IBM FlashSystem 840 & FlashSystem V840

Remote Support Overview

IBM FlashSystem 840 & FlashSystem V840Remote Support Overview

Applicable Products

Product: IBM FlashSystem 840Product Version(s): v1.1.1.x, v1.1.2.x

Product: IBM FlashSystem V840Product Version(s): v1.1.1.x, v1.1.2.x

Table of Contents

Trademarks ..................................................................................................................... 1

1.0 Overview ................................................................................................................. 2

2.0 Remote support tasks ............................................................................................. 3

2.1 Call Home ....................................................................................................... 3

2.2 Heartbeat ........................................................................................................ 3

2.3 Diagnostic data offload.................................................................................... 3

2.4 Remote access ............................................................................................... 4

3.0 IBM Assist On-Site .................................................................................................. 4

3.1 IBM AOS security features .............................................................................. 4

3.1.1 Authentication....................................................................................... 43.1.2 Encryption and decryption .................................................................... 53.1.3 Logging and auditing ............................................................................ 5

3.2 AOS session modes........................................................................................ 6

3.3 AOS availability ............................................................................................... 7

4.0 FlashSystem 840 and V840 management GUI and CLI ......................................... 7

4.1 Ethernet management port.............................................................................. 8

4.2 When to use the management GUI or CLI ...................................................... 8

4.3 Event reporting................................................................................................ 8

4.3.1 Event log .............................................................................................. 84.3.2 Event notifications ................................................................................ 9

4.4 Resolving an error with fix procedure using the GUI ..................................... 10

4.5 Viewing events using the CLI ........................................................................ 11

4.6 User access .................................................................................................. 11

4.6.1 User groups........................................................................................ 134.6.2 Audit log ............................................................................................. 14

5.0 Instructions............................................................................................................ 15

5.1 Initial Call Home configuration using GUI System Setup wizard ................... 15

5.2 Call Home configuration using the GUI or CLI after initial setup ................... 19

5.2.1 Call Home configuration using the GUI after initial setup ..................... 195.2.2 Call Home configuration using the CLI after initial setup...................... 20

5.3 Viewing Call Home data sent to IBM support ................................................ 21

5.4 Manual collection of support logs .................................................................. 22

Appendix A: Additional publications and resources....................................................... 25

Appendix B: Heartbeat data contents............................................................................ 27

Remote Support Overview 1

Trademarks

IBM, the IBM logo, and ibm.com are trademarks or registered trademarks of IBMCorporation in the United States, other countries, or both. These and other IBMtrademarked terms are marked on their first occurrence in this information with theappropriate symbol (® or ™), indicating US registered or common law trademarks ownedby IBM at the time this information was published. Such trademarks may also beregistered or common law trademarks in other countries. A current list of IBM trademarksis available on the Web at http://www.ibm.com/legal/copytrade.shtml.

The following terms are trademarks of the IBM Corporation in the United States, othercountries, or both:

The following terms are trademarks of other companies:

Microsoft, Windows, and Internet Explorer are trademarks of Microsoft Corporation in theUnited States, other countries, or both.

Java and all Java-based trademarks and logos are trademarks or registered trademarksof Oracle and/or its affiliates.

Other company, product, or service names may be trademarks or service marks of others.

© Copyright IBM Corporation 2014 2

1.0 Overview

IBM® highly encourages you to take advantage of IBM Call Home and all its relatedfeatures to allow you and IBM to partner for your success. Call Home is a supportfunction embedded in all storage products. By enabling Call Home, the health andstability of your system is monitored every hour of every day throughout the year by theindustry’s top troubleshooting specialists at IBM support. As an IBM client, the CallHome service will effectively provide you with reduced risk over an un-monitored systemby alerting you of a system defect through My Notifications, automatically opening aProblem Management Record (PMR), and ultimately, decreasing system downtimethrough faster problem determination and resolution. Continue reading for a detailedexplanation of IBM Call Home and other remote support tasks, available connectionoptions, unique features, and instructions for configuring and maximizing the potential ofthis preventative maintenance feature.


2.0 Remote support tasks

IBM is committed to servicing the FlashSystem™ 840 and V840 in a secure andprofessional manner, whether it is warranty work, planned code upgrades, ormanagement of a component failure. Dispatching service personnel for on-siteassistance and maintenance is part of that commitment. In order to minimize downtimeand maximize efficiency, however, IBM Support can perform the following tasksremotely:

Call Home Heartbeat Diagnostic Data Offload Code Upload Remote Access

The storage system’s ability to enable the performance of these support tasks remainsdependent on the availability of an outside connection and client-defined settings.Continue reading for a detailed explanation of what each support task entails.

