| Sun Netra CT900 Server Administration and Reference Manual |    
|
| C H A P T E R 2 |
|
Configuring Your System |
The Sun Netra CT900 server is configured primarily through the active shelf management card command-line interface (CLI). The active shelf management card CLI enables system-level configuration, administration, and management that includes the node boards, the switch boards, the shelf management cards (ShMM), power entry modules (PEM), and fan trays. The shelf management card CLI interface can be used both locally and remotely.
This chapter includes the following sections:
The Shelf Manager runs on top of a specialized implementation of Linux. The lowest layer of Linux is the U-Boot firmware monitor. When you initially access either shelf management card (ShMM), you must do so over the serial port (console), using an ASCII terminal or the Tip program. Each shelf management card supports multiple sessions (Tip and Telnet connections) at once. The default TCP/IP address for the active shelf management card is 192.168.0.2.
When connecting to a shelf management card (ShMM) through a serial port, connect a serial terminal or emulator to the one of the two serial ports on the front of the shelf alarm panel (SAP). Use the Serial 1 port to connect to the upper shelf management card (ShMM1), which is the default active shelf management card. The Serial 2 port connects to the default backup card (ShMM2). FIGURE 2-1 shows the location of the serial ports for the upper and lower shelf management cards. The terminal or modem setting should be set to 115200, N, 8, 1.
FIGURE 2-1 Shelf Alarm Panel Connector
When you first access the shelf management card, log in as root and use the default password sunct900. This account is set to full authorization (permissions). This account can not be deleted. However, you should change the password on this account for security purposes, before your server is operational.
Use the Linux passwd command to change the root password as follows:
Once you are logged on, use the clia shmstatus command to verify that you are logged onto the active shelf management card before continuing. If you are logged onto the standby shelf management card, you can use the clia switchover command to change the shelf management card to Active, or exit and log onto the active shelf management card. (See shmstatus and switchover for more information.)
The following sections provide information on configuring shelf management card Ethernet ports and setting up user accounts and passwords using the shelf management card CLI. For more information on using the shelf management card CLI, see Chapter 3.
On a power-on and reboot of the shelf management card (ShMM), the hardware starts executing the U-Boot firmware in Flash memory. The firmware performs basic initialization of the ShMM, and unless the user explicitly disables the Autoboot feature (thus forcing the firmware to switch to the maintenance user command interface), commences booting the Linux kernel. Linux is booted from the kernel and root file system images residing in Flash. U-Boot relocates the kernel image to RAM, sets up kernel parameters, and passes control to the kernel entry point.
U-Boot is accessible via the serial port of the ShMM and requires configuration specific to the intended operational environment. When the ShMM is powered up, the following information is displayed on the console:
# is the prompt allowing for user commands to be entered.
U-Boot includes a set of environment variables that should be configured prior to use. TABLE 2-1 describes the default set of environment variables.
|
Appends quiet, reliable_upgrade, and console settings to bootargs. This variable is normally not modified. |
|
|
Command line to be passed to the Linux kernel. Can contain references to other U-Boot environment variables, which are resolved at runtime. The default value is: |
|
|
U-Boot command executed to accomplish the auto-booting. Default is: |
|
|
Parameter that specifies what kernel image should be used by the net and nfs boot options. |
|
|
Setting for the kernel and init script console port and baud rate. Default is console=ttyS0,115200. |
|
|
MAC address of the primary on-chip Ethernet controller. The value of this variable is set automatically by U-Boot. This address is passed to the kernel Ethernet driver. |
|
|
MAC address of the secondary Ethernet controller. The value of this variable is set automatically by U-Boot. This address is passed to the kernel Ethernet driver. |
|
|
Instructs Linux to erase the Flash file systems (/etc and /var), restoring to factory default (y/n). The system startup script sets this variable back to n after the Flash erase. Default is n. |
|
|
Default gateway IP address. This variable can be passed as a part of the kernel command line to automatically configure routing for the network interfaces. |
|
|
Determines if the PSC controllers are configured for the dual-slave address configuration (y/n). Default is: y. |
|
|
IP address used by the primary on-chip Ethernet interface. This variable is used to configure the network interface specified by ipdevice automatically if the rc_ifconfig variable is set to y. Note that the system startup script sets the least significant bit of this variable to the least significant bit of the Hardware Address for the ShMM carrier; that is, if the Hardware Address is an even value, the last bit in the IP address is set to 0, otherwise it is set to 1. This is done in the startup script /etc/netconfig to support coordinated IP address configurations on redundant ShMMs. To disable this functionality, simply remove the /etc/readhwaddr file.Default is 192.168.0.22 |
|
|
IP address used by the USB interface. This variable can be passed as a part of the kernel command line to automatically configure the corresponding kernel network interface. Default is 192.168.1.2 |
|
|
IP address used by the secondary Ethernet interface. This variable can be passed as a part of the kernel command line to automatically configure the corresponding kernel network interface. Default is 192.168.2.1 |
|
|
Device corresponding to ip6F or 2A (Sun legacy)ddr. Default is eth1. |
|
|
The absolute starting address of the kernel image in Flash. This variable is set automatically by U-Boot during bootstrap. |
|
|
Specifies if messages log file should be maintained in ram or flash. Default is ram, which is the recommended option. |
|
|
This variable enables the OpenHPI monitor when set to y. Default is n. |
|
|
This variable can be used as a replacement for bootcmd as a means of booting a kernel and .rfs image from a TFTP server. |
|
|
Instructs Linux to restore factory default password (which is the sunct900 password for user root). Default is n. |
|
|
Determines the list of POST tests that are executed on each boot. If not set, compile-time default settings are used. The test names listed in a value of this variable are separated by space characters. |
|
|
Determines the list of POST tests that are executed after power-on reset only (instead of on each boot). If not set, compile-time default settings are used. The test names listed in a value of this variable are separated by space characters. |
|
|
Instructs the kernel upon boot not to print progress messages to the serial console. Default is quiet=quiet. |
|
|
Sets the kernel command line in the bootargs variable as appropriate for the root file system to be mounted from a ramdisk. |
|
|
Specifies what .rfs image should be used by the net and nfs boot options. Default is sentry.rfs. |
|
|
Size of the system memory, in bytes. Default setting: calculated from the SDRAM configuration encoding in the build-time configuration block |
|
|
Allows the /etc/rc script to set up the IP address instead of getting the address from the shelfman file. Default is n (allow shelfman to set up IP addresses). |
|
|
Specifies secondary RC script that is to be invoked. This is the carrier-specific startup script. Default is /etc/rc.acb3 or other appropriate script for given target platform. |
|
|
Determines if the reliable software upgrade procedure is enabled on the ShMM (y/n). Default setting: y. Setting this variable to n is not currently supported. If the variable is set to n, on the ShMM’s next boot, it issues an error message and hangs. |
|
|
The absolute starting address of the root file system image in Flash. This variable is set automatically by U-Boot during bootstrap. |
|
|
Default IP address for the RMCP service. Default is 192.168.0.2. |
|
|
Instructs the secondary startup script to start or not start the snmpd/boa and shelfman daemons after boot. Default is y. |
|
|
Time server for synchronization at runtime. If this variable is not specified, time is extracted from the hardware clock at system startup. Note - When this variable is specified, the ip1device variable must be set to usb0 for proper synchronization. |
|
|
Protocol used to retrieve time from a network time server; possible values are ntp and rdate. |
|
|
Local time zone in CCCn format where n is the offset from Greenwich Mean Time (GMT) and optionally negative, while CCC identifies the time zone. The default is UTC. For DST time zones, see Setting the Time Zone for Daylight Saving. |
Displaying the environmental variables can be done in either the U-Boot shell or the Linux shell.
