manualshive.com logo in svg

Novell BUSINESS CONTINUITY CLUSTERING FOR NETWARE 1.1 - ADMINISTRATION, Manual

The Novell BUSINESS CONTINUITY CLUSTERING FOR NETWARE 1.1 - ADMINISTRATION manual is available for free download on manualshive.com. This comprehensive guide will help you navigate the administration of your NetWare system with ease. Get your manual today and ensure your business continuity with confidence.

Share
Download
background image

94

Novell Business Continuity Clustering 1.1 for NetWare Administration Guide

no

vd

ocx (

e

n)

  1

1

 Decemb

er

 2

007

Disabling SSL for Inter-Cluster Communication

Disabling SSL for inter-cluster communication should only be done for debugging purposes, and 
should not be done in a production environment or for an extended period of time.

To turn off SSL for inter-cluster communication, or to specify adifferent communication port, you 
need to modify the NCS cluster object that is stored in eDirectory using an eDirectory management 
tool such as iManager or ConsoleOne. See the 

Novell iManager 2.5 Administration Guide

 for 

information on using iManager.

Disabling SSL communication to a specific peer cluster requires changing the BCC management 
address to the peer cluster. The address is contained in the NCS:BCC Peers attribute that is stored on 
the NCS cluster object.

For example, a default NCS:BCC Peers attribute could appear similar to the following sample:

<peer><cluster>chicago_cluster</cluster><tree>DIGITALAIRLINES-TREE</
tree><address>123.45.78.10</address></peer>

To disable SSL for intercluster communication, you would change the attribute to the following:

<peer><cluster>chicago_cluster</cluster><tree>DIGITALAIRLINES-TREE</
tree><address>http://123.45.78.10</address></peer>

The BCC management address of 'chicago_cluster' now specifies non-secure http communication.

The BCC management port can also be changed by modifying the NCS:BCC Peers attribute values.  

The default ports for secure and non-secure inter-cluster communication are 5989 and 5988 
respectively. 

For example, if you want to change the secure port on which OpenWBEM listens to 1234, you 
would change the attribute value in the above example to:

<peer><cluster>chicago_cluster</cluster><tree>DIGITALAIRLINES-TREE</
tree><address>123.45.78.10:1234</address></peer>

The attribute now specifies that inter-cluster communication will use https over port number 1234.

The 'NCS:BCC Peers' attribute has a value for each peer cluster in the BCC. Attribute values are 
synchronized among peer cluster by the BCC IDM driver, so a change to an attribute value on one 
cluster will cause that attribute value to be synchronized to each peer cluster in the BCC.

The changes will not take effect until either a reboot of each cluster node, or by a restart of BCC 
software on each cluster node.

The following table provides an example of possible combinations of scheme and port specifier for 
the <address> tag for values of the NCS:BCC Peers attribute:

<resourceOnlineTimeout>

The number of seconds BCC will wait for a 
resource to go online during a BCC migrate.

300

<scanForNewDevicesDelay>

The number of seconds BCC sleeps after 
performing a "Scan for new Devices" during a 
BCC migrate of a resource.

5

Setting

Description

Default Value

Summary of Contents for BUSINESS CONTINUITY CLUSTERING FOR NETWARE 1.1 - ADMINISTRATION

Page 1: ...l c o m novdocx en 11 December 2007 Novell Business Continuity Clustering 1 1 for NetWare Administration Guide Business Continuity Clustering for NetWare 1 1 F e b r u a r y 1 5 2 0 0 8 A D M I N I S...

Page 2: ...t or re export to entities on the current U S export exclusion lists or to any embargoed or terrorist countries as specified in the U S export laws You agree to not use deliverables for prohibited nuc...

Page 3: ...ll Trademarks For Novell Trademarks see the Novell Trademark and Service Mark list http www novell com company legal trademarks tmlist html Third Party Materials All third party trademarks are the pro...

Page 4: ...novdocx en 11 December 2007...