2.1 Call Home

IBM Call Home is a predictive and preventative embedded-support function thatmonitors the health and functionality of your FlashSystem through error logs and eventnotifications. Upon detection of a hardware or software error code, the IBM Call Hometransmission protocol initially notifies both you and IBM Service Center of the detectedevent through your company’s email server using Simple Mail Transfer Protocol(SMTP). If Service Center determines that the detected event requires service orfurther investigation, a new PMR is created and sent to the appropriate IBM supportpersonnel. Depending on the type of error reported, an IBM service representative canbe dispatched to your site with necessary replacement parts or you can grant IBMService Engineers remote access to view diagnostic data for the affected system. Theinformation that is sent to IBM during an error-initiated Call Home is viewable from themanagement GUI’s system log. Follow the instructions provided in section 5.3 of thisdocument entitled ‘Viewing Call Home data sent to IBM support’.

2.2 Heartbeat

Call Home on the FlashSystem can be enabled to transmit proactive inventoryinformation to IBM support called a heartbeat. This feature is a one-way communicationfrom the storage system to IBM support that only contains basic product information. Bysending this information, IBM can verify that the storage system is operational andcapable of initiating a successful Call Home in the event of a detected error. Toefficiently maintain the system, IBM highly recommends enabling inventory alerts andscheduling this alert to transmit every 1 to 7 days. If a scheduled inventory alert doesnot reach IBM and event notifications for the system are enabled, an alert will be sent tocompany personnel to notify them of the unexpected failure and to encourage furtherinvestigation into the health status of the system in question.

2.3 Diagnostic data offload

For certain problems that cause a severe impact to the storage system, a large amountof problem-related data called support logs must be generated to enable IBM support


personnel to quickly and accurately troubleshoot the system. The data reviewed by IBMsupport includes machine configuration information such as the machine model, type,and serial number. Logs containing completed commands, detailed error logs, andnetwork configuration changes are sent to assist during events that require complicateddiagnostic processes.

The FlashSystem Service Center is a focal point in gathering and storing datapackages, which are transmitted by SMTP reports from the system. Service Center isresponsible for offloading the data packages through Secure Shell (SSH) protocol toIBM support. Continue reading for more information regarding the connection from theFlashSystem Service Center to IBM support.

2.4 Remote access

Remote access is the most interactive level of assistance from IBM. After a Call Hometransmission and review of preliminary diagnostic data, direct interaction with theFlashSystem may be necessary to delve deeper into the problem and develop an actionplan. To minimize system downtime and provide the most efficient support session, anIBM support engineer may request access to interact with the affected storage system.Depending on the severity of the issue, remote access to the system can provideproblem resolution or minimize the effects of an impacting event while a servicerepresentative is dispatched to the local worksite. To provide remote assistance to theFlashSystem 840 and V840 storage systems, IBM support engineers use IBM AssistOn-Site (AOS) software, which is explained in the following sections.

3.0 IBM Assist On-Site

IBM AOS is an IBM software that provides a Secure Sockets Layers (SSL) securesession for IBM support to remotely connect with port forwarding to a client’s IBMstorage device for diagnostic purposes. IBM support representatives use the powerfulsuite of tools accessible by AOS for problem determination and remediation that supportengineers can use to quickly complete root cause analysis and take appropriatecorrective action.

3.1 IBM AOS security features

Security and privacy are fundamental concerns when granting remote access to supportpersonnel. AOS uses the latest security technology to ensure that the data beingexchanged between you and the support engineers is completely secure. Identities areverified and protected with industry-standard authentication technology. AOS sessionsare kept secure and private using randomly generated session keys and advancedencryption.

3.1.1 Authentication

Support sessions are protected by a strong password authentication process, whichvaries based on the type of session. The various authentication methods available foryour FlashSystem and their descriptions follow on the next page:


NT LAN Manager version 2 (NTLMv2)NTLMv2 is a Microsoft challenge-response authentication protocol, which is usedwith the Server Message Block (SMB) protocol. It sends two 16-byte responsesto an 8-byte server challenge. The protocol hashes the client and serverchallenges by using Hash-based message authentication code (HMAC-MD5).HMAC-MD5 hashes the proxy password and other data including the proxy username and domain name.

AOS detects your proxy server through your Web browser settings or registrykeys. Proxy settings are evaluated through a JavaScript parser, if available. TheRemote Support Utility opens a window to allow you to select either basic orNTLM. From there, you enter the domain, user ID, and password to authenticateusing the NTLMv2 protocol.

IBM Intranet ID and PasswordIBM Intranet Password eXternal is an authentication tool that uses openstandards to allow IBM employees on the intranet to securely use the existingintranet password system to log onto third-party vendor Web sites. These openstandards include the RSA Public Key Cryptography Standard (PKCS) 7,Extensible Markup Language (XML), and Simple Object Access Protocol (SOAP)based Web services. Using web service technology, IBM Intranet PasswordeXternal is able to adopt the intranet password system and remotely validatedigitally-signed authentication tokens regardless of the operating system orserver platform.

