Skip to main content
简体中文版经机器翻译而成,仅供参考。如与英语版出现任何冲突,应以英语版为准。

管理 ONTAP 调解器服务

贡献者
PDF

安装 ONTAP 调解器服务后,您可能需要更改用户名或密码。您还可以卸载ONTAP调解器服务。

更改用户名

关于这些任务

这些任务在安装了 ONTAP 调解器服务的 Linux 主机上执行。

如果无法访问此命令,则可能需要使用完整路径运行此命令,如以下示例所示:

/usr/local/bin/mediator_username

操作步骤

通过选择以下选项之一更改用户名:

  • 运行命令 mediate_change_user 并响应提示,如以下示例所示:

     [root@mediator-host ~]# mediator_change_user
 Modify the Mediator API username by entering the following values:
     Mediator API User Name: mediatoradmin
                   Password:
 New Mediator API User Name: mediator
 The account username has been modified successfully.
 [root@mediator-host ~]#

  • 运行以下命令:

    MEDIATOR_USERNAME=mediator MEDIATOR_PASSWORD=mediator2 MEDIATOR_NEW_USERNAME=mediatoradmin mediator_change_user

     [root@mediator-host ~]# MEDIATOR_USERNAME= mediator MEDIATOR_PASSWORD='mediator2' MEDIATOR_NEW_USERNAME= mediatoradmin mediator_change_user
 The account username has been modified successfully.
 [root@mediator-host ~]#

更改密码

关于此任务

此任务在安装了 ONTAP 调解器服务的 Linux 主机上执行。

如果无法访问此命令,则可能需要使用完整路径运行此命令,如以下示例所示:

/usr/local/bin/mediator_change_password

操作步骤

通过选择以下选项之一更改密码:

  • 运行 mediator_change_password 命令并对提示进行响应、如以下示例所示:

     [root@mediator-host ~]# mediator_change_password
 Change the Mediator API password by entering the following values:
    Mediator API User Name: mediatoradmin
              Old Password:
              New Password:
          Confirm Password:
 The password has been updated successfully.
 [root@mediator-host ~]#

  • 运行以下命令:

    MEDIATOR_USERNAME= mediatoradmin MEDIATOR_PASSWORD=mediator1 MEDIATOR_NEW_PASSWORD=mediator2 mediator_change_password

    此示例显示密码已从"mediator1"更改为"mediator2"。

     [root@mediator-host ~]# MEDIATOR_USERNAME=mediatoradmin MEDIATOR_PASSWORD=mediator1 MEDIATOR_NEW_PASSWORD=mediator2 mediator_change_password
 The password has been updated successfully.
 [root@mediator-host ~]#

停止ONTAP 调解器服务

要停止ONTAP 调解器服务、请执行以下步骤:

步骤

  1. 停止ONTAP 调解器。

    systemctl stop ontap_mediator

  2. 停止SCST。

    systemctl stop mediator-scst

  3. 禁用ONTAP 调解器和SCST。

    systemctl diable ontap_mediator mediator-scst

重新启用ONTAP 调解器服务

要重新启用ONTAP 调解器服务、请执行以下步骤:

步骤

  1. 启用ONTAP 调解器和SCST。

    systemctl enable ontap_mediator mediator-scst

  2. 启动SCST。

    systemctl start mediator-scst

  3. 启动ONTAP 调解器。

    systemctl start ontap_mediator

确认ONTAP 调解器运行状况良好

安装ONTAP 调解器后、您应验证ONTAP 调解器服务是否正在运行。

步骤

  1. 查看ONTAP 调解器服务的状态:

    1. systemctl status ontap_mediator

      [root@scspr1915530002 ~]# systemctl status ontap_mediator

 ontap_mediator.service - ONTAP Mediator
Loaded: loaded (/etc/systemd/system/ontap_mediator.service; enabled; vendor preset: disabled)
Active: active (running) since Mon 2022-04-18 10:41:49 EDT; 1 weeks 0 days ago
Process: 286710 ExecStop=/bin/kill -s INT $MAINPID (code=exited, status=0/SUCCESS)
Main PID: 286712 (uwsgi)
Status: "uWSGI is ready"
Tasks: 3 (limit: 49473)
Memory: 139.2M
CGroup: /system.slice/ontap_mediator.service
      ├─286712 /opt/netapp/lib/ontap_mediator/pyenv/bin/uwsgi --ini /opt/netapp/lib/ontap_mediator/uwsgi/ontap_mediator.ini
      ├─286716 /opt/netapp/lib/ontap_mediator/pyenv/bin/uwsgi --ini /opt/netapp/lib/ontap_mediator/uwsgi/ontap_mediator.ini
      └─286717 /opt/netapp/lib/ontap_mediator/pyenv/bin/uwsgi --ini /opt/netapp/lib/ontap_mediator/uwsgi/ontap_mediator.ini

[root@scspr1915530002 ~]#

    2. systemctl status mediator-scst

      [root@scspr1915530002 ~]# systemctl status mediator-scst
   Loaded: loaded (/etc/systemd/system/mediator-scst.service; enabled; vendor preset: disabled)
   Active: active (running) since Mon 2022-04-18 10:41:47 EDT; 1 weeks 0 days ago
  Process: 286595 ExecStart=/etc/init.d/scst start (code=exited, status=0/SUCCESS)
 Main PID: 286662 (iscsi-scstd)
    Tasks: 1 (limit: 49473)
   Memory: 1.2M
   CGroup: /system.slice/mediator-scst.service
           └─286662 /usr/local/sbin/iscsi-scstd

[root@scspr1915530002 ~]#

  2. 确认ONTAP 调解器服务使用的端口:

    netstat

    [root@scspr1905507001 ~]# netstat -anlt | grep -E '3260|31784'

         tcp   0   0 0.0.0.0:31784   0.0.0.0:*      LISTEN

         tcp   0   0 0.0.0.0:3260    0.0.0.0:*      LISTEN

         tcp6  0   0 :::3260         :::*           LISTEN

手动卸载SCST以执行主机维护

要卸载SCST、您需要安装的ONTAP 调解器版本所使用的SCST tar包。

步骤

  1. 下载相应的SCST捆绑包(如下表所示)并对其进行解压缩。

    此版本

    使用此tar包…​

    ONTAP调解器1.7

    scst-3.7.0.tar.bz2.

