Tag: LSI MSM

Categories
Knowledge Support Support Categories exacqVision Hardware

Removing MegaRAID Storage Manager(MSM)

Description

MegaRAID Storage Manager (MSM) has been found to have some exposure to CVE-2021-44228, the Apache Log4j remote code execution vulnerability, see statement from Broadcom Log4j2 Exposure (CVE-2021-44228).   It is possible that MSM was installed on your exacqVision NVR even though a RAID controller card is not present. If that is the case MSM can be uninstalled using the following instructions.

NOTE: If the NVR has a RAID controller card please see one of our Replacing MegaRAID Storage Manager (MSM) Knowledge Base Articles for other options.

Products

  • Windows 10 (x64)
  • Windows Server 2016 (x64)
  • Windows Server 2019 (x64
  • Ubuntu 16.04 LTS and Earlier
  • Ubuntu 18.04 LTS
  • Ubunutu 20.04 LTS

Uninstalling MSM on Windows

  • Press the Windows key on keyboard to open the Start menu
  • Locate and select MegaRAID Storage Manager
  • Expand and select Uninstall
  • Confirm that you want to remove MegaRAID Storage Manager
  • Right click on MegaRAID Manager icon on desktop and click “Delete”

Uninstalling MSM on Linux

  • Double-click the Terminal icon on the desktop
  • Elevate to root using sudo -i 
  • Remove the MSM package using dpkg -r 
  • Ensure that the dpkg command completes with no errors.
  • Close the Terminal window
Example of removing MSM on Linux

Categories
Knowledge Support Support Categories exacqVision Hardware

MegaRAID Definitions and Drive States

Description 

Common definitions and drive states used in relation to MegaRAID RAID Controllers.

Product 

  • MegaRAID Storage Manager
  • LSI Storage Authority

Virtual Drive

A virtual drive is a partition in a drive group that is made up of contiguous data segments on the drives. A virtual drive can consist of these components:

  • An entire drive group
  • A part of a drive group
  • A combination of any two of these conditions

Drive Group

A drive group is a group of physical drives. These drives are managed in partitions known as virtual drives. You can create one or more virtual drives on a group of drives attached to a controller card. However, this is based on the support of sliced VD and RAID level of the controller.

Virtual Drive States

A virtual drive property indicating the condition of the virtual drive. A virtual drive can be in any one of the following states

Optimal

A virtual drive whose members are all online. In the output of the StorCLI commands, Optimal is displayed as optl.

Degraded 

A virtual drive with a redundant RAID level with one or more member failures and can no longer sustain a subsequent drive failure.  In the output of the StorCLI commands, Degraded is displayed as dgrd.

Partially Degraded 

A virtual drive with a redundant RAID level that is capable of sustaining more than one member drive failure. This state also applies to the virtual drive’s member drives.Currently, a RAID 6 or RAID 60 virtual drive is the only virtual drive that can be partially degraded.In the output of the StorCLI commands, Partially Degraded is displayed as Pdgd.

Failed 

The virtual drive has failed.

Foreign

A foreign configuration is a RAID configuration that already exists on a replacement set of drives that you install in a computer system. WebBIOS Configuration Utility and the MegaRAID Storage Manager software allows you to import the existing configuration to the RAID controller or clear the configuration so you can create a new one.

Offline

The virtual drive is not available to the RAID controller, one or more member failures making the data inaccessible. In the output of the StorCLI commands, Offline is displayed as OfLn.

Physical Drive States

A physical drive can be in any one of the following states:

Unconfigured Good

A drive accessible to the RAID controller but not configured as a part of a virtual drive or as a hot spare.In the output of the StorCLI commands, Unconfigured Good is displayed as UGood.

Hot Spare

A drive that is configured as a hot spare.

Online

A drive that can be accessed by the RAID controller and will be part of the virtual drive.In the output of the StorCLI commands, Online is displayed as onln.

Rebuild

A drive to which data is being written to restore full redundancy for a virtual drive.

