I thought I'd bring everything together into one post before going onto volume (application) provisioning.
Note 1: These commands follow on from cluster build being completed (which includes aggregates, IFGRPs, VLANs, Broadcast-domains, etcetera.)Note 2: Remember "aggregate auto-provision" if required.
Note 3: I have changed the SVM naming convention.
Note 4: There are some additions here too (highlighted).
###############
## CLUSTER 1 ##
# Part 2: Cron Schedules and Snapshot Policy #
job schedule cron create -cluster cluster1 -vserver cluster1 -name my4hourly -minute 0 -hour 0,4,8,12,16,20
job schedule cron create -cluster cluster1 -vserver cluster1 -name my4hourlytp -minute 0 -hour 0,4,8,12,16,20
job schedule cron create -cluster cluster1 -vserver cluster1 -name mydaily -minute 5 -hour 0
job schedule cron create -cluster cluster1 -vserver cluster1 -name mymonthly -minute 10 -hour 0 -day 1
job schedule cron create -cluster cluster1 -vserver cluster1 -name my5min03 -minute 3,8,13,18,23,28,33,38,43,48,53,58
job schedule cron create -cluster cluster1 -vserver cluster1 -name my15min03 -minute 3,18,33,48
snapshot policy create -vserver cluster1 -policy my18x4hourly30daily3monthly -enabled true -schedule1 my4hourly -count1 18 -prefix1 my4hourly -snapmirror-label1 my4hourly -schedule2 mydaily -count2 30 -prefix2 mydaily -snapmirror-label2 mydaily -schedule3 mymonthly -count3 3 -prefix3 mymonthly -snapmirror-label3 mymonthly
snapshot policy create -vserver cluster1 -policy my18x4hourlytp30daily3monthly -enabled true -schedule1 my4hourlytp -count1 18 -prefix1 my4hourlytp -snapmirror-label1 my4hourlytp -retention-period1 3 days -schedule2 mydaily -count2 30 -prefix2 mydaily -snapmirror-label2 mydaily -schedule3 mymonthly -count3 3 -prefix3 mymonthly -snapmirror-label3 mymonthly
# Part 3: Create the domain-tunnel AD authentication vserver and remove protocols (security hardening) #
vserver create -vserver cluster1_aa -rootvolume cluster1_aa_root -aggregate cluster1_01_SSD_1 -rootvolume-security-style ntfs -language C.UTF-8 -snapshot-policy none -comment "Domain Tunnel Management Authentication SVM"
vserver remove-protocols -vserver cluster1_aa -protocols nfs,cifs,fcp,iscsi,ndmp,nvme,s3
route create -vserver cluster1_aa -destination 0.0.0.0/0 -gateway 192.168.0.1 -metric 20
network interface create -vserver cluster1_aa -lif n1e0e_aa -data-protocol none -address 192.168.0.136 -netmask 255.255.255.0 -home-node cluster1-01 -home-port e0e
dns create -vserver cluster1_aa -domains demo.company.com -name-servers 192.168.0.253
active-directory create -vserver cluster1_aa -domain demo.company.com -account-name cluster1_aa
# Note: You will get prompted for AD password.
domain-tunnel create -vserver cluster1_aa
# Part 5: Building Our Production NAS SVMs
vserver create -vserver cluster1_pr1 -rootvolume cluster1_pr1_root -aggregate cluster1_01_SSD_1 -rootvolume-security-style unix -language C.UTF-8 -snapshot-policy none -comment "Cluster 1 Production 1 SVM"
vserver remove-protocols -vserver cluster1_pr1 -protocols fcp,iscsi,nvme,s3 # leaves nfs,cifs,ndmp
route create -vserver cluster1_pr1 -destination 0.0.0.0/0 -gateway 192.168.0.1 -metric 20
net int create -vserver cluster1_pr1 -lif n1e0e_nas -home-node cluster1-01 -home-port e0e -data-protocol nfs,cifs -netmask 255.255.255.0 -address 192.168.0.141
net int create -vserver cluster1_pr1 -lif n1e0f_nas -home-node cluster1-01 -home-port e0f -data-protocol nfs,cifs -netmask 255.255.255.0 -address 192.168.0.142
net int create -vserver cluster1_pr1 -lif n2e0e_nas -home-node cluster1-02 -home-port e0e -data-protocol nfs,cifs -netmask 255.255.255.0 -address 192.168.0.143
net int create -vserver cluster1_pr1 -lif n2e0f_nas -home-node cluster1-02 -home-port e0f -data-protocol nfs,cifs -netmask 255.255.255.0 -address 192.168.0.144
dns create -vserver cluster1_pr1 -domains demo.company.com -name-servers 192.168.0.253
cifs server create -vserver cluster1_pr1 -cifs-server cluster1_pr1 -domain demo.company.com
