These release notes support ptx®/CLUSTERS V2.2.2. Read this document before you install or run this release of ptx/CLUSTERS.
This version of ptx/CLUSTERS can be used with the following products:
For product compatibility information on products such as ptx/LAN and ptx/TCP/IP, consult the DYNIX/ptx and Layered Products Software Installation Release Notes.
This release of ptx/CLUSTERS supports the following configurations:
2-, 3-, and 4-node NUMA-Q clusters (with Fibre-Channel Interconnection).
2-, 3-, and 4-node "mixed" NUMA-Q 1000/NUMA-Q 2000 clusters (with Fibre-Channel Interconnection).
2-node Symmetry 5000 clusters (with standard QCIC SCSI-direct connection).
This release of ptx/CLUSTERS does not support ``mixed'' cluster configurations of Symmetry 5000 and NUMA systems. This release also does not support the use of Fibre Channel Arbitrated Loop on NUMA 2000 systems.
For instructions on how to update ptx/CLUSTERS, DYNIX/ptx, and other IBM NUMA-Q products running on Symmetry systems, see the DYNIX/ptx and Layered Products Software Installation Release Notes.
IBM NUMA-Q authorizes only IBM NUMA-Q personnel to perform initial cluster installations and to upgrade NUMA-Q 2000 clusters. IBM NUMA-Q Customer Support or Professional Services personnel who install new clusters or update NUMA-Q 2000 clusters should follow the procedures in the ptx/CLUSTERS V2.x Installer's Guide and in the DYNIX/ptx and Layered Products Software Release Notes for installation and configuration.
ptx/SVM V2.2.x cannot be used to manage shared storage on clusters containing more than 2 nodes. ptx/SVM can be used for mirroring root and primary swap on local disks on the nodes of 3- and 4-node clusters. See the ptx/SVM V2.2.2 Release Notes for more information about the limitations of ptx/SVM in 3- and 4-node clusters.
Normally, when changing a node ID in a cluster, you need to reboot only the node whose ID you are changing. However, because of a defect in the software (problem report 235185), after changing the ID of one node or more nodes, you need to reboot all nodes.
To change the node ID, follow these steps:
Issue the clustadm -P nodeid=value command, where value is the new node ID (an integer between 0 and 7, inclusive). Issue this command on each node whose ID you wish to change.
Shut down all cluster nodes. The recommended procedure is to first bring all the nodes to run-level 1, and then bring them to the firmware level.
Start the cluster nodes back up.
Failure to follow this procedure can cause the same node to appear multiple times in clustadm output and may cause the Lock Manager to hang.
In ptx/CLUSTERS V1.x, if you built a VTOC on a shared device from one of the nodes, the disk's slices were then available on all of the cluster nodes. In ptx/CLUSTERS V2.x, the remaining node(s) will not be aware of the existence of the VTOC slices if you build a VTOC on a shared device from only one of the nodes.
If you wish to place a disk containing a VTOC under ptx/SVM control and use the disk in a cluster, then you must assure that each member node's /etc/devtab file contains a VTOC entry for that disk. Then issue the devbuild command to create the virtual devices included in that VTOC on all nodes in the cluster.
If you build the VTOC for a disk on one node (where the disk will be recognized as a ``sliced'' disk), but not on the other node(s) (where the disk will be recognized as a ``simple'' disk), then the ptx/SVM shared disk groups will not match across the cluster and you will not be able to use them.
There are several situations in which it is necessary for the Integrity Manager to reboot a cluster member node. In these situations, the node has become unable to safely resume access to shared storage. The Integrity Manager invokes the kernel panic mechanism to prevent any further user-level activity that might require access to shared storage and to bring the node most rapidly back into cluster membership. The panic messages used, and their causes, are the following:
Taking this node out of the cluster, as some critical transition script has failed
One example of a transition-script failure that warrants a system shutdown is when the lmrecovery script fails. If lmrecovery fails, it could mean that the Lock Manager is disabled on all nodes of the cluster until the problem is fixed. When lmrecovery terminates abnormally on a node, that node is shut down and will normally reboot in order to restore the normal operation of the cluster.
