OneFS 6.5 Command Reference

OneFS 6.
5 Command Reference
Contents
OneFS Command Reference......................................................................................................11 isi alerts.............................................................................................................................12 isi auth ads accounts list...................................................................................................12 isi auth ads cache flush.....................................................................................................12 isi auth ads dc...................................................................................................................13 isi auth ads groups list.......................................................................................................14 isi auth ads join.................................................................................................................15 isi auth ads leave...............................................................................................................16 isi auth ads search............................................................................................................16 isi auth ads spn check.......................................................................................................18 isi auth ads spn create......................................................................................................19 isi auth ads spn delete......................................................................................................20 isi auth ads spn list............................................................................................................21 isi auth ads status.............................................................................................................21 isi auth ads time................................................................................................................22 isi auth ads users list.........................................................................................................23 isi auth config krb5 add realm...........................................................................................24 isi auth config krb5 delete default......................................................................................25 isi auth config krb5 delete domain.....................................................................................26 isi auth config krb5 delete realm.......................................................................................26 isi auth config krb5 list.......................................................................................................27 isi auth config krb5 modify default.....................................................................................28 isi auth config krb5 modify domain....................................................................................29 isi auth config krb5 modify realm.......................................................................................30 isi auth config krb5 write....................................................................................................30 isi auth config ldap list.......................................................................................................31 isi auth config ldap modify.................................................................................................33 isi auth config list...............................................................................................................36 isi auth config modify.........................................................................................................41 isi auth config revert..........................................................................................................47 isi auth config rules...........................................................................................................51 isi auth error......................................................................................................................52 isi auth local groups create...............................................................................................52 isi auth local groups delete................................................................................................53 isi auth local groups list.....................................................................................................53 isi auth local groups modify...............................................................................................54 isi auth local users create..................................................................................................56 isi auth local users delete..................................................................................................57 isi auth local users list.......................................................................................................58 isi auth local users modify.................................................................................................59
isi auth log-level.................................................................................................................61 isi auth mapping delete.....................................................................................................62 isi auth mapping dump......................................................................................................64 isi auth mapping flush.......................................................................................................65 isi auth mapping idrange...................................................................................................66 isi auth mapping import.....................................................................................................68 isi auth mapping list...........................................................................................................68 isi auth mapping modify....................................................................................................70 isi auth mapping new........................................................................................................72 isi auth mapping token......................................................................................................74 isi auth mapping upgrade-db.............................................................................................75 isi auth status....................................................................................................................76 isi avscan config................................................................................................................77 isi avscan get....................................................................................................................78 isi avscan manual..............................................................................................................79 isi avscan policy................................................................................................................79 isi avscan policy add.........................................................................................................80 isi avscan policy delete.....................................................................................................81 isi avscan policy edit.........................................................................................................81 isi avscan policy run..........................................................................................................83 isi avscan quarantine........................................................................................................83 isi avscan report purge......................................................................................................84 isi avscan report scan.......................................................................................................84 isi avscan report threat......................................................................................................85 isi avscan unquarantine....................................................................................................86 isi batterystatus.................................................................................................................86 isi config............................................................................................................................87 changes..................................................................................................................87 commit....................................................................................................................88 date........................................................................................................................88 deliprange...............................................................................................................88 encoding.................................................................................................................89 exit..........................................................................................................................90 help.........................................................................................................................90 interface..................................................................................................................91 iprange...................................................................................................................92 joinmode.................................................................................................................93 lnnset......................................................................................................................93 migrate...................................................................................................................94 mtu.........................................................................................................................95 name......................................................................................................................95 netmask..................................................................................................................95 quit..........................................................................................................................96 reboot.....................................................................................................................96
shutdown................................................................................................................96 status......................................................................................................................97 timezone.................................................................................................................98 version....................................................................................................................98 wizard.....................................................................................................................98 isi devices..........................................................................................................................99 isi domain create.............................................................................................................101 isi domain filedelete.........................................................................................................101 isi domain info.................................................................................................................101 isi domain list...................................................................................................................102 isi domain modify............................................................................................................103 isi email...........................................................................................................................103 isi email list......................................................................................................................104 isi events cancel..............................................................................................................104 isi events list....................................................................................................................105 isi events notifications create..........................................................................................107 isi events notifications delete...........................................................................................109 isi events notifications list................................................................................................109 isi events notifications modify..........................................................................................110 isi events quiet.................................................................................................................112 isi events sendtest...........................................................................................................112 isi events settings list.......................................................................................................113 isi events settings set......................................................................................................113 isi events show ...............................................................................................................115 isi events unquiet.............................................................................................................116 isi fc disable.....................................................................................................................116 isi fc enable.....................................................................................................................117 isi fc list............................................................................................................................117 isi fc set...........................................................................................................................118 isi firmware package.......................................................................................................118 isi firmware status...........................................................................................................119 isi firmware update..........................................................................................................120 isi ftp accept-timeout.......................................................................................................121 isi ftp allow-anon-access.................................................................................................122 isi ftp allow-anon-upload.................................................................................................122 isi ftp allow-dirlists...........................................................................................................123 isi ftp allow-downloads....................................................................................................123 isi ftp allow-writes............................................................................................................123 isi ftp anon-chown-username..........................................................................................124 isi ftp anon-password-list.................................................................................................124 isi ftp anon-password-list add..........................................................................................125 isi ftp anon-password-list remove....................................................................................125 isi ftp anon-root-path.......................................................................................................126 isi ftp anon-umask...........................................................................................................126
isi ftp ascii-mode.............................................................................................................127 isi ftp chroot-exception-list...............................................................................................127 isi ftp chroot-exception-list add........................................................................................128 isi ftp chroot-exception-list remove..................................................................................128 isi ftp chroot-local-mode..................................................................................................129 isi ftp connect-timeout.....................................................................................................130 isi ftp data-timeout...........................................................................................................130 isi ftp denied-user-list......................................................................................................131 isi ftp denied-user-list add...............................................................................................131 isi ftp denied-user-list remove.........................................................................................132 isi ftp dirlist-localtime.......................................................................................................132 isi ftp dirlist-names..........................................................................................................133 isi ftp file-create-perm.....................................................................................................133 isi ftp list..........................................................................................................................134 isi ftp local-root-path........................................................................................................135 isi ftp local-umask............................................................................................................135 isi ftp server-to-server.....................................................................................................136 isi ftp session-timeout......................................................................................................136 isi ftp user-config-dir........................................................................................................137 isi_gather_info.................................................................................................................137 isi get...............................................................................................................................141 isi iscsi isns disable.........................................................................................................143 isi iscsi isns discover.......................................................................................................143 isi iscsi isns enable..........................................................................................................144 isi iscsi isns status...........................................................................................................144 isi iscsi list.......................................................................................................................145 isi iscsi pool add..............................................................................................................146 isi iscsi pool delete..........................................................................................................146 isi iscsi pool list................................................................................................................146 isi job cancel....................................................................................................................147 isi job config....................................................................................................................147 isi job history...................................................................................................................147 isi job list..........................................................................................................................149 isi job pause....................................................................................................................150 isi job policy create..........................................................................................................151 isi job policy delete..........................................................................................................151 isi job policy list...............................................................................................................152 isi job policy modify.........................................................................................................152 isi job policy set...............................................................................................................153 isi job resume..................................................................................................................154 isi job schedule delete.....................................................................................................155 isi job schedule list..........................................................................................................155 isi job schedule set..........................................................................................................156 isi job start.......................................................................................................................157
isi job status....................................................................................................................158 isi job update...................................................................................................................159 isi license activate...........................................................................................................160 isi license status..............................................................................................................160 isi license unconfigure.....................................................................................................161 isi lun clone.....................................................................................................................161 isi lun create....................................................................................................................163 isi lun delete....................................................................................................................164 isi lun import....................................................................................................................165 isi lun list..........................................................................................................................165 isi lun modify...................................................................................................................166 isi lun move.....................................................................................................................167 isi lun offline....................................................................................................................168 isi lun online....................................................................................................................168 isi ndmp kill......................................................................................................................168 isi ndmp list.....................................................................................................................169 isi ndmp probe.................................................................................................................169 isi ndmp settings list........................................................................................................176 isi ndmp settings set........................................................................................................177 isi ndmp user create........................................................................................................178 isi ndmp user delete........................................................................................................178 isi ndmp user list.............................................................................................................178 isi ndmp user modify.......................................................................................................179 isi networks.....................................................................................................................179 isi networks create pool...................................................................................................181 isi networks create rule...................................................................................................183 isi networks create subnet...............................................................................................184 isi networks delete pool...................................................................................................185 isi networks delete rule....................................................................................................186 isi networks delete subnet...............................................................................................186 isi networks list interfaces...............................................................................................187 isi networks list pools......................................................................................................188 isi networks list rules.......................................................................................................190 isi networks list subnets..................................................................................................191 isi networks modify pool..................................................................................................192 isi networks modify rule...................................................................................................196 isi networks modify subnet..............................................................................................197 isi nfs clients list..............................................................................................................199 isi nfs clients remove.......................................................................................................200 isi nfs exports check........................................................................................................200 isi nfs exports create.......................................................................................................200 isi nfs exports delete.......................................................................................................205 isi nfs exports list.............................................................................................................205 isi nfs exports modify.......................................................................................................207
isi nfs flexprotect.............................................................................................................214 isi nfs locks list................................................................................................................214 isi nfs locks waiters..........................................................................................................215 isi perfstat........................................................................................................................215 isi pkg create...................................................................................................................216 isi pkg delete...................................................................................................................216 isi pkg info.......................................................................................................................216 isi pkg install....................................................................................................................217 isi quota create................................................................................................................218 isi quota delete................................................................................................................221 isi quota import................................................................................................................223 isi quota list.....................................................................................................................223 isi quota modify...............................................................................................................226 isi quota reporting make-on-demand..............................................................................231 isi quota reporting set......................................................................................................231 isi quota reporting show..................................................................................................232 isi quota reporting stop-reports.......................................................................................233 isi readonly off.................................................................................................................233 isi readonly on.................................................................................................................234 isi readonly show.............................................................................................................234 isi services......................................................................................................................235 isi set...............................................................................................................................236 isi smartlock....................................................................................................................240 isi smartpools process....................................................................................................240 isi smb config global list..................................................................................................241 isi smb config global modify............................................................................................244 isi smb config global revert..............................................................................................247 isi smb config share list...................................................................................................249 isi smb config share modify.............................................................................................251 isi smb config share revert..............................................................................................253 isi smb file close..............................................................................................................255 isi smb file list..................................................................................................................255 isi smb log-level...............................................................................................................256 isi smb permission create................................................................................................257 isi smb permission delete................................................................................................258 isi smb permission list.....................................................................................................259 isi smb permission modify ..............................................................................................260 isi smb session delete.....................................................................................................261 isi smb session list..........................................................................................................262 isi smb share create........................................................................................................262 isi smb share delete........................................................................................................263 isi smb share list..............................................................................................................263 isi smb share modify.......................................................................................................264 isi snapshot alias.............................................................................................................265
isi snapshot autocreate...................................................................................................265 isi snapshot autodelete...................................................................................................266 isi snapshot create..........................................................................................................266 isi snapshot delete..........................................................................................................267 isi snapshot disable.........................................................................................................268 isi snapshot enable.........................................................................................................268 isi snapshot list................................................................................................................269 isi snapshot lock create...................................................................................................269 isi snapshot lock delete...................................................................................................270 isi snapshot lock list........................................................................................................271 isi snapshot lock modify..................................................................................................271 isi snapshot modify..........................................................................................................272 isi snapshot rename........................................................................................................273 isi snapshot reserve........................................................................................................273 isi snapshot schedule create...........................................................................................274 isi snapshot schedule delete...........................................................................................276 isi snapshot schedule list................................................................................................276 isi snapshot schedule modify..........................................................................................277 isi snapshot schedule rename.........................................................................................279 isi snapshot schedule todo..............................................................................................279 isi snapshot settings list..................................................................................................280 isi snapshot settings set..................................................................................................281 isi snapshot usage..........................................................................................................282 isi snmp...........................................................................................................................283 isi snmp list......................................................................................................................284 isi statistics client.............................................................................................................284 isi statistics describe.......................................................................................................291 isi statistics drive.............................................................................................................292 isi statistics heat..............................................................................................................295 isi statistics history..........................................................................................................300 isi statistics list all............................................................................................................303 isi statistics list classes ...................................................................................................304 isi statistics list events.....................................................................................................304 isi statistics list nodes......................................................................................................305 isi statistics list nooutput..................................................................................................306 isi statistics list operations...............................................................................................307 isi statistics list orderby...................................................................................................307 isi statistics list output......................................................................................................308 isi statistics list protocols ................................................................................................309 isi statistics list stats........................................................................................................310 isi statistics list totalby.....................................................................................................310 isi statistics protocol........................................................................................................311 isi statistics pstat.............................................................................................................316 isi statistics query............................................................................................................318
isi statistics system..........................................................................................................320 isi status..........................................................................................................................321 isi sync bandwidth create................................................................................................323 isi sync bandwidth delete................................................................................................324 isi sync bandwidth disable...............................................................................................325 isi sync bandwidth enable...............................................................................................325 isi sync bandwidth list......................................................................................................325 isi sync bandwidth modify...............................................................................................327 isi sync config..................................................................................................................328 isi sync jobs list...............................................................................................................328 isi sync jobs pause..........................................................................................................329 isi sync jobs report..........................................................................................................330 isi sync jobs resume........................................................................................................330 isi sync jobs stop.............................................................................................................331 isi sync pause..................................................................................................................331 isi sync policy assess......................................................................................................331 isi sync policy create.......................................................................................................332 isi sync policy delete.......................................................................................................337 isi sync policy disable......................................................................................................338 isi sync policy enable......................................................................................................338 isi sync policy list.............................................................................................................339 isi sync policy modify.......................................................................................................340 isi sync policy pause.......................................................................................................346 isi sync policy report........................................................................................................346 isi sync policy reset.........................................................................................................348 isi sync policy resolve......................................................................................................349 isi sync policy resume.....................................................................................................349 isi sync policy run............................................................................................................349 isi sync policy stop..........................................................................................................350 isi sync reports config.....................................................................................................350 isi sync reports policyconf...............................................................................................351 isi sync reports rebuild....................................................................................................351 isi sync reports rotate......................................................................................................352 isi sync resume...............................................................................................................352 isi sync start....................................................................................................................352 isi sync stop.....................................................................................................................353 isi sync target break........................................................................................................353 isi sync target cancel.......................................................................................................354 isi sync target list.............................................................................................................354 isi sync throttle create.....................................................................................................355 isi sync throttle delete......................................................................................................356 isi sync throttle disable....................................................................................................356 isi sync throttle enable.....................................................................................................357 isi sync throttle list...........................................................................................................357
isi sync throttle modify.....................................................................................................358 isi sync upgrade..............................................................................................................360 isi tape delete..................................................................................................................360 isi tape list.......................................................................................................................360 isi tape rename................................................................................................................361 isi tape rescan.................................................................................................................362 isi target create................................................................................................................362 isi target delete................................................................................................................364 isi target list.....................................................................................................................364 isi target modify...............................................................................................................365 isi update.........................................................................................................................366 isi version........................................................................................................................368 isi worm create................................................................................................................369 isi worm filedelete............................................................................................................370 isi worm info....................................................................................................................370 isi worm list......................................................................................................................371 isi worm modify...............................................................................................................372
OneFS Command Reference

The OneFS command-line interface extends the standard UNIX command set to include additional commands that enable you to manage an Isilon cluster outside of the web administration interface or LCD panel. You can access the command-line interface by opening a secure shell (SSH) connection to any node in the cluster. This command reference provides an alphabetical list of isi commands that you can run in order to congure, monitor, and manage an Isilon IQ clustered storage system and the individual nodes in a cluster. A brief description, usage information, and examples are provided for each command. The reference includes a syntax diagram for each command, using the following conventions: Symbol Description Text that is not enclosed in square brackets [ ], angle brackets < >, or braces { } must be typed as shown. [] <> {} | -- or ... Square brackets indicate an optional element. Angle brackets indicate a placeholder for a value you must supply. Braces indicate a group of mutually exclusive elements that are delimited by vertical-bar (|) symbols. A vertical bar indicates you can select only one of the options shown. A single or double hyphen indicates an option. Options dene the specic action of a command or modify the operation of a command. Many commands support multiple options. An ellipsis indicates that the preceding option or value can be repeated one or more times.
In the section detailing the possible parameters of each command, all required parameters are labeled "required." All unlabeled parameters are assumed to be optional. You can view a basic description of any command and its available options by typing its name followed by the -h option at the command line: <CommandName> -h To view more detailed information at the command line, refer to the isi man page: man isi[<CommandName>]
2011 Isilon Systems, LLC.
11
isi alerts
The isi alerts command is an alias of the isi events command. For information about a particular sub-command, see the equivalent isi events sub-command reference topic.
isi auth ads accounts list

The isi auth ads accounts list command displays a list of Active Directory machine accounts that are available to the cluster. Syntax isi auth ads accounts list [--domain=<DNSDomain>] Options --domain=<DNSDomain>, -D<DNSDomain> Species the Active Directory domain name. Examples To view a list of all Active Directory machine accounts available to the cluster, run the following command: isi auth ads accounts list The system displays output similar to the following example: Machine Account Domain Name: Domain Dns Name: Domain Sid: Hostname: Machine Account: Host Dns Domain: Salting Principal: Key Version Number: Last Change Time: SAMPLE SAMPLE.TEST.ISILON.COM S-1-5-21-1195855716-1269722693-1240286574 TECH TECH$ sample.test.isilon.com host/tech.SAMPLE.TEST.ISILON.COM@SAMPLE.TEST.ISILON.COM 6 1298652773
isi auth ads cache flush

The isi auth ads cache flush command ushes cached information for Active Directory (AD) users and groups on the current node. Flushing the cache forces the cluster to begin using updated information sooner, and might be useful if user information on the AD server has recently changed. Syntax isi auth ads cache flush {--user=<string> | --group=<string> | --uid=<UID> | --gid=<GID> | --all} Options You must specify exactly one type of information to be ushed.
12
Specify the type of information to be ushed using one of the following options: --user --group --uid --gid --all
--user=<String>, -U=<String> Flushes cached information for the specied user. --group=<String>, -G=<String> Flushes cached information for the specied group. --uid=<UID>, -u<UID> Flushes cached information on the user with the specied user ID (UID). --gid=<GID>, -g<GID> Flushes cached information on the group with the specied group ID (GID). --all Flushes cached information on all users and groups. Examples The following command ushes all information about a user with a UID of 10000: isi auth ads cache flush --uid=10000 The following command ushes all information about a group with a GID of 10010: isi auth ads cache flush --gid=10010
isi auth ads dc

The isi auth ads dc command displays or sets the domain controller for the specied domain, or resets the secure channel to the primary domain. Syntax isi auth ads dc [--domain=<DNSDomain>] [--set-dc=<DNSDomain>] [--reset-schannel] [--site=<string>] [--force] [--verbose] [--list] Options If no options are specied, displays the current domain controller for the domain. --domain=<DNSDomain>, -D<DNSDomain> Species a domain. --set-dc=<DNSDomain> Sets the domain controller afnity to the specied domain controller. --reset-schannel Resets the secure channel to the primary domain. --site=<string> Searches for a domain controller in a specic site. --force
13
Forces a DNS query for a domain controller. --verbose, -v Displays information about the domain controller. --list, -l Lists all domain controllers for this domain. Examples To view the Active Directory domain controller with which the node communicates, run the following command: isi auth ads dc If available, the system displays the name of the current domain controller, as shown in the following example output: Current Domain Controller = dc4.sample.test.isilon.com The following command sets the Active Directory domain controller with which a node communicates to dc5.sample.test.isilon: isi auth ads dc --set-dc=dc5.sample.test.isilon.com
isi auth ads groups list

The isi auth ads groups list command lists groups in the current Active Directory domain. Syntax isi auth ads groups list [--domain=<DNSDomain>] [{--name=<string>|--gid=<GID>|--sid=<SID>}] [--verbose] Options If no options are specied, all group names are displayed. --domain=<DNSDomain>, -D=<DNSdomain> Species the domain name for the user or group that is authorized to connect to the cluster. This option requires an Active Directory fully qualied domain name (for example, test.isilon.com). --name=<QuptedString>, -n=<QuotedString> Lists only the specied group. --gid=<GID>, -g<GID> Lists only the group with the specied group identier (GID). --sid=<SID>, -S=<SID> Lists only the group with the specied security identier (SID). --verbose Displays additional information on groups, including SIDs, GIDs, and Members. Examples The following command displays information on a group with a GID of 1000001: isi auth ads groups list --gid=1000001 --verbose
14
The system displays output similar to the following example: Name: Gid: Sid: Members: TEST\testgroup_001 1000001 S-1-5-11-1125855316-1269122633-1940282374-42517 TEST\testuser_1, TEST\testuser_2, TEST\testadmin_1, TEST\testadmin_2
The following command displays information on a group named TEST\testgroup_002 isi auth ads groups list --name="TEST\testgroup_002" --verbose The system displays output similar to the following example: Name: TEST\testgroup_002 Gid: 1000005 Sid: S-1-5-11-5378055316-1284039633-1940172574-13517 Members: TEST\testuser_10, TEST\testuser_11, TEST\testadmin_12, TEST\testadmin_13
isi auth ads join

The isi auth ads join command joins the cluster to an Active Directory (AD) domain. If this command is run while already joined to an AD domain, the cluster will be rejoined. The cluster can be joined to a single AD domain at a time. This command is not atomic and a failure could result in losing existing domain connectivity. Syntax isi auth ads join --domain=<DNSDomain> --user=<string> --password=<Password> [--ou=<OrganizationalUnit>] [--server-string=<string>] [--keep-accounts] [--kerberos-nfs-spn] Options --domain=<DNSDomain>, -D<DNSDomain> Required. Species the domain name for the user or group that is attempting to connect to the cluster. --user=<string>, -U<string> Required. Species an administrative user account to connect to the cluster, if required. --password=<Password>, -P<Password> Required. Species the administrative user account password. --ou=<OrganizationalUnit>, -o<OrganizationalUnit> Species where the machine account object for the cluster is created in the AD. If not specied, the account object is created in a container called "Computers." --server-string=<string>, -C<string> Provides the comment eld for this server. --keep-accounts, -k Species to not delete the existing machine accounts for joining. You must specify this if you are not allowed to create new accounts but someone else has created them for you. --kerberos-nfs-spn, -K Adds server principal names for using Kerberized NFS.
15
OneFS Command Reference Examples The following command joins the cluster to the Active Directory domain 'dc1.isilon.com' using the 'admin' account with password 'pass': isi auth ads join --domain=dc1.isilon.com -U=admin -P=pass The system displays the following message upon successful completion: *SUCCESS: Cluster account is joined to the domain.
isi auth ads leave

The isi auth ads leave disconnects the cluster from an Active Directory domain.
! Caution: Disconnecting a cluster from an AD domain will disrupt service for any users who are accessing or
intending to access that domain. Syntax isi auth ads leave --force [--workgroup=<string>] Options --force, -f Required. Forces the command to complete without producing conrmation messages. --workgroup=<string> Species the workgroup. If this option is omitted, 'WORKGROUP' is used as the workgroup name by default. Examples To leave the current Active Directory domain, run the following command: isi auth ads leave --force Note: In this example, because the --workgroup option is omitted, the following message displays: No workgroup specified, assuming 'WORKGROUP' To verify the cluster is no longer joined to the Active Directory domain, run the isi auth ads status command.
isi auth ads search

The isi auth ads search command uses Lightweight Directory Access Protocol (LDAP) search lters to query and display information about Active Directory (AD) domains. This command can be useful for troubleshooting or verifying domain behavior. Syntax isi auth ads search --filter=<string> [--domain=<DNSDomain>] [--machinecreds] [--user=<string> [--password=<Password>]] [--attributes=<string>] [--count] [--offset=<number>]
16
OneFS Command Reference Options --lter=<string>, -f<string> Species the LDAP search lter. --domain=<DNSDomain>, -D<DNSDomain> Species the domain name for the user or group that is attempting to connect to the cluster. --machinecreds Directs the system to use machine credentials in order to connect to the cluster. --user=<string>, -U<string> Species an administrative user account to connect to the cluster, if required. --password=<Password>, -P<Password> Species the administrative user account password. --attributes=<string>, -l<string> Sets the LDAP attribute list. --count, -c Returns just a count of the attributes. --offset=<Number>, -o<Number> Starts results at the specied offset. Examples The following command displays information about a user whose name was "user1" prior to Windows 2000: isi auth ads search -filter=(sAMAccountName=user1) The system displays output similar to the following example: [Entry 1] distinguishedName = 'CN=User One,CN=Users,DC=test,DC=com' pwdLastSet = '128091346009531250' primaryGroupID = '513' cn = 'User One' countryCode = '0' objectCategory = 'CN=Person,CN=Schema,CN=Configuration,DC=test,DC=com' objectClass = 'top','person','organizationalPerson','user' codePage = '0' userAccountControl = '66048' objectGUID = 'cbe6506f-5b65-4477-90d1-1596a34f8a6' sAMAccountName = 'user1' whenChanged = '20110126225529.0Z' sAMAccountType = '805306368' objectSid = 'S-1-5-21-1195855716-1269722693-1240286574-7785' whenCreated = '20061127205640.0Z' uSNCreated = '17095' accountExpires = '9223372036854775807' uSNChanged = '17095' givenName = 'User One' instanceType = '4' name = 'user1' The following command displays information about all groups on the server: isi auth ads search filter=(objectClass=group) Note: Output for this command might be very large.
17
The following command displays information about all users created after January 1, 2011: isi auth ads search --filter='(&(objectClass=user)(whenCreated>=20110101000000.0Z))' Note: Output for this command might be very large.
isi auth ads spn check

The isi auth ads spn check command checks valid Service Principal Names (SPN). Syntax isi auth ads spn check [--domain=<DNSDomain>] [--machinecreds] [--user=<string> [--password=<Password>]] [--repair] Options --domain=<DNSDomain>, -D<DNSDomain> Species the domain name for the user or group that is attempting to connect to the cluster. --machinecreds Directs the system to use machine credentials in order to connect to the cluster. --user=<string>, -U<string> Species an administrative user account to connect to the cluster, if required. --password=<Password>, -P<Password> Species the administrative user account password. --repair, -r Repairs any missing SPNs. Examples To check if there are any SPNs currently missing, run the following command: isi auth ads spn check The system displays output similar to the following example: Missing Service Principal Names: HOST/test-1 The following command logs onto the newUser account and repairs missing SPNs: isi auth ads spn check --repair --user=newUser --password=1234 If successful, the system displays output similar to the following example: Successfully added missing SPNs If unsuccessful, the system displays output similar to the following example: LdapError: Failed to modify attribute [19]
18
isi auth ads spn create

The isi auth ads spn create command adds a Service Principal Name (SPN) for a machine account. Note: SPNs must be propagated to all domain controllers before clients can use them.
Syntax isi auth ads spn create --spn=<SPN> [--domain=<DNSDomain>] [--account=<MachineAccount>] [--node=<Number>] [--host=<DNSDomain>] [--machinecreds] [--user=<string> [--password=<Password>]] Options --spn=<SPN>, -s<SPN> Required. Species the SPN for the user or group to register. --domain=<DNSDomain>, -D<DNSDomain> Species the domain name for the user or group that is attempting to connect to the cluster. --account=<MachineAccount>, -a<MachineAccount> Species the address of the machine account. If no account is specied, the machine account of the cluster is used. --node=<Number>, -n<Number> Species the specic node number. If you use this option, the user or group will attempt to register two SPNs: one in the form host/node, and another in the form host/node.example.com. --host=<DNSDomain>, -h<DNSDomain> Species a SmartConnect host name. If you use this option, the user or group will attempt to register the SPN host/hostname. --machinecreds Directs the system to use machine credentials in order to connect to the cluster. --user=<string>, -U<string> Species an adminstrative user account to connect to the cluster, if required. --password=<Password>, -P<Password> Species the administrative user account password. Examples The following command creates an SPN for the "isi-auth-sample.isilon.com" SmartConnect pool: isi auth ads spn create --spn=cifs/isi-auth-sample.isilon.com --user=Administrator
19
isi auth ads spn delete

The isi auth ads spn delete command deletes a Service Principal Name (SPN) that is registered against a machine account. Syntax isi auth ads spn delete --spn=<SPN> [--domain=<DNSDomain>] [--account=<MachineAccount>] [--node=<Number>] [--host=<DNSDomain>] [--machinecreds] [--user=<string> [--password=<Password>]] Options --spn=<SPN>, -s<SPN> Required. Species the SPN. --domain=<DNSDomain>, -D<DNSDomain> Species the domain name for the Active Directory user or group that is attempting to connect to the cluster. --account=<MachineAccount>, -a<MachineAccount> Species the address of the machine account to delete. --node=<Number>, -n<Number> Species the specic node number. --host=<DNSDomain>, -h<DNSDomain> Species a SmartConnect host name. --machinecreds Directs the system to use machine credentials in order to connect to the cluster. --user=<string>, -U<string> Species an adminstrative user account to connect to the cluster, if required. --password=<Password>, -P<Password> Species the administrative user account password. Examples The following command deletes an SPN for the "isi-auth-sample.west.isilon.com" SmartConnect zone: isi auth ads spn delete --spn=cifs/isi-auth-sample.west.isilon.com Note: If required, the system displays a prompt for an administrative user name and password. If the command if successful, the system displays output similar to the following example: Successfully deleted SPN(s).
20
isi auth ads spn list

The isi auth ads spn list command displays a list of Service Principal Names (SPN) that are registered against a machine account. Syntax isi auth ads spn list [--domain=<DNSDomain>] [--account=<MachineAccount>] [--machinecreds] [--user=<string> [--password=<Password>]] Options If no options are specied, the system displays a list of SPNs that are currently registered against the machine account. --domain=<DNSDomain>, -D<DNSDomain> Species the domain name for the Active Directory user or group that is attempting to connect to the cluster. --account=<MachineAccount>, -a<MachineAccount> Species the address of the machine account. --machinecreds Directs the system to use machine credentials in order to connect to the cluster. --user=<string>, -U<string> Species the required user name to connect to the cluster. --password=<Password>, -P<Password> Species the user account password. Examples To view a list of SPNs that are currently registered against the machine account, run the following command: isi auth ads spn list The system displays output similar to the following example: HOST/isi-auth HOST/isi-auth.sample.isilon.com
isi auth ads status

The isi auth ads status command displays whether a cluster is joined to an Active Directory domain. If joined, the system displays information about the joined domain and the machine account. The machine account typically uses the cluster name. Syntax isi auth ads status [--verbose] [--domains] [--refresh] Options If no options are specied, information about the joined domain and the machine account is displayed. --verbose, -v Display includes information about all reachable domains.
21
--domains, -d Displays a list of domains and their status. --refresh, -r Refreshes any cached information. Examples To determine whether the cluster is joined to an Active Directory domain, run the following command: isi auth ads status If the cluster is joined to an Active Directory domain, the system displays output similar to the following example: Active Directory Services Status: Mode: unprovisioned Status: online Primary Domain: SAMPLE.ISILON.COM Forest: sample.isilon.com Site: SiteC NetBIOS Domain: SAMPLE Domain Controller: sample-dc11.sample.isilon.com Machine Account: CLUSTER-ONE If the cluster is not joined to a domain, the system displays the following output: The cluster is not joined to a domain.
isi auth ads time

The isi auth ads time command displays or sets the time on a domain controller, or synchronizes the cluster's time with an Active Directory domain. Syntax isi auth ads time [--domain=<DNSDomain>] [--sync [--force]] Options If no options are specied, the system displays the current time according to the domain cluster. --domain=<DNS-Domain> Species the Active Directory domain to query. If this option is not specied, the current Active Directory domain is used --sync Synchronizes the cluster time to the domain controller. If the difference between the cluster time and the domain controller time is less than 30 seconds, you must also use the --force option. --force, -f Forces command execution without displaying warnings. Examples To view the current time according to the domain controller, run the following command: isi auth ads time
22
The system displays output similar to the following example: Thu Feb 24 12:07:02 2011 To synchronize the time across the cluster with the time on the current domain controller, run the following command: isi auth ads time --sync The system displays output similar to the following example: Successfully synced cluster time with the dc.
isi auth ads users list

The isi auth ads users list command displays lists of users on Active Directory domains. Syntax isi auth ads users list [--domain=<DNS-Domain>] [{--name=<QuotedString>|--uid=<UID>|--sid=<SID>}] [--verbose] Options If no options are specied, all users on the current Active Directory domain are displayed. --domain=<DNS-Domain>, -D=<DNSdomain> Species the domain name for the user or group that is authorized to connect to the cluster. This option requires an Active Directory fully qualied domain name (for example, test.isilon.com). If this option is not specied, the current Active Directory domain is used. --name=<QuotedString>, -n=<QuotedString> Lists only the specied user. --uid=<UID>, -u=<UID> Lists only the user that is associated with the specied UID. --sid=<SID>, -S=<SID> Lists only the user that is associated with the specied SID. --verbose Displays additional information on groups, including UIDs, GIDs, SIDs, Shells, Homes, and Groups. Examples The following command displays information on a user with a UID of 1000002: isi auth ads users list --uid=1000002 -v The system displays output similar to the following example: User: TEST\testuser_1 Uid: 1000002 Gid: 1000001(testgroup_001) Sid: S-1-5-31-4825832716-1239506693-1227495274-77602 Shell: /bin/sh Home: /ifs/home/TEST/testuser_1 Groups: 1000001(TEST\testgroup_001) Flags: Password Never Expires
23
The following command displays information on a user called TEST\newTestUser: isi auth ads users list --uid=1000002 -v The system displays output similar to the following example: User: Uid: Gid: Sid: Shell: Home: Groups: TEST\newTestUser 1000010 1000005(TEST\testgroup_002) S-1-5-31-1037589374-3720957693-1625495264-73720 /bin/sh /ifs/home/TEST/newTestUser 1000005(TEST\testgroup_002)
isi auth config krb5 add realm

The isi auth config krb5 add realm command adds a realm denition to the Kerberos conguration le. Syntax isi auth config krb5 --realm=<DNSDomain> [--default-domain=<DNSDomain>] [--kdc=<string>] [--admin-server=<string>] [--auth-to-local=<string>] [--is-active-directory=<boolean>] [--is-default-realm=<boolean>] Options --realm=<DNSDomain> Required. Species the DNS domain of the realm to add. --default-domain=<DNSDomain> Species the default domain. The default domain is 'none'. --kdc=<string> Species the Key Distribution Center (KDC) hostname or IP address. --admin-server=<string> Species the admin server hostname or IP address. The default server is 'none'. --auth-to-local=<string> Species the auth-to-local mapping rule. --is-active-directory=<boolean> Indicates whether the realm is an Active Directory domain. The default setting is False. --is-default-realm=<boolean> Indicates whether the realm is the default realm. Examples The following command adds the SAMPLE.TEST.ISILON.COM realm as an active-directory realm in the Kerberos conguration le: isi auth config krb5 add realm --realm=SAMPLE.TEST.ISILON.COM --is-active-directory=true
24
isi auth config krb5 delete default

The isi auth config krb5 delete default command deletes settings from the 'defaults' section of the Kerberos conguration le. Syntax isi auth config krb5 delete default {--default-keytab-name |--default-realm | --default-tgs-enctypes | --default-tkt-enctypes |--permitted-enctypes | --preferred-enctypes} Options You must specify at least one setting to be deleted. Specify one or more settings to be deleted using the following options: --default-keytab-name --default-realm --default-tgs-enctypes --default-tkt-enctypes --permitted-enctypes --preferred-enctypes
--default-keytab-name Deletes the default keytab le. --default-realm Deletes the default realm. --default-tgs-enctypes Deletes the default tgs enctypes. --default-tkt-enctypes Deletes the default tkt enctypes. --permitted-enctypes Deletes permitted enctypes. --preferred-enctypes Deletes preferred enctypes. Examples To delete the preferred enctypes from the 'defaults' section of the Kerberos conguration le, run the following command: isi auth config krb5 delete default --preferred-enctypes
25
isi auth config krb5 delete domain

The isi auth config krb5 delete domain command deletes a domain-to-realm mapping from the 'domain_realm' section of the Kerberos conguration le. Syntax isi auth config krb5 delete domain --domain=<string> Options --domain=<string> Required. Species the domain associated with the realm. Examples The following command deletes the mapping for the domain sample.test.isilon.com: isi auth config krb5 delete domain sample.test.isilon.com
isi auth config krb5 delete realm

The isi auth config krb5 delete realm command deletes either the entire realm or individual settings from 'realms' section of the Kerberos conguration le. Syntax isi auth config krb5 delete realm --realm=<DNSDomain> [--all] [--default-domain] [--all-kdc] [--kdc=<String>] [--admin-server] [--auth-to-local=<String>] [--all-auth-to-local] Options --realm=<DNSDomain> Required. Species the name of the realm. --all Deletes the realm. --default-domain Deletes the default domain. --all-kdc Deletes all KDC denitions. --kdc=<String> Deletes the specied KDC hostname or IP address. --admin-server Deletes admin server hostname or IP address. --auth-to-local=<String> Deletes the specied auth-to-local mapping rule. --all-auth-to-local Deletes all auth-to-local denitions.
26
OneFS Command Reference Examples The following command removes the default domain from the SAMPLE.TEST.ISILON.COM realm: isi auth config krb5 delete realm --realm=SAMPLE.TEST.ISILON.COM --default-domain The following command removes the SAMPLE.TEST.ISILON.COM realm entirely: isi auth config krb5 delete realm --realm=SAMPLE.TEST.ISILON.COM --all
isi auth config krb5 list

The isi auth config krb5 list command displays the parameters in the Kerberos conguration le. Syntax isi auth config krb5 list [--section=<string>] [--tree] Options --section=<string> Species the prex of the settings that are displayed. --tree Displays the output in tree format. Examples To view settings in the defaults section of the Kerberos conguration le, run the following command: isi auth config krb5 list --section=krb5cfg.defaults The system displays output similar to the following example: krb5cfg.defaults.always_send_preauth=True krb5cfg.defaults.default_realm=SAMPLE.TEST.ISILON.COM krb5cfg.defaults.default_tkt_enctypes= krb5cfg.defaults.dns_lookup_realm=True krb5cfg.defaults.default_keytab_name= krb5cfg.defaults.permitted_enctypes= krb5cfg.defaults.dns_lookup_kdc=True krb5cfg.defaults.preferred_enctypes= krb5cfg.defaults.default_tgs_enctypes= To view the Kerberos conguration settings in a tree format, run the following command: isi auth config krb5 list --tree The system displays output similar to the following example: {'appdefaults': {}, 'defaults': {'always_send_preauth': True, 'default_keytab_name': '', 'default_realm': 'SAMPLE.TEST.ISILON.COM', 'default_tgs_enctypes': '', 'default_tkt_enctypes': '', 'dns_lookup_kdc': True, 'dns_lookup_realm': True, 'permitted_enctypes': '', 'preferred_enctypes': ''},
27
'domain_realm': {}, 'realms': {}}
isi auth config krb5 modify default

The isi auth config krb5 modify default command sets parameters in the 'defaults' section of the Kerberos conguration le. Settings specied by this command apply to all domains unless overridden. Syntax isi | | | | auth config krb5 {--always-send-preauth=<boolean> --dns-lookup-kdc=<boolean> | --dns-lookup-realm=<boolean> --default-realm=<DNSDomain> | --default-keytab-name=<string> --permitted-enctypes=<string> | --default-tkt-enctypes=<string> --default-tgs-enctypes=<string> | --preferred-enctypes=<string>}...
Options You must set at least one parameter in the 'defaults' section of the Kerberos conguration le. Set one or more parameters in the 'defaults' section of the Kerberos conguration le using the following options: --always-send-preauth --dns-lookup-kdc --dns-lookup-realm --default-realm --default-keytab-name --permitted-enctypes --default-tkt-enctypes --default-tgs-enctypes --preferred-enctypes
--always-send-preauth=<boolean> Species whether the preauth ag is required. --dns-lookup-kdc=<boolean> Species DNS lookup Key Distribution Center (KDC). --dns-lookup-realm=<boolean> Species DNS lookup realm. --default-realm=<DNSDomain> Species the default realm. --default-keytab-name=<string> Species the default keytab le. --permitted-enctypes=<string> Species the permitted encryption types (enctypes). Note: This option species the complete list of permitted enctypes; it does not add to the existing list. --default-tkt-enctypes=<string> Species the default tkt enctypes.
28
Note: This option species the complete list of default tkt enctypes, it does not add to the existing list. --default-tgs-enctypes=<string> Species the default tgs enctypes. Note: This option species the complete list of default tgs enctypes, it does not add to the existing list. --preferred-enctypes=<string> Species preferred enctypes. Note: This option species the complete list of preferred enctypes, it does not add to the existing list. Examples To change the list of permitted enctypes to RC4-HMAC DES-CBC-MD5 DES-CBC-CRC, run the following command: isi auth config krb5 modify default --permitted-enctypes="RC4-HMAC DES-CBC-MD5 DES-CBC-CRC"
isi auth config krb5 modify domain

The isi auth config krb5 modify domain command sets domain-to-realm mappings in the 'domain_realm' section of the Kerberos conguration le. Syntax isi auth config krb5 modify domain --domain=<string> --realm=<DNSDomain> Options --domain=<string> Required. Species the domain to associate with the realm. --realm=<DNSDomain> Required. Species the realm to associate with the domain. Examples The following command links a domain and realm together: isi auth config krb5 modify domain --domain=domain.name.com --realm=DOMAIN.NAME.COM
29
isi auth config krb5 modify realm

The isi auth config krb5 modify realm command sets parameters in the 'realms' section of the Kerberos conguration le. Syntax isi auth config krb5 modify realm --realm=<DNSDomain> [--default-domain=<DNSDomain>] [--kdc=<string>] [--admin-server=<string>] [--auth-to-local=<string>] [--is-active-directory=<boolean>] [--is-default-realm=<boolean>] Options --realm=<DNSDomain> Required. Species which realm's parameters are being changed. --default-domain=<DNSDomain> Sets the default domain for users who do not specify a domain. --kdc=<string> Species Key Distribution Center (KDC) hostname or IP. --admin-server=<string> Species admin server hostname or IP address. --auth-to-local=<string> Species auth to local mapping rule. --is-active-directory=<boolean> Indicates whether the realm is active-directory. --is-default-realm=<boolean> Indicate whether this realm is the default realm. Examples The following command switches the SAMPLE.TEST.ISILON.COM realm to an active-directory realm in the Kerberos conguration le: isi auth config krb5 add realm --realm=SAMPLE.TEST.ISILON.COM --is-active-directory=true
isi auth config krb5 write

The isi auth config krb5 write command writes the Kerberos conguration le to disk. Syntax isi auth config krb5 write [--path=<Path>] Options --path=<Path>, -p<Path> Species the le path to save the conguration le to. If this option is omitted, the conguration le is written to the /etc/krb5.conf le by default.
30
OneFS Command Reference Examples The following command writes the Kerberos conguration to the /example path: isi auth config krb5 write --path=/example.
isi auth config ldap list

The isi auth config ldap list command lists current Lightweight Directory Access Protocol (LDAP) attribute conguration settings. Syntax isi auth config ldap list [--detailed] [--ldap-cn] [--ldap-cryptpasswd] [--ldap-email] [--ldap-gecos] [--ldap-gidnumber] [--ldap-group-filter] [--ldap-homedirectory] [--ldap-loginshell] [--ldap-member-nis-netgroup] [--ldap-memberUid] [--ldap-netgroup-filter] [--ldap-nis-netgroup-triple] [--ldap-ntpasswdhash] [--ldap-shadow-user-filter] [--ldap-shadowexpire] [--ldap-shadowflag] [--ldap-shadowinactive] [--ldap-shadowlastchange] [--ldap-shadowmax] [--ldap-shadowmin] [--ldap-shadowwarning] [--ldap-uid] [--ldap-uidnumber] [--ldap-uniquemember] [--ldap-user-filter] [--param=<string>] [--verbose] Options If no options are specied, all current attribute settings are displayed in the default format. --detailed, -d Displays detailed information about conguration settings. --ldap-cn Displays information on the LDAP cn attribute. --ldap-cryptpasswd Displays information on the LDAP cryptPasswd attribute. --ldap-email Displays information on the LDAP email attribute. --ldap-gecos Displays information on the LDAP gecos attribute. --ldap-gidnumber Displays information on the LDAP gidNumber attribute. --ldap-group-lter Displays information on the LDAP lter for group objects. --ldap-homedirectory Displays information on the LDAP homeDirectory attribute. --ldap-loginshell Displays information on the LDAP loginShell attribute. --ldap-member-nis-netgroup Displays information on the LDAP member Network Information Service (NIS) netgroup. --ldap-memberUid Displays information on the LDAP memberUid attribute. --ldap-netgroup-lter
31
Displays information on the LDAP lter for netgroups objects. --ldap-nis-netgroup-triple Displays information on the LDAP NIS netgroup triple. --ldap-ntpasswdhash Displays information on the LDAP ntPasswdHash attribute. --ldap-shadow-user-lter Displays information on the LDAP lter for shadow user properties. --ldap-shadowexpire Displays information on the LDAP shadowExpire attribute. --ldap-shadowag Displays information on the LDAP shadowFlag attribute. --ldap-shadowinactive Displays information on the LDAP shadowInactive attribute. --ldap-shadowlastchange Displays information on the LDAP shadowLastChange attribute. --ldap-shadowmax Displays information on the LDAP shadowMax attribute. --ldap-shadowmin Displays information on the LDAP shadowMin attribute. --ldap-shadowwarning Displays information on the LDAP shadowWarning attribute. --ldap-uid Displays information on the LDAP uid attribute. --ldap-uidnumber Displays information on the LDAP uidNumber attribute. --ldap-uniquemember Displays information on the LDAP uniqueMember attribute. --ldap-user-lter Displays information on the LDAP lter for user objects. --param=<string>, -p<string> Displays information on the specied parameters. --verbose, -v Displays verbose output. Examples To view the LDAP gidNumber attribute, run the following command: isi auth config ldap list --ldap-gidnumber The command will display output in a form similar to the following output: Authentication Options Option name Value ------------------------------ --------------------------------------------ldap-gidnumber gidNumber
32
To view the LDAP gidNumber attribute, run the following command: isi auth config ldap list --ldap-gidnumber --verbose The system displays output similar to the following example: LDAP Attribute Options ldap-gidnumber = gidNumber (Default = gidNumber)
To view the LDAP gidNumber attribute, run the following command: isi auth config ldap list --ldap-gidnumber --detailed The system displays output similar to the following example: ldap-gidnumber ---------------------------------------------------------------------------Class: LDAP Attribute Options Description: LDAP gidNumber attribute Current Value: gidNumber Default: gidNumber
isi auth config ldap modify

The isi auth config ldap modify command congures Lightweight Directory Access Protocol (LDAP) attributes for non-standard directories. Syntax isi auth config ldap modify {--ldap-cn=<string>|--ldap-email=<string> |--ldap-cryptpasswd=<string>|--ldap-gecos=<string> |--ldap-gidnumber=<string>|--ldap-group-filter=<string> |--ldap-homedirectory=<string>|--ldap-loginshell=<string> |--ldap-member-nis-netgroup=<string>|--ldap-memberUid=<string> |--ldap-netgroup-filter=<string>|--ldap-nis-netgroup-triple=<string> |--ldap-ntpasswdhash=<string>|--ldap-shadowexpire=<string> |--ldap-shadowflag=<string>|--ldap-shadowinactive=<string> |--ldap-shadowlastchange=<string>|--ldap-shadowmax=<string> |--ldap-shadowmin=<string>|--ldap-shadow-user-filter=<string> |--ldap-shadowwarning=<string>|--ldap-uid=<string> |--ldap-uidnumber=<string>|--ldap-uniquemember=<string> |--ldap-user-filter=<string>|--param=<string> --value=<string>}... [--verbose] Options You must specify at least one LDAP attribute to be congured. Specify one or more LDAP attributes using the following options: --ldap-cn --ldap-cryptpasswd --ldap-email --ldap-gecos --ldap-gidnumber --ldap-group-lter --ldap-homedirectory --ldap-loginshel
33
--ldap-member-nis-netgroup --ldap-memberUid --ldap-netgroup-lter --ldap-nis-netgroup-triple --ldap-ntpasswdhash --ldap-shadowexpire --ldap-shadowag --ldap-shadowinactive --ldap-shadowlastchange --ldap-shadowmax --ldap-shadowmin --ldap-shadow-user-lter --ldap-shadowwarning --ldap-uid--ldap-uidnumber --ldap-uniquemember --ldap-user-lter --param and --value (must be specied together)
--ldap-cn=<string> Species new LDAP cn attribute. --ldap-cryptpasswd=<string> Species new LDAP cryptPasswd attribute. --ldap-email=<string> Species new LDAP email attribute. --ldap-gecos=<string> Species new LDAP gecos attribute. --ldap-gidnumber=<string> Species new LDAP gidNumber attribute. --ldap-group-lter=<string> Species new LDAP lter for group objects. --ldap-homedirectory=<string> Species new LDAP homeDirectory attribute. --ldap-loginshell=<string> Species new LDAP loginShell attribute. --ldap-member-nis-netgroup=<string> Species new LDAP Member NIS netgroup. --ldap-memberUid=<string> Species new LDAP memberUid attribute. --ldap-netgroup-lter=<string> Species new LDAP lter for netgroups objects. --ldap-nis-netgroup-triple=<string> Species new LDAP NIS netgroup triple. --ldap-ntpasswdhash=<string> Species new LDAP ntPasswdHash attribute. Note: --ldap-shadow attributes specify references to settings that were historically stored in the shadow password le /etc/shadow in UNIX systems.
34
--ldap-shadowexpire=<string> Species new LDAP shadowExpire attribute. --ldap-shadowag=<string> Species new LDAP shadowFlag attribute. --ldap-shadowinactive=<string> Species new LDAP shadowInactive attribute. --ldap-shadowlastchange=<string> Species new LDAP shadowLastChange attribute. --ldap-shadowmax=<string> Species new LDAP shadowMax attribute. --ldap-shadowmin=<string> Species new LDAP shadowMin attribute. --ldap-shadow-user-lter=<string> Species new LDAP lter for shadow user properties. --ldap-shadowwarning=<string> Species new LDAP shadowmin attribute. --ldap-uid=<string> Species new LDAP uid attribute. --ldap-uidnumber=<string> Species new LDAP uidNumber attribute. --ldap-uniquemember=<string> Species new LDAP uniqueMember attribute. --ldap-user-lter=<string> Species new LDAP lter for user objects. --param=<string>, -p<string> Species a Parameter to modify. --value=<string>, -v<string> Sets the parameter specied by the --value option to the given value. --verbose Displays verbose information. The default values for these settings are dependant on the value of isi auth config modify --ldap-attribute-map=<AttributeMap>. The following table displays the default values for these parameters according to their respective maps: Table 1. Default Attribute Value Maps Attribute Map ldap-cn ldap-cryptpasswd ldap-email ldap-gecos ldap-gidnumber email gecos gidNumber rfc2307 ad cn msSFU30Password email msSFU30Gecos msSFU30GidNumber email gecos gidNumber ldapsam cn
35
Attribute Map ldap-group-lter ldap-homedirectory ldap-loginshell
rfc2307
ad
ldapsam (objectClass=posixGroup)
(objectClass=posixGroup) (objectClass=Group) homeDirectory loginShell
msSFU30HomeDirectory homeDirectory msSFU30LoginShell loginShell memberNisNetgroup msSFU30MemberUid memberUid (objectClass=nisNetgroup) nisNetgroupTriple sambaNTPassword
ldap-member-nis-netgroup memberNisNetgroup ldap-memberUid ldap-netgroup-lter memberUid (objectClass=nisNetgroup)
ldap-nis-netgroup-triple nisNetgroupTriple ldap-ntpasswdhash ldap-shadow-user-lter ldap-shadowexpire ldap-shadowag ldap-shadowinactive ldap-shadowlastchange ldap-shadowmax ldap-shadowmin ldap-shadowwarning ldap-uid ldap-uidnumber ldap-uniquemember ldap-user-lter Examples (objectClass=shadowAccount) (objectClass=User) shadowExpire shadowFlag shadowInactive shadowLastChange shadowMax shadowMin shadowWarning uid uidNumber
(objectClass=shadowAccount)
msSFU30ShadowExpire shadowExpire msSFU30ShadowFlag shadowFlag
msSFU30ShadowInactive shadowInactive msSFU30ShadowLastChange shadowLastChange msSFU30ShadowMax msSFU30ShadowMin shadowMax shadowMin
msSFU30ShadowWarning shadowWarning sAMAccountName msSFU30UidNumber msSFU30PosixMember uid uidNumber
(objectClass=posixAccount) (objectClass=User)
(objectClass=sambaSamAccount)
The following command sets the LDAP email attribute value to "userEmail": isi auth config ldap modify --ldap-email="userEmail"
The following command sets the LDAP uidNumber attribute value to "UIDnum": isi auth config ldap modify --ldap-uidnumber="UIDnum"
isi auth config list

The isi auth config list command lists authentication-related conguration options. Syntax isi auth config list [{[--ad-reserved-gid-threshold] [--ad-reserved-uid-threshold] [--allocate-gids] [--allocate-uids] [--assume-default-domain] [--authentication-retries] [--check-online-interval] [--gid-range] [--group-file] [--home-dir-prefix] [--home-dir-template] [--ignored-trusted-domains] [--ldap-attribute-map] [--ldap-authentication-enabled]
36
OneFS Command Reference [--ldap-balance-servers] [--ldap-base-dn] [--ldap-bind-dn] [--ldap-bind-pw] [--ldap-bind-timeout] [--ldap-enabled] [--ldap-enumerate-groups] [--ldap-enumerate-users] [--ldap-ignore-tls-errors] [--ldap-require-secure-connection] [--ldap-search-timeout] [--ldap-server-uri] [--ldap-sign-and-seal] [--login-shell-template] [--lookup-domains] [--lookup-groups] [--lookup-normalize-groups] [--lookup-normalize-users] [--lookup-users] [--lsass-log-level] [--machine-password-changes] [--machine-password-lifespan] [--map-untrusted] [--nis-authentication-enabled] [--nis-balance-servers] [--nis-check-interval] [--nis-domain] [--nis-enabled] [--nis-enumerate-groups] [--nis-enumerate-users] [--nis-hostname-lookup] [--nis-request-timeout] [--nis-retry-time] [--nis-server] [--on-disk-identity] [--param=<string>] [--passwd-file] [--send-ntlmv2] [--sfu-support] [--space-replacement] [--store-sfu-mappings] [--trusted-domain-enumeration] [--uid-range] | --hidden}] [--detailed] [--verbose] Options If no options are specied, all authentication-related conguration options are displayed. --ad-reserved-gid-threshold Displays the minimum value for GIDs from Active Directory (AD). --ad-reserved-uid-threshold Displays the minimum value for UIDs from AD. --allocate-gids Displays whether GIDs are allocated in the ID provider. --allocate-uids Displays whether UIDs are allocated in the ID provider. --assume-default-domain Displays whether unqualied users are looked up in the primary trusted domain. --authentication-retries Displays the maximum number of domain controllers to try when a connection fails. --check-online-interval Displays the interval between domain online checks. --gid-range Displays the range of GIDs to use for allocating temporary GIDs. --group-le Displays the group replacement le. --home-dir-prex Displays the home directory prex. --home-dir-template Displays the home directory template. --ignored-trusted-domains Displays ignored trusted domains. --ldap-attribute-map Displays the default attribute denitions to be use with the Lightweight Directory Access Protocol (LDAP) server. --ldap-authentication-enabled
37
Displays whether provider is able to respond to authentication requests. --ldap-balance-servers Displays whether the LDAP provider is allowed to enable afnity with a random server. --ldap-base-dn Displays the distinguished name of the entry at which to start the LDAP search. --ldap-bind-dn Displays the distinguished name of the entry used to bind to the LDAP server. --ldap-bind-pw Displays the password used when binding to the LDAP server. --ldap-bind-timeout Displays the bind timeout period. --ldap-check-interval Displays the duration between checks for valid and invalid servers. --ldap-enabled Displays whether the ldap-provider is enabled. --ldap-enumerate-groups Displays whether the ldap-provider is able to respond to getgrent requests. --ldap-enumerate-users Displays whether the ldap-provider is able to respond to getpwent requests. --ldap-ignore-tls-errors Displays whether the ldap-provider ignores all Transport Layer Security (TLS) errors. --ldap-require-secure-connection Displays whether a secure connection is required when binding with a password or retrieving password related attributes. --ldap-search-timeout Displays the search timeout period. --ldap-server-uri Displays a comma separated list of LDAP server Uniform Resource Identiers (URIs). --ldap-sign-and-seal Displays LDAP Sign and Seal. --login-shell-template Displays the login shell template le. --lookup-domains Displays the domains that user and group lookups are limited to. --lookup-groups Displays whether groups are looked up before allocating a GID. --lookup-normalize-groups Displays whether the group name is normalized to lower case before lookup. --lookup-normalize-users Displays whether the user name is normalized to lower case before lookup. --lookup-users Displays whether users are looked up before allocating a UID.
38
--lsass-log-level Displays the log level for Local Security Authority Subsystem Service (LSASS). --machine-password-changes Displays whether the machine account password is periodically changed. --machine-password-lifespan Displays the maximum age of the password lifespan (in seconds). --map-untrusted Displays the NetBIOS domain that untrusted domains are mapped to during authentication. --nis-authentication-enabled Displays whether the provider is able to respond to authentication requests. --nis-balance-servers Displays whether the Network Information Service (NIS) provider is allowed to enable afnity with a random server. --nis-check-interval Displays the duration between checks for valid and invalid servers. --nis-domain Displays the NIS domain. --nis-enabled Displays whether the NIS provider is enabled. --nis-enumerate-groups Displays whether the NIS provider is able to respond to getgrent requests. --nis-enumerate-users Displays whether the NIS provider is able to respond to getpwent requests. --nis-hostname-lookup Displays the priority of NIS hostname lookups. --nis-request-timeout Displays the timeout period after which a request will not be retried and will fail. --nis-retry-time Displays the timeout period after which a request will be retried. --nis-server Displays a comma separated list of NIS servers. --on-disk-identity Displays preferred on-disk storage. --param=<string>, -p<string> Displays the specied parameter's value. --passwd-le Displays the supplemental password le. --send-ntlmv2 Displays whether NT LAN Manager (NTLM)v2 responses are sent. --sfu-support Displays Services for UNIX mode. --space-replacement
39
Displays space replacement. --store-sfu-mappings Displays whether mappings retrieved from Services for UNIX are stored instead of just cached. --trusted-domain-enumeration Displays control trusted domain enumeration. --uid-range Displays the range of UIDs that are used for allocating temporary UIDs. --detailed, -d Displays detailed information about parameters. --hidden Displays hidden parameters that should not be modied without guidance from Isilon Product Support. --verbose, -v Displays verbose output. Examples To view authentication-related conguration options, run the following command: isi auth config list The system displays output similar to the following example: Authentication Options Option name -----------------------------ad-reserved-gid-threshold ad-reserved-uid-threshold allocate-gids allocate-uids assume-default-domain authentication-retries check-online-interval gid-range group-file home-dir-prefix home-dir-template ignored-trusted-domains ldap-attribute-map ldap-authentication-enabled ldap-balance-servers ldap-base-dn ldap-bind-dn ldap-bind-pw ldap-bind-timeout ldap-ca-cert-file ldap-check-interval ldap-enabled ldap-enumerate-groups ldap-enumerate-users ldap-ignore-tls-errors ldap-require-secure-connection ldap-search-timeout ldap-server-uri ldap-sign-and-seal login-shell-template lookup-domains lookup-groups Value --------------------------------------------1 1 true true false 3 300 1000000 - 2000000 /ifs/home %H/%D/%U rfc2307 true true
60 180 true true true false false 100 false /bin/sh true
40
lookup-normalize-groups lookup-normalize-users lookup-users lsass-log-level machine-password-changes machine-password-lifespan map-untrusted nis-authentication-enabled nis-balance-servers nis-check-interval nis-domain nis-enabled nis-enumerate-groups nis-enumerate-users nis-hostname-lookup nis-request-timeout nis-retry-time nis-server on-disk-identity passwd-file send-ntlmv2 sfu-support space-replacement store-sfu-mappings trusted-domain-enumeration uid-range
true true true error true 2592000 true true 180 true true true disabled 20 5 native false none false both 1000000 - 2000000
isi auth config modify

The isi auth config modify command modies authentication-related conguration options. Syntax isi | | | | | | | | | | | | | | | | | | | | | | | | | auth config modify {--ad-reserved-gid-threshold=<number> --ad-reserved-uid-threshold=<number> | --allocate-gids=<boolean> --allocate-uids=<boolean> | --assume-default-domain=<boolean> --authentication-retries=<number> | --check-online-interval=<number> --gid-range=<number>-<number> | --group-file=<string> --home-dir-prefix=<string> | --home-dir-template=<string> --ignored-trusted-domains=<string> | --ldap-attribute-map=<AttributeMap> --ldap-authentication-enabled=<boolean> --ldap-balance-servers=<boolean> | --ldap-base-dn=<string> --ldap-bind-dn=<string> | --ldap-bind-pw=<string> --ldap-bind-timeout=<number> | --ldap-enabled=<boolean> --ldap-enumerate-groups=<boolean> | --ldap-enumerate-users=<boolean> --ldap-ignore-tls-errors=<boolean> --ldap-require-secure-connection=<boolean> --ldap-search-timeout=<number> | --ldap-server-uri=<string> --ldap-sign-and-seal=<boolean> | --login-shell-template=<string> --lookup-domains=<string> | --lookup-groups=<boolean> --lookup-normalize-groups=<boolean> --lookup-normalize-users=<boolean> | --lookup-users=<boolean> --lsass-log-level=<string> | --machine-password-changes=<boolean> --machine-password-lifespan=<number> | --map-untrusted=<string> --nis-authentication-enabled=<boolean> --nis-balance-servers=<boolean> | --nis-check-interval=<number> --nis-domain=<string> | --nis-enabled=<boolean> --nis-enumerate-groups=<boolean> | --nis-enumerate-users=<boolean> --nis-hostname-lookup=<string> | --nis-request-timeout=<number>
41
OneFS Command Reference | | | | | | --nis-retry-time=<number> | --nis-server=<string> --on-disk-identity=<string> | --passwd-file=<string> --send-ntlmv2=<boolean> | --sfu-support=<string> --space-replacement=<string> | --store-sfu-mappings=<boolean> --trusted-domain-enumeration=<string> --uid-range=<number>-<number> | --param=<Parameter> --value=<Value>}...
Options You must specify at least one at least one authentication-related conguration options to modify. Specify authentication-related conguration options using the following options: --ad-reserved-gid-threshold --ad-reserved-uid-threshold --allocate-gids --allocate-uids --assume-default-domain --authentication-retries --check-online-interval --gid-range --group-le --home-dir-prex --home-dir-template --ignored-trusted-domains --ldap-attribute-map --ldap-authentication-enabled --ldap-balance-servers --ldap-base-dn --ldap-bind-dn --ldap-bind-pw --ldap-bind-timeout --ldap-enabled --ldap-enumerate-groups --ldap-enumerate-users --ldap-ignore-tls-errors --ldap-require-secure-connection --ldap-search-timeout --ldap-server-uri --ldap-sign-and-seal --login-shell-template --lookup-domains --lookup-groups --lookup-normalize-groups --lookup-normalize-users --lookup-users --lsass-log-level --machine-password-changes --machine-password-lifespan --map-untrusted --nis-authentication-enabled --nis-balance-servers --nis-check-interval
42
--nis-domain--nis-enabled --nis-enumerate-groups --nis-enumerate-users --nis-hostname-lookup --nis-request-timeout --nis-retry-time --nis-server --on-disk-identity --passwd-le --send-ntlmv2 --sfu-support --space-replacement --store-sfu-mappings --trusted-domain-enumeration --uid-range --param and --value (must be specied together)
--ad-reserved-gid-threshold=<number> Species the minimum value for GIDs from Active Directory (AD). --ad-reserved-uid-threshold=<number> Species the minimum value for UIDs from AD. --allocate-gids=<boolean> Species whether GIDs in the ID provider are allocated. --allocate-uids=<boolean> Species whether UIDs are allocated in the ID provider. --assume-default-domain=<boolean> Species whether unqualied users are looked up in the primary trusted domain. --authentication-retries=<number> Species the maximum number of domain controllers to try when a connection fails. --check-online-interval=<number> Species the interval between domain online checks. --gid-range=<number>-<number> Species the range of GIDs to use for allocating temporary GIDs. --group-le=<string> Species the group replacement le. --home-dir-prex=<string> Species the home directory prex. --home-dir-template=<string> Species the home directory template. --ignored-trusted-domains=<string> Species the ignored trusted domains. --ldap-attribute-map=<AttributeMap> Species the default attribute denitions to be used with the Lightweight Directory Access Protocol (LDAP) server. The following values are valid:
43
rfc2307 ad ldapsam
The following table lists the attribute values for their respective default maps: The default values for these settings are dependant on the <AttributeMap> value of isi auth config modify --ldap-attribute-map=<AttributeMap>. The following table displays the default values for these parameters according to their respective maps: Table 2. Default Attribute Value Maps Attribute Map ldap-cn ldap-cryptpasswd ldap-email ldap-gecos ldap-gidnumber ldap-group-lter email gecos gidNumber rfc2307 ad cn msSFU30Password email msSFU30Gecos email gecos ldapsam cn
msSFU30GidNumber gidNumber
(objectClass=posixGroup) (objectClass=Group) (objectClass=posixGroup) msSFU30HomeDirectory homeDirectory msSFU30LoginShell loginShell memberNisNetgroup msSFU30MemberUid memberUid (objectClass=nisNetgroup) nisNetgroupTriple sambaNTPassword (objectClass=shadowAccount)
ldap-homedirectory homeDirectory ldap-loginshell loginShell
ldap-member-nis-netgroup memberNisNetgroup ldap-memberUid memberUid
ldap-netgroup-lter (objectClass=nisNetgroup) ldap-nis-netgroup-triple nisNetgroupTriple ldap-ntpasswdhash ldap-shadow-user-lter (objectClass=shadowAccount) (objectClass=User) ldap-shadowexpire ldap-shadowag shadowExpire shadowFlag
msSFU30ShadowExpire shadowExpire msSFU30ShadowFlag shadowFlag msSFU30ShadowInactive shadowInactive
ldap-shadowinactive shadowInactive
ldap-shadowlastchange shadowLastChange msSFU30ShadowLastChange shadowLastChange ldap-shadowmax ldap-shadowmin shadowMax shadowMin msSFU30ShadowMax shadowMax msSFU30ShadowMin shadowMin msSFU30ShadowW arning shadowWarning sAMAccountName uid
ldap-shadowwarning shadowWarning ldap-uid ldap-uidnumber ldap-uniquemember ldap-user-lter uid uidNumber
msSFU30UidNumber uidNumber msSFU30PosixMember
(objectClass=posixAccount) (objectClass=User)
(objectClass=sambaSamAccount)
To congure LDAP attributes for non-standard directories, use the isi auth ldap modify command.
44
--ldap-authentication-enabled=<boolean> Enables the provider to respond to authentication requests. --ldap-balance-servers=<boolean> Allows the LDAP provider to enable afnity with a random server. --ldap-base-dn=<string> Species the name of the entry at which to start the LDAP search. --ldap-bind-dn=<string> Species the name of the entry used to bind to the LDAP server. --ldap-bind-pw=<string> Species the password used when binding to the LDAP server. --ldap-bind-timeout=<number> Species the bind timeout period. --ldap-check-interval=<number> Species the duration between checks for valid and invalid servers. --ldap-enabled=<boolean> Enables the LDAP provider. --ldap-enumerate-groups=<boolean> Enables the LDAP provider to respond to getgrent requests. --ldap-enumerate-users=<boolean> Enables the LDAP provider to respond to getpwent requests. --ldap-ignore-tls-errors=<boolean> Species whether the LDAP provider ignores all Transport Layer Security (TLS) errors. --ldap-require-secure-connection=<boolean> Species whether a secure connection is required when binding with a password or retrieving password related attributes. --ldap-search-timeout=<number> Species the search timeout period. --ldap-server-uri=<string> Species LDAP server Uniform Resource Identiers (URIs). Specify in a comma-separated list. --ldap-sign-and-seal=<boolean> Species LDAP Sign and Seal. --login-shell-template=<string> Species the login shell template. --lookup-domains=<string> Species domains that user and group lookups are limited to. --lookup-groups=<boolean> Species whether groups are looked up before allocating a GID. --lookup-normalize-groups=<boolean> Species whether the group name is normalized to lower case before lookup. --lookup-normalize-users=<boolean> Species whether the user name is normalized to lower case before lookup. --lookup-users=<boolean>
45
Species whether users are looked up before allocating a UID. --lsass-log-level=<string> Species the log level for Local Security Authority Subsystem Service (LSASS). The following value are valid (log levels are organized from least to most information): error warning info verbose debug trace
--machine-password-changes=<boolean> Species whether the machine account password is periodically changed. --machine-password-lifespan=<number> Species the maximum age of the password lifespan (in seconds). --map-untrusted=<string> Species the NetBIOS domain that untrusted domains are mapped to during authentication. --nis-authentication-enabled=<boolean> Species whether the provider is able to respond to authentication requests. --nis-balance-servers=<boolean> Species whether the nis-provider is allowed to enable afnity with a random server. --nis-check-interval=<number> Species the duration between checks for valid and invalid servers. --nis-domain=<string> Species the Network Information Service (NIS) domain. --nis-enabled=<boolean> Enables the NIS provider. --nis-enumerate-groups=<boolean> Species whether the NIS provider is able to respond to getgrent requests. --nis-enumerate-users=<boolean> Species whether the NIS provider is able to respond to getpwent requests. --nis-hostname-lookup=<string> Species the priority of NIS hostname lookups. --nis-request-timeout=<number> Species the timeout period after which a request will not be retried and will fail. --nis-retry-time=<number> Species the timeout period after which a request will be retried. --nis-server=<string> Species NIS servers. Specify in a comma separated list. --on-disk-identity=<string> Species preferred on-disk storage. --passwd-le=<string> Species the supplemental password le.
46
--send-ntlmv2=<boolean> Species whether NT LAN Manager (NTLM)v2 responses are sent. --sfu-support=<string> Species Services for UNIX mode. Valid values are: none, rfc2307. --space-replacement=<string> Species space replacement. --store-sfu-mappings=<boolean> Species whether mappings retrieved from Services for UNIX are stored instead of just cached. --trusted-domain-enumeration=<string> Species control trusted domain enumeration. --uid-range=<number>-<number> Species the range of UIDs to use for allocating temporary UIDs. --param=<Parameter>, -p<Parameter> Species a parameter to modify. --value=<Value>, -v<Value> Sets the given <Parameter> to the specied <Value>. Examples To have the ldap-provider ignore all TLS errors, run the following command: isi auth config modify -pldap-ignore-tls-errors -vtrue The following command causes the password of the machine to be changed approximately every 3 months: isi auth config modify --machine-password-changes=true --machine-password-lifespan=7776000
isi auth config revert

