管理 ONTAP 调解器服务
-
本文档站点的 PDF
- NAS 存储管理
单独 PDF 文档的收集
Creating your file...
安装 ONTAP 调解器服务后,您可能需要更改用户名或密码。您还可以卸载ONTAP调解器服务。
更改用户名
这些任务在安装了 ONTAP 调解器服务的 Linux 主机上执行。
如果无法访问此命令,则可能需要使用完整路径运行此命令,如以下示例所示:
/usr/local/bin/mediator_username
通过选择以下选项之一更改用户名:
-
运行命令 mediate_change_user 并响应提示,如以下示例所示:
[root@mediator-host ~]# mediator_change_user Modify the Mediator API username by entering the following values: Mediator API User Name: mediatoradmin Password: New Mediator API User Name: mediator The account username has been modified successfully. [root@mediator-host ~]#
-
运行以下命令:
MEDIATOR_USERNAME=mediator MEDIATOR_PASSWORD=mediator2 MEDIATOR_NEW_USERNAME=mediatoradmin mediator_change_user
[root@mediator-host ~]# MEDIATOR_USERNAME= mediator MEDIATOR_PASSWORD='mediator2' MEDIATOR_NEW_USERNAME= mediatoradmin mediator_change_user The account username has been modified successfully. [root@mediator-host ~]#
更改密码
此任务在安装了 ONTAP 调解器服务的 Linux 主机上执行。
如果无法访问此命令,则可能需要使用完整路径运行此命令,如以下示例所示:
/usr/local/bin/mediator_change_password
通过选择以下选项之一更改密码:
-
运行
mediator_change_password
命令并对提示进行响应、如以下示例所示:[root@mediator-host ~]# mediator_change_password Change the Mediator API password by entering the following values: Mediator API User Name: mediatoradmin Old Password: New Password: Confirm Password: The password has been updated successfully. [root@mediator-host ~]#
-
运行以下命令:
MEDIATOR_USERNAME= mediatoradmin MEDIATOR_PASSWORD=mediator1 MEDIATOR_NEW_PASSWORD=mediator2 mediator_change_password
此示例显示密码已从"mediator1"更改为"mediator2"。
[root@mediator-host ~]# MEDIATOR_USERNAME=mediatoradmin MEDIATOR_PASSWORD=mediator1 MEDIATOR_NEW_PASSWORD=mediator2 mediator_change_password The password has been updated successfully. [root@mediator-host ~]#
停止ONTAP 调解器服务
要停止ONTAP 调解器服务、请执行以下步骤:
-
停止ONTAP 调解器。
systemctl stop ontap_mediator
-
停止SCST。
systemctl stop mediator-scst
-
禁用ONTAP 调解器和SCST。
systemctl diable ontap_mediator mediator-scst
重新启用ONTAP 调解器服务
要重新启用ONTAP 调解器服务、请执行以下步骤:
-
启用ONTAP 调解器和SCST。
systemctl enable ontap_mediator mediator-scst
-
启动SCST。
systemctl start mediator-scst
-
启动ONTAP 调解器。
systemctl start ontap_mediator
确认ONTAP 调解器运行状况良好
安装ONTAP 调解器后、您应验证ONTAP 调解器服务是否正在运行。
-
查看ONTAP 调解器服务的状态:
-
systemctl status ontap_mediator
[root@scspr1915530002 ~]# systemctl status ontap_mediator ontap_mediator.service - ONTAP Mediator Loaded: loaded (/etc/systemd/system/ontap_mediator.service; enabled; vendor preset: disabled) Active: active (running) since Mon 2022-04-18 10:41:49 EDT; 1 weeks 0 days ago Process: 286710 ExecStop=/bin/kill -s INT $MAINPID (code=exited, status=0/SUCCESS) Main PID: 286712 (uwsgi) Status: "uWSGI is ready" Tasks: 3 (limit: 49473) Memory: 139.2M CGroup: /system.slice/ontap_mediator.service ├─286712 /opt/netapp/lib/ontap_mediator/pyenv/bin/uwsgi --ini /opt/netapp/lib/ontap_mediator/uwsgi/ontap_mediator.ini ├─286716 /opt/netapp/lib/ontap_mediator/pyenv/bin/uwsgi --ini /opt/netapp/lib/ontap_mediator/uwsgi/ontap_mediator.ini └─286717 /opt/netapp/lib/ontap_mediator/pyenv/bin/uwsgi --ini /opt/netapp/lib/ontap_mediator/uwsgi/ontap_mediator.ini [root@scspr1915530002 ~]#
-
systemctl status mediator-scst
[root@scspr1915530002 ~]# systemctl status mediator-scst Loaded: loaded (/etc/systemd/system/mediator-scst.service; enabled; vendor preset: disabled) Active: active (running) since Mon 2022-04-18 10:41:47 EDT; 1 weeks 0 days ago Process: 286595 ExecStart=/etc/init.d/scst start (code=exited, status=0/SUCCESS) Main PID: 286662 (iscsi-scstd) Tasks: 1 (limit: 49473) Memory: 1.2M CGroup: /system.slice/mediator-scst.service └─286662 /usr/local/sbin/iscsi-scstd [root@scspr1915530002 ~]#
-
-
确认ONTAP 调解器服务使用的端口:
netstat
[root@scspr1905507001 ~]# netstat -anlt | grep -E '3260|31784' tcp 0 0 0.0.0.0:31784 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:3260 0.0.0.0:* LISTEN tcp6 0 0 :::3260 :::* LISTEN
手动卸载SCST以执行主机维护
要卸载SCST、您需要安装的ONTAP 调解器版本所使用的SCST tar包。
-
下载相应的SCST捆绑包(如下表所示)并对其进行解压缩。
此版本
使用此tar包…
ONTAP调解器1.7
scst-3.7.0.tar.bz2.
