Beruflich Dokumente
Kultur Dokumente
5 Command Reference
Contents
OneFS Command Reference......................................................................................................11 isi alerts.............................................................................................................................12 isi auth ads accounts list...................................................................................................12 isi auth ads cache flush.....................................................................................................12 isi auth ads dc...................................................................................................................13 isi auth ads groups list.......................................................................................................14 isi auth ads join.................................................................................................................15 isi auth ads leave...............................................................................................................16 isi auth ads search............................................................................................................16 isi auth ads spn check.......................................................................................................18 isi auth ads spn create......................................................................................................19 isi auth ads spn delete......................................................................................................20 isi auth ads spn list............................................................................................................21 isi auth ads status.............................................................................................................21 isi auth ads time................................................................................................................22 isi auth ads users list.........................................................................................................23 isi auth config krb5 add realm...........................................................................................24 isi auth config krb5 delete default......................................................................................25 isi auth config krb5 delete domain.....................................................................................26 isi auth config krb5 delete realm.......................................................................................26 isi auth config krb5 list.......................................................................................................27 isi auth config krb5 modify default.....................................................................................28 isi auth config krb5 modify domain....................................................................................29 isi auth config krb5 modify realm.......................................................................................30 isi auth config krb5 write....................................................................................................30 isi auth config ldap list.......................................................................................................31 isi auth config ldap modify.................................................................................................33 isi auth config list...............................................................................................................36 isi auth config modify.........................................................................................................41 isi auth config revert..........................................................................................................47 isi auth config rules...........................................................................................................51 isi auth error......................................................................................................................52 isi auth local groups create...............................................................................................52 isi auth local groups delete................................................................................................53 isi auth local groups list.....................................................................................................53 isi auth local groups modify...............................................................................................54 isi auth local users create..................................................................................................56 isi auth local users delete..................................................................................................57 isi auth local users list.......................................................................................................58 isi auth local users modify.................................................................................................59
isi auth log-level.................................................................................................................61 isi auth mapping delete.....................................................................................................62 isi auth mapping dump......................................................................................................64 isi auth mapping flush.......................................................................................................65 isi auth mapping idrange...................................................................................................66 isi auth mapping import.....................................................................................................68 isi auth mapping list...........................................................................................................68 isi auth mapping modify....................................................................................................70 isi auth mapping new........................................................................................................72 isi auth mapping token......................................................................................................74 isi auth mapping upgrade-db.............................................................................................75 isi auth status....................................................................................................................76 isi avscan config................................................................................................................77 isi avscan get....................................................................................................................78 isi avscan manual..............................................................................................................79 isi avscan policy................................................................................................................79 isi avscan policy add.........................................................................................................80 isi avscan policy delete.....................................................................................................81 isi avscan policy edit.........................................................................................................81 isi avscan policy run..........................................................................................................83 isi avscan quarantine........................................................................................................83 isi avscan report purge......................................................................................................84 isi avscan report scan.......................................................................................................84 isi avscan report threat......................................................................................................85 isi avscan unquarantine....................................................................................................86 isi batterystatus.................................................................................................................86 isi config............................................................................................................................87 changes..................................................................................................................87 commit....................................................................................................................88 date........................................................................................................................88 deliprange...............................................................................................................88 encoding.................................................................................................................89 exit..........................................................................................................................90 help.........................................................................................................................90 interface..................................................................................................................91 iprange...................................................................................................................92 joinmode.................................................................................................................93 lnnset......................................................................................................................93 migrate...................................................................................................................94 mtu.........................................................................................................................95 name......................................................................................................................95 netmask..................................................................................................................95 quit..........................................................................................................................96 reboot.....................................................................................................................96
shutdown................................................................................................................96 status......................................................................................................................97 timezone.................................................................................................................98 version....................................................................................................................98 wizard.....................................................................................................................98 isi devices..........................................................................................................................99 isi domain create.............................................................................................................101 isi domain filedelete.........................................................................................................101 isi domain info.................................................................................................................101 isi domain list...................................................................................................................102 isi domain modify............................................................................................................103 isi email...........................................................................................................................103 isi email list......................................................................................................................104 isi events cancel..............................................................................................................104 isi events list....................................................................................................................105 isi events notifications create..........................................................................................107 isi events notifications delete...........................................................................................109 isi events notifications list................................................................................................109 isi events notifications modify..........................................................................................110 isi events quiet.................................................................................................................112 isi events sendtest...........................................................................................................112 isi events settings list.......................................................................................................113 isi events settings set......................................................................................................113 isi events show ...............................................................................................................115 isi events unquiet.............................................................................................................116 isi fc disable.....................................................................................................................116 isi fc enable.....................................................................................................................117 isi fc list............................................................................................................................117 isi fc set...........................................................................................................................118 isi firmware package.......................................................................................................118 isi firmware status...........................................................................................................119 isi firmware update..........................................................................................................120 isi ftp accept-timeout.......................................................................................................121 isi ftp allow-anon-access.................................................................................................122 isi ftp allow-anon-upload.................................................................................................122 isi ftp allow-dirlists...........................................................................................................123 isi ftp allow-downloads....................................................................................................123 isi ftp allow-writes............................................................................................................123 isi ftp anon-chown-username..........................................................................................124 isi ftp anon-password-list.................................................................................................124 isi ftp anon-password-list add..........................................................................................125 isi ftp anon-password-list remove....................................................................................125 isi ftp anon-root-path.......................................................................................................126 isi ftp anon-umask...........................................................................................................126
isi ftp ascii-mode.............................................................................................................127 isi ftp chroot-exception-list...............................................................................................127 isi ftp chroot-exception-list add........................................................................................128 isi ftp chroot-exception-list remove..................................................................................128 isi ftp chroot-local-mode..................................................................................................129 isi ftp connect-timeout.....................................................................................................130 isi ftp data-timeout...........................................................................................................130 isi ftp denied-user-list......................................................................................................131 isi ftp denied-user-list add...............................................................................................131 isi ftp denied-user-list remove.........................................................................................132 isi ftp dirlist-localtime.......................................................................................................132 isi ftp dirlist-names..........................................................................................................133 isi ftp file-create-perm.....................................................................................................133 isi ftp list..........................................................................................................................134 isi ftp local-root-path........................................................................................................135 isi ftp local-umask............................................................................................................135 isi ftp server-to-server.....................................................................................................136 isi ftp session-timeout......................................................................................................136 isi ftp user-config-dir........................................................................................................137 isi_gather_info.................................................................................................................137 isi get...............................................................................................................................141 isi iscsi isns disable.........................................................................................................143 isi iscsi isns discover.......................................................................................................143 isi iscsi isns enable..........................................................................................................144 isi iscsi isns status...........................................................................................................144 isi iscsi list.......................................................................................................................145 isi iscsi pool add..............................................................................................................146 isi iscsi pool delete..........................................................................................................146 isi iscsi pool list................................................................................................................146 isi job cancel....................................................................................................................147 isi job config....................................................................................................................147 isi job history...................................................................................................................147 isi job list..........................................................................................................................149 isi job pause....................................................................................................................150 isi job policy create..........................................................................................................151 isi job policy delete..........................................................................................................151 isi job policy list...............................................................................................................152 isi job policy modify.........................................................................................................152 isi job policy set...............................................................................................................153 isi job resume..................................................................................................................154 isi job schedule delete.....................................................................................................155 isi job schedule list..........................................................................................................155 isi job schedule set..........................................................................................................156 isi job start.......................................................................................................................157
isi job status....................................................................................................................158 isi job update...................................................................................................................159 isi license activate...........................................................................................................160 isi license status..............................................................................................................160 isi license unconfigure.....................................................................................................161 isi lun clone.....................................................................................................................161 isi lun create....................................................................................................................163 isi lun delete....................................................................................................................164 isi lun import....................................................................................................................165 isi lun list..........................................................................................................................165 isi lun modify...................................................................................................................166 isi lun move.....................................................................................................................167 isi lun offline....................................................................................................................168 isi lun online....................................................................................................................168 isi ndmp kill......................................................................................................................168 isi ndmp list.....................................................................................................................169 isi ndmp probe.................................................................................................................169 isi ndmp settings list........................................................................................................176 isi ndmp settings set........................................................................................................177 isi ndmp user create........................................................................................................178 isi ndmp user delete........................................................................................................178 isi ndmp user list.............................................................................................................178 isi ndmp user modify.......................................................................................................179 isi networks.....................................................................................................................179 isi networks create pool...................................................................................................181 isi networks create rule...................................................................................................183 isi networks create subnet...............................................................................................184 isi networks delete pool...................................................................................................185 isi networks delete rule....................................................................................................186 isi networks delete subnet...............................................................................................186 isi networks list interfaces...............................................................................................187 isi networks list pools......................................................................................................188 isi networks list rules.......................................................................................................190 isi networks list subnets..................................................................................................191 isi networks modify pool..................................................................................................192 isi networks modify rule...................................................................................................196 isi networks modify subnet..............................................................................................197 isi nfs clients list..............................................................................................................199 isi nfs clients remove.......................................................................................................200 isi nfs exports check........................................................................................................200 isi nfs exports create.......................................................................................................200 isi nfs exports delete.......................................................................................................205 isi nfs exports list.............................................................................................................205 isi nfs exports modify.......................................................................................................207
isi nfs flexprotect.............................................................................................................214 isi nfs locks list................................................................................................................214 isi nfs locks waiters..........................................................................................................215 isi perfstat........................................................................................................................215 isi pkg create...................................................................................................................216 isi pkg delete...................................................................................................................216 isi pkg info.......................................................................................................................216 isi pkg install....................................................................................................................217 isi quota create................................................................................................................218 isi quota delete................................................................................................................221 isi quota import................................................................................................................223 isi quota list.....................................................................................................................223 isi quota modify...............................................................................................................226 isi quota reporting make-on-demand..............................................................................231 isi quota reporting set......................................................................................................231 isi quota reporting show..................................................................................................232 isi quota reporting stop-reports.......................................................................................233 isi readonly off.................................................................................................................233 isi readonly on.................................................................................................................234 isi readonly show.............................................................................................................234 isi services......................................................................................................................235 isi set...............................................................................................................................236 isi smartlock....................................................................................................................240 isi smartpools process....................................................................................................240 isi smb config global list..................................................................................................241 isi smb config global modify............................................................................................244 isi smb config global revert..............................................................................................247 isi smb config share list...................................................................................................249 isi smb config share modify.............................................................................................251 isi smb config share revert..............................................................................................253 isi smb file close..............................................................................................................255 isi smb file list..................................................................................................................255 isi smb log-level...............................................................................................................256 isi smb permission create................................................................................................257 isi smb permission delete................................................................................................258 isi smb permission list.....................................................................................................259 isi smb permission modify ..............................................................................................260 isi smb session delete.....................................................................................................261 isi smb session list..........................................................................................................262 isi smb share create........................................................................................................262 isi smb share delete........................................................................................................263 isi smb share list..............................................................................................................263 isi smb share modify.......................................................................................................264 isi snapshot alias.............................................................................................................265
isi snapshot autocreate...................................................................................................265 isi snapshot autodelete...................................................................................................266 isi snapshot create..........................................................................................................266 isi snapshot delete..........................................................................................................267 isi snapshot disable.........................................................................................................268 isi snapshot enable.........................................................................................................268 isi snapshot list................................................................................................................269 isi snapshot lock create...................................................................................................269 isi snapshot lock delete...................................................................................................270 isi snapshot lock list........................................................................................................271 isi snapshot lock modify..................................................................................................271 isi snapshot modify..........................................................................................................272 isi snapshot rename........................................................................................................273 isi snapshot reserve........................................................................................................273 isi snapshot schedule create...........................................................................................274 isi snapshot schedule delete...........................................................................................276 isi snapshot schedule list................................................................................................276 isi snapshot schedule modify..........................................................................................277 isi snapshot schedule rename.........................................................................................279 isi snapshot schedule todo..............................................................................................279 isi snapshot settings list..................................................................................................280 isi snapshot settings set..................................................................................................281 isi snapshot usage..........................................................................................................282 isi snmp...........................................................................................................................283 isi snmp list......................................................................................................................284 isi statistics client.............................................................................................................284 isi statistics describe.......................................................................................................291 isi statistics drive.............................................................................................................292 isi statistics heat..............................................................................................................295 isi statistics history..........................................................................................................300 isi statistics list all............................................................................................................303 isi statistics list classes ...................................................................................................304 isi statistics list events.....................................................................................................304 isi statistics list nodes......................................................................................................305 isi statistics list nooutput..................................................................................................306 isi statistics list operations...............................................................................................307 isi statistics list orderby...................................................................................................307 isi statistics list output......................................................................................................308 isi statistics list protocols ................................................................................................309 isi statistics list stats........................................................................................................310 isi statistics list totalby.....................................................................................................310 isi statistics protocol........................................................................................................311 isi statistics pstat.............................................................................................................316 isi statistics query............................................................................................................318
isi statistics system..........................................................................................................320 isi status..........................................................................................................................321 isi sync bandwidth create................................................................................................323 isi sync bandwidth delete................................................................................................324 isi sync bandwidth disable...............................................................................................325 isi sync bandwidth enable...............................................................................................325 isi sync bandwidth list......................................................................................................325 isi sync bandwidth modify...............................................................................................327 isi sync config..................................................................................................................328 isi sync jobs list...............................................................................................................328 isi sync jobs pause..........................................................................................................329 isi sync jobs report..........................................................................................................330 isi sync jobs resume........................................................................................................330 isi sync jobs stop.............................................................................................................331 isi sync pause..................................................................................................................331 isi sync policy assess......................................................................................................331 isi sync policy create.......................................................................................................332 isi sync policy delete.......................................................................................................337 isi sync policy disable......................................................................................................338 isi sync policy enable......................................................................................................338 isi sync policy list.............................................................................................................339 isi sync policy modify.......................................................................................................340 isi sync policy pause.......................................................................................................346 isi sync policy report........................................................................................................346 isi sync policy reset.........................................................................................................348 isi sync policy resolve......................................................................................................349 isi sync policy resume.....................................................................................................349 isi sync policy run............................................................................................................349 isi sync policy stop..........................................................................................................350 isi sync reports config.....................................................................................................350 isi sync reports policyconf...............................................................................................351 isi sync reports rebuild....................................................................................................351 isi sync reports rotate......................................................................................................352 isi sync resume...............................................................................................................352 isi sync start....................................................................................................................352 isi sync stop.....................................................................................................................353 isi sync target break........................................................................................................353 isi sync target cancel.......................................................................................................354 isi sync target list.............................................................................................................354 isi sync throttle create.....................................................................................................355 isi sync throttle delete......................................................................................................356 isi sync throttle disable....................................................................................................356 isi sync throttle enable.....................................................................................................357 isi sync throttle list...........................................................................................................357
isi sync throttle modify.....................................................................................................358 isi sync upgrade..............................................................................................................360 isi tape delete..................................................................................................................360 isi tape list.......................................................................................................................360 isi tape rename................................................................................................................361 isi tape rescan.................................................................................................................362 isi target create................................................................................................................362 isi target delete................................................................................................................364 isi target list.....................................................................................................................364 isi target modify...............................................................................................................365 isi update.........................................................................................................................366 isi version........................................................................................................................368 isi worm create................................................................................................................369 isi worm filedelete............................................................................................................370 isi worm info....................................................................................................................370 isi worm list......................................................................................................................371 isi worm modify...............................................................................................................372
In the section detailing the possible parameters of each command, all required parameters are labeled "required." All unlabeled parameters are assumed to be optional. You can view a basic description of any command and its available options by typing its name followed by the -h option at the command line: <CommandName> -h To view more detailed information at the command line, refer to the isi man page: man isi[<CommandName>]
11
isi alerts
The isi alerts command is an alias of the isi events command. For information about a particular sub-command, see the equivalent isi events sub-command reference topic.
12
Specify the type of information to be ushed using one of the following options: --user --group --uid --gid --all
--user=<String>, -U=<String> Flushes cached information for the specied user. --group=<String>, -G=<String> Flushes cached information for the specied group. --uid=<UID>, -u<UID> Flushes cached information on the user with the specied user ID (UID). --gid=<GID>, -g<GID> Flushes cached information on the group with the specied group ID (GID). --all Flushes cached information on all users and groups. Examples The following command ushes all information about a user with a UID of 10000: isi auth ads cache flush --uid=10000 The following command ushes all information about a group with a GID of 10010: isi auth ads cache flush --gid=10010
13
Forces a DNS query for a domain controller. --verbose, -v Displays information about the domain controller. --list, -l Lists all domain controllers for this domain. Examples To view the Active Directory domain controller with which the node communicates, run the following command: isi auth ads dc If available, the system displays the name of the current domain controller, as shown in the following example output: Current Domain Controller = dc4.sample.test.isilon.com The following command sets the Active Directory domain controller with which a node communicates to dc5.sample.test.isilon: isi auth ads dc --set-dc=dc5.sample.test.isilon.com
14
The system displays output similar to the following example: Name: Gid: Sid: Members: TEST\testgroup_001 1000001 S-1-5-11-1125855316-1269122633-1940282374-42517 TEST\testuser_1, TEST\testuser_2, TEST\testadmin_1, TEST\testadmin_2
The following command displays information on a group named TEST\testgroup_002 isi auth ads groups list --name="TEST\testgroup_002" --verbose The system displays output similar to the following example: Name: TEST\testgroup_002 Gid: 1000005 Sid: S-1-5-11-5378055316-1284039633-1940172574-13517 Members: TEST\testuser_10, TEST\testuser_11, TEST\testadmin_12, TEST\testadmin_13
15
OneFS Command Reference Examples The following command joins the cluster to the Active Directory domain 'dc1.isilon.com' using the 'admin' account with password 'pass': isi auth ads join --domain=dc1.isilon.com -U=admin -P=pass The system displays the following message upon successful completion: *SUCCESS: Cluster account is joined to the domain.
! Caution: Disconnecting a cluster from an AD domain will disrupt service for any users who are accessing or
intending to access that domain. Syntax isi auth ads leave --force [--workgroup=<string>] Options --force, -f Required. Forces the command to complete without producing conrmation messages. --workgroup=<string> Species the workgroup. If this option is omitted, 'WORKGROUP' is used as the workgroup name by default. Examples To leave the current Active Directory domain, run the following command: isi auth ads leave --force Note: In this example, because the --workgroup option is omitted, the following message displays: No workgroup specified, assuming 'WORKGROUP' To verify the cluster is no longer joined to the Active Directory domain, run the isi auth ads status command.
16
OneFS Command Reference Options --lter=<string>, -f<string> Species the LDAP search lter. --domain=<DNSDomain>, -D<DNSDomain> Species the domain name for the user or group that is attempting to connect to the cluster. --machinecreds Directs the system to use machine credentials in order to connect to the cluster. --user=<string>, -U<string> Species an administrative user account to connect to the cluster, if required. --password=<Password>, -P<Password> Species the administrative user account password. --attributes=<string>, -l<string> Sets the LDAP attribute list. --count, -c Returns just a count of the attributes. --offset=<Number>, -o<Number> Starts results at the specied offset. Examples The following command displays information about a user whose name was "user1" prior to Windows 2000: isi auth ads search -filter=(sAMAccountName=user1) The system displays output similar to the following example: [Entry 1] distinguishedName = 'CN=User One,CN=Users,DC=test,DC=com' pwdLastSet = '128091346009531250' primaryGroupID = '513' cn = 'User One' countryCode = '0' objectCategory = 'CN=Person,CN=Schema,CN=Configuration,DC=test,DC=com' objectClass = 'top','person','organizationalPerson','user' codePage = '0' userAccountControl = '66048' objectGUID = 'cbe6506f-5b65-4477-90d1-1596a34f8a6' sAMAccountName = 'user1' whenChanged = '20110126225529.0Z' sAMAccountType = '805306368' objectSid = 'S-1-5-21-1195855716-1269722693-1240286574-7785' whenCreated = '20061127205640.0Z' uSNCreated = '17095' accountExpires = '9223372036854775807' uSNChanged = '17095' givenName = 'User One' instanceType = '4' name = 'user1' The following command displays information about all groups on the server: isi auth ads search filter=(objectClass=group) Note: Output for this command might be very large.
17
The following command displays information about all users created after January 1, 2011: isi auth ads search --filter='(&(objectClass=user)(whenCreated>=20110101000000.0Z))' Note: Output for this command might be very large.
18
Syntax isi auth ads spn create --spn=<SPN> [--domain=<DNSDomain>] [--account=<MachineAccount>] [--node=<Number>] [--host=<DNSDomain>] [--machinecreds] [--user=<string> [--password=<Password>]] Options --spn=<SPN>, -s<SPN> Required. Species the SPN for the user or group to register. --domain=<DNSDomain>, -D<DNSDomain> Species the domain name for the user or group that is attempting to connect to the cluster. --account=<MachineAccount>, -a<MachineAccount> Species the address of the machine account. If no account is specied, the machine account of the cluster is used. --node=<Number>, -n<Number> Species the specic node number. If you use this option, the user or group will attempt to register two SPNs: one in the form host/node, and another in the form host/node.example.com. --host=<DNSDomain>, -h<DNSDomain> Species a SmartConnect host name. If you use this option, the user or group will attempt to register the SPN host/hostname. --machinecreds Directs the system to use machine credentials in order to connect to the cluster. --user=<string>, -U<string> Species an adminstrative user account to connect to the cluster, if required. --password=<Password>, -P<Password> Species the administrative user account password. Examples The following command creates an SPN for the "isi-auth-sample.isilon.com" SmartConnect pool: isi auth ads spn create --spn=cifs/isi-auth-sample.isilon.com --user=Administrator
19
20
21
--domains, -d Displays a list of domains and their status. --refresh, -r Refreshes any cached information. Examples To determine whether the cluster is joined to an Active Directory domain, run the following command: isi auth ads status If the cluster is joined to an Active Directory domain, the system displays output similar to the following example: Active Directory Services Status: Mode: unprovisioned Status: online Primary Domain: SAMPLE.ISILON.COM Forest: sample.isilon.com Site: SiteC NetBIOS Domain: SAMPLE Domain Controller: sample-dc11.sample.isilon.com Machine Account: CLUSTER-ONE If the cluster is not joined to a domain, the system displays the following output: The cluster is not joined to a domain.
22
The system displays output similar to the following example: Thu Feb 24 12:07:02 2011 To synchronize the time across the cluster with the time on the current domain controller, run the following command: isi auth ads time --sync The system displays output similar to the following example: Successfully synced cluster time with the dc.
23
The following command displays information on a user called TEST\newTestUser: isi auth ads users list --uid=1000002 -v The system displays output similar to the following example: User: Uid: Gid: Sid: Shell: Home: Groups: TEST\newTestUser 1000010 1000005(TEST\testgroup_002) S-1-5-31-1037589374-3720957693-1625495264-73720 /bin/sh /ifs/home/TEST/newTestUser 1000005(TEST\testgroup_002)
24
--default-keytab-name Deletes the default keytab le. --default-realm Deletes the default realm. --default-tgs-enctypes Deletes the default tgs enctypes. --default-tkt-enctypes Deletes the default tkt enctypes. --permitted-enctypes Deletes permitted enctypes. --preferred-enctypes Deletes preferred enctypes. Examples To delete the preferred enctypes from the 'defaults' section of the Kerberos conguration le, run the following command: isi auth config krb5 delete default --preferred-enctypes
25
26
OneFS Command Reference Examples The following command removes the default domain from the SAMPLE.TEST.ISILON.COM realm: isi auth config krb5 delete realm --realm=SAMPLE.TEST.ISILON.COM --default-domain The following command removes the SAMPLE.TEST.ISILON.COM realm entirely: isi auth config krb5 delete realm --realm=SAMPLE.TEST.ISILON.COM --all
27
Options You must set at least one parameter in the 'defaults' section of the Kerberos conguration le. Set one or more parameters in the 'defaults' section of the Kerberos conguration le using the following options: --always-send-preauth --dns-lookup-kdc --dns-lookup-realm --default-realm --default-keytab-name --permitted-enctypes --default-tkt-enctypes --default-tgs-enctypes --preferred-enctypes
--always-send-preauth=<boolean> Species whether the preauth ag is required. --dns-lookup-kdc=<boolean> Species DNS lookup Key Distribution Center (KDC). --dns-lookup-realm=<boolean> Species DNS lookup realm. --default-realm=<DNSDomain> Species the default realm. --default-keytab-name=<string> Species the default keytab le. --permitted-enctypes=<string> Species the permitted encryption types (enctypes). Note: This option species the complete list of permitted enctypes; it does not add to the existing list. --default-tkt-enctypes=<string> Species the default tkt enctypes.
28
Note: This option species the complete list of default tkt enctypes, it does not add to the existing list. --default-tgs-enctypes=<string> Species the default tgs enctypes. Note: This option species the complete list of default tgs enctypes, it does not add to the existing list. --preferred-enctypes=<string> Species preferred enctypes. Note: This option species the complete list of preferred enctypes, it does not add to the existing list. Examples To change the list of permitted enctypes to RC4-HMAC DES-CBC-MD5 DES-CBC-CRC, run the following command: isi auth config krb5 modify default --permitted-enctypes="RC4-HMAC DES-CBC-MD5 DES-CBC-CRC"
29
30
OneFS Command Reference Examples The following command writes the Kerberos conguration to the /example path: isi auth config krb5 write --path=/example.
31
Displays information on the LDAP lter for netgroups objects. --ldap-nis-netgroup-triple Displays information on the LDAP NIS netgroup triple. --ldap-ntpasswdhash Displays information on the LDAP ntPasswdHash attribute. --ldap-shadow-user-lter Displays information on the LDAP lter for shadow user properties. --ldap-shadowexpire Displays information on the LDAP shadowExpire attribute. --ldap-shadowag Displays information on the LDAP shadowFlag attribute. --ldap-shadowinactive Displays information on the LDAP shadowInactive attribute. --ldap-shadowlastchange Displays information on the LDAP shadowLastChange attribute. --ldap-shadowmax Displays information on the LDAP shadowMax attribute. --ldap-shadowmin Displays information on the LDAP shadowMin attribute. --ldap-shadowwarning Displays information on the LDAP shadowWarning attribute. --ldap-uid Displays information on the LDAP uid attribute. --ldap-uidnumber Displays information on the LDAP uidNumber attribute. --ldap-uniquemember Displays information on the LDAP uniqueMember attribute. --ldap-user-lter Displays information on the LDAP lter for user objects. --param=<string>, -p<string> Displays information on the specied parameters. --verbose, -v Displays verbose output. Examples To view the LDAP gidNumber attribute, run the following command: isi auth config ldap list --ldap-gidnumber The command will display output in a form similar to the following output: Authentication Options Option name Value ------------------------------ --------------------------------------------ldap-gidnumber gidNumber
32
To view the LDAP gidNumber attribute, run the following command: isi auth config ldap list --ldap-gidnumber --verbose The system displays output similar to the following example: LDAP Attribute Options ldap-gidnumber = gidNumber (Default = gidNumber)
To view the LDAP gidNumber attribute, run the following command: isi auth config ldap list --ldap-gidnumber --detailed The system displays output similar to the following example: ldap-gidnumber ---------------------------------------------------------------------------Class: LDAP Attribute Options Description: LDAP gidNumber attribute Current Value: gidNumber Default: gidNumber
33
--ldap-member-nis-netgroup --ldap-memberUid --ldap-netgroup-lter --ldap-nis-netgroup-triple --ldap-ntpasswdhash --ldap-shadowexpire --ldap-shadowag --ldap-shadowinactive --ldap-shadowlastchange --ldap-shadowmax --ldap-shadowmin --ldap-shadow-user-lter --ldap-shadowwarning --ldap-uid--ldap-uidnumber --ldap-uniquemember --ldap-user-lter --param and --value (must be specied together)
--ldap-cn=<string> Species new LDAP cn attribute. --ldap-cryptpasswd=<string> Species new LDAP cryptPasswd attribute. --ldap-email=<string> Species new LDAP email attribute. --ldap-gecos=<string> Species new LDAP gecos attribute. --ldap-gidnumber=<string> Species new LDAP gidNumber attribute. --ldap-group-lter=<string> Species new LDAP lter for group objects. --ldap-homedirectory=<string> Species new LDAP homeDirectory attribute. --ldap-loginshell=<string> Species new LDAP loginShell attribute. --ldap-member-nis-netgroup=<string> Species new LDAP Member NIS netgroup. --ldap-memberUid=<string> Species new LDAP memberUid attribute. --ldap-netgroup-lter=<string> Species new LDAP lter for netgroups objects. --ldap-nis-netgroup-triple=<string> Species new LDAP NIS netgroup triple. --ldap-ntpasswdhash=<string> Species new LDAP ntPasswdHash attribute. Note: --ldap-shadow attributes specify references to settings that were historically stored in the shadow password le /etc/shadow in UNIX systems.
34
--ldap-shadowexpire=<string> Species new LDAP shadowExpire attribute. --ldap-shadowag=<string> Species new LDAP shadowFlag attribute. --ldap-shadowinactive=<string> Species new LDAP shadowInactive attribute. --ldap-shadowlastchange=<string> Species new LDAP shadowLastChange attribute. --ldap-shadowmax=<string> Species new LDAP shadowMax attribute. --ldap-shadowmin=<string> Species new LDAP shadowMin attribute. --ldap-shadow-user-lter=<string> Species new LDAP lter for shadow user properties. --ldap-shadowwarning=<string> Species new LDAP shadowmin attribute. --ldap-uid=<string> Species new LDAP uid attribute. --ldap-uidnumber=<string> Species new LDAP uidNumber attribute. --ldap-uniquemember=<string> Species new LDAP uniqueMember attribute. --ldap-user-lter=<string> Species new LDAP lter for user objects. --param=<string>, -p<string> Species a Parameter to modify. --value=<string>, -v<string> Sets the parameter specied by the --value option to the given value. --verbose Displays verbose information. The default values for these settings are dependant on the value of isi auth config modify --ldap-attribute-map=<AttributeMap>. The following table displays the default values for these parameters according to their respective maps: Table 1. Default Attribute Value Maps Attribute Map ldap-cn ldap-cryptpasswd ldap-email ldap-gecos ldap-gidnumber email gecos gidNumber rfc2307 ad cn msSFU30Password email msSFU30Gecos msSFU30GidNumber email gecos gidNumber ldapsam cn
35
rfc2307
ad
ldapsam (objectClass=posixGroup)
msSFU30HomeDirectory homeDirectory msSFU30LoginShell loginShell memberNisNetgroup msSFU30MemberUid memberUid (objectClass=nisNetgroup) nisNetgroupTriple sambaNTPassword
ldap-nis-netgroup-triple nisNetgroupTriple ldap-ntpasswdhash ldap-shadow-user-lter ldap-shadowexpire ldap-shadowag ldap-shadowinactive ldap-shadowlastchange ldap-shadowmax ldap-shadowmin ldap-shadowwarning ldap-uid ldap-uidnumber ldap-uniquemember ldap-user-lter Examples (objectClass=shadowAccount) (objectClass=User) shadowExpire shadowFlag shadowInactive shadowLastChange shadowMax shadowMin shadowWarning uid uidNumber
(objectClass=shadowAccount)
(objectClass=posixAccount) (objectClass=User)
(objectClass=sambaSamAccount)
The following command sets the LDAP email attribute value to "userEmail": isi auth config ldap modify --ldap-email="userEmail"
The following command sets the LDAP uidNumber attribute value to "UIDnum": isi auth config ldap modify --ldap-uidnumber="UIDnum"
36
OneFS Command Reference [--ldap-balance-servers] [--ldap-base-dn] [--ldap-bind-dn] [--ldap-bind-pw] [--ldap-bind-timeout] [--ldap-enabled] [--ldap-enumerate-groups] [--ldap-enumerate-users] [--ldap-ignore-tls-errors] [--ldap-require-secure-connection] [--ldap-search-timeout] [--ldap-server-uri] [--ldap-sign-and-seal] [--login-shell-template] [--lookup-domains] [--lookup-groups] [--lookup-normalize-groups] [--lookup-normalize-users] [--lookup-users] [--lsass-log-level] [--machine-password-changes] [--machine-password-lifespan] [--map-untrusted] [--nis-authentication-enabled] [--nis-balance-servers] [--nis-check-interval] [--nis-domain] [--nis-enabled] [--nis-enumerate-groups] [--nis-enumerate-users] [--nis-hostname-lookup] [--nis-request-timeout] [--nis-retry-time] [--nis-server] [--on-disk-identity] [--param=<string>] [--passwd-file] [--send-ntlmv2] [--sfu-support] [--space-replacement] [--store-sfu-mappings] [--trusted-domain-enumeration] [--uid-range] | --hidden}] [--detailed] [--verbose] Options If no options are specied, all authentication-related conguration options are displayed. --ad-reserved-gid-threshold Displays the minimum value for GIDs from Active Directory (AD). --ad-reserved-uid-threshold Displays the minimum value for UIDs from AD. --allocate-gids Displays whether GIDs are allocated in the ID provider. --allocate-uids Displays whether UIDs are allocated in the ID provider. --assume-default-domain Displays whether unqualied users are looked up in the primary trusted domain. --authentication-retries Displays the maximum number of domain controllers to try when a connection fails. --check-online-interval Displays the interval between domain online checks. --gid-range Displays the range of GIDs to use for allocating temporary GIDs. --group-le Displays the group replacement le. --home-dir-prex Displays the home directory prex. --home-dir-template Displays the home directory template. --ignored-trusted-domains Displays ignored trusted domains. --ldap-attribute-map Displays the default attribute denitions to be use with the Lightweight Directory Access Protocol (LDAP) server. --ldap-authentication-enabled
37
Displays whether provider is able to respond to authentication requests. --ldap-balance-servers Displays whether the LDAP provider is allowed to enable afnity with a random server. --ldap-base-dn Displays the distinguished name of the entry at which to start the LDAP search. --ldap-bind-dn Displays the distinguished name of the entry used to bind to the LDAP server. --ldap-bind-pw Displays the password used when binding to the LDAP server. --ldap-bind-timeout Displays the bind timeout period. --ldap-check-interval Displays the duration between checks for valid and invalid servers. --ldap-enabled Displays whether the ldap-provider is enabled. --ldap-enumerate-groups Displays whether the ldap-provider is able to respond to getgrent requests. --ldap-enumerate-users Displays whether the ldap-provider is able to respond to getpwent requests. --ldap-ignore-tls-errors Displays whether the ldap-provider ignores all Transport Layer Security (TLS) errors. --ldap-require-secure-connection Displays whether a secure connection is required when binding with a password or retrieving password related attributes. --ldap-search-timeout Displays the search timeout period. --ldap-server-uri Displays a comma separated list of LDAP server Uniform Resource Identiers (URIs). --ldap-sign-and-seal Displays LDAP Sign and Seal. --login-shell-template Displays the login shell template le. --lookup-domains Displays the domains that user and group lookups are limited to. --lookup-groups Displays whether groups are looked up before allocating a GID. --lookup-normalize-groups Displays whether the group name is normalized to lower case before lookup. --lookup-normalize-users Displays whether the user name is normalized to lower case before lookup. --lookup-users Displays whether users are looked up before allocating a UID.
38
--lsass-log-level Displays the log level for Local Security Authority Subsystem Service (LSASS). --machine-password-changes Displays whether the machine account password is periodically changed. --machine-password-lifespan Displays the maximum age of the password lifespan (in seconds). --map-untrusted Displays the NetBIOS domain that untrusted domains are mapped to during authentication. --nis-authentication-enabled Displays whether the provider is able to respond to authentication requests. --nis-balance-servers Displays whether the Network Information Service (NIS) provider is allowed to enable afnity with a random server. --nis-check-interval Displays the duration between checks for valid and invalid servers. --nis-domain Displays the NIS domain. --nis-enabled Displays whether the NIS provider is enabled. --nis-enumerate-groups Displays whether the NIS provider is able to respond to getgrent requests. --nis-enumerate-users Displays whether the NIS provider is able to respond to getpwent requests. --nis-hostname-lookup Displays the priority of NIS hostname lookups. --nis-request-timeout Displays the timeout period after which a request will not be retried and will fail. --nis-retry-time Displays the timeout period after which a request will be retried. --nis-server Displays a comma separated list of NIS servers. --on-disk-identity Displays preferred on-disk storage. --param=<string>, -p<string> Displays the specied parameter's value. --passwd-le Displays the supplemental password le. --send-ntlmv2 Displays whether NT LAN Manager (NTLM)v2 responses are sent. --sfu-support Displays Services for UNIX mode. --space-replacement
39
Displays space replacement. --store-sfu-mappings Displays whether mappings retrieved from Services for UNIX are stored instead of just cached. --trusted-domain-enumeration Displays control trusted domain enumeration. --uid-range Displays the range of UIDs that are used for allocating temporary UIDs. --detailed, -d Displays detailed information about parameters. --hidden Displays hidden parameters that should not be modied without guidance from Isilon Product Support. --verbose, -v Displays verbose output. Examples To view authentication-related conguration options, run the following command: isi auth config list The system displays output similar to the following example: Authentication Options Option name -----------------------------ad-reserved-gid-threshold ad-reserved-uid-threshold allocate-gids allocate-uids assume-default-domain authentication-retries check-online-interval gid-range group-file home-dir-prefix home-dir-template ignored-trusted-domains ldap-attribute-map ldap-authentication-enabled ldap-balance-servers ldap-base-dn ldap-bind-dn ldap-bind-pw ldap-bind-timeout ldap-ca-cert-file ldap-check-interval ldap-enabled ldap-enumerate-groups ldap-enumerate-users ldap-ignore-tls-errors ldap-require-secure-connection ldap-search-timeout ldap-server-uri ldap-sign-and-seal login-shell-template lookup-domains lookup-groups Value --------------------------------------------1 1 true true false 3 300 1000000 - 2000000 /ifs/home %H/%D/%U rfc2307 true true
60 180 true true true false false 100 false /bin/sh true
40
lookup-normalize-groups lookup-normalize-users lookup-users lsass-log-level machine-password-changes machine-password-lifespan map-untrusted nis-authentication-enabled nis-balance-servers nis-check-interval nis-domain nis-enabled nis-enumerate-groups nis-enumerate-users nis-hostname-lookup nis-request-timeout nis-retry-time nis-server on-disk-identity passwd-file send-ntlmv2 sfu-support space-replacement store-sfu-mappings trusted-domain-enumeration uid-range
true true true error true 2592000 true true 180 true true true disabled 20 5 native false none false both 1000000 - 2000000
41
OneFS Command Reference | | | | | | --nis-retry-time=<number> | --nis-server=<string> --on-disk-identity=<string> | --passwd-file=<string> --send-ntlmv2=<boolean> | --sfu-support=<string> --space-replacement=<string> | --store-sfu-mappings=<boolean> --trusted-domain-enumeration=<string> --uid-range=<number>-<number> | --param=<Parameter> --value=<Value>}...
Options You must specify at least one at least one authentication-related conguration options to modify. Specify authentication-related conguration options using the following options: --ad-reserved-gid-threshold --ad-reserved-uid-threshold --allocate-gids --allocate-uids --assume-default-domain --authentication-retries --check-online-interval --gid-range --group-le --home-dir-prex --home-dir-template --ignored-trusted-domains --ldap-attribute-map --ldap-authentication-enabled --ldap-balance-servers --ldap-base-dn --ldap-bind-dn --ldap-bind-pw --ldap-bind-timeout --ldap-enabled --ldap-enumerate-groups --ldap-enumerate-users --ldap-ignore-tls-errors --ldap-require-secure-connection --ldap-search-timeout --ldap-server-uri --ldap-sign-and-seal --login-shell-template --lookup-domains --lookup-groups --lookup-normalize-groups --lookup-normalize-users --lookup-users --lsass-log-level --machine-password-changes --machine-password-lifespan --map-untrusted --nis-authentication-enabled --nis-balance-servers --nis-check-interval
42
--nis-domain--nis-enabled --nis-enumerate-groups --nis-enumerate-users --nis-hostname-lookup --nis-request-timeout --nis-retry-time --nis-server --on-disk-identity --passwd-le --send-ntlmv2 --sfu-support --space-replacement --store-sfu-mappings --trusted-domain-enumeration --uid-range --param and --value (must be specied together)
--ad-reserved-gid-threshold=<number> Species the minimum value for GIDs from Active Directory (AD). --ad-reserved-uid-threshold=<number> Species the minimum value for UIDs from AD. --allocate-gids=<boolean> Species whether GIDs in the ID provider are allocated. --allocate-uids=<boolean> Species whether UIDs are allocated in the ID provider. --assume-default-domain=<boolean> Species whether unqualied users are looked up in the primary trusted domain. --authentication-retries=<number> Species the maximum number of domain controllers to try when a connection fails. --check-online-interval=<number> Species the interval between domain online checks. --gid-range=<number>-<number> Species the range of GIDs to use for allocating temporary GIDs. --group-le=<string> Species the group replacement le. --home-dir-prex=<string> Species the home directory prex. --home-dir-template=<string> Species the home directory template. --ignored-trusted-domains=<string> Species the ignored trusted domains. --ldap-attribute-map=<AttributeMap> Species the default attribute denitions to be used with the Lightweight Directory Access Protocol (LDAP) server. The following values are valid:
43
rfc2307 ad ldapsam
The following table lists the attribute values for their respective default maps: The default values for these settings are dependant on the <AttributeMap> value of isi auth config modify --ldap-attribute-map=<AttributeMap>. The following table displays the default values for these parameters according to their respective maps: Table 2. Default Attribute Value Maps Attribute Map ldap-cn ldap-cryptpasswd ldap-email ldap-gecos ldap-gidnumber ldap-group-lter email gecos gidNumber rfc2307 ad cn msSFU30Password email msSFU30Gecos email gecos ldapsam cn
msSFU30GidNumber gidNumber
(objectClass=posixGroup) (objectClass=Group) (objectClass=posixGroup) msSFU30HomeDirectory homeDirectory msSFU30LoginShell loginShell memberNisNetgroup msSFU30MemberUid memberUid (objectClass=nisNetgroup) nisNetgroupTriple sambaNTPassword (objectClass=shadowAccount)
ldap-netgroup-lter (objectClass=nisNetgroup) ldap-nis-netgroup-triple nisNetgroupTriple ldap-ntpasswdhash ldap-shadow-user-lter (objectClass=shadowAccount) (objectClass=User) ldap-shadowexpire ldap-shadowag shadowExpire shadowFlag
ldap-shadowinactive shadowInactive
ldap-shadowlastchange shadowLastChange msSFU30ShadowLastChange shadowLastChange ldap-shadowmax ldap-shadowmin shadowMax shadowMin msSFU30ShadowMax shadowMax msSFU30ShadowMin shadowMin msSFU30ShadowW arning shadowWarning sAMAccountName uid
(objectClass=posixAccount) (objectClass=User)
(objectClass=sambaSamAccount)
To congure LDAP attributes for non-standard directories, use the isi auth ldap modify command.
