Professional Documents
Culture Documents
January 2022
Rev. 02
Notes, cautions, and warnings
NOTE: A NOTE indicates important information that helps you make better use of your product.
CAUTION: A CAUTION indicates either potential damage to hardware or loss of data and tells you how to avoid
the problem.
WARNING: A WARNING indicates a potential for property damage, personal injury, or death.
© 2021 - 2022 Dell Inc. or its subsidiaries. All rights reserved. Dell, EMC, and other trademarks are trademarks of Dell Inc. or its subsidiaries.
Other trademarks may be trademarks of their respective owners.
Contents
Chapter 1: .................................................................................................................................... 4
................................................................................................................................................................................................. 4
Revision history.............................................................................................................................................................. 4
Product descriptions..................................................................................................................................................... 4
New features.................................................................................................................................................................. 5
Resolved issues.............................................................................................................................................................. 5
Known issues and limitations.......................................................................................................................................7
Environment and system requirements.................................................................................................................. 16
Installation and update considerations................................................................................................................... 20
Where to get help....................................................................................................................................................... 30
Contents 3
1
Topics:
•
Revision history
Table 1. Publication history
Document revision Date Description
01 January 2022 Initial release
Product descriptions
These release notes contain supplemental information about DDOS, PowerProtect DDMC, and PowerProtect DDVE.
Use the following QR code or link to access the PowerProtect and Data Domain core documents produced by Dell Information
Design and Development (IDD) team for the Dell PowerProtect and Data Domain products.
DDOS
DDOS is the intelligence that powers Data Domain and PowerProtect systems. It provides the agility, security, and reliability that
enables the platform to deliver scalable, high-speed, and cloud-enabled protection storage for backup and archive. The DDOS
Data Invulnerability Architecture™ protects against data integrity issues from hardware and software failures.
DDMC
DDMC is a scalable, virtual system-based solution for centralized management of multiple physical and virtual systems.
● DDMC stores current and historical data for all managed Data Domain and PowerProtect systems, with subject presentation
ranging from site-wide summaries to granular detail for a selected object.
● DDMC can configure and monitor storage on multiple Data Domain and PowerProtect systems, including those systems
configured for secure multitenancy, high availability, DD Boost backup, and replication.
● DDMC is composed of browser-based pages and runs on a VMware, Hyper-V, kernel-based virtual machine, or public cloud
(for example, Amazon Web Services (AWS), Google Cloud Platform (GCP), or Microsoft Azure) environment.
See the product support pages on www.dell.com/support for detailed user documentation.
DDVE
DDVE is a software-defined version of Dell EMC PowerProtect DD Series: a virtual deduplication appliance that provides data
protection for small-to-medium sized business, enterprise, and service provider environments.
● Like any Data Domain or PowerProtect system, DDVE is typically paired with backup software.
4
● DDVE runs DDOS, and provides the DDOS command line interface (CLI) and the DD System Manager user interface (UI) for
performing system operations.
● DDVE maintains the core features that differentiate it as the industry-leading protection storage. This includes high-speed,
variable length deduplication for a 10 - 30x reduction in storage requirements, unparalleled data integrity to ensure reliable
recovery, and seamless integration with leading backup and archiving applications.
● DDVE also works with DD Boost, which can speedup backups by 50% or more, DD Encryption for enhanced security of data,
and DD Replicator, which enables network efficient replication for faster time-to-DR (Disaster Recovery) readiness.
See the product support pages on www.dell.com/support for detailed user documentation.
Security updates
Attention: There may be security updates available for this product. Please always consult https://www.dell.com/support/
security, prior to commissioning, to determine if any applicable security updates are available for download and application. We
further encourage you to sign up for Security Alerts at the same URL to be proactively notified of new Security Alerts that Dell
issues.
There may be security updates available for this product. Please always consult https://www.dell.com/support/security, prior
to commissioning, to determine if any applicable security updates are available for download and application. We further
encourage you to sign up for Security Alerts at the same URL to be proactively notified of new Security Alerts that Dell issues.
New features
See the Dell EMC DDOS, PowerProtect DD Virtual Edition (DDVE), and PowerProtect DD Management Center (DDMC) Release
Notes for new features.
NOTE: Directory replication will be end-of-life (EOL) in a future DDOS release. Contact Support if additional assistance is
required.
PowerProtect DD Series Appliances REST API resource: https://developer.dell.com/products/data-protection
Resolved issues
DDOSCFD-8245 Fixed issue which caused Data Domain Cloud tier to panic on AWS.
DDOSCFD-9678 Issue fixed where data movement to cloud led to missing segment (index lookup for read
request panicked).
DDOSCFD-6850 There was no check to evaluate the leaf page in the cursor after cursor upgrade.
DDOSCFD-7854 Semaphore issue caused garbage collection to stall. Active garbage collection was unable to start.
DDOSCFD-7925 Host validation was corrected.
5
Table 3. DDOS File System (continued)
Issue Description
DDOSCFD-8496 Kernal panic on DD9300 (non-HA) system with system reboot. Message contained:
dd_disk.c:1668 dd_disk_massage_error:: PANIC because of reservation
conflict.
DDOSCFD-8555 Coredump issue with Intelligent Core Debugger (ICD) tools which caused deadlock was fixed.
DDOSCFD-8583 Enhancements using Intelligent Core Debugger (ICD) tools and stop gaps fixed this stop core issue
which filled up /ddr/var/core.
DDOSCFD-9040 Unable to receive mail with autosupport test asup-detailed command. The fix added a
check to send mail when command is run.
DDOSCFD-9070 DDVE Active Tier was unavailable and file system was not running. Disks were in (K) known state
resulting in the provisioning storage error.
