2009.Q2.0.0
This is the first major software update for the Sun Storage 7000 series appliances. It contains numerous features and bug fixes. As such, we strongly encourage administrators to apply this upgrade at their earliest convenience.
Supported Platforms
Bug fixes
There have been a number of bug fixes across all parts of the product. The following areas in particular have experienced significant improvements:
- Clustering
- Networking
- CIFS
- Core I/O path
If you have encountered a specific issue with a current software release, support personnel can determine whether the problem is fixed in this release.
Features
Data Protocols
NFSv2
NFS version 2 is now supported, including analytics visibility. By default the appliance supports only NFS versions 3 and 4, but this can be changed by an administrator by navigating to Configuration -> Services -> NFS in either the BUI or CLI.
HTTPS/WebDAV
File access via HTTPS (HTTP over SSL) is now supported. This is built into the existing HTTP service, and can be configured through the "Protocols" setting under Configuration -> Services -> HTTP. The per-share setting remains the same - any shares exported over HTTP will also be exported over HTTPS. The web server uses the same self-signed SSL certificate as the management UI.
FTPS
Similar to HTTPS, FTPS (FTP over SSL) adds support for TLS and SSL to the existing FTP server. This can be enabled through the "enable SSL/TLS" option under Configuration -> Services -> FTP. The per share setting remains the same - any shares exported over FTP will also be exported over FTPS. The FTP server uses the same self-signed SSL certificate as the management UI. For more information, see the Wikipedia article.
SFTP
SFTP (FTP over the Secure Shell protocol) is now supported. Unlike FTPS, this is provided through a new service, SFTP, and requires an appropriate sftp client. This service can be configured through Configuration -> Services -> SFTP, and shares will need to have the new "sharesftp" property (Protocols -> SFTP in the BUI) set. For more information, see the Wikipedia article.
Data Services
FTP and SFTP analytics
The complete set of analytics is now supported for the FTP and SFTP protocols.
Microsoft shadow copy for shared folders
The CIFS server now supports viewing snapshots from Windows clients. Filesystem snapshots are automatically made available through the "Previous Versions" tab of the folder properties. For more information on this feature, see the Microsoft help page.
CIFS share-level ACLs
ACLs can now be edited across the entire share. This is done via the "Share Level ACL" option under Shares -> Protocols -> CIFS. This ACL is masked with any per-directory ACL to determine whether to grant access - a user must have permission via both ACLs to perform any particular operation. Share level ACLs correspond to the "Share Permissions" setting in the Windows computer management application, while the "Root Directory ACL" option corresponds to the "Security" tab in Windows explorer.
AD cross-forest authentication
The identity mapping service now supports cross-forest authentication. In an Active Directory environment with multiple forests, the service can take advantage of cross-forest trusts to resolve identities.
Software Features
Workflow automation
A workflow is a script that is uploaded to and managed by the appliance by itself. Workflows can be parameterized and executed in a first-class fashion from either the browser interface or the command line interface. As such, workflows allow for the appliance to be extended in ways that capture specific policies and procedures, and can be used (for example) to formally encode best practices for a particular organization or application. Workflows can be accessed under Maintenance -> Workflows.
SMTP relay configuration
Normally, the SMTP services requests mail relay information through DNS MX (mail exchange) records. For servers where this configuration is not available, a manual override is necessary to indicate where to forward mail, commonly referred to as a "smarthost". This option is now available through Configuration -> Services -> SMTP under the "smarthost hostname" property.
Authenticated NTP
The NTP server now supports authentication. Cryptographic keys can now be associated with hosts, as described in the NTP RFC.
Identity mapping observability
After establishing rules to map identities between Windows and Unix systems, an administrator may now test those rules to understand whether the rules are configured correctly. This feature is available under the Configuration -> Services -> Identity Mapping -> Mappings heading.
Support bundle improvements
The UI for managing support bundles has been improved. Now moved to Maintenance -> System, administrators can view upload progress, cancel uploads, and directly download failed or canceled bundles.
Known issues
| Release Note | RN001 |
|---|---|
| Title | IP Multipath Interface Failover When ICMP Probes are Lost |
| Platforms | All |
| Related Bug IDs | 6730274 |
IP Multipathing (IPMP) groups can be configured to permit fail-over of IP addresses from one IP interface through link-based failure detection (monitoring the link state of the physical network devices that are used by the IP interfaces that comprise the group) and (optionally) probe-based failure detection (actively sending ICMP probes to peers on the local network, such as the first-hop router). If the local network is saturated, enough ICMP probes may be lost to trigger a fail-over even when the IP interface is still functional (though saturated). This can be worked around by disabling probe-based failure detection on the impacted IP interfaces (by using an IP address of 0.0.0.0/8).
| Release Note | RN002 |
|---|---|
| Title | Network Datalink Modifications Do Not Rename Routes |
| Platforms | All |
| Related Bug IDs | 6715567 |
The Configuration/Network view permits a wide variety of networking configuration changes on the Sun Storage system. One such change is taking an existing network interface and associating it with a different network datalink, effectively moving the interface's IP addresses to a different physical link (or links, in the case of an aggregation). In this scenario, the network routes associated with the original interface are automatically deleted, and must be re-added by the administrator to the new interface. In some situations this may imply loss of a path to particular hosts until those routes are restored.
