Please enter search query.
Search <book_title>...
Veritas Access Appliance Release Notes
Last Published:
2023-05-21
Product(s):
Appliances (8.0)
Platform: Access Appliance OS,Veritas 3340,Veritas 3350
- Overview of Access Appliance
- About this release
- Changes in this release
- Enhancements to cluster configuration workflow
- Support for immutability
- Accessing the WORM storage server instances for management tasks
- Configuring MSDP-C with Access Appliance
- Configuring user authentication using digital certificates or smart cards
- Managing password policies
- Setting login banners
- New command structure for Access Appliance Shell commands
- Support for new hardware model
- Preupgrade check to determine if the appliance is ready for an upgrade
- Terminology changes
- Supported NetBackup client versions
- Access Appliance simple storage service (S3) APIs
- Fixed issues
- Software limitations
- Limitations on using shared LUNs
- Limitations related to installation and upgrade
- Limitations in the Backup mode
- Access Appliance IPv6 limitations
- FTP limitations
- Limitations related to commands in a non-SSH environment
- Limitations related to Veritas Data Deduplication
- Kernel-based NFS v4 limitations
- File system limitation
- Access Appliance S3 server limitation
- Long-term data retention (LTR) limitations
- Limitations related to upgrade
- Limitation related to replication
- Known issues
- Access Appliance known issues
- Admin issues
- CIFS issues
- Cannot enable the quota on a file system that is appended or added to the list of homedir
- Deleting a CIFS share resets the default owner and group permissions for other CIFS shares on the same file system
- Default CIFS share has owner other than root
- CIFS mapuser command fails to map all the users from Active Directory (AD) to all the NIS/LDAP users
- CIFS share may become unavailable when the CIFS server is in normal mode
- CIFS share creation does not authenticate AD users
- If you mount or access a CIFS share using the local user without netbios or cluster name, the operation fails
- During upgrade, the CVM and CFS agents are not stopped
- Unable to access CIFS shares using the Share Open command from the Access Appliance Shell menu
- CIFS share may become inaccessible after an upgrade from Access Appliance version 7.4.2.400 to 8.0
- Upgrade from Access Appliance version 7.4.2.400 to 8.0 fails if CIFS CTBD mode is configured
- General issues
- Reimaging the appliance from the SSD device fails if a CD with the ISO image is inserted in the CD-ROM
- A functionality of Access Appliance works from the master node but does not work from the slave node
- The complete attribute list of adapters and RAIDs do not get displayed in the GET Rest API output
- User account gets locked on a management or non-management console node
- Setting retention on a directory path does not work from the Access Appliance command-line interface
- GUI issues
- When provisioning the Access Appliance GUI, the option to generate S3 keys is not available after the LTR policy is activated
- When provisioning storage, the Access web interface or the command-line interface displays storage capacity in MB, GB, TB, or PB
- Restarting the server as part of the command to add and remove certificates gives an error on RHEL 7
- Client certificate validation using OpenSSL ocsp does not work on RHEL 7
- GUI does not support segregated IPv6 addresses while creating CIFS shares using the Enterprise Vault policy
- During a rolling upgrade the UI becomes inaccessible
- REST endpoint field gives an error message for valid values while registering S3-compatible as a cloud service
- If lockdown mode was set using CLISH, switching the lockdown mode to Normal mode using the GUI fails if you set the retention period as 0
- Infrastructure issues
- Mongo service does not start after a new node is added successfully
- The Access Appliance management console is not available after a node is deleted and the remaining node is restarted
- Unable to add an Appliance node to the cluster again after the Appliance node is turned off and removed from the Access Appliance cluster
- Installation and configuration issues
- After you restart a node that uses RDMA LLT, LLT does not work, or the gabconfig - a command shows the jeopardy state
- Running individual Access Appliance scripts may return inconsistent return codes
- Installer does not list the initialized disks immediately after initializing the disks during I/O fencing configuration
- If you run the Cluster> show command when a slave node is in the restart, shutdown, or crash state, the slave node throws an exception
- If duplicate PCI IDs are added for the PCI exclusion, the Cluster> add node name command fails
- Phantomgroup for the VLAN device does not come online if you create another VLAN device from the Access Appliance command-line interface after cluster configuration is done
- Configuring Access Appliance with a preconfigured VLAN and a preconfigured bond fails
- In a mixed mode Access Appliance cluster, after the execution of the Cluster> add node command, one type of unused IP does not get assigned as a physical IP to public NICs
- NLMGroup service goes into a FAULTED state when the private IP (x.x.x.2) is not free
- The cluster> show command does not detect all the nodes of the cluster
- When you configure Access Appliance as an iSCSI target, the initiator authentication does not work
- Internationalization (I18N) issues