DDOSCFD-9589 Logs showed TCP Port 32784 set as open in net filter autorule.
DDOSCFD-9262 Command did not work for ethMx port: # system show stats custom-view net <port>.
6
Table 8. DDVE
Issue Description
There are no fixed issues for DDVE in this release.
Table 9. DDMC
Issue Description
DDOSCFD-8761 DD Management Center upgraded from DDOS 6.2.1.60 to DDOS 7.7.0.0 experienced slow DDMC
responses after upgrade.
7
Table 11. Cloud known issues and limitations (continued)
Issue Problem Description Workaround/Resolution
4. Add all EBS volumes to DDVE on S3
storage, but do not create file system.
5. Proceed with system recovery.
214514 In the DDOS 6.1.2.5 release, the DD system only supports Restart the file system to enable the
ECS with version of 3.2.1 or higher. If this recommended multicopy capability.
practice is not followed, and the ESC is updated to 3.2.1
or higher version after DDOS 6.1.2.5 is deployed, the
multicopy capability may not be enabled.
208590 Here are two scenarios where DDFS cannot be enabled The headswap will be successful when the
during a headswap: DDVE reboots after using the headswap
1. An invalid instance type/configuration is used for the command. Due to the wrong instance type,
new head the DDFS will not be enabled after the initial
2. A valid instance type/configuration is used but it boot for DDVE.
doesn't match 1. An alert will be raised and you will be
asked to change the instance type.
2. Power off the DDVE and change the
instance type to the correct one.
3. Power on the DDVE, the DDFS should
now load automatically
169334 When using CLI command cloud clean frequency Run the command with <interval> as a
set <interval>, if interval is given as a string, number.
the frequency is defaulted to never. For example, the
command cloud clean frequency set abc sets the
DD Cloud Tier cleaning frequency to never.
168583 In case of failure during fmig or GC, on restart fmig or No workaround available.
GC might take a while to start due to cloud unit recovery.
Amount of time depends on amount of data to recover,
network speed, and other system-related variables.
168269 The WAN route that is used depends on the source Set a static route for range of the valid AWS
address. Since the source address is not definitively set IP in the main routing table.
(normally done by using bind), the source address that is
used may cause the data to go over the admin port (usually
1 Gb/s) instead of the data port (usually 10 Gb/s).
164704 Single Cloud Unit unavailable event due to retries and There is no workaround for this issue.
timeouts observed with DD9500 and ECS as cloud target.
151561 Files in the cloud tier can be accessed while in the nfs client There is no workaround for this issue.
cache.
8
Table 12. DD Boost known issues and limitations (continued)
Issue Problem Description Workaround/Resolution
multiplexing, this can cause the DD system to falsely
detect Oracle markers, even if you are not running Oracle
data backup operations. However, the app-optimized-
compression option on the filesystem command is not
set by default, and even if you do set it, you can safely
ignore the reports of falsely detected Oracle markers.
63110 With Distributed Segment Processing disabled, when a If you encounter this situation, contact
Backup Exec backup job runs into a hard quota limit on a Support for advice on how to proceed.
DD Boost storage unit, the backup job fails, and the backup
image is not deleted from the DD system. In this situation,
the image cannot be erased from within the Backup Exec
GUI.
9
Table 13. File system known issues and limitations (continued)
Issue Problem Description Workaround/Resolution
250248 When viewing the Cache Tier on Non-7.0 DD systems, the There is no workaround.
disks view is displayed instead of the enclosures after the
full license has been applied.
247976 The system panics when seeding GC is used to read Active Run the FMIG by disabling the seeding.
Tier containers with cloud tier. The DD system currently To prevent system panic, use the
supports CMETA cache for Active Tier only. following: # ddsh -s reg set
system.FMIG2_SEEDING_ENABLED=0 #
ddsh -s fi restart
236410 Sometimes the Retention Lock report does not display the Filesystem sync or flush to get the updated
correct cooling-off period during a backup. The accurate cooling-off period.
values are shown once the backup is complete.
215125 Updating an eLicense on the DDVE during the data ingest Disable the files system or stop the ingest
or expunge (garbage collection) process may generate a and garbage collection before adding a new
DDFS core in the backend. eLicense on the DDVE.
184580 If the customer loses the log in credential for a cloud based 1. Build new DDVE
DDVE, there is no process to reset it. 2. Detach/unmount the EBC data volumes
from the "broken" DDVE
3. Configure the new DDVE
4. Attach/mount the EBS data volumes to
the new DDVE
5. Restart the new DDVE to detect the new
volumes
6. Perform some type of headswap to import
the new DDVE
171683 DSA-based authentication for passwordless SSH in not Use RSA-based authentication.
supported.
171163 This release fixes the virtual synthetic file issue which No workaround available.
causes HMON to panic.
162598 When a remote IP with subnet is added to a tenant-unit, To reproduce, complete this process. Pre-
a range of ips becomes associated with that tenant-unit. requisites
According to mutual exclusion rule for remote-ips, tenant- ● Tenant-unit tu1 belongs to tenant t1
units belonging to different tenants should not share ● Tenant-unit tu2 belongs to tenant t2
remote ips. But a remote IP belonging to that subnet range
Steps:
is allowed to be added to another tenant currently.
1. Add local data-ip ip1 to tenant-unit tu1
2. Add remote data-ip ip2 (192.168.0.1/24)
to ip1 (from step1) to tenant-unit tu1
3. Add a list of 3 local data-ip and list of
remote data-ips using single cli to tu2. Use
remote ips of same subnet. For example,
192.169.0.10, 192.169.0.20, 192.169.0.30
161459 For a controller upgrade, the storage add tier Perform storage remove of SSDs and storage
cache command requires additional storage in the cache add of the cache SSDs to ensure required
tier. storage.