The isi auth config revert command reverts authentication-related conguration options to their default settings. Syntax isi auth config revert [--ad-reserved-gid-threshold] [--ad-reserved-uid-threshold] [--allocate-gids] [--allocate-uids] [--assume-default-domain] [--authentication-retries] [--check-online-interval] [--gid-range] [--group-file] [--home-dir-prefix] [--home-dir-template] [--ignored-trusted-domains] [--ldap-attribute-map] [--ldap-authentication-enabled] [--ldap-balance-servers] [--ldap-base-dn] [--ldap-bind-dn] [--ldap-bind-pw] [--ldap-bind-timeout] [--ldap-enabled] [--ldap-enumerate-groups] [--ldap-enumerate-users] [--ldap-ignore-tls-errors] [--ldap-require-secure-connection] [--ldap-search-timeout] [--ldap-server-uri] [--ldap-sign-and-seal] [--login-shell-template] [--lookup-domains] [--lookup-groups] [--lookup-normalize-groups] [--lookup-normalize-users] [--lookup-users] [--lsass-log-level] [--machine-password-changes] [--machine-password-lifespan] [--map-untrusted] [--nis-authentication-enabled] [--nis-balance-servers] [--nis-check-interval] [--nis-domain] [--nis-enabled] [--nis-enumerate-groups] [--nis-enumerate-users] [--nis-hostname-lookup]
47
OneFS Command Reference [--nis-request-timeout] [--nis-retry-time] [--nis-server] [--on-disk-identity] [--param=<string>] [--passwd-file] [--send-ntlmv2] [--sfu-support] [--space-replacement] [--store-sfu-mappings] [--trusted-domain-enumeration] [--uid-range] Options --ad-reserved-gid-threshold Reverts the minimum value for GIDs from Active Directory (AD) back to the default value. --ad-reserved-uid-threshold Reverts the minimum value for UIDs from AD back to the default value. --allocate-gids Reverts whether GIDs are allocated in the id-provider back to the default setting. --allocate-uids Reverts whether UIDs are allocated in the id-provider back to the default setting. --assume-default-domain Reverts whether unqualied users are looked up in the primary trusted domain back to the default setting. --authentication-retries Reverts the maximum number of domain controllers that are tried when a connection fails back to the default value. --check-online-interval Reverts the interval between domain online checks back to the default value. --gid-range Reverts the range of GIDs that are used for allocating temporary GIDs back to the default value. --group-le Reverts the group replacement le back to the default le. --home-dir-prex Reverts the home directory prex back to the default prex. --home-dir-template Reverts the home directory template back to the default template. --ignored-trusted-domains Reverts ignored trusted domains back to the default domains. --ldap-attribute-map Reverts the default attribute denitions that are used with the Lightweight Directory Access Protocol (LDAP) server back to the default denitions. --ldap-authentication-enabled Reverts whether the provider is able to respond to authentication requests back to the default setting. --ldap-balance-servers Reverts whether the ldap-provider is able to establish afnity with a random server back to the default setting. --ldap-base-dn Reverts the name of the entry at which to start the LDAP search back to the default name. --ldap-bind-dn Reverts the name of the entry used to bind to the LDAP server back to the default name. --ldap-bind-pw
48
Reverts the password used when binding to the LDAP server back to the default password. --ldap-bind-timeout Reverts the bind timeout period back to the default password. --ldap-check-interval Reverts the duration between checks for valid and invalid servers back to the default value. --ldap-enabled Reverts whether the ldap-provider is enabled back to the default setting. --ldap-enumerate-groups Reverts whether the ldap-provider is able to respond to getgrent requests back to the default setting. --ldap-enumerate-users Reverts whether the ldap-provider is able to respond to getpwent requests back to the default setting. --ldap-ignore-tls-errors Reverts the whether the ldap-provider ignores all Transport Layer Security (TLS) errors back to the default setting. --ldap-require-secure-connection Reverts whether a secure connection is required when binding with a password or retrieving password related attributes back to the default setting. --ldap-search-timeout Reverts the search timeout period back to the default value. --ldap-server-uri Reverts the list of LDAP server Uniform Resource Identiers (URIs) back to the default list. --ldap-sign-and-seal Reverts the LDAP Sign and Seal parameter back to its original value. --login-shell-template Reverts the login shell template back to the default template. --lookup-domains Reverts whether to limit user and group lookup to the listed domains back to the default setting. --lookup-groups Reverts whether to lookup groups before allocating a GID back to the default setting. --lookup-normalize-groups Reverts whether to normalize the group name to lower case before lookup back to the default setting. --lookup-normalize-users Reverts whether to normalize the user name to lower case before lookup back to the default setting. --lookup-users Reverts whether to lookup users before allocating a UID back to the default setting. --lsass-log-level Reverts the log level for Local Security Authority Subsystem Service (LSASS) back to the default level. --machine-password-changes Reverts whether the machine account password is changed periodically back to the default setting. --machine-password-lifespan Reverts the maximum age of the password lifespan back to the default value. --map-untrusted
49
Reverts the NetBIOS domain that untrusted domains are mapped to during authentication back to the default value. --nis-authentication-enabled Reverts whether provider is able to respond to authentication requests back to the default setting. --nis-balance-servers Reverts whether the Network Information Service (NIS) provider is able to establish afnity with a random server back to the default setting. --nis-check-interval Reverts the duration between checks for valid and invalid servers back to the default value. --nis-domain Reverts the NIS domain back to the default domain. --nis-enabled Reverts whether the NIS provider is enabled back to the default setting. --nis-enumerate-groups Reverts whether the NIS provider is able to respond to getgrent requests back to the default setting. --nis-enumerate-users Reverts whether the NIS provider is able to respond to getpwent requests back to the default setting. --nis-hostname-lookup Reverts the priority of NIS hostname lookups back to the default value. --nis-request-timeout Reverts the timeout period after which a request will not be retried and will fail back to the default value. --nis-retry-time Reverts the timeout period after which a request will be retried back to the default value. --nis-server Reverts the list of NIS servers back to the default list. --on-disk-identity Reverts preferred on-disk storage back to the default value. --passwd-le Reverts the supplemental password le back to the default le. --send-ntlmv2 Reverts whether NT LAN Manager (NTLM)v2 responses are sent back to the default setting. --sfu-support Reverts Services for UNIX mode back to default value. --space-replacement Reverts space replacement back to default value. --store-sfu-mappings Reverts whether mappings retrieved from Services for UNIX are stored instead of just cached back to the default setting. --trusted-domain-enumeration Reverts control trusted domain enumeration back to default value. --uid-range Reverts the range of UIDs to use for allocating temporary UIDs back to the default value.
50
--param=<string>, -p<string> Reverts specied parameters back to their default values or settings. Examples To revert the minimum value for GIDs from AD back to the default value, run the following command: isi auth config revert --ad-reserved-gid-threshold To revert the space replacement value back to the default setting, run the following command: isi auth config revert --param=space-replacement
isi auth config rules

The isi auth config rules command congures ID mapping rules. Syntax isi auth config {--read-file=<Path> | --read-line=<string>} [--revert] [--list] Options You must specify exactly one location to read the rules from. Specify location to read rules from using one of the following options: --read-le --read-line
--read-le=<Path> Reads rules from a le. --read-line=<string> Reads a semicolon-separated list of rules on the command line. --revert Erases existing rules. --list, -l Lists the current rules. Examples The following command joins together two users so that both "newUser" and "DOMAIN\newUser" are recognized as the same user: isi auth config rules --read-line='newUser &= DOMAIN\newUser' To view a list of existing rules, run the following command: isi auth config rules --list The system displays output similar to the following example: # Current ID Mapping rules newUser &= DOMAIN\newUser []
51
isi auth error

The isi auth error command displays error code denitions from the authentication log les. Syntax isi auth error [--error-code=]<number> Options --error-code=<number> Required. Species the error code to convert. Examples To view the denition of error code 4, run the following command: isi auth error error-code=4 The system displays output similar to the following example: 4 = ERROR_TOO_MANY_OPEN_FILES
isi auth local groups create

The isi auth local groups create command creates a local group on the cluster. Syntax isi auth local groups create --name=<string> [--gid=<GID>] [--force] Options --name=<string>, -n=<string> Required. Species the group name. --gid=<GID>, -g<GID> Assigns the specied Group Identier (GID) to the group. If not specied, a GID will be allocated by the system. --force, -f Does not display any warnings that would otherwise be displayed. Examples The following command creates a group named "new_group" with a GID of "1550": isi auth local groups create --name=new_group --gid=1550 The system displays output similar to the following example: Name: Gid: Sid: new_group 1550 S-1-5-21-441786143-3494145130-872276121-1002
Successfully created group new_group
52
isi auth local groups delete

The isi auth local groups delete command removes a local group from the system. Any members are removed from the group before the group is deleted. This action cannot be reversed. Syntax isi auth local groups delete --force {--name=<string>|--gid=<GID>|--sid=<SID>} Options You must specify exactly one group to remove from the system. Specify the group to removed from the system using one of the following options: --name --gid --sid Required. Forces the system to execute the command without displaying any warnings. --name=<string>, -n=<string> Deletes the specied group. --gid=<GID>, -g=<GID> Deletes the group with the specied Group Identier (GID). --sid=<SID>, -S=<SID> Deletes the group with the specied Security Identier (SID). Examples The following command deletes the group "newgroup" from the system: isi auth local groups delete --name=newgroup --force
--force, -f
isi auth local groups list

The isi auth local groups list command displays a list of local groups on the system. If no options are specied, the system displays all local groups. Syntax isi auth local groups list [--verbose] [{--name=<string>|--gid=<GID>|--sid=<SID>}] Options If no options are specied, a list of all local groups is displayed. --verbose, -v Displays detailed information about each group, including Group Identier (GID), Security Identier (SID), and any members of the group. --name=<string>, -n=<string> Displays only the specied group.
53
--gid=<GID>, -g<GID> Displays only the group with the specied GID. --sid=<SID>, -S=<SID> Displays only the group with the specied SID. Examples To display a list of existing groups, their respective GIDs and SIDs, and all members of each group, run the following command: isi auth local groups list -v The system displays output similar to the following example: Name: Gid: Sid: Members: Name: Gid: Sid: Members: Name: Gid: Sid: Members: Name: Gid: Sid: Members: Administrators 1544 S-1-5-32-544 Administrator1 Users 1545 S-1-5-32-545 user1, user2 Guests 1546 S-1-5-32-546 Guest newgroup 1548 S-1-5-21-441786143-3494145130-872276121-1001 newuser
isi auth local groups modify

The isi auth local groups modify command manages local group membership. Syntax isi auth local groups modify {--name=<string>|--gid=<GID>|--sid=<SID>} [--add-member-user=<List>] [--del-member-user=<List>] [--add-member-uid=<List>] [--del-member-uid=<List>] [--add-member-group=<List>] [--del-member-group=<List>] [--add-member-gid=<List>] [--del-member-gid=<List>] [--add-member-sid=<List>] [--del-member-sid=<List>] [--target-gid=<GID>] [--force] [--verbose] Options You must specify exactly one local group. Specify the local group using one of the following options: --name --gid --sid
54
You must specify at least one action. Specify one or more actions using the following commands: --add-member-user --del-member-user --add-member-uid --del-member-uid --add-member-group --del-member-group --add-member-gid --del-member-gid --add-member-sid --del-member-sid
--name=<string>, -n=<string> Modies the specied group. --gid=<GID>, -g<GID> Modies the group with the specied group identier (GID). --sid=<SID>, -S=<SID> Modies the group with the specied security identier (SID). --add-member-user=<List> Adds one or more users to the group. Specify as a comma-delimited list of user names. --add-member-uid=<List> Adds one or more users to the group. Specify as a comma-delimited list of UIDs. --add-member-group=<List> Adds one or more subgroups to the group. Specify as a comma-delimited list of group names. --add-member-gid=<List> Adds one or more subgroups to the group. Specify as a comma-delimited list of GIDs. --add-member-sid=<List> Adds a comma-delimited list of SIDs to the group. To view a list of existing users' SIDs, run isi auth local users list --verbose. --del-member-user=<List> Removes one or more users from the group. Specify in a comma-delimited list of users. To view which users belong to a specic <Group>, run the following command: isi auth local groups list --name=<Group> --verbose --del-member-uid=<List> Removes one or more users from the group. Specify as a comma-delimited list of UIDs from the group. To view which users belong to a specic <Group>, run the following command: isi auth local groups list --name=<Group> --verbose . --del-member-group=<List> Removes one or more subgroups from the group. Specify as a comma-delimited list of group names. To view which subgroups belong to a specic <Group>, run the following command: isi auth local groups list --name=<Group> --verbose --del-member-gid=<List>
55
Removes one or more subgroups from the given group. Specify as a comma-delimited list of GIDs. To view which subgroups belong to a specic <Group>, run the following command: isi auth local groups list --name=<Group> --verbose --del-member-sid=<List> Removes a comma-delimited list of SIDs from the group. --target-gid=<GID> Species a new GID for the group. This option requires the --force option. --force, -f Does not display any warnings that would otherwise be displayed. --verbose, -v Displays detailed information. Examples The following command adds the user "newuser" to the group "newgroup": isi auth local groups modify --name=newgroup --add-member-user=newuser The following command removes users with UIDs 2012 and 2011 from the group "newgroup": isi auth local groups modify --name=newGroup --del-member-uid=2012,2011 The following command changes the GID of a group from 1000 to 3000
isi auth local users create

Creates a new user account on the cluster. Syntax isi auth local users create --name=<string> [--password=<Password>] [--uid=<UID>] [{--gid=<GID>|--auto-gid}] [--shell=<Shell>] [--homedir=<Directory>] [--gecos=<string>] [--force] Options --name=<string>, -n=<string> Required. Species the user name. --password=<Password>, -P=<Password> Species a password for the user. --uid=<UID>, -u=<UID> Assigns the specied User Identier (UID) to the user. If not specied, a UID will be allocated by the system starting at 1000. --gid=<GID>, -g=<GID> Species the primary group for the user. The Group Identier (GID) must be an existing GID. If neither --gid nor --auto-gid is specied, the user is added to the Isilon Users group (GID 1800) by default. --auto-gid Creates a new group and sets it as the primary group for this user. The name of the group is the same as the name of the newly created user. The GID of the group is generated automatically. If neither --gid nor --auto-gid is specied, the user is added to the Isilon Users group (GID 1800) by default.
56
--shell=<Shell>, -s=<Shell> Species the user's shell. --homedir=<Directory>, -d<Directory> Species the user's home directory. --gecos=<string>, -c<string> Adds a comma-separated list of values for the following gecos eld entries in the user's password le: Full Name: Office Location: Office Phone: Home Phone: Other information: For example, the --gecos="Jane Doe",Seattle,555-5555,,"Temporary worker" option results in the following entries: Full Name: Jane Doe Office Location: Seattle Office Phone: 555-5555 Home Phone: Other information: Temporary worker --force, -f Does not display any warnings that would otherwise be displayed. Examples The following command creates a new user named "user1": isi auth local users create --name=user1 The system displays output similar to the following example: User: user1 Uid: 2005 Gid: 1800(Isilon Users) Sid: S-1-5-21-3863706122-1329939716-3053962897-1005 Shell: /bin/zsh Home: /ifs/home/user1 Groups: 1800(Isilon Users), 1800(Isilon Users) Flags: Account Disabled Successfully created user user1.
isi auth local users delete

Deletes a local user from the system. This operation cannot be reversed. Syntax isi auth local users delete --force {--name=<string>|--uid=<UID>|--sid=<SID>} Options You must specify exactly one user to delete.
57
Specify a user using one of the following options: --name --uid --sid Required. Forces the command to complete. --name=<string>, -n=<string> Deletes the specied user. --uid=<UID>, -u=<UID> Deletes the user with the specied user identier (UID). --sid=<SID>, -S=<SID> Deletes the user with the specied security identier (SID). Examples The following command deletes a user named "user1": isi auth local users delete --name=user1 --force
--force, -f
isi auth local users list

Displays a list of local users on the system. If no options are specied, the system displays all local users. Syntax isi auth local users list [{--name=<string>|--uid=<UID>|--sid=<SID>}] [--remote] [--verbose] Options --name=<string>, -n=<string> Displays only the specied user. --uid=<UID>, -u<UID> Displays only the user with the specied user identier (UID). --sid=<SID>, -S=<SID> Displays only the user with the specied security identier (SID). --remote Displays users that have been imported into the name service from LDAP or NIS servers. --verbose, -v Displays additional information about each user, including UID, primary GID, SID, shell, gecos elds, home directory, and any groups the user is a member of. Examples To view a list of all existing users, run the following command: isi auth local users list
58
The system displays output similar to the following example: Local Users: Guest root nobody To view detailed information about all existing users, run the following command: isi auth local users list -v The system displays output similar to the following example: Local Users: User: Guest Uid: 1501 Gid: 1800(Isilon Users) Sid: S-1-5-21-3863706122-1329939716-3053962897-501 Shell: /sbin/nologin Home: /tmp Groups: 1800(Isilon Users), 1546(Guests), 1800(Isilon Users) Flags: Password Expired User: Uid: Gid: Sid: Shell: Gecos: Home: Groups: root* 0 0(wheel) S-1-22-1-0 /usr/local/bin/zsh Root /root 0(wheel), 20(staff), 0(wheel), 70(ifs), 5(operator), 10(admin)
User: nobody* Uid: 65534 Gid: 65534(nobody) Sid: S-1-22-1-65534 Shell: /usr/sbin/nologin Gecos: Unprivileged user Home: /nonexistent Groups: 65534(nobody), 65534(nobody) Flags: Account Disabled
isi auth local users modify

The isi auth local users modify command modies the properties of an existing user on the cluster. Syntax isi auth local users modify {--name=<string>|--uid=<UID>|--sid=<SID>} [--add-group-name=<string>] [--add-group-gid=<GID>] [--del-group-name=<string>] [--del-group-gid=<GID>] [--shell=<Shell>] [{--enable|--disable|--unlock}] [--homedir=<Path>] [--gecos=<string>] [--gid=<GID>] [--password=<Password>] [--target-uid=<UID>] [{--password-never-expires|--password-must-expire}] [--force] [--verbose] Options You must specify exactly one user.
59
Specify a user using one of the following options: --name --uid --sid
--name=<string>, -n=<string> Modies the specied user. --uid=<UID>, -u<UID> Modies the user that is associated with the specied user identier (UID). --sid=<SID>, -S=<SID> Modies the user that is associated with the specied security identier (SID). --add-group-name=<string> Adds the user to the specied group. --add-group-gid=<GID> Adds the user to the group that has the specied group identier (GID). --del-group-name=<string> Removes the user from the specied group. --del-group-gid=<GID> Removes the user from the group that has the specied GID. --shell=<Shell>, -s=<Shell> Species the user's shell. --enable Enables the user account. --disable Disables the user account. --unlock Unlocks the user account. --homedir=<Path>, -d=<Path> Species the user's home directory. --gecos=<string>, -c<string> Overwrites the following gecos eld entries in the user's password le: Full Name: Office Location: Office Phone: Home Phone: Other information: Values must be entered as a comma-separated list. For example, the --gecos="Jane Doe",Seattle,,(206)555-5555,"Temporary worker" option results in the following entries: Full Name: Jane Doe Office Location: Seattle Office Phone: Home Phone: (206)555-5555 Other information: Temporary worker --gid=<GID>, -g=<GID> Species a a new primary group for this user.
60
--password=<Password> Species a password for the user. --target-uid=<UID> Species a new UID for the user. This option requires the --force option. --password-never-expires Species that the password never expires. --password-must-expire Species that the password must expire. --force, -f Suppresses any prompts, warnings, or conrmation messages that would otherwise appear when running this command. --verbose, -v Displays detailed information. Examples The following command adds the user "newuser" to the group "newgroup": isi auth local users modify --name=newuser --add-group-name=newgroup The following command forces a user's ID to update from 2005 to 3005: isi auth local users modify --uid=2005 --target-uid=3005 --force The following example output indicates that the UID, which corresponds to a user named user1, was successfully modied: Successfully modified UID of user user1.
isi auth log-level

The isi auth log-level command sets or displays the level of information that is logged for the current node. Syntax isi auth log-level [--set=<string>] Options If no options are specied, the current log level is displayed. --set=<string>, -s<string> Sets the log level for the current node. The log level determines how much information is logged. The following values are valid (log levels are organized from least to most information): Note: Levels verbose, debug and trace might cause performance issues. Note: Levels debug and trace log information that will most likely only be useful when consulting Isilon support. always error
61
Examples
warning info verbose debug trace
To set the log level to always, run the following command: isi auth log-level --set=always
isi auth mapping delete

The isi auth mapping delete command removes mappings for a persona that were created by the isi auth mapping commands. Note: In order for an entry to be successfully removed, the entry must have been created by one of the isi auth mapping commands. Otherwise, the mapping will be repopulated by the database that the original mapping was created in. Syntax isi auth mapping delete {--source=<Persona>|--source-uid=<UID> |--source-gid=<GID>|--source-sid=<SID>|--source-principal=<Principal> |--source-name={<User>|<Group>}|--source-user=<User> |--source-group=<Group>} {--target=<Persona>|--target-uid=<UID>|--target-gid=<GID> |--target-sid=<SID>|--target-principal=<Principal> |--target-name={<User>|<Group>}|--target-user=<User> |--target-group=<Group>} [--2way] Options You must specify exactly one source and exactly one target. Specify the source using one of the following options: --source --source-uid --source-gid --source-sid --source-principal --source-name --source-user --source-group
Specify the target using one of the following parameters: --target --target-uid --target-gid --target-sid --target-principal --target-name --target-user
62
--target-group
--source=<Persona> Species the source persona of the mapping being deleted. Specify in one of the following forms: UID:<UID> GID:<GID> SID:<SID> NAME:{<User|<Group>} USER:<User> GROUP:<Group>
--source-uid=<UID> Species the source UID of the mapping being deleted. --source-gid=<GID> Species the source GID of the mapping being deleted. --source-sid=<SID> Species the source SID of the mapping being deleted. --source-principal=<Principal> Species the source principal of the mapping being deleted. --source-name={<User>|<Group>} Species the source user name of the mapping being deleted. --source-user=<User> Species the source user of the mapping being deleted. --source-group=<Group> Species the source group of the mapping being deleted. --target=<Persona> Species the target persona of the mapping being deleted. Specify in one of the following forms: UID:<UID> GID:<GID> SID:<SID> NAME:{<User|<Group>} USER:<User> GROUP:<Group> Note: If specied, only the mapping for this target is removed. --target-uid=<UID> Species the target UID of the mapping being deleted. Note: If specied, only the mapping for this target is removed. --target-gid=<GID> Species the target GID of the mapping being deleted.
63
Note: If specied, only the mapping for this target is removed. --target-sid=<SID> Species the target SID of the mapping being deleted. Note: If specied, only the mapping for this target is removed. --target-principal=<Principal> Species the target principal of the mapping being deleted. Note: If specied, only the mapping for this target is removed. --target-name={<User>|<Group>} Species the target user or group name of the mapping being deleted. Note: If specied, only the mapping for this target is removed. --target-user=<User> Species the target user of the mapping being deleted. Note: If specied, only the mapping for this target is removed. --target-group=<Group> Species the target group of the mapping being deleted. Note: If specied, only the mapping for this target is removed. --2way Deletes the mapping on both the target and source directories. Examples The following command removes the mapping from newUser to otherUser: isi auth mapping delete --source=USER:newUser --target-source=USER:otherUser The following command removes all mappings from newUser to targets: isi auth mapping delete --source=USER:newUser
isi auth mapping dump

The isi auth mapping dump command displays or prints the kernel mapping database. Syntax isi auth mapping dump [--file=<Path>] Options If no option is specied, the kernel mapping database is displayed.
64
--le=<Path>, -f<Path> Prints database to the specied le. Examples To view the kernel mapping database, run the following command: isi auth mapping dump The system displays output similar to the following example: ["UID:1000000", [["GROUP:newGroup1", 32]]] ["UID:1000001", [["GROUP:newGroup2", 32]]] ["UID:1000002", [["USER:newGroup1", 32]]] ["GID:1000000", [["USER:user1", 32]]] ["GROUP:newGroup1", [["UID:1000000", 32]]] ["USER:user1", [["USER:user2", 0], ["GID:1000000", 32]]] ["USER:newGroup1", [["UID:1000002", 32]]]
isi auth mapping flush

The isi auth mapping flush command ushes the cache for one or more mappings of a persona. Flushing the cache might be useful if the ID mapping rules have been modied through the isi auth config rules command or the Isilon web administration interface. Syntax isi auth mapping flush {--all|--source=<Persona>|--source-uid=<UID>| --source-gid=<GID>|--source-sid=<SID>|--source-principal=<Principal>| --source-name=<User>|--source-user=<User>|--source-group=<Group>} Options You must specify either a persona or --all. Specify a persona using one of the following options: --source --source-uid --source-gid --source-sid --source-principal --source-name --source-user --source-group Flushes all mappings. --source=<Persona> Species the source persona of the mapping cache to ush. Specify in one of the following forms: UID:<UID> GID:<GID> SID:<SID>
--all
65
NAME:{<User>|<Group>} USER:<User> GROUP:<Group>
--source-uid=<UID> Species the source UID of the mapping cache being ushed. --source-gid=<GID> Species the source GID of the mapping cache being ushed. --source-sid=<SID> Species the source SID of the mapping cache being ushed. --source-principal=<Principal> Species the source principal of the mapping cache being ushed. --source-name=<User> Species the source user name of the mapping cache being ushed. --source-user=<User> Species the source user of the mapping cache being ushed. --source-group=<Group> Species the source group of the mapping cache being ushed. Examples To empty the cache after making changes to the rules specied by either the isi auth config rules command or the User Mapping Rules page in the Isilon web administration interface, run the following command: isi auth mapping flush --all
isi auth mapping idrange

The isi auth mapping idrange command displays or modies the range that UIDs and GIDs are generated from. Syntax isi auth mapping idrange {--set-uid-low=<UID>|--set-uid-high=<UID> |--set-uid-hwm=<UID>|--set-gid-low=<GID>|--set-gid-high=<GID> |--set-gid-hwm=<GID>|--get-uid-range|--get-gid-range}... Options Note: Ranges should not include existing IDs or overlap with a range that might be used by other IDs on the cluster. If all IDs in the range are in use, ID allocation will fail. Ranges should be kept large enough to avoid running out of unused IDs.
You must specify to either set or get either exactly one UID range or exactly one GID range. Specify whether to set or get a UID or GID range using one of the following options: --set-uid-low --set-uid-high --set-uid-hwm
66
--set-gid-low --set-gid-high --set-gid-hwm --get-uid-range --get-gid-range
--set-uid-low=<UID> Sets the lowest UID value in the range. --set-uid-high=<UID> Sets the highest UID value in the range. --set-uid-hwm=<UID> Species the next UID that will be allocated (the high water mark). Note: If the high water mark is set above the high UID value, UID allocation will fail. The high water mark cannot be set below the lowest UID value in the range. If the specied <UID> is below the low UID value, the high water mark is set to low UID value.
--set-gid-low=<GID> Sets the lowest GID value in the range. --set-gid-high=<GID> Sets the highest GID value in the range. --set-gid-hwm=<GID> Species the next GID that will be used (the high water mark). Note: If the high water mark is set above the high GID value, GID allocation will fail. High water mark cannot be set below the lowest GID value in the range. If specied <GID> is below the low GID value, high water mark is set to low GID value.
--get-uid-range Displays the current UID range. --get-gid-range Displays the current GID range. Examples To view UID and GID ranges, run the following command: isi auth mapping idrange --get-gid-range --get-uid-range The system displays output similar to the following example: UID Range: low = 1000000, high = 2000000, hwm = 1000003 GID Range: low = 1000000, high = 2000000, hwm = 1000001 The following command sets the range of UIDs to 300000000-500000000: isi auth mapping idrange --set-uid-low=300000000 --set-uid-high=500000000 The system displays output similar to the following example: UID Range: low = 300000000, high = 500000000, hwm = 300000000
67
isi auth mapping import

The isi auth mapping import command imports mapping entries. Syntax isi auth mapping import --file=<Path> [--overwrite] Options --le=<Path>, -f<Path> Species the le to import. Files must be in the same format found by running the isi auth mapping dump command. --overwrite, -o Overwrites existing entries. Examples The following command add the mappings from /ifs/home/mappings.txt to the current mapping entries: isi auth mapping import -f=/ifs/home/mappings.txt The following command deletes the current mappings and overwrites them with mappings from /ifs/home/mappings.txt. isi auth mapping import -f=/ifs/home/mappings.txt -o
isi auth mapping list

The isi auth mapping list command lists the various mappings for a persona. Syntax isi auth mapping list {--source=<Persona>|--source-uid=<UID>| --source-gid=<GID>|--source-sid=<SID>|--source-principal=<Principal>| --source-name=<User>|--source-user=<User>|--source-group=<Group>} [--no-rpc] [--wide] Options You must specify exactly one source. Specify the source using one of the following options: --source --source-uid --source-gid --source-sid --source-principal --source-name --source-user --source-group
--source=<Persona> Displays mappings only of specied source.
68
Specify in one of the following forms: UID:<UID> GID:<GID> SID:<SID> NAME:{<User>|<Group>} USER:<User> GROUP:<Group>
--source-uid=<UID> Displays mappings only of specied source UID. --source-gid=<GID> Displays mappings only of specied source GID. --source-sid=<SID> Displays mappings only of specied source SID. --source-principal=<Principal> Displays mappings only of specied source principal. --source-name={<User>|<Group>} Displays mappings only of specied source user or group name. --source-user=<User> Displays mappings only of specied source user. --source-group=<Group> Displays mappings only of specied source group. --no-rpc Does not use RPC. --wide Displays output without truncations. Examples The following command lists mappings for user1: isi auth mapping list --source=USER:user1 The system displays output similar to the following example: Type Mapping
------------------------------------------------------------------------------------------------------Name user1 On-disk UID:2001 Unix uid 2001 (on disk) Unix gid None SMB S-1-5-21-2756868792-89031043-392775300-1000 NFSv4 user1
69
isi auth mapping modify

The isi auth mapping modify command creates mappings between two personae. Syntax isi auth mapping {--source=<Persona>|--source-uid=<UID> |--source-gid=<GID>|--source-sid=<SID>|--source-principal=<Principal> |--source-name={<User>|<Group>}|--source-user=<User> |--source-group=<Group>} {--target=<Persona>|--target-uid=<UID> |--target-gid=<GID>|--target-sid=<SID>|--target-principal=<Principal> |--target-name={<User>|<Group>} |--target-user=<User> |--target-group=<Group>} [--2way] [--replace] [--on-disk] [--auto] [--external] Options You must specify exactly one source and exactly one target. Specify the source using one of the following options: --source --source-uid --source-gid --source-sid --source-principal --source-name --source-user --source-group
Specify the target using one of the following parameters: --target --target-uid --target-gid --target-sid --target-principal --target-name --target-user --target-group
--source=<Persona> Creates mappings of specied source persona. Specify in one of the following forms: UID:<UID> GID:<GID> SID:<SID> NAME:{<User>|<Group>} USER:<User> GROUP:<Group>
--source-uid=<UID> Creates mappings of specied source UID. --source-gid=<GID>
70
Creates mappings of specied source GID. --source-sid=<SID> Creates mappings of specied source SID. --source-principal=<Principal> Creates mappings of specied source principal. --source-name={<User>|<Group>} Creates mappings of specied source user or group name. --source-user=<User> Creates mappings of specied source user. --source-group=<Group> Creates mappings of specied source group. --target=<Persona> Creates mapping to specied target persona. Specify in one of the following forms: UID:<UID> GID:<GID> SID:<SID> NAME:{<User>|<Group>} USER:<User> GROUP:<Group>
--target-uid=<UID> Creates mapping to specied target UID. --target-gid=<GID> Creates mapping to specied target GID. --target-sid=<SID> Creates mapping to specied target SID. --target-principal=<Principal> Creates mapping to specied target principal. --target-name={<User>|<Group>} Creates mapping to specied target user or group. --target-user=<User> Creates mapping to specied target user. --target-group=<Group> Creates mapping to specied target group. --2way Creates mapping on both the target and source directories. --replace If the source already has a mapping to the same target type, replaces that mapping. --on-disk Target persona should be used to represent the source on disk. --auto Mapping is automatically generated. --external Mapping is from an external source.
71
OneFS Command Reference Examples The following command creates a mapping between newUser and newGroup: isi auth mapping modify --source=GROUP:newUser --target-name=newGroup
isi auth mapping new

The isi auth mapping new command displays mappings between a source persona and a target type (UID, GID, SID , or principal) and automatically generates mappings if they do not exist. Syntax isi auth mapping new {--source=<Persona>|--source-uid=<UID>| --source-gid=<GID>|--source-sid=<SID>|--source-principal=<Principal>| --source-name={<User>|<Group>}|--source-user=<User>|--source-group=<Group>} {--uid|--gid|--sid|--principal} Options You must specify exactly one source and exactly one target type. Specify the source using one of the following options: --source --source-uid --source-gid --source-sid --source-principal --source-name --source-user --source-group
Specify the target type using one of the following options: --uid --gid --sid --principal
--source=<Persona> Species the source. Specify in one of the following forms: UID:<UID> GID:<GID> SID:<SID> NAME:{<User>|<Group>} USER:<User> GROUP:<Group>
--source-uid=<UID> Displays the mapping for the persona specied by the given UID. --source-gid=<GID> Displays the mapping for the persona specied by the given GID.
72
--source-sid=<SID> Displays the mapping for the persona specied by the given SID. --source-principal=<Principal> Displays the mapping for the persona specied by the given principal. --source-name={<User>|<Group>} Displays the mapping for the persona specied by the given user or group name. --source-user=<User> Displays the mapping for the persona specied by the given user. --source-group=<Group> Displays the mapping for the persona specied by the given group. --uid Displays the UID mapping. Note: If UID mapping already exists for this persona, no new mapping is created and the existing mapping is displayed. --gid Displays the GID mapping. Note: If GID mapping already exists for this persona, no new mapping is created and the existing mapping is displayed. --sid Displays the SID mapping. Note: If SID mapping already exists for this persona, no new mapping is created and the existing mapping is displayed. --principal Displays the principal mapping. Note: If principal mapping already exists for this persona, no new mapping is created and the existing mapping is displayed. Examples The following command displays the UID mapping for newGroup: isi auth mapping new --source=GROUP:newGroup --uid The system displays output similar to the following example: GROUP:newGroup -> 1000001 Note: The output is displayed in the same format regardless of whether the mapping is new or already exists.
73
isi auth mapping token

The isi auth mapping token command displays complete information about a mapped user by consulting external directory servers. Syntax isi auth mapping token --name=<string> [--oneline] [--wide] [--verbose] Options --name=<string> Required. Species the name of the mapped user to display information on. --oneline Displays information in abbreviated form on a continuous line. --wide, -w Displays output without truncations. --verbose, -v Includes mapping history in output. Examples The following command displays information about the user "admin": isi auth mapping token --name=admin The system displays output similar to the following example: Initial name: admin Final Token ---------------------------------------------------------------------------Primary uid: admin (10) Primary user sid: admin (SID:S-1-22-1-10) Primary gid: admin (10) Primary group sid: SID:S-1-22-2-10 On-disk user identity: admin (10) On-disk group identity: admin (10) The following command displays information about the user "admin" on one continuous line: isi auth mapping token --name=admin --oneline The system displays output similar to the following example: admin -> token={UID:10, GID:10, SID=SID:S-1-22-1-10, GROUPS={SID:S-1-22-2-10} }
74
isi auth mapping upgrade-db

The isi auth mapping upgrade-db command imports user and group mappings from mapping databases created prior to OneFS 6.5. Syntax isi auth mapping upgrade-db --file=<Path> [--uid-range=<number>-<number>] [--gid-range=<number>-<number>] {--clear-idrange|--clear-reverse-mappings|--overwrite|--append} Options You must specify exactly one import action. Specify the import action using one of the following options: --clear-idrange --clear-reverse-mappings --overwrite --append
--le=<Path>, -f<Path> Required. Species the user mapping database le to import mappings from (a .db le, usually idmap.db). --uid-range=<number>-<number> Species the range of auto-allocated UIDs. The default UID range is dened in the isi auth config settings. --gid-range=<number>-<number> Species the range of auto-allocated GIDs. The default GID range is dened in the isi auth config settings. --clear-idrange Clears all existing mappings in UID and GID ranges before importing new mappings. Note: If UID or GID ranges are not specied by --uid-range or --gid-range parameters, this option applies to the ID ranges dened in the isi auth config settings. --clear-reverse-mappings Removes all existing mappings for any newly imported IDs. --overwrite, -o Overwrites existing mappings. --append Appends imported mappings without modifying existing mappings. Examples The following command overwrites existing mappings in the mapping database with mappings from idmap.db: isi auth mapping upgrade-db --file=idmap.db --overwrite
75
isi auth status

The isi auth status command displays the current status of authentication providers. Syntax isi auth status [--provider=<string>] [--refresh] [--verbose] Options If no options are specied, the current status of all authentication providers is displayed. --provider=<string>, -p<string> Displays information about a specic provider. --refresh, -r Refreshes the current status before displaying output. --verbose, -v Displays information on the mode, primary domain, forest and site of providers. Examples To view information about all providers including mode, status, primary domain, forest and site, run the following command: isi auth status --verbose The system displays output similar to the following example: lsa-id-provider: Mode: Status: local system active
lsa-activedirectory-provider: Mode: unprovisioned Status: online Primary Domain: TEST.ISILON.COM Forest: test.isilon.com Site: SiteA lsa-local-provider: Mode: Status: Primary Domain: lsa-nss-provider: Mode: Status: lsa-file-provider: Mode: Status: lsa-ldap-provider: Mode: Status: lsa-nis-provider: local system active DOMAIN local system active unknown disabled unknown disabled
76
Mode: Status:
unknown disabled
isi avscan config

The isi avscan config command sets and displays global conguration settings for anti-virus scanning. Syntax isi avscan config [--scan-on-open=<boolean>] [--fail-open=<boolean>] [--scan-on-close=<boolean>] [--max-scan-size=<MaxSize>] [--repair=<boolean>] [--quarantine=<boolean>] [--truncate=<boolean>] [--report-expiry=<Duration>] [--glob-enable=<boolean>] [--glob-include=<boolean>] [--glob-filter=<string> ...] [--path-prefix=<string>] [--add-server=<string>] [--del-server=<number>] [--enable-server=<number>] [--disable-server=<number>] Options If no options are specied, all global conguration settings are displayed. --scan-on-open=<boolean> Scans les on access. --fail-open=<boolean> Allows or denies access if scanning fails. --scan-on-close=<boolean> Scans les when applications close them. --max-scan-size=<MaxSize> Does not scan les larger than the specied size. Set to 0, unlimited, u, infinite, or I for the default (and maximum) size of 2GB. Note: Although the parameter accepts values larger than 2GB, the system does not scan les larger than 2GB. --repair=<boolean> Tries to repair les when threats are found. --quarantine=<boolean> Tries to quarantine les when threats are found. --truncate=<boolean> Tries to truncate les to a size of 0 bytes when threats are found. --report-expiry=<Duration> Species number of seconds until old reporting data is purged. --glob-enable=<boolean> Enables glob-lters. Even if set to true, glob-lters will remain disabled if no glob-lters are specied. --glob-include=<boolean> Controls interpretation of glob-lters. If set to true, it only scans les that match a global lter. If set to false, it only scans les that do not match any global lters. --glob-lter=<string>
77
Species pattern of lename; this option overwrites any existing lters. Multiple lters can be specied by using multiple "--glob-lter" options (for example: isi avscan config --glob-filter="*.txt" --glob-filter="*.log"). --path-prex=<string> Species one or more paths to include in real-time scans; this option overwrites any existing prexes. Multiple prexes can be specied by using multiple "--path-prex" options (for example: isi avscan config --path-prefix="prefix1" --path-prefix=="prefix2"). --add-server=<string> Species the URL of a new ICAP server to add. --del-server=<number> Deletes the specied server from the conguration le. --enable-server=<number> Enables the specied server in the conguration le. --disable-server=<number> Disables the specied server in the conguration le. Examples To view the current global conguration, run the following command: isi avscan config The system displays output similar to the following example: Glob filters: Remediations: Max scan size: Scan on open: fail open: Scan on close: Report expiry: disabled, exclude patterns repair, quarantine 2147483647 disabled enabled disabled 31536000
To scan only .txt and .log les, run the following command: isi avscan config --glob-enable=true --glob-include=true --glob-filter="*.txt" --glob-filter=".log"
isi avscan get

The isi avscan get command displays le attributes. Syntax isi avscan get [--name=]<name> Options --name=<name>, -n=<name> Required. Species the name of the le to be viewed. Examples The following command displays the status of the /ifs/README.txt le: isi avscan get --name=/ifs/README.txt
78
The system displays output similar to the following example: File: /ifs/README.txt Last scan: never Scan result: never scanned Last ISTag: <none> Scan status: not current Quarantined: false
isi avscan manual

The isi avscan manual command manually scans a le for viruses. Syntax isi avscan manual [--name=]<name> [--policy=<string>] [--report=<string>] [--force=<boolean>] Options --name=<name>, -n=<name> Required. Species the name of the le to scan. --policy=<string>, -p<string> Optionally species the Policy ID. The default ID is MANUAL. --report=<string>, -r<string> Optionally species the Report ID. The ID is generated dynamically by default. --force=<boolean>, -f<boolean> Determines whether to set the force scan ag. The default setting is true. Examples To scan the /ifs/README.txt le manually, run the following command: isi avscan manual --name=/ifs/README.txt
isi avscan policy

The isi avscan policy command displays information about existing anti-virus scan policies. Syntax isi avscan policy [--id=<string>] Options If no options are specied, all existing policies are displayed. --id=<string> Displays only the policy with the specied ID. Examples The following command displays information about a policy with an ID of "4db5d4b7100681":
79
isi avscan policy --id=4db5d4b7100681 The system displays output similar to the following example: Policy id: Status: Name: Description: Paths: /ifs/home Recursion depth: Force: Last run: Scheduled run: Next run: 4db5d4b7100681 enabled newpolicy This policy scans the etc folder unlimited disabled 04-25-2011 13:08 every Friday at 4:00pm 04-29-2011 16:00
isi avscan policy add

The isi avscan policy add command creates an anti-virus scan policy. Syntax isi avscan policy add --name=<string> [--id=<string>] [--enable=<boolean>] [--description=<string>] [--path=<directory> ...] [--force=<boolean>] [--schedule="<Interval> [<Frequency>]"] Options --name=<string> Required. Species the name of the policy. --id=<string> Species the ID of the policy. If no ID is specied, one is generated. --enable=<boolean> Enables or disables this policy. The default value is false. --description=<string> Species a description of this policy. --path=<directory> Species a path to include in the scan. This option can be specied multiple times. --force=<boolean> Species whether to complete the scan regardless of policy or cache. The default value is false. --schedule="<Interval> [<Frequency>]" Species when the policy is run. If this policy is intend for manual use only, specify an empty string (--schedule=""). <Interval> is required and can take one of the following forms: every every every every ...]] every <day of the week>[, ...] [<number between 1 and 31>] day [<number between 1 and 23>] weekday [<number between 1 and 52>] week [on <day of the week>[, [<number>] months [on the <number between 1 and 31>[st]]
80
the {<number between 1 and 5>|last} <day of the week> every [<number between 1 and 12>] month the {<number between 1 and 23>|last} weekday every [<number between 1 and 12>] month the <number between 1 and 31>[st] every [<number between 1 and 31>[st]] month the last day every [<number between 1 and 31>[st]] month yearly on <month> [<number between 1 and 31>[st]]
<Frequency> is optional and can take either of the following forms (using either the 24 hour or 12 hour am/pm clock): at {<Hr>[:<Min>][{am|pm}]} every [<Number>] {hours|minutes} [from {<Hr>[:<Min>][{am|pm}]} to {<Hr>[:<Min>][{am|pm}]}]
Examples The following command creates an enabled policy that will scan the /ifs/ directory every Friday at 4:00pm: isi avscan policy add --name=newpolicy --enable=true --description="This policy scans the ifs directory" --path=/ifs/ --schedule="every Friday at 4:00pm"
isi avscan policy delete

The isi avscan policy delete command deletes an existing anti-virus scan policy. Syntax isi avscan policy delete --id=<string> Options --id=<string> Required. Species the ID of the policy to delete. Examples The following command deletes a policy with an id of 2dafc5c9161c51: isi avscan policy delete --id=2dafc5c9161c51
isi avscan policy edit

The isi avscan policy edit command modies an existing anti-virus scan policy. Syntax isi avscan policy edit --id=<string> [--enable=<boolean>] [--name=<string>] [--description=<string>] [--path=<directory> ...] [--force=<boolean>] [--schedule="<Interval> [<Frequency>]"] Options --id=<string>
81
Required. Species the ID of the policy. --enable=<boolean> Enables or disables this policy. --name=<string> Species the new name of the policy. --description=<string> Species a new description of this policy. --path=<directory> Species a new path to include in the anti-virus scan. This option can be specied multiple times. --force=<boolean> Species whether to complete the scan regardless of policy or cache. The default value is false. --schedule="<Interval> [<Frequency>]" Species when the policy is run. If this policy is intend for manual use only, specify an empty string (--schedule=""). <Interval> is required and can take one of the following forms: every <day of the week>[, ...] every [<number between 1 and 31>] day every [<number between 1 and 23>] weekday every [<number between 1 and 52>] week [on <day of the week>[, ...]] every [<number>] months [on the <number between 1 and 31>[st]] the {<number between 1 and 5>|last} <day of the week> every [<number between 1 and 12>] month the {<number between 1 and 23>|last} weekday every [<number between 1 and 12>] month the <number between 1 and 31>[st] every [<number between 1 and 31>[st]] month the last day every [<number between 1 and 31>[st]] month yearly on <month> [<number between 1 and 31>[st]]
Examples The following command disables the policy with an ID of 2dafc5c9161c51: isi avscan policy edit --id=2dafc5c9161c51 --enable=false
82
isi avscan policy run

The isi avscan policy run command runs an anti-virus scan policy. Syntax isi avscan policy run --id=<string> [--report=<string>] [--force=<boolean>] [--update=<boolean>] Options --id=<string> Required. Species the policy ID. --report=<string, -r<string> Species the optional report ID. --force=<boolean>, -b<boolean> Forces the policy to run. --update=<boolean> Species whether to update the last run time in policy le. The default value is true. Examples The following command runs a policy with an ID of 2dafc5c9161c51 and sets the ID of the report to "newReport": isi avscan policy run --id=2dafc5c9161c51 --report=newReport The system displays output similar to the following example: Submitting policy 2dafc5c9161c51 To view results, run: isi avscan report scan --report-id=newReport
isi avscan quarantine

The isi avscan quarantine command quarantines a le manually. Quarantined les cannot be read or written to. Syntax isi avscan quarantine [--name=]<Name> Options --name=<Name>, -n=<Name> Required. Species the name of the le to quarantine. Example The following command quarantines /ifs/home/user/file.type: isi avscan quarantine /ifs/home/user/file.type
83
isi avscan report purge

The isi avscan report purge command deletes old anti-virus scan records. Syntax isi avscan report purge [--expire=<duration>] Options If no options are specied, the command deletes records that are older than the value specied by the isi avscan config --report-expiry option. --expire=<duration>,-e<duration> Sets the minimum age of records to be deleted, in seconds. Examples To delete records that are more than one week old, run the following command: isi avscan report purge --expire=604800
isi avscan report scan

The isi avscan report scan command displays information about recent anti-virus scans. Syntax isi avscan report scan [--detail] [--wide] [--export=<string>] [--max-results=<number>] [{--all | --report-id=<string> | --policy-id=<string>}] [--running] Options If no options are specied, a summary of recently completed scans is displayed. --detail, -d Displays details of results. --wide, -w Displays results in a wide table. --export=<string>, -e<string> Exports results to a le. --max-results=<number>, -m<number> Species the maximum number of results to display. --all, -a Displays all scans, regardless of when the scans were run. --report-id=<string>, -r<string> Species optional report ID. --policy-id=<string>, -p<string> Species optional policy ID. --running, -R
84
Displays only scans that are still in progress. Examples The following command displays only the most recent record: isi avscan report scan -max-results=1 The system displays output similar to the following example: Report ID: R:4dadd90d:16e10 Policy ID: MANUAL Status: Failed Start time: 04-19-2011 11:48:45 End time: 04-19-2011 11:48:45 Duration: Files: 0 Size: 0 Sent Bytes: 0 Threats: 0 Bandwidth: 1 records displayed.
isi avscan report threat

The isi avscan report threat command displays information about recent threats. Syntax isi avscan report threat [--detail] [--wide] [--export=<string>] [--max-results=<number>] [-all] [report-id=<string>] [--file=<string>] [--remediation=<string>] Options If no options are specied, information on recently detected threats. --detail, -d Displays details of results. --wide, -w Displays results in a wide table format. --export=<string>, -e<string> Exports results to a le. --max-results=<number>, -m<number> Species the maximum number of results to display. --all, -a Displays all results. --report-id=<string>, -r<string> Species optional report ID. --le=<string>, -f<string> Only displays information on the specied le. --remediation=<string>, -R<string>
85
Displays information only on threats that involved the specied action. The following values are valid: Examples To view recent threats, run the following command: isi avscan report threat If any records exist, the system displays output similar to the following example: Report ID: R:4db6cdbc:29bc File: /ifs/eicar.com Time: 04-26-2011 13:51:29 Remediation: Quarantined Threat: EICAR Test String Infected: eicar.com Policy ID: MANUAL 1 records displayed. infected truncated repaired quarantined
isi avscan unquarantine

The isi avscan unquarantine command removes a quarantine. Quarantined les cannot be read or written to. Syntax isi avscan unquarantine [--name=]<Name> Options --name=<Name>, -n<Name> Species the name of the le to remove quarantine from. Example The following command removes a quarantine from /ifs/home/user/file.type: isi avscan unquarantine /ifs/home/user/file.type
isi batterystatus
The isi batterystatus command displays the current state of NVRAM batteries and charging systems on node hardware that supports this feature. Syntax isi batterystatus
86
OneFS Command Reference Options There are no options for this command. Examples To view the current state of NVRAM batteries and charging systems, run the following command: isi batterystatus If the node hardware is not compatible, the system displays output similar to the following example: Battery status not supported on this hardware
isi config
The isi config command opens a new console where node and cluster settings can be congured. Note: While in isi config console, other Isilon IQ commands are unavailable and only isi config commands are valid. Syntax isi config
changes
The changes command displays a list of changes to the cluster conguration that have been entered into the isi config tool, but have not been applied to the system yet. To apply the changes displayed by the changes command, run the commit command. Note: This command must be run from within the isi config cluster conguration tool.
Syntax changes Examples To view a list of changes that have not been committed yet, run the following command: changes The system displays output similar to the following example: Cluster name : oldName -> newName Encoding : utf-8 -> cp932 int-a IP ranges : { 192.168.3.142-192.168.5.215 } -> { 192.168.5.11-192.168.8.155 } Node id 1 lnn : 1 -> 5 Node 1 lni int-a: 192.168.5.135 -> 192.168.7.143 Node 2 lni int-a: 192.168.5.162 -> 192.168.7.201 Join mode : Manual -> Secure
87
commit
The commit command applies conguration settings that have been entered into the the isi config tool, but have not been applied to the system yet. After applying the changes, the commit command exits the isi config tool. Note: This command must be run from within the isi config cluster conguration tool.
Syntax commit Examples To commit all changes and exit the isi config tool, run the following command: commit
date
The date command displays and sets the current time and date on a node. Note: This command must be run from within the isi config cluster conguration tool.
Syntax date [<time_and_date>] Options If no options are specied, the current time and date for this node is displayed. <time_and_date> Sets the current cluster time. Specify in the following form: <yyyy>/<mm>/<dd> <hh>:<mm>:<ss> Examples The following command sets the time and date to 1:00pm on January 1st, 2011: date 2011/01/01 13:00:00 Note: Changes will not be updated until you run the commit command and reboot the cluster. However, the updated date will reect time passed since you originally specied the new date. For example, if you set the time for 1:00pm, and then run commit ve minutes later, the time is set to 1:05pm.
deliprange
The deliprange command displays a list of IP addresses that are currently assignable to nodes and removes addresses from the list. Note: This command must be run from within the isi config cluster conguration tool.
Syntax deliprange [<interface-name> [<IP range>]]
88
OneFS Command Reference Options If no options are specied, the current list of IP ranges that can be assigned to nodes is displayed. <interface-name> Species the name of the interface. Valid values are: int-a int-b failover <IP range> Species the range of IP addresses that are no longer assignable to nodes. Specify in form "<lowest IP>-<highest IP>". Note: IP range cannot include an IP address that is currently assigned to a node belonging to the specied interface. Examples The following command removes the IP range of 192.168.3.142-192.168.5.215 from int-b: deliprange int-b 192.168.3.142-192.168.5.215 To display a list of IP address ranges that are currently assignable to nodes, run the following command: deliprange The system displays output similar to the following example: Interface int-a IP Ranges: 192.168.5.11-192.168.8.155 192.168.9.25-192.168.9.84 Interface int-b IP Ranges: No IP Ranges assigned. Interface failover ip ranges: No IP Ranges assigned. To display the currently available IP ranges for int-a, run the following command: deliprange int-a The system displays output similar to the following example: Interface int-a IP Ranges: 192.168.5.11-192.168.8.155 192.168.9.25-192.168.9.84 Note: Changes will not be updated until you run the commit command and reboot the cluster.
encoding
The encoding command sets the default encoding. Note: This command must be run from within the isi config cluster conguration tool.
Syntax encoding [{list|<Encoding>}]
89
OneFS Command Reference Options If no options are specied, the current encoding is displayed. list Displays a list of supported encodings. <Encoding> Species the default encoding. Examples To view a list of possible encodings, run the following command: encoding list To set the default encoding to Windows-949, run the following command: encoding cp932 Note: Changes will not be updated until you run the commit command and reboot the cluster.
exit
The exit command discards changes and exits the isi config tool. The quit command is an alias of this command. Note: This command must be run from within the isi config cluster conguration tool.
Syntax exit Examples To exit the isi config tool without committing any changes that were entered, run the following command: exit
help
The help command displays a list of all isi config commands and information about specic command. Note: This command must be run from within the cluster conguration tool, isi config.
Syntax help [<command>] Options If no options are specied, all valid commands are displayed. <command> Displays information about the specied command. The following values are valid: changes commit date
90
Examples
deliprange encoding exit help interface iprange ipset joinmode lnnset migrate netmask quit reboot remove shutdown status timezone version wizard
To view a list of all commands, run the following command: help
To view help for the encoding command, run the following command: help encoding
interface
The interface command sets and displays the IP ranges, netmask, MTU of interfaces, and whether interfaces are enabled or disabled. Note: This command must be run from within the isi config cluster conguration tool, isi config.
Syntax interface [<interface-name> [<enable/disable>]] Options If no options are specied, displays the IP ranges, netmask, MTU of interfaces, and whether interfaces are enabled or disabled. <interface-name> Species the name of the interface. Valid names are int-a and int-b. <enable/disable> Enables or disables int-b. Valid values are enable and disable. Note: This option is only valid if <interface-name> is set to int-b, and int-b has a netmask and IP range.
91
OneFS Command Reference Examples To enable interface a, run the following command: interface int-a enable To view the IP ranges, netmask and MTU of interface a, run the following command: interface int-a The system displays output similar to the following example: Information for int-a interface: Netmask : 255.255.255.0 IP Ranges : 192.168.5.11-192.168.8.155 Flags : Cluster Traffic, Enabled Note: Changes will not be updated until you run the commit command and reboot the cluster.
iprange
The iprange command displays a list of IP addresses that are currently assignable to nodes adds addresses to the list. Note: This command must be run from within the isi config cluster conguration tool.
Syntax iprange [<interface-name> [<IP range>]] Options If no options are specied, a list of IP ranges that are currently assignable to nodes is displayed. <interface-name> Species the name of the interface. The following values are valid: int-a int-b failover
<lowest IP>-<highest IP> Species the range of IP addresses that are now assignable to nodes. Specify in form "<lowest IP>-<highest IP>". The range must not be larger than 65535. Examples To display a list of IP address ranges that are currently assignable to nodes, run the following command: iprange The system displays output similar to the following example: Interface int-a IP Ranges: 192.168.9.25-192.168.9.84 Interface int-b IP Ranges: No IP Ranges assigned. Interface failover ip ranges: No IP Ranges assigned.
92
To display the currently available IP ranges for int-a, run the following command: iprange int-a The system displays output similar to the following example: Interface int-a IP Ranges: 192.168.9.25-192.168.9.84
The following command adds the IP range of 192.168.5.11-192.168.8.155 from int-a: iprange int-a 192.168.5.11-192.168.8.155 Note: Changes will not be updated until you run the commit command and reboot the cluster.
joinmode
Displays or changes the cluster add node setting. Note: This command must be run from within the cluster conguration tool, isi config.
Syntax joinmode [<mode>] Options If no options are specied, the current add node setting is displayed. <mode> Species the cluster add node setting. The following values are valid: manual Congures the cluster to add new nodes in a separate, manually executed process. secure Congures the cluster to disallow any new node from joining the cluster externally. Examples To congure the cluster to disallow any new node from joining the cluster externally, run the following command: joinmode secure Note: Changes will not be updated until you run the commit command and reboot the cluster.
lnnset
The lnnset command displays the logical node number (LNN), device ID, and internal IP address for each node in the cluster, and changes the LNNs of nodes. Note: This command must be run from within the isi config cluster conguration tool.
Syntax lnnset [<old lnn> <new lnn>]
93
OneFS Command Reference Options If no options are specied, this command displays a table containing the LNN, device ID, and internal IP address of each node in the cluster. <old lnn> Species the current LNN. <new lnn> Species a new LNN for the node. New LNN must not be currently assigned to another node. Examples To change the LNN of a node from 1 to 5, run the following command: lnnset 1 5 Note: Changes will not be updated until you run commit and reboot the cluster.
migrate
The migrate command displays and modies a list of IP address ranges that are currently assignable to nodes. Note: This command must be run from within the isi config cluster conguration tool.
Syntax migrate [<interface-name> [[<old IP range>] <new IP range> [-n<netmask>]]] Options If no options are specied, a list of IP address ranges that are currently assignable to nodes is displayed. <interface-name> Species the name of the interface. Valid values are: int-a int-b failover <old IP range> Species the range of IP addresses that are no longer assignable to nodes. If not specied, all existing IP ranges are removed before the new IP range is added. Specify in form "<lowest IP>-<highest IP>". <new IP range> Species the range of IP addresses that are now assignable to nodes. Specify in form "<lowest IP>-<highest IP>". -n<netmask> Species a new netmask for the interface. Examples To delete the IP range of 192.168.5.11-192.168.8.155 for int-a and replace it with the range of 192.168.9.25-192.168.9.84, run the following command: migrate int-a 192.168.5.11-192.168.8.155 192.168.9.25-192.168.9.84
94
Note: If more than one node is given a new IP address, the cluster will reboot when the change is committed. If only one node is given a new IP address, only that node is rebooted.
mtu
The mtu command displays and sets the size of the Maximum Transmission Unit (MTU) the cluster uses for internal network communications. Note: This command must be run from within the cluster conguration tool, isi config.
Syntax mtu [<Value>] Options If no options are specied, the current MTU value is displayed. <Value> Species a new MTU value. Any value is valid, but not all values will be compatible with your network. The most common settings are 1500 for standard frames and 9000 for jumbo frames. Examples To set the MTU value to 9000, run the following command: mtu 9000 Note: Changes to the MTU affect all internal networks, but changes will not be updated until you run the commit command and reboot the cluster.
name
The name displays and changes the name assigned to the cluster. Note: This command must be run from within the cluster conguration tool, isi config.
Syntax name [<NewName>] Options <NewName> Species a new name for the cluster. Example To change the name of a cluster to "newName", run the following command: name newName
netmask
The netmask command displays the subnet IP masks that the cluster is currently using, and sets new subnet IP masks. Note: This command must be run from within the cluster conguration tool, isi config.
95
OneFS Command Reference Syntax netmask [<interface-name> [<IP-mask>]] Options If no options are specied, the current subnet IP masks are displayed. <interface-name> Species the interface name. Valid values are int-a and int-b. <IP Mask> Species a new IP mask for the interface. Examples To set the netmask of interface a to 255.255.255.0, run the following command: netmask int-a 255.255.255.0 Note: Changes will not be updated until you run the commit command and reboot the cluster.
quit
The quit command is an alias of the exit command. For information about this command, see the exit command reference topic.
reboot
The reboot command reboots nodes. Note: The following information describes the behavior of the reboot command while in the isi config cluster conguration tool. Note: If on an uncongured node, reboot does not accept any arguments.
Syntax reboot [<nodes>] Options If no options are specied, only the local node is rebooted. nodes Species which nodes to reboot. Valid values are <any_node_LNNs> and all. Examples To reboot a node with an LNN of 3, run the following command: reboot 3
shutdown
The shutdown command shuts down nodes. Note: The following information describes the behavior of the reboot command while in the isi config cluster conguration tool.
96
OneFS Command Reference Syntax shutdown [<nodes>] Options If no options are specied, only the local node is shut down. <nodes> Species one or more nodes to shut down. Valid values are <any_node_LNNs> and all. Examples To shut down a node with an LNN of 3, run the following command: shutdown 3
status
The status command displays current information about the status of the cluster. Note: This command must be run from within the isi config cluster conguration tool.
Syntax status [advanced] Options If no options are specied, this command displays status information for the local node and enabled interfaces. advanced Displays detailed information about all nodes and interfaces. Examples To display information about the local node and enabled interfaces, run the following command: status The system displays output similar to the following example: Configuration for 'Cluster' Local machine: ----------------------------------+----------------------------------------Node LNN : 1 | Date : 2011/04/19 14:34:46 PDT ----------------------------------+----------------------------------------Interface : ib1 | MAC : 00:02:c9:02:00:00:58:fa IP Address : 192.168.7.143 | MAC Options : none ----------------------------------+----------------------------------------Network: ----------------------------------+----------------------------------------JoinMode : Manual Interfaces: ----------------------------------+----------------------------------------Interface : int-a | Flags : enabled_ok cluster_traffic Netmask : 255.255.255.0 | MTU : N/A ----------------+-----------------+------------------+---------------------Low IP | High IP | Allocated | Free ----------------+-----------------+------------------+----------------------
97
192.168.5.11 | 192.168.8.155 | 3 | 0 ----------------+-----------------+------------------+----------------------
timezone
The timezone command displays the current time zone and species new timezones. Note: This command must be run from within the isi config cluster conguration tool.
Syntax timezone [<TimezoneIdentifier>] Options If no options are specied, the current timezone identier is displayed. <TimezoneIdentier> Species the new time zone for the cluster. The following values are valid: Alaska Arizona Central Time Zone Easter Time Zone Greenwich Mean Time Hawaii Japan Mountain Time Zone Pacific Time Zone Advanced: Opens a prompt with more time zone options.
The default timezone is Greenwich Mean Time. Example To set the time zone on the cluster to Pacic time, run the following command: timezone Pacific Time Zone
version
The version command displays information about the currently running version of the operating system. Note: This command must be run from within the isi config cluster conguration tool.
Syntax version
wizard
The wizard command re-activates the wizard after it has been exited during the initial node conguration process. Note: This command is only valid during initial cluster conguration.
98
Note: This command must be run from within the isi config cluster conguration tool.
Syntax wizard Note: This command is not valid after the initial node conguration process is complete. It is only valid if the wizard has been exited during the initial node conguration process.
isi devices
The isi devices command displays information about devices in the cluster and changes their status. Syntax isi devices [--action=<Action> [--grid]] [--device=<Device>] [--log=<SyslogTag>] [--timeout=<Timeout>] Options If no options are specied, the current status of the local node is displayed. --action=<Action>, -a<Action> The following actions are valid: add Adds a node to the cluster. This action's --device=<Device> parameter is the node serial number of the node being added. The add action cannot be performed on an unavailable node. If an error occurs during the add process, the status of the uncongured node will include a description of the error. conrm Acknowledges that an error has occurred during the add process, and makes an uncongured node available for further add attempts. The action's --device=<Device> parameter is the node serial number of the uncongured node. The add action cannot be performed on an unavailable node. discover This action will display the failure status of any relevant error messages. This action does not accept a device argument. smartfail Smartfails a node or drive. This action's --device parameter is the logical node number (LNN) of the node, or both the LNN of the node and the number of the drive. status Displays status of nodes or drives. This action's --device parameter is the LNN of the node, or both the LNN of the node and the number of the drive. stopfail Stopfails a node or drive. This action's --device parameter is the LNN of the node, or both the LNN of the node and the number of the drive. format
! Caution: The format action is intended for use only by an Isilon support representative,
or under their instruction. The format action can be used only on a drive that has been smartfailed or otherwise removed from the system. If OneFS has automatically smartfailed a faulty drive, the faulty drive should not be formatted and forced back into service.
99
This action's --device parameter must be a drive. The action initiates a OneFS format of the specied drive. Once the format is complete, the drive is automatically initialized and utilized by OneFS. If no action is specied, the action is status. --grid, -g Formats the output of the status action as a grid that represents the physical layout of the bays in the chassis. --device=<Device>, -d<Device> Species the device on which to perform the action. If --action requires both an LNN and drive, specify in form "<LNN>:<drive>". <drive> can be specied as [bay]<N> or lnum<N>, where <N> is a valid bay or lnum number. If only :<drive> is specied, the local node is assumed. --log=<SyslogTag>, -L<SyslogTag> Logs the action result along with the specied tag to /var/log/messages. Only successfully parsed commands are logged. The following actions are supported: add smartfail stopfail format
--timeout=<Timeout> Species a timeout for the cluster information gather. Example To view the status of a node with a LNN of 2 in a grid format, run the following command: isi devices --action=status --device=2 --grid The system displays output similar to the following example: Node 2, [ OK ] Bay 1, Lnum 11 [HEALTHY] SN:XXXXXXXX /dev/twed0 Bay 5, Lnum 10 [HEALTHY] SN:XXXXXXXX /dev/twed1 Bay 9, Lnum 9 [HEALTHY] SN:XXXXXXXX /dev/twed2 Bay 2, Lnum 8 [HEALTHY] SN:XXXXXXXX /dev/twed3 Bay 6, Lnum 7 [HEALTHY] SN:XXXXXXXX /dev/twed4 Bay 10, Lnum 6 [HEALTHY] SN:XXXXXXXX /dev/twed5 Bay 3, Lnum 5 [HEALTHY] SN:XXXXXXXX /dev/twed6 Bay 7, Lnum 4 [HEALTHY] SN:XXXXXXXX /dev/twed7 Bay 11, Lnum 3 [HEALTHY] SN:XXXXXXXX /dev/twed8 Bay 4, Lnum 2 [HEALTHY] SN:XXXXXXXX /dev/twed9 Bay 8, Lnum 1 [HEALTHY] SN:XXXXXXXX /dev/twed10 Bay 12, Lnum 0 [HEALTHY] SN:XXXXXXXX /dev/twed11
To add a node with a serial number of "1MF2N-0QZRL-IVF2R-EXAMP-LE000" to the cluster and log the result with the tag "test", run the following command: isi devices --action=add --device=1MF2N-0QZRL-IVF2R-EXAMP-LE000 --log=test
100
isi domain create

