Novell BUSINESS CONTINUITY CLUSTERING 1.2.1 - ADMINISTRATION страница 129 Скачать руководство пользователя | Manualshive

Страница: 129 / 184

background image

Security Considerations

129

no

vd

ocx

(e

n)

7 Ja
nua
ry 201

0

Disabling SSL communication to a specific peer cluster requires changing the BCC management
address to the peer cluster. The address is contained in the NCS:BCC Peers attribute that is stored on
the NCS Cluster object.

For example, a default NCS:BCC Peers attribute could appear similar to the following example
where https:// is assumed and is never specified explicitly:

<peer>
<cluster>chicago_cluster</cluster>
<tree>DIGITALAIRLINES_TREE</tree>
<address>10.1.1.10</address>
</peer>

To disable SSL for inter-cluster communication, you would change the <address> attribute to
specify http:// with the IP address, as shown in the following example:

<peer>
<cluster>chicago_cluster</cluster>
<tree>DIGITALAIRLINES_TREE</tree>
<address>http://10.1.1.10</address>
</peer>

The BCC management address of

chicago_cluster

now specifies non-secure HTTP

communication.

The BCC management port can also be changed by modifying the NCS:BCC Peers attribute values.
The default ports for secure and non-secure inter-cluster communication are 5989 and 5988
respectively.

For example, if you want to change the secure port on which OpenWBEM listens from port 5989 to
port 1234, you would change the

<address>

attribute value in the above examples to:

<peer>
<cluster>chicago_cluster</cluster>
<tree>DIGITALAIRLINES_TREE</tree>
<address>10.1.1.10:1234</address>
</peer>

The attribute now specifies that inter-cluster communication uses HTTPS over port number 1234.

The NCS:BCC Peers attribute has a value for each peer cluster in the BCC. Attribute values are
synchronized among peer clusters by the BCC-specific Identity Manager driver, so a change to an
attribute value on one cluster causes that attribute value to be synchronized to each peer cluster in
the BCC.

The changes do not take effect until either a reboot of each cluster node, or a restart of the Business
Continuity Clustering software on each cluster node.

Table 14-4

provides an example of possible combinations of scheme and port specifier for the

<address>

tag for values of the NCS:BCC Peers attribute:

Table 14-4

Example of Scheme and Port Specifier Values for the NCS:BCC Peers Attribute

Value

Protocol Used

Port Used

10.1.1.10

HTTPS

5989

«
...
127
128
129
130
131
...
»

Содержание BUSINESS CONTINUITY CLUSTERING 1.2.1 - ADMINISTRATION

Страница 1: ...en 7 January 2010 AUTHORIZED DOCUMENTATION BCC 1 2 1 Administration Guide for OES 2 SP2 Linux Business Continuity Clustering 1 2 1 February 18 2010 Administration Guide for Novell Open Enterprise Serv...

Страница 2: ...or re export to entities on the current U S export exclusion lists or to any embargoed or terrorist countries as specified in the U S export laws You agree to not use deliverables for prohibited nucl...

Страница 3: ...l Trademarks For Novell trademarks see the Novell Trademark and Service Mark list http www novell com company legal trademarks tmlist html Third Party Materials All third party trademarks are the prop...

Страница 4: ...4 BCC 1 2 1 Administration Guide for OES 2 SP2 Linux novdocx en 7 January 2010...

Страница 5: ...2 25 2 1 BCC 1 2 1 ISO Image for OES 2 SP2 Linux January 2010 25 2 2 BCC 1 2 1 Patch for OES 2 SP2 Linux January 2010 25 2 2 1 System Requirements 25 2 2 2 BCC Engine 26 2 2 3 BCC Resource Driver Tem...

Страница 6: ...to the ncsgroup on Each Cluster Node 49 4 4 Installing and Configuring the Novell Business Continuity Clustering Software 50 4 4 1 Installing the Business Continuity Clustering RPMs 50 4 4 2 Configur...

Страница 7: ...Drivers 81 9 8 Changing the Identity Manager Synchronization Drivers 83 9 9 What s Next 84 10 Configuring BCC for Peer Clusters 85 10 1 Enabling Clusters for Business Continuity 85 10 2 Adding Peer C...

Страница 8: ...river Port Number Conflicts 113 13 5 Excluded Users 114 13 6 Security Equivalent User 114 13 7 SSL Certificates 115 13 8 Clusters Cannot Communicate 116 13 9 BCC Startup Flags 116 13 10 Identity Manag...

Страница 9: ...atus 144 D Configuration Worksheet for the BCC Drivers for Identity Manager 147 D 1 Cluster1 to Cluster2 147 D 2 Cluster2 to Cluster1 149 E Using Dynamic DNS with BCC 1 2 153 E 1 Requirements and Assu...

Страница 10: ...ary 5 2010 BCC 1 2 0 Patch for OES 2 SP1 Linux 178 H 3 1 Updating Patching BCC 1 2 on OES 2 SP1 Linux 178 H 3 2 What s New for BCC 1 2 179 H 4 January 7 2010 179 H 4 1 Configuring BCC for Peer Cluster...

