InfoScale™ 9.0 Storage Foundation and High Availability Configuration and Upgrade Guide - Linux

Last Published:
Product(s): InfoScale & Storage Foundation (9.0)
Platform: Linux
  1. Section I. Introduction to SFHA
    1. Introducing Storage Foundation and High Availability
      1. About Storage Foundation High Availability
        1.  
          About Veritas Replicator Option
      2.  
        About InfoScale Operations Manager
      3. About Storage Foundation and High Availability features
        1.  
          About LLT and GAB
        2.  
          About I/O fencing
        3.  
          About global clusters
      4.  
        About Services and Operations Readiness Tools (SORT)
      5. About configuring SFHA clusters for data integrity
        1.  
          About I/O fencing for SFHA in virtual machines that do not support SCSI-3 PR
        2. About I/O fencing components
          1.  
            About data disks
          2.  
            About coordination points
          3.  
            About preferred fencing
  2. Section II. Configuration of SFHA
    1. Preparing to configure
      1. I/O fencing requirements
        1.  
          Coordinator disk requirements for I/O fencing
        2.  
          CP server requirements
        3.  
          Non-SCSI-3 I/O fencing requirements
    2. Preparing to configure SFHA clusters for data integrity
      1. About planning to configure I/O fencing
        1.  
          Typical SFHA cluster configuration with server-based I/O fencing
        2.  
          Recommended CP server configurations
      2. Setting up the CP server
        1.  
          Planning your CP server setup
        2.  
          Installing the CP server using the installer
        3.  
          Configuring the CP server cluster in secure mode
        4.  
          Setting up shared storage for the CP server database
        5.  
          Configuring the CP server using the installer program
        6. Configuring the CP server manually
          1.  
            Configuring the CP server manually for HTTPS-based communication
          2.  
            Generating the key and certificates manually for the CP server
          3.  
            Completing the CP server configuration
        7. Configuring CP server using response files
          1.  
            Response file variables to configure CP server
          2.  
            Sample response file for configuring the CP server on single node VCS cluster
          3.  
            Sample response file for configuring the CP server on SFHA cluster
        8.  
          Verifying the CP server configuration
    3. Configuring SFHA
      1. Configuring Storage Foundation High Availability using the installer
        1.  
          Overview of tasks to configure SFHA using the product installer
        2.  
          Required information for configuring Storage Foundation and High Availability Solutions
        3.  
          Starting the software configuration
        4.  
          Specifying systems for configuration
        5.  
          Configuring the cluster name
        6.  
          Configuring private heartbeat links
        7.  
          Configuring the virtual IP of the cluster
        8.  
          Configuring SFHA in secure mode
        9. Configuring a secure cluster node by node
          1.  
            Configuring the first node
          2.  
            Configuring the remaining nodes
          3.  
            Completing the secure cluster configuration
        10.  
          Adding VCS users
        11.  
          Configuring SMTP email notification
        12.  
          Configuring SNMP trap notification
        13.  
          Configuring global clusters
        14. Completing the SFHA configuration
          1.  
            Verifying the NIC configuration
        15.  
          About the License Audit Tool
        16. Verifying and updating licenses on the system
          1.  
            Checking licensing information on the system
          2.  
            Replacing a SFHA keyless license with another keyless license
          3.  
            Replacing a SFHA keyless license with a permanent license
      2.  
        Configuring SFDB
    4. Configuring SFHA clusters for data integrity
      1. Setting up disk-based I/O fencing using installer
        1.  
          Initializing disks as VxVM disks
        2. Checking shared disks for I/O fencing
          1.  
            Verifying Array Support Library (ASL)
          2.  
            Verifying that the nodes have access to the same disk
          3.  
            Testing the disks using vxfentsthdw utility
        3.  
          Configuring disk-based I/O fencing using installer
        4.  
          Refreshing keys or registrations on the existing coordination points for disk-based fencing using the installer
      2. Setting up server-based I/O fencing using installer
        1.  
          Refreshing keys or registrations on the existing coordination points for server-based fencing using the installer
        2. Setting the order of existing coordination points for server-based fencing using the installer
