mysupport.netapp.
com
b. Verify that the Restored column equals yes for all authentication keys: security key-manager
key-query
c. You can safely shut down the controller.
4. If the Key Manager type displays onboard and the Restored column displays anything other than yes:
a. Enter the onboard security key-manager sync command: security key-manager onboard sync
Enter the customer’s onboard key management passphrase at the prompt. If the passphrase cannot be
provided, contact NetApp Support.
mysupport.netapp.com
b. Verify the Restored column shows yes for all authentication keys: security key-manager key-
query
c. Verify that the Key Manager type shows onboard, and then manually back up the OKM information.
d. Go to advanced privilege mode and enter y when prompted to continue: set -priv advanced
e. Enter the command to display the key management backup information: security key-manager
onboard show-backup
f. Copy the contents of the backup information to a separate file or your log file. You’ll need it in disaster
scenarios where you might need to manually recover OKM.
g. Return to admin mode: set -priv admin
h. You can safely shut down the controller.
Shut down the controller - AFF A700s
After completing the NVE or NSE tasks, you need to complete the shutdown of the
impaired controller.
Steps
a. Take the impaired controller to the LOADER prompt:
If the impaired controller Then…
displays…
The LOADER prompt Go to Remove controller module.
Waiting for giveback… Press Ctrl-C, and then respond y when prompted.
System prompt or password Take over or halt the impaired controller from the healthy controller:
prompt (enter system password) storage failover takeover -ofnode
impaired_node_name
When the impaired controller shows Waiting for giveback…, press
Ctrl-C, and then respond y.
818
� b. From the LOADER prompt, enter: printenv to capture all boot environmental variables. Save the output
to your log file.
This command may not work if the boot device is corrupted or non-functional.
Replace the boot media - AFF A700s
You must remove the controller module from the chassis, open it, and then replace the
failed boot media.
Step 1: Remove the controller module
You must remove the controller module from the chassis when you replace the controller
module or replace a component inside the controller module.
1. If you are not already grounded, properly ground yourself.
2. Loosen the hook and loop strap binding the cables to the cable management device, and then unplug the
system cables and SFPs (if needed) from the controller module, keeping track of where the cables were
connected.
Leave the cables in the cable management device so that when you reinstall the cable management
device, the cables are organized.
3. Unplug the controller module power supply from the source, and then unplug the cable from the power
supply.
4. Remove the cable management device from the controller module and set it aside.
5. Press down on both of the locking latches, and then rotate both latches downward at the same time.
The controller module moves slightly out of the chassis.
819
� Locking latch
Locking pin
1. Slide the controller module out of the chassis.
Make sure that you support the bottom of the controller module as you slide it out of the chassis.
2. Place the controller module on a stable, flat surface, and then open the air duct:
a. Press in the locking tabs on the sides of the air duct toward the middle of the controller module.
b. Slide the air duct toward the fan modules, and then rotate it upward to its completely open position.
Air duct locking tabs
Risers
Air duct
Step 2: Replace the boot media - AFF A700s
You must locate the failed boot media in the controller module by removing the middle
PCIe module on the controller module, locate the failed boot media, and then replace the
boot media.
You need a Phillips head screwdriver to remove the screw that holds the boot media in place.
820
�1. If you are not already grounded, properly ground yourself.
2. Locate the boot media:
a. Open the air duct, if needed.
b. If needed, remove Riser 2, the middle PCIe module, by unlocking the locking latch and then removing
the riser from the controller module.
Air duct
Riser 2 (middle PCIe module)
Boot media screw
Boot media
3. Locate the failed boot media.
4. Remove the boot media from the controller module:
a. Using a #1 Phillips head screwdriver, remove the screw holding down the boot media and set the screw
aside in a safe place.
b. Grasping the sides of the boot media, gently rotate the boot media up, and then pull the boot media
straight out of the socket and set it aside.
5. Align the edges of the replacement boot media with the boot media socket, and then gently push it into the
socket.
6. Check the boot media to make sure that it is seated squarely and completely in the socket.
821
� If necessary, remove the boot media and reseat it into the socket.
7. Rotate the boot media down until it is flush with the motherboard.
8. Secure the boot media in place by using the screw.
Do not over-tighten the screw. Doing so might crack the boot media circuit board.
