Veritas Access Release Notes

Last Published:
Product(s): Access (7.4.2)
Platform: Linux
  1. Overview of Veritas Access
    1.  
      About this release
    2.  
      Important release information
    3. Changes in this release
      1.  
        Integration with Veritas Data Deduplication technology for storing backup data
      2.  
        Capacity and time-period-based licensing model
      3.  
        Changes to the GUI
      4.  
        Supported operating systems
      5.  
        Changes in the Veritas Access command-line interface options in future releases
      6.  
        Not supported in this release
    4. Technical preview features
      1.  
        Veritas Access Streamer as a storage type for Enterprise Vault
      2.  
        Support for erasure coding in a scale-out file system for an LTR use case over the S3 protocol
    5.  
      Veritas Access simple storage service (S3) APIs
  2. Fixed issues
    1.  
      Fixed issues since the last release
  3. Software limitations
    1.  
      Limitations on using shared LUNs
    2. Flexible Storage Sharing limitations
      1.  
        If your cluster has DAS disks, you must limit the cluster name to ten characters at installation time
    3. Limitations related to installation and upgrade
      1.  
        If the required virtual IPs are not configured, then services like NFS, CIFS, and S3 do not function properly
      2.  
        Rolling upgrade is not supported from the Veritas Access command-line interface
    4.  
      Limitations in the Backup mode
    5.  
      Veritas Access IPv6 limitations
    6.  
      FTP limitations
    7.  
      Intel Spectre Meltdown limitation
    8.  
      Samba ACL performance-related issues
    9.  
      Limitations on using InfiniBand NICs in the Veritas Access cluster
    10.  
      Limitations related to commands in a non-SSH environment
    11.  
      Limitation on using Veritas Access in a virtual machine environment
    12.  
      Limitations related to Veritas Data Deduplication
    13.  
      NFS-Ganesha limitations
    14.  
      Kernel-based NFS v4 limitations
    15.  
      File system limitation
    16.  
      Veritas Access S3 server limitation
    17.  
      Long-term data retention (LTR) limitations
    18. Limitation related to replication
      1.  
        Limitation related to episodic replication authentication
      2.  
        Limitation related to continuous replication
  4. Known issues
    1. Veritas Access known issues
      1. Admin issues
        1.  
          The user password gets displayed in the logs for the Admin> user add username system-admin|storage-admin|master command
      2. Backup issues
        1.  
          Backup or restore status may show invalid status after the BackupGrp is switched or failed over to the other node when the SAN client is enabled
      3. CIFS issues
        1.  
          Cannot enable the quota on a file system that is appended or added to the list of homedir
        2.  
          Deleting a CIFS share resets the default owner and group permissions for other CIFS shares on the same file system
        3.  
          Listing of CIFS shares created on a Veritas Access cluster fails on Windows server or client
        4.  
          Default CIFS share has owner other than root
        5.  
          CIFS> mapuser command fails to map all the users from Active Directory (AD) to all the NIS/LDAP users
        6.  
          Windows client displays incorrect CIFS home directory share size
        7.  
          CIFS share may become unavailable when the CIFS server is in normal mode
        8.  
          CIFS share creation does not authenticate AD users
      4. Deduplication issues
        1.  
          Removing lost+found files for a mount point that has deduplication enabled may cause issues with deduplication
      5. FTP issues
        1.  
          If a file system is used as homedir or anonymous_login_dir for FTP, this file system cannot be destroyed
        2.  
          The FTP> server start command reports the FTP server to be online even when it is not online
        3.  
          The FTP> session showdetails user=<AD username> command does not work
        4.  
          If the security in CIFS is not set to Active Directory (AD), you cannot log on to FTP through the AD user
        5.  
          If security is set to local, FTP does not work in case of a fresh operating system and Veritas Access installation
        6.  
          If the LDAP and local FTP user have the same user name, then the LDAP user cannot perform PUT operations when the security is changed from local to nis-ldap
        7.  
          FTP with LDAP as security is not accessible to a client who connects from the console node using virtual IPs
        8.  
          The FTP server starts even if the home directory is offline and if the security is changed to local, the FTP client writes on the root file system
      6. General issues
        1.  
          A functionality of Veritas Access works from the master node but does not work from the slave node