44
--ldap-authentication-enabled=<boolean> Enables the provider to respond to authentication requests. --ldap-balance-servers=<boolean> Allows the LDAP provider to enable afnity with a random server. --ldap-base-dn=<string> Species the name of the entry at which to start the LDAP search. --ldap-bind-dn=<string> Species the name of the entry used to bind to the LDAP server. --ldap-bind-pw=<string> Species the password used when binding to the LDAP server. --ldap-bind-timeout=<number> Species the bind timeout period. --ldap-check-interval=<number> Species the duration between checks for valid and invalid servers. --ldap-enabled=<boolean> Enables the LDAP provider. --ldap-enumerate-groups=<boolean> Enables the LDAP provider to respond to getgrent requests. --ldap-enumerate-users=<boolean> Enables the LDAP provider to respond to getpwent requests. --ldap-ignore-tls-errors=<boolean> Species whether the LDAP provider ignores all Transport Layer Security (TLS) errors. --ldap-require-secure-connection=<boolean> Species whether a secure connection is required when binding with a password or retrieving password related attributes. --ldap-search-timeout=<number> Species the search timeout period. --ldap-server-uri=<string> Species LDAP server Uniform Resource Identiers (URIs). Specify in a comma-separated list. --ldap-sign-and-seal=<boolean> Species LDAP Sign and Seal. --login-shell-template=<string> Species the login shell template. --lookup-domains=<string> Species domains that user and group lookups are limited to. --lookup-groups=<boolean> Species whether groups are looked up before allocating a GID. --lookup-normalize-groups=<boolean> Species whether the group name is normalized to lower case before lookup. --lookup-normalize-users=<boolean> Species whether the user name is normalized to lower case before lookup. --lookup-users=<boolean>
45
Species whether users are looked up before allocating a UID. --lsass-log-level=<string> Species the log level for Local Security Authority Subsystem Service (LSASS). The following value are valid (log levels are organized from least to most information): error warning info verbose debug trace
--machine-password-changes=<boolean> Species whether the machine account password is periodically changed. --machine-password-lifespan=<number> Species the maximum age of the password lifespan (in seconds). --map-untrusted=<string> Species the NetBIOS domain that untrusted domains are mapped to during authentication. --nis-authentication-enabled=<boolean> Species whether the provider is able to respond to authentication requests. --nis-balance-servers=<boolean> Species whether the nis-provider is allowed to enable afnity with a random server. --nis-check-interval=<number> Species the duration between checks for valid and invalid servers. --nis-domain=<string> Species the Network Information Service (NIS) domain. --nis-enabled=<boolean> Enables the NIS provider. --nis-enumerate-groups=<boolean> Species whether the NIS provider is able to respond to getgrent requests. --nis-enumerate-users=<boolean> Species whether the NIS provider is able to respond to getpwent requests. --nis-hostname-lookup=<string> Species the priority of NIS hostname lookups. --nis-request-timeout=<number> Species the timeout period after which a request will not be retried and will fail. --nis-retry-time=<number> Species the timeout period after which a request will be retried. --nis-server=<string> Species NIS servers. Specify in a comma separated list. --on-disk-identity=<string> Species preferred on-disk storage. --passwd-le=<string> Species the supplemental password le.
46
--send-ntlmv2=<boolean> Species whether NT LAN Manager (NTLM)v2 responses are sent. --sfu-support=<string> Species Services for UNIX mode. Valid values are: none, rfc2307. --space-replacement=<string> Species space replacement. --store-sfu-mappings=<boolean> Species whether mappings retrieved from Services for UNIX are stored instead of just cached. --trusted-domain-enumeration=<string> Species control trusted domain enumeration. --uid-range=<number>-<number> Species the range of UIDs to use for allocating temporary UIDs. --param=<Parameter>, -p<Parameter> Species a parameter to modify. --value=<Value>, -v<Value> Sets the given <Parameter> to the specied <Value>. Examples To have the ldap-provider ignore all TLS errors, run the following command: isi auth config modify -pldap-ignore-tls-errors -vtrue The following command causes the password of the machine to be changed approximately every 3 months: isi auth config modify --machine-password-changes=true --machine-password-lifespan=7776000
47
OneFS Command Reference [--nis-request-timeout] [--nis-retry-time] [--nis-server] [--on-disk-identity] [--param=<string>] [--passwd-file] [--send-ntlmv2] [--sfu-support] [--space-replacement] [--store-sfu-mappings] [--trusted-domain-enumeration] [--uid-range] Options --ad-reserved-gid-threshold Reverts the minimum value for GIDs from Active Directory (AD) back to the default value. --ad-reserved-uid-threshold Reverts the minimum value for UIDs from AD back to the default value. --allocate-gids Reverts whether GIDs are allocated in the id-provider back to the default setting. --allocate-uids Reverts whether UIDs are allocated in the id-provider back to the default setting. --assume-default-domain Reverts whether unqualied users are looked up in the primary trusted domain back to the default setting. --authentication-retries Reverts the maximum number of domain controllers that are tried when a connection fails back to the default value. --check-online-interval Reverts the interval between domain online checks back to the default value. --gid-range Reverts the range of GIDs that are used for allocating temporary GIDs back to the default value. --group-le Reverts the group replacement le back to the default le. --home-dir-prex Reverts the home directory prex back to the default prex. --home-dir-template Reverts the home directory template back to the default template. --ignored-trusted-domains Reverts ignored trusted domains back to the default domains. --ldap-attribute-map Reverts the default attribute denitions that are used with the Lightweight Directory Access Protocol (LDAP) server back to the default denitions. --ldap-authentication-enabled Reverts whether the provider is able to respond to authentication requests back to the default setting. --ldap-balance-servers Reverts whether the ldap-provider is able to establish afnity with a random server back to the default setting. --ldap-base-dn Reverts the name of the entry at which to start the LDAP search back to the default name. --ldap-bind-dn Reverts the name of the entry used to bind to the LDAP server back to the default name. --ldap-bind-pw
48
Reverts the password used when binding to the LDAP server back to the default password. --ldap-bind-timeout Reverts the bind timeout period back to the default password. --ldap-check-interval Reverts the duration between checks for valid and invalid servers back to the default value. --ldap-enabled Reverts whether the ldap-provider is enabled back to the default setting. --ldap-enumerate-groups Reverts whether the ldap-provider is able to respond to getgrent requests back to the default setting. --ldap-enumerate-users Reverts whether the ldap-provider is able to respond to getpwent requests back to the default setting. --ldap-ignore-tls-errors Reverts the whether the ldap-provider ignores all Transport Layer Security (TLS) errors back to the default setting. --ldap-require-secure-connection Reverts whether a secure connection is required when binding with a password or retrieving password related attributes back to the default setting. --ldap-search-timeout Reverts the search timeout period back to the default value. --ldap-server-uri Reverts the list of LDAP server Uniform Resource Identiers (URIs) back to the default list. --ldap-sign-and-seal Reverts the LDAP Sign and Seal parameter back to its original value. --login-shell-template Reverts the login shell template back to the default template. --lookup-domains Reverts whether to limit user and group lookup to the listed domains back to the default setting. --lookup-groups Reverts whether to lookup groups before allocating a GID back to the default setting. --lookup-normalize-groups Reverts whether to normalize the group name to lower case before lookup back to the default setting. --lookup-normalize-users Reverts whether to normalize the user name to lower case before lookup back to the default setting. --lookup-users Reverts whether to lookup users before allocating a UID back to the default setting. --lsass-log-level Reverts the log level for Local Security Authority Subsystem Service (LSASS) back to the default level. --machine-password-changes Reverts whether the machine account password is changed periodically back to the default setting. --machine-password-lifespan Reverts the maximum age of the password lifespan back to the default value. --map-untrusted
49
Reverts the NetBIOS domain that untrusted domains are mapped to during authentication back to the default value. --nis-authentication-enabled Reverts whether provider is able to respond to authentication requests back to the default setting. --nis-balance-servers Reverts whether the Network Information Service (NIS) provider is able to establish afnity with a random server back to the default setting. --nis-check-interval Reverts the duration between checks for valid and invalid servers back to the default value. --nis-domain Reverts the NIS domain back to the default domain. --nis-enabled Reverts whether the NIS provider is enabled back to the default setting. --nis-enumerate-groups Reverts whether the NIS provider is able to respond to getgrent requests back to the default setting. --nis-enumerate-users Reverts whether the NIS provider is able to respond to getpwent requests back to the default setting. --nis-hostname-lookup Reverts the priority of NIS hostname lookups back to the default value. --nis-request-timeout Reverts the timeout period after which a request will not be retried and will fail back to the default value. --nis-retry-time Reverts the timeout period after which a request will be retried back to the default value. --nis-server Reverts the list of NIS servers back to the default list. --on-disk-identity Reverts preferred on-disk storage back to the default value. --passwd-le Reverts the supplemental password le back to the default le. --send-ntlmv2 Reverts whether NT LAN Manager (NTLM)v2 responses are sent back to the default setting. --sfu-support Reverts Services for UNIX mode back to default value. --space-replacement Reverts space replacement back to default value. --store-sfu-mappings Reverts whether mappings retrieved from Services for UNIX are stored instead of just cached back to the default setting. --trusted-domain-enumeration Reverts control trusted domain enumeration back to default value. --uid-range Reverts the range of UIDs to use for allocating temporary UIDs back to the default value.
50
--param=<string>, -p<string> Reverts specied parameters back to their default values or settings. Examples To revert the minimum value for GIDs from AD back to the default value, run the following command: isi auth config revert --ad-reserved-gid-threshold To revert the space replacement value back to the default setting, run the following command: isi auth config revert --param=space-replacement
--read-le=<Path> Reads rules from a le. --read-line=<string> Reads a semicolon-separated list of rules on the command line. --revert Erases existing rules. --list, -l Lists the current rules. Examples The following command joins together two users so that both "newUser" and "DOMAIN\newUser" are recognized as the same user: isi auth config rules --read-line='newUser &= DOMAIN\newUser' To view a list of existing rules, run the following command: isi auth config rules --list The system displays output similar to the following example: # Current ID Mapping rules newUser &= DOMAIN\newUser []
51
52
--force, -f
53
--gid=<GID>, -g<GID> Displays only the group with the specied GID. --sid=<SID>, -S=<SID> Displays only the group with the specied SID. Examples To display a list of existing groups, their respective GIDs and SIDs, and all members of each group, run the following command: isi auth local groups list -v The system displays output similar to the following example: Name: Gid: Sid: Members: Name: Gid: Sid: Members: Name: Gid: Sid: Members: Name: Gid: Sid: Members: Administrators 1544 S-1-5-32-544 Administrator1 Users 1545 S-1-5-32-545 user1, user2 Guests 1546 S-1-5-32-546 Guest newgroup 1548 S-1-5-21-441786143-3494145130-872276121-1001 newuser
54
You must specify at least one action. Specify one or more actions using the following commands: --add-member-user --del-member-user --add-member-uid --del-member-uid --add-member-group --del-member-group --add-member-gid --del-member-gid --add-member-sid --del-member-sid
--name=<string>, -n=<string> Modies the specied group. --gid=<GID>, -g<GID> Modies the group with the specied group identier (GID). --sid=<SID>, -S=<SID> Modies the group with the specied security identier (SID). --add-member-user=<List> Adds one or more users to the group. Specify as a comma-delimited list of user names. --add-member-uid=<List> Adds one or more users to the group. Specify as a comma-delimited list of UIDs. --add-member-group=<List> Adds one or more subgroups to the group. Specify as a comma-delimited list of group names. --add-member-gid=<List> Adds one or more subgroups to the group. Specify as a comma-delimited list of GIDs. --add-member-sid=<List> Adds a comma-delimited list of SIDs to the group. To view a list of existing users' SIDs, run isi auth local users list --verbose. --del-member-user=<List> Removes one or more users from the group. Specify in a comma-delimited list of users. To view which users belong to a specic <Group>, run the following command: isi auth local groups list --name=<Group> --verbose --del-member-uid=<List> Removes one or more users from the group. Specify as a comma-delimited list of UIDs from the group. To view which users belong to a specic <Group>, run the following command: isi auth local groups list --name=<Group> --verbose . --del-member-group=<List> Removes one or more subgroups from the group. Specify as a comma-delimited list of group names. To view which subgroups belong to a specic <Group>, run the following command: isi auth local groups list --name=<Group> --verbose --del-member-gid=<List>
55
Removes one or more subgroups from the given group. Specify as a comma-delimited list of GIDs. To view which subgroups belong to a specic <Group>, run the following command: isi auth local groups list --name=<Group> --verbose --del-member-sid=<List> Removes a comma-delimited list of SIDs from the group. --target-gid=<GID> Species a new GID for the group. This option requires the --force option. --force, -f Does not display any warnings that would otherwise be displayed. --verbose, -v Displays detailed information. Examples The following command adds the user "newuser" to the group "newgroup": isi auth local groups modify --name=newgroup --add-member-user=newuser The following command removes users with UIDs 2012 and 2011 from the group "newgroup": isi auth local groups modify --name=newGroup --del-member-uid=2012,2011 The following command changes the GID of a group from 1000 to 3000
56
--shell=<Shell>, -s=<Shell> Species the user's shell. --homedir=<Directory>, -d<Directory> Species the user's home directory. --gecos=<string>, -c<string> Adds a comma-separated list of values for the following gecos eld entries in the user's password le: Full Name: Office Location: Office Phone: Home Phone: Other information: For example, the --gecos="Jane Doe",Seattle,555-5555,,"Temporary worker" option results in the following entries: Full Name: Jane Doe Office Location: Seattle Office Phone: 555-5555 Home Phone: Other information: Temporary worker --force, -f Does not display any warnings that would otherwise be displayed. Examples The following command creates a new user named "user1": isi auth local users create --name=user1 The system displays output similar to the following example: User: user1 Uid: 2005 Gid: 1800(Isilon Users) Sid: S-1-5-21-3863706122-1329939716-3053962897-1005 Shell: /bin/zsh Home: /ifs/home/user1 Groups: 1800(Isilon Users), 1800(Isilon Users) Flags: Account Disabled Successfully created user user1.
57
Specify a user using one of the following options: --name --uid --sid Required. Forces the command to complete. --name=<string>, -n=<string> Deletes the specied user. --uid=<UID>, -u=<UID> Deletes the user with the specied user identier (UID). --sid=<SID>, -S=<SID> Deletes the user with the specied security identier (SID). Examples The following command deletes a user named "user1": isi auth local users delete --name=user1 --force
--force, -f
58
The system displays output similar to the following example: Local Users: Guest root nobody To view detailed information about all existing users, run the following command: isi auth local users list -v The system displays output similar to the following example: Local Users: User: Guest Uid: 1501 Gid: 1800(Isilon Users) Sid: S-1-5-21-3863706122-1329939716-3053962897-501 Shell: /sbin/nologin Home: /tmp Groups: 1800(Isilon Users), 1546(Guests), 1800(Isilon Users) Flags: Password Expired User: Uid: Gid: Sid: Shell: Gecos: Home: Groups: root* 0 0(wheel) S-1-22-1-0 /usr/local/bin/zsh Root /root 0(wheel), 20(staff), 0(wheel), 70(ifs), 5(operator), 10(admin)
User: nobody* Uid: 65534 Gid: 65534(nobody) Sid: S-1-22-1-65534 Shell: /usr/sbin/nologin Gecos: Unprivileged user Home: /nonexistent Groups: 65534(nobody), 65534(nobody) Flags: Account Disabled
59
Specify a user using one of the following options: --name --uid --sid
--name=<string>, -n=<string> Modies the specied user. --uid=<UID>, -u<UID> Modies the user that is associated with the specied user identier (UID). --sid=<SID>, -S=<SID> Modies the user that is associated with the specied security identier (SID). --add-group-name=<string> Adds the user to the specied group. --add-group-gid=<GID> Adds the user to the group that has the specied group identier (GID). --del-group-name=<string> Removes the user from the specied group. --del-group-gid=<GID> Removes the user from the group that has the specied GID. --shell=<Shell>, -s=<Shell> Species the user's shell. --enable Enables the user account. --disable Disables the user account. --unlock Unlocks the user account. --homedir=<Path>, -d=<Path> Species the user's home directory. --gecos=<string>, -c<string> Overwrites the following gecos eld entries in the user's password le: Full Name: Office Location: Office Phone: Home Phone: Other information: Values must be entered as a comma-separated list. For example, the --gecos="Jane Doe",Seattle,,(206)555-5555,"Temporary worker" option results in the following entries: Full Name: Jane Doe Office Location: Seattle Office Phone: Home Phone: (206)555-5555 Other information: Temporary worker --gid=<GID>, -g=<GID> Species a a new primary group for this user.
60
--password=<Password> Species a password for the user. --target-uid=<UID> Species a new UID for the user. This option requires the --force option. --password-never-expires Species that the password never expires. --password-must-expire Species that the password must expire. --force, -f Suppresses any prompts, warnings, or conrmation messages that would otherwise appear when running this command. --verbose, -v Displays detailed information. Examples The following command adds the user "newuser" to the group "newgroup": isi auth local users modify --name=newuser --add-group-name=newgroup The following command forces a user's ID to update from 2005 to 3005: isi auth local users modify --uid=2005 --target-uid=3005 --force The following example output indicates that the UID, which corresponds to a user named user1, was successfully modied: Successfully modified UID of user user1.
61
Examples
To set the log level to always, run the following command: isi auth log-level --set=always
Specify the target using one of the following parameters: --target --target-uid --target-gid --target-sid --target-principal --target-name --target-user
62
--target-group
--source=<Persona> Species the source persona of the mapping being deleted. Specify in one of the following forms: UID:<UID> GID:<GID> SID:<SID> NAME:{<User|<Group>} USER:<User> GROUP:<Group>
--source-uid=<UID> Species the source UID of the mapping being deleted. --source-gid=<GID> Species the source GID of the mapping being deleted. --source-sid=<SID> Species the source SID of the mapping being deleted. --source-principal=<Principal> Species the source principal of the mapping being deleted. --source-name={<User>|<Group>} Species the source user name of the mapping being deleted. --source-user=<User> Species the source user of the mapping being deleted. --source-group=<Group> Species the source group of the mapping being deleted. --target=<Persona> Species the target persona of the mapping being deleted. Specify in one of the following forms: UID:<UID> GID:<GID> SID:<SID> NAME:{<User|<Group>} USER:<User> GROUP:<Group> Note: If specied, only the mapping for this target is removed. --target-uid=<UID> Species the target UID of the mapping being deleted. Note: If specied, only the mapping for this target is removed. --target-gid=<GID> Species the target GID of the mapping being deleted.
63
Note: If specied, only the mapping for this target is removed. --target-sid=<SID> Species the target SID of the mapping being deleted. Note: If specied, only the mapping for this target is removed. --target-principal=<Principal> Species the target principal of the mapping being deleted. Note: If specied, only the mapping for this target is removed. --target-name={<User>|<Group>} Species the target user or group name of the mapping being deleted. Note: If specied, only the mapping for this target is removed. --target-user=<User> Species the target user of the mapping being deleted. Note: If specied, only the mapping for this target is removed. --target-group=<Group> Species the target group of the mapping being deleted. Note: If specied, only the mapping for this target is removed. --2way Deletes the mapping on both the target and source directories. Examples The following command removes the mapping from newUser to otherUser: isi auth mapping delete --source=USER:newUser --target-source=USER:otherUser The following command removes all mappings from newUser to targets: isi auth mapping delete --source=USER:newUser
64
--le=<Path>, -f<Path> Prints database to the specied le. Examples To view the kernel mapping database, run the following command: isi auth mapping dump The system displays output similar to the following example: ["UID:1000000", [["GROUP:newGroup1", 32]]] ["UID:1000001", [["GROUP:newGroup2", 32]]] ["UID:1000002", [["USER:newGroup1", 32]]] ["GID:1000000", [["USER:user1", 32]]] ["GROUP:newGroup1", [["UID:1000000", 32]]] ["USER:user1", [["USER:user2", 0], ["GID:1000000", 32]]] ["USER:newGroup1", [["UID:1000002", 32]]]
--all
65
--source-uid=<UID> Species the source UID of the mapping cache being ushed. --source-gid=<GID> Species the source GID of the mapping cache being ushed. --source-sid=<SID> Species the source SID of the mapping cache being ushed. --source-principal=<Principal> Species the source principal of the mapping cache being ushed. --source-name=<User> Species the source user name of the mapping cache being ushed. --source-user=<User> Species the source user of the mapping cache being ushed. --source-group=<Group> Species the source group of the mapping cache being ushed. Examples To empty the cache after making changes to the rules specied by either the isi auth config rules command or the User Mapping Rules page in the Isilon web administration interface, run the following command: isi auth mapping flush --all
You must specify to either set or get either exactly one UID range or exactly one GID range. Specify whether to set or get a UID or GID range using one of the following options: --set-uid-low --set-uid-high --set-uid-hwm
66
--set-uid-low=<UID> Sets the lowest UID value in the range. --set-uid-high=<UID> Sets the highest UID value in the range. --set-uid-hwm=<UID> Species the next UID that will be allocated (the high water mark). Note: If the high water mark is set above the high UID value, UID allocation will fail. The high water mark cannot be set below the lowest UID value in the range. If the specied <UID> is below the low UID value, the high water mark is set to low UID value.
--set-gid-low=<GID> Sets the lowest GID value in the range. --set-gid-high=<GID> Sets the highest GID value in the range. --set-gid-hwm=<GID> Species the next GID that will be used (the high water mark). Note: If the high water mark is set above the high GID value, GID allocation will fail. High water mark cannot be set below the lowest GID value in the range. If specied <GID> is below the low GID value, high water mark is set to low GID value.
--get-uid-range Displays the current UID range. --get-gid-range Displays the current GID range. Examples To view UID and GID ranges, run the following command: isi auth mapping idrange --get-gid-range --get-uid-range The system displays output similar to the following example: UID Range: low = 1000000, high = 2000000, hwm = 1000003 GID Range: low = 1000000, high = 2000000, hwm = 1000001 The following command sets the range of UIDs to 300000000-500000000: isi auth mapping idrange --set-uid-low=300000000 --set-uid-high=500000000 The system displays output similar to the following example: UID Range: low = 300000000, high = 500000000, hwm = 300000000
67
68
Specify in one of the following forms: UID:<UID> GID:<GID> SID:<SID> NAME:{<User>|<Group>} USER:<User> GROUP:<Group>
--source-uid=<UID> Displays mappings only of specied source UID. --source-gid=<GID> Displays mappings only of specied source GID. --source-sid=<SID> Displays mappings only of specied source SID. --source-principal=<Principal> Displays mappings only of specied source principal. --source-name={<User>|<Group>} Displays mappings only of specied source user or group name. --source-user=<User> Displays mappings only of specied source user. --source-group=<Group> Displays mappings only of specied source group. --no-rpc Does not use RPC. --wide Displays output without truncations. Examples The following command lists mappings for user1: isi auth mapping list --source=USER:user1 The system displays output similar to the following example: Type Mapping
------------------------------------------------------------------------------------------------------Name user1 On-disk UID:2001 Unix uid 2001 (on disk) Unix gid None SMB S-1-5-21-2756868792-89031043-392775300-1000 NFSv4 user1
69
Specify the target using one of the following parameters: --target --target-uid --target-gid --target-sid --target-principal --target-name --target-user --target-group
--source=<Persona> Creates mappings of specied source persona. Specify in one of the following forms: UID:<UID> GID:<GID> SID:<SID> NAME:{<User>|<Group>} USER:<User> GROUP:<Group>
70
Creates mappings of specied source GID. --source-sid=<SID> Creates mappings of specied source SID. --source-principal=<Principal> Creates mappings of specied source principal. --source-name={<User>|<Group>} Creates mappings of specied source user or group name. --source-user=<User> Creates mappings of specied source user. --source-group=<Group> Creates mappings of specied source group. --target=<Persona> Creates mapping to specied target persona. Specify in one of the following forms: UID:<UID> GID:<GID> SID:<SID> NAME:{<User>|<Group>} USER:<User> GROUP:<Group>
--target-uid=<UID> Creates mapping to specied target UID. --target-gid=<GID> Creates mapping to specied target GID. --target-sid=<SID> Creates mapping to specied target SID. --target-principal=<Principal> Creates mapping to specied target principal. --target-name={<User>|<Group>} Creates mapping to specied target user or group. --target-user=<User> Creates mapping to specied target user. --target-group=<Group> Creates mapping to specied target group. --2way Creates mapping on both the target and source directories. --replace If the source already has a mapping to the same target type, replaces that mapping. --on-disk Target persona should be used to represent the source on disk. --auto Mapping is automatically generated. --external Mapping is from an external source.
71
OneFS Command Reference Examples The following command creates a mapping between newUser and newGroup: isi auth mapping modify --source=GROUP:newUser --target-name=newGroup
Specify the target type using one of the following options: --uid --gid --sid --principal
--source=<Persona> Species the source. Specify in one of the following forms: UID:<UID> GID:<GID> SID:<SID> NAME:{<User>|<Group>} USER:<User> GROUP:<Group>
--source-uid=<UID> Displays the mapping for the persona specied by the given UID. --source-gid=<GID> Displays the mapping for the persona specied by the given GID.
72
--source-sid=<SID> Displays the mapping for the persona specied by the given SID. --source-principal=<Principal> Displays the mapping for the persona specied by the given principal. --source-name={<User>|<Group>} Displays the mapping for the persona specied by the given user or group name. --source-user=<User> Displays the mapping for the persona specied by the given user. --source-group=<Group> Displays the mapping for the persona specied by the given group. --uid Displays the UID mapping. Note: If UID mapping already exists for this persona, no new mapping is created and the existing mapping is displayed. --gid Displays the GID mapping. Note: If GID mapping already exists for this persona, no new mapping is created and the existing mapping is displayed. --sid Displays the SID mapping. Note: If SID mapping already exists for this persona, no new mapping is created and the existing mapping is displayed. --principal Displays the principal mapping. Note: If principal mapping already exists for this persona, no new mapping is created and the existing mapping is displayed. Examples The following command displays the UID mapping for newGroup: isi auth mapping new --source=GROUP:newGroup --uid The system displays output similar to the following example: GROUP:newGroup -> 1000001 Note: The output is displayed in the same format regardless of whether the mapping is new or already exists.
73
74
--le=<Path>, -f<Path> Required. Species the user mapping database le to import mappings from (a .db le, usually idmap.db). --uid-range=<number>-<number> Species the range of auto-allocated UIDs. The default UID range is dened in the isi auth config settings. --gid-range=<number>-<number> Species the range of auto-allocated GIDs. The default GID range is dened in the isi auth config settings. --clear-idrange Clears all existing mappings in UID and GID ranges before importing new mappings. Note: If UID or GID ranges are not specied by --uid-range or --gid-range parameters, this option applies to the ID ranges dened in the isi auth config settings. --clear-reverse-mappings Removes all existing mappings for any newly imported IDs. --overwrite, -o Overwrites existing mappings. --append Appends imported mappings without modifying existing mappings. Examples The following command overwrites existing mappings in the mapping database with mappings from idmap.db: isi auth mapping upgrade-db --file=idmap.db --overwrite
75
lsa-activedirectory-provider: Mode: unprovisioned Status: online Primary Domain: TEST.ISILON.COM Forest: test.isilon.com Site: SiteA lsa-local-provider: Mode: Status: Primary Domain: lsa-nss-provider: Mode: Status: lsa-file-provider: Mode: Status: lsa-ldap-provider: Mode: Status: lsa-nis-provider: local system active DOMAIN local system active unknown disabled unknown disabled
76
Mode: Status:
unknown disabled
77
Species pattern of lename; this option overwrites any existing lters. Multiple lters can be specied by using multiple "--glob-lter" options (for example: isi avscan config --glob-filter="*.txt" --glob-filter="*.log"). --path-prex=<string> Species one or more paths to include in real-time scans; this option overwrites any existing prexes. Multiple prexes can be specied by using multiple "--path-prex" options (for example: isi avscan config --path-prefix="prefix1" --path-prefix=="prefix2"). --add-server=<string> Species the URL of a new ICAP server to add. --del-server=<number> Deletes the specied server from the conguration le. --enable-server=<number> Enables the specied server in the conguration le. --disable-server=<number> Disables the specied server in the conguration le. Examples To view the current global conguration, run the following command: isi avscan config The system displays output similar to the following example: Glob filters: Remediations: Max scan size: Scan on open: fail open: Scan on close: Report expiry: disabled, exclude patterns repair, quarantine 2147483647 disabled enabled disabled 31536000
To scan only .txt and .log les, run the following command: isi avscan config --glob-enable=true --glob-include=true --glob-filter="*.txt" --glob-filter=".log"
78
The system displays output similar to the following example: File: /ifs/README.txt Last scan: never Scan result: never scanned Last ISTag: <none> Scan status: not current Quarantined: false
79
isi avscan policy --id=4db5d4b7100681 The system displays output similar to the following example: Policy id: Status: Name: Description: Paths: /ifs/home Recursion depth: Force: Last run: Scheduled run: Next run: 4db5d4b7100681 enabled newpolicy This policy scans the etc folder unlimited disabled 04-25-2011 13:08 every Friday at 4:00pm 04-29-2011 16:00
80
the {<number between 1 and 5>|last} <day of the week> every [<number between 1 and 12>] month the {<number between 1 and 23>|last} weekday every [<number between 1 and 12>] month the <number between 1 and 31>[st] every [<number between 1 and 31>[st]] month the last day every [<number between 1 and 31>[st]] month yearly on <month> [<number between 1 and 31>[st]]
<Frequency> is optional and can take either of the following forms (using either the 24 hour or 12 hour am/pm clock): at {<Hr>[:<Min>][{am|pm}]} every [<Number>] {hours|minutes} [from {<Hr>[:<Min>][{am|pm}]} to {<Hr>[:<Min>][{am|pm}]}]
Examples The following command creates an enabled policy that will scan the /ifs/ directory every Friday at 4:00pm: isi avscan policy add --name=newpolicy --enable=true --description="This policy scans the ifs directory" --path=/ifs/ --schedule="every Friday at 4:00pm"
81
Required. Species the ID of the policy. --enable=<boolean> Enables or disables this policy. --name=<string> Species the new name of the policy. --description=<string> Species a new description of this policy. --path=<directory> Species a new path to include in the anti-virus scan. This option can be specied multiple times. --force=<boolean> Species whether to complete the scan regardless of policy or cache. The default value is false. --schedule="<Interval> [<Frequency>]" Species when the policy is run. If this policy is intend for manual use only, specify an empty string (--schedule=""). <Interval> is required and can take one of the following forms: every <day of the week>[, ...] every [<number between 1 and 31>] day every [<number between 1 and 23>] weekday every [<number between 1 and 52>] week [on <day of the week>[, ...]] every [<number>] months [on the <number between 1 and 31>[st]] the {<number between 1 and 5>|last} <day of the week> every [<number between 1 and 12>] month the {<number between 1 and 23>|last} weekday every [<number between 1 and 12>] month the <number between 1 and 31>[st] every [<number between 1 and 31>[st]] month the last day every [<number between 1 and 31>[st]] month yearly on <month> [<number between 1 and 31>[st]]
<Frequency> is optional and can take either of the following forms (using either the 24 hour or 12 hour am/pm clock): at {<Hr>[:<Min>][{am|pm}]} every [<Number>] {hours|minutes} [from {<Hr>[:<Min>][{am|pm}]} to {<Hr>[:<Min>][{am|pm}]}]
Examples The following command disables the policy with an ID of 2dafc5c9161c51: isi avscan policy edit --id=2dafc5c9161c51 --enable=false
82
83
84
Displays only scans that are still in progress. Examples The following command displays only the most recent record: isi avscan report scan -max-results=1 The system displays output similar to the following example: Report ID: R:4dadd90d:16e10 Policy ID: MANUAL Status: Failed Start time: 04-19-2011 11:48:45 End time: 04-19-2011 11:48:45 Duration: Files: 0 Size: 0 Sent Bytes: 0 Threats: 0 Bandwidth: 1 records displayed.
85
Displays information only on threats that involved the specied action. The following values are valid: Examples To view recent threats, run the following command: isi avscan report threat If any records exist, the system displays output similar to the following example: Report ID: R:4db6cdbc:29bc File: /ifs/eicar.com Time: 04-26-2011 13:51:29 Remediation: Quarantined Threat: EICAR Test String Infected: eicar.com Policy ID: MANUAL 1 records displayed. infected truncated repaired quarantined
isi batterystatus
The isi batterystatus command displays the current state of NVRAM batteries and charging systems on node hardware that supports this feature. Syntax isi batterystatus
86
OneFS Command Reference Options There are no options for this command. Examples To view the current state of NVRAM batteries and charging systems, run the following command: isi batterystatus If the node hardware is not compatible, the system displays output similar to the following example: Battery status not supported on this hardware
isi config
The isi config command opens a new console where node and cluster settings can be congured. Note: While in isi config console, other Isilon IQ commands are unavailable and only isi config commands are valid. Syntax isi config
changes
The changes command displays a list of changes to the cluster conguration that have been entered into the isi config tool, but have not been applied to the system yet. To apply the changes displayed by the changes command, run the commit command. Note: This command must be run from within the isi config cluster conguration tool.
Syntax changes Examples To view a list of changes that have not been committed yet, run the following command: changes The system displays output similar to the following example: Cluster name : oldName -> newName Encoding : utf-8 -> cp932 int-a IP ranges : { 192.168.3.142-192.168.5.215 } -> { 192.168.5.11-192.168.8.155 } Node id 1 lnn : 1 -> 5 Node 1 lni int-a: 192.168.5.135 -> 192.168.7.143 Node 2 lni int-a: 192.168.5.162 -> 192.168.7.201 Join mode : Manual -> Secure
87
commit
The commit command applies conguration settings that have been entered into the the isi config tool, but have not been applied to the system yet. After applying the changes, the commit command exits the isi config tool. Note: This command must be run from within the isi config cluster conguration tool.
Syntax commit Examples To commit all changes and exit the isi config tool, run the following command: commit
date
The date command displays and sets the current time and date on a node. Note: This command must be run from within the isi config cluster conguration tool.
Syntax date [<time_and_date>] Options If no options are specied, the current time and date for this node is displayed. <time_and_date> Sets the current cluster time. Specify in the following form: <yyyy>/<mm>/<dd> <hh>:<mm>:<ss> Examples The following command sets the time and date to 1:00pm on January 1st, 2011: date 2011/01/01 13:00:00 Note: Changes will not be updated until you run the commit command and reboot the cluster. However, the updated date will reect time passed since you originally specied the new date. For example, if you set the time for 1:00pm, and then run commit ve minutes later, the time is set to 1:05pm.
deliprange
The deliprange command displays a list of IP addresses that are currently assignable to nodes and removes addresses from the list. Note: This command must be run from within the isi config cluster conguration tool.
88
OneFS Command Reference Options If no options are specied, the current list of IP ranges that can be assigned to nodes is displayed. <interface-name> Species the name of the interface. Valid values are: int-a int-b failover <IP range> Species the range of IP addresses that are no longer assignable to nodes. Specify in form "<lowest IP>-<highest IP>". Note: IP range cannot include an IP address that is currently assigned to a node belonging to the specied interface. Examples The following command removes the IP range of 192.168.3.142-192.168.5.215 from int-b: deliprange int-b 192.168.3.142-192.168.5.215 To display a list of IP address ranges that are currently assignable to nodes, run the following command: deliprange The system displays output similar to the following example: Interface int-a IP Ranges: 192.168.5.11-192.168.8.155 192.168.9.25-192.168.9.84 Interface int-b IP Ranges: No IP Ranges assigned. Interface failover ip ranges: No IP Ranges assigned. To display the currently available IP ranges for int-a, run the following command: deliprange int-a The system displays output similar to the following example: Interface int-a IP Ranges: 192.168.5.11-192.168.8.155 192.168.9.25-192.168.9.84 Note: Changes will not be updated until you run the commit command and reboot the cluster.
encoding
The encoding command sets the default encoding. Note: This command must be run from within the isi config cluster conguration tool.
89
OneFS Command Reference Options If no options are specied, the current encoding is displayed. list Displays a list of supported encodings. <Encoding> Species the default encoding. Examples To view a list of possible encodings, run the following command: encoding list To set the default encoding to Windows-949, run the following command: encoding cp932 Note: Changes will not be updated until you run the commit command and reboot the cluster.
exit
The exit command discards changes and exits the isi config tool. The quit command is an alias of this command. Note: This command must be run from within the isi config cluster conguration tool.
Syntax exit Examples To exit the isi config tool without committing any changes that were entered, run the following command: exit
help
The help command displays a list of all isi config commands and information about specic command. Note: This command must be run from within the cluster conguration tool, isi config.
Syntax help [<command>] Options If no options are specied, all valid commands are displayed. <command> Displays information about the specied command. The following values are valid: changes commit date
90
Examples
deliprange encoding exit help interface iprange ipset joinmode lnnset migrate netmask quit reboot remove shutdown status timezone version wizard
To view help for the encoding command, run the following command: help encoding
interface
The interface command sets and displays the IP ranges, netmask, MTU of interfaces, and whether interfaces are enabled or disabled. Note: This command must be run from within the isi config cluster conguration tool, isi config.
Syntax interface [<interface-name> [<enable/disable>]] Options If no options are specied, displays the IP ranges, netmask, MTU of interfaces, and whether interfaces are enabled or disabled. <interface-name> Species the name of the interface. Valid names are int-a and int-b. <enable/disable> Enables or disables int-b. Valid values are enable and disable. Note: This option is only valid if <interface-name> is set to int-b, and int-b has a netmask and IP range.
91
OneFS Command Reference Examples To enable interface a, run the following command: interface int-a enable To view the IP ranges, netmask and MTU of interface a, run the following command: interface int-a The system displays output similar to the following example: Information for int-a interface: Netmask : 255.255.255.0 IP Ranges : 192.168.5.11-192.168.8.155 Flags : Cluster Traffic, Enabled Note: Changes will not be updated until you run the commit command and reboot the cluster.
iprange
The iprange command displays a list of IP addresses that are currently assignable to nodes adds addresses to the list. Note: This command must be run from within the isi config cluster conguration tool.
Syntax iprange [<interface-name> [<IP range>]] Options If no options are specied, a list of IP ranges that are currently assignable to nodes is displayed. <interface-name> Species the name of the interface. The following values are valid: int-a int-b failover
<lowest IP>-<highest IP> Species the range of IP addresses that are now assignable to nodes. Specify in form "<lowest IP>-<highest IP>". The range must not be larger than 65535. Examples To display a list of IP address ranges that are currently assignable to nodes, run the following command: iprange The system displays output similar to the following example: Interface int-a IP Ranges: 192.168.9.25-192.168.9.84 Interface int-b IP Ranges: No IP Ranges assigned. Interface failover ip ranges: No IP Ranges assigned.
92
To display the currently available IP ranges for int-a, run the following command: iprange int-a The system displays output similar to the following example: Interface int-a IP Ranges: 192.168.9.25-192.168.9.84
The following command adds the IP range of 192.168.5.11-192.168.8.155 from int-a: iprange int-a 192.168.5.11-192.168.8.155 Note: Changes will not be updated until you run the commit command and reboot the cluster.
joinmode
Displays or changes the cluster add node setting. Note: This command must be run from within the cluster conguration tool, isi config.
Syntax joinmode [<mode>] Options If no options are specied, the current add node setting is displayed. <mode> Species the cluster add node setting. The following values are valid: manual Congures the cluster to add new nodes in a separate, manually executed process. secure Congures the cluster to disallow any new node from joining the cluster externally. Examples To congure the cluster to disallow any new node from joining the cluster externally, run the following command: joinmode secure Note: Changes will not be updated until you run the commit command and reboot the cluster.
lnnset
The lnnset command displays the logical node number (LNN), device ID, and internal IP address for each node in the cluster, and changes the LNNs of nodes. Note: This command must be run from within the isi config cluster conguration tool.
93
OneFS Command Reference Options If no options are specied, this command displays a table containing the LNN, device ID, and internal IP address of each node in the cluster. <old lnn> Species the current LNN. <new lnn> Species a new LNN for the node. New LNN must not be currently assigned to another node. Examples To change the LNN of a node from 1 to 5, run the following command: lnnset 1 5 Note: Changes will not be updated until you run commit and reboot the cluster.
migrate
The migrate command displays and modies a list of IP address ranges that are currently assignable to nodes. Note: This command must be run from within the isi config cluster conguration tool.
Syntax migrate [<interface-name> [[<old IP range>] <new IP range> [-n<netmask>]]] Options If no options are specied, a list of IP address ranges that are currently assignable to nodes is displayed. <interface-name> Species the name of the interface. Valid values are: int-a int-b failover <old IP range> Species the range of IP addresses that are no longer assignable to nodes. If not specied, all existing IP ranges are removed before the new IP range is added. Specify in form "<lowest IP>-<highest IP>". <new IP range> Species the range of IP addresses that are now assignable to nodes. Specify in form "<lowest IP>-<highest IP>". -n<netmask> Species a new netmask for the interface. Examples To delete the IP range of 192.168.5.11-192.168.8.155 for int-a and replace it with the range of 192.168.9.25-192.168.9.84, run the following command: migrate int-a 192.168.5.11-192.168.8.155 192.168.9.25-192.168.9.84
94
Note: If more than one node is given a new IP address, the cluster will reboot when the change is committed. If only one node is given a new IP address, only that node is rebooted.
mtu
The mtu command displays and sets the size of the Maximum Transmission Unit (MTU) the cluster uses for internal network communications. Note: This command must be run from within the cluster conguration tool, isi config.
Syntax mtu [<Value>] Options If no options are specied, the current MTU value is displayed. <Value> Species a new MTU value. Any value is valid, but not all values will be compatible with your network. The most common settings are 1500 for standard frames and 9000 for jumbo frames. Examples To set the MTU value to 9000, run the following command: mtu 9000 Note: Changes to the MTU affect all internal networks, but changes will not be updated until you run the commit command and reboot the cluster.
name
The name displays and changes the name assigned to the cluster. Note: This command must be run from within the cluster conguration tool, isi config.