Page 5: ...nuity Cluster Component Locations 25 2 4 Configuring File System Mirroring 25 2 4 1 Configuring NSS Mirroring 26 2 4 2 Configuring SAN Based Mirroring 29 2 4 3 LUN Masking 29 2 5 Setting Up Novell Bus...

Page 6: ...ters Not Functional 65 4 14 Resource Does Not Migrate to Another Cluster 65 4 15 Resource Cannot Be Brought Online 65 4 16 Dumping Syslog on NetWare 66 4 17 Slow Failovers 66 4 18 Resource Script Sear...

Page 7: ...B Setting Up Auto Failover 87 B 1 Enabling Auto Failover 87 B 2 Creating an Auto Failover Policy 88 B 3 Refining the Auto Failover Policy 88 B 4 Adding or Editing Monitor Configurations 89 C Security...

Page 8: ...8 Novell Business Continuity Clustering 1 1 for NetWare Administration Guide novdocx en 11 December 2007...

Page 9: ...installing configuring and managing Novell Cluster Services Feedback We want to hear your comments and suggestions about this manual and the other documentation included with this product Please use...

Page 10: ...10 Novell Business Continuity Clustering 1 1 for NetWare Administration Guide novdocx en 11 December 2007...

Page 11: ...have to be carefully planned and replicated One mistake and the redundant site is no longer able to effectively take over in the event of a disaster 1 1 Disaster Recovery Implications The implication...

Page 12: ...isaster occurs in one data center the other automatically takes over Figure 1 1 Stretch Cluster Cluster of Clusters A cluster of clusters consists of two or more clusters in which each cluster is loca...

Page 13: ...ibre Channel Switch Fibre Channel Disk Arrays Building A Building B Server 2A Ethernet Switch Server 3A Server 1A Server 4A Fibre Channel Switch Fibre Channel Disk Arrays Disk blocks Ethernet Switch W...

Page 14: ...in a separate eDirectory tree IP addresses for each cluster can be on different IP subnets It accommodates more than two sites and cluster resources can fail over to separate clusters multiple site f...

Page 15: ...g software provides the following advantages Integrates with SAN hardware devices to automate the failover process using standards based mechanisms such as SMI S Utilizes Novell Identity Manager techn...

Page 16: ...arios include A Two Site Business Continuity Cluster Solution A Multiple Site Business Continuity Cluster Solution A Low Cost Business Continuity Cluster Solution Two Site Business Continuity Cluster...

Page 17: ...ks is typically done by SAN vendors but can be done by host based mirroring for synchronous replication over short distances The illustration below depicts a four site business continuity cluster Serv...

Page 18: ...and hotels Low Cost Business Continuity Cluster Solution The low cost business continuity cluster solution is similar to the previous two solutions but replaces Fibre Channel arrays with iSCSI arrays...

Page 19: ...ection 2 1 1 NetWare 6 5 SP 5 or SP 6 OES 1 SP2 or SP3 NetWare on page 19 Section 2 1 2 Novell eDirectory 8 8 on page 20 Section 2 1 3 Novell Cluster Services 1 8 2 for NetWare on page 20 Section 2 1...

Page 20: ...erface separately The CLI for the SAN might not initially be included with your hardware Also some SAN hardware may not be SMI S compliant and can t be managed using SMI S commands The recommended con...

Page 21: ...xec ncf File The sys system autoexec ncf file must be modified so that the call to sys bin unixenv ncf is before the calls to openwbem ncf and ldbcc ncf 2 1 9 Shared Disk Systems For Business Continui...

Page 22: ...e 25 for specific information on where to install IDM components NOTE Filtered eDirectory replicas are not supported with this version of Business Continuity Cluster software Full replicas are require...

Page 23: ...the following sections Section 2 3 1 Business Continuity Cluster Licensing on page 23 Section 2 3 2 Running the Business Continuity Cluster Installation Program on page 23 Section 2 3 3 Business Cont...

Page 24: ...uished name for the cluster where you want to install the core software files If you don t know the fully distinguished name for the cluster you can browse and select it 6 Select the servers in the cl...