# Note: You will get prompted for AD password.
nfs server create -vserver cluster1_pr1
###############
## CLUSTER 1 ##
# Part 2: Cron Schedules and Snapshot Policy #
job schedule cron create -cluster cluster1 -vserver cluster1 -name my4hourly -minute 0 -hour 0,4,8,12,16,20
job schedule cron create -cluster cluster1 -vserver cluster1 -name my4hourlytp -minute 0 -hour 0,4,8,12,16,20
job schedule cron create -cluster cluster1 -vserver cluster1 -name mydaily -minute 5 -hour 0
job schedule cron create -cluster cluster1 -vserver cluster1 -name mymonthly -minute 10 -hour 0 -day 1
job schedule cron create -cluster cluster1 -vserver cluster1 -name my5min03 -minute 3,8,13,18,23,28,33,38,43,48,53,58
job schedule cron create -cluster cluster1 -vserver cluster1 -name my15min03 -minute 3,18,33,48
snapshot policy create -vserver cluster1 -policy my18x4hourly30daily3monthly -enabled true -schedule1 my4hourly -count1 18 -prefix1 my4hourly -snapmirror-label1 my4hourly -schedule2 mydaily -count2 30 -prefix2 mydaily -snapmirror-label2 mydaily -schedule3 mymonthly -count3 3 -prefix3 mymonthly -snapmirror-label3 mymonthly
snapshot policy create -vserver cluster1 -policy my18x4hourlytp30daily3monthly -enabled true -schedule1 my4hourlytp -count1 18 -prefix1 my4hourlytp -snapmirror-label1 my4hourlytp -retention-period1 3 days -schedule2 mydaily -count2 30 -prefix2 mydaily -snapmirror-label2 mydaily -schedule3 mymonthly -count3 3 -prefix3 mymonthly -snapmirror-label3 mymonthly
# Part 3: Create the domain-tunnel AD authentication vserver and remove protocols (security hardening) #
vserver create -vserver cluster1_aa -rootvolume cluster1_aa_root -aggregate cluster1_01_SSD_1 -rootvolume-security-style ntfs -language C.UTF-8 -snapshot-policy none -comment "Domain Tunnel Management Authentication SVM"
vserver remove-protocols -vserver cluster1_aa -protocols nfs,cifs,fcp,iscsi,ndmp,nvme,s3
route create -vserver cluster1_aa -destination 0.0.0.0/0 -gateway 192.168.0.1 -metric 20
network interface create -vserver cluster1_aa -lif n1e0e_aa -data-protocol none -address 192.168.0.136 -netmask 255.255.255.0 -home-node cluster1-01 -home-port e0e
dns create -vserver cluster1_aa -domains demo.company.com -name-servers 192.168.0.253
active-directory create -vserver cluster1_aa -domain demo.company.com -account-name cluster1_aa