Failed

A drive that was originally configured as Online or Hot Spare, but on which the firmware detects an unrecoverable error.

Unconfigured Bad

A drive on which the firmware detects an unrecoverable error; the drive was Unconfigured Good or the drive could not be initialized.In the output of the StorCLI commands, Unconfigured Bad is displayed as UBad.
Note:   If an improperly removed device is reconnected to the RAID controller it will be recognized as UBAD (Unconfigured Bad). It can be incorprated back into the the Virtual Drive  by setting to UGOOD 

Missing

A drive that was Online, but which has been removed from its location.In the output of the StorCLI commands, Missing is displayed as Msng.

Offline

A drive that is part of a virtual drive but which has invalid data as far as the RAID configuration is concerned. In the output of the StorCLI commands, Offline is displayed as offln.

None

A drive with an unsupported flag set. An Unconfigured Good or Offline drive that has completed the prepare for removal operation.

Definitions

RAID

Redundant Array of Independent Disks is a group of multiple, independent drives that provide high performance by increasing the number of drives used for saving and accessing data. A RAID drive group improves input/output (I/O) performance and data availability. The group of drives appears to the host system as a single storage unit or as multiple virtual drives. Data throughput improves because several drives can be accessed simultaneously. RAID configurations also improve data storage availability and fault tolerance. Redundant RAID levels (RAID levels 1, 5, 6, 10, 50, and 60) provide data protection.

Selecting a RAID Level

To make sure of the best performance, you must choose the optimal RAID level when you create a system drive. The optimal RAID level for your drive group depends on a number of factors:

  • The number of drives in the drive group
  • The capacity of the drives in the drive group
  • The need for data redundancy
  • The disk performance required

RAID 5 

Uses data striping and parity data across three or more drives (distributed parity) to provide high data throughput and data redundancy, especially for applications that require random access. RAID 5 can survive the failure of one drive. If 2 or more drives fail then a total delete and rebuild is required.

RAID 6 

Uses data striping and parity data across three or more drives (distributed parity) to provide high data throughput and data redundancy, especially for applications that require random access. RAID 6 can survive the failure of two drives. If 3 or more drives fail then a total delete and rebuild is required.

Maximizing Fault Tolerance

Fault tolerance is achieved through the ability to perform automatic and transparent rebuilds using hot spare drives and hot swaps. A hot spare drive is an unused online available drive that the RAID controller instantly plugs into thesystem when an active drive fails. After the hot spare is automatically moved into the RAID drive group, the failed drive is automatically rebuilt on the spare drive. The RAID drive group continues to handle requests while the Rebuildoperation occurs.A hot swap is the manual substitution of a replacement unit in a disk subsystem for a defective one, where the substitution can be performed while the subsystem is running hot swap drives. An Auto-Rebuild feature in the WebBIOS Configuration Utility allows a failed drive to be replaced and automatically rebuilt by “hot-swapping” the drive in the same drive bay. The RAID drive group continues to handle requests while the Rebuild operation occurs, which provides a high degree of fault tolerance and zero downtime.

Hot spare 

A standby drive that can automatically replace a failed drive in a virtual drive and prevent data from being lost. A hot spare can be dedicated to a single redundant drive group or it can be part of the global hot spare pool for all drive groups controlled by the controller. When a drive fails, MegaRAID Storage Manager or LSI Storage Authority software automatically uses a hot spare to replace it and then rebuilds the data from the failed drive to the hot spare. Hot spares can be used in RAID 1, 5, 6, 10, 50, and 60 storage configurations.A hot swap manually replaces a defective drive unit when the computer is still running. When a new drive is installed, a rebuild occurs automatically if these situations occur:

  • The newly inserted drive is the same capacity as or larger than the failed drive.
  • The newly inserted drive is placed in the same drive bay as the failed drive it is replacing.

You can configure the controller to detect the new drives and automatically rebuild the contents of the drive.

