ONTAP Discussions

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

ONTAP Discussions

Ask a Question

9.11.1 upgrade recreates admin account with 'amqp' application

TMADOCTHOMAS
‎2023-02-28 06:01 AM
3,770 Views

Per NetApp best practices, we disable the admin account on our clusters and replace it with a different account. However, each time we reboot a node (whether for patching or not), the admin account gets recreated with the http and ontapi applications. Last night I upgraded three of our clusters to 9.11.1 and noticed a third admin entry that gets created with the 'amqp' application. I had not heard of this before but found documentation online. Is this a new normal behavior for 9.11.1? Can anyone provide more insight? Thanks!

0 Kudos
1 ACCEPTED SOLUTION

TMADOCTHOMAS
‎2023-03-02 10:42 AM
3,561 Views

From my NetApp case:

AMQP is a messaging protocol used for a publish/subscribe API that was introduced in ONTAP starting with 9.9.1. That is why the admin account gets created with AMQP.

Cloud Agent is an example of an application that subscribes to the ONTAP Pub/Sub API and uses AMQP over HTTPS.

View solution in original post

0 Kudos
11 REPLIES 11

paul_stejskal
NetApp
‎2023-02-28 07:39 AM
3,747 Views

I did some searching internally and couldn't find anything one way or another. I'd recommend going through the audit logs (available in Active IQ under AutoSupport, Management Logs, and audit-mlog.txt.gz or audit-log.gz for node shell, or SPI). Maybe that's a start.

Honestly for something like this, a case may be worth it if you can't figure it out. From what I can tell the Advanced Message Queuing Protocol shouldn't be in use by ONTAP from my searching.

0 Kudos

TMADOCTHOMAS
‎2023-02-28 07:44 AM
3,746 Views

Thanks @paul_stejskal , yeah that's what I was thinking. It doesn't make sense to me. Not sure how to read the logs you referenced but I may open a case as you suggested to take a closer look.

0 Kudos

CHRISMAKI
NetApp A-Team
‎2023-02-28 08:25 AM
3,717 Views

What documentation have you found regarding this? I was searching for this last week, the only docs I came across was this ancient NetApp Connect link.

0 Kudos

TMADOCTHOMAS
‎2023-02-28 08:33 AM
3,710 Views

That was my experience as well - I found a lot of articles on NetApp Connect, whatever that is.

0 Kudos

CHRISMAKI
NetApp A-Team
‎2023-02-28 09:04 AM
In response to TMADOCTHOMAS
3,697 Views

NetApp Connect enables users to access on-premises data from existing enterprise collaboration, file synchronization, and share applications quickly and securely, across devices they choose to use. Enterprise information remains managed by your company and stored on premises.

 

EOA August 2015

paul_stejskal
NetApp
‎2023-02-28 11:50 AM
3,669 Views

If you do open a case, please post the case # here. At least a couple people are watching this thread. There are conflicting internal references to the feature so I don't know if 9.11 changed something or not.

0 Kudos

TMADOCTHOMAS
‎2023-02-28 11:59 AM
3,661 Views

@paul_stejskal , case #2009488658

0 Kudos

CHRISMAKI
NetApp A-Team
‎2023-02-28 01:37 PM
3,639 Views

I think I've found a lead:

 

https://docs.netapp.com/us-en/ontap-cli-991/cluster-agent-connection-create.html#description

0 Kudos

TMADOCTHOMAS
‎2023-03-01 08:04 AM
3,600 Views

Nice find @CHRISMAKI . That likely explains what it's for, but I'm still curious why the admin account gets recreated on reboot with that application when it wasn't happening before.

0 Kudos

TMADOCTHOMAS
‎2023-03-02 10:42 AM
3,562 Views

From my NetApp case:

AMQP is a messaging protocol used for a publish/subscribe API that was introduced in ONTAP starting with 9.9.1. That is why the admin account gets created with AMQP.

Cloud Agent is an example of an application that subscribes to the ONTAP Pub/Sub API and uses AMQP over HTTPS.

0 Kudos

TMADOCTHOMAS
‎2023-03-02 10:43 AM
3,560 Views

So in summary it's a relatively new feature and that's why admin is just now being recreated with amqp whereas it wasn't previously.

0 Kudos
All Community Forums
Public