      7. GUI issues
        1.  
          When both continuous and episodic replication links are set up, provisioning of storage using High Availability and Data Protection policies does not work
        2.  
          When a new node is added or when a new cluster is installed and configured, the GUI may not start on the console node after a failover
        3.  
          When an earlier version of the Veritas Access cluster is upgraded, the GUI shows stale and incomplete data
        4.  
          Restarting the server as part of the command to add and remove certificates gives an error on RHEL 7
        5.  
          While provisioning an S3 bucket for NetBackup, the bucket creation fails if the device protection is selected as erasurecoded and the failure domain is selected as disk
        6.  
          Client certificate validation using OpenSSL ocsp does not work on RHEL 7
        7.  
          When you perform the set LDAP operation using the GUI, the operation fails with an error
        8.  
          GUI does not support segregated IPv6 addresses while creating CIFS shares using the Enterprise Vault policy
      8. Installation and configuration issues
        1.  
          After you restart a node that uses RDMA LLT, LLT does not work, or the gabconfig - a command shows the jeopardy state
        2.  
          Running individual Veritas Access scripts may return inconsistent return codes
        3.  
          Configuring Veritas Access with the installer fails when the SSH connection is lost
        4.  
          Excluding PCIs from the configuration fails when you configure Veritas Access using a response file
        5.  
          Installer does not list the initialized disks immediately after initializing the disks during I/O fencing configuration
        6.  
          If the same driver node is used for two installations at the same time, then the second installation shows the progress status of the first installation
        7.  
          If the same driver node is used for two or more installations at the same time, then the first installation session is terminated
        8.  
          If you run the Cluster> show command when a slave node is in the restart, shutdown, or crash state, the slave node throws an exception
        9.  
          If duplicate PCI IDs are added for the PCI exclusion, the Cluster> add node name command fails
        10.  
          If installing using a response file is started from the cluster node, then the installation session gets terminated after the configuring NICs section
        11.  
          After finishing system verification checks, the installer displays a warning message about missing third-party RPMs
        12.  
          Phantomgroup for the VLAN device does not come online if you create another VLAN device from the Veritas Access command-line interface after cluster configuration is done
        13.  
          Veritas Access fails to install if LDAP or the autofs home directories are preconfigured on the system
        14.  
          After the Veritas Access installation is complete, the installer does not clean the SSH keys of the driver node on the Veritas Access nodes from where the installation is triggered.
        15.  
          Veritas Access installation fails if the nodes have older yum repositories and do not have Internet connectivity to reach RHN repositories
        16.  
          Installing Veritas Access with a preconfigured VLAN and a preconfigured bond fails
        17.  
          When you configure Veritas Access, the common NICs may not be listed
        18.  
          In a mixed mode Veritas Access cluster, after the execution of the Cluster> add node command, one type of unused IP does not get assigned as a physical IP to public NICs
        19.  
          NLMGroup service goes into a FAULTED state when the private IP (x.x.x.2) is not free
        20.  
          The cluster> show command does not detect all the nodes of the cluster
      9. Internationalization (I18N) issues
        1.  
          The Veritas Access command-line interface prompt disappears when characters in a foreign language are present in a command
      10. Networking issues
        1.  
          CVM service group goes into faulted state unexpectedly
        2.  
          In a mixed IPv4 and IPv6 VIP network set up, the IP balancing does not consider IP type
        3.  
          The netgroup search does not continue to search in NIS if the entry is not found in LDAP
        4.  
          The IPs hosted on an interface that is not the current IPv6 default gateway interface are not reachable outside the current IPv6 subnet
        5.  
          After network interface swapping between two private NICs or one private NIC and one public NIC, the service groups on the slave nodes are not probed
        6.  
          Unable to import the network module after an operating system upgrade
        7.  
          LDAP with SSL on option does not work if you upgrade Veritas Access
        8.  