    ONTAP调解器1.6

    scst-3.7.0.tar.bz2.

    ONTAP调解器1.5

    scst-3.6.0.tar.bz2.

    ONTAP调解器1.4

    scst-3.6.0.tar.bz2.

    ONTAP调解器1.3

    scst-3.5.0.tar.bz2.

    ONTAP调解器1.1

    scst-3.4.tar.bz2.

    ONTAP 调解器1.0

    scst-3.3.0.tar.bz2.

  2. 在"scst"目录中问题描述 以下命令:

    1. systemctl stop mediator-scst

    2. make scstadm_uninstall

    3. make iscsi_uninstall

    4. make usr_uninstall

    5. make scst_uninstall

    6. depmod

手动安装SCST以执行主机维护

要手动安装SCST、您需要安装的ONTAP 调解器版本所使用的SCST tar包(请参见 上表)。

  1. 在"scst"目录中问题描述 以下命令:

    1. make 2release

    2. make scst_install

    3. make usr_install

    4. make iscsi_install

    5. make scstadm_install

    6. depmod

    7. cp scst/src/certs/scst_module_key.der /opt/netapp/lib/ontap_mediator/ontap_mediator/SCST_mod_keys/.

    8. cp scst/src/certs/scst_module_key.der /opt/netapp/lib/ontap_mediator/ontap_mediator/SCST_mod_keys/.

    9. patch /etc/init.d/scst < /opt/netapp/lib/ontap_mediator/systemd/scst.patch

  2. (可选)如果已启用安全启动、请在重新启动之前执行以下步骤:

    1. 确定"scst_vdisk"、"scst"和"iSCSI_scst"模块的每个文件名。

      [root@localhost ~]# modinfo -n scst_vdisk
[root@localhost ~]# modinfo -n scst
[root@localhost ~]# modinfo -n iscsi_scst

    2. 确定内核版本。

      [root@localhost ~]# uname -r

    3. 使用内核对每个文件进行签名。

      [root@localhost ~]# /usr/src/kernels/<KERNEL-RELEASE>/scripts/sign-file \sha256 \
/opt/netapp/lib/ontap_mediator/ontap_mediator/SCST_mod_keys/scst_module_key.priv \
/opt/netapp/lib/ontap_mediator/ontap_mediator/SCST_mod_keys/scst_module_key.der \
_module-filename_

    4. 使用UEFI固件安装正确的密钥。

      有关安装UEFI密钥的说明、请参见:

      /opt/netapp/lib/ontap_mediator/ontap_mediator/SCST_mod_keys/README.module-signing

      生成的UEFI密钥位于:

    /opt/netapp/lib/ontap_mediator/ontap_mediator/SCST_mod_keys/scst_module_key.der

  3. 执行重新启动。

    reboot

卸载 ONTAP 调解器服务

开始之前

如有必要,您可以删除 ONTAP 调解器服务。在删除调解器服务之前,必须断开调解器与 ONTAP 的连接。

关于此任务

此任务在安装了 ONTAP 调解器服务的 Linux 主机上执行。

如果无法访问此命令,则可能需要使用完整路径运行此命令,如以下示例所示:

/usr/local/bin/uninstall_ontap_mediator

步骤

  1. 卸载 ONTAP 调解器服务:

    uninstall_ontap_mediator

     [root@mediator-host ~]# uninstall_ontap_mediator

 ONTAP Mediator: Self Extracting Uninstaller

 + Removing ONTAP Mediator. (Log: /tmp/ontap_mediator.GmRGdA/uninstall_ontap_mediator/remove.log)
 + Remove successful.
 [root@mediator-host ~]#

重新生成临时自签名证书

关于此任务

  • 您可以在安装了ONTAP调解器服务的Linux主机上执行此任务。

  • 只有在安装ONTAP调解器后、由于主机的主机名或IP地址发生更改、生成的自签名证书已废弃时、才能执行此任务。

  • 在临时自签名证书被可信的第三方证书替换后、您不能使用此任务重新生成证书。 如果没有自签名证书、则发生原因此操作步骤将失败。

步骤

要为当前主机重新生成新的临时自签名证书、请执行以下步骤:

  1. 重新启动ONTAP调解器:

    ./make_self_signed_certs.sh overwrite

    [root@xyz000123456 ~]# cd /opt/netapp/lib/ontap_mediator/ontap_mediator/server_config
[root@xyz000123456 server_config]# ./make_self_signed_certs.sh overwrite

Adding Subject Alternative Names to the self-signed server certificate
#
# OpenSSL example configuration file.
Generating self-signed certificates
Generating RSA private key, 4096 bit long modulus (2 primes)
..................................................................................................................................................................++++
........................................................++++
e is 65537 (0x010001)
Generating a RSA private key
................................................++++
.............................................................................................................................................++++
writing new private key to 'ontap_mediator_server.key'
-----
Signature ok
subject=C = US, ST = California, L = San Jose, O = "NetApp, Inc.", OU = ONTAP Core Software, CN = ONTAP Mediator, emailAddress = support@netapp.com
Getting CA Private Key