CLI
- Manage file access using SMB
- SAN storage management
- Security and data encryption
-
Data protection and disaster recovery
- Data protection with the CLI
Collection of separate PDF docs
Creating your file...
After you have installed ONTAP Mediator service, you might want to change the user name or password. You can also uninstall the ONTAP Mediator Service.
Change the user name
These task is performed on the Linux host on which the ONTAP Mediator service is installed.
If you are unable to reach this command, you might need to run the command using the full path as shown in the following example:
/usr/local/bin/mediator_username
Change the username by choosing one of the following options:
-
Run the command mediator_change_user and respond to the prompts as shown in the following example:
[root@mediator-host ~]# mediator_change_user Modify the Mediator API username by entering the following values: Mediator API User Name: mediatoradmin Password: New Mediator API User Name: mediator The account username has been modified successfully. [root@mediator-host ~]#
-
Run the following command:
MEDIATOR_USERNAME=mediator MEDIATOR_PASSWORD=mediator2 MEDIATOR_NEW_USERNAME=mediatoradmin mediator_change_user
[root@mediator-host ~]# MEDIATOR_USERNAME= mediator MEDIATOR_PASSWORD='mediator2' MEDIATOR_NEW_USERNAME= mediatoradmin mediator_change_user The account username has been modified successfully. [root@mediator-host ~]#
Change the password
This task is performed on the Linux host on which the ONTAP Mediator service is installed.
If you are unable to reach this command, you might need to run the command using the full path as shown in the following example:
/usr/local/bin/mediator_change_password
Change the password by choosing one of the following options:
-
Run the
mediator_change_password
command and respond to the prompts as shown in the following example:[root@mediator-host ~]# mediator_change_password Change the Mediator API password by entering the following values: Mediator API User Name: mediatoradmin Old Password: New Password: Confirm Password: The password has been updated successfully. [root@mediator-host ~]#
-
Run the following command:
MEDIATOR_USERNAME= mediatoradmin MEDIATOR_PASSWORD=mediator1 MEDIATOR_NEW_PASSWORD=mediator2 mediator_change_password
The example shows that the password is changed from "mediator1" to "mediator2".
[root@mediator-host ~]# MEDIATOR_USERNAME=mediatoradmin MEDIATOR_PASSWORD=mediator1 MEDIATOR_NEW_PASSWORD=mediator2 mediator_change_password The password has been updated successfully. [root@mediator-host ~]#
Stop the ONTAP Mediator service
To stop the ONTAP Mediator service, perform the following steps:
-
Stop the ONTAP Mediator.
systemctl stop ontap_mediator
-
Stop SCST.
systemctl stop mediator-scst
-
Disable the ONTAP Mediator and SCST.
systemctl diable ontap_mediator mediator-scst
Re-enable the ONTAP Mediator service
To re-enable the ONTAP Mediator service, perform the following steps:
-
Enable the ONTAP Mediator and SCST.
systemctl enable ontap_mediator mediator-scst
-
Start SCST.
systemctl start mediator-scst
-
Start ONTAP Mediator.
systemctl start ontap_mediator
Verify the ONTAP Mediator is healthy
After the ONTAP Mediator has been installed, you should verify that the ONTAP Mediator services are running.
-
View the status of the ONTAP Mediator services:
-
systemctl status ontap_mediator
[root@scspr1915530002 ~]# systemctl status ontap_mediator ontap_mediator.service - ONTAP Mediator Loaded: loaded (/etc/systemd/system/ontap_mediator.service; enabled; vendor preset: disabled) Active: active (running) since Mon 2022-04-18 10:41:49 EDT; 1 weeks 0 days ago Process: 286710 ExecStop=/bin/kill -s INT $MAINPID (code=exited, status=0/SUCCESS) Main PID: 286712 (uwsgi) Status: "uWSGI is ready" Tasks: 3 (limit: 49473) Memory: 139.2M CGroup: /system.slice/ontap_mediator.service ├─286712 /opt/netapp/lib/ontap_mediator/pyenv/bin/uwsgi --ini /opt/netapp/lib/ontap_mediator/uwsgi/ontap_mediator.ini ├─286716 /opt/netapp/lib/ontap_mediator/pyenv/bin/uwsgi --ini /opt/netapp/lib/ontap_mediator/uwsgi/ontap_mediator.ini └─286717 /opt/netapp/lib/ontap_mediator/pyenv/bin/uwsgi --ini /opt/netapp/lib/ontap_mediator/uwsgi/ontap_mediator.ini [root@scspr1915530002 ~]#
-
systemctl status mediator-scst
[root@scspr1915530002 ~]# systemctl status mediator-scst Loaded: loaded (/etc/systemd/system/mediator-scst.service; enabled; vendor preset: disabled) Active: active (running) since Mon 2022-04-18 10:41:47 EDT; 1 weeks 0 days ago Process: 286595 ExecStart=/etc/init.d/scst start (code=exited, status=0/SUCCESS) Main PID: 286662 (iscsi-scstd) Tasks: 1 (limit: 49473) Memory: 1.2M CGroup: /system.slice/mediator-scst.service └─286662 /usr/local/sbin/iscsi-scstd [root@scspr1915530002 ~]#
-
-
Confirm the ports that are used by the ONTAP Mediator service:
netstat
[root@scspr1905507001 ~]# netstat -anlt | grep -E '3260|31784' tcp 0 0 0.0.0.0:31784 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:3260 0.0.0.0:* LISTEN tcp6 0 0 :::3260 :::* LISTEN
Manually uninstall SCST to perform host maintenance
To uninstall SCST, you need the SCST tar bundle that is used for the installed version of ONTAP Mediator.