Страница 11: ...s on page 103 Chapter 13 Troubleshooting Business Continuity Clustering on page 111 Chapter 14 Security Considerations on page 125 Appendix A Console Commands for BCC on page 133 Appendix B Setting Up...

Страница 12: ...l OES 2 SP1 Novell Cluster Services 1 8 6 for Linux Administration Guide http www novell com documentation oes2 clus_admin_lx data h4hgu4hs html Identity Manager 3 6 x Documentation Web site http www...

Страница 13: ...maintaining the multiple centers is a manual process that takes a great deal of planning and synchronizing Even configuration changes must be carefully planned and replicated One mistake and the redu...

Страница 14: ...14 Section 1 2 3 Stretch Clusters vs Cluster of Clusters on page 15 1 2 1 LAN Based versus Internet Based Applications Traditional LAN applications require a LAN infrastructure that must be replicated...

Страница 15: ...oryTM tree which requires the eDirectory replica ring to span data centers The IP addresses for nodes and cluster resources in the cluster must share a common IP subnet Capability Host Based Mirroring...

Страница 16: ...ata center automatically take over Figure 1 1 Stretch Cluster Cluster of Clusters A cluster of clusters consists of multiple clusters in which each cluster is located in a geographically separate data...

Страница 17: ...a disaster occurs in one data center the cluster in the other data center takes over Figure 1 2 Cluster of Clusters Comparison of Stretch Clusters and Cluster of Clusters Table 1 2 compares the capab...

Страница 18: ...irror of its SBD for high availability If the cluster of clusters uses host based mirroring the SBD is not mirrored between sites which minimizes the chance of LUNs at both locations becoming primary...

Страница 19: ...ster Link latency between sites Can cause false failovers The cluster heartbeat tolerance between master and slave must be increased to as high as 30 seconds Monitor cluster heartbeat statistics then...

Страница 20: ...in problem if host based mirroring is used An SBD partition must be mirrored between sites It accommodates only two sites All IP addresses must reside in the same subnet Resource configurations must b...

Страница 21: ...es Identity Manager technology to automatically synchronize and transfer cluster related eDirectory objects from one cluster to another Provides the capability to fail over as few as one cluster resou...

Страница 22: ...at uses storage based data replication between the sites BCC uses eDirectory and Identity Manager to synchronize cluster information between the two clusters Figure 1 3 Two Site Business Continuity Cl...

Страница 23: ...allow the business to continue Internet based applications allow employees to work from any place that offers an Internet connection including homes and hotels 1 4 3 Low Cost Business Continuity Clust...

Страница 24: ...k that is configured for Novell Cluster Services It is also BCC enabled so that it can be migrated and failed over between nodes in different peer clusters 1 5 3 Landing Zone The landing zone is an eD...

Страница 25: ...ee Novell Business Continuity Clustering How to Buy http www novell com products businesscontinuity howtobuy html 2 2 BCC 1 2 1 Patch for OES 2 SP2 Linux January 2010 In January 2010 a BCC 1 2 1 patch...

Страница 26: ...source driver template for Identity Manager is the same as the template delivered in the BCC 1 2 0 patch for OES 2 SP1 Linux It has a different version number but it is functionally the same For infor...

Страница 27: ...source driver template for Identity Manager that offers the following new feature and bug fixes Uses a newer policy linking format so that you are no longer prompted to update the driver in iManager N...

Страница 28: ...d on a 64 bit operating system Updating to Identity Manager 3 6 1 is needed only for 64 bit support or to take advantage of bug fixes that might be offered in 3 6 1 For information about upgrading fro...

Страница 29: ...tinue in the event of a disaster Design the infrastructure based on your business needs Determine your design criteria by asking and answering the following questions What are the key services that dr...

Страница 30: ...3 1 VLAN Use a dedicated VLAN virtual local area network for each cluster The cluster protocol is non routable so you cannot direct communications to specific IP addresses Using a VLAN for the cluste...

Страница 31: ...ster resource never need to change The IP address of an inbound cluster resource is transformed to use an IP address in the same subnet of the peer cluster where it is being cluster migrated You defin...

Страница 32: ...using host based mirroring or storage based mirroring Storage based mirroring is recommended When using host based mirroring make sure that the mirrored partitions are accessible for the nodes of only...

Страница 33: ...CC enabled its configuration is automatically synchronized with every peer cluster in the business continuity cluster by using customized Identity Manager drivers The following eDirectory objects are...

Страница 34: ...ad use names that are independent of the clusters and that are unique across all peer clusters For example replace the clustername with something static such as BCC Cluster Resource poolname_SERVER Cl...

Страница 35: ...nuity cluster the volume IDs for the existing shared volumes might also share the same volume IDs To resolve this conflict manually edit the load script for each volume that has been enabled for busin...

Страница 36: ...36 BCC 1 2 1 Administration Guide for OES 2 SP2 Linux novdocx en 7 January 2010...

