﻿This release note and the software that accompanies it are (c)Copyright 2021
Broadcom Inc or its suppliers, and may only be installed and used in accordance
with the license that accompanies the software. All rights reserved.

This Software is furnished under license and may only be used or copied in accordance with
the terms of that license. No license, express or implied, by estoppel or otherwise,
to any intellectual property rights is granted by this document. The Software is subject
to change without notice, and should not be construed as a commitment by Broadcom Inc
or its suppliers to market, license, sell or support any product or technology.
Unless otherwise provided for in the license under which this Software is provided,
the Software is provided AS IS, with no warranties of any kind, express or implied.
Except as expressly permitted by the Software license, None of its suppliers assumes any
responsibility or liability for any errors or inaccuracies that may appear herein.
Except as expressly permitted by the Software license, no part of the Software maybe
reproduced, stored in a retrieval system, transmitted in any form, or distributed by any
means without the express written consent of Broadcom Inc.

=====================
Supported Controllers
=====================
Broadcom 3916 SAS3/PCIe4 Tri-mode RAID on Chip, 9540 Aero based iMR, SAS 3516 Ventura based MegaRAID and iMR, SAS 3108 (Invader) based MegaRAID and iMR, SAS 3008 (Fury) based HBAs,
Wellsburg & Lewisburg SATA chipset based Software RAID

===================
Package Information
===================
LSA version = 007.019.006.000
OS supported =  RHEL 7.7, RHEL 7.8, RHEL 7.9, RHEL 8.1, RHEL 8.2, RHEL 8.3, RHEL 8.4, SLES 12 SP3, SLES 12 SP4, SLES 12 SP5, SLES 15 SP1, SLES 15 SP2, SLES 15 SP3, Ubuntu 18.04 LTS, Ubuntu 18.04.5, ESXi 6.7 U1/U2/U3, ESXi 7.0, ESXi 7.0 U1.
Browsers = IE9 or later, Firefox9 or later, Chrome16 or later and Edge
Language(s) supported = English

This package is intended only for x64 system (or) Platform.

=========================
Pre-Requisites
=========================

1. Prior to the installation of LSA, we need to install OpenSLPv2.0.0 which is a Pre-Requisite. So please install it from the below location and install LSA

http://www.openslp.org/download.html

   If OpenSLP is not installed, internally packaged OpenSLP binaries shall be installed in alternate location during LSA installation.
   User also has an option to continue with the LSA installation after proceeding with the installation of OpenSLP from the OS installation sources.

2. For VMware ESXi 5.x, and 6.x to work with LSA, depending on your VMware ESXi environment, ensure the latest SMI-S Provider is being installed.
	To deploy the MegaRAID SMI-S provider on an ESXi machine by using the VIB file provided by Broadcom, copy the VIB file or the offline-bundle.zip file to the ESXi machine.
	Use the esxcli file to load the MegaRAID SMI-S provider, and run the following command:
	ESXi# esxcli software vib install -v <local_file_path or file:///URL> --force
	NOTE:  A reboot is required after installing the SMI-S provider on the VMware ESXi environment.