# Note: You will get prompted for AD password.
domain-tunnel create -vserver cluster1_aa
# Part 5: Building Our Production NAS SVMs
vserver create -vserver cluster1_pr1 -rootvolume cluster1_pr1_root -aggregate cluster1_01_SSD_1 -rootvolume-security-style unix -language C.UTF-8 -snapshot-policy none -comment "Cluster 1 Production 1 SVM"
vserver remove-protocols -vserver cluster1_pr1 -protocols fcp,iscsi,nvme,s3 # leaves nfs,cifs,ndmp
route create -vserver cluster1_pr1 -destination 0.0.0.0/0 -gateway 192.168.0.1 -metric 20
net int create -vserver cluster1_pr1 -lif n1e0e_nas -home-node cluster1-01 -home-port e0e -data-protocol nfs,cifs -netmask 255.255.255.0 -address 192.168.0.141
net int create -vserver cluster1_pr1 -lif n1e0f_nas -home-node cluster1-01 -home-port e0f -data-protocol nfs,cifs -netmask 255.255.255.0 -address 192.168.0.142
net int create -vserver cluster1_pr1 -lif n2e0e_nas -home-node cluster1-02 -home-port e0e -data-protocol nfs,cifs -netmask 255.255.255.0 -address 192.168.0.143
net int create -vserver cluster1_pr1 -lif n2e0f_nas -home-node cluster1-02 -home-port e0f -data-protocol nfs,cifs -netmask 255.255.255.0 -address 192.168.0.144
dns create -vserver cluster1_pr1 -domains demo.company.com -name-servers 192.168.0.253
cifs server create -vserver cluster1_pr1 -cifs-server cluster1_pr1 -domain demo.company.com
# Note: You will get prompted for AD password.
nfs server create -vserver cluster1_pr1
nfs server modify -vserver cluster1_pr1 -v4-id-domain demo.company.com
ldap client create -client-config ldap_client -vserver cluster1_pr1 -schema MS-AD-BIS -ad-domain demo.company.com
###############
## CLUSTER 2 ##
# Part 2: Cron Schedulas and Snapshot Policy #
job schedule cron create -cluster cluster2 -vserver cluster2 -name my4hourly -minute 0 -hour 0,4,8,12,16,20
job schedule cron create -cluster cluster2 -vserver cluster2 -name my4hourlytp -minute 0 -hour 0,4,8,12,16,20
job schedule cron create -cluster cluster2 -vserver cluster2 -name mydaily -minute 5 -hour 0
job schedule cron create -cluster cluster2 -vserver cluster2 -name mymonthly -minute 10 -hour 0 -day 1
job schedule cron create -cluster cluster2 -vserver cluster2 -name my5min03 -minute 3,8,13,18,23,28,33,38,43,48,53,58
job schedule cron create -cluster cluster2 -vserver cluster2 -name my15min03 -minute 3,18,33,48
snapshot policy create -vserver cluster2 -policy my18x4hourly30daily3monthly -enabled true -schedule1 my4hourly -count1 18 -prefix1 my4hourly -snapmirror-label1 my4hourly -schedule2 mydaily -count2 30 -prefix2 mydaily -snapmirror-label2 mydaily -schedule3 mymonthly -count3 3 -prefix3 mymonthly -snapmirror-label3 mymonthly
snapshot policy create -vserver cluster2 -policy my18x4hourlytp30daily3monthly -enabled true -schedule1 my4hourlytp -count1 18 -prefix1 my4hourlytp -snapmirror-label1 my4hourlytp -retention-period1 3 days -schedule2 mydaily -count2 30 -prefix2 mydaily -snapmirror-label2 mydaily -schedule3 mymonthly -count3 3 -prefix3 mymonthly -snapmirror-label3 mymonthly
# Part 3: Create the domain-tunnel AD authentication vserver and remove protocols (security hardening) #
vserver create -vserver cluster2_aa -rootvolume cluster2_aa_root -aggregate cluster2_01_SSD_1 -rootvolume-security-style ntfs -language C.UTF-8 -snapshot-policy none -comment "Domain Tunnel Management Authentication SVM"
vserver remove-protocols -vserver cluster2_aa -protocols nfs,cifs,fcp,iscsi,ndmp,nvme,s3
route create -vserver cluster2_aa -destination 0.0.0.0/0 -gateway 192.168.0.1 -metric 20
network interface create -vserver cluster2_aa -lif n1e0e_aa -data-protocol none -address 192.168.0.136 -netmask 255.255.255.0 -home-node cluster2-01 -home-port e0e
dns create -vserver cluster2_aa -domains demo.company.com -name-servers 192.168.0.253
active-directory create -vserver cluster2_aa -domain demo.company.com -account-name cluster2_aa