150633 Using floating hostname/IP to connect to HA system The solution is to clear the entry in the
through CLI, if SSH fingerprints are stored in the known- known host list. For more information, see the
hosts list of your local shell, then after HA-failover, you will KB article SSH connections to a floating IP
get a "Host identification" error. (A floating hostname/IP address on a Data Domain High Availability
mapping was done for the previous node.) (DDHA) pair may fail after system failover,
available from the Online Support website.
146536 On an HA system if a failover occurs, system parameters If you run se sysparam set to change
that were set using the se sysparam command in rare system parameters on the active node of an
cases may not be propagated to the surviving node. HA pair, run the CLI command filesys restart
10
Table 13. File system known issues and limitations (continued)
Issue Problem Description Workaround/Resolution
on the standby node to make the change take
effect.
228094 Fix firmwares are not updated on DD3300. Starting in Manually clear the iDRAC job queue and
release 6.2.0.1, DD3300 automatically updates system's then reboot the system. For additional
firmwares. Sometimes, the update process fails due to the details, see KB article Data Domain: DD3300:
job being stuck in iDRAC's job queue. The defect affects EVT-FIRMWARE-00002 - Outdated firmware
DD 3300 systems that runs 6.2.0.1 or later DDOS version. version reported, available from the Online
Support website.
225518 If a user has an issue with a DDVE cloud tier evaluation Apply a license file without cloud tier
license, use this workaround. capacity.
11
Table 14. General known issues and limitations (continued)
Issue Problem Description Workaround/Resolution
216515 In Azure, ending characters are truncated from a hostname Create hostnames that are no longer than a
when the hostname exceeds 63 characters in length. maximum length of 63 characters.
153672 Backup jobs that are run from AIX clients to HA systems To have the AIX client recognize the new
via Fibre Channel do not survive an HA failover. AIX clients server, run these two AIX-specific commands
work the same way on an HA pair as they do on a single- on the client:
node system. The AIX driver does not recognize changes to
the fibre environment once loaded into memory.
#rmdev -Rdl DDdfc
#cfmgr
136906 The DD System Manager no longer manages multiple To manage multiple systems from a single
systems; reports are also no longer available in DD System program, use the DD Management Center
Manager. software instead.
DDOS-134193 Systems gives an error message. Ensure file name is correct for DD 7.8
systems and later. Use CLI for systems before
DD 7.8.
DDOS-45955 Sometimes filesys create fails on the first attempt Rerun the filesys create CLI or recreate
but succeeds on the second attempt. file system on the DDSM user interface.
252090 The user idrac create CLI command causes iDRAC The system must be rebooted after the
to be reset. This reset causes the iDRAC interface to be user idrac create command has been
renamed. This causes the system to return the following executed.
error when the net show settings CLI command is
issued: "SMS command failed: No interfaces found."
180899 The DDVE in Azure and AzureGov Cloud's default setup The Full hostname (hostname + domainname)
may run into hostname setting issue. As a consequence the should be under 64 character length for
user may see the issues mentioned below, but not limited DDOS. It is better to have a shorter hostname
to: so the total length of Full-hostname does not
1. Inaccessible GUI exceed 63 characters. For Example:
12
Table 15. Networking known issues and limitations (continued)
Issue Problem Description Workaround/Resolution
2. Replication configuration failure ● Given the default domain name in Azure/
This is because the default setup/default configuration in AzureGov cloud: (56 characters)
Azure and AzureGov clouds are serving large domain name 1ve22qff0akexmql2lzz14nnng.ax.internal.u
through DHCP response. The DDOS has a limitation of sgovcloudapp.net
maximum of 64 characters of full-hostname a.k.a FQDN, ● The hostname name would be
which is combination of hostname + domainname. Generally "ddveproduction" making the full-
production setups in Azure and AzureGov clouds will hostname to: (71 characters, NOT OK).
reconfigure domain settings reflecting their org name. If ddveproduction.1ve22qff0akexmql2lzz14n
so the hostname setting will NOT be an issue as the org nng.ax.internal.usgovcloudapp.net
domain name will not be as long as the default setup is ● In this case, use hostname like "ddve01"
providing. which results in full-hostname length to
be: (63 characters, OK).
ddve01.1ve22qff0akexmql2lzz14nnng.ax.in
ternal.usgovcloudapp.net
13
Table 17. Known issues and limitations in DDVE (continued)
Issue number Problem description Workaround
match the hostname. Contact support for
assistance in discovering the certificate name
and approach for resolution.
192308 When DDVE is deployed in Azure, the DDVE instance Azure requires the use of an SMTP relay to
cannot send support email messages to an external domain. send email messages to external domains.
The Microsoft Azure Support Team Blog
post Sending E-Mail from Azure Compute
Resource to External Domains provides more
information.
191982 When DDVE is deployed with a specific DNS-specific setup, 1. Use a short hostname (with a maximum
Azure defaults with a 51-character hostname. length of 12 characters) when you initially
deploy.
2. If you did not use a short hostname at
initial deployment, change the hostname
(using a shorter length) and generate a
new certificate.
188149 If the system has already been configured to use license Workaround is to reboot or wait 24 hours.
server and already checked out some served licenses, after
the system upgrade, those licenses may go into grace
period and some unexpected alerts may be generated.
Users can first run telnet <license-server-ip>
<license-server-port> to verify the connection
between the DDVE and the license server. If the connection
is good, users can wait for 24 hours to check if the licenses
become "Served" again.