To display the current environment variable values from within the U-Boot shell, use the printenv command. If no arguments is given, the printenv outputs all the environment variable values:
To display the current environment variable values from the Linux shell, use the getenv command. If no arguments is given, the getenv outputs all the environment variable values:
Assigning values to the environmental variables can be done in either the U-Boot shell or the Linux shell using the setenv command. When variables are set in the U-Boot shell, the saveenv command is needed to save the changes to the Flash.
To assign a value to an environment variable, use the format:
setenv variable_name new_value
If you are setting variables in the U-Boot shell, save the changes by entering:
When U-Boot is started for the first time, the following default environment variables are defined:
Several of these environment variables must reconfigured with values that are appropriate to the network context in which the ShMMs are used.
Because changing certain U-Boot variables can cause system problems, administrators should be aware of the following recommendations before making any changes.
The following U-Boot variables can be changed:
|
baudrate
|
The following variables should only be changed for debugging by advanced users:
|
bootfile
|
The following variables should not be changed:
|
addmisc
|
The following Ethernet configuration variables should not be changed:
|
rc_ifconfig = y
|
Each shelf management card uses two Ethernet ports that are connected to the redundant switch cards. Since RMCP is the only shelf external interface that is required by ATCA, the shelf’s external Ethernet ports are referenced as the RMCP ports, though the other shelf’s external interfaces (Telnet) are accessible via this port as well.
Once connected, you must be logged in to the shelf management card with a user account that has full permissions. You configure the ports with CLI commands, and then reboot the shelf management card for the changes to take effect.
Since the RMCP Ethernet port is directly connected to the site network, the IP address should be set up appropriately for that network. For example, if the site uses the IP address range 192.168.0.x, the RMCP Ethernet port should be set to a unique IP address within that range, such as 192.168.0.2. In a redundant ShMM setup, only one ShMM (the active ShMM) has the RMCP IP address enabled on the RMCP Ethernet port. The backup ShMM assigns the same IP address to the RMCP Ethernet port, but only enables it when that ShMM assumes the active role. This way, the RMCP IP address maintains availability in a failover situation.
In the default configuration, no IP address is assigned to the first network interface (and the ShMM is not accessible over the network) until the Shelf Manager starts and the RMCP IP address is assigned. However, it might be useful in some cases to assign an IP address to the RMCP network interface and have the ShMM accessible over the network as soon as the operating system is booted. In that case, it is also desirable for the RMCP IP address to coexist with the originally assigned IP address, rather than replacing it when the Shelf Manager is started.
To achieve this configuration, it is necessary to instruct the Shelf Manager to assign the RMCP IP address not to the first network adapter itself (eth0) but to its first alias (eth0:1). In that case, the initial IP address is assigned to the network adapter itself (eth0) during the start of the operating system. This initial assignment happens in the initialization script /etc/rc; it is accomplished by:
1. Enabling the U-Boot variable rc_ifconfig as follows:
2. Assigning the original IP address to the U-Boot variable ipaddr. For example:
3. Saving the changes before rebooting the ShMM.
The IP address, 192.168.1.240, will show up as the eth0 interface of the ShMM.
4. Changing the value of the RMCP_NET_ADAPTER in Shelf Manager configuration file /etc/shelfman.conf to eth0:1. For example, changing RMCP_NET_ADAPTER = $IPDEVICE to:
| Note - The RMCP address (the output of [clia] getlanconfig 1 ip) is now showing up in interface eth0:1 instead of eth0 due to this change. |
In a redundant configuration, the U-Boot variable ipaddr is allowed to have the same value on both ShMMs. The actual initial IP address assigned to each of the two redundant ShMMs is based on the value of ipaddr but modified depending on the hardware address of the ShMM. The least significant bit of the IP address is set to the least significant bit of the hardware address. In the example above, the IP address would be 192.168.1.240 for the ShMM with an even hardware address, and 192.168.1.241 for the ShMM with an odd hardware address. This modification of the IP address can be turned off by removing the file /etc/readhwaddr.
An optional feature of the Shelf Manager allows the backup ShMM to also be exposed on the external network with an IP address that is different from the RMCP IP address only in the least significant bit. The netmask and default gateway on the backup ShMM would be the same as on the active ShMM. For example, if the RMCP IP address is 192.168.0.2, the backup ShMM would have the corresponding IP address 192.168.0.3, with the same netmask and default gateway. To enable this feature, it is necessary to define the Shelf Manager configuration parameter PROPAGATE_RMCP_ADDRESS as TRUE in the Shelf Manager configuration file (/etc/shelfman.conf).
The second network interface connects the Shelf Manager with one of the ATCA network hub boards. Dual USB-based network interfaces are used for communication between the redundant Shelf Managers.
On the ShMM, two additional network interfaces are implemented over the two USB connections. In this configuration, they always connect the two redundant Shelf Managers. These interfaces are named usb0 and usb1. The interface usb0 always exists, while the interface usb1 exists only if the interface usb0 is active on the peer Shelf Manager (which means that the peer Shelf Manager is physically installed and running). Also, the interfaces are cross-connected: usb0 on the first Shelf Manager is connected to usb1 on the second Shelf Manager, and vice versa.
The Shelf Manager supports usage of the USB network interfaces for communication between the redundant Shelf Managers. To use this feature, it is necessary to define two redundancy network adapters in the Shelf Manager configuration file /etc/shelfman.conf, as follows:
REDUNDANCY_NET_ADAPTER = “usb0”
REDUNDANCY_NET_ADAPTER2 = “usb1”
One additional consideration relates to the definition of the subnet mask for the redundancy network interfaces. In the legacy case, when only one redundant network adapter is used, two different IP addresses are derived from the redundancy IP address specified in /etc/shelfman.conf. They are assigned to the two endpoints of the redundancy connection and differ only in the least significant bit.