# Note: You get prompted for AD password.
domain-tunnel create -vserver cluster2_aa
# Part 5: Building Our Production NAS SVMs #
vserver create -vserver cluster1_dr1 -rootvolume cluster1_dr1_root -aggregate cluster2_01_SSD_1 -rootvolume-security-style unix -language C.UTF-8 -snapshot-policy none -comment "Cluster 1 Production 1 DR SVM"
vserver remove-protocols -vserver cluster1_dr1 -protocols fcp,iscsi,nvme,s3 # leaves nfs,cifs,ndmp
route create -vserver cluster1_dr1 -destination 0.0.0.0/0 -gateway 192.168.0.1 -metric 20
net int create -vserver cluster1_dr1 -lif n1e0e_nas -home-node cluster2-01 -home-port e0e -data-protocol nfs,cifs -netmask 255.255.255.0 -address 192.168.0.241
net int create -vserver cluster1_dr1 -lif n1e0f_nas -home-node cluster2-01 -home-port e0f -data-protocol nfs,cifs -netmask 255.255.255.0 -address 192.168.0.242
net int create -vserver cluster1_dr1 -lif n2e0e_nas -home-node cluster2-02 -home-port e0e -data-protocol nfs,cifs -netmask 255.255.255.0 -address 192.168.0.243
net int create -vserver cluster1_dr1 -lif n2e0f_nas -home-node cluster2-02 -home-port e0f -data-protocol nfs,cifs -netmask 255.255.255.0 -address 192.168.0.244
dns create -vserver cluster1_dr1 -domains demo.company.com -name-servers 192.168.0.253
cifs server create -vserver cluster1_dr1 -cifs-server cluster1_dr1 -domain demo.company.com
# Note: You will get prompted for AD password.
nfs server create -vserver cluster1_dr1
ldap client create -client-config ldap_client -vserver cluster1_pr1 -schema MS-AD-BIS -ad-domain demo.company.com
###############
## CLUSTER 2 ##
# Part 2: Cron Schedulas and Snapshot Policy #
job schedule cron create -cluster cluster2 -vserver cluster2 -name my4hourly -minute 0 -hour 0,4,8,12,16,20
job schedule cron create -cluster cluster2 -vserver cluster2 -name my4hourlytp -minute 0 -hour 0,4,8,12,16,20
job schedule cron create -cluster cluster2 -vserver cluster2 -name mydaily -minute 5 -hour 0
job schedule cron create -cluster cluster2 -vserver cluster2 -name mymonthly -minute 10 -hour 0 -day 1
job schedule cron create -cluster cluster2 -vserver cluster2 -name my5min03 -minute 3,8,13,18,23,28,33,38,43,48,53,58
job schedule cron create -cluster cluster2 -vserver cluster2 -name my15min03 -minute 3,18,33,48
snapshot policy create -vserver cluster2 -policy my18x4hourly30daily3monthly -enabled true -schedule1 my4hourly -count1 18 -prefix1 my4hourly -snapmirror-label1 my4hourly -schedule2 mydaily -count2 30 -prefix2 mydaily -snapmirror-label2 mydaily -schedule3 mymonthly -count3 3 -prefix3 mymonthly -snapmirror-label3 mymonthly
snapshot policy create -vserver cluster2 -policy my18x4hourlytp30daily3monthly -enabled true -schedule1 my4hourlytp -count1 18 -prefix1 my4hourlytp -snapmirror-label1 my4hourlytp -retention-period1 3 days -schedule2 mydaily -count2 30 -prefix2 mydaily -snapmirror-label2 mydaily -schedule3 mymonthly -count3 3 -prefix3 mymonthly -snapmirror-label3 mymonthly
# Part 3: Create the domain-tunnel AD authentication vserver and remove protocols (security hardening) #
vserver create -vserver cluster2_aa -rootvolume cluster2_aa_root -aggregate cluster2_01_SSD_1 -rootvolume-security-style ntfs -language C.UTF-8 -snapshot-policy none -comment "Domain Tunnel Management Authentication SVM"
vserver remove-protocols -vserver cluster2_aa -protocols nfs,cifs,fcp,iscsi,ndmp,nvme,s3
route create -vserver cluster2_aa -destination 0.0.0.0/0 -gateway 192.168.0.1 -metric 20
network interface create -vserver cluster2_aa -lif n1e0e_aa -data-protocol none -address 192.168.0.136 -netmask 255.255.255.0 -home-node cluster2-01 -home-port e0e
dns create -vserver cluster2_aa -domains demo.company.com -name-servers 192.168.0.253
active-directory create -vserver cluster2_aa -domain demo.company.com -account-name cluster2_aa