Consistency Check

An operation that verifies that all stripes in a virtual drive with a redundant RAID level are consistent and that automatically fixes any errors. For RAID 1 drive groups, this operation verifies correct mirrored data for each stripe

Fast Initialization

The firmware quickly writes zeros to the first and last 8-MB regions of the new virtual drive, and then completes the initialization in the background or with next scheduled Consistency Check. This allows you to start writing data to the virtual drive immediately.

Fault Tolerance

The capability of the drive subsystem to undergo a single drive failure per drive group without compromising data integrity and processing capability. SAS RAID controllers provide fault tolerance through redundant drive groups in RAID levels 1, 5, 6, 10, 50, and 60. They also  support hot spare drives and the auto-rebuild feature.

Foreign Configuration

A RAID configuration that already exists on a replacement set of drives that you install in a computer system. MegaRAID Storage Manager software lets you import the existing configuration to the RAID controller, or you can clear the configuration so you can create a new one.

Initialization

The process of writing zeros to the data fields of a virtual drive and, in fault-tolerant RAID levels,  generating the corresponding parity to put the virtual drive in a Ready state. Initialization erases all previous data on the drives. Drive groups will work without initializing, but they can fail a consistency check because the parity fields have not been generated

IO policy

A virtual drive property indicating whether Cached I/O or Direct I/O is being used. In Cached I/O mode, all read operations are buffered in cache memory. In Direct I/O mode, read operations are not buffered in cache memory. Data is transferred to cache and the host concurrently. If the same data block is read again, it comes from cache memory. (The IO Policy applies to read operations on a specific virtual drive. It does not affect the read-ahead cache.)

Learning Cycle

An energy pack calibration operation performed by a RAID controller periodically to determine the condition of the energy pack. You can start energy pack learn cycles manually  or automatically

Patrol Read

A process that checks the drives in a storage configuration for drive errors that could lead to drive failure and lost data. The Patrol Read operation can find and sometimes fix any potential problem with drives before host access. This enhances overall system performance because error recovery during a normal I/O operation might not be necessary.

Read Policy

A controller attribute indicating the current Read Policy mode. In Always Read Ahead mode, the controller reads sequentially ahead of the requested data and stores the additional data in cache memory, anticipating that the data will be needed soon. This speeds up read operations for sequential data, but you will see little improvement when accessing random data. In No Read Ahead mode (known as Normal mode in WebBIOS), read ahead capability is disabled.

Rebuild

The regeneration of all data to a replacement drive in a redundant virtual drive after a drive failure. A drive rebuild normally occurs without interrupting normal operations on the affected virtual drive, though some degradation of performance of the drive subsystem can occur.

Strip Size

The portion of a stripe that resides on a single drive in the drive group.

Temperature

Temperature of the energy pack, measured in Celsius

Write-Back

In Write-Back Caching mode, the controller sends a data transfer completion signal to the host when the controller cache has received all of the data in a drive write transaction. Data is written to the drive subsystem in accordance with policies set up by the controller. These policies include the amount of dirty/clean cache lines, the number of cache lines available, and elapsed time from the last cache flush.

Categories
Knowledge Support Support Categories exacqVision Hardware Uncategorized

Replacing MegaRAID Storage Manager (MSM) With LSI Storage Authority (LSA) – Linux

Title

Replacing MegaRAID Storage Manager (MSM) With LSI Storage Authority (LSA) – Linux

Description

MSM has been found to have some exposure to CVE-2021-44228, the Apache Log4j remote code execution vulnerability, see statement from Broadcom Log4j2 Exposure (CVE-2021-44228).   As a result you may be able to replace MSM with LSA on a Windows machine using the following instructions.