However, when two redundancy network adapters are used, four different IP addresses are used, one for each of the endpoints (two endpoints on each of the two redundant Shelf Managers). To ensure proper operation, the two endpoints on the same Shelf Manager (usb0 and usb1) must belong to different logical networks, while usb0 on one Shelf Manager and usb1 on the other Shelf Manager must belong to the same logical network. Based on these considerations, the two additional IP addresses are derived by toggling the least significant bit of the subnet mask in the redundancy IP address specified in /etc/shelfman.conf. The subnet mask must therefore be stricter than the default for the specified redundancy IP address class. If the subnet mask is not specified, it is set by default to 255.255.255.128; this is also a recommended value for this parameter in /etc/shelfman.conf if USB network interfaces are used for redundancy.
Here is an example of deriving IP addresses for the USB network interfaces.
Suppose that the following definitions are in /etc/shelfman.conf:
REDUNDANCY_IP_ADDRESS = 192.168.1.2
REDUNDANCY_NETMASK = 255.255.255.128
On the ShMM with the even hardware address, the assignment of IP addresses would look like the following:
usb0: 192.168.1.2 (no changes)
usb1: 192.168.1.130 (toggling the least significant bit of the netmask)
On the ShMM with the odd hardware address, the assignment of IP addresses would looks like the following:
usb0: 192.168.1.131 (toggling the least significant bit of the IP address and the least significant bit of the netmask)
usb1: 192.168.1.3 (toggling the least significant bit of the IP address)
Configuring a ShMM to work in a specific network environment requires changing the following network parameters:
Changing the RMCP network parameters is a multistep process. The U-Boot network environment variables must be updated, then the booted ACTIVE ShMM module network settings must be updated using the Shelf Manager CLI.
1. Attach a serial port console connection to the ShMM module.
This typically is 115200 baud, N/8/1. Reboot the ShMM carrier and press the space bar to interrupt the automatic boot process. You should see the following:
2. Echo the current network settings.
shmm500 getenv rmcpaddr netmask gatewayip rmcpaddr=192.168.0.44 netmask=255.255.255.0 gatewayip=192.168.0.1 shmm500 |
3. Change the settings and commit to non-volatile storage.
4. Boot the ShMM to full operational state and log in as user root.
If this is the first time the Shelf Manager has been booted, or if the flash devices have been reset to factory default prior to boot, then the Shelf Manager uses the network settings provided by U-Boot to set up this networking context (and thus the changes you made in U-Boot are propagated forward).
Otherwise, then the following steps are required to configure the network settings in the Shelf Manager context.
6. Check to see if you are the active Shelf Manager.
You only need to make changes on the active shelf management card using the cpld command which also updates the backup with the network configuration changes through the redundancy interface. If you are not the active ShMM, then connect to the other ShMM device and continue to Step 7.
# cpld CPLD word: E806 0002h - Local Healthy 0004h - Switchover Request Local 0800h - Hot Swap Latch Open 2000h - Active 4000h - Interrupt Status 8000h - Reboot Was Caused By Watchdog # |
7. Get the current IP settings
8. Change the IP settings as shown.
In the default configuration, the active ShMM can be accessed using the RMCP IP address and backup ShMM accessed using the RMCP IP1 address (which is assigned automatically). In some networks is might be desirable to identify the ShMMs using IP addresses that are different from the RMCP address. The advantage being that the active ShMM can be accessed using either its IP address or RMCP address, and backup ShMM can be accessed using its IP address.
To configure ShMMs with one IP address each and a single RMCP address that is shared (that is; only the active ShMM will have the RMCP address), do the following:
a. Change the U-Boot variables on the upper ShMM as shown. See Assigning Values to Environment Variables for more information.
b. Edit the /etc/shelfman.conf file on the upper ShMM:
i. Change the value of the PROPAGATE_RMCP_ADDRESS variable to FALSE.
ii. Change the RMCP_NET_ADAPTER to eth0:1.
c. Delete /etc/readhwaddr from active ShMM.
a. Change the U-Boot variables on the lower ShMM as shown. See Assigning Values to Environment Variables for more information.
b. Edit the /etc/shelfman.conf file on the lower ShMM:
i. Change the value of the PROPAGATE_RMCP_ADDRESS variable to FALSE.
ii. Change the RMCP_NET_ADAPTER to eth0:1.
c. Delete /etc/readhwaddr from active ShMM.
3. After rebooting both ShMMs, can verify the changes by using the commands ifconfig eth0 and ifconfig eth0:1 on both ShMMs.
On the backup ShMM, device eth0:1 will be undefined.
The Shelf Manager configuration file (shelfman.conf) is located in the /etc directory. Each line in the file is either a comment line (starting with #) or a
name = value pair, representing the assignment for the configuration parameter. The name and the value are separated with the equal sign (=).
The configuration parameter name is case insensitive. Each configuration parameter is one of the following types: Boolean, number, string, or IP address.
Format of the value conforms to the type of the configuration parameter as follows:
It is possible to specify a value of an environment variable as a configuration parameter value, using the notation $envvar; in that case, the value of the variable envvar is substituted when the configuration file is read. For example:
DEFAULT_RMCP_IP_ADDRESS = $IPADDR
After the Shelf Manager has been brought up for the first time, the IP addresses are stored with the IPMI LAN configuration parameters. The LAN configuration parameters can be accessed or modified via any of the RMCP or CLI shelf-external interfaces and take precedence over the shelfman configuration file when the Shelf Manager is restarted. This is to ensure the persistency of any modifications that are made to the LAN IP addresses and gateway via those interfaces. If however, the Shelf Manager IP connection record in the Shelf FRU Information contains an IP address, it take precedence over all other settings of the shelf-external or RMCP IP address. It is recommended that the Shelf FRU Information either not specify this address or set it to 0.0.0.0 to ensure that addresses can be controlled through the Shelf Manager configuration file and the IPMI LAN configuration parameters.
