manualshive.com logo in svg

Novell BUSINESS CONTINUITY CLUSTERING 1.2.1 - ADMINISTRATION, Administration Manual, Page: 38 / 184

Share
Download
Novell BUSINESS CONTINUITY CLUSTERING 1.2.1 - ADMINISTRATION Administration Manual Download Page 38

38

BCC 1.2.1: Administration Guide for OES 2 SP2 Linux

no

vd

ocx 

(e

n)

  

7 Ja
nua
ry 201

0

4.1.1  Business Continuity Clustering License

Novell Business Continuity Clustering software requires a license agreement for each business 
continuity cluster. For purchasing information, see 

Novell Business Continuity Clustering (http://

www.novell.com/products/businesscontinuity/howtobuy.html)

.

4.1.2  Business Continuity Cluster Component Locations

Figure 4-1

 illustrates where the various components needed for a business continuity cluster are 

installed.

Figure 4-1   

Business Continuity Cluster Component Locations

Figure 4-1

 uses the following abbreviations:

BCC: Novell Business Continuity Clustering 1.2.1 for OES 2 SP2 Linux
eDir: 

Novell eDirectory 8.8.5

IDM: 

Identity Manager 3.6.1

 (32-bit or 64-bit)

iManager: 

Novell iManager 2.7.3

NCS: 

Novell Cluster Services 1.8.7 for OES 2 SP2 Linux, with the January 2010 patch

OES Linux: 

Novell Open Enterprise Server 2 SP2 for Linux, with the January 2010 patch

Building A

Fibre Channel

Switch

Fibre Channel

Disk Arrays

Cluster Site 1

Server

1A

Server

2A

Server

A

Server

3A

NCS

BCC eng.

OES Linux

NCS

BCC eng.

OES Linux

iManager

OES Linux

NCS

BCC eng.

OES Linux

IDM eng.

Ethernet Switch

IDM

Management

Utilities

BCC 

iManager

plug-ins

WAN

eDirectory

IDM

Disk blocks

SAN

IDM eDir

Driver

Fibre Channel

Switch

Fibre Channel

Disk Arrays

Building B

Cluster Site 2

Server

1B

Server

2B

Server

3B

Server

B

OES Linux

IDM

Management

Utilities

BCC 

iManager

plug-ins

iManager

Ethernet Switch

NCS

BCC eng.

OES Linux

NCS

BCC eng.

OES Linux

IDM eng.

IDM eDir

Driver

NCS

BCC eng.

OES Linux

Summary of Contents for BUSINESS CONTINUITY CLUSTERING 1.2.1 - ADMINISTRATION

Page 1: ...en 7 January 2010 AUTHORIZED DOCUMENTATION BCC 1 2 1 Administration Guide for OES 2 SP2 Linux Business Continuity Clustering 1 2 1 February 18 2010 Administration Guide for Novell Open Enterprise Serv...

Page 2: ...or re export to entities on the current U S export exclusion lists or to any embargoed or terrorist countries as specified in the U S export laws You agree to not use deliverables for prohibited nucl...

Page 3: ...l Trademarks For Novell trademarks see the Novell Trademark and Service Mark list http www novell com company legal trademarks tmlist html Third Party Materials All third party trademarks are the prop...

Page 4: ...4 BCC 1 2 1 Administration Guide for OES 2 SP2 Linux novdocx en 7 January 2010...

Page 5: ...2 25 2 1 BCC 1 2 1 ISO Image for OES 2 SP2 Linux January 2010 25 2 2 BCC 1 2 1 Patch for OES 2 SP2 Linux January 2010 25 2 2 1 System Requirements 25 2 2 2 BCC Engine 26 2 2 3 BCC Resource Driver Tem...

Page 6: ...to the ncsgroup on Each Cluster Node 49 4 4 Installing and Configuring the Novell Business Continuity Clustering Software 50 4 4 1 Installing the Business Continuity Clustering RPMs 50 4 4 2 Configur...

Page 7: ...Drivers 81 9 8 Changing the Identity Manager Synchronization Drivers 83 9 9 What s Next 84 10 Configuring BCC for Peer Clusters 85 10 1 Enabling Clusters for Business Continuity 85 10 2 Adding Peer C...

Page 8: ...river Port Number Conflicts 113 13 5 Excluded Users 114 13 6 Security Equivalent User 114 13 7 SSL Certificates 115 13 8 Clusters Cannot Communicate 116 13 9 BCC Startup Flags 116 13 10 Identity Manag...

Page 9: ...atus 144 D Configuration Worksheet for the BCC Drivers for Identity Manager 147 D 1 Cluster1 to Cluster2 147 D 2 Cluster2 to Cluster1 149 E Using Dynamic DNS with BCC 1 2 153 E 1 Requirements and Assu...