Product

  • MegaRAID 92xx Series RAID Controllers
  • MegaRAID 93xx Series RAID Controllers
  • Ubuntu 16.04 LTS and Earlier
  • Ubuntu 18.04 LTS
  • Ubunutu 20.04 LTS

Prerequisites 

First determine which version of Ubuntu the NVR is currently running using Knowledge Base Article #9996 “How to Identify the Current Linux OS Version”

Next identify the RAID controller model using Knowledge Base Article #7244 “How to Identify the MegaRAID Controller Model on an exacqVision Server”

Ubuntu 16.04 LTS or earlier Operating Systems

Broadcom has not provided an LSA version for 16.04 LTS or older versions of Ubuntu.

  • If possible, Re-image using Ubuntu 18.04 or 20.04 LTS
  • See exacqVision Field Recovery Instructions to see if your system meets the criteria for an update. 
  • If re-image is not possible then use the first option listed in the 92xx series RAID Controllers section below. 

92xx series RAID Controllers

Machines with 92xx series RAID controllers have the following options.

  • Uninstall MSM
    • Manage the array using the BIOS available on boot
    • Manage the array using storcli
  • Update MSM
    • Software, instructions, and support for your particular controller card are provided by the card Manufacturer, Broadcom
    • Information is available at https://www.broadcom.com/support/download-search (Legacy Products > Legacy RAID Controllers)

93xx series RAID Controllers

For Machines with 93xx series RAID controllers MSM can be  replaced with LSA using the following instructions.

Objectives

  • Uninstall MSM
  • Install LSA
  • Update Desktop Icon
  • Configure/ Restart LSA
  • Verify LSA can be accessed and login is working
  • Verify Storage information in exacqVision client is correct and video is being recorded

Uninstalling MSM

  • Double-click the Terminal icon on the desktop
  • Elevate to root using sudo -i 
  • Remove the MSM package using dpkg -r 
  • Ensure that the dpkg command completes with no errors.
  • Close the Terminal window
Example removing MSM


Install LSI Storage Authority (LSA)

  • Download and save LSA from https://docs.broadcom.com/docs/007.020.014.000_LSA_Linux-x64.zip
  • The LSI website will require reading a download agreement, (scrolling down to the bottom of the agreement), clicking an acknowledgement checkbox, then clicking the “I Agree” button
  • Once downloaded,  close Firefox
  • On the desktop double-click the Computer icon.
  • Select Downloads, locate and right-click on the LSA zip file and select extract here
  • Right-click the newly created x64 folder and select Open as Administrator
  • A caution window may appear, click OK to continue
  • Enter the Administrator Password and click Authenticate
  • Click File menu and Select Open in Terminal
  • In the terminal window type ./install_deb.sh and press Enter
  • The License agreement (EULA) will be displayed
  • Type Y to accept the License Agreement then press Enter
  • Type 1 to choose “Since last shutdown” and press Enter
  • Type to choose “Standalone” and press Enter
  • Type 2463 for Web Server port and press Enter
  • Type 9000 for LSA Port and press Enter
  • Type Y and press Enter to install openslp
  • When you see “LSA installation successful” the install is complete
  • Close the Terminal window

Edit the Desktop Icon 

  • Right-click on the MSM desktop icon and select properties 
  • Change these fields to the following:
    • Name: LSA
    • Command: /opt/lsi/LSIStorageAuthority/startupLSAUI.sh
    • Comment: LSI Storage Authority
  • Click Close

Modify LSA.conf 

  • Double-click the Computer icon on the desktop to open a new file explorer.
  • Select File System
  • Navigate to /opt/lsi/LSIStorageAuthority/conf
  • Click the File menu and select Open as Administrator
  • Enter the Administrator Password and click Authenticate
  • In the explorer windows labeled conf (as superuser)  double-click on LSA.conf to open it for editing
  • Line 189 should read “full_access_groups = root”
  • Append “, adm” to this line so it now reads “full_access_groups = root, adm”
  • Click Save and close the file

Restart LSA Service

  • Double-click the Terminal icon on the desktop
  • Type sudo service LsiSASH restart
  • Wait for the command to complete, it will take 20-30 seconds
  • Close the Terminal Window 
Example restarting LSA Service

Verify desktop icon

  • Double-click the LSA desktop icon to launch LSA in the browser
  • Log in to LSA using Administrator credentials.