          Network load balancer does not get configured with IPv6
        9.  
          Unable to add an IPv6-default gateway on an IPv4-installed cluster
        10.  
          LDAP over SSL may not work in Veritas Access 7.4.2
        11.  
          The network> swap command hangs if any node other than the console node is specified
      11. NFS issues
        1.  
          Slow performance with Solaris 10 clients with NFS-Ganesha version 4
        2.  
          Random-write performance drop of NFS-Ganesha with Linux clients
        3.  
          Latest directory content of server is not visible to the client if time is not synchronized across the nodes
        4.  
          NFS> share show may list the shares as faulted for some time if you restart the cluster node
        5.  
          NFS-Ganesha shares faults after the NFS configuration is imported
        6.  
          NFS-Ganesha shares may not come online when the number of shares are more than 500
        7.  
          Exporting a single path to multiple clients through multiple exports does not work with NFS-Ganesha
        8.  
          For the NFS-Ganesha server, bringing a large number of shares online or offline takes a long time
        9.  
          NFS client application may fail with the stale file handle error on node reboot
        10.  
          NFS> share show command does not distinguish offline versus online shares
        11.  
          Difference in output between NFS> share show and Linux showmount commands
        12.  
          NFS mount on client is stalled after you switch the NFS server
        13.  
          Kernel-NFS v4 lock failover does not happen correctly in case of a node crash
        14.  
          Kernel-NFS v4 export mount for Netgroup does not work correctly
        15.  
          NFS-Ganesha share for IPv6 subnet does not work and NFS share becomes faulted
        16.  
          When a file system goes into the FAULTED or OFFLINE state, the NFS share groups associated with the file system do not become offline on all the nodes
      12. ObjectAccess issues
        1.  
          When trying to connect to the S3 server over SSLS3, the client application may give a warning like "SSL3_GET_SERVER_CERTIFICATE:certificate verify failed"
        2.  
          If you have upgraded to Veritas Access 7.4.2 from an earlier release, access to S3 server fails if the cluster name has uppercase letters
        3.  
          If the cluster name does not follow the DNS hostname restrictions, you cannot work with the ObjectAccess service in Veritas Access
        4.  
          Bucket creation may fail with time-out error
        5.  
          Bucket deletion may fail with "No such bucket" or "No such key" error
        6.  
          Group configuration does not work in ObjectAccess if the group name contains a space
      13. OpenDedup issues
        1.  
          The file system storage is not reclaimed after deletion of an OpenDedup volume
        2.  
          The Storage> fs online command fails with an EBUSY error
        3.  
          Output mismatch in the df -h command for OpenDedup volumes that are backed by a single bucket and mounted on two different media servers
        4.  
          The OpenDedup> volume create command does not revert the changes if the command fails during execution
        5.  
          Some of the OpenDedup volume stats reset to zero after upgrade
        6.  
          OpenDedup volume mount operation fails with an error
        7.  
          Restore of data from AWS glacier fails
        8.  
          OpenDedup volumes are not online after an OpenDedup upgrade if there is a change in the cluster name
        9.  
          If the Veritas Access master node is restarted when a restore job is in progress and OpenDedup resides on the media server, the restored files may be in inconsistent state
        10.  
          The OpenDedup> volume list command may not show the node IP for a volume
        11.  
          When Veritas Access is configured in mixed mode, the configure LTR script randomly chooses a virtual IP from the available Veritas Access virtual IPs
      14. OpenStack issues
        1.  
          Cinder and Manila shares cannot be distinguished from the Veritas Access command-line interface
        2.  
          Cinder volume creation fails after a failure occurs on the target side
        3.  
          Cinder volume may fail to attach to the instance
        4.  
          Bootable volume creation for an iSCSI driver fails with an I/O error when a qcow image is used
      15. Replication issues
        1.  
          When running episodic replication and dedup over the same source, the episodic replication file system fails in certain scenarios
        2.  
          The System> config import command does not import episodic replication keys and jobs
        3.  
          The job uses the schedule on the target after episodic replication failover
        4.  
          Episodic replication fails with error "connection reset by peer" if the target node fails over
        5.  