AOS adopts IBM Intranet Password eXternal to allow support engineers to log onto the Remote Support Console and Administrative Portal using their IBM intranetID and passwords, without AOS compromising the passwords. Using IBMBlueGroups, the eXternal password verification system manages the supportrepresentative’s membership to a support group and thereby access to the AOSprogram.

3.1.2 Encryption and decryption

IBM AOS implements outbound connections that are protected by state-of-the-art 128-bit MARS encryption over a Hypertext Transfer Protocol Secure (HTTPS) browsersession. This form of advanced encryption prevents intruder access to the informationexchanged during all support sessions. Chat, screen view, screen share, and the filetransfer of data are encrypted throughout a session. Packets are never decrypted intransit by the Relay Server to ensure the integrity of the data.

3.1.3 Logging and auditing

Assist On-Site writes to log files on the Relay Server. AOS, when directed during thesupport session initiation process, can also write to log files on a specified storagesystem.


The Relay Server logs the following support session data: Your name and number Support engineer’s name and number Your IP and MAC addresses Support engineer’s IP and MAC addresses Time stamps for connection and disconnection

Administrators can view reports of the log files through the Administration Portal.You have the choice to audit the support session locally by explicitly activating it uponaccepting the support session. The AOS events that are written to the target system’sapplication log include the following information:

Connection and disconnection Initial session mode and subsequent changes to other session modes Port forwarding sessions including the user name of the support engineer and a

date and time stamp that indicate the beginning and end of the session Names of the files that have been received and/or transferred Any requests for system information from the Remote Support Console

3.2 AOS session modes

During an active AOS session, both you and support personnel can switch betweenvarious session modes providing flexibility to the remote support process. The varioussession modes are explained as follows:

Chat Only Mode (Default)Chat Only Mode is the default AOS session mode between you and an IBMsupport person when the session is initiated. A chat window is available so thatyou can chat in real time with the support member. In Chat Only Mode, thesupport person assisting is only capable of chatting and is not able to view yourdesktop or access your system. Chat Only Mode can be initiated at any timeduring a support session.

Port ForwardingThe port forwarding function was introduced in AOS version 3.3 and is primarilyintended to allow IBM support to use product-specific, IP-based maintenancetools. This session mode is only accessible by specific IBM support groups. Portforwarding allows authorized support personnel to establish an IP connection toa previously defined IP address and port. You exclusively control and maintainthe IP address and port configuration established for port forwarding.

View ModeView mode enables desktop-sharing, which allows the support person to view,but not control, the window contents of the system. The support person does nothave keyboard or mouse control. All command inputs are verbally dictated toyou for manual entry.


Panel SharingA panel sharing session enables direct interaction so that the IBM supportrepresentative can view the window contents of your storage system and takecontrol of both the mouse and keyboard. You may exit this mode at any time.

3.3 AOS availability

The ability for IBM support personnel to connect to an affected system is a clientconfigurable option that is an additional security feature implemented through AOS. Thefollowing explains the possible connection configurations of AOS that affect an IBMsupport person’s ability to remotely access a system for diagnostic purposes:

Lights On (Default)The Lights On operation describes setting up the TSSC so that it behavessimilarly to the original AOS application for window sharing. When an IBMsupport person needs to connect, someone must be available at the localworksite to acknowledge and allow the session. To permit the outsideconnection, either you or an on-site IBM support person must enter a keyprovided by IBM support as part of the challenge and response keyauthentication method.

Lights OutThe Lights Out operation describes setting up the TSSC so that the gateway isalways active and able to receive a connection without local approval. This is theequivalent of high-speed modem support, where the IBM support representativecan establish a session to the TSSC without anyone present in the data center.This setting is not the default configuration and must be explicitly enabled duringconfiguration, if desired.

4.0 FlashSystem 840 and V840 management GUI and CLI

The FlashSystem 840 and V840 storage systems are each equipped with a browser-enabled Graphical User Interface (GUI) to facilitate system monitoring, management,and configuration. This interface is known as the FlashSystem management GUI. TheGUI provides easy access to tools that assist in remote management andtroubleshooting. The GUI also provides a comprehensive overview of the status andfunctionality of all the components that the system is made up of.

Some users, however, may be more comfortable using the Command-line Interface(CLI) to manage the system. A Secure Shell (SSH) client is used to access the systemthrough the use of the CLI in this case. The CLI allows you to enter commands tomanage and interact with your system rather than through the use of buttons and icons,as is the case with the GUI.

Further information regarding the management GUI and CLI, including troubleshootingfeatures and configuration instructions, can be found in the following sections.


