This chapter describes the steps for enabling and configuring the Sun Cluster Geographic Edition infrastructure. This chapter contains the following sections:
When the Sun Cluster Geographic Edition software is enabled, the cluster is ready to enter a partnership with another enabled cluster. You can use the CLI or the GUI to create a cluster partnership.
For more information about setting up and installing Sun Cluster Geographic Edition, see Chapter 3, Administering the Sun Cluster Geographic Edition Infrastructure, in Sun Cluster Geographic Edition System Administration Guide.
To use the geoadm command to enable the local cluster for partnership membership, you must have root access.
This procedure enables the Sun Cluster Geographic Edition infrastructure on the local cluster only. Repeat this procedure on all the clusters of your geographically separated cluster.
Ensure that the following conditions are met:
The cluster is running the Solaris Operating System and the Sun Cluster software.
The Sun Cluster management-agent container for SunPlex Manager is running.
The Sun Cluster Geographic Edition software is installed.
The cluster has been configured for secure cluster communication by using security certificates, that is, nodes within the same cluster must share the same security certificates. This is done during Sun Cluster installation.
When you upgrade to Sun Cluster 3.1 8/05 software, the security certificates must be identical on all nodes of the cluster. Therefore, you must copy the security certificates manually from one node of the cluster to the other nodes of the cluster. For more information on copying the security files for the common agent container, see the procedures in Chapter 5, Upgrading Sun Cluster Software, in Sun Cluster Software Installation Guide for Solaris OS.
Log in to a cluster node.
You must be assigned the Geo Operation RBAC rights profile to complete this procedure. For more information about RBAC, see Sun Cluster Geographic Edition Software and RBAC in Sun Cluster Geographic Edition System Administration Guide.
Ensure that the logical hostname, which is the same as the cluster name, is available and defined.
# scconf -p | grep -i "cluster name" |
If the cluster name is not the name you want to use, you can change the cluster name with the following command:
# scconf -c -C cluster=clustername |
For more information, see the scconf(1M) man page.
After you have enabled the Sun Cluster Geographic Edition infrastructure, you must not change the cluster name while the infrastructure is enabled.
Confirm that the naming service and the local hosts files contain a host entry that matches the cluster name. .
The local host file, hosts, is located in the /etc/inet directory.
On a node of the cluster, start the Sun Cluster Geographic Edition infrastructure.
# geoadm start |
The geoadm start command enables the Sun Cluster Geographic Edition infrastructure on the local cluster only. For more information, see the geoadm(1M) man page.
Verify that you have enabled the infrastructure and that the Sun Cluster Geographic Edition resource groups are online.
For a list of the Sun Cluster Geographic Edition resource groups, see Sun Cluster Geographic Edition Infrastructure Resource Groups in Sun Cluster Geographic Edition System Administration Guide.
# geoadm show # scstat -g |
The output for the geoadm show command displays that the Sun Cluster Geographic Edition infrastructure is active from a particular node in the cluster.
The output for the scstat -g command displays that the geo-failovercontrol, geo-hbmonitor, and geo-clustername resources and the geo-infrastructure resource groups are online on one node of the cluster.
For more information, see the scstat(1M) man page.
This example enables the Sun Cluster Geographic Edition software on the cluster-paris cluster.
Start the Sun Cluster Geographic Edition software on cluster-paris.
phys-paris-1# geoadm start |
Ensure that the Sun Cluster Geographic Edition infrastructure was successfully enabled.
phys-paris-1# geoadm show --- CLUSTER LEVEL INFORMATION --- Sun Cluster Geographic Edition is active on cluster-paris from node phys-paris-1 Command execution successful phys-paris-1# |
Verify the status of the Sun Cluster Geographic Edition resource groups and resources.