N/A Below “vserver” related commands are disabled for DDVE There is no workaround for this limitation.
on Hyper-V with DDOS 7.2.0.90, DDOS 6.2.1.80 and DDOS
version later than 7.5.
● vserver config set host
● vserver config reset
● vserver config show
● vserver config perf-stats start
● vserver config perf-stats stop vserver
config perf-stats status
N/A DD Boost hard stream limits are only enforced with the DD There is no workaround for this limitation.
Boost plug-in for Open Storage versions 3.2 and higher.
N/A Data may continue to get encrypted after deleting the The workaround is to restart the file system
evaluation encryption license. on the DDVE instance.
N/A Taking VMware snapshots of the DDVE virtual machine is There is no workaround for this limitation.
not supported.
N/A VMware vCenter still prompts to install VMware tools even Do not install VMware tools when prompted
though DDVE uses a different set of virtual machine tools. by vCenter.
N/A DDVE does not support SMT. When a DDVE instance is There is no workaround for this limitation.
replicating data to a system with SMT, the security mode of
the destination tenant-unit cannot be set to strict.
N/A Workloads with many small files may impact DDVE There is no workaround for this limitation.
performance and file system cleaning.
N/A Running a DDVE instance disrupts the resource slot size To avoid this issue, manually specify
calculations that are required for VMware vSphere high an upper limit for the CPU and
availability. memory reservations in vSphere. The
ESXi and vCenter Server Documentation
available on the VMware website (https://
14
Table 17. Known issues and limitations in DDVE (continued)
Issue number Problem description Workaround
www.vmware.com/support/pubs/) provides
more information.
DDOS-105302 Azure DDMC deployments may cause the UI to be Enable http/https by using the CLI
inaccessible upon initial reboot. adminaccess enable https
DDOS-93715 When using DDMC UI to update DDMC from 6.1, 6.2, 7.0, No workaround. The overall upgrade result is
7.1, 7.2, 7.3, 7.4 to 7.5, even if the precheck fails, the UI still not impacted by this issue.
reports precheck is successful. The subsequent upgrade
fails as expected. This issue has been fixed in DDMC 7.5
so upgrading from 7.5 to later release will not encounter
this problem.
DDOS-95015 When resources like database connections run out, No workaround
db_prune issue is seen as a side effect. The database
pruner runs every hour, and the chances of encountering
this issue are low with no functionality issues experienced.
The pruner will run and take care of clearing old records and
if it fails it will be cleaned in next cycle.
DDOS-92352 If you have a DDMC with many DD systems or DDVEs with No workaround
replication configurations of DD Boost, depending on the
usage of DD Boost some replication context destinations
show as NONE in the DDMC UI screen.
DDOS-79303 If you add a DD with >140 PCM schedules, DDMC may No workaround
not be able to add such systems or even if added may fail
during configure workflows later.
DDOS-41151 If multiple users try to change the same dashboard tab No workaround
simultaneously, the second commit overwrites the first
commit.
253960 When using the UI to upgrade from DDMC 6.2.0.35 or Use another method, such as FTP, to copy
earlier to DDMC 7.0, the .RPM file cannot be uploaded to the .RPM file to the /releases directory on
the DDMC host. the DDMC host.
15
Table 18. Known issues and limitations in DDMC (continued)
Issue Number Problem Description Workaround
252106 If you upgrade DDMC 6.2 to DDOS 7.0, the system does No workaround
not display an error or alert that DDMC 7.0 does not
support systems running DDOS 6.0.X.
204558 If the Secure Remote Services host is renamed or due to Follow Secure Remote Services registration
DNS resolution issues, the ability of the Secure Remote procedures and if the registration fails,
Services registration process to complete successfully may validate that the Secure Remote Services
be affected. short and FQDN hostnames have proper
forward and reverse lookups. In the case
of the Secure Remote Services host
being renamed after installation, the host
certificate may no longer match the
hostname. If this is the case, contact support
for assistance in discovering the certificate
name and approach for resolution.
203354 DDMC may run low on available capacity in /ddr/var/cores. Delete the core files.
201507 Upgrade dialog box and Jobs page show status of upgrade Upgrade may or may not have succeeded. If
jobs. Upgrade job waits for 30 minutes for system to restart upgrade was successful, inventory page will
and reconnect to same network address. The job is marked display the new serial number after about 30
as failed 30 minutes has passed. minutes since DDMC collects configuration
data in 15-minute interval.
182029 IPv6 gateway is not supported on Amazon Web Services. No workaround
77129 You cannot log in to the DDMC if the /ddr/var/ partition The workaround is to log in using the CLI or
(also known as /ddvar) is full, or nearly full, and the else wait 5–10 minutes before logging in with
monitored systems use several different DDOS versions. the UI. (For information about how to free up
space on the /ddr/var/ partition, see the
DDOS Administration Guide for the correct
version of the DDOS.)
Support matrix
See the E-Lab Navigator website on the support website for compatibility and interoperability information.
DDMC requirements
NOTE:
For compatibility with this release of DDMC, ensure that your DDMC system and client system tools meet the following
environment and system requirements.
16
Table 19. System requirements
# of systems managed virtual CPU (vCPU) memory (GB) VM disk size - base install +
database + DD services disk
(GB)
1–150 4 vCPU 8 40 + 200 + 100
NOTE: These configurations are fixed for all combinations, and the changing of any of the individual components of these
settings is not supported. You cannot increase the memory, change the CPU settings, and so on.
