Really NetApp?!? You didn’t use your own SDK?

So, this post irked me. Not because of the poster or his post (honest Andy, if you ever read this, I have nothing against you or your post! I’m happy to see another VMware/NetApp blogger!), but because of the script he referenced and the problem encountered. He has a good solution, but the problem shouldn’t exist.

You see, I hate RSH. I don’t know why (well, it is quite insecure, and it can require some configuration), but I hate it. SSH is only marginally better in this case…sure it’s secure, but you have to auth each time, and if you don’t (ssh keys), well, it’s only a little better than RSH (comms are encrypted, but compromise of a single account can lead to bad things on many hosts). The script that is referenced, one that NetApp recommends that admins use to verify that their aggregates have enough free space to hold the metadata for the volumes in OnTAP 7.3 (the metadata gets moved from the volumes to the aggregate in 7.3), uses RSH to execute commands that are then parsed in a somewhat rudimentary way to get information.

Sure, it’s effective, but it’s far from graceful…especially when you have a perfectly good and effective SDK at your disposal.

I was kind of bored, so I decided to rewrite the script using the SDK. This is the end result. It reports the same data, but uses the SDK to gather all of the necessary information to make a determination for the user. The new script is significantly shorter (10KB vs 25KB, 380 lines vs 980), and it requires only one login.

Thanks to NetApp for providing their SDK, and I hope that no one over there minds me refactoring…

4 thoughts on “Really NetApp?!? You didn’t use your own SDK?”

  1. No offense taken: I’m with you on the frustration with NetApp’s apparent love of RSH – RSH drives me nuts. I thought the protocol should have been dead and buried a long time ago, but NetApp (and a few other companies, to be fair) keep cranking out the docs and tools relying on it.

  2. That’s ridiculous that NetApp would resort to using something as ancient & insecure as rsh. In the US Fed Govt environments that I work in we build new systems without those insecure commands/protocols (rsh, rcp, rlogin, telnet client & server, etc.) and are actively ripping them out of older servers (where possible/feasible). I’m not sure how or why we would go about trying to run anything rsh-based these days…

  3. @McG: It would seem this isn’t the only script either (was there any doubt?). I was introduced to a script today that checks to see if the two arrays in a cluster are configured identically. The script uses RSH to pull it’s data….

    Maybe I’ll get some time and can rewrite that script to use the SDK as well.

    Anyway, thanks for the feedback! Please let me know if there’s any scripts you have/know of that you think need to me migrated to the SDK and I’ll do what I can.

  4. Hi Andrew,

    Were you able to look at the Cluster Configuration Checker script (“…two arrays in a cluster are configured identically”).

    Excellent work with the other scripts.

    -Rich

Leave a Reply