Date: 2011-11-06
OS: SLES
OS Version: 10 SP3
Symantec FileStore 
5.6 RP1 P2 Patch Upgrade README

CONTENTS
I.   Overview
II.  Upgrade procedure
III. Fixes in the new patch
IV.  Known issues
V.  New Features

PATCH ID 			: N/A
PATCH NAME 			: FileStore-sles10_x86_64-patch-5.6RP1P2.tar.gz
BASE PACKAGE NAME		: Symantec FileStore
BASE PACKAGE VERSION 		: 5.6
OBSELETE PATCHES 		: N/A
SUPERCEDED PATCHES 		: N/A
INCOMPATIBLE PATCHES 		: N/A
SUPPORTED OS 			: SLES
SUPPORTED OS VERSION		: SLES 10 SP3
CREATION DATE 			: 2011-11-04
CATEGORY 			: enhancement,  performance issue
REBOOT REQUIRED 		: Yes
SUPPORTS ROLLBACK 		: NO


I. OVERVIEW:
------------
Symantec FileStore provides a scalable clustered storage solution. This document provides release information for the patch.


II. UPGRADE PROCEDURE:
----------------------
After you have installed or synchronized a new SFS patch into your cluster, the list of available commands may change. Please login again to the CLI to access the updated features. 

IMPORTANT: there is a downtime for the service during an upgrade. The actual downtime will be a little longer than it takes to reboot the system. To avoid data loss, Symantec recommends that customers stop I/O processing completely during a patch upgrade.  

After you apply this patch, you cannot uninstall it. The 5.6 RP1P2 patch can only be installed on 5.6 or 5.6 P1 or 5.6 P2 or 5.6 P3 or 5.6 RP1 or 5.6 RP1 P1.


To install the patch:
1. Login as master:
   su - master
2. Start the patch install:
   upgrade patch install <URL>

IMPORTANT: Full upgrade instructions are included in the FileStore 5.6 Release Notes. Please note the following revisions:

When you upgrade:

* Symantec recommends that you remove I/O fencing before upgrading any cluster node or exporting your current configuration. Use the Storage> fencing off command first followed by the Storage> fencing destroy command to remove I/O fencing. This step is not required, but it is suggested for a clean upgrade. 

* Before upgrading, use the antivirus> liveupdate schedule delete command to stop AntiVirus LiveUpdate.

* After patch upgrade, admin need to restart antivirus service (antivirus service stop and antivirus service start).

III. FIXES IN THE NEW PATCH:
----------------------------

Etrack Incidents: 2412665 2425820 2481742 2492358 2492494 2492655 2494602 2497082 2507963 2510201 2510781 2510782 2510783 2510785 2513888 2516899 2517265 2519074 2522555 2529975 2531489 2533358 2533465 2535619 2535621 2551556 2553301 2558240 2558290 2559891 2564496 2566778 2567107 2568962 2571670 2572051 2574997 2575445 2575451 2575721 2576337 2576880 2576891 2578173 2578666 2579077 2579141 2581056 2584172 2584294 2584796 2586297 2588371 2590011 2591047 2591509 2591530 2592778 2593575 2594901 2595324 2595472 2595517 

Errors/Problems Fixed:

2412665, 2412665	Enable changing the cluster name without re-installation.
2426498, 2425820	Support similar functionality as NetApp vFiler.
2491197, 2481742	Assign multiple VIPs on one Ethernet interface card.
2492569, 2492358	Use /tmp/liveupdate as the working directory for AntiVirus LiveUpdate instead of using /tmp directly.
2496424, 2492494	When virtual machines are backed up by replication, the md5 of the vmdk file in the source and target is inconsistent.
2279450, 2492655	The CIFS> mapuser add command can"t make mapping to users served by LDAP/NIS.
2496418, 2494602	Creating a file system fails with error message, "fs ERROR V-288-2160 Volume tag set failed."
2425361, 2497082	Problems recognizing EquaLogic array disks.
2349166, 2507963	After a replication job fails, the xc process takes up excessive CPU resources on the target cluster.
2491822, 2510201	Clean up of CIFS home directory soft links in the /tmp directory.
2439268, 2510781	ACLs are not removed on recovery from an NDMP backup stream.
2489105, 2510782	Command to modify tunables for iSCSI.
2490271, 2510783	If an iSCSI target is used by an online file system or by fencing, the offline, delete, and stop operations are blocked.
2491220, 2510785	Backup service fails completely unless an Enterprise Client license is installed on the NetBackup server.
2514607, 2513888	Need message to remind the user to restart the ftp service after changing the ftp global settings.
2517219, 2516899	After upgrading from FileStore 5.6 P1 to FileStore 5.6 RP1 P1, APM information does not work properly.
2517261, 2517265	iSCSI configuration is corrupted when multiple discovery addresses are added for the same portals.
2518979, 2519074	Login to an iSCSI target fails from a slave node and discovery address is not added.
2522557, 2522555	Running the event agentlet is not required after using these Cluster commands: add, delete, shutdown, or remove.
2529975	        Files under the /opt/VRTSvcs/bin/SambaShare directory were not updated correctly during an upgrade.
2553472, 2531489	Include VxFS 5.0MP4HFw in the FileStore software.
2342654, 2533358	HAD process failed when nfsd was stopped.
2533463, 2533465	The iSCSI rediscover process does not ask for a new password after the password is changed on the array.
2517432, 2535619	CTDB log grows too large and takes up almost all available space in the /var directory.
2521857, 2535621	If you use the CIFS> set aio_size command to enter an invalid aio_size, then the aio_size value changes to 0 without producing an error message.
2425128, 2551556	Cannot delete a group after a user is deleted from the group.
2435634, 2553301	Enable a Metadata=ok flag by default when a secondary tier is created. 
2558240	        Include Samba 3.5.11 in the FileStore software.
2558284, 2558290	VIP is not online after a restart.
2572365, 2559891	In incremental replications, some rename operations are not applied to the target.
2564496	        Temporary files consume too much disk space.
2566996, 2566778	Notifications are resent for events that have already been processed.
2572490, 2567107	A "failure" message appears when adding a storage tier to a file system, but the tier is still added.
2301859, 2568962	When the AntiVirus process decomposes certain zip structures, a node may fail. 
2571672, 2571670	The NFS> share add command doesn"t ask for confirmation if a directory or file system is already shared over CIFS with conflicting options.
2572042, 2572051	The iSCSI> target del command ignores the portal argument.
2574620, 2574997	The FastResync process could not be enabled on a striped-mirror file system.
2575800, 2575445	SAS-connected disks are not scanned if a SAS card is installed.
2572324, 2575451	The server stop and start commands do not not require a password in CTDB mode.
2575786, 2575721	Include 5.0MP4RP1HF4 in the FileStore software.
2576335, 2576337	While creating a CIFS share from a directory under CTDB, if the directory does not exist it should be created.
2576889, 2576880	Daylight savings time (DST) is being abolished in Russia.
2576888, 2576891	You can delete an iSCSI target even when the file system is online.
2579132, 2578173	CIFS configuration does not refresh after upgrading to the FileStore 5.6 RP1 P1 patch.
2578658, 2578666	The Storage> scanbus force command does not import the disk configuration if you delete an iSCSI disk and add it back.
2579062, 2579077	After deleting and adding nodes to a cluster, files systems created on iSCSI disks may not appear correctly on all nodes.
2579141	        Enable the ABE option for samba shared resources.
2581056	        Include Promise ASL in the FileStore software.
2584703, 2584172	FastResync is disabled after shrinking a striped-mirror file system.
2572362, 2584294	When the public Ethernet interface card is unplugged on the current node, you cannot switch the VIP address of the backup to another node.
2584796	        Include sav-1.0.10-42.i386 in the FileStore software.
2403046, 2586297	Configuration authentication fails if the replication IP is configured on a network interface other than pubeth0.
2588371      	The FileStore installer failed to upgrade the packages with the same package names.
2590008, 2590011	When a job is running, importing the same license for Replication causes the job to fail and it cannot be recovered.
2593882, 2591047	Problems with the CIFS> share show and CIFS> share add commands.
2591509	        For security, OpenSSH should use Protocol version 2.
2590130, 2591530	Replication failed due to rsync error 12 and 30
2592820, 2592778	The NFS> show fs command displays a "too many arguments" error message.
2593649, 2593575	Duplicate events are sent when the Management Console is switched over.
2594901	        Unable to set yes/no values for the Antivirus> scan read and write commands. Also for zipdepth.
2595843, 2595324	The installinfo.txt file is missing on the master node and causes the PXE installation to fail.
2595472	        Include ddn asl in the FileStore software. 
2595543, 2595517	The timeout for Net ads join is too short.

IV. KNOWN ISSUES:
----------------

Etrack Incident: 2531701

Symptom: If a cluster rewrites files on the same file system at the same time in two nodes, one of nodes may not have I/O traffic at all, or it may have much lower traffic than the other node.

Description: There is a known performance issue when the remove operation is issued on the secondary node and if that results in freeing the whole AU then it may cause a locking contention between the primary & secondary nodes. 

Workaround: There is no workaround for this issue; it requires a fix from the VXFS team.


Etrack Incident: 2602726

Symptom: The Root partition consumes 105GB but there are not any large files or directories.

Description: If the file system for the destination replication unit is offline, then the replication job writes data on the root partition.

Resolution: This issue is fixed in a future release. 


Etrack Incident: 2602769

Symptom: The Replication> config VIP bond1 command does not set the VIP address properly. The no-device-argument and bond0 command options work fine.

Description: Replication VIP does not come online properly on other devices except first the interface, pubeth0 or bond0.