Page 10: ...ary 5 2010 BCC 1 2 0 Patch for OES 2 SP1 Linux 178 H 3 1 Updating Patching BCC 1 2 on OES 2 SP1 Linux 178 H 3 2 What s New for BCC 1 2 179 H 4 January 7 2010 179 H 4 1 Configuring BCC for Peer Cluster...

Page 11: ...s on page 103 Chapter 13 Troubleshooting Business Continuity Clustering on page 111 Chapter 14 Security Considerations on page 125 Appendix A Console Commands for BCC on page 133 Appendix B Setting Up...

Page 12: ...l OES 2 SP1 Novell Cluster Services 1 8 6 for Linux Administration Guide http www novell com documentation oes2 clus_admin_lx data h4hgu4hs html Identity Manager 3 6 x Documentation Web site http www...

Page 13: ...maintaining the multiple centers is a manual process that takes a great deal of planning and synchronizing Even configuration changes must be carefully planned and replicated One mistake and the redu...

Page 14: ...14 Section 1 2 3 Stretch Clusters vs Cluster of Clusters on page 15 1 2 1 LAN Based versus Internet Based Applications Traditional LAN applications require a LAN infrastructure that must be replicated...

Page 15: ...oryTM tree which requires the eDirectory replica ring to span data centers The IP addresses for nodes and cluster resources in the cluster must share a common IP subnet Capability Host Based Mirroring...

Page 16: ...ata center automatically take over Figure 1 1 Stretch Cluster Cluster of Clusters A cluster of clusters consists of multiple clusters in which each cluster is located in a geographically separate data...

Page 17: ...a disaster occurs in one data center the cluster in the other data center takes over Figure 1 2 Cluster of Clusters Comparison of Stretch Clusters and Cluster of Clusters Table 1 2 compares the capab...

Page 18: ...irror of its SBD for high availability If the cluster of clusters uses host based mirroring the SBD is not mirrored between sites which minimizes the chance of LUNs at both locations becoming primary...

Page 19: ...ster Link latency between sites Can cause false failovers The cluster heartbeat tolerance between master and slave must be increased to as high as 30 seconds Monitor cluster heartbeat statistics then...

Page 20: ...in problem if host based mirroring is used An SBD partition must be mirrored between sites It accommodates only two sites All IP addresses must reside in the same subnet Resource configurations must b...

Page 21: ...es Identity Manager technology to automatically synchronize and transfer cluster related eDirectory objects from one cluster to another Provides the capability to fail over as few as one cluster resou...

Page 22: ...at uses storage based data replication between the sites BCC uses eDirectory and Identity Manager to synchronize cluster information between the two clusters Figure 1 3 Two Site Business Continuity Cl...

Page 23: ...allow the business to continue Internet based applications allow employees to work from any place that offers an Internet connection including homes and hotels 1 4 3 Low Cost Business Continuity Clust...

Page 24: ...k that is configured for Novell Cluster Services It is also BCC enabled so that it can be migrated and failed over between nodes in different peer clusters 1 5 3 Landing Zone The landing zone is an eD...

Page 25: ...ee Novell Business Continuity Clustering How to Buy http www novell com products businesscontinuity howtobuy html 2 2 BCC 1 2 1 Patch for OES 2 SP2 Linux January 2010 In January 2010 a BCC 1 2 1 patch...

Page 26: ...source driver template for Identity Manager is the same as the template delivered in the BCC 1 2 0 patch for OES 2 SP1 Linux It has a different version number but it is functionally the same For infor...

Page 27: ...source driver template for Identity Manager that offers the following new feature and bug fixes Uses a newer policy linking format so that you are no longer prompted to update the driver in iManager N...

Page 28: ...d on a 64 bit operating system Updating to Identity Manager 3 6 1 is needed only for 64 bit support or to take advantage of bug fixes that might be offered in 3 6 1 For information about upgrading fro...

Page 29: ...tinue in the event of a disaster Design the infrastructure based on your business needs Determine your design criteria by asking and answering the following questions What are the key services that dr...

Page 30: ...3 1 VLAN Use a dedicated VLAN virtual local area network for each cluster The cluster protocol is non routable so you cannot direct communications to specific IP addresses Using a VLAN for the cluste...

Page 31: ...ster resource never need to change The IP address of an inbound cluster resource is transformed to use an IP address in the same subnet of the peer cluster where it is being cluster migrated You defin...

Page 32: ...using host based mirroring or storage based mirroring Storage based mirroring is recommended When using host based mirroring make sure that the mirrored partitions are accessible for the nodes of only...

Page 33: ...CC enabled its configuration is automatically synchronized with every peer cluster in the business continuity cluster by using customized Identity Manager drivers The following eDirectory objects are...