Syntax name [<NewName>] Options <NewName> Species a new name for the cluster. Example To change the name of a cluster to "newName", run the following command: name newName
netmask
The netmask command displays the subnet IP masks that the cluster is currently using, and sets new subnet IP masks. Note: This command must be run from within the cluster conguration tool, isi config.
95
OneFS Command Reference Syntax netmask [<interface-name> [<IP-mask>]] Options If no options are specied, the current subnet IP masks are displayed. <interface-name> Species the interface name. Valid values are int-a and int-b. <IP Mask> Species a new IP mask for the interface. Examples To set the netmask of interface a to 255.255.255.0, run the following command: netmask int-a 255.255.255.0 Note: Changes will not be updated until you run the commit command and reboot the cluster.
quit
The quit command is an alias of the exit command. For information about this command, see the exit command reference topic.
reboot
The reboot command reboots nodes. Note: The following information describes the behavior of the reboot command while in the isi config cluster conguration tool. Note: If on an uncongured node, reboot does not accept any arguments.
Syntax reboot [<nodes>] Options If no options are specied, only the local node is rebooted. nodes Species which nodes to reboot. Valid values are <any_node_LNNs> and all. Examples To reboot a node with an LNN of 3, run the following command: reboot 3
shutdown
The shutdown command shuts down nodes. Note: The following information describes the behavior of the reboot command while in the isi config cluster conguration tool.
96
OneFS Command Reference Syntax shutdown [<nodes>] Options If no options are specied, only the local node is shut down. <nodes> Species one or more nodes to shut down. Valid values are <any_node_LNNs> and all. Examples To shut down a node with an LNN of 3, run the following command: shutdown 3
status
The status command displays current information about the status of the cluster. Note: This command must be run from within the isi config cluster conguration tool.
Syntax status [advanced] Options If no options are specied, this command displays status information for the local node and enabled interfaces. advanced Displays detailed information about all nodes and interfaces. Examples To display information about the local node and enabled interfaces, run the following command: status The system displays output similar to the following example: Configuration for 'Cluster' Local machine: ----------------------------------+----------------------------------------Node LNN : 1 | Date : 2011/04/19 14:34:46 PDT ----------------------------------+----------------------------------------Interface : ib1 | MAC : 00:02:c9:02:00:00:58:fa IP Address : 192.168.7.143 | MAC Options : none ----------------------------------+----------------------------------------Network: ----------------------------------+----------------------------------------JoinMode : Manual Interfaces: ----------------------------------+----------------------------------------Interface : int-a | Flags : enabled_ok cluster_traffic Netmask : 255.255.255.0 | MTU : N/A ----------------+-----------------+------------------+---------------------Low IP | High IP | Allocated | Free ----------------+-----------------+------------------+----------------------
97
timezone
The timezone command displays the current time zone and species new timezones. Note: This command must be run from within the isi config cluster conguration tool.
Syntax timezone [<TimezoneIdentifier>] Options If no options are specied, the current timezone identier is displayed. <TimezoneIdentier> Species the new time zone for the cluster. The following values are valid: Alaska Arizona Central Time Zone Easter Time Zone Greenwich Mean Time Hawaii Japan Mountain Time Zone Pacific Time Zone Advanced: Opens a prompt with more time zone options.
The default timezone is Greenwich Mean Time. Example To set the time zone on the cluster to Pacic time, run the following command: timezone Pacific Time Zone
version
The version command displays information about the currently running version of the operating system. Note: This command must be run from within the isi config cluster conguration tool.
Syntax version
wizard
The wizard command re-activates the wizard after it has been exited during the initial node conguration process. Note: This command is only valid during initial cluster conguration.
98
Note: This command must be run from within the isi config cluster conguration tool.
Syntax wizard Note: This command is not valid after the initial node conguration process is complete. It is only valid if the wizard has been exited during the initial node conguration process.
isi devices
The isi devices command displays information about devices in the cluster and changes their status. Syntax isi devices [--action=<Action> [--grid]] [--device=<Device>] [--log=<SyslogTag>] [--timeout=<Timeout>] Options If no options are specied, the current status of the local node is displayed. --action=<Action>, -a<Action> The following actions are valid: add Adds a node to the cluster. This action's --device=<Device> parameter is the node serial number of the node being added. The add action cannot be performed on an unavailable node. If an error occurs during the add process, the status of the uncongured node will include a description of the error. conrm Acknowledges that an error has occurred during the add process, and makes an uncongured node available for further add attempts. The action's --device=<Device> parameter is the node serial number of the uncongured node. The add action cannot be performed on an unavailable node. discover This action will display the failure status of any relevant error messages. This action does not accept a device argument. smartfail Smartfails a node or drive. This action's --device parameter is the logical node number (LNN) of the node, or both the LNN of the node and the number of the drive. status Displays status of nodes or drives. This action's --device parameter is the LNN of the node, or both the LNN of the node and the number of the drive. stopfail Stopfails a node or drive. This action's --device parameter is the LNN of the node, or both the LNN of the node and the number of the drive. format
! Caution: The format action is intended for use only by an Isilon support representative,
or under their instruction. The format action can be used only on a drive that has been smartfailed or otherwise removed from the system. If OneFS has automatically smartfailed a faulty drive, the faulty drive should not be formatted and forced back into service.
99
This action's --device parameter must be a drive. The action initiates a OneFS format of the specied drive. Once the format is complete, the drive is automatically initialized and utilized by OneFS. If no action is specied, the action is status. --grid, -g Formats the output of the status action as a grid that represents the physical layout of the bays in the chassis. --device=<Device>, -d<Device> Species the device on which to perform the action. If --action requires both an LNN and drive, specify in form "<LNN>:<drive>". <drive> can be specied as [bay]<N> or lnum<N>, where <N> is a valid bay or lnum number. If only :<drive> is specied, the local node is assumed. --log=<SyslogTag>, -L<SyslogTag> Logs the action result along with the specied tag to /var/log/messages. Only successfully parsed commands are logged. The following actions are supported: add smartfail stopfail format
--timeout=<Timeout> Species a timeout for the cluster information gather. Example To view the status of a node with a LNN of 2 in a grid format, run the following command: isi devices --action=status --device=2 --grid The system displays output similar to the following example: Node 2, [ OK ] Bay 1, Lnum 11 [HEALTHY] SN:XXXXXXXX /dev/twed0 Bay 5, Lnum 10 [HEALTHY] SN:XXXXXXXX /dev/twed1 Bay 9, Lnum 9 [HEALTHY] SN:XXXXXXXX /dev/twed2 Bay 2, Lnum 8 [HEALTHY] SN:XXXXXXXX /dev/twed3 Bay 6, Lnum 7 [HEALTHY] SN:XXXXXXXX /dev/twed4 Bay 10, Lnum 6 [HEALTHY] SN:XXXXXXXX /dev/twed5 Bay 3, Lnum 5 [HEALTHY] SN:XXXXXXXX /dev/twed6 Bay 7, Lnum 4 [HEALTHY] SN:XXXXXXXX /dev/twed7 Bay 11, Lnum 3 [HEALTHY] SN:XXXXXXXX /dev/twed8 Bay 4, Lnum 2 [HEALTHY] SN:XXXXXXXX /dev/twed9 Bay 8, Lnum 1 [HEALTHY] SN:XXXXXXXX /dev/twed10 Bay 12, Lnum 0 [HEALTHY] SN:XXXXXXXX /dev/twed11
To add a node with a serial number of "1MF2N-0QZRL-IVF2R-EXAMP-LE000" to the cluster and log the result with the tag "test", run the following command: isi devices --action=add --device=1MF2N-0QZRL-IVF2R-EXAMP-LE000 --log=test
100
| Type
101
------+----------------+---------65536 | /ifs/data/lock | SmartLock This output indicates that the directory is a SmartLock root whose ID is 65536. To view information about a le named wormfile.txt in the /ifs/data/lock/ directory, type: isi domain info -p /ifs/data/lock/wormfile.txt The system displays output similar to the following example: Domain Info for: /ifs/data/lock/wormfile.txt Domains ------ID | Root Path | Type ------+----------------+---------65536 | /ifs/data/lock | SmartLock SmartLock State: COMMITTED Expires: 2011-04-15 09:31:24
In this example, wormfile.txt is in a SmartLock directory tree rooted at /ifs/data/lock, and has been committed to a SmartLock state.
102
isi email
The isi email command congures the settings of email messages that are sent by system applications such as Events and SmartQuotas. Syntax isi email [--mail-relay=]<string> [--smtp-port=<number>] [mail-sender=<Sender>] [--mail-subject=<string>] [--use-smtp-auth=<boolean>] [--auth-user=<string>] [--auth-pass=<string>] [--use-encryption=<boolean>] Options --mail-relay=<string> Species the SMTP relay address. --smtp-port=<number> Species the SMTP relay port. The default value is 25. --mail-sender=<Sender> Emails generated by the system are displayed as being sent from the specied <Sender>. For example, if a cluster named examplecluster1.storage.company.com generated an email message while <Sender> was set to notification, the message would appear to have been sent from notication@examplecluster1.storage.company.com. --mail-subject=<string> Begins the subject line of each system-generated email with the specied prex string. --use-smtp-auth=<boolean> Species whether to use SMTP authentication. --auth-user=<string>, -u<string> Species the username for SMTP authentication. --auth-pass=<string>, -p<string> Species the password for SMTPauthentication. --use-encryption=<boolean> Species whether to use Transport Layer Security (TLS) encryption for SMTP Authentication. Examples The following command enables SMTP authentication and logs in through smtpUser: isi email --use-smtp-auth=true --auth-user=smtpUser --auth-pass=password The following command sets an alias of the mail sender to example@company.com and populates the Subject line of each generated email with "OneFS system message": isi email --mail-sender=example@company.com --mail-subject="OneFS system message"
103
104
--newest=<Time>, -n<Time> Species the newest event to display. Specify in one of the following forms: -<count><spec>: Where <count> is a number and <spec> is d, h, or m, standing for days hours and minutes, respectively. For example: 4d means four days. [MM/DD/][YY]YY [HH:MM]: Where M, D, and Y represent the month day and year. For example: 01/01/2011 13:00 means January 1, 2011 at 1:00pm.
--history, -s Displays events that have an end date ("Historical" events). --coalesced, -C Displays individual events that are otherwise coalesced into a single event. --severity=<value>, -v<value> Only displays events with specied levels of severity. The following values are valid: info warn critical emergency
Multiple severity levels can be specied in a comma-separated list. --localdb, -l Generates output using the local database rather than the master. --nodes=<value>, N<value>
105
Displays events created by specied nodes. The following values are valid: all '*': same as all. <int> <int>-<int>
Multiple values can be specied in a comma-separated list. --type=<number>, -i<number> Displays all instances of the listed event types. Multiple types can be specied in a comma-separated list. --columns=<string>, -c<string> Species the event list's columns in a comma-separated list. The following values are valid: coalesce_id end_time id lnn message quiet severity start_time type value
--sort-by=<string>, -b<string> Species which column to sort the rows by. The default column to sort by is start_time. --csv Displays rows in CSV format and does not include headers. --wide, -w Displays table in wide format without truncations. Examples Run the following command to view all critical events: isi events list --severity=critical The system displays output similar to the following example: ID 1.12 2.66 3.3 1.77 1.97 1.99 STARTED 04/13 11:29 04/18 11:03 04/18 11:06 04/18 11:01 04/18 13:53 04/19 09:18 ENDED 04/13 04/18 04/18 04/18 04/18 04/19 11:32 12:41 12:43 12:48 13:58 09:18 SEV C C C C C C LNN 3 2 3 1 1 All MESSAGE Node 3 is offline Recurring: The Active Directory Recurring: The Active Directory Recurring: The Active Directory Recurring: The Active Directory Test event sent from CLI
The following command displays all events that occurred over the past week except those that occurred less than an hour ago: isi events list -o-7d -n-1h
106
The system displays output similar to the following example: ID 1.8 1.94 2.15 1.126 1.99 2.5 1.102 2.8 1.129 2.18 1.132 2.21 1.139 2.28 1.149 2.38 1.514 3.338 3.346 3.347 3.362 3.363 1.44 3.296 1.484 1.486 1.485 3.4 3.7 3.15 3.18 3.25 3.35 3.345 3.348 3.355 STARTED 05/04 10:54 05/05 12:35 05/05 13:05 05/05 13:05 05/05 16:46 05/05 16:46 05/05 16:46 05/05 16:46 05/06 12:47 05/06 12:47 05/06 12:47 05/06 12:47 05/06 12:47 05/06 12:47 05/06 12:49 05/06 12:49 05/09 14:50 05/10 11:32 05/10 11:32 05/10 11:32 05/10 11:33 05/10 11:33 05/05 02:56 05/09 10:59 05/09 13:24 05/09 13:26 05/09 13:25 05/05 16:46 05/05 16:46 05/06 12:47 05/06 12:47 05/06 12:47 05/06 12:49 05/10 11:32 05/10 11:32 05/10 11:33 ENDED ----------------------05/05 05/09 05/09 05/09 05/09 05/10 05/10 05/10 05/10 05/10 05/10 05/10 05/10 05/10 SEV C W C C I I I I I I I I I I I I W I I I I I C C W W W I I I I I I I I I LNN 1 All 2 1 1 2 1 2 1 2 1 2 1 2 1 2 1 3 3 3 3 3 1 3 1 1 1 3 3 3 3 3 3 3 3 3 MESSAGE One or more drives (bay(s) 7 / typ ... AD server missing needed SPN(s) nfs... External network link ext-2 (em1) down External network link ext-2 (em1) down Recurring: Mountd host lookup faile... Recurring: Mountd host lookup faile... Recurring: Mountd host lookup faile... Recurring: Mountd host lookup faile... Recurring: Mountd host lookup faile... Recurring: Mountd host lookup faile... Recurring: Mountd host lookup faile... Recurring: Mountd host lookup faile... Recurring: Mountd host lookup faile... Recurring: Mountd host lookup faile... Recurring: Mountd host lookup faile... Recurring: Mountd host lookup faile... SyncIQ is encountering problems wit... Mountd host lookup failed for anoth... Recurring: Mountd host lookup faile... Recurring: Mountd host lookup faile... Recurring: Mountd host lookup faile... Mountd host lookup failed for anoth... Recurring: The Active Directory dom... The Active Directory domain theredo... Recurring: SyncIQ scheduler failed ... SyncIQ policy target path overlaps ... SyncIQ scheduler failed to start po... Recurring: Mountd host lookup faile... Recurring: Mountd host lookup faile... Recurring: Mountd host lookup faile... Recurring: Mountd host lookup faile... Recurring: Mountd host lookup faile... Recurring: Mountd host lookup faile... Mountd host lookup failed for somet... Mountd host lookup failed for anoth... Mountd host lookup failed for anoth...
03:01 11:04 13:25 14:51 14:51 11:27 11:27 11:27 11:27 11:27 11:27 11:33 11:33 11:33
107
Specify either an email address or an SNMP community and hostname by using either --email or --snmp. Include at least one event for at least one severity using one of the following options: --include-all --include-info --include-warn --include-critical --include-emergency
--name=<Name> Required. Species the name of the notication being created. --email=<email address> Species the email address to send smtp event. Multiple addresses can be specied in a comma-separated list. --snmp=<SNMP Community>@<SNMP Host> Species the SNMP community and hostname to send snmp event. Community and hostname must be connected by an @ symbol. Multiple entries can be specied in a comma-separated list. --include-all=<ID> Sends notices for specied events at all severity levels (info, warn, critical, emergency). The --include-all=all option sends notices for all events. Multiple events can be specied in a comma-separated list. --include-info=<ID> Sends notices for specied events at info severity. The --include-info=all option sends notices for all events at info. Multiple events can be specied in a comma-separated list. --include-warn=<ID> Sends notices for specied events at warn severity. The --include-warn=all option sends notices for all events at warn. Multiple events can be specied in a comma-separated list. --include-critical=<ID> Sends notices for specied events at critical severity. The --include-critical=all option sends notices for all events for critical. Multiple events can be specied in a comma-separated list. --include-emergency=<ID> Does not send notices for specied events at emergency severity. The --include-emergency=all option sends notices for all events at emergency. Multiple events can be specied in a comma-separated list. --exclude-all=<ID> Does not send notices for specied events for any severity (info, warn, critical, emergency). The --exclude-all=all option does not send notices for any events. Multiple events can be specied in a comma-separated list. --exclude-info=<ID> Does not send notices for specied events at info severity. The --exclude-info=all option does not send notices for any events at info. Multiple events can be specied in a comma-separated list. --exclude-warn=<ID> Does not send notices for specied events at warn severity. The --exclude-warn=all option does not send notices for any events at warn. Multiple events can be specied in a comma-separated list. --exclude-critical=<ID>
108
Does not send notices for specied events for critical severity. The --exclude-critical=all option does not send notices for any events at critical. Multiple events can be specied in a comma-separated list. --exclude-emergency=<ID> Does not send notices for specied events for emergency severity. The --exclude-emergency=all option does not send notices for any events for emergency. Multiple events can be specied in a comma-separated list. --force, -f Forces to overwrite an existing rule. Examples The following command creates a notication called "newNotication" that sends notications to user@isilon.com for all system disk events at all severity levels except "system disk in restripe" which is only sent if at emergency: isi events notifications create --name=newNotification --email=user@isilon.com --include-all=100000000 --exclude--info=100010009 --exclude--warn=100010009 --exclude--critical=100010009
109
OneFS Command Reference Examples The following command displays information for the notication "newNotication" only. isi events notifications list --name=newNotification The system displays output similar to the following example: Name: newNotification Type: smtp Recipients: user@company.com Categories: LEVELS EVENT TYPE IWCE SYS_DISK_EVENTS (100000000) Specific Event types: LEVELS EVENT TYPE IWCE SYS_DISK_VARFULL (100010001) IWCE SYS_DISK_VARCRASHFULL (100010002) IWCE SYS_DISK_ROOTFULL (100010003) IWCE SYS_DISK_SASPHYTOPO (100010005) IWCE SYS_DISK_SASPHYERRLOG (100010006) IWCE SYS_DISK_SASPHYBER (100010007) IWCE SYS_DISK_SASPHYDISABLED (100010008) IWCE SYS_DISK_IN_RESTRIPE (100010009) IWCE SYS_DISK_REMOVED (100010010) IWCE SYS_DISK_UNHEALTHY (100010011) IWCE SYS_DISK_STALL (100010012) IWCE SYS_DISK_ECC (100010013) IWCE SYS_DISK_ECC_LIST_FULL (100010014) IWCE SYS_DISK_POOLFULL (100010015) IWCE SYS_DISK_POOL_SSD_LAYOUTFAIL (100010016) IWCE SYS_DISK_WRONGTYPE (100010017) IWCE SYS_DISK_COALESCE (199990001)
110
--name=<Name> Required. Names the notication to be modied. --target-name=<string> Species a new name for this notication. --email=<email address> Species the new email addresses to send smtp event. Multiple addresses can be specied in a comma-separated list. --snmp=<SNMP Community>@<SNMP Host> Species the new SNMP communities and host names to send snmp event. Community and hostname must be connected by an @ symbol. Multiple entries can be specied in a comma-separated list. --add-all=<ID> Sends notices for specied events at all severity levels (info, warn, critical, emergency). --add-all=all sends notices for all events. Multiple events can be specied in a comma-separated list. --add-info=<ID> Sends notices for specied events at info severity. --add-info=all sends notices for all events at info. Multiple events can be specied in a comma-separated list. --add-warn=<ID> Sends notices for specied events at warn severity. --add-warn=all sends notices for all events at warn. Multiple events can be specied in a comma-separated list. --add-critical=<ID> Sends notices for specied events at critical severity. --add-critical=all sends notices for all events for critical. Multiple events can be specied in a comma-separated list. --add-emergency=<ID> Does not send notices for specied events at emergency severity. --add-emergency=all sends notices for all events at emergency. Multiple events can be specied in a comma-separated list. --delete-all=<ID> Does not send notices for specied events for any severity (info, warn, critical, emergency). --delete-all=all does not send notices for any events. Multiple events can be specied in a comma-separated list. --delete-info=<ID> Does not send notices for specied events at info severity. --delete-info=all does not send notices for any events at info. Multiple events can be specied in a comma-separated list. --delete-warn=<ID> Does not send notices for specied events at warn severity. --delete-warn=all does not send notices for any events at warn. Multiple events can be specied in a comma-separated list. --delete-critical=<ID>
111
Does not send notices for specied events for critical severity. --delete-critical=all does not send notices for any events at critical. Multiple events can be specied in a comma-separated list. --delete-emergency=<ID> Does not send notices for specied events for emergency severity. --delete-emergency=all does not send notices for any events at emergency. Multiple events can be specied in a comma-separated list. Examples The following command causes newNotication to no longer send notications for system disk events at warn severity: isi events notifications modify --name=newNotification --delete-warn=100000000
112
The system displays output similar to the following example: Send test event, instance ID = 1.147 Waiting for existence in master database Attempting to get a query object: Success. Looking for instance_id 1.147: Failed. Retry #1 Looking for instance_id 1.147: Success. Event arrived in 0.409611 seconds
113
Groups notication emails by specied value: This setting's <Value> argument must be one of the following: all: Sends one notication containing all events. severity: Sends separate emails for each event severity. category: Sends separate emails for each category of event. none: Sends separate emails for each event.
user_template Points to a le that species a custom template for notication emails. File must be in Tempita templating language. In the template, the following variables are valid: clustername: Cluster name company: User-entered string location: User-entered string primary_name: User-entered string primary_phone1: User-entered string primary_phone2: User-entered string primary_email: User-entered string secondary_name: User-entered string secondary_phone1: User-entered string secondary_phone2: User-entered string secondary_email: User-entered string clusterguid: Cluster's GUID sender_onefsversion: OneFS version string from sending node sender_serial: Serial number of sending node cluster_ip: Sender's external IP address webui_url: Cluster's Isilon web administration interface URL edict: Dictionary whose key is node lnn, and value is list of events. events: List of all events. Event objects have the following attributes: event_id: Event ID (for example: 100010001) devid: Device ID (cluster event is 0) instance_id: Instance ID coalesce_instanceid: Coalescing event's instance ID (none if not coalesced) start_time: Date string end_time: Date string lnn: Logical node number severity: Event severity as string value: Value associated with this event message: Event message kb_url: URL of knowledge base article for this event type
nodes: List of node description objects. Node description objects have the following attributes: lnn: Logical node number devid: Device ID onefsversion: Version of OneFS serial: Node serial number
114
Attachment objects have the following attributes: filename: Name of le contents: Contents of le
max_email_size Species the maximum size of an email notication. If the notication is larger than the specied size, the email is truncated. This setting's <Value> argument must be specied in the following form: <positive_number>[{b|kb|mb|gb}]. Note: The <Value> argument must be less than 2GB. --value=<Value>, -v=<Value> Required. Species the new value for the named setting. Examples To set the maximum email size to 1GB, run the following command: isi events settings set max_email_size 1GB To send separate events for each severity type, run the following command: isi events settings set batch_mode severity
115
The system displays output similar to the following example: 1.7 200010001 critical 0.0 Node 3 is offline All Wed Apr 20 03:39:31 2011 - Wed Apr 20 03:42:33 2011 Not quieted devid: 3 lnn: 3 val: 0.0 Coalesced by: -ID: Type: Severity: Value: Message: Node: Lifetime: Quieted: Specifiers:
isi fc disable
The isi fc disable command disables bre channel ports. Syntax isi fc disable [--port=]<Port> Options --port=<Port>, -p=<Port> Required. Species the port to disable. Examples The following command disables port 4:1: isi fc disable 4:1
116
isi fc enable
The isi fc enable command enables bre channel ports. Syntax isi fc enable [--port=]<Port> Options --port=<Port>, -p=<Port> Required. Species the port to enable. Examples The following command enables port 4:1: isi fc enable 4:1
isi fc list
The isi fc list command displays a list of bre channel ports. Syntax isi fc list [--port=]<Port> [--node=<lnn>] Options If no options are specied, all ports for all nodes are displayed. --port=<Port>, -p=<Port> Species a particular port to display. If this option is omitted, all ports are displayed. --node=<lnn> Displays a list of all ports on the specied node only. If this option is omitted, ports are displayed for all nodes. Examples To view a list of existing bre channel ports, run the following command: isi fc list The system displays output similar to the following example: Port 4:1 4:2 4:3 4:4 WWNN 1100001examples1 1100001exampl3s1 1100001examp1es1 11000013xamples1 WWPN 1101001examples1 1102001exampl3s1 1103001examp1es1 11040013xamples1 State Topology enabled auto enabled auto enabled auto enabled auto Rate auto auto auto auto
117
isi fc set
The isi fc set command congures bre channel port settings. Syntax isi fc set [--port=]<Port> [--wwnn=<wwn>] [--wwpn=<wwn>] [--topology=<topology>] [--rate=<rate>] Options --port=<Port> Required. Species the name of the port to be congured. --wwnn=<wwn> Species the world wide node name. --wwpn=<wwn> Species the world wide port name. --topology=<topology> Species the topology. The following values are valid: auto loop ptp
--rate=<rate> Species the rate. The following values are valid: Examples The following command sets the world wide node name of port 4:1 to 1100001examples1: isi fc set --port=4:1 --wwnn=1100001examples1 auto 1 2 4
118
--diskless, -D Displays information only on diskless nodes. --storage, -S Displays information only on storage nodes. --include-nodes=<nodes>, -n<nodes> Displays information only on the specied nodes. --exclude-nodes=<nodes>, -x<nodes> Displays information on all nodes except those specied.
119
--verbose Displays detailed information. --save Save local status output to /etc/ifs/firmware_versions. Examples To view the status of all rmware, run the following command: isi firmware status The system displays output similar to the following example: Device -- -----------------------3ware Lsi Mellanox Mellanox Type --------DiskCtrl DiskCtrl Network Network Firmware --------------------------------------FE8S 1.05.00.068 6.12.00.00+01.18.06.00+1.16+0.97c <Unknown>+MT_0000000001 3.3.2 Nodes 2 1 1 2
The following example displays information on all nodes except node 2: isi firmware status --exclude-nodes=2 The system displays output similar to the following example: Device -- -----------------------3ware Lsi Mellanox Mellanox Type --------DiskCtrl DiskCtrl Network Network Firmware --------------------------------------FE8S 1.00.00.068 6.11.00.00+01.17.04.00+1.26+0.95c <Unknown>+MT_0000000001 3.2.2 Nodes 3 1 1 3
120
Updates only storage nodes. --include-nodes=<nodes>, -n<nodes> Updates the specied nodes. --exclude-nodes=<nodes>, -x<nodes> Excludes the specied nodes from update. --include-device=<device>, -d<device> Updates the specied device. --exclude-device=<device> Excludes the specied device from update. --include-type=<type>, -t<type> Updates the specied device type. --exclude-type=<type> Excludes the specied device type from update. --force, -f Forces upgrade. --verbose Displays detailed output. Examples To update only the local node, run the following command: isi firmware update --local
121
122
123
OneFS Command Reference Options If no options are specied, displays whether commands that change the le system are permitted. --value=<Value>, -v=<Value> Controls whether any of the following commands are allowed: STOR DELE RNFR RNTO MKD RMD APPE SITE Valid values are YES and NO. The default value is YES Examples To disable commands that change the le system, run the following command: isi ftp allow-writes --value=NO
124
OneFS Command Reference Options There are no options for this command. Examples To display a list of anonymous user passwords, run the following command: isi ftp anon-password-list The system displays output similar to the following example: anon-password-list: 1234 password
125
isi ftp anon-password-list remove --value=1234 The system displays output similar to the following example: anon-password-list: removed password '1234' from list
126
OneFS Command Reference Examples The following command sets the umask for le creation by anonymous users to 066: isi ftp anon-umask 066 The system displays output similar to the following example: anon-umask: 077 -> 066
127
OneFS Command Reference Options There are no options for this command. Examples To view a list of local user chroot exceptions, run the following command: isi ftp chroot-exception-list The system displays output similar to the following example: chroot-exception-list: user1 user2 user3
128
The system displays output similar to the following example: chroot-exception-list: removed user 'newUser' from list
129
130
131
132
133
OneFS Command Reference Examples To set the octal permission number to 0777, run the following command: isi ftp file-create-perm --value=0777 The system displays output similar to the following example: file-create-perm: 0666 -> 0777
limit-anon-passwords anon-password-list
134
chroot-local-mode chroot-exception-list
135
Species the umask for le creation by local users. Valid values are octal umask numbers. The default value is 077. Note: Value must contain the '0' prex, otherwise the value will be treated as a base 10 integer. Examples The following comand sets the local user le creation umask to "066": isi ftp local-umask --value=066 The system displays output similar to the following example: local-umask: 077 -> 066
136
--value=<Value>, -v=<Value> Species the maximum time (in seconds) that a remote client may spend netween FTP commands before the remote client is kicked off. Valid values are integers between 30 and 600. The default is 300. Examples To set the timeout to one minute, run the following command: isi ftp session-timeout --value=60 The system displays output similar to the following example: session-timeout: 300 -> 60
isi_gather_info
The isi_gather_info command sends information on a cluster to Isilon support. Syntax isi_gather_info [--user=<User>] [--password=<Password>] [--version] [--list] [--include=<Utilities>] [--incremental] [-f<Filename>] [--nodes=<Nodes>] [--local-only] [--skip-node-check] [-s <Gather_Script>] [-S <Gather_Expr>] [-1 <Gather_Expr>] [-a <Analysis_Script>] [-A <Analysis_Expr>] [-t<Tarfile>] [-x exclude_tool] [--ifs]
137
OneFS Command Reference [--local] [-T<Tempdir>] [--tardir <dir>] [--symlinkdir <dir>] [--varlog_recent] [--varlog_all] [--nologs] [--group <name>] [--noconfig] [--save-only] [--save] [--upload] [--noupload] [--re-upload <File>] [--verify-upload] [--http] [--nohttp] [--http-host<Host>] [--http-path<Dir>] [--http-proxy<Host>] [--http-proxy-port<Port>] [--ftp] [--noftp] [--ftp-user<User>] [--ftp-pass<Pass>] [--ftp-host<Host>] [--ftp-path<Dir>] [--ftp-proxy<Host>] [--ftp-proxy-port<Port>] [--ftp-mode<Mode>] [--email] [--noemail] [--email-addresses <Addresses>] [--email-subject <string>] [--email-body <string>] [--skip-size-check] Options If no options are specied, the default set of logs are uploaded to Isilon support via FTP. --user=<User>, -u<User> Logs in as specied user. Default user is root. --password=<Password>, -p<password> Species password. --version, -v Displays information on the version of isi_gather_info. --list, -l Displays a list of utilities and groups which can be included by using the -I and --group options. --include=<Utilities>, -i<Utilities> Includes only the specied utilities. To view a list of valid values, run isi_gather_info -l (lowercase L). Multiple utilities can be specied by using multiple instances of this option (for example: isi_gather_info -ivarlog_recent -iiostat). If you want to include all utilities, specify all. --incremental Gathers only the logs that have changed since the last log upload. -f<Path> Gathers les on specied <Path> from each node. Multiple les can be specied by using multiple instances of this option (for example: isi_gather_info -f/ifs/home/file1.txt -f/ifs/home/file2.txt) --nodes=<Nodes>, -n<Nodes> Gather information only from the specied nodes. If no nodes are explicitly listed, the entire array is used. Nodes are automatically excluded if they are down. Must be in form of a list or range of LNNs, for example: 1,4-10,12,14. --local-only Excludes information from other nodes. --skip-node-check Does not check for node availability. -s <Gather_Script> Species the path of the gather script to run on every node. Multiple instances of this option are allowed. -S <Gather_Expr> Species the path of the gather expression to run on every node. Multiple instances of this option are allowed.
138
-1 <Gather_Expr> Species the path of the gather expression to run on the local node. Multiple instances of this option are allowed. -a <Analysis_Script> Species the path of the analysis script to run on the results. -A <Analysis_Expr> Species the path of the analysis expression to run on every node. -t<Tarle> Save all results to the specied <Tarle> instead of the default tar le. -x <Exclude Tool> Does not gather the specied tool from each node. --ifs, -I Saves results to IFS (default). --local, -L Saves all results to local storage: /var/crash/support. The default temporary directory is /ifs/data/Isilon_Support/. -T <Tempdir> Saves all results to <Tempdir> instead of the default dir. This option overrides -L and -I. The default temporary directory is /ifs/data/Isilon_Support/. --tardir <dir> Places the results directly into <dir>. --symlinkdir <dir> Creates a symbolic link to the results in <dir>. --varlog_recent Gathers all logs in /var/log, except for compressed and rotated old logs. --varlog_all Gathers all logs in /var/log, including compressed and rotated old logs. This is the default setting. --nologs Does not gather any logs. --group <name> Adds the specied group of utilities to the tarball. To view a list of valid values, run isi_gather_info -l (lowercase L). Multiple groups can be specied by using multiple parameters. For example: isi_gather_info --group logs --group messages. --nocong Uses built-in default congurations and bypasses the conguration le. --save-only Saves the specied conguration to le and does not run isi_gather_info. Conguration includes settings for all --http, --email and --ftp parameters (except --ftp-mode). Conguration also includes whether --upload, --noupload, or --incremental are set. --save Saves the command-line specied conguration to le and runs isi_gather_info. Conguration includes settings for all --http, --email and --ftp parameters (except --ftp-mode). Conguration also includes whether --upload, --noupload, or --incremental are set.
139
--upload Uploads logs to Isilon support. This is the default setting. --noupload Does not upload logs to Isilon support. --re-upload <File> Re-uploads the specied le. --verify-upload Creates a tar le and uploads it to test connectivity. --http Attempts HTTP upload. This is the default setting. --nohttp Does not attempt HTTP upload. --http-host <Host> Species an alternate HTTP site for upload. --http-path <Dir> Species an alternate HTTP upload directory. --http-proxy <Host> Species a proxy server to use. --http-proxy-port <Port> Species a proxy port to use. -- ftp Attempts FTP upload. This is the default setting --noftp Does not attempt FTP upload. --ftp-user <User> Species an alternate user for FTP. The default is anonymous. --ftp-pass <Pass> Species an alternate password for FTP. --ftp-host <Host> Species an alternate FTP site for upload. --ftp-path <Dir> Species an alternate FTP upload directory. --ftp-proxy <Host> Species a proxy server to use. --ftp-proxy-port <Port> Species proxy port to use. --ftp-mode <Mode> Species the mode of FTP le transfer. The following values are valid: active both passive
140
The default value is both. --email Attempts SMTP upload. If set, SMTP is tried rst. --noemail Does not attempt SMTP upload. This is the default setting. --email-addresses <Addresses> Species email addresses. Multiple email addresses can be specied in a comma-separated list. --email-subject <string> Species an alternative email subject. --email-body <string> Species an alternative email text that is shown at the head of the body. --skip-size-check Note: Skipping the size check for exceptionally large emails could cause problems. Does not check the size of gathered le. Examples The following command sends information on log utilities to Isilon support: isi_gather_info --group logs The following command sends information on the /ifs/home directory on nodes 1, 5, 6 and 7 to Isilon support and saves a copy of that upload in local storage: isi_gather_info -f/ifs/home --nodes=1,5-7 -L
isi get
The isi get command displays information about a set of les, including their protection policy, current protection level, and whether write-coalescing is on or off. Protection policies appear in one of three colors: green, yellow, or red. Green corresponds to full protection. Yellow corresponds to degraded protection under a mirroring policy. Red corresponds to a loss of one or more data blocks under a parity policy. To display protection policies using words, specify -s option. Syntax Note: Optional parameters must be specied before <Path> or -L <LIN>. isi get {[-a] [-d] [-g] [-s] [-D[D[C]]] [-R] <Path> | [-g] [-s] [-D[D[C]]] [-D] [-R] -L <LIN>} Options You must specify either a valid path or Logical Inode Number using either <Path> or -L <LIN>, respectively. -a Displays the hidden '.' and '..' entries of each directory. -d Displays the attributes of a directory itself instead of its contents.
141
-g Displays detailed information, including snapshot governance lists. -s Displays the protection status using words instead of colors. -D Displays detailed information. -DD Includes information on protection groups and security descriptor owners and groups. -DDC Includes cyclic redundancy check (CRC) information. -R Displays information on the subdirectories and les of the specied directories. <path> Required. Species the path of the le or directory to display information on. -L <LIN> Converts specied LIN to a valid path. Examples The following command displays information on ifs/home/ and all of its subdirectories. isi get -R /ifs/home The system displays output similar to the following example: POLICY default default default default default default LEVEL 4x/2 8x/3 4x/2 4x/2 4x/2 4x/2 PERFORMANCE concurrency concurrency concurrency concurrency concurrency concurrency COAL on on on on on on FILE ./ ../ admin/ ftp/ newUser1/ newUser2/ .zshrc incoming/ pub/
/ifs/home/admin: default 4+2/2 concurrency on /ifs/home/ftp: default 4x/2 concurrency on default 4x/2 concurrency on /ifs/home/ftp/incoming: /ifs/home/ftp/pub: /ifs/home/newUser1: default 4+2/2 concurrency default 4+2/2 concurrency default 4+2/2 concurrency default 4+2/2 concurrency default 4+2/2 concurrency default 4+2/2 concurrency default 4+2/2 concurrency default 4+2/2 concurrency default 4+2/2 concurrency /ifs/home/newUser2: on on on on on on on on on
142
on on on on on on on on on
The following command converts the LIN of 1:0000:002a isi get -L 1:0000:002a The system displays output similar to the following example: A valid path for LIN 0x10000002a is /ifs/home/newUser2
Syntax isi iscsi isns discover [--target=<TargetName>] Options If no options are specied, the system displays the initiators that are available to each target on the system. --target=<TargetName>, -t=<TargetName> Displays initiators for the specied target.
143
OneFS Command Reference Examples To view the initiators that are available for all targets, run the following command: isi iscsi isns discover The following command lists the initiators that are available for a target named linux1: isi iscsi isns discover --target=linux1
144
OneFS Command Reference Options There are no options for this command. Examples To view the connection status and congured IP address for the iSNS server, run the following command: isi iscsi isns status
To view detailed information about each current iSCSI session, run the following command: isi iscsi list --verbose The system displays output similar to the following example: Initiator Target Connected to node Initiator IP Target IP Session duration Throughput : : : : : : : : Current : Session lifetime : iqn.1991-05.com.microsoft:user.domain.company.com target1 1 127.0.0.1:56748 1.23.45.6 7M 6S in / out / total ---------------------------------------0 b / 0 b / 0 b (bits/sec) 0 B / 0 B / 0 B (Bytes)
This output indicates that a Microsoft initiator is connected to a target named target1 on node 1 of the cluster.
145
146
OneFS Command Reference Examples To view a list of SmartConnect pools on the cluster, run the following command: isi iscsi pool list
147
Species the number of most recent job events to display. Valid <Number> values include any positive integer. 10 is the default value. To display all events, specify 0. --no-headers, -H Hides the Time, Job, and Event headers in the system output. --verbose, -v Displays event summary information such as elapsed time and errors encountered. Examples To display the 20 most recent job events, run the following command: isi job history --limit=20 The system displays text similar to the following example output: Job events: Time --------------06/17 22:18:12 06/18 09:11:06 06/18 09:11:47 06/18 09:11:48 06/18 09:11:53 06/18 09:11:54 06/18 09:11:58 06/18 09:11:58 06/18 09:59:05 06/18 09:59:05 06/18 09:59:05 06/18 09:59:14 06/18 09:59:15 06/18 09:59:20 06/18 09:59:20 06/18 10:10:38 06/18 10:10:38 06/18 10:10:38 06/18 10:10:38 06/18 10:10:38 Job ----------------------SnapshotDelete[10] MultiScan[11] MultiScan[11] MultiScan[11] MultiScan[11] MultiScan[11] MultiScan[11] MultiScan[11] FSAnalyze[12] FSAnalyze[12] FSAnalyze[12] FSAnalyze[12] FSAnalyze[12] FSAnalyze[12] FSAnalyze[12] SnapshotDelete[13] SnapshotDelete[13] SnapshotDelete[13] SnapshotDelete[13] SnapshotDelete[13] Event -----------------------------Succeeded Waiting Running phase 1 fs_lin begin phase 1 fs_lin end phase 2 fs_sweep begin phase 2 fs_sweep end Succeeded Waiting Running phase 1 fsa begin phase 1 fsa end phase 2 fsa_merge begin phase 2 fsa_merge end Succeeded Waiting Running phase 1 sdl begin phase 1 sdl end Succeeded
To display the event history for job 13 of the previous example, and include additional event summary information, run the following command: isi job history --job=13 --verbose The system displays text similar to the following example output: Job events: Time Job --------------- ----------------------06/18 10:10:38 SnapshotDelete[13] 06/18 10:10:38 SnapshotDelete[13] 06/18 10:10:38 SnapshotDelete[13] 06/18 10:10:38 SnapshotDelete[13] Elapsed time: LINs deleted: Snapshots deleted: Errors: 06/18 10:10:38 SnapshotDelete[13] Event -----------------------------Waiting Running phase 1 sdl begin phase 1 sdl end 0 seconds 36/36 1/1 0 Succeeded
148
149
unavailability. FlexProtect: Reprotect the file system. FSAnalyze: Gather file system analytics data. IntegrityScan: Verify file system integrity. MediaScan: Scrub disks for media-level errors. MultiScan: Runs Collect and AutoBalance jobs concurrently. PermissionRepair: Correct permissions of files and directories in /ifs QuotaScan: Update quota accounting for domains created on an existing file tree. SetProtectPlus: Applies default file policy if SmartPools is not licensed. SmartPools: Enforces SmartPools file policies. SnapshotDelete: Free space associated with deleted snapshots. TreeDelete: Delete a path in /ifs.
