Distributed Systems Administration Utilities Users Guide
Copyright 2009 Hewlett-Packard Development Company, L.P
Table of Contents
HP-Supported Open Source pdsh Options Index
List of Figures
Syslog-ngLog-Forwarding Configuration
Consolidated Logging Commands
Target Node Error Messages
List of Tables
Intended Audience
About this Document
Typographic Conventions
Related Information
Product Support HP Encourages Your Comments
Introduction
Configuration Synchronization Command
Distributed Systems Administration Utilities Commands
Consolidated Logging Commands
Command Fanout Commands
Open Source cfengine Commands
Utility Setup Command
Open Source pdsh Commands
Open Source Components
Distributed Systems Administration Utilities Manual Pages
Open Source syslog-ng Command
Dsau Manual Page Sections
Cfengine Overview
Configuration Synchronization
Configuration Synchronization
Cfengine Daemons and Commands
Cfengine Overview
Cfengine Master Server Deployment Models
Using the Configuration Synchronization Wizard
Configuring cfengine
Configuration Data for csyncwizard
# /opt/dsau/sbin/csyncwizard
Wizard displays the following introductory screen
Wizard proceeds to configure the system as a master server
# /opt/dsau/sbin/csyncwizard
Configuration Synchronization
Configuring cfengine
Would you like to manage clients? N
Serviceguard Automation Features
Cluster Configuration Notes for cfengine
Var/opt/dsau/cfengine/inputs directory
Opt/dsau/bin/csyncdispatcher Memberadded newhost
Using the Wizard to Configure a Synchronization Client
When prompted, enter the name of the client to add
Manual Configuration
Manually Configuring a Standalone Synchronization Server
Start by creating the directory
# mkdir -p /var/opt/dsau/cfenginemaster/inputs
# cp localhost.pub root-10.0.0.5.pub
# /opt/dsau/sbin/cfkey # /var/opt/dsau/cfengine/ppkeys
# cfagent --no-lock --verbose --no-splay
# /sbin/init.d/cfservd start
# cfrun -- --inform
# cfrun -v -- --verbose
# mkdir -p /csync/dsau/cfenginemaster/masterfiles
Initial Serviceguard Package Preparation
List Managed Clients in cfrun.hosts
Policyhost = csync.abc.xyz.com
# /opt/dsau/sbin/cfkey
Edit the cfservd.conf File
# cp localhost.pub root-192.10.25.12.pub
# ccp /etc/rc.config.d/cfservd /etc/rc.config.d/cfservd
# ccp * /var/opt/dsau/cfengine/ppkeys
# cexec /sbin/init.d/cfservd start
# ccp csync csync.conf /etc/cmcluster/csync
Test the configuration by performing the following steps
Apply the package and start it
# cmapplyconf -P csync.conf # cmmodpkg -e csync
On a managed client, use the command
Configuring a Synchronization Managed Client
Choosing a Synchronization Invocation Method
Security Notes
Csync Network Port Usage
Key Exchange
Encryption
Encryption Checksum alerts
Logging Options
Disabling Use of cfengine
Checksum Alerts
# /sbin/init.d/cfservd stop
Syntax error due to missing or superfluous spaces
Cfengine Troubleshooting
#cfagent -K
Unable to connect to a cfengine client or master
Cfagent -d, -d1, -d2, or -d3 cfservd Cfrun
Introduction to syslog
Consolidated Logging
Syslog Message Format
2describes syslog Facilities Messages
Log Consolidation Overview
Message Filtering
Improved Log Consolidation
Syslog Co-existence
Etc/cmcluster/package-name/package-name.log
Syslog-ng Log Consolidator Configuration
Log Consolidation Configuration
Using the Log Consolidation Wizard
Configuration Data for clogwizard
Opt/dsau/sbin/clogwizard
Where N is the expected number of clients
Answer yes y or press Enter. The next question is
Answer yes y. The wizard then prompts
If these choices are correct, continue
Next prompt is
Log files that reside on this cluster can be consolidated
Consolidated package logs would be located here
Cluster Configuration Notes for clog
Minimizing Message Loss During Failover
Or press Enter. The next question is
Configuring a Log Forwarding Client Using clogwizard
Enter the ssh port to be used for port forwarding
Manually Configuring a Standalone Log Consolidation Server
Manually Configuring Log Consolidation
# /sbin/init.d/syslogd stop # /sbin/init.d/syslogd start
Replace the %UDPLOOPBACKLOG% token with
For example, for TCP
Change the Clogconfigured line to
Create the following symbolic link
If using the TCP protocol, add
Add the following lines
Log Consolidation Configuration
SYSLOGDOPTS=-D -N
KEEPALIVE% tokens with appropriate values
UDPLOOPBACKSOURCE% and %UDPLOOPBACKLOG% tokens
Creating the clog Package
If consolidating package logs of this cluster, add
If using VxVM, comment out the LVM Volume Group line
Testing and Starting the clog Package
Distribute it cluster-wide
Then use cmviewcl to make sure it is running
Manually Configuring Log Forwarding Clients
Using VxVM Instead of LVM
Manually Configuring a Standalone Log Forwarding Client
Ln -sf /etc/syslog-ng.conf.client /etc/syslog-ng.conf
# /sbin/init.d/syslog-ng start
# cpp /etc/rc.config.d/syslogd /etc/rc.config.d
Destination dsyslog%TYPE% %TYPE%%IP%port%PORT%
If using ssh port forwarding, add
If using the TCP protocol, add the following lines
Otherwise, if using the UDP protocol, add
Create the following symbolic link on each cluster member
Forwarding Ascii Log Data
Start syslog-ngon all cluster members using
For the filter line
For the destination line
For the log line
Consolidating Package Logs on the Log Consolidation Server
Disabling Log Consolidation
Perform the following steps to disable log consolidation
Disabling a Standalone Log Consolidation System
#/sbin/init.d/syslogd stop
Disabling a Standalone Log Forwarding Client
Disabling a Serviceguard Cluster Log Consolidation System
#/sbin/init.d/syslogd start
# /sbin/init.d/syslog-ng stop
#/sbin/init.d/syslogd stop #/sbin/init.d/syslogd start
Disabling a Serviceguard Cluster Log Forwarding Client
Securing Consolidated Logs
Log File Protections
Ssh Port Forwarding
Using Bastille to Harden the System
Clog Network Port Usage
# cd /opt/ssh/etc # ccp sshhost* /opt/ssh/etc
Viewing System and Consolidated Logs
Using the System and Consolidated Log Viewer
Starting System Management Homepage
To log in to the System Management Homepage, navigate to
Viewing System and Consolidated Logs
Page
Parallel Distributed Shell
Command Fanout
All nodes
Pdsh Utility Wrappers
Systems
Cwall displays a wall1M broadcast message on multiple hosts
Remote Shell Security Setup
Security Configuration
Ssh Security Setup
# csshsetup -r -f memberslist.txt
Ssh Command Messages
Command Fanout Troubleshooting
Rsh Command Messages
Target Node Error Messages
HP-Supported Open Source pdsh Options
Page
Cfanouthosts
Index
LVM
UDP