Page 25: ...ach method has its own strengths and weaknesses After considering the different methods you will need to choose either host based mirroring or SAN based mirroring also called array based mirroring and...

Page 26: ...e mirrored after they are created If you have an existing partition that you want to mirror you can either create another partition of equal size on another device to mirror the first partition to or...

Page 27: ...be activated and cluster enabled when it is created The Activate on Creation feature is enabled by default This causes the pool to be activated as soon as it is created If you choose not to activate...

Page 28: ...of the Novell Cluster Services 1 8 2 Administration Guide for NetWare Novell Cluster Services Configuration and Setup After configuring NSS mirroring and creating a pool and volume on the mirrored NS...

Page 29: ...ntinuity Cluster software consists of Configuring Business Continuity Specific IDM Drivers on page 29 Configuring Clusters for Business Continuity on page 35 Configuring Cluster Resources for Business...

Page 30: ...iver link 4 Choose to place the new driver in a new driver set then click Next Both the User Object Synchronization Driver and the Cluster Resource Synchronization Driver can be added to the same driv...

Page 31: ...olume objects You would then specify the context of the new container in this step The IDM Driver object must have sufficient rights to create modify and delete objects and attributes in the following...

Page 32: ...ext You must specify the driver name including the context you supplied in Step 8 on page 30 for this cluster Use the following format when specifying the driver name DriverName DriverSet Organization...

Page 33: ...in a manner that prevents IDM synchronization loops IDM synchronization loops can cause excessive network traffic and slow server communication and performance For example in a three cluster business...

Page 34: ...nge your BCC synchronization scenario 1 In the Connections section of the Business Continuity Cluster Properties page select one or more peer clusters that you want a cluster to synchronize to then cl...

Page 35: ...e cluster you are enabling for business continuity 2 Enter your username and password 3 Ensure that the Business Continuity specific IDM drivers are running 3a In the left column click DirXML and then...

Page 36: ...esources to 4 Continue with Step 1 in the Adding Resource Script Search and Replace Values section below Adding Resource Script Search and Replace Values To enable a resource for business continuity c...

Page 37: ...iguration Information You can create scripts and add commands that are specific to your SAN hardware These scripts and commands might be needed to promote mirrored LUNs to primary on the cluster where...

Page 38: ...rt If you checked the CIM Client check box in the previous screen accept the default port number or specify a different port number This is the port number that CIMOM your SAN manager uses Consult you...

Page 39: ...ch time the server starts For this reason you can t assign eDirectory trustee rights to the _Admin volume To assign BCC administrative user eDirectory trustee rights 1 Start your Internet browser and...

Page 40: ...rite fileScan modify rights addTrustee Note the following items with this example The name element is the BCC administrative user The tree name is required The filename element must be _ADMIN Novell C...

Page 41: ...ling a Cluster Resource for Business Continuity Cluster resources must be enabled for business continuity on the primary cluster before they can be synchronized and appear as resources in the other cl...

Page 42: ...for business continuity certain values such as IP addresses DNS names and tree names specified in resource load and unload scripts need to be changed in corresponding resources in the other clusters...

Page 43: ...load and unload scripts in the source cluster to their original values Selecting Peer Clusters for the Resource Peer clusters are the other clusters that this cluster resource can be migrated to The c...

Page 44: ...ster site to manually migrate or bring up resources at that site Each resource will start on its preferred node on the destination cluster TIP You can use the cluster migrate command to start resource...

Page 45: ...and password for the administrative user that the selected cluster will use to connect to a selected peer cluster You might need to do this if the administrator username or password changes for any cl...

Page 46: ...er connections are down You can also see the status of the BCC resources in the business continuity cluster Using the Server Console At the server console of a server in the business continuity cluste...

Page 47: ...clusters where you no longer want the resource to run IMPORTANT If you disable BCC for a cluster using either iManager or the Cluster Disable console command BCC will also be disabled for those clust...