Страница 37: ...nts for BCC 1 2 1 for OES 2 SP2 Linux The requirements in this section must be met prior to installing Novell Business Continuity Clustering 1 2 1 for OES 2 SP2 Linux Section 4 1 1 Business Continuity...

Страница 38: ...S 2 SP2 Linux eDir Novell eDirectory 8 8 5 IDM Identity Manager 3 6 1 32 bit or 64 bit iManager Novell iManager 2 7 3 NCS Novell Cluster Services 1 8 7 for OES 2 SP2 Linux with the January 2010 patch...

Страница 39: ...the business continuity cluster Cluster Names on page 39 Storage on page 39 eDirectory on page 39 Peer Cluster Credentials on page 40 Cluster Names Each cluster must have a unique name even if the clu...

Страница 40: ...in its own OU level container Each OU should reside in a different eDirectory partition As a best practice for each of the peer clusters put its Server objects Cluster object Driver objects and Landin...

Страница 41: ...y full replica must have at least read write access to the following containers in order for the cluster resource synchronization and user object synchronization to work properly The Identity Manager...

Страница 42: ...lows you to use the Identity Manager software the eDirectory driver and the Identity Manager management tools for Novell iManager 2 7 3 BCC driver templates are applied to the eDirectory driver to cre...

Страница 43: ...does not appear in iManager make sure that the eDirectory daemon ndsd is running on the server that contains the eDirectory master replica To restart ndsd on the master replica server enter the follow...

Страница 44: ...related plug ins are installed or if you upgraded this server from OES 2 Linux or NetWare 6 5 SP7 log in to iManager then uninstall all of the storage related plug ins that are currently installed in...

Страница 45: ...torage system is required for each peer cluster in the business continuity cluster See Shared Disk System Requirements in the OES 2 SP2 Novell Cluster Services 1 8 7 for Linux Administration Guide In...

Страница 46: ...m can be used to mask LUNs or to provide zoning configuration of the SAN fabric to prevent shared volumes from being corrupted by non cluster servers IMPORTANT We recommend that you implement LUN mask...

Страница 47: ...plorer browser click View Encoding then select the supported character encoding setting 4 2 Downloading the Business Continuity Clustering Software For new installs before you install Novell Business...

Страница 48: ...nfiguring Linux User Management LUM for the group You also add the Linux nodes Node objects of each node in every cluster in the BCC to this BCC group IMPORTANT Having a LUM enabled BCC group and user...

Страница 49: ...Attributes Rights property 7 Click Done to save your changes 8 Repeat Step 3 through Step 7 for the peer clusters in your business continuity cluster 4 3 3 Adding the BCC Administrator User to the nc...

Страница 50: ...Linux on page 37 The BCC Administrator user and group must already be configured as specified in Section 4 3 Configuring a BCC Administrator User and Group on page 48 You must install the Business Co...

Страница 51: ...then select the BCC rpm files 4 After the packages are installed exit YaST 5 Continue with Section 4 4 2 Configuring BCC Software on page 51 4 4 2 Configuring BCC Software Perform the following tasks...

Страница 52: ...r clusters The templates are required to configure your business continuity cluster You must have previously installed iManager on the server where you plan to install the templates You should install...

Страница 53: ...urce on page 55 4 5 1 Creating a YaST Auto Configuration Profile 1 In a text editor create a YaST auto configuration profile XML file named bccprofile xml Auto configuration files are typically stored...

Страница 54: ...NFS share by opening a shell and running yast2 nfs_server Then continue with Step 3 below 3 Select Start NFS Server then click Next 4 Click Add Directory and enter the following tmp bcc_install 5 Ente...

Страница 55: ...ss Continuity Clustering installation directory click Delete then click Finish 4 5 5 Cleaning Up the Business Continuity Clustering Installation Source Clean up the Business Continuity Clustering inst...

Страница 56: ...56 BCC 1 2 1 Administration Guide for OES 2 SP2 Linux novdocx en 7 January 2010...

Страница 57: ...8 Section 5 4 Installing the BCC Patch Along With the OES 2 SP2 Linux Patches on page 59 5 1 System Requirements for the BCC 1 2 1 Patch The following system requirements are new for the BCC 1 2 1 pat...

Страница 58: ...S 2 SP1 Linux and have deleted and re created the Identity Manager drivers to use the new template for BCC 1 2 0 it is not necessary to delete and re create the drivers again for BCC 1 2 1 5 3 Install...

Страница 59: ...BCC drivers with the new template from the BCC 1 2 0 patch on the OES 2 SP1 Linux servers 6 Restart Tomcat by entering the following command at a terminal console prompt rcnovell tomcat5 restart 7 Ve...

Страница 60: ...e business continuity cluster 4 After all nodes in every peer cluster are updated do one of the following for the BCC drivers for Identity Manager Delete and Re Create BCC Drivers On the Identity Mana...

Страница 61: ...existing business continuity cluster The BCC cluster environment must meet the system requirements described in Requirements for BCC 1 2 for OES 2 SP1 Linux http www novell com documentation bcc bcc1...