Supported browsers
The following browsers are supported for use with the DD System Manager and DDMC:
17
NOTE: To identify and correct issues that might occur when using the Kerberos authentication method from Microsoft's
Active Directory with the Data Domain system, see the KB article: Data Domain - Windows Authentication Issues with the
Data Domain System Configured for Active Directory, available from the http://www.dell.com/support website.
Other browser versions may also work; these particular versions have been validated.
File downloads
If you receive a certificate error, see your internet browser instructions to either bypass the error or to install the self-signed
array certificate.
# filesys enable
For information, see the KB article: Data Domain - The Data Domain File System (DDFS) May Be Disabled if There is a
Backwards Jump in System Time Configured on the System available on the http://www.dell.com/support website.
#filesys status
3. Verify disk state.
18
#ping dev-bw-3.datadomain.com
#vtl status
For information, see the KB article: Performing a Health Check on a Data Domain Device available on the http://www.dell.com/
support website.
CLI equivalent
1. To set up the administrator email, enter:
19
# support notification method set connectemc
Support notification method set to "connectemc".
5. To show the notification setup, enter:
After the completion of each update to a newer release family, it is recommended you perform a spot check of the updated
system by verifying that the expected files are present and readable from either a CIFS, VTL, or an NFS client.
When performing multiple successive updates on a system with Avamar snapshots running DDOS 6.0.X or earlier, the KB
article: Avamar-Data Domain Integration: After upgrading Data Domain to 6.1.x, Avamar snapshots don't expire on Data Domain
describes how to fix an issue where Avamar snapshots do not expire as expected.
Update to 7.7.1.0 using the UI is only possible from the following releases: 6.0.2.70, 6.1.2.70, 6.2.1.x, 7.0.0.20, 7.1.0.20, 7.2.x,
7.3.x, 7.4.x, 7.5.x, and 7.6.x. Other releases must download the corresponding MDU bundle from the http://www.dell.com/
support site before upgrading to 7.7.1.0 in one hop, and follow the update instructions as described in Updating to DDOS version
7.7.1.0.
20
● Upload the MDU bundle mdu-update-bundle-<version>-releases.rpm according to the version running on the
system. For example if the system is running 6.1.0.20, update mdu-bundle-6.1-releases.rpm. Upload the RPM to the
same location as that of a system RPM, /ddvar/releases/.
● Perform a system update with the MDU RPM, which should take a few minutes.
● After the MDU update is completed successfully, you can move on to complete the update to 7.7
The time for the update process to run depends on the platform and amount of data on the system.
NOTE: For update to DDOS 7.7.1.0:
● It is recommended that you have at least 10% free space available on the DD system before update.
● For collection replication: If replication is setup between the new PowerProtect DD system (DD6900, DD9400, and
DD9900) as source and DD system as destination, then the default local compression on the destination system must be
set to gzfast.
Be aware of the following before you perform the update to DDOS 7.7:
● When upgrading to a DDOS 7.7, the update cannot proceed if LUN numbers greater than 255 and initiators are present
in the same group. The update proceeds once the LUN numbers greater than 255 have been removed from the identified
groups or one or more initiators are removed from the identified group. It is necessary to remove (at an operating system
level) any of the VTL devices from the initiators that are associated with blocking the update. Initiators with an address
method set to VSA block the update and do not require any changes. Once the update has completed, the removed initiators
or devices can be added back to the configuration on the system. It is necessary to rediscover the VTL devices on any of the
initiators that are associated with blocking the update. See the KB article: Data Domain - Duplicate LUNs on host or no LUNs
visible to the initiator within VTL Environment, available from the http://www.dell.com/support site.
● If you are using NetWorker with VTL, you should take the following steps to mitigate any data compression loss:
○ Set the NetWorker tape block size on the Media Server to 256 KB. This value is safe for all operating systems and
drivers.
○ To avoid low deduplication rates due to multiplexing of multiple backup streams, it is recommended setting NetWorker
device properties "target sessions" and "maximum sessions" to 1. For further options on multiplexed backups to Data
Domain VTL, see the NetWorker documentation available from the http://www.dell.com/support site.
● For systems using CommVault for backups, the chunk size must be increased. See the KB article: Commvault Backup Fails
with Chunk Size Mismatch for instructions on how to increase the chunk size.
● In some systems, registry parameters might have been overridden by the SE to tune them for the environment. If you know
that the SE has overridden registry parameters, contact the support provider or go to the http://www.dell.com/support site
before upgrading to DD X.x, as those parameters may or may not require must be reset before upgrading.
● For systems that are already part of a collection replication pair, update the destination system first, and then update the
source system.
● For a DDOS update, it is not necessary to disable replication on either system in the pair.
● Do not attempt to power off the system while the update process is running.
● For an HA system, ensure both active and standby node are online before performing an update.
● For HA update from any older release than 6.1.2.70 to 7.7, use mdu-update-bundle-6.1-releases.rpm to update
both nodes first, and then update it to 6.1.2.70 and then update to 7.7 from the appropriate download or support site.
● For HA update from 6.2 release to 7.7, use mdu-update-bundle-6.2-releases.rpm to update both nodes first, and
then update to 7.7 from the appropriate download or support site.
NOTE:
● New Replication contexts using DD System Manager have a limitation. Only 6.2 or later releases could create a
Replication context with DDOS 7.7.1 using DD System Manager.
● The DD System Manager 7.7.1 now supports new replication context creation (Inbound/Outbound) between DDOS 7.7.1
and 6.2 (and releases later than 6.2).
● Directory replication will be end-of-life (EOL) in DDOS 7.7.1 release. Directory-to-MTree replication migration in the
DDOS Administration Guide provides instructions to migrate existing directory replication contexts to MTree replication
before upgrade to DDOS 7.7.1 . Contact Support if additional assistance is required.
