3 Preparing the Exalogic Appliance

This topic provides information on post ECU cloud administration tasks, configuring network information service and Exalogic instrumentation tools.

Parent topic: Preparing Exalogic for an Enterprise Deployment

3.1 Post ECU Cloud Administration Tasks

As an Exalogic Administrator, you must set up the system for cloud users.

Note:

As part of the Exalogic installation process, the installer is required to validate the newly configured system. Therefore, some of the following steps might have been already executed. For example, Exalogic Guest Base Template (EGBT) may have been downloaded, imported and registered in Enterprise Manager Ops Center.

Also see Task Overviews and Basic Concepts in Oracle Exalogic Elastic Cloud Administrator’s Guide. Refer to the Oracle Exalogic Elastic Cloud Administrator’s Guide for the following sections:

  1. Create Cloud Admin and Users, using the information available in Creating and Managing Users and Roles.
  2. Create User Access EoIB Networks, using the information available in Exalogic vDC Management: Basic Tasks.

Getting Started With Cloud Administration 5-1: Consideration for Creating vServers

  1. Create vServer Types using the information available in Exalogic vDC Management: Basic Tasks.
  2. Create Account (Cloud Resource Quotas/User Assignment/Tenancies) using the information available in Exalogic vDC Management: Advanced Tasks.
  3. Download Exalogic Elastic Cloud Software (EECS) 2.0.6 EGBT templates from Oracle Software Delivery Cloud.
  4. Import Server Template using the information available in Exalogic vDC Management Using IaaS CLI: Basic Tasks.
  5. Create Custom Template using the information available in Creating Server Templates from vServers.
  6. Create Private vNets using the information available in Creating Private vNets.
  7. Create Distribution Groups using the information available in Creating Distribution Groups.
  8. Create vServers using the information available in Creating vServers.

3.2 Configuring Network Information Service (NIS)

This topic provides a step-by-step illustration of how to setup and configure Exalogic virtual environment to provide an NIS environment comprised of MASTER/SLAVE servers and NIS clients.

Exalogic environment utilizes NFS4 and is connected to a centralised user directory, and it is necessary to configure a network Information System (NIS) environment. NIS allows you to create a master list of users which can then be granted access to various servers. It removes the need to create individual user accounts on servers.

For a user to log into a system through a NIS account, the server has to be configured to allow users to use the NIS service. You can refer to Configuring a Host. If there is another Master NIS server and there are several Slave NIS servers then the failure of one does not prevent users to log in. You have the option of creating a NIS service on the Exalogic appliance. If your Exalogic appliance were to be the master and the rack went down you can be prevented from creating new users.

If the environment allows you to contact an external NIS master from slaves located inside the rack, it is recommended to create the NIS master outside the rack and have the VMs in the rack be slaves to it. If this is not possible, when you bring up the rack you will need to disable the NIS service on the ZFS, bring up the IFS appliance, start the NIS VMs, and then enable the NIS service on the ZFS.

If desired LDAP authentication can be used instead of NIS. For the purposes of this guide we will assume that NIS is being used.

Following sections provide the detailed steps for configuring NIS in an Exalogic virtual environment.

3.2.1 Setting Up the NIS Environment

Follow the detailed steps for configuring NIS in Exalogic environment.

This topic provides a step-by-step illustration of how to setup and configure NIS in an Exalogic environment to provide an NIS environment comprised of MASTER/SLAVE servers and NIS CLIENTS.
Prerequisites for NIS configuration

  • If you are placing the NIS server into a virtual server then create a LARGE vServer, which has IPoIB-vServer-shared-storage and Client Access EoIB networks attached.

  • If you are configuring NIS for an Exalogic physical environment, then the NIS server should be added to the compute nodes directly.

  • Verify that you have the yp rpm’s installed on NIS vServers/Compute Nodes.

  • In case you do not have the required yp rpm’s follow the steps for installing required YP packages on NIS VMs:

    • Create directory /etc/yum.repos.d

    • Run the command for downloading the yum repository:

      wget http://public-yum.oracle.com/public-yum-el5.repo

    • Run yum install ypserv command to install YP serv on NIS VMs.

Creating a NIS Master or Slave

If you are placing your NIS server into vServers then create a large vServer which is connected to the Client EoIB network and the Storage IPoIB network. For details refer to Creating a vServer.

If you are creating a master and slave on the same exalogic host then you should create two vServers and assign them to a dedicated distribution group. If you are not using vServers then you should create the Master and Slave NIS server on different compute nodes.