The following configuration parameters are currently supported:
|
If specified, this parameter explicitly specifies the current system as AdvancedTCA (if FALSE). If not specified (TRUE), the choice of the system type is made automatically. It is not recommended to specify this parameter, unless it is necessary to override a wrong hardware detection algorithm for the system type. |
|||
|
If set to TRUE, both IPM controllers exposed by the active Shelf Manager (representing the physical and the logical Shelf Managers) are activated even if the Shelf FRU Information cannot be found. This option should be used with caution, because the power consumption of the payload of the physical Shelf Manager IPM controllers may potentially exceed the power capability of the corresponding slot in the shelf. |
|||
|
The alarm cutoff timeout (time after which the alarm cutoff is deactivated), in seconds. |
|||
|
If set to TRUE, most of the commands allowed from the RMCP interface are allowed from IPMB-0 as well (except for session-related commands). For example, Cold Reset and user management commands are allowed from IPMB-0. |
|||
|
If set to TRUE, the Event receiver address for the Shelf Manager can be set to an address other than 20h, LUN 0. If set to FALSE, any attempt to change event receiver address for the Shelf Manager is rejected. |
|||
|
If set to TRUE, the critical alarm condition can be cleared by the CLI command clia alarm clear. |
|||
|
If set to TRUE, the command Cold Reset is accepted even if the Shelf Manager does not have an available backup, and reboots the Shelf Manager. By default, the command Cold Reset is accepted only in a dual redundant configuration and causes a switchover. |
|||
|
Use alternate controller on the Shelf Manager with the address = ShMM hardware address. |
|||
|
This variable, if set, turns off event handling optimizations in the Shelf Manager, so that the Shelf Manager behavior is compatible with the Polaris ATCA Tester. |
|||
|
Automatically convert an RMCP request sent to a non-Shelf Manager IPMB address into a Send Message request directed to that address. |
|||
|
The name of the specific carrier board on which the ShMM is installed. |
|||
|
The carrier-specific options; defined separately for each supported carrier. |
|||
|
Output log messages to the console on which the Shelf Manager was started. |
|||
|
The minimum timeout between successive decrements of the fan speed during operation of the cooling algorithm in Normal state. Should be a multiple of COOLING_POLL_TIMEOUT; if not, it is rounded up to the next multiple. If the parameter is omitted or set to 0, this timeout is equal to COOLING_POLL_TIMEOUT. |
|||
|
The minimum timeout between successive increments of the fan speed during operation of the cooling algorithm in Minor Alert state. Should be a multiple of COOLING_POLL_TIMEOUT; if not, it is rounded up to the next multiple. If the parameter is omitted or set to 0, this timeout is equal to COOLING_POLL_TIMEOUT. |
|||
|
Do not use local control capabilities on fan devices; Shelf Manager explicitly manages the fan level. |
|||
|
If specified, the name of the shared library that implements cooling management. The actual name of the library is libcooling_<xxx>.so, where <xxx> is the value of this configuration parameter. This library is dynamically loaded by the Shelf Manager and must be located in /var/bin or /lib. |
|||
|
The maximum time (in seconds) between successive invocations of the cooling monitoring and management thread. |
|||
|
The default IP address used for the gateway for shelf-external (RMCP-based) communication, if the corresponding parameter is set to 0.0.0.0 in the IPMI LAN Configuration Parameters for channel 1. If a non-zero gateway IP address is provided in the LAN Configuration Parameters, the value provided in the Shelf Manager configuration file is ignored. |
|||
|
The default IP address used for the gateway for shelf-external (RMCP-based) communication on the second network interface, if the corresponding parameter is set to 0.0.0.0 in the IPMI LAN Configuration Parameters for channel 2. If a non-zero gateway IP address is provided in the LAN Configuration Parameters, the value provided in the Shelf Manager configuration file is ignored. Not defined by default. This parameter is used only if the value of USE_SECOND_CHANNEL is TRUE. |
|||
|
The default IP address used for shelf-external (RMCP-based) communication; it is switched over between the redundant instances of the Shelf Manager. This IP address is used only if the corresponding parameter is set to 0.0.0.0 in the IPMI LAN Configuration Parameters for channel 1 and in the Shelf Manager IP Connection record in Shelf FRU Information. If a non-zero IP address is provided in the LAN Configuration Parameters and/or Shelf FRU Information, the value provided in the Shelf Manager configuration file is ignored. |
|||
|
The default IP address used for shelf-external (RMCP-based) communication on the second network interface; it is switched over between the redundant instances of the Shelf Manager. This IP address is used only if the corresponding parameter is set to 0.0.0.0 in the IPMI LAN Configuration Parameters for channel 2. If a non-zero IP address is provided in the LAN Configuration Parameters, the value provided in the Shelf Manager configuration file is ignored. |
|||
|
The network mask for the network adapter used for RMCP communication. This mask is used only if the corresponding parameter is set to 0.0.0.0 in the IPMI LAN Configuration Parameters for channel 1 and in the Shelf Manager IP Connection record in Shelf FRU Information. The default value depends on the class of the default IP address used for the gateway for shelf-external (RMCP-based) communication. (see parameter DEFAULT_RMCP_IP_ADDRESS). For example, for an IP address of class C, this parameter is set to 255.255.255.0. |
|||
|
The network mask for the second network adapter used for RMCP communication. This mask is used only if the corresponding parameter is set to 0.0.0.0 in the IPMI LAN Configuration Parameters for channel 2. The default value depends on the class of the default IP address used for the gateway for shelf-external (RMCP-based) communication. (see parameter DEFAULT_RMCP_IP_ADDRESS2). For example, for an IP address of class C, this parameter is set to 255.255.255.0. |
|||
|
The default Virtual LAN ID used for the first LAN channel. This value is used only as the default value for the corresponding LAN configuration parameter; once LAN configuration parameters are defined and stored on the ShMM, the value provided in the Shelf Manager configuration file is ignored. |
|||
|
The default Virtual LAN ID used for the second LAN channel. This value is used only as the default value for the corresponding LAN configuration parameter; once LAN configuration parameters are defined and stored on the ShMM, the value provided in the Shelf Manager configuration file is ignored. |
|||
|
This variable turns on the deadlock detection in CLI and RMCP server facilities in the Shelf Manager. The detection is based on the internal watchdog that must be periodically strobed by the threads serving CLI and RMCP requests. If one of the threads fails to strobe the internal watchdog, the actual watchdog does not get strobed, and ultimately the ShMM resets, initiating a failover to the backup Shelf Manager. In addition, lock data structures are periodically checked directly for the presence of a deadlock. |
|||
|
The time (in seconds) between successive polls of the IPMB devices by the Shelf Manager by the Get Device ID command. |
|||
|
If this variable is set, only the RMCP IP addresses are assigned via the DHCP mechanism; private IP addresses of the ShMMs are not touched by DHCP. |
|||
|
This parameter is the IP address of the DHCP server; it applies only if the variable USE_DHCP is TRUE. If this parameter is omitted or set to 0.0.0.0, and the USE_DHCP variable is TRUE, the Shelf Manager accepts address information from any DHCP server that responds to its broadcast discovery request. |
|||
|