Lost the qdisk to a partition node %d
This message indicates that a cluster with a quorum disk had CCI communication problems. The node that shut down lost connectivity with the other node(s) and when it read the quorum disk, found that it had been removed from the set of active member nodes.
Normally, a node that loses CCI communications enters a NO QUORUM state. While in this state, the node continues to monitor cluster and quorum disk states. If other nodes form a cluster without the disconnected node, quorum disk data will reflect the new cluster membership. The disconnectted node's internal state (for example, Lock Manager locks) is now invalid and the node will reboot itself. You must then address the communication problem(s) and reboot the node in order for it to again become an active member of the cluster.
Forcing a system panic - This node out of sync with the rest of the cluster
This panic message means the same as the previous panic message, except that the quorum disk is not involved. The node that shut down discovered through CCI communication that the other node(s) had formed a new cluster without it. Because its state is now invalid, the node shut down.
To remove a node from a cluster, follow these steps:
Shut down the node you wish to disconnect from the cluster and power it off.
Disconnect all shared storage from the node to be removed from the cluster.
Disconnect the node from the CCI networks.
Boot the node you wish to remove from the cluster. Go to single-user mode, either with the bootflags or by entering s at the Waiting for cluster membership, enter 's' to go to single-user mode prompt.
Through ptx/ADMIN, deinstall the ptx/CLUSTERS software. For information on how to deinstall software, see the DYNIX/ptx and Layered Products Software Installation Release Notes.
ATTENTION To avoid destroying or corrupting data, do not remove the ptx/CLUSTERS software before detaching the node from all shared storage.
On the remaining nodes, reset the number of expected votes to equal the number of remaining nodes plus the quorum disk, if one is configured.
The following documentation is available on the online documentation CD or at http://webdocs.numaq.ibm.com/:
This section lists the following problem report summaries:
The numbers in parentheses identify the problems in the problem-tracking system.
This release of ptx/CLUSTERS contains fixes for the following software defects:
(243522) A memory leak in the muts_open() function occurred in low memory situations.
(243523) A memory leak in the start_heartbeat() function occurred in low memory situations.
(243550) set_up_retransmission() leaked an event cell in a low memory situation.
(247352) The clusters crash library did not provide information about the user-level utility lmstat.
(247355) The information available through the clusters crash library on CCI links was not formatted similarly to the output of clustadm -vi. It now is.
(249144) When a lock was determined to be mastered locally, the variable res_master in the resource structure was not set at all.
(249546) The system panicked on an assert_debug in the SLM deadlock code.
(249704) When ptx/CLUSTERS was deinstalled through ptx/INSTALL, a conflict message appeared regarding the process order.
(251093) A misleading message appeared when a command to deconfigure the quorum disk was executed when no quorum disk was configured.
(251602) im_free_buf was not freeing memory.
(252107) During a scratch installation of ptx/CLUSTERS, after booting off of the CD-ROM to a different disk, the cluster installation did not ask for cluster parameters.
(252511) Multiple instances of replicad occurred when the devctl -A command failed.
(252744) A CFS hang occurred when a lock asked for a convert from "nl" to "pr."
(253120) A panic occurred in srlk_open().
(253300) The macros QMON_VALID_EVENT and QMON_VALID_STATE were not defined properly.
(253324) Duplicate messages were coming from the MUTS.
(254027) The -R option of edc was not used for attaching and detaching ptx/ADMIN menus. It now is.
(254030) A cluster hung during the boot process when all four nodes were rebooted at once.
(254109) The naming database generation number was out of sync on the quorum disk.
(254141) Cases existed where the quorum disk had a different idea of a shared generation number than any of the cluster nodes probing devices in the cluster.
(254192) vysnc node block information was not updated when the number of evotes was changed.
(254655) The system panicked with the message: PANIC: ../io/slm/slm_cremote.c:ABORT with ZERO sequence:line.
(254658) An assertion failed with the following message: (slk->slk_flags & (SLK_TIMEOUT|SLK_TIMEOUTSUSP)) == SLK _TIMEOUT.
(254906) A filesystem hang occurred during a cluster reboot.
