By default, an instance of the Oracle VM Manager UI can only log into its own core (the API layer). In some situations you may want to use Oracle VM Manager UI to log into a remote Oracle VM Manager's core. To enable this, you must perform some set up on the Oracle VM Manager host to allow remote log ins.
If remote log ins are configured, a remote instance of Oracle VM Manager can log into the local instance and interact with all the objects the local instance owns and manages. If you want to enable remote instances of Oracle VM Manager to log in, you set up remote TCPS authentication. To do this you must first generate a keystore, then use it to enable remote TCPS connections.
To enable TCPS connections from a remote Oracle VM Manager:
Enter the following commands on the Oracle VM Manager host to create the keystore:
# cd /u01/app/oracle/ovm-manager-3/bin # ./secureOvmmTcpGenKeyStore.sh
You are prompted to enter the following information:
Generate OVMM TCP over SSH key store by following steps: Enter keystore password:password
Re-enter new password:password
What is your first and last name? [Unknown]:name
What is the name of your organizational unit? [Unknown]:unit
What is the name of your organization? [Unknown]:organization
What is the name of your City or Locality? [Unknown]:City
What is the name of your State or Province? [Unknown]:State
What is the two-letter country code for this unit? [Unknown]:country_code
Is CN=name
, OU=unit
, O=organization
, L=City
, ST=State
, C=country_code
correct? [no]:yes
Enter key password for <ovmm> (RETURN if same as keystore password):password
Re-enter new password:password
Use the keystore to enable the TCPS service using the
secureOvmmTcp.sh
script, which is in the
same directory as the keystore script above. On the Oracle VM Manager
host, enter:
# ./secureOvmmTcp.sh
You are prompted to enter the following information:
Enabling OVMM TCP over SSH service Please enter the OVM manager user name:username
The local Oracle VM Manager username to use Please enter the OVM manager user password:password
The local Oracle VM Manager password to use Please enter the password for TCPS key store :password
The keystore password created in the previous script The job of enabling OVMM TCPS service is committed, please restart OVMM to take effect.
The username and password entered here are the local Oracle VM Manager authentication credentials to use when logging in from the remote Oracle VM Manager instance.
Restart the local Oracle VM Manager instance:
# /sbin/service ovmm stop # /sbin/service ovmm start
You can now connect to the Oracle VM Manager core, using a remote instance of Oracle VM Manager using the following syntax in the Management Server URI field in the remote Oracle VM Manager login screen:
tcps://hostname
Using the username and password you enabled with the
secureOvmmTcp.sh
script.
If you preform an upgrade from Oracle VM Manager 3.0.x to Oracle VM Manager 3.1.1, the above scripts are not included. You should download the scripts by searching the patch 14067211 from the My Oracle Support website at: https://updates.oracle.com/ARULink/PatchDetails/process_form? patch_num=14067211.
Alternatively you can use Java keytool and Oracle VM Utilities which provide more configuration options. For information on configuring secure TCP (TCPS) for Oracle VM Manager, see the My Oracle Support website at: https://support.oracle.com/oip/faces/secure/km/DocumentDisplay.jspx?id=1456338.1.