HP Serviceguard Toolkit for Integrity Virtual Servers manual Cmappserver

Page 24

SSL key distribution

After the keys are initially created on one VM or vPar Host, all other VM or vPar Hosts must use the same client.public key. Each VM or vPar guest generates its own server.public key, therefore, a unique name for each VM or vPar guest must be used , to rename the server.public key. For example, # mv server.public server_[guest name].public.

To distribute keys between VM or vPar Hosts and VM or vPar guests:

a.Copy the client.public file from the VM or vPar Host directory /etc/cmcluster/ cmappmgr to all VM or vPar guests in the /opt/hp/cmappserver directory.

b.Copy the uniquely-named server.public file from all VM or vPar guests to the VM or vPar Hosts in directory /etc/cmcluster/cmappmgr. For example, server.public renamed to server_mmpf121.public.

c.Copy all key files from the initial /etc/cmcluster/cmappmgr VM or vPar Host directory to the same directory on all other VM or vPar Host nodes

2.Configure the cmappmgr.conf file on VM or vPar Host.

The file /etc/cmappmgr.conf on the VM or vPar Host is used to specify location information for the SSL keys used for cmappmgr to cmappserver communications from the VM or vPar Host. An example of keyStore location (for example, client.private), the VM or vPar guest name from which the trustStore was obtained (for example, guest mmpf121), and the name of the trustStore file (for example, server_mmpf121.public) is shown below:

###############################################################

#(C) Copyright 2008 Hewlett-Packard Development Company, L.P.

#@(#) SG cmappmgr Configuration File

#@(#) Product Name : HP SG cmappmgr conf file

#@(#) Product Version : %%SG_VERSION%%

#@(#) Patch Name : %%SG_PATCH%%

#

###############################################################

keyStore=/etc/cmcluster/cmappmgr/client.private

#If unspecified, the default value is /etc/client.private keyStorePassword=

#If unspecified, the default value is clientpw

#Specify node name where the trustStore comes from, followed by a ":", e.g., mmpf121: trustStore=/etc/cmcluster/cmappmgr/server_mmpf121.public trustStorePassword=public

#If unspecified, the default value is /etc/server.public

#If unspecified, the default value is public

3.Install cmappserver depots on VM or vPar guests.

To install cmappserver on VM or vPar guests that are running applications, the cmappserver depot software must be copied from the VM or vPar Host directory /opt/hp/serviceguard/ cmappserver to the VM or vPar guest to be monitored. The destination for copying the depot software depends on the VM or vPar guest type being monitored.

For HP-UX guests (subdirectory 11iv2 or 11iv3):

Copy the depot cmappserver.depot from the VM or vPar Host to the /tmp directory on the VM or vPar guest.

To install the required files in the /opt/hp/cmappserver directory, in the VM or vPar guest, run the command swinstall -s /tmp/cmappserver.depot

CMAPPSERVER.

For Linux VM or vPar guests (subdirectory redhat or sles):

Copy the rpm file from the VM or vPar Host to a local directory on the VM or vPar guest.

To install the required files in the /opt/hp/cmappserver directory in the VM or vPar guest, run the command rpm -i cmappserver_rhel5_ia64.rpm (for Red Hat) or

rpm -i cmappserver_sles_ia64.rpm (for SLES 10),

24 Configuring guest application monitoring service

Page 23 Page 25
Image 24
Page 23 Page 25
Contents Abstract Page Contents HP Serviceguard Toolkit for Integrity Virtual Servers OverviewAdvantages DependenciesHP Integrity VM Serviceguard toolkit HP Serviceguard Toolkit for Integrity Virtual Servers Supported configuration VM/vPar as Serviceguard packagesNetwork components Storage considerationsFor example, # cmdeployvpkg -m 1 -P vm1 Storage considerations # swinstall -s depot path # swlist -l product SG-IVS-Toolkit#swremove SG-IVS-Toolkit Vparreset Ivshpvmutils VswitchmgrK004vswitchmgr S802vswitchmgrUsing SG IVS toolkit PreconfigurationCreating packages Change the vgnamecmd to vgchange -a s Hpvmvolumegroup /dev/vgsharedA Check the configuration of the packageUsing Serviceguard commands Cd /etc/cmcluster/vm/vParnameCmmakepkg -m tkit/vtn/vpar -n vparname pkg.conf Using SG IVS Toolkit commands Cmdeployvpkg commandServicename Cmapplyconf -P pkg.confManaging packages Running packagesMaintaining packages #cmdeployvpkg -m 1 -P vm or vpar nameHalting packages Deleting packagesConverting packages Run cmdeployvpkg -C -P vmname Configuring guest application monitoring service Failure of a monitored VM or vPar guest application Configuring guest application monitoring service HP-UX /opt/hp/cmappserver Key generation on the VM or vPar guestCmappserver Rpm -i cmappserverslesia64.rpm for SlesAdd /opt/hp/cmappserver to the path Cmappservertimeoutcmappserver connection timeout seconds #cmdeployvpkg -P vm1 -x merge -x appmon# cmdeployvpkg -P slvm1 -x merge -x appmon HpuxConfiguring guest application monitoring service Lanmon Usr/sbin/cmappmgr -node remo1 -cmappservertimeout LoglevelHostlogfile full Pathof fileonhostHelp Version Adm/vm1npivdiskmon.logUpgrading cmappmgr/cmappserver combination Configuring guest application monitoring service Online VM guest package migration For example # cmmovevpkg -v -P slvm1 -h xyzo2Online VM guest package migration Troubleshooting Service monitor detected a failure in guest vmnameRun cmdeployvpkg command with -m 0 option Etc/cmcluster/scripts Mscripts Mastercontrolscript.shCmcluster/scripts/tkit/vtn/ tkitmodule.sh Limitations How to contact HP Support and other resourcesInformation to collect before contacting HP HP authorized resellers Documentation feedbackRelated information Typographic conventions TIP Page Page Glossary DMPIndex
Top Page Image Contents