(254943) vxconfigd never returned from lm_convert call.
(255308) devctl -A hung when the system was booted with the -I option.
(255316) The clusters replica manager lost quorum when the quorum disk was configured.
(255730) devctl hung in a three-node cluster.
This section lists open problems in this release of ptx/CLUSTERS.
Under certain conditions, devctl returns the following error message even though the cluster has quorum: "Transactions require a quorum of database replicas." The conditions when this message appear are:
On a two-node cluster without a quorum disk, when one of the nodes is taken down from single-user mode after the cluster transition for the node join operation is complete.
On a cluster with more than two nodes, if multiple machines are taken down from single-user mode after they join the cluster.
Workaround. This error arises because the rc2 script S01deactivate was not run to complete the naming database synchronization across cluster nodes. To work around this problem:
On a two-node cluster without a quorum disk, configure a quorum disk. (This problem will not occur on a two-node cluster with a quorum disk.) See the ptx/CLUSTERS Administration Guide for information about configuring a quorum disk.
For a cluster with more than two nodes, bring up the remaining nodes to single-user mode, wait for the cluster transition for the joining node(s) to complete, and then manually run /etc/rc2.d/S01deactivate.
When a node index is changed on one cluster node and the node is restarted, the unchanged node has two entries for the node whose index has changed. One entry is for the original node index, and the other entry is for the new node index.
Workaround. See the section in these release notes entitled "Changing Cluster Node ID" for information on how to change a node's index.
ptx/CTC menus in ptx/ADMIN are removed if an updated version of ptx/CLUSTERS is installed and ptx/CTC is not reinstalled.
Workaround. Always install ptx/CLUSTERS and ptx/CTC together. If you have already installed ptx/CLUSTERS, install ptx/CTC from the CD-ROM so that the menus will reappear.
When you use devctl to change the name of a CCI device, ptx/CLUSTERS does not know the name has changed.
Workaround. Use clustadm to deconfigure and reconfigure the CCI device.
The clustadm -C (configure quorum disk) and clustadm -D (deconfigure quorum disk) will hang when the node has lost quorum. The commands cannot be suspended or interrupted.
Workaround. Boot another node to restore quorum or reboot the node and only make quorum disk configuration changes while the node has quorum.
When a quorum disk is configured, the VTOC, if it is not already in place, is built for the device on remote nodes from the kernel. However, this does not update the list of built devices at the user level.
Workaround. Execute the devbuild command on the node where the devdestroy is failing. Doing so will update the list of built devices. Then do the devdestroy.
When a cluster member node is shut down, the other member nodes will continue to report that it is a member until VSYNC has completed its membership view change protocol. This protocol includes a delay known as "I/O drain time," during which the view change waits for completion of any I/O requests initiated before the node was shut down to either complete or fail. Thus it is possible, if this I/O drain time is long enough, for a node to be completely shut down and even powered off while clustadm on other nodes continues to report that the node is still a cluster member. clustadm will report that all links to the shut down node are DOWN during this delay in the membership view change protocol. This is the indication that the protocol is underway and should complete shortly.
Workaround. This is a transient problem which will correct itself after the I/O drain time delay has passed.
If one cluster node is running ptx/SDI and has a ptx/SDI device, then another node that attempts to join the cluster must also have ptx/SDI installed. Likewise, if an existing cluster node does not have ptx/SDI installed, then another node that attempts to join the cluster must also not have ptx/SDI installed. Otherwise, when the nodes attempt to synchronize their naming databases, the following error will occur:
devctl: Internal error 3 during NDB merge operation: Invalid argument devctl: unable to synchronize NDB: Invalid argument
Workaround. Ensure that ptx/SDI is either installed on all cluster nodes or on none.
When the devctl command is used to deconfigure or configure devices, the results may not be propagated to all nodes in the cluster if the devctl command is executed just before a cluster membership transition begins.
Workaround. Try not to configure or deconfigure devices when the cluster is transitioning. Use the /sbin/ndbcompall command to verify that the devctl command was propagated to all nodes. If it was not, shut down and reboot the nodes to resynchronize the cluster nodes' naming databases.