IBM Storwize V7000 Unified ++++++++++++++++++++++++++ --------------------------------------------------------------------------------- CONTENTS 1. Introduction 2. Prerequisites 3. Code Levels 4. Problems Resolved and New Features 4.1 New features in IBM Storwize V7000 Unified File Module 1.6.2.0 4.2 APARs resolved in IBM Storwize V7000 Unified File Module 1.6.2.0 4.3 New features in Storwize V7000 7.6.1.5 4.4 APARs resolved in Storwize V7000 7.6.1.5 5. Further Documentation 6. Known Issues and Restrictions in this Level 7. Maximum Configurations 8. Supported Hardware 9. Pre-1.6.2.0 Release Information 9.1 Storwize V7000 Unified version 1.6.1.0 9.2 Storwize V7000 Unified version 1.6.0.1 9.3 Storwize V7000 Unified version 1.6.0.0 ---------------------------------------------------------------------------------- 1. Introduction This document contains important information about version 1.6.2.0 of the IBM Storwize V7000 Unified software. ---------------------------------------------------------------------------------- 2. Prerequisites Software Upgrade Test Utility: The software upgrade test utility "upgradetest" must be run within two hours of starting the upgrade. The upgrade test utility can be run as many times as required, but there must be a successful run of the upgrade test utility within two hours of starting the upgrade. Refer to the following URL for further information: http://www.ibm.com/support/docview.wss?uid=ssg1S4000986 Concurrent Upgrades: The concurrent upgrade (upgrade with I/O running) restrictions are documented at the following URL: http://www.ibm.com/support/docview.wss?uid=ssg1S1005471#_Restrictions_Upgrade If you are performing a concurrent code upgrade, first ensure that all host paths are available and operating correctly. System Performance: Performance of the IBM Storwize V7000 Unified will be degraded during the software upgrade process. IBM recommends you perform the upgrade at a time of lower overall I/O activity and when significant spikes in the system workload is not expected. Event Checking: Check there are no unfixed events in the event log. Use normal service procedures to resolve any events before proceeding. Asynchronous Replication Systems: If the system is part of an asynchronous relationship (either source or target), stop the replication to avoid asynchronous replication failures during upgrade. Full upgrade compatibility matrix: Please see the following web page for the full upgrade compatibility matrix. http://www.ibm.com/support/docview.wss?uid=ssg1S1003918 ------------------------------------------------------------------------------------- 3. Code Levels Storwize V7000 Unified Software: Storwize V7000 Unified Product Version 1.6.2.0 (1.6.2.0-37) This includes Storwize V7000 (2076) Product Version: 7.6.1.5 (125.1.1608221542000) ------------------------------------------------------------------------------------- 4. Problems Resolved and New Features 4.1 New features in IBM Storwize V7000 Unified File Module 1.6.2.0: Antivirus: Added support for Kaspersky Scan Engine. Added support for Symantec protection engine for network attached storage (SPENAS) 7.8 in IBM Storwize V7000 Unified. CLI based support for restoring entire Filesystem from a snapshot. Added 'NFS_Commit' as the default setting for NFSv4.0 server to improve performance for small writes workload from VMWare ESX NFS clients. 4.2 Issues resolved in IBM Storwize V7000 Unified File Module 1.6.2.0: Security Fixes For more information on the security fixes please refer to the flashes with "Security Bulletin:" in heading at below link(HIPER) http://www-947.ibm.com/support/entry/portal/alerts/hardware/system_storage/disk_systems/mid-range_disk_systems/ibm_storwize_v7000_unified Critical Fixes HU01285 File module loses AD connection every day at a fixed time when Varonis polls via 'wbinfo -u' and 'wbinfo -g'. HU01311 Restoration of filesystem from TSM backup fails when encountering special character in file or path name. HU01296 During upgrade, some Windows hosts may lose access as they attempt to connect using SMB3.0. HU01294 During upgrade management node network is shutdown while upgrading Emulex adapter driver. HU01306 During upgrade CTDB shuts down while upgrading samba packages causing CIFS access disruption. HU01278 After upgrade, NFS share data is not accessible to members of domain users group. HU01289 Restoration of filesystem from TSM backup fails when invoked with special character in target path. High Importance Fixes HU01293 Upgrade fails while updating Emulex driver if adapter is bonded but not connected. HU01297 'lshsm' CLI does not report correct summary of all hierarchical storage management (HSM) enabled file systems in the cluster. HU01307 GUI displays incorrect timestamp for NDMP events. HU01277 GUI displays blank or default values for warning and error threshold for fileset quota. HU01308 GPFS does not configure 'filesetdf' automatically for fileset that have quota checking enabled. HU01295 GUI is not