          Episodic replication jobs created in Veritas Access 7.2.1.1 or earlier versions are not recognized after an upgrade
        6.  
          Setting the bandwidth through the GUI is not enabled for episodic replication
        7.  
          Episodic replication job with encryption fails after job remove and add link with SSL certificate error
        8.  
          Episodic replication job status shows the entry for a link that was removed
        9.  
          Episodic replication job modification fails
        10.  
          Episodic replication failover does not work
        11.  
          Continuous replication fails when the 'had' daemon is restarted on the target manually
        12.  
          Continuous replication is unable to go to the replicating state if the Storage Replicated Log becomes full
        13.  
          Unplanned failover and failback in continuous replication may fail if the communication of the IPTABLE rules between the cluster nodes does not happen correctly
        14.  
          Continuous replication configuration may fail if the continuous replication IP is not online on the master node but is online on another node
        15.  
          If you restart any node in the primary or the secondary cluster, replication may go into a PAUSED state
      16. SDS known issues
        1.  
          After the SDS log is rotated, the log messages from either Veritas Access or the SDS plugin go to the rotated file instead of the new file
      17. SmartIO issues
        1.  
          SmartIO writeback cachemode for a file system changes to read mode after taking the file system offline and then online
      18. Storage issues
        1.  
          Snapshot mount can fail if the snapshot quota is set
        2.  
          Sometimes the Storage> pool rmdisk command does not print a message
        3.  
          The Storage> pool rmdisk command sometimes can give an error where the file system name is not printed
        4.  
          Not able to enable quota for file system that is newly added in the list of CIFS home directories
        5.  
          Destroying the file system may not remove the /etc/mtab entry for the mount point
        6.  
          The Storage> fs online command returns an error, but the file system is online after several minutes
        7.  
          Removing disks from the pool fails if a DCO exists
        8.  
          Scale-out file system returns an ENOSPC error even if the df command shows there is space available in the file system
        9.  
          Rollback refresh fails when running it after running Storage> fs growby or growto commands
        10.  
          If an exported DAS disk is in error state, it shows ERR on the local node and NOT_CONN on the remote nodes in Storage> list
        11.  
          Inconsistent cluster state with management service down when disabling I/O fencing
        12.  
          Storage> tier move command failover of node is not working
        13.  
          Storage> scanbus operation hangs at the time of I/O fencing operation
        14.  
          Rollback service group goes in faulted state when respective cache object is full and there is no way to clear the state
        15.  
          Event messages are not generated when cache objects get full
        16.  
          The Veritas Access command-line interface should not allow uncompress and compress operations to run on the same file at the same time
        17.  
          Storage device fails with SIGBUS signal causing the abnormal termination of the scale-out file system daemon
        18.  
          Storage> tier move list command fails if one of the cluster nodes is rebooted
        19.  
          Pattern given as filter criteria to Storage> fs policy add sometimes erroneously transfers files that do not fit the criteria
        20.  
          When a policy run completes after issuing Storage> fs policy resume, the total data and total files count might not match the moved data and files count as shown in Storage> fs policy status
        21.  
          Storage> fs addcolumn operation fails but error notification is not sent
        22.  
          Storage> fs-growto and Storage> fs-growby commands give error with isolated disks
        23.  
          Unable to create space-optimized rollback when tiering is present
        24.  
          Enabling I/O fencing on a set up with Volume Manager objects present fails to import the disk group
        25.  
          File system creation fails when the pool contains only one disk
        26.  
          After starting the backup service, BackupGrp goes into FAULTED state on some nodes
        27.  
          A scale-out file system created with a simple layout using thin LUNs may show layered layout in the Storage> fs list command
        28.  
          A file system created with a largefs-striped or largefs-mirrored-stripe layout may show incorrect number of columns in the Storage> fs list command
        29.  
          File system creation fails with SSD pool
        30.  