150
151
sample_policy
152
OneFS Command Reference Syntax isi job policy modify --policy=<PolicyName> --start=<Time> --end=<Time> --impact=<ImpactLevel> Options --policy=<PolicyName>, -o=<PolicyName> Required. Species the job impact policy to modify. <PolicyName> must be a valid impact policy name. Note: LOW, MEDIUM, HIGH, and OFF_HOURS are reserved impact policies and cannot be modied. --start=<Time>, -s=<Time> Required. Species the start time for the impact interval. Valid Time values are in the form of <Day>,HH:MM. <Day> can be the full name or three-letter abbreviation for the day of the week. HH is the hour of the day (0-24), and MM is the minute (0-59). Example: Sat,0:00. --end=<Time>, -e=<Time> Required. Species the end time for the impact interval. Valid Time values are in the form of <Day>,HH:MM. <Day> can be the full name or three-letter abbreviation for the day of the week. HH is the hour of the day (0-24), and MM is the minute (0-59). Example: Sat,23:59. --impact=<ImpactLevel>, -i=<ImpactLevel> Required. Species the impact level to use for the duration of the impact interval. The following values are valid: Examples The following command adds a medium impact level for a 24-hour interval beginning midnight Sunday to an existing policy named testpolicy: isi job policy modify --policy=testpolicy --start=Sun,0:00 --end=Mon,11:59 --impact=medium Note: You can verify that a policy was correctly modied by running the isi job policy list command. Paused: Do not use cluster resources. Low: Use 10% or less of cluster resources. Medium: Use 30% or less of cluster resources. High: Use unlimited cluster resources.
153
Note: You can view a list of available jobs and their current default job policies by running the isi job list command. --policy=<PolicyName>, -o=<PolicyName> Required. Species the impact policy to set for the job. <PolicyName> must match a congured job policy. Note: You can view a list of congured job policies by running the isi job policy list command. Examples The following command congures the Autobalance job to use the MEDIUM impact policy by default: isi job policy --job=autobalance --policy=medium Note: You can override a paused or running job's default impact policy by running the isi job update command.
154
155
<Frequency> is optional and can take either of the following forms, using the 12-hour (am/pm) or 24-hour clock. If not specied, the default frequency is at 0:00. at {<Hr>[:<Min>]} every [<Number>] {hours|minutes} [from {<Hr>[:<Min]} to {<Hr>[:<Min]}]
Examples The following command schedules the FSAnalyze job to run every day at 10 pm: isi job schedule set fsanalyze --when="every day at 10pm" The following command schedules the MediaScan job to run once every Monday, Wednesday, and Friday: isi job schedule set mediascan --when="every week on mon, wed, fri" The job will run at 0:00, which is the default time of day. The following command schedules the SmartPools job to run on the 15th day of the month: isi job schedule set smartpools --when="the 15th every month"
156
Syntax isi job start [--job=]{autobalance|avscan|collect|flexprotect|fsanalyze| integrityscan|mediascan|multiscan|quotascan|setprotectplus|smartpools| snapshotdelete|treedelete --path=<IFS-Directory>} [--nodup] [--policy=<PolicyName>] [--priority={1:10}] isi job start [--job=]permissionrepair --path=<IFS-Directory> --mode={convert|inherit --template=<IFS-Path>|clone --template=<IFS-Path>} [--type={system|sid|unix|native}] [--nodup] [--policy=<PolicyName>] [--priority={1:10}] Options The --path option is required for TreeDelete and PermissionRepair jobs and does not apply to other jobs. The --mode option is required for PermissionRepair jobs and does not apply to other jobs. The --type and --template options apply only to PermissionRepair jobs. --job=<Job>, -j<Job> Required. Species the name of the job to start. --path=<IFS-Directory> Required if starting a TreeDelete or PermissionRepair job. Does not apply to other jobs. Species the path to delete or repair permissions to. --mode={clone|inherit|convert} Required for PermissionRepair jobs. Does not apply to other jobs. Species the mode (clone, inherit, or convert). If you choose clone or inherit mode, you must also specify the --template option. --template=<IFS-Path> Required only if starting the PermissionRepair job in clone or inherit mode. Species the template le or directory. --type={system|native|sid|unix} Available only when starting PermissionRepair jobs. Species the type for the PermissionRepair job. --priority={1:10}, -p{1:10} Sets the priority level for the specied job. Valid values are 1 (highest; no other job can interrupt this job) through 10 (lowest; any job can interrupt this job). Note: Level 1 priority is reserved for FlexProtect and IntegrityScan jobs only. --policy=<PolicyName>, -o<PolicyName> Species the job impact policy to use. --nodup, -n Avoids starting a new job if an instance already exists.
157
OneFS Command Reference Examples To start the SmartPools job using its default job settings, run the following command: isi job start --job=smartpools The system displays a status message and job instance ID, similar to the following output: Added job [32] The following command deletes the /ifs/data/old directory and all of its subdirectories, using a low priority level of 8: isi job start --job=treedelete --path=/ifs/data/old --priority=8 The following command repairs the permissions on the /ifs/data/alpha directory by cloning the permissions from /ifs/data/beta: isi job start --job=permissionrepair --path=/ifs/data/alpha --mode=clone --template=/ifs/data/beta
Paused and waiting jobs: Job Impact Pri Policy Phase Run Time State ------------------------- ------ --- --------- ----- ---------- ----------FSAnalyze[67] Low 6 LOW 1/2 0:00:05 User Paused Progress: Started No failed jobs. Recent job results: Time Job Event --------------- -------------------------- -------------------07/03 22:15:05 SnapshotDelete[59] Succeeded
158
This output indicates that the SmartPools job (job ID 68) is currently running, the FSAnalyze job (job ID 67) was manually paused 5 seconds after it started, there are no recently failed jobs, and several recent jobs have run successfully. Note: If the cluster contains down nodes or read-only nodes or drives, the following notication message displays at the beginning of the output: The cluster has down or read-only nodes or drives which may prevent jobs from running.
159
160
161
OneFS Command Reference Options --name=<SourceTarget>:<LUN> Required. Species the name of the source logical unit. Valid names include the name of the source target where the logical unit is located and its logical unit number (LUN), separated by a colon (for example, mytarget:0). --clone=<DestTarget>:<LUN> Required. Species a name for the clone logical unit. You must specify a different target, a new LUN, or both. The LUN must be an integer in the range 0-255, and must be unique for the destination target. --type=<LUN-type> Species the LUN type. The following values are valid: normal snapshot shadow
The default LUN type is normal. --comment=<QuotedString> Modies the description for the logical unit. If the comment contains spaces, it must be enclosed in quotation marks. --path=<IFSDirectory> Species a default path, starting at the /ifs directory, where LUN directories will be created. This setting overrides any default LUN directory paths that are congured for individual targets. --access-pattern=<Pattern>, -l=<Pattern> Species the I/O optimization settings for the logical unit. The following values are valid: random streaming concurrency custom{1-5} Note: The custom setting is intended for Isilon Technical Support use only. --online=<Boolean> Sets the logical unit's state to online (1) or ofine (0). The LUN is online by default. --smart-cache=<Boolean> Enables (1) or disables (0) SmartCache for the LUN. The default setting is inherited from the source.
! Caution: Although enabling SmartCache can improve performance, it can also lead to
data loss if a node loses power or crashes while uncommitted data is in the write cache. This can cause inconsistencies in any le system that is laid out on the LUN, rendering the le system unusable.
--read-only=<Boolean> Species the write access setting for the LUN. Specifying 1 sets the access to read-only. Specifying 0 sets the access to read/write. Examples The following command creates a shadow clone LUN named mytarget:11 from a source LUN named mytarget:10.
162
isi lun clone --name=mytarget:10 --clone=mytarget:11 --type=shadow The following command creates a normal clone LUN named newtarget:0 from a source LUN named oldtarget:10, and species a new LUN directory path of /ifs/clones/: isi lun clone --name=oldtarget:10 --clone=newtarget:0 --type=normal --path=/ifs/clones/
163
Sets the logical unit state to online (1) or ofine (0). The default value is 1. --smart-cache=<Boolean> Enables (1) or disables (0) SmartCache. SmartCache is disabled by default.
! Caution: Although enabling SmartCache can improve performance, it can also lead to
data loss if a node loses power or crashes while uncommitted data is in the write cache. This can cause inconsistencies in any le system that is laid out on the LUN, rendering the le system unusable.
--read-only=<Boolean> Sets the write access for the logical unit. Specifying 1 sets the access to read-only. Specifying 0 sets the access to read/write. Read/write access is the default setting. --thin=<Boolean> Enables (1) or disables (0) thin provisioning. Thin provisioning keeps blocks unallocated until they are written. Thin provisioning is enabled by default. --diskpool=<DiskPool> Adds the logical unit to the specied disk pool. If not specied, logical units are allocated randomly to any available disk pool. Examples The following command creates a logical unit in a target named test1 with a LUN value of 0 and a capacity of 50 GB: isi lun create --name=test1:0 --size=50GB The following command creates a logical unit in the target test1 with a LUN value of 1 and capacity of 50 GB, and pre-allocates the required space: isi lun create --name=test1:1 --size=50GB --thin=0 The following command creates a logical unit in a target named test1 with a LUN value of 2 and capacity of 50 GB, and species /ifs/test1luns as its default LUN directory: isi lun create --name=test1:3 --size=50GB --path=/ifs/test1luns
164
OneFS Command Reference Examples The following command deletes a logical unit named mytarget:50. isi lun delete --name=mytarget:50 Because the --force option is not specied, this example produces the following prompt: !! Are you sure you want to delete LUN 50? (yes, y, no, [n]) To conrm the deletion, you must type y and then press ENTER. The following command deletes a logical unit named mytarget:2 without producing a conrmation prompt: isi lun delete --name=mytarget:2 --force
165
OneFS Command Reference Examples The following command displays information about a logical unit named test:56. isi lun list --name=test:56
166
! Caution: Although enabling SmartCache can improve performance, it can also lead to
data loss if a node loses power or crashes while uncommitted data is in the write cache. This can cause inconsistencies in any le system that is laid out on the LUN, rendering the le system unusable.
--diskpool=<DiskPool> Adds the logical unit to the specied disk pool. Examples The following command increases the capacity of a logical unit named test1:0 to 60 GB. isi lun modify --name=test1:0 --size=60GB The following command sets the write access to read-only and enables write caching for a logical unit named test1:3. isi lun modify --name=test1:3 --read-only=1 --smart-cache=1
167
168
OneFS Command Reference Options --session=<Session>, -s=<Session> Required. Species the ID of the session to terminate. Examples The following command terminates session 4.34729: isi ndmp kill 4.34729
169
OneFS Command Reference Examples The following command displays diagnostic information for session 4.34729: isi ndmp probe 4.34729 For a backup session, the system displays output similar to the following example: Session 4.34729 probe data ================================ Session ID Protocol version Session unique id DMA interface DMA address SCSI device TAPE device Open mode Session PID Session update interval TAPE Device path Given device name Given unit number Device name Device unit number Controller name Controller unit number Bus id Peripheral device Port Number Target Current File Number Current Block Number File descriptor Pass through device name LUN Block size Record count Tape open mode Writing MOVER Data Interface State Mode Pause reason Halt reason Data written Bytes written this window Seek position Bytes left to read Window offset Window length Is new mover window set Position Record size Record number Listen socket Socket Read index Write index Last bytes xfered : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : :
: : : : : : : : : :
34729 4 1 10.25.75.133 10.25.78.26 tape005 2 40458 5 /dev/fc/tape005.pass 0 pass 41 isp 0 0 1 3 2 0 0 8 tape005.pass 0 0 5362 NDMP_TAPE_RDWR_MODE 0 0.0.0.0 ACTIVE READ NDMP_MOVER_PAUSE_NA NDMP_MOVER_HALT_NA 345913344 345913344 0 0 0 18446744073709551615 1 0 64512 5362 -1 -1 0 50688 312496128
170
DATA Interface Last bytes xfered Operation State Halt reason Abort flag IO ready Socket Listen socket Read offset Read length Bytes left to read Position Discard length Backup environment FILESYSTEM : /ifs/data/perf/0/1k/ HIST : n VERBOSE : N LEVEL : 0 UPDATE : Y RECURSIVE : Y Nlist PERFWATCH Timers (sec.msec.usec) mover write latency samples : 512 total : 008.394.410 high : 000.000.729 low : 000.000.299 average : 000.000.386 ifs readdirplus samples : 512 total : 021.842.202 high : 000.182.012 low : 000.001.315 average : 000.004.458 visitor wait samples : 0 ifs read samples : 0 reader wait samples : 0 tape write samples : 0 tape write turnaround (time between 2 writes) samples : 0 tape write wait (part of write turn around) samples : 0 writer update treewalk (part of write turn around) samples : 0 writer get work (part of write turn around) samples : 0 writer get buffer (part of write turn around) samples : 0 writer get lock (part of write turn around) samples : 0 writer release lock (part of write turn around) samples : 0 : : : : : : : : : : : : : : 0.0.0.0 312496128 1 1 0 0 0 -1 -1 0 0 0 0 0
171
writer wake reader (part of write turn around) samples : 0 writer mem free (part of write turn around) samples : 0 file history (part of write turn around) samples : 0 Counters treewalk asleep count value : 11 treewalk rdplus page count value : 2 treewalk memory in rdplus pages value : 24888 treewalk memory in entries value : 23368 treewalk memory in directories value : 532 readers asleep count value : 0 readers starved count value : 129286 writer starve count value : 107755 Memory used by work entries value : 5888 Memory used by io buffers value : 83872 File Transfer Status ------------------aborted : 0 wq_count : 46 rq_count : 0 pending_bytes : 100352 rwork_pending : 0 files_open : 23 bytes read : 346035712 bytes written : 345964032 max_files_open : 40 sleeping_visitor : 0 sleeping_readers : 12 sleeping_writer : 1 Contents of Read Queue ---------------------Contents of Write Queue ----------------------f92901:0 - buffer_count :4 (0,1,2,3) read done f124481:0 - buffer_count :4 (0,1,2,3) read done f180412:0 - buffer_count :4 (0,1,2,3) read done f73413:0 - buffer_count :4 (0,1,2,3) read done f98469:0 - buffer_count :4 (0,1,2,3) read done f109459:0 - buffer_count :3 (0,1,2,) reading f157519:0 - buffer_count :3 (0,1,2,) reading f18618:0 - buffer_count :4 (0,1,2,3) read done f78670:0 - buffer_count :4 (0,1,2,3) read done f24626:0 - buffer_count :4 (0,1,2,3) read done f119319:0 - buffer_count :4 (0,1,2,3) read done f99730:0 - buffer_count :3 (0,1,2,) reading f147278:0 - buffer_count :3 (0,1,2,) reading f168483:0 - buffer_count :4 (0,1,2,3) read done f160253:0 - buffer_count :3 (0,1,2,) reading f108736:0 - buffer_count :3 (0,1,2,) reading f161886:0 - buffer_count :4 (0,1,2,3) read done f5292:0 - buffer_count :4 (0,1,2,3) read done
172
f335:0 - buffer_count :3 (0,1,2,) reading f93638:0 - buffer_count :4 (0,1,2,3) read done f43587:0 - buffer_count :3 (0,1,2,) reading f154674:0 - buffer_count :4 (0,1,2,3) read done f63357:0 - buffer_count :4 (0,1,2,3) read done f143455:0 - buffer_count :4 (0,1,2,3) read done f132237:0 - buffer_count :3 (0,1,2,) reading f191327:0 - buffer_count :3 (0,1,2,) reading f148376:0 - buffer_count :3 (0,1,2,) reading f15166:0 - buffer_count :4 (0,1,2,3) read done f186527:0 - buffer_count :4 (0,1,2,3) read done f113402:0 - buffer_count :3 (0,1,2,) reading f164867:0 - buffer_count :3 (0,1,2,) reading f91154:0 - buffer_count :4 (0,1,2,3) read done f172411:0 - buffer_count :0 () reading f37367:0 - buffer_count :0 () reading f56975:0 - buffer_count :0 () reading f12647:0 - buffer_count :0 () reading f111490:0 - buffer_count :0 () reading f35399:0 - buffer_count :0 () reading f71888:0 - buffer_count :3 (0,1,2,) reading f75615:0 - buffer_count :3 (0,1,2,) reading f39343:0 - buffer_count :0 () reading f156171:0 - buffer_count :0 () reading f66419:0 - buffer_count :0 () reading f64905:0 - buffer_count :0 () reading f157319:0 - buffer_count :0 () reading f118697:0 - buffer_count :0 () reading Treewalk Status -------------aborted : 0 done : 0 tcount : 0 dirs_open : 1 max_dirs_open : 1 level : 0 total bytes : 143321402 total files : 135189 outstanding bytes : 48128 outstanding files : 47 Memory Allocations ================== Total Outstanding: 0 Max Used: 0 Average Used: 0 List of unfreed memory ====================== Timers (sec.msec.usec) mover write latency samples : 0 ifs readdirplus samples : 0 visitor wait samples : 0 ifs read samples : 0 reader wait samples : 0 tape write samples : 0 tape write turnaround (time between 2 writes) samples : 0 tape write wait (part of write turn around)
173
samples : 0 writer update treewalk (part of write turn around) samples : 0 writer get work (part of write turn around) samples : 0 writer get buffer (part of write turn around) samples : 0 writer get lock (part of write turn around) samples : 0 writer release lock (part of write turn around) samples : 0 writer wake reader (part of write turn around) samples : 0 writer mem free (part of write turn around) samples : 0 file history (part of write turn around) samples : 0 Counters treewalk asleep count value : 11 treewalk rdplus page count value : 2 treewalk memory in rdplus pages value : 24888 treewalk memory in entries value : 26416 treewalk memory in directories value : 532 readers asleep count value : 0 readers starved count value : 129299 writer starve count value : 107759 Memory used by work entries value : 6656 Memory used by io buffers value : 120336 For a dataset session, the system displays output similar to the following example: Session 4.34729 probe data ================================ Session ID Protocol version Session unique id DMA interface DMA address SCSI device TAPE device Open mode Session PID Session update interval TAPE Device path Given device name Given unit number Device name Device unit number Controller name Controller unit number : : : : : : :
: : : : : : : : : :
174
Bus id Peripheral device Port Number Target Current File Number Current Block Number File descriptor Pass through device name LUN Block size Record count Tape open mode Writing MOVER Data Interface State Mode Pause reason Halt reason Data written Bytes written this window Seek position Bytes left to read Window offset Window length Is new mover window set Position Record size Record number Listen socket Socket Read index Write index Last bytes xfered DATA Interface Last bytes xfered Operation State Halt reason Abort flag IO ready Socket Listen socket Read offset Read length Bytes left to read Position Discard length Backup environment HIST : n VERBOSE : N DIRECT : N Nlist Original path Destination directory Name Other name
: : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : :
0 1 3 2 0 0 8 tape005.pass 0 0 553 NDMP_TAPE_READ_MODE 0 0.0.0.0 ACTIVE WRITE NDMP_MOVER_PAUSE_NA NDMP_MOVER_HALT_NA 35675136 0 0 18446744073673898495 0 18446744073709551615 1 35653120 64512 553 -1 -1 42496 64512 31481856 0.0.0.0 31481856 2 1 0 0 0 -1 -1 0 18446744073709551615 0 0 0
: : /ifs/restore/perf//restore_streams/1 : :
175
Node FH info PERFWATCH Timers (sec.msec.usec) mover write latency samples : header read latency samples : total : high : low : average : file selection latency samples : total : high : low : average : renaming latency samples : total : high : low : average : tape read latency samples : total : high : low : average : file extract turnaround samples : total : high : low : average : Counters
: 0 : 0
0 512 000.591.833 000.004.773 000.000.034 000.000.046 512 005.574.436 000.000.607 000.000.396 000.000.413 512 000.171.396 000.000.022 000.000.011 000.000.012 37 001.904.646 001.740.111 000.000.002 000.051.476 512 027.801.575 000.017.065 000.001.853 000.002.026
176
The system displays output similar to the following example: Setting Value -----------------------------------port 2000 dma EMC
The default value is generic. port Species the TCP/IP port number on which the NDMP daemon listens for incoming connections. The default value is 10000. --value=<Setting_Value> Required. Species the new value for the setting. Examples To set the vendor of the current data management application to EMC, run the following command: isi ndmp settings set --name=dma --value=emc The following command sets the port number on which the NDMP daemon listens for incoming connections to 2000: isi ndmp settings set port 2000
177
178
Species the name of a specic NDMP user to list. Examples To view a list of NDMP users, run the following command: isi ndmp user list The system displays output similar to the following example: NDMP User --------newUser1 newUser2 newUser3 newUser4
isi networks
The isi networks command manages external network conguration settings. Syntax isi networks [--dns-servers=<IPAddressList>] [--add-dns-servers=<IPAddressList>] [--remove-dns-servers=<IPAddressList>] [--dns-search=<DNSDomainList>] [--add-dns-search=<DNSDomainList>] [--remove-dns-search=<DNSDomainList>] [--tcp-port=<TCPPortList>] [--add-tcp-port=<TCPPortList>] [--remove-tcp-port=<TCPPortList>] [--sc-rebalance-all] Options If no options are specied, displays all domain name servers, domain name server (DNS) search lists, client TCP ports, and subnets congured on the cluster.
179
--dns-servers=<IPAddressList> Sets the list of DNS IP addresses that nodes issue requests from. List cannot have more than three sufxes. This option overwrites the current list of DNS servers. --add-dns-servers=<IPAddressList> Adds one or more DNS IP addresses, separated by commas. The list cannot contain more than 3 IP addresses. --remove-dns-servers=<IPAddressList> Removes one or more DNS IP addresses, separated by commas. --dns-search=<DNSDomainList> Sets the list of DNS search sufxes that are appended to dns names that are not fully qualied. List cannot have more than six sufxes. This option overwrites the current list of DNS search sufxes. Note: Do not begin sufxes with a leading dot; leading dots are added automatically. --add-dns-search=<DNSDomainList> Adds one or more DNS search sufxes, separated by commas. The list cannot contain more than 6 sufxes. --remove-dns-search=<DNSDomainList> Removes one or more DNS search sufxes, separated by commas. --tcp-port=<TCPPortList> Sets one or more recognized client TCP ports. This option overwrites the current list of TCP ports. --add-tcp-port=<TCPPortList> Adds one or more recognized client TCP ports. --remove-tcp-port=<TCPPortList> Removes one or more client TCP ports. --sc-rebalance-all Rebalances dynamic IP addresses in all pools. Note: This option is only valid if a SmartConnect Advanced license is active on the cluster. Examples The following command sets 10.52.0.1 and 10.52.0.2 as the current DNS IP addresses: isi networks --dns-servers=10.52.0.1,10.52.0.2 The following command sets "company.com" and "storage.company.com" as DNS search sufxes: isi networks --dns-search=company.com,storage.company.com The following command sets 2049, 445, 20, 21, and 80 as recognized client TCP ports: isi networks --tcp-port=2049,445,20,21,80
180
181
roundrobin: Rotates equally through interfaces. failover: Uses only one interface until it fails, then switches to a currently unused interface. lacp: Aggregates using Link Aggregation Control Protocol (LACP). fec: Aggregates using the post-6.5 FEC driver.
The default mode is lacp, unless the system has been upgraded from a version of OneFS lower than 6.5 to one higher. In that case, the default mode is legacy. --ttl=<number> Species the time to live value for SmartConnect DNS query responses (in seconds). DNS responses are only valid for the time specied. The default value is 0. --zone=<Zone> Species the SmartConnect zone name for this pool. Pool IP addresses are returned in response to DNS queries to this zone. The given <ConnectPolicy> determines which pool IP addresses are returned. --add-zone-aliases=<String> Adds specied DNS names to the pool as SmartConnect zone aliases. Multiple aliases can be specied in a comma-separated list. --connect-policy=<ConnectPolicy> Species how the connections of new clients are balanced across IP addresses. The following values are valid: round-robin: Rotates through nodes equally. conn-count: Assigns node that has least connections. throughput: Assigns node with least throughput. cpu-usage: Assigns node with least CPU usage.
The default policy is Round Robin. --failover-policy=<FailoverPolicy> Species how IP addresses are rebalanced across the remaining IP interface members when an interface member fails. The following values are valid: round-robin: Rotates through nodes equally. conn-count: Assigns node that has least connections. throughput: Assigns node with least throughput. cpu-usage: Assigns node with least CPU usage.
The default policy is Round Robin. --manual-failback Requires that connection rebalancing be performed manually after failback. To manually rebalance a pool, run the following command: isi networks modify pool --name=<Subnet>:<Pool> --sc-rebalance --auto-failback Causes connections to be rebalanced automatically after failback. This is the default setting. --verbose Displays detailed information about the pool-creation process. --force Suppresses warning messages about pool creation.
182
OneFS Command Reference Examples The following command creates a new address pool named pool1 under subnet0 that assigns IP addresses 192.168.8.10-192.168.8.15 to ext-1 on nodes 1, 2, and 3. The SmartConnect zone name of this pool is storage.company.com but it accepts the alias of storage.company: isi networks create pool subnet0:pool1 --ifaces=1-3:ext-1 --ranges=192.168.8.10-192.168.8.15 --zone=storage.company.com --add-zone-aliases=storage.company The following command creates a new address pool named pool2 under subnet0 that includes interfaces ext-1 and ext-2 on node 1, and aggregates them underneath ext-agg, alternating equally between them: isi networks create pool subnet0:pool2 --iface=1:ext-agg --ranges=192.168.8.10-192.168.8.15 --aggregation-mode=roundrobin The following command creates a new address pool named pool3 under a subnet named subnet0 whose connection rebalancing must be performed manually: isi networks create pool --name=subnet0:pool3 --ifaces=1,2:ext-1,ext-2 --ranges=192.168.8.10-192.168.8.15 --manual-failback
183
Applies this rule to all I-Series accelerator nodes only. --storage-x Applies this rule to all storage nodes except I-Series storage nodes. --accelerator-x Applies this rule to all accelerator nodes except I-Series accelerator nodes. Examples The following command causes all ext-2 interfaces on I-Series accelerator nodes to be assigned to subnet0:pool0: isi networks create rule subnet0:pool0:rule1 ext-2 --accelerator The system displays output similar to the following example: Creating rule 'subnet0:pool0:rule3': OK Adding rule: OK Saving: OK
184
--gateway-prio=<number> Species the gateway priority for the subnet. Valid values are numbers between 1 and the total number of existing subnets. The default priority is the lowest possible. --mtu=<MTU> Species the maximum transmission unit (MTU) of the subnet (in bytes). Common values are 1500 and 9000. --sc-service-addr=<IPAddress> Species the IP address on which the SmartConnect module listens for domain name server (DNS) requests on this subnet. --vlan-id=<VlanIdentier> Species the VLAN ID or tag for all interfaces on the subnet. --verbose Displays the progress of different parameters as they are applied to the subnet being created. Examples The following command creates a subnet named example1 with a netmask of 255.255.255.0: isi networks create subnet --name=example1 --netmask=100.50.10.5 The system displays output similar to the following: Creating subnet 'example1': OK Saving: OK
185
To conrm the deletion, type yes and then press ENTER. Note: If you attempt to delete the only IP address pool in the subnet, the system displays output similar to the following: !! Warning: pool 'subnet1:pool0' is the only remaining pool; deleting !! it may result in connection issues. If you see this message, and you are not connected to the node in its serial console, it is recommended that you type no and then press ENTER to cancel the operation.
186
--force, -f Suppresses any prompts, warnings, or conrmation messages that would otherwise appear. Examples The following command deletes a subnet named subnet1: isi networks delete subnet subnet1 The following conrmation prompt displays: !! Are you sure you want to delete subnet 'subnet1'? (yes, [no]) To conrm the deletion, type yes and then press ENTER. Note: If you attempt to delete the last remaining subnet, a warning message similar to the following example displays before the conrmation prompt: Warning: subnet 'subnet1' is the only remaining subnet; deleting it may result in connection issues. If you see this message, it is recommended that you type no and then press ENTER to cancel the operation.
To view detailed information about the network interfaces, run the following command:
187
isi networks list interfaces --verbose The system displays detailed information about the interfaces, similar to the following example output: Node: Interface: NIC Name: Status: In: Out: Owners: IP Addrs: Node: Interface: NIC Name: Status: In: Out: Owners: IP Addrs: Node: Interface: NIC Name: Status: In: Out: Owners: IP Addrs: 1 ext-1 example0 up 49Kb/s 0b/s 1 subnet0:pool0 1 11.22.3.45 1 ext-2 example1 no carrier 0b/s 0b/s 0 0 2 ext-1 example0 up 11Kb/s 0b/s 1 subnet0:pool0 1 11.22.34.56
188
Displays only pools containing a rule name that matches the specied string. --iface=<InterfaceName> Displays only pools containing the specied member interface. --has-addr=<IPAddress> Displays only the pool that contains the specied IP address. --verbose, -v Displays detailed information about the specied pool. Examples To view a list of all available IP address pools, run the following command: isi networks list pools The system displays a list of pools in output similar to the following example: Subnet -------subnet0 subnet1 subnet1 subnet1 subnet0 Pool -------pool0 pool0 pool01 pool10 example1 SmartConnect Zone ---------------------Ranges -----------10.22.136.1-6 10.22.136.1-6 10.22.136.1-6 10.22.136.1-6 10.33.150.20-30 Alloc ------Static Static Static Static Dynamic
example.samplesite.com
To display all pools whose names contain the string pool0, run the following command: isi networks list pools --name=pool0 The system displays output similar to the following example: Subnet -------subnet0 subnet1 subnet1 Pool -------pool0 pool0 pool01 SmartConnect Zone --------------------Ranges -----------10.22.136.1-6 10.22.136.1-6 10.22.136.1-6 Alloc ------Static Static Static
The following commands displays detailed information on subnet0:pool0: isi networks list pools --name=subnet0:pool0 -v The system displays output similar to the following example: subnet0:pool0 - Default pool In Subnet: subnet0 Allocation: Static Ranges: 1 10.53.136.11-10.53.136.13 Pool Membership: 3 1:ext-1 (up) 2:ext-1 (up) 3:ext-1 (up) Aggregation Mode: Link Aggregation Control Protocol (LACP) SmartConnect: Suspended Nodes : None Zone : N/A Time to Live : 0 Service Subnet : N/A Connection Policy: Round Robin Failover Policy : Round Robin Rebalance Policy : Automatic Failback
189
190
191
--name=<Subnet>:<Pool> Required. Species the name of the subnet to modify. Valid names include the name of the subnet and the name of the pool, separated by a colon, for example subnet1:pool0.
192
--new-name=<Pool> Sets a new name for the pool. This must be unique throughout the subnet. Note that this option does not include the name of the subnet. --sc-rebalance Rebalances the IP addresses for this pool. --ranges=<IPRangeList> Species one or more IP address ranges for this pool. IP addresses within these ranges are assigned to the interfaces that belong to this pool (also known as interface members). Note: Specifying new ranges with this option will remove any previously existing ranges from the pool. --add-ranges=<IPRangeList> Adds specied IP address ranges to this pool. --remove-ranges=<IPRangeList> Removes specied IP address ranges from this pool. --ifaces=<NodeInterface> Species one or more interface members in this pool. Specify in the form of <Nodes>:<Interfaces>. To specify individual nodes, separate <Nodes> with commas. To specify a range of nodes, separate with dashes. <Interfaces> must be separated by commas. For example: --ifaces=1-3,5:ext-1,ext-2. This includes ext-1 and ext-2 on nodes 1, 2, 3, and 5. --add-ifaces=<NodeInterface> Adds specied member interfaces to this pool. --remove-ifaces=<NodeInterface> Removes specied member interfaces from this pool. --sc-subnet=<string> Species the name of the SmartConnect Service subnet that is responsible for this zone. --desc=<Description> Species an optional description of this pool. --dynamic IP addresses are automatically distributed and redistributed to one or more pool members based on the connect and failover policies. Interface members have any number of IP addresses assigned to them at different points in time. Note: This option is only valid if a SmartConnect Advanced license is active on the cluster. --static Each pool member is permanently assigned a single IP address. Depending on the number of IP addresses available, some IP addresses might go unused. This is the default setting. --aggregation Species how external interfaces are aggregated underneath ext-agg. Aggregation will only take place if ext-agg is a pool member. The following values are valid: legacy: Aggregates using the pre-6.5 Fast EtherChannel (FEC) driver. roundrobin: Rotates equally through interfaces. failover: Uses only one interface until it fails, then switches to a currently unused interface.
193
lacp: Aggregates using Link Aggregation Control Protocol (LACP). fec: Aggregates using the post-6.5 FEC driver.
The default mode is lacp, unless the system has been upgraded from a version of OneFS lower than 6.5 to one higher. In that case, the default mode is legacy. --ttl=<number> Species the time to live value for SmartConnect DNS query responses (in seconds). DNS responses are only valid for the time specied. The default value is 0. --zone=<Zone> Species the SmartConnect zone name for this pool. Pool IP addresses are returned in response to DNS queries to this zone. The given <ConnectPolicy> determines which pool IP addresses are returned. --add-zone-aliases=<string> Adds specied DNS names to the pool as SmartConnect zone aliases. Multiple aliases can be specied in a comma-separated list. --remove-zone-aliases=<string> Removes specied DNS names from the pool as SmartConnect zone aliases. Multiple aliases can be specied in a comma-separated list. --connect-policy=<ConnectPolicy> Species how the connections of new clients are balanced across IP addresses. The following values are valid: round-robin: Rotates through nodes equally. conn-count: Assigns node that has least connections. throughput: Assigns node with least throughput. cpu-usage: Assigns node with least CPU usage.
--failover-policy=<FailoverPolicy> Species how IP addresses are rebalanced across the remaining IP interface members when an interface member fails. The following values are valid: round-robin: Rotates through nodes equally. conn-count: Assigns node that has least connections. throughput: Assigns node with least throughput. cpu-usage: Assigns node with least CPU usage.
--manual-failback Requires that connection rebalancing be performed manually after failback. --auto-failback Causes connections to be rebalanced automatically after failback. This is the default setting. --sc-suspend-node=<NodeLnn> Suspends SmartConnect DNS query responses for the specied node. While suspended, SmartConnect does not return IP addresses for this node, but allows active clients to remain connected. --sc-resume-node=<NodeLnn> Resumes suspended SmartConnect DNS query responses for the specied node. --verbose, -v Displays detailed information about the progress of the pool modication process. --force, -f Suppresses warning messages about pool modication.
194
--add-static-routes=<Network>/<Netmask>-<Gateway> Adds static route to all nodes containing a member interface in the pool being modied. This command is limited to adding IPv4 routes and is available from the command line only.
! Attention: Static-route settings that were added in versions earlier than OneFS 6.5.5 via
rc scripts must be re-created using this option. Existing static route settings will no longer work and must be re-created using the add-static-routes command.
Add one or more one or more static routes to a pool as a comma-separated string of static routes in the format xxx.xxx.xxx.xxx/nn-yyy.yyy.yyy.yyy, where xxx.xxx.xxx.xxx is the placeholder for the network, nn is the placeholder for the netmask, and yyy.yyy.yyy.yyy is the placeholder for the gateway. --remove-static-routes=<Network>/<Netmask>-<Gateway> Removes one or more static routes from a pool as a comma-separated string of static routes in the format xxx.xxx.xxx.xxx/nn-yyy.yyy.yyy.yyy, where xxx.xxx.xxx.xxx is the placeholder for the network, nn is the placeholder for the netmask, and yyy.yyy.yyy.yyy is the placeholder for the gateway. --auto-unsuspend-delay=<Seconds> Delay the automatic unsuspending of nodes with member interfaces in the pool by set number of seconds. The automatic suspend and unsuspend operation is performed automatically during rolling upgrades and if this delay is set it also takes effect for general node splits and/or reboots. Pool IP addresses on an automatically suspended node will not be given out by SmartConnect for the pool zone or zone aliases while the node is automatically suspended. This setting is only available via the command line and the current setting can be viewed by listing the current Flexnet pools in verbose mode. Examples The following command removes node 6 from participating in the SmartConnect prole for subnet0:pool0: isi networks modify pool --name=subnet0:pool0 --sc-suspend-node=6 You can conrm that the node has been suspended by running the following command: isi networks list pools --verbose The following command removes the IP address of 192.168.9.84 from pool subnet0:pool01: isi networks modify pool --name=subnet0:pool01 --ranges=192.168.9.84 The following command causes subnet0:pool1 to rotate equally through aggregated interfaces: isi networks create pool subnet0:pool1 --aggregation-mode=roundrobin The following command adds a static route to the pool subnet0:pool0: isi networks modify pool subnet0:pool0 --add-static-routes=4.4.0.0/16-10.7.160.4 The following command removes a static route from the pool subnet0:pool0 isi networks modify pool subnet0:pool0 --remove-static-routes=4.4.0.0/16-10.7.160.4 You can conrm static-route settings for all pools by running the following command: isi networks ls pools v The system displays the static-route information, similar to the following sample output: subnet0:pool0 - Default pool In Subnet: subnet0 Allocation: Static Ranges: 1 10.1.1.1-10.1.1.10
195
Pool Membership: 1 1:ext-1 (up) Auth Providers: 0 Aggregation Mode: Link Aggregation Control Protocol (LACP) Static Routes: 1 123.123.123.0/24 10.1.1.254 SmartConnect: Suspended Nodes : None Auto Unsuspend ... 10 Zone : N/A Time to Live : 0 Service Subnet : N/A Connection Policy: Round Robin
You can only specify one <ApplicationOption>. The following options are application options: --any --storage --accelerator --storage-x --accelerator-x --backup-accelerator
--name=<Subnet>:<Pool>:<Rule> Required. Species the name and location of the rule being modied. Valid names include the subnet, pool, and a unique rule name, separated by colons (for example, subnet1:pool1:newrule). --new-name=<Rule> Species a new name for the rule. This name must be unique throughout the pool. Note: This option does not include the name of the subnet or the pool.
196
--pool=<Subnet>:<Pool> Changes the pool to which the rule belongs. You must specify both the name of the subnet and the name of the pool, separated by a colon (for example, subnet1:pool3). --iface=<NodeInterface> Species the node interface to which the rule applies. --desc=<Description> Species an optional description of this rule. --any Applies this rule to all nodes. This is the default setting. --storage Applies this rule to all I series storage nodes. --accelerator Applies this rule to all I series accelerator nodes. --storage-x Applies this rule to all storage nodes except I series storage nodes. --accelerator-x Applies this rule to all accelerator nodes except I series accelerator nodes. --verbose, -v Displays detailed information about the rule modication process. Examples The following example applies rule3 on subnet0:pool0 only to all I series storage nodes: isi networks modify rule subnet0:pool0:rule3 --storage The system displays detailed information about the interfaces, similar to the following example output: Modifying rule 'subnet0:pool0:rule3': Saving: OK
Options You must specify at least one network subnet setting to modify.
197
Specify network subnet settings using one or more of the following options: --new-name --netmask --prexlen --enable-vlan --disable-vlan --dsr-addrs --add-dsr-addrs --remove-dsr-addrs --desc --gateway --gateway-prio --mtu --sc-service-addr --vlan-id
--name=<Subnet> Required. Species the name of the subnet to modify. --new-name=<Subnet> Species a new name for the subnet. The name must be unique throughout the cluster. --netmask=<IPAddress> Species the netmask of this subnet. --prexlen=<number> Species the IPv6 subnet prex length. --enable-vlan Enables all virtual LAN tagging on this subnet. --disable-vlan Disables any virtual LAN tagging on this subnet. --dsr-addrs=<IPAddressList> Species one or more Direct Server Return addresses for this subnet. --add-dsr-addrs=<IPAddressList> Adds one or more Direct Server Return addresses to this subnet. --remove-dsr-addrs=<IPAddressList> Removes one or more Direct Server Return addresses from this subnet. --desc=<QuotedString> Species an optional description for this subnet. --gateway=<IPAddress>, -g=<IPAddress> Species the gateway IP address used by this subnet. If not specied, the default gateway is used.
198
Species the maximum transmission unit (MTU) of the subnet (in bytes). Valid values are 1500 or 9000. --sc-service-addr=<IPAddress> Species the address on which SmartConnect listens for DNS requests on this subnet. --vlan-id=<VlanIdentier> Species the VLAN ID or tag for all interfaces on this subnet. --verbose, -v Displays the progress of different parameters as they are modied on the subnet. --force, -f Suppresses any prompts or warnings messages that would otherwise appear before or during the subnet modication operation. Examples The following command changes the name of subnetOld to subnetNew: isi networks modify subnet subnetOld --new-name=subnetNew The system displays output similar to the following: Creating subnet 'example1': OK Saving: OK
199
200
OneFS Command Reference [--dtpref=<number>] [--encoding=<encoding>] [--map-lookup-uid=<boolean>] [--mapall=<string>] [--maproot=<User_Name>] [--mapfull=<boolean>] [--maxfilesize=<number>] [--read-only=<boolean>] [--readdirplus-enable=<boolean>] [--readdirplus-prefetch=<number>] [--return-32bit-file-ids=<boolean>] [--rtmax=<number>] [--rtmult=<number>] [--rtpref=<number>] [--security-flavors=<string>] [--setattr-asynchronous=<boolean>] [--symlink-supported=<boolean>] [--time-delta=<string>] [--write-datasync-action=<string>] [--write-datasync-reply=<string>] [--write-filesync-action=<string>] [--write-filesync-reply=<string>] [--write-unstable-action=<string>] [--write-unstable-reply=<string>] [--wtmax=<number>] [--wtmult=<number>] [--wtpref=<number>] Options --path=<string> Species the path to be exported. Multiple paths can be specied with multiple --path parameters. --client=<Client> Species the client to be allowed access via this export. If not specied, rule applies to all clients. Specify as a network host name, an IP address, a subnet, or as a "netgroup" name. For IPv4 addresses, specify in dotted-decimal notation (a.b.c.d). For IPv6 addresses, specify in colon notation. IPv4 addresses mapped into the IPv6 address space are translated and stored as IPv4 addresses to remove any possible ambiguities. --comment=<string>, -c<string> Species a description of the export for administrator's convenience. --all-dirs=<boolean> Determines whether this export covers all subdirectories beneath the given path. --bsize=<number> Species block size. (NFSv2) --cansettime=<boolean> Determines whether this export can modify different le times. --comit-asynchronous=<boolean> Determines whether commit data operations perform asynchronously. --dtpref=<number> Species the preferred number of directory entries to transfer. --encoding=<encoding> Species character encoding of clients connecting via this export. The following table lists the possible encodings and their respective valid values: Valid Value cp932 cp949 cp1252 euc-kr euc-jp euc-jp-ms utf-8-mac Encoding Windows-SJIS Windows-949 Windows-1252 EUC-KR EUC-JP EUC-JP-MS UTF-8-MAC
201
Valid Value utf-8 iso-8859-1 iso-8859-2 iso-8859-3 iso-8859-4 iso-8859-5 iso-8859-6 iso-8859-7 iso-8859-8 iso-8859-9 iso-8859-10 iso-8859-13 iso-8859-14 iso-8859-15 iso-8859-16
Encoding UTF-8 ISO-8859-1 (Latin-1) ISO-8859-2 (Latin-2) ISO-8859-3 (Latin-3) ISO-8859-4 (Latin-4) ISO-8859-5 (Cyrillic) ISO-8859-6 (Arabic) ISO-8859-7 (Greek) ISO-8859-8 (Hebrew) ISO-8859-9 (Latin-5) ISO-8859-10 (Latin-6) ISO-8859-13 (Latin-7) ISO-8859-14 (Latin-8) ISO-8859-15 (Latin-9) ISO-8859-16 (Latin-10)
--map-lookup-uid=<boolean> Determines whether to lookup a user mapping for UIDs. --mapretry=<boolean> Determines whether to retry user mapping lookups if they fail. --mapall=<User_Name> Species the identity that operations by any user will be executed as. --maproot=<string> Species the identity that operations by root will be executed as. --mapfull=<boolean> Determines whether to use the full identity mapping resolution of mapped users. --maxlesize=<number> Species the maximum allowed le size on the server (in bytes). If a le is larger than the specied <number>, an error is returned. --read-only=<boolean> Determines whether writes are permitted to the mounted le system. If set to true, attempts to write will fail and display the "NFS read-only file system" error. If set to false, writes are successful. --readdirplus-enable=<boolean> Determines whether clients are allowed to use readdir-plus. If true, readdirplus requests are processed. If false, readdirplus requests are rejected and display the "NFS operation not supported" error. The default value is true. (NFSv3) --readdirplus-prefetch=<number> Species the number of directory entries that are prefetched when a readdirplus request is processed. The default value is 10. (NFSv3/4)
202
--return-32bit-le-ids=<boolean> Determines whether to limit the size of le identiers returned by NFSv3+ to 32-bit values (NFSv2 is limited to 32-bit values regardless of how this option is specied). While NFSv3+ allows 64-bit le identiers, certain clients might not support them, and silently ignore the most signicant 32-bits. --rtmax=<number> Species the value that is returned to a client's FSINFO request as the maximum read size (in bytes). Number must not be larger than 4294967295. (NFSv3/4) The default value is 512KB. Note: Although the server is capable of reads up to the --rtmax value bytes, the preferred and multiple size should be used for best performance. --rtmult=<number> Species the value that is returned to a client's FSINFO request as the preferred multiple read size (in bytes). Number must not be larger than 4294967295. (NFSv3/4) The default value is 128KB. --rtpref=<number> Species the value that is returned to a client's FSINFO request as the preferred read size (in bytes). Number must not be larger than 4294967295. (NFSv3/4) The default value is 512. --security-avors=<string> Species supported security avors. The following values are valid: sys: Sys or UNIX authentication is accepted. krb5: Kerberos V5 authentication is accepted. krb5i: Kerberos V5 authentication with integrity is accepted. krb5p: Kerberos V5 authentication with privacy is accepted.