The isi domain create command is an alias of the isi worm create command. For usage information and examples, see the isi worm create reference topic.
isi domain filedelete

The isi domain filedelete command is an alias of the isi worm filedelete command. For usage information and examples, see the isi worm filedelete reference topic.
isi domain info

The isi domain info command displays SyncIQ and SmartLock information for a directory or le. Syntax isi domain info [--path=]<Path> Options --path=<Path>, -p=<Path> Species the absolute path to a le or directory, beginning at /ifs. Examples For the following scenarios, assume that /ifs/data/lock is a directory containing SmartLock and non-SmartLock les, and /ifs/data/pol1_dest is the target directory of a SyncIQ policy. To view domain information about the /ifs/data/pol1_dest directory, type: isi domain info -p /ifs/data/pol1_dest The system displays output similar to the following example: Domain Info for: /ifs/data/pol1_dest Domains ------ID | Root Path | Type ------+----------------+---------65537 | /ifs/pol1_dest | SyncIQ This output indicates that the directory is a SyncIQ directory whose ID is 65537. To view domain information about the /ifs/data/lock directory, type: isi domain info -p /ifs/data/lock/ The system displays output similar to the following example: Domain Info for: /ifs/data/lock Domains ------ID | Root Path
| Type
101
------+----------------+---------65536 | /ifs/data/lock | SmartLock This output indicates that the directory is a SmartLock root whose ID is 65536. To view information about a le named wormfile.txt in the /ifs/data/lock/ directory, type: isi domain info -p /ifs/data/lock/wormfile.txt The system displays output similar to the following example: Domain Info for: /ifs/data/lock/wormfile.txt Domains ------ID | Root Path | Type ------+----------------+---------65536 | /ifs/data/lock | SmartLock SmartLock State: COMMITTED Expires: 2011-04-15 09:31:24
In this example, wormfile.txt is in a SmartLock directory tree rooted at /ifs/data/lock, and has been committed to a SmartLock state.
isi domain list

The isi domain list command displays a list of SyncIQ and SmartLock root directories on the cluster. Syntax isi domain list [--long] Options --long, -l Displays additional information about each SyncIQ or SmartLock root directory. Examples To view information about each SyncIQ or SmartLock root on the cluster, type: isi domain list In the following sample output, the cluster contains one SyncIQ and one SmartLock root directory: Root Path | Type ----------------+----/ifs/data/worm | SmartLock /ifs/pol1_dest | SyncIQ
102
isi domain modify

The isi domain modify command is an alias of the isi worm modify command. For usage information and examples, see the isi worm modify reference topic.
isi email
The isi email command congures the settings of email messages that are sent by system applications such as Events and SmartQuotas. Syntax isi email [--mail-relay=]<string> [--smtp-port=<number>] [mail-sender=<Sender>] [--mail-subject=<string>] [--use-smtp-auth=<boolean>] [--auth-user=<string>] [--auth-pass=<string>] [--use-encryption=<boolean>] Options --mail-relay=<string> Species the SMTP relay address. --smtp-port=<number> Species the SMTP relay port. The default value is 25. --mail-sender=<Sender> Emails generated by the system are displayed as being sent from the specied <Sender>. For example, if a cluster named examplecluster1.storage.company.com generated an email message while <Sender> was set to notification, the message would appear to have been sent from notication@examplecluster1.storage.company.com. --mail-subject=<string> Begins the subject line of each system-generated email with the specied prex string. --use-smtp-auth=<boolean> Species whether to use SMTP authentication. --auth-user=<string>, -u<string> Species the username for SMTP authentication. --auth-pass=<string>, -p<string> Species the password for SMTPauthentication. --use-encryption=<boolean> Species whether to use Transport Layer Security (TLS) encryption for SMTP Authentication. Examples The following command enables SMTP authentication and logs in through smtpUser: isi email --use-smtp-auth=true --auth-user=smtpUser --auth-pass=password The following command sets an alias of the mail sender to example@company.com and populates the Subject line of each generated email with "OneFS system message": isi email --mail-sender=example@company.com --mail-subject="OneFS system message"
103
isi email list

The isi email list command lists email settings. Syntax isi email list Options There are no options for this command. Examples To display a list of email settings, run the following command: isi email list The system displays output similar to the following example: SMTP relay address: SMTP relay port: Send email as: Subject: Use SMTP AUTH: Uername: Password: Use Encryption (TLS): relay@company.com 25 notification@cluster.com OneFS system message Yes smtpUser ******** No
isi events cancel

The isi events cancel command cancels events. The isi alerts cancel command is an alias of this command. Syntax isi events cancel [--instanceids=]<InstanceIDs> Options --instanceids=<IntanceIDs>, -I=<InstanceIDs> Required. Species one or more instance IDs of the events to cancel. Multiple instances can be specied in a comma-separated list. To cancel all events, specify all. Examples The following command cancels an event with an ID of 1.99: isi events cancel 1.99 The following command cancels the events with IDs of 1.28,1.38 and 1.75: isi events cancel 1.28,1.38,1.75 The following command cancels all events: isi events cancel --instanceIDs=all
104
isi events list

The isi events list command displays a list of system events. The isi alerts list command is an alias of this command. Syntax isi events list [--all] [--oldest=<Time>] [--newest=<Time>] [--history] [--coalesced] [--severity=<value>] [--localdb] [--nodes=<value>] [--types=<number>] [--columns=<string>] [--sort-by=<string>] [--csv] [--wide] Options If no options are specied, this command displays coalesced, unquieted, non-historical events in a condensed table. --all, -A Includes all events. This parameter overrides any restrictions set by other parameters. --oldest=<Time>, -o<Time> Species the oldest event to display. Specify in one of the following forms: -<count><spec>: Where <count> is a number and <spec> is d, h, or m, standing for days hours and minutes, respectively. For example: 4d means four days. [MM/DD/]YY[YY] [HH:MM]: Where M, D, and Y represent the month day and year. For example: 01/01/2011 13:00 means January 1, 2011 at 1:00pm.
--newest=<Time>, -n<Time> Species the newest event to display. Specify in one of the following forms: -<count><spec>: Where <count> is a number and <spec> is d, h, or m, standing for days hours and minutes, respectively. For example: 4d means four days. [MM/DD/][YY]YY [HH:MM]: Where M, D, and Y represent the month day and year. For example: 01/01/2011 13:00 means January 1, 2011 at 1:00pm.
--history, -s Displays events that have an end date ("Historical" events). --coalesced, -C Displays individual events that are otherwise coalesced into a single event. --severity=<value>, -v<value> Only displays events with specied levels of severity. The following values are valid: info warn critical emergency
Multiple severity levels can be specied in a comma-separated list. --localdb, -l Generates output using the local database rather than the master. --nodes=<value>, N<value>
105
Displays events created by specied nodes. The following values are valid: all '*': same as all. <int> <int>-<int>
Multiple values can be specied in a comma-separated list. --type=<number>, -i<number> Displays all instances of the listed event types. Multiple types can be specied in a comma-separated list. --columns=<string>, -c<string> Species the event list's columns in a comma-separated list. The following values are valid: coalesce_id end_time id lnn message quiet severity start_time type value
--sort-by=<string>, -b<string> Species which column to sort the rows by. The default column to sort by is start_time. --csv Displays rows in CSV format and does not include headers. --wide, -w Displays table in wide format without truncations. Examples Run the following command to view all critical events: isi events list --severity=critical The system displays output similar to the following example: ID 1.12 2.66 3.3 1.77 1.97 1.99 STARTED 04/13 11:29 04/18 11:03 04/18 11:06 04/18 11:01 04/18 13:53 04/19 09:18 ENDED 04/13 04/18 04/18 04/18 04/18 04/19 11:32 12:41 12:43 12:48 13:58 09:18 SEV C C C C C C LNN 3 2 3 1 1 All MESSAGE Node 3 is offline Recurring: The Active Directory Recurring: The Active Directory Recurring: The Active Directory Recurring: The Active Directory Test event sent from CLI
doma... doma... doma... doma...
The following command displays all events that occurred over the past week except those that occurred less than an hour ago: isi events list -o-7d -n-1h
106
The system displays output similar to the following example: ID 1.8 1.94 2.15 1.126 1.99 2.5 1.102 2.8 1.129 2.18 1.132 2.21 1.139 2.28 1.149 2.38 1.514 3.338 3.346 3.347 3.362 3.363 1.44 3.296 1.484 1.486 1.485 3.4 3.7 3.15 3.18 3.25 3.35 3.345 3.348 3.355 STARTED 05/04 10:54 05/05 12:35 05/05 13:05 05/05 13:05 05/05 16:46 05/05 16:46 05/05 16:46 05/05 16:46 05/06 12:47 05/06 12:47 05/06 12:47 05/06 12:47 05/06 12:47 05/06 12:47 05/06 12:49 05/06 12:49 05/09 14:50 05/10 11:32 05/10 11:32 05/10 11:32 05/10 11:33 05/10 11:33 05/05 02:56 05/09 10:59 05/09 13:24 05/09 13:26 05/09 13:25 05/05 16:46 05/05 16:46 05/06 12:47 05/06 12:47 05/06 12:47 05/06 12:49 05/10 11:32 05/10 11:32 05/10 11:33 ENDED ----------------------05/05 05/09 05/09 05/09 05/09 05/10 05/10 05/10 05/10 05/10 05/10 05/10 05/10 05/10 SEV C W C C I I I I I I I I I I I I W I I I I I C C W W W I I I I I I I I I LNN 1 All 2 1 1 2 1 2 1 2 1 2 1 2 1 2 1 3 3 3 3 3 1 3 1 1 1 3 3 3 3 3 3 3 3 3 MESSAGE One or more drives (bay(s) 7 / typ ... AD server missing needed SPN(s) nfs... External network link ext-2 (em1) down External network link ext-2 (em1) down Recurring: Mountd host lookup faile... Recurring: Mountd host lookup faile... Recurring: Mountd host lookup faile... Recurring: Mountd host lookup faile... Recurring: Mountd host lookup faile... Recurring: Mountd host lookup faile... Recurring: Mountd host lookup faile... Recurring: Mountd host lookup faile... Recurring: Mountd host lookup faile... Recurring: Mountd host lookup faile... Recurring: Mountd host lookup faile... Recurring: Mountd host lookup faile... SyncIQ is encountering problems wit... Mountd host lookup failed for anoth... Recurring: Mountd host lookup faile... Recurring: Mountd host lookup faile... Recurring: Mountd host lookup faile... Mountd host lookup failed for anoth... Recurring: The Active Directory dom... The Active Directory domain theredo... Recurring: SyncIQ scheduler failed ... SyncIQ policy target path overlaps ... SyncIQ scheduler failed to start po... Recurring: Mountd host lookup faile... Recurring: Mountd host lookup faile... Recurring: Mountd host lookup faile... Recurring: Mountd host lookup faile... Recurring: Mountd host lookup faile... Recurring: Mountd host lookup faile... Mountd host lookup failed for somet... Mountd host lookup failed for anoth... Mountd host lookup failed for anoth...
03:01 11:04 13:25 14:51 14:51 11:27 11:27 11:27 11:27 11:27 11:27 11:33 11:33 11:33
isi events notifications create

The isi events notifications create command creates a new notication. The isi alerts notifications create command is an alias of this command. Syntax isi events notifications create [--name=]<Name> {--email=<email address>|--snmp=<SNMP Community>@<SNMP Host>}... {--include-all=<ID>|--include-info=<ID>|--include-warn=<ID> |--include-critical=<ID>|--include-emergency=<ID> |--exclude-all=<ID>|--exclude-info=<ID> |--exclude-warn=<ID>|--exclude-critical=<ID> |--exclude-emergency=<ID>}... [--force] Options You must specify at least one location to send the notication. You must also include at least one event for at least one severity; otherwise, no notications will be sent.
107
Specify either an email address or an SNMP community and hostname by using either --email or --snmp. Include at least one event for at least one severity using one of the following options: --include-all --include-info --include-warn --include-critical --include-emergency
--name=<Name> Required. Species the name of the notication being created. --email=<email address> Species the email address to send smtp event. Multiple addresses can be specied in a comma-separated list. --snmp=<SNMP Community>@<SNMP Host> Species the SNMP community and hostname to send snmp event. Community and hostname must be connected by an @ symbol. Multiple entries can be specied in a comma-separated list. --include-all=<ID> Sends notices for specied events at all severity levels (info, warn, critical, emergency). The --include-all=all option sends notices for all events. Multiple events can be specied in a comma-separated list. --include-info=<ID> Sends notices for specied events at info severity. The --include-info=all option sends notices for all events at info. Multiple events can be specied in a comma-separated list. --include-warn=<ID> Sends notices for specied events at warn severity. The --include-warn=all option sends notices for all events at warn. Multiple events can be specied in a comma-separated list. --include-critical=<ID> Sends notices for specied events at critical severity. The --include-critical=all option sends notices for all events for critical. Multiple events can be specied in a comma-separated list. --include-emergency=<ID> Does not send notices for specied events at emergency severity. The --include-emergency=all option sends notices for all events at emergency. Multiple events can be specied in a comma-separated list. --exclude-all=<ID> Does not send notices for specied events for any severity (info, warn, critical, emergency). The --exclude-all=all option does not send notices for any events. Multiple events can be specied in a comma-separated list. --exclude-info=<ID> Does not send notices for specied events at info severity. The --exclude-info=all option does not send notices for any events at info. Multiple events can be specied in a comma-separated list. --exclude-warn=<ID> Does not send notices for specied events at warn severity. The --exclude-warn=all option does not send notices for any events at warn. Multiple events can be specied in a comma-separated list. --exclude-critical=<ID>
108
Does not send notices for specied events for critical severity. The --exclude-critical=all option does not send notices for any events at critical. Multiple events can be specied in a comma-separated list. --exclude-emergency=<ID> Does not send notices for specied events for emergency severity. The --exclude-emergency=all option does not send notices for any events for emergency. Multiple events can be specied in a comma-separated list. --force, -f Forces to overwrite an existing rule. Examples The following command creates a notication called "newNotication" that sends notications to user@isilon.com for all system disk events at all severity levels except "system disk in restripe" which is only sent if at emergency: isi events notifications create --name=newNotification --email=user@isilon.com --include-all=100000000 --exclude--info=100010009 --exclude--warn=100010009 --exclude--critical=100010009
isi events notifications delete

The isi events notifications delete command deletes an existing notication. The isi alerts notifications delete command is an alias of this command. Syntax isi events notifications delete [--name=]<Name> Options --name=<Name> Required. Species the name of the notication to delete. Examples The following command deletes the notication "newNotication" isi events notifications delete --name=newNotification
isi events notifications list

The isi events notifications list command displays a list of settings for a notication. The isi alerts notifications list command is an alias of this command. Syntax isi events notifications list [--name=<string>] Options If no options are specied, all notications are displayed. --name=<string>, -n<string> Displays the specied notication.
109
OneFS Command Reference Examples The following command displays information for the notication "newNotication" only. isi events notifications list --name=newNotification The system displays output similar to the following example: Name: newNotification Type: smtp Recipients: user@company.com Categories: LEVELS EVENT TYPE IWCE SYS_DISK_EVENTS (100000000) Specific Event types: LEVELS EVENT TYPE IWCE SYS_DISK_VARFULL (100010001) IWCE SYS_DISK_VARCRASHFULL (100010002) IWCE SYS_DISK_ROOTFULL (100010003) IWCE SYS_DISK_SASPHYTOPO (100010005) IWCE SYS_DISK_SASPHYERRLOG (100010006) IWCE SYS_DISK_SASPHYBER (100010007) IWCE SYS_DISK_SASPHYDISABLED (100010008) IWCE SYS_DISK_IN_RESTRIPE (100010009) IWCE SYS_DISK_REMOVED (100010010) IWCE SYS_DISK_UNHEALTHY (100010011) IWCE SYS_DISK_STALL (100010012) IWCE SYS_DISK_ECC (100010013) IWCE SYS_DISK_ECC_LIST_FULL (100010014) IWCE SYS_DISK_POOLFULL (100010015) IWCE SYS_DISK_POOL_SSD_LAYOUTFAIL (100010016) IWCE SYS_DISK_WRONGTYPE (100010017) IWCE SYS_DISK_COALESCE (199990001)
isi events notifications modify

The isi events notifications modify command modies the settings of existing notications. The isi alerts notifications modify command is an alias of this command. Syntax isi events notifications modify [--name=]<Name> {--target-name=<string> |--email=<email address>|--snmp=<SNMP Community>@<SNMP Host> |--add-all=<ID>|--add-info=<ID>|--add-warn=<ID> |--add-critical=<ID>|--add-emergency=<ID> |--delete-all=<ID>|--delete-info=<ID> |--delete-warn=<ID>|--delete-critical=<ID> |--delete-emergency=<ID>}... Options You must specify at least one notication setting to modify. Specify notication settings using the following options: --target-name --email --snmp --add-all
110
--add-info --add-warn --add-critical --add-emergency --delete-all --delete-info --delete-warn --delete-critical --delete-emergency
--name=<Name> Required. Names the notication to be modied. --target-name=<string> Species a new name for this notication. --email=<email address> Species the new email addresses to send smtp event. Multiple addresses can be specied in a comma-separated list. --snmp=<SNMP Community>@<SNMP Host> Species the new SNMP communities and host names to send snmp event. Community and hostname must be connected by an @ symbol. Multiple entries can be specied in a comma-separated list. --add-all=<ID> Sends notices for specied events at all severity levels (info, warn, critical, emergency). --add-all=all sends notices for all events. Multiple events can be specied in a comma-separated list. --add-info=<ID> Sends notices for specied events at info severity. --add-info=all sends notices for all events at info. Multiple events can be specied in a comma-separated list. --add-warn=<ID> Sends notices for specied events at warn severity. --add-warn=all sends notices for all events at warn. Multiple events can be specied in a comma-separated list. --add-critical=<ID> Sends notices for specied events at critical severity. --add-critical=all sends notices for all events for critical. Multiple events can be specied in a comma-separated list. --add-emergency=<ID> Does not send notices for specied events at emergency severity. --add-emergency=all sends notices for all events at emergency. Multiple events can be specied in a comma-separated list. --delete-all=<ID> Does not send notices for specied events for any severity (info, warn, critical, emergency). --delete-all=all does not send notices for any events. Multiple events can be specied in a comma-separated list. --delete-info=<ID> Does not send notices for specied events at info severity. --delete-info=all does not send notices for any events at info. Multiple events can be specied in a comma-separated list. --delete-warn=<ID> Does not send notices for specied events at warn severity. --delete-warn=all does not send notices for any events at warn. Multiple events can be specied in a comma-separated list. --delete-critical=<ID>
111
Does not send notices for specied events for critical severity. --delete-critical=all does not send notices for any events at critical. Multiple events can be specied in a comma-separated list. --delete-emergency=<ID> Does not send notices for specied events for emergency severity. --delete-emergency=all does not send notices for any events at emergency. Multiple events can be specied in a comma-separated list. Examples The following command causes newNotication to no longer send notications for system disk events at warn severity: isi events notifications modify --name=newNotification --delete-warn=100000000
isi events quiet

The isi events quiet command marks events as quieted. Notications are not sent for quieted events. The isi alerts quiet command is an alias of this command. Syntax isi events quiet [--instanceids=]<InstanceIDs> Options --instanceids=<InstanceIDs>, -I=<InstanceIDs> Required. Marks events of one or more specied instance IDs as quieted. Multiple IDs can be specied in a comma-separated list. To quiet all events, specify "all". Examples The following command quiets events with IDs of 1.28,1.38 and 1.75: isi events quiet 1.28,1.38,1.75
isi events sendtest

The isi events sendtest sends a test event. The isi alerts sendtest command is an alias of this command. Syntax isi events sendtest [--wait] Options --wait, -w Displays how long it takes for a test event to be added to the master database. Examples To test how long it takes for an ID to be added to the master database, run the following command: isi events sendtest --wait
112
The system displays output similar to the following example: Send test event, instance ID = 1.147 Waiting for existence in master database Attempting to get a query object: Success. Looking for instance_id 1.147: Failed. Retry #1 Looking for instance_id 1.147: Success. Event arrived in 0.409611 seconds
isi events settings list

The isi events settings list command displays a list of global settings and values. The isi alerts settings list command is an alias of this command. Syntax isi events settings list [--name=]<Name> Options If no options are specied, all settings are displayed. --name=<Name> Species the name of a particular setting to display. Examples To view a list of current isi events settings, run the following command: isi events settings list The system displays output similar to the following example: Setting Value -----------------------------------batch_mode all user_template max_email_size 5242880
isi events settings set

The isi events settings set command modies global settings. The isi alerts settings set command is an alias of this command. Syntax isi events settings set [--name=]<Name> [--value=]<Value> Options --name=<Name>, -n=<Name> Required. Species the name of the setting to be changed. The following values are valid: batch_mode
113
Groups notication emails by specied value: This setting's <Value> argument must be one of the following: all: Sends one notication containing all events. severity: Sends separate emails for each event severity. category: Sends separate emails for each category of event. none: Sends separate emails for each event.
user_template Points to a le that species a custom template for notication emails. File must be in Tempita templating language. In the template, the following variables are valid: clustername: Cluster name company: User-entered string location: User-entered string primary_name: User-entered string primary_phone1: User-entered string primary_phone2: User-entered string primary_email: User-entered string secondary_name: User-entered string secondary_phone1: User-entered string secondary_phone2: User-entered string secondary_email: User-entered string clusterguid: Cluster's GUID sender_onefsversion: OneFS version string from sending node sender_serial: Serial number of sending node cluster_ip: Sender's external IP address webui_url: Cluster's Isilon web administration interface URL edict: Dictionary whose key is node lnn, and value is list of events. events: List of all events. Event objects have the following attributes: event_id: Event ID (for example: 100010001) devid: Device ID (cluster event is 0) instance_id: Instance ID coalesce_instanceid: Coalescing event's instance ID (none if not coalesced) start_time: Date string end_time: Date string lnn: Logical node number severity: Event severity as string value: Value associated with this event message: Event message kb_url: URL of knowledge base article for this event type
nodes: List of node description objects. Node description objects have the following attributes: lnn: Logical node number devid: Device ID onefsversion: Version of OneFS serial: Node serial number
attachment_list: List of attachment objects.
114
Attachment objects have the following attributes: filename: Name of le contents: Contents of le
unattached_list: List of attachment objects
max_email_size Species the maximum size of an email notication. If the notication is larger than the specied size, the email is truncated. This setting's <Value> argument must be specied in the following form: <positive_number>[{b|kb|mb|gb}]. Note: The <Value> argument must be less than 2GB. --value=<Value>, -v=<Value> Required. Species the new value for the named setting. Examples To set the maximum email size to 1GB, run the following command: isi events settings set max_email_size 1GB To send separate events for each severity type, run the following command: isi events settings set batch_mode severity
isi events show

The isi events show command displays an event's information. The isi alerts show command is an alias of this command. Syntax isi events show [--instanceid=]<InstanceID> [--wide] [--localdb] Options --instanceid=<InstanceID>, -I=<InstanceID> Species the ID of the event to display. --wide, -w Displays event information without truncations. --localdb Generates output using the local database instead of the master. Examples The following command displays information about an event whose ID is 1.7: isi events show 1.7
115
The system displays output similar to the following example: 1.7 200010001 critical 0.0 Node 3 is offline All Wed Apr 20 03:39:31 2011 - Wed Apr 20 03:42:33 2011 Not quieted devid: 3 lnn: 3 val: 0.0 Coalesced by: -ID: Type: Severity: Value: Message: Node: Lifetime: Quieted: Specifiers:
isi events unquiet

The isi events unquiet command unmarks events as quieted. The isi alerts unquiet command is an alias of this command. Syntax isi events unquiet [--instanceid=]<InstanceID> Options --instanceid=<InstanceID>, -i=<InstanceID> Required. Unmarks alerts of specied instance IDs as quieted. Multiple IDs can be specied in a comma-separated list. Examples The following command unquiets an event whose ID is 1.67: isi events unquiet 1.67
isi fc disable
The isi fc disable command disables bre channel ports. Syntax isi fc disable [--port=]<Port> Options --port=<Port>, -p=<Port> Required. Species the port to disable. Examples The following command disables port 4:1: isi fc disable 4:1
116
isi fc enable
The isi fc enable command enables bre channel ports. Syntax isi fc enable [--port=]<Port> Options --port=<Port>, -p=<Port> Required. Species the port to enable. Examples The following command enables port 4:1: isi fc enable 4:1
isi fc list
The isi fc list command displays a list of bre channel ports. Syntax isi fc list [--port=]<Port> [--node=<lnn>] Options If no options are specied, all ports for all nodes are displayed. --port=<Port>, -p=<Port> Species a particular port to display. If this option is omitted, all ports are displayed. --node=<lnn> Displays a list of all ports on the specied node only. If this option is omitted, ports are displayed for all nodes. Examples To view a list of existing bre channel ports, run the following command: isi fc list The system displays output similar to the following example: Port 4:1 4:2 4:3 4:4 WWNN 1100001examples1 1100001exampl3s1 1100001examp1es1 11000013xamples1 WWPN 1101001examples1 1102001exampl3s1 1103001examp1es1 11040013xamples1 State Topology enabled auto enabled auto enabled auto enabled auto Rate auto auto auto auto
117
isi fc set
The isi fc set command congures bre channel port settings. Syntax isi fc set [--port=]<Port> [--wwnn=<wwn>] [--wwpn=<wwn>] [--topology=<topology>] [--rate=<rate>] Options --port=<Port> Required. Species the name of the port to be congured. --wwnn=<wwn> Species the world wide node name. --wwpn=<wwn> Species the world wide port name. --topology=<topology> Species the topology. The following values are valid: auto loop ptp
--rate=<rate> Species the rate. The following values are valid: Examples The following command sets the world wide node name of port 4:1 to 1100001examples1: isi fc set --port=4:1 --wwnn=1100001examples1 auto 1 2 4
isi firmware package

The isi firmware package command displays information on the rmware package. Syntax isi firmware package [--local] [--diskless] [--storage] [--include-nodes=<nodes>] [--exclude-nodes=<nodes>] Options --local, -L Displays information only on the local node.
118
--diskless, -D Displays information only on diskless nodes. --storage, -S Displays information only on storage nodes. --include-nodes=<nodes>, -n<nodes> Displays information only on the specied nodes. --exclude-nodes=<nodes>, -x<nodes> Displays information on all nodes except those specied.
isi firmware status

The isi firmware status command displays information on rmware status. Syntax isi firmware status [--local] [--diskless] [--storage] [--include-nodes=<nodes>] [--exclude-nodes=<nodes>] [--include-device=<device>] [--exclude-device=<device>] [--include-type=<type>] [--exclude-type=<type>] [--verbose] [--save] Options If no options are specied, displays basic information on all rmware. --local, -L Displays information about the local node only. --diskless, -D Displays information about diskless nodes only. --storage, -S Displays information about storage nodes only. --include-nodes=<nodes>, -n<nodes> Displays information about the specied nodes only. Multiple nodes can be specied in a comma-separated list. --exclude-nodes=<nodes>, -x<nodes> Displays information on all nodes except those specied. Multiple nodes can be specied in a comma-separated list. --include-device=<device>, -d<device> Displays information about the specied device only. Multiple devices can be specied in a comma-separated list. --exclude-device=<device> Displays information on all devices except those specied. Multiple devices can be specied in a comma-separated list. --include-type=<type>, -t<type> Displays information about the specied device type only. Multiple types can be specied in a comma-separated list. --exclude-type=<type> Displays information on all device types except those specied. Multiple types can be specied in a comma-separated list.
119
--verbose Displays detailed information. --save Save local status output to /etc/ifs/firmware_versions. Examples To view the status of all rmware, run the following command: isi firmware status The system displays output similar to the following example: Device -- -----------------------3ware Lsi Mellanox Mellanox Type --------DiskCtrl DiskCtrl Network Network Firmware --------------------------------------FE8S 1.05.00.068 6.12.00.00+01.18.06.00+1.16+0.97c <Unknown>+MT_0000000001 3.3.2 Nodes 2 1 1 2
The following example displays information on all nodes except node 2: isi firmware status --exclude-nodes=2 The system displays output similar to the following example: Device -- -----------------------3ware Lsi Mellanox Mellanox Type --------DiskCtrl DiskCtrl Network Network Firmware --------------------------------------FE8S 1.00.00.068 6.11.00.00+01.17.04.00+1.26+0.95c <Unknown>+MT_0000000001 3.2.2 Nodes 3 1 1 3
isi firmware update

The isi firmware update command updates rmware on devices within the cluster to match those in the currently installed rmware package. Each node is updated individually, one node at a time. Each time a node is updated, the node is rebooted, and the system does not begin to update the next node until the previous node has sucessfully rejoined the cluster. Syntax isi firmware update [--local, -L] [--diskless, -D] [--storage, -S] [--include-nodes=<nodes>] [--exclude-nodes=<nodes>] [--include-device=<device>] [--exclude-device=<device>] [--include-type=<type>] [--exclude-type=<type>] [--force] [--verbose] Options --local, -L Updates only the local node. --diskless, -D Updates only diskless nodes. --storage, -S
120
Updates only storage nodes. --include-nodes=<nodes>, -n<nodes> Updates the specied nodes. --exclude-nodes=<nodes>, -x<nodes> Excludes the specied nodes from update. --include-device=<device>, -d<device> Updates the specied device. --exclude-device=<device> Excludes the specied device from update. --include-type=<type>, -t<type> Updates the specied device type. --exclude-type=<type> Excludes the specied device type from update. --force, -f Forces upgrade. --verbose Displays detailed output. Examples To update only the local node, run the following command: isi firmware update --local
isi ftp accept-timeout

The isi ftp accept-timeout command sets and displays data connection timeout. Syntax isi ftp accept-timeout [[--value=]<Value>] Options If no options are specied, the current timeout is displayed. --value=<Value>, -v=<Value> Species the time, in seconds, that a remote client has to establish a PASV style data connection before timeout. All integers between 30 and 600 are valid values. The default value is 60. Examples To set the data connection timeout to 5 minutes, run the following command: isi ftp accept-timeout --value=300
121
isi ftp allow-anon-access

The isi ftp allow-anon-access command sets and displays whether anonymous access is permitted. Syntax isi ftp allow-anon-access [[--value=]<Value>] Options If no options are specied, displays whether or not anonymouos logins are permitted. --value=<Value>, -v=<value> Controls whether anonymous logins are permitted or not. If enabled, both the usernames ftp and anonymous are recognized as anonymous logins. Valid values are YES and NO. The default value is NO. Examples To allow anonymous access, run the following command: isi ftp allow-anon-access YES
isi ftp allow-anon-upload

The isi ftp allow-anon-upload command sets and displays whether anonymous users are permitted to upload les. Syntax isi ftp allow-anon-upload [[--value=]<Value>] Options If no options are specied, displays whehter anonymous users are permitted to upload les. --value=<Value>, -v=<Value> Controls whether anonymous users are able to upload les under certain conditions. Valid values are YES and NO. In order for anonymous users to be able to upload, the isi ftp allow-writes command must be set to YES, and the anonymous user must have write permission on the desired upload location. The default value is YES. Examples To disable anonymous users from uploading les, run the following command: isi ftp allow-anon-upload --value=NO
122
isi ftp allow-dirlists

The isi ftp allow dirlists command sets and displays whether directory list commands are permitted. Syntax isi ftp allow-dirlists [[--value=]Value] Options If no options are specied, displays whether directory list commands are permitted. --value=<Value>, -v=<Value> Controls whether directory list commands are enabled. Valid values are YES and NO. The default value is YES. Examples To disable directory list commands, run the following command: isi ftp allow-dirlists --value=NO
isi ftp allow-downloads

The isi ftp allow-downloads command sets and displays whether downloads are permitted. Syntax isi ftp allow downloads [[--value=]<Value>] Options If no options are specied, displays whether downloads are permitted. --value=<Value>, -v=<Value> Controlls whether les can be downloaded. Valid values are YES and NO. The default value is YES. Examples To disable downloads from being permitted, run the following command: isi ftp allow-downloads --value=NO
isi ftp allow-writes

The isi ftp allow-writes command sets and displays whether commands that change the lesystem are permitted. Syntax isi ftp allow-writes [[--value=]<Value>]
123
OneFS Command Reference Options If no options are specied, displays whether commands that change the le system are permitted. --value=<Value>, -v=<Value> Controls whether any of the following commands are allowed: STOR DELE RNFR RNTO MKD RMD APPE SITE Valid values are YES and NO. The default value is YES Examples To disable commands that change the le system, run the following command: isi ftp allow-writes --value=NO
isi ftp anon-chown-username

The isi ftp anon-chown-username command displays and species the owner of anonymously uploaded les. Syntax isi ftp anon-chown-username [[--value=]<UserName>] Options If no options are specied, displays the owner of anonymously uploaded les. --value=<UserName>, -v=<UserName> Gives ownership of anonymously uploaded les to the specied user. The value must be a local username. The default value is root. Examples The following command sets the owner of anonymously uploaded les to be "user1": isi ftp anon-chown-username --value=user1
isi ftp anon-password-list

The ftp anon-password-list command displays the list of anonymous user passwords. Syntax isi ftp anon-password-list
124
OneFS Command Reference Options There are no options for this command. Examples To display a list of anonymous user passwords, run the following command: isi ftp anon-password-list The system displays output similar to the following example: anon-password-list: 1234 password
isi ftp anon-password-list add

The isi ftp anon-password-list add command adds passwords to the anonymous password list. Syntax isi ftp anon-password-list add [--value=]<Value> Options --value=<Value>, -v=<Value> Required. Species the password being added to the anonymous password list. Examples The following command adds "1234" to the anonymous password list: isi ftp anon-password-list add 1234 The system displays output similar to the following example: anon-password-list: added password '1234' to list
isi ftp anon-password-list remove

The isi ftp anon-password-list remove command removes passwords from the anonymous password list. Syntax isi ftp anon-password-list remove [--value=]<Value> Options --value=<Value>, -v=<Value> Required. Species which password to remove from the anonymous password list. Examples The following command removes "1234" from the anonymous password list:
125
isi ftp anon-password-list remove --value=1234 The system displays output similar to the following example: anon-password-list: removed password '1234' from list
isi ftp anon-root-path

The isi ftp anon-root-path command displays and species the root path for anonymous users. Syntax isi ftp anon-root-path [--value=<ifs-directory>] [--reset] Options If no options are specied, displays the root path for anonymous users. --value=<ifs-directory>, -v<ifs-directory> Represents a directory in /ifs which Very Secure FTP Daemon (VSFTPD) will try to change into after an anonymous login. Valid values are paths in /ifs. The default value is /ifs/home/ftp. --reset Resets the value to /ifs/home/ftp. Examples The following command sets the root path for anonymous users to /ifs/home/newUser/: isi ftp anon-root-path --value=/ifs/home/newUser/ The system displays output similar to the following example: anon-root-path: /ifs/home/ftp -> /ifs/home/newUser/
isi ftp anon-umask

The isi ftp anon-umask command displays and species the anonymous user le creation umask. Syntax isi ftp anon-umask [[--value=]<Value>] Options If no options are specied, displays the current anonymous user le creation umask. --value=<Value>, -v=<Value> Species the umask for le creation by anonymous users. Valid values are octal umask numbers. The default value is 077. Note: Value must contain the '0' prex, otherwise the value will be treated as a base 10 integer.
126
OneFS Command Reference Examples The following command sets the umask for le creation by anonymous users to 066: isi ftp anon-umask 066 The system displays output similar to the following example: anon-umask: 077 -> 066
isi ftp ascii-mode

The isi ftp ascii-mode command sets and displays whether ASCII downloads and uploads are permitted. Syntax isi ftp ascii-mode [[--value=]<Value>] If no options are specied, displays whether ASCII downloads and uploads are permitted. --value=<Value>, -v=<Value> Determines whether ASCII downloads and uploads are enabled. The following values are valid: both ASCII mode data transfers are honored on both downloads and uploads. download ASCII mode data transfers are honored on downloads. off ASCII mode data transfers will not be honored. upload ASCII mode data transfers are honored on uploads. The default value is off. Options To allow both ASCII downloads and uploads, run the following command: isi ftp ascii-mode --value=both The system displays output similar to the following example: ascii-mode: off -> both
isi ftp chroot-exception-list

The isi ftp chroot-exception-list command displays the list of local user chroot exceptions. Syntax isi ftp chroot-exception-list
127
OneFS Command Reference Options There are no options for this command. Examples To view a list of local user chroot exceptions, run the following command: isi ftp chroot-exception-list The system displays output similar to the following example: chroot-exception-list: user1 user2 user3
isi ftp chroot-exception-list add

The isi ftp chroot-exception-list add command adds users to the chroot exception list. Syntax isi ftp chroot-exception-list add [--value=]<Value> Options --value=<Value>, -v=<Value> Required. Species the user being added to the chroot exception list. Examples The following command adds "newUser" to the chroot exception list: isi ftp chroot-exception-list add --value=newUser The system displays output similar to the following example: chroot-exception-list: added user 'newUser' to list
isi ftp chroot-exception-list remove

The isi ftp chroot-exception-list remove command removes users from the chroot exception list. Syntax isi ftp chroot-exception-list remove [--value=]<Value> Options --value=<Value>, -v=<Value> Required. Species the user being removed from the chroot exception list. Examples The following command removes "newUser" from the chroot exception list: isi ftp chroot-exception-list remove --value=newUser
128
The system displays output similar to the following example: chroot-exception-list: removed user 'newUser' from list
isi ftp chroot-local-mode

The isi ftp chroot-local-mode species which users are placed in a chroot jail in their home directory after they login. Syntax isi ftp chroot-local-mode [--value=]<Value> Options If no options are specied, displays the current setting. --value=<Value>, -v=<Value> Species which users are placed in a chroot jail in their home directory after they login. The following values are valid: all All local users are placed in a chroot jail in their home directory after they login. all-with-exceptions All local users except those in the chroot exception list are placed in a chroot jail in their home directory after they login. none No local users are placed in a chroot jail in their home directory after they login. none-with-exceptions Only users in the chroot exception list are placed in a chroot jail in their home directory after they login. The default value is none. Examples To place users who are not on the chroot exception list in a chroot jail in their home directory after they login, run the following command: isi ftp chroot-local-mode --value=all-with-exceptions The system displays output similar to the following example: chroot-local-mode: all -> all-with-exceptions chroot-exception-list is active. To place only users in the chroot exception list in a chroot jail in their home directory after they login, run the following command: isi ftp chroot-local-mode --value=none-with-exceptions The system displays output similar to the following example: chroot-local-mode: none -> none-with-exceptions chroot-exception-list is active.
129
isi ftp connect-timeout

The isi ftp connect-timeout command species and displays the data connection response timeout. Syntax isi ftp connect-timeout [[--value=]<Value>] Options If no options are specied, displays the current data connection response timeout. --value=<Value>, -v=<Value> Species the timeout (in seconds) for a remote client to respond to our PORT style data connection. Valid values are integers between 30 and 600. The default value is 60. Examples To set the timeout to two minutes, run the following command: isi ftp connect-timeout --value=120 The system displays output similar to the following example: connect-timeout: 60 -> 120
isi ftp data-timeout

The isi ftp data-timeout command species the data connection stall timeout. Syntax isi ftp data-timeout [[--value=]<Value>] Options --value=<Value>, -v=<Value> Species the maximum time (in seconds) data transfers are allowed to stall with no progress before the remote client is removed. Valid values are integers between 30 and 600. The default is 300. Examples To set the timeout to one minute, run the following command: isi ftp data-timeout --value=60 The system displays output similar to the following example: connect-timeout: 60 -> 120
130
isi ftp denied-user-list

The isi ftp denied-user-list command displays the list of denied users. Syntax isi ftp denied-user-list Options There are no options for this command. Examples To view the list of denied users, run the following command: isi ftp denied-user-list The system displays output similar to the following example: denied-user-list: unwelcomeUser1 unwelcomeUser1 unwelcomeUser2 unwelcomeUser4
isi ftp denied-user-list add

The isi ftp denied-user-list add command adds users to the list of denied users. Syntax isi ftp denied-user-list add [--value=]<Value> Options --value=<Value>, -v=<Value> Required. Species the name of the user being added to the denied user list. Examples The following command adds "unwelcomeUser" to the list of denied users: isi ftp denied-user-list add --value=unwelcomeUser The system displays output similar to the following example: denied-user-list: added user 'unwelcomeUser' to list
131
isi ftp denied-user-list remove

The isi ftp denied-user-list delete command removes users from the list of denied users. Syntax isi ftp denied-user-list delete [--value=]<Value> Options --value=<Value>, -v=<Value> Required. Species the name of the user being removed from the denied user list. Examples The following command removes "approvedUser" from the list of denied users: isi ftp denied-user-list remove --value=approvedUser The system displays output similar to the following example: denied-user-list: removed user 'unwelcomUser' from list
isi ftp dirlist-localtime

The isi ftp dirlist-localtime species and displays whether the time displayed in directory listings is in your local time zone. Syntax isi ftp dirlist-localtime [[--value=]<Value>] Options If no options are specied, displays current setting. --value=<Value>, -v=<Value> Species whether the time displayed in directory listings is in your local time zone. Valid values are YES and NO. If NO, time displays on GMT. If YES the time displays in your local time zone. The default value is NO. The last-modied times returned by commands issued inside of the FTP shell are also affected by this parameter. Examples To set the time displayed in directory listings to your local time zone, run the following command: isi ftp dirlist-localtime --value=YES The system displays output similar to the following example: dirlist-localtime: NO -> YES
132
isi ftp dirlist-names

The isi ftp dirlist-names command displays and controls what information is displayed about users and groups in directory listings. Syntax isi ftp dirlist-names [[--value=]<Value>] Options If no options are specied, displays the current setting. --value=<Value>, -v=<Value> Determines what information is displayed about users and groups in directory listings. The following values are valid: hide All user and group information in directory listings is displayed as ftp. numeric Numeric IDs are shown in the user and group elds of directory listings. textual Textual names are shown in the user and group elds of directory listings. The default value is hide. Examples To show numeric IDs of users and groups in directory listings, run the following command: isi ftp dirlist-names --value=numeric System displays output similar to the following example: dirlist-names: hide -> numeric
isi ftp file-create-perm

The isi ftp file-create-perm command species and displays le creation permissions. Syntax isi ftp file-create-perm [[--value=]<Value>] Options If no options are specied, this command displays the current le creation permission setting. --value=<Value>, -v=<Value> Species the permissions with which uploaded les are created. Valid values are octal permission numbers. The default value is 0666. Note: To uploaded les to be executable, consider changing the permissions to 0777.
133
OneFS Command Reference Examples To set the octal permission number to 0777, run the following command: isi ftp file-create-perm --value=0777 The system displays output similar to the following example: file-create-perm: 0666 -> 0777
isi ftp list

The isi ftp list command displays a list of FTP conguration settings. Syntax isi ftp list Options There are no options for this command. Examples To display a list of FTP conguration settings, run the following command: isi ftp list The system displays output similar to the following example: accept-timeout allow-anon-access allow-anon-upload allow-dirlists allow-downloads allow-local-access allow-writes anon-chown-username anon-root-path anon-umask ascii-mode connect-timeout data-timeout dirlist-localtime dirlist-names file-create-perm local-root-path local-umask server-to-server session-timeout user-config-dir denied-user-list 60 NO YES YES YES YES YES root /ifs/home/ftp 012 off 60 300 NO hide 0777 local user home directory 077 NO 300 unwelcomeUser unwelcomeUser1 unwelcomeUser2 unwelcomeUser3 NO (disabled)
limit-anon-passwords anon-password-list
134
chroot-local-mode chroot-exception-list
No local users chrooted; exception list inactive newUser otherUser
isi ftp local-root-path

The ftp local-root-path displays and species the root path for local users. VSFTPD attempts to change into the directory specied by the root path after a local login. Syntax isi ftp local-root-path [--value=<ifs-directory>] [--reset] Options If no options are specied, the current root path for local users is displayed. --value=<ifs-directory>, -v<ifs-directory> Species a directory in /ifs that VSFTPD attempts to change into after a local login. Valid values are paths in /ifs. The default value is the local user home directory. --reset Resets to use the local user home directory. Examples The following command sets the root path for local users to /ifs/home/newUser: isi ftp local-root-path --value=/ifs/home/newUser The system displays output similar to the following example: local-root-path: local user home directory -> /ifs/home/newUser To set the root path for local users back to the local user home directory, run the following command: isi ftp local-root-path --reset The system displays output similar to the following example: local-root-path: /ifs/home/newUser1 -> local user home directory
isi ftp local-umask

The isi ftp local-umask command displays and species the local user le creation umask. Syntax isi ftp local-umask [--value=]<Value> Options If no options are specied, displays the current local user le creation umask. --value=<Value>, -v=<Value>
135
Species the umask for le creation by local users. Valid values are octal umask numbers. The default value is 077. Note: Value must contain the '0' prex, otherwise the value will be treated as a base 10 integer. Examples The following comand sets the local user le creation umask to "066": isi ftp local-umask --value=066 The system displays output similar to the following example: local-umask: 077 -> 066
isi ftp server-to-server

The isi ftp server-to-server command sets and displays whether server-to-server (FXP) transfers are permitted. Syntax isi ftp server-to-server [[--value=]<Value>] Options If no options are specied, displays current setting. --value=<Value>, -v=<Value> Species whether or not to allow FXP transfers. Valid values are YES and NO. The default value is NO. Examples To allow FXP transfers, run the following command: isi ftp server-to-server --value=YES The system displays output similar to the following example: server-to-server: NO -> YES
isi ftp session-timeout

The isi ftp session-timeout species and displays the idle system timeout. Syntax isi ftp session-timeout [[--value=]<Value>] Options If no options are specied, displays the current idle system timeout.
136
--value=<Value>, -v=<Value> Species the maximum time (in seconds) that a remote client may spend netween FTP commands before the remote client is kicked off. Valid values are integers between 30 and 600. The default is 300. Examples To set the timeout to one minute, run the following command: isi ftp session-timeout --value=60 The system displays output similar to the following example: session-timeout: 300 -> 60
isi ftp user-config-dir

The isi ftp user-config-dir command displays and species the user conguration directory. Syntax isi ftp user-config-dir [--value=<directory>] [--reset] Options If no options are specied, displays the current user conguration directory path. --value=<directory>, -v<directory> Species the directory where user-specic congurations that override global congurations can be found. The default value is the local user home directory. --reset Reset to use the local user home directory. Examples The following command sets the user conguration directory to /ifs/home/User/directory: isi ftp user-config-dir --value=/ifs/home/User/directory To set the user conguration directory back to the local user home directory, run the following command: isi ftp user-config-dir --reset
isi_gather_info
The isi_gather_info command sends information on a cluster to Isilon support. Syntax isi_gather_info [--user=<User>] [--password=<Password>] [--version] [--list] [--include=<Utilities>] [--incremental] [-f<Filename>] [--nodes=<Nodes>] [--local-only] [--skip-node-check] [-s <Gather_Script>] [-S <Gather_Expr>] [-1 <Gather_Expr>] [-a <Analysis_Script>] [-A <Analysis_Expr>] [-t<Tarfile>] [-x exclude_tool] [--ifs]
137
OneFS Command Reference [--local] [-T<Tempdir>] [--tardir <dir>] [--symlinkdir <dir>] [--varlog_recent] [--varlog_all] [--nologs] [--group <name>] [--noconfig] [--save-only] [--save] [--upload] [--noupload] [--re-upload <File>] [--verify-upload] [--http] [--nohttp] [--http-host<Host>] [--http-path<Dir>] [--http-proxy<Host>] [--http-proxy-port<Port>] [--ftp] [--noftp] [--ftp-user<User>] [--ftp-pass<Pass>] [--ftp-host<Host>] [--ftp-path<Dir>] [--ftp-proxy<Host>] [--ftp-proxy-port<Port>] [--ftp-mode<Mode>] [--email] [--noemail] [--email-addresses <Addresses>] [--email-subject <string>] [--email-body <string>] [--skip-size-check] Options If no options are specied, the default set of logs are uploaded to Isilon support via FTP. --user=<User>, -u<User> Logs in as specied user. Default user is root. --password=<Password>, -p<password> Species password. --version, -v Displays information on the version of isi_gather_info. --list, -l Displays a list of utilities and groups which can be included by using the -I and --group options. --include=<Utilities>, -i<Utilities> Includes only the specied utilities. To view a list of valid values, run isi_gather_info -l (lowercase L). Multiple utilities can be specied by using multiple instances of this option (for example: isi_gather_info -ivarlog_recent -iiostat). If you want to include all utilities, specify all. --incremental Gathers only the logs that have changed since the last log upload. -f<Path> Gathers les on specied <Path> from each node. Multiple les can be specied by using multiple instances of this option (for example: isi_gather_info -f/ifs/home/file1.txt -f/ifs/home/file2.txt) --nodes=<Nodes>, -n<Nodes> Gather information only from the specied nodes. If no nodes are explicitly listed, the entire array is used. Nodes are automatically excluded if they are down. Must be in form of a list or range of LNNs, for example: 1,4-10,12,14. --local-only Excludes information from other nodes. --skip-node-check Does not check for node availability. -s <Gather_Script> Species the path of the gather script to run on every node. Multiple instances of this option are allowed. -S <Gather_Expr> Species the path of the gather expression to run on every node. Multiple instances of this option are allowed.
138
-1 <Gather_Expr> Species the path of the gather expression to run on the local node. Multiple instances of this option are allowed. -a <Analysis_Script> Species the path of the analysis script to run on the results. -A <Analysis_Expr> Species the path of the analysis expression to run on every node. -t<Tarle> Save all results to the specied <Tarle> instead of the default tar le. -x <Exclude Tool> Does not gather the specied tool from each node. --ifs, -I Saves results to IFS (default). --local, -L Saves all results to local storage: /var/crash/support. The default temporary directory is /ifs/data/Isilon_Support/. -T <Tempdir> Saves all results to <Tempdir> instead of the default dir. This option overrides -L and -I. The default temporary directory is /ifs/data/Isilon_Support/. --tardir <dir> Places the results directly into <dir>. --symlinkdir <dir> Creates a symbolic link to the results in <dir>. --varlog_recent Gathers all logs in /var/log, except for compressed and rotated old logs. --varlog_all Gathers all logs in /var/log, including compressed and rotated old logs. This is the default setting. --nologs Does not gather any logs. --group <name> Adds the specied group of utilities to the tarball. To view a list of valid values, run isi_gather_info -l (lowercase L). Multiple groups can be specied by using multiple parameters. For example: isi_gather_info --group logs --group messages. --nocong Uses built-in default congurations and bypasses the conguration le. --save-only Saves the specied conguration to le and does not run isi_gather_info. Conguration includes settings for all --http, --email and --ftp parameters (except --ftp-mode). Conguration also includes whether --upload, --noupload, or --incremental are set. --save Saves the command-line specied conguration to le and runs isi_gather_info. Conguration includes settings for all --http, --email and --ftp parameters (except --ftp-mode). Conguration also includes whether --upload, --noupload, or --incremental are set.
139
--upload Uploads logs to Isilon support. This is the default setting. --noupload Does not upload logs to Isilon support. --re-upload <File> Re-uploads the specied le. --verify-upload Creates a tar le and uploads it to test connectivity. --http Attempts HTTP upload. This is the default setting. --nohttp Does not attempt HTTP upload. --http-host <Host> Species an alternate HTTP site for upload. --http-path <Dir> Species an alternate HTTP upload directory. --http-proxy <Host> Species a proxy server to use. --http-proxy-port <Port> Species a proxy port to use. -- ftp Attempts FTP upload. This is the default setting --noftp Does not attempt FTP upload. --ftp-user <User> Species an alternate user for FTP. The default is anonymous. --ftp-pass <Pass> Species an alternate password for FTP. --ftp-host <Host> Species an alternate FTP site for upload. --ftp-path <Dir> Species an alternate FTP upload directory. --ftp-proxy <Host> Species a proxy server to use. --ftp-proxy-port <Port> Species proxy port to use. --ftp-mode <Mode> Species the mode of FTP le transfer. The following values are valid: active both passive
140
The default value is both. --email Attempts SMTP upload. If set, SMTP is tried rst. --noemail Does not attempt SMTP upload. This is the default setting. --email-addresses <Addresses> Species email addresses. Multiple email addresses can be specied in a comma-separated list. --email-subject <string> Species an alternative email subject. --email-body <string> Species an alternative email text that is shown at the head of the body. --skip-size-check Note: Skipping the size check for exceptionally large emails could cause problems. Does not check the size of gathered le. Examples The following command sends information on log utilities to Isilon support: isi_gather_info --group logs The following command sends information on the /ifs/home directory on nodes 1, 5, 6 and 7 to Isilon support and saves a copy of that upload in local storage: isi_gather_info -f/ifs/home --nodes=1,5-7 -L
isi get
The isi get command displays information about a set of les, including their protection policy, current protection level, and whether write-coalescing is on or off. Protection policies appear in one of three colors: green, yellow, or red. Green corresponds to full protection. Yellow corresponds to degraded protection under a mirroring policy. Red corresponds to a loss of one or more data blocks under a parity policy. To display protection policies using words, specify -s option. Syntax Note: Optional parameters must be specied before <Path> or -L <LIN>. isi get {[-a] [-d] [-g] [-s] [-D[D[C]]] [-R] <Path> | [-g] [-s] [-D[D[C]]] [-D] [-R] -L <LIN>} Options You must specify either a valid path or Logical Inode Number using either <Path> or -L <LIN>, respectively. -a Displays the hidden '.' and '..' entries of each directory. -d Displays the attributes of a directory itself instead of its contents.
141
-g Displays detailed information, including snapshot governance lists. -s Displays the protection status using words instead of colors. -D Displays detailed information. -DD Includes information on protection groups and security descriptor owners and groups. -DDC Includes cyclic redundancy check (CRC) information. -R Displays information on the subdirectories and les of the specied directories. <path> Required. Species the path of the le or directory to display information on. -L <LIN> Converts specied LIN to a valid path. Examples The following command displays information on ifs/home/ and all of its subdirectories. isi get -R /ifs/home The system displays output similar to the following example: POLICY default default default default default default LEVEL 4x/2 8x/3 4x/2 4x/2 4x/2 4x/2 PERFORMANCE concurrency concurrency concurrency concurrency concurrency concurrency COAL on on on on on on FILE ./ ../ admin/ ftp/ newUser1/ newUser2/ .zshrc incoming/ pub/
/ifs/home/admin: default 4+2/2 concurrency on /ifs/home/ftp: default 4x/2 concurrency on default 4x/2 concurrency on /ifs/home/ftp/incoming: /ifs/home/ftp/pub: /ifs/home/newUser1: default 4+2/2 concurrency default 4+2/2 concurrency default 4+2/2 concurrency default 4+2/2 concurrency default 4+2/2 concurrency default 4+2/2 concurrency default 4+2/2 concurrency default 4+2/2 concurrency default 4+2/2 concurrency /ifs/home/newUser2: on on on on on on on on on
.cshrc .login .login_conf .mail_aliases .mailrc .profile .rhosts .shrc .zshrc
142
default default default default default default default default default
4+2/2 4+2/2 4+2/2 4+2/2 4+2/2 4+2/2 4+2/2 4+2/2 4+2/2
concurrency concurrency concurrency concurrency concurrency concurrency concurrency concurrency concurrency
on on on on on on on on on
.cshrc .login .login_conf .mail_aliases .mailrc .profile .rhosts .shrc .zshrc
The following command converts the LIN of 1:0000:002a isi get -L 1:0000:002a The system displays output similar to the following example: A valid path for LIN 0x10000002a is /ifs/home/newUser2
isi iscsi isns disable

The isi iscsi isns disable command disables the iSNS client service. Syntax isi iscsi isns disable Options There are no options for this command. Examples To disable iSNS, run the following command: isi iscsi isns disable You can conrm that the iSNS service is disabled by running the isi iscsi isns status command.
isi iscsi isns discover

The isi iscsi isns discover command displays a list of iSNS-provided initiators that can connect to targets on the system. Note: To use this command, the iSNS client service must be congured and enabled.
Syntax isi iscsi isns discover [--target=<TargetName>] Options If no options are specied, the system displays the initiators that are available to each target on the system. --target=<TargetName>, -t=<TargetName> Displays initiators for the specied target.
143
OneFS Command Reference Examples To view the initiators that are available for all targets, run the following command: isi iscsi isns discover The following command lists the initiators that are available for a target named linux1: isi iscsi isns discover --target=linux1
isi iscsi isns enable

The isi iscsi isns enable command congures or starts the iSNS client service. Syntax isi iscsi isns enable [--server=<String>] [--port={<Number>|default}] Options If no options are specied, enables the iSNS service. Note: You must specify the --server option the rst time you run this command. The iSNS service cannot be enabled unless it is congured with the IP address or hostname of a valid iSNS server. You can only run this command without options after the iSNS service has been congured. --server=<String>, -s<String> Species the IPv4 address of the iSNS server. --port={<Number>|default}, -p={<Number>|default} Species the server port number. <Number> must be a port number. To use the default port (3205), specify default. Examples To congure an iSNS server with the IP address 11.22.3.45, run the following command: isi iscsi isns enable --server=11.22.3.45 To congure the iSNS server to use port 4400, run the following command: isi iscsi isns enable --port=4400 If the iSNS service is congured and disabled, you can enable it by running the following command: isi iscsi isns enable Note: You can conrm that the iSNS service is congured and enabled by running the isi iscsi isns status command.
isi iscsi isns status

The isi iscsi isns status command indicates whether the iSNS server is disabled or enabled, or displays the iSNS server IP address. Syntax isi iscsi isns status
144
OneFS Command Reference Options There are no options for this command. Examples To view the connection status and congured IP address for the iSNS server, run the following command: isi iscsi isns status
isi iscsi list

The isi iscsi list command displays information about current iSCSI sessions. Syntax isi iscsi list [--target=<TargetName>] [--verbose] Options If no options are specied, the system displays a list of all current iSCSI sessions. --target=<TargetName>, -t=<TargetName> Displays session information only for the specied target. --verbose, -v Displays detailed session information. Examples To view the current iSCSI sessions on the cluster, type: isi iscsi list The system displays output similar to the following example: Initiator Target out] -------------iqn.1991-05.com.microsoft:us target1 er.domain.company.com Node ---1 Duration Throughput[in + -------- -------------------7M 6S 0 b
To view detailed information about each current iSCSI session, run the following command: isi iscsi list --verbose The system displays output similar to the following example: Initiator Target Connected to node Initiator IP Target IP Session duration Throughput : : : : : : : : Current : Session lifetime : iqn.1991-05.com.microsoft:user.domain.company.com target1 1 127.0.0.1:56748 1.23.45.6 7M 6S in / out / total ---------------------------------------0 b / 0 b / 0 b (bits/sec) 0 B / 0 B / 0 B (Bytes)
This output indicates that a Microsoft initiator is connected to a target named target1 on node 1 of the cluster.
145
isi iscsi pool add

The isi iscsi pool add command creates or adds to a list of SmartConnect pools that iSCSI targets will connect through by default. Default SmartConnect pools are ignored by targets that already have SmartConnect pools congured. Syntax isi iscsi pool add --name=<PoolName> Options --name=<PoolName>, -p<PoolName> Species the name of an existing SmartConnect IP pool. Examples The following command adds a SmartConnect pool named subnet2:pool2 to the default SmartConnect pools list: isi iscsi pool add --name=subnet2:pool2
isi iscsi pool delete

The isi iscsi pool delete command removes a SmartConnect IP pool from the list of default SmartConnect pools available for iSCSI target connections. Syntax isi iscsi pool delete --name=<PoolName> Options --name=<PoolName>, -p<PoolName> Species the name of an existing SmartConnect IP pool to delete from the default SmartConnect pools list. Examples The following command removes a SmartConnect pool named subnet2:pool3 from the default SmartConnect pools list: isi iscsi pool delete --name=subnet2:pool3
isi iscsi pool list

The isi iscsi pool list command displays a list of all SmartConnect pools on the cluster that an iSCSI target can be connected through. Syntax isi iscsi pool list Options There are no options for this command.
146
OneFS Command Reference Examples To view a list of SmartConnect pools on the cluster, run the following command: isi iscsi pool list
isi job cancel

