InfoScale™ 9.0 Storage Foundation Cluster File System High Availability Configuration and Upgrade Guide - AIX

Last Published:
Product(s): InfoScale & Storage Foundation (9.0)
Platform: AIX
  1. Section I. Introduction to SFCFSHA
    1. Introducing Storage Foundation Cluster File System High Availability
      1.  
        About this document
      2.  
        About Storage Foundation Cluster File System High Availability
      3.  
        About InfoScale Operations Manager
      4.  
        About I/O fencing
      5.  
        About Services and Operations Readiness Tools (SORT)
      6. About configuring SFCFSHA clusters for data integrity
        1.  
          About I/O fencing for Storage Foundation Cluster File System High Availability in virtual machines that do not support SCSI-3 PR
        2. About I/O fencing components
          1.  
            About data disks
          2.  
            About coordination points
          3.  
            About preferred fencing
  2. Section II. Configuration of SFCFSHA
    1. Preparing to configure
      1. I/O fencing requirements
        1.  
          Coordinator disk requirements for I/O fencing
        2.  
          CP server requirements
        3.  
          Non-SCSI-3 I/O fencing requirements
    2. Preparing to configure SFCFSHA clusters for data integrity
      1. About planning to configure I/O fencing
        1.  
          Typical SFCFSHA cluster configuration with server-based I/O fencing
        2.  
          Recommended CP server configurations
      2. Setting up the CP server
        1.  
          Planning your CP server setup
        2.  
          Installing the CP server using the installer
        3.  
          Configuring the CP server cluster in secure mode
        4.  
          Setting up shared storage for the CP server database
        5.  
          Configuring the CP server using the installer program
        6. Configuring the CP server manually
          1.  
            Configuring the CP server manually for HTTPS-based communication
          2.  
            Generating the key and certificates manually for the CP server
          3.  
            Completing the CP server configuration
        7.  
          Verifying the CP server configuration
    3. Configuring SFCFSHA
      1.  
        Overview of tasks to configure SFCFSHA using the product installer
      2.  
        Starting the software configuration
      3.  
        Specifying systems for configuration
      4.  
        Configuring the cluster name
      5.  
        Configuring private heartbeat links
      6.  
        Configuring the virtual IP of the cluster
      7.  
        Configuring SFCFSHA in secure mode
      8. Configuring a secure cluster node by node
        1.  
          Configuring the first node
        2.  
          Configuring the remaining nodes
        3.  
          Completing the secure cluster configuration
      9.  
        Adding VCS users
      10.  
        Configuring SMTP email notification
      11.  
        Configuring SNMP trap notification
      12.  
        Configuring global clusters
      13.  
        Completing the SFCFSHA configuration
      14.  
        About the License Audit Tool
      15. Verifying and updating licenses on the system
        1.  
          Checking licensing information on the system
        2.  
          Replacing a SFCFSHA keyless license with another keyless license
        3.  
          Replacing a SFCFSHA keyless license with a permanent license
      16.  
        Configuring SFDB
    4. Configuring SFCFSHA clusters for data integrity
      1. Setting up disk-based I/O fencing using installer
        1.  
          Configuring disk-based I/O fencing using installer
        2.  
          Initializing disks as VxVM disks
        3. Checking shared disks for I/O fencing
          1.  
            Verifying Array Support Library (ASL)
          2.  
            Verifying that the nodes have access to the same disk
          3.  
            Testing the disks using vxfentsthdw utility
        4.  
          Refreshing keys or registrations on the existing coordination points for disk-based fencing using the installer
      2. Setting up server-based I/O fencing using installer
        1.  
          Refreshing keys or registrations on the existing coordination points for server-based fencing using the installer
        2. Setting the order of existing coordination points for server-based fencing using the installer
          1.  
            About deciding the order of existing coordination points
          2.  
            Setting the order of existing coordination points using the installer
      3.  
        Setting up non-SCSI-3 I/O fencing in virtual environments using installer
      4.  
        Setting up majority-based I/O fencing using installer
      5.  
