Data Infrastructure Insights

cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

Data Infrastructure Insights

Ask a Question

Initialization of the NetApp ONTAP SVM Data Collector for Cloud Secure is failing

knieberg
NetApp
‎2020-07-10 01:00 AM
6,078 Views

Hello Team,

 

my customer is facing the following issue:

Untitled.png

what are we doing wrong?

Thanks

0 Kudos
View By:
1 ACCEPTED SOLUTION
knieberg has accepted the solution

knieberg
NetApp
‎2020-07-10 05:26 AM
In response to abhit
6,040 Views

Thanks @abhit.

 

in combination with this:

Troubleshooting hints

Topic

Commands / Purpose

Comment

Firewall
Cloud Secure 

Communication with SVM target is not stable / not working. ensure firewall rule set is set accordingly:

firewall-cmd --permanent --zone=public --add-port=35000-55000/tcp
firewall-cmd --reload

You can check on the ONTAP system ports used:

ocisedev::vserver fpolicy policy> external-engine show                         Primary           Secondary                ExternalVserver     Engine       Servers           Servers             Port Engine Type----------- -----------  ----------------- ----------------- ------ -----------demoGroupShares                                               35005 asynchronous            metadata_    10.197.144.120    -            service_            demoGroupSh            ares_enginedemoGroupShares2                                              35003 asynchronous            metadata_    10.197.144.125    -            service_            demoGroupSh            ares2_            engine2 entries were displayed.

 

 

 

it was perfect!

View solution in original post

5 REPLIES 5

aladd
NetApp
‎2020-07-10 02:30 AM
6,060 Views

Hello @knieberg 

 

 The error seems to be pointing out termination by an external fpolicy server. I would suggest opening a support case for this issue.

0 Kudos

abhit
NetApp
‎2020-07-10 03:55 AM
6,054 Views

It is most likely that firewall is blocking these ports in the agent machine.

Could you please check if the port range 35001-35100/tcp is opened for the agent machine to connect from the SVM?

Also make sure that there are no firewalls enabled in the ONTAP side blocking any communication to the agent machine.

Please look into the documentation under "Network Configuration" on how to disable firewall in the agent machine.

https://docs.netapp.com/us-en/cloudinsights/task_cs_add_agent.html#before-you-begin

 

-Abhi

 

knieberg has accepted the solution

knieberg
NetApp
‎2020-07-10 05:26 AM
In response to abhit
6,041 Views

Thanks @abhit.

 

in combination with this:

Troubleshooting hints

Topic

Commands / Purpose

Comment

Firewall
Cloud Secure 

Communication with SVM target is not stable / not working. ensure firewall rule set is set accordingly:

firewall-cmd --permanent --zone=public --add-port=35000-55000/tcp
firewall-cmd --reload

You can check on the ONTAP system ports used:

ocisedev::vserver fpolicy policy> external-engine show                         Primary           Secondary                ExternalVserver     Engine       Servers           Servers             Port Engine Type----------- -----------  ----------------- ----------------- ------ -----------demoGroupShares                                               35005 asynchronous            metadata_    10.197.144.120    -            service_            demoGroupSh            ares_enginedemoGroupShares2                                              35003 asynchronous            metadata_    10.197.144.125    -            service_            demoGroupSh            ares2_            engine2 entries were displayed.

 

 

 

it was perfect!

abhit
NetApp
‎2020-08-19 11:30 PM
In response to knieberg
5,447 Views

2 more reasons why the connection between SVM and DSC may fail, though ping from SVM Lif to Agent box, Agent box to SVM Lif is working fine.

 

  1. While adding the DSC via SVM IP and vsadmin credentials, please check if the SVM Lif has is Data+Mgmt role enabled. If yes, please create a SVM Mgmt Only Lif and try connecting via this SVM management only Lif.
  1. Also these kind of errors are seen, when same SVMs are added twice via 2 different DSCs by mistake. It will good to recheck if by mistake, the same SVM has been added by 2 different DSCs.

Regards

Abhi

0 Kudos

abhit
NetApp
‎2020-08-19 11:58 PM
In response to abhit
5,445 Views

Also, if the DSC to SVM connection is over WAN the connection will not work.

Both should be in close proximity to each other.

-Abhi

0 Kudos
Announcements
All Community Forums
Public