-
Download the appropriate SCST bundle (as shown in the following table) and untar it.
For this version …
Use this tar bundle…
ONTAP Mediator 1.7
scst-3.7.0.tar.bz2
ONTAP Mediator 1.6
scst-3.7.0.tar.bz2
ONTAP Mediator 1.5
scst-3.6.0.tar.bz2
ONTAP Mediator 1.4
scst-3.6.0.tar.bz2
ONTAP Mediator 1.3
scst-3.5.0.tar.bz2
ONTAP Mediator 1.1
scst-3.4.0.tar.bz2
ONTAP Mediator 1.0
scst-3.3.0.tar.bz2
-
Issue the following commands in the "scst" directory:
-
systemctl stop mediator-scst
-
make scstadm_uninstall
-
make iscsi_uninstall
-
make usr_uninstall
-
make scst_uninstall
-
depmod
-
Manually install SCST to perform host maintenance
To manually install SCST, you need the SCST tar bundle that is used for the installed version of ONTAP Mediator (see the table above).
-
Issue the following commands in the "scst" directory:
-
make 2release
-
make scst_install
-
make usr_install
-
make iscsi_install
-
make scstadm_install
-
depmod
-
cp scst/src/certs/scst_module_key.der /opt/netapp/lib/ontap_mediator/ontap_mediator/SCST_mod_keys/.
-
cp scst/src/certs/scst_module_key.der /opt/netapp/lib/ontap_mediator/ontap_mediator/SCST_mod_keys/.
-
patch /etc/init.d/scst < /opt/netapp/lib/ontap_mediator/systemd/scst.patch
-
-
(Optional) If Secure Boot is enabled, before you reboot, perform the following steps:
-
Determine each file name for "scst_vdisk", "scst", and "iscsi_scst" modules.
[root@localhost ~]# modinfo -n scst_vdisk [root@localhost ~]# modinfo -n scst [root@localhost ~]# modinfo -n iscsi_scst
-
Determine the kernel release.
[root@localhost ~]# uname -r
-
Sign each file with the kernel.
[root@localhost ~]# /usr/src/kernels/<KERNEL-RELEASE>/scripts/sign-file \sha256 \ /opt/netapp/lib/ontap_mediator/ontap_mediator/SCST_mod_keys/scst_module_key.priv \ /opt/netapp/lib/ontap_mediator/ontap_mediator/SCST_mod_keys/scst_module_key.der \ _module-filename_
-
Install the correct key with the UEFI firmware.
Instructions for installing the UEFI key are located at:
/opt/netapp/lib/ontap_mediator/ontap_mediator/SCST_mod_keys/README.module-signing
The generated UEFI key is located at:
/opt/netapp/lib/ontap_mediator/ontap_mediator/SCST_mod_keys/scst_module_key.der
-
-
Perform a reboot.
reboot
Uninstall the ONTAP Mediator service
If necessary, you can remove the ONTAP Mediator service. The Mediator must be disconnected from ONTAP before you remove the Mediator service.
This task is performed on the Linux host on which the ONTAP Mediator service is installed.
If you are unable to reach this command, you might need to run the command using the full path as shown in the following example:
/usr/local/bin/uninstall_ontap_mediator
-
Uninstall the ONTAP Mediator service:
uninstall_ontap_mediator
[root@mediator-host ~]# uninstall_ontap_mediator ONTAP Mediator: Self Extracting Uninstaller + Removing ONTAP Mediator. (Log: /tmp/ontap_mediator.GmRGdA/uninstall_ontap_mediator/remove.log) + Remove successful. [root@mediator-host ~]#
Regenerate a temporary self-signed certificate
-
You perform this task on the Linux host on which the ONTAP Mediator service is installed.
-
You can perform this task only if the generated self-signed certificates have become obsolete due to changes to the hostname or IP address of the host after installing the ONTAP Mediator.
-
After the temporary self-signed certificate has been replaced by a trusted third-party certificate, you do not use this task to regenerate a certificate. The absence of a self-signed certificate will cause this procedure to fail.
To regenerate a new temporary self-signed certificate for the current host, perform the following step:
-
Restart the ONTAP Mediator:
./make_self_signed_certs.sh overwrite
[root@xyz000123456 ~]# cd /opt/netapp/lib/ontap_mediator/ontap_mediator/server_config [root@xyz000123456 server_config]# ./make_self_signed_certs.sh overwrite Adding Subject Alternative Names to the self-signed server certificate # # OpenSSL example configuration file. Generating self-signed certificates Generating RSA private key, 4096 bit long modulus (2 primes) ..................................................................................................................................................................++++ ........................................................++++ e is 65537 (0x010001) Generating a RSA private key ................................................++++ .............................................................................................................................................++++ writing new private key to 'ontap_mediator_server.key' ----- Signature ok subject=C = US, ST = California, L = San Jose, O = "NetApp, Inc.", OU = ONTAP Core Software, CN = ONTAP Mediator, emailAddress = support@netapp.com Getting CA Private Key