The isi job cancel command cancels a paused or running job. Syntax isi job cancel [--job=]{<JobName>|<InstanceID>} Options --job={<JobName>|<InstanceID>}, -j{<JobName>|<InstanceID>} Required. Species the name or instance ID of the job. Note: If <InstanceID> is not specied, the earliest instance of the job (either running or paused) is cancelled by default. To ensure cancelling the correct instance, specify its ID. Examples The following command cancels the earliest instance of a FlexProtect job that is currently running or paused: isi job cancel --job=flexprotect You can verify whether the job has been cancelled by running the isi job status command.
isi job config

The isi job config command lists or modies job conguration values. This command is intended for internal use and should not be used without guidance from Isilon Technical Support.
isi job history

The isi job history command displays recent job events. Syntax isi job history [--job={<JobName>|<InstanceID>}] [--limit=<Number>] [--no-headers] [--verbose] Options If you run this command without specifying any options, the 10 most recent job events are displayed. --job={<JobName>|<InstanceID>}, -j{<JobName>|<InstanceID>} Displays job history for the specied job only. You can specify a job by its name or instance ID. --limit=<Number>, -l=<Number>
147
Species the number of most recent job events to display. Valid <Number> values include any positive integer. 10 is the default value. To display all events, specify 0. --no-headers, -H Hides the Time, Job, and Event headers in the system output. --verbose, -v Displays event summary information such as elapsed time and errors encountered. Examples To display the 20 most recent job events, run the following command: isi job history --limit=20 The system displays text similar to the following example output: Job events: Time --------------06/17 22:18:12 06/18 09:11:06 06/18 09:11:47 06/18 09:11:48 06/18 09:11:53 06/18 09:11:54 06/18 09:11:58 06/18 09:11:58 06/18 09:59:05 06/18 09:59:05 06/18 09:59:05 06/18 09:59:14 06/18 09:59:15 06/18 09:59:20 06/18 09:59:20 06/18 10:10:38 06/18 10:10:38 06/18 10:10:38 06/18 10:10:38 06/18 10:10:38 Job ----------------------SnapshotDelete[10] MultiScan[11] MultiScan[11] MultiScan[11] MultiScan[11] MultiScan[11] MultiScan[11] MultiScan[11] FSAnalyze[12] FSAnalyze[12] FSAnalyze[12] FSAnalyze[12] FSAnalyze[12] FSAnalyze[12] FSAnalyze[12] SnapshotDelete[13] SnapshotDelete[13] SnapshotDelete[13] SnapshotDelete[13] SnapshotDelete[13] Event -----------------------------Succeeded Waiting Running phase 1 fs_lin begin phase 1 fs_lin end phase 2 fs_sweep begin phase 2 fs_sweep end Succeeded Waiting Running phase 1 fsa begin phase 1 fsa end phase 2 fsa_merge begin phase 2 fsa_merge end Succeeded Waiting Running phase 1 sdl begin phase 1 sdl end Succeeded
To display the event history for job 13 of the previous example, and include additional event summary information, run the following command: isi job history --job=13 --verbose The system displays text similar to the following example output: Job events: Time Job --------------- ----------------------06/18 10:10:38 SnapshotDelete[13] 06/18 10:10:38 SnapshotDelete[13] 06/18 10:10:38 SnapshotDelete[13] 06/18 10:10:38 SnapshotDelete[13] Elapsed time: LINs deleted: Snapshots deleted: Errors: 06/18 10:10:38 SnapshotDelete[13] Event -----------------------------Waiting Running phase 1 sdl begin phase 1 sdl end 0 seconds 36/36 1/1 0 Succeeded
148
isi job list

The isi job list command displays a list of jobs that you can control and schedule. Syntax isi job list [--quiet] Options --quiet, -q Does not display job impact policy and enabled/disabled state in the system output. Examples To display the enabled/disabled state, associated job policy, and description for each available job, run the following command: isi job list The system displays text similar to the following example output: Jobs: Name Enabled Policy Description -------------------- ------- --------------- -----------------------------AutoBalance True LOW Balance free space in the cluster. AVScan True LOW Scan files for viruses. Collect True LOW Reclaims free space that couldn't be freed due to node or drive unavailability. FlexProtect True MEDIUM Reprotect the file system. FSAnalyze True LOW Gather file system analytics data. IntegrityScan True MEDIUM Verify file system integrity. MediaScan True LOW Scrub disks for media-level errors. MultiScan True LOW Runs Collect and AutoBalance jobs concurrently. PermissionRepair True LOW Correct permissions of files and directories in /ifs QuotaScan True LOW Update quota accounting for domains created on an existing file tree. SetProtectPlus True LOW Applies default file policy if SmartPools is not licensed. SmartPools True LOW Enforces SmartPools file policies. SnapshotDelete True MEDIUM Free space associated with deleted snapshots. TreeDelete True HIGH Delete a path in /ifs. To display only the descriptions for each available job, use the -q option: isi job list -q The system displays text similar to the following example output: AutoBalance: Balance free space in the cluster. AVScan: Scan files for viruses. Collect: Reclaims free space that couldn't be freed due to node or drive
149
unavailability. FlexProtect: Reprotect the file system. FSAnalyze: Gather file system analytics data. IntegrityScan: Verify file system integrity. MediaScan: Scrub disks for media-level errors. MultiScan: Runs Collect and AutoBalance jobs concurrently. PermissionRepair: Correct permissions of files and directories in /ifs QuotaScan: Update quota accounting for domains created on an existing file tree. SetProtectPlus: Applies default file policy if SmartPools is not licensed. SmartPools: Enforces SmartPools file policies. SnapshotDelete: Free space associated with deleted snapshots. TreeDelete: Delete a path in /ifs.
isi job pause

The isi job pause command pauses a running job. Syntax isi job pause [--job=]{<JobName>|<InstanceID>} Options --job={<JobName>|<InstanceID>}, -j{<JobName>|<InstanceID>} Required. Species the name or instance ID of the job to pause. Examples The following command pauses a running FSAnalyze job: isi job pause --job=fsanalyze You can verify whether the job has been paused by running the following command: isi job history --job=fsanalyze The system displays recent events for the FSAnalyze job, similar to the following output: Job events: Time --------------06/16 14:58:55 06/16 14:58:55 06/16 14:58:55 06/16 14:59:06 Job -------------------------FSAnalyze[13] FSAnalyze[13] FSAnalyze[13] FSAnalyze[13] Event -----------------------------Waiting Running phase 1 fsa begin User Paused
150
isi job policy create

The isi job policy create command creates a job impact policy. By default, newly created impact policies use the Low impact level at all times. Other available impact levels are Medium, High, and Paused. To modify an impact policy's impact level, or to set an interval for a particular level, use the isi job policy modify command. Syntax isi job policy create [--name=]<PolicyName> Options --name=<PolicyName> Required. Species a name for the new job impact policy. Note: LOW, MEDIUM, HIGH, and OFF_HOURS are reserved impact policy names and cannot be specied as names for new job impact policies. Examples The following command creates a job impact policy named testpolicy: isi job policy create --name=testpolicy You can verify that the policy was created by running the isi job policy list command.
isi job policy delete

The isi job policy delete command deletes a job impact policy. Syntax isi job policy delete [--policy=]<PolicyName> Options --policy=<PolicyName>, -o=<PolicyName> Required. Species the impact policy to delete. <PolicyName> must be a valid impact policy name. Note: LOW, MEDIUM, HIGH, and OFF_HOURS are reserved impact policies and cannot be deleted. Examples The following command deletes a job impact policy named deleteme: isi job policy delete --policy=deleteme Note: You can verify that the policy was deleted by running the isi job policy list command.
151
isi job policy list

The isi job policy list command displays a list of available job impact policies. Syntax isi job policy list Options There are no options for this command. Examples To view a list of available job impact policies, run the following command: isi job policy list The system displays output similar to the following example: Job Policies: Name Start End Impact --------------- ------------ ------------ ---------HIGH Sun 00:00 Sat 23:59 High LOW MEDIUM OFF_HOURS Sun 00:00 Sun 00:00 Sun Mon Mon Tue Tue Wed Wed Thu Thu Fri Fri 00:00 09:00 17:00 09:00 17:00 09:00 17:00 09:00 17:00 09:00 17:00 Sat 23:59 Sat 23:59 Mon Mon Tue Tue Wed Wed Thu Thu Fri Fri Sat 09:00 17:00 09:00 17:00 09:00 17:00 09:00 17:00 09:00 17:00 23:59 Low Medium Low Paused Low Paused Low Paused Low Paused Low Paused Low Low Paused Low
sample_policy
Sun 00:00 Mon 09:00 Fri 17:00
Mon 09:00 Fri 17:00 Sat 23:59
isi job policy modify

The isi job policy modify command adds an impact interval to a job impact policy, or modies the impact level of an existing interval. Impact intervals dene a block of time within a given week for which a single impact level (Paused, Low, Medium, or High) is used. This command adds one impact interval at a time to an existing policy. New intervals are aggregated with existing intervals.
152
OneFS Command Reference Syntax isi job policy modify --policy=<PolicyName> --start=<Time> --end=<Time> --impact=<ImpactLevel> Options --policy=<PolicyName>, -o=<PolicyName> Required. Species the job impact policy to modify. <PolicyName> must be a valid impact policy name. Note: LOW, MEDIUM, HIGH, and OFF_HOURS are reserved impact policies and cannot be modied. --start=<Time>, -s=<Time> Required. Species the start time for the impact interval. Valid Time values are in the form of <Day>,HH:MM. <Day> can be the full name or three-letter abbreviation for the day of the week. HH is the hour of the day (0-24), and MM is the minute (0-59). Example: Sat,0:00. --end=<Time>, -e=<Time> Required. Species the end time for the impact interval. Valid Time values are in the form of <Day>,HH:MM. <Day> can be the full name or three-letter abbreviation for the day of the week. HH is the hour of the day (0-24), and MM is the minute (0-59). Example: Sat,23:59. --impact=<ImpactLevel>, -i=<ImpactLevel> Required. Species the impact level to use for the duration of the impact interval. The following values are valid: Examples The following command adds a medium impact level for a 24-hour interval beginning midnight Sunday to an existing policy named testpolicy: isi job policy modify --policy=testpolicy --start=Sun,0:00 --end=Mon,11:59 --impact=medium Note: You can verify that a policy was correctly modied by running the isi job policy list command. Paused: Do not use cluster resources. Low: Use 10% or less of cluster resources. Medium: Use 30% or less of cluster resources. High: Use unlimited cluster resources.
isi job policy set

The isi job policy set command assigns a default impact policy to a job. Syntax isi job policy set [--job=]<JobName> [--policy=]<PolicyName> Options --job=<JobName>, -j=<JobName> Required. Species the job that the impact policy will be assigned to. The <JobName> value must match a valid job name (for example, smartpools).
153
Note: You can view a list of available jobs and their current default job policies by running the isi job list command. --policy=<PolicyName>, -o=<PolicyName> Required. Species the impact policy to set for the job. <PolicyName> must match a congured job policy. Note: You can view a list of congured job policies by running the isi job policy list command. Examples The following command congures the Autobalance job to use the MEDIUM impact policy by default: isi job policy --job=autobalance --policy=medium Note: You can override a paused or running job's default impact policy by running the isi job update command.
isi job resume

The isi job resume command resumes a paused job. Syntax isi job resume [--job=]{JobName|InstanceID} Options --job={JobName|InstanceID}, -j{JobName|InstanceID} Required. Species the name or instance ID of a paused job. Examples The following command resumes the FSAnalyze job from a paused state: isi job resume --job=fsanalyze You can verify whether the job has been resumed by running the following command: isi job history --job=fsanalyze The system displays recent events for the FSAnalyze job, similar to the following output: Job events: Time --------------06/15 22:00:08 06/15 22:00:13 06/15 22:00:17 06/15 22:00:31 06/16 12:25:59 06/16 12:25:59 Job -----------------FSAnalyze[10] FSAnalyze[10] FSAnalyze[10] FSAnalyze[10] FSAnalyze[10] FSAnalyze[10] Event ---------------------Waiting Running phase 1 fsa begin System Paused Waiting Running
154
isi job schedule delete

The isi job schedule delete command removes a job schedule. This command is valid for the FSAnalyze, MediaScan, and SmartPools jobs only. Syntax isi job schedule delete [--job=]{fsanalyze|mediascan|smartpools} Options --job={fsanalyze|mediascan|smartpools}, -j{fsanalyze|mediascan|smartpools} Required. Species the job whose schedule you want to remove. Valid values are fsanalyze, mediascan, and smartpools Examples To remove the schedule for the SmartPools job, run the following command: isi job schedule delete --job=smartpools You can verify the SmartPools job schedule was deleted by running the isi job schedule list command.
isi job schedule list

The isi job schedule list command lists all scheduled jobs, their congured schedules, and their next scheduled run time. Syntax isi job schedule list Options There are no options available for this command. Examples To view a list of scheduled jobs, run the following command: isi job schedule list The system displays output similar to the following example: Job --------------FSAnalyze MediaScan SmartPools Schedule -----------------------------------------every day at 22:00 the 1st saturday of every month at 12am every day at 22:00 Next Run --------------05/02 22:00 05/07 00:00 05/02 22:00
155
isi job schedule set

The isi job schedule set command sets a recurring job schedule. This command is available for the FSAnalyze, MediaScan, and SmartPools jobs only. Syntax isi job [--job=]{fsanalyze|mediascan|smartpools} [--when=]"<Interval> [<Frequency>]" Options --job={fsanalyze|mediascan|smartpools}, -j{fsanalyze|mediascan|smartpools} Required. Species the job whose schedule you want to set. Valid values are fsanalyze, mediascan, and smartpools. --when="<Interval> [<Frequency>]", -w="<Interval> [<Frequency>]" Required. Species the recurring date and time at which to start the job. <Interval> is required and can take one of the following forms: every {sun-sat}[, ...] every [{1-31}] day every [{1-23}] weekday every [{1-52}] week [on {sun-sat}[, ...]] every [<Number>] months [on the {1[st]-31[st]}] the {1-5|last} {sun-sat} every [{1-12}] month the {1-23|last} weekday every [{1-12}] month the {1[st]-31[st]} every [{1-12}] month the last day every [{1-12}] month yearly on {jan-dec} {1-31}
<Frequency> is optional and can take either of the following forms, using the 12-hour (am/pm) or 24-hour clock. If not specied, the default frequency is at 0:00. at {<Hr>[:<Min>]} every [<Number>] {hours|minutes} [from {<Hr>[:<Min]} to {<Hr>[:<Min]}]
Examples The following command schedules the FSAnalyze job to run every day at 10 pm: isi job schedule set fsanalyze --when="every day at 10pm" The following command schedules the MediaScan job to run once every Monday, Wednesday, and Friday: isi job schedule set mediascan --when="every week on mon, wed, fri" The job will run at 0:00, which is the default time of day. The following command schedules the SmartPools job to run on the 15th day of the month: isi job schedule set smartpools --when="the 15th every month"
156
isi job start

The isi job start job starts a job that is not currently paused. To restart a paused job, use the isi job resume command. Note: To view a list of available jobs that can be started, run the isi job list command.
Syntax isi job start [--job=]{autobalance|avscan|collect|flexprotect|fsanalyze| integrityscan|mediascan|multiscan|quotascan|setprotectplus|smartpools| snapshotdelete|treedelete --path=<IFS-Directory>} [--nodup] [--policy=<PolicyName>] [--priority={1:10}] isi job start [--job=]permissionrepair --path=<IFS-Directory> --mode={convert|inherit --template=<IFS-Path>|clone --template=<IFS-Path>} [--type={system|sid|unix|native}] [--nodup] [--policy=<PolicyName>] [--priority={1:10}] Options The --path option is required for TreeDelete and PermissionRepair jobs and does not apply to other jobs. The --mode option is required for PermissionRepair jobs and does not apply to other jobs. The --type and --template options apply only to PermissionRepair jobs. --job=<Job>, -j<Job> Required. Species the name of the job to start. --path=<IFS-Directory> Required if starting a TreeDelete or PermissionRepair job. Does not apply to other jobs. Species the path to delete or repair permissions to. --mode={clone|inherit|convert} Required for PermissionRepair jobs. Does not apply to other jobs. Species the mode (clone, inherit, or convert). If you choose clone or inherit mode, you must also specify the --template option. --template=<IFS-Path> Required only if starting the PermissionRepair job in clone or inherit mode. Species the template le or directory. --type={system|native|sid|unix} Available only when starting PermissionRepair jobs. Species the type for the PermissionRepair job. --priority={1:10}, -p{1:10} Sets the priority level for the specied job. Valid values are 1 (highest; no other job can interrupt this job) through 10 (lowest; any job can interrupt this job). Note: Level 1 priority is reserved for FlexProtect and IntegrityScan jobs only. --policy=<PolicyName>, -o<PolicyName> Species the job impact policy to use. --nodup, -n Avoids starting a new job if an instance already exists.
157
OneFS Command Reference Examples To start the SmartPools job using its default job settings, run the following command: isi job start --job=smartpools The system displays a status message and job instance ID, similar to the following output: Added job [32] The following command deletes the /ifs/data/old directory and all of its subdirectories, using a low priority level of 8: isi job start --job=treedelete --path=/ifs/data/old --priority=8 The following command repairs the permissions on the /ifs/data/alpha directory by cloning the permissions from /ifs/data/beta: isi job start --job=permissionrepair --path=/ifs/data/alpha --mode=clone --template=/ifs/data/beta
isi job status

The isi job status command displays summaries of running, paused, and waiting jobs; failed jobs; and recent job results. Syntax isi job status [--verbose] Options --verbose, -v Displays the current progress of paused and running jobs. Examples To view job status, including the current progress of any currently running or paused jobs, run the following command: isi job status --verbose The system displays output similar to the following example: Running jobs: Job Impact ------------------------- -----SmartPools[68] Low Progress: Processed 1174 Pri Policy Phase Run Time --- --------- ----- ---------6 LOW 1/1 0:00:02 LINs: 827 files, 338 directories; 0 errors
Paused and waiting jobs: Job Impact Pri Policy Phase Run Time State ------------------------- ------ --- --------- ----- ---------- ----------FSAnalyze[67] Low 6 LOW 1/2 0:00:05 User Paused Progress: Started No failed jobs. Recent job results: Time Job Event --------------- -------------------------- -------------------07/03 22:15:05 SnapshotDelete[59] Succeeded
158
07/04 07/04 07/05 07/05 07/06 07/06 07/06
22:00:45 22:16:35 22:00:26 22:18:06 10:06:22 10:23:18 13:11:30
FSAnalyze[60] SnapshotDelete[61] FSAnalyze[62] SnapshotDelete[63] FlexProtect[64] MultiScan[65] SmartPools[66]
Succeeded Succeeded Succeeded Succeeded Succeeded Succeeded Succeeded
This output indicates that the SmartPools job (job ID 68) is currently running, the FSAnalyze job (job ID 67) was manually paused 5 seconds after it started, there are no recently failed jobs, and several recent jobs have run successfully. Note: If the cluster contains down nodes or read-only nodes or drives, the following notication message displays at the beginning of the output: The cluster has down or read-only nodes or drives which may prevent jobs from running.
isi job update

The isi job update command overrides default priority levels and impact policies for a currently running or paused job. Syntax isi job update [--job=]<Job> --priority=<PriorityLevel> --policy=<PolicyName> Options You must specify one or both --priority or --policy options to modify the priority level or impact policy, respectively. --job=<Job>, -j=<Job> Required. Species the name or ID number of a paused or running job. --priority=<PriorityLevel>, -p=<PriorityLevel> Sets the priority level for the specied job. Valid values are 1 (highest; no other job can interrupt this job) through 10 (lowest; any job can interrupt this job). --policy=<PolicyName>, -o=<PolicyName> Species the job impact policy to use. Examples In the following examples, assume that the jobs are currently running or paused. The following command sets the FSAnalyze job priority level to 3: isi job update --job=fsanalyze --priority=3 The following command sets a job, whose ID is 38, to use priority level 2 and a medium impact policy: isi job update --job=38 --priority=2 --policy=medium Note: You can verify that an update succeeded by running the isi job status command.
159
isi license activate

The isi license activate command activates a new license key. Syntax isi license activate [--key=]<Key> Options --key=<Key>, -k=<Key> Species the key being activated. Multiple keys can be specied by separating them with either spaces or commas. Examples The following command activates a license key of EXMPL-Z7LQE-00EXA-MPLE0-S4VQP: isi license activate EXMPL-Z7LQE-00EXA-MPLE0-S4VQP
isi license status

The isi license status command displays the activation status of each available software license on the cluster. Syntax isi license status Options There are no options for this command. Examples To view the status of your licenses, run the following command: isi license status The system displays output similar to the following example: Module -----InsightIQ Isilon for vCenter Platform API SmartConnect Advanced SmartLock SmartPools SmartQuotas SnapshotIQ SyncIQ iSCSI License Status -------------Evaluation Evaluation Evaluation Evaluation Evaluation Evaluation Activated Inactive Activated Inactive Configuration ------------Not Configured Not Configured Not Configured Configured Not Configured Not Configured Configured Not Configured Configured Not Configured Expiration Date --------------June 9, 2012 June 9, 2012 June 9, 2012 June 9, 2012 June 9, 2012 June 9, 2012 June 9, 2012 June 9, 2012
160
isi license unconfigure

The isi license unconfigure command uncongures a module license. Unconguring a module license disables any recurring jobs or scheduled operations that you have enabled for that module. Syntax isi license unconfigure [--module=]<Module> Options --module=<Module>, -m=<Module> Species the module to uncongure. Note: Module names that contain spaces must be enclosed in quotation marks. The following values are valid: Examples To uncongure the InsightIQ license, run the following command: isi license unconfigure InsightIQ To uncongure the Isilon for vCenter license, run the following command: isi license unconfigure "Isilon for vCenter" InsightIQ "Isilon for vCenter" "Platform API" "SmartConnect Advanced" SmartLock SmartPools SmartQuotas SnapshotIQ SyncIQ iSCSI
isi lun clone

The isi lun clone command creates a point-in-time copy of an existing logical unit. The settings of the source logical unit are copied to the clone logical unit, enabling you to save time by modifying only the necessary settings. Syntax isi lun clone [--name=]<SourceTarget>:<LUN> --clone=<DestTarget>:<LUN> [--type=<LUN-type>] [--comment=<QuotedString>] [--path=<IFSDirectory>] [--access-pattern=<Pattern>] [--online=<Boolean>] [--smart-cache=<Boolean>] [--read-only=<Boolean>]
161
OneFS Command Reference Options --name=<SourceTarget>:<LUN> Required. Species the name of the source logical unit. Valid names include the name of the source target where the logical unit is located and its logical unit number (LUN), separated by a colon (for example, mytarget:0). --clone=<DestTarget>:<LUN> Required. Species a name for the clone logical unit. You must specify a different target, a new LUN, or both. The LUN must be an integer in the range 0-255, and must be unique for the destination target. --type=<LUN-type> Species the LUN type. The following values are valid: normal snapshot shadow
The default LUN type is normal. --comment=<QuotedString> Modies the description for the logical unit. If the comment contains spaces, it must be enclosed in quotation marks. --path=<IFSDirectory> Species a default path, starting at the /ifs directory, where LUN directories will be created. This setting overrides any default LUN directory paths that are congured for individual targets. --access-pattern=<Pattern>, -l=<Pattern> Species the I/O optimization settings for the logical unit. The following values are valid: random streaming concurrency custom{1-5} Note: The custom setting is intended for Isilon Technical Support use only. --online=<Boolean> Sets the logical unit's state to online (1) or ofine (0). The LUN is online by default. --smart-cache=<Boolean> Enables (1) or disables (0) SmartCache for the LUN. The default setting is inherited from the source.
! Caution: Although enabling SmartCache can improve performance, it can also lead to
data loss if a node loses power or crashes while uncommitted data is in the write cache. This can cause inconsistencies in any le system that is laid out on the LUN, rendering the le system unusable.
--read-only=<Boolean> Species the write access setting for the LUN. Specifying 1 sets the access to read-only. Specifying 0 sets the access to read/write. Examples The following command creates a shadow clone LUN named mytarget:11 from a source LUN named mytarget:10.
162
isi lun clone --name=mytarget:10 --clone=mytarget:11 --type=shadow The following command creates a normal clone LUN named newtarget:0 from a source LUN named oldtarget:10, and species a new LUN directory path of /ifs/clones/: isi lun clone --name=oldtarget:10 --clone=newtarget:0 --type=normal --path=/ifs/clones/
isi lun create

The isi lun create command creates a logical unit and congures its initial settings. Syntax isi lun create [--name=]<Target>:<LUN> --size=<Integer>[{B|MB|GB|TB}] [--comment=<QuotedString>] [--path=<AbsolutePath>] [--protection=<Policy>] [--access-pattern=<Pattern>] [--online=<Boolean>] [--smart-cache=<Boolean>] [--read-only=<Boolean>] [--thin=<Boolean>] [--diskpool=<DiskPool>] Options --name=<Target>:<LUN>, -n=<Target>:<LunNumber> Required. Species a name for the logical unit. Valid names include the name of an existing target that will contain the logical unit and a unique logical unit number (0-255) within the target, separated by a colon (for example, mytarget:0). --size=<Integer>[{B|MB|GB|TB}] Required. Species the LUN's size (capacity). Valid sizes are in the range 1MB-32TB. The default unit of measure is B. Do not include a space between the integer and the unit of measure (for example, 50MB). After you create a LUN, you can increase its size but you cannot decrease it. --comment=<QuotedString> Species an optional comment for the logical unit. If the comment contains spaces, you must enclose it in quotation marks. --path=<AbsolutePath> Species the absolute path, beginning at /ifs, to the default LUN directory. Example: --path=/ifs/target1luns. This setting overrides the default LUN directory path that is congured during target creation. --protection=<Policy> Species the protection policy for the logical unit. You can specify mirroring (2x through 8x) or Isilon FlexProtect (+1 through +4, +2:1, +3:1) protection. --access-pattern=<Pattern>, -l=<Pattern> Species the I/O optimization settings for the logical unit. The following values are valid: random streaming concurrency custom{1-5} Note: The custom setting is intended for Isilon Technical Support use only. --online=<Boolean>
163
Sets the logical unit state to online (1) or ofine (0). The default value is 1. --smart-cache=<Boolean> Enables (1) or disables (0) SmartCache. SmartCache is disabled by default.
--read-only=<Boolean> Sets the write access for the logical unit. Specifying 1 sets the access to read-only. Specifying 0 sets the access to read/write. Read/write access is the default setting. --thin=<Boolean> Enables (1) or disables (0) thin provisioning. Thin provisioning keeps blocks unallocated until they are written. Thin provisioning is enabled by default. --diskpool=<DiskPool> Adds the logical unit to the specied disk pool. If not specied, logical units are allocated randomly to any available disk pool. Examples The following command creates a logical unit in a target named test1 with a LUN value of 0 and a capacity of 50 GB: isi lun create --name=test1:0 --size=50GB The following command creates a logical unit in the target test1 with a LUN value of 1 and capacity of 50 GB, and pre-allocates the required space: isi lun create --name=test1:1 --size=50GB --thin=0 The following command creates a logical unit in a target named test1 with a LUN value of 2 and capacity of 50 GB, and species /ifs/test1luns as its default LUN directory: isi lun create --name=test1:3 --size=50GB --path=/ifs/test1luns
isi lun delete

The isi lun delete command deletes an iSCSI logical unit. Syntax isi lun delete [--name=]<TargetName>:<LUN> [--force] Options --name=<TargetName>:<LUN> Required. Species the name of the logical unit to delete. Valid names include the name of the target where the logical unit is located and its logical unit number (LUN), separated by a colon (:), for example mytarget:4. --force Suppresses the conrmation prompt.
164
OneFS Command Reference Examples The following command deletes a logical unit named mytarget:50. isi lun delete --name=mytarget:50 Because the --force option is not specied, this example produces the following prompt: !! Are you sure you want to delete LUN 50? (yes, y, no, [n]) To conrm the deletion, you must type y and then press ENTER. The following command deletes a logical unit named mytarget:2 without producing a conrmation prompt: isi lun delete --name=mytarget:2 --force
isi lun import

The isi lun import command recreates logical units that have been replicated to a remote cluster or that have been backed up and then restored to a remote cluster. The iSCSI module does not support replicating or restoring snapshots or shadow copies of logical units. Syntax isi lun import [--name=]<TargetName>:<LUN> [--path=<IFSDirectory>] Options --name=<TargetName>:<LUN> Required. Species a name for the imported logical unit. Valid names include the name of an existing target that will contain the logical unit and a unique logical unit number (0-255) within the target, separated by a colon (for example, mytarget:10). --path=<IFSDirectory> Species the source path, starting at /ifs, where the LUN les are located. Examples The following command restores a logical unit from the /ifs/test/recover directory with the name mytarget:40. isi lun import --name=mytarget:40 --path=/ifs/test/recover
isi lun list

The isi lun list command displays information about iSCSI logical units. Syntax isi lun list [--name=]<Target>:<LUN> Options --name=<Target>:<LUN>, -n<Target>:<LUN> Required. Species the name of the logical unit whose settings you want to view. Valid names include the name of the target where the logical unit is located and its logical unit number (LUN), separated by a colon (for example, mytarget:4).
165
OneFS Command Reference Examples The following command displays information about a logical unit named test:56. isi lun list --name=test:56
isi lun modify

The isi lun modify command modies logical unit conguration settings. Syntax isi lun modify [--name=]<TargetName>:<LUN> [--comment=<QuotedString>] [--size=<Integer>[{B|MB|GB|TB}]] [--protection=<Policy>] [--access-pattern=<Pattern>] [--read-only=<Boolean>] [--online=<Boolean>] [--smart-cache=<Boolean>] [--diskpool=<DiskPool>] Options --name=<TargetName>:<LUN> Required. Species the name of an existing logical unit. Valid names include the name of the target where the logical unit is located and the logical unit number (LUN), separated by a colon (for example, mytarget:4). --comment=<QuotedString> Modies the description for the logical unit. If the comment contains spaces, it must be enclosed in quotation marks. --size=<Integer>[{B|MB|GB|TB}] Species a larger size (capacity) for the logical unit. Valid sizes are in the range 1MB-32TB. The default unit of measure is B. Do not include a space between the integer and the unit of measure (for example, 50MB). --protection=<Policy> Modies the protection policy for the logical unit. You can specify mirroring or Isilon FlexProtect protection. Valid values for mirroring are 2x through 8x. Valid values for FlexProtect policy are +1 through +4, +2:1, and +3:1. --access-pattern=<Pattern>, -l=<Pattern> Species the I/O optimization settings for the logical unit. The following values are valid: random streaming concurrency custom{1-5} Note: The custom setting is intended for Isilon Technical Support use only. --read-only=<Boolean> Modies the write access setting for the logical unit. Specifying 1 sets the access to read-only. Specifying 0 sets the access to read/write. --online=<Boolean> Changes the logical unit state to online (1) or ofine (0). --smart-cache=<Boolean>
166
Enables (1) or disables (0) SmartCache for the logical unit.
--diskpool=<DiskPool> Adds the logical unit to the specied disk pool. Examples The following command increases the capacity of a logical unit named test1:0 to 60 GB. isi lun modify --name=test1:0 --size=60GB The following command sets the write access to read-only and enables write caching for a logical unit named test1:3. isi lun modify --name=test1:3 --read-only=1 --smart-cache=1
isi lun move

The isi lun move command modies the target, number, or path of an existing logical unit. Syntax isi lun move [--name=]<TargetName>:<LUN> --dest=<DestTarget>:<LUN> [--path=<AbsolutePath>] Options --name=<TargetName>:<LUN> Required. Species the name of an existing logical unit. Valid names include the name of the target where the logical unit is located and the logical unit number (LUN), separated by a colon (for example, mytarget:4). --dest=<DestTarget>:<LUN>, -d=<DestTarget>:<LUN> Required. Species a new destination for the logical unit. You can specify a different target, a different LUN, or both. <LUN> must be an integer in the range 0-255, and must be unique for the destination target. --path=<AbsolutePath>, -p=<AbsolutePath> Species a new path, beginning at /ifs, to the default LUN directory. Examples The following command moves a logical unit with a LUN of 0 from a target named oldtarget to a target named newtarget: isi lun move --name=oldtarget:0 --dest=newtarget:0 The following command changes the LUN from 0 to 3 of a logical unit that is contained in a target named target1: isi lun move --name=target1:0 --dest=target1:3
167
isi lun offline

The isi lun offline command switches logical units ofine so that they are hidden from iSCSI initiators. iSCSI initiators cannot discover or connect to logical units that are ofine. Syntax isi lun offline [--name=]<TargetName>:<LUN> Options --name=<TargetName>:<LUN>, -n<TargetName>:<LUN> Required. Species the name of the logical unit to take ofine. Valid names include the name of the target that contains the logical unit and the logical unit number (LUN), separated by a colon (for example, mytarget:4). Examples The following command hides a logical unit named mytarget:1 from iSCSI initiators: isi lun offline --name=mytarget:1
isi lun online

The isi lun online command switches logical units online so that iSCSI initiators are able to discover and connect to them. Syntax isi lun online [--name=]<TargetName>:<LUN> Options --name=<TargetName>:<LUN>, -n<TargetName>:<LUN> Required. Species the name of the logical unit to switch online. Valid names include the name of the target where the logical unit is located and the logical unit number (LUN), separated by a colon (for example, mytarget:4). Examples The following command makes a logical unit named mytarget:1 discoverable to iSCSI initiators: isi lun online --name=mytarget:1
isi ndmp kill

The isi ndmp kill command terminates an NDMP session. Syntax isi ndmp kill [--session=]<Session>
168
OneFS Command Reference Options --session=<Session>, -s=<Session> Required. Species the ID of the session to terminate. Examples The following command terminates session 4.34729: isi ndmp kill 4.34729
isi ndmp list

The isi ndmp list command displays a list of NDMP sessions. Syntax isi ndmp list [--session=<string>] [--node=<string>] [--verbose] Options If no options are specied, a table of all NDMP sessions is displayed. --session=<string> Species the ID of the session to display. --node=<string> Only displays sessions on the specied node. --verbose, -v Displays detailed information. Examples To view information about all NDMP sessions, run the following command: isi ndmp list The system displays output similar to the following example: Session | Data | Mover | OP | Elapsed Time | Bytes Moved | Throughput -----------+------+-------+------+--------------+-------------+-------------4.34729 | A | A | B(0) | 00d 00:05:20 | 23.087 GB | 75.081 MB/s
isi ndmp probe

The isi ndmp probe command displays diagnostic information for sessions. Syntax isi ndmp probe [--session=]<Session> Options --session=<Session>, -s=<Session> Species the ID of the session to probe.
169
OneFS Command Reference Examples The following command displays diagnostic information for session 4.34729: isi ndmp probe 4.34729 For a backup session, the system displays output similar to the following example: Session 4.34729 probe data ================================ Session ID Protocol version Session unique id DMA interface DMA address SCSI device TAPE device Open mode Session PID Session update interval TAPE Device path Given device name Given unit number Device name Device unit number Controller name Controller unit number Bus id Peripheral device Port Number Target Current File Number Current Block Number File descriptor Pass through device name LUN Block size Record count Tape open mode Writing MOVER Data Interface State Mode Pause reason Halt reason Data written Bytes written this window Seek position Bytes left to read Window offset Window length Is new mover window set Position Record size Record number Listen socket Socket Read index Write index Last bytes xfered : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : :
: : : : : : : : : :
34729 4 1 10.25.75.133 10.25.78.26 tape005 2 40458 5 /dev/fc/tape005.pass 0 pass 41 isp 0 0 1 3 2 0 0 8 tape005.pass 0 0 5362 NDMP_TAPE_RDWR_MODE 0 0.0.0.0 ACTIVE READ NDMP_MOVER_PAUSE_NA NDMP_MOVER_HALT_NA 345913344 345913344 0 0 0 18446744073709551615 1 0 64512 5362 -1 -1 0 50688 312496128
170
DATA Interface Last bytes xfered Operation State Halt reason Abort flag IO ready Socket Listen socket Read offset Read length Bytes left to read Position Discard length Backup environment FILESYSTEM : /ifs/data/perf/0/1k/ HIST : n VERBOSE : N LEVEL : 0 UPDATE : Y RECURSIVE : Y Nlist PERFWATCH Timers (sec.msec.usec) mover write latency samples : 512 total : 008.394.410 high : 000.000.729 low : 000.000.299 average : 000.000.386 ifs readdirplus samples : 512 total : 021.842.202 high : 000.182.012 low : 000.001.315 average : 000.004.458 visitor wait samples : 0 ifs read samples : 0 reader wait samples : 0 tape write samples : 0 tape write turnaround (time between 2 writes) samples : 0 tape write wait (part of write turn around) samples : 0 writer update treewalk (part of write turn around) samples : 0 writer get work (part of write turn around) samples : 0 writer get buffer (part of write turn around) samples : 0 writer get lock (part of write turn around) samples : 0 writer release lock (part of write turn around) samples : 0 : : : : : : : : : : : : : : 0.0.0.0 312496128 1 1 0 0 0 -1 -1 0 0 0 0 0
171
writer wake reader (part of write turn around) samples : 0 writer mem free (part of write turn around) samples : 0 file history (part of write turn around) samples : 0 Counters treewalk asleep count value : 11 treewalk rdplus page count value : 2 treewalk memory in rdplus pages value : 24888 treewalk memory in entries value : 23368 treewalk memory in directories value : 532 readers asleep count value : 0 readers starved count value : 129286 writer starve count value : 107755 Memory used by work entries value : 5888 Memory used by io buffers value : 83872 File Transfer Status ------------------aborted : 0 wq_count : 46 rq_count : 0 pending_bytes : 100352 rwork_pending : 0 files_open : 23 bytes read : 346035712 bytes written : 345964032 max_files_open : 40 sleeping_visitor : 0 sleeping_readers : 12 sleeping_writer : 1 Contents of Read Queue ---------------------Contents of Write Queue ----------------------f92901:0 - buffer_count :4 (0,1,2,3) read done f124481:0 - buffer_count :4 (0,1,2,3) read done f180412:0 - buffer_count :4 (0,1,2,3) read done f73413:0 - buffer_count :4 (0,1,2,3) read done f98469:0 - buffer_count :4 (0,1,2,3) read done f109459:0 - buffer_count :3 (0,1,2,) reading f157519:0 - buffer_count :3 (0,1,2,) reading f18618:0 - buffer_count :4 (0,1,2,3) read done f78670:0 - buffer_count :4 (0,1,2,3) read done f24626:0 - buffer_count :4 (0,1,2,3) read done f119319:0 - buffer_count :4 (0,1,2,3) read done f99730:0 - buffer_count :3 (0,1,2,) reading f147278:0 - buffer_count :3 (0,1,2,) reading f168483:0 - buffer_count :4 (0,1,2,3) read done f160253:0 - buffer_count :3 (0,1,2,) reading f108736:0 - buffer_count :3 (0,1,2,) reading f161886:0 - buffer_count :4 (0,1,2,3) read done f5292:0 - buffer_count :4 (0,1,2,3) read done
172
f335:0 - buffer_count :3 (0,1,2,) reading f93638:0 - buffer_count :4 (0,1,2,3) read done f43587:0 - buffer_count :3 (0,1,2,) reading f154674:0 - buffer_count :4 (0,1,2,3) read done f63357:0 - buffer_count :4 (0,1,2,3) read done f143455:0 - buffer_count :4 (0,1,2,3) read done f132237:0 - buffer_count :3 (0,1,2,) reading f191327:0 - buffer_count :3 (0,1,2,) reading f148376:0 - buffer_count :3 (0,1,2,) reading f15166:0 - buffer_count :4 (0,1,2,3) read done f186527:0 - buffer_count :4 (0,1,2,3) read done f113402:0 - buffer_count :3 (0,1,2,) reading f164867:0 - buffer_count :3 (0,1,2,) reading f91154:0 - buffer_count :4 (0,1,2,3) read done f172411:0 - buffer_count :0 () reading f37367:0 - buffer_count :0 () reading f56975:0 - buffer_count :0 () reading f12647:0 - buffer_count :0 () reading f111490:0 - buffer_count :0 () reading f35399:0 - buffer_count :0 () reading f71888:0 - buffer_count :3 (0,1,2,) reading f75615:0 - buffer_count :3 (0,1,2,) reading f39343:0 - buffer_count :0 () reading f156171:0 - buffer_count :0 () reading f66419:0 - buffer_count :0 () reading f64905:0 - buffer_count :0 () reading f157319:0 - buffer_count :0 () reading f118697:0 - buffer_count :0 () reading Treewalk Status -------------aborted : 0 done : 0 tcount : 0 dirs_open : 1 max_dirs_open : 1 level : 0 total bytes : 143321402 total files : 135189 outstanding bytes : 48128 outstanding files : 47 Memory Allocations ================== Total Outstanding: 0 Max Used: 0 Average Used: 0 List of unfreed memory ====================== Timers (sec.msec.usec) mover write latency samples : 0 ifs readdirplus samples : 0 visitor wait samples : 0 ifs read samples : 0 reader wait samples : 0 tape write samples : 0 tape write turnaround (time between 2 writes) samples : 0 tape write wait (part of write turn around)
173
samples : 0 writer update treewalk (part of write turn around) samples : 0 writer get work (part of write turn around) samples : 0 writer get buffer (part of write turn around) samples : 0 writer get lock (part of write turn around) samples : 0 writer release lock (part of write turn around) samples : 0 writer wake reader (part of write turn around) samples : 0 writer mem free (part of write turn around) samples : 0 file history (part of write turn around) samples : 0 Counters treewalk asleep count value : 11 treewalk rdplus page count value : 2 treewalk memory in rdplus pages value : 24888 treewalk memory in entries value : 26416 treewalk memory in directories value : 532 readers asleep count value : 0 readers starved count value : 129299 writer starve count value : 107759 Memory used by work entries value : 6656 Memory used by io buffers value : 120336 For a dataset session, the system displays output similar to the following example: Session 4.34729 probe data ================================ Session ID Protocol version Session unique id DMA interface DMA address SCSI device TAPE device Open mode Session PID Session update interval TAPE Device path Given device name Given unit number Device name Device unit number Controller name Controller unit number : : : : : : :
: : : : : : : : : :
34729 4 1 10.25.75.133 10.25.78.26 tape005 0 41473 5 /dev/fc/tape005.pass 0 pass 41 isp 0
174
Bus id Peripheral device Port Number Target Current File Number Current Block Number File descriptor Pass through device name LUN Block size Record count Tape open mode Writing MOVER Data Interface State Mode Pause reason Halt reason Data written Bytes written this window Seek position Bytes left to read Window offset Window length Is new mover window set Position Record size Record number Listen socket Socket Read index Write index Last bytes xfered DATA Interface Last bytes xfered Operation State Halt reason Abort flag IO ready Socket Listen socket Read offset Read length Bytes left to read Position Discard length Backup environment HIST : n VERBOSE : N DIRECT : N Nlist Original path Destination directory Name Other name
: : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : :
0 1 3 2 0 0 8 tape005.pass 0 0 553 NDMP_TAPE_READ_MODE 0 0.0.0.0 ACTIVE WRITE NDMP_MOVER_PAUSE_NA NDMP_MOVER_HALT_NA 35675136 0 0 18446744073673898495 0 18446744073709551615 1 35653120 64512 553 -1 -1 42496 64512 31481856 0.0.0.0 31481856 2 1 0 0 0 -1 -1 0 18446744073709551615 0 0 0
: : /ifs/restore/perf//restore_streams/1 : :
175
Node FH info PERFWATCH Timers (sec.msec.usec) mover write latency samples : header read latency samples : total : high : low : average : file selection latency samples : total : high : low : average : renaming latency samples : total : high : low : average : tape read latency samples : total : high : low : average : file extract turnaround samples : total : high : low : average : Counters
: 0 : 0
0 512 000.591.833 000.004.773 000.000.034 000.000.046 512 005.574.436 000.000.607 000.000.396 000.000.413 512 000.171.396 000.000.022 000.000.011 000.000.012 37 001.904.646 001.740.111 000.000.002 000.051.476 512 027.801.575 000.017.065 000.001.853 000.002.026
isi ndmp settings list

The isi ndmp settings list command displays a list of NDMP settings and values. Syntax isi ndmp settings list [[--name=]<Name>] Options If no options are specied, all settings are displayed. --name=<Name> Species the name of the setting to be displayed. Examples To view a list of NDMP settings and values, run the following command: isi ndmp settings list
176
The system displays output similar to the following example: Setting Value -----------------------------------port 2000 dma EMC
isi ndmp settings set

The isi ndmp settings set command changes the value of an NDMP setting. Syntax isi ndmp settings set [--name=]<Setting_Name> [--value=]<Setting_Value> Options --name=<Setting_Name> Required. Species the name of the setting to change. The following values are valid: dma Species the vendor of the data management application (DMA) being used to manage backup and restore operations. Setting a specic DMA enables vendor specic workarounds and enhancements. This setting's <Value> argument must be one of the following: generic bakbone commvault emc symantec tivoli symantec-netbackup symantec-backupexec
The default value is generic. port Species the TCP/IP port number on which the NDMP daemon listens for incoming connections. The default value is 10000. --value=<Setting_Value> Required. Species the new value for the setting. Examples To set the vendor of the current data management application to EMC, run the following command: isi ndmp settings set --name=dma --value=emc The following command sets the port number on which the NDMP daemon listens for incoming connections to 2000: isi ndmp settings set port 2000
177
isi ndmp user create

The isi ndmp user create command creates a new NDMP user account. Syntax isi ndmp user create [--name=]<Name> [--password=]<password> Options --name=<Name> Required. Species the name of the new user. --password=<Password> Required. Species the password for the new user. Examples The following command creates a new NDMP user called "newUser" with a password of "1234" isi ndmp user create --name=newUser --password=1234
isi ndmp user delete

The isi ndmp user delete command deletes an NDMP user account. Syntax isi ndmp user delete [--name=]<Name> Options --name=<Name> Required. Species the name of the user account to delete. Examples The following command deletes the NDMP account for "newUser". isi ndmp user delete --name=newUser
isi ndmp user list

The isi ndmp user list command displays a list of NDMP users. Syntax isi ndmp user list [--name=]<Name> Options If no options are specied, all users are displayed. --name=<Name>
178
Species the name of a specic NDMP user to list. Examples To view a list of NDMP users, run the following command: isi ndmp user list The system displays output similar to the following example: NDMP User --------newUser1 newUser2 newUser3 newUser4
isi ndmp user modify

The isi ndmp user modify command changes NDMP user account passwords. Syntax isi ndmp user modify [--name=]<Name> [--password=]<password> Options --name=<Name> Required. Species the name of the user to modify. --password=<Password> Required. Species the new password for the user. Examples The following command changes the password of "newUser" to "4321": isi ndmp user modify --name=newUser --password=4321
isi networks
The isi networks command manages external network conguration settings. Syntax isi networks [--dns-servers=<IPAddressList>] [--add-dns-servers=<IPAddressList>] [--remove-dns-servers=<IPAddressList>] [--dns-search=<DNSDomainList>] [--add-dns-search=<DNSDomainList>] [--remove-dns-search=<DNSDomainList>] [--tcp-port=<TCPPortList>] [--add-tcp-port=<TCPPortList>] [--remove-tcp-port=<TCPPortList>] [--sc-rebalance-all] Options If no options are specied, displays all domain name servers, domain name server (DNS) search lists, client TCP ports, and subnets congured on the cluster.
179
--dns-servers=<IPAddressList> Sets the list of DNS IP addresses that nodes issue requests from. List cannot have more than three sufxes. This option overwrites the current list of DNS servers. --add-dns-servers=<IPAddressList> Adds one or more DNS IP addresses, separated by commas. The list cannot contain more than 3 IP addresses. --remove-dns-servers=<IPAddressList> Removes one or more DNS IP addresses, separated by commas. --dns-search=<DNSDomainList> Sets the list of DNS search sufxes that are appended to dns names that are not fully qualied. List cannot have more than six sufxes. This option overwrites the current list of DNS search sufxes. Note: Do not begin sufxes with a leading dot; leading dots are added automatically. --add-dns-search=<DNSDomainList> Adds one or more DNS search sufxes, separated by commas. The list cannot contain more than 6 sufxes. --remove-dns-search=<DNSDomainList> Removes one or more DNS search sufxes, separated by commas. --tcp-port=<TCPPortList> Sets one or more recognized client TCP ports. This option overwrites the current list of TCP ports. --add-tcp-port=<TCPPortList> Adds one or more recognized client TCP ports. --remove-tcp-port=<TCPPortList> Removes one or more client TCP ports. --sc-rebalance-all Rebalances dynamic IP addresses in all pools. Note: This option is only valid if a SmartConnect Advanced license is active on the cluster. Examples The following command sets 10.52.0.1 and 10.52.0.2 as the current DNS IP addresses: isi networks --dns-servers=10.52.0.1,10.52.0.2 The following command sets "company.com" and "storage.company.com" as DNS search sufxes: isi networks --dns-search=company.com,storage.company.com The following command sets 2049, 445, 20, 21, and 80 as recognized client TCP ports: isi networks --tcp-port=2049,445,20,21,80
180
isi networks create pool

The isi networks create pool command creates IP address pools. With IP address pools, you can partition your cluster's network interfaces into groups, and then assign ranges of IP addresses to logical or functional groups within your organization. Syntax isi networks create pool --name=<Subnet>:<Pool> [--ranges=<IPRangeList>] [--ifaces=<NodeInterfaces>] [--sc-subnet=<Subnet>] [--desc=<Description>] [{--dynamic|--static}] [--aggregation-mode=<Mode>] [--ttl=<number>] [--zone=<Zone>] [--add-zone-aliases=<string>] [--connect-policy=<ConnectPolicy>] [--failover-policy=<FailoverPolicy>] [{--manual-failback|--auto-failback}] [--sc-suspend-node=<Node>] [--sc-resume-node=<Node>] [--verbose] [--force] Options --name=<Subnet>:<Pool> Required. Species the name of the new pool that you want to create, including the name of the subnet and the name of the pool, separated by a colon (for example, subnet1:pool0). The pool name must be unique throughout the given subnet. --ranges=<IPRangeList> Species one or more IP address ranges for the pool that you want to create. IP addresses within these ranges are assigned to the interfaces that belong to this pool (also known as interface members). --ifaces=<NodeInterfaces> Species one or more interface members in this pool. Specify in the form of <Nodes>:<Interfaces>. To specify individual nodes, separate <Nodes> with commas. To specify a range of nodes, separate with dashes. <Interfaces> must be separated by commas. For example: --ifaces=1-3,5:ext-1,ext-2. This includes ext-1 and ext-2 on nodes 1, 2, 3, and 5. --sc-subnet=<Subnet> Species the name of the SmartConnect Service subnet that is responsible for this zone. --desc=<Description> Species an optional description of this pool. --dynamic IP addresses are automatically distributed and redistributed to one or more pool members based on the connect and failover policies. Interface members have any number of IP addresses assigned to them at different points in time. Note: This option is only valid if a SmartConnect Advanced license is active on the cluster. --static Each pool member is permanently assigned a single IP address. Depending on the number of IP addresses available, some IP addresses might go unused. This is the default setting. --aggregation-mode=<Mode> Species how external interfaces are aggregated underneath ext-agg. Aggregation will only take place if ext-agg is a pool member. The following values are valid:
legacy: Aggregates using the pre-6.5 Fast EtherChannel (FEC) driver.
181
roundrobin: Rotates equally through interfaces. failover: Uses only one interface until it fails, then switches to a currently unused interface. lacp: Aggregates using Link Aggregation Control Protocol (LACP). fec: Aggregates using the post-6.5 FEC driver.
The default mode is lacp, unless the system has been upgraded from a version of OneFS lower than 6.5 to one higher. In that case, the default mode is legacy. --ttl=<number> Species the time to live value for SmartConnect DNS query responses (in seconds). DNS responses are only valid for the time specied. The default value is 0. --zone=<Zone> Species the SmartConnect zone name for this pool. Pool IP addresses are returned in response to DNS queries to this zone. The given <ConnectPolicy> determines which pool IP addresses are returned. --add-zone-aliases=<String> Adds specied DNS names to the pool as SmartConnect zone aliases. Multiple aliases can be specied in a comma-separated list. --connect-policy=<ConnectPolicy> Species how the connections of new clients are balanced across IP addresses. The following values are valid: round-robin: Rotates through nodes equally. conn-count: Assigns node that has least connections. throughput: Assigns node with least throughput. cpu-usage: Assigns node with least CPU usage.
The default policy is Round Robin. --failover-policy=<FailoverPolicy> Species how IP addresses are rebalanced across the remaining IP interface members when an interface member fails. The following values are valid: round-robin: Rotates through nodes equally. conn-count: Assigns node that has least connections. throughput: Assigns node with least throughput. cpu-usage: Assigns node with least CPU usage.
The default policy is Round Robin. --manual-failback Requires that connection rebalancing be performed manually after failback. To manually rebalance a pool, run the following command: isi networks modify pool --name=<Subnet>:<Pool> --sc-rebalance --auto-failback Causes connections to be rebalanced automatically after failback. This is the default setting. --verbose Displays detailed information about the pool-creation process. --force Suppresses warning messages about pool creation.
182
OneFS Command Reference Examples The following command creates a new address pool named pool1 under subnet0 that assigns IP addresses 192.168.8.10-192.168.8.15 to ext-1 on nodes 1, 2, and 3. The SmartConnect zone name of this pool is storage.company.com but it accepts the alias of storage.company: isi networks create pool subnet0:pool1 --ifaces=1-3:ext-1 --ranges=192.168.8.10-192.168.8.15 --zone=storage.company.com --add-zone-aliases=storage.company The following command creates a new address pool named pool2 under subnet0 that includes interfaces ext-1 and ext-2 on node 1, and aggregates them underneath ext-agg, alternating equally between them: isi networks create pool subnet0:pool2 --iface=1:ext-agg --ranges=192.168.8.10-192.168.8.15 --aggregation-mode=roundrobin The following command creates a new address pool named pool3 under a subnet named subnet0 whose connection rebalancing must be performed manually: isi networks create pool --name=subnet0:pool3 --ifaces=1,2:ext-1,ext-2 --ranges=192.168.8.10-192.168.8.15 --manual-failback
isi networks create rule

The isi networks create rule command creates a provisioning rule for automatically conguring network interfaces. With provisioning rules, eld-replaced interfaces and those on newly added nodes are automatically added to subnets and pools. Syntax isi networks create rule --name=<Subnet>:<Pool>:<Rule> --iface=<InterfaceName> [--desc=<Description>] [--verbose] [{--any|--storage|--accelerator|--storage-x|--accelerator-x |--backup-accelerator}] Options --name=<Subnet>:<Pool>:<Rule> Required. Species the name and location of the new provisioning rule. Valid names include the subnet, pool, and a unique rule name, separated by colons (for example, subnet1:pool1:newrule). The rule name must be unique throughout the given pool. --iface=<InterfaceName> Required. Species the interface name to which the rule applies. To view a list of interfaces on your system, run the isi networks list interfaces command. --desc=<QuotedString> Species an optional description of the rule. --verbose, -v Displays detailed information about the progress of the rule creation. --any Applies this rule to all nodes. This is the default setting. --storage Applies this rule to all I-Series storage nodes only. --accelerator
183
Applies this rule to all I-Series accelerator nodes only. --storage-x Applies this rule to all storage nodes except I-Series storage nodes. --accelerator-x Applies this rule to all accelerator nodes except I-Series accelerator nodes. Examples The following command causes all ext-2 interfaces on I-Series accelerator nodes to be assigned to subnet0:pool0: isi networks create rule subnet0:pool0:rule1 ext-2 --accelerator The system displays output similar to the following example: Creating rule 'subnet0:pool0:rule3': OK Adding rule: OK Saving: OK
isi networks create subnet

The isi networks create subnet command creates network subnets. Subnets simplify external network management, and provide exibility in implementing and maintaining efcient cluster network operations. Syntax isi networks create subnet [--name=]<string> {--netmask=<IPAddress>|--prefixlen=<number>} [--desc=<Description>] [--dsr-addrs=<IPAddressList>] [--gateway=<IPAddress>] [--gateway-prio=<number>] [--mtu=<MTU>] [--sc-service-addr=<IPAddress>] [--vlan-id=<VlanIdentifier>] [--verbose] Options You must specify either a netmask or an IPv6 subnet prex length by using either --netmask or --prexlen respectively. --name=<string>, -n<string> Required. Species the name of the new subnet. The subnet name must be unique throughout the cluster. --desc=<Description> Species an optional description for the subnet. --netmask=<IPAddress> Species the netmask of the subnet for IPv4 subnets. --prexlen=<number> Species the IPv6 subnet prex length. --dsr-addrs=<IPAddressList> Sets one or more Direct Server Return address for this subnet. If an external hardware load balancer is used, this parameter is required; otherwise, this parameter is not required. --gateway=<IPAddress> Species the gateway IP address used by the subnet.
184
--gateway-prio=<number> Species the gateway priority for the subnet. Valid values are numbers between 1 and the total number of existing subnets. The default priority is the lowest possible. --mtu=<MTU> Species the maximum transmission unit (MTU) of the subnet (in bytes). Common values are 1500 and 9000. --sc-service-addr=<IPAddress> Species the IP address on which the SmartConnect module listens for domain name server (DNS) requests on this subnet. --vlan-id=<VlanIdentier> Species the VLAN ID or tag for all interfaces on the subnet. --verbose Displays the progress of different parameters as they are applied to the subnet being created. Examples The following command creates a subnet named example1 with a netmask of 255.255.255.0: isi networks create subnet --name=example1 --netmask=100.50.10.5 The system displays output similar to the following: Creating subnet 'example1': OK Saving: OK
isi networks delete pool

The isi networks delete pool command deletes IP address pools.
! Caution: Deleting all IP address pools may result in connection issues.

Syntax isi networks delete pool [--name=]<Subnet>:<Pool> [--force] Options --name=<Subnet>:<Pool>, -n<Subnet>:<Pool> Required. Species the IP address pool to delete. --force, -f Suppresses any prompts, warnings, or conrmation messages that would otherwise appear. Examples The following command deletes an IP address pool named pool0 from subnet1: isi networks delete pool subnet1:pool0 The following conrmation prompt is displayed: !! Are you sure you want to delete pool 'subnet1:pool0'? (yes, [no])
185
To conrm the deletion, type yes and then press ENTER. Note: If you attempt to delete the only IP address pool in the subnet, the system displays output similar to the following: !! Warning: pool 'subnet1:pool0' is the only remaining pool; deleting !! it may result in connection issues. If you see this message, and you are not connected to the node in its serial console, it is recommended that you type no and then press ENTER to cancel the operation.
isi networks delete rule

The isi networks delete rule command deletes provisioning rules. Syntax isi networks delete rule --name=<Subnet>:<Pool>:<Rule> [--force] Options --name=<Subnet>:<Pool>:<Rule>, -n<Subnet>:<Pool>:<Rule> Required. Species the provisioning rule to delete. --force, -f Suppresses any prompts, warnings, or conrmation messages that would otherwise appear. Examples The following command deletes a provisioning rule named rule0 from subnet1:pool2: isi networks delete rule subnet1:pool2:rule0 The system displays output similar to the following: !! Are you sure you want to delete rule 'subnet1:pool2:rule0'? (yes, !! [no]) You must type yes and then press ENTER to delete the rule. This output does not display if you include the --force option.
isi networks delete subnet

The isi networks delete subnet command deletes a network subnet.
! Caution: Deleting all subnets may result in connection issues.