Страница 62: ...n applied to each node in every peer cluster in the business continuity cluster 4 After all nodes in every peer cluster are updated do one of the following for the BCC drivers for Identity Manager Re...

Страница 63: ...il the OES 2 SP1 Linux patches and the BCC 1 2 0 patch have been applied to each node in every peer cluster in the business continuity cluster 4 After all nodes in every peer cluster are updated do on...

Страница 64: ...64 BCC 1 2 1 Administration Guide for OES 2 SP2 Linux novdocx en 7 January 2010...

Страница 65: ...o 32 Bit Identity Manager 3 6 1 On a 32 bit OES 2 SP1 Linux operating system you can install the 32 bit version of Identity Manager 3 6 1 to automatically upgrade Identity Manager to the latest versio...

Страница 66: ...the 64 bit OES 2 SP1 Linux then install Identity Manager 3 6 1 and iManager 2 7 2 on the system as described in Section 4 1 7 Identity Manager 3 6 1 Bundle Edition on page 42 3 Re create the BCC driv...

Страница 67: ...ter at a time Do not finalize the cluster conversion for the peer cluster at this time Repeat the NetWare to Linux conversion of the nodes for each peer cluster so that all of the nodes in every peer...

Страница 68: ...inux nodes but Cluster B cannot All nodes in Cluster B must be either NetWare or Linux The same restrictions that apply to migrating or failing over resources between nodes within a mixed cluster also...

Страница 69: ...guring the Identity Manager Drivers for BCC on page 71 8 5 Finalizing the BCC Cluster Conversion Normally when converting a NetWare cluster to Linux you need to run the cluster convert command after e...

Страница 70: ...70 BCC 1 2 1 Administration Guide for OES 2 SP2 Linux novdocx en 7 January 2010...

Страница 71: ...derstanding the BCC Drivers Business Continuity Clustering provides two templates that are used with the eDirectory driver in Identity Manager to create the BCC drivers Cluster Resource Synchronizatio...

Страница 72: ...stance on both cluster nodes For example if you specify 2003 as the port number for the Cluster Resource Synchronization driver on one cluster you must specify 2003 as the port number for the same Clu...

Страница 73: ...rivers communicates to this node For example let s consider a three cluster business continuity cluster You can set up a communications channel for the Cluster Resource Synchronization driver between...

Страница 74: ...uity Cluster with User Object Synchronization When you extend the single tree example for a four cluster business continuity cluster you can set up similar communications channels for the Cluster Reso...

Страница 75: ...nnels as shown in Table 9 11 You also need to install an instance of the User Object Synchronization driver on a different port between the two clusters that communicate across the two trees or across...

Страница 76: ...lows you to use drivers beyond an evaluation period The credential can be found in the BCC license In the Identity Manager interface in iManager enter the credential for each driver that you create fo...

Страница 77: ...an eDirectory full replica with at least read write access to all eDirectory objects that will be synchronized between clusters For information about the full replica requirements see Section 4 1 5 No...

Страница 78: ...ed are also included with each field Driver name for this driver instance Specify a unique name for this driver to identify its function The default name is BCC Cluster Sync We recommend that you indi...

Страница 79: ...e the Cluster object resides The container where the server objects reside If server objects reside in multiple containers this must be a container high enough in the tree to be above all containers t...

Страница 80: ...er html Replace server_ip_address with the IP address or DNS name of the server that has iManager and the Identity Manager preconfigured templates for iManager installed 2 Specify your username and pa...

Страница 81: ...dentity Manager then click the Identity Manager Overview link 4 Search to locate the BCC driver set the click the driver set link 5 Click the red Cluster Sync icon for the driver you want to synchroni...

Страница 82: ...er Two and Cluster Three both synchronize with Cluster One This is illustrated in Figure 9 2 below Figure 9 2 Three Cluster Identity Manager Synchronization Master You could also have Cluster One sync...

Страница 83: ...peer clusters as illustrated in Figure 9 4 Figure 9 4 Single Tree Four Cluster Identity Manager Synchronization Scenario 9 8 Changing the Identity Manager Synchronization Drivers To change your BCC sy...

Страница 84: ...iness Continuity Clustering software installed Identity Manager installed The BCC specific Identity Manager drivers configured and running Be enabled for business continuity 9 9 What s Next After the...

Страница 85: ...nfiguration Information on page 89 Section 10 5 Configuring CIMOM Daemons to Bind to IP Addresses on page 92 Section 10 6 Enabling Linux POSIX File Systems to Run on Secondary Clusters on page 92 Sect...

Страница 86: ...add the authentication credentials username and password of the user who the selected cluster will use to authenticate to a selected peer cluster IMPORTANT In order to add or change peer cluster cred...

Страница 87: ...terface from a console prompt to set credentials 1 In the Connections section of the Business Continuity Cluster Properties page select the peer cluster then click Edit In order for a cluster to appea...

Страница 88: ...ick Apply To force an immediate update of the scripts for ClusterA open the script for ClusterB add a blank line then click Apply You can see the IP addresses that are currently assigned to resources...