Page 34: ...ad use names that are independent of the clusters and that are unique across all peer clusters For example replace the clustername with something static such as BCC Cluster Resource poolname_SERVER Cl...

Page 35: ...nuity cluster the volume IDs for the existing shared volumes might also share the same volume IDs To resolve this conflict manually edit the load script for each volume that has been enabled for busin...

Page 36: ...36 BCC 1 2 1 Administration Guide for OES 2 SP2 Linux novdocx en 7 January 2010...

Page 37: ...nts for BCC 1 2 1 for OES 2 SP2 Linux The requirements in this section must be met prior to installing Novell Business Continuity Clustering 1 2 1 for OES 2 SP2 Linux Section 4 1 1 Business Continuity...

Page 38: ...S 2 SP2 Linux eDir Novell eDirectory 8 8 5 IDM Identity Manager 3 6 1 32 bit or 64 bit iManager Novell iManager 2 7 3 NCS Novell Cluster Services 1 8 7 for OES 2 SP2 Linux with the January 2010 patch...

Page 39: ...the business continuity cluster Cluster Names on page 39 Storage on page 39 eDirectory on page 39 Peer Cluster Credentials on page 40 Cluster Names Each cluster must have a unique name even if the clu...

Page 40: ...in its own OU level container Each OU should reside in a different eDirectory partition As a best practice for each of the peer clusters put its Server objects Cluster object Driver objects and Landin...

Page 41: ...y full replica must have at least read write access to the following containers in order for the cluster resource synchronization and user object synchronization to work properly The Identity Manager...

Page 42: ...lows you to use the Identity Manager software the eDirectory driver and the Identity Manager management tools for Novell iManager 2 7 3 BCC driver templates are applied to the eDirectory driver to cre...

Page 43: ...does not appear in iManager make sure that the eDirectory daemon ndsd is running on the server that contains the eDirectory master replica To restart ndsd on the master replica server enter the follow...

Page 44: ...related plug ins are installed or if you upgraded this server from OES 2 Linux or NetWare 6 5 SP7 log in to iManager then uninstall all of the storage related plug ins that are currently installed in...

Page 45: ...torage system is required for each peer cluster in the business continuity cluster See Shared Disk System Requirements in the OES 2 SP2 Novell Cluster Services 1 8 7 for Linux Administration Guide In...

Page 46: ...m can be used to mask LUNs or to provide zoning configuration of the SAN fabric to prevent shared volumes from being corrupted by non cluster servers IMPORTANT We recommend that you implement LUN mask...

Page 47: ...plorer browser click View Encoding then select the supported character encoding setting 4 2 Downloading the Business Continuity Clustering Software For new installs before you install Novell Business...

Page 48: ...nfiguring Linux User Management LUM for the group You also add the Linux nodes Node objects of each node in every cluster in the BCC to this BCC group IMPORTANT Having a LUM enabled BCC group and user...

Page 49: ...Attributes Rights property 7 Click Done to save your changes 8 Repeat Step 3 through Step 7 for the peer clusters in your business continuity cluster 4 3 3 Adding the BCC Administrator User to the nc...

Page 50: ...Linux on page 37 The BCC Administrator user and group must already be configured as specified in Section 4 3 Configuring a BCC Administrator User and Group on page 48 You must install the Business Co...

Page 51: ...then select the BCC rpm files 4 After the packages are installed exit YaST 5 Continue with Section 4 4 2 Configuring BCC Software on page 51 4 4 2 Configuring BCC Software Perform the following tasks...

Page 52: ...r clusters The templates are required to configure your business continuity cluster You must have previously installed iManager on the server where you plan to install the templates You should install...

Page 53: ...urce on page 55 4 5 1 Creating a YaST Auto Configuration Profile 1 In a text editor create a YaST auto configuration profile XML file named bccprofile xml Auto configuration files are typically stored...

Page 54: ...NFS share by opening a shell and running yast2 nfs_server Then continue with Step 3 below 3 Select Start NFS Server then click Next 4 Click Add Directory and enter the following tmp bcc_install 5 Ente...

Page 55: ...ss Continuity Clustering installation directory click Delete then click Finish 4 5 5 Cleaning Up the Business Continuity Clustering Installation Source Clean up the Business Continuity Clustering inst...

Page 56: ...56 BCC 1 2 1 Administration Guide for OES 2 SP2 Linux novdocx en 7 January 2010...

Page 57: ...8 Section 5 4 Installing the BCC Patch Along With the OES 2 SP2 Linux Patches on page 59 5 1 System Requirements for the BCC 1 2 1 Patch The following system requirements are new for the BCC 1 2 1 pat...

Page 58: ...S 2 SP1 Linux and have deleted and re created the Identity Manager drivers to use the new template for BCC 1 2 0 it is not necessary to delete and re create the drivers again for BCC 1 2 1 5 3 Install...