# Note: You get prompted for AD password.
domain-tunnel create -vserver cluster2_aa
# Part 5: Building Our Production NAS SVMs #
vserver create -vserver cluster1_dr1 -rootvolume cluster1_dr1_root -aggregate cluster2_01_SSD_1 -rootvolume-security-style unix -language C.UTF-8 -snapshot-policy none -comment "Cluster 1 Production 1 DR SVM"
vserver remove-protocols -vserver cluster1_dr1 -protocols fcp,iscsi,nvme,s3 # leaves nfs,cifs,ndmp
route create -vserver cluster1_dr1 -destination 0.0.0.0/0 -gateway 192.168.0.1 -metric 20
net int create -vserver cluster1_dr1 -lif n1e0e_nas -home-node cluster2-01 -home-port e0e -data-protocol nfs,cifs -netmask 255.255.255.0 -address 192.168.0.241
net int create -vserver cluster1_dr1 -lif n1e0f_nas -home-node cluster2-01 -home-port e0f -data-protocol nfs,cifs -netmask 255.255.255.0 -address 192.168.0.242
net int create -vserver cluster1_dr1 -lif n2e0e_nas -home-node cluster2-02 -home-port e0e -data-protocol nfs,cifs -netmask 255.255.255.0 -address 192.168.0.243
net int create -vserver cluster1_dr1 -lif n2e0f_nas -home-node cluster2-02 -home-port e0f -data-protocol nfs,cifs -netmask 255.255.255.0 -address 192.168.0.244
dns create -vserver cluster1_dr1 -domains demo.company.com -name-servers 192.168.0.253
cifs server create -vserver cluster1_dr1 -cifs-server cluster1_dr1 -domain demo.company.com
# Note: You will get prompted for AD password.
nfs server create -vserver cluster1_dr1
nfs server modify -vserver cluster1_dr1 -v4-id-domain demo.company.com
ldap client create -client-config ldap_client -vserver cluster1_dr1 -schema MS-AD-BIS -ad-domain demo.company.com