Note:

If you are configuring a corporate NIS, then it is recommended that the NIS Master and Slave reside on different hosts, in different Exalogic racks or split between an external host and the external rack. This ensures that the failure of an Exalogic appliance does not impact the organizations ability to use NIS.
  1. Create VMs for running NIS Master & Slave, if required.
  2. Create a new distribution group called NIS-Group. Refer to section Creating Distribution Groups under Oracle Exalogic Elastic Cloud Administrator's Guide for additional information.
  3. Edit /etc/sysconfig/network file on each host you are installing a NIS server and add NISDOMAIN and domainname entries defining your NIS domain. Here is an example for additional information: 
    NETWORKING=yes

NETWORKING_IPV6=no
HOSTNAME=nis-server-1
NISDOMAIN=example.com
domainname=example.com
  4. On each NIS host change the primary IP address to be associated with the ZFS storage network. Do this by modifying the /etc/hosts file on both vServers.

    Edit the /etc/hosts file on the first vServer: Make the host-­shared-­storage network the primary IP for the machine and add the host-­shared-­storage network for the second vServer.

    Edit the etc host file on the second server and add the entry for the first node and modify the entry for the host-­shared-­storage-­network. Change the hostname of the host using the hostname command to reflect the hostname of the storage network. For example, hostname nis-server-1.

  5. Edit /etc/nsswitch.conf on both vServers.
    Add NIS to the password, shadow and group lines: 
    # To use db, put the "db" in front of "files" for entries you want to be
# looked up first in the databases
#
# Example:
#passwd: db files nisplus nis
#shadow: db files nisplus nis
#group: db files nisplus nis
passwd: files nis
shadow: files nis
group: files nis
:
  6. Edit /etc/yp.conf file on both hosts. 
    $ cat /etc/sysconfig/network 
NETWORKING=yes
NETWORKING_IFV6=no
HOSTNAME=vServerl
NISDOMAIN=example.com
domainname=example.com
[oracle@vServerl bin]$ cat /etc/yp.conf
# /etc/yp.conf - ypbind configuration file
# Valid entries are
# domain NISDOMAIN server HOSTNAME
#       Use server HOSTNAME for the domain NISDOMAIN. 
# domain NISDOMAIN broadcast
#       Use broadcast on the local net for domain NISDOMAIN 
# domain NISDOMAIN slp
#       Query local SLP server for ypserver supporting NISDOMAIN
# ypserver HOSTNAME
#       Use server HOSTNAME for the local domain. The
#       IP-address of server must be listed in /etc/hosts.
# broadcast
#       If no server for the default domain is specified or 
#       none of them is rechable, try a broadcast call to
#       find a server.
domain example.com server vServerl.example.com 
domain example.com server vServer2.example.com 
ypserver vServerl.example.com
[oracle@vServerl bin]$

    The entries in this file should match the entries in the /etc/hosts that you added.

  7. Edit /var/yp/Makefile on the master (first host) and change NOPUSH configuration from true to false. 
    # If we have only one server, we don't have to push the maps to the
# slave servers (NOPUSH=true). If you have slave servers, change this
# to "NOPUSH=false" and put all hostnames of your slave servers in the file
# /var/yp/ypservers.
#
# vvvvvv 21-­JUN-­20012 (APARKMAN) vvvvvvv
# NOPUSH=true (disable default)
NOPUSH=false
# ^^^^^^ 21-­JUN-­2012 (APARKMAN) ^^^^^^
  8. Stop NIS related Services on MASTER and SLAVE nodes as shown below: 
    [root@nis-server-1 yp]# service ypserv stop
Stopping YP server services: [ OK ]
[root@nis-server-1 yp]# service ypbind stop
Shutting down NIS services: [ OK ]
[root@nis-server-1 yp]# service yppasswdd stop
Stopping YP passwd service: [ OK ]
[root@nis-server-1 yp]# service ypxfrd stop
Stopping YP map server: [ OK ]
  9. Start the YPSERV service on the master (first) vServer. 
    [root@nis-server-1 yp]# service ypserv start 
Starting YP server services: [ OK ]
  10. Execute ypinit -m command to identify SLAVE serves to the NIS MASTER: 
    [root@nis-server-1 yp]# /usr/lib64/yp/ypinit -m
At this point, we have to construct a list of the hosts which will run NIS
servers. nis-server-1 is in the list of NIS server hosts. Please continue to add
the names for the other hosts, one per line. When you are done with the
list, type a control D
next host to add: nis-server-1
 next host to add: nis-server-2.example.com
 next host to add: >>>[CTRL-D]<<<
The current list of NIS servers looks like this:
 
nis-server-1.example.com
nis-server-2.example.com
 
Is this correct? [y/n: y] y
We need a few minutes to build the databases...
Building /var/yp/example.com/ypservers...
Running /var/yp/Makefile...
gmake[1]: Entering directory `/var/yp/example.com'
Updating passwd.byname...
Updating passwd.byuid...
Updating group.byname...
Updating group.bygid...
Updating hosts.byname...
Updating hosts.byaddr...
Updating rpc.byname...
Updating rpc.bynumber...
Updating services.byname...
Updating services.byservicename...
Updating netid.byname...
Updating protocols.bynumber...
Updating protocols.byname...
Updating mail.aliases...
gmake[1]: Leaving directory `/var/yp/example.com'

    From above snippet you can see that nis-server-1 is set up as a NIS master server. Now you can run ypinit -s nis-server-1 command on all slave servers.

