Amazon FSx for NetApp ONTAP - Diagnostic Data Collection Tool

6 minute read

Content level: Intermediate

This tool is provided to assist with Amazon FSx for NetApp ONTAP troubleshooting.

Overview

This script automates the collection of diagnostic data from Amazon FSx for NetApp ONTAP file systems and Linux clients. It is designed to help AWS Support Engineers and customers quickly gather comprehensive system information for troubleshooting purposes.

The script connects to your FSx file system via SSH and executes a series of NetApp ONTAP commands, while optionally collecting client-side diagnostic information from the Linux system where it runs. All collected data is packaged into a .tar.gz bundle ready for AWS Support case attachment.

Quick Start

To get started, download the script from the Download section below, then run the appropriate command based on your issue type.

Basic collection (FSx health check only)

sudo ./FSx-for-NetApp-ONTAP-Diagnostic-Data-Collection-Tool.sh --profile basic --fsx-endpoint <mgmt-ip>

NFS troubleshooting with client data

sudo ./FSx-for-NetApp-ONTAP-Diagnostic-Data-Collection-Tool.sh --profile nfs --include-client --fsx-endpoint <mgmt-ip>

SMB/CIFS troubleshooting with client data

sudo ./FSx-for-NetApp-ONTAP-Diagnostic-Data-Collection-Tool.sh --profile smb --include-client --fsx-endpoint <mgmt-ip>

iSCSI troubleshooting with client data

sudo ./FSx-for-NetApp-ONTAP-Diagnostic-Data-Collection-Tool.sh --profile iscsi --include-client --fsx-endpoint <mgmt-ip>

NVMe/TCP troubleshooting with client data

sudo ./FSx-for-NetApp-ONTAP-Diagnostic-Data-Collection-Tool.sh --profile nvme --include-client --fsx-endpoint <mgmt-ip>

Comprehensive (all protocols)

sudo ./FSx-for-NetApp-ONTAP-Diagnostic-Data-Collection-Tool.sh --profile all --include-client --fsx-endpoint <mgmt-ip>

Download

Download the script from the AWS Support Tools GitHub repository:

🔗 https://github.com/awslabs/aws-support-tools/tree/master/FSxNetAppONTAP

Option 1: Clone the repository

git clone https://github.com/awslabs/aws-support-tools.git
cd aws-support-tools/FSxNetAppONTAP/
chmod +x FSx-for-NetApp-ONTAP-Diagnostic-Data-Collection-Tool.sh

Option 2: Download the script directly

curl -O https://raw.githubusercontent.com/awslabs/aws-support-tools/master/FSxNetAppONTAP/FSx-for-NetApp-ONTAP-Diagnostic-Data-Collection-Tool.sh
chmod +x FSx-for-NetApp-ONTAP-Diagnostic-Data-Collection-Tool.sh

Usage

The script requires at minimum a profile selection and the FSx management endpoint. You will be prompted for the fsxadmin password unless you provide an SSH key file. For more details on available profiles, see the Profiles section below.

Basic Syntax

sudo ./FSx-for-NetApp-ONTAP-Diagnostic-Data-Collection-Tool.sh --profile <profile> --fsx-endpoint <endpoint> [options]

Why sudo?

Root privileges are required for:

Accessing system logs and kernel information
Collecting network diagnostics
Testing mount operations (if using --test-mount)

Profiles

The script supports six profiles for targeted data collection. Choose the profile that best matches the issue you are troubleshooting:

Profile	FSx Commands	Client Commands	Description
basic	29	0	System health and performance only
nfs	44	22	Basic + NFS-specific diagnostics
smb	44	22	Basic + SMB/CIFS-specific diagnostics
iscsi	44	21	Basic + iSCSI/SAN-specific diagnostics
nvme	40	19	Basic + NVMe/TCP-specific diagnostics
all	90	80+	All profiles combined

Profile Details

basic Collects fundamental system information including cluster status, node health, network configuration, storage aggregates, volumes, and QoS policies. Use this for general health checks.

nfs Adds NFS server configuration, export policies and rules, connected clients, qtree setup, and name service configuration (UNIX users/groups, LDAP, NIS).

smb Adds CIFS server status, Active Directory connectivity, share configuration and ACLs, active sessions, local users and groups, and name mapping.

iscsi Adds iSCSI target configuration, LUN details and mappings, igroup configuration, active sessions and connections, and client-side multipath information.

nvme Adds NVMe subsystem configuration, namespace information, host connections, and NVMe/TCP interface details.

all Combines all of the above profiles. Recommended when the issue spans multiple protocols or when comprehensive diagnostics are needed.

Command-Line Options

The following options allow you to customize the script behavior beyond the basic profile and endpoint selection.