Syntax isi networks delete subnet [--name=<Subnet>] [--force] Options --name=<Subnet>, -n<Subnet> Required. Species the name of the subnet to delete.
186
--force, -f Suppresses any prompts, warnings, or conrmation messages that would otherwise appear. Examples The following command deletes a subnet named subnet1: isi networks delete subnet subnet1 The following conrmation prompt displays: !! Are you sure you want to delete subnet 'subnet1'? (yes, [no]) To conrm the deletion, type yes and then press ENTER. Note: If you attempt to delete the last remaining subnet, a warning message similar to the following example displays before the conrmation prompt: Warning: subnet 'subnet1' is the only remaining subnet; deleting it may result in connection issues. If you see this message, it is recommended that you type no and then press ENTER to cancel the operation.
isi networks list interfaces

The isi networks list interfaces command displays a list of network interfaces within a subnet's IP address pool. Syntax isi networks list interfaces [--show-inactive] [--verbose] Options --show-inactive Includes inactive interfaces. --verbose, -v Displays more detailed information. Example To view a list of network interfaces, including those that are inactive, run the following command: isi networks list interfaces --show-inactive The system displays a list of inactive interfaces, similar to the following example output: Interface --------------1:ext-1 1:ext-2 1:ext-agg 2:ext-1 2:ext-2 2:ext-agg Status ----------up no carrier inactive up no carrier inactive Membership -------------------subnet0:pool0 subnet0:pool0 Addresses ------------------11.22.3.45 11.22.34.56
To view detailed information about the network interfaces, run the following command:
187
isi networks list interfaces --verbose The system displays detailed information about the interfaces, similar to the following example output: Node: Interface: NIC Name: Status: In: Out: Owners: IP Addrs: Node: Interface: NIC Name: Status: In: Out: Owners: IP Addrs: Node: Interface: NIC Name: Status: In: Out: Owners: IP Addrs: 1 ext-1 example0 up 49Kb/s 0b/s 1 subnet0:pool0 1 11.22.3.45 1 ext-2 example1 no carrier 0b/s 0b/s 0 0 2 ext-1 example0 up 11Kb/s 0b/s 1 subnet0:pool0 1 11.22.34.56
isi networks list pools

The isi networks list pools command displays available IP address pools. IP address pools enable you to partition your cluster's network interfaces into groups, and then assign ranges of IP addresses to logical or functional groups within your organization. Syntax isi networks list pools [--name=<String>] [--subnet=<String>] [--rule=<String>] [--iface=<InterfaceName>] [--verbose] [--has-addr=<IPAddress>] Options If you run this command without options or with only the --verbose option, the system displays a list of all available IP address pools. --name=<String> Displays only pool names that match the specied string, or species a full pool name in the form <Subnet>:<Pool> (for example, subnet0:pool1). --subnet=<String> Displays only pools within a subnet whose name matches the specied string. --rule=<String>
188
Displays only pools containing a rule name that matches the specied string. --iface=<InterfaceName> Displays only pools containing the specied member interface. --has-addr=<IPAddress> Displays only the pool that contains the specied IP address. --verbose, -v Displays detailed information about the specied pool. Examples To view a list of all available IP address pools, run the following command: isi networks list pools The system displays a list of pools in output similar to the following example: Subnet -------subnet0 subnet1 subnet1 subnet1 subnet0 Pool -------pool0 pool0 pool01 pool10 example1 SmartConnect Zone ---------------------Ranges -----------10.22.136.1-6 10.22.136.1-6 10.22.136.1-6 10.22.136.1-6 10.33.150.20-30 Alloc ------Static Static Static Static Dynamic
example.samplesite.com
To display all pools whose names contain the string pool0, run the following command: isi networks list pools --name=pool0 The system displays output similar to the following example: Subnet -------subnet0 subnet1 subnet1 Pool -------pool0 pool0 pool01 SmartConnect Zone --------------------Ranges -----------10.22.136.1-6 10.22.136.1-6 10.22.136.1-6 Alloc ------Static Static Static
The following commands displays detailed information on subnet0:pool0: isi networks list pools --name=subnet0:pool0 -v The system displays output similar to the following example: subnet0:pool0 - Default pool In Subnet: subnet0 Allocation: Static Ranges: 1 10.53.136.11-10.53.136.13 Pool Membership: 3 1:ext-1 (up) 2:ext-1 (up) 3:ext-1 (up) Aggregation Mode: Link Aggregation Control Protocol (LACP) SmartConnect: Suspended Nodes : None Zone : N/A Time to Live : 0 Service Subnet : N/A Connection Policy: Round Robin Failover Policy : Round Robin Rebalance Policy : Automatic Failback
189
isi networks list rules

The isi networks list rules command displays provisioning rules. Syntax isi networks list rules [--name=<String>] [--subnet=<String>] [--pool=<String>] [--verbose] [--iface=<InterfaceName>] [{--all|--storage|--accelerator|--storage-x|--accelerator-x |--backup-accelerator}] Options If no options are specied, displays a list of all provisioning rules. --name=<String> Displays only rule names that contain the specied string, or species a full rule name in the form <Subnet>:<Pool>:<Rule> (for example, subnet0:pool0:rule3). --subnet=<String> Displays only rules within a subnet whose name matches the specied string. --pool=<String> Displays only rules within a pool whose name matches the specied string, or species a full pool name in the form <Subnet>:<Pool> (for example, subnet0:pool0). --iface=<InterfaceName> Displays only rules that the specied member interface applies to. --any Displays all rules that apply to nodes. --storage Displays provisioning rules that apply only to I series storage nodes. --accelerator Displays provisioning rules that apply only to I series accelerator nodes. --storage-x Displays provisioning rules that apply only to storage nodes that are not I series storage nodes. --accelerator-x Displays provisioning rules that apply only to accelerator nodes that are not I series accelerator nodes. --verbose, -v Displays detailed information about rules. Example To view a list of provisioning rules on a node, run the following command: isi networks list rules The system displays the list of rules in output similar to the following example: Name Pool Node Type Interface --------------- ------------------------- -------------- ------------------rule0 subnet0:pool0 All ext-1
190
isi networks list subnets

The isi networks list subnets command displays available subnets. Subnets simplify external network management, and provide exibility when implementing and maintaining efcient cluster network operations. Syntax isi networks list subnets [--name=<Subnet>] [--has-addr=<IPAddress>] [--verbose] Options If you run this command without options or with only the --verbose option, the system displays a list of all available subnets. --name=<Subnet> Displays only subnets that contain the specied string. --has-addr=<IPAddress> Displays the subnet whose range includes the specied IP address. --verbose, -v Displays detailed subnet information. Examples To view a list of all subnets, run the following command: isi networks list subnets The system displays the available subnets, as shown in the following sample output: Name Subnet Gateway:Prio SC Service Pools --------------- ------------------ ------------------ --------------- ----subnet0 11.22.3.0/24 11.22.0.1:1 11.22.100.10 2 10gbe 11.22.33.0/24 N/A N/A 1 To view detailed information about the subnet whose range includes the IP address 11.22.3.45, run the following command: isi networks list subnets --has-addr=11.22.3.45 --verbose The system displays the subnet, similar to the following sample output: subnet0 - test 1 Netmask: Subnet: Gateway MTU: SC Service Address: VLAN Tagging: VLAN ID: DSR Addresses: Pools: 255.255.255.0 11.22.3.0 11.22.3.1, Priority 1 1500 11.22.3.129 Disabled 0 0 2 pool0 - Default pool dynamic
191
isi networks modify pool

The isi networks modify pool command modies IP address pool settings. Syntax isi networks modify pool --name=<Subnet>:<Pool> [--new-name=<Pool>] [--sc-rebalance] [--ranges=<IPRangeList>] [--add-ranges=<IPRangeList>] [--remove-ranges=<IPRangeList>] [--ifaces=<NodeInterface>] [--add-ifaces=<NodeInterface>] [--remove-ifaces=<NodeInterface>] [--sc-subnet=<string>] [--desc=<Description>] [{--dynamic|--static}] [--aggregation-mode=<Mode>] [--ttl=<number>] [--zone=<Zone>] [--add-zone-aliases=<string>] [--remove-zone-aliases=<string>] [--connect-policy=<ConnectPolicy>] [--failover-policy=<FailoverPolicy>] [{--manual-failback|--auto-failback}] [--sc-suspend-node=<NodeLnn>] [--sc-resume-node=<NodeLnn>] [--verbose] [--force] [--add-static-routes=<Network>/<Netmask>-<Gateway>] [--remove-static-routes=<Network>/<Netmask>-<Gateway>] [--auto-unsuspend-delay=<Seconds>] Options You must specify at least one IP address pool setting to modify. Specify IP address pool settings using one or more of the following options: --new-name --sc-rebalance --ranges --add-ranges --remove-ranges --ifaces --add-ifaces --remove-ifaces --sc-subnet --desc --dynamic or --static (cannot be specied together) --aggregation-mode --ttl --zone --add-zone-aliases --remove-zone-aliases --connect-policy --failover-policy --manual-failback or --auto-failback (cannot be specied together) --sc-suspend-node --sc-resume-node --add-static-routes --remove-static-routes --auto-unsuspend-delay
--name=<Subnet>:<Pool> Required. Species the name of the subnet to modify. Valid names include the name of the subnet and the name of the pool, separated by a colon, for example subnet1:pool0.
192
--new-name=<Pool> Sets a new name for the pool. This must be unique throughout the subnet. Note that this option does not include the name of the subnet. --sc-rebalance Rebalances the IP addresses for this pool. --ranges=<IPRangeList> Species one or more IP address ranges for this pool. IP addresses within these ranges are assigned to the interfaces that belong to this pool (also known as interface members). Note: Specifying new ranges with this option will remove any previously existing ranges from the pool. --add-ranges=<IPRangeList> Adds specied IP address ranges to this pool. --remove-ranges=<IPRangeList> Removes specied IP address ranges from this pool. --ifaces=<NodeInterface> Species one or more interface members in this pool. Specify in the form of <Nodes>:<Interfaces>. To specify individual nodes, separate <Nodes> with commas. To specify a range of nodes, separate with dashes. <Interfaces> must be separated by commas. For example: --ifaces=1-3,5:ext-1,ext-2. This includes ext-1 and ext-2 on nodes 1, 2, 3, and 5. --add-ifaces=<NodeInterface> Adds specied member interfaces to this pool. --remove-ifaces=<NodeInterface> Removes specied member interfaces from this pool. --sc-subnet=<string> Species the name of the SmartConnect Service subnet that is responsible for this zone. --desc=<Description> Species an optional description of this pool. --dynamic IP addresses are automatically distributed and redistributed to one or more pool members based on the connect and failover policies. Interface members have any number of IP addresses assigned to them at different points in time. Note: This option is only valid if a SmartConnect Advanced license is active on the cluster. --static Each pool member is permanently assigned a single IP address. Depending on the number of IP addresses available, some IP addresses might go unused. This is the default setting. --aggregation Species how external interfaces are aggregated underneath ext-agg. Aggregation will only take place if ext-agg is a pool member. The following values are valid: legacy: Aggregates using the pre-6.5 Fast EtherChannel (FEC) driver. roundrobin: Rotates equally through interfaces. failover: Uses only one interface until it fails, then switches to a currently unused interface.
193
lacp: Aggregates using Link Aggregation Control Protocol (LACP). fec: Aggregates using the post-6.5 FEC driver.
The default mode is lacp, unless the system has been upgraded from a version of OneFS lower than 6.5 to one higher. In that case, the default mode is legacy. --ttl=<number> Species the time to live value for SmartConnect DNS query responses (in seconds). DNS responses are only valid for the time specied. The default value is 0. --zone=<Zone> Species the SmartConnect zone name for this pool. Pool IP addresses are returned in response to DNS queries to this zone. The given <ConnectPolicy> determines which pool IP addresses are returned. --add-zone-aliases=<string> Adds specied DNS names to the pool as SmartConnect zone aliases. Multiple aliases can be specied in a comma-separated list. --remove-zone-aliases=<string> Removes specied DNS names from the pool as SmartConnect zone aliases. Multiple aliases can be specied in a comma-separated list. --connect-policy=<ConnectPolicy> Species how the connections of new clients are balanced across IP addresses. The following values are valid: round-robin: Rotates through nodes equally. conn-count: Assigns node that has least connections. throughput: Assigns node with least throughput. cpu-usage: Assigns node with least CPU usage.
--failover-policy=<FailoverPolicy> Species how IP addresses are rebalanced across the remaining IP interface members when an interface member fails. The following values are valid: round-robin: Rotates through nodes equally. conn-count: Assigns node that has least connections. throughput: Assigns node with least throughput. cpu-usage: Assigns node with least CPU usage.
--manual-failback Requires that connection rebalancing be performed manually after failback. --auto-failback Causes connections to be rebalanced automatically after failback. This is the default setting. --sc-suspend-node=<NodeLnn> Suspends SmartConnect DNS query responses for the specied node. While suspended, SmartConnect does not return IP addresses for this node, but allows active clients to remain connected. --sc-resume-node=<NodeLnn> Resumes suspended SmartConnect DNS query responses for the specied node. --verbose, -v Displays detailed information about the progress of the pool modication process. --force, -f Suppresses warning messages about pool modication.
194
--add-static-routes=<Network>/<Netmask>-<Gateway> Adds static route to all nodes containing a member interface in the pool being modied. This command is limited to adding IPv4 routes and is available from the command line only.
! Attention: Static-route settings that were added in versions earlier than OneFS 6.5.5 via
rc scripts must be re-created using this option. Existing static route settings will no longer work and must be re-created using the add-static-routes command.
Add one or more one or more static routes to a pool as a comma-separated string of static routes in the format xxx.xxx.xxx.xxx/nn-yyy.yyy.yyy.yyy, where xxx.xxx.xxx.xxx is the placeholder for the network, nn is the placeholder for the netmask, and yyy.yyy.yyy.yyy is the placeholder for the gateway. --remove-static-routes=<Network>/<Netmask>-<Gateway> Removes one or more static routes from a pool as a comma-separated string of static routes in the format xxx.xxx.xxx.xxx/nn-yyy.yyy.yyy.yyy, where xxx.xxx.xxx.xxx is the placeholder for the network, nn is the placeholder for the netmask, and yyy.yyy.yyy.yyy is the placeholder for the gateway. --auto-unsuspend-delay=<Seconds> Delay the automatic unsuspending of nodes with member interfaces in the pool by set number of seconds. The automatic suspend and unsuspend operation is performed automatically during rolling upgrades and if this delay is set it also takes effect for general node splits and/or reboots. Pool IP addresses on an automatically suspended node will not be given out by SmartConnect for the pool zone or zone aliases while the node is automatically suspended. This setting is only available via the command line and the current setting can be viewed by listing the current Flexnet pools in verbose mode. Examples The following command removes node 6 from participating in the SmartConnect prole for subnet0:pool0: isi networks modify pool --name=subnet0:pool0 --sc-suspend-node=6 You can conrm that the node has been suspended by running the following command: isi networks list pools --verbose The following command removes the IP address of 192.168.9.84 from pool subnet0:pool01: isi networks modify pool --name=subnet0:pool01 --ranges=192.168.9.84 The following command causes subnet0:pool1 to rotate equally through aggregated interfaces: isi networks create pool subnet0:pool1 --aggregation-mode=roundrobin The following command adds a static route to the pool subnet0:pool0: isi networks modify pool subnet0:pool0 --add-static-routes=4.4.0.0/16-10.7.160.4 The following command removes a static route from the pool subnet0:pool0 isi networks modify pool subnet0:pool0 --remove-static-routes=4.4.0.0/16-10.7.160.4 You can conrm static-route settings for all pools by running the following command: isi networks ls pools v The system displays the static-route information, similar to the following sample output: subnet0:pool0 - Default pool In Subnet: subnet0 Allocation: Static Ranges: 1 10.1.1.1-10.1.1.10
195
Pool Membership: 1 1:ext-1 (up) Auth Providers: 0 Aggregation Mode: Link Aggregation Control Protocol (LACP) Static Routes: 1 123.123.123.0/24 10.1.1.254 SmartConnect: Suspended Nodes : None Auto Unsuspend ... 10 Zone : N/A Time to Live : 0 Service Subnet : N/A Connection Policy: Round Robin
isi networks modify rule

The isi networks modify rule command modies network provisioning rule settings. Syntax isi networks modify rule --name=<Subnet>:<Pool>:<Rule> {--new-name=<Rule> | --pool=<Subnet>:<Pool> | --iface=<NodeInterface> | --desc=<Description> | {--any|--storage|--accelerator|--storage-x|--accelerator-x | --backup-accelerator}} [--verbose] Options You must specify at least one network provisioning rule setting to modify. Specify one or more rule settings by using the following options: --new-name --pool --iface --desc <ApplicationOption>
You can only specify one <ApplicationOption>. The following options are application options: --any --storage --accelerator --storage-x --accelerator-x --backup-accelerator
--name=<Subnet>:<Pool>:<Rule> Required. Species the name and location of the rule being modied. Valid names include the subnet, pool, and a unique rule name, separated by colons (for example, subnet1:pool1:newrule). --new-name=<Rule> Species a new name for the rule. This name must be unique throughout the pool. Note: This option does not include the name of the subnet or the pool.
196
--pool=<Subnet>:<Pool> Changes the pool to which the rule belongs. You must specify both the name of the subnet and the name of the pool, separated by a colon (for example, subnet1:pool3). --iface=<NodeInterface> Species the node interface to which the rule applies. --desc=<Description> Species an optional description of this rule. --any Applies this rule to all nodes. This is the default setting. --storage Applies this rule to all I series storage nodes. --accelerator Applies this rule to all I series accelerator nodes. --storage-x Applies this rule to all storage nodes except I series storage nodes. --accelerator-x Applies this rule to all accelerator nodes except I series accelerator nodes. --verbose, -v Displays detailed information about the rule modication process. Examples The following example applies rule3 on subnet0:pool0 only to all I series storage nodes: isi networks modify rule subnet0:pool0:rule3 --storage The system displays detailed information about the interfaces, similar to the following example output: Modifying rule 'subnet0:pool0:rule3': Saving: OK
isi networks modify subnet

The isi networks modify subnet command modies network subnet settings. Syntax isi | | | | | | networks modify subnet --name=<Subnet> {--new-name=<Subnet> | {--netmask=<IP-Address> | --prefixlen=<number>} {--enable-vlan|--disable-vlan} | --dsr-addrs=<IPAddressList> --add-dsr-addrs=<IPAddressList> | --remove-dsr-addrs=<IPAddressList> --desc=<Description> | --gateway=<IPAddress> | --gateway-prio=<Number> --mtu=<MTU> | --sc-service-addr=<IPAddress> --vlan-id=<VlanIdentifier>}... [--verbose] [--force]
Options You must specify at least one network subnet setting to modify.
197
Specify network subnet settings using one or more of the following options: --new-name --netmask --prexlen --enable-vlan --disable-vlan --dsr-addrs --add-dsr-addrs --remove-dsr-addrs --desc --gateway --gateway-prio --mtu --sc-service-addr --vlan-id
--name=<Subnet> Required. Species the name of the subnet to modify. --new-name=<Subnet> Species a new name for the subnet. The name must be unique throughout the cluster. --netmask=<IPAddress> Species the netmask of this subnet. --prexlen=<number> Species the IPv6 subnet prex length. --enable-vlan Enables all virtual LAN tagging on this subnet. --disable-vlan Disables any virtual LAN tagging on this subnet. --dsr-addrs=<IPAddressList> Species one or more Direct Server Return addresses for this subnet. --add-dsr-addrs=<IPAddressList> Adds one or more Direct Server Return addresses to this subnet. --remove-dsr-addrs=<IPAddressList> Removes one or more Direct Server Return addresses from this subnet. --desc=<QuotedString> Species an optional description for this subnet. --gateway=<IPAddress>, -g=<IPAddress> Species the gateway IP address used by this subnet. If not specied, the default gateway is used.
! Caution: IP address must belong to the appropriate gateway. If an incorrect IP address is

specied, communication with the cluster might be disabled. --gateway-prio=<Number>, -p=<Number> Species the gateway priority for the subnet. Valid values are numbers between 1 and the total number of existing subnets. The default priority is the lowest possible. --mtu=<MTU>
198
Species the maximum transmission unit (MTU) of the subnet (in bytes). Valid values are 1500 or 9000. --sc-service-addr=<IPAddress> Species the address on which SmartConnect listens for DNS requests on this subnet. --vlan-id=<VlanIdentier> Species the VLAN ID or tag for all interfaces on this subnet. --verbose, -v Displays the progress of different parameters as they are modied on the subnet. --force, -f Suppresses any prompts or warnings messages that would otherwise appear before or during the subnet modication operation. Examples The following command changes the name of subnetOld to subnetNew: isi networks modify subnet subnetOld --new-name=subnetNew The system displays output similar to the following: Creating subnet 'example1': OK Saving: OK
isi nfs clients list

The isi nfs clients list command displays a list of all clients holding NLM locks. Syntax isi nfs clients list Options There are no options for this command. Examples To view a list of active clients, run the following command: isi nfs clients list The system displays output similar to the following example: Hostname machineName/192.118.7.127
199
isi nfs clients remove

The isi nfs clients remove command removes clients, cancels any of the clients' pending locks and unlocks all of the clients' locks. Syntax isi nfs clients remove [--client=]<Client> Options --client=<Client>, -c=<Client> Required. Specify in form machinename/IP(of server) Examples The following command removes a client "machineName" from the server with an IP address of 192.168.7.143: isi nfs clients remove machineName/192.168.7.143
isi nfs exports check

The isi nfs exports check command checks whether existing export rules have been improperly congured. Syntax isi nfs exports check Options --help, -h Displays a list of supported options for this command. Examples To verify existing export rules, run the following command: isi nfs exports check The system displays output similar to the following example (in this example, an export rule has been created for the client "wrong.Name"): Check failed: bad hostname wrong.Name Check failed: bad hostname wrong.Name
isi nfs exports create

The isi nfs exports create command creates new export rules. Syntax isi nfs exports create --path=<string> [--client=<Client>] [--comment=<string>] [--all-dirs=<boolean>] [--bsize=<number>] [--cansettime=<boolean>] [--commit-asynchronous=<boolean>]
200
OneFS Command Reference [--dtpref=<number>] [--encoding=<encoding>] [--map-lookup-uid=<boolean>] [--mapall=<string>] [--maproot=<User_Name>] [--mapfull=<boolean>] [--maxfilesize=<number>] [--read-only=<boolean>] [--readdirplus-enable=<boolean>] [--readdirplus-prefetch=<number>] [--return-32bit-file-ids=<boolean>] [--rtmax=<number>] [--rtmult=<number>] [--rtpref=<number>] [--security-flavors=<string>] [--setattr-asynchronous=<boolean>] [--symlink-supported=<boolean>] [--time-delta=<string>] [--write-datasync-action=<string>] [--write-datasync-reply=<string>] [--write-filesync-action=<string>] [--write-filesync-reply=<string>] [--write-unstable-action=<string>] [--write-unstable-reply=<string>] [--wtmax=<number>] [--wtmult=<number>] [--wtpref=<number>] Options --path=<string> Species the path to be exported. Multiple paths can be specied with multiple --path parameters. --client=<Client> Species the client to be allowed access via this export. If not specied, rule applies to all clients. Specify as a network host name, an IP address, a subnet, or as a "netgroup" name. For IPv4 addresses, specify in dotted-decimal notation (a.b.c.d). For IPv6 addresses, specify in colon notation. IPv4 addresses mapped into the IPv6 address space are translated and stored as IPv4 addresses to remove any possible ambiguities. --comment=<string>, -c<string> Species a description of the export for administrator's convenience. --all-dirs=<boolean> Determines whether this export covers all subdirectories beneath the given path. --bsize=<number> Species block size. (NFSv2) --cansettime=<boolean> Determines whether this export can modify different le times. --comit-asynchronous=<boolean> Determines whether commit data operations perform asynchronously. --dtpref=<number> Species the preferred number of directory entries to transfer. --encoding=<encoding> Species character encoding of clients connecting via this export. The following table lists the possible encodings and their respective valid values: Valid Value cp932 cp949 cp1252 euc-kr euc-jp euc-jp-ms utf-8-mac Encoding Windows-SJIS Windows-949 Windows-1252 EUC-KR EUC-JP EUC-JP-MS UTF-8-MAC
201
Valid Value utf-8 iso-8859-1 iso-8859-2 iso-8859-3 iso-8859-4 iso-8859-5 iso-8859-6 iso-8859-7 iso-8859-8 iso-8859-9 iso-8859-10 iso-8859-13 iso-8859-14 iso-8859-15 iso-8859-16
Encoding UTF-8 ISO-8859-1 (Latin-1) ISO-8859-2 (Latin-2) ISO-8859-3 (Latin-3) ISO-8859-4 (Latin-4) ISO-8859-5 (Cyrillic) ISO-8859-6 (Arabic) ISO-8859-7 (Greek) ISO-8859-8 (Hebrew) ISO-8859-9 (Latin-5) ISO-8859-10 (Latin-6) ISO-8859-13 (Latin-7) ISO-8859-14 (Latin-8) ISO-8859-15 (Latin-9) ISO-8859-16 (Latin-10)
--map-lookup-uid=<boolean> Determines whether to lookup a user mapping for UIDs. --mapretry=<boolean> Determines whether to retry user mapping lookups if they fail. --mapall=<User_Name> Species the identity that operations by any user will be executed as. --maproot=<string> Species the identity that operations by root will be executed as. --mapfull=<boolean> Determines whether to use the full identity mapping resolution of mapped users. --maxlesize=<number> Species the maximum allowed le size on the server (in bytes). If a le is larger than the specied <number>, an error is returned. --read-only=<boolean> Determines whether writes are permitted to the mounted le system. If set to true, attempts to write will fail and display the "NFS read-only file system" error. If set to false, writes are successful. --readdirplus-enable=<boolean> Determines whether clients are allowed to use readdir-plus. If true, readdirplus requests are processed. If false, readdirplus requests are rejected and display the "NFS operation not supported" error. The default value is true. (NFSv3) --readdirplus-prefetch=<number> Species the number of directory entries that are prefetched when a readdirplus request is processed. The default value is 10. (NFSv3/4)
202
--return-32bit-le-ids=<boolean> Determines whether to limit the size of le identiers returned by NFSv3+ to 32-bit values (NFSv2 is limited to 32-bit values regardless of how this option is specied). While NFSv3+ allows 64-bit le identiers, certain clients might not support them, and silently ignore the most signicant 32-bits. --rtmax=<number> Species the value that is returned to a client's FSINFO request as the maximum read size (in bytes). Number must not be larger than 4294967295. (NFSv3/4) The default value is 512KB. Note: Although the server is capable of reads up to the --rtmax value bytes, the preferred and multiple size should be used for best performance. --rtmult=<number> Species the value that is returned to a client's FSINFO request as the preferred multiple read size (in bytes). Number must not be larger than 4294967295. (NFSv3/4) The default value is 128KB. --rtpref=<number> Species the value that is returned to a client's FSINFO request as the preferred read size (in bytes). Number must not be larger than 4294967295. (NFSv3/4) The default value is 512. --security-avors=<string> Species supported security avors. The following values are valid: sys: Sys or UNIX authentication is accepted. krb5: Kerberos V5 authentication is accepted. krb5i: Kerberos V5 authentication with integrity is accepted. krb5p: Kerberos V5 authentication with privacy is accepted.
The default value is sys. --setattr-asynchronous=<boolean> Determines whether set attribute operations are performed asynchronously (not waiting for completion before proceeding). If set to false, set attribute operations are processed synchronously and do not allow NFS to proceed until they ush modied le-system data to disk. If set to true, set attribute operations are processed asynchronously and the le system allows NFS to proceed regardless of whether modied le-system data has been ushed to disk yet. The default value is false. --symlink-supported=<boolean> Determines whether to report to the client that the le system supports symbolic link le types. If set to true, symbolic links are supported and can be created and read. When set to false, symbolic links are not supported. The default value is true. --time-delta=<number> Sets server time granularity. Specify in decimal form, such as 0.x1, where x is any number of zeros. For example, to set the granularity to nanoseconds, the value is 0.000000001. Note: Times are truncated by the server, not rounded. --write-datasync-action=<string> Species another way to perform datasync writes. (NFSv3/4) The following values are valid:
203
datasync filesync unstable
The default value is datasync (performs the request as specied). --write-datasync-reply=<string> Species an alternate response to datasync writes. (NFSv3/4) The following values are valid: datasync filesync
The default value is datasync (does not respond differently). --write-lesync-action=<string> Species another way to perform lesync writes. The following values are valid: datasync filesync unstable
The default value is filesync (performs the request as specied). --write-lesync-reply=<string> Species an alternate response to lesync writes. The following values are valid: filesync
The default value is filesync (does not respond differently). --write-unstable-action=<string> Species another way to perform unstable writes. The following values are valid: datasync filesync unstable
The default value is unstable (performs the request as specied). --write-unstable-reply=<string> Species an alternate response to unstable writes. The following values are valid: datasync filesync unstable
The default value is unstable (does not respond differently). --wtmax=<number> Species the value that is returned to a client's FSINFO request as the maximum write size (in bytes). Number must not be larger than 4294967295. (NFSv3/4) The default value is 512KB. --wtmult=<number>
204
Species the value that is returned to a client's FSINFO request as the preferred multiple write size (in bytes). Number must not be larger than 4294967295. (NFSv3/4) The default value is 512KB. --wtpref=<number> Species the value that is returned to a client's FSINFO request as the preferred write size (in bytes). Number must not be larger than 4294967295. (NFSv3/4) The default value is 512KB. Examples The following command creates an export for /ifs/home that maps all clients that identify themselves as root to nobody: isi nfs exports create --path=/ifs/home --maproot=nobody The following command creates an export for /ifs/home only for the client at IP address 192.168.7.201: isi nfs exports create --path=/ifs/home --client=192.168.7.201 The following command creates an export for /ifs/home that accepts Kerberos V5 authentication: isi nfs exports create --path=/ifs/home --security-flavors=krb5
isi nfs exports delete

The isi nfs exports delete command deletes existing export rules. Syntax isi nfs exports delete [--identifier=]<Identifier> [--site-default] Options --identier=<Identier>, -I=<Identier> Required. Species the identier of the rule or rules being deleted. --site-default, -s Site default rule desired. Examples The following command deletes an export rule with an identier of 2: isi nfs exports delete 2
isi nfs exports list

The isi nfs exports list command displays a list of existing export rules. Syntax isi nfs exports list [[--identifier=]<Identifier>] [--resolve] [--site-default] [--verbose]
205
OneFS Command Reference Options --identier=<Identier>, -I=<Identier> Species identier of rule being to be listed. --resolve, -r Checks to make sure that all clients are resolved. If a client is not resolved, they are enclosed in brackets in the output. --site-default, -s Displays the site default. --verbose, -v Displays detailed information on existing export rules and their default settings. Examples To view all existing export rules, run the following command: isi nfs exports list The system displays output similar to the following example: Rule ID Site-default 1 2 Paths /ifs /ifs/home/newUser Comment Export option... Default export
To view detailed information on existing export rules and their default settings and see whether clients are resolved or not, run the following command: isi nfs exports list -v -r The system displays output similar to the following example (in this example, the client of export 1 is not resolved): Export Site-default: Comment: Export option defaults Options: subdirectories below the paths are not mountable block size reported as 8192 bytes (NFSv2) file times reported as settable by clients (NFSv3+) commit requests performed synchronously (NFSv3+) directory read transfer size recommended as 131072 bytes (NFSv3+) data encoding is DEFAULT map root to user "nobody" groups "nobody,nogroup" map using full identity mapping use incoming UIDs without modification retry failed user mappings maximum file size reported as 9223372036854775807 (NFSv3+) read-write access readdir-plus requests are supported (NFSv3+) readdir-plus requests prefetch information for up to 10 files (NFSv3+) readdir[plus] requests returned file numbers may exceed 32-bits (NFSv3+) read transfer maximum size recommended as 524288 bytes (NFSv3+) read transfer multiple size recommended as 512 bytes (NFSv3+) read transfer preferred size recommended as 131072 bytes (NFSv3+) security flavors unix are supported set attribute operations must be synchronous symbolic link file types are supported time changes are reported in 0.000000001 second intervals write operations specifying DATASYNC to be processed as DATASYNC
206
(NFSv3+) write operations specifying DATASYNC to be replied to with DATASYNC (NFSv3+) write operations specifying FILESYNC to be processed as FILESYNC (NFSv3+) write operations specifying FILESYNC to be replied to with FILESYNC (NFSv3+) write operations specifying UNSTABLE to be processed as UNSTABLE (NFSv3+) write operations specifying UNSTABLE to be replied to with UNSTABLE (NFSv3+) write transfer maximum size recommended as 524288 bytes (NFSv3+) write transfer multiple size recommended as 512 bytes (NFSv3+) write preferred size recommended as 524288 bytes (NFSv3+) Export 1: Comment: Paths: Clients: Options: Export 2: Comment: Paths: Clients: Options: Options: Default export /ifs [host anotherthing] all directories below the paths can be mountable /ifs/home/newUser (all) read-only access security flavors krb5i are supported write transfer maximum size recommended as 300 bytes (NFSv3+)
isi nfs exports modify

The isi nfs exports modify command modies existing export rules. Syntax isi nfs exports modify {[--identifier=]<Identifier> | --site-default} {--client=<string> | --path=<string> | --comment=<string> | --all-dirs=<boolean> | --bsize=<number> | --cansettime=<boolean> | --commit-asynchronous=<boolean> | --dtpref=<number> | --encoding=<encoding> | --map-lookup-uid=<boolean> | --mapall=<string> | --maproot=<User_Name> | --mapfull=<boolean> | --maxfilesize=<number> | --read-only=<boolean> | --readdirplus-enable=<boolean> | --readdirplus-prefetch=<number> | --return-32bit-file-ids=<boolean> | --rtmax=<number> | --rtmult=<number> | --rtpref=<number> | --security-flavors=<string> | --setattr-asynchronous=<boolean> | --symlink-supported=<boolean> | --time-delta=<string> | --write-datasync-action=<string> | --write-datasync-reply=<string> | --write-filesync-action=<string> | --write-filesync-reply=<string> | --write-unstable-action=<string> | --write-unstable-reply=<string> | --wtmax=<number> | --wtmult=<number> | --wtpref=<number> | --default-all-dirs | --default-bsize | --default-cansettime | --default-commit-asynchronous | --default-dtpref | --default-encoding | --default-map-lookup-uid | --default-map | --default-mapfull | --default-maxfilesize | --default-read-only | --default-readdirplus-enable | --default-readdirplus-prefetch | --default-return-32bit-file-ids | --default-rtmax | --default-rtmult | --default-rtpref | --default-security-flavors | --default-setattr-asynchronous | --default-symlink-supported | --default-time-delta | --default-write-datasync-action | --default-write-datasync-reply | --default-write-filesync-action | --default-write-filesync-reply
207
OneFS Command Reference | --default-write-unstable-action | --default-write-unstable-reply | --default-wtmax | --default-wtmult | --default-wtpref | --delete-path=<string> | --delete-client=<string>}... Options You must specify whether to modify a specic rule or the site default rule and at least one action to perform on the rule. Specify whether to modify a specic rule or the site default rule using exactly one of the following options: --identier --site-default
Specify one or more actions using any parameters other than --identier or --site-default --identier=<Identier>, -I=<Identier> Modies the rule of the specied identier. --site-default, -s Modies the site default rule. --client=<string> Species the client to be allowed access via this export. Specify as a network host name, an IP address, a subnet, or as a "netgroup" name. For IPv4 addresses, specify in dotted-decimal notation (a.b.c.d). For IPv6 addresses, specify in colon notation. IPv4 addresses mapped into the IPv6 address space are translated and stored as IPv4 addresses to remove any possible ambiguities. --path=<string> Adds specied path to those to be exported. --comment=<string>, -c<string> Describes export for the administrator's convenience. --all-dirs=<boolean> Determines whether this export covers all subdirectories beneath the given path. --bsize=<number> Species block size. (NFSv2) --cansettime=<boolean> Determines whether this export can modify different le times. --comit-asynchronous=<boolean> Determines whether commit data operations perform asynchronously --dtpref=<number> Species the preferred number of directory entries to transfer. --encoding=<encoding> Species character encoding of clients connecting via this export. The following table lists the possible encodings and their respective valid values: Valid Value cp932 cp949 cp1252 euc-kr Encoding Windows-SJIS Windows-949 Windows-1252 EUC-KR
208
Valid Value euc-jp euc-jp-ms utf-8-mac utf-8 iso-8859-1 iso-8859-2 iso-8859-3 iso-8859-4 iso-8859-5 iso-8859-6 iso-8859-7 iso-8859-8 iso-8859-9 iso-8859-10 iso-8859-13 iso-8859-14 iso-8859-15 iso-8859-16
Encoding EUC-JP EUC-JP-MS UTF-8-MAC UTF-8 ISO-8859-1 (Latin-1) ISO-8859-2 (Latin-2) ISO-8859-3 (Latin-3) ISO-8859-4 (Latin-4) ISO-8859-5 (Cyrillic) ISO-8859-6 (Arabic) ISO-8859-7 (Greek) ISO-8859-8 (Hebrew) ISO-8859-9 (Latin-5) ISO-8859-10 (Latin-6) ISO-8859-13 (Latin-7) ISO-8859-14 (Latin-8) ISO-8859-15 (Latin-9) ISO-8859-16 (Latin-10)
--map-lookup-uid=<boolean> Determines whether to lookup incoming UIDs locally. --mapretry=<boolean> Determines whether to retry failed user mapping lookups. --mapall=<string> Species the identity that operations by any user will be executed as. --maproot=<User_Name> Species the identity that operations by root will be executed as. --mapfull=<boolean> Determines whether to use the full identity mapping resolution of mapped users. --maxlesize=<number> Species the maximum size of a le. --read-only=<boolean> Determines whether writes are permitted to the given directory path. If set to true, attempts to write will fail and display the "NFS read-only file system" error. If set to false, writes are successful. --readdirplus-enable=<boolean> Determines whether clients are allowed to use readdir-plus. If true, readdirplus requests are processed. If false, readdirplus requests are rejected and display the "NFS operation not supported" error. The default value is true. (NFSv3)
209
--readdirplus-prefetch=<number> Species the number of directory entries that are prefetched when a readdirplus request is processed. The default value is 10. (NFSv3/4) --return-32bit-le-ids=<boolean> Determines whether to limit the size of le identiers returned by NFSv3+ to 32-bit values (NFSv2 is limited to 32-bit values regardless of how this option is specied). While NFSv3+ allows 64-bit le identiers, certain clients might not support them, and silently ignore the most signicant 32-bits. --rtmax=<number> Species the value that is returned to a client's FSINFO request as the maximum read size (in bytes). Number must not be larger than 4294967295. (NFSv3/4) The default value is 512KB. Note: While the server is capable of reads up to the --rtmax value bytes, the preferred and multiple size should be used for best performance. --rtmult=<number> Species the value that is returned to a client's FSINFO request as the preferred multiple read size (in bytes). Number must not be larger than 4294967295. (NFSv3/4) The default value is 128KB. --rtpref=<number> Species the value that is returned to a client's FSINFO request as the preferred read size (in bytes). Number must not be larger than 4294967295. (NFSv3/4)(NFSv3/4) The default value is 512. --security-avors=<string> Species supported security avors. The following values are valid: sys: Sys or UNIX authentication is accepted. krb5: Kerberos V5 authentication is accepted. krb5i: Kerberos V5 authentication with integrity is accepted. krb5p: Kerberos V5 authentication with privacy is accepted.
The default value is sys. --setattr-asynchronous=<boolean> Determines whether set attribute operations are performed asynchronously (not waiting for completion before proceeding). If set to false, set attribute operations are processed synchronously and do not allow NFS to proceed until they ush modied le-system data to disk. If set to true, set attribute operations are processed asynchronously and the le system ushes modied attributes to disk when it chooses to. The default value is false. --symlink-supported=<boolean> Determines whether to report to the client that the le system supports symbolic link le types. If set to true, symbolic links are supported and can be created and read. When set to false, symbolic links are not supported. The default value is true. --time-delta=<string> Sets server time granularity. Specify in decimal form, such as "0.x1" where x is any number of zeros. For example, to set the granularity to nanoseconds, the value is 0.000000001. Note: Times are truncated by the server, not rounded.
210
--write-datasync-action=<string> Species another way to perform datasync writes. (NFSv3/4) The following values are valid: datasync filesync unstable
The default value is datasync (performs the request as specied). --write-datasync-reply=<string> Species an alternate response to datasync writes. (NFSv3/4) The following values are valid: datasync filesync
The default value is datasync (does not respond differently). --write-lesync-action=<string> Species another way to perform lesync writes. The following values are valid: datasync filesync unstable
The default value is filesync (performs the request as specied). --write-lesync-reply=<string> Species an alternate response to lesync writes. The following values are valid: filesync
The default value is filesync (does not respond differently). --write-unstable-action=<string> Species another way to perform unstable writes. The following values are valid: datasync filesync unstable
The default value is unstable (performs the request as specied). --write-unstable-reply=<string> Species an alternate response to unstable writes. The following values are valid: datasync filesync unstable
The default value is unstable (does not respond differently). --wtmax=<number>
211
Species the value that is returned to a client's FSINFO request as the maximum write size (in bytes). Number must not be larger than 4294967295. (NFSv3/4) The default value is 512KB. --wtmult=<number> Species the value that is returned to a client's FSINFO request as the preferred multiple write size (in bytes). Number must not be larger than 4294967295. (NFSv3/4) The default value is 512KB. --wtpref=<number> Species the value that is returned to a client's FSINFO request as the preferred write size (in bytes). Number must not be larger than 4294967295. (NFSv3/4) The default value is 512KB. --default-all-dirs Sets all-dirs to the default value. --default-bsize Sets bsize to the default value. --default-cansettime Sets cansettime to the default value. --default-commit-asynchronous Sets commit-asynchronous to the default value. --default-dtpref Sets dtpref to the default value. --default-encoding Sets encoding to the default value. --default-map-lookup-uid Sets map-lookup-uid to the default value. --default-map Sets current mapping to the default value. --default-mapfull Sets mapfull to the default value. --default-maxlesize Sets maxlesize to the default value. --default-read-only Sets read-only to the default value. --default-readdirplus-enable Sets readdirplus-enable to the default value. --default-readdirplus-prefetch Sets readdirplus-prefetch to the default value. --default-return-32bit-le-ids Sets return-32bit-le-ids to the default value. --default-rtmax Sets rtmax to the default value. --default-rtmult Sets rtmult to the default value.
212
--default-rtpref Sets rtpref to the default value. --default-security-avors Sets security-avors to the default value. --default-setattr-asynchronous Sets setattr-asynchronous to the default value. --default-symlink-supported Sets symlink-supported to the default value. --default-time-delta Sets time-delta to the default value. --default-write-datasync-action Sets write-datasync-action to the default value. --default-write-datasync-reply Sets write-datasynch-reply to the default value. --default-write-lesync-action Sets write-lesync-action to the default value. --default-write-lesync-reply Sets write-lesync-reply to the default value. --default-write-unstable-action Sets write-unstable-action to the default value. --default-write-unstable-reply Sets write-unstable-reply to the default value. --default-wtmax Sets wtmax to the default value. --default-wtmult Sets wtmult to the default value. --default-wtpref Sets wtpref to the default value. --delete-path=<string> Species paths to remove from this export rule. --delete-client=<string> Species clients no longer valid for this export rule. Examples The following command causes all users to login as root for an export with an ID of 1, giving them full permissions on the cluster: isi nfs exports modify --mapall=root The following command resets all attributes for an export with an ID of 1 back to their default values: isi nfs exports modify 1 --default-all-dirs --default-bsize --default-cansettime --default-commit-asynchronous --default-dtpref --default-encoding --default-map-lookup-uid --default-map --default-mapfull --default-maxfilesize --default-read-only --default-readdirplus-enable --default-readdirplus-prefetch --default-return-32bit-file-ids --default-rtmax --default-rtmult --default-rtpref --default-security-flavors --default-setattr-asynchronous
213
--default-symlink-supported --default-time-delta --default-write-datasync-action --default-write-datasync-reply --default-write-filesync-action --default-write-filesync-reply --default-write-unstable-action --default-write-unstable-reply --default-wtmax --default-wtmult --default-wtpref
isi nfs flexprotect

The isi nfs flexprotect command sets and displays NLM lock FlexProtection level. The Lock Protection Level determines the number of node failures that can happen before a lock might be lost. Syntax isi nfs flexprotect [--set<number>] Options If no options are specied, the current FlexProtection level is displayed. --set=<number>, -s<number> Note: Although it is possible to set the protection level as high as 10, it is recommended that FlexProtection not be set higher than 4 Sets the number of other nodes that locks are replicated to (the Lock FlexProtection level). Examples The following command sets the FlexProtection level to 3: isi nfs flexprotect --set=3
isi nfs locks list

The isi nfs locks list command displays a list of current locks. Syntax isi nfs locks list [--client=<string>] [--file=<string>] [--lin=<number>] [--age=<number>] Options --client=<string>, -c<string> Displays all locks this client is holding. --le=<string>, -f<string> Displays all locks for this le. --lin=<number>, -l<number> Displays all locks being held on the lin. --age=<number>, -a<number> Displays locks that have been held for longer than the given amount of time (in seconds).
214
OneFS Command Reference Examples To view a list of all current locks, run the following command: isi nfs locks list The system displays output similar to the following example: svid@Hostname Lock Type Range Path machineName/10.72.134.119 exclusive [0, 2] /ifs/home/test1/file.txt machineName/10.59.166.125 shared [10, 20] /ifs/home/test2/file.txt machineName/10.63.119.205 shared [10, 20] /ifs/home/test2/file.txt The Range column represents the range of bytes that are locked
isi nfs locks waiters

The isi nfs locks waiters command displays a list of clients that are waiting to lock a currently locked le. Syntax isi nfs locks waiters Options There are no options for this command. Examples The following command displays a list of clients waiting to lock a le that is currently locked: isi nfs lock waiters The system displays output similar to the following example: svid@Hostname machineName/10.72.134.119 Lock Type exclusive Range [0, 2] Path /ifs/home/test1/file.txt
The Range column represents the range of bytes that are locked
isi perfstat
The isi perfstat command displays a table of performance statistics. Syntax isi perfstat Examples To view information on throughput and the number of le operations on a cluster, run the following command: isi perfstat The system displays output similar to the following example: Cluster Name: TechPubs
215
Initiator Statistics: Throughput (bytes/s) Files (#/s) ID | Type | Write Read Delete |Create Remove Lookup ----+----------+-------+-------+-------+-------+-------+------1 | storage | 0 | 12K | 0 | 0 | 0 | 40 2 | storage | 0 | 3.0K | 0 | 0 | 0 | 4 3 | storage | 8.0K | 6.0K | 0 | 0 | 0 | 9 ---------------+-------+-------+-------+-------+-------+------Totals: | 8.0K | 21K | 0 | 0 | 0 | 54
isi pkg create

The isi pkg create command creates patches. This command is intended for internal use and should not be used without guidance from Isilon Technical Support.
isi pkg delete

The isi pkg delete command uninstalls patches. Syntax isi pkg delete <PatchName> Options <PatchName> Required. Uninstalls a patch from the cluster. The package identier can be either a path to a tar archive or a URL for a patch on an HTTP or FTP site. Examples The following command uninstalls a package named patch-example.tar from the cluster: isi pkg delete /ifs/home/patches/patch-example.tar You can verify that the patch was successfully uninstalled by running the isi pkg info command.
isi pkg info

The isi pkg info command displays information about patches that are installed on the cluster. Syntax isi pkg info [<PatchName>] Options If no options are specied, displays all installed patches. <PatchName> Displays information about the specied patch only. PatchName can be the path to a tar archive or the URL of a patch on an HTTP or FTP site.
216
OneFS Command Reference Examples To check whether a patch named patch-example.tar is installed, run the following command: isi pkg info patch-example.tar If the patch is installed, the system displays the package name and date of installation, similar to the following output: Information for patch-example: Description: Package Name : patch-example - 2009-10-11 If the patch is not installed, the system displays the following output: patch-example.tar It is not installed.
isi pkg install

The isi pkg install command installs patches from a tar archive or an HTTP or FTP site. Syntax isi pkg install <PatchName> Options <PatchName> Required. Installs the specied patch on the cluster. PatchName can be either a path to a tar archive or a URL for a patch on an HTTP or FTP site. Examples To install a patch named patch-example.tar on the cluster, run the following command: isi pkg install patch-example.tar The system displays output similar to the following example: Preparing to install the package... Installing the package... Committing the installation... Package successfully installed You can verify that the patch was successfully installed by running the following command: isi pkg info patch-example.tar If the patch was successfully installed, the system displays the package name and date of installation, similar to the following output: Information for patch-example: Description: Package Name : patch-example - 2009-10-11 If the patch was not installed, the system displays the following output: patch-example.tar It is not installed.
217
isi quota create

The isi quota create command creates new quota domains. Syntax isi quota create --path=<ifs-directory> [--snaps=<boolean>] [--pretend] [--force] [--update] [--verbose] {--directory | --specific-user=<user> |--specific-group=<group> |--default-user | --default-group } {--clone-from <Filter> | [--unlink-from-default] [--include-[no-]overhead] [--container=<boolean>] {{--enforcement | --accounting} {--<value>-threshold=<capacity> |--soft-threshold=<capacity> --soft-grace=<duration>}...} {--restore-notify-to-global-defaults | --reset-notify-state |--notify-for-<value>-threshold <Notify_Conditions> <Notify_Actions>}} Options You must specify whether this quota applies to all les in the directory or a certain group or user. Specify what or who this quota applies to by using exactly one of the following options: --directory --specic-user --specic-group --default-user --default group
You must specify usage limit and notication settings if you do not clone those settings from an existing quota by specifying the --clone-from option. Specify whether usage limits are enforced by using one of the following options: --enforcement --accounting
Specify usage limit thresholds by using one of the following options: <value>-threshold --soft-threshold and --soft-grace (must be specied together)
Specify notication settings using one of the following options: --restore-notify-to-global-defaults --reset-notify-state --notify-for-<value>-threshold <Notify_Conditions> <Notify_Actions>
--path=<ifs-directory> Required. Species the path for the domain set. --snaps=<boolean> Includes snapshot usage in the quota accounting. The default setting is false.
218
Note: You cannot add snapshot tracking to an existing quota domain. You must create a new one using this option. Quota domains with snapshot tracking can exist alongside domains without snapshot tracking on the same path. --pretend Does not actually create the domains. --force Forces creation of a quota domain on /ifs. --update Applies specications to an existing domain, as if using isi quota modify. --verbose, -v Displays a list of domains that have been created, actions that have been performed and status of save. --directory Species a quota domain for all les in the directory. --specic-user=<user>, -u<user> Species a quota domain governing only les owned by a specic user in the directory. --specic-group=<group>, -g<group> Species a quota domain governing only les owned by a specic group in the directory. --default-user Creates a default user domain. User-specic quota domains are created for each user who has les in the directory and links them to this quota domain. --default-group Creates a default group domain. Group-specic quota domains are created for each group that has les in the directory and links them to this quota domain. --unlink-from-default Unlinks a user or quota domain from its default quota domain for manual management instead of automatic management. --include-[no-]overhead Species whether or not threshold limits include le data overhead. --container=<boolean> When the volume of the cluster is requested, the usage limit is displayed instead of the actual available space. --clone-from <Filter> Creates quota domain with the same settings as the specied quota domain. Specify <Filter> as one or more quota identication parameters such as --path, --specic-group and --default-user. Filters must match only one quota domain in order to be valid. --<value>-threshold=<capacity> Species hard or advisory threshold limits for the given quota domain. The following <values> are valid: hard: Limits usage to the specied <capacity>. advisory: Issues warnings when specied <capacity> is exceeded.
Specify <capacity> in form <real>[k|m|g|t|p][b] where kb, mb, gb, tb, and pb stand for kilobytes, megabytes, gigabytes, terabytes, and petabytes, respectively. These sufxes are not case sensitive, and the 'b' is always optional. A sufx of 'b', or no sufx, indicates bytes. --soft-threshold=<capacity> --soft-grace=<duration>
219
Implements a <duration> during which users are warned that they have exceeded the threshold limit. After the <duration> expires, usage is limited to the specied <capacity>. These two options must be used together. Specify <capacity> in form <real>[{k|m|g|t|p}][b] where kb, mb, gb, tb, and pb stand for kilobytes, megabytes, gigabytes, terabytes, and petabytes respectively. These sufxes are not case sensitive, and the 'b' is always optional. A sufx of 'b', or no sufx, indicates bytes. Specify <duration> in form <integer>[{m|h|d|w}] where m, h, d, and w stand for minutes, hours, days and weeks, respectively. If no sufx is specied, indicates minutes. --enforcement Enforces usage limits. This is the default setting. --accounting Does not enforce usage limits. --notify-for-<value>-threshold <notify_conditions> <notify_actions> Sets notications for the specied threshold violations. The following <values> are valid: hard soft advisory
<Notify_Conditions> Species notication conditions for the --notify-for option. The following conditions are valid: --notify-on-denied-write-once-per=<duration> Sends notication for each time a le write is denied on a full quota, but does not notify more than once in the specied duration. Specify <duration> in form: <integer>[{m|h|d|w}] where m, h, d, and w stand for minutes, hours, days and weeks, respectively. If a sufx is not specied, indicates seconds. --notify-on-threshold-exceeded-once-per=<duration> Sends notication for each threshold violation on a quota, but does not notify more than once in the specied duration. Specify <duration> in form: <integer>[m|h|d|w] where m, h, d, and w stand for minutes, hours, days and weeks, respectively. If a sufx is not specied, indicates seconds. --notify-while-expired=[<recurrence>] Sends notication on the specied recurrence while over the soft threshold limit and after the grace period has expired. Specify <recurrence> in natural-language format, such as "every Tuesday at 3:00". An empty argument clears the setting. Note: This condition is only valid with --notify-for-soft-threshold. --notify-while-over=[<recurrence>] Sends notication on the specied recurrence while over the threshold limit. Specify <recurrence> in natural-language format, such as "every Tuesday at 3:00". An empty argument clears the setting. --notify-while-over-not-expired=[<recurrence>] Sends notication on the specied recurrence while over the soft threshold limit but before the grace period has expired. Specify <recurrence> in natural-language format, such as "every Tuesday at 3:00". An empty argument clears the setting. Note: This condition is only valid with --notify-for-soft-threshold.
220
<Notify_Actions> Species the type of notication to send for the given notify condition. The following actions are valid: --notify-alert Noties by generating a system alert. --notify-email-to=<email> Noties by emailing the specied email address. --notify-email-to-owner Noties by emailing the owner of the quota domain. Examples The following command generates a system alert at 11:00am every day that newUser's usage exceeds 10 gigabytes and another system alert at 1:00pm if newUser's usage exceeds 10 gigabytes for over 10 minutes: isi quota create --path=/ifs/home --specific-user=newUser --verbose --enforcement --soft-threshold=10GB --soft-grace=10m --notify-for-soft-threshold --notify-while-expired="every day at 13:00" --notify-while-over-not-expired="every day at 11:00" --notify-alert If --verbose is specied, the system displays output similar to the following example: Creating the following quota domains: user:newUser1@snaps=no@/ifs/home Executing the following actions on each quota domain: [enforcement] [soft_threshold] ( 10G) [soft_grace] (10 m) [notify_for_soft_threshold] [notify_while_expired] (every day at 13:00) [notify_while_over_not_expired] (every day at 11:00) [notify_alert] Pretending to create: user:newUser1@snaps=no@/ifs/home Creating: user:newUser1@snaps=no@/ifs/home OK OK
The following command creates a default group domain that uses the same settings as the existing default user domain: isi quota create --default-group --path=/ifs/home --clone-from --default-user
isi quota delete

The isi quota delete command deletes existing quota domains. Syntax isi quota delete [{--pretend | --force}] [--verbose] [--path=<ifs-directory>] [--directory] [--specific-user=<user>] [--specific-group=<group>] [--default-user] [--default group]
221
OneFS Command Reference Options If no options are specied, all existing quota domains are deleted. --pretend Does not actually delete the domains. --force, -f Skips the warning that displays how many quota domains will be deleted. --verbose, -v Displays a list of domains deleted by this command, and status of save. --path=<ifs-directory> Deletes domain set for this path. --directory Deletes quota domain for all les in the directory. --specic-user=<user>, -u<user> Deletes a quota domain governing only les owned by a specic user in the directory. --specic-group=<group>, -g<group> Deletes a quota domain governing only les owned by a specic group in the directory. --default-user Deletes default user quota domain. User-specic quota domains are automatically added and removed as needed for each user who has les in the directory. --default-group Deletes default group quota domain. User-specic quota domains are automatically added and removed as needed for each group that has les in the directory. Examples The following command deletes a quota domain with the path /ifs/home/newUser. isi quota delete --path=/ifs/home/newUser The system displays output similar to the following example: Deleting the following quota domains: directory@snaps=no@/ifs/home/newUser !! 1 quota domain will be deleted. !! Are you sure you want to continue with the delete operation? (yes, !! [no]) If yes is entered, the system displays output similar to the following example: Deleting: directory@snaps=no@/ifs/home/newUser OK
222
isi quota import

The isi quota import command imports quota domains and congurations from external sources. Syntax isi quota import {--from-file=<file>|--convert-from-v1} [{--pretend | --force}] [--verbose] Options You must specify exactly one location to import domains from. Specify a location by using one of the following commands: --from-le --convert-from-v1
--from-le=<le> Species a SmartQuotas v2 report le to import domains from. This report can be generated using the isi quota list --export command. --convert-from-v1 Imports domains from the SmartQuotas v1 conguration le. --pretend Imports and displays a list of the quota domains, but does not save any changes. --force Forces conicting imported domains to overwrite existing domains. --verbose, -v Displays each imported domain and all errors. Examples The following command imports domains from a SmartQuotas v2 report le called sqv2domains.xml. isi quota import --from-file=/ifs/home/imports/sqv2domains.xml
isi quota list

The isi quota list command displays a list of existing domains. Syntax isi quota list [--verbose] [--export] [--show-with-overhead] [--show-with-no-overhead] [--directory] [--specific-user=<user>] [--specific-group=<group>] [--default-user] [--default-group] [--snaps=<boolean>] [--governs-user=<user>] [--governs-group=<group>] [--recurse-path=<ifs-directory>] [--recourse-path-up=<ifs-directory>] [--has-thresholds] [--has-<value>-threshold] [--is-threshold-exceeded] [--is-<value>-threshold-exceeded] [--is-[not-]expired] [--is-[not-]linked] [--with-[no-]overhead]
223
OneFS Command Reference Options If no options are specied, all quotas are displayed in default format. --verbose Displays detailed information on every quota domain. --export Displays domains in xml format suitable for import. --show-with-overhead Displays the total usage including overhead. --show-with-no-overhead Displays the total usage excluding overhead. --path=<ifs-directory> Displays the quota domain for the specied path. --directory Displays the quota domain for all les in the directory. --specic-user=<user>, -u<user> Displays quota domain governing les owned by a specic user in the directory. --specic-group=<group>, -g<group> Displays quota domain governing les owned by a specic group in the directory. --default-user Displays the default user quota domain. --default-group Displays the default group quota domain. --snaps=<boolean> Displays either quota domains using snapshot or ones that do not. --governs-user=<user> Displays quota domains governing les owned by the specied user. Does not include --directory quota domains. --governs-group=<group> Displays quota domains governing les owned by the specied group. Does not include --directory quota domains. --recourse-path=<ifs-directory> Displays quota domains dened on the specied path or any subdirectories. --recourse-path-up=ifs-directory, --governs-path=ifs-directory Displays quota domains dened on the specied path or any parent directories. --has-thresholds Displays quota domains with threshold limits dened. --has-<values>-threshold Displays quota domains with specied threshold limit. The following values are valid : hard soft advisory
224
--is-threshold-exceeded Displays quota domains that have exceeded their threshold usage. --is-<value>-threshold-exceeded Displays quota domains that have exceeded their specied threshold usage. The following values are valid: hard soft advisory
--is-[not-]expired Displays either quota domains with expired grace periods or domains whose grace periods have not expired yet. --is-[not-]linked Displays either quota domains that are linked to a default quota domain or ones that are not. --with-[no-]overhead Displays either quota domains whose threshold values include le data overhead or ones that do not. Examples To view all quotas, run the following command: isi quota list The system displays output similar to the following example: Type -------------------directory directory directory Path ---------------------/ifs/home/newUser4 /ifs/home/newUser3 /ifs/home/newUser2 Snap Hard Soft Advr Usage ----- ----- ----- ---- ----no N/A 10G N/A ~159B no N/A 10K N/A 72K no 11G N/A N/A 72K
To view only quotas with soft thresholds, run the following command: isi quota list --has-soft-threshold The system displays output similar to the following example: Type -------------------directory directory Path ---------------------/ifs/home/newUser4 /ifs/home/newUser3 Snap Hard Soft Advr Usage ----- ----- ----- ----- ---no N/A 10G N/A ~159B no N/A 10K N/A 72K
To view detailed information on all quotas, run the following command: isi quota list --verbose The system displays output similar to the following example: Type Path Policy Snap Usage ---------- ------------------------------------- ----------- ----- -------directory /ifs/home/newUser4 enforcement no ~159B [soft-threshold] ( 10G, 1 w) [notify-on-denied-write-once-per] (1 w, send alert) [soft-threshold-exceeded] (no) [soft-threshold-expired] (no) [usage-with-no-overhead] ( 159B) [usage-with-overhead] ( 34K)
225
[usage-inode-count] (1) directory /ifs/home/newUser3 enforcement [soft-threshold] ( 10K, 1 w) [notify-on-denied-write-once-per] (1 w, send alert) [soft-threshold-exceeded] (yes, exceeded 05/05 11:44) [soft-threshold-expired] (no, will expire 05/12 11:44) [usage-with-no-overhead] ( 72K) [usage-with-overhead] ( 232K) [usage-inode-count] (10) directory /ifs/home/newUser2 enforcement [hard-threshold] ( 11G) [hard-threshold-exceeded] (no) [usage-with-no-overhead] ( 72K) [usage-with-overhead] ( 232K) [usage-inode-count] (10)
no
72K
no
72K
isi quota modify

The isi quota modify command modies existing quota domains. Syntax isi quota modify [--pretend] [--force] [--verbose] {--path=<ifs-directory> [--directory] | --specific-user=<user> | --specific-group=<group> | --default-user | --default-group | --snaps=<boolean> | --governs-user=<user> | --governs-group=<group> | --recurse-path=<ifs-directory> | --recurse-path-up=<ifs-directory> | --has-thresholds | --has-<value>-threshold | --is-threshold-exceeded | --is-<value>-threshold-exceeded | --is-[not-]expired | --is-[not-]linked | --with-[no-]overhead}... {--clone-from <Filter> | --link-to-default | {--unlink-from-default | {--clear-thresholds | --clear-<value>-threshold} | --container=<boolean> | --include-[no-]overhead} | {{--enforcement | --accounting} {--<value>-threshold=<capacity> | --soft-threshold=<capacity> --soft-grace=<duration>}}... | {--restore-notify-to-global-defaults | --reset-notify-state | --clear-notify-<value>-threshold | --notify-for-<value>-threshold <Notify_Conditions> <Notify_Actions>}...} Options You must specify which domains are being modied and at least one modication. Specify which domains are being modied by using one or more of the following parameters: --path --specic-user --specic-group --default-user --default-group --snaps
226
--governs-user --governs-group --recurse-path --recurse-path-up --has-thresholds --has-<value>-threshold --is-threshold-exceeded --is-<value>-threshold-exceeded --is-[not-]expired --is-[not-]linked --with-[no-]overhead
Specify one or more modication using the following parameters (some parameters might require other parameters to be specied also): --clone-from --link-to-default --unlink-from-default --clear-thresholds --clear-<value>-threshold --container --include-[no-]overhead --enforcement --<value>-threshold --soft-threshold --soft-grace --accounting --restore-notify-to-global-defaults --reset-notify-state --clear-notify-<value>-threshold --notify-for-<value>-threshold Does not actually modify the domains. --force Allows multiple domains to be changed. --verbose, -v Displays a list of the modied domains, actions performed and status of save. --path=<ifs-directory> Targets the specied path for the domain set. --directory Targets the quota domain for all les in the directory. --specic-user=<user>, -u<user> Targets quota domain governing only les owned by a specic user in the directory. --specic-group=<group>, -g<group> Targets quota domain governing only les owned by a specic group in the directory. --default-user Targets a default user quota domain. --default-group Targets a default group quota domain.
--pretend
227
--snaps=<boolean> Targets either quota domains using snapshot or ones that do not. Note: You cannot add snapshot tracking to an existing quota domain. You must create a new one using this option. Quota domains with snapshot tracking can exist alongside domains without snapshot tracking on the same path. --governs-user=<user> Targets quota domains governing les owned by the specied user. Does not include --directory quota domains. --governs-group=<group> Targets quota domains governing les owned by the specied group. Does not include --directory quota domains. --recurse-path=<ifs-directory> Targets quota domains dened on the specied path or any subdirectories. --recurse-path-up=ifs-directory, --governs-path=ifs-directory Targets quota domains dened on the specied path or any parent directories. --has-thresholds Targets quota domains with threshold limits dened. --has-<value>-threshold Targets quota domains with specied threshold limit. The following values are valid: hard soft advisory
--is-threshold-exceeded Targets quota domains that have exceeded their threshold usage. --is-<value>-threshold-exceeded Targets quota domains that have exceeded their specied threshold usage. The following values are valid: hard soft advisory
--is-[not-]expired Targets either quota domains with expired grace periods or domains whose grace periods have not expired yet. --is-[not-]linked Targets either quota domains that are linked to a default quota domain or ones that are not. --with-[no-]overhead Targets either quota domains whose threshold values include le data overhead or ones that do not. --unlink-from-default Unlinks a user or quota domain from its default quota domain for manual management instead of automatic management. --clear-thresholds Removes all threshold limits from the specied quota domains.
228
--clear-<value>-threshold Remove specic threshold limits from the specied quota domains. The following values are valid: hard soft advisory
--include-[no-]overhead Species whether or not threshold limits include le data overhead. container=<boolean> Displays usage information for this quota domain as a separate volume from the network share that it is on. --clone-from <Filter> Sets quota domain to the same settings as the specied quota domain. Specify <Filter> as one or more quota identication parameters such as --path, --specic-group and --default-user. Filters must match only one quota domain in order to be valid. --<value>-threshold=<capacity> Species hard or advisory threshold limits for the given quota domain. Valid <values> are hard and advisory. Specify<capacity> in form <real>[k|m|g|t|p][b] where kb, mb, gb, tb, and pb stand for kilobytes, megabytes, gigabytes, terabytes, and petabytes, respectively. These sufxes are not case sensitive, and the 'b' is always optional. A sufx of 'b', or no sufx, indicates bytes. --soft-threshold=<capacity>, --soft-grace=duration Species soft threshold limit and grace period for the given quota domain. These two options must be used together. Specify <capacity> in form <real>[k|m|g|t|p][b] where kb, mb, gb, tb, and pb stand for kilobytes, megabytes, gigabytes, terabytes, and petabytes, respectively. These sufxes are not case sensitive, and the 'b' is always optional. A sufx of 'b', or no sufx, indicates bytes. --enforcement, --accounting Specify whether or not a given quota domain will enforce usage limits. These two options are mutually exclusive. --link-to-default Restores the default quota link on a previously unlinked domain. --restore-notify-to-global-defaults Clear a quota domain's notication rules and restore it to the global default rules. --reset-notify-state Resets recorded threshold violation times for the specied quota domains. --clear-notify-<value>-threshold <notify_conditions> <notify_actions> Clears the specied threshold limits for a given quota domain. The following values are valid: hard soft advisory
--notify-for-<value>-threshold <notify_conditions> <notify_actions> Set notication for threshold violations of the specied type for a given quota domain. The following values are valid: hard
229
soft advisory
<Notify_Conditions> Species notication conditions for the --notify-for option. The following conditions are valid: --notify-on-denied-write-once-per=<duration> Sends notication for each time a le write is denied on a full quota, but don't notify more than once in the specied duration. Specify <duration> in form: <integer>[m|h|d|w] where m, h, d, and w stand for minutes, hours, days and weeks, respectively. If a sufx is not specied, the duration is in seconds. --notify-on-threshold-exceeded-once-per=<duration> Sends notication for each threshold violation on a quota, but does not notify more than once in the specied duration. Specify <duration> in form: <integer>[m|h|d|w] where m, h, d, and w stand for minutes, hours, days and weeks, respectively. If a sufx is not specied, the duration is in seconds. --notify-while-expired=[<recurrence>] Sends notication on the specied recurrence while over the soft threshold limit and once the grace period has expired. When specifying recurrence values, an empty argument clears the setting. Specify <recurrence> in natural-language format, such as "every Tuesday at 3:00". --notify-while-over=[<recurrence>] Sends notication on the specied recurrence while over the threshold limit. When specifying recurrence values, an empty argument clears the setting. Specify <recurrence> in natural-language format, such as "every Tuesday at 3:00". --notify-while-over-not-expired=[<recurrence>] Sends notication on the specied recurrence while over the soft threshold limit but before the grace period has expired. When specifying recurrence values, an empty argument clears the setting. Specify <recurrence> in natural-language format, such as "every Tuesday at 3:00". <Notify_Actions> Species notication actions for the --clear-notify and --notify-for options. The following actions are valid: --clear-notify-action Clear all existing notication actions. This option is an alternative to other notication actions and cannot be used in combination with them. --notify-alert Noties by generating a system alert. --notify-email-to=<email> Noties by emailing the specied email address. --notify-email-to-owner Noties by emailing the owner of the quota domain. Examples To clear all thresholds on existing quotas, run the following command: isi quota modify --has-thresholds --clear-thresholds The system displays output similar to the following example: !! This operation will modify 3 quota domains, Are you sure you wish !! to save these changes? (yes, [no])
230
If no is specied, the system displays output similar to the following example: !! modify command failed: Cancelled modify The following command sets the current quota settings for user "root" on /ifs/home/ to be the default settings for all users: isi quota modify --path=/ifs/home --default-user --clone-from --path=/ifs/home --specific-user=root
isi quota reporting make-on-demand

The isi quota reporting make-on-demand creates an on-demand report. Syntax isi quota reporting make-on-demand Options There are no options for this command. Examples To create a report, run the following command: isi quota reporting make-on-demand Note: You can view this report on the SmartQuotas Reports page of the Isilon web administration interface.
isi quota reporting set

The isi quota reporting set command changes the quota conguration settings. Syntax isi quota reporting set [--report-dir=<ifs-directory>] [--report-schedule=<recurrence>] [--report-retain=<number>] [--on-demaind-dir=<ifs-directory>] [--on-demand-retain=<number>] Options --report-dir=<ifs-directory> Species the directory to store scheduled reports in. --report-schedule=<recurrence> Species the schedule for generating reports. Specify <recurrence> in natural-language format, such as "every Tuesday at 3:00". --report-retain=<number> Species the number of scheduled reports to retain. The default value is 10. --on-demand-dir=<ifs-directory> Species the directory for storing on-demand reports.
231
--on-demand-retain=<number> Species the number of on-demand reports to retain. Examples The following command generates reports at 4:00pm on Wednesdays, sends those reports to /ifs/home/reports, and keeps no more than 20 of those reports: isi quota reporting set --report-schedule="every Wednesday at 4:00pm" --report-retain=20 --report-dir=/ifs/home/reports The system displays output similar to the following example: Setting 'report_dir' to '/ifs/home/reports' Setting 'report_schedule' to 'every Tuesday at 4:00pm' Setting 'report_retain' to '20' Saving Quota Configuration
isi quota reporting show

The isi quota reporting show command displays quota report settings. Syntax isi quota reporting show Options There are no options for this command. Examples To view all quota report settings, run the following command: isi quota reporting show The system displays output similar to the following example: Quota Configuration Reporting Settings: Scheduled reports schedule: every Tuesday at 4:00pm Scheduled reports directory: /ifs/home/reports Scheduled reports count: 400 On-demand reports directory: /ifs/.isilon/smartquotas/reports On-demand reports count: 10
232
isi quota reporting stop-reports

The isi quota reporting stop-reports command clears the report schedule and schedules no further reports. Syntax isi quota reporting stop-report Options There are no options for this command. Examples To clear your report schedule and schedule no further reports, run the following command: isi quota reporting stop-reports The system displays output similar to the following example: Scheduled reports have been stopped.
isi readonly off

The isi readonly off command removes nodes from read-only mode. Note: This command only clears any user-specied requests for read-only mode. If the node has been placed into read-only mode by the system, it will remain in read-only mode until the conditions which triggered read-only mode have cleared. Syntax isi readonly off [--verbose] [--nodes=<Nodes>] Options If no options are specied, the local node is removed from read-only mode. --verbose, -v Displays verbose output. --nodes=<Nodes>, -n<Nodes> Species nodes to remove from read-only mode. The following values are valid: all * <int> <int>-<int>
Multiple values can be specied in a comma-separated list.
233
OneFS Command Reference Examples To remove all nodes from read-only mode, run the following command: isi readonly off --nodes=all
isi readonly on
The isi readonly on command sets nodes to read-only mode. Note: If read-only mode is currently disallowed for this node, it will remain read/write until read-only mode is allowed again. Syntax isi readonly on [--verbose] [--nodes=<Nodes>] Options If no options are specied, the local node is set to read-only mode. --verbose, -v Displays verbose output. --nodes=<Nodes>, -n<Nodes> Species nodes to apply read-only settings to. The following values are valid: all * <int> <int>-<int>
Multiple values can be specied in a comma-separated list. Examples To set all nodes to read-only mode, run the following command: isi readonly on --nodes=all If successful, the system displays output similar to the following example: Read-only changes committed successfully
isi readonly show