  11. Start the remaining NIS services (ypbind, yppasswdd and ypxfrd) on the MASTER as follows: 
    [root@nis-server-1 yp]# service ypbind start
Binding to the NIS domain: [ OK ]
Listening for an NIS domain server..

[root@nis-server-1 yp]# service yppasswdd start
Starting YP passwd service: [ OK ]

[root@nis-server-1 yp]# service ypxfrd start
Starting YP map server: [ OK ]
  12. On the Slave host or second virtual machine, start the ypserv service: 
    [root@nis-server-2 yp]# service ypserv start 
Starting YP server services: [ OK ]
  13. Review NIS and YP Configuration. Invoke nisdomainname and domainname commands to confirm the NISDOMAIN has been appropriately set as follows: 
    [root@nis-server-2 yp]# nisdomainname
example.com

[root@nis-server-2 yp]# domainname
example.com
  14. Run ypinit -s command to initialize NIS configuration on the SLAVE Execute /usr/lib64/yp/ypinit -s and provide as it's argument the hostname identified within the output when you ran /usr/lib64/yp/ypinit -m command on the SLAVE.

    Note:

    If there are warnings, review to see what went wrong, and fix it accordingly. At this point, make sure that /etc/passwd and /etc/group files have been edited so that when the NIS is activated, the data bases you have just created will be used, instead of the /etc ASCII files.
  15. Execute following commands for auto restart of NIS services during NIS Master and Slave VMs reboot. 
    chkconfig portmap on
chkconfig ypserv on
chkconfig yppasswdd on
chkconfig ypxfrd on
chkconfig ypbind on
chkconfig nscd on
chkconfig rpcidmapd on

3.2.2 Configuring LDAP Authentication

This topic provides basic information on LDAP authentication.

If you want to use the LDAP authentication rather than NIS you can refer to Oracle Exalogic Elastic Cloud - Setting Up LDAP Service for NFSv4.

3.2.3 Configure NIS client on ZFS Storage Appliance

Once you have configured your NIS servers you need to get the ZFS storage appliance to use them. This will enable you to use NFS file systems.

  1. Login to the ZFS BUI console as the root user, using the following url:
    https://exalogicsn01-priv:215
  2. Click on Configuration > Services.
    A list of available services is displayed.
  3. Click on NIS service.
    Enter the following information on the page:
    • Domain: This is your corporate domain for example, example.com

    • Servers: Select the listed servers. Add an entry for each of the NIS servers you are using, both Master and Slaves. You need to provide the IP addresses of those servers.

  4. Click Apply and click Enable if the NIS service is not enabled.
  5. Click Restart Service for the changes to take effect.

3.2.4 Enabling NFS services on ZFS Storage Appliance

Once you have configured your NIS servers, you need to get the ZFS storage appliance to use them. Follow the detailed steps to ensure that you can use NFS version 4.

  1. Login to the ZFS BUI console as the root user, using the following url:
    https://exalogicsn01-priv:215
  2. Click on Configuration > Services.
    A list of available services is displayed.
  3. To edit, click on the NFS service.
  4. On the NFS page enter the following information:

    Domain: This is your corporate domain for example, example.com

    Servers: Select the listed servers.

    Ensure that the Maximum supported version is set to NFSv$

    Enter the Custom NFSv4 identity Domain and click Apply.

    Note:

    This should be the same as the NIS domain.
  5. Click Apply and click Enable if the NIS service is not enabled.
  6. Click Restart Service for the changes to take effect.

3.3 Exalogic Instrumentation Tools

Exalogic instrumentation refers to tools that help collect, inform, diagnose, or automate configuration or transactional data.

A Master Note On Exalogic Instrumentation , of all of the currently available instrumentation summarizes these tools. Exalogic Kinetic Infrastructure Tools (EKIT) is a collection of tools that simplify, automate and standardize various infrastructure lifecycle management activities on an virtualized Exalogic rack running Linux. These tools can be used to create custom scripts that can automate many Exalogic lifecycle tasks. Refer to the master note on Exalogic Kinetic Infrastructure Tools (EKIT) for additional information.

Exalogic Lifecycle (ELLC) Tools automate lifecycle operations for Oracle Exalogic systems. Refer to the master note on Exalogic Lifecycle Toolkit Releases for additional information on Exalogic Lifecycle (ELLC) Tools.

Note:

To open a master note, perform the following steps:

  • Select My Oracle Support document ID, and press Ctrl + F9. The Attributes dialog opens.

  • In the Attribute Value field for the Url attribute, enter this URL:

    https://support.oracle.com/CSP/main/article?cmd=show&type=NOT&id=note_id

  • Enter the Note ID or keyword in the search field at the top of the screen.

  • Click Set Value.