Configuration Decisions

The installation program prompts you for configuration information for the N1 Grid Service Provisioning System 5.0. Use the sections below to make configuration decisions before you begin the installation.

The Java Runtime Environment

When installing on Solaris OS, Red Hat Linux, or IBM AIX servers, the installation program prompts you to install the JRE or to provide a valid path to a JRE. When installing on Windows, the installation program automatically installs the JRE without prompting you.

If you are installing on a Red Hat Linux server, the installation script searches your machine for an instance of the JRE in the default location.

• If the JRE is not installed in the default location, you must install the JRE.

• If the installation program finds the JRE in the default location, you can choose whether or not to reinstall the JRE.

If you are installing on Solaris OS or IBM AIX servers and you chose not to install the JRE, the installation script prompts you to provide a path to a valid JRE. Then the installation script verifies that the JRE is supported.

• If the JRE is not supported but has a higher version number than the versions that are supported, the installer warns you that the JRE is not supported and asks if you want to continue.

• If you specified a version of the JRE that is supported by the N1 Grid Service Provisioning System 5.0, the installation script sets the JRE_HOME variable to the JRE that you specified. The installation script also creates a symbolic link, N1SPS5.0-home/common/jre, which points to the JRE directory. N1SPS5.0-home is the home directory of the N1 Grid Service Provisioning System 5.0. By creating a symbolic link, the N1 Grid Service Provisioning System 5.0 applications use the JRE without changing its location, which other applications might depend upon.

You should install the bundled JRE only once for each machine. For example, if you are installing the Master Server, a Local Distributor, and the CLI Client on the same machine, you should install the JRE with the Master Server, but not with the Local Distributor or the CLI Client.

User Ownership of Applications

The installation program prompts you to select a user and group to own the application that you are installing. If you want to configure the applications to communicate using SSH, install the Master Server, Local Distributors, and Remote Agents as the same user.

The root user cannot own the Master Server. You can install the Master Server as the user that owns the Master Server or you can install the application as root and, when you are prompted, specify which user owns the Master Server .

If you are installing the Master Server or the CLI Client on a Solaris server, you must login as root.

If you want the Remote Agent to have root privileges on the machine where it is running, then you must run the installation program as the root user. Even though you may specify a user other than root to own the Remote Agent, if you want the Remote Agent to have root privileges on the machine where it is running, start the installation program as the root user.

Host Names and IP Addresses

The N1 Grid Service Provisioning System 5.0 applications require all servers to have a static IP address because the N1 Grid Service Provisioning System 5.0 application installed on a server uses the IP address to listen for network requests. The installation program prompts you to supply either a host name or an IP address. If the host name on a server does not resolve to that server's IP address, you will not be able to configure that server to connect within the N1 Grid Service Provisioning System.

If you supply a host name during the installation, the host name must resolve to the actual IP address of the server. Some servers are configured so that the host name does not resolve to the IP address or so that the host name resolves to the loopback address, 127.0.0.1. If the N1 Grid Service Provisioning System application is configured with the host name on a server with this configuration, the application might fail to start. Or, connections to this server from other N1 Grid Service Provisioning System applications also might fail.

When installing an N1 Grid Service Provisioning System application, specify the IP address of the server, not the host name. If you choose to specify the host name, ensure that the host name resolves to the actual IP address of the server.

Network Protocol

The installation program prompts you to choose a network protocol for communication among the software applications. For the Master Server, you can choose TCP/IP or SSL. For Local Distributors, Remote Agents, and CLI Clients, you can choose TCP/IP, SSH, or SSL.

TCP/IP is an insecure communication protocol. When using this connection protocol with the provisioning system, anyone with network access to a server that has an N1 Grid Service Provisioning System 5.0 application installed on it can connect to the provisioning system and issue commands. If you choose TCP/IP, you can secure the provisioning system by configuring the security policy file to only accept connections from servers that have N1 Grid Service Provisioning System 5.0 applications. For more details, see Chapter 8, Configuring the Java Virtual Machine Security Policy.

SSL is more secure than TCP/IP. If you select SSL, you must also specify which cipher suite to use, encryption with no authentication or encryption with authentication. Encryption with no authentication is similar to using TCP/IP in that anyone with network access to a server that has a provisioning system application installed on it can connect to the provisioning system and issue commands. The encryption with authentication mode is the most secure choice when using SSL. You can further secure the provisioning system by configuring the security policy file to only accept connections from servers that have N1 Grid Service Provisioning System 5.0 applications. For more details, see Chapter 8, Configuring the Java Virtual Machine Security Policy. For more information about SSL, see Chapter 7, Configuring the N1 Grid Service Provisioning System 5.0 for SSL.

When you use SSL with a Local Distributor on an AIX server, the SSL cipher suite is set to encryption with authentication. Encryption with no authentication is not available for Local Distributors that are running on AIX servers.

SSH is the most secure network protocol and supported on only Solaris OS, Red Hat Linux, and IBM AIX platforms. To use SSH with the N1 Grid Service Provisioning System 5.0, you must install SSH software on your servers. For more information, see Chapter 6, Configuring the N1 Grid Service Provisioning System 5.0 to Use Secure Shell.

Jython

When you install the CLI Client, the installation program prompts you to specify whether or not Jython is installed on the machine. The CLI Client uses the Jython programming language to run in interactive mode. However, Jython is not required to use the CLI Client. For more information about Jython and the CLI Client, see Command Line Interface Client.