The isi readonly show command displays a list of read-only settings for the cluster. Syntax isi readonly show
234
OneFS Command Reference Options There are no options for this command. Examples To view current read-only settings for the cluster, run the following command: isi readonly show The system displays output similar to the following example: node ---1 2 3 mode -----------read/write read/write read-only status ---------------------------------------------user-ui
isi services
The isi services command displays a list of system services. Syntax isi services [-l] [-a] [<Service> {enable|disable}] Examples If no options are specied, displays all services whose states it is safe to change by using the <Service> {enable|disable} options. This is the same as specifying the -l option. -l Displays all services whose states it is safe to change by using the <Service> {enable|disable} options. -a Displays all services. <Service> {enable|disable} Enables or disables the specied <Service>.
! Caution: Do not change the states of services that are not displayed by the -l option unless
directed by Isilon support. Examples To disable SMB service, run the following command: isi services smb disable If successful, the system displays output similar to the following example: The service 'smb' has been disabled. To view a list of commands that can be safely disabled and enabled using the isi services command, run the following command: isi services
235
The system displays output similar to the following example: Available Services: apache2 isi_iscsi_d isi_migrate isi_sasphymon isi_smartquotas isi_upgrade_d isi_vc_d nbns ndmpd nfs pcnfsd smb smbtime snmpd sshd telnetd vsftpd Apache2 Web Server iSCSI target Daemon SyncIQ Service SAS PHY Monitor Daemon SmartQuotas Service Upgrade Daemon The Isilon for vCenter Job Daemon NetBIOS Name Service Network Data Management Protocol Daemon NFS Server PC NFS Server SMB Service Windows Time Service SNMP server Secure Shell Server Telnet Server VSFTPD server Enabled Enabled Enabled Enabled Enabled Disabled Disabled Disabled Disabled Enabled Disabled Enabled Enabled Enabled Enabled Disabled Disabled
isi set
The isi set command adjusts the protection policies of les, or explicitly restripes. Syntax Note: Optional parameters must be specied before the required argument <Path>. isi set [-f] [-F] [-v] [-R] {-r [-g <RestripeGoal>] | -n | -p <Policy> | -w <Width> |-c <value> | -e <Encoding> | {{-d <@r drives> | -a <value>}... | -l <value>} |--diskpool <value> | -A <value> | -P <value> | --strategy <value>}... <Path> Options You must specify exactly one action. Specify an action using one of the following parameters: -r -n -p -w -c -g -e -d -a -l --diskpool -A -P --strategy
236
-f Suppresses warnings on failures to change a le. -F Does not display warning messages related to manual protection and access. Also, does not skip the /ifs/.ifsvar directory content and any of its subdirectories (if included in specied <Path>). -v Displays each le as it is reached. -R Applies the actions specied by other options to all subdirectories and les on the specied path. -r Executes a restripe. -g <RestripeGoal> Species the restripe goal. The following values are valid: rebalance repair reprotect retune
The default is rebalance. -n Displays the list of les that would be changed without taking any action. [-p <Policy>] Species protection policies. The following forms are valid: +<M> Where M is the number of node failures that can be tolerated without loss of data. M must be a number between one and four. In this case, the number of drive failures that can be tolerated is the same as the number of node failures that can be tolerated. +<D>:<M> Where D is the number of drive failures and M is the number of node failures that can be tolerated without loss of data. D must be a number between one and four and M can be either 0 or any value that divides into D evenly. <N>x Where N is the number of independent copies of the data are stored. N must be a number between one and eight.
-w <Width> Species the number of nodes across which a le is striped. Typically, this number is equal to the number of node failures that can be tolerated without loss of data plus the number of independent copies of the data that will be stored (w = N + M). However, width can also be equal to the total number of nodes that are used. Note: The maximum width policy is 32, but the actual protection will still be subject to the limitations of how many independent copies are stored and how many node failures can be tolerated. -c <value> Species whether SmartCache is enabled (also known as write coalescing). Valid values are on and off.
237
Note: Enabling SmartCache can accelerate the process of writing content to the cluster, but can also lead to data loss if a node loses power or crashes while uncommitted data is in the write cache. -e <Encoding> Species the encoding of lenames. The following table lists the possible encodings and their respective valid values: Valid Value cp932 cp949 cp1252 euc-kr euc-jp euc-jp-ms utf-8-mac utf-8 iso-8859-1 iso-8859-2 iso-8859-3 iso-8859-4 iso-8859-5 iso-8859-6 iso-8859-7 iso-8859-8 iso-8859-9 iso-8859-10 iso-8859-13 iso-8859-14 iso-8859-15 iso-8859-16 Encoding Windows-SJIS Windows-949 Windows-1252 EUC-KR EUC-JP EUC-JP-MS UTF-8-MAC UTF-8 ISO-8859-1 (Latin-1) ISO-8859-2 (Latin-2) ISO-8859-3 (Latin-3) ISO-8859-4 (Latin-4) ISO-8859-5 (Cyrillic) ISO-8859-6 (Arabic) ISO-8859-7 (Greek) ISO-8859-8 (Hebrew) ISO-8859-9 (Latin-5) ISO-8859-10 (Latin-6) ISO-8859-13 (Latin-7) ISO-8859-14 (Latin-8) ISO-8859-15 (Latin-9) ISO-8859-16 (Latin-10)
-d <@r drives> Species the minimum number of drives that the le is spread across. -a <value> Species what prefetch is optimized for. The following are valid values: default disabled random
238
streaming custom1 custom2 custom3 custom4 custom5
The prefetch optimizations custom1-5 can be set using sysctl isi.access. -l <value> Species what the le layout system is optimized for. This is equivalent to setting both the -a and -d options. The following are valid values: concurrency: Same as -a=default -d=0 random: Same as -a=random -d=0 streaming: Same as -a=streaming -d=15
--diskpool <value> Sets the le's preferred diskpool. -A <value> Determines whether the le manages its access settings manually or inherits values from the applicable pool policy. Valid values are on and off. -P <value> Determines whether the le manages its protection settings manually or inherits values from the applicable pool policy. Valid values are on and off. --strategy <value> Sets the le's solid-state drive (SSD) strategy. The following values are valid: avoid SSD storage is not used in storing les' data and metadata, unless avoiding SSD storage would cause an out of space condition. data If possible, SSD storage is used in storing les' metadata and user data (one copy if using mirrored protection, all blocks if using FEC). metadata If possible, one mirror of les' metadata is laid out on SSD storage, but SSD storage is still not used for user data. <Path> Required. Species either the le path or directory to perform changes on. Examples The following command sets that 2 node failures can happen before there is a loss of data on /ifs/data and all of its les and subdirectories: isi set -R -v -p +2 /ifs/data The system displays output similar to the following example: /ifs/data /ifs/data/new/ubuntu-11.04-desktop-i386.iso
239
/ifs/data/Isilon_Support/SupportIQ/upload/alerts /ifs/data/Isilon_Support/SupportIQ/upload/ftp /ifs/data/Isilon_Support/SupportIQ/upload/ftp-keep /ifs/data/Isilon_Support/SupportIQ/upload/tmp /ifs/data/Isilon_Support/SupportIQ/upload/web /ifs/data/Isilon_Support/SupportIQ/upload /ifs/data/Isilon_Support/SupportIQ /ifs/data/Isilon_Support /ifs/data/new The following command optimizes prefetch for streaming in /ifs/data/ and all of its les and subdirectories: isi set -R -v -a streaming /ifs/data The following command enables SmartCache for /ifs/data/ and all of its les and subdirectories: isi set -R -c on /ifs/data/
isi smartlock
The isi smartlock command is an alias of the isi worm command. For information about a particular sub-command, see the equivalent isi worm sub-command reference topic.
isi smartpools process

Applies the SmartPools le pool policy to les and directories. To congure the SmartPools le pool policy, use the SmartPools > File Pool Policies page in the Isilon web administration interface. Syntax isi smartpools process --path=<Path> [--recurse] [--stats] [--verbose] [--nop] [--don't-restripe] [--quiet] Options --path=<Path>, -p=<Path> Required. Species the path to the le or directory to process. --recurse, -r If --path option species a directory, processes all les and sub-directories of that directory. --stats, -s Displays statistics on the les processed. --verbose, -v Displays both statistics on the les processed and the conguration settings that are being applied. --nop, -n Calculates the specied settings without actually applying them. This option is best used with the -v or -s option. --don't-restripe, -d Changes the per-le policies without restriping the le. --quiet, -q Suppresses any warning messages about running the command.
240
OneFS Command Reference Examples The following command displays both statistics on the les that would be processed and the conguration settings that would be applied to /ifs/home without actually making the changes. isi smartpools process --path=/ifs/home/ -n -v The system displays output similar to the following example: Processing file /ifs/home Protection Level is DiskPool minimum Layout policy is concurrent access coalescer_enabled is true data_affinity is 3 data SSD strategy is metadata snapshot_affinity is 3 snapshot SSD strategy is metadata New File Attributes Protection Level is DiskPool minimum Layout policy is concurrent access coalescer_enabled is true data_affinity is 3 data SSD strategy is metadata snapshot_affinity is 3 snapshot SSD strategy is metadata {'default' : {'Policy Number': -2, 'Files matched': {'head':0, 'snapshot': 0}, 'Directories matched': {'head':1, 'snapshot': 0}, 'ADS containers matched': {'head':0, 'snapshot': 0}, 'ADS streams matched': {'head':0, 'snapshot': 0}, 'Access changes skipped': 0, 'Protection changes skipped': 0, 'File creation templates matched': 1, 'File data placed on HDDs': {'head':0, 'snapshot': 0}, 'File data placed on SSDs': {'head':0, 'snapshot': 0}}, 'system': {'Policy Number': -1, 'Files matched': {'head':0, 'snapshot': 0}, 'Directories matched': {'head':0, 'snapshot': 0}, 'ADS containers matched': {'head':0, 'snapshot': 0}, 'ADS streams matched': {'head':0, 'snapshot': 0}, 'Access changes skipped': 0, 'Protection changes skipped': 0, 'File creation templates matched': 0, 'File data placed on HDDs': {'head':0, 'snapshot': 0}, 'File data placed on SSDs': {'head':0, 'snapshot': 0}}, }
isi smb config global list

The isi smb config global list command displays a list of global conguration parameters. Syntax isi smb config global list [--audit-fileshare] [--audit-global-sacl-failure] [--audit-global-sacl-success] [--audit-logon] [--dot-snap-accessible-child] [--dot-snap-accessible-root] [--dot-snap-visible-child]
241
OneFS Command Reference [--dot-snap-visible-root] [--enable-security-signatures] [--guest-user] [--host-acl] [--onefs-cpu-multiplier] [--onefs-num-workers] [--require-security-signatures] [--security-mode] [--server-string] [--smb2-client-credit-limit] [--smb2-client-credit-start] [--smb2-global-credit-limit] [--srv-cpu-multiplier] [--srv-num-workers] [--support-smb2] [--verbose] Options If no options are specied, all parameters are displayed. --audit-leshare Displays control settings for logging of leshare audit events. --audit-global-sacl-failure Displays the global SACL controlling SMB le auditing. --audit-global-sacl-success Displays the global SACL controlling SMB le auditing. --audit-logon Displays controls for logging of logon audit events. --dot-snap-accessible-child Displays whether .snapshot directory is accessible in subdirectories under the root of the share. --dot-snap-accessible-root Displays whether the .snapshot directory is accessible at the root of the share. --dot-snap-visible-child Displays whether .snapshot directory is visible in subdirectories under the root of the share. --dot-snap-visible-root Displays whether .snapshot directory is visible at the root of the share. --enable-security-signatures Displays whether all packets are signed. --guest-user Displays the user that guest access is done by. The username should belong to a fully qualied user. --host-acl Host based access. --onefs-cpu-multiplier Displays the number of OneFS worker threads congured based on the number of CPUs. --onefs-num-workers Displays the number of OneFS worker threads that are allowed to be congured. If set to 0, the number of OneFS workers will be OnefsCpuMultiplier * Num of CPUs. --require-security-signatures Displays whether packets are packets are required to be signed. --security-mode Displays whether anonymous access is allowed or if users are required to be authenticated. --server-string Displays a description of the server. --smb2-client-credit-limit Displays the maximum number of credits granted to a single SMB2 client.
242
--smb2-client-credit-start Displays the maximum initial number of credits granted to a single SMB client. Note: This limit can increase up to the number specied by the --smb2-client-credit-limit parameter. --smb2-global-credit-limit Displays the maximum number of credits granted to all SMB2 clients. --srv-cpu-multiplier Displays whether the number of SRV worker threads is congured based on the number of CPUs. --srv-num-workers Displays the number of SRV worker threads. If set to 0, the number of SRV workers is equal to the <SrvCpuMultiplier> * Number of CPUs. --support-smb2 Displays whether SMB2 communication is allowed. --verbose, -v Displays explanations of parameters alongside their values. Examples To view all current global conguration parameter settings, run the following command: isi smb config global list The system displays output similar to the following example: audit-fileshare = none audit-global-sacl-failure = none audit-global-sacl-success = none audit-logon = all dot-snap-accessible-child = true dot-snap-accessible-root = true dot-snap-visible-child = false dot-snap-visible-root = true enable-security-signatures = false guest-user = nobody host-acl = onefs-cpu-multiplier = 1 onefs-num-workers = 0 require-security-signatures = false security-mode = user server-string = Isilon Server smb2-client-credit-limit = 128 smb2-client-credit-start = 16 smb2-global-credit-limit = 25000 srv-cpu-multiplier = 4 srv-num-workers = 0 support-smb2 = true To view explanations of global conguration parameters alongside their values, run the following command: isi smb config global list -v The system displays output similar to the following example: audit-fileshare = none (default: none) Controls logging of fileshare audit event. The acceptable values are all, success, failure, and none audit-global-sacl-failure = none (default: none) Global SACL controlling SMB
243
file auditing audit-global-sacl-success = none (default: none) Global SACL controlling SMB file auditing audit-logon = all (default: all) Controls logging of logon audit event. The acceptable values are all, success, failure, and none dot-snap-accessible-child = true (default: true) Allows .snapshot directory to be accessible in subdirectories under the root of the share dot-snap-accessible-root = true (default: true) Allows .snapshot directory to be accessible at the root of the share dot-snap-visible-child = false (default: false) Allows .snapshot directory to be visible in subdirectories under the root of the share dot-snap-visible-root = true (default: true) Allows .snapshot directory to be visible at the root of the share enable-security-signatures = false (default: false) Sign all packets guest-user = nobody (default: nobody) Guest access is done as this user. This should be a fully qualified user name host-acl = (default: ) Host based access onefs-cpu-multiplier = 1 (default: 1) Allow configuring the number of onefs worker threads based on the number of CPUs onefs-num-workers = 0 (default: 0) Allow configuring the number of onefs worker threads; If this is 0, the no: of onefs workers will be OnefsCpuMultiplier * Num of CPUs require-security-signatures = false (default: false) Require packets to be signed security-mode = user (default: anonymous) Allow anonymous access or require authenticate users server-string = Isilon Server (default: Isilon Server) Description of the server smb2-client-credit-limit = 128 (default: 128) Allow configuring the maximum number of credits granted to a single SMB2 client smb2-client-credit-start = 16 (default: 16) Allow configuring the maximum initial number of credits granted to a single SMB2 client smb2-global-credit-limit = 25000 (default: 25000) Allow configuring the maximum number of credits granted to all SMB2 clients srv-cpu-multiplier = 4 (default: 4) Allow configuring the number of SRV worker threads based on the number of CPUs srv-num-workers = 0 (default: 0) Allow configuring the number of SRV worker threads; If this is 0, the no: of SRV workers will be SrvCpuMultiplier * Num of CPUs support-smb2 = true (default: true) Allow SMB2 communication
isi smb config global modify

The isi smb config global modify command modies global conguration parameters. Syntax isi | | | | | | | | | | | smb config global modify {--audit-fileshare=<string> --audit-global-sacl-failure=<string> --audit-global-sacl-success=<string> | --audit-logon=<string> --dot-snap-accessible-child=<boolean> --dot-snap-accessible-root=<boolean> --dot-snap-visible-child=<boolean> | --dot-snap-visible-root=<boolean> --enable-security-signatures=<boolean> | --guest-user=<string> --host-acl=<string> | --onefs-cpu-multiplier=<number> --onefs-num-workers=<number> | --require-security-signatures=<boolean> --security-mode=<string> | --server-string=<string> --smb2-client-credit-limit=<number> --smb2-client-credit-start=<number>
244
OneFS Command Reference | --smb2-global-credit-limit=<number> | --srv-cpu-multiplier=<number> | --srv-num-workers=<number> | --support-smb2=<boolean>}... Options You must specify at least one global conguration. Specify one or more global congurations using the following options: --audit-leshare --audit-global-sacl-failure --audit-global-sacl-success --audit-logon --dot-snap-accessible-child --dot-snap-accessible-root --dot-snap-visible-child --dot-snap-visible-root --enable-security-signatures --guest-user --host-acl --onefs-cpu-multiplier --onefs-num-workers --require-security-signatures --security-mode --server-string --smb2-client-credit-limit --smb2-client-credit-start --smb2-global-credit-limit --srv-cpu-multiplier --srv-num-workers --support-smb2
--audit-leshare=<string> Determines which leshare audit events are logged. The following values are valid: all failure none success --audit-global-sacl-failure=<string> Determines the global SACL that controls SMB le auditing. --audit-global-sacl-success=<string> Determines the global SACL controlling SMB le auditing. --audit-logon=<string> Species which logon audit events are logged. The following values are valid: all failure none
245
success --dot-snap-accessible-child=<boolean> Determines whether the .snapshot directory is accessible in subdirectories under the root of the share. --dot-snap-accessible-root=<boolean> Determines whether the .snapshot directory is accessible at the root of the share. --dot-snap-visible-child=<boolean> Determines whether the .snapshot directory is visible in subdirectories under the root of the share. --dot-snap-visible-root=<boolean> Determines whether the .snapshot directory is visible at the root of the share. --enable-security-signatures=<boolean> Determines whether all packets are signed. --guest-user=<string> Species the user that guest access is done by. The username should belong to a fully qualied user. --host-acl=<string> Host based access. --onefs-cpu-multiplier=<number> Species the multiplier used to determine the number of OneFS worker threads congured based on the number of CPUs. --onefs-num-workers=<numbers> Determines the number of OneFS worker threads. If set to 0, the number of OneFS worker threads is equal to the number of CPUs times the onefs-cpu-multiplier --require-security-signatures=<boolean> Determines whether packets are required to be signed. --security-mode=<boolean> Determines whether anonymous access is allowed or if users are required to be authenticated. --server-string=<string> Species a description of the server. --smb2-client-credit-limit=<number> Determines the maximum number of credits granted to a single SMB2 client. Valid values are numbers between 1 and 1024. --smb2-client-credit-start=<number> Determines the initial maximum number of credits granted to a single SMB client. Valid values are numbers between 1 and 32. Note: The maximum number of credits granted to a single SMB client can increase up to the number specied by the --smb2-client-credit-limit parameter. --smb2-global-credit-limit=<number> Determines the maximum number of credits granted to all SMB2 clients. Valid values are numbers between 1 and 3200000. --srv-cpu-multiplier=<number> Species the multiplier used to determine the number of SRV worker threads based on the number of CPUs. --srv-num-workers=<number>
246
Determines the number of SRV worker threads. If set to 0, the number of SRV worker threads is equal to the number of CPUs times the srv-cpu-multiplier. --support-smb2=<boolean> Determines whether SMB2 communication is allowed. Examples The following command causes each SMB client to be given an initial maximum of 20 credits, and allows that maximum value to increase up to 100: isi smb config global modify --smb2-client-credit-start=20 --smb2-client-credit-limit=100
isi smb config global revert

The isi smb config global revert command reverts global congurations back to their default settings. Syntax isi | | | | | | | | | smb config global revert {--audit-fileshare --audit-global-sacl-failure | --audit-global-sacl-success --audit-logon | --dot-snap-accessible-child --dot-snap-accessible-root | --dot-snap-visible-child --dot-snap-visible-root | --enable-security-signatures | --guest-user --host-acl | --onefs-cpu-multiplier | --onefs-num-workers --require-security-signatures | --security-mode | --server-string --smb2-client-credit-limit | --smb2-client-credit-start --smb2-global-credit-limit | --srv-cpu-multiplier | --srv-num-workers --support-smb2}
Options You must specify at least one global conguration. Specify one or more global congurations using the following options: --audit-leshare --audit-global-sacl-failure --audit-global-sacl-success --audit-logon --dot-snap-accessible-child --dot-snap-accessible-root --dot-snap-visible-child --dot-snap-visible-root --enable-security-signatures --guest-user --host-acl --onefs-cpu-multiplier --onefs-num-workers --require-security-signatures --security-mode --server-string --smb2-client-credit-limit --smb2-client-credit-start
247
--smb2-global-credit-limit --srv-cpu-multiplier --srv-num-workers --support-smb2
--audit-leshare Reverts settings of controls for logging of leshare audit events back to the default settings. --audit-global-sacl-failure Reverts the global SACL that controls SMB le auditing back to the default SACL. --audit-global-sacl-success Reverts the global SACL controlling SMB le auditing back to the default SACL. --audit-logon Reverts settings of controls for logging of logon audit events back to the default settings. --dot-snap-accessible-child Reverts whether the .snapshot directory is accessible in subdirectories under the root of the share back to the default setting. --dot-snap-accessible-root Reverts whether the .snapshot directory is accessible at the root of the share back to the default setting. --dot-snap-visible-child Reverts whether the .snapshot directory is visible in subdirectories under the root of the share back to the default setting. --dot-snap-visible-root Reverts whether the .snapshot directory is visible at the root of the share back to the default setting. --enable-security-signatures Reverts whether all packets are signed back to the default setting. --guest-user Reverts the user that guest access is done by back to the original user. The username should belong to a fully qualied user. --host-acl Host based access. --onefs-cpu-multiplier Reverts the multiplier used to determine the number of OneFS worker threads congured based on the number of CPUs back to the default value. --onefs-num-workers Reverts the number of OneFS worker threads back to the default number. If set to 0, the number of OneFS worker threads is equal to the number of CPUs times the onefs-cpu-multiplier. --require-security-signatures Reverts whether packets are required to be signed back to the default setting. --security-mode Reverts whether anonymous access is allowed back to the default setting. --server-string Reverts the description of the server back to the default description. --smb2-client-credit-limit Reverts the maximum number of credits granted to a single SMB2 client back to the default value.
248
--smb2-client-credit-start Reverts the maximum initial number of credits granted to a single SMB client back to the default number. --smb2-global-credit-limit Reverts the maximum number of credits granted to all SMB2 clients back to the default value. --srv-cpu-multiplier Reverts the multiplier used to determine the number of SRV worker threads based on the number of CPUs back to the default number. --srv-num-workers Reverts the number of SRV worker threads back to the default number. If set to 0, the number of SRV worker threads is equal to the number of CPUs times the srv-cpu-multiplier. --support-smb2 Reverts whether SMB2 communication is allowed back to the default setting. Examples To revert the user that guest access is done by back to the original user, run the following command: isi smb config global revert --guest-user
isi smb config share list

The isi smb config share list command displays a list of share conguration parameters. Syntax isi smb config share list [--sharename=<string>] [--allow-delete-readonly=<boolean>] [--allow-execute-always=<boolean>] [--change-notify=<string>] [--create-permissions=<string>] [--directory-create-mask=<number>] [--directory-create-mode=<number>] [--file-create-mask=<number>] [--file-create-mode=<number>] [--hide-dot-files=<boolean>] [--impersonate-guest=<string>] [--impersonate-user=<string>] [--mangle-byte-start=<number>] [--mangle-map=<string>] [--ntfs-acl-support=<boolean>] [--oplocks=<boolean>] [--strict-flush=<boolean>] [--strict-locking=<boolean>] [--verbose] Options If no options are specied, the current default settings of conguration parameters are displayed. --sharename=<string>, -n<string> Displays parameter settings for specied share that differ from the current default settings. --allow-delete-readonly Displays whether readonly les are allowed to be deleted. --allow-execute-always Displays whether users that can read a le are allowed to execute the le. --change-notify Displays the current notify setting. --create-permissions Displays the current permissions applied to new le/directory creations.
249
--directory-create-mask Displays the mask bits that are applied during directory creation. --directory-create-mode Displays the mode bits that are applied during directory creation. --le-create-mask Displays the mask bits that are applied during le creation. --le-create-mode Displays the mode bits that are applied during le creation. --hide-dot-les Displays whether les that begin with a dot are hidden. --impersonate-guest Displays whether guest users are allowed to access a share. --impersonate-user Displays the user who all le access is performed as. --mangle-byte-start Displays the wchar_t starting point for automatic invalid byte mangling. --mangle-map Displays which wchar_t chars are arbitrarily mapped to other wchar_t chars. --ntfs-acl-support Displays whether ACLs are allowed to be stored and edited from SMB clients. --oplocks Displays whether oplock requests are responded to. If set to false, oplock requests are ignored. --strict-ush Displays whether ush requests are always honored. --strict-locking Displays whether byte range locks are able to contend against SMB I/O. --verbose Displays detailed information. Examples To view the settings of all global share conguration parameters isi smb config share list The system displays output similar to the following example: allow-delete-readonly = false allow-execute-always = false change-notify = all create-permissions = default acl directory-create-mask = 0700 directory-create-mode = 00 file-create-mask = 0700 file-create-mode = 0100 hide-dot-files = false impersonate-guest = never impersonate-user = mangle-byte-start = 0xed00 mangle-map = 0x01-0x1F:-1,0x22:-1,0x2A:-1,0x3A:-1,0x3C:-1,0x3E:-1,
250
0x3F:-1,0x5C:-1 ntfs-acl-support = true oplocks = true strict-flush = false strict-locking = false The following command displays for newShare that differ from the global settings: isi smb config share list --sharename=newShare The system displays output similar to the following example: allow-execute-always = true file-create-mode = 0400 oplocks = false
isi smb config share modify

The isi smb config share modify command modiers share conguration parameters. Syntax isi | | | | | | | | | smb config share modify {--sharename=<string> --allow-delete-readonly=<boolean> | --allow-execute-always=<boolean> --change-notify=<string> | --create-permissions=<string> --directory-create-mask=<number> | --directory-create-mode=<number> --file-create-mask=<number> | --file-create-mode=<number> --hide-dot-files=<boolean> | --impersonate-guest=<string> --impersonate-user=<string> | --mangle-byte-start=<number> --mangle-map=<string> | --ntfs-acl-support=<boolean> --oplocks=<boolean> | --strict-flush=<boolean> --strict-locking=<boolean>}...
Options You must specify at least one share conguration parameter. Specify one or more conguration parameters using the following options: --sharename --allow-delete-readonly --allow-execute-always --change-notify --create-permissions --directory-create-mask --directory-create-mode --le-create-mask --le-create-mode --hide-dot-les --impersonate-guest --impersonate-user --mangle-byte-start --mangle-map --ntfs-acl-support --oplocks
251
--strict-ush --strict-locking
--sharename=<string>, -n<string> Modies parameter on specied share only. If not specied, the current default settings are modied. --allow-delete-readonly=<boolean> Determines whether read-only les are allowed to be deleted. --allow-execute-always=<boolean> Determines whether users that can read a le are allowed to execute the le. --change-notify=<string> Species the notify setting. The following values are valid: all norecurse: Only for les on the given directory, does not include subdirectories. none
The default setting is all. --create-permissions=<string> Species the current permissions applied to new le or directory creations. The following values are valid: "default acl": Uses default acl. "inherit mode bits": Uses default UNIX mode bits. "use create mask and mode": Overrides default with "--directory-create..." and "--le-create..." parameter settings.
The default setting is default acl. --directory-create-mask=<number> Species mask 1 bits that are applied during directory creation. The default value is 0700. --directory-create-mode=<number> Species mode 0 bits that are applied during directory creation. The default value is 00. --le-create-mask=<number> Species the mask bits that are applied during le creation. The default value is 0700. --le-create-mode=<number> Species the mode bits that are applied during le creation. The default value is 0100. --hide-dot-les=<boolean> Determines whether les that begin with a dot are hidden. --impersonate-guest=<string> Determines whether guest users are allowed to access a share. The following values are valid: "always": All users are logged in as the guest user. "bad user": Any unrecognized users are logged in as the guest user. "never": Any unrecognized users are rejected.
--impersonate-user=<string> Logs in all users as the specied user. This name should be a fully qualied user name. --mangle-byte-start=<number>
252
Species the starting point for automatic invalid byte mangling. Species the wchar_t starting point for automatic invalid byte mangling. --mangle-map=<string> Maps characters that are valid in OneFS but not SMB names. Specify in the form <ASCII_value_a>:<ASCII_value_b> (where a is mapped to b). --ntfs-acl-support=<boolean> Determines whether ACLs are allowed to be stored and edited from SMB clients. --oplocks=<boolean> Determines whether oplock requests are responded to. If set to false, oplock requests are ignored. --strict-ush=<boolean> Determines whether ush requests are always honored. --strict-locking=<boolean> Determines whether byte range locks are able to contend against SMB I/O. Examples The following command causes all oplock requests to be ignored on all shares, unless otherwise specied: isi smb config share modify --oplocks=false After the previous command is run, the following command allows oplock requests to be honored on newShare, while the other shares continue to ignore the requests: isi smb config share modify --share_name=newShare --oplocks=true The following command causes ush requests to always be honored on newShare: isi smb config share modify --share_name=newShare --strict-flush=true
isi smb config share revert

The isi smb config share revert command reverts share conguration parameters back to their original settings. Syntax isi | | | | | | | | | smb configuration share revert {--sharename=<string> --allow-delete-readonly=<boolean> | --allow-execute-always=<boolean> --change-notify=<string> | --create-permissions=<string> --directory-create-mask=<number> | --directory-create-mode=<number> --file-create-mask=<number> | --file-create-mode=<number> --hide-dot-files=<boolean> | --impersonate-guest=<string> --impersonate-user=<string> | --mangle-byte-start=<number> --mangle-map=<string> | --ntfs-acl-support=<boolean> --oplocks=<boolean> | --strict-flush=<boolean> --strict-locking=<boolean>}...
Options You must specify at least one share conguration parameter. Specify one or more conguration parameters using the following options:
--sharename --allow-delete-readonly --allow-execute-always
253
--change-notify --create-permissions --directory-create-mask --directory-create-mode --le-create-mask --le-create-mode --hide-dot-les --impersonate-guest --impersonate-user --mangle-byte-start --mangle-map --ntfs-acl-support --oplocks --strict-ush --strict-locking
--sharename=<string> Removes share-only parameter settings for specied share. If not specied, given default parameters are reverted back to their original settings. --allow-delete-readonly Reverts whether readonly les are allowed to be deleted back to the default setting. --allow-execute-always Reverts whether users that can read a le are allowed to execute the le back to the default setting. --change-notify Reverts notify setting back to the default setting. --create-permissions Reverts permissions applied to new le/directory creations back to the default setting. --directory-create-mask Reverts mask bits that are applied during directory creation back to the default setting. --directory-create-mode Reverts mode bits that are applied during directory creation back to the default setting. --le-create-mask Reverts the mask bits that are applied during le creation back to the default setting. --le-create-mode Reverts the mode bits that are applied during le creation back to the default setting. --hide-dot-les Reverts whether les that begin with a dot are hidden back to the default setting. --impersonate-guest Reverts whether guest users are allowed to access a share back to the default setting. --impersonate-user Reverts the user who all le access is performed as back to the default user. This name should be a fully qualied user name. --mangle-byte-start Reverts the wchar_t starting point for automatic invalid byte mangling back to the default starting point. --mangle-map
254
Reverts arbitrary maps between wchar_t chars back to the default maps. --ntfs-acl-support Reverts whether ACLs are allowed to be stored and edited from SMB clients back to the default setting. --oplocks Reverts whether oplock requests are responded to back to the default setting. --strict-ush Reverts whether ush requests are always honored back to the default setting. --strict-locking Reverts whether byte range locks are able to contend against SMB I/O back to the default setting. Examples To revert whether oplock requests are responded to back to the default setting on all shares, run the following command: isi smb configuration share revert --oplocks To revert whether ush requests are honored back to the default setting on all shares, run the following command: isi smb config share modify --share_name=newShare --strict-flush=true
isi smb file close

The isi smb file close command closes open les. Syntax isi smb file close --file-id=<number> Options --le-id=<number>, -I<number> Required. Species the ID of the le being deleted. Examples The following command deletes a le with an ID of 37527: isi smb file close --file-id=37527
isi smb file list

The isi smb file list command displays information on open les, including their le IDs. Syntax isi smb file list [--file-id=<number>] Options If no options are specied, information on all open les is displayed. --le-id=<number>, -I<number>
255
Species the name of the le being displayed. Examples To view a list of open les, run the following command: isi smb file list The system displays output similar to the following example: File [1] ID Pathname Username Number of locks Permissions File [2] ID Pathname Username Number of locks Permissions File [3] ID Pathname Username Number of locks Permissions :37543 :C:\ifs :DESKTOP\root :0 :0x1 :37541 :C:\ifs\README.txt :DESKTOP\root :0 :0x1 :37527 :C:\ifs :DESKTOP\root :0 :0x1
isi smb log-level

The isi smb log-level command displays and modies the log level. Syntax isi smb log-level [--set=<string>] Options If no options are specied, the current log level is displayed. --set=<string>, -s<string> The following values are valid (log levels are organized from least to most information): Note: Levels debug and higher log information that will most likely only be useful when consulting Isilon support. always error warning info verbose debug trace
256
OneFS Command Reference Examples To set the log level to debug, run the following command: isi smb log-level --set=debug
isi smb permission create

The isi smb permission create command creates permissions on a share. Syntax isi smb permission create --sharename=<string> {--sid=<string>| --account-name=<string> --account-type=<Account_Type>} --permission-type=<Permission_Type> --permission=<Permission> Options You must specify either the SID or name and type of the account that the permission is being created for. Specify either the SID or name and type of the account using the following parameters: --account-name and --account-type (must be specied together) --sid
If you are creating a run-as-root permission, the --permission option is required and must be set to run-as-root. In that case, the --permission-type parameter does not apply, because run-as-root permissions do not have permission types. --sharename=<string>, -n<string> Required. Species the name of the share the new permission is being created on. --sid=<string>, -s<string> Species the SID of the account. This option cannot be used with the --account-name option. --account-name=<string>, -a<string> Species the name of the account. The name must belong to a user or group. This option cannot be used with the --sid option. --account-type=<Account_Type>, -t<Account_Type> Required only when using the --account-name option. Species the type of the account. The following values are valid: builtin group user
--permission-type=<Permission_Type>, -d<Permission_Type> Required. Species the type of permission. Valid values are allow and deny. Note: If the <Permission> is run-as-root, the --permission-type parameter does not apply and is not required. --permission=<Permission>, -p<Permission> Required. Species what abilities the permission grants. The following values are valid (specifying a value will include both the ability described and all abilities that appear earlier in the list): 1. read: Includes the ability to read les 2. change: Includes the ability to modify existing les
257
3. full: Includes the ability to create les 4. run-as-root: Grants complete permission on the share (overrides restrictions set by other users). Note: run-as-root permissions can only be created or deleted. They cannot be modied. Examples The following command grants a user named "newUser" read permissions on ifs: isi smb permission create --sharename=ifs --account-name=newUser --account-type=user --permission-type=allow --permission=read The following command denies a group named "newGroup" full permissions on ifs: isi smb permission create --sharename=ifs --account-name=newGroup --account-type=group --permission-type=deny --permission=full The following command grants complete permission on ifs to the user rootUser: isi smb permission create --sharename=ifs --account-name=rootUser --account-type=user -permission=run-as-root
isi smb permission delete

The isi smb permission delete command deletes permissions. Syntax isi smb permission delete --sharename=<string> {--all | {--account-name=<string> --account-type=<AccountType>|--sid=<string>} {--permission-type=<PermissionType> [--permission=<Permission>] | --permission=run-as-root}} Options You must specify whether all permissions on the specied share are deleted or a permission for a specic account is deleted. Specify either a specic account or all accounts using the following parameters: --all --account-name and --account-type (must be specied together) --sid
If you are deleting a permission that is not a run-as-root permission, the --permission-type option is required and the --permission parameter is not required. This is because only one permission of each permission type can exist on a specic share for a specic user at a time. If you are deleting a run-as-root permission, the --permission option is required and must be set to run-as-root. In that case, the --permission-type parameter does not apply, because run-as-root permissions do not have permission types. --sharename=<string>, -n<string> Required. Species the name of the share the existing permission is being deleted on. --all Deletes all permissions on the given share. --account-name=<string>, -a<string>
258
Species the name of the account whose permission is being deleted. --account-type=<AccountType>, -t<AccountType> Required if specifying --account-name. Species the type of the account that the permission is being deleted on. The following values are valid: builtin group user
--sid=<string>, -s<string> Species SID of the account whose permission is being deleted. --permission-type=<PermissionType>, -d<PermissionType> Species the type of permission being deleted. Valid values are allow and deny. Note: If the <Permission> is run-as-root, the --permission-type parameter does not apply. --permission=<Permission>, -p<Permission> Species the permission being deleted. The following values are valid: Examples The following command deletes the allow read permission on ifs for newUser: isi smb permission delete --sharename=ifs --account-name=newUser --account-type=user --permission-type=allow --permission=read Note: The --permission parameter is present in this example, but is not required for this command to run. The following command deletes whatever deny permission exists on ifs for newUser: isi smb permission delete --sharename=ifs --account-name=newUser --account-type=user --permission-type=deny The following command deletes the run-as-root permission on ifs for newUser: isi smb permission delete --sharename=ifs --account-name=newUser --account-type=user --permission=run-as-root run-as-root full change read
isi smb permission list

The isi smb permission list command displays a list of existing permissions. Syntax isi smb permission list [--sharename=<string>]
259
OneFS Command Reference Options If no options are specied, all permissions are displayed. --sharename=<string>, -n<string> Displays list of permissions on specied share. Examples To view a list of existing permissions, run the following command: isi smb permission list The system displays output similar to the following example: SMB Share Permissions: Sharename: ifs Account newUser newGroup group
Acct Type User Group Group
Perm Type Allow Deny Deny
Permission Read Full Full
isi smb permission modify

The isi smb permission modify command modies existing permissions. Syntax isi smb permission modify --sharename=<string> {--account-name=<string> --account-type=<account-type> | --sid=<string>} --permission-type=<permission-type> --permission=<new_permission> Options You must specify either the SID or the account name and type of the permission using the following options: --sid --account-name and --account-type (must be used together)
--sharename=<string>, -n<string> Required. Species the name of the share that the existing permission is being modied on. --account-name=<string>, -a<string> Species the name of the account whose permission is being modied. --sid=<string>, -s<string> Species SID of the account whose permission is being modied. --account-type=<account-type>, -t<account-type> Required if specifying --account-name. Species the type of the account that the permission is being modied for. The following values are valid: builtin group user
--permission-type=<permission-type>, -d<permission-type> Required. Species the type of the permission being modied. Valid values are allow and deny. --permission=<new_permission>, -p<new_permission>
260
Required. Species what abilities the permission grants. The following values are valid (specifying a value will include both the ability described and all abilities that appear earlier in the list): 1. read: Includes the ability to read les 2. change: Includes the ability to modify existing les 3. full: Includes the ability to create les Examples The following command changes the existing allow permission for "newUser" to allow "newUser" to read, modify and create les: isi smb permission modify --sharename=ifs --account-name=newUser --account-type=user --permission-type=allow --permission=full Note: In an existing permission, only the --permission parameter can be modied.
isi smb session delete

The isi smb session delete command deletes a session. Syntax isi smb session delete --computer-name=<ComputerName> {--user-name=<UserName> | --force} Options You must specify whether to force the deletion of all sessions connected from the specied computer, or to delete only a specied user. Specify whether to delete all sessions from a computer or a specic user on the computer using one of the following parameters: --user-name --force
--computer-name=<ComputerName>, -C<ComputerName> Required. Species the machine to delete sessions on. --user-name=<UserName>, -U<UserName> Deletes session of this user (DOMAIN\username). --force, -f Forces delete of all sessions connected from the specied computer name. Examples The following command deletes a session for user DESKTOP\root on computer 192.168.7.201: isi smb session delete --computer-name=192.168.7.201 --user-name=DESKTOP\root The following command deletes all sessions on computer 192.168.7.201: isi smb session delete --computer-name=192.168.7.201 --force
261
isi smb session list

The isi smb session list command displays a list of existing sessions. Syntax isi smb session list [--computer-name=<string>] Options --computer-name=<string>, -C<string> Displays a list of sessions specic to this machine. Examples To view a list of existing sessions, run the following command: isi smb session list The system displays output similar to the following example: Session [1] Computer Username Client type Number of opens Active time Idle time Guest login Encryption :192.168.7.201 :DESKTOP\root :DOS LM 2.0 :3 :14 :0 :no :no
isi smb share create

The isi smb share create command creates a new SMB share. Syntax isi smb share create --sharename=<string> --path=<path> [--inheritable-acl=<string>] [--comment=<string>] [--csc-policy=<csc-policy] Options --sharename=<string>, -n<string> Required. Species the name of the new share. --path=<path>, -p<path> Required. Species the full path of the directory to be shared. --inheritable-acl=<string>, -i<string> Determines the optional "inheritable acl" value for the share path. Valid values are yes and no. --comment=<string>, -c<string> Species a description of the share. --csc-policy=<csc-policy>, -C<csc-policy> Species the optional Client Side Caching (CSC) policy for the share.
262
The following values are valid: manual: Enables clients to cache all les manually. documents: Enables clients to cache documents automatically. programs: Enables clients to cache both documents and programs automatically. none: Disables all le caching.
The default value is manual. Examples The following command creates a new SMB share called "newShare" for the /ifs directory: isi smb share create --sharename=newShare --path=/ifs
isi smb share delete

The isi smb share delete command deletes a share. Syntax isi smb share delete --sharename=<string> Options --sharename=<string>, -n<string> Required. Species the name of the share to delete. Examples The following command deletes a share called "newShare": isi smb share delete --sharename=newShare
isi smb share list

The isi smb share list command displays information on existing shares. Syntax isi smb share list [--verbose] [--sharename=<string>] Options If no options are specied, a list of all existing shares is displayed. --verbose, -v Displays information on shares, including the paths, comments and Client Side Caching (CSC) policies. --sharename=<string>, -n<string> Species a share name to display. Examples To view a list of detailed information on existing shares, run the following command:
263
isi smb share list --verbose The system displays output similar to the following example: SMB Shares: Name: Path: Comment: CSC policy: Name: Path: Comment: CSC policy: oldshare /ifs Isilon OneFS manual newshare /ifs/home none
isi smb share modify

The isi smb share modify command modies existing SMB shares. Syntax isi smb share modify --sharename=<string> {--name=<string> | --path=<path> | --comment=<string> | --csc-policy=<csc-policy>}... Options You must specify at least one share attribute to modify. Specify one or more share attributes using the following parameters: --name --path --comment --csc-policy
--sharename=<string>, -n<string> Required. Species the name of the share to modify. --name=<string>, -e<string> Species a new name for the share. --path=<path>, -p<path> Species the full path of the directory to be shared. --comment=<string> Species a description of the share. --csc-policy=<csc-policy>, -C<csc-policy> Species the optional client side caching policy for the share. The following values are valid: manual documents programs none
264
OneFS Command Reference Examples The following command changes the name of the share from "oldName" to "newName" isi smb share modify --sharename=oldName --name=newName The following command changes the client side caching policy on "newShare" to "documents" isi smb share modify --sharename=newShare --csc-policy=documents
isi snapshot alias

The isi snapshot alias command creates an alternate name for an existing snapshot. Syntax isi snapshot alias [--snapshot=]{<Name>|<ID>} [--alias=]<Name> Options --snapshot={<Name>|<ID>} Required. Species an existing snapshot by its name or ID. To view a list of existing snapshot IDs and names, run the following command: isi snapshot list -I. --alias=<Name>, -a<Name> Required. Species an alternate name for the snapshot. Examples The following command makes "FirstSnapshot" an alias of "snapshot1": isi snapshot alias snapshot1 FirstSnapshot
isi snapshot autocreate

The isi snapshot autocreate command enables or disables the automatic creation of scheduled snapshots. Syntax isi snapshot autocreate [[--value=]<Value>] Options If no options are specied, displays whether automatic creation of scheduled snapshots is enabled. --value=<Value>, -v<Value> Species whether snapshots can be taken automatically. Valid values are true or false. The default value is true. If disabled, scheduled snapshots will not be taken. Examples To enable snapshots to be taken automatically, run the following command: isi snapshot autocreate true
265
isi snapshot autodelete

The isi snapshot autodelete command determines whether snapshots are automatically deleted after their <Expiration> or <Duration>. Syntax isi snapshot autodelete [[--value=]<Value>] Options If no options are specied, this command displays the current autodelete setting. --value=<Value>, -v<Value> Species whether snapshots can be deleted automatically. Valid values are true or false. Examples To enable snapshots to be deleted automatically, run the following command: isi snapshot autodelete true
isi snapshot create

The isi snapshot create command creates snapshots. Syntax isi snapshot create [--name=]<string> [--path]=<AbsolutePath> [--alias=<string>] [{--duration=<Number><Time> | --expiration="<Date> [at <Time>]"}] Options --name=<string>, -n<string> Required. Sets the name of the snapshot. --path=<AbsolutePath>, -p<AbsolutePath> Required. Captures a snapshot of this directory. --alias=<string>, -a<string> Species an alternate name for the snapshot. --duration=<Number><Time>, -d<Number><Time> Species how long to keep a snapshot. The following values are vaild for <Time>: hour[s] day[s] week[s] month[s] year[s]
--expiration="<Date> [at <Time>]", -x"<Date> [at <Time>]" Species when the snapshot will expire. Specify <Date> in the following format: MM/DD/YYYY. Specify <Time> in the following format: HH:mm[{am|pm}]. The default time is 00:00. For example: --duration="01/01/2012 at 10:15am"
266
OneFS Command Reference Examples The following command creates a snapshot of the entire /ifs/ directory: isi snapshot create snapshot1 /ifs/ The following command creates a snapshot of the /ifs/data/ directory and keeps the snapshot for 3 days: isi snapshot create snapshot2 /ifs/data/ --expiration=3days The following command creates a snapshot of the /ifs/data/storage directory and deletes the snapshot at 12:00am on May 2, 2012: isi snapshot create newSnapshot3 /ifs/data/storage --duration="05/2/2012 at 12:00am"
isi snapshot delete

The isi snapshot delete command deletes an existing snapshot. Note: The disk space occupied by deleted snapshots is not available directly after the deletion of the snapshots; when snapshots are deleted, the space taken up by the snapshots is only queued to be cleared. Deleting a snapshot does not guarantee that all of the space occupied by that snapshot will be cleared, even after a long period of time. If there are snapshots older than the one being deleted, some of the data from that snapshot is probably still in use by other, older snapshots. Deleted snapshots cannot be accessed, even if the space they occupied is still unavailable.
Syntax
isi snapshot delete [--snapshot=]{<Name>|<ID>}... [--force] Options --snapshot={<Name>|<ID>} Required. Species the name or ID of the snapshot being deleted. This option can be specied multiple times. To view a list of existing snapshot IDs and names, run the following command: isi snapshot list -I. --force, -f Does not display the warning prompt for deleting snapshots. Examples The following command deletes a snapshot with an ID of 1: isi snapshot delete 1 The system displays output similar to the following example: Remove snapshot "1" ['yes', 'no'] ? Typing yes and pressing ENTER causes the system to display output similar to the following example: Snapshot(s) queued up for later deletion The following command deletes snapshot2 without the warning prompt: isi snapshot delete snapshot2 -f
267
The system displays output similar to the following example: Snapshot(s) queued up for later deletion
isi snapshot disable

The isi snapshot disable command does not allow snapshots to be taken. Syntax isi snapshot disable Options There are no options for this command. Examples To disable snapshots, run the following command: isi snapshot disable The system displays output similar to the following example: Disabling Snapshot will also disable all automatically scheduled creations and deletions Continue ['yes', 'no'] ? Typing yes and pressing ENTER causes the system to display output similar to the following example: Snapshots: Disable -> Enable
isi snapshot enable

The isi snapshot disable command allows snapshots to be taken. Syntax isi snapshot enable Options There are no options for this command. Examples To enable snapshots, run the following command: isi snapshot enable The system displays output similar to the following example: Snapshots: Disable -> Enable
268
isi snapshot list

The isi snapshot list command enables you to view a list of existing snapshots or snapshot details. Syntax isi snapshot list [[--snapshot=]{<Name>|<ID>}] [{--long |--showid | --schedule | --expiration}] Options If no options are specied, a list of existing snapshot names is displayed. --snapshot={<Name>|<ID>} Only displays information for the specied snapshot. This option can be specied multiple times in a single command. --long, -l Displays the IDs, lock statuses, sizes, creation dates, and paths of the snapshots. --showid, -I Displays the snapshot IDs. --schedule, -s Displays the lock statuses, schedules, creation dates, and paths of the snapshots. --expiration, -x Displays the lock statuses, creation dates, expiration dates, and paths of the snapshots. Examples To view all snapshot IDs, lock statuses, sizes, creation dates, and paths, run the following command: isi snapshot list -l The system displays output similar to the following example: Id Snapshot Lck Size Creation Date Path ---------------------------------------------------------------------1 snapshot1 (L) 624K 2011-05-24 19:04 /ifs/data 2 snapshot2 1.2M 2011-05-24 19:06 /ifs
isi snapshot lock create

The isi snapshot lock create command creates new snapshot locks. A locked snapshot cannot be deleted. No more than 16 locks can be applied to a single snapshot. Note: Isilon recommends that you do not lock snapshots and do not use this command. If the maximum number of locks on a snapshot is reached, some applications (such as SyncIQ) might not be able to function properly. Syntax isi snapshot lock create --snapshot={<Name>|<ID>} [{--duration=<Number><Time> | --expiration="<Date> [at <Time>]"}] [--comment=<string>]
269
OneFS Command Reference Options --snapshot={<Name>|<ID>} Required. Species the name or ID of the snapshot to lock. --duration=<Number><Time>, -d<Number><Time> Species how long to keep the snapshot locked. The following values are vaild for <Time>: hour[s] day[s] week[s] month[s] year[s]
--expiration="<Date> [at <Time>]", -x"<Date> [at <Time>]" Species when the snapshot lock will expire. Specify <Date> in the following format: MM/DD/YYYY. Specify <Time> in the following format: HH:mm[{am|pm}]. The default time is 00:00. For example: --duration="01/01/2012 at 10:15am" --comment=<string>, -c<string> Species an optional comment string for this lock. Examples The following command locks snapshot1 for an hour: isi snapshot lock create snapshot1 --duration=1hour --comment=backupLock
isi snapshot lock delete

The isi snapshot lock delete command deletes an existing snapshot lock. Syntax isi snapshot lock delete [--snapshot=]{<Name>|<ID>} [--lock=]<ID> Options --snapshot={<Name>|<ID>} Required. Species the name or ID of the snapshot that is locked. --lock=<ID> Required. Species the ID of the lock to delete. Examples The following command deletes a lock with an ID of 1 on snapshot1: isi snapshot lock delete snapshot1 1
270
isi snapshot lock list

The isi snapshot lock list command displays existing locks on snapshots. Syntax isi snapshot lock list [--snapshot=]{<Name>|<ID>} Options --snapshot={<Name>|<ID>} Required. Displays locks on the snapshot with the specied name or ID. Locks are displayed along with their scheduled expiration times. Examples The following command lists all locks on snapshot1 isi snapshot lock list snapshot1 The system displays output similar to the following example: 1 2 2011-05-24 21:35 backupLock 2011-05-24 21:46 syncIQ treewalk
isi snapshot lock modify

The isi snapshot lock modify command modies the <Duration> and <Expiration> of an existing snapshot lock. Syntax isi snapshot lock modify [--snapshot]={<Name>|<ID>} --lock=<ID> {--duration=<Number><Time> | --expiration="<Date> [at <Time>]"} Options You must set either a new duration or new expiration. Specify a new duration or expiration using one of the following parameters: --duration --expiration
--snapshot={<Name>|<ID>} Required. Species the name or ID of the snapshot that is locked. --lock=<ID> Required. Species the ID of the lock being modied. --duration=<Number><Time>, -d<Number><Time> Species how long to keep the snapshot locked. The following values are vaild for <Time>: hour[s] day[s] week[s]
271
month[s] year[s]
--expiration="<Date> [at <Time>]", -x"<Date> [at <Time>]" Species when the snapshot lock will expire. Specify <Date> in the following format: MM/DD/YYYY. Specify <Time> in the following format: HH:mm[{am|pm}]. The default time is 00:00. For example: --duration="01/01/2012 at 10:15am" Examples The following command causes lock 2 on snapshot1 to expire in 3 days: isi snapshot lock modify snapshot1 --lock=2 --expiration=3days
isi snapshot modify

The isi snapshot modify command modies existing snapshots. Syntax isi snapshot modify --snapshot={<Name>|<ID>} {--name=<string> | --duration=<number><Time> | --expiration="<Date> [at <Time>]"}... Options You must specify at least one snapshot attribute to modify. Specify one or more snapshot attributes using the following options: --name --duration --expiration
--snapshot={<Name>|<ID>} Required. Species the name or ID of the snapshot being modied. --name=<string>, -n<string> Changes the name of the snapshot to the one specied. --duration=<number><Time>, -d<number><Time> Species how long to keep a snapshot. The following values are vaild for <Time>: hour[s] day[s] week[s] month[s] year[s] Note: The duration period is in reference to the time that the command is run, not the time it was originally created. For example, if a snapshot is modied at 1:00pm and set to expire in 1 hour, the snapshot will be deleted at 2:00pm, regardless of when it was created. --expiration="<Date> [at <Time>]", -x"<Date> [at <Time>]" Species when the snapshot will expire. Specify <Date> in the following format: MM/DD/YYYY. Specify <Time> in the following format: HH:mm[{am|pm}]. The default time is 00:00.
272
For example: --duration="01/01/2012 at 10:15am" Examples The following command sets snapshot1 to be deleted at 9:00am on June 1st, 2012: isi snapshot modify snapshot1 --expiration="06/01/2012"
isi snapshot rename

The isi snapshot rename command renames existing snapshots. Syntax isi snapshot rename [--snapshot=]{<Name>|<ID>} [--name=]<string> Options --snapshot={<Name>|<ID>} Required. Species the name or ID of the snapshot whose name is being changed. --name=<string>, -n=<string> Required. Changes the name of the snapshot to the one specied. Examples The following command changes the name of snashot1 to snapshot1 (correcting the typo): isi snapshot rename snashot1 snapshot1
isi snapshot reserve

The isi snapshot reserve command displays and sets the percentage of system storage space that is reserved exclusively for storing snapshots. Note: This command only limits the amount of space available to applications other than SnapshotIQ. It does not limit the amount of space that snapshots are allowed to occupy. Snapshots can occupy more than the specied percentage of system storage space. Syntax isi snapshot reserve [[--value=]<number>] Options If no options are specied, the current reserve percentage is displayed. --value=<number>, v<number> Species the percentage of system storage space to reserve exclusively for the SnapshotIQ module. Specify a number between 0 and 100. Examples To ensure that 10 percent of system storage space can only be used by the SnapshotIQ module, run the following command:
273
isi snapshot reserve 10 The system displays output similar to the following example: Snapshot reserve percentage: 0 -> 10
isi snapshot schedule create

The isi snapshot schedule create command enables you to create a new snapshot schedule policy. Syntax isi snapshot schedule create [--name=]<Name> [--when=]"<Interval> [<Frequency>]" [--pattern=]<string> [--path=]<AbsolutePath> [{--duration=<Number><Time> | --expiration="<Date> [at <Time>]"}] [--alias=<string>] Options --name=<Name>, -l<Name> Required. Sets the name of the snapshot policy. --when="<Interval> [<Frequency>]", -w="<Interval> [<Frequency>]" Required. Species when the snapshots will be taken. <Interval> is required and can take one of the following forms: every <day of the week>[, ...] every [<number between 1 and 31>] day every [<number between 1 and 23>] weekday every [<number between 1 and 52>] week [on <day of the week>[, ...]] every [<number>] months [on the <number between 1 and 31>[st]] the {<number between 1 and 5>|last} <day of the week> every [<number between 1 and 12>] month the {<number between 1 and 23>|last} weekday every [<number between 1 and 12>] month the <number between 1 and 31>[st] every [<number between 1 and 31>[st]] month the last day every [<number between 1 and 31>[st]] month yearly on <month> [<number between 1 and 31>[st]]
<Frequency> is optional and can take either of the following forms: at {<Hr>[:<Min>][{am|pm}]} every [<number>] {hours|minutes} [from {<Hr>[:<Min>][{am|pm}]} to {<Hr>[:<Min>][{am|pm}]}]
The default frequency is at 0:00. --pattern=<string>, -t<string> Required. Species the format string pattern for naming scheduled snapshots. The following variables are valid within the string: Valid Value %Y Denition Year
274
Valid Value %m %d %H %M
Denition Month Day Hour Minute
For example, a snapshot with a naming pattern of --pattern="Snapshot %Y" that is taken in 2011 is named "Snapshot 2011". --path=<AbsolutePath>, -p<AbsolutePath>) Required. Species the directories that are captured in snapshots created by this schedule policy. --duration=<Number><Time>, -d<Number><Time> Species how long to keep snapshots created by this schedule policy. The following values are valid for <Time>: hour[s] day[s] week[s] month[s] year[s] Note: The duration period is in reference to the time that the command is run, not the time it was originally created. For example, if a snapshot is modied at 1:00pm and set to expire in 1 hour, the snapshot will be deleted at 2:00pm, regardless of when it was created. --expiration="<Date> [at <Time>]", -x"<Date> [at <Time>]" Species when snapshots created by this schedule policy will expire. Specify <Date> in the following format: MM/DD/YYYY. Specify <Time> in the following format: HH:mm[{am|pm}]. The default time is 00:00. For example, --duration="01/01/2012 at 10:15am" --alias=<string>, -a<string> Species an alternate name for the schedule. Examples The following command takes a snapshot of /ifs/data every Wednesday at 6:30pm and labels each snapshot with the date: isi snapshot schedule create snapshotPolicy1 "every Wednesday at 6:30pm" "Taken on %d %m, %Y" /ifs/data The following command takes one snapshot every hour between the hours of 12:00am to 8:00pm on the 1st Saturday of every 3rd month, and deletes each update one year after it is taken: isi snapshot schedule create snapshotPolicy2 "the 1st Saturday every 3 month every hours from 12:00 to 20:00" "Taken at %H:%M on %d %m, %Y" /ifs/data --expiration=1year
275
isi snapshot schedule delete

The isi snapshot schedule delete command deletes existing snapshot schedule policies. Note: Deleting schedule policies only prevents further snapshots from being taken using those policies. Deleting schedule policies does not delete snapshots that have been taken by those policies. Syntax isi snapshot schedule delete [--schedule=]{<Name>|<ID>}... Options --schedule={<Name>|<ID>} Required. Species the name or ID of the schedule policy you want to delete. This option can be specied multiple times. Examples The following command deletes a schedule called snapshotPolicy1: isi snapshot schedule delete snapshotPolicy1
isi snapshot schedule list

The isi snapshot schedule list command displays a list of existing snapshot schedules. Syntax isi snapshot schedule list [[--schedule=]{<Name>|<ID>} ...] [--long] Options If no options are specied, displays a list of existing snapshot schedules, including their naming patterns and paths. --schedule={<Name>|<ID>}, -s {<Name>|<ID>} Displays only the snapshot schedule with the specied ID or name. This option can be specied multiple times in a single command. --long, -l Displays information on the creation date, schedule, and duration period (how long schedules will exist before being deleted) of existing snapshot schedules. Examples To view information on all snapshot policies, including information on their creation date, schedule, and duration, run following command: isi snapshot schedule list -l The system displays output similar to the following example: -------------------- snapshotPolicy1 -------------------Schedule Id: 1 How Often: every Wednesday at 6:30pm Starting When: 2011-05-24 23:13
276
Duration: never Pattern: Taken on %d %m, %Y Path: /ifs/data -------------------- snapshotPolicy2 -------------------Schedule Id: 2 How Often: the 1st Saturday every 3 month every hours from 12:00 to 20:00 Starting When: 2011-05-24 23:18 Duration: 1year Pattern: Taken at %H:%M on %d %m, %Y Path: /ifs/data
isi snapshot schedule modify

The isi snapshot schedule modify command enables you to modify an existing snapshot schedule policy. Note: Modications to schedule policies are only applied to future snapshots taken by the policy. Modications are not applied to existing snapshots that have already been taken by the policy. Syntax isi snapshot schedule modify [--schedule=]{<Name>|<ID>} {--name=<Name> | --when="<Interval> [<Frequency>]" | --pattern=<string> | --path=<AbsolutePath> | --duration=<Number><Time> | --expiration="<Date> [at <Time>]" | --alias=<string>}... Options You must specify at least one schedule policy attribute to modify. Specify one or more schedule policy attributes using the following options: --name --when --pattern --path --expiration --alias Required. Species the name or ID of the snapshot schedule being modied. --name=<Name>, -l<Name> Changes the name of the snapshot schedule to the one specied. --when="<Interval> [<Frequency>]", -w="<Interval> [<Frequency>]" Species when the snapshots will be taken <Interval> is required and can take one of the following forms: every every every every ...]] every <day of the week>[, ...] [<number between 1 and 31>] day [<number between 1 and 23>] weekday [<number between 1 and 52>] week [on <day of the week>[, [<number>] months [on the <number between 1 and 31>[st]]
--schedule={<Name>|<ID>}, -s {<Name>|<ID>}
277
the {<number between 1 and 5>|last} <day of the week> every [<number between 1 and 12>] month the {<number between 1 and 23>|last} weekday every [<number between 1 and 12>] month the <number between 1 and 31>[st] every [<number between 1 and 12>[st]] month the last day every [<number between 1 and 12>[st]] month yearly on <month> {<number between 1 and 31>[st]}
<Frequency> is optional and can take either of the following forms: at {<Hr>[:<Min>][{am|pm}]} every [<Number>] {hours|minutes} [from {<Hr>[:<Min>][{am|pm}]} to {<Hr>[:<Min>][{am|pm}]}]
The default frequency is at 0:00. --pattern=<string>, -t<string> Species a new pattern for naming scheduled snapshots. The following variables are valid within the string: Valid Value %Y %m %d %H %M Denition Year Month Day Hour Minute
For example, a snapshot with a naming pattern of --pattern="Snapshot %Y" that is taken in 2011 is named "Snapshot 2011". --path=<AbsolutePath>, -p<AbsolutePath> Species the new directories to be captured in the snapshot. --duration=<Number><Time>, -d<Number><Time> Species how long to keep snapshots created by this schedule policy. The following values are valid for <Time>: hour[s] day[s] week[s] month[s] year[s] Note: The duration period is in reference to the time that the command is run, not the time it was originally created. For example, if a snapshot is modied at 1:00pm and set to expire in 1 hour, the snapshot will be deleted at 2:00pm, regardless of when it was created. --expiration="<Date> [at <Time>]", -x"<Date> [at <Time>]" Species when snapshots created by this schedule policy will expire. Specify <Date> in the following format: MM/DD/YYYY. Specify <Time> in the following format: HH:mm[{am|pm}]. The default time is 00:00. For example, --duration="01/01/2012 at 10:15am"
278
--alias=<string>, -a<string> Species a new alternate name for the snapshot schedule. Examples The following command causes snapshotPolicy1 to expire 1 hour after this command is run: isi snapshot schedule modify snapshotPolicy1 --expiration=1hour The following command causes snapshotPolicy1 to take a snapshot on the last day of every month: isi snapshot schedule modify snapshotPolicy1 --when="the last day every month"
isi snapshot schedule rename

The isi snapshot schedule rename command renames existing schedule policies. Syntax isi snapshot schedule rename [--schedule=]<Schedule> [--name=]<Name> Options --schedule={<Name>|<ID>}, -s {<Name>|<ID>} Required. Species the name or ID of the snapshot schedule whose name is being changed. --name=<Name>, -l<Name> Required. Changes the name of the snapshot to the one specied. Examples The following command changes the name of snapshotPolicy1 to snapshotPolicy7: isi snapshot schedule rename snapshotPolicy1 snapshotPolicy7
isi snapshot schedule todo

The isi snapshot schedule todo command displays a list of upcoming snapshots that are scheduled to be taken. Syntax isi snapshot schedule todo [--start-date=<Date>] [--end-date=<Date>] Options If no options are specied, displays a list of snapshots that are scheduled to be taken over the next 30 days. --start-date=<Date>, -s<Date> Displays snapshots scheduled to be taken after the specied date. Specify in the following format: <MM>/<DD>/<YYYY>. Specied date must be after the current date. If not specied, start date is set to the current date. --end-date=<Date>, -e<Date> Displays snapshots scheduled to be taken before the specied date. Specify in the following format: <MM>/<DD>/<YYYY>. Specied date must be after the start date.
279
If not specied, end date is set to 30 days after the start date. Examples The following command displays snapshots that are scheduled to be taken between July 1, 2011 and July 15, 2011: isi snapshot schedule todo --start-date=07/01/2011 --end-date=07/15/2011 The system displays output similar to the following example: snapshotPolicy3 snapshotPolicy3 snapshotPolicy3 snapshotPolicy3 snapshotPolicy3 snapshotPolicy1 snapshotPolicy3 snapshotPolicy3 snapshotPolicy3 snapshotPolicy3 snapshotPolicy3 snapshotPolicy3 snapshotPolicy3 snapshotPolicy1 snapshotPolicy3 snapshotPolicy3 Taken Taken Taken Taken Taken Taken Taken Taken Taken Taken Taken Taken Taken Taken Taken Taken on on on on on on on on on on on on on on on on 01 02 03 04 05 06 06 07 08 09 10 11 12 13 13 14 07, 07, 07, 07, 07, 07, 07, 07, 07, 07, 07, 07, 07, 07, 07, 07, 2011 2011 2011 2011 2011 2011 2011 2011 2011 2011 2011 2011 2011 2011 2011 2011 2011-07-01 2011-07-02 2011-07-03 2011-07-04 2011-07-05 2011-07-06 2011-07-06 2011-07-07 2011-07-08 2011-07-09 2011-07-10 2011-07-11 2011-07-12 2011-07-13 2011-07-13 2011-07-14 19:30 19:30 19:30 19:30 19:30 18:30 19:30 19:30 19:30 19:30 19:30 19:30 19:30 18:30 19:30 19:30
The following command displays all snapshots scheduled to be taken before January 1, 2011: isi snapshot schedule todo --end-date=01/01/2012
isi snapshot settings list

