Date: 2011-11-06 OS: SLES OS Version: 10 SP3 Symantec FileStore 5.6 RP1 P2 Patch Upgrade README CONTENTS I. Overview II. Upgrade procedure III. Fixes in the new patch IV. Known issues V. New Features PATCH ID : N/A PATCH NAME : FileStore-sles10_x86_64-patch-5.6RP1P2.tar.gz BASE PACKAGE NAME : Symantec FileStore BASE PACKAGE VERSION : 5.6 OBSELETE PATCHES : N/A SUPERCEDED PATCHES : N/A INCOMPATIBLE PATCHES : N/A SUPPORTED OS : SLES SUPPORTED OS VERSION : SLES 10 SP3 CREATION DATE : 2011-11-04 CATEGORY : enhancement, performance issue REBOOT REQUIRED : Yes SUPPORTS ROLLBACK : NO I. OVERVIEW: ------------ Symantec FileStore provides a scalable clustered storage solution. This document provides release information for the patch. II. UPGRADE PROCEDURE: ---------------------- After you have installed or synchronized a new SFS patch into your cluster, the list of available commands may change. Please login again to the CLI to access the updated features. IMPORTANT: there is a downtime for the service during an upgrade. The actual downtime will be a little longer than it takes to reboot the system. To avoid data loss, Symantec recommends that customers stop I/O processing completely during a patch upgrade. After you apply this patch, you cannot uninstall it. The 5.6 RP1P2 patch can only be installed on 5.6 or 5.6 P1 or 5.6 P2 or 5.6 P3 or 5.6 RP1 or 5.6 RP1 P1. To install the patch: 1. Login as master: su - master 2. Start the patch install: upgrade patch install IMPORTANT: Full upgrade instructions are included in the FileStore 5.6 Release Notes. Please note the following revisions: When you upgrade: * Symantec recommends that you remove I/O fencing before upgrading any cluster node or exporting your current configuration. Use the Storage> fencing off command first followed by the Storage> fencing destroy command to remove I/O fencing. This step is not required, but it is suggested for a clean upgrade. * Before upgrading, use the antivirus> liveupdate schedule delete command to stop AntiVirus LiveUpdate. * After patch upgrade, admin need to restart antivirus service (antivirus service stop and antivirus service start). III. FIXES IN THE NEW PATCH: ---------------------------- Etrack Incidents: 2412665 2425820 2481742 2492358 2492494 2492655 2494602 2497082 2507963 2510201 2510781 2510782 2510783 2510785 2513888 2516899 2517265 2519074 2522555 2529975 2531489 2533358 2533465 2535619 2535621 2551556 2553301 2558240 2558290 2559891 2564496 2566778 2567107 2568962 2571670 2572051 2574997 2575445 2575451 2575721 2576337 2576880 2576891 2578173 2578666 2579077 2579141 2581056 2584172 2584294 2584796 2586297 2588371 2590011 2591047 2591509 2591530 2592778 2593575 2594901 2595324 2595472 2595517 Errors/Problems Fixed: 2412665, 2412665 Enable changing the cluster name without re-installation. 2426498, 2425820 Support similar functionality as NetApp vFiler. 2491197, 2481742 Assign multiple VIPs on one Ethernet interface card. 2492569, 2492358 Use /tmp/liveupdate as the working directory for AntiVirus LiveUpdate instead of using /tmp directly. 2496424, 2492494 When virtual machines are backed up by replication, the md5 of the vmdk file in the source and target is inconsistent. 2279450, 2492655 The CIFS> mapuser add command can"t make mapping to users served by LDAP/NIS. 2496418, 2494602 Creating a file system fails with error message, "fs ERROR V-288-2160 Volume tag set failed." 2425361, 2497082 Problems recognizing EquaLogic array disks. 2349166, 2507963 After a replication job fails, the xc process takes up excessive CPU resources on the target cluster. 2491822, 2510201 Clean up of CIFS home directory soft links in the /tmp directory. 2439268, 2510781 ACLs are not removed on recovery from an NDMP backup stream. 2489105, 2510782 Command to modify tunables for iSCSI. 2490271, 2510783 If an iSCSI target is used by an online file system or by fencing, the offline, delete, and stop operations are blocked. 2491220, 2510785 Backup service fails completely unless an Enterprise Client license is installed on the NetBackup server. 2514607, 2513888 Need message to remind the user to restart the ftp service after changing the ftp global settings. 2517219, 2516899 After upgrading from FileStore 5.6 P1 to FileStore 5.6 RP1 P1, APM information does not work properly. 2517261, 2517265 iSCSI configuration is corrupted when multiple discovery addresses are added for the same portals. 2518979, 2519074 Login to an iSCSI target fails from a slave node and discovery address is not added. 2522557, 2522555 Running the event agentlet is not required after using these Cluster commands: add, delete, shutdown, or remove. 2529975 Files under the /opt/VRTSvcs/bin/SambaShare directory were not updated correctly during an upgrade. 2553472, 2531489 Include VxFS 5.0MP4HFw in the FileStore software. 2342654, 2533358 HAD process failed when nfsd was stopped. 