Required

--profile <profile>          Profile to use: basic, nfs, smb, iscsi, nvme, or all
--fsx-endpoint <address>     FSx management endpoint (IP address or DNS name)

FSx Connection

--fsx-username <user>        FSx username (default: fsxadmin)
--fsx-port <port>            SSH port (default: 22)
--fsx-key-file <path>        Path to SSH private key file (optional)

Client-Side Collection

--include-client             Collect client-side diagnostics

Mount Testing

--test-mount                 Test NFS or SMB mounting (requires --include-client)
--mount-endpoint <address>   SVM data endpoint (NFS/SMB/iSCSI LIF IP or DNS)
--mount-path <path>          NFS export path or SMB share name
--mount-type <nfs|smb>       Type of mount to test
--mount-point <path>         Local directory to use as mount point

Help

--help, -h                   Display help message and exit

What It Collects

FSx Side (via SSH)

Cluster/node health
Network interfaces & routing
Volume/aggregate info
Export policies (NFS)
CIFS shares & sessions (SMB)
LUN mappings (iSCSI)
NVMe subsystems
QoS policies
Event logs

Client Side (local)

OS/kernel info
Current mounts & fstab
Network config
Protocol-specific stats (nfsstat, iscsiadm, etc.)
Relevant dmesg/journalctl logs

Security Notes

FSx password → Prompted via terminal (not echoed), stored only in memory
SMB credentials → Temp file with 600 perms, securely deleted after use
SSH connection → Uses ControlMaster, cleaned up on exit
Output bundle → Contains config only, NOT file contents from volumes

Alternative Manual Commands

If the script cannot be run in your environment, here are the key commands to collect diagnostic information manually. For a complete reference of all available ONTAP CLI commands, see the NetApp ONTAP CLI Documentation.

FSx Side (SSH to management endpoint as fsxadmin)

Basic Health:

version
cluster show
system health status show
system health alert show
event log show -severity error -time >7d

Network:

network interface show
network route show
vserver show

Storage:

volume show -fields volume,vserver,state,size,available,percent-used,junction-path
storage aggregate show
df -h

NFS Specific:

vserver nfs show
vserver nfs show -fields v3,v4.0,v4.1,v4.2
export-policy rule show -fields policy,ruleindex,clientmatch,rorule,rwrule,superuser
vserver nfs connected-clients show

SMB Specific:

vserver cifs show
vserver cifs check
vserver cifs share show
vserver cifs session show

iSCSI Specific:

vserver iscsi show
lun show -fields path,size,state,mapped
lun mapping show
lun igroup show

NVMe Specific:

vserver nvme show
vserver nvme subsystem show
vserver nvme namespace show

Client Side (Linux)

General:

uname -a
cat /etc/os-release
mount | grep -E 'nfs|cifs'
cat /etc/fstab | grep -E 'nfs|cifs'
ip addr
ip route

NFS:

nfsstat -m
nfsstat -c
showmount -e <svm-ip>
cat /proc/mounts | grep nfs
dmesg | grep -i nfs | tail -50

SMB:

mount | grep cifs
cat /proc/fs/cifs/DebugData
dmesg | grep -i cifs | tail -50

iSCSI:

iscsiadm -m session -P 3
cat /etc/iscsi/initiatorname.iscsi
multipath -ll
lsblk

Troubleshooting the Script

SSH connection fails → Check security group allows port 22 from client to FSx mgmt endpoint

Mount test fails → Verify using DATA endpoint (SVM LIF), not management endpoint

Permission denied → Run with sudo

Missing tools warning → Non-critical - script continues with available tools

Output Bundle Contents

fsx_ontap_collect_<profile>_<timestamp>.tar.gz
└── fsx_ontap_collect_<profile>_<timestamp>/
    ├── 00_COMMAND_INDEX.txt    # Maps filenames to commands
    ├── fsx_collect.log         # Execution log
    ├── fsx_001_version.txt     # FSx command outputs
    ├── fsx_002_cluster_show.txt
    ├── ...
    ├── client_001_uname_a.txt  # Client outputs (if --include-client)
    └── ...

Resources

Download: https://github.com/awslabs/aws-support-tools/tree/master/FSxNetAppONTAP
Amazon FSx for NetApp ONTAP Documentation: https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/
NetApp ONTAP CLI Documentation: https://docs.netapp.com/us-en/ontap-cli/index.html
Report Issues: https://github.com/awslabs/aws-support-tools/issues

Topics: Compute Storage
Tags: Linux Amazon FSx for NetApp ONTAP Storage
Language: English

EXPERT

Sofien-AWS

published 6 days ago82 views

No comments

Relevant content

Attaching Amazon FSx for NetApp ONTAP NFS Datastore(s) as secondary storage for an Amazon Elastic VMware Service environment.
EXPERT
James Selwood
published a year ago
Why is VMware Cloud on AWS reporting my Amazon FSx for NetApp ONTAP datastore is full when it isn’t?
EXPERT
AMcCord
published 2 years ago
AWS re:Post Live | Adopting Amazon FSx for NetApp ONTAP for Microsoft SQL Workloads live on Twitch!
EXPERT
AWS rePost Live
published 2 years ago
Differences and proper use of FSx for OpenZFS and FSx for NetApp ONTAP
AWS-User-8901822
asked 4 years ago
Amazon FSx for NetApp ONTAP
rePost-User-1451784
asked 3 years ago
FSx ONTAP static provisioning
Bob Breitling
asked 3 years ago
How do I use FSx for ONTAP REST APIs?
AWS OFFICIALUpdated 4 years ago
How do I troubleshoot SnapMirror issues on my Amazon FSx for NetApp ONTAP file system?
AWS OFFICIALUpdated 3 years ago
How do I use the NetApp ONTAP CLI to modify storage data tiering policies for my FSx for ONTAP volume?
AWS OFFICIALUpdated a year ago
How can I recover a deleted FSx for ONTAP volume?
AWS OFFICIALUpdated 3 years ago