Data Domain Commands

Data Domain command=>adminaccess | alerts | alias | archive | authentication | authorization | autosupport | cifs | cluster | config | ddboost | disk | enclosure | filesys | help | ipmi  

Data Domain command=>license | log | migration | mtree | ndmpd | net | nfs | ntp | quota | replication | route | snapshot | snmp | storage | support | system | user | vtl 

1. adminaccess : The adminaccess command manages the access control list configuration. Command options enable remote hosts to use the FTP, Telnet, HTTP, HTTPS, and SSH administrative protocols on the Data Domain system. SSH is open to the default user sysadmin and to users added by the administrator.

Options include:

Returning Command Output to a Remote Machine: With admin role permissions and using SSH, you can have output from Data Domain system commands return to a remote machine at login, and then log out automatically. 

For example, the following command connects with the machine dd10 as user admin, prompts for the password, and then returns output from the command option filesys status. 

# ssh -l admin dd10 filesys status

admin@dd10’s password:

The filesystem is enabled

Additionally, you can create a file containing multiple Data Domain system commands, one command per line, and use the file as input to the login. Output from each command is returned.

Example

1. Create a file named cmds11 and include the commands filesys status, system show uptime, and NFS status.

2. Run the command as shown and read the output.

# ssh -l admin dd10 < cmds11

admin@dd10’s password:

The filesystem is enabled

3:00 pm up 14 days 10 hours 15 minutes 1 user, load average: 0.00, 0.00, 0.00

Filesystem has been up 14 days 10:13

The NFS system is currently active and running

Total number of NFS requests handled = 314576

2. alerts : The alerts command manages current alerts, alert notification groups, and alerts history. Command options enable sending email to a designated recipient or notification group when an event occurs within the Data Domain system. Depending on the option, information includes alert type, date posted, and resulting action. More than three months of alert history is retained.  

Some event types, such as those in the environment class that pertain to temperature sensors within the chassis, are detected repeatedly if the underlying condition is not corrected.

Options include:

3. alias : The alias command creates, deletes, and displays command aliases. Command options enables users to add, delete, and display command aliases for the Data Domain system command set. Users can administer aliases only for commands for which they have permission.

Options include:

4. archive : The archive command is used only on systems licensed to run the EMC Data Domain Extended Retention software option (formerly “DD860 Archiver”). Archive command options enable the feature and configure policies. See the DD Extended Retention Administration Guide for details on functionality, installation, and configuration.

Options include:

5. authentication : The authentication command manages NIS users, domains, groups and servers. Command options enable the Data Domain system to participate in an active Network Information Service (NIS) domain, which keeps a centralized repository of users, groups, and server names. NIS adds a global directory that authenticates users from any host on the network. 

Options include:

6. authorization : The authorization command establishes or modifies runtime authorization policy. Command options enable security-based functions such as managing filesystem encryption and enabling or disabling authorization policy. All authorization tasks are logged automatically. The log file includes a timestamp, the identities of the security officer and administrative user, and the Data Domain system on which the task was performed. This log file serves as the audit trail, or “authorization history,” for each action.

Options include:

7. autosupport : The autosupport command manages system reports. Command options enable administrative users to manage two reports that describe the state of a Data Domain system: the Autosupport Report and the Daily Alert Summary. By default, both reports are emailed to the Data Domain Support address only, but users with admin role permissions may configure additional addresses. For details on configuring autosupport notifications, see the EMC Data Domain Initial Configuration Guide.

Options include:

8. cifs : The cifs command manages CIFS(Common Internet File System) data access between a Data Domain system and Windows clients. Command options enable and disable access to a Data Domain system from media servers and other Windows clients that use the CIFS protocol. The cifs command sets the authentication mode and CIFS options, and displays status and statistics for CIFS clients.

Options include:

9. cluster : The cluster command manages a Data Domain Global Deduplication Array (GDA). A standard GDA comprises two controllers: the master and the worker. The master controller manages the worker controller. For more information on this command, see the Global Deduplication Array Administration Guide.