phys-paris-1# scstat -g -- Resource Groups and Resources -- Group Name Resources ----------- --------- Resources: geo-clusterstate - Resources: geo-infrastructure geo-clustername geo-hbmonitor geo-failovercontrol -- Resource Groups -- Group Name Node Name State ----------- --------- ----- Group: geo-clusterstate phys-paris-1 Online Group: geo-clusterstate phys-paris-2 Online Group: geo-infrastructure phys-paris-1 Online Group:geo-infrastructure phys-paris-2 Offline -- Resources -- Resource Name Resources State Status Message ------------- --------- ----- -------------- Resource: geo-clustername phys-paris-1 Online Online - LogicalHostname online Resource: geo-clustername phys-paris-2 Offline Offline Resource: geo-hbmonitor phys-paris-1 Online Online- Daemon OK Resource: geo-hbmonitor phys-paris-2 Offline Offline Resource: geo-failovercontrol phys-paris-1 Online Online Resource: geo-failovercontrol phys-paris-2 Offline Offline |
For information about creating protection groups, see the Sun Cluster Geographic Edition Data Replication Guide that corresponds to the type of data replication software you are using.
Before you create a partnership between two clusters, you must configure the Sun Cluster Geographic Edition software for secure communication between the two clusters. The configuration must be reciprocal. For example, you must configure the cluster cluster-paris to trust the cluster cluster-newyork, and you must also configure the cluster cluster-newyork to trust the cluster cluster-paris.
Ensure that the following conditions are met:
The cluster on which you want to create the partnership is running.
The geoadm start command must have already been run on this cluster and the partner cluster. For more information about using the geoadm start command, see Chapter 4, Enabling and Configuring the Sun Cluster Geographic Edition Software.
The cluster name of the partner cluster is known.
The host information of the partner cluster must defined in the local host file. The local cluster needs to know how to reach the partner cluster by name.
Log in to a cluster node.
You must be assigned the Geo Management RBAC rights profile to complete this procedure. For more information about RBAC, see Sun Cluster Geographic Edition Software and RBAC in Sun Cluster Geographic Edition System Administration Guide.
Import the public keys from the remote cluster to the local cluster.
Running this command on one node of the local cluster imports the keys from the remote cluster to one node of the cluster.
# geops add-trust -c remotepartnerclustername |
Specifies the logical hostname of the cluster with which to form a partnership. The logical hostname is used by the Sun Cluster Geographic Edition software and maps to the name of the remote partner cluster. For example, a remote partner cluster name might resemble the following:
cluster-paris
When you use this option with the add-trust or remote-trust subcommand, the option specifies the alias where the public keys on the remote cluster are stored. An alias for certificates on the remote cluster has the following pattern:
remotepartnercluster.certificate[0-9]*
Keys and only keys that belong to the remote cluster should have their alias match this pattern.
For more information about the geops command, refer to the geops(1M) man page.
Repeat the preceding steps on a node of the remote partner cluster.
Verify trust from one node of each cluster.
# geops verify-trust -c remotepartnerclustername |
For a complete example of how to configure and join a partnership, see Joining an Existing Partnership in Sun Cluster Geographic Edition System Administration Guide.
Ensure that the following conditions are met:
The cluster on which you want to remove trust is running.
The cluster name of the partner cluster is known.
The host information of the partner cluster must defined in the local host file. The local cluster needs to know how to reach the partner cluster by name.
Log in to a cluster node.
You must be assigned the Geo Management RBAC rights profile to complete this procedure. For more information about RBAC, see Sun Cluster Geographic Edition Software and RBAC in Sun Cluster Geographic Edition System Administration Guide.
On all nodes of both clusters, remove all keys for the remote cluster from the truststore file on the local node.
# geops remove-trust -c remotepartnerclustername |
Perform this step on all the nodes of the local cluster, and then repeat this step on all nodes of the partner cluster.
Specifies the logical hostname of the cluster from which you want to remove the keys. The name for the remote cluster must be identical to the cluster name you specified when adding trust with the geops add-trust command. You do not need to specify the fully qualified name if the remote cluster is reachable by partial name.
When you use this option with the add-trust or remote-trust subcommand, the option specifies the alias where the public keys on the remote cluster are stored. An alias for certificates on the remote cluster has the following pattern:
remotepartnercluster.certificate[0-9]*
Keys and only keys that belong to the remote cluster should have their alias match this pattern.
For more information about the geops command, refer to the geops(1M) man page.
Repeat the preceding steps on a node of the remote partner cluster.