        Enabling or disabling the preferred fencing policy
    5. Performing an automated SFCFSHA configuration using response files
      1.  
        Configuring SFCFSHA using response files
      2.  
        Response file variables to configure SFCFSHA
      3.  
        Sample response file for SFCFSHA configuration
    6. Performing an automated I/O fencing configuration using response files
      1.  
        Configuring I/O fencing using response files
      2.  
        Response file variables to configure disk-based I/O fencing
      3.  
        Sample response file for configuring disk-based I/O fencing
      4. Configuring CP server using response files
        1.  
          Response file variables to configure CP server
        2.  
          Sample response file for configuring the CP server on single node VCS cluster
        3.  
          Sample response file for configuring the CP server on SFHA cluster
      5.  
        Response file variables to configure server-based I/O fencing
      6.  
        Sample response file for configuring server-based I/O fencing
      7.  
        Response file variables to configure non-SCSI-3 I/O fencing
      8.  
        Sample response file for configuring non-SCSI-3 I/O fencing
      9.  
        Response file variables to configure majority-based I/O fencing
      10.  
        Sample response file for configuring majority-based I/O fencing
    7. Manually configuring SFCFSHA clusters for data integrity
      1. Setting up disk-based I/O fencing manually
        1.  
          Identifying disks to use as coordinator disks
        2.  
          Setting up coordinator disk groups
        3.  
          Creating I/O fencing configuration files
        4.  
          Modifying VCS configuration to use I/O fencing
        5.  
          Verifying I/O fencing configuration
      2. Setting up server-based I/O fencing manually
        1.  
          Preparing the CP servers manually for use by the SFCFSHA cluster
        2.  
          Generating the client key and certificates manually on the client nodes
        3. Configuring server-based fencing on the SFCFSHA cluster manually
          1.  
            Sample vxfenmode file output for server-based fencing
        4.  
          Configuring CoordPoint agent to monitor coordination points
        5.  
          Verifying server-based I/O fencing configuration
      3. Setting up non-SCSI-3 fencing in virtual environments manually
        1.  
          Sample /etc/vxfenmode file for non-SCSI-3 fencing
      4. Setting up majority-based I/O fencing manually
        1.  
          Creating I/O fencing configuration files
        2.  
          Modifying VCS configuration to use I/O fencing
        3.  
          Verifying I/O fencing configuration
  3. Section III. Upgrade of SFCFSHA
    1. Planning to upgrade SFCFSHA
      1.  
        About the upgrade
      2.  
        Supported upgrade paths
      3.  
        Transitioning between the InfoScale products
      4.  
        Considerations for upgrading SFCFSHA to 9.0 on systems configured with an Oracle resource
      5. Preparing to upgrade SFCFSHA
        1.  
          Getting ready for the upgrade
        2.  
          Creating backups
        3. Pre-upgrade planning when VVR is configured
          1. Planning an upgrade from the previous VVR version
            1.  
              Planning and upgrading VVR to use IPv6 as connection protocol
          2.  
            Considerations for upgrading SFCFSHA to 7.4 or later on systems with an ongoing or a paused replication
        4. Preparing to upgrade VVR when VCS agents are configured
          1. Freezing the service groups and stopping all the applications
            1.  
              Determining the nodes on which disk groups are online
          2.  
            Preparing for the upgrade when VCS agents are configured
        5.  
          Verifying that the file systems are clean
        6.  
          Upgrading the array support
      6.  
        Considerations for upgrading REST server
      7.  
        Using Install Bundles to simultaneously install or upgrade full releases (base, maintenance, rolling patch), and individual patches
    2. Upgrading the operating system
      1.  
        Upgrading the AIX operating system
    3. Performing a full upgrade of SFCFSHA using the installer
      1. Performing a full upgrade using the product installer
        1.  
          Ensuring the file systems are clean
        2. Performing the upgrade
          1.  
            Updating the configuration and confirming startup
        3.  
          Upgrading the operating system
      2.  
        Upgrading SFDB
    4. Performing a rolling upgrade of SFCFSHA
      1.  
        About rolling upgrade
      2.  
        Performing a rolling upgrade of SFCFSHA using the product installer