This variable controls whether the Shelf Manager allows direct writes to the Shelf FRU Info (FRU Device ID #254 on the IPM controller at 20h on IPMB-0) via the IPMI command Write FRU Data. By default, direct writes are prohibited (as mandated by PICMG 3.0 R2.0 ECN-002, which requires that Shelf FRU Info writes use a special locking protocol so that only one writer is active at once). Setting this variable to TRUE enables direct writes for compatibility with System Manager applications that rely on the pre-ECN-002 behavior. |
|||
|
This variable defines what to do if the Shelf Manager runs without backup and detects a loss of the local Healthy bit. If this variable is TRUE, the Shelf Manager exits, the ShMM reboots and the Shelf Manager is restarted. If this variable is FALSE, the Shelf Manager sets the Healthy bit and continues operation, |
|||
|
If TRUE, the Shelf Manager exits (probably resetting the ShMM) if no Shelf FRU can be found. |
|||
|
This is the path to an executable file (or a script file) on the Shelf Manager that performs local handling of events via PEF. |
|||
|
The delay in seconds after Shelf Manager startup or after a switchover, during which the cooling algorithm does not check the number of present fan trays, giving the existing fan trays enough time to activate. This applies to the carriers where cooling management raises the fan speed to maximum if the actual number of fan trays in the shelf is fewer than what is specified in the Shelf Address Table. |
|||
|
The number of fan steps by which the fan speed is decreased during operation of the cooling algorithm in the Normal state. This parameter may be overridden by a ShMM carrier-specific cooling algorithm. |
|||
|
The number of fan steps by which the fan speed is increased during operation of the cooling algorithm in the Minor Alert state. This parameter may be overridden by a carrier-specific cooling algorithm. |
|||
|
Turns on Hardware Platform Description Language (HPDL) support in the Shelf Manager. The carrier and chassis HPDL data and SDRs are taken from the FRU Information or from the files and are used to define the behavior of the platform, plus the number and types of managed FRUs and sensors. |
|||
|
Turns on support of HPDL information stored on subsidiary FRUs. If TRUE, the Shelf Manager looks for HPDL data and SDRs in the FRU Information of its subsidiary FRUs. If these data are found for a specific FRU, they are used to substitute definitions for that FRU from the carrier or chassis HPDL data and/or SDRs. |
|||
|
This parameter tells the Shelf Manager to ignore board power down failure in case of Critical Alert and not to power down all boards in chassis in this case. This parameter also instructs the Shelf Manager to ignore board power level decrease failure in case of Major Alert and not to decrease power level for all boards in chassis in this case. If this parameter is FALSE, all boards in chassis are powered down if board(s) that caused Critical Alert cooling state fail to power off; also power level for all boards in chassis is decreased if decreasing power level fails for board(s) that caused the Major Alert cooling state. |
|||
|
The initial fan level that the Shelf Manager applies to fan trays. Usually fan level values are in 0..15 range, where 0 is the slowest, and 15 is the fastest possible fan speed. |
|||
|
The initial delay, in seconds, before the Shelf Manager starts testing the integrity of the physical network link between the Shelf Manager and the System Manager (the RMCP link; see the description of the configuration parameter SWITCHOVER_ON_BROKEN_LINK). A non-zero delay can be used to accommodate slow network links that need significant time to initialize after shelf power up. |
|||
|
This variable controls which sequence number is used in the response to a Send Message command bridged from LAN to IPMB. If TRUE, the sequence number of the command encapsulated in the Send Message request is used. If FALSE, the sequence number of the Send Message request itself is used. According to a clarification being proposed for the latest version of the PICMG 3.0 specification, the first variant is correct, while the Shelf Manager historically used the second variant. The old behavior can be restored by setting to the value to FALSE. |
|||
|
The IPMB address of the Shelf Manager, overriding the hardware address. A value of 0 causes the Shelf Manager to read the hardware address from hardware and set IPMB address to hardware address * 2. |
|||
|
In radial shelves, if an IPMB link is disabled due to the isolation algorithm, the link is automatically enabled after this time interval (in seconds). -1 (the default) indicates "forever". |
|||
|
The number of attempts to resend an IPMB request before finally giving up, if no response is received to the request. |
|||
|
The amount of time the Shelf Manager waits for a response after sending an IPMB request, before retrying the request. |
|||
|
The millisecond part of the retry timeout value. If the retry timeout is less than a second, this configuration variable contains the actual timeout, while the value of the configuration variable IPMB_RETRY_TIMEOUT is 0. |
|||
|
Setting this variable to TRUE preserves the Shelf Manager’s identification of an IPM controller after a firmware upgrade if only the Firmware Revision and/or Auxiliary Firmware Revision information is changed. If the variable is set FALSE, any change in Get Device ID response data during the Shelf Manager’s regular polls is considered to signal the presence of a different IPM controller. |
|||
|
The 7-bit I2C multiplexer address (on platforms where SHMM_GPIO8 is used to control access from the Shelf Manager to the multiplexer on the master-only I2C bus). |
|||
|
This parameter instructs the isolation algorithm to skip this number of accesses to a faulty bus before trying to enable it (on the platforms where SHMM_GPIO8 is used to control access from the Shelf Manager to the multiplexer on the masteronly I2C bus). |
|||
|
Must be set to TRUE for the platforms where SHMM_GPIO8 is used to control access from the Shelf Manager to the multiplexer on the master-only I2C bus. |
|||
|
Create a local FRU 1 on the Shelf Manager that exposes the Shelf FRU Information (obtained from the file /var/nvdata/shelf_fru_info). |
|||
|
The maximum time (in seconds) for a FRU to stay in M7 state; after the expiration of this time, the FRU automatically transitions to M0. -1 (the default) stands for forever. Setting this parameter to 0 completely prevents FRUs from going into state M7. |
|||
|
Determines maximum fan level to use when the NEBS Strategy is in effect. |
|||
|
Determines the upper limit of intake air temperature for the NEBS strategy to be effective. |
|||
|
This parameter defines the maximum timeout (in seconds) for command subscriber to read notifications from socket. If this timeout is exceeded the subscriber is considered dead and is automatically unregistered. |
|||
|
The maximum number of entities that can simultaneously subscribe to receive event notifications from the Shelf Manager. |
|||
|
The maximum timeout for an event subscriber, in seconds, between the moment when an event arrives and the moment when the subscriber retrieves this event from the Shelf Manager. If this timeout is exceeded, the subscriber is considered dead and is automatically unregistered. |
|||
|
The size of the internal Shelf Manager queue for incoming IPMB requests. Incoming IPMB requests are stored in this queue before processing. |
|||
|
The maximum number of retransmissions of an IPMB command if the receiver always returns the completion code Node Busy in response. |
|||
|
The maximum number of special PEF event filters for handling OEM-type System Event Log (SEL) entries. |
|||
|
This parameter specifies the maximum number of command pending notifications. |
|||
|
The maximum number of outstanding event notifications for each active subscriber. |
|||
|
The maximum number of pending IPMB requests awaiting response. |
|||
|
The maximum number of entries in the system event log (SEL). |
|||
|
If TRUE, the Shelf Manager operates as a MicroTCA Shelf Manager (the second RMCP channel is used for interaction with Carrier Managers). |
|||
|
The minimum fan level; the cooling management code can not reduce the fan level of any fan below this value when controlling the fan level automatically. |
|||
|
The minimum number of Shelf FRUs in the shelf that the Shelf Manager must detect to start up successfully. |