4.1 Ethernet management port

FlashSystem 840 and V840 systems contain dual management control processors,each with its own Ethernet management port. These two Ethernet management portsoperate with a single clustered IP address for system management. If one controlcanister is taken out for service or for any other reason is not operable, the other controlcanister will service the clustered IP address.

While the clustered IP address allows access to the system as a whole, each canistercan be accessed through an individual service IP. These IP addresses provide accessto each of the canister modules and are, among other features, capable of setting acanister into a service state or rebooting a specified canister.

4.2 When to use the management GUI or CLI

Use either the GUI or the CLI as the primary tool for servicing your system. Regularlymonitor the status of the system using one of these interfaces. If the possibility of asystem error arises, use your preferred interface to attempt to diagnose and solve theproblem before contacting IBM support.

The views and commands that are available for use with the GUI or CLI can be used toverify the status of the system, the hardware devices, the physical storage, and theavailable volumes. Accessing the event log from the GUI or CLI provides informationregarding the problems that exist on the system.

4.3 Event reporting

The FlashSystem 840 and V840 storage systems record all command inputs in an auditlog and all events in an event log, both accessible from your preferred interface. Oncean entry has been made in the event log, the status and functionality of the system’scomponents are analyzed. If any service activity or further investigation into the healthof the system is required, a notification is sent that follows the configured reportingmethod that is defined during or after installation.

4.3.1 Event log

The FlashSystem event log is accessible from the management GUI or CLI andprovides useful information related to any changes detected by the system. Eventsadded to the log are classified as either alerts or messages based on the followingcriteria:

AlertAn alert is logged when the event requires an action. Certain alerts have anassociated error code, which defines the service action that is required. Theservice actions are automated through the fix procedures. If the alert does nothave an error code, the alert represents an unexpected change in the state. Thissituation must be investigated to determine whether this unexpected changerepresents a failure. Investigate the cause of an alert and resolve it as soon as itis reported.


MessageA message is logged when a change that is expected is reported, for instance,when an array build completes.

Each event recorded in the event log includes fields with information that can be used todiagnose problems. Table 1 describes all of the default fields included in the GUI viewand the CLI view which assist in troubleshooting scenarios.

Table 1: FlashSystem 840 and V840 event log field description

Data Field Description

Error Code A number which describes the service action that must be followed toresolve an error condition. Not all events have error codes that areassociated with them. Many event IDs can have the same error codebecause the service action is the same for all the events.

Sequence Number A number that identifies the event. This field is only shown by default inthe CLI.

Last Time Stamp The time when the last instance of this error event was recorded in thelog.

Status The classification of the event. Event status is either message or alert.

Description A short description of why the event was triggered.

Object TypeThe object type to which the event log relates. The object type can behardware or software.

Object ID The object ID to which the event log relates.

Object Name The object name to which the event log relates.

Fixed When an alert is shown for an error condition, it indicates whether thereason for the event was resolved or not. In many cases, the systemautomatically marks the events fixed when appropriate, but certainevents must be manually marked as fixed. If the event is a message,this field indicates that you have read and performed the action. Themessage must be marked as read. This field is only shown by default inthe CLI as the GUI shows only unfixed events by default.

Event ID The ID of the specific event. This field is only shown by default in theCLI.

4.3.2 Event notifications

The FlashSystem 840 and V840 can use Simple Network Management Protocol(SNMP) traps, syslog messages, emails, and Call Home notifications to notify you andIBM support when significant events are detected. Any combination of these notificationmethods can be used simultaneously. Notifications are normally sent immediately afteran event is raised; however, there are certain events that might occur because ofservice actions that are being performed. If a recommended service action is active, theevents will only create notifications if the problem is still unfixed when the service actioncompletes.

Only events recorded in the event log can create notifications. Most CLI messages inresponse to certain CLI commands are not recorded in the event log so that they do not


cause an event notification. Actions made in the CLI trigger events in the audit log,instead. Table 2 below describes the levels of event notifications.

Table 2: Notification Levels

Notification Level Description

Error Error notification is sent to indicate a problem that must be correctedas soon as possible. This notification indicates a serious problem withthe system. For example, the event that is being reported mightindicate a loss of redundancy in the system, and it is possible thatanother failure might result in loss of access to data. The typicalreason for sending this type of notification is a hardware failure, butcertain configuration errors or fabric errors are also included in thisnotification level. Error notifications can be configured to be sent as aCall Home to IBM Remote Technical Support.

Warning A warning notification is sent to indicate a problem or unexpectedcondition with the system. Always immediately investigate this type ofnotification to determine the effect that it might have on youroperation and make any necessary corrections. A warning notificationdoes not require any replacement parts and therefore does notrequire IBM Support Center involvement. The allocation of notificationtype warning does not imply that the event is less serious than anevent that has notification level error.