accessible after Java Virtual Machine running the management stack run out of memory and is terminated with entry of 'EFSSA0151C' error in system logs. HU01288 NSD mapping correction fails with error messages from 'IBM2073_INSTALL_NSD_REPAIR_FIX' script. HU01310 CTDB traverse events floods event logs and degrades system performance. HU01273 During node reboot, 'resumenode' CLI fails with false messages stating 'All required Filesystem not mounted' and makes GUI inaccessible. HU01303 Custom policy does not fetch correct information when applied with two node names as parameters instead of one. HU01284 Winbind floods the log file with repetitive messages degrading the system performance. HU01286 'lstask' reports error for 'BackupMgmtNode' and 'StartRunPolicy'. HU01334 After upgrade, 'lsquota' CLI may timeout or not list any output. HU01280 Single node crash due to assert in GPFS while waiting on a mutex for 'OpenFile structure'. HU01275 The management console IP does not match between the IBM Storwize V7000 and the IBM Storwize V7000 Unified. HU01290 System reports frequent warning messages stating 'defunct HSM daemon(s) detected'. HU01329 CTDB gets unhealthy due to NFS service failure. Suggested Fixes HU01299 System logs a warning message when the maximum number of prefetch calls for NDMP is exceeded. HU01301 NFSv4 client is unable to view the directory if another client is directly mounted to it. HU01265 After upgrade, system reports error stating 'Nfs ganesha exportpath was not found' even when NFSv4 is not in use. 4.3 New features in Storwize V7000 7.6.1.5: The following new features have been introduced in the 7.6.1.5 release: Support for IBM Storwize V5000 Gen 2 Distributed RAID Comprestimator Encryption for external virtualised storage IP Quorum New Volume CLIs GUI support for HyperSwap Support for VVols 16Gb 4port adapter Increase max number of iSCSI host attach sessions Remove 8G4 and 8A4 support CCU Checker updates User configurable max single IO time for Remote Copy Email setting allows '+' Enhance ET3 DPA log Customizable login banner 4.4 Issues resolved in Storwize V7000 7.6.1.5: High Importance HU00271 An extremely rare timing window condition in the way GM handles write sequencing may cause multiple node asserts. HU01078 When the rmnode command is run it removes persistent reservation data to prevent a stuck reservation. MS Windows and Hyper-V cluster design constantly monitors the reservation table and takes the associated volume offline whilst recovering cluster membership. This can result in a brief outage at the host level. HU01082 A limitation in the RAID anti-deadlock page reservation process may lead to an Mdisk group going offline. HU01140 Easy Tier may unbalance the workloads on Mdisks using specific Nearline SAS drives due to incorrect thresholds for their performance. HU01141 Node assert, possibly due to a network problem, when a CLI mkippartnership is issued. This may lead to loss of the config node, requiring a T2 recovery. HU01182 Node assert due to 16Gb HBA firmware receiving an invalid SCSI TUR command. HU01183 Node assert due to 16Gb HBA firmware entering a rare deadlock condition in its ELS frame handling. HU01184 When removing multiple Mdisks a T2 may occur. HU01210 A small number of systems have broken, or disabled, TPMs. For these systems the generation of a new master key may fail preventing the system joining a cluster. HU01223 The handling of a rebooted node's return to the cluster can occasionally become delayed resulting in a stoppage of inter cluster relationships. IT16337 Hardware offloading in 16G FC adapters has introduced a deadlock condition that causes many driver commands to time out leading to a node assert. Suggested HU00928 For certain IO patterns a SAS firmware issue may lead to transport errors that become so prevalent that they cause a drive to become failed. HU01017 The result of CLI commands are sometimes not promptly presented in the GUI. HU01024 A single node assert may occur when the SAS firmware's ECC checking detects a single bit error. The assert clears the error condition in the SAS chip. HU01074 An unresponsive testemail command, possible due to a congested network, may result in a single node assert. HU01089 svcconfig backup fails when an IO group name contains a hyphen. HU01097 For a small number of node asserts the SAS register values are retaining incorrect values rendering the debug information invalid. HU01110 SVC supports SSH connections using RC4 based ciphers. HU01178 Battery incorrectly reports zero percent charged. HU01194 A single node assert may occur if CLI commands are received from the VASA provider in very rapid succession. This is caused by a deadlock condition which prevents the subsequent CLI command from completing. HU01198 Running the Comprestimator svctask analyzevdiskbysystem command may cause the config node to assert. HU01212 GUI displays an incorrect timezone description for Moscow. HU01214 GUI and snap missing EasyTier heatmap