          1.  
            About deciding the order of existing coordination points
          2.  
            Setting the order of existing coordination points using the installer
      3.  
        Setting up non-SCSI-3 I/O fencing in virtual environments using installer
      4.  
        Setting up majority-based I/O fencing using installer
      5.  
        Enabling or disabling the preferred fencing policy
    5. Manually configuring SFHA clusters for data integrity
      1. Setting up disk-based I/O fencing manually
        1.  
          Removing permissions for communication
        2.  
          Identifying disks to use as coordinator disks
        3.  
          Setting up coordinator disk groups
        4.  
          Creating I/O fencing configuration files
        5.  
          Modifying VCS configuration to use I/O fencing
        6.  
          Verifying I/O fencing configuration
      2. Setting up server-based I/O fencing manually
        1.  
          Preparing the CP servers manually for use by the SFHA cluster
        2.  
          Generating the client key and certificates manually on the client nodes
        3. Configuring server-based fencing on the SFHA cluster manually
          1.  
            Sample vxfenmode file output for server-based fencing
        4.  
          Configuring CoordPoint agent to monitor coordination points
        5.  
          Verifying server-based I/O fencing configuration
      3. Setting up non-SCSI-3 fencing in virtual environments manually
        1.  
          Sample /etc/vxfenmode file for non-SCSI-3 fencing
      4. Setting up majority-based I/O fencing manually
        1.  
          Creating I/O fencing configuration files
        2.  
          Modifying VCS configuration to use I/O fencing
        3.  
          Verifying I/O fencing configuration
    6. Performing an automated SFHA configuration using response files
      1.  
        Configuring SFHA using response files
      2.  
        Response file variables to configure SFHA
      3.  
        Sample response file for SFHA configuration
    7. Performing an automated I/O fencing configuration using response files
      1.  
        Configuring I/O fencing using response files
      2.  
        Response file variables to configure disk-based I/O fencing
      3.  
        Sample response file for configuring disk-based I/O fencing
      4.  
        Response file variables to configure server-based I/O fencing
      5.  
        Sample response file for configuring server-based I/O fencing
      6.  
        Response file variables to configure non-SCSI-3 I/O fencing
      7.  
        Sample response file for configuring non-SCSI-3 I/O fencing
      8.  
        Response file variables to configure majority-based I/O fencing
      9.  
        Sample response file for configuring majority-based I/O fencing
  3. Section III. Upgrade of SFHA
    1. Planning to upgrade SFHA
      1.  
        About the upgrade
      2.  
        Supported upgrade paths
      3.  
        Considerations for upgrading SFHA to 9.0 on systems configured with an Oracle resource
      4. Preparing to upgrade SFHA
        1.  
          Getting ready for the upgrade
        2.  
          Creating backups
        3.  
          Determining if the root disk is encapsulated
        4. Pre-upgrade planning when VVR is configured
          1.  
            Considerations for upgrading SFHA to 7.4 or later on systems with an ongoing or a paused replication
          2. Planning an upgrade from the previous VVR version
            1.  
              Planning and upgrading VVR to use IPv6 as connection protocol
        5. Preparing to upgrade VVR when VCS agents are configured
          1. Freezing the service groups and stopping all the applications
            1.  
              Determining the nodes on which disk groups are online
          2.  
            Preparing for the upgrade when VCS agents are configured
        6.  
          Upgrading the array support
      5.  
        Considerations for upgrading REST server
      6.  
        Using Install Bundles to simultaneously install or upgrade full releases (base, maintenance, rolling patch), and individual patches
    2. Upgrading Storage Foundation and High Availability
      1. Upgrading Storage Foundation and High Availability from previous versions to 9.0
        1.  
          Upgrading Storage Foundation and High Availability using the product installer
      2. Upgrading Volume Replicator
        1. Upgrading VVR without disrupting replication
          1.  
            Upgrading VVR sites with InfoScale 7.4.1 or later
          2.  
            Upgrading VVR sites in VCS control for InfoScale 7.3.1
          3.  
            Upgrading VVR sites in VCS control for InfoScale 7.4 or later
          4.  
            Post-upgrade tasks for VVR sites
      3.  
        Upgrading SFDB
    3. Performing a rolling upgrade of SFHA
      1.  
        About rolling upgrade
      2.  
        Performing a rolling upgrade of SFHA using the product installer