Information An informational notification is sent to indicate that an expected eventhas occurred. No remedial action is required when these notificationsare sent. Informational events provide information about the status ofan operation. Information events are recorded in the error event logand, depending on the configuration, can be notified through email,SNMP, and syslog.

4.4 Resolving an error with fix procedure using the GUI

A fix procedure is a wizard that assists in troubleshooting and problem resolution fordetected errors on the storage system. These fix procedures analyze the system toprovide additional problem-related information. Next, the system implements an actionplan to return the system back to normal operation. Finally, the fix procedure checksthat the problem is resolved and marks the event as fixed if the problem has beenresolved.

Always use the fix procedure for both system configuration problems and hardwarefailures. The fix procedure analyzes the system to ensure that the required changes donot cause volumes to be inaccessible to hosts. The fix procedures automaticallyperform configuration changes that are required to return the system to its optimumstate.

To run the management GUI, launch a supported web browser and insert managementIP address of your system as the URL. After the connection is successful, you see alogin panel. Log on using your user name and password. After you log on, selectMonitoring Events to view the system event log. Once the log has opened, selectthe Recommended Actions filter if it has not already been applied by default.


To run the fix procedure for the error with the highest priority, click Run Fix at the top ofthe page where a Recommended Action notice appears. Highest priority fixes alwaysappear on the events page. To run a fix procedure for something that is not top priority,you must first filter the events by Recommended Actions. All alert status events aredisplayed in order of importance. Right click on the event that you want to fix and selectRun Fix or select Actions on the top menu after selecting the alert and then select RunFix Procedure. When you fix higher priority events first, the system will automaticallymark lower priority events as fixed.

4.5 Viewing events using the CLIWhile it is possible to resolve system issues through the CLI, it is highly recommendedthat you utilize the fix procedures in the GUI, as they cannot be run through the CLI.Although fix procedures are not available through the CLI, the system event log can stillbe monitored easily through the CLI by issuing the lseventlog command to list allunfixed events or the finderr command to list the highest priority event.

4.6 User access

To prevent unauthorized access to the configuration of the system, the GUI allows usermanagement and audit log review. User management includes the creation of newusers and the maintenance of roles and passwords for existing users. These featurescan be found on the GUI main screen by going to the Access icon on the left-hand sideof the screen and selecting Users, as shown in Figure 1 (1 of 2) below and Figure 1 (2of 2) on the following page. From there, simply double click on the user that you want tomanage or add another user with the Create User button on the top menu.

Fig. 1 (1 of 2): User management and audit log review using the GUI


Fig. 1 (2 of 2): User management and audit log review using the GUI

To utilize the user access security feature through the CLI, there are a few simplecommands to remember. Only required parameters are described. Other optionalparameters are available to CLI users and can be viewed in the IBM Knowledge Center.See Appendix A to determine how to access IBM Knowledge Center.

To display current users through the CLI, simply issue the lsuser command. Figure 2 (1of 2) below shows the result of the lsuser command. This command’s output includesthe same user information that is displayed in different areas of the GUI.

Fig. 2 (1 of 2): User management and audit log review using the CLI

To create a new user, issue the following command:

mkuser –name user_name –remote | -usergrp group_id

Where you must replace all descriptions in italics with values and you must choosebetween specifying that the user will authenticate using a remote authentication serviceor through system authentication methods. View a list of available user groups byissuing the lsusergrp command. See Figure 2 (2 of 2) below for an example of what isdisplayed.

To create additional user groups, use the following syntax:

mkusergrp –name group_name –role role_name

Where the words in italics are replaced by a value that matches their description. Localuser groups are created by default, but if you want to create a remote user group,append –remote to the end of the command statement. To view more information onuser groups, see section 4.6.1 ‘User groups’ on the next page.

Fig. 2 (2 of 2): User management and audit log review using the CLI


To remove a user, you may issue the following command:

rmuser user_id

Where the user ID for the user that is being deleted is specified in place of thedescription in italics. To remove a user group, perform the same command, but replacethe command rmuser with rmusergrp.

You or other personnel within your company are responsible for the configuration ofSSH keys, if desired. SSH keys provide secure access for users to the CLI. When usersare added to the system, the method of authentication must be specified as one of thefollowing user types:

Local UsersLocal users must provide either a password, an SSH key, or both. Local usersare authenticated through the methods predefined on the storage system. If thelocal user needs access to the management GUI, they must provide a password.If the user requires access to the CLI through SSH, either a password or a validSSH key file is necessary. Local users must be part of a user group that isdefined on the system.

Remote UsersRemote users are authenticated on a remote service with either Tivoli®Integrated Portal or Lightweight Directory Access Protocol (LDAPv3) supportsuch as IBM Tivoli Storage Productivity Center or IBM Tivoli Directory Server. Aremote user does not need local authentication methods. With Tivoli IntegratedPortal, both a password and an SSH key are required to use the CLI. WithLDAP, having a password and SSH key is not necessary. SSH keys canoptionally be configured, however. Remote users who must access the systemwhen the remote service is down must also configure local credentials. Remoteusers have their groups defined by the remote authentication service.