9. Reinstall the riser into the controller module.
10. Close the air duct:
a. Rotate the air duct downward.
b. Slide the air duct toward the risers until it clicks into place.
Transfer the boot image to the boot media - AFF A700s
You can install the system image to the replacement boot media using by using either the
image on second boot media installed in the controller module, the primary method to
restore the system image, or by transferring the boot image to the boot media using a
USB flash drive when the secondary boot media restore failed or if the image.tgz file is
not found on the secondary boot media.
Option 1: Transfer files to the boot media using backup recovery from the second boot media
You can install the system image to the replacement boot media using the image on
second boot media installed in the controller module. This is the primary method for
transferring the boot media files to the replacement boot media in systems with two boot
media in the controller module.
The image on the secondary boot media must contain an image.tgz file and must not be reporting failures. If
image.tgz file is missing or the boot media reports failures, you cannot use this procedure. You must transfer
the boot image to the replacement boot media using the USB flash drive replacement procedure.
Steps
1. If you are not already grounded, properly ground yourself.
2. If you have not already done so, close the air duct:
a. Swing the air duct all the way down to the controller module.
b. Slide the air duct toward the risers until the locking tabs click into place.
c. Inspect the air duct to make sure that it is properly seated and locked into place.
822
� Air duct
Risers
3. Align the end of the controller module with the opening in the chassis, and then gently push the controller
module halfway into the system.
4. Reinstall the cable management device and recable the system, as needed.
When recabling, remember to reinstall the media converters (SFPs) if they were removed.
5. Recable the power supply, and then connect it to the power source.
Make sure that you reattach the power cable locking collar on the power cord.
6. Gently push the controller module all the way into the system until the controller module locking hooks
begin to rise, firmly push on the locking hooks to finish seating the controller module, and then swing the
locking hooks into the locked position over the pins on the controller module.
The controller begins to boot as soon as it is completely installed into the chassis.
7. Interrupt the boot process by pressing Ctrl-C to stop at the LOADER prompt.
If you miss this message, press Ctrl-C, select the option to boot to Maintenance mode, and then halt the
controller to boot to LOADER.
8. From the LOADER prompt, boot the recovery image from the secondary boot media: boot_recovery
The image is downloaded from the secondary boot media.
823
� 9. When prompted, either enter the name of the image or accept the default image displayed inside the
brackets on your screen.
10. After the image is installed, start the restoration process:
a. Record the IP address of the impaired controller that is displayed on the screen.
b. Press y when prompted to restore the backup configuration.
c. Press y when prompted to confirm that the backup procedure was successful.
11. From the partner controller in advanced privilege level, start the configuration synchronization using the IP
address recorded in the previous step: system node restore-backup -node local -target
-address impaired_node_IP_address
12. After the configuration synchronization is complete without errors, press y when prompted to confirm that
the backup procedure was successful.
13. Press y when prompted whether to use the restored copy, and then press y when prompted to reboot the
controller.
14. Exit advanced privilege level on the healthy controller.
Option 2: Transfer the boot image to the boot media using a USB flash drive
This procedure should only be used if the secondary boot media restore failed or if the
image.tgz file is not found on the secondary boot media.
• You must have a USB flash drive, formatted to FAT32, with at least 4GB capacity.
• A copy of the same image version of ONTAP as what the impaired controller was running. You can
download the appropriate image from the Downloads section on the NetApp Support Site
◦ If NVE is enabled, download the image with NetApp Volume Encryption, as indicated in the download
button.
◦ If NVE is not enabled, download the image without NetApp Volume Encryption, as indicated in the
download button.
• If your system is an HA pair, you must have a network connection.
• If your system is a stand-alone system you do not need a network connection, but you must perform an
additional reboot when restoring the var file system.
Steps
1. If you are not already grounded, properly ground yourself.
2. If you have not already done so, close the air duct:
a. Swing the air duct all the way down to the controller module.
b. Slide the air duct toward the risers until the locking tabs click into place.
c. Inspect the air duct to make sure that it is properly seated and locked into place.
824
� Air duct
Risers
3. Align the end of the controller module with the opening in the chassis, and then gently push the controller
module halfway into the system.
4. Reinstall the cable management device and recable the system, as needed.
When recabling, remember to reinstall the media converters (SFPs) if they were removed.