The isi snapshot settings list command displays a list of snapshot settings and values. The snapshot settings determine by what means users can access snapshots. Syntax isi snapshot settings list [{[--name=]<Name>}...] Options If no options are specied, displays all snapshot settings and values. --name=<Name> Displays only the specied setting. The following values are valid: global_accessible_visible nfs_root_accessible nfs_root_visible nfs_sub_accessible cifs_root_accessible cifs_root_visible cifs_sub_accessible local_root_accessible local_root_visible
280
local_sub_accessible
To display multiple settings, specify this option multiple times within the same command. Examples To view a list of all snapshot settings, run the following command: isi snapshot settings list The system displays output similar to the following example: Setting Value -----------------------------------global_accessible_visible True nfs_root_accessible True nfs_root_visible True nfs_sub_accessible True cifs_root_accessible True cifs_root_visible True cifs_sub_accessible True local_root_accessible True local_root_visible True local_sub_accessible True
isi snapshot settings set

The isi snapshot settings set command enables you to change the value of a snapshot setting. Syntax isi snapshot settings set [--name=]<SettingName> [--value=]<Value> Options --name=<SettingName>, -n<SettingName> Required. Determines how snapshots can be viewed and accessed. The following values are valid: global_accessible_visible: If set to false, all other settings are overridden and snapshots cannot be viewed or accessed. If set to true, all other settings determine how snapshots can be viewed and accessed. nfs_root_accessible: If set to true, the client mount point can be accessed using NFS. nfs_root_visible: If set to true, the client mount point can be viewed using NFS. nfs_sub_accessible: If set to true, subdirectories in the /ifs directory can be accessed using NFS. cifs_root_accessible: If set to true, the top level of the share the client is connected to can be accessed using CIFS. cifs_root_visible: If set to true, the top level of the share the client is connected to can be viewed using CIFS. cifs_sub_accessible: If set to true, the subdirectories in the /ifs directory can be accessed using CIFS. local_root_accessible: If set to true, the root directory of /ifs/.snapshot can be accessed locally. local_root_visible: If set to true, the root directory of /ifs/.snapshot can be viewed locally.
281
local_sub_accessible: If set to true, the subdirectories in the /ifs directory can be accessed locally. Note: Making the root directory visible may interfere with tree removal, and could affect folder deletion in Windows.
--value=<Value>, -v<Value> Required. Species a new value for this setting. Valid values are true or false. Examples To make the root directory of /ifs/.snapshot accessible from NFS, run the following command: isi snapshot settings set local_root_accessible false The system displays output similar to the following example: Setting nfs_root_accessible to false will also set the following: nfs_root_visible -> false nfs_sub_accessible -> false Do you wish to continue? (yes, [no]) If you type yes and press ENTER, the local root becomes invisible and the local sub to becomes inaccessible as well. The system displays output similar to the following example: nfs_root_accessible: true -> false nfs_root_visible: true -> false nfs_sub_accessible: true -> false
isi snapshot usage

The isi snapshot usage command displays a list of existing snapshots and their disk usage. The list includes the names of the snapshots, the amount of le system space they are consuming, the percentage of the reserved space they are consuming, and the percentage of le system they are consuming. Note: The percentage columns do not include snapshot data shared with later snapshots or with the current active le system version. Syntax isi snapshot usage [{[--snapshot=]<Snapshot>}...] Options If no options are specied, displays a list of all existing snapshots and their disk usage. --snapshot=<Snapshot> Displays the usage of the snapshots whose names are specied. To display multiple snapshots, specify this option multiple times within the same command. Examples To view the disk usage of all snapshots, run the following command: isi snapshot usage
282
The system displays output similar to the following example: snapshot1 snapshot2 snapshot3 snapshot4 snapshot5 0 2.1M 904K 872K 0 3.8M 0.00% 0.00% 0.00% 0.00% 0.00%
) ) ) ) )
0.00% 0.00% 0.00% 0.00% 0.00%
(T) (T) (T) (T) (T)
0.01% )
0.00% (T)
In this example, the second column displays the amount of le system space the snapshot is consuming, the third column displays the percentage of reserved space it is consuming, and the fourth displays the percentage of the total disk space it is consuming. The lowest row displays the totals of the columns.
isi snmp
The isi snmp command manages Simple Network Management Protocol (SNMP) settings. Syntax isi snmp {--syslocation=<string> | --syscontact=<string> | --protocols=<value> | --rocommunity=<string> | --v3-rouser=<string> | --v3-password=<string>}... Options You must specify at least one SNMP setting to modify. Specify an SNMP setting using the following options: --syslocation --syscontact --protocols --rocommunity --v3-rouser --v3-password
--syslocation=<string> Sets the system location eld (sysLocation.0) in the SNMP management information base (MIB). --syscontact=<string> Sets the system contact address eld (sysContact.0) in the SNMP MIB. --protocols=<value> Species SNMP protocols. The following values are valid: all v1/v2c v3 Note: v1 and v2 are controlled together and must be specied together as shown. --rocommunity=<string>, -c<string> Species the read only community name.
283
--v3-rouser=<string>, -u<string> Species the SNMP v3 read-only user. --v3-password=<string>, -p<string> Species the SNMP v3 auth password. Examples The following command sets the system location to East Datacenter: isi snmp --syslocation="East Datacenter" The system displays output similar to the following example: System location set to: "East Datacenter"
isi snmp list

The isi snmp list command displays a list of Simple Network Management Protocol (SNMP) settings. Syntax isi snmp list Options There are no options for this command. Examples To view a list of SNMP settings, run the following command: isi snmp list The system displays output similar to the following example: System location: System contact: SNMP v1/v2c access: Read-only community: SNMP v3 access: Read-only user: SNMP v3 password: unset unset@unset.invalid Enabled public Disabled general ********
isi statistics client

The isi statistics client command displays statistics organized by client IPs and users accessing the cluster. Syntax isi statistics client [--csv] [--csvstring=<string>] [--noconversion] [--noheader] [--top] [--interval=<number>] [--repeat=<number>] [--degraded] [--timeout=<number>] [--nodes=<value>]
284
OneFS Command Reference [--protocols=<value>] [--classes=<string>] [--orderby=<string>] [--total] [--totalby=<value>] [--nooutput=<string>] [--output=<string>] [--long] [--zero] [--numeric] [--wide] Options If no options are specied, a single table with statistics on all classes is displayed. --csv, -c Displays data in a comma-separated value list. Note: --csv disables top-style display and dynamic unit conversion. When dynamic conversion is disabled, bytes are displayed in their long form without multipliers (for example, the full number of 1042.3 is displayed instead of rounding it to 1K). --csvstring=<string>, -C<string> Displays data in a list separated by the specied string. For example, to separate the data with single spaces, specify --csvstring=" ". Note: If specied, --csvstring overrides --csv and disables top-style display and dynamic unit conversion. When dynamic conversion is disabled, bytes are displayed in their long form without multipliers (for example, the full number of 1042.3 is displayed instead of rounding it to 1K). --noconversion Displays bytes in their long form without multipliers (for example, the full number of 1042.3 is displayed instead of rounding it to 1K). --noheader Does not display column headers. --top, -t Displays results in top-style display, where data is continuously overwritten in a single table. Note: If specied without the --repeat option, reports run indenitely. To stop reports while running indenitely, press Ctrl+C. --interval=<number>, -i<number> Displays reports at the specied interval. Specify in seconds. The default interval is 5 seconds. Note: If specied without the --repeat option, reports run indenitely. To stop reports while running indenitely, press Ctrl+C. --repeat=<number>, -r<number> Species how many times to run the report before quitting. Note: To run the report indenitely, specify -1. To stop reports while running indenitely, press Ctrl+C. --degraded, -d Causes report to continue if some nodes do not respond. --timeout=<number>, -o<number> Species number of seconds before remote commands timeout. --nodes=<value>, -n<value> Species which nodes to report statistics on. The following values are valid: all
285
* <int> <int>-<int> local
Multiple values can be specied in a comma-separated list. --protocols=<value> Species on which protocols statistics are reported. The following values are valid: all ftp http irp iscsi jobd n1m nfs3 nfs4 siq smb1 smb2
Multiple values can be specied in a comma-separated list. The default setting is all protocols. --classes=<string> Specify which operation classes to report statistics on. The default setting is all classes. The following values are valid: all All classes create File, link, node, stream, and directory creation delete File, link, node, stream, and directory deletion file_state Open, close; locking: acquire, release, break, check; notication namespace_read Attribute, stat, and ACL reads; lookup, directory reading namespace_write Renames; attribute setting; permission, time, and ACL writes other File-system information, other operations that are not categorized read File and stream reading session_state Negotiation, inquiry, or manipulation of protocol connection or session state write File and stream writing
286
unimplemented Operations that are not implemented Multiple values can be specied in a comma-separated list. --orderby=<string> Species the value that rows are ordered by. The following values are valid: Class In InAvg InMax InMin LocalAddr LocalName Node NumOps Ops Out OutAvg OutMax OutMin Proto RemoteAddr RemoteName TimeAvg TimeMax TimeMin TimeStamp UserID UserName
The default setting is class. --total Groups and aggregates results as implied by specied ltering parameters. Filtering parameters include: --nodes, --protocols, --classes, --local_addr, --local_name, --remote_addr, --remote_name, --user_id, --user_name. --totalby=<value> Combines results according to specied elds. The following values are valid: Class Group LocalAddr LocalName Node Proto RemoteName UserId UserName
287
Note: --totalby overrides --total option, if specied. --nooutput=<string> Species which columns are not displayed. Columns are excluded from the list of currently active columns specied by the --output option or --long options, or from the default column list if it has not been overridden by other output options. The following values are valid: Class In InAvg InMax InMin LocalAddr LocalName Node NumOps Ops Out OutAvg OutMax OutMin Proto RemoteAddr RemoteName TimeAvg TimeMax TimeMin TimeStamp UserID UserName
--output=<string> Species which columns to display. The following values are valid: Class Displays the class of the operation. In Displays the rate of input for an operation since the last time the system collected the data. Displayed in bytes per second. InAvg Displays the average input (received) bytes for an operation since the last time the system collected the data. InMax Displays the maximum input (received) bytes for an operation since the last time the system collected the data. InMin
288
Displays the minimum input (received) bytes for an operation since the last time the system collected the data. LocalAddr Displays the IP address of the host receiving the operation request. Displayed in dotted-quad form. LocalName Displays the resolved text name of the LocalAddr, if resolution can be performed. Node Displays the node on which the operation was performed. NumOps Displays the number of times an operation has been performed since the last time the system collected the data. Ops Displays the rate at which an operation has been performed since the last time the system collected the data. Displayed in operations per second. Out Displays the rate of output for an operation since the last time the system collected the data. Displayed in bytes per second. OutAvg Displays the average output (sent) bytes for an operation since the last time the system collected the data. OutMax Displays the maximum output (sent) bytes for an operation since the last time the system collected the data. OutMin Displays the minimum output (sent) bytes for an operation since the last time the system collected the data. Proto Displays the protocol of the operation. RemoteAddr Displays the IP address of the host sending the operation request. Displayed in dotted-quad form. RemoteName Displays the resolved text name of the RemoteAddr, if resolution can be performed. TimeAvg Displays the average elapsed time taken to complete an operation since the last time the system collected the data. Displayed in microseconds. TimeMax Displays the maximum elapsed time taken to complete an operation since the last time the system collected the data. Displayed in microseconds. TimeMin Displays the minimum elapsed time taken to complete an operation since the last time the system collected the data. Displayed in microseconds. TimeStamp Displays the time at which the isi statistics tool last gathered data. Displayed in POSIX time (number of seconds elapsed since January 1, 1970). UserID
289
Displays the numeric UID of the user issuing the operation request or the unique logical unit number (LUN) identier in the case of the iSCSI protocol. UserName Displays the resolved text name of the UserID, or the target and LUN in the case of the iSCSI protocol. In either case, if resolution cannot be performed, UNKNOWN is displayed. Multiple values can be specied in a comma-separated list. --long Displays all possible columns. --zero Displays rows with no values that are otherwise hidden. --local_addrs=<number> Species local IP addresses for which statistics will be reported. --local-names=<string> Species local host names for which statistics will be reported. --remote_addrs=<number> Species remote IP addresses for which statistics will be reported. --remote_names=<string> Species remote client names for which statistics will be reported. --user_ids=<number> Species user ids for which statistics will be reported. The default setting is all users. --user_names=<string> Species user names for which statistics will be reported. The default setting is all users. --numeric Does not attempt to resolve numeric IDs to text for local hosts, remote clients, and users. Only displays numeric equivalents. --wide Displays results in wide format without truncations. Examples The following command runs a report every 2 seconds for 6 seconds, and organizes the results by class: isi statistics client --orderby=Class --repeat=3 --interval=2 The system displays output similar to the following example: Ops In Out TimeAvg Node Proto Class UserName LocalName N/s B/s B/s us 0.4 148.2 0.0 7384608.0 1 http write UNKNOWN 10.51.115.42 0.2 142.6 4.7 1157782.0 2.4 230.4 0.0 1232041.0 2.8 36M 3.2 2586.3 2.0 32.0 38M 1328.1 1.2 28.8 0.0 2.5 1 2 1 2 3 http http siq siq siq read write other other other UNKNOWN 10.51.115.42 UNKNOWN 10.51.115.42 UNKNOWN UNKNOWN UNKNOWN UNKNOWN UNKNOWN UNKNOWN RemoteName 10.53.115.42 10.51.115.42 10.51.115.42 UNKNOWN UNKNOWN UNKNOWN
The following command runs a report that includes the User ID, Time Max, Time Min, and Out Avg, every 3 seconds for 9 seconds:
290
isi statistics client --output=UserName,TimeMax,TimeMin,OutAvg --repeat=3 --interval=2 The system displays output similar to the following example: UserName UNKNOWN UNKNOWN UNKNOWN UNKNOWN TimeMax us 115655 14821444 115655 14821444 TimeMin us 115655 1 115655 1 OutAvg B 234.0 0.0 234.0 0.0
The following command reports statistics on HTTP protocols, write and delete classes and includes the columns Class, Ops, In, Out, Proto and TimeAvg: isi statistics client --output=Ops,Out,In,Proto,TimeAvg --protocols=http,external --classes=read,write The system displays output similar to the following example: Ops N/s 0.2 0.4 Out B/s 46.8 0.0 In B/s 142.6 148.2 Proto http http TimeAvg us 113310.0 7408227.5
isi statistics describe

The isi statistics describe command displays documentation on given statistics. Syntax isi statistics describe --stats=<statistics_key_string> Options --stats=<statistics_key_string>, -s<statistics_key_string> Required. Displays documentation on specied statistics. To view a list of valid statistics keys, run the following command: isi statistics list stats. Note: Shell glob patterns are valid, but must be escaped so the shell doesn't interpret them. Examples To view the description of the statistic with key node.sensor.volt.volts.12vFCBF, run the following command: cluster.cpu.sys.max The system displays output similar to the following example: Stat key => Description cluster.cpu.sys.max => Maximum cluster average of sytem CPU usage in tenths of a percent To view descriptions of statistics on the crash lesystem, run the following command: isi statistics describe --stats=\*crash\*
291
The system displays output similar to the following example: Stat key => Description node.sysfs.varcrash.bytes.avail => Available capacity filesystem in bytes node.sysfs.varcrash.bytes.free => Free capacity on the in bytes node.sysfs.varcrash.bytes.total => Total capacity on the in bytes node.sysfs.varcrash.bytes.used => Used capacity on the in bytes node.sysfs.varcrash.percent.avail => Available capacity filesystem as a percentage node.sysfs.varcrash.percent.free => Free capacity on the as a percentage node.sysfs.varcrash.percent.used => Used capacity on the as a percentage on the /var/crash /var/crash filesystem /var/crash filesystem /var/crash filesystem on the /var/crash /var/crash filesystem /var/crash filesystem
To view descriptions of statistics on the out per node cpu accounting that is not per core, run the following command: isi statistics describe --stats=node\*cpu\*avg The system displays output similar to the following example: Stat key node.cpu.idle.avg node.cpu.intr.avg node.cpu.nice.avg node.cpu.sys.avg node.cpu.user.avg => Description => Node average of idle CPU usage in tenths of a percent => Node average of interrupt CPU usage in tenths of a percent => Node average of nice CPU usage in tenths of a percent => Node average of system CPU usage in tenths of a percent => Node average of user CPU usage in tenths of a percent
isi statistics drive

The isi statistics drive displays information on performance by drive. Syntax isi statistics drive [--csv] [--csvstring=<string>] [--noconversion] [-noheader] [--top] [--interval=<number>] [--repeat=<number>] [--degraded] [--timeout=<number>] [--long] [--nodes=<value>] [--timestamp] [--type=<value>] [-orderby=<string>] Options If no options are specied, displays a single report including information on all types of drives on the local node. --csv, -c Displays data as comma-separated value list. Note: --csv disables top-style display and dynamic unit conversion. When dynamic conversion is disabled, bytes are displayed in their long form without multipliers (for example, the full number of 1042.3 is displayed instead of rounding it to 1K). --csvstring=<string>, -C<string> Display data as csv-style separated list with specied string as separator. For example, to separate the data with single spaces, specify --csvstring=" ". Note: --csvstring overrides --csv, if specied, and disables top-style display and dynamic unit conversion. When dynamic conversion is disabled, bytes are displayed in
292
their long form without multipliers (for example, the full number of 1042.3 is displayed instead of rounding it to 1K). --noconversion Displays bytes in their long form without multipliers (for example, the full number of 1042.3 is displayed instead of rounding it to 1K). --noheader Does not display column headers. --top, -t Displays results in top-style display, where data is continuously overwritten in a single table. Note: If specied without the --repeat option, reports run indenitely. To stop reports while running indenitely, press Ctrl+C. N o e t : --interval=<number>, -i<number> Displays reports at the specied interval. Specify in seconds. The default interval is 5 seconds. Note: If specied without the --repeat option, reports run indenitely. To stop reports while running indenitely, press Ctrl+C. --repeat=<number>, -r<number> Species how many times to run the report before quitting. Note: To run the report indenitely, specify -1. To stop reports while running indenitely, press Ctrl+C. --degraded, -d Causes report not to stop even if some nodes do not respond. --timeout=<number>, -o<number> Species number of seconds before remote commands timeout. --nodes=<value>, -n<value> Species which nodes to report statistics on. The following values are valid: all * <int> <int>-<int> local
Multiple values can be specied in a comma-separated list. The default node is the local node. --long Displays all possible columns. --timestamp Display a column containing the POSIX time stamp. --type=<value> Species the drive types for which statistics will be reported. The following values are valid:
293
sata sas ssd
The default setting is all drives. --orderby=<string> Species how rows are ordered. The following values are valid: Examples The following command runs a report on node 2 every 3 seconds for 9 seconds and orders the results by Bytes In: isi statistics drive --repeat=3 --interval=3 --orderby=bytesIN --nodes=2 The system displays output similar to the following example: Drive Type OpsIn BytesIn OpsOut BytesOut TimeAvg TimeInQ Queued Busy LNN:bay N/s B/s N/s B/s ms ms % 2:1 SATA 4.2 37K 0.0 0.0 0.2 0.0 0.0 0.0 2:7 SATA 1.8 11K 0.0 0.0 0.5 0.0 0.0 0.0 2:4 SATA 1.6 9.0K 0.0 0.0 0.6 0.0 0.0 0.0 2:8 SATA 1.6 9.0K 0.0 0.0 0.4 0.0 0.0 0.0 2:3 SATA 0.4 3.4K 0.0 0.0 0.1 0.0 0.0 0.0 2:11 SATA 0.2 1.6K 0.0 0.0 0.1 0.0 0.0 0.0 2:2 SATA 0.0 0.0 0.0 0.0 0.6 0.0 0.0 0.0 2:5 SATA 0.0 0.0 0.0 0.0 0.1 0.0 0.0 0.0 2:6 SATA 0.0 0.0 0.0 0.0 0.8 0.0 0.0 0.0 2:9 SATA 0.0 0.0 0.0 0.0 0.1 0.0 0.0 0.0 2:10 SATA 0.0 0.0 0.0 0.0 0.8 0.0 0.0 0.0 2:12 SATA 0.0 0.0 0.0 0.0 0.7 0.0 0.0 0.0 2:1 2:4 2:7 2:8 2:2 2:9 2:11 2:12 2:3 2:5 SATA SATA SATA SATA SATA SATA SATA SATA SATA SATA 0.8 0.8 0.8 0.8 0.2 0.2 0.2 0.2 0.0 0.0 6.6K 6.6K 6.6K 6.6K 1.6K 1.6K 1.6K 1.6K 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.2 0.6 0.5 0.4 0.6 0.1 0.1 0.7 0.1 0.1 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 Busy BytesIn BytesOut Drive Inodes OpsIn OpsOut Queued SizeIn SizeOut Slow TimeAvg TimeInQ Type Used
294
2:6 SATA 2:10 SATA 2:1 2:4 2:7 2:8 2:2 2:9 2:11 2:12 2:3 2:5 2:6 2:10 SATA SATA SATA SATA SATA SATA SATA SATA SATA SATA SATA SATA
0.0 0.0 0.8 0.8 0.8 0.8 0.2 0.2 0.2 0.2 0.0 0.0 0.0 0.0
0.0 0.0 6.6K 6.6K 6.6K 6.6K 1.6K 1.6K 1.6K 1.6K 0.0 0.0 0.0 0.0
0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0
0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0
0.8 0.8 0.2 0.6 0.5 0.4 0.6 0.1 0.1 0.7 0.1 0.1 0.8 0.8
0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0
0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0
0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0
Tho view a report in a comma-separated list, run the following command: isi statistics drive --csv The system displays output similar to the following example: Drive,Type,OpsIn,BytesIn,OpsOut,BytesOut,TimeAvg,TimeInQ,Queued,Busy LNN:bay,,N/s,B/s,N/s,B/s,ms,ms,,% 1:1,SATA,1.8,21299.2,0.0,0.0,0.1,0.0,0.0,0.0 1:2,SATA,0.4,614.4,0.0,0.0,0.1,0.0,0.0,0.0 1:3,SATA,0.0,0.0,0.0,0.0,0.3,0.0,0.0,0.0 1:4,SATA,0.4,2662.4,0.0,0.0,0.2,0.0,0.0,0.0 1:5,SATA,0.0,0.0,0.0,0.0,0.1,0.0,0.0,0.0 1:6,SATA,0.2,204.8,0.0,0.0,0.1,0.0,0.0,0.0 1:7,SATA,0.4,2662.4,0.0,0.0,0.2,0.0,0.0,0.0 1:8,SATA,1.0,10444.8,0.0,0.0,0.1,0.0,0.0,0.0 1:9,SATA,0.8,3276.8,0.0,0.0,0.1,0.0,0.0,0.0 1:10,SATA,0.6,4300.8,0.0,0.0,0.2,0.0,0.0,0.0 1:11,SATA,0.4,614.4,0.0,0.0,0.1,0.0,0.0,0.0 1:12,SATA,0.0,0.0,0.0,0.0,0.1,0.0,0.0,0.0
isi statistics heat

The isi statistics heat command displays the most active /ifs paths for a variety of metrics. Syntax isi statistics heat [--csv] [--csvstring=<string>] [--noconversion] [-noheader] [--top] [--interval=<number>] [--repeat=<number>] [--degraded] [--timeout=<number>] [--nodes=<value>] [--events=<string>] [--classes=<string>] [--orderby=<string>] [--totalby=<string>] [--maxpath=<number>] [--pathdepth=<number>] [--limit=<number>] [--output=<string>] [--long] Options If no options are specied, displays a single report including information on all event types and classes on all nodes. --csv, -c Displays data as comma-separated value list.
295
Note: --csv disables top-style display and dynamic unit conversion. When dynamic conversion is disabled, bytes are displayed in their long form without multipliers (for example, the full number of 1042.3 is displayed instead of rounding it to 1K). --csvstring=<string>, -C<string> Display data as csv-style separated list with specied string as separator. For example, to separate the data with single spaces, specify --csvstring=" ". Note: --csvstring overrides --csv, if specied, and disables top-style display and dynamic unit conversion. When dynamic conversion is disabled, bytes are displayed in their long form without multipliers (for example, the full number of 1042.3 is displayed instead of rounding it to 1K). --noconversion Displays bytes in their long form without multipliers (for example: the full number of 1042.3 is displayed instead of rounding it to 1K). --noheader Does not display column headers. --top, -t Displays results in top-style display, where data is continuously overwritten in a single table. Note: If specied without the --repeat option, reports run indenitely. To stop reports while running indenitely, press Ctrl+C. --interval=<number>, -i<number> Displays reports at the specied interval. Specify in seconds. The default interval is 5 seconds. Note: If specied without the --repeat option, reports run indenitely. To stop reports while running indenitely, press Ctrl+C. --repeat=<number>, -r<number> Species how many times to run the report before quitting. Note: To run the report indenitely, specify -1. To stop reports while running indenitely, press Ctrl+C. --degraded, -d Causes report not to stop even if some nodes do not respond. --timeout=<number>, -o<number> Species number of seconds before remote commands timeout. --nodes=<value>, -n<value> Species which nodes to report statistics on. The default value is all. The following values are valid: all * <int> <int>-<int> local
Multiple values can be specied in a comma-separated list. The default node is the local node. --events=<string> Species which event types for which information will be reported.
296
The following values are valid: blocked Access to the logical inode number (LIN) was blocked waiting for a resource to be released by another operation. These events are under the class other. contended An LIN is experiencing cross-node contention; it is being accessed simultaneously through multiple nodes. These events are under the class other. deadlocked The attempt to lock the LIN resulted in deadlock. These events are under the class other. link The LIN has been linked into the le system; the LIN associated with this event is the parent directory and not the linked LIN. These events are under the class namespace_write. lock The LIN was locked. These events are under the class other. lookup A name is looked up in a directory; the LIN for the directory searched is the one associated with the event. These events are under the class namespace_read. read A read was performed. These events are under the class read. rename A le or directory was renamed, the LIN associated with this event is the directory where the rename took place (either for the source directory or the destination directory if they differ). These events are under the class namespace_write. getattr A le or directory attribute has been read. These events are under the class namespace_read. setattr A le or directory attribute has been added, modied, or deleted. These events are under the class namespace_write. unlink A le or directory has been unlinked from the le system, the LIN associated with this event is the parent directory of the removed item. These events are under the class namespace_write. write A write was performed. These events are under the class write. --classes=<string> Species the classes on which information will be reported. The default setting is all classes. The following values are valid: create File, link, node, stream, and directory creation delete File, link, node, stream, and directory deletion file_state Open, close; locking: acquire, release, break, check; notication namespace_read Attribute, stat, and ACL reads; lookup, directory reading
297
namespace_write Renames; attribute setting; permission, time, and ACL writes other File-system information, other operations that are not categorized read File and stream reading session_state Negotiation, inquiry, or manipulation of protocol connection or session state write File and stream writing --orderby=<string> Species how rows are ordered. The following values are valid: Class Event LIN Node Ops Path TimeStamp
--totalby=<string> Combines results according specied elds. The following values are valid: Class Event LIN Node Ops Path TimeStamp
--maxpath=<number> Species the maximum path length to lookup in le system (in bytes). The default value is 1024. If you want there to be no maximum path length, specify -1. --pathdepth=<number> Reduces paths to specied depth. The default setting is unlimited. --limit=<number> Displays no more than the specied number of entry rows. --output=<string> Species which columns to display. The following values are valid: Class Displays the class of the operation. Event
298
Displays the name of the event. LIN Displays the LIN for the le or directory associated with the event. Node Displays the node on which the operation was performed. Ops Displays the rate at which an operation has been performed. Displayed in operations per second. Path Displays the path associated with the event LIN. TimeStamp Displays the time at which the isi statistics tool last gathered data. Displayed in POSIX time (number of seconds elapsed since January 1, 1970). --long Displays all possible columns. Examples The following command displays a report on node 2 with a maximum path depth of 2. isi statistics heat --nodes=2 --pathdepth=2 The system displays output similar to the following example: Ops N/s 3.2 2.8 2.8 2.6 1.7 1.5 1.2 1.2 1.2 0.8 0.8 0.6 0.6 0.6 0.5 0.4 0.4 0.4 0.4 0.3 0.3 0.2 0.2 0.2 0.2 0.2 0.2 0.2 0.2 0.2 0.2 0.2 Node 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 Event lock lookup lookup lock lookup lock getattr lock lock lock lookup getattr lock lock lookup getattr lock lookup lookup contended lock blocked getattr getattr getattr getattr getattr getattr lock lock lock lock Class Path other namespace_read namespace_read other namespace_read other namespace_read other other other namespace_read namespace_read other other namespace_read namespace_read other namespace_read namespace_read other other other namespace_read namespace_read namespace_read namespace_read namespace_read namespace_read other other other other /ifs/ /ifs/ /ifs/ /ifs/ /ifs/.ifsvar/ /ifs/.ifsvar/ /ifs/.ifsvar/ /ifs/.ifsvar/ /ifs/.ifsvar/modules/ /ifs/.ifsvar/modules/ /ifs/.ifsvar/modules/ /ifs/.ifsvar/modules/ /ifs/.ifsvar/modules/ /ifs/.ifsvar/modules/ /ifs/.ifsvar/modules/ /ifs/.ifsvar/modules/ /ifs/.ifsvar/modules/ /ifs/.ifsvar/modules/ /ifs/.ifsvar/modules/ /ifs/.ifsvar/modules/ /ifs/.ifsvar/modules/ /ifs/.ifsvar/modules/ /ifs/ /ifs/.ifsvar/etc/ /ifs/.ifsvar/iscsi/ /ifs/.ifsvar/iscsi/ /ifs/.ifsvar/modules/ /ifs/.ifsvar/modules/ /ifs/.ifsvar/ /ifs/.ifsvar/ /ifs/.ifsvar/etc/ /ifs/.ifsvar/etc/
299
0.2 0.2 0.2 0.2 0.2 0.2 0.2 0.2 0.2 0.2 0.2 0.2 0.1 0.1 0.1 0.1 0.1 0.1 0.1 0.1
2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2
lock lock lock lock lock lock lock lock lookup lookup lookup lookup blocked blocked lock lock lock lookup lookup lookup
other other other other other other other other namespace_read namespace_read namespace_read namespace_read other other other other other namespace_read namespace_read namespace_read
/ifs/.ifsvar/etc/ /ifs/.ifsvar/iscsi/ /ifs/.ifsvar/iscsi/ /ifs/.ifsvar/modules/ /ifs/.ifsvar/modules/ /ifs/.ifsvar/modules/ /ifs/.ifsvar/modules/ /ifs/.ifsvar/modules/ /ifs/.ifsvar/ /ifs/.ifsvar/ /ifs/.ifsvar/etc/ /ifs/.ifsvar/modules/ /ifs/.ifsvar/modules/ /ifs/.ifsvar/modules/ /ifs/.ifsvar/modules/ /ifs/.ifsvar/modules/ /ifs/.ifsvar/modules/ /ifs/.ifsvar/modules/ /ifs/.ifsvar/modules/ /ifs/.ifsvar/modules/
The following command displays a report with no more than three rows after results have been combined according to their event type. isi statistics heat --limit=3 --totalby=event The system displays output similar to the following example: Ops N/s 113.6 54.0 17.4 Node * * * Event lock lookup getattr Class Path * * * * * *
isi statistics history

The isi statistics history command displays historical statistics. Syntax isi statistics history --stats=<string> [--csv] [--csvstring=<string>] [-noheader] [--top] [--interval=<number>] [--repeat=<number>] [--degraded] [--timeout=<number>] [--nodes=<value>] [--onecolumn] [--formattime] [--begin=<number>] [--end=<number>] [--resolution=<number>] [--zero] Options --stats=<string>, -s<string> Required. Species which statistics should be reported for requested nodes. To view a list of valid statistics keys, run the following command: isi statistics list stats. --csv, -c Displays data as comma-separated value list. Note: --csv disables top-style display and dynamic unit conversion. When dynamic conversion is disabled, bytes are displayed in their long form without multipliers (for example, the full number of 1042.3 is displayed instead of rounding it to 1K).
300
--csvstring=<string>, -C<string> Display data as csv-style separated list with specied string as separator. For example, to separate the data with single spaces, specify --csvstring=" ". Note: --csvstring overrides --csv, if specied, and disables top-style display and dynamic unit conversion. When dynamic conversion is disabled, bytes are displayed in their long form without multipliers (for example, the full number of 1042.3 is displayed instead of rounding it to 1K). --noheader Does not display column headers. --top, -t Displays results in top-style display, where data is continuously overwritten in a single table. Note: If specied without the --repeat option, reports run indenitely. To stop reports while running indenitely, press Ctrl+C. --interval=<number>, -i<number> Displays reports at the specied interval. Specify in seconds. The default interval is 5 seconds. Note: If specied without the --repeat option, reports run indenitely. To stop reports while running indenitely, press Ctrl+C. --repeat=<number>, -r<number> Species how many times to run the report before quitting. Note: To run the report indenitely, specify -1. To stop reports while running indenitely, press Ctrl+C. --degraded, -d Causes report not to stop even if some nodes do not respond. --timeout=<number>, -o<number> Species number of seconds before remote commands timeout. --nodes=<value>, -n<value> Species which nodes to report statistics on. The following values are valid: all * <int> <int>-<int> local
Multiple values can be specied in a comma-separated list. The default node is the local node. --onecolumn, -l Displays output one series at a time in one column rather than on a grid. --formattime, -F Formats series times rather than using epoch seconds. --begin=<number> Species begin time. If a positive number, time is specied in epoch seconds. If a negative number, time is specied relative to the current time (in seconds). --end=<number>
301
Species end time. If a positive number, time is specied in epoch seconds. If a negative number, time is specied relative to the current time (in seconds). --resolution=<number> Species the minimum interval between series data points in seconds. --zero Displays rows with no values that are otherwise hidden. Examples The following command displays statistics on how many bytes of physical system memory were in use for the past minute: isi statistics history --stats=node.memory.used --begin=-60 --end=-0 --formattime The system displays output similar to the following example: Statistic node.memory.used Time/Node 1 05/16/11-16:11:10 3969814528 05/16/11-16:11:15 3969814528 05/16/11-16:11:20 3969814528 05/16/11-16:11:25 3969835008 05/16/11-16:11:30 3969851392 05/16/11-16:11:35 3969818624 05/16/11-16:11:40 3969830912 05/16/11-16:11:45 3969830912 05/16/11-16:11:50 3969830912 05/16/11-16:11:55 3969798144 05/16/11-16:12:00 3969798144 05/16/11-16:12:05 3978104832 The following command displays statistics on the number of L2 meta-data cache read misses in bytes per second and the average write size for disk with index 0 between 2:04:01pm and 2:04:31pm on May 3, 2011: isi statistics history --stats=node.ifs.cache.l2.meta.read.miss,node.disk.xfer.size.in.0 --begin=1304456641 --end=1304456672 --formattime The system displays output similar to the following example: Statistic node.ifs.cache.l2.meta.read.miss node.disk.xfer.size.in.0 Time/Node 1 1 05/03/11-14:04:01 0.0 05/03/11-14:04:06 0.0 8192.0 05/03/11-14:04:11 0.0 6655.99965668 05/03/11-14:04:16 0.0 8192.0 05/03/11-14:04:21 0.0 7679.99969482 05/03/11-14:04:26 0.0 16469.3320279 05/03/11-14:04:31 0.0 7679.99969482 The following command displays the same data in single column form: --stats=node.ifs.cache.l2.meta.read.miss,node.disk.xfer.size.in.0 --begin=1304456641 --end=1304456672 --formattime --onecolumn The system displays output similar to the following example: Statistic node.ifs.cache.l2.meta.read.miss node.ifs.cache.l2.meta.read.miss Node Time Value 1 05/03/11-14:04:01 0.0 1 05/03/11-14:04:06 0.0
302
node.ifs.cache.l2.meta.read.miss node.ifs.cache.l2.meta.read.miss node.ifs.cache.l2.meta.read.miss node.ifs.cache.l2.meta.read.miss node.ifs.cache.l2.meta.read.miss node.disk.xfer.size.in.0 node.disk.xfer.size.in.0 node.disk.xfer.size.in.0 node.disk.xfer.size.in.0 node.disk.xfer.size.in.0 node.disk.xfer.size.in.0
1 1 1 1 1 1 1 1 1 1 1
05/03/11-14:04:11 05/03/11-14:04:16 05/03/11-14:04:21 05/03/11-14:04:26 05/03/11-14:04:31 05/03/11-14:04:02 05/03/11-14:04:07 05/03/11-14:04:12 05/03/11-14:04:17 05/03/11-14:04:22 05/03/11-14:04:27
0.0 0.0 0.0 0.0 0.0 8192.0 6655.99965668 8192.0 7679.99969482 16469.3320279 7679.99969482
isi statistics list all

The isi statistics list all command displays a list of valid arguments to list mode. Syntax isi statistics list all [--client] [--protocol] [--heat] [--drive] Options If no options are specied, all valid arguments are displayed. --client Displays valid option values for client mode. --protocol Displays valid option values for protocol mode. --heat Displays valid option values for heat mode. --drive Displays valid option values for drive mode. Examples To view a list of valid option values for client mode, run the following command: isi statistics list all --client The system displays output similar to the following example: classes nodes nooutput orderby output protocols totalby
303
isi statistics list classes

The isi statistics list classes command displays a list of valid arguments to the --classes option. Syntax isi statistics list classes [--client] [--protocol] [--heat] Options If no options are specied, all valid arguments are displayed. --client Displays valid option values for client mode. --protocol Displays valid option values for protocol mode. --heat Displays valid option values for heat mode. Examples To view a list of valid option values for client mode, run the following command: isi statistics list classes --client The system displays output similar to the following example: ALL create delete file_state namespace_read namespace_write other read session_state unimplemented write
isi statistics list events

The isi statistics list events command displays a list of valid arguments to the --events option. Syntax isi statistics list events [--client] [--protocol] [--heat] [--drive] Options If no options are specied, all valid arguments are displayed. --client Displays valid option values for client mode. --protocol
304
Displays valid option values for protocol mode. --heat Displays valid option values for heat mode. --drive Displays valid option values for drive mode. Examples To view a list of valid option values for client mode, run the following command: isi statistics list events --client The system displays output similar to the following example: ALL create delete file_state namespace_read namespace_write other read session_state unimplemented write
isi statistics list nodes

The isi statistics list nodes command displays a list of valid arguments to the --nodes option. Syntax isi statistics list nodes [--protocol] [--drive] Options If no options are specied, all valid arguments are displayed. --protocol Displays valid option values for protocol mode. --drive Displays valid option values for drive mode. Examples To view a list of valid option values for client mode, run the following command: isi statistics list nodes --client The system displays output similar to the following example: 1 2 3
305
isi statistics list nooutput

The isi statistics list nooutput command displays a list of valid arguments to the --nooutput option. Syntax isi statistics list nooutput [--client] [--protocol] [--heat] [--drive] Options If no options are specied, all valid arguments are displayed. --client Displays valid option values for client mode. --protocol Displays valid option values for protocol mode. --heat Displays valid option values for heat mode. --drive Displays valid option values for drive mode. Examples To view a list of valid option values for client mode, run the following command: isi statistics list nooutput --client The system displays output similar to the following example: Class In InAvg InMax InMin LocalAddr LocalName Node NumOps Ops Out OutAvg OutMax OutMin Proto RemoteAddr RemoteName TimeAvg TimeMax TimeMin TimeStamp UserId UserName
306
isi statistics list operations

The isi statistics list operations command displays a list of valid arguments to the --operations option. Syntax isi statistics list operations Options There are no options for this command. Examples To view a list of valid option values, run the following command: isi statistics list operations
isi statistics list orderby

The isi statistics list orderby command displays a list of valid arguments to the --orderby option. Syntax isi statistics list orderby [--client] [--protocol] [--heat] [--drive] Options If no options are specied, all valid arguments are displayed. --client Displays valid option values for client mode. --protocol Displays valid option values for protocol mode. --heat Displays valid option values for heat mode. --drive Displays valid option values for drive mode. Examples To view a list of valid option values for client mode, run the following command: isi statistics list orderby --client The system displays output similar to the following example: Class In InAvg InMax InMin LocalAddr
307
LocalName Node NumOps Ops Out OutAvg OutMax OutMin Proto RemoteAddr RemoteName TimeAvg TimeMax TimeMin TimeStamp UserId UserName
isi statistics list output

The isi statistics list output command displays a list of valid arguments to the --output option. Syntax isi statistics list output [--client] [--protocol] [--heat] [--drive] Options If no options are specied, all valid arguments are displayed. --client Displays valid option values for client mode. --protocol Displays valid option values for protocol mode. --heat Displays valid option values for heat mode. --drive Displays valid option values for drive mode. Examples To view a list of valid option values for client mode, run the following command: isi statistics list output --client The system displays output similar to the following example: Class In InAvg InMax InMin LocalAddr LocalName Node NumOps
308
Ops Out OutAvg OutMax OutMin Proto RemoteAddr RemoteName TimeAvg TimeMax TimeMin TimeStamp UserId UserName
isi statistics list protocols

The isi statistics list protocols command displays a list of valid arguments to the --protocols option. Syntax isi statistics list protocols [--client] [--protocol] Options If no options are specied, all valid arguments are displayed. --client Displays valid option values for client mode. --protocol Displays valid option values for protocol mode. Examples To view a list of valid option values for client mode, run the following command: isi statistics list protocols --client The system displays output similar to the following example: ftp http irp iscsi jobd lsass_in lsass_out nfs3 nfs4 nlm siq smb1 smb2
309
isi statistics list stats

The isi statistics list stats command displays a list of valid arguments to the --stats option. Syntax isi statistics list stats [--client] [--protocol] [--heat] [--drive] Options If no options are specied, all valid arguments are displayed. Examples To view a list of valid option values, run the following command: isi statistics list stats
isi statistics list totalby

The isi statistics list totalby command displays a list of valid arguments to --protocols option. Syntax isi statistics list totalby [--client] [--protocol] [--heat] [--drive] Options If no options are specied, all valid arguments are displayed. --client Displays valid option values for client mode. --protocol Displays valid option values for protocol mode. --heat Displays valid option values for heat mode. --drive Displays valid option values for drive mode. Examples To view a list of valid option values for client mode, run the following command: isi statistics list totalby --client The system displays output similar to the following example: Class LocalAddr LocalName Node Proto RemoteAddr RemoteName
310
UserId UserName
isi statistics protocol

The isi statistics protocol command displays statistics by protocol, such as NFS3, HTTP and others. Syntax isi statistics drive [--csv] [--csvstring=<string>] [--noconversion] [-noheader] [--top] [--interval=<number>] [--repeat=<number>] [--degraded] [--timeout=<number>] [--nodes=<value>] [--protocols=<value>] [--classes=<string>] [--orderby=<string>] [--total] [--totalby=<value>] [--nooutput=<string>] [--output=<string>] [--long] [--zero] [--operations=<string>] Operations If no options are specied, displays a single report including information on all protocols, classes, operations and nodes. --csv, -c Displays data as comma-separated value list. Note: --csv disables top-style display and dynamic unit conversion. When dynamic conversion is disabled, bytes are displayed in their long form without multipliers (for example, the full number of 1042.3 is displayed instead of rounding it to 1K). --csvstring=<string>, -C<string> Display data as csv-style separated list with specied string as separator. For example, to separate the data with single spaces, specify --csvstring=" ". Note: --csvstring overrides --csv, if specied, and disables top-style display and dynamic unit conversion. When dynamic conversion is disabled, bytes are displayed in their long form without multipliers (for example, the full number of 1042.3 is displayed instead of rounding it to 1K). --noconversion Displays bytes in their long form without multipliers (for example, the full number of 1042.3 is displayed instead of rounding it to 1K). --noheader Does not display column headers. --top, -t Displays results in top-style display, where data is continuously overwritten in a single table. Note: If specied without the --repeat option, reports run indenitely. To stop reports while running indenitely, press Ctrl+C. --interval=<number>, -i<number> Displays reports at the specied interval. Specify in seconds. The default interval is 5 seconds. Note: If specied without the --repeat option, reports run indenitely. To stop reports while running indenitely, press Ctrl+C. --repeat=<number>, -r<number>
311
Species how many times to run the report before quitting. Note: To run the report indenitely, specify -1. To stop reports while running indenitely, press Ctrl+C. --degraded, -d Causes report not to stop even if some nodes do not respond. --timeout=<number>, -o<number> Species number of seconds before remote commands timeout. --nodes=<value>, -n<value> Species which nodes to report statistics on. The following values are valid: all * <int> <int>-<int> local
Multiple values can be specied in a comma-separated list. The default setting is all nodes. --protocols=<value> Species on which protocols statistics are reported. The following values are valid: all ftp http irp iscsi jobd nfs4 nfs3 nlm siq smb1 smb2
Multiple values can be specied in a comma-separated list. The default setting is all protocols. --classes=<string> Species the classes on which statistics are reported. The following values are valid: all All classes create File, link, node, stream, and directory creation delete File, link, node, stream, and directory deletion file_state Open, close; locking: acquire, release, break, check; notication
312
namespace_read Attribute, stat, and ACL reads; lookup, directory reading namespace_write Renames; attribute setting; permission, time, and ACL writes other File-system information, other operations that cannot be categorized read File and stream reading session_state Negotiation, inquiry, or manipulation of protocol connection or session state write File and stream writing --orderby=<string> Species how rows are ordered. The following values are valid: --total Groups and aggregates results as implied by ltering options. Filtering options include: --classes, --nodes, --operations, --protocols. --totalby=<value> Aggregates results according to specied elds. The following values are valid: Class Node Op Class In InAvg InMax InMin InStdDev Node NumOps Op Ops Out OutAvg OutMax OutMin OutStdDev Proto TimeAvg TimeMax TimeMin TimeStamp TimeStdDev
313
Proto Note: --totalby overrides --total option, if specied.
--nooutput=<string> Species which columns are not displayed. Columns are excluded from the list of currently active columns specied by the --output option or --long options, or from the default column list if it has not been overridden by other output options. --output=<string> Species which columns to display. The following values are valid: Class Displays the class of the operation. In Displays the rate of input for an operation since the last time isi statistics collected the data. Displayed in bytes per second. InAvg Displays the average input (received) bytes for an operation since the last time the system collected the data. InMax Displays the maximum input (received) bytes for an operation since the last time the system collected the data. InMin Displays the minimum input (received) bytes for an operation since the last time the system collected the data. InStdDev Displays the standard deviation of the input (received) bytes for an operation since the last time the system collected the data. Displayed in bytes. Node Displays the node on which the operation was performed. NumOps Displays the number of times an operation has been performed since the last time the system collected the data. Op Displays the name of the operation. Ops Displays the rate at which an operation has been performed since the last time the system collected the data. Displayed in operations per second. Out Displays the rate of output for an operation since the last time isi statistics collected the data. Displayed in bytes per second. OutAvg Displays the average output (sent) bytes for an operation since the last time the system collected the data. OutMax Displays the maximum output (sent) bytes for an operation since the last time the system collected the data.
314
OutMin Displays the minimum output (sent) bytes for an operation since the last time the system collected the data. OutStdDev Displays the standard deviation of the output (sent) bytes for an operation since the last time the system collected the data. Displayed in bytes. Proto Displays the protocol of the operation. TimeAvg Displays the average elapsed time taken to complete an operation since the last time the system collected the data. Displayed in microseconds. TimeMax Displays the maximum elapsed time taken to complete an operation since the last time the system collected the data. Displayed in microseconds. TimeMin Displays the minimum elapsed time taken to complete an operation since the last time the system collected the data. Displayed in microseconds. TimeStamp Displays the time at which the isi statistics tool last gathered data. Displayed in POSIX time (number of seconds elapsed since January 1, 1970). --long Displays all possible columns. --zero Displays rows with no values that are otherwise hidden. --operations=<string> Species the operations on which statistics are reported. To view a list of valid values, run the following command: isi statistics list operations. Examples The following command displays the average, maximum, minimum and rate of input every minute for 3 minutes. isi statistics protocol --output=op,in,inmin,inmax,inavg --repeat=3 --interval=60 The system displays output similar to the following example: Op get upload create close query_directory query_info read In InMin InMax InAvg B/s B B B 136.5 719 719 719.0 192.4 1 736 101.3 103.8 228 292 260.0 36.7 92 92 92.0 41.1 98 108 103.0 64.7 108 108 108.0 9.3K 117 117 117.0 719 1 117 719 719 719.0 736 101.3 117 117.0 719 719.0
get 143.2 upload 201.8 read 9.4K get 143.2
315
upload 201.8 read 9.7K
1 117
736 101.3 117 117.0
The following command displays a report that includes HTTP operations get and upload every 20 seconds for 1 minute: isi statistics protocol --protocols=http --operations=get,upload --repeat=3 --interval=20 The system displays output similar to the following example: Ops In Out TimeAvg TimeStdDev Node Proto Class Op N/s B/s B/s us us 0.2 146.7 49.0 109570.0 0.0 1 http read get 1.7 200.9 0.0 8452.0 23899.0 1 http write upload 0.2 131.7 44.0 17057.0 0.0 0.4 136.3 0.0 7111513.5 10057196.0 0.2 134.1 43.8 120820.0 1.9 189.7 0.0 1470723.1 0.0 4623884.5 1 1 1 1 http read get http write upload http read get http write upload
isi statistics pstat

The isi statistics pstat command displays a selection of cluster-wide and protocol data. Syntax isi statistics pstat [--csv] [--csvstring=<string>] [--noconversion] [--noheader] [--top] [--interval=<number>] [--repeat=<number>] [--degraded] [--timeout=<number>] [--protocol=<value>] Options If no options are specied, displays a single report with information on the NFS3 protocol. --csv, -c Displays data as comma-separated value list. Note: --csv disables top-style display and dynamic unit conversion. --csvstring=<string>, -C<string> Display data as csv-style separated list with specied string as separator. For example, to separate the data with single spaces, specify --csvstring=" ". Note: --csvstring overrides --csv, if specied, and disables top-style display and dynamic unit conversion. --noconversion Displays numerical values in long form, without dynamic conversion. For example, what appears as 1K without the parameter specied, appears as 1000 with it specied. --noheader Does not display column headers. --top, -t Displays results in top-style display, where data is continuously overwritten in a single table.
316
Note: If specied without the --repeat option, reports run indenitely. To stop reports while running indenitely, press Ctrl+C. --interval=<number>, -i<number> Displays reports at the specied interval. Specify in seconds. The default interval is 5 seconds. Note: If specied without the --repeat option, reports run indenitely. To stop reports while running indenitely, press Ctrl+C. --repeat=<number>, -r<number> Species how many times to run the report before quitting. Note: To run the report indenitely, specify -1. To stop reports while running indenitely, press Ctrl+C. --degraded, -d Causes report not to stop even if some nodes do not respond. --timeout=<number>, -o<number> Species number of seconds before remote commands timeout. --protocols=<value> Species which protocols to report statistics on. The following values are valid: ftp http irp iscsi jobd lsass_in lsass_out n1m nfs3 nfs4 siq smb1 smb2
The default protocol is NFS3. Examples To view statistics on cluster wide http protocol information, run the following command: isi statistics pstat --protocol=http The system displays output similar to the following example: ___________________________HTTP Operations Per Second__________________________ get 0.00/s put 0.00/s post 0.00/s delete 0.00/s connect 0.00/s options 0.00/s trace 0.00/s null 0.00/s head 0.00/s upload 0.00/s download 0.00/s TOTAL 0.00/s ___CPU Utilization___ user 0.1% _____OneFS Stats_____ In 0.01
317
MB/s system MB/s idle MB/s
0.6% 99.3% ____Network Output___ MB/s 0.00 Pkt/s Errors/s 2.40 0.00
Out Total
0.00 0.01
____Network Input____ MB/s 0.01 iops Pkt/s 123.40 MB/s Errors/s 0.00 MB/s
_______Disk I/O______ Disk 20.80 Read Write 0.00 0.12
isi statistics query

The isi statistics query command displays highly customizable information on any statistic in the cluster statistics library. Syntax isi statistics query --stats=<Statistics> [--csv] [--csvstring=<string>] [--noconversion] [--noheader] [--top] [--interval=<number>] [--repeat=<number>] [--degraded] [--timeout=<number>] [--nofooter] [--nodes=<value>] Options --stats=<Statistics>, -s<Statistics> Required. Species which statistics should be reported for requested nodes. Enter the isi statistics list stats command for a complete list of statistics keys. --csv, -c Displays data as comma-separated value list. Note: --csv disables top-style display and dynamic unit conversion. When dynamic conversion is disabled, bytes are displayed in their long form without multipliers (for example, the full number of 1042.3 is displayed instead of rounding it to 1K). --csvstring=<string>, -C<string> Display data as csv-style separated list with specied string as separator. For example, to separate the data with single spaces, specify --csvstring=" ". Note: --csvstring overrides --csv, if specied, and disables top-style display and dynamic unit conversion. When dynamic conversion is disabled, bytes are displayed in their long form without multipliers (for example, the full number of 1042.3 is displayed instead of rounding it to 1K). --noconversion Displays bytes in their long form without multipliers (for example, the full number of 1042.3 is displayed instead of rounding it to 1K). --noheader Does not display column headers. --top, -t Displays results in top-style display, where data is continuously overwritten in a single table.
318
Note: If specied without the --repeat option, reports run indenitely. To stop reports while running indenitely, press Ctrl+C. --interval=<number>, -i<number> Displays reports at the specied interval. Specify in seconds. The default interval is 5 seconds. Note: If specied without the --repeat option, reports run indenitely. To stop reports while running indenitely, press Ctrl+C. --repeat=<number>, -r<number> Species how many times to run the report before quitting. Note: To run the report indenitely, specify -1. To stop reports while running indenitely, press Ctrl+C. --degraded, -d Causes report not to stop even if some nodes do not respond. --timeout=<number>, -o<number> Species number of seconds before remote commands timeout. --nofooter Does not display the row that contains aggregation (titled average). This option only applies when the given <Statistics> contain averages. --nodes=<value>, -n<value> Species which nodes to report statistics on. The following values are valid: all * <int> <int>-<int> local
Multiple values can be specied in a comma-separated list. The default node is the local node. Examples To view statistics on how many bytes of physical system memory are in use, run the following command: isi statistics query --stats=node.memory.used The system displays output similar to the following example: NodeID node.memory.used 1 3969990656 average 3969990656 To view statistics on how many bytes of physical system memory are in use without table headings or the "average" row, run the following command: isi statistics query --stats=node.memory.used --noheader --nofooter The system displays output similar to the following example: 1 3970002944
319
isi statistics system

The isi statistics system command displays general cluster statistics, including throughput or operation rates for primary customer protocols, as well as network and disk trafc. Syntax isi statistics system [--csv] [--csvstring=<string>] [--noconversion] [-noheader] [--top] [--interval=<number>] [--repeat=<number>] [--degraded] [--timeout=<number>] [--running=<number>] [--nodes] [--timestamp] [--oprates] Options If no options are specied, displays one report of the cluster totals (in row All) only. --csv, -c Displays data as comma-separated value list. Note: --csv disables top-style display and dynamic unit conversion. When dynamic conversion is disabled, bytes are displayed in their long form without multipliers (for example, the full number of 1042.3 is displayed instead of rounding it to 1K). --csvstring=<string>, -C<string> Display data as csv-style separated list with specied string as separator. For example, to separate the data with single spaces, specify --csvstring=" ". Note: --csvstring overrides --csv, if specied, and disables top-style display and dynamic unit conversion. When dynamic conversion is disabled, bytes are displayed in their long form without multipliers (for example, the full number of 1042.3 is displayed instead of rounding it to 1K). --noconversion Displays bytes in their long form without multipliers (for example, the full number of 1042.3 is displayed instead of rounding it to 1K). --noheader Does not display column headers. --top, -t Displays results in top-style display, where data is continuously overwritten in a single table. Note: If specied without the --repeat option, reports run indenitely. To stop reports while running indenitely, press Ctrl+C. --interval=<number>, -i<number> Displays reports at the specied interval. Specify in seconds. The default interval is 5 seconds. Note: If specied without the --repeat option, reports run indenitely. To stop reports while running indenitely, press Ctrl+C. --repeat=<number>, -r<number> Species how many times to run the report before quitting. Note: To run the report indenitely, specify -1. To stop reports while running indenitely, press Ctrl+C. --degraded, -d
320
Causes report not to stop even if some nodes do not respond. --timeout=<number>, -o<number> Species number of seconds before remote commands timeout. --running=<number> Includes a row labeled Avg that displays a running average of cluster totals. The number of cluster totals included in the average is based on the specied <number> of samples. Cluster totals are displayed in the row labeled All. --nodes Displays information on individual nodes. --timestamp Displays a column containing the POSIX time stamp. --oprates Displays protocol operation rate statistics instead of the default throughput statistics. Examples The following command displays a report every 5 seconds for 25 seconds and displays a running average of the last two total cluster values: isi statistics system --interval=5 --repeat=5 --running=2 The system displays output similar to the following example: Node CPU LNN %Used All 1.1 Avg 1.1 All Avg All Avg All Avg All Avg 1.1 1.1 3.7 2.4 3.7 3.7 1.9 2.8 SMB B/s 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 FTP B/s 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 HTTP ISCSI B/s B/s 0.0 123.3 0.0 123.3 0.0 123.3 0.0 123.3 0.0 114.7 0.0 119.0 0.0 114.7 0.0 114.7 0.0 0.0 57.4 86.1 NFS Total NetIn NetOut DiskIn DiskOut B/s B/s B/s B/s B/s B/s 0.0 123.3 8.3K 167.6 91K 0.0 0.0 123.3 8.3K 167.6 91K 0.0 0.0 123.3 0.0 123.3 0.0 114.7 0.0 119.0 0.0 114.7 0.0 114.7 0.0 0.0 57.4 86.1 8.3K 8.3K 6.7K 7.5K 6.7K 6.7K 8.9K 7.8K 167.6 167.6 186.8 177.2 186.8 186.8 118.4 152.6 91K 91K 256K 173K 256K 256K 131K 193K 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0
isi status
The isi status command displays information on the current status of the cluster, alerts and jobs. Syntax isi status [-q] [-w] [-D] [-d [<DiskpoolName>] [-v]] [-n [<NodeID>]] Options If no options are specied, displays cluster information, critical events, cluster job status, and the basic identication, statistics and usage for each node. -q
321
Displays information on the status of the cluster only. -w Displays results without truncations. -D Displays more detailed information on running protection operations, including a list of workers processes. Also displays more information on failed protection operations, including a list of errors. -d [<DiskpoolName>] Displays a diskpool view of the le system instead of a cluster view. If <DiskpoolName> is specied, only information for the specied pool is displayed. -v Displays a list of which nodes are in each diskpool. -n [<NodeID>] Displays information on individual nodes along with statistics for each disk in the nodes. If <NodeID> is specied, only information on the specied node is displayed. Examples To view information on the cluster, critical events, cluster job status, and the basic identication, statistics and usage for each node, run the following command: isi status The system displays output similar to the following example: Cluster Name: TechPubs Cluster Health: [ATTN] Cluster Storage: HDD Size: 6.0T (6.0T Raw) VHS Size: 0 Used: 2.0G (< 1%) Avail: 6.0T (> 99%)
SSD 0 0 (n/a) 0 (n/a)
Health Throughput (bps) HDD Storage SSD Storage ID |IP Address |DASR| In Out Total| Used / Size |Used / Size ---+---------------+----+-----+-----+-----+------------------+----------------1|192.168.7.141 |-A--| 0| 0| 0| 695M/ 2.5T(< 1%)| (No SSDs) 2|192.168.7.142 |-A--| 0| 0| 0| 698M/ 1.8T(< 1%)| (No SSDs) 3|192.168.7.143 | OK | 0| 0| 0| 698M/ 1.8T(< 1%)| (No SSDs) ------------------------+-----+-----+-----+------------------+----------------Cluster Totals: | 0| 0| 0| 2.0G/ 6.0T(< 1%)| (No SSDs)
Health Fields: D = Down, A = Attention, S = Smartfailed, R = Read-Only Critical Events: 05/04 10:54 05/05 13:05 05/05 13:05 1 One or more drives (bay(s) 7 / type(s) HDD) are ready to be... 2 External network link ext-2 (em1) down 1 External network link ext-2 (em1) down
Cluster Job Status: No running jobs. No paused or waiting jobs.
322
No failed jobs. Recent job results: Time Job --------------- -------------------------05/09 14:21:35 SnapshotDelete[30] 05/09 14:41:37 SnapshotDelete[31] 05/09 14:51:41 SnapshotDelete[32] 05/09 15:01:40 SnapshotDelete[33] 05/09 15:11:36 SnapshotDelete[34] 05/09 22:00:17 SmartPools[35] 05/09 22:00:50 FSAnalyze[36] 05/09 22:12:03 SnapshotDelete[37] Event -----------------------------Succeeded (MEDIUM) Succeeded (MEDIUM) Succeeded (MEDIUM) Succeeded (MEDIUM) Succeeded (MEDIUM) Succeeded (LOW) Succeeded (LOW) Succeeded (MEDIUM)
The following command displays information on the node with a logical node number of 1: isi status -n 1 Node LNN: Node ID: Node Name: Node IP Address: Node Health: Node SN: Member of Disk Pool: Node Capacity: Available: Used: 1 1 TechPubs-1 192.168.7.141 -A-05290026S N/A 2.5T 2.5T (> 99%) 696M (< 1%)
Network Status: See 'isi networks list interfaces -v' for more detail or man(8) isi. Internal: 2 IB network interfaces (1 up, 1 down) External: 2 GbE network interfaces (1 up, 1 down) 1 Aggregated network interfaces (0 up, 1 down) Disk Drive Status: Bay 1 <0> Bay 2 <3> 170Kb/s 26Kb/s [HEALTHY] [HEALTHY] Bay 5 <1> 13Kb/s [HEALTHY] Bay 9 <2> 263Kb/s [HEALTHY] Bay 6 <4> 74Kb/s [HEALTHY] Bay 10 <5> 74Kb/s [HEALTHY] Bay 3 <6> 310Kb/s [HEALTHY] Bay 7 <N/A> 0b/s [EMPTY] Bay 11 <7> 0b/s [HEALTHY] Bay 4 <8> 34Kb/s [HEALTHY] Bay 8 <9> 819b/s [HEALTHY] Bay 12 <10> 13Kb/s [HEALTHY]
isi sync bandwidth create

The isi sync bandwidth command create bandwidth limits that control how much SyncIQ-generated network trafc the cluster can process during specied time periods.. Syntax isi sync bandwidth create [--interval=]<Interval> [--days=]<Days> [--limit=]<Limit> [--desc=<Description>]
323
OneFS Command Reference Options --interval=<Interval>, -I=<Interval> Required. Species a time range during the specied days that the bandwidth limit is active. Specify in form hh-mm-hh:mm; for example: 12:35-17:43. --days=<Days>, -d=<Days> Required. Species days of the week when the bandwidth limit is active. Multiple <Days> can be specied in comma-separated lists. Ranges of <Days> can be specied with dash-separated ranges. The following values are valid: Valid Value X M T W R F S Corresponding Day Sunday Monday Tuesday Wednesday Thursday Friday Saturday
For example, specifying --days=X,W-F causes the bandwidth limit to be active on Sunday, Wednesday, Thursday and Friday. --limit=<Limit>, L=<Limit> Required. Species the bandwidth limit in kilobits per second. --desc=<Description> Species a description of this bandwidth limit. Examples The following command limits the bandwidth to 100 kilobits per second from 1:00pm to 2:00pm every Friday, Saturday, Sunday and Wednesday: isi sync bandwidth create 13:00-14:00 F-X,W 100 --desc="This bandwidth is an example"
isi sync bandwidth delete

The isi sync bandwidth delete command deletes an existing bandwidth limit. Syntax isi sync bandwidth delete [--bw=]<BW> Options --bw=<BW> Required. Species the bandwidth ID of the bandwidth limit being deleted. To delete all bandwidth limits, specify all.
324
OneFS Command Reference Examples The following command deletes a bandwidth with an ID of 1: isi sync bandwidth delete 1
isi sync bandwidth disable

The isi sync bandwidth disable command disables an existing bandwidth limit without deleting it. Syntax isi sync bandwidth disable [--bw=]<BW> Options --bw=<BW> Required. Species the bandwidth ID of the bandwidth being disabled. To disable all bandwidths, specify all. Examples The following command disables a bandwidth with an ID of 1: isi sync bandwidth disable 1
isi sync bandwidth enable

The isi sync bandwidth enable command enables existing bandwidth limits. Syntax isi sync bandwidth enable [--bw=]<BW> Options --bw=<BW> Required. Species the bandwidth ID of the bandwidth limit being enabled. To enable all bandwidth limits, specify all. Example The following command example enables a bandwidth with an ID of 1: isi sync bandwidth enable 1
isi sync bandwidth list