3. Steps to configure the ESXi server
   a) Ensure that the third-party application services like "slpd and sfcbd-watchdog services are up and running on ESXi
                  server".(/etc/init.d/slpd status & /etc/init.d/sfcbd-watchdog status).
   b) Ensure that the port 2463 is not blocked by firewall
   c) sfcb time-out socket error in CIMOM server results in AEN blocked by sfcb-cimom and may lead to duplicate entries in client with incorrect event description.
      To get rid of this, user is required to restart sfcb service in VMware ESXi.
      Command to restart : - esxcli system wbem set -e 0
						   - esxcli system wbem set -e 1
      The same has been raised against VMware. Refer to the link further details[https://www.vmdev.net/tracker/tracking/linkid/prpl1235/remcurreport/true/template/ViewIssue.vm?id=LSDM89&readonly=true]
   d) Multi-subnet Configuration : When gateway is part of multiple subnet and discovered Vmware is part of one of these subnets then it is the responsibility of the user to configure both LSA Gateway and VMware under same subnet
     (or) workaround this with adding irrelevant subnet IP address to LSA configuration file (conf\LSA.conf -> private_ip_range=*) to avoid registering the wrong IP to VMWare.
   e) CURL error in CIMOM server results in AEN blocked by CIMOM server to upper layer(CIMProvider-->LSA). This can happen if servers are in different subnet or if there is any incorrect/incomplete AEN subscriptions.
      To get rid of this, user is required to have both client and server in same subnet.
      Any incomplete AEN subscriptions needs to be removed via CIMClient
	  Below are the sample set of commands from VMware to list and remove incomplete subscriptions
                host-ind options
                                - host-ind –s
                                - host-ind -d -k "<handler name>" 
                Indcfg options
                                - indcfg -l
                                - indcfg -c            
      Command and Options  would differ in various versions of ESXi, For additional information related to the ESXi Commands, please refer to the VMware website documentation
      Either restart of sfcb service or reboot the server is recommended after any change in VMware server.
	  Command to restart:
			- esxcli system wbem set -e 0
			- esxcli system wbem set -e 1
   f) To Manage VMware ESXi from RHEL 7.x user has to execute below commands before installation of LSA Gateway.
       1) service ebtables restart
       2) service iptables stop
     

4. Soft links in Linux 64 bit: For RHEL/SLES on 64-bit platform(s), it is necessary to create the below soft links if openslp is not installed in "/usr/lib64/" or "/user/lib/" directory, before installing LSIStorageAuthority (LSA) 64-bit package.
    "ln -sf /usr/local/lib/libslp.so.1.0.0 /opt/lsi/LSIStorageAuthority/bin/libslp.so.1" or
    "ln -sf /usr/local/lib64/libslp.so.1.0.0 /opt/lsi/LSIStorageAuthority/bin/libslp.so.1"
    This is not necessary if internally packaged OpenSLP binaries is installed in alternate location during LSA installation.

5. An Instance of OpenSLP Was Already Installed, but LSA Is Unable to Display All the Registered Servers from the Remote Discovery page
   Restart the SLPD Services and LSA Service if LSA does not discover the servers from the Remote Discovery page
   a) For stopping the slpd use the command : killall slpd or /etc/init.d/slpd stop or systemctl stop slpd.service
   b) For starting the slpd use the command /etc/init.d/LsiSASH restart, where along with LSA service the slpd is also started.
   c) If the slpd is already installed as part of the OS package then use the command: /etc/init.d/slpd start or systemctl start slpd.service.

6. From RHEL 8+ the Desktop ICON Launching property is disabled by default. 
   User(s) needs to use either yum or DNF to install gnome-tweak-tool and enable the Desktop Shortcut feature to launch LSA.

7. From SLES 15+ the Desktop ICON Launching property is disabled by default. 
   User(s) needs to enable 'Desktop icons' using GNOME Tweaks. Then Desktop shortcuts will appear on the desktop. Right-click on the desktop icon and choose "Allow launching" and it will be executable.

=========================
Open Source Usage
=========================
Here is the list of Open Source types that has been used in LSA.
Boost v1.0 , MIT, Open Market FastCGI, zlib , BSD, The dual OpenSSL and SSLeay, Apache v2.0
 
Further details can be found using the link: <IP_ADDRESS:Web Server Port/files/credits.html>