- MSDP-C issues
- Networking issues
- CVM service group goes into faulted state unexpectedly
- In a mixed IPv4 and IPv6 VIP network set up, the IP balancing does not consider IP type
- The netgroup search does not continue to search in NIS if the entry is not found in LDAP
- The IPs hosted on an interface that is not the current IPv6 default gateway interface are not reachable outside the current IPv6 subnet
- After network interface swapping between two private NICs or one private NIC and one public NIC, the service groups on the slave nodes are not probed
- Unable to import the network module after an operating system upgrade
- Network load balancer does not get configured with IPv6
- Unable to add an IPv6-default gateway on an IPv4-installed cluster
- LDAP over SSL may not work in Access Appliance 8.0
- The network> swap command hangs if any node other than the console node is specified
- LDAP user fails to establish SSH connection with the cluster when FTP is configured
- Unable to configure primary, backup DC server as the command does not allow specifying multiple DC servers
- NFS issues
- Latest directory content of server is not visible to the client if time is not synchronized across the nodes
- NFS> share show command does not distinguish offline versus online shares
- Kernel-NFS v4 lock failover does not happen correctly in case of a node crash
- Kernel-NFS v4 export mount for Netgroup does not work correctly
- When a file system goes into the FAULTED or OFFLINE state, the NFS share groups associated with the file system do not become offline on all the nodes
- Add and delete NFS client operations fail from the GUI
- Multiple NFS shares created on a single file system from CLISH do not get listed in the Restful API output and GUI
- ObjectAccess issues
- When trying to connect to the S3 server over SSLS3, the client application may give a warning
- File systems that are already created cannot be mapped as S3 buckets for local users using the GUI
- If you have upgraded to Access Appliance 8.0 from an earlier release, access to S3 server fails if the cluster name has uppercase letters
- If the cluster name does not follow the DNS hostname restrictions, you cannot work with the ObjectAccess service in Access Appliance
- Bucket creation may fail with time-out error
- Bucket deletion may fail with "No such bucket" or "No such key" error
- Group configuration does not work in ObjectAccess if the group name contains a space
- Self test failed for storage_s3test
- Replication issues
- When running episodic replication and deduplication on the same cluster node, the episodic replication job fails in certain scenarios
- The System> config import command does not import episodic replication keys and jobs
- The job uses the schedule on the target after episodic replication failover
- Episodic replication fails with error "connection reset by peer" if the target node fails over
- Episodic replication jobs created in Access Appliance 7.2.1.1 or earlier versions are not recognized after an upgrade
- Setting the bandwidth through the GUI is not enabled for episodic replication
- Episodic replication job with encryption fails after job remove and add link with SSL certificate error
- Episodic replication job status shows the entry for a link that was removed
- Episodic replication job modification fails
- If a share is created in RW mode on the target file system for episodic replication, then it may result in there being different number of files and directories on the target file system compared to the source file system
- The promote operation may fail while performing episodic replication job failover/failback
- Discrepancy is observed in the outputs of replication episodic service status and replication episodic job stats <job_name> commands
- Continuous replication fails when the 'had' daemon is restarted on the target manually
- Continuous replication is unable to go to the replicating state if the Storage Replicated Log becomes full
- Unplanned failover and failback in continuous replication may fail if the communication of the IPTABLE rules between the cluster nodes does not happen correctly
- Continuous replication configuration may fail if the continuous replication IP is not online on the master node but is online on another node
- If you restart any node in the primary or the secondary cluster, replication may go into a PAUSED state
- Unplanned failback fails if the source cluster goes down
- Cloud tiering cannot be configured with continuous replication
- After continuous replication failover/failback operations, the virtual IPs in the source may appear offline
- Cannot use a file system to create an RVG if it has previously been enabled as the first file system in an RVG and later disabled
- STIG issues
- Storage issues
- Snapshot mount can fail if the snapshot quota is set
- Sometimes the Storage> pool rmdisk command does not print a message
- The Storage> pool rmdisk command sometimes can give an error where the file system name is not printed
- Not able to enable quota for file system that is newly added in the list of CIFS home directories
- Destroying the file system may not remove the /etc/mtab entry for the mount point
- The Storage> fs online command returns an error, but the file system is online after several minutes
- Removing disks from the pool fails if a DCO exists
- Rollback refresh fails when running it after running Storage> fs growby or growto commands