The default value is sys. --setattr-asynchronous=<boolean> Determines whether set attribute operations are performed asynchronously (not waiting for completion before proceeding). If set to false, set attribute operations are processed synchronously and do not allow NFS to proceed until they ush modied le-system data to disk. If set to true, set attribute operations are processed asynchronously and the le system allows NFS to proceed regardless of whether modied le-system data has been ushed to disk yet. The default value is false. --symlink-supported=<boolean> Determines whether to report to the client that the le system supports symbolic link le types. If set to true, symbolic links are supported and can be created and read. When set to false, symbolic links are not supported. The default value is true. --time-delta=<number> Sets server time granularity. Specify in decimal form, such as 0.x1, where x is any number of zeros. For example, to set the granularity to nanoseconds, the value is 0.000000001. Note: Times are truncated by the server, not rounded. --write-datasync-action=<string> Species another way to perform datasync writes. (NFSv3/4) The following values are valid:
203
The default value is datasync (performs the request as specied). --write-datasync-reply=<string> Species an alternate response to datasync writes. (NFSv3/4) The following values are valid: datasync filesync
The default value is datasync (does not respond differently). --write-lesync-action=<string> Species another way to perform lesync writes. The following values are valid: datasync filesync unstable
The default value is filesync (performs the request as specied). --write-lesync-reply=<string> Species an alternate response to lesync writes. The following values are valid: filesync
The default value is filesync (does not respond differently). --write-unstable-action=<string> Species another way to perform unstable writes. The following values are valid: datasync filesync unstable
The default value is unstable (performs the request as specied). --write-unstable-reply=<string> Species an alternate response to unstable writes. The following values are valid: datasync filesync unstable
The default value is unstable (does not respond differently). --wtmax=<number> Species the value that is returned to a client's FSINFO request as the maximum write size (in bytes). Number must not be larger than 4294967295. (NFSv3/4) The default value is 512KB. --wtmult=<number>
204
Species the value that is returned to a client's FSINFO request as the preferred multiple write size (in bytes). Number must not be larger than 4294967295. (NFSv3/4) The default value is 512KB. --wtpref=<number> Species the value that is returned to a client's FSINFO request as the preferred write size (in bytes). Number must not be larger than 4294967295. (NFSv3/4) The default value is 512KB. Examples The following command creates an export for /ifs/home that maps all clients that identify themselves as root to nobody: isi nfs exports create --path=/ifs/home --maproot=nobody The following command creates an export for /ifs/home only for the client at IP address 192.168.7.201: isi nfs exports create --path=/ifs/home --client=192.168.7.201 The following command creates an export for /ifs/home that accepts Kerberos V5 authentication: isi nfs exports create --path=/ifs/home --security-flavors=krb5
205
OneFS Command Reference Options --identier=<Identier>, -I=<Identier> Species identier of rule being to be listed. --resolve, -r Checks to make sure that all clients are resolved. If a client is not resolved, they are enclosed in brackets in the output. --site-default, -s Displays the site default. --verbose, -v Displays detailed information on existing export rules and their default settings. Examples To view all existing export rules, run the following command: isi nfs exports list The system displays output similar to the following example: Rule ID Site-default 1 2 Paths /ifs /ifs/home/newUser Comment Export option... Default export
To view detailed information on existing export rules and their default settings and see whether clients are resolved or not, run the following command: isi nfs exports list -v -r The system displays output similar to the following example (in this example, the client of export 1 is not resolved): Export Site-default: Comment: Export option defaults Options: subdirectories below the paths are not mountable block size reported as 8192 bytes (NFSv2) file times reported as settable by clients (NFSv3+) commit requests performed synchronously (NFSv3+) directory read transfer size recommended as 131072 bytes (NFSv3+) data encoding is DEFAULT map root to user "nobody" groups "nobody,nogroup" map using full identity mapping use incoming UIDs without modification retry failed user mappings maximum file size reported as 9223372036854775807 (NFSv3+) read-write access readdir-plus requests are supported (NFSv3+) readdir-plus requests prefetch information for up to 10 files (NFSv3+) readdir[plus] requests returned file numbers may exceed 32-bits (NFSv3+) read transfer maximum size recommended as 524288 bytes (NFSv3+) read transfer multiple size recommended as 512 bytes (NFSv3+) read transfer preferred size recommended as 131072 bytes (NFSv3+) security flavors unix are supported set attribute operations must be synchronous symbolic link file types are supported time changes are reported in 0.000000001 second intervals write operations specifying DATASYNC to be processed as DATASYNC
206
(NFSv3+) write operations specifying DATASYNC to be replied to with DATASYNC (NFSv3+) write operations specifying FILESYNC to be processed as FILESYNC (NFSv3+) write operations specifying FILESYNC to be replied to with FILESYNC (NFSv3+) write operations specifying UNSTABLE to be processed as UNSTABLE (NFSv3+) write operations specifying UNSTABLE to be replied to with UNSTABLE (NFSv3+) write transfer maximum size recommended as 524288 bytes (NFSv3+) write transfer multiple size recommended as 512 bytes (NFSv3+) write preferred size recommended as 524288 bytes (NFSv3+) Export 1: Comment: Paths: Clients: Options: Export 2: Comment: Paths: Clients: Options: Options: Default export /ifs [host anotherthing] all directories below the paths can be mountable /ifs/home/newUser (all) read-only access security flavors krb5i are supported write transfer maximum size recommended as 300 bytes (NFSv3+)
207
OneFS Command Reference | --default-write-unstable-action | --default-write-unstable-reply | --default-wtmax | --default-wtmult | --default-wtpref | --delete-path=<string> | --delete-client=<string>}... Options You must specify whether to modify a specic rule or the site default rule and at least one action to perform on the rule. Specify whether to modify a specic rule or the site default rule using exactly one of the following options: --identier --site-default
Specify one or more actions using any parameters other than --identier or --site-default --identier=<Identier>, -I=<Identier> Modies the rule of the specied identier. --site-default, -s Modies the site default rule. --client=<string> Species the client to be allowed access via this export. Specify as a network host name, an IP address, a subnet, or as a "netgroup" name. For IPv4 addresses, specify in dotted-decimal notation (a.b.c.d). For IPv6 addresses, specify in colon notation. IPv4 addresses mapped into the IPv6 address space are translated and stored as IPv4 addresses to remove any possible ambiguities. --path=<string> Adds specied path to those to be exported. --comment=<string>, -c<string> Describes export for the administrator's convenience. --all-dirs=<boolean> Determines whether this export covers all subdirectories beneath the given path. --bsize=<number> Species block size. (NFSv2) --cansettime=<boolean> Determines whether this export can modify different le times. --comit-asynchronous=<boolean> Determines whether commit data operations perform asynchronously --dtpref=<number> Species the preferred number of directory entries to transfer. --encoding=<encoding> Species character encoding of clients connecting via this export. The following table lists the possible encodings and their respective valid values: Valid Value cp932 cp949 cp1252 euc-kr Encoding Windows-SJIS Windows-949 Windows-1252 EUC-KR
208
Valid Value euc-jp euc-jp-ms utf-8-mac utf-8 iso-8859-1 iso-8859-2 iso-8859-3 iso-8859-4 iso-8859-5 iso-8859-6 iso-8859-7 iso-8859-8 iso-8859-9 iso-8859-10 iso-8859-13 iso-8859-14 iso-8859-15 iso-8859-16
Encoding EUC-JP EUC-JP-MS UTF-8-MAC UTF-8 ISO-8859-1 (Latin-1) ISO-8859-2 (Latin-2) ISO-8859-3 (Latin-3) ISO-8859-4 (Latin-4) ISO-8859-5 (Cyrillic) ISO-8859-6 (Arabic) ISO-8859-7 (Greek) ISO-8859-8 (Hebrew) ISO-8859-9 (Latin-5) ISO-8859-10 (Latin-6) ISO-8859-13 (Latin-7) ISO-8859-14 (Latin-8) ISO-8859-15 (Latin-9) ISO-8859-16 (Latin-10)
--map-lookup-uid=<boolean> Determines whether to lookup incoming UIDs locally. --mapretry=<boolean> Determines whether to retry failed user mapping lookups. --mapall=<string> Species the identity that operations by any user will be executed as. --maproot=<User_Name> Species the identity that operations by root will be executed as. --mapfull=<boolean> Determines whether to use the full identity mapping resolution of mapped users. --maxlesize=<number> Species the maximum size of a le. --read-only=<boolean> Determines whether writes are permitted to the given directory path. If set to true, attempts to write will fail and display the "NFS read-only file system" error. If set to false, writes are successful. --readdirplus-enable=<boolean> Determines whether clients are allowed to use readdir-plus. If true, readdirplus requests are processed. If false, readdirplus requests are rejected and display the "NFS operation not supported" error. The default value is true. (NFSv3)
209
--readdirplus-prefetch=<number> Species the number of directory entries that are prefetched when a readdirplus request is processed. The default value is 10. (NFSv3/4) --return-32bit-le-ids=<boolean> Determines whether to limit the size of le identiers returned by NFSv3+ to 32-bit values (NFSv2 is limited to 32-bit values regardless of how this option is specied). While NFSv3+ allows 64-bit le identiers, certain clients might not support them, and silently ignore the most signicant 32-bits. --rtmax=<number> Species the value that is returned to a client's FSINFO request as the maximum read size (in bytes). Number must not be larger than 4294967295. (NFSv3/4) The default value is 512KB. Note: While the server is capable of reads up to the --rtmax value bytes, the preferred and multiple size should be used for best performance. --rtmult=<number> Species the value that is returned to a client's FSINFO request as the preferred multiple read size (in bytes). Number must not be larger than 4294967295. (NFSv3/4) The default value is 128KB. --rtpref=<number> Species the value that is returned to a client's FSINFO request as the preferred read size (in bytes). Number must not be larger than 4294967295. (NFSv3/4)(NFSv3/4) The default value is 512. --security-avors=<string> Species supported security avors. The following values are valid: sys: Sys or UNIX authentication is accepted. krb5: Kerberos V5 authentication is accepted. krb5i: Kerberos V5 authentication with integrity is accepted. krb5p: Kerberos V5 authentication with privacy is accepted.
The default value is sys. --setattr-asynchronous=<boolean> Determines whether set attribute operations are performed asynchronously (not waiting for completion before proceeding). If set to false, set attribute operations are processed synchronously and do not allow NFS to proceed until they ush modied le-system data to disk. If set to true, set attribute operations are processed asynchronously and the le system ushes modied attributes to disk when it chooses to. The default value is false. --symlink-supported=<boolean> Determines whether to report to the client that the le system supports symbolic link le types. If set to true, symbolic links are supported and can be created and read. When set to false, symbolic links are not supported. The default value is true. --time-delta=<string> Sets server time granularity. Specify in decimal form, such as "0.x1" where x is any number of zeros. For example, to set the granularity to nanoseconds, the value is 0.000000001. Note: Times are truncated by the server, not rounded.
210
--write-datasync-action=<string> Species another way to perform datasync writes. (NFSv3/4) The following values are valid: datasync filesync unstable
The default value is datasync (performs the request as specied). --write-datasync-reply=<string> Species an alternate response to datasync writes. (NFSv3/4) The following values are valid: datasync filesync
The default value is datasync (does not respond differently). --write-lesync-action=<string> Species another way to perform lesync writes. The following values are valid: datasync filesync unstable
The default value is filesync (performs the request as specied). --write-lesync-reply=<string> Species an alternate response to lesync writes. The following values are valid: filesync
The default value is filesync (does not respond differently). --write-unstable-action=<string> Species another way to perform unstable writes. The following values are valid: datasync filesync unstable
The default value is unstable (performs the request as specied). --write-unstable-reply=<string> Species an alternate response to unstable writes. The following values are valid: datasync filesync unstable
211
Species the value that is returned to a client's FSINFO request as the maximum write size (in bytes). Number must not be larger than 4294967295. (NFSv3/4) The default value is 512KB. --wtmult=<number> Species the value that is returned to a client's FSINFO request as the preferred multiple write size (in bytes). Number must not be larger than 4294967295. (NFSv3/4) The default value is 512KB. --wtpref=<number> Species the value that is returned to a client's FSINFO request as the preferred write size (in bytes). Number must not be larger than 4294967295. (NFSv3/4) The default value is 512KB. --default-all-dirs Sets all-dirs to the default value. --default-bsize Sets bsize to the default value. --default-cansettime Sets cansettime to the default value. --default-commit-asynchronous Sets commit-asynchronous to the default value. --default-dtpref Sets dtpref to the default value. --default-encoding Sets encoding to the default value. --default-map-lookup-uid Sets map-lookup-uid to the default value. --default-map Sets current mapping to the default value. --default-mapfull Sets mapfull to the default value. --default-maxlesize Sets maxlesize to the default value. --default-read-only Sets read-only to the default value. --default-readdirplus-enable Sets readdirplus-enable to the default value. --default-readdirplus-prefetch Sets readdirplus-prefetch to the default value. --default-return-32bit-le-ids Sets return-32bit-le-ids to the default value. --default-rtmax Sets rtmax to the default value. --default-rtmult Sets rtmult to the default value.
212
--default-rtpref Sets rtpref to the default value. --default-security-avors Sets security-avors to the default value. --default-setattr-asynchronous Sets setattr-asynchronous to the default value. --default-symlink-supported Sets symlink-supported to the default value. --default-time-delta Sets time-delta to the default value. --default-write-datasync-action Sets write-datasync-action to the default value. --default-write-datasync-reply Sets write-datasynch-reply to the default value. --default-write-lesync-action Sets write-lesync-action to the default value. --default-write-lesync-reply Sets write-lesync-reply to the default value. --default-write-unstable-action Sets write-unstable-action to the default value. --default-write-unstable-reply Sets write-unstable-reply to the default value. --default-wtmax Sets wtmax to the default value. --default-wtmult Sets wtmult to the default value. --default-wtpref Sets wtpref to the default value. --delete-path=<string> Species paths to remove from this export rule. --delete-client=<string> Species clients no longer valid for this export rule. Examples The following command causes all users to login as root for an export with an ID of 1, giving them full permissions on the cluster: isi nfs exports modify --mapall=root The following command resets all attributes for an export with an ID of 1 back to their default values: isi nfs exports modify 1 --default-all-dirs --default-bsize --default-cansettime --default-commit-asynchronous --default-dtpref --default-encoding --default-map-lookup-uid --default-map --default-mapfull --default-maxfilesize --default-read-only --default-readdirplus-enable --default-readdirplus-prefetch --default-return-32bit-file-ids --default-rtmax --default-rtmult --default-rtpref --default-security-flavors --default-setattr-asynchronous
213
--default-symlink-supported --default-time-delta --default-write-datasync-action --default-write-datasync-reply --default-write-filesync-action --default-write-filesync-reply --default-write-unstable-action --default-write-unstable-reply --default-wtmax --default-wtmult --default-wtpref
214
OneFS Command Reference Examples To view a list of all current locks, run the following command: isi nfs locks list The system displays output similar to the following example: svid@Hostname Lock Type Range Path machineName/10.72.134.119 exclusive [0, 2] /ifs/home/test1/file.txt machineName/10.59.166.125 shared [10, 20] /ifs/home/test2/file.txt machineName/10.63.119.205 shared [10, 20] /ifs/home/test2/file.txt The Range column represents the range of bytes that are locked
The Range column represents the range of bytes that are locked
isi perfstat
The isi perfstat command displays a table of performance statistics. Syntax isi perfstat Examples To view information on throughput and the number of le operations on a cluster, run the following command: isi perfstat The system displays output similar to the following example: Cluster Name: TechPubs
215
Initiator Statistics: Throughput (bytes/s) Files (#/s) ID | Type | Write Read Delete |Create Remove Lookup ----+----------+-------+-------+-------+-------+-------+------1 | storage | 0 | 12K | 0 | 0 | 0 | 40 2 | storage | 0 | 3.0K | 0 | 0 | 0 | 4 3 | storage | 8.0K | 6.0K | 0 | 0 | 0 | 9 ---------------+-------+-------+-------+-------+-------+------Totals: | 8.0K | 21K | 0 | 0 | 0 | 54
216
OneFS Command Reference Examples To check whether a patch named patch-example.tar is installed, run the following command: isi pkg info patch-example.tar If the patch is installed, the system displays the package name and date of installation, similar to the following output: Information for patch-example: Description: Package Name : patch-example - 2009-10-11 If the patch is not installed, the system displays the following output: patch-example.tar It is not installed.
217
You must specify usage limit and notication settings if you do not clone those settings from an existing quota by specifying the --clone-from option. Specify whether usage limits are enforced by using one of the following options: --enforcement --accounting
Specify usage limit thresholds by using one of the following options: <value>-threshold --soft-threshold and --soft-grace (must be specied together)
Specify notication settings using one of the following options: --restore-notify-to-global-defaults --reset-notify-state --notify-for-<value>-threshold <Notify_Conditions> <Notify_Actions>
--path=<ifs-directory> Required. Species the path for the domain set. --snaps=<boolean> Includes snapshot usage in the quota accounting. The default setting is false.
218
Note: You cannot add snapshot tracking to an existing quota domain. You must create a new one using this option. Quota domains with snapshot tracking can exist alongside domains without snapshot tracking on the same path. --pretend Does not actually create the domains. --force Forces creation of a quota domain on /ifs. --update Applies specications to an existing domain, as if using isi quota modify. --verbose, -v Displays a list of domains that have been created, actions that have been performed and status of save. --directory Species a quota domain for all les in the directory. --specic-user=<user>, -u<user> Species a quota domain governing only les owned by a specic user in the directory. --specic-group=<group>, -g<group> Species a quota domain governing only les owned by a specic group in the directory. --default-user Creates a default user domain. User-specic quota domains are created for each user who has les in the directory and links them to this quota domain. --default-group Creates a default group domain. Group-specic quota domains are created for each group that has les in the directory and links them to this quota domain. --unlink-from-default Unlinks a user or quota domain from its default quota domain for manual management instead of automatic management. --include-[no-]overhead Species whether or not threshold limits include le data overhead. --container=<boolean> When the volume of the cluster is requested, the usage limit is displayed instead of the actual available space. --clone-from <Filter> Creates quota domain with the same settings as the specied quota domain. Specify <Filter> as one or more quota identication parameters such as --path, --specic-group and --default-user. Filters must match only one quota domain in order to be valid. --<value>-threshold=<capacity> Species hard or advisory threshold limits for the given quota domain. The following <values> are valid: hard: Limits usage to the specied <capacity>. advisory: Issues warnings when specied <capacity> is exceeded.
Specify <capacity> in form <real>[k|m|g|t|p][b] where kb, mb, gb, tb, and pb stand for kilobytes, megabytes, gigabytes, terabytes, and petabytes, respectively. These sufxes are not case sensitive, and the 'b' is always optional. A sufx of 'b', or no sufx, indicates bytes. --soft-threshold=<capacity> --soft-grace=<duration>
219
Implements a <duration> during which users are warned that they have exceeded the threshold limit. After the <duration> expires, usage is limited to the specied <capacity>. These two options must be used together. Specify <capacity> in form <real>[{k|m|g|t|p}][b] where kb, mb, gb, tb, and pb stand for kilobytes, megabytes, gigabytes, terabytes, and petabytes respectively. These sufxes are not case sensitive, and the 'b' is always optional. A sufx of 'b', or no sufx, indicates bytes. Specify <duration> in form <integer>[{m|h|d|w}] where m, h, d, and w stand for minutes, hours, days and weeks, respectively. If no sufx is specied, indicates minutes. --enforcement Enforces usage limits. This is the default setting. --accounting Does not enforce usage limits. --notify-for-<value>-threshold <notify_conditions> <notify_actions> Sets notications for the specied threshold violations. The following <values> are valid: hard soft advisory
<Notify_Conditions> Species notication conditions for the --notify-for option. The following conditions are valid: --notify-on-denied-write-once-per=<duration> Sends notication for each time a le write is denied on a full quota, but does not notify more than once in the specied duration. Specify <duration> in form: <integer>[{m|h|d|w}] where m, h, d, and w stand for minutes, hours, days and weeks, respectively. If a sufx is not specied, indicates seconds. --notify-on-threshold-exceeded-once-per=<duration> Sends notication for each threshold violation on a quota, but does not notify more than once in the specied duration. Specify <duration> in form: <integer>[m|h|d|w] where m, h, d, and w stand for minutes, hours, days and weeks, respectively. If a sufx is not specied, indicates seconds. --notify-while-expired=[<recurrence>] Sends notication on the specied recurrence while over the soft threshold limit and after the grace period has expired. Specify <recurrence> in natural-language format, such as "every Tuesday at 3:00". An empty argument clears the setting. Note: This condition is only valid with --notify-for-soft-threshold. --notify-while-over=[<recurrence>] Sends notication on the specied recurrence while over the threshold limit. Specify <recurrence> in natural-language format, such as "every Tuesday at 3:00". An empty argument clears the setting. --notify-while-over-not-expired=[<recurrence>] Sends notication on the specied recurrence while over the soft threshold limit but before the grace period has expired. Specify <recurrence> in natural-language format, such as "every Tuesday at 3:00". An empty argument clears the setting. Note: This condition is only valid with --notify-for-soft-threshold.
220
<Notify_Actions> Species the type of notication to send for the given notify condition. The following actions are valid: --notify-alert Noties by generating a system alert. --notify-email-to=<email> Noties by emailing the specied email address. --notify-email-to-owner Noties by emailing the owner of the quota domain. Examples The following command generates a system alert at 11:00am every day that newUser's usage exceeds 10 gigabytes and another system alert at 1:00pm if newUser's usage exceeds 10 gigabytes for over 10 minutes: isi quota create --path=/ifs/home --specific-user=newUser --verbose --enforcement --soft-threshold=10GB --soft-grace=10m --notify-for-soft-threshold --notify-while-expired="every day at 13:00" --notify-while-over-not-expired="every day at 11:00" --notify-alert If --verbose is specied, the system displays output similar to the following example: Creating the following quota domains: user:newUser1@snaps=no@/ifs/home Executing the following actions on each quota domain: [enforcement] [soft_threshold] ( 10G) [soft_grace] (10 m) [notify_for_soft_threshold] [notify_while_expired] (every day at 13:00) [notify_while_over_not_expired] (every day at 11:00) [notify_alert] Pretending to create: user:newUser1@snaps=no@/ifs/home Creating: user:newUser1@snaps=no@/ifs/home OK OK
The following command creates a default group domain that uses the same settings as the existing default user domain: isi quota create --default-group --path=/ifs/home --clone-from --default-user
221
OneFS Command Reference Options If no options are specied, all existing quota domains are deleted. --pretend Does not actually delete the domains. --force, -f Skips the warning that displays how many quota domains will be deleted. --verbose, -v Displays a list of domains deleted by this command, and status of save. --path=<ifs-directory> Deletes domain set for this path. --directory Deletes quota domain for all les in the directory. --specic-user=<user>, -u<user> Deletes a quota domain governing only les owned by a specic user in the directory. --specic-group=<group>, -g<group> Deletes a quota domain governing only les owned by a specic group in the directory. --default-user Deletes default user quota domain. User-specic quota domains are automatically added and removed as needed for each user who has les in the directory. --default-group Deletes default group quota domain. User-specic quota domains are automatically added and removed as needed for each group that has les in the directory. Examples The following command deletes a quota domain with the path /ifs/home/newUser. isi quota delete --path=/ifs/home/newUser The system displays output similar to the following example: Deleting the following quota domains: directory@snaps=no@/ifs/home/newUser !! 1 quota domain will be deleted. !! Are you sure you want to continue with the delete operation? (yes, !! [no]) If yes is entered, the system displays output similar to the following example: Deleting: directory@snaps=no@/ifs/home/newUser OK
222
--from-le=<le> Species a SmartQuotas v2 report le to import domains from. This report can be generated using the isi quota list --export command. --convert-from-v1 Imports domains from the SmartQuotas v1 conguration le. --pretend Imports and displays a list of the quota domains, but does not save any changes. --force Forces conicting imported domains to overwrite existing domains. --verbose, -v Displays each imported domain and all errors. Examples The following command imports domains from a SmartQuotas v2 report le called sqv2domains.xml. isi quota import --from-file=/ifs/home/imports/sqv2domains.xml
223
OneFS Command Reference Options If no options are specied, all quotas are displayed in default format. --verbose Displays detailed information on every quota domain. --export Displays domains in xml format suitable for import. --show-with-overhead Displays the total usage including overhead. --show-with-no-overhead Displays the total usage excluding overhead. --path=<ifs-directory> Displays the quota domain for the specied path. --directory Displays the quota domain for all les in the directory. --specic-user=<user>, -u<user> Displays quota domain governing les owned by a specic user in the directory. --specic-group=<group>, -g<group> Displays quota domain governing les owned by a specic group in the directory. --default-user Displays the default user quota domain. --default-group Displays the default group quota domain. --snaps=<boolean> Displays either quota domains using snapshot or ones that do not. --governs-user=<user> Displays quota domains governing les owned by the specied user. Does not include --directory quota domains. --governs-group=<group> Displays quota domains governing les owned by the specied group. Does not include --directory quota domains. --recourse-path=<ifs-directory> Displays quota domains dened on the specied path or any subdirectories. --recourse-path-up=ifs-directory, --governs-path=ifs-directory Displays quota domains dened on the specied path or any parent directories. --has-thresholds Displays quota domains with threshold limits dened. --has-<values>-threshold Displays quota domains with specied threshold limit. The following values are valid : hard soft advisory
224
--is-threshold-exceeded Displays quota domains that have exceeded their threshold usage. --is-<value>-threshold-exceeded Displays quota domains that have exceeded their specied threshold usage. The following values are valid: hard soft advisory
--is-[not-]expired Displays either quota domains with expired grace periods or domains whose grace periods have not expired yet. --is-[not-]linked Displays either quota domains that are linked to a default quota domain or ones that are not. --with-[no-]overhead Displays either quota domains whose threshold values include le data overhead or ones that do not. Examples To view all quotas, run the following command: isi quota list The system displays output similar to the following example: Type -------------------directory directory directory Path ---------------------/ifs/home/newUser4 /ifs/home/newUser3 /ifs/home/newUser2 Snap Hard Soft Advr Usage ----- ----- ----- ---- ----no N/A 10G N/A ~159B no N/A 10K N/A 72K no 11G N/A N/A 72K
To view only quotas with soft thresholds, run the following command: isi quota list --has-soft-threshold The system displays output similar to the following example: Type -------------------directory directory Path ---------------------/ifs/home/newUser4 /ifs/home/newUser3 Snap Hard Soft Advr Usage ----- ----- ----- ----- ---no N/A 10G N/A ~159B no N/A 10K N/A 72K
To view detailed information on all quotas, run the following command: isi quota list --verbose The system displays output similar to the following example: Type Path Policy Snap Usage ---------- ------------------------------------- ----------- ----- -------directory /ifs/home/newUser4 enforcement no ~159B [soft-threshold] ( 10G, 1 w) [notify-on-denied-write-once-per] (1 w, send alert) [soft-threshold-exceeded] (no) [soft-threshold-expired] (no) [usage-with-no-overhead] ( 159B) [usage-with-overhead] ( 34K)
225
[usage-inode-count] (1) directory /ifs/home/newUser3 enforcement [soft-threshold] ( 10K, 1 w) [notify-on-denied-write-once-per] (1 w, send alert) [soft-threshold-exceeded] (yes, exceeded 05/05 11:44) [soft-threshold-expired] (no, will expire 05/12 11:44) [usage-with-no-overhead] ( 72K) [usage-with-overhead] ( 232K) [usage-inode-count] (10) directory /ifs/home/newUser2 enforcement [hard-threshold] ( 11G) [hard-threshold-exceeded] (no) [usage-with-no-overhead] ( 72K) [usage-with-overhead] ( 232K) [usage-inode-count] (10)
no
72K
no
72K
226
--governs-user --governs-group --recurse-path --recurse-path-up --has-thresholds --has-<value>-threshold --is-threshold-exceeded --is-<value>-threshold-exceeded --is-[not-]expired --is-[not-]linked --with-[no-]overhead
Specify one or more modication using the following parameters (some parameters might require other parameters to be specied also): --clone-from --link-to-default --unlink-from-default --clear-thresholds --clear-<value>-threshold --container --include-[no-]overhead --enforcement --<value>-threshold --soft-threshold --soft-grace --accounting --restore-notify-to-global-defaults --reset-notify-state --clear-notify-<value>-threshold --notify-for-<value>-threshold Does not actually modify the domains. --force Allows multiple domains to be changed. --verbose, -v Displays a list of the modied domains, actions performed and status of save. --path=<ifs-directory> Targets the specied path for the domain set. --directory Targets the quota domain for all les in the directory. --specic-user=<user>, -u<user> Targets quota domain governing only les owned by a specic user in the directory. --specic-group=<group>, -g<group> Targets quota domain governing only les owned by a specic group in the directory. --default-user Targets a default user quota domain. --default-group Targets a default group quota domain.
--pretend
227
--snaps=<boolean> Targets either quota domains using snapshot or ones that do not. Note: You cannot add snapshot tracking to an existing quota domain. You must create a new one using this option. Quota domains with snapshot tracking can exist alongside domains without snapshot tracking on the same path. --governs-user=<user> Targets quota domains governing les owned by the specied user. Does not include --directory quota domains. --governs-group=<group> Targets quota domains governing les owned by the specied group. Does not include --directory quota domains. --recurse-path=<ifs-directory> Targets quota domains dened on the specied path or any subdirectories. --recurse-path-up=ifs-directory, --governs-path=ifs-directory Targets quota domains dened on the specied path or any parent directories. --has-thresholds Targets quota domains with threshold limits dened. --has-<value>-threshold Targets quota domains with specied threshold limit. The following values are valid: hard soft advisory
--is-threshold-exceeded Targets quota domains that have exceeded their threshold usage. --is-<value>-threshold-exceeded Targets quota domains that have exceeded their specied threshold usage. The following values are valid: hard soft advisory
--is-[not-]expired Targets either quota domains with expired grace periods or domains whose grace periods have not expired yet. --is-[not-]linked Targets either quota domains that are linked to a default quota domain or ones that are not. --with-[no-]overhead Targets either quota domains whose threshold values include le data overhead or ones that do not. --unlink-from-default Unlinks a user or quota domain from its default quota domain for manual management instead of automatic management. --clear-thresholds Removes all threshold limits from the specied quota domains.
228
--clear-<value>-threshold Remove specic threshold limits from the specied quota domains. The following values are valid: hard soft advisory
--include-[no-]overhead Species whether or not threshold limits include le data overhead. container=<boolean> Displays usage information for this quota domain as a separate volume from the network share that it is on. --clone-from <Filter> Sets quota domain to the same settings as the specied quota domain. Specify <Filter> as one or more quota identication parameters such as --path, --specic-group and --default-user. Filters must match only one quota domain in order to be valid. --<value>-threshold=<capacity> Species hard or advisory threshold limits for the given quota domain. Valid <values> are hard and advisory. Specify<capacity> in form <real>[k|m|g|t|p][b] where kb, mb, gb, tb, and pb stand for kilobytes, megabytes, gigabytes, terabytes, and petabytes, respectively. These sufxes are not case sensitive, and the 'b' is always optional. A sufx of 'b', or no sufx, indicates bytes. --soft-threshold=<capacity>, --soft-grace=duration Species soft threshold limit and grace period for the given quota domain. These two options must be used together. Specify <capacity> in form <real>[k|m|g|t|p][b] where kb, mb, gb, tb, and pb stand for kilobytes, megabytes, gigabytes, terabytes, and petabytes, respectively. These sufxes are not case sensitive, and the 'b' is always optional. A sufx of 'b', or no sufx, indicates bytes. --enforcement, --accounting Specify whether or not a given quota domain will enforce usage limits. These two options are mutually exclusive. --link-to-default Restores the default quota link on a previously unlinked domain. --restore-notify-to-global-defaults Clear a quota domain's notication rules and restore it to the global default rules. --reset-notify-state Resets recorded threshold violation times for the specied quota domains. --clear-notify-<value>-threshold <notify_conditions> <notify_actions> Clears the specied threshold limits for a given quota domain. The following values are valid: hard soft advisory
--notify-for-<value>-threshold <notify_conditions> <notify_actions> Set notication for threshold violations of the specied type for a given quota domain. The following values are valid: hard
229
soft advisory
<Notify_Conditions> Species notication conditions for the --notify-for option. The following conditions are valid: --notify-on-denied-write-once-per=<duration> Sends notication for each time a le write is denied on a full quota, but don't notify more than once in the specied duration. Specify <duration> in form: <integer>[m|h|d|w] where m, h, d, and w stand for minutes, hours, days and weeks, respectively. If a sufx is not specied, the duration is in seconds. --notify-on-threshold-exceeded-once-per=<duration> Sends notication for each threshold violation on a quota, but does not notify more than once in the specied duration. Specify <duration> in form: <integer>[m|h|d|w] where m, h, d, and w stand for minutes, hours, days and weeks, respectively. If a sufx is not specied, the duration is in seconds. --notify-while-expired=[<recurrence>] Sends notication on the specied recurrence while over the soft threshold limit and once the grace period has expired. When specifying recurrence values, an empty argument clears the setting. Specify <recurrence> in natural-language format, such as "every Tuesday at 3:00". --notify-while-over=[<recurrence>] Sends notication on the specied recurrence while over the threshold limit. When specifying recurrence values, an empty argument clears the setting. Specify <recurrence> in natural-language format, such as "every Tuesday at 3:00". --notify-while-over-not-expired=[<recurrence>] Sends notication on the specied recurrence while over the soft threshold limit but before the grace period has expired. When specifying recurrence values, an empty argument clears the setting. Specify <recurrence> in natural-language format, such as "every Tuesday at 3:00". <Notify_Actions> Species notication actions for the --clear-notify and --notify-for options. The following actions are valid: --clear-notify-action Clear all existing notication actions. This option is an alternative to other notication actions and cannot be used in combination with them. --notify-alert Noties by generating a system alert. --notify-email-to=<email> Noties by emailing the specied email address. --notify-email-to-owner Noties by emailing the owner of the quota domain. Examples To clear all thresholds on existing quotas, run the following command: isi quota modify --has-thresholds --clear-thresholds The system displays output similar to the following example: !! This operation will modify 3 quota domains, Are you sure you wish !! to save these changes? (yes, [no])
230
If no is specied, the system displays output similar to the following example: !! modify command failed: Cancelled modify The following command sets the current quota settings for user "root" on /ifs/home/ to be the default settings for all users: isi quota modify --path=/ifs/home --default-user --clone-from --path=/ifs/home --specific-user=root
231
--on-demand-retain=<number> Species the number of on-demand reports to retain. Examples The following command generates reports at 4:00pm on Wednesdays, sends those reports to /ifs/home/reports, and keeps no more than 20 of those reports: isi quota reporting set --report-schedule="every Wednesday at 4:00pm" --report-retain=20 --report-dir=/ifs/home/reports The system displays output similar to the following example: Setting 'report_dir' to '/ifs/home/reports' Setting 'report_schedule' to 'every Tuesday at 4:00pm' Setting 'report_retain' to '20' Saving Quota Configuration
232
233
OneFS Command Reference Examples To remove all nodes from read-only mode, run the following command: isi readonly off --nodes=all
isi readonly on
The isi readonly on command sets nodes to read-only mode. Note: If read-only mode is currently disallowed for this node, it will remain read/write until read-only mode is allowed again. Syntax isi readonly on [--verbose] [--nodes=<Nodes>] Options If no options are specied, the local node is set to read-only mode. --verbose, -v Displays verbose output. --nodes=<Nodes>, -n<Nodes> Species nodes to apply read-only settings to. The following values are valid: all * <int> <int>-<int>
Multiple values can be specied in a comma-separated list. Examples To set all nodes to read-only mode, run the following command: isi readonly on --nodes=all If successful, the system displays output similar to the following example: Read-only changes committed successfully
234
OneFS Command Reference Options There are no options for this command. Examples To view current read-only settings for the cluster, run the following command: isi readonly show The system displays output similar to the following example: node ---1 2 3 mode -----------read/write read/write read-only status ---------------------------------------------user-ui
isi services
The isi services command displays a list of system services. Syntax isi services [-l] [-a] [<Service> {enable|disable}] Examples If no options are specied, displays all services whose states it is safe to change by using the <Service> {enable|disable} options. This is the same as specifying the -l option. -l Displays all services whose states it is safe to change by using the <Service> {enable|disable} options. -a Displays all services. <Service> {enable|disable} Enables or disables the specied <Service>.
! Caution: Do not change the states of services that are not displayed by the -l option unless
directed by Isilon support. Examples To disable SMB service, run the following command: isi services smb disable If successful, the system displays output similar to the following example: The service 'smb' has been disabled. To view a list of commands that can be safely disabled and enabled using the isi services command, run the following command: isi services
235
The system displays output similar to the following example: Available Services: apache2 isi_iscsi_d isi_migrate isi_sasphymon isi_smartquotas isi_upgrade_d isi_vc_d nbns ndmpd nfs pcnfsd smb smbtime snmpd sshd telnetd vsftpd Apache2 Web Server iSCSI target Daemon SyncIQ Service SAS PHY Monitor Daemon SmartQuotas Service Upgrade Daemon The Isilon for vCenter Job Daemon NetBIOS Name Service Network Data Management Protocol Daemon NFS Server PC NFS Server SMB Service Windows Time Service SNMP server Secure Shell Server Telnet Server VSFTPD server Enabled Enabled Enabled Enabled Enabled Disabled Disabled Disabled Disabled Enabled Disabled Enabled Enabled Enabled Enabled Disabled Disabled
isi set
The isi set command adjusts the protection policies of les, or explicitly restripes. Syntax Note: Optional parameters must be specied before the required argument <Path>. isi set [-f] [-F] [-v] [-R] {-r [-g <RestripeGoal>] | -n | -p <Policy> | -w <Width> |-c <value> | -e <Encoding> | {{-d <@r drives> | -a <value>}... | -l <value>} |--diskpool <value> | -A <value> | -P <value> | --strategy <value>}... <Path> Options You must specify exactly one action. Specify an action using one of the following parameters: -r -n -p -w -c -g -e -d -a -l --diskpool -A -P --strategy
236
-f Suppresses warnings on failures to change a le. -F Does not display warning messages related to manual protection and access. Also, does not skip the /ifs/.ifsvar directory content and any of its subdirectories (if included in specied <Path>). -v Displays each le as it is reached. -R Applies the actions specied by other options to all subdirectories and les on the specied path. -r Executes a restripe. -g <RestripeGoal> Species the restripe goal. The following values are valid: rebalance repair reprotect retune
The default is rebalance. -n Displays the list of les that would be changed without taking any action. [-p <Policy>] Species protection policies. The following forms are valid: +<M> Where M is the number of node failures that can be tolerated without loss of data. M must be a number between one and four. In this case, the number of drive failures that can be tolerated is the same as the number of node failures that can be tolerated. +<D>:<M> Where D is the number of drive failures and M is the number of node failures that can be tolerated without loss of data. D must be a number between one and four and M can be either 0 or any value that divides into D evenly. <N>x Where N is the number of independent copies of the data are stored. N must be a number between one and eight.
-w <Width> Species the number of nodes across which a le is striped. Typically, this number is equal to the number of node failures that can be tolerated without loss of data plus the number of independent copies of the data that will be stored (w = N + M). However, width can also be equal to the total number of nodes that are used. Note: The maximum width policy is 32, but the actual protection will still be subject to the limitations of how many independent copies are stored and how many node failures can be tolerated. -c <value> Species whether SmartCache is enabled (also known as write coalescing). Valid values are on and off.