Page 59: ...BCC drivers with the new template from the BCC 1 2 0 patch on the OES 2 SP1 Linux servers 6 Restart Tomcat by entering the following command at a terminal console prompt rcnovell tomcat5 restart 7 Ve...

Page 60: ...e business continuity cluster 4 After all nodes in every peer cluster are updated do one of the following for the BCC drivers for Identity Manager Delete and Re Create BCC Drivers On the Identity Mana...

Page 61: ...existing business continuity cluster The BCC cluster environment must meet the system requirements described in Requirements for BCC 1 2 for OES 2 SP1 Linux http www novell com documentation bcc bcc1...

Page 62: ...n applied to each node in every peer cluster in the business continuity cluster 4 After all nodes in every peer cluster are updated do one of the following for the BCC drivers for Identity Manager Re...

Page 63: ...il the OES 2 SP1 Linux patches and the BCC 1 2 0 patch have been applied to each node in every peer cluster in the business continuity cluster 4 After all nodes in every peer cluster are updated do on...

Page 64: ...64 BCC 1 2 1 Administration Guide for OES 2 SP2 Linux novdocx en 7 January 2010...

Page 65: ...o 32 Bit Identity Manager 3 6 1 On a 32 bit OES 2 SP1 Linux operating system you can install the 32 bit version of Identity Manager 3 6 1 to automatically upgrade Identity Manager to the latest versio...

Page 66: ...the 64 bit OES 2 SP1 Linux then install Identity Manager 3 6 1 and iManager 2 7 2 on the system as described in Section 4 1 7 Identity Manager 3 6 1 Bundle Edition on page 42 3 Re create the BCC driv...

Page 67: ...ter at a time Do not finalize the cluster conversion for the peer cluster at this time Repeat the NetWare to Linux conversion of the nodes for each peer cluster so that all of the nodes in every peer...

Page 68: ...inux nodes but Cluster B cannot All nodes in Cluster B must be either NetWare or Linux The same restrictions that apply to migrating or failing over resources between nodes within a mixed cluster also...

Page 69: ...guring the Identity Manager Drivers for BCC on page 71 8 5 Finalizing the BCC Cluster Conversion Normally when converting a NetWare cluster to Linux you need to run the cluster convert command after e...

Page 70: ...70 BCC 1 2 1 Administration Guide for OES 2 SP2 Linux novdocx en 7 January 2010...

Page 71: ...derstanding the BCC Drivers Business Continuity Clustering provides two templates that are used with the eDirectory driver in Identity Manager to create the BCC drivers Cluster Resource Synchronizatio...

Page 72: ...stance on both cluster nodes For example if you specify 2003 as the port number for the Cluster Resource Synchronization driver on one cluster you must specify 2003 as the port number for the same Clu...

Page 73: ...rivers communicates to this node For example let s consider a three cluster business continuity cluster You can set up a communications channel for the Cluster Resource Synchronization driver between...

Page 74: ...uity Cluster with User Object Synchronization When you extend the single tree example for a four cluster business continuity cluster you can set up similar communications channels for the Cluster Reso...

Page 75: ...nnels as shown in Table 9 11 You also need to install an instance of the User Object Synchronization driver on a different port between the two clusters that communicate across the two trees or across...

Page 76: ...lows you to use drivers beyond an evaluation period The credential can be found in the BCC license In the Identity Manager interface in iManager enter the credential for each driver that you create fo...

Page 77: ...an eDirectory full replica with at least read write access to all eDirectory objects that will be synchronized between clusters For information about the full replica requirements see Section 4 1 5 No...

Page 78: ...ed are also included with each field Driver name for this driver instance Specify a unique name for this driver to identify its function The default name is BCC Cluster Sync We recommend that you indi...

Page 79: ...e the Cluster object resides The container where the server objects reside If server objects reside in multiple containers this must be a container high enough in the tree to be above all containers t...

Page 80: ...er html Replace server_ip_address with the IP address or DNS name of the server that has iManager and the Identity Manager preconfigured templates for iManager installed 2 Specify your username and pa...

Page 81: ...dentity Manager then click the Identity Manager Overview link 4 Search to locate the BCC driver set the click the driver set link 5 Click the red Cluster Sync icon for the driver you want to synchroni...

Page 82: ...er Two and Cluster Three both synchronize with Cluster One This is illustrated in Figure 9 2 below Figure 9 2 Three Cluster Identity Manager Synchronization Master You could also have Cluster One sync...

Page 83: ...peer clusters as illustrated in Figure 9 4 Figure 9 4 Single Tree Four Cluster Identity Manager Synchronization Scenario 9 8 Changing the Identity Manager Synchronization Drivers To change your BCC sy...