4.6.1 User groups

Both local and remote users added to the system are placed into role-based groups.These groups are used for day-to-day management and operation of the system. Usergroups also determine the level of access permitted to each registered user. Accessroles for each type of user is described in Table 3 on the next page. Users defined forlocal authentication can only belong to a single group; therefore, the role of a local useris defined by the single group to which that user belongs. Users with the SecurityAdministrator role can organize users of the system by role through user groups.


Table 3: Pre-defined user groups available on the FlashSystem 840 and V840

Name Role

SecurityAdmin Users with this role can access all functions on the system,including managing users, user groups, and user authentication.

Administrator Users with this role can access all functions on the system exceptthe functions that deal with managing users, user groups, andauthentication.

CopyOperator Users with this role have monitor-role privileges and can changeand manage all Copy Services functions.

Service Users with this role have monitor-role privileges and can view thesystem information, begin the disk-recovery process, and includedisks that are excluded. This role is used by service personnel.

Monitor Users with this role can view objects and system configuration, butcannot configure, modify, or manage the system or its resources.

4.6.2 Audit log

The FlashSystem 840 and V840 keep record of commands in a centralized audit log.This log generates an event entry for any executed command that leads to a change inthe system. The object creation time and the user who issues the command are alsologged as object attributes. By maintaining this log, any commands that interrupt thefunctionality of the system can be easily determined. To assist in troubleshooting, theaudit log provides multiple filtering options to limit the number of viewable entries, suchas displaying events that were issued by a specific user, within a specific time frame, orby IP address. If needed, the audit log can also be exported to a comma-separated file.


5.0 Instructions

The following sections provide instructions regarding configuration and modifying client-configurable options for some of the remote support and monitoring features availableon the FlashSystem 840 or V840.

5.1 Initial Call Home configuration using GUI System Setup wizard

The System Setup wizard automatically prompts you to enter the required informationfor initial configuration once logged into the management GUI for the first time. Thetools for changing the configuration settings implemented by this wizard can be found ineither the management GUI or the CLI. Figure 3 shows the “Welcome to System Setup”for the FlashSystem 840. This is the first step of system setup. The System Setuplaunches after you are prompted to change the default password.

Fig. 3: System setup wizard welcome window for FlashSystem 840

During the System Setup wizard, you are prompted to confirm or complete the following: System name Configure the date and time in one of the following ways:

o NTP server (preferred)o Manual

Configure the access type:o Open Access Yes: All hosts have access to all volumeso Open Access No: Volumes must be mapped to hosts

Set up Call Home Number of flash modules Summary of changes

For instructions regarding the complete configuration process provided by the systemsetup wizard, please see Section 4.3.3 ‘Initializing the System through the Web


Management Interface’ from Implementing IBM FlashSystem 840 Redbook. Thefollowing instructions begin at the Call Home window in the system setup wizard.The following table outlines the requirements for proper configuration of IBM Call Home:

Table 4: Call Home configuration information

Call Home Config Requirement Value Details

SMTP Address IP Address Your SMTP Server IPAddress

Email Destination Address [email protected]

[email protected]

The SMTP server must allowrelaying to this emailaddress.

To configure Call Home using the System Setup wizard:1. Click Next when prompted to set up Call Home as the Yes option is chosen by

default.

Fig. 4: Call Home configuration prompt, system setup wizard.

2. The System Location panel is displayed. Enter the company name and theaddress where replacement parts for the storage system will be shipped. ClickNext when complete. See Figure 5 on the following page.


Fig. 5: System location pane for Call Home configuration

3. The Contact Details panel is displayed. The information entered here shouldreflect the details of the selected representative for your company that IBMsupport will contact if a serviceable event occurs or further investigation into thestatus of a system needs to be implemented. Click Next once all the requiredinformation has been input. See Figure 6 for reference.

Fig. 6: Contact details for Call Home, system setup wizard

Contact details provided during Call Home configuration must be updated as personnelchange to ensure IBM support can contact you in case of a serviceable event.


4. Enter the IP address and the Transmission Control Protocol (TCP) of yourcompany’s email server. Multiple email servers can be configured by clicking theplus sign (+) to the right of the Server Port box as shown in Figure 7 below.

Fig. 7: Email server setup for Call Home

5. Now configure event email notifications. Email notifications to IBM support areautomatically configured. It is, however, recommended that designated personnelfrom your company are notified if any issues occur that require attention. Sendingemail notifications to designated personnel is valuable if email transit to IBMsupport fails. Email transit failures can happen in an SMTP server outage or if theSMTP server IP address is changed without the Call Home function beingupdated correctly.