ONTAP调解器1.6
scst-3.7.0.tar.bz2.
ONTAP调解器1.5
scst-3.6.0.tar.bz2.
ONTAP调解器1.4
scst-3.6.0.tar.bz2.
ONTAP调解器1.3
scst-3.5.0.tar.bz2.
ONTAP调解器1.1
scst-3.4.tar.bz2.
ONTAP 调解器1.0
scst-3.3.0.tar.bz2.
-
在"scst"目录中问题描述 以下命令:
-
systemctl stop mediator-scst
-
make scstadm_uninstall
-
make iscsi_uninstall
-
make usr_uninstall
-
make scst_uninstall
-
depmod
-
手动安装SCST以执行主机维护
要手动安装SCST、您需要安装的ONTAP 调解器版本所使用的SCST tar包(请参见 上表)。
-
在"scst"目录中问题描述 以下命令:
-
make 2release
-
make scst_install
-
make usr_install
-
make iscsi_install
-
make scstadm_install
-
depmod
-
cp scst/src/certs/scst_module_key.der /opt/netapp/lib/ontap_mediator/ontap_mediator/SCST_mod_keys/.
-
cp scst/src/certs/scst_module_key.der /opt/netapp/lib/ontap_mediator/ontap_mediator/SCST_mod_keys/.
-
patch /etc/init.d/scst < /opt/netapp/lib/ontap_mediator/systemd/scst.patch
-
-
(可选)如果已启用安全启动、请在重新启动之前执行以下步骤:
-
确定"scst_vdisk"、"scst"和"iSCSI_scst"模块的每个文件名。
[root@localhost ~]# modinfo -n scst_vdisk [root@localhost ~]# modinfo -n scst [root@localhost ~]# modinfo -n iscsi_scst
-
确定内核版本。
[root@localhost ~]# uname -r
-
使用内核对每个文件进行签名。
[root@localhost ~]# /usr/src/kernels/<KERNEL-RELEASE>/scripts/sign-file \sha256 \ /opt/netapp/lib/ontap_mediator/ontap_mediator/SCST_mod_keys/scst_module_key.priv \ /opt/netapp/lib/ontap_mediator/ontap_mediator/SCST_mod_keys/scst_module_key.der \ _module-filename_
-
使用UEFI固件安装正确的密钥。
有关安装UEFI密钥的说明、请参见:
/opt/netapp/lib/ontap_mediator/ontap_mediator/SCST_mod_keys/README.module-signing
生成的UEFI密钥位于:
/opt/netapp/lib/ontap_mediator/ontap_mediator/SCST_mod_keys/scst_module_key.der
-
-
执行重新启动。
reboot
卸载 ONTAP 调解器服务
如有必要,您可以删除 ONTAP 调解器服务。在删除调解器服务之前,必须断开调解器与 ONTAP 的连接。
此任务在安装了 ONTAP 调解器服务的 Linux 主机上执行。
如果无法访问此命令,则可能需要使用完整路径运行此命令,如以下示例所示:
/usr/local/bin/uninstall_ontap_mediator
-
卸载 ONTAP 调解器服务:
uninstall_ontap_mediator
[root@mediator-host ~]# uninstall_ontap_mediator ONTAP Mediator: Self Extracting Uninstaller + Removing ONTAP Mediator. (Log: /tmp/ontap_mediator.GmRGdA/uninstall_ontap_mediator/remove.log) + Remove successful. [root@mediator-host ~]#
重新生成临时自签名证书
-
您可以在安装了ONTAP调解器服务的Linux主机上执行此任务。
-
只有在安装ONTAP调解器后、由于主机的主机名或IP地址发生更改、生成的自签名证书已废弃时、才能执行此任务。
-
在临时自签名证书被可信的第三方证书替换后、您不能使用此任务重新生成证书。 如果没有自签名证书、则发生原因此操作步骤将失败。
要为当前主机重新生成新的临时自签名证书、请执行以下步骤:
-
重新启动ONTAP调解器:
./make_self_signed_certs.sh overwrite
[root@xyz000123456 ~]# cd /opt/netapp/lib/ontap_mediator/ontap_mediator/server_config [root@xyz000123456 server_config]# ./make_self_signed_certs.sh overwrite Adding Subject Alternative Names to the self-signed server certificate # # OpenSSL example configuration file. Generating self-signed certificates Generating RSA private key, 4096 bit long modulus (2 primes) ..................................................................................................................................................................++++ ........................................................++++ e is 65537 (0x010001) Generating a RSA private key ................................................++++ .............................................................................................................................................++++ writing new private key to 'ontap_mediator_server.key' ----- Signature ok subject=C = US, ST = California, L = San Jose, O = "NetApp, Inc.", OU = ONTAP Core Software, CN = ONTAP Mediator, emailAddress = support@netapp.com Getting CA Private Key