Page 48: ...be BCC enabled This can be a time consuming process if you have many BCC enabled cluster resources For this reason you should use caution when disabling BCC for an entire cluster CLUSTER ENABLE resour...

Page 49: ...one node is a member of the cluster 1 After a failure bring up one node in the cluster All other nodes should remain powered off 2 Run the cluster resetresources command 3 Bring up the remaining nodes...

Page 50: ...t manually The former primary SAN must be demoted to secondary before bringing cluster servers back up Consult your SAN hardware documentation for instructions on demoting and promoting SANs You can u...

Page 51: ...Lost Users might not be able to access servers in the primary cluster but can possibly access servers in the secondary cluster If both clusters are up nothing additional is required An error will be d...

Page 52: ...ack up Additional response is the same as for SAN based mirroring described above Secondary SAN Fails but Secondary Cluster Does Not Bring up your secondary SAN or iSCSI target before bringing up your...

Page 53: ...on on what is required for BCC 1 1 See Upgrading to OES NetWare http www novell com documentation oes install nw data hqwoj1yu html hqwoj1yu for more information on upgrading NetWare In addition to up...

Page 54: ...orms the necessary updates to convert BCC 1 0 to BCC 1 1 This includes searching eDirectoryTM for SAN scripts and updating those scripts to be SMI S compliant 3 1 4 Resetting BCC Administrative User C...

Page 55: ...nodes in BCC 1 0 clusters to BCC 1 1 for NetWare To do this follow the instructions in Section 3 1 Upgrading BCC 1 0 to BCC 1 1 for NetWare on page 53 IMPORTANT All cluster nodes in every cluster in y...

Page 56: ...cember 2007 The same restrictions that apply to migrating or failing over resources between nodes within a mixed cluster also apply to migrating or failing over resources between clusters in a mixed B...

Page 57: ...3 Administration of Peer Clusters Not Functional on page 65 Section 4 14 Resource Does Not Migrate to Another Cluster on page 65 Section 4 15 Resource Cannot Be Brought Online on page 65 Section 4 16...

Page 58: ...u entered the wrong username and or password for the selected peer cluster Enter the correct username and password that this cluster will use to connect to the selected peer cluster Cannot Connect 3 T...

Page 59: ...text field view and if necessary change the port numbers next to the IP address For example the Authentication context field might contain a value similar to 123 12 23 12 2003 2003 In this example the...

Page 60: ...ropriate contexts in your eDirectory tree to manage your BCC The IDM Driver object must have sufficient rights to create modify and delete objects and attributes in the following containers The Identi...

Page 61: ...recommends using SSL certificates for encryption and security NOTE You should create or use a different certificate than the default dummy certificate BCC Cluster Sync KMO that is included with BCC Se...

Page 62: ...lag with this option Stop BCC by entering rcnovell bccd stop at the server console then restart it by entering opt novell bcc sbin bccd flags Replace flags with any combination of v t and or d 4 8 Pro...

Page 63: ...led Click the red icon for the driver on the DirXML Driver Overview page You can enable the driver using the radio buttons in the Driver Startup section of the page that displays Selecting the Auto St...

Page 64: ...er the URL for iManager The URL is http server_ip_address nps iManager html Replace server_ip_address with the IP address or DNS name of the server that has iManager and the IDM preconfigured template...

Page 65: ...e a resource from one cluster to another the problem might be caused by one of the following conditions The resource has not been BCC enabled Remote clusters cannot communicate See Section 4 12 Peer C...

Page 66: ...n back online for changes to the unload script to take effect Be aware that client data may be lost if clients are accessing the resource when it is brought offline 4 18 Resource Script Search and Rep...

Page 67: ...enable the General tab 6 Click Apply to save your changes 4 20 IP Address Virtual Server DN or Pool Name Does Not Appear on the iManager Cluster Configuration Page You might see a DSML read error if...

Page 68: ...ry Ensure that eDirectory and your clusters are stable before implementing BCC Engage Novell Consulting Engage a consulting group from your SAN vendor The cluster node that hosts the IDM driver should...