2533463, 2533465 The iSCSI rediscover process does not ask for a new password after the password is changed on the array. 2517432, 2535619 CTDB log grows too large and takes up almost all available space in the /var directory. 2521857, 2535621 If you use the CIFS> set aio_size command to enter an invalid aio_size, then the aio_size value changes to 0 without producing an error message. 2425128, 2551556 Cannot delete a group after a user is deleted from the group. 2435634, 2553301 Enable a Metadata=ok flag by default when a secondary tier is created. 2558240 Include Samba 3.5.11 in the FileStore software. 2558284, 2558290 VIP is not online after a restart. 2572365, 2559891 In incremental replications, some rename operations are not applied to the target. 2564496 Temporary files consume too much disk space. 2566996, 2566778 Notifications are resent for events that have already been processed. 2572490, 2567107 A "failure" message appears when adding a storage tier to a file system, but the tier is still added. 2301859, 2568962 When the AntiVirus process decomposes certain zip structures, a node may fail. 2571672, 2571670 The NFS> share add command doesn"t ask for confirmation if a directory or file system is already shared over CIFS with conflicting options. 2572042, 2572051 The iSCSI> target del command ignores the portal argument. 2574620, 2574997 The FastResync process could not be enabled on a striped-mirror file system. 2575800, 2575445 SAS-connected disks are not scanned if a SAS card is installed. 2572324, 2575451 The server stop and start commands do not not require a password in CTDB mode. 2575786, 2575721 Include 5.0MP4RP1HF4 in the FileStore software. 2576335, 2576337 While creating a CIFS share from a directory under CTDB, if the directory does not exist it should be created. 2576889, 2576880 Daylight savings time (DST) is being abolished in Russia. 2576888, 2576891 You can delete an iSCSI target even when the file system is online. 2579132, 2578173 CIFS configuration does not refresh after upgrading to the FileStore 5.6 RP1 P1 patch. 2578658, 2578666 The Storage> scanbus force command does not import the disk configuration if you delete an iSCSI disk and add it back. 2579062, 2579077 After deleting and adding nodes to a cluster, files systems created on iSCSI disks may not appear correctly on all nodes. 2579141 Enable the ABE option for samba shared resources. 2581056 Include Promise ASL in the FileStore software. 2584703, 2584172 FastResync is disabled after shrinking a striped-mirror file system. 2572362, 2584294 When the public Ethernet interface card is unplugged on the current node, you cannot switch the VIP address of the backup to another node. 2584796 Include sav-1.0.10-42.i386 in the FileStore software. 2403046, 2586297 Configuration authentication fails if the replication IP is configured on a network interface other than pubeth0. 2588371 The FileStore installer failed to upgrade the packages with the same package names. 2590008, 2590011 When a job is running, importing the same license for Replication causes the job to fail and it cannot be recovered. 2593882, 2591047 Problems with the CIFS> share show and CIFS> share add commands. 2591509 For security, OpenSSH should use Protocol version 2. 2590130, 2591530 Replication failed due to rsync error 12 and 30 2592820, 2592778 The NFS> show fs command displays a "too many arguments" error message. 2593649, 2593575 Duplicate events are sent when the Management Console is switched over. 2594901 Unable to set yes/no values for the Antivirus> scan read and write commands. Also for zipdepth. 2595843, 2595324 The installinfo.txt file is missing on the master node and causes the PXE installation to fail. 2595472 Include ddn asl in the FileStore software. 2595543, 2595517 The timeout for Net ads join is too short. IV. KNOWN ISSUES: ---------------- Etrack Incident: 2531701 Symptom: If a cluster rewrites files on the same file system at the same time in two nodes, one of nodes may not have I/O traffic at all, or it may have much lower traffic than the other node. Description: There is a known performance issue when the remove operation is issued on the secondary node and if that results in freeing the whole AU then it may cause a locking contention between the primary & secondary nodes. Workaround: There is no workaround for this issue; it requires a fix from the VXFS team. Etrack Incident: 2602726 Symptom: The Root partition consumes 105GB but there are not any large files or directories. Description: If the file system for the destination replication unit is offline, then the replication job writes data on the root partition. Resolution: This issue is fixed in a future release. Etrack Incident: 2602769 Symptom: The Replication> config VIP bond1 command does not set the VIP address properly. The no-device-argument and bond0 command options work fine. Description: Replication VIP does not come online properly on other devices except first the interface, pubeth0 or bond0. Resolution: This isssue is fixed in a future release. Etrack Incident: 2602771 Symptom: The Replication> job resync command fails with a "rsync 12" or "rsync 30" error message. Description: Job resynchronization fails if there is no I/O in the specified rsync I/O timeout value. Resolution: This issue is fixed in a future release. Etrack Incident: 2602773 Symptom/Description: The netmask of a replication IP address is set as that of the first public Ethernet interface. It should be set from the assigned interface. Resolution: This issue is fixed in a future release. Etrack Incident: 2603056 Symptom: A file search from a Windows client causes a heavy load on the rtvscand process. Description: If a Windows client maps a CIFS share with a large number of zip files and AutoProtect is enabled, access to the CIFS share can be very slow. Resolution: Use the Antivirus> set commands to Set a low zip depth value. See "V. NEW FEATURES" section below for more information on setting zip depth. Etrack Incident: 2603975 Symptom: Patch upgrade does not complete due to lost of some patch rpm packages. Description: If an AntiVirus LiveUpdate task is scheduled on cluster during an upgrade, LiveUpdate may deletes files in the /tmp and /tmp/sfsfs_*/ directories. Resolution: Before upgrading, use the Antivirus> liveupdate schedule delete command to stop AntiVirus LiveUpdate. Etrack Incident: 2599803 Symptom: Failed to import disk group after reinstalling 5.6 RP1 P2 if there are clone disks. Description: When you reinstall the OS with the 5.6 RP1 P2 ISO or upgrade a single node cluster with the 5.6 RP1 P2 patch, import disk group fails if there are clone disks. This is because the new VxFS HF in 5.6 RP1 P2 does not allow a mix of clone disks and non-clone disks. Resolution: Before reinstalling, turn off the clone flag for disks on the master node: 1.Use the following command to check if there are clone disks: vxdisk list|grep clone_disk 2.After verifying the the clone disks, use the following command to turn of the clone flag: vxdisk -f updateudid $disk; vxdisk set $disk clone=off V. NEW FEATURES: ---------------- There are several new Antivirus commands available in this release: 1) Antivirus> set autoprotect zipdepth 2) Antivirus> set manual zipdepth 3) Antivirus> set scanread [yes|no] 4) Antivirus> set scanwrite [yes|no] 5) Antivirus> show 6) CIFS> share add filesystem sharename[@virtual_ip] 1) Antivirus> set autoprotect zipdepth This command sets the maximum level of depth for scanning compressed files during an Auto-Protect scan. For example, a zip within a zip, within a zip, etc. The zipdepth range is 0 to 3. If you set the zipdepth to 0, files within compressed files are not detected and scanned. Example: Antivirus> set autoprotect zipdepth 1 In this example, files up to one level deep in a compressed file are detected and scanned. Therefore, in an eicar.com.gz file, the eicar.com file is detected. However, in an eicar.com.gz.tar file, the eicar.com file is not detected. 2) Antivirus> set manual zipdepth This command sets the maximum level of depth for scanning compressed files during a manual (schedule) scan. The zip depth range is 0 to 3. Example: Antivirus> set manual zipdepth 2 3) Antivirus> set scanread [yes|no] This command enables (yes) or disables (no) a realtime scan when files are accessed or executed (Read operations). Example: Antivirus> set scanread yes 4) Antivirus> set scanwrite [yes|no] This command enables (yes) or disables (no) a realtime scan when files are modified (Write operations). Example: Antivirus> set scanwrite no 5. Antivirus> show This command shows all Symantec AntiVirus for FileStore configuration details, a list of file extensions excluded from scanning, a list of Auto-Protect disabled and enabled file systems, scan action policies, and a list of live update servers. Example: Antivirus> show Parameter Value ---------- --------- Scan read yes Scan write yes Primary action Clean Secondary action Quarantine Manual scan zipdepth 3 Autoprotect scan zipdepth 3 File excluded extension list com Auto protect enabled file systems fs2 Auto protect disabled file systems fs1, fs3 Virus definitions version 12/06/09 rev. 005 LiveUpdate serverid LiveUpdate servername ------------------- --------------------- 0 http://liveupdate.symantecliveupdate.com:80 1 http://liveupdate.symantec.com:80 2 ftp://update.symantec.com/opt/content/onramp 6. CIFS> share add filesystem sharename[@virtual_ip] This command add a filesystem as CIFS share. The new option "@virtual_ip" supports similar functionality as NetApp vFiler. If @virtual_ip is specified, the share can only be accessed by virtual_ip. At same time, the old "ip=virtualip" option is removed from "share add" command. Example: CIFS> share add fs1 share1@10.200.121.212 rw