|||
|
The time in seconds for which the Shelf Manager preserves the minimum fan level dynamically found in Normal mode (that is, the minimum fan level that does not cause thermal alerts). After this time expires, the cooling algorithm decreases the minimum fan level, if possible, to allow the shelf to decrease the fan level if the thermal load in it has also decreased. |
|||
|
This parameter sets the time (in nanoseconds) for subsequent checks in the notification thread for new notifications in the internal queue. The default value is 1000000 (1 millisecond). |
|||
|
Specifies the format of the Platform Event Traps that are sent by the Shelf Manager as the Alert action initiated by event processing in the Platform Event Filtering facility. The values are defined as follows: |
|||
|
Create IPMI sensors based on physical sensors hosted by ADM1026 and LM75 chips. |
|||
|
Allow the FRUs not listed in the power management table in the Shelf FRU Information to be activated and powered up. |
|||
|
If TRUE, the active Shelf Manager propagates the RMCP IP address to the backup Shelf Manager, which configures the network interface specified by the RMCP_NET_ADAPTER variable using that IP address, but with the least significant bit inverted. |
|||
|
Run the Shelf Manager in redundant mode. Must be set to TRUE on systems with two shelf management cards. |
|||
|
The name of the network adapter used for communication between redundant instances of the Shelf Manager. |
|||
|
The name of the second network adapter used for communication between redundant instances of the Shelf Manager (if the dual-USB network interface is used for this purpose). |
|||
|
The netmask to assign to the redundancy IP address; by default (if 0), the netmask is determined automatically from the class of the IP address. |
|||
|
The TCP port used for interactions between redundant instances of the Shelf Manager. |
|||
|
The IP address used for redundant communications. This address actually specifies a pair of IP addresses that differ only in the least significant bit. They are assigned to redundant Shelf Managers according to their hardware addresses. |
|||
|
The maximum number of times the Shelf Manager retries the Reserve Device SDR command. |
|||
|
The name of the network adapter used for RMCP-based communication. |
|||
|
The name of the alternate network adapter used for RMCP-based communications, if cross-connect links are supported by the hardware. |
|||
|
RMCP is available in the absence of the Shelf FRU only if this configuration parameter is defined and set to TRUE. |
|||
|
The maximum number of times the Shelf Manager retries the Read Device SDR command. |
|||
|
The high watermark for the algorithm that controls automatic purging of the SEL; if the actual percentage of free entries in the SEL falls below this value, or the SEL overflows, the Shelf Manager starts a thread that purges old records from the SEL in order of decreasing age. |
|||
|
The low watermark for the algorithm that controls automatic purging of the SEL; if the thread that purges old records from the SEL starts, it will purge records until the percentage of occupied entries in the SEL falls below this value. |
|||
|
The time (in seconds) between successive polls of local Shelf Manager sensors by the Shelf Manager. |
|||
|
This is the window of acceptable RMCP sequence numbers; the wider this window, the more tolerant is the Shelf Manager to RMCP packets being dropped during transfer. If the difference in the sequence numbers of a received packet and the previous packet exceeds the window size, the Shelf Manager closes the RMCP session as a corrupted one. |
|||
|
If TRUE, the Shelf FRU information is retrieved from EEPROMs on the backplane in a carrier-specific way; if FALSE, the Shelf FRU information is obtained from a file on the Flash file system. |
|||
|
If defined (non-zero), specifies the IPMB address of the first designated source of Shelf FRU Information in the shelf. (Shelf FRU is located at FRU 1.) If this value is defined, the search for the Shelf FRU on the IPMB is limited to the designated sources only. |
|||
|
If defined (non-zero), specifies the IPMB address of the second designated source of Shelf FRU Information in the shelf. (Shelf FRU is located at FRU 1.) If this value is defined, the search for the Shelf FRU on the IPMB is limited to the designated sources only. |
|||
|
The time interval during initialization that the Shelf Manager waits for Shelf FRU Information devices to be detected. |
|||
|
Determines the type of the Send Message response provided by the Shelf Manager: required by the PICMG 3.0 ECR (if TRUE) or compatible with the previous versions of the Shelf Manager (if FALSE). |
|||
|
Swaps the names of network adapters used for cross-connects on the ShMM with the odd hardware address. |
|||
|
If TRUE, switchover-related behavior of the Shelf Manager is affected by the state of its hot-swap handle, as follows:
|
|||
|
This parameter affects when or whether the Shelf Manager initiates a switchover when the physical network link between the Shelf Manager and the System Manager (the RMCP link) is broken. If the link remains broken for at least the number of seconds given in this parameter, a switchover takes place; if the link is restored during this time-out period, no switchover takes place. If the value of this parameter is -1, no automatic switchovers take place on broken RMCP links. |
|||
|
If TRUE, the Shelf Manager algorithm for truncating the SEL automatically is disabled; the System Manager is responsible for truncating the SEL by monitoring the value of the sensor SEL State of the type Event Logging Disabled on the Shelf Manager, and removing events from the SEL by sending the Delete SEL Entry command to the Shelf Manager. |
|||
|
Controls the delay between setting the fan level and updating the fan tachometer thresholds in shelves where dynamic fan tachometer thresholds are supported. |
|||
|
The number of times each Shelf Manager tasklet (activation, deactivation, getting information) retries before finally giving up. |
|||
|
This parameter specifies the number of tachometer underspeed faults (crossing Major or Critical thresholds) cause the remaining fans to go to the TURBO mode (that is, run at full speed) in the default HPDL cooling management algorithm. If the shelf implements zoned cooling, the specified number of tachometer faults is counted relative to each zone and setting the TURBO mode affects only the fan trays that participate in cooling of the corresponding zone. |
|||
|
If its value is TRUE, the Shelf Manager unconditionally re-reads SDRs from an IPM controller when it receives a Version Change event from that controller, even if the Sensor Population Change Indicator in the "Get Device SDR Info" response does not change. This is done for the benefit of ATCA boards that are not fully IPMI-compliant in this respect. The default value of this variable is FALSE. |
|||
|
Requests assignment of RMCP-accessible and private IP addresses for the Shelf Manager from a DHCP server; the configuration parameter PREFERRED_DHCP_SERVER can be used to specify the IP address of the preferred DHCP server. |
|||
|
This parameter applies only if two network interfaces on the ShMM are used for RMCP communication. If TRUE, the two network interfaces on the ShMM are used in parallel mode; if FALSE, they are used in redundant mode. |
|||
|
The Shelf Manager verbosity level. The default verbosity level is 7, errors, warnings and informational messages. See Verbosity Level Description for more information. |
|||
|
Enable verification of checksums in Shelf FRU Information records; if set to FALSE, Shelf Manager ignores checksums. |
|||
By default, the Configuration file variables are used automatically when the ShMM is brought up for the first time. The default configuration file imports the following environment variables set by U-Boot:
The environment variables $CARRIER and $CARRIER_OPTIONS are set by the secondary RC script. The name of this carrier-specific startup script is defined by the U-Boot environment variable rc2. The shelf manager can be reset to factory default parameter values if needed (see Re-initializing the File System).