5. Recable the power supply, and then connect it to the power source.
Make sure that you reattach the power cable locking collar on the power cord.
6. Insert the USB flash drive into the USB slot on the controller module.
Make sure that you install the USB flash drive in the slot labeled for USB devices, and not in the USB
console port.
7. Gently push the controller module all the way into the system until the controller module locking hooks
begin to rise, firmly push on the locking hooks to finish seating the controller module, and then swing the
locking hooks into the locked position over the pins on the controller module.
The controller begins to boot as soon as it is completely installed into the chassis.
8. Interrupt the boot process by pressing Ctrl-C to stop at the LOADER prompt.
If you miss this message, press Ctrl-C, select the option to boot to Maintenance mode, and then halt the
controller to boot to LOADER.
825
� 9. Although the environment variables and bootargs are retained, you should check that all required boot
environment variables and bootargs are properly set for your system type and configuration using the
printenv bootarg name command and correct any errors using the setenv variable-name
<value> command.
a. Check the boot environment variables:
▪ bootarg.init.boot_clustered
▪ partner-sysid
▪ bootarg.init.flash_optimized for AFF C190/AFF A220 (All Flash FAS)
▪ bootarg.init.san_optimized for AFF A220 and All SAN Array
▪ bootarg.init.switchless_cluster.enable
b. If External Key Manager is enabled, check the bootarg values, listed in the kenv ASUP output:
▪ bootarg.storageencryption.support <value>
▪ bootarg.keymanager.support <value>
▪ kmip.init.interface <value>
▪ kmip.init.ipaddr <value>
▪ kmip.init.netmask <value>
▪ kmip.init.gateway <value>
c. If Onboard Key Manager is enabled, check the bootarg values, listed in the kenv ASUP output:
▪ bootarg.storageencryption.support <value>
▪ bootarg.keymanager.support <value>
▪ bootarg.onboard_keymanager <value>
d. Save the environment variables you changed with the savenv command
e. Confirm your changes using the printenv variable-name command.
10. From the LOADER prompt, boot the recovery image from the USB flash drive: boot_recovery
The image is downloaded from the USB flash drive.
11. When prompted, either enter the name of the image or accept the default image displayed inside the
brackets on your screen.
12. After the image is installed, start the restoration process:
a. Record the IP address of the impaired controller that is displayed on the screen.
b. Press y when prompted to restore the backup configuration.
c. Press y when prompted to confirm that the backup procedure was successful.
13. Press y when prompted whether to use the restored copy, and then press y when prompted to reboot the
controller.
14. From the partner controller in advanced privilege level, start the configuration synchronization using the IP
address recorded in the previous step: system node restore-backup -node local -target
-address impaired_node_IP_address
826
�15. After the configuration synchronization is complete without errors, press y when prompted to confirm that
the backup procedure was successful.
16. Press y when prompted whether to use the restored copy, and then press y when prompted to reboot the
controller.
17. Verify that the environmental variables are set as expected.
a. Take the controller to the LOADER prompt.
From the ONTAP prompt, you can issue the command 'system node halt -skip-lif-migration-before
-shutdown true -ignore-quorum-warnings true -inhibit-takeover true'.
b. Check the environment variable settings with the printenv command.
c. If an environment variable is not set as expected, modify it with the setenv environment-
variable-name changed-value command.
d. Save your changes using the savenv command.
e. Reboot the controller.
18. With the rebooted impaired controller displaying the Waiting for giveback… message, perform a
giveback from the healthy controller:
If your system is in… Then…
An HA pair After the impaired controller is displaying the Waiting for
giveback… message, perform a giveback from the healthy controller:
a. From the healthy controller: storage failover giveback
-ofnode partner_node_name
The impaired controller takes back its storage, finishes booting,
and then reboots and is again taken over by the healthy controller.
If the giveback is vetoed, you can consider
overriding the vetoes.
ONTAP 9 High-Availability Configuration Guide
b. Monitor the progress of the giveback operation by using the
storage failover show-giveback command.
c. After the giveback operation is complete, confirm that the HA pair
is healthy and that takeover is possible by using the storage
failover show command.
d. Restore automatic giveback if you disabled it using the storage
failover modify command.
19. Exit advanced privilege level on the healthy controller.
Boot the recovery image - AFF A700s
You must boot the ONTAP image from the USB drive, restore the file system, and verify
827