Page 84: ...iness Continuity Clustering software installed Identity Manager installed The BCC specific Identity Manager drivers configured and running Be enabled for business continuity 9 9 What s Next After the...

Page 85: ...nfiguration Information on page 89 Section 10 5 Configuring CIMOM Daemons to Bind to IP Addresses on page 92 Section 10 6 Enabling Linux POSIX File Systems to Run on Secondary Clusters on page 92 Sect...

Page 86: ...add the authentication credentials username and password of the user who the selected cluster will use to authenticate to a selected peer cluster IMPORTANT In order to add or change peer cluster cred...

Page 87: ...terface from a console prompt to set credentials 1 In the Connections section of the Business Continuity Cluster Properties page select the peer cluster then click Edit In order for a cluster to appea...

Page 88: ...ick Apply To force an immediate update of the scripts for ClusterA open the script for ClusterB add a blank line then click Apply You can see the IP addresses that are currently assigned to resources...

Page 89: ...and unload scripts for each BCC enabled resource in each peer cluster You can add commands that are specific to your storage hardware These scripts and commands might be needed to promote mirrored LU...

Page 90: ...gured templates for iManager installed 2 Specify your username and password specify the tree where you want to log in then click Login 3 In Roles and Tasks click Clusters then click the Cluster Option...

Page 91: ...for storage management communications Script parameters If desired specify variables and values for the variables that are used in the storage management script To specify a variable click New then p...

Page 92: ...o 0 0 0 0 which is the default Change the following section in the openwbem conf file http_server listen_addresses option specifies the local addresses to listen on The option is a space delimited lis...

Page 93: ...mation in the value fields 9 Under Script Parameters click New then specify the following Name Specify the variable name as CONTAINER_NAME This value is case sensitive and should be entered as CONTAIN...

Page 94: ...sable BCC for each of the cluster resources running on that cluster Make sure to remove the secondary peer clusters from the cluster resource s Assigned list before you disable BCC for the resource on...

Page 95: ...97 Section 11 3 Changing Peer Cluster Credentials on page 97 Section 11 4 Viewing the Current Status of a Business Continuity Cluster on page 98 Section 11 5 Generating a Cluster Report on page 99 Se...

Page 96: ...where you have migrated them 11 1 2 Migrating Cluster Resources between Clusters WARNING Do not migrate resources for a test failover if the storage connection between the source and destination clust...

Page 97: ...uster Back in Service If a cluster has been totally downed all nodes are down concurrently the peer clusters do not automatically recognize the cluster if you bring the nodes back online To bring the...

Page 98: ...inuity cluster by using either iManager or the server console of a cluster in the business continuity cluster Section 11 4 1 Using iManager to View the Cluster Status on page 98 Section 11 4 2 Using C...

Page 99: ...you more quickly recover a cluster Some of the failure types and responses differ depending on whether you have implemented storage based mirroring or host based mirroring Promoting or demoting LUNs...

Page 100: ...imary Then bring up the former primary cluster servers and fail back the cluster resources Secondary Cluster Fails but Secondary Storage System Does Not Secondary clusters are not currently running th...

Page 101: ...page 102 Primary Storage System Fails and Causes the Primary Cluster to Fail on page 102 Secondary Storage System Fails and Causes the Secondary Cluster to Fail on page 102 Intersite Storage System Co...

Page 102: ...Secondary clusters are not currently running the resource When the secondary storage system fails the secondary cluster also fails Bring the secondary storage back up Bring up your secondary cluster s...

Page 103: ...n page 109 Section 12 8 Deleting or Unsharing a BCC Enabled Shared NSS Pool Resource on page 109 12 1 Requirements for Cluster Resources Section 12 1 1 LUNs for Cluster Pool Resources on page 103 Sect...

Page 104: ...cluster 1 Start your Internet browser and enter the URL for iManager The URL is http server_ip_address nps iManager html Replace server_ip_address with the IP address or DNS name of the server that ha...

Page 105: ...when you create the resource Whenever a resource fails over to a different peer cluster these properties must be changed to values that work in the destination peer cluster BCC provides a Search and R...

Page 106: ...ou specify to the resource s Assigned clusters list where the resource can be migrated You can migrate a resource only to one of the clusters that has been selected When you add a new peer cluster or...

Page 107: ...the following for each peer cluster where you plan to failover the cluster resource 1 In iManager click Clusters then click Cluster Options 2 Browse to locate and select the Cluster object of the pee...

Page 108: ...entire cluster If BCC enabled resources need to be BCC disabled remove the secondary peer clusters from the resource s assigned list then disable BCC only from the primary cluster either by using iMan...

Page 109: ...t to the Cluster object not to Cluster Node objects On the Storage Pools page for iManager connect to the master node Run NSSMU only on the master node You must disable BCC for a shared NSS pool befor...