237
Note: Enabling SmartCache can accelerate the process of writing content to the cluster, but can also lead to data loss if a node loses power or crashes while uncommitted data is in the write cache. -e <Encoding> Species the encoding of lenames. The following table lists the possible encodings and their respective valid values: Valid Value cp932 cp949 cp1252 euc-kr euc-jp euc-jp-ms utf-8-mac utf-8 iso-8859-1 iso-8859-2 iso-8859-3 iso-8859-4 iso-8859-5 iso-8859-6 iso-8859-7 iso-8859-8 iso-8859-9 iso-8859-10 iso-8859-13 iso-8859-14 iso-8859-15 iso-8859-16 Encoding Windows-SJIS Windows-949 Windows-1252 EUC-KR EUC-JP EUC-JP-MS UTF-8-MAC UTF-8 ISO-8859-1 (Latin-1) ISO-8859-2 (Latin-2) ISO-8859-3 (Latin-3) ISO-8859-4 (Latin-4) ISO-8859-5 (Cyrillic) ISO-8859-6 (Arabic) ISO-8859-7 (Greek) ISO-8859-8 (Hebrew) ISO-8859-9 (Latin-5) ISO-8859-10 (Latin-6) ISO-8859-13 (Latin-7) ISO-8859-14 (Latin-8) ISO-8859-15 (Latin-9) ISO-8859-16 (Latin-10)
-d <@r drives> Species the minimum number of drives that the le is spread across. -a <value> Species what prefetch is optimized for. The following are valid values: default disabled random
238
The prefetch optimizations custom1-5 can be set using sysctl isi.access. -l <value> Species what the le layout system is optimized for. This is equivalent to setting both the -a and -d options. The following are valid values: concurrency: Same as -a=default -d=0 random: Same as -a=random -d=0 streaming: Same as -a=streaming -d=15
--diskpool <value> Sets the le's preferred diskpool. -A <value> Determines whether the le manages its access settings manually or inherits values from the applicable pool policy. Valid values are on and off. -P <value> Determines whether the le manages its protection settings manually or inherits values from the applicable pool policy. Valid values are on and off. --strategy <value> Sets the le's solid-state drive (SSD) strategy. The following values are valid: avoid SSD storage is not used in storing les' data and metadata, unless avoiding SSD storage would cause an out of space condition. data If possible, SSD storage is used in storing les' metadata and user data (one copy if using mirrored protection, all blocks if using FEC). metadata If possible, one mirror of les' metadata is laid out on SSD storage, but SSD storage is still not used for user data. <Path> Required. Species either the le path or directory to perform changes on. Examples The following command sets that 2 node failures can happen before there is a loss of data on /ifs/data and all of its les and subdirectories: isi set -R -v -p +2 /ifs/data The system displays output similar to the following example: /ifs/data /ifs/data/new/ubuntu-11.04-desktop-i386.iso
239
/ifs/data/Isilon_Support/SupportIQ/upload/alerts /ifs/data/Isilon_Support/SupportIQ/upload/ftp /ifs/data/Isilon_Support/SupportIQ/upload/ftp-keep /ifs/data/Isilon_Support/SupportIQ/upload/tmp /ifs/data/Isilon_Support/SupportIQ/upload/web /ifs/data/Isilon_Support/SupportIQ/upload /ifs/data/Isilon_Support/SupportIQ /ifs/data/Isilon_Support /ifs/data/new The following command optimizes prefetch for streaming in /ifs/data/ and all of its les and subdirectories: isi set -R -v -a streaming /ifs/data The following command enables SmartCache for /ifs/data/ and all of its les and subdirectories: isi set -R -c on /ifs/data/
isi smartlock
The isi smartlock command is an alias of the isi worm command. For information about a particular sub-command, see the equivalent isi worm sub-command reference topic.
240
OneFS Command Reference Examples The following command displays both statistics on the les that would be processed and the conguration settings that would be applied to /ifs/home without actually making the changes. isi smartpools process --path=/ifs/home/ -n -v The system displays output similar to the following example: Processing file /ifs/home Protection Level is DiskPool minimum Layout policy is concurrent access coalescer_enabled is true data_affinity is 3 data SSD strategy is metadata snapshot_affinity is 3 snapshot SSD strategy is metadata New File Attributes Protection Level is DiskPool minimum Layout policy is concurrent access coalescer_enabled is true data_affinity is 3 data SSD strategy is metadata snapshot_affinity is 3 snapshot SSD strategy is metadata {'default' : {'Policy Number': -2, 'Files matched': {'head':0, 'snapshot': 0}, 'Directories matched': {'head':1, 'snapshot': 0}, 'ADS containers matched': {'head':0, 'snapshot': 0}, 'ADS streams matched': {'head':0, 'snapshot': 0}, 'Access changes skipped': 0, 'Protection changes skipped': 0, 'File creation templates matched': 1, 'File data placed on HDDs': {'head':0, 'snapshot': 0}, 'File data placed on SSDs': {'head':0, 'snapshot': 0}}, 'system': {'Policy Number': -1, 'Files matched': {'head':0, 'snapshot': 0}, 'Directories matched': {'head':0, 'snapshot': 0}, 'ADS containers matched': {'head':0, 'snapshot': 0}, 'ADS streams matched': {'head':0, 'snapshot': 0}, 'Access changes skipped': 0, 'Protection changes skipped': 0, 'File creation templates matched': 0, 'File data placed on HDDs': {'head':0, 'snapshot': 0}, 'File data placed on SSDs': {'head':0, 'snapshot': 0}}, }
241
OneFS Command Reference [--dot-snap-visible-root] [--enable-security-signatures] [--guest-user] [--host-acl] [--onefs-cpu-multiplier] [--onefs-num-workers] [--require-security-signatures] [--security-mode] [--server-string] [--smb2-client-credit-limit] [--smb2-client-credit-start] [--smb2-global-credit-limit] [--srv-cpu-multiplier] [--srv-num-workers] [--support-smb2] [--verbose] Options If no options are specied, all parameters are displayed. --audit-leshare Displays control settings for logging of leshare audit events. --audit-global-sacl-failure Displays the global SACL controlling SMB le auditing. --audit-global-sacl-success Displays the global SACL controlling SMB le auditing. --audit-logon Displays controls for logging of logon audit events. --dot-snap-accessible-child Displays whether .snapshot directory is accessible in subdirectories under the root of the share. --dot-snap-accessible-root Displays whether the .snapshot directory is accessible at the root of the share. --dot-snap-visible-child Displays whether .snapshot directory is visible in subdirectories under the root of the share. --dot-snap-visible-root Displays whether .snapshot directory is visible at the root of the share. --enable-security-signatures Displays whether all packets are signed. --guest-user Displays the user that guest access is done by. The username should belong to a fully qualied user. --host-acl Host based access. --onefs-cpu-multiplier Displays the number of OneFS worker threads congured based on the number of CPUs. --onefs-num-workers Displays the number of OneFS worker threads that are allowed to be congured. If set to 0, the number of OneFS workers will be OnefsCpuMultiplier * Num of CPUs. --require-security-signatures Displays whether packets are packets are required to be signed. --security-mode Displays whether anonymous access is allowed or if users are required to be authenticated. --server-string Displays a description of the server. --smb2-client-credit-limit Displays the maximum number of credits granted to a single SMB2 client.
242
--smb2-client-credit-start Displays the maximum initial number of credits granted to a single SMB client. Note: This limit can increase up to the number specied by the --smb2-client-credit-limit parameter. --smb2-global-credit-limit Displays the maximum number of credits granted to all SMB2 clients. --srv-cpu-multiplier Displays whether the number of SRV worker threads is congured based on the number of CPUs. --srv-num-workers Displays the number of SRV worker threads. If set to 0, the number of SRV workers is equal to the <SrvCpuMultiplier> * Number of CPUs. --support-smb2 Displays whether SMB2 communication is allowed. --verbose, -v Displays explanations of parameters alongside their values. Examples To view all current global conguration parameter settings, run the following command: isi smb config global list The system displays output similar to the following example: audit-fileshare = none audit-global-sacl-failure = none audit-global-sacl-success = none audit-logon = all dot-snap-accessible-child = true dot-snap-accessible-root = true dot-snap-visible-child = false dot-snap-visible-root = true enable-security-signatures = false guest-user = nobody host-acl = onefs-cpu-multiplier = 1 onefs-num-workers = 0 require-security-signatures = false security-mode = user server-string = Isilon Server smb2-client-credit-limit = 128 smb2-client-credit-start = 16 smb2-global-credit-limit = 25000 srv-cpu-multiplier = 4 srv-num-workers = 0 support-smb2 = true To view explanations of global conguration parameters alongside their values, run the following command: isi smb config global list -v The system displays output similar to the following example: audit-fileshare = none (default: none) Controls logging of fileshare audit event. The acceptable values are all, success, failure, and none audit-global-sacl-failure = none (default: none) Global SACL controlling SMB
243
file auditing audit-global-sacl-success = none (default: none) Global SACL controlling SMB file auditing audit-logon = all (default: all) Controls logging of logon audit event. The acceptable values are all, success, failure, and none dot-snap-accessible-child = true (default: true) Allows .snapshot directory to be accessible in subdirectories under the root of the share dot-snap-accessible-root = true (default: true) Allows .snapshot directory to be accessible at the root of the share dot-snap-visible-child = false (default: false) Allows .snapshot directory to be visible in subdirectories under the root of the share dot-snap-visible-root = true (default: true) Allows .snapshot directory to be visible at the root of the share enable-security-signatures = false (default: false) Sign all packets guest-user = nobody (default: nobody) Guest access is done as this user. This should be a fully qualified user name host-acl = (default: ) Host based access onefs-cpu-multiplier = 1 (default: 1) Allow configuring the number of onefs worker threads based on the number of CPUs onefs-num-workers = 0 (default: 0) Allow configuring the number of onefs worker threads; If this is 0, the no: of onefs workers will be OnefsCpuMultiplier * Num of CPUs require-security-signatures = false (default: false) Require packets to be signed security-mode = user (default: anonymous) Allow anonymous access or require authenticate users server-string = Isilon Server (default: Isilon Server) Description of the server smb2-client-credit-limit = 128 (default: 128) Allow configuring the maximum number of credits granted to a single SMB2 client smb2-client-credit-start = 16 (default: 16) Allow configuring the maximum initial number of credits granted to a single SMB2 client smb2-global-credit-limit = 25000 (default: 25000) Allow configuring the maximum number of credits granted to all SMB2 clients srv-cpu-multiplier = 4 (default: 4) Allow configuring the number of SRV worker threads based on the number of CPUs srv-num-workers = 0 (default: 0) Allow configuring the number of SRV worker threads; If this is 0, the no: of SRV workers will be SrvCpuMultiplier * Num of CPUs support-smb2 = true (default: true) Allow SMB2 communication
244
OneFS Command Reference | --smb2-global-credit-limit=<number> | --srv-cpu-multiplier=<number> | --srv-num-workers=<number> | --support-smb2=<boolean>}... Options You must specify at least one global conguration. Specify one or more global congurations using the following options: --audit-leshare --audit-global-sacl-failure --audit-global-sacl-success --audit-logon --dot-snap-accessible-child --dot-snap-accessible-root --dot-snap-visible-child --dot-snap-visible-root --enable-security-signatures --guest-user --host-acl --onefs-cpu-multiplier --onefs-num-workers --require-security-signatures --security-mode --server-string --smb2-client-credit-limit --smb2-client-credit-start --smb2-global-credit-limit --srv-cpu-multiplier --srv-num-workers --support-smb2
--audit-leshare=<string> Determines which leshare audit events are logged. The following values are valid: all failure none success --audit-global-sacl-failure=<string> Determines the global SACL that controls SMB le auditing. --audit-global-sacl-success=<string> Determines the global SACL controlling SMB le auditing. --audit-logon=<string> Species which logon audit events are logged. The following values are valid: all failure none
245
success --dot-snap-accessible-child=<boolean> Determines whether the .snapshot directory is accessible in subdirectories under the root of the share. --dot-snap-accessible-root=<boolean> Determines whether the .snapshot directory is accessible at the root of the share. --dot-snap-visible-child=<boolean> Determines whether the .snapshot directory is visible in subdirectories under the root of the share. --dot-snap-visible-root=<boolean> Determines whether the .snapshot directory is visible at the root of the share. --enable-security-signatures=<boolean> Determines whether all packets are signed. --guest-user=<string> Species the user that guest access is done by. The username should belong to a fully qualied user. --host-acl=<string> Host based access. --onefs-cpu-multiplier=<number> Species the multiplier used to determine the number of OneFS worker threads congured based on the number of CPUs. --onefs-num-workers=<numbers> Determines the number of OneFS worker threads. If set to 0, the number of OneFS worker threads is equal to the number of CPUs times the onefs-cpu-multiplier --require-security-signatures=<boolean> Determines whether packets are required to be signed. --security-mode=<boolean> Determines whether anonymous access is allowed or if users are required to be authenticated. --server-string=<string> Species a description of the server. --smb2-client-credit-limit=<number> Determines the maximum number of credits granted to a single SMB2 client. Valid values are numbers between 1 and 1024. --smb2-client-credit-start=<number> Determines the initial maximum number of credits granted to a single SMB client. Valid values are numbers between 1 and 32. Note: The maximum number of credits granted to a single SMB client can increase up to the number specied by the --smb2-client-credit-limit parameter. --smb2-global-credit-limit=<number> Determines the maximum number of credits granted to all SMB2 clients. Valid values are numbers between 1 and 3200000. --srv-cpu-multiplier=<number> Species the multiplier used to determine the number of SRV worker threads based on the number of CPUs. --srv-num-workers=<number>
246
Determines the number of SRV worker threads. If set to 0, the number of SRV worker threads is equal to the number of CPUs times the srv-cpu-multiplier. --support-smb2=<boolean> Determines whether SMB2 communication is allowed. Examples The following command causes each SMB client to be given an initial maximum of 20 credits, and allows that maximum value to increase up to 100: isi smb config global modify --smb2-client-credit-start=20 --smb2-client-credit-limit=100
Options You must specify at least one global conguration. Specify one or more global congurations using the following options: --audit-leshare --audit-global-sacl-failure --audit-global-sacl-success --audit-logon --dot-snap-accessible-child --dot-snap-accessible-root --dot-snap-visible-child --dot-snap-visible-root --enable-security-signatures --guest-user --host-acl --onefs-cpu-multiplier --onefs-num-workers --require-security-signatures --security-mode --server-string --smb2-client-credit-limit --smb2-client-credit-start
247
--audit-leshare Reverts settings of controls for logging of leshare audit events back to the default settings. --audit-global-sacl-failure Reverts the global SACL that controls SMB le auditing back to the default SACL. --audit-global-sacl-success Reverts the global SACL controlling SMB le auditing back to the default SACL. --audit-logon Reverts settings of controls for logging of logon audit events back to the default settings. --dot-snap-accessible-child Reverts whether the .snapshot directory is accessible in subdirectories under the root of the share back to the default setting. --dot-snap-accessible-root Reverts whether the .snapshot directory is accessible at the root of the share back to the default setting. --dot-snap-visible-child Reverts whether the .snapshot directory is visible in subdirectories under the root of the share back to the default setting. --dot-snap-visible-root Reverts whether the .snapshot directory is visible at the root of the share back to the default setting. --enable-security-signatures Reverts whether all packets are signed back to the default setting. --guest-user Reverts the user that guest access is done by back to the original user. The username should belong to a fully qualied user. --host-acl Host based access. --onefs-cpu-multiplier Reverts the multiplier used to determine the number of OneFS worker threads congured based on the number of CPUs back to the default value. --onefs-num-workers Reverts the number of OneFS worker threads back to the default number. If set to 0, the number of OneFS worker threads is equal to the number of CPUs times the onefs-cpu-multiplier. --require-security-signatures Reverts whether packets are required to be signed back to the default setting. --security-mode Reverts whether anonymous access is allowed back to the default setting. --server-string Reverts the description of the server back to the default description. --smb2-client-credit-limit Reverts the maximum number of credits granted to a single SMB2 client back to the default value.
248
--smb2-client-credit-start Reverts the maximum initial number of credits granted to a single SMB client back to the default number. --smb2-global-credit-limit Reverts the maximum number of credits granted to all SMB2 clients back to the default value. --srv-cpu-multiplier Reverts the multiplier used to determine the number of SRV worker threads based on the number of CPUs back to the default number. --srv-num-workers Reverts the number of SRV worker threads back to the default number. If set to 0, the number of SRV worker threads is equal to the number of CPUs times the srv-cpu-multiplier. --support-smb2 Reverts whether SMB2 communication is allowed back to the default setting. Examples To revert the user that guest access is done by back to the original user, run the following command: isi smb config global revert --guest-user
249
--directory-create-mask Displays the mask bits that are applied during directory creation. --directory-create-mode Displays the mode bits that are applied during directory creation. --le-create-mask Displays the mask bits that are applied during le creation. --le-create-mode Displays the mode bits that are applied during le creation. --hide-dot-les Displays whether les that begin with a dot are hidden. --impersonate-guest Displays whether guest users are allowed to access a share. --impersonate-user Displays the user who all le access is performed as. --mangle-byte-start Displays the wchar_t starting point for automatic invalid byte mangling. --mangle-map Displays which wchar_t chars are arbitrarily mapped to other wchar_t chars. --ntfs-acl-support Displays whether ACLs are allowed to be stored and edited from SMB clients. --oplocks Displays whether oplock requests are responded to. If set to false, oplock requests are ignored. --strict-ush Displays whether ush requests are always honored. --strict-locking Displays whether byte range locks are able to contend against SMB I/O. --verbose Displays detailed information. Examples To view the settings of all global share conguration parameters isi smb config share list The system displays output similar to the following example: allow-delete-readonly = false allow-execute-always = false change-notify = all create-permissions = default acl directory-create-mask = 0700 directory-create-mode = 00 file-create-mask = 0700 file-create-mode = 0100 hide-dot-files = false impersonate-guest = never impersonate-user = mangle-byte-start = 0xed00 mangle-map = 0x01-0x1F:-1,0x22:-1,0x2A:-1,0x3A:-1,0x3C:-1,0x3E:-1,
250
0x3F:-1,0x5C:-1 ntfs-acl-support = true oplocks = true strict-flush = false strict-locking = false The following command displays for newShare that differ from the global settings: isi smb config share list --sharename=newShare The system displays output similar to the following example: allow-execute-always = true file-create-mode = 0400 oplocks = false
Options You must specify at least one share conguration parameter. Specify one or more conguration parameters using the following options: --sharename --allow-delete-readonly --allow-execute-always --change-notify --create-permissions --directory-create-mask --directory-create-mode --le-create-mask --le-create-mode --hide-dot-les --impersonate-guest --impersonate-user --mangle-byte-start --mangle-map --ntfs-acl-support --oplocks
251
--strict-ush --strict-locking
--sharename=<string>, -n<string> Modies parameter on specied share only. If not specied, the current default settings are modied. --allow-delete-readonly=<boolean> Determines whether read-only les are allowed to be deleted. --allow-execute-always=<boolean> Determines whether users that can read a le are allowed to execute the le. --change-notify=<string> Species the notify setting. The following values are valid: all norecurse: Only for les on the given directory, does not include subdirectories. none
The default setting is all. --create-permissions=<string> Species the current permissions applied to new le or directory creations. The following values are valid: "default acl": Uses default acl. "inherit mode bits": Uses default UNIX mode bits. "use create mask and mode": Overrides default with "--directory-create..." and "--le-create..." parameter settings.
The default setting is default acl. --directory-create-mask=<number> Species mask 1 bits that are applied during directory creation. The default value is 0700. --directory-create-mode=<number> Species mode 0 bits that are applied during directory creation. The default value is 00. --le-create-mask=<number> Species the mask bits that are applied during le creation. The default value is 0700. --le-create-mode=<number> Species the mode bits that are applied during le creation. The default value is 0100. --hide-dot-les=<boolean> Determines whether les that begin with a dot are hidden. --impersonate-guest=<string> Determines whether guest users are allowed to access a share. The following values are valid: "always": All users are logged in as the guest user. "bad user": Any unrecognized users are logged in as the guest user. "never": Any unrecognized users are rejected.
--impersonate-user=<string> Logs in all users as the specied user. This name should be a fully qualied user name. --mangle-byte-start=<number>
252
Species the starting point for automatic invalid byte mangling. Species the wchar_t starting point for automatic invalid byte mangling. --mangle-map=<string> Maps characters that are valid in OneFS but not SMB names. Specify in the form <ASCII_value_a>:<ASCII_value_b> (where a is mapped to b). --ntfs-acl-support=<boolean> Determines whether ACLs are allowed to be stored and edited from SMB clients. --oplocks=<boolean> Determines whether oplock requests are responded to. If set to false, oplock requests are ignored. --strict-ush=<boolean> Determines whether ush requests are always honored. --strict-locking=<boolean> Determines whether byte range locks are able to contend against SMB I/O. Examples The following command causes all oplock requests to be ignored on all shares, unless otherwise specied: isi smb config share modify --oplocks=false After the previous command is run, the following command allows oplock requests to be honored on newShare, while the other shares continue to ignore the requests: isi smb config share modify --share_name=newShare --oplocks=true The following command causes ush requests to always be honored on newShare: isi smb config share modify --share_name=newShare --strict-flush=true
Options You must specify at least one share conguration parameter. Specify one or more conguration parameters using the following options:
253
--change-notify --create-permissions --directory-create-mask --directory-create-mode --le-create-mask --le-create-mode --hide-dot-les --impersonate-guest --impersonate-user --mangle-byte-start --mangle-map --ntfs-acl-support --oplocks --strict-ush --strict-locking
--sharename=<string> Removes share-only parameter settings for specied share. If not specied, given default parameters are reverted back to their original settings. --allow-delete-readonly Reverts whether readonly les are allowed to be deleted back to the default setting. --allow-execute-always Reverts whether users that can read a le are allowed to execute the le back to the default setting. --change-notify Reverts notify setting back to the default setting. --create-permissions Reverts permissions applied to new le/directory creations back to the default setting. --directory-create-mask Reverts mask bits that are applied during directory creation back to the default setting. --directory-create-mode Reverts mode bits that are applied during directory creation back to the default setting. --le-create-mask Reverts the mask bits that are applied during le creation back to the default setting. --le-create-mode Reverts the mode bits that are applied during le creation back to the default setting. --hide-dot-les Reverts whether les that begin with a dot are hidden back to the default setting. --impersonate-guest Reverts whether guest users are allowed to access a share back to the default setting. --impersonate-user Reverts the user who all le access is performed as back to the default user. This name should be a fully qualied user name. --mangle-byte-start Reverts the wchar_t starting point for automatic invalid byte mangling back to the default starting point. --mangle-map
254
Reverts arbitrary maps between wchar_t chars back to the default maps. --ntfs-acl-support Reverts whether ACLs are allowed to be stored and edited from SMB clients back to the default setting. --oplocks Reverts whether oplock requests are responded to back to the default setting. --strict-ush Reverts whether ush requests are always honored back to the default setting. --strict-locking Reverts whether byte range locks are able to contend against SMB I/O back to the default setting. Examples To revert whether oplock requests are responded to back to the default setting on all shares, run the following command: isi smb configuration share revert --oplocks To revert whether ush requests are honored back to the default setting on all shares, run the following command: isi smb config share modify --share_name=newShare --strict-flush=true
255
Species the name of the le being displayed. Examples To view a list of open les, run the following command: isi smb file list The system displays output similar to the following example: File [1] ID Pathname Username Number of locks Permissions File [2] ID Pathname Username Number of locks Permissions File [3] ID Pathname Username Number of locks Permissions :37543 :C:\ifs :DESKTOP\root :0 :0x1 :37541 :C:\ifs\README.txt :DESKTOP\root :0 :0x1 :37527 :C:\ifs :DESKTOP\root :0 :0x1
256
OneFS Command Reference Examples To set the log level to debug, run the following command: isi smb log-level --set=debug
If you are creating a run-as-root permission, the --permission option is required and must be set to run-as-root. In that case, the --permission-type parameter does not apply, because run-as-root permissions do not have permission types. --sharename=<string>, -n<string> Required. Species the name of the share the new permission is being created on. --sid=<string>, -s<string> Species the SID of the account. This option cannot be used with the --account-name option. --account-name=<string>, -a<string> Species the name of the account. The name must belong to a user or group. This option cannot be used with the --sid option. --account-type=<Account_Type>, -t<Account_Type> Required only when using the --account-name option. Species the type of the account. The following values are valid: builtin group user
--permission-type=<Permission_Type>, -d<Permission_Type> Required. Species the type of permission. Valid values are allow and deny. Note: If the <Permission> is run-as-root, the --permission-type parameter does not apply and is not required. --permission=<Permission>, -p<Permission> Required. Species what abilities the permission grants. The following values are valid (specifying a value will include both the ability described and all abilities that appear earlier in the list): 1. read: Includes the ability to read les 2. change: Includes the ability to modify existing les
257
3. full: Includes the ability to create les 4. run-as-root: Grants complete permission on the share (overrides restrictions set by other users). Note: run-as-root permissions can only be created or deleted. They cannot be modied. Examples The following command grants a user named "newUser" read permissions on ifs: isi smb permission create --sharename=ifs --account-name=newUser --account-type=user --permission-type=allow --permission=read The following command denies a group named "newGroup" full permissions on ifs: isi smb permission create --sharename=ifs --account-name=newGroup --account-type=group --permission-type=deny --permission=full The following command grants complete permission on ifs to the user rootUser: isi smb permission create --sharename=ifs --account-name=rootUser --account-type=user -permission=run-as-root
If you are deleting a permission that is not a run-as-root permission, the --permission-type option is required and the --permission parameter is not required. This is because only one permission of each permission type can exist on a specic share for a specic user at a time. If you are deleting a run-as-root permission, the --permission option is required and must be set to run-as-root. In that case, the --permission-type parameter does not apply, because run-as-root permissions do not have permission types. --sharename=<string>, -n<string> Required. Species the name of the share the existing permission is being deleted on. --all Deletes all permissions on the given share. --account-name=<string>, -a<string>
258
Species the name of the account whose permission is being deleted. --account-type=<AccountType>, -t<AccountType> Required if specifying --account-name. Species the type of the account that the permission is being deleted on. The following values are valid: builtin group user
--sid=<string>, -s<string> Species SID of the account whose permission is being deleted. --permission-type=<PermissionType>, -d<PermissionType> Species the type of permission being deleted. Valid values are allow and deny. Note: If the <Permission> is run-as-root, the --permission-type parameter does not apply. --permission=<Permission>, -p<Permission> Species the permission being deleted. The following values are valid: Examples The following command deletes the allow read permission on ifs for newUser: isi smb permission delete --sharename=ifs --account-name=newUser --account-type=user --permission-type=allow --permission=read Note: The --permission parameter is present in this example, but is not required for this command to run. The following command deletes whatever deny permission exists on ifs for newUser: isi smb permission delete --sharename=ifs --account-name=newUser --account-type=user --permission-type=deny The following command deletes the run-as-root permission on ifs for newUser: isi smb permission delete --sharename=ifs --account-name=newUser --account-type=user --permission=run-as-root run-as-root full change read
259
OneFS Command Reference Options If no options are specied, all permissions are displayed. --sharename=<string>, -n<string> Displays list of permissions on specied share. Examples To view a list of existing permissions, run the following command: isi smb permission list The system displays output similar to the following example: SMB Share Permissions: Sharename: ifs Account newUser newGroup group
--sharename=<string>, -n<string> Required. Species the name of the share that the existing permission is being modied on. --account-name=<string>, -a<string> Species the name of the account whose permission is being modied. --sid=<string>, -s<string> Species SID of the account whose permission is being modied. --account-type=<account-type>, -t<account-type> Required if specifying --account-name. Species the type of the account that the permission is being modied for. The following values are valid: builtin group user
--permission-type=<permission-type>, -d<permission-type> Required. Species the type of the permission being modied. Valid values are allow and deny. --permission=<new_permission>, -p<new_permission>
260
Required. Species what abilities the permission grants. The following values are valid (specifying a value will include both the ability described and all abilities that appear earlier in the list): 1. read: Includes the ability to read les 2. change: Includes the ability to modify existing les 3. full: Includes the ability to create les Examples The following command changes the existing allow permission for "newUser" to allow "newUser" to read, modify and create les: isi smb permission modify --sharename=ifs --account-name=newUser --account-type=user --permission-type=allow --permission=full Note: In an existing permission, only the --permission parameter can be modied.
--computer-name=<ComputerName>, -C<ComputerName> Required. Species the machine to delete sessions on. --user-name=<UserName>, -U<UserName> Deletes session of this user (DOMAIN\username). --force, -f Forces delete of all sessions connected from the specied computer name. Examples The following command deletes a session for user DESKTOP\root on computer 192.168.7.201: isi smb session delete --computer-name=192.168.7.201 --user-name=DESKTOP\root The following command deletes all sessions on computer 192.168.7.201: isi smb session delete --computer-name=192.168.7.201 --force
261
262
The following values are valid: manual: Enables clients to cache all les manually. documents: Enables clients to cache documents automatically. programs: Enables clients to cache both documents and programs automatically. none: Disables all le caching.
The default value is manual. Examples The following command creates a new SMB share called "newShare" for the /ifs directory: isi smb share create --sharename=newShare --path=/ifs
263
isi smb share list --verbose The system displays output similar to the following example: SMB Shares: Name: Path: Comment: CSC policy: Name: Path: Comment: CSC policy: oldshare /ifs Isilon OneFS manual newshare /ifs/home none
--sharename=<string>, -n<string> Required. Species the name of the share to modify. --name=<string>, -e<string> Species a new name for the share. --path=<path>, -p<path> Species the full path of the directory to be shared. --comment=<string> Species a description of the share. --csc-policy=<csc-policy>, -C<csc-policy> Species the optional client side caching policy for the share. The following values are valid: manual documents programs none
264
OneFS Command Reference Examples The following command changes the name of the share from "oldName" to "newName" isi smb share modify --sharename=oldName --name=newName The following command changes the client side caching policy on "newShare" to "documents" isi smb share modify --sharename=newShare --csc-policy=documents
265
--expiration="<Date> [at <Time>]", -x"<Date> [at <Time>]" Species when the snapshot will expire. Specify <Date> in the following format: MM/DD/YYYY. Specify <Time> in the following format: HH:mm[{am|pm}]. The default time is 00:00. For example: --duration="01/01/2012 at 10:15am"
266
OneFS Command Reference Examples The following command creates a snapshot of the entire /ifs/ directory: isi snapshot create snapshot1 /ifs/ The following command creates a snapshot of the /ifs/data/ directory and keeps the snapshot for 3 days: isi snapshot create snapshot2 /ifs/data/ --expiration=3days The following command creates a snapshot of the /ifs/data/storage directory and deletes the snapshot at 12:00am on May 2, 2012: isi snapshot create newSnapshot3 /ifs/data/storage --duration="05/2/2012 at 12:00am"
Syntax
isi snapshot delete [--snapshot=]{<Name>|<ID>}... [--force] Options --snapshot={<Name>|<ID>} Required. Species the name or ID of the snapshot being deleted. This option can be specied multiple times. To view a list of existing snapshot IDs and names, run the following command: isi snapshot list -I. --force, -f Does not display the warning prompt for deleting snapshots. Examples The following command deletes a snapshot with an ID of 1: isi snapshot delete 1 The system displays output similar to the following example: Remove snapshot "1" ['yes', 'no'] ? Typing yes and pressing ENTER causes the system to display output similar to the following example: Snapshot(s) queued up for later deletion The following command deletes snapshot2 without the warning prompt: isi snapshot delete snapshot2 -f
267
The system displays output similar to the following example: Snapshot(s) queued up for later deletion
268
269
OneFS Command Reference Options --snapshot={<Name>|<ID>} Required. Species the name or ID of the snapshot to lock. --duration=<Number><Time>, -d<Number><Time> Species how long to keep the snapshot locked. The following values are vaild for <Time>: hour[s] day[s] week[s] month[s] year[s]
--expiration="<Date> [at <Time>]", -x"<Date> [at <Time>]" Species when the snapshot lock will expire. Specify <Date> in the following format: MM/DD/YYYY. Specify <Time> in the following format: HH:mm[{am|pm}]. The default time is 00:00. For example: --duration="01/01/2012 at 10:15am" --comment=<string>, -c<string> Species an optional comment string for this lock. Examples The following command locks snapshot1 for an hour: isi snapshot lock create snapshot1 --duration=1hour --comment=backupLock
270
--snapshot={<Name>|<ID>} Required. Species the name or ID of the snapshot that is locked. --lock=<ID> Required. Species the ID of the lock being modied. --duration=<Number><Time>, -d<Number><Time> Species how long to keep the snapshot locked. The following values are vaild for <Time>: hour[s] day[s] week[s]
271
month[s] year[s]
--expiration="<Date> [at <Time>]", -x"<Date> [at <Time>]" Species when the snapshot lock will expire. Specify <Date> in the following format: MM/DD/YYYY. Specify <Time> in the following format: HH:mm[{am|pm}]. The default time is 00:00. For example: --duration="01/01/2012 at 10:15am" Examples The following command causes lock 2 on snapshot1 to expire in 3 days: isi snapshot lock modify snapshot1 --lock=2 --expiration=3days
--snapshot={<Name>|<ID>} Required. Species the name or ID of the snapshot being modied. --name=<string>, -n<string> Changes the name of the snapshot to the one specied. --duration=<number><Time>, -d<number><Time> Species how long to keep a snapshot. The following values are vaild for <Time>: hour[s] day[s] week[s] month[s] year[s] Note: The duration period is in reference to the time that the command is run, not the time it was originally created. For example, if a snapshot is modied at 1:00pm and set to expire in 1 hour, the snapshot will be deleted at 2:00pm, regardless of when it was created. --expiration="<Date> [at <Time>]", -x"<Date> [at <Time>]" Species when the snapshot will expire. Specify <Date> in the following format: MM/DD/YYYY. Specify <Time> in the following format: HH:mm[{am|pm}]. The default time is 00:00.
272
For example: --duration="01/01/2012 at 10:15am" Examples The following command sets snapshot1 to be deleted at 9:00am on June 1st, 2012: isi snapshot modify snapshot1 --expiration="06/01/2012"
273
isi snapshot reserve 10 The system displays output similar to the following example: Snapshot reserve percentage: 0 -> 10
<Frequency> is optional and can take either of the following forms: at {<Hr>[:<Min>][{am|pm}]} every [<number>] {hours|minutes} [from {<Hr>[:<Min>][{am|pm}]} to {<Hr>[:<Min>][{am|pm}]}]
The default frequency is at 0:00. --pattern=<string>, -t<string> Required. Species the format string pattern for naming scheduled snapshots. The following variables are valid within the string: Valid Value %Y Denition Year
274
Valid Value %m %d %H %M
For example, a snapshot with a naming pattern of --pattern="Snapshot %Y" that is taken in 2011 is named "Snapshot 2011". --path=<AbsolutePath>, -p<AbsolutePath>) Required. Species the directories that are captured in snapshots created by this schedule policy. --duration=<Number><Time>, -d<Number><Time> Species how long to keep snapshots created by this schedule policy. The following values are valid for <Time>: hour[s] day[s] week[s] month[s] year[s] Note: The duration period is in reference to the time that the command is run, not the time it was originally created. For example, if a snapshot is modied at 1:00pm and set to expire in 1 hour, the snapshot will be deleted at 2:00pm, regardless of when it was created. --expiration="<Date> [at <Time>]", -x"<Date> [at <Time>]" Species when snapshots created by this schedule policy will expire. Specify <Date> in the following format: MM/DD/YYYY. Specify <Time> in the following format: HH:mm[{am|pm}]. The default time is 00:00. For example, --duration="01/01/2012 at 10:15am" --alias=<string>, -a<string> Species an alternate name for the schedule. Examples The following command takes a snapshot of /ifs/data every Wednesday at 6:30pm and labels each snapshot with the date: isi snapshot schedule create snapshotPolicy1 "every Wednesday at 6:30pm" "Taken on %d %m, %Y" /ifs/data The following command takes one snapshot every hour between the hours of 12:00am to 8:00pm on the 1st Saturday of every 3rd month, and deletes each update one year after it is taken: isi snapshot schedule create snapshotPolicy2 "the 1st Saturday every 3 month every hours from 12:00 to 20:00" "Taken at %H:%M on %d %m, %Y" /ifs/data --expiration=1year
275
276
Duration: never Pattern: Taken on %d %m, %Y Path: /ifs/data -------------------- snapshotPolicy2 -------------------Schedule Id: 2 How Often: the 1st Saturday every 3 month every hours from 12:00 to 20:00 Starting When: 2011-05-24 23:18 Duration: 1year Pattern: Taken at %H:%M on %d %m, %Y Path: /ifs/data
--schedule={<Name>|<ID>}, -s {<Name>|<ID>}
277
the {<number between 1 and 5>|last} <day of the week> every [<number between 1 and 12>] month the {<number between 1 and 23>|last} weekday every [<number between 1 and 12>] month the <number between 1 and 31>[st] every [<number between 1 and 12>[st]] month the last day every [<number between 1 and 12>[st]] month yearly on <month> {<number between 1 and 31>[st]}
<Frequency> is optional and can take either of the following forms: at {<Hr>[:<Min>][{am|pm}]} every [<Number>] {hours|minutes} [from {<Hr>[:<Min>][{am|pm}]} to {<Hr>[:<Min>][{am|pm}]}]
The default frequency is at 0:00. --pattern=<string>, -t<string> Species a new pattern for naming scheduled snapshots. The following variables are valid within the string: Valid Value %Y %m %d %H %M Denition Year Month Day Hour Minute
For example, a snapshot with a naming pattern of --pattern="Snapshot %Y" that is taken in 2011 is named "Snapshot 2011". --path=<AbsolutePath>, -p<AbsolutePath> Species the new directories to be captured in the snapshot. --duration=<Number><Time>, -d<Number><Time> Species how long to keep snapshots created by this schedule policy. The following values are valid for <Time>: hour[s] day[s] week[s] month[s] year[s] Note: The duration period is in reference to the time that the command is run, not the time it was originally created. For example, if a snapshot is modied at 1:00pm and set to expire in 1 hour, the snapshot will be deleted at 2:00pm, regardless of when it was created. --expiration="<Date> [at <Time>]", -x"<Date> [at <Time>]" Species when snapshots created by this schedule policy will expire. Specify <Date> in the following format: MM/DD/YYYY. Specify <Time> in the following format: HH:mm[{am|pm}]. The default time is 00:00. For example, --duration="01/01/2012 at 10:15am"
278
--alias=<string>, -a<string> Species a new alternate name for the snapshot schedule. Examples The following command causes snapshotPolicy1 to expire 1 hour after this command is run: isi snapshot schedule modify snapshotPolicy1 --expiration=1hour The following command causes snapshotPolicy1 to take a snapshot on the last day of every month: isi snapshot schedule modify snapshotPolicy1 --when="the last day every month"
279
If not specied, end date is set to 30 days after the start date. Examples The following command displays snapshots that are scheduled to be taken between July 1, 2011 and July 15, 2011: isi snapshot schedule todo --start-date=07/01/2011 --end-date=07/15/2011 The system displays output similar to the following example: snapshotPolicy3 snapshotPolicy3 snapshotPolicy3 snapshotPolicy3 snapshotPolicy3 snapshotPolicy1 snapshotPolicy3 snapshotPolicy3 snapshotPolicy3 snapshotPolicy3 snapshotPolicy3 snapshotPolicy3 snapshotPolicy3 snapshotPolicy1 snapshotPolicy3 snapshotPolicy3 Taken Taken Taken Taken Taken Taken Taken Taken Taken Taken Taken Taken Taken Taken Taken Taken on on on on on on on on on on on on on on on on 01 02 03 04 05 06 06 07 08 09 10 11 12 13 13 14 07, 07, 07, 07, 07, 07, 07, 07, 07, 07, 07, 07, 07, 07, 07, 07, 2011 2011 2011 2011 2011 2011 2011 2011 2011 2011 2011 2011 2011 2011 2011 2011 2011-07-01 2011-07-02 2011-07-03 2011-07-04 2011-07-05 2011-07-06 2011-07-06 2011-07-07 2011-07-08 2011-07-09 2011-07-10 2011-07-11 2011-07-12 2011-07-13 2011-07-13 2011-07-14 19:30 19:30 19:30 19:30 19:30 18:30 19:30 19:30 19:30 19:30 19:30 19:30 19:30 18:30 19:30 19:30
The following command displays all snapshots scheduled to be taken before January 1, 2011: isi snapshot schedule todo --end-date=01/01/2012
280
local_sub_accessible
To display multiple settings, specify this option multiple times within the same command. Examples To view a list of all snapshot settings, run the following command: isi snapshot settings list The system displays output similar to the following example: Setting Value -----------------------------------global_accessible_visible True nfs_root_accessible True nfs_root_visible True nfs_sub_accessible True cifs_root_accessible True cifs_root_visible True cifs_sub_accessible True local_root_accessible True local_root_visible True local_sub_accessible True
281
local_sub_accessible: If set to true, the subdirectories in the /ifs directory can be accessed locally. Note: Making the root directory visible may interfere with tree removal, and could affect folder deletion in Windows.
--value=<Value>, -v<Value> Required. Species a new value for this setting. Valid values are true or false. Examples To make the root directory of /ifs/.snapshot accessible from NFS, run the following command: isi snapshot settings set local_root_accessible false The system displays output similar to the following example: Setting nfs_root_accessible to false will also set the following: nfs_root_visible -> false nfs_sub_accessible -> false Do you wish to continue? (yes, [no]) If you type yes and press ENTER, the local root becomes invisible and the local sub to becomes inaccessible as well. The system displays output similar to the following example: nfs_root_accessible: true -> false nfs_root_visible: true -> false nfs_sub_accessible: true -> false
282
The system displays output similar to the following example: snapshot1 snapshot2 snapshot3 snapshot4 snapshot5 0 2.1M 904K 872K 0 3.8M 0.00% 0.00% 0.00% 0.00% 0.00%
) ) ) ) )
0.01% )
0.00% (T)
In this example, the second column displays the amount of le system space the snapshot is consuming, the third column displays the percentage of reserved space it is consuming, and the fourth displays the percentage of the total disk space it is consuming. The lowest row displays the totals of the columns.
isi snmp
The isi snmp command manages Simple Network Management Protocol (SNMP) settings. Syntax isi snmp {--syslocation=<string> | --syscontact=<string> | --protocols=<value> | --rocommunity=<string> | --v3-rouser=<string> | --v3-password=<string>}... Options You must specify at least one SNMP setting to modify. Specify an SNMP setting using the following options: --syslocation --syscontact --protocols --rocommunity --v3-rouser --v3-password
--syslocation=<string> Sets the system location eld (sysLocation.0) in the SNMP management information base (MIB). --syscontact=<string> Sets the system contact address eld (sysContact.0) in the SNMP MIB. --protocols=<value> Species SNMP protocols. The following values are valid: all v1/v2c v3 Note: v1 and v2 are controlled together and must be specied together as shown. --rocommunity=<string>, -c<string> Species the read only community name.