    5. Performing a phased upgrade of SFCFSHA
      1. About phased upgrade
        1.  
          Prerequisites for a phased upgrade
        2.  
          Planning for a phased upgrade
        3.  
          Phased upgrade limitations
        4.  
          Phased upgrade example
        5.  
          Phased upgrade example overview
      2. Performing a phased upgrade using the product installer
        1.  
          Moving the service groups to the second subcluster
        2.  
          Upgrading the operating system on the first subcluster
        3.  
          Upgrading the SFCFSHA stack on the first subcluster
        4.  
          Preparing the second subcluster
        5.  
          Activating the first subcluster
        6.  
          Upgrading the operating system on the second subcluster
        7.  
          Upgrading the second subcluster
        8.  
          Completing the phased upgrade
    6. Performing an automated SFCFSHA upgrade using response files
      1.  
        Upgrading SFCFSHA using response files
      2.  
        Response file variables to upgrade SFCFSHA
      3.  
        Sample response file for full upgrade of SFCFSHA
      4.  
        Sample response file for rolling upgrade of SFCFSHA
    7. Upgrading Volume Replicator
      1.  
        Upgrading Volume Replicator
      2. Upgrading VVR without disrupting replication
        1.  
          Upgrading VVR sites for InfoScale 7.3.1
        2.  
          Upgrading VVR sites with InfoScale 7.4 or later
        3.  
          Upgrading VVR sites in VCS control for InfoScale 7.3.1
        4.  
          Upgrading VVR sites in VCS control for InfoScale 7.4 or later
        5.  
          Post-upgrade tasks for VVR sites
    8. Performing post-upgrade tasks
      1.  
        Resetting DAS disk names to include host name in FSS environments
      2.  
        CVM master node needs to assume the logowner role for VCS managed VVR resources
  4. Section IV. Post-configuration tasks
    1. Performing post configuration tasks
      1.  
        Upgrading disk layout versions
      2.  
        Switching on Quotas
      3. About enabling LDAP authentication for clusters that run in secure mode
        1.  
          Enabling LDAP authentication for clusters that run in secure mode
      4. About configuring authentication for SFDB tools
        1.  
          Configuring vxdbd for SFDB tools authentication
  5. Section V. Configuration of disaster recovery environments
    1. Configuring disaster recovery environments
      1.  
        Disaster recovery options for SFCFSHA
      2.  
        About setting up a campus cluster for disaster recovery
      3.  
        About setting up a global cluster environment for SFCFSHA
      4.  
        About configuring a parallel global cluster using Volume Replicator (VVR) for replication
  6. Section VI. Adding and removing nodes
    1. Adding a node to SFCFSHA clusters
      1.  
        About adding a node to a cluster
      2.  
        Before adding a node to a cluster
      3.  
        Adding a node to a cluster using the Veritas InfoScale installer
      4. Adding the node to a cluster manually
        1.  
          Starting Veritas Volume Manager (VxVM) on the new node
        2.  
          Configuring cluster processes on the new node
        3. Setting up the node to run in secure mode
          1.  
            Configuring the authentication broker on node sys5
        4.  
          Starting fencing on the new node
        5.  
          After adding the new node
        6.  
          Configuring Cluster Volume Manager (CVM) and Cluster File System (CFS) on the new node
        7.  
          Configuring the ClusterService group for the new node
      5. Adding a node using response files
        1.  
          Response file variables to add a node to a SFCFSHA cluster
        2.  
          Sample response file for adding a node to a SFCFSHA cluster
      6. Configuring server-based fencing on the new node
        1.  
          Adding the new node to the vxfen service group
      7.  
        Adding nodes to a cluster that is using authentication for SFDB tools
      8.  
        Updating the Storage Foundation for Databases (SFDB) repository after adding a node
      9.  
        Sample configuration file for adding a node to the cluster
    2. Removing a node from SFCFSHA clusters
      1.  
        About removing a node from a cluster
      2.  
        Removing a node from a cluster
      3.  
        Modifying the VCS configuration files on existing nodes
      4.  
        Modifying the Cluster Volume Manager (CVM) configuration on the existing nodes to remove references to the deleted node
      5.  
        Removing the node configuration from the CP server
      6.  
        Removing security credentials from the leaving node
      7.  