information. HU01227 High volumes of events may cause the email notifications to become stalled. ----------------------------------------------------------------------------------- 5. Further Documentation The latest version of all IBM Storwize V7000 Unified documentation is available in the IBM Storwize V7000 Unified 1.6.0 Knowledge Center: http://www.ibm.com/support/knowledgecenter/ST5Q4U/landing/v7000_unified_welcome.htm?lang=en Selected documents are available for download in PDF format from the support website: http://www.ibm.com/storage/support/storwize/V7000/unified Please refer to below link for a consolidated list of highly recommended reference material on IBM Storwize V7000 Unified http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004460 ----------------------------------------------------------------------------------- 6. Known Issues and Restrictions in this Level * Async replication configured with 'fast' encryption method will not work in this code level. The configuration may be checked using the lsreplfs CLI command or by using the GUI using 'Copy services -> File copy services -> Right click Replication'. Please contact IBM support for further assistance. * Callhome does not work on all systems running V1.6.1.0 and V1.6.2.0, The system will not automatically callhome to IBM in case of failures (e.g. hardware, disk failures and other events). As a mitigation, periodic monitoring of system logs is recommended. Please contact IBM support to manually fix this issue on the system. * After upgrade, NDMP backups may start failing and may not get resolved even by restarting the NDMP backup jobs. Please contact IBM support for further assistance or refer to the below technote for more information on this issue: http://www-01.ibm.com/support/docview.wss?uid=ssg1S1009338 * SMB 1.0 is deprecated from current and all future versions of IBM Storwize V7000 Unified. * Domain admin users will not be able to login to GUI. * VMWare has interoperability issues with IBM NFSv4.0 stack in Storwize V7000 Unified V1.6.x If IBM NFSv4.0 stack is currently used with VMware NFS clients, please contact support before upgrading to 1.6.x to obtain an ifix. * SMB protocol version restrictions (max_protocol parameter) : * Systems upgrading from 1.5.x.x code level to 1.6.0.1, or later will have SMB 3.0 (max_protocol parameter) disabled by default. Enabling SMB 3.0 on the V7000 Unified requires a change window with an outage as it is a non-concurrent procedure requiring specific actions to be taken on the windows client side. For further details please contact IBM support. * Systems which are first time installed with 1.6.0.0 or later code levels will have SMB 3.0 (max_protocol parameter) enabled by default and can be used without any restrictions. * Systems upgrading from 1.6.0.0 to this code level will have SMB 3.0 (max_protocol parameter) enabled by default and may be used without any restrictions. * In IBM Storwize V7000 Unified, Windows 8 with offline folders is not currently supported. * Browsers with below listed levels are certified for using the IBM Storwize V7000 Unified Management GUI. Mozilla Firefox 38 Mozilla Firefox Extended Support Release (ESR) 38 Important: All Firefox users should upgrade to these updated packages, which contain Firefox version 38.x ESR. After installing the update, Firefox must be restarted for the changes to take effect. For Red Hat Linux users, make sure all previously released errata relevant to your system have been applied before applying this update. This update is available at the Red Hat Network: https://rhn.redhat.com/errata/RHSA-2015-1982.html Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258 Microsoft Internet Explorer (IE) 10 and 11 Google Chrome 41 Later versions of the browsers are supported as long as the vendors do not remove or disable functionality that the product relies upon. For browser levels higher than the levels that have been certified with the product, customer support will accept usage-related and defect- related service requests. As with operating system and virtualization environments, if IBM support cannot recreate the issue in our lab, we may ask the client to recreate the problem on a certified browser version in order to determine if a product defect exists. Defects will not be accepted for cosmetic differences between browsers or browser versions that do not affect the functional behavior of the product. If a problem is identified in the product, defects will be accepted. If a problem is identified with the browser, IBM may investigate potential solution or work-around that the client may implement until a permanent solution becomes available. * In IBM Storwize V7000 Unified, quarantined folders are only accessible with the root ID. This restriction will be lifted in a future IBM Storwize V7000 Unified release. Refer to the below technote for more information on this issue: http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004078 For more details