Figure 8 on the following page shows the panel where event notification isconfigured. Multiple contacts can be configured by clicking the plus sign (+) to theright of the Event Type box.


Fig. 8: Optional Event Notification configuration window

6. Click Apply and Next once all of the email recipients for event notifications havebeen entered. The Summary panel will display where all of the Call Homeconfiguration details are shown. After reviewing the information entered, clickFinish to apply the settings and complete the system setup wizard.

5.2 Call Home configuration using the GUI or CLI after initial setup

If you have already gone through initial setup and did not set up Call Home, you mayconfigure Call Home notifications at any time through the GUI or the CLI. Instructions onsetting up Call Home after initial setup are included in the following sections.

5.2.1 Call Home configuration using the GUI after initial setup

After initial setup through system setup wizard, Call Home can be enabled through theGUI if it was not enabled through the system setup wizard. To set up Call Homethrough the GUI, select the Settings icon found on the home page of the GUI, thenhover over and select Notifications. To enable email notifications, select EnableNotifications. Follow the directions previously listed in Section 5.1 ‘Initial Call Homeconfiguration using GUI system setup wizard.’ See Figure 9 on the following page.


Fig. 9: Configuring Call Home after initial system setup

5.2.2 Call Home configuration using the CLI after initial setup

Call Home can be configured from the CLI after initial setup through the GUI. One ormore email users can be configured to receive notifications in the event of an error. Todo this, follow these steps:

1. Create an email server by issuing the following command, replacing parametersin italics with the described values:

mkemailserver –ip ip_address –name server_name –email email_address–gateway gateway_ip

2. Create one or more email recipients. Local and support users can be created.Support users will use the email listed in the example below, while local users willuse a personal email address. Enable notifications to IBM support personnel byissuing the following command, replacing parameters in italics with the describedvalues and choosing between options between the vertical bars:

mkemailuser –name user_name –address [email protected]–usertype support | local –inventory on | off –error on | off–warning on |off –info on | off

3. Change the email settings for the user created or any previously created byissuing the following command, replacing parameters in italics with the describedvalues:

chemail –reply reply_email_address –address street_address –citycity –state state –country country –organization organization–contact contact_name –location building_location –primaryprimary_phone –zip zip_code


4. Start email notifications by issuing the following command:

startemail

5. Send a test email notification by issuing the following command, replacing theparameter in italics with the user name that was set up using the mkemailusercommand in step 2:

testemail user_name

5.3 Viewing Call Home data sent to IBM support

The diagnostic information sent to IBM support during an error-initiated Call Home isviewable by you or other company personnel, if desired. Configuring email notificationsto be sent to both IBM support personnel and an email owned by your company duringa Call Home allows exact reports to be sent to each designated recipient. This allowsyou or other company personnel to review the information sent and verify independentlythat company-sensitive information is never transmitted to IBM support.

To set up a duplicate Call Home notification to be sent to a company email, pleasefollow the instructions below.

1. Log in to the FlashSystem management GUI using your defined user name andpassword.

2. From the management GUI home screen, hover the cursor over the Settings iconto reveal the Settings menu. Then select Notifications. See Figure 10 below.

Fig. 10: FlashSystem Management GUI, Settings menu.

3. From the Notifications window, select the Email tab on the left hand side of thescreen to open the configuration settings for email notifications. Select Edit toadd an additional destination email address for which notifications of Call Homewill be sent. See Figure 11 on the next page.


Fig. 11: Email configuration window.

4. To add an email recipient, navigate to the Email Users section. The information for IBMsupport should be displayed in this section because it was defined as the primaryrecipient of Call Home Notifications during initial configuration. Select the circular plus(+) button located next to the Test button to add an additional email recipient. SeeFigure 12 below.

Fig. 12: Add new email destination button.

5. In the open text fields, enter the User Type, the Email Address of the desired recipient,and the Event Type you would like to receive notifications for. If Inventory alerts are alsoenabled on your storage system, select the Inventory check box to receive notificationsregarding this transmission protocol also.

6. Once additional email recipients have been specified, click the Save button located atthe top of the window to save the newly configured Email Notification settings on yourstorage system.

5.4 Manual collection of support logs

For certain serviceable events, IBM support may request additional log files to assist inthe diagnostic process. To download the Support Package from the Management GUI,please complete the following steps:

1. Hover over the Settings icon in the Navigation menu to reveal the Settingsmenu. Select Support, then Select Download Support Package as shownbelow. See Figures 13 (1 of 2) and 13 (2 of 2) on the next page.


Fig. 13 (1 of 2): Download Support Package window from Management GUI

Fig. 13 (2 of 2): Download Support Package window from Management GUI

2. Choose the type of Support Package desired and click Download. The followingsupport packages are available: Standard logs

Standard logs contain the most recent logs that are collected for the system.These logs are the most commonly used by Support to diagnose and solveproblems.