=========================
Known Restrictions/Issues
=========================
1. On some SLES setups, due to delay in DHCP IP assignment, SLP service cannot be started due to which LSA discovery shall fail on remote machines. Users may have to restart LSA services on remote system using command '/etc/init.d/LsiSASH restart' to overcome this issue. For SLES 12, there is a known issue (refer https://bugzilla.suse.com/show_bug.cgi?id=951225 for more details).
2. Default browser on RHEL crashes when upgrade/downgrade firmware using LSA
	To work around you can disable or configure SELinux. Refer the link to disable SELinux on RHEL. "https://access.redhat.com/solutions/3176"
3. For SLES15 and above platforms, one of the dependent rpms - 'insserv-compat' is required during installation/uninstallation. This is needed because LSA startup script is based on SysV/init script
    and insserv adds as a bridge between SysV/init script and systemctl.
4. LSA when launched with Linux Native Mozilla Firefox and kept idle for more than half an hour, LSA will become slow.
   Root Cause: Mozilla is sending multiple long poll calls on page refresh or moving across server landing and control console page.
   Similar bugs has been Raised with bugzilla, please find below the reference links
   https://bugzilla.mozilla.org/show_bug.cgi?id=1126689, https://bugzilla.mozilla.org/show_bug.cgi?id=1522781
   Work Around: Logout, Close the browser and relaunch the LSA.
5. When only IPv6 NIC is enabled (No IPv4), OpenSLP registration is failing for LSA with error code "-23" due to a bug in OpenSLP.
   Due to which LSA is not able to display the IPv6 address, instead of it will be showing the loop-back address (127.0.0.1).
   So please ensure we have at-least one IPv4 NIC is active so avoid the confusion related to the IP Address.
6. It is possible to get a time-out from server. This time-out error is generated at the back-end if resource providing the content takes more time.
	eg: Firmware flash, enclosure(s) insertion with more Foreign (or) UBAD (or) combination of Foreign and UBAD drives, 
	 Clear Configuration/Any operation- User(s) may see a time-out error (404 or 504) with large configuration.
	 This is due to an issue in underlying layer, and CLI can be used to overcome this user(s) need to follow below 
	 a.	Change the nginx fastcgi_read_timeout variable in <LSA_HOME>\server/conf/nginx.conf to "300"seconds. This value varies based on the configuration.
	 b.	Change the "listening_port_backlog" value in <LSA_HOME>\conf\LSA.conf to 2400
	 c.	Refresh the LSA page manually after waiting adequate time.
7. Recommendation is to clear the browser history every time user upgrades/downgrades or installs the software or when user modifies the default settings in any conf file
8. LSA displays connector and enclosure position as "-" in PD related events, in the case of corresponding element is removed from the FW stack
9. New Property/Operation/Terminology/Events (mismatch) related to Personality/TFM Management: The PR:SCGCQ01816544/SCGCQ01816546 in place to handle in the future releases.
	a)LSA may not provide newly added  properties/operation(s) compared with other Apps which results the terminology/operation/events mismatch.
	b)New Events: LSA will not be handling any events and associated health changes  will not be reflected.
10. When heavy IOs are active, it is recommended NOT to perform "Download Server Report" as this may get delayed.
11. Due to lower layer behavior, all EPD related events follows the FW event description and cannot be localized.
12. LSA is limited to display the history of persistent events only for IR/IT Controller.
13. Once the drive gets removed from the stack, there is no data available corresponding to the drive in FW. In this case LSA displays the connector name as empty for drive removal event and the subsequent events.
14. Download Server Report option will be provided only for "Full Access" User(s) only.
15. If the VMware system is being managed from Windows/Linux Gateway(s), it is expected to download support logs from Gateway through which VMware LSA logged in as admin to contain the LSA logs of Gateway. 
	This applies to both Gateway Auto discovered and Manually added VMware server(s).
16 HttpOnly flag won't be set for server ID cookie as it set from client(GWT) which wont support this link below for reference.as we are already blocking execution of external script execution by setting Content-Security-Policy.
http://researchhubs.com/post/computing/javascript/set-a-cookie-to-httponly-via-javascript.html
17. Sorting may not work in the span tab when a missing drive present in that span.
18. Supported Lane Speed values are "Unknown, 2.5GT/s, 5GT/s, 8GT/s & 16GT/s". But OLH/User Guide shows supported Lane Speed values as "Unknown, 2.5GT/s, 5GT/s, 8GT/s" under the Managing PCIe Storage Interface section.
19. FW Allows to flash  Cascade16i FW file to this 440-16e controller , Hence Please make sure to cross check the FW file before flashing on the particular controller"
20. There is a communication failure between LSA server to few SMTP port with TLS communication - STARTTLS, which gives test and email notification failure.
21. Due to unintended changes brought in by the compiler Flags, repository shared object file is compiled with partial RELRO.
22.It is mandatory to verify all the "Mail Server" and "Email" tab's fields are correctly populated / entered, before triggering "Test Configuration" and "Save Settings".
Note: Password field would not be populated in GUI
==============================================
Known Restrictions/Issues Specific To VMware
==============================================
1. In any case if the VMWare server/machine goes down, user(s) needs to stop/start the LSAService of Gateway from where the VMWare server needs/was discovered.
2. Due to issues with VMware user cannot flash IT/IR firmware via LSA.
    Below case has been raised in VMware:
      Project: priv-lsi-dme_TR
      Case Number: 00035498
      Summary: On ESXi6.0 OS, Failed to read header on stream error
      https://dcpn.force.com/apex/TechnicalRequestCaseRedesignPartner?Id=500i000000VYjxaAAD
	Below the workaround suggested by VMware for IT/IR firmware flash to work:
	a) Edit /etc/sfcb/sfcb.cfg
	b) Add httpMaxContentLength: 4194304
	c) Restart service /etc/init.d/sfcbd-watchdog restart
	d) Now try to flash Firmware
3. VMware Platform only - when there is any continuous issue of slowness or sfcb not responding please try the below steps from VMware as a workaround
	To increase the memory limit for the HHRC:
	..* Edit /etc/sfcb/sfcb.cfg
	..* Into the file insert: provMemOveride: hhrc=100
	..* Reboot the system.
	..* Verify that the change has been made properly: memstats -r group-stats -u mb -s name:min:max:memsize:memsizepeak | grep -E "hhrc|memSizePeak|--"
4. VMWare Platform only - Server may take a few minute(s) to populate cache during first login. User will see delay in login response.
5. ESXi (Until ESXi6.5) contains a provider class VMware_UserAuthorizationService which provides single method called CheckPermission() to get the permission particular user has. This could be read, readwrite or view
	From ESXi 6.7 onwards VMWare has deprecated this service and VMware_UserAuthorizationService class is not available
	Impact : LSA doesn’t have a known method to check user permission on ESXi 6.7 and this will impact LSA Login
	Workaround : LSA shall avoid making the check for user permission and consider user has read-write permission
6. VD information didn't refresh under LSA web when create or delete VD in LSA
	DCPN: 00079967 (ESXi 6.7 U3)
	DCPN :00080762 (ESXi 7.0 U2)
	Summary : CIM suscription is not listed
	Description: LSA application creates Subscription on ESXi setup to get indications. but we are seeing in servers where ESXi 6.7U3/ ESXi 7.0U2 is installed these indications are not delivered to client applications (LSA)
	Workaround: Restart the Services of LSA to get the updated data