| Release Note | RN003 |
|---|---|
| Title | Network Reconfigurations Involving the Active Administrative Interface |
| Platforms | All |
| Related Bug IDs | - |
The Configuration/Network view permits a wide variety of networking configuration changes on the Sun Storage system. One such change is modifying or deleting the active administrative interface over which the administrator is connected to the web browser or command-line interface itself, which may also be providing the default route for the system. The appliance software attempts to detect such modifications and warn the administrator first. If such a reconfiguration is confirmed or not detected in advance, the administrator will lose contact with the appliance during the network reconfiguration. The network reconfiguration will complete, but if contact cannot be restored with the appliance (by reloading the web address or reconnecting using ssh) due to an error in the configuration applied by the administrator or the loss of the default route, the administrator should log in using the service processor console and correct the configuration using the command-line.
| Release Note | RN004 |
|---|---|
| Title | J4400 Emits Audible Alarm When a Drive is Hot-Unplugged |
| Platforms | 7410 |
| Related Bug IDs | 6725548 |
In the current version of J4400 Array firmware, used in the disk enclosures for the Sun Storage 7410, the J4400 emits an audible alarm when a disk drive is hot-unplugged. The alarm warns the operator that a drive has been removed, and the alarm is silenced when the drive is replaced, either by the original drive or by a new replacement. In some operator scenarios, it may be preferable to not emit such an alarm, particularly if a spare drive is not immediately available. The operator can manually silence the alarm by depressing a button on the J4400 front panel. Future versions of the J4400 firmware and appliance software will disable this behavior and/or permit it to be configured by the administrator.
| Release Note | RN005 |
|---|---|
| Title | Shares Should be Specified for NDMP Backup |
| Platforms | All |
| Related Bug IDs | 6758825 |
The Sun Storage products permit administrators to manage collections of shares and LUNs, grouped together into named projects that have common settings. NDMP backup applications operate on mounted filesystems and do not intrinsically understand Sun ZFS metadata and the relationship between projects and shares. In the current release of the Sun Storage 7x10 products, NDMP backup applications should be configured to backup individual shares of interest, and should not be directed to backup or restore the base mountpoint associated with an entire project. These settings will insure that individual shares are backed up and restored with all of their associated independent metadata.
| Release Note | RN006 |
|---|---|
| Title | Built-in network ports can hang on reconfiguration |
| Platforms | All |
| Related Bug IDs | 6813051 |
When reconfiguring networking, it is possible for the built-in network ports (nge0-3) to hang with certain types of switches. If this happens, unplugging and plugging in the network cable will fix the problem. This does not affect network ports on PCI cards, and only happens during active network configuration.
| Release Note | RN007 |
|---|---|
| Title | Active Directory domain controller may appear incorrect after reboot. |
| Platforms | All |
| Related Bug IDs | 6831501 |
If the IP address of an Active Directory domain controller appears incorrect after a reboot, restart the CIFS service to obtain the correct IP address.
| Release Note | RN008 |
|---|---|
| Title | Changing Active Directory domains requires a CIFS service restart |
| Platforms | All |
| Related Bug IDs | 6829904 |
When reconfiguring the Active Directory service to participate in a different domain, restart the CIFS service before attempting to reconfigure the Active Directory service.
| Release Note | RN009 |
|---|---|
| Title | Some configuration not properly mirrored to cluster peer |
| Platforms | 7410C |
| Related Bug IDs | 6834163 |
Certain configuration objects, including iSCSI initiators and Active Directory settings, are correctly transmitted to the cluster peer but are not activated. This affects only clustered appliances and will occur both at the time the configuration change is made and upon any subsequent rejoin. The most commonly-observed symptom is one head joining an Active Directory domain while its peer remains in workgroup mode. The problem can be worked around by manually making the configuration changes on both heads.
| Release Note | RN010 |
|---|---|
| Title | Appliance doesn't boot after removing first system disk |
| Platforms | 7210 |
| Related Bug IDs | 6812465 |
In a 7210 System, removing the first system disk will make the system unbootable, despite the presence of a second mirrored disk. To workaround this issue, break into the BIOS boot menu, under 'HDD boot order', modify the list so the first item is "[SCSI:#0300 ID00 LU]".
| Release Note | RN011 |
|---|---|
| Title | CIFS service fails with large network configs |
| Platforms | All |
| Related Bug IDs | 6820325 |
With a large number of network interfaces, the CIFS service NetBIOS registration mechanism can time out, causing the CIFS service to fail. If you encounter this situation, please contact Sun support to work around the issue.
| Release Note | RN012 |
|---|---|
| Title | J4400 SIM cards fail under load |
| Platforms | 7410 |
| Related Bug IDs | 6803801 |
Under heavy load in large configurations, the first SIM card (SIM 0) can fail. The symptoms are a blue LED on the card itself and an audible alarm, with possible alerts in the UI regarding paths and/or power supplies being removed from the chassis. I/O will continue down other available paths, and there no impact to availability, though performance may suffer. Re-seating the SIM card (removing it and inserting it) should fix the problem. If this problem persists, please contact Sun Support.
| Release Note | RN013 |
|---|---|
| Title | CIFS share authentication fails after long periods of uptime |
| Platforms | All |
| Related Bug IDs | 6832741 |
After a long period of time with many thousands of share authentication requests, the SMB server will start to erroneously reject new share requests. Restarting the CIFS service will fix this issue.
Sign up or Log in to add a comment or watch this page.