Page 110: ...odify the unload script by removing any commands related to the BCC then click Apply 4 Select Clusters Cluster Options select the shared NSS pool resource then select Online Keep the NSS pool but unsh...

Page 111: ...ity Manager Drivers Do Not Synchronize Objects from One Cluster to Another on page 117 Section 13 12 Tracing Identity Manager Communications on page 118 Section 13 13 Peer Cluster Communication Is Not...

Page 112: ...rectory daemon ndsd is running on the server that contains the eDirectory master replica for that tree To restart ndsd on the master replica server enter the following command at its terminal console...

Page 113: ...ter Sync icon or the blue User Sync icon 6 Click the red or blue icon again then click the Identity Manager tab if it is not already selected Cannot Connect 3 This cluster cannot connect to the select...

Page 114: ...luster 13 5 Excluded Users If certain users do not synchronize between clusters it is possible that those users are in the excluded users list NOTE The eDirectory Admin user should never be synchroniz...

Page 115: ...nistrative rights 1 Start your Internet browser and enter the URL for iManager The URL is http server_ip_address nps iManager html Replace server_ip_address with the IP address or DNS name of the serv...

Page 116: ...hen click OK 6 Click Assigned Rights for the BCC Administrator user then ensure that the Read and Write check boxes are selected for the All Attributes Rights property 7 Click Done to save your change...

Page 117: ...dio buttons in the Driver Startup section of the page that displays Selecting the Auto Start option is recommended Unknown communications problems See Section 13 12 Tracing Identity Manager Communicat...

Page 118: ...a front html The trace messages are written to the ndstrace log file located in the directory where eDirectory is installed By default it is var nds You might want to delete this file before starting...

Page 119: ...using OpenWBEM 13 14 A Resource Does Not Migrate to a Peer Cluster If you cannot migrate a resource from one cluster to a peer cluster the problem might be caused by one of the following conditions Th...

Page 120: ...ecific resource instead of all resources in the cluster If you are testing search and replace functionality you might have made the changes too rapidly Identity Manager merges all changes into one so...

Page 121: ...ject Host Server Virtual NCP Server Pool Object Class nssfsPool Host Server Virtual NCP Server 13 20 Blank Error String iManager Error Appears While Bringing a Resource Online If you get an error in i...

Page 122: ...erver in the primary cluster and the Host Resource Name attribute must specify the name of the volume This new volume object can be referred to as a volume reference All User objects must be modified...

Page 123: ...own error 1001 Received XML is invalid 1002 The object pointers in eDirectory for the given cluster resource are invalid 1003 The referenced object is not a valid NCS BCC object 1004 The referenced cl...

Page 124: ...r activate and mount the deactive volumes 2 In iManager click Clusters then select the cluster resource for the clustered pool 3 Click Offline to dismount the pool s volumes and deactivate the pool Wa...

Page 125: ...henticated via Novell eDirectoryTM For information about configuring rights needed by BCC administrators see Section 4 1 5 Novell eDirectory 8 8 5 on page 40 Users are authorized Yes Users are authori...

Page 126: ...for Best Security Inter cluster communications scheme HTTP port 5988 HTTPS port 5989 HTTPS HTTPS Identity Manager communications Secure Non secure This is the certificate in the Identity Manager drive...

Page 127: ...ialNormalThreads initialPriorityThreads 2 initialPriorityThreads ipcResponseTimeout 15 ipcResponseTimeout maximumPriorityThreads 20 maximumPriorityThreads minimumPriorityThreads 2 minimumPriorityThrea...

Page 128: ...e authorization rights are cached in the BCC OpenWBEM provider 300 seconds cimConnectTimeout BCC CIM client connect timeout in seconds 15 seconds cimReceiveTimeout BCC CIM client receive timeout in se...

Page 129: ...re and non secure inter cluster communication are 5989 and 5988 respectively For example if you want to change the secure port on which OpenWBEM listens from port 5989 to port 1234 you would change th...

Page 130: ...ted with the administration of BCC should be the most secured Access to BCC configuration settings and logs should be restricted This includes file system access rights FTP access access via Web utili...

Page 131: ...com documentation sles10 book_sle_reference data cha_inst_system_iscsi html in the SUSE Linux Enterprise Server 10 Installation and Administration Guide http www novell com documentation sles10 book_...

Page 132: ...132 BCC 1 2 1 Administration Guide for OES 2 SP2 Linux novdocx en 7 January 2010...

Page 133: ...ou can also enter cluster help at the console prompt to get information on the commands and their functions IMPORTANT You must be logged in as the root user or any other user in admin or ncsgroup Some...

Page 134: ...CC for each individual cluster resource that you want to be enabled for business continuity This can be a time consuming process if you have many cluster resources that are enabled for business contin...