      3.  
        Performing a rolling upgrade of SFHA from 7.4.2 or later to 9.0
    4. Performing a phased upgrade of SFHA
      1. About phased upgrade
        1.  
          Prerequisites for a phased upgrade
        2.  
          Planning for a phased upgrade
        3.  
          Phased upgrade limitations
        4.  
          Phased upgrade example
        5.  
          Phased upgrade example overview
      2. Performing a phased upgrade using the product installer
        1.  
          Moving the service groups to the second subcluster
        2.  
          Upgrading the operating system on the first subcluster
        3.  
          Upgrading the first subcluster
        4.  
          Preparing the second subcluster
        5.  
          Activating the first subcluster
        6.  
          Upgrading the operating system on the second subcluster
        7.  
          Upgrading the second subcluster
        8.  
          Finishing the phased upgrade
    5. Performing an automated SFHA upgrade using response files
      1.  
        Upgrading SFHA using response files
      2.  
        Response file variables to upgrade SFHA
      3.  
        Sample response file for full upgrade of SFHA
      4.  
        Sample response file for rolling upgrade of SFHA
      5.  
        Sample response file for rolling upgrade of SFHA from 7.4.2 or later to 9.0
    6. Upgrading SFHA using YUM
      1.  
        About support for InfoScale upgrade using YUM
      2.  
        Upgrade InfoScale using YUM
    7. Performing post-upgrade tasks
      1.  
        Optional configuration steps
      2.  
        Re-joining the backup boot disk group into the current disk group
      3.  
        Reverting to the backup boot disk group after an unsuccessful upgrade
      4.  
        Recovering VVR if automatic upgrade fails
      5. Post-upgrade tasks when VCS agents for VVR are configured
        1.  
          Unfreezing the service groups
        2.  
          Restoring the original configuration when VCS agents are configured
        3.  
          CVM master node needs to assume the logowner role for VCS managed VVR resources
      6.  
        Resetting DAS disk names to include host name in FSS environments
      7.  
        Upgrading disk layout versions
      8.  
        Upgrading VxVM disk group versions
      9.  
        Updating variables
      10.  
        Setting the default disk group
      11. About enabling LDAP authentication for clusters that run in secure mode
        1.  
          Enabling LDAP authentication for clusters that run in secure mode
      12.  
        Verifying the Storage Foundation and High Availability upgrade
  4. Section IV. Post-installation tasks
    1. Performing post-installation tasks
      1.  
        Switching on Quotas
      2. About configuring authentication for SFDB tools
        1.  
          Configuring vxdbd for SFDB tools authentication
  5. Section V. Adding and removing nodes
    1. Adding a node to SFHA clusters
      1.  
        About adding a node to a cluster
      2.  
        Before adding a node to a cluster
      3.  
        Adding a node to a cluster using the Veritas InfoScale installer
      4. Adding the node to a cluster manually
        1.  
          Starting Veritas Volume Manager (VxVM) on the new node
        2.  
          Configuring cluster processes on the new node
        3. Setting up the node to run in secure mode
          1.  
            Setting up SFHA related security configuration
        4.  
          Starting fencing on the new node
        5.  
          Configuring the ClusterService group for the new node
      5. Adding a node using response files
        1.  
          Response file variables to add a node to a SFHA cluster
        2.  
          Sample response file for adding a node to a SFHA cluster
      6. Configuring server-based fencing on the new node
        1.  
          Adding the new node to the vxfen service group
      7.  
        After adding the new node
      8.  
        Adding nodes to a cluster that is using authentication for SFDB tools
      9.  
        Updating the Storage Foundation for Databases (SFDB) repository after adding a node
    2. Removing a node from SFHA clusters
      1. Removing a node from a SFHA cluster
        1.  
          Verifying the status of nodes and service groups
        2.  
          Deleting the departing node from SFHA configuration
        3.  
          Modifying configuration files on each remaining node
        4.  
          Removing the node configuration from the CP server
        5.  
          Removing security credentials from the leaving node
        6.  
          Unloading LLT and GAB and removing InfoScale Availability or Enterprise on the departing node
        7.  
          Updating the Storage Foundation for Databases (SFDB) repository after removing a node
  6. Section VI. Configuration and upgrade reference
    1. Appendix A. Installation scripts
      1.  
        Installation script options
      2.  
        About using the postcheck option
