ONTAP Discussions

/mroot/etc/log no access

robfstephenson
14,971 Views

Hi, I can access logs using https but not all of them:

 

https://10.13.5.205/spi/PG7NETAPPP04-03/mroot/etc/log --> website declined to show this webpage
https://10.13.5.205/spi/PG7NETAPPP04-03/etc/log            --> access ok
https://10.13.5.205/spi/                                                         --> access ok

 

Any ideas regarding what I've missed setting up access would be great.

 

thanks Rob

1 ACCEPTED SOLUTION

Naveenpusuluru
14,837 Views

Hi @robfstephenson

 

You can get the dumps in the below location.

 

Capture1.PNG

 

Capture2.PNG

 

Please let me know if you have any concerns.

View solution in original post

10 REPLIES 10

Naveenpusuluru
14,875 Views

Hi @robfstephenson

 

Please post me the output of below command.

 

:: sec login show

 vserver services web show

 

 

You have to create a account spi on that cluster netapp.

Naveenpusuluru
14,873 Views

Hi @robfstephenson

 

Please go through below link. It might help you to resolve this issue.

 

https://library.netapp.com/ecmdocs/ECMP1636068/html/GUID-E593FD00-D062-4649-853A-4409E282FA12.html

 

 

robfstephenson
14,858 Views

Hi, information requested below - I'll look at your links as well thanks. I thought it was odd I can access the SPI and other logs but not see or access mroot.

I am using the admin user which seems to have the relevant acces.

 

I included an attachment for completeness.   

 

thanks rob 


@robfstephenson wrote:

Hi, I can access logs using https but not all of them:

 

https://10.13.5.205/spi/PG7NETAPPP04-03/mroot/etc/log --> website declined to show this webpage
https://10.13.5.205/spi/PG7NETAPPP04-03/etc/log            --> access ok
https://10.13.5.205/spi/                                                         --> access ok

 

Any ideas regarding what I've missed setting up access would be great.

 

thanks Rob


 

 

 

===================================================================================

 

 

PG7NETAPPP04::security login> vserver services web show
Vserver        Type     Service Name     Description                   Enabled
-------------- -------- ---------------- ----------------------------- -------
PG7-Cluster1   data     ontapi           Remote Administrative API     true
                                         Support
PG7-Cluster1   data     wsman            WS-MAN server                 true
PG7-Cluster2   data     ontapi           Remote Administrative API     true
                                         Support
PG7-Cluster2   data     wsman            WS-MAN server                 true
PG7-Cluster3   data     ontapi           Remote Administrative API     true
                                         Support
PG7-Cluster3   data     wsman            WS-MAN server                 true
PG7-EV         data     ontapi           Remote Administrative API     true
                                         Support
PG7-EV         data     wsman            WS-MAN server                 true
PG7NETAPPP04   admin    cem              OBSOLETE                      true
PG7NETAPPP04   admin    compat           Data ONTAP Classic Services   true
PG7NETAPPP04   admin    disco            Data ONTAP Discovery          true
PG7NETAPPP04   admin    ontapi           Remote Administrative API     true
                                         Support
PG7NETAPPP04   admin    portal           Data ONTAP Web Services       true
                                         Portal
PG7NETAPPP04   admin    spi              Service Processor             true
                                         Infrastructure
PG7NETAPPP04   admin    supdiag          Support Diagnostics           false
PG7NETAPPP04   admin    sysmgr           OnCommand System Manager      true
PG7NETAPPP04   admin    wsman            WS-MAN server                 true

 

 

                             Authentication                  Acct
User/Group Name  Application Method         Role Name        Locked
---------------- ----------- -------------- ---------------- ------
admin            console     password       admin            no
admin            http        password       admin            no
admin            ontapi      password       admin            no
admin            service-processor
                             password       admin            no
admin            ssh         password       admin            no

 

Naveenpusuluru
14,841 Views

Hi @robfstephenson

 

You can access mroot from system shell only. If you are accessing through SPI you need not to menton mroot in the path.

 

https://kb.netapp.com/support/s/article/how-to-manually-collect-all-the-logs-from-a-clustered-data-ontap-cluster?language=en_US

 

If you don't mind can you please tel me the reason what you are looking for in SPI?

robfstephenson
14,811 Views

ok thanks I'll check that article. Support require a dump I created.

Naveenpusuluru
14,838 Views

Hi @robfstephenson

 

You can get the dumps in the below location.

 

Capture1.PNG

 

Capture2.PNG

 

Please let me know if you have any concerns.

GMOHDZMTZ
12,571 Views

Anyone know how to copy files to mroot/etc/software when a web server is nos available in order to update SP firmware for CDOT 9?

Storagator_DB
10,631 Views

I wuould like to know as well

trailblder
10,157 Views

For clusters with no access to a webserver, but that do have access to a scp program like winscp:


Prior to this make sure that the diag user is unlocked and a password is set:

clustername::*> security login show -username diag

Vserver: vserver1
Second
User/Group Authentication Acct Authentication
Name Application Method Role Name Locked Method
-------------- ----------- ------------- ---------------- ------ --------------
diag console password admin no none

clustername::> security login password -username diag

Enter a new password:
Enter it again:


Login to each node's mgt IP.
Set diag
Drop to systemshell:
clustername::*> systemshell local
(system node systemshell)
diag@127.0.0.1's password:

clustername-02% sudo kenv bootarg.login.allowdiag=true <-- hit enter
bootarg.login.allowdiag="true" <-- returns this

You can do this from the original cluster mode IP, but the other node will need to be from the opposite nodes mgt IP because the software location is node specific.

Using WinScp, login to the node mgt IP using SCP, port 22, user diag, diag password.

Navigate to /mroot/etc/software/
Copy over SP_FW.zip (rename what you downloaded--or whatever software)

clustername-02% sudo kenv bootarg.login.allowdiag=false
bootarg.login.allowdiag="false"

Disconnect from WinScp

robfstephenson
14,764 Views

Naveen

thanks.. much clearer now.

Public