Options include:

10. config : The config command manages Data Domain system configuration settings. Command options include changing individual configuration parameters and viewing the configuration setup. For information on how to configure the system, see the EMC DD OS Initial Configuration Guide and the EMC Data Domain Administration Guide.

Options include:

11. ddboost : The ddboost command manages the integration of Data Domain systems and disk backup devices. Command options create and delete storage units on the storage server, and display the disk space usage of each storage unit. DD Boost also supports advanced load balancing and failover, distributed segment processing, encryption, and low-bandwidth optimization. See the DD Boost Administration Guide for details on functionality. Beginning in 5.2, users can now use quotas to provision Data Domain system storage among different backup applications. Quotas restrict the logical (uncompressed and undeduplicated) storage capacity for each storage unit. DDBoost storage unit quota limits (hard or soft) can be set or removed dynamically. Quotas may also be used to provision various DDBoost storage units with different sizes, enabling an administrative user to monitor the usage of a particular storage unit over time. Note that it is possible to configure quotas on a system and run out of storage before quota limits are reached.Like MTree quota limits, the ddboost storage-unit create command includes new, optional parameters to specify quota limits at the time the storage unit is created. Output of the ddboost storage-unit show command indicates if a quota is defined for the storage unit. See “quota” and “mtree” for details on the quota feature, including definitions of hard and soft limits.

Options include:

12. disk : The disk command manages disks and displays disk locations, logical (RAID) layout, usage, and reliability statistics. Each Data Domain system reports on the number of disks in the system. For a Data Domain system with one or more Data Domain external disk shelves, commands also include entries for enclosures and disks. For details on 

disks in external shelves, see the Expansion Shelf Hardware Guide.

Options include:

13. enclosure : The enclosure command identifies and displays information about expansion shelves. An enclosure is a Data Domain system or an attached expansion shelf. 

Options include:

14. filesys : The filesys command displays statistics, capacity, status, and utilization of the filesystem. Command options also clear the statistics file, and start and stop filesystem processes. The filesys clean command options reclaim physical storage within the filesystem. 

Command output for disk space or the amount of data on disks is computed using base-2 calculations. See “How Data Values Are Calculated” for details. 

Options include:

15. help : The help command displays Help files for Data Domain system commands. Entering the help command without an object displays the complete list of Data Domain system commands. For a description of a single command, including syntax, options, and for most commands, sample output, include the command name as the object; for example, 

help filesys. 

You can also search for command options using keywords. If the keyword is the same as a command name, the entire Help page for the command displays. Typically, information that does not appear in the Help files is available in the EMC Data Domain Administration Guide.

16. ipmi : The ipmi command monitors and manages a Data Domain system deployed remotely. Command options enable administrators to monitor remote systems and to power the systems on or off as required. The Serial-Over-LAN (SOL) feature is used to view the serial output of a remote system boot sequence. For more information, see the EMC Data 

Domain Operating System Offline Diagnostics Suite User’s Guide.

Options include:

17. license : The license command adds, deletes, and resets keys for licensed features and storage 

capacity.

Options include:

18. log : The log command manages and displays the Data Domain system log file. Messages from the alerts feature, the autosupport reports, and general system messages are sent to the log directory (/ddvar/log). A log entry appears for each Data Domain system command given on the system. Data Domain systems can send network log messages to other systems enabled to listen. The Data Domain system sends the log in the standard syslog format. When remote logging is enabled, all messages in the messages and kern.info files are exported.

Message selectors include:

*.notice

Send all messages at the notice priority and higher.

*.alert

Send all messages at the alert priority and higher (alerts are included in *.notice).

kern.*

Send all kernel messages (kern.info log files).

local7.*

Send all messages from system startups (boot.log files).

See the vendor-supplied documentation for details on managing the selectors and 

receiving messages on a third-party system.

Options include:

19. migration : The migration command copies all data from one Data Domain system to another. Use the command when upgrading to a larger capacity Data Domain system. Migration is typically performed in a LAN environment. Migration may also be used to copy replication configurations, known as “contexts.” See the EMC DD OS Administration Guide for instructions.