    2. Appendix B. SFHA services and ports
      1.  
        About InfoScale Enterprise services and ports
    3. Appendix C. Configuration files
      1.  
        About the LLT and GAB configuration files
      2.  
        About the AMF configuration files
      3. About the VCS configuration files
        1.  
          Sample main.cf file for VCS clusters
        2.  
          Sample main.cf file for global clusters
      4.  
        About I/O fencing configuration files
      5. Sample configuration files for CP server
        1.  
          Sample main.cf file for CP server hosted on a single node that runs VCS
        2.  
          Sample main.cf file for CP server hosted on a two-node SFHA cluster
        3.  
          Sample CP server configuration (/etc/vxcps.conf) file output
    4. Appendix D. Configuring the secure shell or the remote shell for communications
      1.  
        About configuring secure shell or remote shell communication modes before installing products
      2.  
        Manually configuring passwordless ssh
      3.  
        Setting up ssh and rsh connection using the installer -comsetup command
      4.  
        Setting up ssh and rsh connection using the pwdutil.pl utility
      5.  
        Restarting the ssh session
      6.  
        Enabling rsh for Linux
    5. Appendix E. Sample SFHA cluster setup diagrams for CP server-based I/O fencing
      1. Configuration diagrams for setting up server-based I/O fencing
        1.  
          Two unique client clusters served by 3 CP servers
        2.  
          Client cluster served by highly available CPS and 2 SCSI-3 disks
        3.  
          Two node campus cluster served by remote CP server and 2 SCSI-3 disks
        4.  
          Multiple client clusters served by highly available CP server and 2 SCSI-3 disks
    6. Appendix F. Configuring LLT over UDP
      1. Using the UDP layer for LLT
        1.  
          When to use LLT over UDP
      2. Manually configuring LLT over UDP using IPv4
        1.  
          Broadcast address in the /etc/llttab file
        2.  
          The link command in the /etc/llttab file
        3.  
          The set-addr command in the /etc/llttab file
        4.  
          Selecting UDP ports
        5.  
          Configuring the netmask for LLT
        6.  
          Configuring the broadcast address for LLT
        7.  
          Sample configuration: direct-attached links
        8.  
          Sample configuration: links crossing IP routers
      3. Using the UDP layer of IPv6 for LLT
        1.  
          When to use LLT over UDP
      4. Manually configuring LLT over UDP using IPv6
        1.  
          Sample configuration: direct-attached links
        2.  
          Sample configuration: links crossing IP routers
      5. About configuring LLT over UDP multiport
        1.  
          Manually configuring LLT over UDP multiport
        2.  
          Enabling LLT ports in firewall
        3.  
          Disabling the UDP multiport feature
    7. Appendix G. Using LLT over RDMA
      1.  
        Using LLT over RDMA
      2.  
        About RDMA over RoCE or InfiniBand networks in a clustering environment
      3.  
        How LLT supports RDMA capability for faster interconnects between applications
      4.  
        Using LLT over RDMA: supported use cases
      5. Configuring LLT over RDMA
        1.  
          Choosing supported hardware for LLT over RDMA
        2.  
          Installing RDMA, InfiniBand or Ethernet drivers and utilities
        3. Configuring RDMA over an Ethernet network
          1.  
            Enable RDMA over Converged Ethernet (RoCE)
          2.  
            Configuring RDMA and Ethernet drivers
          3.  
            Configuring IP addresses over Ethernet Interfaces
        4. Configuring RDMA over an InfiniBand network
          1.  
            Configuring RDMA and InfiniBand drivers
          2.  
            Configuring the OpenSM service
          3.  
            Configuring IP addresses over InfiniBand Interfaces
        5. Tuning system performance
          1.  
            Tuning the CPU frequency
          2.  
            Tuning the boot parameter settings
        6. Manually configuring LLT over RDMA
          1.  
            Broadcast address in the /etc/llttab file
          2.  
            The link command in the /etc/llttab file
          3.  
            Selecting UDP ports
          4.  
            Configuring the netmask for LLT
          5.  
            Sample configuration: direct-attached links
        7.  
          LLT over RDMA sample /etc/llttab
        8.  
          Verifying LLT configuration
      6. Troubleshooting LLT over RDMA
        1.  
          IP addresses associated to the RDMA NICs do not automatically plumb on node restart
        2.  
          Ping test fails for the IP addresses configured over InfiniBand interfaces
        3.  
          After a node restart, by default the Mellanox card with Virtual Protocol Interconnect (VPI) gets configured in InfiniBand mode
        4.  
          The LLT module fails to start