        Updating the Storage Foundation for Databases (SFDB) repository after removing a node
      8.  
        Sample configuration file for removing a node from the cluster
  7. Section VII. Configuration and Upgrade reference
    1. Appendix A. Support for AIX Live Update
      1.  
        Support for AIX Live Update (Technology preview)
    2. Appendix B. Installation scripts
      1.  
        Installation script options
      2.  
        About using the postcheck option
    3. Appendix C. Configuration files
      1.  
        About the LLT and GAB configuration files
      2.  
        About the AMF configuration files
      3.  
        About I/O fencing configuration files
      4. Sample configuration files for CP server
        1.  
          Sample main.cf file for CP server hosted on a single node that runs VCS
        2.  
          Sample main.cf file for CP server hosted on a two-node SFHA cluster
        3.  
          Sample CP server configuration (/etc/vxcps.conf) file output
    4. Appendix D. Configuring the secure shell or the remote shell for communications
      1.  
        About configuring secure shell or remote shell communication modes before installing products
      2.  
        Manually configuring passwordless ssh
      3.  
        Setting up ssh and rsh connection using the installer -comsetup command
      4.  
        Setting up ssh and rsh connection using the pwdutil.pl utility
      5.  
        Restarting the ssh session
      6.  
        Enabling rsh for AIX
    5. Appendix E. High availability agent information
      1. About agents
        1.  
          VCS agents included within SFCFSHA
      2. Enabling and disabling intelligent resource monitoring for agents manually
        1.  
          Administering the AMF kernel driver
      3. CVMCluster agent
        1.  
          Entry points for CVMCluster agent
        2.  
          Attribute definition for CVMCluster agent
        3.  
          CVMCluster agent type definition
        4.  
          CVMCluster agent sample configuration
      4. CVMVxconfigd agent
        1.  
          Entry points for CVMVxconfigd agent
        2.  
          Attribute definition for CVMVxconfigd agent
        3.  
          CVMVxconfigd agent type definition
        4.  
          CVMVxconfigd agent sample configuration
      5. CVMVolDg agent
        1.  
          Entry points for CVMVolDg agent
        2.  
          Attribute definition for CVMVolDg agent
        3.  
          CVMVolDg agent type definition
        4.  
          CVMVolDg agent sample configuration
      6. CFSMount agent
        1.  
          Entry points for CFSMount agent
        2.  
          Attribute definition for CFSMount agent
        3.  
          CFSMount agent type definition
        4.  
          CFSMount agent sample configuration
      7. CFSfsckd agent
        1.  
          Entry points for CFSfsckd agent
        2.  
          Attribute definition for CFSfsckd agent
        3.  
          CFSfsckd agent type definition
        4.  
          CFSfsckd agent sample configuration
    6. Appendix F. Sample SFCFSHA cluster setup diagrams for CP server-based I/O fencing
      1. Configuration diagrams for setting up server-based I/O fencing
        1.  
          Two unique client clusters served by 3 CP servers
        2.  
          Client cluster served by highly available CPS and 2 SCSI-3 disks
        3.  
          Two node campus cluster served by remote CP server and 2 SCSI-3 disks
        4.  
          Multiple client clusters served by highly available CP server and 2 SCSI-3 disks
    7. Appendix G. Changing NFS server major numbers for VxVM volumes
      1.  
        Changing NFS server major numbers for VxVM volumes
    8. Appendix H. Configuring LLT over UDP
      1. Using the UDP layer for LLT
        1.  
          When to use LLT over UDP
      2. Manually configuring LLT over UDP using IPv4
        1.  
          Broadcast address in the /etc/llttab file
        2.  
          The link command in the /etc/llttab file
        3.  
          The set-addr command in the /etc/llttab file
        4.  
          Selecting UDP ports
        5.  
          Configuring the netmask for LLT
        6.  
          Configuring the broadcast address for LLT
        7.  
          Sample configuration: direct-attached links
        8.  
          Sample configuration: links crossing IP routers
      3. Using the UDP layer of IPv6 for LLT
        1.  
          When to use LLT over UDP
      4. Manually configuring LLT over UDP using IPv6
        1.  
          The link command in the /etc/llttab file
        2.  
          The set-addr command in the /etc/llttab file
        3.  
          Selecting UDP ports
        4.  
          Sample configuration: direct-attached links
        5.  
          Sample configuration: links crossing IP routers

