Distributed Systems Administration Utilities Users Guide
Copyright 2009 Hewlett-Packard Development Company, L.P
Table of Contents
HP-Supported Open Source pdsh Options Index
Syslog-ngLog-Forwarding Configuration
List of Figures
Consolidated Logging Commands
Target Node Error Messages
List of Tables
Typographic Conventions
About this Document
Intended Audience
Related Information
Product Support HP Encourages Your Comments
Introduction
Consolidated Logging Commands
Distributed Systems Administration Utilities Commands
Configuration Synchronization Command
Command Fanout Commands
Open Source pdsh Commands
Utility Setup Command
Open Source cfengine Commands
Open Source Components
Distributed Systems Administration Utilities Manual Pages
Open Source syslog-ng Command
Dsau Manual Page Sections
Configuration Synchronization
Cfengine Overview
Cfengine Daemons and Commands
Configuration Synchronization
Cfengine Master Server Deployment Models
Cfengine Overview
Configuring cfengine
Using the Configuration Synchronization Wizard
Configuration Data for csyncwizard
# /opt/dsau/sbin/csyncwizard
Wizard displays the following introductory screen
Wizard proceeds to configure the system as a master server
# /opt/dsau/sbin/csyncwizard
Configuration Synchronization
Configuring cfengine
Would you like to manage clients? N
Cluster Configuration Notes for cfengine
Serviceguard Automation Features
Var/opt/dsau/cfengine/inputs directory
Using the Wizard to Configure a Synchronization Client
Opt/dsau/bin/csyncdispatcher Memberadded newhost
Manual Configuration
When prompted, enter the name of the client to add
Manually Configuring a Standalone Synchronization Server
Start by creating the directory
# mkdir -p /var/opt/dsau/cfenginemaster/inputs
# /opt/dsau/sbin/cfkey # /var/opt/dsau/cfengine/ppkeys
# cp localhost.pub root-10.0.0.5.pub
# cfrun -- --inform
# /sbin/init.d/cfservd start
# cfagent --no-lock --verbose --no-splay
# cfrun -v -- --verbose
Initial Serviceguard Package Preparation
# mkdir -p /csync/dsau/cfenginemaster/masterfiles
Policyhost = csync.abc.xyz.com
List Managed Clients in cfrun.hosts
Edit the cfservd.conf File
# /opt/dsau/sbin/cfkey
# ccp * /var/opt/dsau/cfengine/ppkeys
# ccp /etc/rc.config.d/cfservd /etc/rc.config.d/cfservd
# cp localhost.pub root-192.10.25.12.pub
# cexec /sbin/init.d/cfservd start
Apply the package and start it
Test the configuration by performing the following steps
# ccp csync csync.conf /etc/cmcluster/csync
# cmapplyconf -P csync.conf # cmmodpkg -e csync
Configuring a Synchronization Managed Client
On a managed client, use the command
Security Notes
Choosing a Synchronization Invocation Method
Encryption
Key Exchange
Csync Network Port Usage
Encryption Checksum alerts
Checksum Alerts
Disabling Use of cfengine
Logging Options
# /sbin/init.d/cfservd stop
#cfagent -K
Cfengine Troubleshooting
Syntax error due to missing or superfluous spaces
Unable to connect to a cfengine client or master
Cfagent -d, -d1, -d2, or -d3 cfservd Cfrun
Syslog Message Format
Consolidated Logging
Introduction to syslog
2describes syslog Facilities Messages
Log Consolidation Overview
Message Filtering
Improved Log Consolidation
Syslog Co-existence
Etc/cmcluster/package-name/package-name.log
Log Consolidation Configuration
Syslog-ng Log Consolidator Configuration
Using the Log Consolidation Wizard
Configuration Data for clogwizard
Opt/dsau/sbin/clogwizard
Where N is the expected number of clients
Answer yes y or press Enter. The next question is
Answer yes y. The wizard then prompts
If these choices are correct, continue
Next prompt is
Log files that reside on this cluster can be consolidated
Consolidated package logs would be located here
Cluster Configuration Notes for clog
Minimizing Message Loss During Failover
Configuring a Log Forwarding Client Using clogwizard
Or press Enter. The next question is
Enter the ssh port to be used for port forwarding
Manually Configuring Log Consolidation
Manually Configuring a Standalone Log Consolidation Server
# /sbin/init.d/syslogd stop # /sbin/init.d/syslogd start
Replace the %UDPLOOPBACKLOG% token with
For example, for TCP
If using the TCP protocol, add
Create the following symbolic link
Change the Clogconfigured line to
Add the following lines
Log Consolidation Configuration
SYSLOGDOPTS=-D -N
KEEPALIVE% tokens with appropriate values
UDPLOOPBACKSOURCE% and %UDPLOOPBACKLOG% tokens
If consolidating package logs of this cluster, add
Creating the clog Package
If using VxVM, comment out the LVM Volume Group line
Testing and Starting the clog Package
Distribute it cluster-wide
Then use cmviewcl to make sure it is running
Manually Configuring Log Forwarding Clients
Using VxVM Instead of LVM
Manually Configuring a Standalone Log Forwarding Client
Ln -sf /etc/syslog-ng.conf.client /etc/syslog-ng.conf
# /sbin/init.d/syslog-ng start
# cpp /etc/rc.config.d/syslogd /etc/rc.config.d
Destination dsyslog%TYPE% %TYPE%%IP%port%PORT%
Otherwise, if using the UDP protocol, add
If using the TCP protocol, add the following lines
If using ssh port forwarding, add
Create the following symbolic link on each cluster member
Start syslog-ngon all cluster members using
Forwarding Ascii Log Data
For the destination line
For the filter line
Consolidating Package Logs on the Log Consolidation Server
For the log line
Disabling a Standalone Log Consolidation System
Perform the following steps to disable log consolidation
Disabling Log Consolidation
#/sbin/init.d/syslogd stop
#/sbin/init.d/syslogd start
Disabling a Serviceguard Cluster Log Consolidation System
Disabling a Standalone Log Forwarding Client
# /sbin/init.d/syslog-ng stop
Disabling a Serviceguard Cluster Log Forwarding Client
#/sbin/init.d/syslogd stop #/sbin/init.d/syslogd start
Securing Consolidated Logs
Log File Protections
Ssh Port Forwarding
Using Bastille to Harden the System
Clog Network Port Usage
# cd /opt/ssh/etc # ccp sshhost* /opt/ssh/etc
Starting System Management Homepage
Using the System and Consolidated Log Viewer
Viewing System and Consolidated Logs
To log in to the System Management Homepage, navigate to
Viewing System and Consolidated Logs
Page
Command Fanout
Parallel Distributed Shell
Systems
Pdsh Utility Wrappers
All nodes
Cwall displays a wall1M broadcast message on multiple hosts
Ssh Security Setup
Security Configuration
Remote Shell Security Setup
# csshsetup -r -f memberslist.txt
Rsh Command Messages
Command Fanout Troubleshooting
Ssh Command Messages
Target Node Error Messages
HP-Supported Open Source pdsh Options
Page
Index
Cfanouthosts
LVM
UDP