please refer to the V1.6 Configuration Limits and Restrictions for IBM Storwize V7000 Unified for product restrictions that currently apply: http://www.ibm.com/support/docview.wss?uid=ssg1S1005471 * If using IP replication, please review the set of restrictions published in the V7.5 Configuration Limits and Restrictions document. * Intra-Cluster Global Mirror Not Supported Refer to the following flash for more information on this restriction: http://www.ibm.com/support/docview.wss?uid=ssg1S1003725 * SAN Volume Controller Inter-cluster Metro Mirror and Global Mirror Compatibility Cross Reference Refer to the following flash for more information on this restriction: http://www.ibm.com/support/docview.wss?uid=ssg1S1003646 Once the software upgrade process has been started, the management GUI automatically refreshes to display the progress of the upgrade. During the upgrade each file module will be restarted, resulting in a fail-over and fail-back of the management services, including the GUI. After a fail-over has occurred it may be necessary to manually refresh/reload the page in the web browser in order to reconnect with the new active management node and login again. If an IBM Storwize V7000 Unified Code Upgrade Stalls or Fails then contact IBM Support for further assistance http://www.ibm.com/support/docview.wss?uid=ssg1S1002894 -------------------------------------------------------------------------------------- 7. Maximum Configurations The maximum configurations for IBM Storwize V7000 Unified 1.6.2.0 are documented in the V1.6 Configuration Limits and Restrictions for IBM Storwize V7000 Unified document which is available from: http://www.ibm.com/support/docview.wss?uid=ssg1S1005471#_MaximumConfigurations -------------------------------------------------------------------------------------- 8. Supported Hardware This release of IBM Storwize V7000 Unified software is supported on the following hardware types: File Modules: * 2073-700 * 2073-720 Storwize V7000 Control enclosures: * 2076-112 * 2076-124 * 2076-312 * 2076-324 * 2076-524 Storwize V7000 Expansion enclosures: * 2076-212 * 2076-224 * 2076-12F * 2076-24F --------------------------------------------------------------------------------------- 9. Pre-1.6.2.0 Release Information 9.1 Storwize V7000 Unified version 1.6.1.0 Code Levels: Storwize V7000 Unified Product Version 1.6.1.0(1.6.1.0-44) Storwize V7000 (2076) Product Version 7.6.0.4 (122.23.1602250020000) New features in IBM Storwize V7000 Unified File Module 1.6.1.0: Added support for Windows 10 as SMB client. Support for Storwize V7000 Gen2 systems configured with one or two quad 16GB Fibre Channel adapters. Allow separate permissions (ACLs) for Write Data, Create File and Create Folder, Append Data. Optimized Power-Saving Settings on M4 servers to reduce CPU usage. Issues resolved in IBM Storwize V7000 Unified File Module 1.6.1.0: Security Fixes For more information on the security fixes please refer to the flashes with "Security Bulletin:" in heading at below link(HIPER) http://www-947.ibm.com/support/entry/portal/alerts/hardware/system_storage/disk_systems/mid-range_disk_systems/ibm_storwize_v7000_unified Critical Fixes HU01243 GPFS assert during snapshot delete results in file module node crash. HU01211 Access loss may be experienced during an upgrade of a system having fileset configured as AFM cache, due to problems in the AFM recovery code path that is indirectly triggered by unnecessary AFM operations from cnscm. HU01199 After upgrade users associated with the trusted domain could not access the system. This exposure existed in cases where the Unified did not have direct network connectivity to the trusted domain. HU01200 After upgrade to 1.6.0.x admin users were not able to authenticate and access shares. HU01203 After upgrade to 1.6.0.x remote admin users authenticated with AD server were unable to login to the system CLI or GUI. HU01204 Users were not able to access the shares due to snapshot related deadlock in GPFS. This exposure exists after upgrade to V1.6.0.x when snapshots created on V1.5.x and V1.6.0.x coexist on the system. HU01129 Client unable to access the system because of CTDB unhealthy on all nodes. HU01150 Process smbd terminates after CTDB timeout. HU01133 NFSv4 server exits on locks out of sync causing NFS services to stop. HU01168 After upgrade access to CIFS shares is lost on the system when the number of ranges for AUTO ID mapping is less than 3 for plain AD authentication configuration when default configuration settings for AUTO ID pool are overridden. High Importance Fixes HU01207 Repeated INFO messages indicating a restart of vsftpd service, such as "A start service was detected with vsftpd" and "A stopped or failed service was detected with vsftpd". HU01217 After upgrade parent filesystem free space reported instead of fileset when fileset quotas are enabled. HU01196 Creating Filesytem using system GUI with owning group option fails. HU01202 System node becomes unhealthy