Options include:

20. mtree : The mtree command enables operations on a single “managed tree” (MTree) of a filesystem. An MTree is a logical partition of the namespace in the filesystem that can group together a set of files for management purposes; for example, snapshot schedules, replication, or retention locking. An MTree can be a directory subtree or a VTL tape pool, and the files of an MTree can span the collection of active and archive storage tiers in a DD Extended Retention system. Previously, users could not manage the amount of storage space for an MTree. If a Data 

Domain system had several MTrees, a single MTree could use all of the storage space on the system, depleting the storage space for other MTrees. Users can now restrict storage space for MTrees by setting quota limits during the creation of MTrees. See “quota” for additional information.

Options include:

21. ndmpd : The ndmpd command is the top-level command for the NDMP daemon running on the Data Domain system. The NDMP daemon provides access to VTL-created devices via the NDMP version 4 protocol.

Options include:

22. net : The net command manages the use of virtual interfaces, DHCP, DNS, and IP addresses, 

and displays network information and status. 

Options include:

23. nfs : The nfs command enables you to add NFS clients and manage access to a Data Domain system. It also enables you to display status information, such as verifying that the NFS system is active, and the time required for specific NFS operations. 

Options include:

24. ntp : The ntp command synchronizes a Data Domain system with an NTP time server, manages the NTP service, or turns off the local NTP server. A Data Domain system can use a time server supplied through the default multicast 

operation, received from Dynamic Host Configuration Protocol (DHCP), or set manually with the Data Domain system ntp add command.

Options include:

25. quota : The quota command enables users to modify the amount of storage space for MTrees and for VTL and DD Boost storage units. There are two quota limits: hard and soft. The hard limit prevents writes from exceeding the quota. Users receive an error message if the hard limit is exceeded. The soft limit allows writes to exceed the quota; however, an alert is generated. The soft value must be less than the hard value. Quota limits must be specified as integers. You can set hard, soft, or both, depending on your requirements. For example, an administrator may choose to enforce only a soft limit to prevent backup jobs running overnight from failing when the quota limit is reached. Or, he or she may choose to enforce only a hard limit to block a user from writing when the quota limit is reached. Snapshots capture quota information at a precise point in time. Usage tracking in the active filesystem does not account for the space of snapshot, so quota limits are not  enforced on snapshots. For information on establishing quotas when creating MTrees, and DD Boost and VTL storage units, see “mtree,” “ddboost,” and “ vtl,” respectively.

Options include:

26. replication : The replication command enables you to replicate data (copy and synchronize), between two Data Domain systems: a source and a destination. Source and destination configurations, or pairs, are also known as “contexts.” Depending on your objective, you can replicate entire sites, specific directories, MTrees, or files within a virtual tape library. Replication is a licensed software option. See the EMC DD OS Administration 

Guide for details on replication practices and procedures.

Options include:

27. route : The route command manages routing between a Data Domain system and backup hosts. An additional routing rule appears in the Kernel IP routing table and in the Data Domain system Route Config list, which is a list of static routes reapplied at each system boot.

Options include:

28. snapshot : The snapshot command manages MTrees snapshots. MTrees add granularity to filesystem-type operations, allowing operations to be performed on a specific MTree instead of the entire filesystem. Snapshots are useful for avoiding version skew when backing up volatile data sets, such as tables in a busy database, and for restoring previous versions of a deleted directory or file.  A snapshot is a read-only copy of the Data Domain MTree from the top of each MTree: /data/col1/<mtree-name>.The MTree /data/col1/backup is the default directory created in the system during installation. It is also the MTree that is refreshed during an upgrade procedure. The directory /backup points to the default MTree. Snapshots can be accessed from the directories /backup/.snapshot or /data/col1/<mtree-name>/.snapshot.