Страница 89: ...and unload scripts for each BCC enabled resource in each peer cluster You can add commands that are specific to your storage hardware These scripts and commands might be needed to promote mirrored LU...

Страница 90: ...gured templates for iManager installed 2 Specify your username and password specify the tree where you want to log in then click Login 3 In Roles and Tasks click Clusters then click the Cluster Option...

Страница 91: ...for storage management communications Script parameters If desired specify variables and values for the variables that are used in the storage management script To specify a variable click New then p...

Страница 92: ...o 0 0 0 0 which is the default Change the following section in the openwbem conf file http_server listen_addresses option specifies the local addresses to listen on The option is a space delimited lis...

Страница 93: ...mation in the value fields 9 Under Script Parameters click New then specify the following Name Specify the variable name as CONTAINER_NAME This value is case sensitive and should be entered as CONTAIN...

Страница 94: ...sable BCC for each of the cluster resources running on that cluster Make sure to remove the secondary peer clusters from the cluster resource s Assigned list before you disable BCC for the resource on...

Страница 95: ...97 Section 11 3 Changing Peer Cluster Credentials on page 97 Section 11 4 Viewing the Current Status of a Business Continuity Cluster on page 98 Section 11 5 Generating a Cluster Report on page 99 Se...

Страница 96: ...where you have migrated them 11 1 2 Migrating Cluster Resources between Clusters WARNING Do not migrate resources for a test failover if the storage connection between the source and destination clust...

Страница 97: ...uster Back in Service If a cluster has been totally downed all nodes are down concurrently the peer clusters do not automatically recognize the cluster if you bring the nodes back online To bring the...

Страница 98: ...inuity cluster by using either iManager or the server console of a cluster in the business continuity cluster Section 11 4 1 Using iManager to View the Cluster Status on page 98 Section 11 4 2 Using C...

Страница 99: ...you more quickly recover a cluster Some of the failure types and responses differ depending on whether you have implemented storage based mirroring or host based mirroring Promoting or demoting LUNs...

Страница 100: ...imary Then bring up the former primary cluster servers and fail back the cluster resources Secondary Cluster Fails but Secondary Storage System Does Not Secondary clusters are not currently running th...

Страница 101: ...page 102 Primary Storage System Fails and Causes the Primary Cluster to Fail on page 102 Secondary Storage System Fails and Causes the Secondary Cluster to Fail on page 102 Intersite Storage System Co...

Страница 102: ...Secondary clusters are not currently running the resource When the secondary storage system fails the secondary cluster also fails Bring the secondary storage back up Bring up your secondary cluster s...

Страница 103: ...n page 109 Section 12 8 Deleting or Unsharing a BCC Enabled Shared NSS Pool Resource on page 109 12 1 Requirements for Cluster Resources Section 12 1 1 LUNs for Cluster Pool Resources on page 103 Sect...

Страница 104: ...cluster 1 Start your Internet browser and enter the URL for iManager The URL is http server_ip_address nps iManager html Replace server_ip_address with the IP address or DNS name of the server that ha...

Страница 105: ...when you create the resource Whenever a resource fails over to a different peer cluster these properties must be changed to values that work in the destination peer cluster BCC provides a Search and R...

Страница 106: ...ou specify to the resource s Assigned clusters list where the resource can be migrated You can migrate a resource only to one of the clusters that has been selected When you add a new peer cluster or...

Страница 107: ...the following for each peer cluster where you plan to failover the cluster resource 1 In iManager click Clusters then click Cluster Options 2 Browse to locate and select the Cluster object of the pee...

Страница 108: ...entire cluster If BCC enabled resources need to be BCC disabled remove the secondary peer clusters from the resource s assigned list then disable BCC only from the primary cluster either by using iMan...

Страница 109: ...t to the Cluster object not to Cluster Node objects On the Storage Pools page for iManager connect to the master node Run NSSMU only on the master node You must disable BCC for a shared NSS pool befor...

Страница 110: ...odify the unload script by removing any commands related to the BCC then click Apply 4 Select Clusters Cluster Options select the shared NSS pool resource then select Online Keep the NSS pool but unsh...

Страница 111: ...ity Manager Drivers Do Not Synchronize Objects from One Cluster to Another on page 117 Section 13 12 Tracing Identity Manager Communications on page 118 Section 13 13 Peer Cluster Communication Is Not...

Страница 112: ...rectory daemon ndsd is running on the server that contains the eDirectory master replica for that tree To restart ndsd on the master replica server enter the following command at its terminal console...

Страница 113: ...ter Sync icon or the blue User Sync icon 6 Click the red or blue icon again then click the Identity Manager tab if it is not already selected Cannot Connect 3 This cluster cannot connect to the select...

Страница 114: ...luster 13 5 Excluded Users If certain users do not synchronize between clusters it is possible that those users are in the excluded users list NOTE The eDirectory Admin user should never be synchroniz...