Getting ready for the upgrade

Complete the following tasks before you perform the upgrade:

  • Review the Veritas InfoScale 9.0 Release Notes for any late-breaking information on upgrading your system.

  • Review the Veritas Technical Support website for additional information:

    https://www.veritas.com/support/en_US.html

  • You can configure the Veritas Telemetry Collector while upgrading, if you have do not already have it configured. For more information, refer to the About telemetry data collection in InfoScale section in the Veritas Installation guide.

  • Make sure that the administrator who performs the upgrade has root access and a good knowledge of the operating system's administration.

  • Make sure that all users are logged off and that all major user applications are properly shut down.

  • Make sure that you have created a valid backup.

  • Ensure that you have enough file system space to upgrade. Identify where you want to copy the RPMs, for example /packages/Veritas when the root file system has enough space or /var/tmp/packages if the /var file system has enough space.

    Do not put the files under /tmp, which is erased during a system restart.

    Do not put the files on a file system that is inaccessible before running the upgrade script.

    You can use a Veritas-supplied disc for the upgrade as long as modifications to the upgrade script are not required.

    If /usr/local was originally created as a slice, modifications are required.

  • Comment out any application commands or processes that are known to hang if their file systems are not present in the startup scripts.

    In case of RHEL 7 and SLES 12 systems, some startup scripts are located at /etc/vx/, and the startup scripts of the following services are located at:

    Service name

    Startup script location and file name

    amf.service

    /opt/VRTSamf/bin/amf

    gab.service

    /opt/VRTSgab/gab

    llt.service

    /opt/VRTSllt/llt

    vcs.service

    /opt/VRTSvcs/bin/vcs

    vcsmm.service

    /opt/VRTSvcs/rac/bin/vcsmm

    vxfen.service

    /opt/VRTSvcs/vxfen/bin/vxfen

    The remaining startup scripts for RHEL 7 and SLES 12 are located at /etc/init.d/, like all the other startup scripts for the other supported RHEL distributions.

  • Make sure that the current operating system supports version 9.0 of the product. If the operating system does not support it, plan for a staged upgrade.

    Note:

    Before you upgrade RHEL 7.7 OS on a virtual machine, you need to first upgrade Veritas InfoScale 9.0. Later upgrade RHEL 7.7 OS, else the virtual machine may go in an unstable state.

    Use -ignorechecks CPI option on RHEL 7.0 to RHEL 7.6 version to successfully upgrade Veritas InfoScale product.

  • Schedule sufficient outage time and downtime for the upgrade and any applications that use the Veritas InfoScale products. Depending on the configuration, the outage can take several hours.

  • Any swap partitions not in rootdg must be commented out of /etc/fstab. If possible, swap partitions other than those on the root disk should be commented out of /etc/fstab and not mounted during the upgrade. The active swap partitions that are not in rootdg cause upgrade_start to fail.

  • Make sure that the file systems are clean before upgrading.

  • Upgrade arrays (if required).

    See Upgrading the array support.

  • To reliably save information on a mirrored disk, shut down the system and physically remove the mirrored disk. Removing the disk in this manner offers a failback point.

  • Make sure that DMP support for native stack is disabled (dmp_native_support=off). If DMP support for native stack is enabled (dmp_native_support=on), the installer may detect it and ask you to restart the system.

  • If you want to upgrade the application clusters that use CP server based fencing to version 7.3.1 and later, make sure that you first upgrade VCS or SFHA on the CP server systems to version 7.3.1 and later. And then, from 7.3.1 onwards, CP server supports only HTTPS based communication with its clients and IPM-based communication is no longer supported. CP server needs to be reconfigured if you upgrade the CP server with IPM-based CP server configured.

    For instructions to upgrade VCS or SFHA on the CP server systems, refer to the relevant Configuration and Upgrade Guides.

More Information

Creating backups