Options include:

29: snmp : The snmp command enables or disables SNMP access to a Data Domain system, adds community strings, gives contact and location information, and displays configuration settings. SNMP management requires two primary elements: an SNMP manager and an SNMP agent. See “More about SNMP on a Data Domain System” for details.

Options include:

30. storage : The storage command adds, removes, and displays disks and LUNs belonging to active and archive storage tiers. Tiered storage enables the Data Domain system to use different types of storage devices.

A storage tier can contain two types of storage: whole disks in an enclosure, such as a Data Domain system or attached expansion shelf, or LUNs in a Data Domain gateway system that uses a SAN. System storage for a filesystem or associated RAID disk group consists of two storage tiers: one active and one archive. The active tier has one active unit of storage, and the archive tier has one or more archive units of storage.

Options include:

31. support : The support command uploads files from a customer Data Domain system to the Support portal for troubleshooting. The selected files are compressed into a tar. gzip folder with a README file that includes identifying autosupport headers.

Options include:

 upload

32. system : The system command enables administrative users to perform standard tasks on Data Domain systems, configure a system for Retention Lock Compliance, and view system-level information.

Options include:

33. user : The user command adds and deletes users, changes passwords, manages password aging and strength policies, and displays user roles. A role determines the type of operations a user can perform on the Data Domain system. See “RBAC and User Role Definitions” for details. The default administrative account is sysadmin. You can change the sysadmin password but cannot delete the account. See the Installation and Setup Guide for details on sysadmin.

Options include:

RBAC and User Role Definitions: Role-based access control (RBAC) is an authentication policy that controls the type of operations a user can perform on a Data Domain system. System access and operations are allowed or restricted based on the permissions associated with each role.

In accordance with RBAC policy, the following roles are available for administering and managing the Data Domain operating system.

admin : A user can configure and monitor the entire Data Domain system. Most command options are available to the admin role only. 

user : A user can monitor Data Domain systems and perform the fastcopy operation. The user role is for standard users who have access to a limited number of command options. For example, most show command options are available at this level.

security (security officer): Some DD OS procedures require additional security and therefore must be authorized, or “signed off,” by the security officer. During authorization, the admin and the security officer are required to participate when issuing a command. See the section on authorization workflow in “authorization” for details. In addition to authorizing procedures, only the security officer can create and manage additional security officers. The security role is assigned to local users only. Users in the security role cannot be assigned additional roles. During an upgrade, if the system contains security officers, a sec-off-defaults permission is created that includes a list of all current security officers. The user role “security” and “security officer” are synonymous and the terms are used interchangeably in this document. 

backup-operator : In addition to user role permissions, allows a user to create snapshots, import and export tapes to a VTL library, and move tapes within a VTL library.

data-access : For DD Boost authentication only. A user with this role can log in to a system and can change his or her password, but cannot monitor, manage, or configure a Data Domain system.

34. vtl : EMC Data Domain VTL is a licensed software option that enables backup applications to connect to and manage a Data Domain system as a virtual tape library. Beginning with version 5.2, new VTL pools are MTree-based. Additionally, multiple MTrees enable the user to more closely configure DD OS for data management needs. 

MTree-based pools allow MTree replication to be used instead of directory replication. Existing pools are backward compatible. Users may also create additional backward-compatible pools as needed. VTL pool-based replication is performed using MTree replication for MTree pools, and directory replication for backward-compatible pools. 

MTree-specific attributes can be applied to each VTL pool individually instead of inheriting a common set of attributes from the default backup MTree. These attributes include snaphots and snapshot schedules, retention lock policy, and compression information. In previous versions, access to VTL data in /backup (/data/col1/backup), typically through NFS or CIFS mount of /backup, was relatively unconstrained. This led to issues where VTL data was changed beneath the VTL process; for example, when manually deleting a pool or copying files, and resulted in unexpected behavior or inconsistencies.  By using MTrees for pools VTL data is relocated from /backup. With MTrees, users may continue to use and manage VTL with little or no difference when compared to versions 5.0 and earlier.

Options include:

Command Changes in DD OS Version 5.4 - Nov 18, 2014 9:59:34 PM