A copy of default configuration file is shown in EXAMPLE 2-1:
After reading the common configuration file /etc/shelfman.conf, the Shelf Manager reads the carrier-specific configuration file /etc/shelfman.conf.carrier-name, where carrier-name is the name of the ShMM carrier used in the relevant shelf, in lowercase characters. Settings in the carrier-specific configuration file override settings for the same variable in the common configuration file.
This mechanism allows redefinition of common settings on a carrier-specific basis. Typically, only a few critical configuration variables are defined in the carrier-specific file. For instance, the appropriate value for the MIN_FAN_LEVEL parameter may well be determined by the shelf architecture and the fan facilities that it implements. This mechanism allows such shelf-specific constraints to be enforced.
One result of this mechanism is that to change the effective value of a configuration parameter that is specified in the carrier-specific configuration file, the change must be made in that configuration file. A change for such a variable in the common configuration file will not have any effect.
The verbosity level allows for additional output to be sent to either the console or to the Syslog depending on how the configuration parameters CONSOLE_LOGGING_ENABLED and SYSLOG_LOGGING_ENABLED are set. The VERBOSITY configuration parameter is a hexadecimal bit mask, each bit enabling output of a specific type of message:
|
Messages displayed for important commands sent to the IPM controllers during their initialization (not recommended) |
|
|
Verbose messages about acquiring and releasing internal locks (not recommended) |
The default debug level is 7 which allows error, warning, and informational messages to be output.
When the system is brought up for the first time, the clock is not set and must be initialized. Initially the clock is set to January 1, 1970. The date can be accessed via the serial console.
To change the date, type in the correct date using the date application. The format for the date command is MMDDHHmmCCYY.ss, where:
To make the date persistent, you must store it using the hwclock application.
In some cases, you might get the error message:
This error can be ignored. It is due to the original date being in an uninitialized state.
If the shelf management card does not have an real-time clock (RTC) battery, it is possible to obtain the system date and time from a time server during system startup and synchronize it periodically thereafter. The selected time server must support RFC 868 over TCP as required by the rdate utility. To enable this feature, it is necessary to define the U-Boot variable time_server and optionally the additional variable timezone.
The time_server variable contains the IP address of the time server that the Shelf Manager is to query for the system time after the startup. This variable is propagated to the Linux level as the environment variable TIMESERVER. If this variable is set, the startup script /etc/netconfig starts the script /etc/timesync as a daemon, which runs in an endless loop and queries the time server with a default interval of 300 seconds. To change this interval, edit the script /etc/timesync and change the value of the variable INTERVAL.
| Note - When time_server variable is specified, the ip1device variable must be set to usb0 for proper synchronization. |
The variable timezone contains the name of the current time zone followed by its offset from Greenwich Mean Time (GMT). The offset is positive for time zones to the west of Greenwich and negative for time zones to the east of Greenwich. This variable is propagated to the Linux level as the environment variable TZ. The default value of this variable is UTC0; that is, Universal Coordinated Time (UTC), which matches Greenwich time.
The time sent by time servers is GMT; if the time zone on the Shelf Manager is not set or not set correctly, the time obtained from the time server will be interpreted incorrectly. The three-letter name of the time zone is not used by the Shelf Manager, but is propagated to set the Linux time zone. (For instance, if the time zone name XXX0 is used, the date command produces output like Thu Sep 9 21:24:24 XXX 2004.
Here is an example of a timezone definition for US Eastern Time:
Here the digit 5 specifies that the time zone is five hours west of GMT. Any arbitrary three letters can replace EST; they are used to identify the time zone in (for example) Linux date command output.
The U-Boot timezone variable must be set accordingly to set the timezone for daylight saving. The timezone variable is propagated to the Linux level as the environment variable TZ and uses a format similar that of the TZ Linux variable.
1. Stop the autoboot process at the U-Boot prompt by hitting any key at the prompt:
2. Set the timezone variable (for example PST/PDT)
3. Save the new timezone value:
User accounts for RMCP access are set up using the Shelf Manager’s CLI. User information is entered on the active shelf management card, and immediately mirrored, or shared, on the standby shelf management card. The shelf management card supports 32 accounts with passwords.
|
1. Log in to the active shelf management card.
where the variable parameters have the following meaning:
user-name - the user name (up to 16 characters)
channel-access-flag - the first byte of the SetUserInfo commands (only bits 4, 5, and 6 are meaningful)
privilege-level - the user privilege level
password - the user password (it is truncated to 16 characters without any notice)
The following example shows how to add user 9 with the name root, administrator privilege level, and password PICMG guru.
See user for more information about permissions and the clia user command.
The username field has a maximum length of 16 characters. It must contain at least one lowercase alphabetic character, and the first character must be alphabetic.
Valid characters for username include:
Passwords can be up to 16 characters long, anything over 16 is truncated.
When using telnet, ssh, and ftp to remotely logging into the ShMM as root, the root password can be visible over the network. Disabling these remote root logins provides the additional security needed to protect the root password.
Disabling remote root login involves removing the root userid from the telnet, ssh, and ftp configuration files on both the active and standby ShMMs, adding a non-root user, and giving the new user su - capability. To do this, use the following procedures:
1. Log on the active ShMM as root.
2. Disable remote root login for SSH
Edit the /etc/inetd.conf file and add the -g option to /bin/sshd -i command at the end the line starting with ssh. For example:
Edit the /etc/ftpaccess file and comment out the allow-uid %0 parameter by inserting a # (pound sign) in the beginning of the line and add the deny-uid %0 parameter as a new line in the file. For example:
4. Disable root login for telnet
Edit the /etc/securetty file and remove or comment out all the entries starting with ttyp. Be sure not to delete or comment out the console and ttyS0 lines or else root access on serial console will also be denied.
6. Give the new userid su - capability
a. Create an /etc/busybox.conf file and add the two lines shown in example.
# cat /etc/busybox.conf [SUID] su = ssx root.0 # su can be performed from non-root passwd = ssx root.0 # non-root user can change his password # |
b. Change the file ownership and group to root. For example:
7. Repeat the same steps on Standby ShMM and reboot
The Shelf Manager includes support for OpenHPI which is an open source implementation of the SA Forum’s Hardware Platform Interface (HPI). HPI provides an interface to managing computer hardware, typically for chassis and rack based servers. Access to HPI is done through the OpenHPI SNMP subagent using the SNMP MIB. Refer to the Sun Netra CT900 Server Software Developer’s Guide for more information on OpenHPI and SNMP.