Verify Storage

  • Open the exacqVision Client 
  • Navigate to the Hardware tab on the Storage page (Configuration > YOURSERVER > Storage > Hardware tab)
  • Select Tree and verify the RAID Controller, the Unit (Virtual Drive) and the Ports (Physical Drives) are present. 
  • If possible verify video is being recorded and can be played back by searching to using exacqReplay
Categories
Knowledge Support Support exacqVision Server exacqVision Hardware

Replacing MegaRAID Storage Manager (MSM) With LSI Storage Authority (LSA) – Windows

Title

Replacing MegaRAID Storage Manager (MSM) With LSI Storage Authority (LSA) – Windows

Description 

MSM has been found to have some exposure to CVE-2021-44228, the Apache Log4j remote code execution vulnerability, see statement from Broadcom Log4j2 Exposure (CVE-2021-44228).   As a result you may be able to replace MSM with LSA using the following instructions.  

Product 

  • MegaRAID 92xx Series RAID Controllers
  • MegaRAID 93xx Series RAID Controllers
  • Windows 10 (x64)
  • Windows Server 2016 (x64)
  • Windows Server 2019 (x64

Solution

Identify the controller using Knowledge Base Article #7244 “How to Identify the MegaRAID Controller Model on an exacqVision Server”

92xx series RAID Controllers 
Machines with 92xx series RAID controllers have the following options.

  • Uninstall MSM 
    • Manage the array using the BIOS available on boot
    • Manage the array using storcli
  • Update MSM 

93xx series RAID Controllers
For Machines with 93xx series RAID controllers MSM should be replaced with LSA.

Objectives

  • Uninstall MSM
  • Install LSA (See KB #7255 “LSI Storage Authority (LSA) Installation Screenshots – Windows”)
  • Copy storcli.exe and storcli64.exe
  • Restart exacqVision server
  • Verify LSA can be accessed and login is working
  • Verify Storage information in exacqVision client is correct

Uninstalling MSM

  • Press the Windows key on keyboard to open the Start menu
  • Locate and select MegaRAID Storage Manager
  • Expand and select Uninstall
  • Confirm that you want to remove MegaRAID Storage Manager
  • Right click on MegaRAID Manager icon on desktop and click “Delete”

Install LSI Storage Authority (LSA)

  • Download LSA from https://docs.broadcom.com/docs/007.019.006.000_LSA_Windows.zip
  • LSI website will require reading a download agreement, (scrolling down to the bottom of the agreement), clicking an acknowledgement checkbox, then click “I Agree” button
  • Once downloaded, unzip the file and open the resulting folder
  • You may see another zipped file. If so unzip that and open the resulting folder
  • Double click the setup.exe to begin the install process.
  • You will see a request to install OpenSLP, click Next
  • Check or tick “I accept the terms of the license agreement” and click Next
  • Choose Typical installation button
  • Click Install
  • Click Finish
  • At this time you may be prompted to install one or two other VC++ Redistributables. Click Next, OK, or Install if so
  • The InstallShield Wizard for LSI Storage Authority will appear. Click Next
  • Select “I accept the terms of the license agreement” and click Next
  • Customer Information, leave as default (Windows User and blank), click Next
  • Destination Folder, leave default and click Next
  • Select Standalone, click Next
  • Port configuration, leave default values of 2463 and 9000 for Webserver and LSA Server respectively. Click Next
  • Congifure Range of Events to Generate Alert Notifications, tick Since Last Shutdown
  • Ready to Install, click Install
  • When InstallShield Wizard is complete, click Finish
  • LSA is now installed

Copy storcli.exe and storcli64.exe

  • From either C:\exacqSoftware\storcli\ or C:\exacqscripts\storcli\
  • To: C:\Program Files (x86)\MegaRAID Storage Manager\