1. Run the following command to verify that the system is running a DDOS version eligible for this update: system show
version
2. If the system is not running an update-eligible version of DDOS, perform a multistep update to meet the DDOS version
update requirements.
a. Gather the necessary release notes for the exact steps to update your system from its current DDOS version to an
update-eligible version.
The most current release notes for all versions of DDOS can be found on the https://www.dell.com/support site.
21
NOTE: The immediate release after DDOS 5.7 is DDOS 6.0.
b. Verify that the file system is available before you start the next update:filesys show space.
If the filesys show space command does not display the Active Tier Resource information or if it displays the The
filesystem is unavailable at this time message, the system is not ready for the next update.
from → to Instructions
6.0 → 7.0 → 7.7.x Single Node systems For the DD System Manager and the CLI-based update.
1. Download 7.0.0.20-for6.0to7.0.rpm* (A special 7.0 rpm is required
to update from 6.0 to 7.0).
2. Update from 6.0.x to 7.0.0.20 using 7.0.0.20-for6.0to7.0.rpm
3. Download the 7.6.x rpm
4. Perform update from 7.0.0.20 to 7.7.x.
* Only for supported DD legacy platforms.
6.0 → 7.0 → 7.7.x HA Systems For the DD System Manager and the CLI-based update.
1. Download 7.0.0.20-for6.0to7.0.rpm and perform an HA update to
7.0.0.20-for6.0to7.0.rpm build.
2. Download 7.7.x rpm.
3. Perform an HA update from 7.0.0.20 to the target 7.7.x.
6.1 → 7.7.x Single Node systems For the DD System Manager and the CLI-based update.
● For systems running build older than 6.1.2.70
1. Download MDU bundle mdu-upgrade-bundle-6.1-releases.rpm*.
2. Run an upgrade with the MDU bundle.
3. Download the target 7.7.x on the single node.
4. Run the system upgrade.
● For systems running build 6.1.2.70 or later
1. Download 7.7.x rpm on the single node.
2. Run the system update.
* [MDU is not required if you are on 6.1.2.70 or later 6.1 release]|
from → to Instructions
6.1 → 7.7.x HA systems For the DD System Manager and the CLI-based upgrade.
● For systems running build older than 6.1.2.70
1. Download 6.1.2.70 build on the active node
2. Perform an HA update to 6.1.2.70 build
3. Download 7.7.x rpm on the active node
4. Run the software update from the active node to update the HA pair to
7.7.x
● For systems running build 6.1.2.70 or later.
1. Download 7.7.x rpm on the active node.
2. Run system upgrade from the active node to update the HA pair to 7.7.x.
6.2 → 7.7.x Both Single Node and HA For systems running build older than 6.2.1.0:
systems ● Using the DD System Manager:
1. Download MDU bundle mdu-upgrade-bundle-6.2-releases.rpm.
2. Run an update with the MDU bundle.
3. Download 7.7.x rpm.
22
from → to Instructions
4. Run the update to 7.7.x
● Using the CLI:
1. Download 7.7.x rpm
2. Run the update to 7.7.x
● For systems running build 6.2.1.0 or later:
For the DD System Manager or the CLI-based update.
1. Download 7.7.x rpm.
2. Run the update to 7.7.x.
7.0/7.1 → 7.7.x Both Single Node and HA For systems, running builds older than 7.0.0.20 on 7.0.x releases; and
systems builds older than 7.1.0.20 on 7.1.x releases.
● Using the DD System Manager
1. Download the MDU bundle*.
● mdu-upgrade-bundle-7.0-releases.rpm for 7.0.x
releases
● mdu-upgrade-bundle-7.1-releases.rpm for 7.1.x
releases
2. Run an update with the MDU bundle.
3. Download 7.7.x rpm.
4. Run the update to 7.7.x
● Using the CLI:
1. Download 7.7.x rpm.
2. Run the update to 7.7.x
● For systems, running builds 7.0.0.20 or later builds on 7.0.x; and
build 7.1.0.20 or later builds on 7.1.x release
● For the DD System Manager and the CLI-based update:
1. Download 7.7.x rpm.
2. Run the system upgrade
* [MDU is not required for systems using 7.0.0.20/7.1.0.20 or later releases.]
7.2.x/7.3.x/7.4.x/7.5.x/7.6.x → 7.7.x Both For the DD System Manager and the CLI-based update:
Single Node and HA systems 1. Download 7.6.x rpm.
2. Run system update.
NOTE: For systems with the AWS cloud units upgrading to DDOS 7.6 and higher, the change in endpoint format requires
an update to the network infrastructure to allow the system to remain connected to the endpoint after the upgrade is
complete. Change the endpoint format from s3-<region>.amazonaws.com to s3.<region>.amazonaws.com.
23
Table 21. Prepare the system for upgrade (continued)
Step Step description Command
3. Ensure that all network interfaces are up and have appropriate IP # net show settings
addresses.
4. Check the disk states, and do not perform the upgrade if the system is low # disk show state
on spares or has disks that show in the absent, failed, or reconstructing
states.
5. Check the disk reliability, and replace any disks that have more than 50 # disk show reliability-data
reallocated sectors.
6. Check that the enclosure status is OK for all devices. # enclosure show all
7. Check whether the enclosure topology is correct. Check whether any # enclosure show topology
error appears with an asterisk (*) next to the enc.ctrl.port field.
Also check the Error Message field for any errors such as A possible
problem was detected for this shelf controller or the
cable connected to it.