Страница 115: ...nistrative rights 1 Start your Internet browser and enter the URL for iManager The URL is http server_ip_address nps iManager html Replace server_ip_address with the IP address or DNS name of the serv...

Страница 116: ...hen click OK 6 Click Assigned Rights for the BCC Administrator user then ensure that the Read and Write check boxes are selected for the All Attributes Rights property 7 Click Done to save your change...

Страница 117: ...dio buttons in the Driver Startup section of the page that displays Selecting the Auto Start option is recommended Unknown communications problems See Section 13 12 Tracing Identity Manager Communicat...

Страница 118: ...a front html The trace messages are written to the ndstrace log file located in the directory where eDirectory is installed By default it is var nds You might want to delete this file before starting...

Страница 119: ...using OpenWBEM 13 14 A Resource Does Not Migrate to a Peer Cluster If you cannot migrate a resource from one cluster to a peer cluster the problem might be caused by one of the following conditions Th...

Страница 120: ...ecific resource instead of all resources in the cluster If you are testing search and replace functionality you might have made the changes too rapidly Identity Manager merges all changes into one so...

Страница 121: ...ject Host Server Virtual NCP Server Pool Object Class nssfsPool Host Server Virtual NCP Server 13 20 Blank Error String iManager Error Appears While Bringing a Resource Online If you get an error in i...

Страница 122: ...erver in the primary cluster and the Host Resource Name attribute must specify the name of the volume This new volume object can be referred to as a volume reference All User objects must be modified...

Страница 123: ...own error 1001 Received XML is invalid 1002 The object pointers in eDirectory for the given cluster resource are invalid 1003 The referenced object is not a valid NCS BCC object 1004 The referenced cl...

Страница 124: ...r activate and mount the deactive volumes 2 In iManager click Clusters then select the cluster resource for the clustered pool 3 Click Offline to dismount the pool s volumes and deactivate the pool Wa...

Страница 125: ...henticated via Novell eDirectoryTM For information about configuring rights needed by BCC administrators see Section 4 1 5 Novell eDirectory 8 8 5 on page 40 Users are authorized Yes Users are authori...

Страница 126: ...for Best Security Inter cluster communications scheme HTTP port 5988 HTTPS port 5989 HTTPS HTTPS Identity Manager communications Secure Non secure This is the certificate in the Identity Manager drive...

Страница 127: ...ialNormalThreads initialPriorityThreads 2 initialPriorityThreads ipcResponseTimeout 15 ipcResponseTimeout maximumPriorityThreads 20 maximumPriorityThreads minimumPriorityThreads 2 minimumPriorityThrea...

Страница 128: ...e authorization rights are cached in the BCC OpenWBEM provider 300 seconds cimConnectTimeout BCC CIM client connect timeout in seconds 15 seconds cimReceiveTimeout BCC CIM client receive timeout in se...

Страница 129: ...re and non secure inter cluster communication are 5989 and 5988 respectively For example if you want to change the secure port on which OpenWBEM listens from port 5989 to port 1234 you would change th...

Страница 130: ...ted with the administration of BCC should be the most secured Access to BCC configuration settings and logs should be restricted This includes file system access rights FTP access access via Web utili...

Страница 131: ...com documentation sles10 book_sle_reference data cha_inst_system_iscsi html in the SUSE Linux Enterprise Server 10 Installation and Administration Guide http www novell com documentation sles10 book_...

Страница 132: ...132 BCC 1 2 1 Administration Guide for OES 2 SP2 Linux novdocx en 7 January 2010...

Страница 133: ...ou can also enter cluster help at the console prompt to get information on the commands and their functions IMPORTANT You must be logged in as the root user or any other user in admin or ncsgroup Some...

Страница 134: ...CC for each individual cluster resource that you want to be enabled for business continuity This can be a time consuming process if you have many cluster resources that are enabled for business contin...

Страница 135: ...k into service The server where the command is issued must be a member of the cluster but does not need to be the one node that is currently in the cluster You should run this command when only one no...

Страница 136: ...for new devices for BCC enabled cluster resources that have BCC load unload scripts when cluster resources are migrated between peer clusters When BCC calls the API the script is executed on each node...

Страница 137: ...some of the data on each cluster is different This is called data divergence Also the mirroring or synchronization process either fails or attempts to overwrite any changed data on one cluster This c...

Страница 138: ...ercent or the total number of nodes the condition cannot be satisfied because the cluster will not be up to report this state If a cluster has been totally downed you must bring up the master node in...

Страница 139: ...ely that cluster membership information for a specific cluster will be reported to peer clusters when the connection to that specific cluster is down For example a rule might contain only one conditio...

Страница 140: ...the cluster or clusters that you want this monitor to apply to 3 Specify the maximum health indication that the monitor will report This value is used when creating a failover policy to validate the...

Страница 141: ...ased mirroring consult your storage system vendor or see the storage system vendor documentation Host based synchronous mirroring functionality is included with the Novell Storage ServicesTM NSS file...

