HP Serviceguard Toolkit for Integrity Virtual Servers manual HP-UX /opt/hp/cmappserver

Page 23

communications (that is, server public certificate distributed to the client; client public certificate distributed to the server). The default locations for the generated key files are:

For VM or vPar Hosts: /etc

For VM or vPar guests:

HP-UX: /opt/hp/cmappserver

Key generation on the VM or vPar Host

The following three commands must be executed on one VM or vPar Host to generate the client.private, client.public and temp.key security keys by using the keytool program.

For more information on these commands, see http://java.sun.com/j2se/1.4.2/docs/tooldocs/ solaris/keytool.html.

These commands create default key names and locations to successfully configure application monitoring.

HP Serviceguard commands control the startup and shutdown of the packaged VM or vPar guest.

NOTE: Create and set the current directory (that is, HP-UX cd command) to /etc/cmcluster/cmappmgr before executing these commands.

a.keytool -genkey -alias clientprivate -keystore client.private -storepass clientpw -keypass clientpw -validity 400

WARNING! On Linux systems, you might face problems while generating keys and using the “gcj” version of Java, such as “jre-1.4.2-gcj”. If this problem occurs, you must use another version of Java™ and the associated keytool.

NOTE:

This command prompts for a user name, organization, and physical location information to document the use of the key.

The —validityparameter is used to specify the number of days a key is valid. This does not affect private keys but is still a required parameter.

b.keytool -export -alias clientprivate -keystore client.private -file temp.key -storepass clientpw

c.keytool -import -noprompt -alias clientpublic -keystore client.public -file temp.key -storepass public

Key generation on the VM or vPar guest

The following three commands must be executed on each VM or vPar guest to generate the server.private, server.public and temp.key security keys. Set the current directory to /opt/hp/cmappserver on HP-UX/Linux guests before running these commands.

a.keytool -genkey -alias serverprivate -keystore server.private -storepass serverpw -keypass serverpw -validity 400

NOTE: This command prompts for a user name, organization and physical location information to document the use of the key.

b.keytool -export -alias serverprivate -keystore server.private -file temp.key -storepass serverpw

c.keytool -import -noprompt -alias serverpublic -keystore server.public -file temp.key -storepass public

23

Page 22 Page 24
Image 23
Page 22 Page 24
Contents Abstract Page Contents Dependencies HP Serviceguard Toolkit for Integrity Virtual ServersOverview AdvantagesHP Integrity VM Serviceguard toolkit HP Serviceguard Toolkit for Integrity Virtual Servers VM/vPar as Serviceguard packages Supported configurationFor example, # cmdeployvpkg -m 1 -P vm1 Network componentsStorage considerations Storage considerations #swremove SG-IVS-Toolkit # swinstall -s depot path# swlist -l product SG-IVS-Toolkit S802vswitchmgr Vparreset IvshpvmutilsVswitchmgr K004vswitchmgrCreating packages Using SG IVS toolkitPreconfiguration Change the vgnamecmd to vgchange -a s Check the configuration of the package Hpvmvolumegroup /dev/vgsharedACmmakepkg -m tkit/vtn/vpar -n vparname pkg.conf Using Serviceguard commandsCd /etc/cmcluster/vm/vParname Cmapplyconf -P pkg.conf Using SG IVS Toolkit commandsCmdeployvpkg command Servicename#cmdeployvpkg -m 1 -P vm or vpar name Managing packagesRunning packages Maintaining packagesConverting packages Halting packagesDeleting packages Run cmdeployvpkg -C -P vmname Configuring guest application monitoring service Failure of a monitored VM or vPar guest application Configuring guest application monitoring service Key generation on the VM or vPar guest HP-UX /opt/hp/cmappserverRpm -i cmappserverslesia64.rpm for Sles CmappserverAdd /opt/hp/cmappserver to the path #cmdeployvpkg -P vm1 -x merge -x appmon Cmappservertimeoutcmappserver connection timeout secondsHpux # cmdeployvpkg -P slvm1 -x merge -x appmonConfiguring guest application monitoring service Pathof fileonhost Lanmon Usr/sbin/cmappmgr -node remo1 -cmappservertimeoutLoglevel Hostlogfile fullAdm/vm1npivdiskmon.log Help VersionUpgrading cmappmgr/cmappserver combination Configuring guest application monitoring service For example # cmmovevpkg -v -P slvm1 -h xyzo2 Online VM guest package migrationOnline VM guest package migration Etc/cmcluster/scripts Mscripts Mastercontrolscript.sh TroubleshootingService monitor detected a failure in guest vmname Run cmdeployvpkg command with -m 0 optionCmcluster/scripts/tkit/vtn/ tkitmodule.sh Limitations Information to collect before contacting HP How to contact HPSupport and other resources Related information Typographic conventions HP authorized resellersDocumentation feedback TIP Page Page DMP GlossaryIndex
Top Page Image Contents