Standard logs plus one existing statesaveThese logs contains the standard logs for the system and the most recentstatesave from any of the nodes in the system. Statesaves are also known asdumps or livedumps.

Standard logs plus most recent statesave from each nodeThese logs contain the standard logs for the system and the most recentstatesave for each node in the system.

Standard logs plus new statesavesThese logs generate new statesaves for all nodes in the system andpackages them with the most recent logs.

IBM support usually requests that you choose the Standard logs plus newstatesaves option. These logs can take from minutes to hours to download fromthe FlashSystem 840 and V840, depending on the situation and the size of thesupport package being downloaded.

3. Once the download is complete, click Save File and then OK. The file will thenbe saved on the system where the web browser was launched.

4. If IBM support has requested the log files be uploaded to your assigned problemmanagement record (PMR) number, use EcuRep as the upload medium to IBM.EcuRep is accessed via the following URL:

http://www.ecurep.ibm.com/app/upload


Appendix A: Additional publications and resources

How to access IBM Redbooks publications

You can search for, view, or download IBM Redbooks® publications, Redpaper™

publications, Hints and Tips, draft publications and additional materials, as well as order

hardcopy IBM Redbooks publications or CD-ROMs, at this website:

www.ibm.com/redbooks

IBM Redbooks publications

For information about ordering this publication, see “How to Access IBM Redbooks

Publications” in the section above. Note that the following documents might be available

in softcopy only.

IBM FlashSystem 840 Product Guide, TIPS1079

IBM FlashSystem V840 Product Guide, Tips1158

IBM FlashSystem 840 Installation Guide, GI13-2871

Implementing IBM FlashSystem 840, SG24-8189

IBM FlashSystem 840 Troubleshooting, Recovery, and Maintenance Guide,

SC27-6297

Other publicationsThese publications are also relevant as further information sources:

Implementing FlashSystem 840 with SAN Volume Controller, TIPS1137

Flash or SSD: Why and When to Use IBM FlashSystem, REDP-5020

Faster DB2 Performance with IBM FlashSystem, TIPS1041

IBM FlashSystem in IBM PureFlex System Environments, TIPS1042

Faster Microsoft SQL Server Performance with IBM FlashSystem Storage,

TIPS1038

Fabric Resiliency Best Practices, REDP-4722

Online resourcesThese websites are also relevant as further information sources:

IBM FlashSystem family product page:http://www.ibm.com/storage/flash

IBM FlashSystem 840 Information Center:http://pic.dhe.ibm.com/infocenter/flshsstm/cust/index.jsp

IBM FlashSystem V840 Knowledge Center:http://www.ibm.com/support/knowledgecenter/ST2HTZ/landing/FlashSystem_V840.htm

IBM FlashSystem 840 Support Portal and product documentation:http://www.ibm.com/support/entry/portal/product/system_storage/flash_storage/flash_high_availability_systems/ibm_flashsystem_840?productContext=-1932657286


IBM FlashSystem V840 Support Portal and product documentation:http://www.ibm.com/support/entry/portal/product/system_storage/flash_storage/flash_high_availability_systems/ibm_flashsystem_v840?productContext=863560521

IBM Redbooks Solution and Product Guides for the IBM FlashSystem family:http://www.redbooks.ibm.com/Redbooks.nsf/RedbookAbstracts/sg245250.html?Open

IBM System Storage Interoperation Center (SSIC):http://www.ibm.com/systems/support/storage/ssic/interoperability.wss

Help from IBM IBM Support and Downloads:

www.ibm.com/support IBM Global Services:

www.ibm.com/services


Appendix B: Heartbeat data contents

The following list outlines all of the information collected by IBM Support during aHeartbeat transmission on the FlashSystem 840 and/or V840 storage system.

Customer contact information (name, address, phone number, email address, country…)

Services enabled on the system (email notification, SNMP, SSH …. )

Time Heartbeat is sent every day

Time zone of the system

Storage configuration

System total capacity

RAID level used

State of the RAID array

RAID rebuild in progress

Flashcard acting as spare (if any)

Number of volume configured

Storage allocated

Storage remaining

Volume maximum size

SCSI reservation counters

Number of access policies vs open access

Vital Product Data (serial numbers of components in the system, type…)

States of sensors in the system (temperature, cards voltage…)

Flash cards health (location in the machine, number writes, erase, run time…)

Unresolved hardware error

SCSI statistics

Interface cards state (link speed, connection …)

Connected ports (to correlate connections between AE1 and AC1 modules in v840

models)

Fans speed

Battery health (health, charge…)

Volumes meta data

Last 24 hours overall system performance statistics

Documents

IBM FlashSystem 840 & FlashSystem V840