There are two configuration files that require the system administrator’s attention:
If you are using an ATCA release earlier than R3U3, the OpenHPI configuration file, /etc/openhpi.conf, must be updated to provide the correct IP address for the ShMM. After the configuration file is updated, the ShMM must be reset to implement the changes.
| Note - Do not use a variable for the IP address in the /etc/openhpi.conf file. Therefore $IPADDR and localhost can not be used. |
With R3U3 and newer releases, it is not necessary to set the RMCP address in /etc/openhpi.conf. The ShMM software automatically reads the Shelfman IP connection record from the midplane FRU that has the RMCP address and starts openhpid with that RMCP address.
|
1. If using an ATCA release earlier than R3U3, edit the /etc/openhpi.conf file and change the value of the libpigeonpoint addr parameter to the ShMM’s IP address.
A snip of the /etc/openhpi.conf file follows:
2. Reboot the ShMM by issuing the reboot command at the prompt.
The SNMP agent configuration file, /etc/snmpd.conf, defines how the SNMP agent operates and includes directives for access control and setting traps. Information on access control, SNMPv3 configuration, and setting traps is provided in the subsequent sections. Refer to the Sun Netra CT900 Server Software Developer’s Guide for more information.
The SNMP agent supports the View-Based Access Control Model (VACM) a defined in RFC 2575. To this end, it recognizes the following keywords in the configuration file:
In addition, it recognizes some easier-to-use wrapper directives:
This section defines how to configure the snmpd program to accept various types and levels of access.
rouser user [noauth|auth|priv] [OID]
rwuser user [noauth|auth|priv] [OID]
Creates an SNMPv3 USM user in the VACM access configuration tables. It is more efficient (and powerful) to use the combined group, access, and view directives, but these wrapper directives are much simpler.
The minimum level of authentication and privacy the user must use is specified by the first token (which defaults to auth). The OID (object identifier) parameter restricts access for that user to everything below the given OID.
rocommunity community [source] [OID]
rwcommunity community [source] [OID]
Create read-only and read-write communities that can be used to access the agent. They are a quick wrapper around the more complex and powerful com2sec, group, access, and view directive lines. They are not as efficient as these, because groups are not created, so the tables are potentially larger. These directives are not recommended for complex environments. If your environment is relatively simple or you can sustain a small negative performance impact, use these directives.
The format of the source token is described in the com2sec directive section below. The OID token restricts access for that community to everything below that given OID.
Specifies the mapping from a source/community pair to a security name. source can be a hostname, a subnet, or the word default. A subnet can be specified as IP/mask or IP/bits. The first source/community combination that matches the incoming packet is selected.
Defines the mapping from securitymodel/securityname to a group. model is one of v1, v2c, or usm.
access name context model level prefx read write notify
Maps from group/security and model/security level to a view. model is one of any, v1, v2c, or usm. level is one of noauth, auth, or priv. prefx specifies how context should be matched against the context of the incoming PDU, either exact or prefix. read, write and notify specify the view to be used for the corresponding access. For v1 or v2c access, level is noauth, and context is empty.
Defines the named view. type is either included or excluded. mask is a list of hex octets, separated by a period (.) or a colon (:). The mask defaults to ff if not specified. Use of the mask allows you to control access to one row in a table in a relatively simple way. As an example, as an ISP you might consider giving each customer access to his or her own interface:
These entries cover up and include the row index, yet still allow the user to vary the field of the row.
The following are VACM examples:
The subagent needs to be configured with an engineID to be able to respond to SNMPv3 messages. With this configuration file line, the engineID is configured from string. The default value of the engineID is configured with the first IP address found for the hostname of the machine.
createUser username (MD5|SHA) authpassphrase [DES][privpassphrase]
MD5 and SHA are the authentication types to use, but you must have built the package with OpenSSL installed in order to use SHA. The only privacy protocol currently supported is DES. If the privpassphrase is not specified, it is assumed to be the same as authpassphrase.
| Note - The users created are useless unless they are also added to the VACM access control tables described above. |
| Note - The minimum pass phrase length is 8 characters. |
Defines the default community string to be used when sending traps. Note that this command must be used prior to any of the three commands (immediately following) that are intended for use with this community string.
trapsink host [community [port]]
trap2sink host [community [port]]
informsink host [community [port]]
Define the hosts to receive traps (or inform notifications with informsink). The daemon sends a Cold Start trap when it starts up. If enabled, it also sends traps on authentication failures. You can specify multiple trapsink, trap2sink and informsink lines to specify multiple destinations. Use trap2sink to send SNMPv2 traps and informsink to send inform notifications. If community is not specified, the string from a preceding trapcommunity directive is used. If port is not specified, the well-known SNMP trap port (162) is used.
A more generic trap configuration token that allows any type of trap destination to be specified with any version of SNMP. This requires that you specify a version number of v2c or v3 as well.
|
1. Edit the /etc/snmpd.conf file to add, change, or delete directives as needed.
2. Reboot the ShMM by issuing the reboot command at the prompt.
When you enable the daemon monitor, the OpenHPI process is monitored and, if the daemon for any reason dies or exits, the following actions are taken.
By default this feature is disabled. After installing the R3U1 updates on the ShMM, you can enable the monitor as follows.
1. Set the U-Boot variable monitor_daemons to y.
See Setting Up U-Boot for more information.
| Note - If you are setting variables in the U-Boot shell, enter saveenv command before the reboot command to save the changes: |
2. Repeat the same commands for the backup ShMM.
RADIUS (Remote Authentication Dial-In User Service) is a client/server protocol and software that enables remote access servers to communicate with a central server to authenticate dial-in users and authorize their access to the requested system or service. The protocol is covered by RFC2865.
The Shelf Manager version 2.4.x (and above) provides RADIUS client support. The system administration only needs to edit the /etc/raddb/server file on the Shelf Manager and provide the server information. The following is a sample /etc/raddb/server file:
#<radius_server_ip_address> <radius_secret> <wait_period> 127.0.0.1 secret 1 other-server other-secret 3 |
If multiple RADIUS servers are provided, they are tried in order. The first server to return success or failure causes the module to return success or failure. Only if a server fails to response is it skipped and the next server in turn is used.
By default, the superuser (root) can log in to Shelf Manager using console, telnet, or ssh using either the factory default password or RADIUS password.
To enble the Shelf Manager to accept only RADIUS passwords or to accept only local root password, the standard PAM configuration files need to be modified accordingly. These files are /etc/pam.d/login and /etc/pam.d/sshd on the Shelf Manager. (Refer to standard PAM (Port to Application Mapping) rules for configuration).
| Sun Netra CT900 Server Administration and Reference Manual | 819-1177-18 |
|
Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
To Change Default ShMM Network Parameters