Support for AIX Live Update (Technology preview)

Veritas InfoScale supports the AIX Live Update feature. Starting with AIX Version 7.2, the AIX operating system provides the AIX Live Update feature that aims to eliminate the workload downtime that is associated with the AIX kernel update operation.

The AIX Live Update feature provides an efficient way to apply the AIX updates, ifixes, service packs, and technology levels without restarting the system. You can trigger the AIX 7.2 Live Kernel Update using the geninstall -k command that updates the OS automatically without any manual intervention or downtime. Though the I/O operations are paused for a few seconds, the critical enterprise workloads remain almost during the Live Update operation. The LKU framework recognizes if InfoScale is installed on the server and takes appropriate action while performing live updates.

Note:

If Live update operation fails due to any AIX specific error, Veritas does not guarantee sanity of machine after LKU operation is completed.

Prerequisites to use the LKU feature with InfoScale

  • The systems with InfoScale running on it must be LKU compatible

  • InfoScale is running on a platform where IBM supports LKU with InfoScale

  • The Technology Level to which you want to upgrade must be supported by InfoScale

  • LKU should not be executed with the array having 2Mb gatekeeper disk

How does Live Update work?

  • The Live kernel update operation gets initiated using the geninstall -k command from the original partition where the workload is currently running.

  • The LKU framework provisions another LPAR on-the-fly with updated kernel extensions. This partition is referred to as a surrogate partition.

  • The surrogate partition is patched with the updated kernel versions while the workload is still running on the original partition.

  • Once the surrogate partition is up and running, the workload is moved from the original partition to the surrogate partition using the checkpoint and restart mechanism.

  • The workload resumes on the surrogate partition in a "chrooted" environment.

When you perform an LKU operation, the geninstall command uses the lvupdate.data configuration file that is available in the /var/adm/ras/liveupdate directory. This configuration file contains the data that is required for the LKU operation. You can use the lvupdate.template file from the /var/adm/ras/liveupdate directory to create the lvupdate.data file. The template file contains the descriptions of all possible fields required for the LKU operation. The following example shows a sample lvupdate.data file: 

general:
       kext_check = yes
       aix_mpio = no
 disks:
      nhdisk  = <hdisk1>
      mhdisk  = <hdisk2>
 hmc:
      lpar_id  = <lparid>
      management_console = <management console ip>
      user = <user>

When you create this configuration file, ensure that:

  • You set the value of aix_mpio field to no to disable the native Multi-Path I/O (MPIO).

  • Provide hdisk# as values for the nhdisk and mhdisk fields.

    • nhdisk: The names of disks to be used to make a copy of the original rootvg which will be used to boot the Surrogate.

    • mhdisk: The names of disks to be used to temporarily mirror rootvg on the Original LPAR.

  • The size of the specified disks must match the total size of the original rootvg.

  • These disks should be free. Application or Administrator should not use these disks for any other operation during the Live update operation.

  • These disks should not be a part of any active or disabled Logical Volume Manager (LVM) volume groups.

  • These disks should not be a part of any VxVM disk group and should not have any VxVM tag.

Limitations of LKU with InfoScale

Consider the following restrictions for the AIX Live Update operation with InfoScale:

  • LKU supports only the storage components of InfoScale

  • LKU is not supported in a CVM environment

  • LKU is not supported for setups with combined configuration of DMP and third-party driver. For example, native MPIO.

  • LKU does not support the following InfoScale features:

    • Clustering for HA or DR

    • Support for 3rd party multipathing solution

    • VVR and VFR Replication

    • Snapshot

    • FSS

    • SmartIO

    • Compression

    • In-memory statistics handling

    • Power VC

    • User initiated VxVM operations during LKU

    • Read-Write clones (checkpoints)

    • Cluster Filesystem

    • Partition Directories

  • InfoScale product upgrades are not supported through the LKU operation

  • LKU operation is not supported in high availability configurations for InfoScale

  • LKU operation is not supported in presence of VxVM swap devices

  • LKU operation is not supported if any of the administrative tasks like fsadm, fsck is running

  • LKU operation fails if any changes like volume creation, deletion and so on are made to the VxVM configuration within the LKU start and MCR phase

  • LKU operation is not supported in presence of vSCSI disk

  • The integration of InfoScale products and LKU framework is supported only for the Local Mount filesystem

Known issues

LKU operation fails with the "kernel extensions are not known to be safe for Live Update: vxglm.ext(vxglm.ext64)" error.

A Live Update operation fails if a loaded kernel extension is not marked as safe in the safe list.

If the Group Lock Manager (GLM) is installed on a system, but the VRTSglm package is not marked with the SYS_LUSAFE flag, the LKU operation fails with the "kernel extensions are not known to be safe for Live Update: vxglm.ext(vxglm.ext64)" error.

Workaround:

Mark the VRTSglm package SYS_LUSAFE before initiating the LKU operation.

To add the VRTSglm package to the safe list for the Live Update operation, use the following command:

# lvupdateSafeKE -a /usr/lib/drivers/vxglm.ext\(vxglm.ext64\)

LKU operation fails if the ODM file system is mounted

In the technology preview mode, LKU operation is not supported with VRTSodm.

Workaround:

  1. Unmount the ODM file system using the umount /dev/odm command.

  2. Initiate the LKU operation using the geninstall -k command.