8. Check that the device port mapping is correct. # system show hardware
9. Check the link speed for connected ports. # system show ports
10. Check the status of the file system to determine that file system is enabled # filesys status
and running normally.
11. If replication is enabled, disable it. # replication status
# replication disable
12. For systems with AWS cloud units upgrading to DDOS 7.4 and higher, Change the endpoint format from
the change in endpoint format requires an update to the network s3-<region>.amazonaws.com to
infrastructure to allow the system to remain connected to the endpoint s3.<region>.amazonaws.com.
after the upgrade is complete.
13. Check if any backup and restore activity is in progress, and if so, stop it. # system show stats
14. Run an Autosupport Report just prior to performing the DDOS upgrade to # autosupport send
determine if the system reports errors that need to be resolved before the <your_email_address>
upgrade.
15. If the Autosupport Report indicated issues with the system, check # log view debug/platform/
kern.info log, and if you notice frequent failures in hardware, contact kern.info
Support to inspect your system before you perform the upgrade. Search
for the string ERROR in the log file.
For HA systems, follow the reboot instructions described in the "Upgrade considerations for HA systems" section.
# ha status
HA System Name: dd9900-ha3a.example.com
HA System Status: highly available
Node Name Node ID Role HA State
-------------------------- --------- --------- --------
dd9900-ha3a-p0.example.com 0 active online
24
dd9900-ha3a-p1.example.com 1 standby online
-------------------------- --------- --------- --------
2. Reboot the standby node (node 1).
3. Run the ha status command to verify the HA system status displays as highly available after the standby node
reboots.
4. Run the ha failover command to initiate a failover from the active node to the standby node.
5. Run the ha status command to verify node 1 is the active node and node 0 is the standby node.
# ha status
HA System Name: dd9900-ha3a.example.com
HA System Status: highly available
Node Name Node ID Role HA State
-------------------------- --------- --------- --------
dd9900-ha3a-p0.example.com 0 standby online
dd9900-ha3a-p1.example.com 1 active online
-------------------------- --------- --------- --------
6. Reboot the standby node (node 0).
7. Run the ha status command to verify the HA system status displays as highly available after the standby node
reboots.
8. Run the ha failover command to initiate a failover from the active node to the standby node.
9. Run the ha status command to verify the node 0 is the active node and node 1 is the standby node.
# ha status
HA System Name: dd9900-ha3a.example.com
HA System Status: highly available
Node Name Node ID Role HA State
-------------------------- --------- --------- --------
dd9900-ha3a-p0.example.com 0 active online
dd9900-ha3a-p1.example.com 1 standby online
-------------------------- --------- --------- --------
Initiate the upgrade from the active node. DDOS automatically recognizes the HA system and performs the upgrade procedure
on both nodes. The HA upgrade runs in the following sequence:
1. The standby node is upgraded first, then reboots.
2. After the reboot is complete, the HA system initiates a failover and the standby node takes over as the active node.
3. The original active node is upgraded, then reboots and remains as the standby node.
After both nodes are upgraded, the system does not perform another failover to return the nodes to their original configuration.
After the upgrade procedure is complete, run the ha status command again to verify that the system is in a highly available
state, and both nodes are online.
Optionally run the ha failover command to return the nodes to the roles they were in before the upgrade.
Running tasks
● A replication initialization is in progress.
● The file system did not shutdown cleanly, resulting in a core dump.
● A previous upgrade did not complete successfully.
Configuration issues
● The system is not configured correctly. For example, NFS mount points were manually created under root.
● Inspection of digests and signatures that are contained in .rpm file indicates that the signature is not valid. The valid
signatures are SHA1 or MD5.
● NFS mount points are unknown.
● The RAID metagroup is not assembled.
● All dg0 disks are not located on the head unit.
● The file system cannot be shut down in a clean manner.
25
● Two different kinds of NVRAM cards are present.
● The OST version is not compatible.
● A VTL version is incompatible.
● The file system is not enabled and cannot be enabled automatically.
● VTL is not enabled.
● A check of the VTL pools indicates that they cannot be converted to MTrees.
● Features are incompatible between the original and target versions of DDOS:
○ DDOS versions 7.0 and later do not support DD Extended Retention. Any system with DD Extended Retention enabled
cannot be upgraded to DDOS 7.0. Migrate the data to a system running DDOS 6.1.X or 6.2.X without DD Extended
Retention running. After the migration, upgrade the DDOS 6.1.X or 6.2.X system without DD Extended Retention to
DDOS 7.0.
○ DDOS versions 7.0 and later do not support the RSA key manager for data at rest encryption. If a DDOS 6.X system uses
the RSA key manager for data at rest encryption, upgrades to DDOS 7.0 and later are not permitted. Disable data at rest
encryption to proceed with the DDOS upgrade.
○ DDOS versions 7.0 and later use a newer version of OpenSSH than DDOS versions 6.2 and earlier. Upgrades to DDOS 7.0
will overwrite unsupported cipher-list and mac-list values with the default values for DDOS versions 7.0 and later, and the
commands to set cipher-list and mac-list values will fail with error messages when unsupported values are specified after
the upgrade.
Space issues
● Storage is functionally deficient, such as an enclosure is missing.
● The / (root) or /ddr partition is full with log files, core dumps, and so forth.
● Available space for the file system is insufficient.
● Available space for the upgrade is insufficient.
● Available space for VTL is insufficient.
● The number of MTrees or VTL pools exceeds 100.
Slow connection
NOTE: For security reasons, there is a 30-minute time limit for the upload of RPM packages for DDMC and DD system
updates using the DDMC GUI. If you have a slow connection from a client machine to the DDMC and the upload takes more
than 30 minutes, the connection drops and you cannot use DDMC to upload the package.