=======================
Contents of the package
=======================
   LSA_Linux.zip
	x64 -- Contains files for 64bit platforms

=========================
Installation Instructions
=========================
See Detailed installation instructions below:

1. Log in to the system as root or as a user with root privileges.
  Depending on the operating system and security settings, it may be necessary to
  install LSA using root rights. This may require that, log in as root and run the installer,
  or open a command prompt as root and run the installer via the command line,

2. LSA supports both interactive and non-interactive modes of installation.
	a. Interactive mode installation steps:
		1. Execute the command "./install.sh" from the installation disk.
		   For Ubuntu execute the command "./install_deb.sh" from the installation disk.
		2. License Agreement : enter y to continue, n to exit.
		3. Type of installation:
								1- for Gateway
								2- for StandAlone
								3- for DirectAgent
								4- for Light Weight Monitor(LWM).
		4. Enter Nginx Server port [1-65535] default port is 2463
		5. Enter LSA port [1-65535] default port is 9009

	b.Non-interactive or silent mode installation steps:
		1. Execute command "./install.sh [-options] [nginx_port] [LSA_port] [Alert_Notification]" from the installation disk.
		   For Ubuntu use "install_deb.sh" instead of "install.sh".
		2. The options are:
			-g for Gateway
			-s for StandAlone
			-d for DirectAgent
			-l for Light Weight Monitor(LWM)
		3. nginx_port and LSA_port must be in range [1-65535] and must be different.
		4.  Alert_Notification options:
			1=Since Last Shutdown
			2=Since Last Clear
			3=Since Last Reboot
			4=Since Newest
			if nginx_port, LSA_port and Alert_Notification is not specified in the command line the default values (Nginx default port 2463, LSA default port 9009 and Alert Notification value 1) will be used.