due to false positive result during internal validation of NFS Ganesha export paths. HU01197 SVC command user credentials gets logged in Unified log file. HU01154 Excessive SS0010 and SS0011 events causes GUI to crash. HU01123 Java runs out of memory and generates core dump causing GUI to crash. HU01113 While upgrading V7000 Unified an access outage may occur due to node ban. HU01146 Upgrade failed with error 01A8 at task U020cluster_upgradenode_all. HU01148 System fails Nessus security scan with TCP port 443 and 1081 vulnerabilities. HU01152 Upgrade failed with error 01E4 at task U035cluster_hsm_policy_upgrade. HU01138 Upgrade failed with error 01E0 at task U010cluster_hsm_upgrade. HU01117 After upgrade the lsnwinterface CLI does not display vlan ip information. HU01170 Running nmap makes the CLI server inadvertently process the nmap requests incorrectly eventually leading to CTDB marking the node unhealthy. HU01173 Callhome generates multiple cndump logs due to timezone offset difference. HU01175 GPFS mmapplypolicy command failure due to a race condition when several simultaneous policy sessions are invoked through operations such as triggering multiple NDMP backup sessions in parallel. HU01164 GUI is incorrectly displaying fileset quota limits inherited from filesystem even though the 'per fileset' quota option is enabled. Suggested Fixes HU01201 After upgrade to V1.6.0.x, lsidmap incorrectly displays EFSSG1145W Warning: "EFSSG1145W Warning: Some domain or SID information is not available. Verify AD domains connectivity with the cluster" HU01135 Unscannable files are continuously being resent for antivirus scanning which can affect antivirus performance. HU01215 Support Package creation collects SVC snaps twice impacting system performance. 9.2 Storwize V7000 Unified version 1.6.0.1 Code Levels: Storwize V7000 Unified Product Version 1.6.0.1(1.6.0.1-11) Storwize V7000 (2076) Product Version 7.5.0.3 (115.51.1509171734000) New features in IBM Storwize V7000 Unified File Module 1.6.0.1: None Issues resolved in IBM Storwize V7000 Unified File Module 1.6.0.0: Critical Fixes HU01025 Upgrade to V1.6.0.0 may result in access being denied to SMB/CIFS shares immediately after upgrade. This is seen only under certain access patterns. If the access issue is not encountered upon upgrade or has been resolved, this exposure no longer exists on a system running fine at 1.6.0.0 code level. For more information on the security fixes please refer to the flashes with "Security Bulletin" in heading at below link(HIPER): http://www-947.ibm.com/support/entry/portal/alerts/hardware/system_storage/disk_systems/mid-range_disk_systems/ibm_storwize_v7000_unified 9.3 Storwize V7000 Unified version 1.6.0.0 Code Levels: Storwize V7000 Unified Product Version 1.6.0.0(1.6.0.0-70) Storwize V7000 (2076) Product Version 7.5.0.3 (115.51.1509171734000) New features in IBM Storwize V7000 Unified File Module 1.6.0.0: Support filesetdf option for filesystems - Allows the end users to see quotas associated with the fileset, rather than that of the entire filesystem, when checked with "df" command from linux system. Microsoft Management Console (MMC) Support (Shared-Folders Snap-In) - Allowing Storage Admins to access and use Storwize Unified via the popular MMC. RPQ only - Support VARONIS file audit agent (3rd party software) allowing File Audit capabilities on Storwize Unified. Support CIFS on virtualised block controllers Support SMB v3 protocol Support "SMB encryption" feature of SMB 3 protocol - Allowing encryption "in-flight" versus "at-rest". Includes Spectrum scale 4.1.1.2 Includes NFS Ganesha 2.2 Add CLI support to define snapshot deletion time while defining retention rules. Support for GPFS ACL mode chmodAndUpdateAcl Snapshots for SMB clients Emulex Firmware and support new variant of Emulex 10G card Issues resolved in IBM Storwize V7000 Unified File Module 1.6.0.0: Critical Fixes HU00971 Log kernel stack when NFS Ganesha process exits and gets stuck in zombie state. HU00979 Samba process gets killed on both node one after the other. HU01012 NSD mapping correction failed while running upgrade. High Importance Fixes HU00976 GUI is showing task "1 Drive Upgrade operations". HU01013 Error message "The server was unable to process the request" detected after trying to access the File System section in Unified GUI. HU01015 While running an upgrade, all ctdb nodes were marked as unreachable. Suggested Fixes HU00978 Misleading WARNING, SEVERE messages when 'mmremote mmgetstate' returns an empty token. HU00985 Email Recipients on GUI not working on "INFO". HU01010 Unable to verify correct software version failure during upgrade. This Storwize V7000 Unified 1.6.0.0 release contains security fixes. For more information on the security fixes please refer to the flashes with "Security Bulletin" in heading at below link(HIPER): http://www-947.ibm.com/support/entry/portal/alerts/hardware/system_storage/disk_systems/mid-range_disk_systems/ibm_storwize_v7000_unified