Resolving Common Agent Container Problems
This section addresses the following problems that might arise in relation to the common agent container shared component:
Port Number Conflicts
The common agent container (V2.0) included with Communications Suite reserves the following port numbers by default:
-
JMX port (TCP) = 11162
-
SNMP Adaptor port (UDP) = 11161
-
SNMP Adaptor port for traps (UDP) = 11162
-
Commandstream Adaptor port (TCP) = 11163
-
RMI connector port (TCP) = 11164
If you are troubleshooting an installation of Sun Cluster, the port assignments are different because Sun Cluster uses a different version of common agent container. In this case, default ports are as follows:
-
JMX port (TCP) = 10162
-
SNMP Adaptor port (UDP) = 10161
-
SNMP Adaptor port for traps (UDP) = 10162
-
Commandstream Adaptor port (TCP) = 10163
-
RMI connector port (TCP) = 10164
If your installation already reserves any of these port numbers, change the port numbers used by the common agent container as described in the following procedure.
Checking Port Numbering
For further information on the common agent container cacaoadm command, see the cacaoadm man page. If you cannot see this man page at the command line, verify that your MANPATH is set correctly. Refer to Verifying the MANPATH.
To Verify Solaris Port
-
As root, stop the common agent container management daemon:
/opt/SUNWcacao/bin/cacaoadm stop
-
Change the port number using the following syntax:
/opt/SUNWcacao/bin/cacaoadm set-param param=value
For example, to change the port occupied by the SNMP Adaptor from the default 11161 to 11165:
Note –For Sun Cluster, use previously-specified ports.
/opt/SUNWcacao/bin/cacaoadm set-param snmp-adaptor-port=11165
-
Restart the common agent container management daemon:
/opt/SUNWcacao/bin/cacaoadm start
To Verify Linux Port
-
As root, stop the common agent container management daemon:
/opt/sun/cacao/bin/cacaoadm stop
-
Change the port number using the following syntax:
/opt/sun/cacao/bin/cacaoadm set-param param=value
For example, to change the port occupied by the SNMP Adaptor from 11161 to 11165:
/opt/sun/cacao/bin/cacaoadm set-param snmp-adaptor-port=11165
-
Restart the common agent container management daemon:
/opt/sun/cacao/bin/cacaoadm start
Compromised Security Around the Root Password
It might be necessary to regenerate security keys on a host running Communications Suite. For example, if there is a risk that a root password has been exposed or compromised, you should regenerate security keys. The keys used by the common agent container services are stored in the following locations:
Solaris OS: /etc/opt/SUNWcacao/security
Linux: /etc/opt/sun/cacao/security
Under normal operation, these keys can be left in their default configuration. If you need to regenerate the keys due to a possible key compromise, you can regenerate the security keys using the following procedure.
Security Key Problems
To Generate Keys for Solaris OS
-
As root, stop the common agent container management daemon.
/opt/SUNWcacao/bin/cacaoadm stop
-
Regenerate the security keys.
/opt/SUNWcacao/bin/cacaoadm create-keys --force
-
Restart the common agent container management daemon.
/opt/SUNWcacao/bin/cacaoadm start
Note –In the case of Sun Cluster software, you must propagate this change across all nodes in the cluster. For more information, see “How to Finish a Rolling Upgrade to Sun Cluster 3.1 8/05 Software” in Sun Cluster Software Installation Guide for Solaris OS.
To Generate Keys for Linux
-
As root, stop the common agent container management daemon.
/opt/sun/cacao/bin/cacaoadm stop
-
Regenerate the security keys.
/opt/sun/cacao/bin/cacaoadm create-keys --force
-
Restart the common agent container management daemon.
/opt/sun/cacao/bin/cacaoadm start
For more information on the cacaoadm(1M) command, see the cacaoadm man page.
- © 2010, Oracle Corporation and/or its affiliates