Страница 142: ...sure these protocols are installed and running when you create the pool resource If you install the protocols after you create the pool you can use the Clusters plug in for iManager to add CIFS or AFP...

Страница 143: ...IMPORTANT Using the CIFS check box or the AFP check box requires that Novell CIFS for Linux or Novell AFP for Linux is already installed and configured on the nodes in the cluster and nodes in the pe...

Страница 144: ...that change information in the eDirectory objects for the shared pool or volume C 3 Novell Cluster Services Configuration and Setup After configuring NSS mirroring and creating a volume on the mirror...

Страница 145: ...S Pools 145 novdocx en 7 January 2010 IMPORTANT If you create or delete a pool or partition on shared storage that is part of a business continuity cluster you must run the cluster scan for new device...

Страница 146: ...146 BCC 1 2 1 Administration Guide for OES 2 SP2 Linux novdocx en 7 January 2010...

Страница 147: ...1 Cluster1 to Cluster2 First create a driver instance on the Identity Manager node for the first cluster in order to synchronize information from the first cluster to the second cluster Clusters for...

Страница 148: ...ization Driver name for this driver instance Example cluster1_to_cluster2 BCCCR Sync Example cluster1_to_cluster2 BCCUO Sync Default BCC Cluster Sync SSL certificate name to use for this driver instan...

Страница 149: ...synchronized to the source cluster for this driver instance The container must already exist and must be specified using dot format without the tree name Example clusters siteA example TIP Browse to...

Страница 150: ...synchronization and one driver instance for user object synchronization Driver name for this driver instance Example cluster2_to_cluster1 BCCCR Sync Example cluster2_to_cluster1 BCCUO Sync Default BC...

Страница 151: ...zone for this driver instance Specify the distinguished name of the container where the cluster enabled pool NCP server and volume objects for the destination cluster will be placed when they are sync...

Страница 152: ...152 BCC 1 2 1 Administration Guide for OES 2 SP2 Linux novdocx en 7 January 2010...

Страница 153: ...ys on page 154 Section E 1 4 DNS Record Time to Live Values on page 154 E 1 1 Software Requirements Install and configure your business continuity cluster using the following components Novell Busines...

Страница 154: ...rease dramatically If the values are too long the end users are unable to reconnect to the cluster resources after a BCC migration until the DNS records expire There is no perfect TTL value Each custo...

Страница 155: ...o configure your master DNS server E 2 2 Configuring the DNS Server with the Public Key Modify the DNS Server configuration to use the public TSIG key you generated in Section E 2 1 Creating the TSIG...

Страница 156: ...his is a sample zone section zone clusters site1 company com in file dyn clusters site1 company com type master allow update key cluster1 clusters site1 company com zone 1 1 10 in addr arpa in file dy...

Страница 157: ...HORITY SECTION clusters site1 company com 120 IN NS wkstn1 clusters site1 company com ADDITIONAL SECTION wkstn1 clusters site1 company com 120 IN A 10 1 1 172 Query time 0 msec SERVER 10 1 1 172 53 10...

Страница 158: ...reated in Section E 2 1 Creating the TSIG Keys for DNS Server Authentication on page 154 These keys have filenames of the form K name 157 random number key the public key and K name 157 random number...

Страница 159: ...e changes made in Step 6 and Step 7 occurred on the DNS Server 8a Use the dig utility with the DNS name to verify the IP address dig 10 1 1 172 ftp clusters site1 company com DiG 9 3 2 10 1 1 172 ftp...

Страница 160: ...10 1 1 172 WHEN Tue Aug 14 17 55 01 2008 MSG SIZE rcvd 127 9 Use the dig utility in a reverse lookup for the old IP address to make sure that it does not return an answer dig 10 1 1 172 x 10 1 1 215...

Страница 161: ...reate Perl based wrappers for the nsupdate utility commands before placing them in the BCC load script Typically the line for the nsupdate utility would be the last command to run in the script but th...

Страница 162: ...in the log file are meaningful For example a name of Dynamic DNS Update Resource Test1 identifies what the script does and which resource it is acting upon Description Specify information that helps...

Страница 163: ...r the parameters Script Copy and paste the dynamic DNS script into this edit box Synchronous When enabled selected this option synchronizes the execution of multiple BCC load and unload scripts This i...

Страница 164: ...ce Behavior area on the Cluster Resource Properties page This setting forces the given resource to always be hosted by the same node that is hosting the Novell Cluster Services master resource The key...

Страница 165: ...age 156 E 4 Testing the Dynamic DNS Solution After you have created the BCC load scripts for each resource in each of the peer clusters you are ready to test the overall dynamic DNS solution 1 Perform...

Страница 166: ...166 BCC 1 2 1 Administration Guide for OES 2 SP2 Linux novdocx en 7 January 2010...

Страница 167: ...network on each cluster node The network consists of the following Section F 1 1 Virtual Adapter on page 167 Section F 1 2 Host Mask on page 167 Section F 1 3 Internal Router on page 167 F 1 1 Virtua...