Page 69: ...e All user objects must be modified to have their Home Directory attribute reference the new volume object volume reference Use LDIF and ICE in the NSMI script Disk Array Mapping Information area This...

Page 70: ...er Message 1000 Unknown error 1001 Received XML is invalid 1002 The object pointers in eDirectory for the given cluster resource are invalid 1003 The referenced object is not a valid NCS BCC object 10...

Page 71: ...nced in the message that appears You can get additional information on how to use the log file by entering help log at the NetWare server console 1020 CIM Client error 1021 Error creating a system res...

Page 72: ...72 Novell Business Continuity Clustering 1 1 for NetWare Administration Guide novdocx en 11 December 2007...

Page 73: ...their virtual nature virtual IP addresses and virtual NICs behave like physical IP addresses and physical NICs and they are similarly configured using either the INETCFG server based utility or the Ne...

Page 74: ...s is especially true in the event of server NIC failures This assumes that the server is running a routing protocol and is advertising its internal virtual IP network which only it knows about and can...

Page 75: ...dvertise reachability to the 1 0 0 0 FF 0 0 0 network and the client would continue to forward packets to Router 1 Being undeliverable these packets would ultimately be dropped by Router 1 Therefore i...

Page 76: ...effects that directly follow from the highly reachable nature of virtual IP addresses They completely and uniquely identify a multihomed server A multihomed server with a virtual IP address no longer...

Page 77: ...The need often arises to move a machine hosting a particular service to some other IP network or to move a service hosted on a particular machine to be rehosted on some other machine connected to a di...

Page 78: ...o recognize and honor the advertised host routes In autonomous systems that use variable length subnet masking VLSM together with routing protocols like RIP II or OSPF the consumption of additional IP...

Page 79: ...OVERRIDE ON 2 The command to bind a virtual IP address for the service must be added to the cluster resource load script The following is an example of a cluster resource load script for a standard Ne...

Page 80: ...needed for any nonvolume cluster resources like DHCP 5 5 1 Displaying Bound Virtual IP Addresses To verify that a virtual IP address is bound enter display secondary ipaddress at the server console of...

Page 81: ...Directory tree For example if you have one tree that has 10 000 users and a second new tree that does not yet have users defined you can use DirXML to quickly copy the 10 000 users to the new tree For...

Page 82: ...n click OK 13 Optional Exclude the Admin User object from being synchronized 13a Click the Exclude Administrative Roles button then click Add 13b Browse to and select the Admin User object then click...

Page 83: ...e DirXMLOverview link 4 Search for and find the BCC driver set 5 Click the red Cluster Sync icon for the driver you want to sync then click the Migrate from eDirectory button 6 Click Add browse to and...

Page 84: ...Cluster Three both synchronize with Cluster One This is illustrated in Figure 2 4 below Figure A 2 Three Cluster IDM Synchronization Master You could also have Cluster One synchronize with Cluster Two...

Page 85: ...tree and you want to maintain that pool s volume trustee assignments you must migrate the pool to a server with an eDirectory replica The replica must be at least read only and must contain all users...

Page 86: ...86 Novell Business Continuity Clustering 1 1 for NetWare Administration Guide novdocx en 11 December 2007...

Page 87: ...luster has been restored some of the data on each cluster will be different This is called data divergence Also the mirroring or synchronization process will either fail or will attempt to overwrite a...

Page 88: ...ation The policy for automatic failover is configured by creating rules Each row in the Failover Policy Configuration table represents a rule that applies to a single cluster or to all clusters in the...

Page 89: ...ng the Advanced button will also display an additional section on this page called Health Monitor Configuration Monitors are an important part of the automatic failover feature and are separate proces...

Page 90: ...decnt monitors This value may be used for some custom monitors 5 Specify which platforms Linux or NetWare you want to be monitored by the health monitor and whether you want the monitor enabled for th...