The isi sync bandwidth list command displays a list of existing bandwidth limits that control how much SyncIQ-generated network trafc the cluster can process during specied time periods. Syntax isi sync bandwidth list [[--bw=]<BW>] [--mode=<string>] [--verbose] [--wide]
325
OneFS Command Reference Options If no options are specied, information on existing bandwidths is displayed in a table. --bw=<BW> Species bandwidth ID. --mode=<string>, -M<string> Sets the display mode. The following values are valid: default: Displays information on existing bandwidths in a table. This is the same as specifying nothing. full: Displays information on existing bandwidths in an indented list. This is the same as specifying --verbose.
--verbose, -v Displays information on existing bandwidths in an indented list. --wide, -w Displays tables in wide mode without truncations. Examples To view information about existing bandwidths in a table, run the following command: isi sync bandwidth list The system displays output similar to the following example: Id | Limit(kb/s) | State | Days | Time Interval | Description ---+-------------+-------+-------------+---------------+-------------------1 | 100 | off | Wed | 13:00-14:00 | This bandwidth is > 2 | 100 | on | Wed | 15:00-16:00 | This bandwidth is > 3 | 100 | on | Sun-Mon,Wed | 18:00-19:30 | This bandwidth is > 4 | 500 | on | Mon | 01:00-09:30 | This bandwidth is > To view information about existing bandwidths in an indented list, run the following command: isi sync bandwidth list --verbose The system displays output similar to the following example: Id = 1 Limit = 100 (kb/s) Description = This bandwidth is created as an example State = off Schedule: Days = Wed Interval = 10:00-12:00 ==== Id = 2 Limit = 100 (kb/s) Description = This bandwidth is created as an example State = on Schedule: Days = Wed Interval = 15:00-16:00 ==== Id = 3 Limit = 100 (kb/s) Description = This bandwidth is created as an example State = on Schedule:
326
Days = Sun-Mon,Wed Interval = 18:00-19:30 ==== Id = 4 Limit = 500 (kb/s) Description = This bandwidth is created as an example State = on Schedule: Days = Mon Interval = 01:00-09:30
isi sync bandwidth modify

The isi sync bandwidth modify command modies existing bandwidth limits that control how much SyncIQ-generated network trafc the cluster can process during specied time periods. Syntax isi sync bandwidth modify [--bw=]<BW> [--interval=<string>] [--days=<string>] [--limit=<number>] [--desc=<string>] Options You must specify at least one bandwidth limit attribute to modify. Specify one or more bandwidth limit attributes using the following options: --interval --days --limit --desc
--bw=<BW> Required. Species the bandwidth ID of the bandwidth limit being modied. --interval=<Interval>, -I=<Interval> Species a time range during the specied days that the bandwidth limit is active. Specify in form hh-mm-hh:mm; for example: 12:35-17:43. --days=<string>, -d<string> Species days of the week when the bandwidth limit is active. The days are specied as a comma-separated list with dash-separated ranges (for example: M,W-F). The following values are valid: Valid Value X M T W R F Corresponding Day Sunday Monday Tuesday Wednesday Thursday Friday
327
Valid Value S
Corresponding Day Saturday
--limit=<Limit>, L=<Limit> Species the bandwidth limit in kilobits per second. --desc=<string> Species a description of this bandwidth limit. Examples The following command sets the time interval to 10:00am to 1:00pm on the bandwidth limit with ID 1: isi sync bandwidth modify 1 --interval=10:00-13:00
isi sync config

The isi sync config command manages SyncIQ global conguration parameters. Syntax isi sync config [--restrict_by=<string>] [--target_restrict=<string>] [--force_interface=<string>] Options If no parameters are specied, the current global conguration settings are displayed. --restrict_by=<string> Species node restriction by subnet and pool name. Specify in the form <Subnet>:<Pool> (for example, subnet0:pool1). --target_restrict=<string> Determines whether to restrict target to its nodes in the target zone name. Valid values are on and off. --force_interface=<string> Forces the interface in the pool to be used for communication between sources and target clusters. Valid values are on and off. Examples The following command restricts the target to its nodes in the target zone name: isi sync config --target_restrict=on
isi sync jobs list

The isi sync jobs list command displays information on existing SyncIQ jobs. Syntax isi sync jobs list [[--job=]<PolicyName>] [--state=<string>] [--wide]
328
OneFS Command Reference Options If no options are specied, displays information on all existing jobs. --job=<PolicyName> Species the name of the policy that caused the job to run. --state=<string>, -S<string> Displays only jobs in the specied state. The following values are valid: default: Displays all jobs paused: Displays paused jobs running: Displays running jobs
The default setting is default. --wide, -w Displays results without truncations. Examples To view information on all existing jobs, run the following command: isi sync jobs list The system displays output similar to the following example: Name | Action | State | Started/Last run | Next Run/Duration -----------+--------+---------+-------------------+-----------------newPolicy1 | sync | on | Never | Not scheduled newPolicy2 | copy | Success | 05/09/11 13:29:07 | 5 secs newPolicy3 | copy | on | Never | 05/10/11 04:00:00
isi sync jobs pause

The isi sync jobs pause command pauses running SyncIQ jobs. Syntax isi sync jobs pause [--job=]<PolicyName> Options --job=<PolicyName> Required. Species the name of the policy that caused the job to run. Examples The following command pauses a job ran by a policy called newPolicy: isi sync jobs pause newPolicy
329
isi sync jobs report

The isi sync jobs report command displays reports on running SyncIQ jobs. Syntax isi sync jobs report [[--job=]<PolicyName>] [--mode=<string>] [--verbose] [--wide] Options If no options are specied, all reports are displayed. --job=<PolicyName> Species the name of the Policy that caused the job to run. --mode=<string>, -M<string> Species the display mode. The following values are valid: default: Displays information in a table. This is the same as specifying nothing. full: Displays information in an indented list. This is the same as specifying --verbose.
--verbose, -v Displays detailed information on the jobs. --wide, -w Displays results without truncations. Examples To view a report on running jobs, run the following command: isi sync jobs report The system displays output similar to the following example: Name | Act | St | Duration | Transfer | Throughput ----------+------+---------+----------+----------+----------newPolicy | sync | Success | 6 secs | 486B | 627b/s
isi sync jobs resume

The isi sync jobs resume command resumes paused SyncIQ jobs. Syntax isi sync jobs resume [--job=]<PolicyName> --job=<PolicyName> Required. Species the name of the Policy that caused the job to run. Examples The following command causes a job ran by newPolicy to resume running: isi sync jobs resume newPolicy
330
isi sync jobs stop

The isi sync jobs stop command cancels both running and paused SyncIQ jobs. Syntax isi sync jobs stop [--job=]<PolicyName> Options --job=<PolicyName> Required. Species the ID of the policy that caused to run the job to run. Examples The following command cancels a job that was ran by newPolicy: isi sync jobs stop newPolicy
isi sync pause

The isi cync pause command pauses SyncIQ application activity. Syntax isi sync pause [--quiet] Options If no options are specied, application activity is paused. --quiet, -q If command succeeds, does not display conrmation message. If an error occurs, error message is still displayed. Examples To pause application activity, run the following command: isi sync pause
isi sync policy assess

The isi sync policy assess command tests existing SyncIQ policies to determine how many les and directories would be processed and transferred if it were run. Syntax isi sync policy assess [--policy=]<Policy> Options --policy=<Policy> Required. Species the ID or name of the SyncIQ policy.
331
OneFS Command Reference Examples The following command tests newPolicy to determine how many les and directories would be processed and transferred if it were run. isi sync policy assess newPolicy
isi sync policy create

The isi sync policy create command creates SyncIQ policies. SyncIQ policies automate data synchronization between two Isilon IQ clusters. Syntax isi sync policy create [--name=]<Name> [--action=]<Action> [--target_clu=]<Target_Clu> [--target_path=]<TargetPath> [root_path=]<Root_Path> [--desc=<string>] [--passwd=<string>] [--include=<string>] [--exclude=<string>] [--predicate=<string>] [--schedule="<Interval> [<Frequency>]"] [--state=<string>] [--integrity=<string>] [--loglevel=<string>] [--logremoved=<string>] [--workers=<number>] [--snapshot=<string>] [--snapshot_pattern=<string>] [--snapshot_alias=<string>] [--snapshot_expiration=<string>] [--rotate_report_period=<string>] [--max_reports=<number>] [--restrict_by=<string>] [--target_restrict=<string>] [--force_interface=<string>] [--diff_sync=<string>] [--skip_bb_hash=<string>] [--rename_expiration=<string>] [--rename_pattern=<string>] Options --name=<Name>, -n=<Name> Required. Species a name for the new policy. --action=<Action>, -a=<Action> Species an action to perform on les. The following values are valid: copy: Adds copies of all les from source to target. sync: Replicates data on the source cluster to the target cluster, and deletes any les on the target that are not present on the source.
--target_clu=<Target_Cluster>, -C=<Target_Cluster>, --target_cluster=<Target_Cluster> Species the address of the target cluster. --target_path=<Target_Path>, -p=<Target_Path> Species the path to the target directory in the target cluster. If the action is set to copy, les are copied into this directory. If the action is set to sync, data is replicated to the target path and les not present in the root path are deleted from target path. --root_path=<Root_Path> Species the path to the root directory. If the action is set to copy, les are copied from this directory into the target directory. If set to sync, the target directory is synchronized with this directory (making the contents of the target directory identical to that of this directory). --desc=<string> Species an optional description of the policy. --passwd=<string> If a password is required by the target cluster, species the password.
332
--include=<Path>, -i<Path> Includes the specied directory in addition to the given root directory, which is included by default. You can include multiple paths by specifying multiple --include parameters, for example: isi sync policy create... -I/ifs/data/excluded1/one_to_include1 -I/ifs/excluded2/one_to_include2 --exclude=<Path>, -e<Path> Excludes the specied directory in the root path. You can exclude multiple paths by specifying multiple --exclude parameters, for example: isi sync policy create... -e/ifs/data/excluded1 -e/ifs/data/excluded2 --predicate=<string>, -P<string> Species which les are selected to be copied or synchronized (also known as the le-matching criteria or predicates). You can specify the following options when dening a predicate: -aolder <mm>/<dd>/<yyyy> [<HH>:<mm>], -aolder '<nn> [days|weeks|months|years] ago' Selects les that have not been accessed since the specied time. -anewer <mm>/<dd>/<yyyy> [<HH>:<mm>], -anewer '<nn> [days|weeks|months|years] ago' Selects les that have been accessed since the specied time. -atime '<nn> [days|weeks|months|years] ago' Selects les that were accessed during the specied time interval. -bolder <mm>/<dd>/<yyyy> [<HH>:<mm>], -bolder '<nn> [days|weeks|months|years] ago' Selects les that were created before the specied time. -bnewer <mm>/<dd>/<yyyy> [<HH>:<mm>], -bnewer '<nn> [days|weeks|months|years] ago' Selects les that were created after the specied time. -btime '<nn> [days|weeks|months|years] ago' Selects les that were created during the specied time interval. -colder <mm>/<dd>/<yyyy> [<HH>:<mm>], -colder '<nn> [days|weeks|months|years] ago' Selects les that have not been modied since the specied time. -cnewer <mm>/<dd>/<yyyy> [<HH>:<mm>], -cnewer '<nn> [days|weeks|months|years] ago' Selects les that have been modied since the specied time. -ctime '<nn> [days|weeks|months|years] ago' Selects les that were modied during the specied time interval. -size +<nn>[B|KB|MB|GB|TB|PB] Selects les that are larger than the specied size. The default sufx is KB. -size -<nn>[B|KB|MB|GB|TB|PB] Selects les that are smaller than the specied size. The default sufx is KB. -size <nn>[B|KB|MB|GB|TB|PB] Selects les that are the same size as the value specied. The default sufx is KB. -type <Type> Selects only the specied le-system object type. The following values are valid: f: Regular le d: Directory l: Soft link
-path <Path> Selects only the les on the path specied.
333
The following wildcards are valid: * , [ ] ?
-name <string> Selects only les whose names match the specied string. The following wildcards are valid: * , [ ] ?
-regex <POSIX_regular_expression> Selects only les whose names match the specied POSIX regular expression. IEEE Std 1003.2 (POSIX.2) regular expressions are supported. ! <Specication> Does not select les that meet the <Specication> that follows this value. For example, specifying ! -name *archive* will not select any les whose names contain archive. <Specication> -and <Specication> Selects les that meet both the <Specication> that comes before and the one that follows this value. For example, specifying -size +1GB -and -bnewer "01/01/2011" will select only les that are larger than 1GB and were created after January 1, 2011. <Specication> -or <Specication> Selects les that meet either the <Specication> that comes before or the one that follows this value. For example, specifying -size +1GB -or -bnewer "01/01/2011" will select any les that are larger than 1GB or created after January 1, 2011. --schedule="<Interval> [<Frequency>]", -S"<Interval> [<Frequency>]" Species a reoccurring time to run the job dened by the policy. <Interval> is required and can take one of the following forms: every <day of the week>[, ...] every [<number between 1 and 31>] day every [<number between 1 and 23>] weekday every [<number between 1 and 52>] week [on <day of the week>[, ...]] every [<number>] months [on the <number between 1 and 31>[st]] the {<number between 1 and 5>|last} <day of the week> every [<number between 1 and 12>] month the {<number between 1 and 23>|last} weekday every [<number between 1 and 12>] month the <number between 1 and 31>[st] every [<number between 1 and 31>[st]] month the last day every [<number between 1 and 31>[st]] month yearly on <month> [<number between 1 and 31>[st]]
334
If you want to only run the policy manually, leave the <string> value blank: --schedule="". --state=<string>, -s<string> Species whether the policy is enabled or disabled. Valid values are enabled and disabled. The default setting is enabled. --integrity=<string> Species whether to perform a checksum on each le data packet that is affected by the SyncIQ job. If enabled and checksum values do not match, SyncIQ retransmits the affected le data packet. Valid values are true and false. --loglevel=<string>, -l<string> Species the verbosity level of logging. The following values are valid, organized from least to most information: fatal error notice info copy debug trace
The default setting is info. --logremoved=<string> Determines whether to keep a log of information on the les removed by the sync action. This parameter does not apply if the policy is set to copy. Valid values are yes and no. --workers=<number> Species the number of workers per node. The number of workers is the maximum number of concurrent processes per node that can be used to perform SyncIQ operations. The default value is 3. --snapshot=<string> Determines whether a snapshot of the specied path on the target cluster is taken after each job is completed. Valid values are on or off. The default setting is off. --snapshot_pattern=<string> Species the snapshot naming pattern. The following variables can be used within the string to include snapshot-specic information: %{SrcCluster}: Source cluster %{PolicyName}: Name of policy %Y: Year %m: Month %d: Day %H: Hour %M: Minute
The default setting is SIQ-%{SrcCluster}-%{PolicyName}-%Y-%m-%d_%H-%M. --snapshot_alias=<string>
335
Species the naming pattern of the most recent snapshot. The following variables can be used within the string to include snapshot-specic information: %{SrcCluster}: Source cluster %{PolicyName}: Name of policy %Y: Year %m: Month %d: Day %H: Hour %M: Minute
The default setting is SIQ-%{SrcCluster}-%{PolicyName}-latest. --snapshot_expiration=<string> Species how long snapshots are kept before being automatically deleted. Valid values are "<number> <time>" and "off", where <time> can be one of the following: d[ay[s]] w[eek[s]] m[onth[s]] y[ear[s]]
--rotate_report_period=<string> Species how long SyncIQ reports are kept before being automatically deleted. Specify in the form of <number> <time>, where <time> can be one of the following: d[ay[s]] w[eek[s]] m[onth[s]] y[ear[s]]
--max_reports=number> Species the maximum number of reports to keep for this policy. --restrict_by=<string> If parameter target_restrict=true, does not connect to nodes outside of the specied subnet and pool. Specify in the form of <Subnet>:<Pool> (for example, subnet0:pool1). --target_restrict=<string> If set to true, only connects to the target-cluster nodes that are contained in the subnet and pool specied by the --restrict_by parameter. If set to false, Valid options are on and off. --force_interface=<string> Forces the interface in the pool to be used for communication between source and target cluster in the pool. Valid values are on and off. --diff_sync=<string> Prevents les on the root cluster that already exist on the target cluster from being sent to the target cluster during an initial synchronization. Valid values are on and off. --skip_bb_hash=<string>
! Caution: Specifying yes could result in a loss of data. It is recommended that you consult
Isilon Product Support before specifying yes. If set to true, skips the comparison of source and target les that is usually performed in order to detect target modications. Valid values are yes and no. The default setting is no. --rename_expiration=<string>
336
Species when renamed snapshots expire. Valid values are "<number> <time>" and "off", where <time> can be one of the following: d[ay[s]] w[eek[s]] m[onth[s]] y[ear[s]]
--rename_pattern=<string> Species the pattern of how snapshots are renamed. The following variables are valid: Examples The following command creates a SyncIQ policy that, when ran, synchronizes les in the ifs/home/ directory on SAMPLE.TEST.ISILON.COM cluster with the /ifs/home/ directory on the source cluster. Snapshots are named in the convention of "Changes by <PolicyName> came from <SourceCluster> on <Month><Day>, <Year> at <Hour>:<Minute>." isi sync policy create newPolicy1 copy SAMPLE.TEST.ISILON.COM /ifs/home /ifs/home/ --desc="Daily ifs/home sync policy" --snapshot_pattern="Changes by %{PolicyName} came from %{SrcCluster} on %m%d, %Y at%H:%M." The following command copies les from /ifs/home/here on SAMPLE.TEST.ISILON.COM to /ifs/home/there on the source cluster every day at 4:00 AM: isi sync policy create newPolicy2 copy SAMPLE.TEST.ISILON.COM /ifs/home/there /ifs/home/here --desc="Here to There copy policy" --schedule="every day at 4:00" %{SrcCluster}: Source cluster %{PolicyName}: Name of policy %Y: Year %m: Month %d: Day %H: Hour %M: Minute
isi sync policy delete

The isi sync policy delete command deletes an existing SyncIQ policy. Syntax isi sync policy delete [--policy=]<Policy> [<--force>] [<--local_only>] Options --policy=<Policy> Required. Species the ID of the policy being deleted. If you want to delete every policy, specify all. --force
! Caution: Forcing a policy to delete might cause

problems. Forces the delete to complete. --local_only
337
! Caution: Deleting a policy association only on the source might cause

problems. Deletes policy association on the source only. Examples The following command deletes a policy called newPolicy: isi sync policy delete newPolicy
isi sync policy disable

The isi sync policy disable command disables existing SyncIQ policies. Syntax isi sync policy disable [--policy=]<Policy> Options --policy=<Policy> Required. Species the ID of the policy being disabled. If you want to disable every policy, specify all. Examples The following command disables a policy called newPolicy isi sync policy disable newPolicy
isi sync policy enable

The isi sync policy enable command enables existing SyncIQ policies. Syntax isi sync policy enable [--policy=]<Policy> Options --policy=<Policy> Required. Species the ID of the policy being enabled. If you want to enable all policies, specify all. Examples The following command enables a policy called newPolicy isi sync policy enable newPolicy
338
isi sync policy list

The isi sync policy list command displays a list of existing SyncIQ policies. Syntax isi sync policy list [--policy=]<Policy> [--mode=<string>] [--verbose] [--wide] Options --policy=<Policy> Species the name of the policy to display. --mode=<string>, -M<string> Sets the display mode. The following values are valid: default: Displays information in a table. This is the same as not specifying anything. full: Displays detailed information in an indented list. This is the same as specifying --verbose.
--verbose, -v Displays detailed information in an indented list. --wide, -w Displays information in wide mode without truncations. Examples To view a table of existing policies, their actions, states, and target cluster addresses run the following command: isi sync policy list The system displays output similar to the following example: Name | Path | Action | State | Target ----------+-----------+--------+-------+----------------------newPolicy | /ifs/home | Sync | On | SAMPLE.TEST.ISILON.COM To view a detailed list of existing policies including all parameter values, run the following command: isi sync policy list --verbose The system displays output similar to the following example: Id: a3df2188e63979af44ee821cb4b38859 Spec: Type: user Name: newPolicy Description: Source paths: Root Path: /ifs/home Source node restriction: Destination: Cluster: SAMPLE.TEST.ISILON.COM Password is present: no Path: /ifs/ Make snapshot: off Restrict target by zone name: off Force use of interface in pool: off Predicate: None Check integrity: yes
339
Skip source/target file hashing: no Disable stf syncing: no Log level: notice Maximum failure errors: 1 Target content aware initial sync (diff_sync): no Log removed files: no Rotate report period (sec): 31536000 Max number of reports: 2000 Coordinator performance settings: Workers per node: 3 Task: sync manually State: on
isi sync policy modify

The isi sync policy modify command modies existing SyncIQ policies. Syntax isi sync policy modify [--policy=]<Policy> {--name=<string> | --desc=<string> | --action=<string> | --target_clu=<string> | --target_path=<string> | --passwd=<string> | --root_path=]<string> | --include=<string> | --exclude=<string> | --predicate=<string> | --schedule="<Interval> [<Frequency>]" | --state=<string> | --integrity=<string> | --loglevel=<string> | --logremoved=<string> | --workers=<number> | --snapshot_pattern=<string> | --snapshot_alias=<string> | --snapshot_expiration=<string> | --rotate_report_period=<string> | --max_reports=<number> | --snapshot=<string> | --restrict_by=<string> | --target_restrict=<string> | --force_interface=<string> | --diff_sync=<string> | --skip_bb_hash=<string> | --rename_expiration=<string> | --rename_pattern=<string>}... Options You must specify at least one policy attribute to modify. Specify policy attributes with the following parameters: --name --desc --action --target_clu --target_path --passwd --root_path --include --exclude --predicate --schedule --state --integrity --loglevel --logremoved --workers
340
--snapshot_pattern --snapshot_alias --snapshot_expiration --rotate_report_period --max_reports --snapshot --restrict_by --target_restrict --force_interface --diff_sync --skip_bb_hash --rename_expiration --rename_pattern
--policy=<Policy> Required. Species the ID or name of the policy being modied. --name=<string>, -n= Species a new name for the policy. --desc=<string> Species an optional description of the policy. --action=<string>, -a=<string> Species an action to perform on les. The following values are valid: copy: Adds copies of all les from source to target. sync: Replicates data on the source cluster to the target cluster, and deletes any les on the target that are not present on the source.
--target_clu=<string>, -C=<string>, --target_cluster=<string> Species the address of the target cluster. --target_path=<string>, -p=<string> Species the path to the target directory in the target cluster. If the action is set to copy, les are copied into this directory. If the action is set to sync, data is replicated to the target path and les not present in the root path are deleted from target path. --passwd=<string> If a password is required by the target cluster, species the password. --root_path=<string> Species the path to the root directory. If the action is set to copy, les are copied from this directory into the target directory. If the action is set to sync, the target directory is synchronized with this directory (making the contents of the target directory identical to that of this directory). --include=<string>, -i<string> Includes the specied directory in addition to the given root directory, which is included by default. You can include multiple paths by specifying multiple --include parameters, for example: isi sync policy create... -I/ifs/data/excluded1/one_to_include1 -I/ifs/excluded2/one_to_include2 --exclude=<string>, -e<string> Species source path being excluded from operations. Multiple paths can be excluded by specifying multiple --exclude parameters, for example: isi sync modify create... -efirstpath -esecondpath
341
--predicate=<string>, -P<string> Species which les are selected to be copied or synchronized (also known as the le-matching criteria or predicates). You can specify the following options when dening a predicate: -aolder <mm>/<dd>/<yyyy> [<HH>:<mm>], -aolder '<nn> [days|weeks|months|years] ago' Selects les that have not been accessed since the specied time. -anewer <mm>/<dd>/<yyyy> [<HH>:<mm>], -anewer '<nn> [days|weeks|months|years] ago' Selects les that have been accessed since the specied time. -atime <mm>/<dd>/<yyyy> [<HH>:<mm>] Selects les that were accessed during the specied time interval. -bolder <mm>/<dd>/<yyyy> [<HH>:<mm>], -bolder '<nn> [days|weeks|months|years] ago' Selects les that were created before the specied time. -bnewer <mm>/<dd>/<yyyy> [<HH>:<mm>], -bnewer '<nn> [days|weeks|months|years] ago' Selects les that were created after the specied time. -btime <mm>/<dd>/<yyyy> [<HH>:<mm>] Selects les that were created during the specied time interval. -colder <mm>/<dd>/<yyyy> [<HH>:<mm>], -colder '<nn> [days|weeks|months|years] ago' Selects les that have not been modied since the specied time. -cnewer <mm>/<dd>/<yyyy> [<HH>:<mm>], -cnewer '<nn> [days|weeks|months|years] ago' Selects les that have been modied since the specied time. -ctime '<nn> [days|weeks|months|years] ago' Selects les that were modied during the specied time interval. -size +<nn>[B|KB|MB|GB|TB|PB] Selects les that are larger than the specied size. The default sufx is KB. -size -<nn>[B|KB|MB|GB|TB|PB] Selects les that are smaller than the specied size. The default sufx is KB. -size <nn>[B|KB|MB|GB|TB|PB] Selects les that are the same size as the one specied. The default sufx is KB. -type <Type> Selects only the specied le-system object type. The following values are valid: f: Regular le d: Directory l: Soft link
-path <Path> Selects only les on the path specied. The following wildcards are valid: * , [ ] ?
-name <Name> Selects only les with the names match the specied string. The following wildcards are valid:
342
* , [ ] ?
-regex <POSIX_regular_expression> Selects only les whose names match the specied POSIX regular expression. IEEE Std 1003.2 (POSIX.2) regular expressions are supported. ! <Specication> Does not select les that meet the <Specication> that follows this value. For example, specifying ! -name *archive* will not select any les whose names contain archive. <Specication> -and <Specication> Selects les that meet both the <Specication> that comes before and the one that follows this value. For example, specifying -size +1GB -and -bnewer "01/01/2011" will select only les that are larger than 1GB and were created after January 1, 2011. <Specication> -or <Specication> Selects les that meet either the <Specication> that comes before or the one that follows this value. For example, specifying -size +1GB -or -bnewer "01/01/2011" will select any les that are larger than 1GB or created after January 1, 2011. --schedule="<Interval> [<Frequency>]", -S"<Interval> [<Frequency>]" Species a reoccurring time to run the job dened by the policy. <Interval> is required and can take one of the following forms: every <day of the week>[, ...] every [<number between 1 and 31>] day every [<number between 1 and 23>] weekday every [<number between 1 and 52>] week [on <day of the week>[, ...]] every [<number>] months [on the <number between 1 and 31>[st]] the {<number between 1 and 5>|last} <day of the week> every [<number between 1 and 12>] month the {<number between 1 and 23>|last} weekday every [<number between 1 and 12>] month the <number between 1 and 31>[st] every [<number between 1 and 31>[st]] month the last day every [<number between 1 and 31>[st]] month yearly on <month> [<number between 1 and 31>[st]]
If you want to only run the policy manually, leave the <string> value blank: --schedule="". --state=<string>, -s<string> Species whether the policy is enabled or disabled. Valid values are enabled and disabled. The default setting is enabled. --integrity=<string>
343
Species whether to perform a checksum on each le data packet that is affected by the SyncIQ job. If enabled and checksum values do not match, SyncIQ retransmits the affected le data packet. Valid values are true and false. --loglevel=<string>, -l<string> Species the verbosity level of logging. The following values are valid, organized from least to most information: fatal error notice info copy debug trace
The default setting is info. --logremoved=<string> Determines whether to keep a log of information on the les removed by the sync action. This parameter does not apply if the policy is set to copy. Valid values are yes and no. --workers=<number> Species the number of workers per node. The number of workers is the maximum number of concurrent processes per node that can be used to perform SyncIQ operations. The default value is 3. --snapshot=<string> Determines whether a snapshot of the specied path on the target cluster is taken after each job is completed. Valid values are on or off. The default setting is off. --snapshot_pattern=<string> Species the snapshot naming pattern. The following variables can be used within the string to include snapshot-specic information: %{SrcCluster}: Source cluster %{PolicyName}: Name of policy %Y: Year %m: Month %d: Day %H: Hour %M: Minute
The default setting is SIQ-%{SrcCluster}-%{PolicyName}-%Y-%m-%d_%H-%M. --snapshot_alias=<string> Species the naming pattern of the most recent snapshot. The following variables can be used within the string to include snapshot-specic information: %{SrcCluster}: Source cluster %{PolicyName}: Name of policy %Y: Year %m: Month %d: Day %H: Hour %M: Minute
The default setting is SIQ-%{SrcCluster}-%{PolicyName}-latest.
344
--snapshot_expiration=<string> Species how long snapshots are kept before being automatically deleted. Valid values are "<number> <time>" and "off", where <time> can be one of the following: d[ay[s]] w[eek[s]] m[onth[s]] y[ear[s]]
--rotate_report_period=<string> Species how long SyncIQ reports are kept before being automatically deleted. Specify in the form of <number> <time>, where <time> can be one of the following: d[ay[s]] w[eek[s]] m[onth[s]] y[ear[s]]
--max_reports=number> Species the maximum number of reports to keep for this policy. This value can also be changed using the isi sync reports policyconf --max_reports= command. --restrict_by=<string> If parameter target_restrict=true, policy does not connect to nodes outside of the specied subnet and pool. Specify in the form of <Subnet>:<Pool> (for example, subnet0:pool1). --target_restrict=<string> If set to true, policy only connects to the target-cluster nodes that are contained in the subnet and pool specied by the --restrict_by parameter. If set to false, Valid options are on and off. --force_interface=<string> Forces the interface in the pool to be used for communication between source and target cluster in the pool. Valid values are on and off. --diff_sync=<string> Prevents les on the root cluster that already exist on the target cluster from being sent to the target cluster during an initial synchronization. Valid values are on and off. --skip_bb_hash=<string>
! Caution: Specifying yes could result in a loss of data. It is recommended that you consult
Isilon Product Support before specifying yes. If set to true, skips the comparison of source and target les that is usually performed in order to detect target modications. Valid values are yes and no. The default setting is no. --rename_expiration=<string> Species when renamed snapshots expire. Valid values are "<number> <time>" and "off", where <time> can be one of the following: d[ay[s]] w[eek[s]] m[onth[s]] y[ear[s]]
--rename_pattern=<string> Species the pattern of how snapshots are renamed. The following variables are valid: %{SrcCluster}: Source Cluster
345
Examples
%{PolicyName}: Name of policy %Y: Year %m: Month %d: Day %H: Hour %M: Minutes
The following command causes no more than 300 reports to be kept for newPolicy: isi sync policy modify newPolicy --max_reports=300
The following command causes newPolicy to not delete inconsistencies between the target and source cluster: isi sync policy modify newPolicy --action=copy
isi sync policy pause

The isi sync policy pause command pauses running SyncIQ jobs. Syntax isi sync policy pause [--job=]<PolicyName> Options --job=<PolicyName> Species the ID or name of the policy that caused the job to run. Examples The following command pauses a job ran by a policy called newPolicy: isi sync policy pause newPolicy
isi sync policy report

The isi sync policy report command displays reports of nished job statistics for SyncIQ policies. Syntax isi sync policy report [[--policy=]<Policy>] [--status=<string>] [--mode=<string>] [--verbose] [--mail] [--quantity=<number>] [--subreport=<number>] [--job_id=<number>] Options If no options are specied, all job statistics are displayed in default mode. --policy=<Policy> Species the ID or name of the policy being reported on. --status=<string>, -s<string> Filters by nish status.
346
The following values are valid: s[uccess] f[ailed] a[ll]
The default setting is all. --mode=<string>, -M<string> Species the display mode. The following values are valid: default: Displays information on existing bandwidths in a table. This is the same as specifying nothing. full: Displays information on existing bandwidths in an indented list. This is the same as specifying --verbose.
--verbose, -v Displays detailed information. --mail, -m Sends reports to the emails specied by the isi sync report config --email command parameter. --quantity=<number>, -N<number> Species the number of the latest reports to display. If not specied, all reports are displayed. --subreport=<number> Displays the specied subreport. --job_id=<number> Displays reports on jobs with the specied ID. Examples The following command displays a report on newPolicy isi sync policy report newPolicy The system displays output similar to the following example: newPolicy: Start 04/29/11 14:32:16 Stop Act Status 04/29/11 14:37:47 copy Success w/ prior failures
The following command displays detailed information on newPolicy: isi sync policy report newPolicy --verbose The system displays output similar to the following example: Id: ad8c2a041e9dedc04952c7550dff697b Name: newPolicy Action: copy Sync Type: initial Job ID: 1 Started: Fri Apr 29 14:32:16 PDT 2011 Run time: 3 secs Ended: Fri Apr 29 14:37:47 PDT 2011 Status: Success w/ prior failures Details: Directories: Visited on source: 1 Deleted on destination: 0
347
Files: Total Files: 9 Actually transferred: 9 New files: 9 Updated files: 0 Automatically retransmitted files: 0 Skipped for some reason: Up-to-date (already replicated): 0 Modified while being replicated: 0 IO errors occurred: 0 Network errors occurred: 0 Integrity errors occurred: 0 Bytes: Total Network Traffic: 7.5 KB (7688 bytes) Total Data: 4.2 KB (4255 bytes) File Data: 4.2 KB (4255 bytes) Sparse Data: 0B Subreport 1: Started: Fri Apr 29 14:32:16 PDT 2011 Ended: Fri Apr 29 14:32:16 PDT 2011 Status: Failed Subreport 2: Started: Fri Apr 29 14:37:44 PDT 2011 Ended: Fri Apr 29 14:37:47 PDT 2011 Status: Success
isi sync policy reset

The isi sync policy reset command resets SyncIQ policies' incremental states after they have encountered an error, and the cause of the error cannot be found or xed. If the cause of the error has been xed, run isi sync policy resolve instead. Syntax isi sync policy reset [--policy=]<Policy> Options --policy=<Policy> Required. Species which SyncIQ policy to reset. If you want to enable all SyncIQ policies, specify all. Examples The following command resets the incremental state of a policy called newPolicy: isi sync policy reset newPolicy
348
isi sync policy resolve

The isi sync policy resolve command resolves conicted SyncIQ policies after the cause of the error has been xed. If the cause of the error cannot be xed, run isi sync policy reset instead. Syntax isi sync policy resolve [--policy=]<Policy> Options --policy=<Policy> Species which SyncIQ policy to resolve. If you want to resolve all SyncIQ policies, specify all. Examples The following command resolves a policy called newPolicy: isi sync policy resolve newPolicy
isi sync policy resume

The isi sync policy resume command resumes paused SyncIQ jobs. Syntax isi sync policy resume [--job=]<PolicyName> Options --job=<PolicyName> Species the name of the SyncIQ policy that caused the job to run. Examples The following command resumes the job ran by newPolicy: isi sync policy resume newPolicy
isi sync policy run

The isi sync policy run command runs existing SyncIQ policies. Syntax isi sync policy run [--policy=]<Policy> Options --policy=<Policy> Required. Species the name or ID of the SyncIQ policy to run.
349
OneFS Command Reference Examples The following command runs a policy called newPolicy isi sync policy run newPolicy
isi sync policy stop

The isi sync policy stop command cancels running or paused SyncIQ jobs. Syntax isi sync policy stop [--job=]<PolicyName> Options --job=<PolicyName> Species the name of the SyncIQ policy that caused the job to run. Examples The following command cancels a job ran by a policy called newPolicy: isi sync policy stop newPolicy
isi sync reports config

The isi sync reports config command displays and modies the SyncIQ global report conguration. Syntax isi sync reports config [[--email=]<Email>] [--keep=<string>] [--max_reports=<number>] Options If no options are specied, the current global report conguration is displayed. --email=<Email>, -e=<Email> Species where reports are sent. --keep=<string>, -k<string> Species how long to keep reports. Specify in the form of <number> <time>, where <time> can be one of the following: d[ay[s]] w[eek[s]] m[onth[s]] y[ear[s]]
--max_reports=<number> Species the maximum number of reports that are kept for a policy.
350
OneFS Command Reference Examples The following command sets the destination of isi sync reports to user@isilon.com, allows no more than 500 reports to be kept for one policy, and removes reports more than 2 weeks old: isi sync reports config user@isilon.com --keep=2w --max_reports=500
isi sync reports policyconf

The isi sync reports policyconf command displays and modies the SyncIQ report conguration for individual SyncIQ policies. Syntax isi sync reports policyconf [--policy=]<Policy> [--keep=<string>] [--max_reports=<number>] Options --policy=<Policy> Required. Species the name or ID of the SyncIQ policy whose report conguration is being modied. --keep=<string>, -k<string> Species how long to keep reports for this SyncIQ policy. Specify in the form of <number> <time>, where <time> can be one of the following: d[ay[s]] w[eek[s]] m[onth[s]] y[ear[s]]
--max_reports=<number> Species the maximum number of reports that are kept for this SyncIQ policy. This value can also be changed using the isi sync policy modify --max_reports command option. Examples The following command allows no more than 500 reports to be kept, and removes reports more than 2 weeks old for a policy called newPolicy: isi sync reports policyconf newPolicy --keep=2w --max_reports=500
isi sync reports rebuild

The isi sync reports rebuild command rebuilds a broken SyncIQ report database. Syntax isi sync reports rebuild [--policy=string] Options If no options are specied, all SyncIQ report databases are rebuilt. --policy=<string> Rebuilds the report database for the specied SyncIQ policy. Valid values are policy IDs and names.
351
OneFS Command Reference Examples The following command rebuilds the report database for a policy called newPolicy: isi sync reports rebuild --policy=newPolicy
isi sync reports rotate

The isi sync reports rotate command forces SyncIQ reports to undergo their scheduled rotations right now, instead of waiting for the next scheduled time. Syntax isi sync reports rotate Options There are no options for this command. Examples To force SyncIQ reports to undergo their scheduled rotations right now, run the following command: isi sync reports rotate
isi sync resume

The isi sync resume command resumes SyncIQ application activity after a pause. Syntax isi sync resume [--quiet] Options --quiet, -q If command succeeds, does not display conrmation message. If an error occurs, error message is still displayed. Examples To resume SyncIQ application activity, run the following command: isi sync resume
isi sync start

The isi sync start command starts the SyncIQ application. Syntax isi sync start [--quiet]
352
OneFS Command Reference Options --quiet, -q If command succeeds, does not display conrmation message. If an error occurs, error message is still displayed. Examples To start the SyncIQ application, run the following command: isi sync start
isi sync stop

The isi sync stop command stops the SyncIQ application. Syntax isi sync stop [--quiet] Options --quiet, -q If command succeeds, does not display conrmation message. If an error occurs, error message is still displayed. Examples To stop the application, run the following command: isi sync stop
isi sync target break

The isi sync target break command removes SyncIQ policy associations on their targets. Syntax isi sync target break [--policy=]<Policy> [--force] Options --policy=<Policy> Species the ID, name or target directory of the SyncIQ policy. --force Forces SyncIQ policy target association to be removed. Examples The following command removes the policy association of newPolicy on its target: isi sync target break newPolicy
353
isi sync target cancel

The isi sync target cancel command cancels currently running SyncIQ jobs targeted to this cluster. Syntax isi sync target cancel [--policy=]<Policy> Options --policy=<Policy> Species the ID of the target SyncIQ policy that caused the job to run. If you want to cancel all SyncIQ jobs targeted to this cluster, specify all. Examples The following command cancels all SyncIQ jobs targeted to this cluster: isi sync policy target cancel all
isi sync target list

The isi sync target list command displays information on existing SyncIQ policies targeted to this cluster. Syntax isi sync target list [--policy=]<Policy> [--mode=<string>] [--target_path=<string>] [--verbose] [--wide] Options If no options are specied, information on all policies that are currently targeting this cluster is displayed. --policy=<Policy> Required. Displays information on the SyncIQ policy with the specied ID or name. SyncIQ policy must be targeting the current cluster. --mode=<string>, -M<string> Species the display mode. The following values are valid: default full
--target_path=<string>, -p<string> Species a path in the target cluster. --verbose, -v Displays detailed information. --wide, -w Displays tables in wide mode without truncations. Examples To view a list of policies that are currently targeting this cluster, run the following command:
354
isi sync target list The system displays output similar to the following example: Policy | Source | Target Path | Run ----------+------------+-------------------+-------newPolicy | newCluster | /ifs/home/newuser | Success To view detailed information on policies that are currently targeting this cluster, run the following command: isi sync target list --verbose The system displays output similar to the following example: ID: ad9c2a041e9dedc05239c7550fdf667b Policy Name: newPolicy Target Dir: /ifs/home/newuser Source Information: Cluster: newCluster Cluster ID: 00d084431e1613d1d94d88210dee328d8f43 Last Coordinator IP: 0.0.0.0 Legacy Policy: No Job Status: Success Last Update: Fri Apr 29 14:37:47 2011
isi sync throttle create

The isi sync throttle create command creates throttle schedules that limit le send rates for SyncIQ policies. Syntax isi sync throttle create [--interval=]<Interval> [--days=]<Days> [--limit=]<Limit> [--desc=<string>] Options --interval=<Interval>, -I=<Interval> Required. Species the time range that the throttle limit is active during the given <Days>. Specify in form hh:mm-hh:mm (for example, 12:35-17:43). --days=<Days>, --d=<Days> Required. Species days of the week when the throttle limit is active. Multiple <Days> can be specied in comma-separated lists. Ranges of <Days> can be specied with dash-separated ranges. The following values are valid: Valid Value X M T W R F S Corresponding Day Sunday Monday Tuesday Wednesday Thursday Friday Saturday
355
For example, specifying --days=X,W-F causes the throttle to be active on Sunday, Wednesday, Thursday and Friday. --limit=<number>, L=<number> Required. Species limit of the le send rate in les per second. --desc=<string> Species a description of this throttle. Examples The following command limits the le send rate for SyncIQ policies to 10 les per second every Saturday, Sunday and Thursday from 1:00pm to 3:00pm: isi sync throttle create 13:00-15:00 S,X,R 10
isi sync throttle delete

The isi sync throttle delete command deletes existing throttle schedules that limit le send rates for SyncIQ policies. Syntax isi sync throttle delete [--thr=]<Throttle> Options --thr=<Throttle> Required. Species the ID of the throttle to delete. If you want to delete all throttles, specify all. Examples To delete a throttle with an ID of 1, run the following command isi sync throttle delete 1
isi sync throttle disable

The isi sync throttle disable command disables existing throttle schedules that limit le send rates for SyncIQ policies. Syntax isi sync throttle disable [--thr=]<Throttle> Options --thr=<Throttle> Required. Species the ID of the throttle to disable. If you want to disable all throttles, specify all. Examples To disable a throttle with an ID of 1, run the following command: isi sync throttle disable 1
356
isi sync throttle enable

The isi sync throttle enable command enables existing throttle schedules that limit le send rates for SyncIQ policies. Syntax isi sync throttle enable [--thr=]<Throttle> Options --thr=<Throttle> Required. Species the ID of the throttle to enable. If you want to enable all throttles, specify all. Examples The following command enables a throttle with an ID of 1: isi sync throttle enable 1
isi sync throttle list

The isi sync throttle list command displays a list of existing throttle schedules that limit le send rates for SyncIQ policies. Syntax isi sync throttle list [--thr=]<ThrottleID> [--mode=<string>] [--verbose] [--wide] Options If no options are specied, displays all throttle schedules in a table with truncations. --thr=<ThrottleID> Displays only the throttle with the specied ID. --mode=<string>, -M<string> Species the display mode. The following values are valid: default: Displays information on existing throttles in a table. Specifying this value is the same as not specifying --mode or --verbose. full: Displays information on existing throttles in an indented list. Specifying this value is the same as specifying --verbose.
--verbose, -v Displays detailed information. --wide, -w Displays tables in wide mode without truncations. Examples To view information about existing throttles in a table, run the following command:
357
isi sync throttle list The system displays output similar to the following example: Id | Limit(Files/s) | State | Days | Time Interval | Description ---+----------------+-------+---------+---------------+--------------------1 | 500 | on | Sun | 08:30-09:30 | > 2 | 100 | on | Mon-Fri | 20:00-23:59 | This is an example > 3 | 100 | on | Mon-Fri | 00:00-05:00 | This is an example > 4 | 250 | on | Sat | 00:00-23:59 | This is an example > To view information about existing throttles in an indented list, run the following command: isi sync throttle list --verbose The system displays output similar to the following example: Id = 1 Limit = 500 (files/s) Description = This is an example State = on Schedule: Days = Sun Interval = 08:30-09:30 ==== Id = 2 Limit = 100 (files/s) Description = This is an example State = on Schedule: Days = Mon-Fri Interval = 20:00-23:59 ==== Id = 3 Limit = 100 (files/s) Description = This is an example State = on Schedule: Days = Mon-Fri Interval = 00:00-05:00 ==== Id = 4 Limit = 250 (files/s) Description = This is an example State = on Schedule: Days = Sat Interval = 00:00-23:59
throttle for education
isi sync throttle modify

The isi sync throttle modify command modies existing throttle schedules that limit le send rates for SyncIQ policies. Syntax isi sync throttle modify [--thr=]<Throttle> {--interval=<string> | --days=<Days> | --limit=<number> | --desc=<string>}...
358
OneFS Command Reference Options You must specify at least one throttle attribute to modify. Specify a throttle attribute using one of the following options: --interval --days --limit --desc
--thr=<Throttle> Required. Species the ID of the throttle being modied. --interval=<Interval>, -i<Interval> Species the time range that the throttle limit is active during the given <Days>. Specify <Interval> in form hh:mm-hh:mm (for example, 12:35-17:43). --days=<Days>, -d<Days> Species days of the week when the throttle limit is active. Multiple <Days> can be specied in comma-separated lists. Ranges of <Days> can be specied with dash-separated ranges. The following values are valid: Valid Value X M T W R F S Corresponding Day Sunday Monday Tuesday Wednesday Thursday Friday Saturday
For example, specifying --days=X,W-F causes the throttle to be active on Sunday, Wednesday, Thursday and Friday. --limit=<number>, -L<number> Species limit of the le send rate in les per second. --desc=<string> Species a description of this throttle. Examples The following command sets the time interval to 11:00am to 1:00pm on a throttle with ID 1: isi sync throttle modify 1 --interval=11:00-13:00
359
isi sync upgrade

The isi sync upgrade command upgrades from SyncIQ 1.x to 2.x Syntax isi sync upgrade [--force] Options --force Forces upgrade to complete. Examples To force an upgrade to complete, run the following command: isi sync upgrade --force
isi tape delete

The isi tape delete command deletes tape and media changer devices. Syntax isi tape delete {[--devname=]<DeviceName>|--all} Options You must specify either --devname or --all. --devname=<DeviceName> Deletes the specied device. --all Deletes all devices. Examples The following command deletes the device tape001: isi tape delete tape001 To delete all tape and media changer devices, run the following command: isi tape delete --all
isi tape list

The isi tape list command lists tape and media changer devices. Syntax isi tape list [--devname=<DeviceName>] [--node=<LNN>] [--tape] [--mc] [--verbose]
360
OneFS Command Reference Options If you run this command without options, all devices are listed. --devname=<DeviceName>, -n<DeviceName> Lists only the specied device. --node=<LNN> Lists only devices that are accessible from the specied node. --tape List only tape devices. --mc Lists only media changer devices. --verbose, -v Display includes the path, Logical Unit Number (LUN), World Wide Port Number (WWPN), and Port ID of the tape devices. Examples To view a list of all currently connected tape and media changer devices, run the following command: isi tape list The system displays output similar to the following example: Tape Device State WWNN Vendor/Model/Revision/Serial -------------------------------------------------------------------------------tape001 closed 500308C097D42098 HP Ultrium 4-SCSI H44Z F097D42098 tape002 closed 500308C097D4209C HP Ultrium 4-SCSI H44Z F097D4209C tape003 closed 2001001B323102D9 IBM ULTRIUM-TD3 4C17 1230596819 tape004 closed 2001001B323102D9 IBM ULTRIUM-TD3 4C17 1230596820 tape005 closed 2000001B321102D9 HP Ultrium 4-SCSI H16D 8WK7A00201 tape006 closed 2000001B321102D9 HP Ultrium 4-SCSI H16D 8WK7A00202 tape007 closed 2000001B321102D9 HP Ultrium 4-SCSI H16D 8WK7A00203 Media Changer State WWNN Vendor/Model/Revision/Serial -------------------------------------------------------------------------------mc001 closed 500308C097D4209C ADIC Scalar i500 500G ADICA0C0196012_LLA mc002 closed 2000001B321102D9 ATL 1500 3.01 8WK7A00206 mc003 closed 2000001B321102D9 HP MSL G3 Series 0.80 8WK7A00200 mc004 closed 2000001B321102D9 IBM ULT3583-TL 2.50 IBM4378041
If there are no known tape or media changer devices, the system displays no output.
isi tape rename

The isi tape rename command renames tape and media changer devices. Syntax isi tape rename [--devname=]<DeviceName> [--rename=]<NewDeviceName>
361
OneFS Command Reference Options --devname=<DeviceName> Required. Species the device to rename. --rename=<NewDeviceName> Required. Sets the new name for the device. Examples The following command changes the name of tape device tape001 to tape010 isi tape rename tape001 tape010
isi tape rescan

The isi tape rescan command scans the cluster for undiscovered tape and media changer devices. If undiscovered devices are found, entries are created for the devices. The path list for each device is updated by adding newly discovered paths and deleting existing non-viable paths. Syntax isi tape rescan [--node=<number>] [--port=<number>] [--reconcile] Options If no options are specied, scans all nodes and ports for undiscovered devices. --node=<number> Scans only the specied node. --port=<number> Scans only the specied port. --reconcile Deletes inaccessible devices, if found. Examples To scan the entire cluster for tape and media changer devices, and then delete any inaccessible devices found, run the following command. isi tape rescan --reconcile
isi target create

The isi target create command creates and optionally congures an iSCSI target. Note: You can congure or modify a target's settings at a later time by running the isi target modify command. Syntax isi target create [--name=]<TargetName> [--path=<ifs-Directory>] [--comment=<QuotedString>]
362
OneFS Command Reference [--require-auth=<Boolean>] [--require-allow=<Boolean>] [--pool=<PoolName>] [--initiator=<Initiator>] [--chap=<User>:<Secret>] Options --name=<TargetName>, -n=<TargetName> Required. Species a name for the target. Valid names begin with a letter and contain only lowercase letters, numbers, and hyphens (-). --path=<ifs-Directory> Species a default path under /ifs for LUN directories. --comment=<QuotedString> Species a description for the target, enclosed in quotation marks. --require-auth=<Boolean> Enables (1) or disables (0) CHAP authentication. CHAP authentication is disabled by default. --require-allow=<Boolean> Enables (1) or disables (0) initiator access control. Access control is disabled by default. --pool=<PoolName> Species a SmartConnect pool name. --initiator=<Initiator> Adds an initiator to the initiator access list. The specied value must be a valid iSCSI Qualied Name (IQN). --chap=<User>:<Secret> Adds a CHAP user:secret pair to the CHAP secrets list. Both the user and secret are case-sensitive. Secrets must be 12-16 characters long. You can specify a valid IQN as the user. If you do not specify an IQN, valid users can contain alphanumeric characters, periods (.), hyphens (-), and underscores (_). Example: --chap=user1:PassWord1234 Examples The following command creates a target named test1 using default conguration settings: isi target create --name=test1 The following command creates a target named test2 with initiator access control enabled, and adds a Microsoft iSCSI initiator named "iqn.1991-05.com.microsoft:example" to the target's initiator access list: isi target create --name=test2 --require-allow=1 --initiator=iqn.1991-05.com.microsoft:example The following command creates a target named test3 and assigns a SmartConnect pool named subnet0:pool0:
isi target create --name=test3 --pool=subnet0:pool0 Note: You can verify that a target was created successfully by running the isi target list command.
363
isi target delete

The isi target delete command deletes an iSCSI target and its associated LUNs. Note: If you delete a target, all logical unit numbers (LUNs) that are contained in the target are also deleted, and all LUN data is destroyed. This operation cannot be undone. In addition, any iSCSI sessions that are connected to the target are terminated. Syntax isi target delete [--name=]<TargetName> [--force] Options --name=<TargetName>, -n=<TargetName> Required. Species the name of the target to delete. --force Deletes the target without rst displaying a conrmation prompt. Examples The following command deletes a target named test1: isi target delete --name=test1 The system displays the following output: !! Are you sure you want to delete target 'test1'? 4 LUNs totaling !! 170 GB will be permanently removed. (yes, y, no, [n]) Typing y and pressing ENTER conrms the deletion. The following command deletes a target named test2, without displaying a conrmation prompt: isi target delete --name=test2 --force Note: You can verify that a target was deleted by running the isi target list command.
isi target list

The isi target list command displays conguration settings for iSCSI targets. Syntax isi target list [--name=<Target>] [--luns] [--verbose] Options If you run this command without options, the system displays a list of all targets. --name=<Target>, -n=<Target> Displays information for the specied target only. --luns, -l Displays information about each LUN in the specied target.
364
--verbose, -v Displays more detailed information. Examples To view information about all targets, as well as each LUN contained in a given target, run the following command: isi target list --luns The following command displays detailed information about a target named test1: isi target list --name=test1 --verbose
isi target modify

The isi target modify command modies iSCSI target settings. Syntax isi target modify [--name=]<TargetName> [--path=<ifs-Directory>] [--comment=<QuotedString>] [--require-auth=<Boolean>] [--add-chap=<User>:<Secret>] [--delete-chap=<User>:<Secret>] [--require-allow=<Boolean>] [--add-initiator=<Initiator>] [--delete-initiator=<Initiator>] [--add-pool=<PoolName>] [--delete-pool=<PoolName>] Options --name=<TargetName>, -n=<TargetName> Required. Species the name of the target to modify. --comment=<QuotedString> Species a description for the target, enclosed in quotation marks. --path=<ifs-Directory> Species a default path within /ifs for logical unit number (LUN) directories. --require-auth=<Boolean> Enables (1) or disables (0) CHAP authentication. CHAP authentication is disabled by default. --require-allow=<Boolean> Enables (1) or disables (0) initiator access control. Initiator access control is disabled by default. --add-initiator=<Initiator> Adds an initiator to the initiator access list. The specied value must be a valid iSCSI Qualied Name (IQN). --add-chap=<User>:<Secret> Adds a CHAP user:secret pair to the CHAP secrets list. Both the user and secret are case-sensitive. Secrets must be 12-16 characters long. You can specify a valid IQN as the user. If you do not specify an IQN, valid users can contain alphanumeric characters, periods (.), hyphens (-), and underscores (_). --delete-initiator=<Initiator> Removes an initiator from the initiator access list. --delete-chap=<User>:<Secret> Removes a CHAP user:secret pair from the CHAP secrets list. --add-pool=<PoolName>
365
Adds a SmartConnect pool. --delete-pool=<PoolName> Removes a SmartConnect pool. Examples The following command changes the default LUN directory path to /ifs/example for a target named test1: isi target modify --name=test1 --path=/ifs/example The following command enables CHAP authentication for a target named test2, and adds a CHAP user:secret pair of test:12characters to the CHAP secrets list: isi target modify --name=test2 --require-auth=1 --add-chap=user1:PassWord1234 Note: You can verify that a target was modied successfully by running the isi target list command.
isi update
The isi update command updates a cluster to a newer version of OneFS. Syntax isi update [-r [--drain-time=<DrainTime>] [--manual]] Options -r Performs a rolling update. A rolling update reboots only one node at a time, allowing the cluster to remain available during the update. If a rolling update is interrupted, the update can be restarted by running the isi update command again with the same specications as the interrupted update. The update will then attempt to continue from where the update was interrupted. Rolling updates are not supported for all versions, contact your representative at Isilon for information on what versions this option is supported on. --drain-time=<DrainTime> The update process pauses for the specied <DrainTime> after disconnecting nodes from their SmartConnect pools before rebooting them. Specify <DrainTime> in the form of <Number><TimeUnit> where <TimeUnit> can be one of the following values: Valid Value m h d w The default <TimeUnit> is seconds. --manual Corresponding Time Unit Minutes Hours Days Weeks
366
Causes the rolling update process to pause and wait for user input before rebooting each node. If specied with the --drain-time option, update waits until the <DrainTime> is expired before requesting user input. Examples To perform an update, run the following command: isi update The system displays output similar to the following example: Starting upgrade process... Connecting to remote and local successfully connected successfully connected successfully connected Loading image... upgrade to node to node to node processes... [ 2]. [ 3]. [ 1].
Please specify the image to update. You can specify the image from: -- an absolute path (i.e. /usr/images/my.tar) -- http (i.e. http://host/images/my.tar) Please specify the image to update: Enter input similar to the following example: /ifs/install.tar The system displays output similar to the following example: Node version :v6.0.3.10 B_6_0_3_10(RELEASE) (0x600030000000A00) Image version:6.5.1.8 B_6_5_1_8(RELEASE) (0x605010000000800) Are you sure you wish to upgrade (yes/no)? Enter yes The system displays output similar to the following example: Please wait, updating... Initiating IMDD... node[ 3] initialized. node[ 2] initialized. node[ 1] initialized. Verifying md5... Installing image... node[ 1] installed. node[ 2] installed. node[ 3] installed. Restoring user changes... node[ 2] restored. node[ 3] restored. node[ 1] restored. Checking for Firmware Updates... Firmware update checks skipped... node[ 1] Firmware check phase completed. node[ 2] Firmware check phase completed. node[ 3] Firmware check phase completed. Updating Firmware... Firmware updates skipped... node[ 1] Firmware update phase completed. node[ 2] Firmware update phase completed. node[ 3] Firmware update phase completed. Upgrade installed successfully. Reboot to complete the process? (yes/no [yes]) Enter yes
367
The system displays output similar to the following example: Shutting down services. node[ 1] Services shutdown. node[ 2] Services shutdown. node[ 3] Services shutdown. Flushing and disabling coalescers. node[ 1] Coalescers flushed and disabled. node[ 2] Coalescers flushed and disabled. node[ 3] Coalescers flushed and disabled. Rebooting cluster... rebooting node[ 2]... rebooting node[ 3]... rebooting node[ 1]... *** FINAL System shutdown message from root@example *** System going down IMMEDIATELY The following command performs a rolling update that waits for an hour after each node is disconnected from its SmartConnect pool before rebooting the node: isi update -r --drain-time=1h
isi version
The isi version command displays detailed information about a cluster's software properties. Syntax isi version {osversion | osbuild | osrelease | ostype | osreldate | osrevision | copyrite} Options You must specify exactly one category of information. Specify a category of information using one of the following options: osversion osbuild osrelease ostype osreldate osrevision copyrite Displays the current operating system version. osbuild Displays build information. osrelease Displays the release date for the software. osrevision Displays the revision number. copyright
osversion
368
Displays the current copyright information for the software. Examples To view information on the version of operating system, run the following command: isi version osversion The system displays output similar to the following example: Isilon OneFS v6.0.3.10 B_6_0_3_10(RELEASE): 0x600030000000A00:Tue Feb 12:30:21 PST 2011 1
root@fastbuild-02.west.isilon.com:/build/mnt/obj.RELEASE/build/mnt/src/sys/IQ.amd64.release
isi worm create

The isi worm create command designates an existing directory as a SmartLock root directory, which is required for committing les to a WORM (write once, read many) state. The isi smartlock create and isi domain create commands are aliases of this command. Before designating a SmartLock root directory, be aware of the following conditions and requirements: Only empty directories can be designated as SmartLock root directories. Any subdirectories created under a SmartLock root directory inherit its SmartLock settings. A SmartLock root directory cannot be a subdirectory of another SmartLock directory. Hard links cannot cross SmartLock directory boundaries. The path to a SmartLock le cannot be changed.
Syntax isi worm create [--path=]<IFSDirectory> Options --path=<IFSDirectory>, -p<IFSDirectory> Required. Species the absolute path, beginning at /ifs, to an existing directory. Examples To designate an existing directory named /ifs/data/worm as a SmartLock root directory, run the following command: isi worm create -p /ifs/data/worm The system displays output similar to the following text: !! /ifs/data/worm is now a SmartLock root directory. Id: !! 65540
369
isi worm filedelete

The isi worm filedelete command forcibly deletes a le, regardless of its SmartLock state. The isi smartlock filedelete and isi domain filedelete commands are aliases of this command. Syntax isi worm filedelete [--path=]<FilePath> Options --path=<FilePath>, -p<FilePath> Required. Deletes the le on the specied absolute path, beginning at /ifs. Examples The following command deletes a SmartLock le named file.txt from the /ifs/data/worm/ directory: isi worm filedelete -p /ifs/data/worm/file.txt
isi worm info

The isi worm info command displays SmartLock information for a specic directory or le. The isi smartlock info command is an alias of this command. Syntax isi worm info [--path=]<Path> Options --path=<Path>, -p=<Path> Required. Species the absolute path to a le or directory, beginning at /ifs. Examples For the following scenarios, assume that /ifs/data/worm is a directory that contains both SmartLock and non-SmartLock les. The following command displays SmartLock information about the /ifs/data/worm directory: isi worm info -p /ifs/data/worm/ The system displays output similar to the following example: SmartLock Info for: /ifs/data/worm SmartLock Root Directory -----------------------ID | Root Path ------+--------------------------65536 | /ifs/data/worm This output indicates that the directory is a SmartLock root directory whose ID is 65536. The following command displays SmartLock information about the /ifs/data/ directory: isi worm info -p /ifs/data/
370
The system displays output similar to the following example: Domain Info for: /ifs/data Domains ------None Contains Directories with These WORM Domains -------------------------------------------ID | Root Path | Type ------+----------------+----65536 | /ifs/data/worm | WORM This output indicates that the /ifs/data/ directory is the parent of a SmartLock root directory. The following command displays SmartLock information about a le named file.txt in the /ifs/data/worm/wormsub directory: isi worm info -p /ifs/data/worm/wormsub/file.txt The system displays output similar to the following example: Domain Info for: /ifs/data/worm/wormsub/file.txt Domains ------ID | Root Path | Type ------+----------------+----65536 | /ifs/data/worm | WORM Worm State: not committed Would Expire: Never
In this example, file.txt is in a SmartLock directory tree rooted at /ifs/data/worm, but has not been committed to a SmartLock state.
isi worm list

The isi worm list command displays a list of SmartLock root directories on the cluster. The isi smartlock list command is an alias of this command. Syntax isi worm list [--long] Options If no options are specied, basic information about each SmartLock root on the cluster is displayed. --long, -l Displays additional information about each SmartLock root directory, including ID, override retention date, and default minimum retention period settings. Examples To view basic information about each SmartLock root on the cluster, run the following command: isi worm list
371
The system displays output similar to the following example: Root Path | Type ----------------+---------/ifs/data/worm | SmartLock This output indicates that the cluster contains a single SmartLock root directory. To view more detailed information including the SmartLock domain ID, override retention date, and default minimum retention offset, run the following command: isi worm list -l The system displays output similar to the following example: ID | Root Path | Type | Override Ret. Date | Default Min. Ret. ------+-----------------+-----------+---------------------+-----------------65537 | /ifs/data/worm | SmartLock | 2012-12-22 00:00:00 | 2y
isi worm modify

The isi worm modify command sets or modies SmartLock root directory settings, including the default retention period and override retention date. The isi smartlock modify and isi domain modify commands are aliases of this command. Syntax isi worm modify {--path=<IFS-Directory>|--id=<Number>} [--override=<Date>] [default=<Offset>] Options You must specify only one of the following options: --path, --id. --path=<IFS-Directory>, -p<IFS-Directory> Species the absolute path, beginning at /ifs, of an existing SmartLock root directory. --id=<Number>, -i<Number> Species the ID of an existing SmartLock root directory. --override=<Date>, -o<Date> Sets the override retention date, where <Date> is in the form of YYYYMMDD (for example, 20200101 for January 1, 2020). --default=<Offset>, -d<Offset> Sets the default retention offset, where <Offset> is in the form of <Number>{y|m|w|d}. The variables y, m, w, and d stand for years, months, weeks, and days, respectively (for example, 3w for 3 weeks). Examples The following command sets a default retention period of 6 weeks from the time a le is committed to the SmartLock root directory ifs/data/worm: isi worm modify -p /ifs/data/worm -d 6w The default retention offset is applied only to SmartLock-committed les that do not have a retention date congured. The following command sets a retention date of December 22, 2012 for les that are committed to the SmartLock root directory ifs/data/worm:
372
isi worm modify -p /ifs/data/worm -o 20121222 Files that are committed to the SmartLock root directory or one of its subdirectories will use the le retention date (if congured) or the override retention date, whichever is later.
373

OneFS 6.5 Command Reference

Hochgeladen von

Dokumentinformationen

Copyright

Verfügbare Formate

Dieses Dokument teilen

Dokument teilen oder einbetten

Freigabeoptionen

Stufen Sie dieses Dokument als nützlich ein?

Sind diese Inhalte unangemessen?

Copyright:

Verfügbare Formate

OneFS 6.5 Command Reference

Hochgeladen von

Copyright:

Verfügbare Formate

OneFS 6.

OneFS Command Reference

OneFS Command Reference

2011 Isilon Systems, LLC.

OneFS Command Reference

isi auth ads accounts list

isi auth ads cache flush

2011 Isilon Systems, LLC.

OneFS Command Reference

isi auth ads dc

2011 Isilon Systems, LLC.

OneFS Command Reference

isi auth ads groups list

2011 Isilon Systems, LLC.

OneFS Command Reference

isi auth ads join

2011 Isilon Systems, LLC.

isi auth ads leave

isi auth ads search

2011 Isilon Systems, LLC.

2011 Isilon Systems, LLC.

OneFS Command Reference

isi auth ads spn check

2011 Isilon Systems, LLC.

OneFS Command Reference

isi auth ads spn create

2011 Isilon Systems, LLC.

OneFS Command Reference

isi auth ads spn delete

2011 Isilon Systems, LLC.

OneFS Command Reference

isi auth ads spn list

isi auth ads status

2011 Isilon Systems, LLC.

OneFS Command Reference

isi auth ads time

2011 Isilon Systems, LLC.

OneFS Command Reference

isi auth ads users list

2011 Isilon Systems, LLC.

OneFS Command Reference

isi auth config krb5 add realm

2011 Isilon Systems, LLC.

OneFS Command Reference

isi auth config krb5 delete default

2011 Isilon Systems, LLC.

OneFS Command Reference

isi auth config krb5 delete domain

isi auth config krb5 delete realm

2011 Isilon Systems, LLC.

isi auth config krb5 list

2011 Isilon Systems, LLC.

OneFS Command Reference

'domain_realm': {}, 'realms': {}}

isi auth config krb5 modify default

2011 Isilon Systems, LLC.

OneFS Command Reference

isi auth config krb5 modify domain

2011 Isilon Systems, LLC.

OneFS Command Reference

isi auth config krb5 modify realm

isi auth config krb5 write

2011 Isilon Systems, LLC.

isi auth config ldap list