- If an exported DAS disk is in error state, it shows ERR on the local node and NOT_CONN on the remote nodes in Storage> list
- Inconsistent cluster state with management service down when disabling I/O fencing
- Storage> tier move command failover of node is not working
- Rollback service group goes in faulted state when respective cache object is full and there is no way to clear the state
- Event messages are not generated when cache objects get full
- The Access Appliance command-line interface does not block uncompress and compress operations from running on the same file at the same time
- Storage> tier move list command fails if one of the cluster nodes is rebooted
- Pattern given as filter criteria to Storage> fs policy add sometimes erroneously transfers files that do not fit the criteria
- When a policy run completes after issuing Storage> fs policy resume, the total data and total files count might not match the moved data and files count as shown in Storage> fs policy status
- Storage> fs addcolumn operation fails but error notification is not sent
- Storage> fs-growto and Storage> fs-growby commands give error with isolated disks
- Unable to create space-optimized rollback when tiering is present
- Enabling I/O fencing on a set up with Volume Manager objects present fails to import the disk group
- File system creation fails when the pool contains only one disk
- After starting the backup service, BackupGrp goes into FAULTED state on some nodes
- File system creation fails with SSD pool
- The CVM service group goes in to faulted state after you restart the management console node
- The Storage> fs create command does not display the output correctly if one of the nodes of the cluster is in unknown state
- Storage> fs growby and growto commands fail if the size of the file system or bucket is full
- The operating system names of fencing disks are not consistent across the Access Appliance cluster that may lead to issues
- The disk group import operation fails and all the services go into failed state when fencing is enabled
- Error while creating a file system stating that the CVM master and management console are not on the same node
- When you configure disk-based fencing, the cluster does not come online after you restart the node
- After a node is restarted, the vxdclid process may generate core dump
- The cluster> shutdown command does not shut down the node
- Audit logging of WORM-enabled file systems do not get enabled if the file systems were offline during upgrade
- System issues
- Upgrade issues
- Unable to roll back the system after an attempt to upgrade from 7.4.2.400 to 7.4.3.300 failed.
- During the Access Appliance upgrade, I/O gets paused with an error message
- During rolling upgrade, Access Appliance shutdown does not complete successfully
- CVM is in FAULTED state after you perform a rolling upgrade
- If rolling upgrade is performed when NFS v4 is configured using NFS lease, the system may hang
- Stale file handle error is displayed during rolling upgrade
- The upgrade operation fails if synchronous replication is configured
- Rolling upgrade fails when the cluster has space-optimized rollback in online state
- After upgrading from version 7.4.2 to a later version, the default route entry in the ip rule table on one of the cluster nodes is missing
- GUI might fail to start after upgrading from version 7.4.2 to 8.0
- Storage provisioning might fail after upgrading the Access Appliance from version 7.4.2 to 8.0
- Upgrade may fail if operations such as such as OS reboot, cluster restart, and node stop and shutdown are used during the upgrade
- A wrong upgrade status might be displayed while upgrading from version 7.4.2. to a later version.
- Disk layout version (DLV) of file systems are not upgraded if the file systems were offline during the upgrade
- Failed to retrieve the current password policy after upgrading to version 8.0
- Upgrade from version 7.4.3.200 to 8.0 fails in post-upgrade self-test
- Veritas Data Deduplication issues
- The Veritas Data Deduplication storage server does not come online on a newly added node in the cluster if the node was offline when you configured deduplication
- The Veritas Data Deduplication server goes offline after destroying the bond interface on which the deduplication IP was online
- If you grow the deduplication pool using the fs> grow command, and then try to grow it further using the dedupe> grow command, the dedupe> grow command fails
- The Veritas Data Deduplication server goes offline after bond creation using the interface of the deduplication IP
- Provisioning for Veritas Data Deduplication is displayed as failed in GUI
- During reconfiguration of Veritas Data Deduplication with WORM, the specified username and password are not considered
- WORM-enabled MSDP does not start after a switch or restart of the deduplication engine
- Access Appliance operational notes
- Access Appliance known issues
- Getting help
Client certificate validation using OpenSSL ocsp does not work on RHEL 7
Client certificate validation is required for the two-factor authentication (2FA). The validation of certificates is successful in RHEL 6. In RHEL 7, an explicit parameter called - VAfile and the signer certificate are required to be passed, which does not happen. Hence, the client validation using the certificate does not work on RHEL 7.
Workaround:
There is no workaround for this issue.