Страница 168: ...ng its internal virtual IP network which only it knows about and can reach to other network nodes The virtual IP addresses of the cluster resources are highly available because each resource has its o...

Страница 169: ...move a service hosted on a particular machine to be rehosted on some other machine connected to a different IP network If the service is hosted on a physical IP address accommodating these changes inv...

Страница 170: ...about OSPF Area IDs see Section F 3 1 Routing Protocol on page 170 The LAN routers are also where you define and handle the propagation of the routes to services that are using virtual IP addresses F...

Страница 171: ...addresses on a given virtual IP network must go unused thereby wasting a portion of the available address space Neither of these situations is desirable Fortunately the use of host masks remedies both...

Страница 172: ...l IP address information for the dummy0 adapter For example the old and new lines are emphasized in the following sample load script bin bash opt novell ncs lib ncsfuncs exit_on_error nss poolact POOL...

Страница 173: ...To verify that a virtual IP address is bound enter display secondary ipaddress at a terminal console of the cluster node where the virtual IP address is assigned This displays all bound virtual IP ad...

Страница 174: ...174 BCC 1 2 1 Administration Guide for OES 2 SP2 Linux novdocx en 7 January 2010...

Страница 175: ...by using the Business Continuity Clustering installation program 1 Log in as the root user on the server 2 Use one of the following methods to open the BCC Configuration page In YaST select Miscellane...

Страница 176: ...176 BCC 1 2 1 Administration Guide for OES 2 SP2 Linux novdocx en 7 January 2010...

Страница 177: ...178 Section H 4 January 7 2010 on page 179 Section H 5 September 9 2009 on page 181 Section H 6 August 14 2009 on page 182 Section H 7 May 11 2009 on page 182 Section H 8 April 28 2009 on page 183 H...

Страница 178: ...BCC 1 2 1 on OES 2 SP2 Linux This section is new H 2 3 What s New for BCC 1 2 H 3 February 5 2010 BCC 1 2 0 Patch for OES 2 SP1 Linux Updates were made to the following sections The changes are explai...

Страница 179: ...esses with BCC 1 2 on page 181 H 4 1 Configuring BCC for Peer Clusters Location Change Section 2 3 BCC 1 2 0 Patch January 2010 on page 26 This section is new A patch for BCC 1 2 for OES 2 SP1 Linux i...

Страница 180: ...properly whenever you attempt to modify the BCC configuration or manage the BCC enabled cluster resources Location Change Chapter 11 Managing a Business Continuity Cluster on page 95 IMPORTANT Identit...

Страница 181: ...n 7 1 Upgrading to 32 Bit Identity Manager 3 6 1 on page 65 It is not necessary to re create the BCC drivers if you perform an in place upgrade of 32 bit Identity Manager 3 6 to 32 bit Identity Manage...

Страница 182: ...Manager 3 6 1 This section is new H 6 4 What s New for BCC 1 2 H 7 May 11 2009 Updates were made to the following sections The changes are explained below Section H 7 1 Converting BCC Clusters from N...

Страница 183: ...Linux on page 183 H 8 1 Converting BCC Clusters from NetWare to Linux Location Change Chapter 8 Converting BCC Clusters from NetWare to Linux on page 67 Updated for clarity Chapter 8 Converting BCC C...

Страница 184: ...184 BCC 1 2 1 Administration Guide for OES 2 SP2 Linux novdocx en 7 January 2010...

Отзывы:

Нет отзывов

Похожие инструкции для BUSINESS CONTINUITY CLUSTERING 1.2.1 - ADMINISTRATION

CX-SUPERVISOR V3

Бренд: Omron Страницы: 5

Бренд: American DJ Страницы: 21

e-control Database Manager

Бренд: Crestron Страницы: 94

WISE INSTALLATION EXPRESS 7.0 SP2

Бренд: Symantec Страницы: 50

D-NE329SP - Atrac Cd Walkman Portable Player

Бренд: Sony Страницы: 2

D-NE20 - Atrac Cd Walkman

Бренд: Sony Страницы: 2

D-NE326CK - Atrac Cd Walkman Portable Player

Бренд: Sony Страницы: 2

D-NE329SP - Atrac Cd Walkman Portable Player

Бренд: Sony Страницы: 32

D-NE1 - Portable Cd Player

Бренд: Sony Страницы: 34

D-NE326CK - Atrac Cd Walkman Portable Player

Бренд: Sony Страницы: 35

D-NE1 - Portable Cd Player

Бренд: Sony Страницы: 116

Бренд: Ulead Страницы: 80

IRISPowerscan 9.5

Бренд: I.R.I.S. Страницы: 182

Doctor Pro 3 TM-9501

Бренд: A&D Страницы: 85

Бренд: Unibrain Страницы: 77

Бренд: FieldServer Страницы: 34

QConvergeConsole CLI 2400 Series

Бренд: Qlogic Страницы: 366

BREEZE-USING THE MACROMEDIA BREEZE MANAGER

Бренд: MACROMEDIA Страницы: 146

Бренды по названию

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Популярные бренды

Загрузить еще бренды