Resolution: This isssue is fixed in a future release. 


Etrack Incident: 2602771

Symptom: The Replication> job resync command fails with a "rsync 12" or "rsync 30" error message.

Description: Job resynchronization fails if there is no I/O in the specified rsync I/O timeout value.

Resolution: This issue is fixed in a future release.


Etrack Incident: 2602773

Symptom/Description: The netmask of a replication IP address is set as that of the first public Ethernet interface. It should be set from the assigned interface.

Resolution: This issue is fixed in a future release. 


Etrack Incident: 2603056

Symptom: A file search from a Windows client causes a heavy load on the rtvscand process.

Description: If a Windows client maps a CIFS share with a large number of zip files and AutoProtect is enabled, access to the CIFS share can be very slow.

Resolution: Use the Antivirus> set commands to Set a low zip depth value. See "V. NEW FEATURES" section below for more information on setting zip depth.


Etrack Incident: 2603975

Symptom: Patch upgrade does not complete due to lost of some patch rpm packages.

Description: If an AntiVirus LiveUpdate task is scheduled on cluster during an upgrade, LiveUpdate may deletes files in the /tmp and /tmp/sfsfs_*/ directories.

Resolution: Before upgrading, use the Antivirus> liveupdate schedule delete command to stop AntiVirus LiveUpdate.


Etrack Incident: 2599803

Symptom: Failed to import disk group after reinstalling 5.6 RP1 P2 if there are clone disks.

Description:  When you reinstall the OS with the 5.6 RP1 P2 ISO or upgrade a single node cluster with the 5.6 RP1 P2 patch, import disk group fails if there are clone disks. This is because the new VxFS HF in 5.6 RP1 P2 does not allow a mix of clone disks and non-clone disks.

Resolution: Before reinstalling, turn off the clone flag for disks on the master node:
	
	1.Use the following command to check if there are clone disks:

	vxdisk list|grep clone_disk
	

	2.After verifying the the clone disks, use the following command to turn of the clone flag:

	vxdisk -f updateudid $disk; vxdisk set $disk clone=off


V. NEW FEATURES:
----------------

There are several new Antivirus commands available in this release:

1) Antivirus> set autoprotect zipdepth <level>
2) Antivirus> set manual zipdepth <level>
3) Antivirus> set scanread [yes|no]
4) Antivirus> set scanwrite [yes|no]
5) Antivirus> show 
6) CIFS> share add filesystem sharename[@virtual_ip]

1) Antivirus> set autoprotect zipdepth <level>

This command sets the maximum level of depth for scanning compressed files during an Auto-Protect scan. For example, a zip within a zip, within a zip, etc.  The zipdepth range is 0 to 3. If you set the zipdepth to 0, files within compressed files are not detected and scanned.

Example: Antivirus> set autoprotect zipdepth 1 

In this example, files up to one level deep in a compressed file are detected and scanned. Therefore, in an eicar.com.gz file, the eicar.com file is detected. However, in an eicar.com.gz.tar file, the eicar.com file is not detected. 

2) Antivirus> set manual zipdepth <level>

This command sets the maximum level of depth for scanning compressed files during a manual (schedule) scan. The zip depth range is 0 to 3.

Example: Antivirus> set manual zipdepth 2

3) Antivirus> set scanread [yes|no]

This command enables (yes) or disables (no) a realtime scan when files are accessed or executed (Read operations). 

Example: Antivirus> set scanread yes

4) Antivirus> set scanwrite [yes|no]

This command enables (yes) or disables (no) a realtime scan when files are modified (Write operations).

Example: Antivirus> set scanwrite no

5. Antivirus> show

This command shows all Symantec AntiVirus for FileStore configuration details, a list of file extensions excluded from scanning, a list of Auto-Protect disabled and enabled file systems, scan action policies, and a list of live update servers.

Example: Antivirus> show

Parameter                             Value
----------                            ---------
Scan read                             yes
Scan write                             yes 
Primary action                        Clean
Secondary action                      Quarantine
Manual scan zipdepth                  3
Autoprotect scan zipdepth             3
File excluded extension list          com
Auto protect enabled file systems     fs2
Auto protect disabled file systems    fs1, fs3
Virus definitions version             12/06/09 rev. 005	

LiveUpdate serverid                   LiveUpdate servername
-------------------                   ---------------------
0                                     http://liveupdate.symantecliveupdate.com:80
1                                     http://liveupdate.symantec.com:80
2                                     ftp://update.symantec.com/opt/content/onramp


6. CIFS> share add filesystem sharename[@virtual_ip]

This command add a filesystem as CIFS share. The new option "@virtual_ip" supports similar functionality as NetApp vFiler. If @virtual_ip is specified, the share can only be accessed by virtual_ip. At same time, the old "ip=virtualip" option is removed from "share add" command.

Example: CIFS> share add fs1 share1@10.200.121.212 rw