#################################
## CLUSTER AND VSERVER PEERING ##
cluster1::> cluster peer create -peer-addrs 192.168.0.123,192.168.0.124
# Note: You will get prompted for a passphrase.
cluster2::> cluster peer create -peer-addrs 192.168.0.121,192.168.0.122
# Note: You will get prompted for a passphrase.
cluster1::> vserver peer create -vserver cluster1_pr1 -peer-vserver cluster1_dr1 -peer-cluster cluster2 -applications snapmirror
cluster1::> vserver peer accept -vserver cluster1_dr1 -peer-vserver cluster1_pr1
## AND REMEMBER THE DNS SETUP ##
cluster1_pr1.demo.company.com 192.168.0.141
cluster1_pr1.demo.company.com 192.168.0.142
cluster1_pr1.demo.company.com 192.168.0.143
cluster1_pr1.demo.company.com 192.168.0.144
cluster1_pr1_n1e0e_nas.demo.company.com 192.168.0.141 <-- and PTR record
cluster1_pr1_n1e0f_nas.demo.company.com 192.168.0.142 <-- and PTR record
cluster1_pr1_n2e0e_nas.demo.company.com 192.168.0.143 <-- and PTR record
cluster1_pr1_n2e0f_nas.demo.company.com 192.168.0.144 <-- and PTR record
cluster1_dr1.demo.company.com 192.168.0.241
cluster1_dr1.demo.company.com 192.168.0.242
cluster1_dr1.demo.company.com 192.168.0.243
cluster1_dr1.demo.company.com 192.168.0.244
cluster1_dr1_n1e0e_nas.demo.company.com 192.168.0.241 <-- and PTR record
cluster1_dr1_n1e0f_nas.demo.company.com 192.168.0.242 <-- and PTR record
cluster1_dr1_n2e0e_nas.demo.company.com 192.168.0.243 <-- and PTR record
cluster1_dr1_n2e0f_nas.demo.company.com 192.168.0.244 <-- and PTR record
## AND SPNs SETUP ##
cluster1_pr1_n1e0e_nas.demo.company.com
cluster1_pr1_n1e0f_nas.demo.company.com
cluster1_pr1_n2e0e_nas.demo.company.com
cluster1_pr1_n2e0f_nas.demo.company.com
cluster1_dr1_n1e0e_nas.demo.company.com
cluster1_dr1_n1e0f_nas.demo.company.com
cluster1_dr1_n2e0e_nas.demo.company.com
cluster1_dr1_n2e0f_nas.demo.company.com
Note: cluster1_pr1.demo.company.com and cluster1_dr1.demo.company.com should exist as default SPNs when the AD computer object is created.
ldap client create -client-config ldap_client -vserver cluster1_dr1 -schema MS-AD-BIS -ad-domain demo.company.com
#################################
## CLUSTER AND VSERVER PEERING ##
cluster1::> cluster peer create -peer-addrs 192.168.0.123,192.168.0.124
# Note: You will get prompted for a passphrase.
cluster2::> cluster peer create -peer-addrs 192.168.0.121,192.168.0.122
# Note: You will get prompted for a passphrase.
cluster1::> vserver peer create -vserver cluster1_pr1 -peer-vserver cluster1_dr1 -peer-cluster cluster2 -applications snapmirror
cluster1::> vserver peer accept -vserver cluster1_dr1 -peer-vserver cluster1_pr1
## AND REMEMBER THE DNS SETUP ##
cluster1_pr1.demo.company.com 192.168.0.141
cluster1_pr1.demo.company.com 192.168.0.142
cluster1_pr1.demo.company.com 192.168.0.143
cluster1_pr1.demo.company.com 192.168.0.144
cluster1_pr1_n1e0e_nas.demo.company.com 192.168.0.141 <-- and PTR record
cluster1_pr1_n1e0f_nas.demo.company.com 192.168.0.142 <-- and PTR record
cluster1_pr1_n2e0e_nas.demo.company.com 192.168.0.143 <-- and PTR record
cluster1_pr1_n2e0f_nas.demo.company.com 192.168.0.144 <-- and PTR record
cluster1_dr1.demo.company.com 192.168.0.241
cluster1_dr1.demo.company.com 192.168.0.242
cluster1_dr1.demo.company.com 192.168.0.243
cluster1_dr1.demo.company.com 192.168.0.244
cluster1_dr1_n1e0e_nas.demo.company.com 192.168.0.241 <-- and PTR record
cluster1_dr1_n1e0f_nas.demo.company.com 192.168.0.242 <-- and PTR record
cluster1_dr1_n2e0e_nas.demo.company.com 192.168.0.243 <-- and PTR record
cluster1_dr1_n2e0f_nas.demo.company.com 192.168.0.244 <-- and PTR record
## AND SPNs SETUP ##
cluster1_pr1_n1e0e_nas.demo.company.com
cluster1_pr1_n1e0f_nas.demo.company.com
cluster1_pr1_n2e0e_nas.demo.company.com
cluster1_pr1_n2e0f_nas.demo.company.com
cluster1_dr1_n1e0e_nas.demo.company.com
cluster1_dr1_n1e0f_nas.demo.company.com
cluster1_dr1_n2e0e_nas.demo.company.com
cluster1_dr1_n2e0f_nas.demo.company.com
Note: cluster1_pr1.demo.company.com and cluster1_dr1.demo.company.com should exist as default SPNs when the AD computer object is created.
Comments
Post a Comment