          A scale-out file system may go into faulted state after the execution of Storage> fencing off/on command
        31.  
          After an Azure tier is added to a scale-out file system, you cannot move files to the Azure tier and the Storage> tier stats command may fail
        32.  
          The CVM service group goes in to faulted state after you restart the management console node
        33.  
          The Storage> fs create command does not display the output correctly if one of the nodes of the cluster is in unknown state
        34.  
          Storage> fs growby and growto commands fail if the size of the file system or bucket is full
        35.  
          The operating system names of fencing disks are not consistent across the Veritas Access cluster that may lead to issues
        36.  
          The disk group import operation fails and all the services go into failed state when fencing is enabled
        37.  
          While creating an erasure-coded file system, a misleading message leads to issues in the execution of the storage> fs create command
        38.  
          The Veritas Access cluster node can get explicitly ejected or aborted from the cluster during recovery when another node joins the cluster after a restart
        39.  
          Error while creating a file system stating that the CVM master and management console are not on the same node
        40.  
          When you configure disk-based fencing, the cluster does not come online after you restart the node
        41.  
          In an erasure-coded file system, when the nodes are restarted, some of the file systems do not get unmounted
        42.  
          After a node is restarted, the vxdclid process may generate core dump
        43.  
          The Veritas Access command-line interface may be inaccessible after some nodes in the cluster are restarted
        44.  
          The cluster> shutdown command does not shut down the node
      19. System issues
        1.  
          The System> ntp sync command without any argument does not appear to work correctly
        2.  
          The NTP server does not get configured correctly during installation
      20. Target issues
        1.  
          Storage provisioning commands hang on the Veritas Access initiator when LUNs from the Veritas Access target are being used
        2.  
          After the Veritas Access cluster recovers from a storage disconnect, the iSCSI LUNs exported from Veritas Access as an iSCSI target may show the wrong content on the initiator side
      21. Upgrade issues
        1.  
          Some vulnerabilities are present in the python-requests rpm which impacts rolling upgrade when you try to upgrade from 7.4.x to 7.4.2
        2.  
          During rolling upgrade, Veritas Access shutdown does not complete successfully
        3.  
          CVM is in FAULTED state after you perform a rolling upgrade
        4.  
          If rolling upgrade is performed when NFS v4 is configured using NFS lease, the system may hang
      22. Veritas Data Deduplication issues
        1.  
          The Veritas Data Deduplication storage server does not come online on a newly added node in the cluster if the node was offline when you configured deduplication
        2.  
          The Veritas Data Deduplication server goes offline after destroying the bond interface on which the deduplication IP was online
        3.  
          If you grow the deduplication pool using the fs> grow command, and then try to grow it further using the dedupe> grow command, the dedupe> grow command fails
        4.  
          The Veritas Data Deduplication server goes offline after bond creation using the interface of the deduplication IP
  5. Getting help
    1.  
      Displaying the Online Help
    2.  
      Displaying the man pages
    3.  
      Using the Veritas Access product documentation

Fixed issues since the last release

This section includes the issues fixed since the last release.

Table: Fixed issues since the last release

Fixed issues

Description

IA-12439

When the CIFS server is configured with security as "ads" and the AD server is configured with IPv6, you can access the CIFS shares only using virtual IPs hosted on the console node, and you cannot use the virtual IPs from the non-console node to mount the CIFS shares

IA-13334

Security vulnerability with SMB1 clients

IA-13254

Changing the home directory path of FTP shows success but the PUT operation from the client still puts the data into the old home directory

IA-13254

Setting the home directory for individual users does not work as expected if the global home directory is already set

IA-12443

When the FTP server is configured with security as "ads" and the AD server is configured with IPv6, you can access the FTP home directories only using the virtual IPs hosted on the console node, and you cannot use the virtual IPs from the non-console node to access the FTP home directories

IA-12800

IPv6 range for an IP address is not accepted if the range ends with any of the characters from [a,b,c,d,e,f]