Page 91: ...mation for Other Products on page 95 Feature Yes No Details Users are authenticated Yes Administrative users are authenticated via eDirectory Users are authorized Yes Users are authorized via eDirecto...

Page 92: ...me bccgroup adminGroupName authorizationCacheTTL 300 authorizationCacheTTL cimConnectTimeout 15 cimConnectTimeout cimReceiveTimeout 30 cimReceiveTimeout cimSendTimeout 30 cimSendTimeout idlePriorityTh...

Page 93: ...acheTTL The number of seconds the authorization rights are cached in the BCC OpenWBEM provider 300 seconds This is not supported until the first support pack cimConnectTimeout BCC CIM client connect t...

Page 94: ...ment address of chicago_cluster now specifies non secure http communication The BCC management port can also be changed by modifying the NCS BCC Peers attribute values The default ports for secure and...

Page 95: ...www novell com documentation oes nss_enu data bx8gp06 html eDirectory Security for eDirectory is provided by NICI See the NICI 2 7x Administration Guide http www novell com documentation nici27x nici...

Page 96: ...ounts or that protect BCC data should be examined periodically to ensure that they have not been tampered with When synchronizing cluster or user information between servers outside the corporate fire...

Page 97: ...changes are grouped and sequenced alphabetically Each change entry provides a link to the related topic and a brief description of the change This document was updated on the following dates Section...

Page 98: ...Administration Guide novdocx en 11 December 2007 D 1 2 Troubleshooting BCC 1 1 Location Change Section 4 4 Security Equivalent User on page 60 The NCP server objects for the virtual server of a BCC e...

Reviews:

No comments

Related manuals for BUSINESS CONTINUITY CLUSTERING FOR NETWARE 1.1 - ADMINISTRATION

DAVIS WeatherLink Addendum preview
WeatherLink
Brand: DAVIS Pages: 20
MACROMEDIA FLASH 8-FLASH Tutorials Manual preview
FLASH 8-FLASH
Brand: MACROMEDIA Pages: 292
MACROMEDIA BREEZE 5 Manual preview
BREEZE 5
Brand: MACROMEDIA Pages: 26
MACROMEDIA BREEZE Installation Manual preview
BREEZE
Brand: MACROMEDIA Pages: 32
Generic Media gMovie v1.4 Operating Instructions Manual preview
gMovie v1.4
Brand: Generic Media Pages: 17
Juniper JUNOS PUS MOBILE SECURITY SUITE Datasheet preview
JUNOS PUS MOBILE SECURITY SUITE
Brand: Juniper Pages: 6
Euphonix MixView 3.0 Overview preview
MixView 3.0
Brand: Euphonix Pages: 8
NAPCO BADGING3000 Datasheet preview
BADGING3000
Brand: NAPCO Pages: 2
Arturia Minimoog V Quick Start Manual preview
Minimoog V
Brand: Arturia Pages: 10
AppsDaily C2 User Manual preview
C2
Brand: AppsDaily Pages: 38
Nikon 9235 - Coolscan III Reference Manual preview
9235 - Coolscan III
Brand: Nikon Pages: 153
AMX AXD-CV6 Instruction Manual preview
AXD-CV6
Brand: AMX Pages: 54
LEI accessories MAPCREATE USA 6.3 - ADDENDUM Manual preview
MAPCREATE USA 6.3 - ADDENDUM
Brand: LEI accessories Pages: 1
Oracle B31679-01 Installation Manual preview
B31679-01
Brand: Oracle Pages: 130
Xils lab PolyKB II User Manual preview
PolyKB II
Brand: Xils lab Pages: 46
Waves PuigChild 660 User Manual preview
PuigChild 660
Brand: Waves Pages: 17
Patton electronics ForeSight 6300 NMS Administrator'S Reference Manual preview
ForeSight 6300 NMS
Brand: Patton electronics Pages: 156
Canon Pull Print Service Provider Version 1.0... User Manual preview
Pull Print Service Provider Version 1.0...
Brand: Canon Pages: 54

Brands by name

Popular brands

Load more brands