Workaround: Use the CLI to upload the package into DDMC (for example, use SCP/PSCP from a Unix terminal or Windows
CMD).
Automatic tasks performed by the upgrade script (in the .rpm file) prior to upgrade
These tests precede the actual system upgrade process. The system:
1. Determines whether two different kinds of NVRAM cards are present.
2. Checks the /ddr partition and / (root) partition sizes for space utilization.
3. Checks the OST version.
4. Determines whether the RAID metagroup is assembled. If it is not assembled, the upgrade process does not begin.
5. Determines available space for the file system.
6. Determines whether sufficient space is available for the upgrade.
7. Checks the VTL version, if VTL is present.
8. Determines whether the file system is enabled, and if it is not enabled, enable it.
9. Determines whether VTL is enabled.
10. Checks the VTL pools to ensure that they can be converted to MTrees.
11. Determines whether sufficient VTL space is available.
12. Ensures that the numbers of MTrees and VTL pools do not exceed 100.
13. Determines whether all dg0 disks are located on head unit. If not, the upgrade process does not begin, and the problem must
be addressed.
14. Determines whether the file system can be shutdown without problems. If the file system cannot be shut down in a clean
manner, the upgrade process will stop.
26
15. For DD6400, DD6900, DD9400, and DD9900 systems only: Determines whether any iDRAC administrator accounts are
present on the system.
16. Checks if file system cleaning is running, and displays a warning if a cleaning operation is in progress.
17. Checks if cloud cleaning is running, and displays a warning if a cleaning operation is in progress.
18. Checks if data movement to the cloud is running, and displays a warning if a data movement operation is in progress.
The upgrade process quits if it encounters a failure in any of the tasks listed.
Workaround: Use the CLI to upload the package into DDMC (for example, use SCP/PSCP from a Unix terminal or Windows
CMD).
27
2. Store the file, 7.7.1.0-1007697.rpm, in the /ddvar/releases directory on the Data Domain system.
Do not rename any software upgrade package that you received for your system and its licensed features. Upgrade
processes and procedures rely on the software package names being what they are. Renaming a software upgrade package
causes the upgrade process to fail.
When downloading a system software upgrade image using Internet Explorer, the browser may add bracket and numeric
characters to the upgrade image name. Remove the added characters before performing the system upgrade.
3. Ensure that the system is idle. All replication initialization and resynchronization should be complete, and no backups should
be running. A useful command to assess the system's readiness is the alert show current CLI operation.
4. For systems that are already part of a replication pair before the upgrade, upgrade the destination system first, and then
upgrade the source system.
You do not need to disable replication on either system in the pair.
5. Stop (log out from) all DD System Manager sessions on the system.
6. Stop any active CIFS client connections before starting the upgrade. Use the cifs show active command to check for
CIFS activity. Disconnect any client that is active. On the client, enter the command net use \\dd\backup /delete.
7. To upgrade the system using the DD System Manager GUI, follow these substeps. To use the CLI, go to step 8. For an HA
system, perform the following steps on the active node.
To upgrade a system running release 7.7.1.0,
c. Click the name of the host system you are upgrading in the Navigation pane.
d. Select Maintenance > System.
e. From the Upgrade Packages Available on this Data Domain System list, select the check box of the image to use for the
upgrade.
f. Select Perform System Upgrade.
g. The Upgrade System dialog box is displayed.
h. Verify the version of the target image (the upgrade image) is 7.7.1.0-1007697 and click OK.
A progress dialog box is displayed and advises that the system will automatically reboot to complete the upgrade.
For the upgrade on a single node (non-HA system), the reboot phase can take 20 minutes or more, depending on features
of your particular system. Do not manually reboot the system during this time. During the reboot phase, the connection with
the system will be lost. After the reboot completes, log back into the system.
For the upgrade on an HA system, the standby node reboots first. After it boots with the new DDOS, there will be a failover
to let the newly upgraded node take over as the active node. The old active node then reboots to finish the upgrade.
8. To upgrade a system running release 7.7.1.0 using the CLI, issue the command: (For an HA system, issue the command on
the active node.)
28
the .rpm file hash through use of the checksum. To find the hash value for the file, click the View MD5 button on the page
where you downloaded the .rpm file.
If upgrade fails, contact your contracted support provider or go to the https://www.dell.com/support site.
NOTE: The system may take a few minutes. Wait and watch for any possible errors. The system may display the warning
System <hostname> is not currently managed by DD System Manager. Do you wish to Refresh?
Click OK to proceed past the warning.
Replication notes
With collection replication, no files are visible on the destination system if replication was not finished before starting the
upgrade. After the upgrade, wait until replication completes to see files on the destination system.
Updating DDMC
DDMC 7.7 supports management of systems running up to seven releases back (DDOS 7.6, 7.5, 7.4, 7.3, 7.2, 7.1, 7.0, and 6.2),
and the next release when it becomes available.
You can update directly to DDMC 7.7 from a system running DDMC 6.2 or later. To update to DDMC 7.7 from a release family
earlier than 6.2, you need to update in steps. For more information, see the DDMC Installation and Administration Guide.
Before updating to DDMC 7.7, a third disk with 100GB (using vCenter/vSphere client) must be added. For more information, see
the DDMC Installation and Administration Guide.
NOTE: The DDMC release family directly after 2.0 is 6.1; there are no 3.x, 4.x, or 5.x versions.
29
NOTE: The DDMC release family directly after 6.2 is 7.0.
For the exact upgrade steps, see the DDMC Installation and Administration Guide for your specific release, which can be found
on the https://www.dell.com/support site.
30