Page 135: ...k into service The server where the command is issued must be a member of the cluster but does not need to be the one node that is currently in the cluster You should run this command when only one no...

Page 136: ...for new devices for BCC enabled cluster resources that have BCC load unload scripts when cluster resources are migrated between peer clusters When BCC calls the API the script is executed on each node...

Page 137: ...some of the data on each cluster is different This is called data divergence Also the mirroring or synchronization process either fails or attempts to overwrite any changed data on one cluster This c...

Page 138: ...ercent or the total number of nodes the condition cannot be satisfied because the cluster will not be up to report this state If a cluster has been totally downed you must bring up the master node in...

Page 139: ...ely that cluster membership information for a specific cluster will be reported to peer clusters when the connection to that specific cluster is down For example a rule might contain only one conditio...

Page 140: ...the cluster or clusters that you want this monitor to apply to 3 Specify the maximum health indication that the monitor will report This value is used when creating a failover policy to validate the...

Page 141: ...ased mirroring consult your storage system vendor or see the storage system vendor documentation Host based synchronous mirroring functionality is included with the Novell Storage ServicesTM NSS file...

Page 142: ...sure these protocols are installed and running when you create the pool resource If you install the protocols after you create the pool you can use the Clusters plug in for iManager to add CIFS or AFP...

Page 143: ...IMPORTANT Using the CIFS check box or the AFP check box requires that Novell CIFS for Linux or Novell AFP for Linux is already installed and configured on the nodes in the cluster and nodes in the pe...

Page 144: ...that change information in the eDirectory objects for the shared pool or volume C 3 Novell Cluster Services Configuration and Setup After configuring NSS mirroring and creating a volume on the mirror...

Page 145: ...S Pools 145 novdocx en 7 January 2010 IMPORTANT If you create or delete a pool or partition on shared storage that is part of a business continuity cluster you must run the cluster scan for new device...

Page 146: ...146 BCC 1 2 1 Administration Guide for OES 2 SP2 Linux novdocx en 7 January 2010...

Page 147: ...1 Cluster1 to Cluster2 First create a driver instance on the Identity Manager node for the first cluster in order to synchronize information from the first cluster to the second cluster Clusters for...

Page 148: ...ization Driver name for this driver instance Example cluster1_to_cluster2 BCCCR Sync Example cluster1_to_cluster2 BCCUO Sync Default BCC Cluster Sync SSL certificate name to use for this driver instan...

Page 149: ...synchronized to the source cluster for this driver instance The container must already exist and must be specified using dot format without the tree name Example clusters siteA example TIP Browse to...

Page 150: ...synchronization and one driver instance for user object synchronization Driver name for this driver instance Example cluster2_to_cluster1 BCCCR Sync Example cluster2_to_cluster1 BCCUO Sync Default BC...

Page 151: ...zone for this driver instance Specify the distinguished name of the container where the cluster enabled pool NCP server and volume objects for the destination cluster will be placed when they are sync...

Page 152: ...152 BCC 1 2 1 Administration Guide for OES 2 SP2 Linux novdocx en 7 January 2010...

Page 153: ...ys on page 154 Section E 1 4 DNS Record Time to Live Values on page 154 E 1 1 Software Requirements Install and configure your business continuity cluster using the following components Novell Busines...

Page 154: ...rease dramatically If the values are too long the end users are unable to reconnect to the cluster resources after a BCC migration until the DNS records expire There is no perfect TTL value Each custo...

Page 155: ...o configure your master DNS server E 2 2 Configuring the DNS Server with the Public Key Modify the DNS Server configuration to use the public TSIG key you generated in Section E 2 1 Creating the TSIG...

Page 156: ...his is a sample zone section zone clusters site1 company com in file dyn clusters site1 company com type master allow update key cluster1 clusters site1 company com zone 1 1 10 in addr arpa in file dy...

Page 157: ...HORITY SECTION clusters site1 company com 120 IN NS wkstn1 clusters site1 company com ADDITIONAL SECTION wkstn1 clusters site1 company com 120 IN A 10 1 1 172 Query time 0 msec SERVER 10 1 1 172 53 10...

Page 158: ...reated in Section E 2 1 Creating the TSIG Keys for DNS Server Authentication on page 154 These keys have filenames of the form K name 157 random number key the public key and K name 157 random number...

Page 159: ...e changes made in Step 6 and Step 7 occurred on the DNS Server 8a Use the dig utility with the DNS name to verify the IP address dig 10 1 1 172 ftp clusters site1 company com DiG 9 3 2 10 1 1 172 ftp...

Page 160: ...10 1 1 172 WHEN Tue Aug 14 17 55 01 2008 MSG SIZE rcvd 127 9 Use the dig utility in a reverse lookup for the old IP address to make sure that it does not return an answer dig 10 1 1 172 x 10 1 1 215...