283
--v3-rouser=<string>, -u<string> Species the SNMP v3 read-only user. --v3-password=<string>, -p<string> Species the SNMP v3 auth password. Examples The following command sets the system location to East Datacenter: isi snmp --syslocation="East Datacenter" The system displays output similar to the following example: System location set to: "East Datacenter"
284
OneFS Command Reference [--protocols=<value>] [--classes=<string>] [--orderby=<string>] [--total] [--totalby=<value>] [--nooutput=<string>] [--output=<string>] [--long] [--zero] [--numeric] [--wide] Options If no options are specied, a single table with statistics on all classes is displayed. --csv, -c Displays data in a comma-separated value list. Note: --csv disables top-style display and dynamic unit conversion. When dynamic conversion is disabled, bytes are displayed in their long form without multipliers (for example, the full number of 1042.3 is displayed instead of rounding it to 1K). --csvstring=<string>, -C<string> Displays data in a list separated by the specied string. For example, to separate the data with single spaces, specify --csvstring=" ". Note: If specied, --csvstring overrides --csv and disables top-style display and dynamic unit conversion. When dynamic conversion is disabled, bytes are displayed in their long form without multipliers (for example, the full number of 1042.3 is displayed instead of rounding it to 1K). --noconversion Displays bytes in their long form without multipliers (for example, the full number of 1042.3 is displayed instead of rounding it to 1K). --noheader Does not display column headers. --top, -t Displays results in top-style display, where data is continuously overwritten in a single table. Note: If specied without the --repeat option, reports run indenitely. To stop reports while running indenitely, press Ctrl+C. --interval=<number>, -i<number> Displays reports at the specied interval. Specify in seconds. The default interval is 5 seconds. Note: If specied without the --repeat option, reports run indenitely. To stop reports while running indenitely, press Ctrl+C. --repeat=<number>, -r<number> Species how many times to run the report before quitting. Note: To run the report indenitely, specify -1. To stop reports while running indenitely, press Ctrl+C. --degraded, -d Causes report to continue if some nodes do not respond. --timeout=<number>, -o<number> Species number of seconds before remote commands timeout. --nodes=<value>, -n<value> Species which nodes to report statistics on. The following values are valid: all
285
Multiple values can be specied in a comma-separated list. --protocols=<value> Species on which protocols statistics are reported. The following values are valid: all ftp http irp iscsi jobd n1m nfs3 nfs4 siq smb1 smb2
Multiple values can be specied in a comma-separated list. The default setting is all protocols. --classes=<string> Specify which operation classes to report statistics on. The default setting is all classes. The following values are valid: all All classes create File, link, node, stream, and directory creation delete File, link, node, stream, and directory deletion file_state Open, close; locking: acquire, release, break, check; notication namespace_read Attribute, stat, and ACL reads; lookup, directory reading namespace_write Renames; attribute setting; permission, time, and ACL writes other File-system information, other operations that are not categorized read File and stream reading session_state Negotiation, inquiry, or manipulation of protocol connection or session state write File and stream writing
286
unimplemented Operations that are not implemented Multiple values can be specied in a comma-separated list. --orderby=<string> Species the value that rows are ordered by. The following values are valid: Class In InAvg InMax InMin LocalAddr LocalName Node NumOps Ops Out OutAvg OutMax OutMin Proto RemoteAddr RemoteName TimeAvg TimeMax TimeMin TimeStamp UserID UserName
The default setting is class. --total Groups and aggregates results as implied by specied ltering parameters. Filtering parameters include: --nodes, --protocols, --classes, --local_addr, --local_name, --remote_addr, --remote_name, --user_id, --user_name. --totalby=<value> Combines results according to specied elds. The following values are valid: Class Group LocalAddr LocalName Node Proto RemoteName UserId UserName
287
Note: --totalby overrides --total option, if specied. --nooutput=<string> Species which columns are not displayed. Columns are excluded from the list of currently active columns specied by the --output option or --long options, or from the default column list if it has not been overridden by other output options. The following values are valid: Class In InAvg InMax InMin LocalAddr LocalName Node NumOps Ops Out OutAvg OutMax OutMin Proto RemoteAddr RemoteName TimeAvg TimeMax TimeMin TimeStamp UserID UserName
--output=<string> Species which columns to display. The following values are valid: Class Displays the class of the operation. In Displays the rate of input for an operation since the last time the system collected the data. Displayed in bytes per second. InAvg Displays the average input (received) bytes for an operation since the last time the system collected the data. InMax Displays the maximum input (received) bytes for an operation since the last time the system collected the data. InMin
288
Displays the minimum input (received) bytes for an operation since the last time the system collected the data. LocalAddr Displays the IP address of the host receiving the operation request. Displayed in dotted-quad form. LocalName Displays the resolved text name of the LocalAddr, if resolution can be performed. Node Displays the node on which the operation was performed. NumOps Displays the number of times an operation has been performed since the last time the system collected the data. Ops Displays the rate at which an operation has been performed since the last time the system collected the data. Displayed in operations per second. Out Displays the rate of output for an operation since the last time the system collected the data. Displayed in bytes per second. OutAvg Displays the average output (sent) bytes for an operation since the last time the system collected the data. OutMax Displays the maximum output (sent) bytes for an operation since the last time the system collected the data. OutMin Displays the minimum output (sent) bytes for an operation since the last time the system collected the data. Proto Displays the protocol of the operation. RemoteAddr Displays the IP address of the host sending the operation request. Displayed in dotted-quad form. RemoteName Displays the resolved text name of the RemoteAddr, if resolution can be performed. TimeAvg Displays the average elapsed time taken to complete an operation since the last time the system collected the data. Displayed in microseconds. TimeMax Displays the maximum elapsed time taken to complete an operation since the last time the system collected the data. Displayed in microseconds. TimeMin Displays the minimum elapsed time taken to complete an operation since the last time the system collected the data. Displayed in microseconds. TimeStamp Displays the time at which the isi statistics tool last gathered data. Displayed in POSIX time (number of seconds elapsed since January 1, 1970). UserID
289
Displays the numeric UID of the user issuing the operation request or the unique logical unit number (LUN) identier in the case of the iSCSI protocol. UserName Displays the resolved text name of the UserID, or the target and LUN in the case of the iSCSI protocol. In either case, if resolution cannot be performed, UNKNOWN is displayed. Multiple values can be specied in a comma-separated list. --long Displays all possible columns. --zero Displays rows with no values that are otherwise hidden. --local_addrs=<number> Species local IP addresses for which statistics will be reported. --local-names=<string> Species local host names for which statistics will be reported. --remote_addrs=<number> Species remote IP addresses for which statistics will be reported. --remote_names=<string> Species remote client names for which statistics will be reported. --user_ids=<number> Species user ids for which statistics will be reported. The default setting is all users. --user_names=<string> Species user names for which statistics will be reported. The default setting is all users. --numeric Does not attempt to resolve numeric IDs to text for local hosts, remote clients, and users. Only displays numeric equivalents. --wide Displays results in wide format without truncations. Examples The following command runs a report every 2 seconds for 6 seconds, and organizes the results by class: isi statistics client --orderby=Class --repeat=3 --interval=2 The system displays output similar to the following example: Ops In Out TimeAvg Node Proto Class UserName LocalName N/s B/s B/s us 0.4 148.2 0.0 7384608.0 1 http write UNKNOWN 10.51.115.42 0.2 142.6 4.7 1157782.0 2.4 230.4 0.0 1232041.0 2.8 36M 3.2 2586.3 2.0 32.0 38M 1328.1 1.2 28.8 0.0 2.5 1 2 1 2 3 http http siq siq siq read write other other other UNKNOWN 10.51.115.42 UNKNOWN 10.51.115.42 UNKNOWN UNKNOWN UNKNOWN UNKNOWN UNKNOWN UNKNOWN RemoteName 10.53.115.42 10.51.115.42 10.51.115.42 UNKNOWN UNKNOWN UNKNOWN
The following command runs a report that includes the User ID, Time Max, Time Min, and Out Avg, every 3 seconds for 9 seconds:
290
isi statistics client --output=UserName,TimeMax,TimeMin,OutAvg --repeat=3 --interval=2 The system displays output similar to the following example: UserName UNKNOWN UNKNOWN UNKNOWN UNKNOWN TimeMax us 115655 14821444 115655 14821444 TimeMin us 115655 1 115655 1 OutAvg B 234.0 0.0 234.0 0.0
The following command reports statistics on HTTP protocols, write and delete classes and includes the columns Class, Ops, In, Out, Proto and TimeAvg: isi statistics client --output=Ops,Out,In,Proto,TimeAvg --protocols=http,external --classes=read,write The system displays output similar to the following example: Ops N/s 0.2 0.4 Out B/s 46.8 0.0 In B/s 142.6 148.2 Proto http http TimeAvg us 113310.0 7408227.5
291
The system displays output similar to the following example: Stat key => Description node.sysfs.varcrash.bytes.avail => Available capacity filesystem in bytes node.sysfs.varcrash.bytes.free => Free capacity on the in bytes node.sysfs.varcrash.bytes.total => Total capacity on the in bytes node.sysfs.varcrash.bytes.used => Used capacity on the in bytes node.sysfs.varcrash.percent.avail => Available capacity filesystem as a percentage node.sysfs.varcrash.percent.free => Free capacity on the as a percentage node.sysfs.varcrash.percent.used => Used capacity on the as a percentage on the /var/crash /var/crash filesystem /var/crash filesystem /var/crash filesystem on the /var/crash /var/crash filesystem /var/crash filesystem
To view descriptions of statistics on the out per node cpu accounting that is not per core, run the following command: isi statistics describe --stats=node\*cpu\*avg The system displays output similar to the following example: Stat key node.cpu.idle.avg node.cpu.intr.avg node.cpu.nice.avg node.cpu.sys.avg node.cpu.user.avg => Description => Node average of idle CPU usage in tenths of a percent => Node average of interrupt CPU usage in tenths of a percent => Node average of nice CPU usage in tenths of a percent => Node average of system CPU usage in tenths of a percent => Node average of user CPU usage in tenths of a percent
292
their long form without multipliers (for example, the full number of 1042.3 is displayed instead of rounding it to 1K). --noconversion Displays bytes in their long form without multipliers (for example, the full number of 1042.3 is displayed instead of rounding it to 1K). --noheader Does not display column headers. --top, -t Displays results in top-style display, where data is continuously overwritten in a single table. Note: If specied without the --repeat option, reports run indenitely. To stop reports while running indenitely, press Ctrl+C. N o e t : --interval=<number>, -i<number> Displays reports at the specied interval. Specify in seconds. The default interval is 5 seconds. Note: If specied without the --repeat option, reports run indenitely. To stop reports while running indenitely, press Ctrl+C. --repeat=<number>, -r<number> Species how many times to run the report before quitting. Note: To run the report indenitely, specify -1. To stop reports while running indenitely, press Ctrl+C. --degraded, -d Causes report not to stop even if some nodes do not respond. --timeout=<number>, -o<number> Species number of seconds before remote commands timeout. --nodes=<value>, -n<value> Species which nodes to report statistics on. The following values are valid: all * <int> <int>-<int> local
Multiple values can be specied in a comma-separated list. The default node is the local node. --long Displays all possible columns. --timestamp Display a column containing the POSIX time stamp. --type=<value> Species the drive types for which statistics will be reported. The following values are valid:
293
The default setting is all drives. --orderby=<string> Species how rows are ordered. The following values are valid: Examples The following command runs a report on node 2 every 3 seconds for 9 seconds and orders the results by Bytes In: isi statistics drive --repeat=3 --interval=3 --orderby=bytesIN --nodes=2 The system displays output similar to the following example: Drive Type OpsIn BytesIn OpsOut BytesOut TimeAvg TimeInQ Queued Busy LNN:bay N/s B/s N/s B/s ms ms % 2:1 SATA 4.2 37K 0.0 0.0 0.2 0.0 0.0 0.0 2:7 SATA 1.8 11K 0.0 0.0 0.5 0.0 0.0 0.0 2:4 SATA 1.6 9.0K 0.0 0.0 0.6 0.0 0.0 0.0 2:8 SATA 1.6 9.0K 0.0 0.0 0.4 0.0 0.0 0.0 2:3 SATA 0.4 3.4K 0.0 0.0 0.1 0.0 0.0 0.0 2:11 SATA 0.2 1.6K 0.0 0.0 0.1 0.0 0.0 0.0 2:2 SATA 0.0 0.0 0.0 0.0 0.6 0.0 0.0 0.0 2:5 SATA 0.0 0.0 0.0 0.0 0.1 0.0 0.0 0.0 2:6 SATA 0.0 0.0 0.0 0.0 0.8 0.0 0.0 0.0 2:9 SATA 0.0 0.0 0.0 0.0 0.1 0.0 0.0 0.0 2:10 SATA 0.0 0.0 0.0 0.0 0.8 0.0 0.0 0.0 2:12 SATA 0.0 0.0 0.0 0.0 0.7 0.0 0.0 0.0 2:1 2:4 2:7 2:8 2:2 2:9 2:11 2:12 2:3 2:5 SATA SATA SATA SATA SATA SATA SATA SATA SATA SATA 0.8 0.8 0.8 0.8 0.2 0.2 0.2 0.2 0.0 0.0 6.6K 6.6K 6.6K 6.6K 1.6K 1.6K 1.6K 1.6K 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.2 0.6 0.5 0.4 0.6 0.1 0.1 0.7 0.1 0.1 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 Busy BytesIn BytesOut Drive Inodes OpsIn OpsOut Queued SizeIn SizeOut Slow TimeAvg TimeInQ Type Used
294
2:6 SATA 2:10 SATA 2:1 2:4 2:7 2:8 2:2 2:9 2:11 2:12 2:3 2:5 2:6 2:10 SATA SATA SATA SATA SATA SATA SATA SATA SATA SATA SATA SATA
0.0 0.0 0.8 0.8 0.8 0.8 0.2 0.2 0.2 0.2 0.0 0.0 0.0 0.0
0.0 0.0 6.6K 6.6K 6.6K 6.6K 1.6K 1.6K 1.6K 1.6K 0.0 0.0 0.0 0.0
0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0
0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0
0.8 0.8 0.2 0.6 0.5 0.4 0.6 0.1 0.1 0.7 0.1 0.1 0.8 0.8
0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0
0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0
0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0
Tho view a report in a comma-separated list, run the following command: isi statistics drive --csv The system displays output similar to the following example: Drive,Type,OpsIn,BytesIn,OpsOut,BytesOut,TimeAvg,TimeInQ,Queued,Busy LNN:bay,,N/s,B/s,N/s,B/s,ms,ms,,% 1:1,SATA,1.8,21299.2,0.0,0.0,0.1,0.0,0.0,0.0 1:2,SATA,0.4,614.4,0.0,0.0,0.1,0.0,0.0,0.0 1:3,SATA,0.0,0.0,0.0,0.0,0.3,0.0,0.0,0.0 1:4,SATA,0.4,2662.4,0.0,0.0,0.2,0.0,0.0,0.0 1:5,SATA,0.0,0.0,0.0,0.0,0.1,0.0,0.0,0.0 1:6,SATA,0.2,204.8,0.0,0.0,0.1,0.0,0.0,0.0 1:7,SATA,0.4,2662.4,0.0,0.0,0.2,0.0,0.0,0.0 1:8,SATA,1.0,10444.8,0.0,0.0,0.1,0.0,0.0,0.0 1:9,SATA,0.8,3276.8,0.0,0.0,0.1,0.0,0.0,0.0 1:10,SATA,0.6,4300.8,0.0,0.0,0.2,0.0,0.0,0.0 1:11,SATA,0.4,614.4,0.0,0.0,0.1,0.0,0.0,0.0 1:12,SATA,0.0,0.0,0.0,0.0,0.1,0.0,0.0,0.0
295
Note: --csv disables top-style display and dynamic unit conversion. When dynamic conversion is disabled, bytes are displayed in their long form without multipliers (for example, the full number of 1042.3 is displayed instead of rounding it to 1K). --csvstring=<string>, -C<string> Display data as csv-style separated list with specied string as separator. For example, to separate the data with single spaces, specify --csvstring=" ". Note: --csvstring overrides --csv, if specied, and disables top-style display and dynamic unit conversion. When dynamic conversion is disabled, bytes are displayed in their long form without multipliers (for example, the full number of 1042.3 is displayed instead of rounding it to 1K). --noconversion Displays bytes in their long form without multipliers (for example: the full number of 1042.3 is displayed instead of rounding it to 1K). --noheader Does not display column headers. --top, -t Displays results in top-style display, where data is continuously overwritten in a single table. Note: If specied without the --repeat option, reports run indenitely. To stop reports while running indenitely, press Ctrl+C. --interval=<number>, -i<number> Displays reports at the specied interval. Specify in seconds. The default interval is 5 seconds. Note: If specied without the --repeat option, reports run indenitely. To stop reports while running indenitely, press Ctrl+C. --repeat=<number>, -r<number> Species how many times to run the report before quitting. Note: To run the report indenitely, specify -1. To stop reports while running indenitely, press Ctrl+C. --degraded, -d Causes report not to stop even if some nodes do not respond. --timeout=<number>, -o<number> Species number of seconds before remote commands timeout. --nodes=<value>, -n<value> Species which nodes to report statistics on. The default value is all. The following values are valid: all * <int> <int>-<int> local
Multiple values can be specied in a comma-separated list. The default node is the local node. --events=<string> Species which event types for which information will be reported.
296
The following values are valid: blocked Access to the logical inode number (LIN) was blocked waiting for a resource to be released by another operation. These events are under the class other. contended An LIN is experiencing cross-node contention; it is being accessed simultaneously through multiple nodes. These events are under the class other. deadlocked The attempt to lock the LIN resulted in deadlock. These events are under the class other. link The LIN has been linked into the le system; the LIN associated with this event is the parent directory and not the linked LIN. These events are under the class namespace_write. lock The LIN was locked. These events are under the class other. lookup A name is looked up in a directory; the LIN for the directory searched is the one associated with the event. These events are under the class namespace_read. read A read was performed. These events are under the class read. rename A le or directory was renamed, the LIN associated with this event is the directory where the rename took place (either for the source directory or the destination directory if they differ). These events are under the class namespace_write. getattr A le or directory attribute has been read. These events are under the class namespace_read. setattr A le or directory attribute has been added, modied, or deleted. These events are under the class namespace_write. unlink A le or directory has been unlinked from the le system, the LIN associated with this event is the parent directory of the removed item. These events are under the class namespace_write. write A write was performed. These events are under the class write. --classes=<string> Species the classes on which information will be reported. The default setting is all classes. The following values are valid: create File, link, node, stream, and directory creation delete File, link, node, stream, and directory deletion file_state Open, close; locking: acquire, release, break, check; notication namespace_read Attribute, stat, and ACL reads; lookup, directory reading
297
namespace_write Renames; attribute setting; permission, time, and ACL writes other File-system information, other operations that are not categorized read File and stream reading session_state Negotiation, inquiry, or manipulation of protocol connection or session state write File and stream writing --orderby=<string> Species how rows are ordered. The following values are valid: Class Event LIN Node Ops Path TimeStamp
--totalby=<string> Combines results according specied elds. The following values are valid: Class Event LIN Node Ops Path TimeStamp
--maxpath=<number> Species the maximum path length to lookup in le system (in bytes). The default value is 1024. If you want there to be no maximum path length, specify -1. --pathdepth=<number> Reduces paths to specied depth. The default setting is unlimited. --limit=<number> Displays no more than the specied number of entry rows. --output=<string> Species which columns to display. The following values are valid: Class Displays the class of the operation. Event
298
Displays the name of the event. LIN Displays the LIN for the le or directory associated with the event. Node Displays the node on which the operation was performed. Ops Displays the rate at which an operation has been performed. Displayed in operations per second. Path Displays the path associated with the event LIN. TimeStamp Displays the time at which the isi statistics tool last gathered data. Displayed in POSIX time (number of seconds elapsed since January 1, 1970). --long Displays all possible columns. Examples The following command displays a report on node 2 with a maximum path depth of 2. isi statistics heat --nodes=2 --pathdepth=2 The system displays output similar to the following example: Ops N/s 3.2 2.8 2.8 2.6 1.7 1.5 1.2 1.2 1.2 0.8 0.8 0.6 0.6 0.6 0.5 0.4 0.4 0.4 0.4 0.3 0.3 0.2 0.2 0.2 0.2 0.2 0.2 0.2 0.2 0.2 0.2 0.2 Node 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 Event lock lookup lookup lock lookup lock getattr lock lock lock lookup getattr lock lock lookup getattr lock lookup lookup contended lock blocked getattr getattr getattr getattr getattr getattr lock lock lock lock Class Path other namespace_read namespace_read other namespace_read other namespace_read other other other namespace_read namespace_read other other namespace_read namespace_read other namespace_read namespace_read other other other namespace_read namespace_read namespace_read namespace_read namespace_read namespace_read other other other other /ifs/ /ifs/ /ifs/ /ifs/ /ifs/.ifsvar/ /ifs/.ifsvar/ /ifs/.ifsvar/ /ifs/.ifsvar/ /ifs/.ifsvar/modules/ /ifs/.ifsvar/modules/ /ifs/.ifsvar/modules/ /ifs/.ifsvar/modules/ /ifs/.ifsvar/modules/ /ifs/.ifsvar/modules/ /ifs/.ifsvar/modules/ /ifs/.ifsvar/modules/ /ifs/.ifsvar/modules/ /ifs/.ifsvar/modules/ /ifs/.ifsvar/modules/ /ifs/.ifsvar/modules/ /ifs/.ifsvar/modules/ /ifs/.ifsvar/modules/ /ifs/ /ifs/.ifsvar/etc/ /ifs/.ifsvar/iscsi/ /ifs/.ifsvar/iscsi/ /ifs/.ifsvar/modules/ /ifs/.ifsvar/modules/ /ifs/.ifsvar/ /ifs/.ifsvar/ /ifs/.ifsvar/etc/ /ifs/.ifsvar/etc/
299
0.2 0.2 0.2 0.2 0.2 0.2 0.2 0.2 0.2 0.2 0.2 0.2 0.1 0.1 0.1 0.1 0.1 0.1 0.1 0.1
2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2
lock lock lock lock lock lock lock lock lookup lookup lookup lookup blocked blocked lock lock lock lookup lookup lookup
other other other other other other other other namespace_read namespace_read namespace_read namespace_read other other other other other namespace_read namespace_read namespace_read
/ifs/.ifsvar/etc/ /ifs/.ifsvar/iscsi/ /ifs/.ifsvar/iscsi/ /ifs/.ifsvar/modules/ /ifs/.ifsvar/modules/ /ifs/.ifsvar/modules/ /ifs/.ifsvar/modules/ /ifs/.ifsvar/modules/ /ifs/.ifsvar/ /ifs/.ifsvar/ /ifs/.ifsvar/etc/ /ifs/.ifsvar/modules/ /ifs/.ifsvar/modules/ /ifs/.ifsvar/modules/ /ifs/.ifsvar/modules/ /ifs/.ifsvar/modules/ /ifs/.ifsvar/modules/ /ifs/.ifsvar/modules/ /ifs/.ifsvar/modules/ /ifs/.ifsvar/modules/
The following command displays a report with no more than three rows after results have been combined according to their event type. isi statistics heat --limit=3 --totalby=event The system displays output similar to the following example: Ops N/s 113.6 54.0 17.4 Node * * * Event lock lookup getattr Class Path * * * * * *
300
--csvstring=<string>, -C<string> Display data as csv-style separated list with specied string as separator. For example, to separate the data with single spaces, specify --csvstring=" ". Note: --csvstring overrides --csv, if specied, and disables top-style display and dynamic unit conversion. When dynamic conversion is disabled, bytes are displayed in their long form without multipliers (for example, the full number of 1042.3 is displayed instead of rounding it to 1K). --noheader Does not display column headers. --top, -t Displays results in top-style display, where data is continuously overwritten in a single table. Note: If specied without the --repeat option, reports run indenitely. To stop reports while running indenitely, press Ctrl+C. --interval=<number>, -i<number> Displays reports at the specied interval. Specify in seconds. The default interval is 5 seconds. Note: If specied without the --repeat option, reports run indenitely. To stop reports while running indenitely, press Ctrl+C. --repeat=<number>, -r<number> Species how many times to run the report before quitting. Note: To run the report indenitely, specify -1. To stop reports while running indenitely, press Ctrl+C. --degraded, -d Causes report not to stop even if some nodes do not respond. --timeout=<number>, -o<number> Species number of seconds before remote commands timeout. --nodes=<value>, -n<value> Species which nodes to report statistics on. The following values are valid: all * <int> <int>-<int> local
Multiple values can be specied in a comma-separated list. The default node is the local node. --onecolumn, -l Displays output one series at a time in one column rather than on a grid. --formattime, -F Formats series times rather than using epoch seconds. --begin=<number> Species begin time. If a positive number, time is specied in epoch seconds. If a negative number, time is specied relative to the current time (in seconds). --end=<number>
301
Species end time. If a positive number, time is specied in epoch seconds. If a negative number, time is specied relative to the current time (in seconds). --resolution=<number> Species the minimum interval between series data points in seconds. --zero Displays rows with no values that are otherwise hidden. Examples The following command displays statistics on how many bytes of physical system memory were in use for the past minute: isi statistics history --stats=node.memory.used --begin=-60 --end=-0 --formattime The system displays output similar to the following example: Statistic node.memory.used Time/Node 1 05/16/11-16:11:10 3969814528 05/16/11-16:11:15 3969814528 05/16/11-16:11:20 3969814528 05/16/11-16:11:25 3969835008 05/16/11-16:11:30 3969851392 05/16/11-16:11:35 3969818624 05/16/11-16:11:40 3969830912 05/16/11-16:11:45 3969830912 05/16/11-16:11:50 3969830912 05/16/11-16:11:55 3969798144 05/16/11-16:12:00 3969798144 05/16/11-16:12:05 3978104832 The following command displays statistics on the number of L2 meta-data cache read misses in bytes per second and the average write size for disk with index 0 between 2:04:01pm and 2:04:31pm on May 3, 2011: isi statistics history --stats=node.ifs.cache.l2.meta.read.miss,node.disk.xfer.size.in.0 --begin=1304456641 --end=1304456672 --formattime The system displays output similar to the following example: Statistic node.ifs.cache.l2.meta.read.miss node.disk.xfer.size.in.0 Time/Node 1 1 05/03/11-14:04:01 0.0 05/03/11-14:04:06 0.0 8192.0 05/03/11-14:04:11 0.0 6655.99965668 05/03/11-14:04:16 0.0 8192.0 05/03/11-14:04:21 0.0 7679.99969482 05/03/11-14:04:26 0.0 16469.3320279 05/03/11-14:04:31 0.0 7679.99969482 The following command displays the same data in single column form: --stats=node.ifs.cache.l2.meta.read.miss,node.disk.xfer.size.in.0 --begin=1304456641 --end=1304456672 --formattime --onecolumn The system displays output similar to the following example: Statistic node.ifs.cache.l2.meta.read.miss node.ifs.cache.l2.meta.read.miss Node Time Value 1 05/03/11-14:04:01 0.0 1 05/03/11-14:04:06 0.0
302
node.ifs.cache.l2.meta.read.miss node.ifs.cache.l2.meta.read.miss node.ifs.cache.l2.meta.read.miss node.ifs.cache.l2.meta.read.miss node.ifs.cache.l2.meta.read.miss node.disk.xfer.size.in.0 node.disk.xfer.size.in.0 node.disk.xfer.size.in.0 node.disk.xfer.size.in.0 node.disk.xfer.size.in.0 node.disk.xfer.size.in.0
1 1 1 1 1 1 1 1 1 1 1
05/03/11-14:04:11 05/03/11-14:04:16 05/03/11-14:04:21 05/03/11-14:04:26 05/03/11-14:04:31 05/03/11-14:04:02 05/03/11-14:04:07 05/03/11-14:04:12 05/03/11-14:04:17 05/03/11-14:04:22 05/03/11-14:04:27
0.0 0.0 0.0 0.0 0.0 8192.0 6655.99965668 8192.0 7679.99969482 16469.3320279 7679.99969482
303
304
Displays valid option values for protocol mode. --heat Displays valid option values for heat mode. --drive Displays valid option values for drive mode. Examples To view a list of valid option values for client mode, run the following command: isi statistics list events --client The system displays output similar to the following example: ALL create delete file_state namespace_read namespace_write other read session_state unimplemented write
305
306
307
LocalName Node NumOps Ops Out OutAvg OutMax OutMin Proto RemoteAddr RemoteName TimeAvg TimeMax TimeMin TimeStamp UserId UserName
308
Ops Out OutAvg OutMax OutMin Proto RemoteAddr RemoteName TimeAvg TimeMax TimeMin TimeStamp UserId UserName
309
310
UserId UserName
311
Species how many times to run the report before quitting. Note: To run the report indenitely, specify -1. To stop reports while running indenitely, press Ctrl+C. --degraded, -d Causes report not to stop even if some nodes do not respond. --timeout=<number>, -o<number> Species number of seconds before remote commands timeout. --nodes=<value>, -n<value> Species which nodes to report statistics on. The following values are valid: all * <int> <int>-<int> local
Multiple values can be specied in a comma-separated list. The default setting is all nodes. --protocols=<value> Species on which protocols statistics are reported. The following values are valid: all ftp http irp iscsi jobd nfs4 nfs3 nlm siq smb1 smb2
Multiple values can be specied in a comma-separated list. The default setting is all protocols. --classes=<string> Species the classes on which statistics are reported. The following values are valid: all All classes create File, link, node, stream, and directory creation delete File, link, node, stream, and directory deletion file_state Open, close; locking: acquire, release, break, check; notication
312
namespace_read Attribute, stat, and ACL reads; lookup, directory reading namespace_write Renames; attribute setting; permission, time, and ACL writes other File-system information, other operations that cannot be categorized read File and stream reading session_state Negotiation, inquiry, or manipulation of protocol connection or session state write File and stream writing --orderby=<string> Species how rows are ordered. The following values are valid: --total Groups and aggregates results as implied by ltering options. Filtering options include: --classes, --nodes, --operations, --protocols. --totalby=<value> Aggregates results according to specied elds. The following values are valid: Class Node Op Class In InAvg InMax InMin InStdDev Node NumOps Op Ops Out OutAvg OutMax OutMin OutStdDev Proto TimeAvg TimeMax TimeMin TimeStamp TimeStdDev
313
--nooutput=<string> Species which columns are not displayed. Columns are excluded from the list of currently active columns specied by the --output option or --long options, or from the default column list if it has not been overridden by other output options. --output=<string> Species which columns to display. The following values are valid: Class Displays the class of the operation. In Displays the rate of input for an operation since the last time isi statistics collected the data. Displayed in bytes per second. InAvg Displays the average input (received) bytes for an operation since the last time the system collected the data. InMax Displays the maximum input (received) bytes for an operation since the last time the system collected the data. InMin Displays the minimum input (received) bytes for an operation since the last time the system collected the data. InStdDev Displays the standard deviation of the input (received) bytes for an operation since the last time the system collected the data. Displayed in bytes. Node Displays the node on which the operation was performed. NumOps Displays the number of times an operation has been performed since the last time the system collected the data. Op Displays the name of the operation. Ops Displays the rate at which an operation has been performed since the last time the system collected the data. Displayed in operations per second. Out Displays the rate of output for an operation since the last time isi statistics collected the data. Displayed in bytes per second. OutAvg Displays the average output (sent) bytes for an operation since the last time the system collected the data. OutMax Displays the maximum output (sent) bytes for an operation since the last time the system collected the data.
314
OutMin Displays the minimum output (sent) bytes for an operation since the last time the system collected the data. OutStdDev Displays the standard deviation of the output (sent) bytes for an operation since the last time the system collected the data. Displayed in bytes. Proto Displays the protocol of the operation. TimeAvg Displays the average elapsed time taken to complete an operation since the last time the system collected the data. Displayed in microseconds. TimeMax Displays the maximum elapsed time taken to complete an operation since the last time the system collected the data. Displayed in microseconds. TimeMin Displays the minimum elapsed time taken to complete an operation since the last time the system collected the data. Displayed in microseconds. TimeStamp Displays the time at which the isi statistics tool last gathered data. Displayed in POSIX time (number of seconds elapsed since January 1, 1970). --long Displays all possible columns. --zero Displays rows with no values that are otherwise hidden. --operations=<string> Species the operations on which statistics are reported. To view a list of valid values, run the following command: isi statistics list operations. Examples The following command displays the average, maximum, minimum and rate of input every minute for 3 minutes. isi statistics protocol --output=op,in,inmin,inmax,inavg --repeat=3 --interval=60 The system displays output similar to the following example: Op get upload create close query_directory query_info read In InMin InMax InAvg B/s B B B 136.5 719 719 719.0 192.4 1 736 101.3 103.8 228 292 260.0 36.7 92 92 92.0 41.1 98 108 103.0 64.7 108 108 108.0 9.3K 117 117 117.0 719 1 117 719 719 719.0 736 101.3 117 117.0 719 719.0
315
1 117
The following command displays a report that includes HTTP operations get and upload every 20 seconds for 1 minute: isi statistics protocol --protocols=http --operations=get,upload --repeat=3 --interval=20 The system displays output similar to the following example: Ops In Out TimeAvg TimeStdDev Node Proto Class Op N/s B/s B/s us us 0.2 146.7 49.0 109570.0 0.0 1 http read get 1.7 200.9 0.0 8452.0 23899.0 1 http write upload 0.2 131.7 44.0 17057.0 0.0 0.4 136.3 0.0 7111513.5 10057196.0 0.2 134.1 43.8 120820.0 1.9 189.7 0.0 1470723.1 0.0 4623884.5 1 1 1 1 http read get http write upload http read get http write upload
316
Note: If specied without the --repeat option, reports run indenitely. To stop reports while running indenitely, press Ctrl+C. --interval=<number>, -i<number> Displays reports at the specied interval. Specify in seconds. The default interval is 5 seconds. Note: If specied without the --repeat option, reports run indenitely. To stop reports while running indenitely, press Ctrl+C. --repeat=<number>, -r<number> Species how many times to run the report before quitting. Note: To run the report indenitely, specify -1. To stop reports while running indenitely, press Ctrl+C. --degraded, -d Causes report not to stop even if some nodes do not respond. --timeout=<number>, -o<number> Species number of seconds before remote commands timeout. --protocols=<value> Species which protocols to report statistics on. The following values are valid: ftp http irp iscsi jobd lsass_in lsass_out n1m nfs3 nfs4 siq smb1 smb2
The default protocol is NFS3. Examples To view statistics on cluster wide http protocol information, run the following command: isi statistics pstat --protocol=http The system displays output similar to the following example: ___________________________HTTP Operations Per Second__________________________ get 0.00/s put 0.00/s post 0.00/s delete 0.00/s connect 0.00/s options 0.00/s trace 0.00/s null 0.00/s head 0.00/s upload 0.00/s download 0.00/s TOTAL 0.00/s ___CPU Utilization___ user 0.1% _____OneFS Stats_____ In 0.01
317
0.6% 99.3% ____Network Output___ MB/s 0.00 Pkt/s Errors/s 2.40 0.00
Out Total
0.00 0.01
____Network Input____ MB/s 0.01 iops Pkt/s 123.40 MB/s Errors/s 0.00 MB/s
318
Note: If specied without the --repeat option, reports run indenitely. To stop reports while running indenitely, press Ctrl+C. --interval=<number>, -i<number> Displays reports at the specied interval. Specify in seconds. The default interval is 5 seconds. Note: If specied without the --repeat option, reports run indenitely. To stop reports while running indenitely, press Ctrl+C. --repeat=<number>, -r<number> Species how many times to run the report before quitting. Note: To run the report indenitely, specify -1. To stop reports while running indenitely, press Ctrl+C. --degraded, -d Causes report not to stop even if some nodes do not respond. --timeout=<number>, -o<number> Species number of seconds before remote commands timeout. --nofooter Does not display the row that contains aggregation (titled average). This option only applies when the given <Statistics> contain averages. --nodes=<value>, -n<value> Species which nodes to report statistics on. The following values are valid: all * <int> <int>-<int> local
Multiple values can be specied in a comma-separated list. The default node is the local node. Examples To view statistics on how many bytes of physical system memory are in use, run the following command: isi statistics query --stats=node.memory.used The system displays output similar to the following example: NodeID node.memory.used 1 3969990656 average 3969990656 To view statistics on how many bytes of physical system memory are in use without table headings or the "average" row, run the following command: isi statistics query --stats=node.memory.used --noheader --nofooter The system displays output similar to the following example: 1 3970002944
319
320
Causes report not to stop even if some nodes do not respond. --timeout=<number>, -o<number> Species number of seconds before remote commands timeout. --running=<number> Includes a row labeled Avg that displays a running average of cluster totals. The number of cluster totals included in the average is based on the specied <number> of samples. Cluster totals are displayed in the row labeled All. --nodes Displays information on individual nodes. --timestamp Displays a column containing the POSIX time stamp. --oprates Displays protocol operation rate statistics instead of the default throughput statistics. Examples The following command displays a report every 5 seconds for 25 seconds and displays a running average of the last two total cluster values: isi statistics system --interval=5 --repeat=5 --running=2 The system displays output similar to the following example: Node CPU LNN %Used All 1.1 Avg 1.1 All Avg All Avg All Avg All Avg 1.1 1.1 3.7 2.4 3.7 3.7 1.9 2.8 SMB B/s 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 FTP B/s 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 HTTP ISCSI B/s B/s 0.0 123.3 0.0 123.3 0.0 123.3 0.0 123.3 0.0 114.7 0.0 119.0 0.0 114.7 0.0 114.7 0.0 0.0 57.4 86.1 NFS Total NetIn NetOut DiskIn DiskOut B/s B/s B/s B/s B/s B/s 0.0 123.3 8.3K 167.6 91K 0.0 0.0 123.3 8.3K 167.6 91K 0.0 0.0 123.3 0.0 123.3 0.0 114.7 0.0 119.0 0.0 114.7 0.0 114.7 0.0 0.0 57.4 86.1 8.3K 8.3K 6.7K 7.5K 6.7K 6.7K 8.9K 7.8K 167.6 167.6 186.8 177.2 186.8 186.8 118.4 152.6 91K 91K 256K 173K 256K 256K 131K 193K 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0
isi status
The isi status command displays information on the current status of the cluster, alerts and jobs. Syntax isi status [-q] [-w] [-D] [-d [<DiskpoolName>] [-v]] [-n [<NodeID>]] Options If no options are specied, displays cluster information, critical events, cluster job status, and the basic identication, statistics and usage for each node. -q
321
Displays information on the status of the cluster only. -w Displays results without truncations. -D Displays more detailed information on running protection operations, including a list of workers processes. Also displays more information on failed protection operations, including a list of errors. -d [<DiskpoolName>] Displays a diskpool view of the le system instead of a cluster view. If <DiskpoolName> is specied, only information for the specied pool is displayed. -v Displays a list of which nodes are in each diskpool. -n [<NodeID>] Displays information on individual nodes along with statistics for each disk in the nodes. If <NodeID> is specied, only information on the specied node is displayed. Examples To view information on the cluster, critical events, cluster job status, and the basic identication, statistics and usage for each node, run the following command: isi status The system displays output similar to the following example: Cluster Name: TechPubs Cluster Health: [ATTN] Cluster Storage: HDD Size: 6.0T (6.0T Raw) VHS Size: 0 Used: 2.0G (< 1%) Avail: 6.0T (> 99%)
Health Throughput (bps) HDD Storage SSD Storage ID |IP Address |DASR| In Out Total| Used / Size |Used / Size ---+---------------+----+-----+-----+-----+------------------+----------------1|192.168.7.141 |-A--| 0| 0| 0| 695M/ 2.5T(< 1%)| (No SSDs) 2|192.168.7.142 |-A--| 0| 0| 0| 698M/ 1.8T(< 1%)| (No SSDs) 3|192.168.7.143 | OK | 0| 0| 0| 698M/ 1.8T(< 1%)| (No SSDs) ------------------------+-----+-----+-----+------------------+----------------Cluster Totals: | 0| 0| 0| 2.0G/ 6.0T(< 1%)| (No SSDs)
Health Fields: D = Down, A = Attention, S = Smartfailed, R = Read-Only Critical Events: 05/04 10:54 05/05 13:05 05/05 13:05 1 One or more drives (bay(s) 7 / type(s) HDD) are ready to be... 2 External network link ext-2 (em1) down 1 External network link ext-2 (em1) down
322
No failed jobs. Recent job results: Time Job --------------- -------------------------05/09 14:21:35 SnapshotDelete[30] 05/09 14:41:37 SnapshotDelete[31] 05/09 14:51:41 SnapshotDelete[32] 05/09 15:01:40 SnapshotDelete[33] 05/09 15:11:36 SnapshotDelete[34] 05/09 22:00:17 SmartPools[35] 05/09 22:00:50 FSAnalyze[36] 05/09 22:12:03 SnapshotDelete[37] Event -----------------------------Succeeded (MEDIUM) Succeeded (MEDIUM) Succeeded (MEDIUM) Succeeded (MEDIUM) Succeeded (MEDIUM) Succeeded (LOW) Succeeded (LOW) Succeeded (MEDIUM)
The following command displays information on the node with a logical node number of 1: isi status -n 1 Node LNN: Node ID: Node Name: Node IP Address: Node Health: Node SN: Member of Disk Pool: Node Capacity: Available: Used: 1 1 TechPubs-1 192.168.7.141 -A-05290026S N/A 2.5T 2.5T (> 99%) 696M (< 1%)
Network Status: See 'isi networks list interfaces -v' for more detail or man(8) isi. Internal: 2 IB network interfaces (1 up, 1 down) External: 2 GbE network interfaces (1 up, 1 down) 1 Aggregated network interfaces (0 up, 1 down) Disk Drive Status: Bay 1 <0> Bay 2 <3> 170Kb/s 26Kb/s [HEALTHY] [HEALTHY] Bay 5 <1> 13Kb/s [HEALTHY] Bay 9 <2> 263Kb/s [HEALTHY] Bay 6 <4> 74Kb/s [HEALTHY] Bay 10 <5> 74Kb/s [HEALTHY] Bay 3 <6> 310Kb/s [HEALTHY] Bay 7 <N/A> 0b/s [EMPTY] Bay 11 <7> 0b/s [HEALTHY] Bay 4 <8> 34Kb/s [HEALTHY] Bay 8 <9> 819b/s [HEALTHY] Bay 12 <10> 13Kb/s [HEALTHY]
323
OneFS Command Reference Options --interval=<Interval>, -I=<Interval> Required. Species a time range during the specied days that the bandwidth limit is active. Specify in form hh-mm-hh:mm; for example: 12:35-17:43. --days=<Days>, -d=<Days> Required. Species days of the week when the bandwidth limit is active. Multiple <Days> can be specied in comma-separated lists. Ranges of <Days> can be specied with dash-separated ranges. The following values are valid: Valid Value X M T W R F S Corresponding Day Sunday Monday Tuesday Wednesday Thursday Friday Saturday
For example, specifying --days=X,W-F causes the bandwidth limit to be active on Sunday, Wednesday, Thursday and Friday. --limit=<Limit>, L=<Limit> Required. Species the bandwidth limit in kilobits per second. --desc=<Description> Species a description of this bandwidth limit. Examples The following command limits the bandwidth to 100 kilobits per second from 1:00pm to 2:00pm every Friday, Saturday, Sunday and Wednesday: isi sync bandwidth create 13:00-14:00 F-X,W 100 --desc="This bandwidth is an example"
324
OneFS Command Reference Examples The following command deletes a bandwidth with an ID of 1: isi sync bandwidth delete 1
325
OneFS Command Reference Options If no options are specied, information on existing bandwidths is displayed in a table. --bw=<BW> Species bandwidth ID. --mode=<string>, -M<string> Sets the display mode. The following values are valid: default: Displays information on existing bandwidths in a table. This is the same as specifying nothing. full: Displays information on existing bandwidths in an indented list. This is the same as specifying --verbose.
