NetApp’s FAS series of storage arrays run a single operating system called Data ONTAP across all platforms – from the low end to the high end – though this operating system can run in one of two different modes. There’s the older “classic” mode, which the majority of FAS administrators are used to and which is now referred to as Data ONTAP 7-Mode, and there’s the new, scale-out mode that is simply called clustered Data ONTAP. While the two modes share similar administrative concepts and some similar commands, the two CLI operating environments are quite different in behaviors, structure, and feature sets. We’ll start by talking about 7-Mode.
Commands and Privilege Levels
Logging in (via SSH, telnet, or console) you are provided a simple administrative-level prompt:
mba-7m-1>
The prompt contains the hostname of the controller (“mba-7m-1”) followed by a “>” which indicates that you are in the normal administrative privilege level.
From here, you can see the available commands by simply typing “?”:
? flexcache options smtape acpadmin fpolicy orouted snap aggr fsecurity partner snaplock arp ftp passwd snapmirror autosupport halt ping snapvault backup help ping6 snmp bmc hostname pktt software cdpd httpstat portset source cf ic priority sp charmap ifconfig priv stats cifs ifgrp qtree storage clone ifstat quota sysconfig cna_flash igroup radius sysstat config ipspace rdate system coredump iscsi rdfile timezone date key_manager reallocate traceroute dcb keymgr reboot traceroute6 df license restore ucadmin disk lock restore_backup ups disk_fw_update logger revert_to uptime dns logout rlm useradmin download lun route version du man routed vfiler dump maxfiles rshstat vlan echo mt sasadmin vmservices ems nbtstat sasstat vol environment ndmpcopy savecore vscan exportfs ndmpd sectrace wcc fcadmin ndp secureadmin wrfile fcnic netdiag setup ypcat fcp netstat sftp ypgroup fcstat nfs shelfchk ypmatch fcvi nfsstat sis ypwhich file nis
This shows you all of the commands available for this administrator privilege level.
There are two additional privilege levels available: advanced and diag. You can change to these levels using the “priv set” command.
mba-7m-1> priv set advanced Warning: These advanced commands are potentially dangerous; use them only when directed to do so by NetApp personnel. mba-7m-1\*> mba-7m-1\*> priv set diag Warning: These diagnostic commands are for use by NetApp personnel only. mba-7m-1\*>
The asterisk after the hostname indicates that you are in either advanced or diag privilege mode. There’s no visual distinction between the two modes, but you can find out which one you are in by typing simply “priv”:
mba-7m-1\*> priv diag mba-7m-1\*>
More commands are available within the higher privilege levels than in the normal admin level.
Advanced:/etc/rmt ftp nfsstat sldiag ? getXXbyYY nis sm_mon acorn halt nv8 sm_mon_old acpadmin hammer ontapi sm_not aggr help options smb_hist arp hostname orouted smtape autosupport httpstat panic snap availtime ic partner snaplock backup if_addr_filter_info passwd snapmirror blink_off ifconfig perf snapvault blink_on ifgrp ping snmp bmc ifinfo ping6 software bootfs ifstat pktt source bringhome ifstat_test portset sp cdpd ifswitch priority statit cf igroup priv stats charmap inodepath ps storage cifs ipspace qtree stsb clone iscsi quota stty cna_flash key_manager radius sum32 cna_flash_image_reset keymgr rdate sysconfig cna_flash_image_set l2ping rdfile syslog cna_flash_version led_off reallocate sysstat com led_off_all reboot system config led_on registry systemshell coredump led_on_all restore tape_qual cxgbtool led_on_off restore_backup test_lcd date led_reset_all result timezone dcb led_test revert_to toe dd led_test_one rlm traceroute df license rm traceroute6 disk lock rmt ucadmin disk_fw_update log route ups disk_list logger routed uptime disk_stat logout rpc_stats useradmin dns ls rshkill version download lun rshstat vfiler du mailbox rsm vif dump man rtag vlan echo maxfiles rtfo vmservices ems mbstat sasadmin vol environ mem_scrub_stats sasstat vscan environment memerr savecore vstorage exit mt scsi waffinity_stats exportfs mv sectrace wafl fcadmin nbtstat secureadmin wafl_backdoor_stats fcnic ndmpcopy setup wafl_susp fcp ndmpd sftp wcc fcstat ndp sh wrfile fcvi netdiag shelfchk ypcat file netstat showfh ypgroup flexcache nfs showfh4 ypmatch fpolicy nfs_hist sis ypwhich fsecurityDiag:
/etc/rmt fcstat netstat sm_not ? fcvi nfs smb_hist acorn file nfs_hist smf acpadmin filersio nfsstat smtape aggr flexcache nis snap anvl fpolicy nm snaplock arp fru_led nv snapmirror autosupport fsecurity nv8 snapvault availtime ftp ontapi snmp backup gdb options software blink_off getXXbyYY orouted source blink_on halt panic sp bmc hammer parityck spares_zero bootargs help partner spinhi_stats bootfs hostname passwd spinnp_replay bringhome httpstat perf spinnp_replay_stats cdpd ic ping stack cf icbulk ping6 statit ch if_addr_filter_info pktt stats charmap ifconfig portset storage cifs ifconfig_priv printflag stsb clone ifgrp priority stty cna ifinfo priv sum32 cna_flash ifstat prof sync cna_flash_image_reset ifstat_test ps sysconfig cna_flash_image_set ifswitch qtree syslog cna_flash_version igroup quota sysstat com inodepath radius system config iomem raid_config systemshell coredump ipspace rastrace tape_qual ct_dump_t3 iscsi rdate tcp_client ct_phy_read iswt rdfile tcp_server ct_phy_read_t3 key_manager reallocate test_lcd ct_phy_write keymgr reboot time ct_phy_write_t3 kma_stats registry timezone ct_reg_read kt restore toe ct_reg_read_t3 l2ping restore_backup traceroute ct_reg_write label result traceroute6 ct_reg_write_t3 labelmaint revert_to treecompare ct_reset_t3 led_off rlm ttcp ct_tpi_par led_off_all rm ucadmin ct_tpi_read led_on rmt udp_client ct_tpi_write led_on_all route udp_server cxgbtool led_on_off route_priv ups date led_reset_all routed uptime dbg led_test rpc_stats useradmin dcb led_test_one rshkill vdom dd license rshstat version debug lmgr_diag rsm vfiler df lock rtag vif disk log rtfo vlan disk_fw_update log_fio sasadmin vm_stat disk_list logger sasstat vmservices disk_stat logout savecore vol dns ls scsi vol_db download lun sectrace vscan du mailbox secureadmin vstorage dump man sesdiag vtic dumpblock maxfiles setflag waffinity_stats dumpstack mbstat setup wafl echo mem_scrub_stats sftp wafl_backdoor_stats ems mem_stats sh wafl_cmd_restrictions environ memerr shelfchk wafl_steal_stats environment mkfile show_faults wafl_susp exit mt showfh wafltop export_stats mv showfh4 wcc export_tbl_dump nbtstat signal wrfile exportfs ndmpcopy sis xttcp fcadmin ndmpd sldiag ypcat fcmon ndp slist ypgroup fcnic netdiag sm_mon ypmatch fcp netmpstat sm_mon_old ypwhich
Typing either “priv set” without specifying a privilege level, or “priv set admin” will take you back to the default admin privilege level.
mba-7m-1\*> priv set mba-7m-1>
Command Syntax and Help
You can see the syntax for a command by passing it the “-?” flag.
mba-7m-1> arp -? usage: arp [-n] arp [-n] -a arp -d arp -s [temp] [pub] arp -F
Even better, administrative-level commands have a full manual (man) page available explaining the operation of the command in detail:
mba-7m-1> man arp na_arp(1) na_arp(1) NAME na_arp - Address resolution display and control SYNOPSIS arp [-n] hostname arp [-n] -a arp -d hostname arp -s hostname ether_address [ temp ] [ pub ] DESCRIPTION The arp command displays and modifies the tables that the address resolution protocol uses to translate between Internet and Ethernet addresses. With no flags, arp displays the current ARP entry for hostname. The host may be specified by name or by number, using Internet dot notation. OPTIONS -a Displays all of the current ARP entries. -d Deletes an entry for the host called hostname. -n IP addresses are displayed instead of hostnames. -s Creates an ARP entry for the host called hostname with the Ethernet address ether_address. The Eth- ernet address is given as six hex bytes separated by colons. The entry not will be permanent if the words following -s includes the keyword temp. Tem- porary entries that consist of a complete Internet address and a matching Ethernet address are flushed from the arp table if they haven't been referenced in the past 20 minutes. A permanent entry is not flushed. If the words following -s include the keyword pub, the entry will be "published"; that is, this system will act as an ARP server, responding to requests for hostname even though the host address is not its own. HA CONSIDERATIONS In takeover mode, each node in an HA pair maintains its own ARP table. You can make changes to the ARP table on the live node, or you can make changes to the ARP table on the failed node using the arp command in partner mode. However, the changes you make in partner mode are lost after a giveback. VFILER CONSIDERATIONS When run from a vfiler context, (for example, via the vfiler run command), arp operates on the concerned vfiler. As currently all vfilers in an ipspace share an arp table, arp operates on the arp table of the concerned vfiler's ipspace. SEE ALSO na_ifconfig(1), na_partner(1), na_ipspace(1), na_vfiler(1), RFC1483. 6 June 1998 na_arp(1)
Command Completion
In Data ONTAP 7-mode, commands cannot be tab-completed in the shell, nor can they be abbreviated as with some other shells. Each command needs to be fully specified in order for it to be recognized.
Navigation and Editing
Command-line editing and navigation utilizes the standard keystrokes and combination previously discussed in CLI Efficiency: Common Basics
While you can navigate through your previously-entered commands using the up and down arrows, or Ctrl+n and Ctrl+p, there is no “history” command to simply display the contents of that history.
You can enter multiple commands on the same command line by separating each command with a semi-colon. The commands will then be executed in order of entry.
mba-7m-1> echo "help"; echo "I'm being held prisoner"; echo "in a terminal emulator" help I'm being held prisoner in a terminal emulator
Updated 20141130: Fixed formatting that had somehow gotten broken since original publication.
Data Center Digressions 