Page 161: ...reate Perl based wrappers for the nsupdate utility commands before placing them in the BCC load script Typically the line for the nsupdate utility would be the last command to run in the script but th...

Page 162: ...in the log file are meaningful For example a name of Dynamic DNS Update Resource Test1 identifies what the script does and which resource it is acting upon Description Specify information that helps...

Page 163: ...r the parameters Script Copy and paste the dynamic DNS script into this edit box Synchronous When enabled selected this option synchronizes the execution of multiple BCC load and unload scripts This i...

Page 164: ...ce Behavior area on the Cluster Resource Properties page This setting forces the given resource to always be hosted by the same node that is hosting the Novell Cluster Services master resource The key...

Page 165: ...age 156 E 4 Testing the Dynamic DNS Solution After you have created the BCC load scripts for each resource in each of the peer clusters you are ready to test the overall dynamic DNS solution 1 Perform...

Page 166: ...166 BCC 1 2 1 Administration Guide for OES 2 SP2 Linux novdocx en 7 January 2010...

Page 167: ...network on each cluster node The network consists of the following Section F 1 1 Virtual Adapter on page 167 Section F 1 2 Host Mask on page 167 Section F 1 3 Internal Router on page 167 F 1 1 Virtua...

Page 168: ...ng its internal virtual IP network which only it knows about and can reach to other network nodes The virtual IP addresses of the cluster resources are highly available because each resource has its o...

Page 169: ...move a service hosted on a particular machine to be rehosted on some other machine connected to a different IP network If the service is hosted on a physical IP address accommodating these changes inv...

Page 170: ...about OSPF Area IDs see Section F 3 1 Routing Protocol on page 170 The LAN routers are also where you define and handle the propagation of the routes to services that are using virtual IP addresses F...

Page 171: ...addresses on a given virtual IP network must go unused thereby wasting a portion of the available address space Neither of these situations is desirable Fortunately the use of host masks remedies both...

Page 172: ...l IP address information for the dummy0 adapter For example the old and new lines are emphasized in the following sample load script bin bash opt novell ncs lib ncsfuncs exit_on_error nss poolact POOL...

Page 173: ...To verify that a virtual IP address is bound enter display secondary ipaddress at a terminal console of the cluster node where the virtual IP address is assigned This displays all bound virtual IP ad...

Page 174: ...174 BCC 1 2 1 Administration Guide for OES 2 SP2 Linux novdocx en 7 January 2010...

Page 175: ...by using the Business Continuity Clustering installation program 1 Log in as the root user on the server 2 Use one of the following methods to open the BCC Configuration page In YaST select Miscellane...

Page 176: ...176 BCC 1 2 1 Administration Guide for OES 2 SP2 Linux novdocx en 7 January 2010...

Page 177: ...178 Section H 4 January 7 2010 on page 179 Section H 5 September 9 2009 on page 181 Section H 6 August 14 2009 on page 182 Section H 7 May 11 2009 on page 182 Section H 8 April 28 2009 on page 183 H...

Page 178: ...BCC 1 2 1 on OES 2 SP2 Linux This section is new H 2 3 What s New for BCC 1 2 H 3 February 5 2010 BCC 1 2 0 Patch for OES 2 SP1 Linux Updates were made to the following sections The changes are explai...

Page 179: ...esses with BCC 1 2 on page 181 H 4 1 Configuring BCC for Peer Clusters Location Change Section 2 3 BCC 1 2 0 Patch January 2010 on page 26 This section is new A patch for BCC 1 2 for OES 2 SP1 Linux i...

Page 180: ...properly whenever you attempt to modify the BCC configuration or manage the BCC enabled cluster resources Location Change Chapter 11 Managing a Business Continuity Cluster on page 95 IMPORTANT Identit...

Page 181: ...n 7 1 Upgrading to 32 Bit Identity Manager 3 6 1 on page 65 It is not necessary to re create the BCC drivers if you perform an in place upgrade of 32 bit Identity Manager 3 6 to 32 bit Identity Manage...

Page 182: ...Manager 3 6 1 This section is new H 6 4 What s New for BCC 1 2 H 7 May 11 2009 Updates were made to the following sections The changes are explained below Section H 7 1 Converting BCC Clusters from N...

Page 183: ...Linux on page 183 H 8 1 Converting BCC Clusters from NetWare to Linux Location Change Chapter 8 Converting BCC Clusters from NetWare to Linux on page 67 Updated for clarity Chapter 8 Converting BCC C...

Page 184: ...184 BCC 1 2 1 Administration Guide for OES 2 SP2 Linux novdocx en 7 January 2010...

Reviews:

No comments