	c. Interactive upgrade instructions:
		1. Execute the command "./install.sh" from the installation disk.
		   For Ubuntu execute the command "./install_deb.sh" from the installation disk.
		2. License Agreement : enter y to continue, n to exit.
		3. Type of installation:
								1- for Gateway
								2- for StandAlone
								3- for DirectAgent
								4- for Light Weight Monitor(LWM).
		4. Enter Nginx Server port [1-65535] default port is 2463
		5. Enter LSA port [1-65535] default port is 9009

	d. Silent upgrade instructions:
		1. Execute "./install.sh [-option] [nginx_port] [LSA_port] [Alert_Notification]"
		   For Ubuntu use "install_deb.sh" instead of "install.sh".
		2. The options are:
			-g for Gateway
			-s for StandAlone
			-d for DirectAgent
			-l for Light Weight Monitor(LWM)
		3. nginx_port and LSA_port must be in range [1-65535] and must be different.
		4.  Alert_Notification options:
			1=Since Last Shutdown
			2=Since Last Clear
			3=Since Last Reboot
			4=Since Newest
			if nginx_port, LSA_port and Alert_Notification is not specified in the command line the default values (Nginx default port 2463, LSA default port 9009 and Alert Notification value 1) will be used.
			
3. The installer provides the user with four types of set-up options.
   1. Gateway - This will install all the features.
   2. StandAlone - This will install components required for Local Server Management.
   3. DirectAgent - This will install components required for Remote Server Management
   4. Light Weight Monitor - This will install Light Weight Monitor program features.
      Refer "Installing the Light Weight Monitor System" section in the user guide for more details.

4. When LWM is Installed, user cannot perform installation of LSA. Needs to do complete un-installation of LWM and then Install LSA.
   When LSA is Installed, user cannot perform installation of LWM. Needs to do complete un-installation of LSA and then Install LWM.

5. Extract the contents of the zip file and install the appropriate package on
  64 bit operating systems.

   LSA_Linux.zip
        x64 -- Contains files for 64 bit platforms

Note: No LSA ICON will be created on Desktop for Ubuntu.
==============================
Upgrade/Downgrade Instructions
==============================
1. Downgrade is not supported.
2. User can upgrade to the same mode of installation to which he performed with earlier build.
3. During the upgrade user can move from one mode of installation to another mode of installation.
4. When LWM is Installed, user cannot perform upgrade from LWM to LSA. Needs to do complete un-installation of LWM and then Install LSA
Note: If user has placed/copied any file(s) manually in the <LSA_HOME> directory, those files needs to be manually removed before the un-installation.
	  If the file(s) has not been removed, LSA Upgrade will not be clean.

=================================
Verify RPM signature Instructions
=================================	  
1. Import the public key to RPM DB. Command : rpm --import <public-key.asc>
2. Verify the RPM signature. Command : rpm -Kv <LSA rpm>
3. Install the LSA. If imported public key is for the RPM being installed, No warnings should be shown during installation.

===========================
Un-installation Instructions
===========================
 The product can be uninstalled using the script uninstaller.sh.
 run the script /opt/lsi/LSIStorageAuhority/uninstaller.sh to un-install LSA. This same script can be used to uninstall LSA in Ubuntu OS.

 user may also un-install LSA suing the rpm commands.
 Run the command  "rpm -e <rpm_name>" to un-install the RPM's from the target system.
 Example:
 rpm -e LSIStorageAuhority-1.00x.xxx-xxx
 
 For Ubuntu use below commands:
 dpkg -r lsistorageauthority
 dpkg -P lsistorageauthority

============================
LSA & Nginx Service Status:
	1: To Start LSA and Nginx, run "/etc/init.d/LsiSASH start".
	2: To Stop LSA and Nginx, run "/etc/init.d/LsiSASH stop".
	3: To ReStart LSA and Nginx run "/etc/init.d/LsiSASH restart".
    4: To check status of LSA and Nginx, run "/etc/init.d/LsiSASH status".
	
  For Ubuntu use below commands:
	1: To Start LSA and Nginx, run "service LsiSASH start".
	2: To Stop LSA and Nginx, run "service LsiSASH stop".
	3: To ReStart LSA and Nginx run "service LsiSASH restart".
    4: To check status of LSA and Nginx, run "service LsiSASH status".
===========================