--verbose, -v Displays information on existing bandwidths in an indented list. --wide, -w Displays tables in wide mode without truncations. Examples To view information about existing bandwidths in a table, run the following command: isi sync bandwidth list The system displays output similar to the following example: Id | Limit(kb/s) | State | Days | Time Interval | Description ---+-------------+-------+-------------+---------------+-------------------1 | 100 | off | Wed | 13:00-14:00 | This bandwidth is > 2 | 100 | on | Wed | 15:00-16:00 | This bandwidth is > 3 | 100 | on | Sun-Mon,Wed | 18:00-19:30 | This bandwidth is > 4 | 500 | on | Mon | 01:00-09:30 | This bandwidth is > To view information about existing bandwidths in an indented list, run the following command: isi sync bandwidth list --verbose The system displays output similar to the following example: Id = 1 Limit = 100 (kb/s) Description = This bandwidth is created as an example State = off Schedule: Days = Wed Interval = 10:00-12:00 ==== Id = 2 Limit = 100 (kb/s) Description = This bandwidth is created as an example State = on Schedule: Days = Wed Interval = 15:00-16:00 ==== Id = 3 Limit = 100 (kb/s) Description = This bandwidth is created as an example State = on Schedule:
326
Days = Sun-Mon,Wed Interval = 18:00-19:30 ==== Id = 4 Limit = 500 (kb/s) Description = This bandwidth is created as an example State = on Schedule: Days = Mon Interval = 01:00-09:30
--bw=<BW> Required. Species the bandwidth ID of the bandwidth limit being modied. --interval=<Interval>, -I=<Interval> Species a time range during the specied days that the bandwidth limit is active. Specify in form hh-mm-hh:mm; for example: 12:35-17:43. --days=<string>, -d<string> Species days of the week when the bandwidth limit is active. The days are specied as a comma-separated list with dash-separated ranges (for example: M,W-F). The following values are valid: Valid Value X M T W R F Corresponding Day Sunday Monday Tuesday Wednesday Thursday Friday
327
Valid Value S
--limit=<Limit>, L=<Limit> Species the bandwidth limit in kilobits per second. --desc=<string> Species a description of this bandwidth limit. Examples The following command sets the time interval to 10:00am to 1:00pm on the bandwidth limit with ID 1: isi sync bandwidth modify 1 --interval=10:00-13:00
328
OneFS Command Reference Options If no options are specied, displays information on all existing jobs. --job=<PolicyName> Species the name of the policy that caused the job to run. --state=<string>, -S<string> Displays only jobs in the specied state. The following values are valid: default: Displays all jobs paused: Displays paused jobs running: Displays running jobs
The default setting is default. --wide, -w Displays results without truncations. Examples To view information on all existing jobs, run the following command: isi sync jobs list The system displays output similar to the following example: Name | Action | State | Started/Last run | Next Run/Duration -----------+--------+---------+-------------------+-----------------newPolicy1 | sync | on | Never | Not scheduled newPolicy2 | copy | Success | 05/09/11 13:29:07 | 5 secs newPolicy3 | copy | on | Never | 05/10/11 04:00:00
329
--verbose, -v Displays detailed information on the jobs. --wide, -w Displays results without truncations. Examples To view a report on running jobs, run the following command: isi sync jobs report The system displays output similar to the following example: Name | Act | St | Duration | Transfer | Throughput ----------+------+---------+----------+----------+----------newPolicy | sync | Success | 6 secs | 486B | 627b/s
330
331
OneFS Command Reference Examples The following command tests newPolicy to determine how many les and directories would be processed and transferred if it were run. isi sync policy assess newPolicy
--target_clu=<Target_Cluster>, -C=<Target_Cluster>, --target_cluster=<Target_Cluster> Species the address of the target cluster. --target_path=<Target_Path>, -p=<Target_Path> Species the path to the target directory in the target cluster. If the action is set to copy, les are copied into this directory. If the action is set to sync, data is replicated to the target path and les not present in the root path are deleted from target path. --root_path=<Root_Path> Species the path to the root directory. If the action is set to copy, les are copied from this directory into the target directory. If set to sync, the target directory is synchronized with this directory (making the contents of the target directory identical to that of this directory). --desc=<string> Species an optional description of the policy. --passwd=<string> If a password is required by the target cluster, species the password.
332
--include=<Path>, -i<Path> Includes the specied directory in addition to the given root directory, which is included by default. You can include multiple paths by specifying multiple --include parameters, for example: isi sync policy create... -I/ifs/data/excluded1/one_to_include1 -I/ifs/excluded2/one_to_include2 --exclude=<Path>, -e<Path> Excludes the specied directory in the root path. You can exclude multiple paths by specifying multiple --exclude parameters, for example: isi sync policy create... -e/ifs/data/excluded1 -e/ifs/data/excluded2 --predicate=<string>, -P<string> Species which les are selected to be copied or synchronized (also known as the le-matching criteria or predicates). You can specify the following options when dening a predicate: -aolder <mm>/<dd>/<yyyy> [<HH>:<mm>], -aolder '<nn> [days|weeks|months|years] ago' Selects les that have not been accessed since the specied time. -anewer <mm>/<dd>/<yyyy> [<HH>:<mm>], -anewer '<nn> [days|weeks|months|years] ago' Selects les that have been accessed since the specied time. -atime '<nn> [days|weeks|months|years] ago' Selects les that were accessed during the specied time interval. -bolder <mm>/<dd>/<yyyy> [<HH>:<mm>], -bolder '<nn> [days|weeks|months|years] ago' Selects les that were created before the specied time. -bnewer <mm>/<dd>/<yyyy> [<HH>:<mm>], -bnewer '<nn> [days|weeks|months|years] ago' Selects les that were created after the specied time. -btime '<nn> [days|weeks|months|years] ago' Selects les that were created during the specied time interval. -colder <mm>/<dd>/<yyyy> [<HH>:<mm>], -colder '<nn> [days|weeks|months|years] ago' Selects les that have not been modied since the specied time. -cnewer <mm>/<dd>/<yyyy> [<HH>:<mm>], -cnewer '<nn> [days|weeks|months|years] ago' Selects les that have been modied since the specied time. -ctime '<nn> [days|weeks|months|years] ago' Selects les that were modied during the specied time interval. -size +<nn>[B|KB|MB|GB|TB|PB] Selects les that are larger than the specied size. The default sufx is KB. -size -<nn>[B|KB|MB|GB|TB|PB] Selects les that are smaller than the specied size. The default sufx is KB. -size <nn>[B|KB|MB|GB|TB|PB] Selects les that are the same size as the value specied. The default sufx is KB. -type <Type> Selects only the specied le-system object type. The following values are valid: f: Regular le d: Directory l: Soft link
333
-name <string> Selects only les whose names match the specied string. The following wildcards are valid: * , [ ] ?
-regex <POSIX_regular_expression> Selects only les whose names match the specied POSIX regular expression. IEEE Std 1003.2 (POSIX.2) regular expressions are supported. ! <Specication> Does not select les that meet the <Specication> that follows this value. For example, specifying ! -name *archive* will not select any les whose names contain archive. <Specication> -and <Specication> Selects les that meet both the <Specication> that comes before and the one that follows this value. For example, specifying -size +1GB -and -bnewer "01/01/2011" will select only les that are larger than 1GB and were created after January 1, 2011. <Specication> -or <Specication> Selects les that meet either the <Specication> that comes before or the one that follows this value. For example, specifying -size +1GB -or -bnewer "01/01/2011" will select any les that are larger than 1GB or created after January 1, 2011. --schedule="<Interval> [<Frequency>]", -S"<Interval> [<Frequency>]" Species a reoccurring time to run the job dened by the policy. <Interval> is required and can take one of the following forms: every <day of the week>[, ...] every [<number between 1 and 31>] day every [<number between 1 and 23>] weekday every [<number between 1 and 52>] week [on <day of the week>[, ...]] every [<number>] months [on the <number between 1 and 31>[st]] the {<number between 1 and 5>|last} <day of the week> every [<number between 1 and 12>] month the {<number between 1 and 23>|last} weekday every [<number between 1 and 12>] month the <number between 1 and 31>[st] every [<number between 1 and 31>[st]] month the last day every [<number between 1 and 31>[st]] month yearly on <month> [<number between 1 and 31>[st]]
334
<Frequency> is optional and can take either of the following forms (using either the 24 hour or 12 hour am/pm clock): at {<Hr>[:<Min>][{am|pm}]} every [<Number>] {hours|minutes} [from {<Hr>[:<Min>][{am|pm}]} to {<Hr>[:<Min>][{am|pm}]}]
If you want to only run the policy manually, leave the <string> value blank: --schedule="". --state=<string>, -s<string> Species whether the policy is enabled or disabled. Valid values are enabled and disabled. The default setting is enabled. --integrity=<string> Species whether to perform a checksum on each le data packet that is affected by the SyncIQ job. If enabled and checksum values do not match, SyncIQ retransmits the affected le data packet. Valid values are true and false. --loglevel=<string>, -l<string> Species the verbosity level of logging. The following values are valid, organized from least to most information: fatal error notice info copy debug trace
The default setting is info. --logremoved=<string> Determines whether to keep a log of information on the les removed by the sync action. This parameter does not apply if the policy is set to copy. Valid values are yes and no. --workers=<number> Species the number of workers per node. The number of workers is the maximum number of concurrent processes per node that can be used to perform SyncIQ operations. The default value is 3. --snapshot=<string> Determines whether a snapshot of the specied path on the target cluster is taken after each job is completed. Valid values are on or off. The default setting is off. --snapshot_pattern=<string> Species the snapshot naming pattern. The following variables can be used within the string to include snapshot-specic information: %{SrcCluster}: Source cluster %{PolicyName}: Name of policy %Y: Year %m: Month %d: Day %H: Hour %M: Minute
335
Species the naming pattern of the most recent snapshot. The following variables can be used within the string to include snapshot-specic information: %{SrcCluster}: Source cluster %{PolicyName}: Name of policy %Y: Year %m: Month %d: Day %H: Hour %M: Minute
The default setting is SIQ-%{SrcCluster}-%{PolicyName}-latest. --snapshot_expiration=<string> Species how long snapshots are kept before being automatically deleted. Valid values are "<number> <time>" and "off", where <time> can be one of the following: d[ay[s]] w[eek[s]] m[onth[s]] y[ear[s]]
--rotate_report_period=<string> Species how long SyncIQ reports are kept before being automatically deleted. Specify in the form of <number> <time>, where <time> can be one of the following: d[ay[s]] w[eek[s]] m[onth[s]] y[ear[s]]
--max_reports=number> Species the maximum number of reports to keep for this policy. --restrict_by=<string> If parameter target_restrict=true, does not connect to nodes outside of the specied subnet and pool. Specify in the form of <Subnet>:<Pool> (for example, subnet0:pool1). --target_restrict=<string> If set to true, only connects to the target-cluster nodes that are contained in the subnet and pool specied by the --restrict_by parameter. If set to false, Valid options are on and off. --force_interface=<string> Forces the interface in the pool to be used for communication between source and target cluster in the pool. Valid values are on and off. --diff_sync=<string> Prevents les on the root cluster that already exist on the target cluster from being sent to the target cluster during an initial synchronization. Valid values are on and off. --skip_bb_hash=<string>
! Caution: Specifying yes could result in a loss of data. It is recommended that you consult
Isilon Product Support before specifying yes. If set to true, skips the comparison of source and target les that is usually performed in order to detect target modications. Valid values are yes and no. The default setting is no. --rename_expiration=<string>
336
Species when renamed snapshots expire. Valid values are "<number> <time>" and "off", where <time> can be one of the following: d[ay[s]] w[eek[s]] m[onth[s]] y[ear[s]]
--rename_pattern=<string> Species the pattern of how snapshots are renamed. The following variables are valid: Examples The following command creates a SyncIQ policy that, when ran, synchronizes les in the ifs/home/ directory on SAMPLE.TEST.ISILON.COM cluster with the /ifs/home/ directory on the source cluster. Snapshots are named in the convention of "Changes by <PolicyName> came from <SourceCluster> on <Month><Day>, <Year> at <Hour>:<Minute>." isi sync policy create newPolicy1 copy SAMPLE.TEST.ISILON.COM /ifs/home /ifs/home/ --desc="Daily ifs/home sync policy" --snapshot_pattern="Changes by %{PolicyName} came from %{SrcCluster} on %m%d, %Y at%H:%M." The following command copies les from /ifs/home/here on SAMPLE.TEST.ISILON.COM to /ifs/home/there on the source cluster every day at 4:00 AM: isi sync policy create newPolicy2 copy SAMPLE.TEST.ISILON.COM /ifs/home/there /ifs/home/here --desc="Here to There copy policy" --schedule="every day at 4:00" %{SrcCluster}: Source cluster %{PolicyName}: Name of policy %Y: Year %m: Month %d: Day %H: Hour %M: Minute
337
338
--verbose, -v Displays detailed information in an indented list. --wide, -w Displays information in wide mode without truncations. Examples To view a table of existing policies, their actions, states, and target cluster addresses run the following command: isi sync policy list The system displays output similar to the following example: Name | Path | Action | State | Target ----------+-----------+--------+-------+----------------------newPolicy | /ifs/home | Sync | On | SAMPLE.TEST.ISILON.COM To view a detailed list of existing policies including all parameter values, run the following command: isi sync policy list --verbose The system displays output similar to the following example: Id: a3df2188e63979af44ee821cb4b38859 Spec: Type: user Name: newPolicy Description: Source paths: Root Path: /ifs/home Source node restriction: Destination: Cluster: SAMPLE.TEST.ISILON.COM Password is present: no Path: /ifs/ Make snapshot: off Restrict target by zone name: off Force use of interface in pool: off Predicate: None Check integrity: yes
339
Skip source/target file hashing: no Disable stf syncing: no Log level: notice Maximum failure errors: 1 Target content aware initial sync (diff_sync): no Log removed files: no Rotate report period (sec): 31536000 Max number of reports: 2000 Coordinator performance settings: Workers per node: 3 Task: sync manually State: on
340
--snapshot_pattern --snapshot_alias --snapshot_expiration --rotate_report_period --max_reports --snapshot --restrict_by --target_restrict --force_interface --diff_sync --skip_bb_hash --rename_expiration --rename_pattern
--policy=<Policy> Required. Species the ID or name of the policy being modied. --name=<string>, -n= Species a new name for the policy. --desc=<string> Species an optional description of the policy. --action=<string>, -a=<string> Species an action to perform on les. The following values are valid: copy: Adds copies of all les from source to target. sync: Replicates data on the source cluster to the target cluster, and deletes any les on the target that are not present on the source.
--target_clu=<string>, -C=<string>, --target_cluster=<string> Species the address of the target cluster. --target_path=<string>, -p=<string> Species the path to the target directory in the target cluster. If the action is set to copy, les are copied into this directory. If the action is set to sync, data is replicated to the target path and les not present in the root path are deleted from target path. --passwd=<string> If a password is required by the target cluster, species the password. --root_path=<string> Species the path to the root directory. If the action is set to copy, les are copied from this directory into the target directory. If the action is set to sync, the target directory is synchronized with this directory (making the contents of the target directory identical to that of this directory). --include=<string>, -i<string> Includes the specied directory in addition to the given root directory, which is included by default. You can include multiple paths by specifying multiple --include parameters, for example: isi sync policy create... -I/ifs/data/excluded1/one_to_include1 -I/ifs/excluded2/one_to_include2 --exclude=<string>, -e<string> Species source path being excluded from operations. Multiple paths can be excluded by specifying multiple --exclude parameters, for example: isi sync modify create... -efirstpath -esecondpath
341
--predicate=<string>, -P<string> Species which les are selected to be copied or synchronized (also known as the le-matching criteria or predicates). You can specify the following options when dening a predicate: -aolder <mm>/<dd>/<yyyy> [<HH>:<mm>], -aolder '<nn> [days|weeks|months|years] ago' Selects les that have not been accessed since the specied time. -anewer <mm>/<dd>/<yyyy> [<HH>:<mm>], -anewer '<nn> [days|weeks|months|years] ago' Selects les that have been accessed since the specied time. -atime <mm>/<dd>/<yyyy> [<HH>:<mm>] Selects les that were accessed during the specied time interval. -bolder <mm>/<dd>/<yyyy> [<HH>:<mm>], -bolder '<nn> [days|weeks|months|years] ago' Selects les that were created before the specied time. -bnewer <mm>/<dd>/<yyyy> [<HH>:<mm>], -bnewer '<nn> [days|weeks|months|years] ago' Selects les that were created after the specied time. -btime <mm>/<dd>/<yyyy> [<HH>:<mm>] Selects les that were created during the specied time interval. -colder <mm>/<dd>/<yyyy> [<HH>:<mm>], -colder '<nn> [days|weeks|months|years] ago' Selects les that have not been modied since the specied time. -cnewer <mm>/<dd>/<yyyy> [<HH>:<mm>], -cnewer '<nn> [days|weeks|months|years] ago' Selects les that have been modied since the specied time. -ctime '<nn> [days|weeks|months|years] ago' Selects les that were modied during the specied time interval. -size +<nn>[B|KB|MB|GB|TB|PB] Selects les that are larger than the specied size. The default sufx is KB. -size -<nn>[B|KB|MB|GB|TB|PB] Selects les that are smaller than the specied size. The default sufx is KB. -size <nn>[B|KB|MB|GB|TB|PB] Selects les that are the same size as the one specied. The default sufx is KB. -type <Type> Selects only the specied le-system object type. The following values are valid: f: Regular le d: Directory l: Soft link
-path <Path> Selects only les on the path specied. The following wildcards are valid: * , [ ] ?
-name <Name> Selects only les with the names match the specied string. The following wildcards are valid:
342
* , [ ] ?
-regex <POSIX_regular_expression> Selects only les whose names match the specied POSIX regular expression. IEEE Std 1003.2 (POSIX.2) regular expressions are supported. ! <Specication> Does not select les that meet the <Specication> that follows this value. For example, specifying ! -name *archive* will not select any les whose names contain archive. <Specication> -and <Specication> Selects les that meet both the <Specication> that comes before and the one that follows this value. For example, specifying -size +1GB -and -bnewer "01/01/2011" will select only les that are larger than 1GB and were created after January 1, 2011. <Specication> -or <Specication> Selects les that meet either the <Specication> that comes before or the one that follows this value. For example, specifying -size +1GB -or -bnewer "01/01/2011" will select any les that are larger than 1GB or created after January 1, 2011. --schedule="<Interval> [<Frequency>]", -S"<Interval> [<Frequency>]" Species a reoccurring time to run the job dened by the policy. <Interval> is required and can take one of the following forms: every <day of the week>[, ...] every [<number between 1 and 31>] day every [<number between 1 and 23>] weekday every [<number between 1 and 52>] week [on <day of the week>[, ...]] every [<number>] months [on the <number between 1 and 31>[st]] the {<number between 1 and 5>|last} <day of the week> every [<number between 1 and 12>] month the {<number between 1 and 23>|last} weekday every [<number between 1 and 12>] month the <number between 1 and 31>[st] every [<number between 1 and 31>[st]] month the last day every [<number between 1 and 31>[st]] month yearly on <month> [<number between 1 and 31>[st]]
<Frequency> is optional and can take either of the following forms (using either the 24 hour or 12 hour am/pm clock): at {<Hr>[:<Min>][{am|pm}]} every [<Number>] {hours|minutes} [from {<Hr>[:<Min>][{am|pm}]} to {<Hr>[:<Min>][{am|pm}]}]
If you want to only run the policy manually, leave the <string> value blank: --schedule="". --state=<string>, -s<string> Species whether the policy is enabled or disabled. Valid values are enabled and disabled. The default setting is enabled. --integrity=<string>
343
Species whether to perform a checksum on each le data packet that is affected by the SyncIQ job. If enabled and checksum values do not match, SyncIQ retransmits the affected le data packet. Valid values are true and false. --loglevel=<string>, -l<string> Species the verbosity level of logging. The following values are valid, organized from least to most information: fatal error notice info copy debug trace
The default setting is info. --logremoved=<string> Determines whether to keep a log of information on the les removed by the sync action. This parameter does not apply if the policy is set to copy. Valid values are yes and no. --workers=<number> Species the number of workers per node. The number of workers is the maximum number of concurrent processes per node that can be used to perform SyncIQ operations. The default value is 3. --snapshot=<string> Determines whether a snapshot of the specied path on the target cluster is taken after each job is completed. Valid values are on or off. The default setting is off. --snapshot_pattern=<string> Species the snapshot naming pattern. The following variables can be used within the string to include snapshot-specic information: %{SrcCluster}: Source cluster %{PolicyName}: Name of policy %Y: Year %m: Month %d: Day %H: Hour %M: Minute
The default setting is SIQ-%{SrcCluster}-%{PolicyName}-%Y-%m-%d_%H-%M. --snapshot_alias=<string> Species the naming pattern of the most recent snapshot. The following variables can be used within the string to include snapshot-specic information: %{SrcCluster}: Source cluster %{PolicyName}: Name of policy %Y: Year %m: Month %d: Day %H: Hour %M: Minute
344
--snapshot_expiration=<string> Species how long snapshots are kept before being automatically deleted. Valid values are "<number> <time>" and "off", where <time> can be one of the following: d[ay[s]] w[eek[s]] m[onth[s]] y[ear[s]]
--rotate_report_period=<string> Species how long SyncIQ reports are kept before being automatically deleted. Specify in the form of <number> <time>, where <time> can be one of the following: d[ay[s]] w[eek[s]] m[onth[s]] y[ear[s]]
--max_reports=number> Species the maximum number of reports to keep for this policy. This value can also be changed using the isi sync reports policyconf --max_reports= command. --restrict_by=<string> If parameter target_restrict=true, policy does not connect to nodes outside of the specied subnet and pool. Specify in the form of <Subnet>:<Pool> (for example, subnet0:pool1). --target_restrict=<string> If set to true, policy only connects to the target-cluster nodes that are contained in the subnet and pool specied by the --restrict_by parameter. If set to false, Valid options are on and off. --force_interface=<string> Forces the interface in the pool to be used for communication between source and target cluster in the pool. Valid values are on and off. --diff_sync=<string> Prevents les on the root cluster that already exist on the target cluster from being sent to the target cluster during an initial synchronization. Valid values are on and off. --skip_bb_hash=<string>
! Caution: Specifying yes could result in a loss of data. It is recommended that you consult
Isilon Product Support before specifying yes. If set to true, skips the comparison of source and target les that is usually performed in order to detect target modications. Valid values are yes and no. The default setting is no. --rename_expiration=<string> Species when renamed snapshots expire. Valid values are "<number> <time>" and "off", where <time> can be one of the following: d[ay[s]] w[eek[s]] m[onth[s]] y[ear[s]]
--rename_pattern=<string> Species the pattern of how snapshots are renamed. The following variables are valid: %{SrcCluster}: Source Cluster
345
Examples
%{PolicyName}: Name of policy %Y: Year %m: Month %d: Day %H: Hour %M: Minutes
The following command causes no more than 300 reports to be kept for newPolicy: isi sync policy modify newPolicy --max_reports=300
The following command causes newPolicy to not delete inconsistencies between the target and source cluster: isi sync policy modify newPolicy --action=copy
346
The default setting is all. --mode=<string>, -M<string> Species the display mode. The following values are valid: default: Displays information on existing bandwidths in a table. This is the same as specifying nothing. full: Displays information on existing bandwidths in an indented list. This is the same as specifying --verbose.
--verbose, -v Displays detailed information. --mail, -m Sends reports to the emails specied by the isi sync report config --email command parameter. --quantity=<number>, -N<number> Species the number of the latest reports to display. If not specied, all reports are displayed. --subreport=<number> Displays the specied subreport. --job_id=<number> Displays reports on jobs with the specied ID. Examples The following command displays a report on newPolicy isi sync policy report newPolicy The system displays output similar to the following example: newPolicy: Start 04/29/11 14:32:16 Stop Act Status 04/29/11 14:37:47 copy Success w/ prior failures
The following command displays detailed information on newPolicy: isi sync policy report newPolicy --verbose The system displays output similar to the following example: Id: ad8c2a041e9dedc04952c7550dff697b Name: newPolicy Action: copy Sync Type: initial Job ID: 1 Started: Fri Apr 29 14:32:16 PDT 2011 Run time: 3 secs Ended: Fri Apr 29 14:37:47 PDT 2011 Status: Success w/ prior failures Details: Directories: Visited on source: 1 Deleted on destination: 0
347
Files: Total Files: 9 Actually transferred: 9 New files: 9 Updated files: 0 Automatically retransmitted files: 0 Skipped for some reason: Up-to-date (already replicated): 0 Modified while being replicated: 0 IO errors occurred: 0 Network errors occurred: 0 Integrity errors occurred: 0 Bytes: Total Network Traffic: 7.5 KB (7688 bytes) Total Data: 4.2 KB (4255 bytes) File Data: 4.2 KB (4255 bytes) Sparse Data: 0B Subreport 1: Started: Fri Apr 29 14:32:16 PDT 2011 Ended: Fri Apr 29 14:32:16 PDT 2011 Status: Failed Subreport 2: Started: Fri Apr 29 14:37:44 PDT 2011 Ended: Fri Apr 29 14:37:47 PDT 2011 Status: Success
348
349
OneFS Command Reference Examples The following command runs a policy called newPolicy isi sync policy run newPolicy
--max_reports=<number> Species the maximum number of reports that are kept for a policy.
350
OneFS Command Reference Examples The following command sets the destination of isi sync reports to user@isilon.com, allows no more than 500 reports to be kept for one policy, and removes reports more than 2 weeks old: isi sync reports config user@isilon.com --keep=2w --max_reports=500
--max_reports=<number> Species the maximum number of reports that are kept for this SyncIQ policy. This value can also be changed using the isi sync policy modify --max_reports command option. Examples The following command allows no more than 500 reports to be kept, and removes reports more than 2 weeks old for a policy called newPolicy: isi sync reports policyconf newPolicy --keep=2w --max_reports=500
351
OneFS Command Reference Examples The following command rebuilds the report database for a policy called newPolicy: isi sync reports rebuild --policy=newPolicy
352
OneFS Command Reference Options --quiet, -q If command succeeds, does not display conrmation message. If an error occurs, error message is still displayed. Examples To start the SyncIQ application, run the following command: isi sync start
353
--target_path=<string>, -p<string> Species a path in the target cluster. --verbose, -v Displays detailed information. --wide, -w Displays tables in wide mode without truncations. Examples To view a list of policies that are currently targeting this cluster, run the following command:
354
isi sync target list The system displays output similar to the following example: Policy | Source | Target Path | Run ----------+------------+-------------------+-------newPolicy | newCluster | /ifs/home/newuser | Success To view detailed information on policies that are currently targeting this cluster, run the following command: isi sync target list --verbose The system displays output similar to the following example: ID: ad9c2a041e9dedc05239c7550fdf667b Policy Name: newPolicy Target Dir: /ifs/home/newuser Source Information: Cluster: newCluster Cluster ID: 00d084431e1613d1d94d88210dee328d8f43 Last Coordinator IP: 0.0.0.0 Legacy Policy: No Job Status: Success Last Update: Fri Apr 29 14:37:47 2011
355
For example, specifying --days=X,W-F causes the throttle to be active on Sunday, Wednesday, Thursday and Friday. --limit=<number>, L=<number> Required. Species limit of the le send rate in les per second. --desc=<string> Species a description of this throttle. Examples The following command limits the le send rate for SyncIQ policies to 10 les per second every Saturday, Sunday and Thursday from 1:00pm to 3:00pm: isi sync throttle create 13:00-15:00 S,X,R 10
356
--verbose, -v Displays detailed information. --wide, -w Displays tables in wide mode without truncations. Examples To view information about existing throttles in a table, run the following command:
357
isi sync throttle list The system displays output similar to the following example: Id | Limit(Files/s) | State | Days | Time Interval | Description ---+----------------+-------+---------+---------------+--------------------1 | 500 | on | Sun | 08:30-09:30 | > 2 | 100 | on | Mon-Fri | 20:00-23:59 | This is an example > 3 | 100 | on | Mon-Fri | 00:00-05:00 | This is an example > 4 | 250 | on | Sat | 00:00-23:59 | This is an example > To view information about existing throttles in an indented list, run the following command: isi sync throttle list --verbose The system displays output similar to the following example: Id = 1 Limit = 500 (files/s) Description = This is an example State = on Schedule: Days = Sun Interval = 08:30-09:30 ==== Id = 2 Limit = 100 (files/s) Description = This is an example State = on Schedule: Days = Mon-Fri Interval = 20:00-23:59 ==== Id = 3 Limit = 100 (files/s) Description = This is an example State = on Schedule: Days = Mon-Fri Interval = 00:00-05:00 ==== Id = 4 Limit = 250 (files/s) Description = This is an example State = on Schedule: Days = Sat Interval = 00:00-23:59
358
OneFS Command Reference Options You must specify at least one throttle attribute to modify. Specify a throttle attribute using one of the following options: --interval --days --limit --desc
--thr=<Throttle> Required. Species the ID of the throttle being modied. --interval=<Interval>, -i<Interval> Species the time range that the throttle limit is active during the given <Days>. Specify <Interval> in form hh:mm-hh:mm (for example, 12:35-17:43). --days=<Days>, -d<Days> Species days of the week when the throttle limit is active. Multiple <Days> can be specied in comma-separated lists. Ranges of <Days> can be specied with dash-separated ranges. The following values are valid: Valid Value X M T W R F S Corresponding Day Sunday Monday Tuesday Wednesday Thursday Friday Saturday
For example, specifying --days=X,W-F causes the throttle to be active on Sunday, Wednesday, Thursday and Friday. --limit=<number>, -L<number> Species limit of the le send rate in les per second. --desc=<string> Species a description of this throttle. Examples The following command sets the time interval to 11:00am to 1:00pm on a throttle with ID 1: isi sync throttle modify 1 --interval=11:00-13:00
359
360
OneFS Command Reference Options If you run this command without options, all devices are listed. --devname=<DeviceName>, -n<DeviceName> Lists only the specied device. --node=<LNN> Lists only devices that are accessible from the specied node. --tape List only tape devices. --mc Lists only media changer devices. --verbose, -v Display includes the path, Logical Unit Number (LUN), World Wide Port Number (WWPN), and Port ID of the tape devices. Examples To view a list of all currently connected tape and media changer devices, run the following command: isi tape list The system displays output similar to the following example: Tape Device State WWNN Vendor/Model/Revision/Serial -------------------------------------------------------------------------------tape001 closed 500308C097D42098 HP Ultrium 4-SCSI H44Z F097D42098 tape002 closed 500308C097D4209C HP Ultrium 4-SCSI H44Z F097D4209C tape003 closed 2001001B323102D9 IBM ULTRIUM-TD3 4C17 1230596819 tape004 closed 2001001B323102D9 IBM ULTRIUM-TD3 4C17 1230596820 tape005 closed 2000001B321102D9 HP Ultrium 4-SCSI H16D 8WK7A00201 tape006 closed 2000001B321102D9 HP Ultrium 4-SCSI H16D 8WK7A00202 tape007 closed 2000001B321102D9 HP Ultrium 4-SCSI H16D 8WK7A00203 Media Changer State WWNN Vendor/Model/Revision/Serial -------------------------------------------------------------------------------mc001 closed 500308C097D4209C ADIC Scalar i500 500G ADICA0C0196012_LLA mc002 closed 2000001B321102D9 ATL 1500 3.01 8WK7A00206 mc003 closed 2000001B321102D9 HP MSL G3 Series 0.80 8WK7A00200 mc004 closed 2000001B321102D9 IBM ULT3583-TL 2.50 IBM4378041
If there are no known tape or media changer devices, the system displays no output.
361
OneFS Command Reference Options --devname=<DeviceName> Required. Species the device to rename. --rename=<NewDeviceName> Required. Sets the new name for the device. Examples The following command changes the name of tape device tape001 to tape010 isi tape rename tape001 tape010
362
OneFS Command Reference [--require-auth=<Boolean>] [--require-allow=<Boolean>] [--pool=<PoolName>] [--initiator=<Initiator>] [--chap=<User>:<Secret>] Options --name=<TargetName>, -n=<TargetName> Required. Species a name for the target. Valid names begin with a letter and contain only lowercase letters, numbers, and hyphens (-). --path=<ifs-Directory> Species a default path under /ifs for LUN directories. --comment=<QuotedString> Species a description for the target, enclosed in quotation marks. --require-auth=<Boolean> Enables (1) or disables (0) CHAP authentication. CHAP authentication is disabled by default. --require-allow=<Boolean> Enables (1) or disables (0) initiator access control. Access control is disabled by default. --pool=<PoolName> Species a SmartConnect pool name. --initiator=<Initiator> Adds an initiator to the initiator access list. The specied value must be a valid iSCSI Qualied Name (IQN). --chap=<User>:<Secret> Adds a CHAP user:secret pair to the CHAP secrets list. Both the user and secret are case-sensitive. Secrets must be 12-16 characters long. You can specify a valid IQN as the user. If you do not specify an IQN, valid users can contain alphanumeric characters, periods (.), hyphens (-), and underscores (_). Example: --chap=user1:PassWord1234 Examples The following command creates a target named test1 using default conguration settings: isi target create --name=test1 The following command creates a target named test2 with initiator access control enabled, and adds a Microsoft iSCSI initiator named "iqn.1991-05.com.microsoft:example" to the target's initiator access list: isi target create --name=test2 --require-allow=1 --initiator=iqn.1991-05.com.microsoft:example The following command creates a target named test3 and assigns a SmartConnect pool named subnet0:pool0:
isi target create --name=test3 --pool=subnet0:pool0 Note: You can verify that a target was created successfully by running the isi target list command.
363
364
--verbose, -v Displays more detailed information. Examples To view information about all targets, as well as each LUN contained in a given target, run the following command: isi target list --luns The following command displays detailed information about a target named test1: isi target list --name=test1 --verbose
365
Adds a SmartConnect pool. --delete-pool=<PoolName> Removes a SmartConnect pool. Examples The following command changes the default LUN directory path to /ifs/example for a target named test1: isi target modify --name=test1 --path=/ifs/example The following command enables CHAP authentication for a target named test2, and adds a CHAP user:secret pair of test:12characters to the CHAP secrets list: isi target modify --name=test2 --require-auth=1 --add-chap=user1:PassWord1234 Note: You can verify that a target was modied successfully by running the isi target list command.
isi update
The isi update command updates a cluster to a newer version of OneFS. Syntax isi update [-r [--drain-time=<DrainTime>] [--manual]] Options -r Performs a rolling update. A rolling update reboots only one node at a time, allowing the cluster to remain available during the update. If a rolling update is interrupted, the update can be restarted by running the isi update command again with the same specications as the interrupted update. The update will then attempt to continue from where the update was interrupted. Rolling updates are not supported for all versions, contact your representative at Isilon for information on what versions this option is supported on. --drain-time=<DrainTime> The update process pauses for the specied <DrainTime> after disconnecting nodes from their SmartConnect pools before rebooting them. Specify <DrainTime> in the form of <Number><TimeUnit> where <TimeUnit> can be one of the following values: Valid Value m h d w The default <TimeUnit> is seconds. --manual Corresponding Time Unit Minutes Hours Days Weeks
366
Causes the rolling update process to pause and wait for user input before rebooting each node. If specied with the --drain-time option, update waits until the <DrainTime> is expired before requesting user input. Examples To perform an update, run the following command: isi update The system displays output similar to the following example: Starting upgrade process... Connecting to remote and local successfully connected successfully connected successfully connected Loading image... upgrade to node to node to node processes... [ 2]. [ 3]. [ 1].
Please specify the image to update. You can specify the image from: -- an absolute path (i.e. /usr/images/my.tar) -- http (i.e. http://host/images/my.tar) Please specify the image to update: Enter input similar to the following example: /ifs/install.tar The system displays output similar to the following example: Node version :v6.0.3.10 B_6_0_3_10(RELEASE) (0x600030000000A00) Image version:6.5.1.8 B_6_5_1_8(RELEASE) (0x605010000000800) Are you sure you wish to upgrade (yes/no)? Enter yes The system displays output similar to the following example: Please wait, updating... Initiating IMDD... node[ 3] initialized. node[ 2] initialized. node[ 1] initialized. Verifying md5... Installing image... node[ 1] installed. node[ 2] installed. node[ 3] installed. Restoring user changes... node[ 2] restored. node[ 3] restored. node[ 1] restored. Checking for Firmware Updates... Firmware update checks skipped... node[ 1] Firmware check phase completed. node[ 2] Firmware check phase completed. node[ 3] Firmware check phase completed. Updating Firmware... Firmware updates skipped... node[ 1] Firmware update phase completed. node[ 2] Firmware update phase completed. node[ 3] Firmware update phase completed. Upgrade installed successfully. Reboot to complete the process? (yes/no [yes]) Enter yes
367
The system displays output similar to the following example: Shutting down services. node[ 1] Services shutdown. node[ 2] Services shutdown. node[ 3] Services shutdown. Flushing and disabling coalescers. node[ 1] Coalescers flushed and disabled. node[ 2] Coalescers flushed and disabled. node[ 3] Coalescers flushed and disabled. Rebooting cluster... rebooting node[ 2]... rebooting node[ 3]... rebooting node[ 1]... *** FINAL System shutdown message from root@example *** System going down IMMEDIATELY The following command performs a rolling update that waits for an hour after each node is disconnected from its SmartConnect pool before rebooting the node: isi update -r --drain-time=1h
isi version
The isi version command displays detailed information about a cluster's software properties. Syntax isi version {osversion | osbuild | osrelease | ostype | osreldate | osrevision | copyrite} Options You must specify exactly one category of information. Specify a category of information using one of the following options: osversion osbuild osrelease ostype osreldate osrevision copyrite Displays the current operating system version. osbuild Displays build information. osrelease Displays the release date for the software. osrevision Displays the revision number. copyright
osversion
368
Displays the current copyright information for the software. Examples To view information on the version of operating system, run the following command: isi version osversion The system displays output similar to the following example: Isilon OneFS v6.0.3.10 B_6_0_3_10(RELEASE): 0x600030000000A00:Tue Feb 12:30:21 PST 2011 1
root@fastbuild-02.west.isilon.com:/build/mnt/obj.RELEASE/build/mnt/src/sys/IQ.amd64.release
Syntax isi worm create [--path=]<IFSDirectory> Options --path=<IFSDirectory>, -p<IFSDirectory> Required. Species the absolute path, beginning at /ifs, to an existing directory. Examples To designate an existing directory named /ifs/data/worm as a SmartLock root directory, run the following command: isi worm create -p /ifs/data/worm The system displays output similar to the following text: !! /ifs/data/worm is now a SmartLock root directory. Id: !! 65540
369
370
The system displays output similar to the following example: Domain Info for: /ifs/data Domains ------None Contains Directories with These WORM Domains -------------------------------------------ID | Root Path | Type ------+----------------+----65536 | /ifs/data/worm | WORM This output indicates that the /ifs/data/ directory is the parent of a SmartLock root directory. The following command displays SmartLock information about a le named file.txt in the /ifs/data/worm/wormsub directory: isi worm info -p /ifs/data/worm/wormsub/file.txt The system displays output similar to the following example: Domain Info for: /ifs/data/worm/wormsub/file.txt Domains ------ID | Root Path | Type ------+----------------+----65536 | /ifs/data/worm | WORM Worm State: not committed Would Expire: Never
In this example, file.txt is in a SmartLock directory tree rooted at /ifs/data/worm, but has not been committed to a SmartLock state.
371
The system displays output similar to the following example: Root Path | Type ----------------+---------/ifs/data/worm | SmartLock This output indicates that the cluster contains a single SmartLock root directory. To view more detailed information including the SmartLock domain ID, override retention date, and default minimum retention offset, run the following command: isi worm list -l The system displays output similar to the following example: ID | Root Path | Type | Override Ret. Date | Default Min. Ret. ------+-----------------+-----------+---------------------+-----------------65537 | /ifs/data/worm | SmartLock | 2012-12-22 00:00:00 | 2y
372
isi worm modify -p /ifs/data/worm -o 20121222 Files that are committed to the SmartLock root directory or one of its subdirectories will use the le retention date (if congured) or the override retention date, whichever is later.
373