Restart the exacqVision Server Service 

  • Press Windows Key+R, type services.msc in the run box and press enter 
  • Find exacqVision Server and select restart 

Verify LSA Access

  • Double click the Launch LSA Icon on the desktop 
  • Enter username and password  Note: Windows credentials should be used and select Sign In
  • You should now be on the LSI Storage Authority landing page 

Verify Storage information in the exacqVision Client 

  • Open exacqVision Client
  • Navigate to Storage (Configuration > YOUR SERVER > Storage 
  • Check Drive Configuration under the Drive Tab
  • Check the Storage Hardware under the Hardware Tab

Categories
Knowledge Support Support exacqVision Server Categories Products

Removing Unused LSI MegaRAID Storage Management Software on Ubuntu Linux to Eliminate Open Port 3071 Vulnerability

Symptom:

Vulnerability scans may detect and indicate that port 3071 is Open/Listening because of the installed LSI MegaRAID Storage Management software (LSI MSM) on an Ubuntu Linux server that does not have hardware support for RAID configuration. IF IT IS NOT BEING USED, the software may be removed to eliminate this vulnerability.

The following Ubuntu Linux commands may be used to confirm this condition.

admin@ER1234567890:~$sudo netstat –lntup

Display excerpt…

Active Internet connections (only servers)
Proto Recv-Q      Send-Q      Local Address     Foreign Address   State PID/Program name
Tcp   0     0     0.0.0.0:3071      0.0.0.0:*         LISTEN      1311/java
Udp   0     0     0.0.0.0:3071      0.0.0.0:*               1595/java

OR

admin@ER1234567890:~$ sudo lsof -i -P -n

Display excerpt…

COMMAND     PID   USER   FD   TYPE  DEVICE SIZE/OFF NODE NAME
java       1595   root   20u  IPv4   11857      0t0  UDP *:3071
java       1595   root   24u  IPv4   12538      0t0  TCP *:3071 (LISTEN)

Requirement(s):

Physical or remote access to the exacqVision Server with a “full admin” role.

Resolution:

NOTE: For the purposes of the following instructions. Left-click is defined as and will be used to “select an item” and Right-click is defined as and used to “display additional options that apply to the item.” This is typical of a mouse configured for a “right-handed” operator.

Figure 1. The Ubuntu exacqVision Desktop displays the LSI MSM icon.

A variant of the previously mentioned netstat terminal command provides a concise way to check.

admin@ER1234567890:~$ sudo netstat –lntup | grep –i 3701

  • Left-click on “Applications” on the top menu of the Desktop.
  • Left-click on “System Tools” from the dropdown menu.
  • Left-click on “Terminal” from the following menu.

Figure 2. Using Terminal to check for port 3071 in LISTEN mode.

Figure 3. Steps 1-3.

  1. Left-click on “Applications” on the top menu of the Desktop.
  2. Left-click on “System Tools” from the dropdown menu.
  3. Left-click on “Smart Package Manager” from the following menu.

Figure 4. Steps 4-6.

  1. Left-click in the search box (with the magnifying glass) and type “megaraid” and the “Package list” should be reduced to just the “megaraid-storage-manager.”
  2. Left-click on the “megaraid-storage-manager” line item
  3. Left-click on the “Remove” selection.

Figure 5. Steps 7-10.

  1. Left-click on “File” from the pull-down menu.
  2. Left-click on the “Execute Changes…” from the following menu.
  3. Left-click on the “OK” button.
  4. Wait for the “Operation Progress” popup window to appear and indicate “100%”.  Close the “Smart Package Manager.

Figure 6. Use Terminal to verify the port is no longer open.

admin@ER1234567890:~$ sudo netstat –lntup | grep –i 3701

A blank reply means that it is no longer active.

Figure 7. Steps 11 & 12.

  1. Right-click on “LSI MSM” icon on the Desktop.
  2. Left-click on “Delete” from the popup window.
  3. Done.