Using the Administrative Interfaces

C H A P T E R 1

This chapter describes how to gain administrative access to the 5800 system in order to perform the administrative tasks described in this guide. It includes the following sections:

About Administrative Interfaces

Hive-Level and Cell-Level Functions

Using the CLI

Using the GUI

Multiple Users Accessing the CLI or GUI

Task Overview

About Administrative Interfaces

You perform administrative tasks on the 5800 system in one of two ways: using a command-line interface (CLI) or using the administrative graphical user interface (GUI). You access the CLI with the ssh command, and if you want, you can script CLI commands. You access the GUI using a web browser.

Using either the CLI or the GUI, you can perform administrative tasks such as configuring the system’s IP addresses; specifying which clients are authorized to access data on the system; monitoring individual components including disks and nodes; shutting down, powering down, and rebooting the system; and setting up the schema definitions.

The remaining chapters in this guide provide detailed procedures for using each of these interfaces to perform administrative tasks. For the complete syntax of each of the CLI commands, see the Reference: CLI Commands. For more information on how to navigate the GUI interface, refer to the online Help supplied with the GUI. For a list of administrative tasks and which interface you can use to perform those tasks, see Task Overview.

Hive-Level and Cell-Level Functions

Most administrative tasks that you perform on the 5800 system affect all cells in a multicell configuration and are therefore considered “hive-level” functions. Examples of hive-level functions include setting the administrative password, specifying which clients are authorized to access the data on the system, and setting up email notifications of system events.

Some administrative tasks affect only one cell in a multicell environment. For example, you specify the administrative IP address, the data IP address, and the default gateway for each cell separately.

For CLI commands that affect only one cell, you must enter the cell ID of the cell you want to administer

To display the cells and cell IDs configured on your system, use the
hiveadm --status command

ST5800 $ hiveadm --status
There is/are 2 cell(s) in the hive:
- Cell 1: adminVIP = 10.7.224.21, dataVIP = 10.7.224.22
- Cell 5: adminVIP = 10.7.224.101, dataVIP = 10.7.224.102
ST5800 $

Using the CLI

This section describes how to access the CLI commands, log out of the CLI system, and execute CLI scripts.

Logging In To the CLI

You log in to the CLI using a secure shell (ssh) connection from any system on the network. A secure shell is included on most UNIX systems, but if you are using another operating system, such as Windows XP, you might have to obtain a third-party ssh client.

Open the secure shell connection to a cell’s administrative IP address. (See Administrative IP Address for more information.)

Note - In a multicell configuration, you must use the administrative IP address of the master cell, the cell with the lowest cell ID, to perform administrative tasks on any cell in the system.

The following example shows the command you would enter from a UNIX system to open a secure shell connection to a cell with administrative IP address 10.7.227.101. The default password for the system is admin. (See Administrative Password for information about changing the password.)

When the connection is open, you will see the ST5800 $ prompt.

% ssh admin@10.7.227.101
password: [admin]
Last login: Wed Feb 7 07:55:32 2007 from 10.7.6.22
Sun StorageTek (TM) 5800 System Management Console
Copyright (C) 2007 Sun Microsystems, Inc.
All rights reserved. Use is subject to license terms.
ST5800 $

Logging Out of the CLI

You log out of the CLI by issuing the logout command.

ST5800 $ logout
Connection to 10.7.227.101 closed.
%

To Create and Execute a Script for CLI Commands

1. Use the ssh application on the client system to create public and private key files.

Consult your ssh application’s documentation for instructions on creating these files. Create the public key without a passphrase. You may be prompted to enter the CLI password (default is admin) during key generation.

2. Set the public key on the 5800 system using the passwd --pubkey command:

Note - The --pubkey option of the passwd command is available only in non-interactive mode (that is, you must enter it at the same time that you enter the ssh command, as shown in this example). For more information about the --pubkey option, see The Public Key.

client $ ssh admin@hc1-admin passwd --pubkey < key.pub

Substitute the name of the file containing the public key for key.pub in the example.

3. Enter the administrative password for the 5800 system

Password: XXXXXXX
CLI admin: The public key has been changed successfully
client $

You can now use ssh from your client system to connect to the 5800 system without having to enter a password.

4. Create a script file containing CLI commands using any available editor.

For example, on the client, use any available editor to create the following script file:

#!/bin/sh
ssh admin@hc1-admin df

Substitute the administrative IP address of the cell you want to access for hc1- admin in the example.

5. Save the file (for example, as cli-script.sh) and make it executable by typing:

client $ chmod +x cli-script.sh

6. Run the script.

client $ ./cli-script.sh

You should see the df output for the 5800 system appear on your screen.

You can enter additional CLI commands with multiple ssh commands embedded in standard script logic to script CLI command activities.

Getting Help on CLI Commands

Refer to Reference: CLI Commands for complete syntax and examples of CLI commands. You can also issue the help command within the CLI to obtain a list of available CLI commands. Display information on a particular command by issuing the help command-name command.

ST5800 $ help
Type “help <command>” or “<command> --help” for one of the commands below
alertcfg	cellcfg	copyright	date
df	help	hiveadm	hivecfg
hwstat	logdump	logout	mdconfig
passwd	perfstats	reboot	sensors
shutdown	sysstat	version	wipe
ST5800 $

ST5800 $ help hwstat
Usage: hwstat [options]
Displays information about the various FRUs in the system. The component name or FRU ID may be used when specifying the component to view.
 
Options:
  -c, --cellid <cellid> Specifies the ID of the cell where the command should run.
  -f, --FRUID <component> Shows information about component
 
ST5800 $

Using the GUI

This section describes how to launch and log out of the GUI and get help on GUI screens and functions. You launch the GUI either from a web browser or from the command line on any system that is on the same network as the 5800 system. Refer to the Sun StorageTek 5800 System Release Notes for information about compatible browsers.

To Launch the GUI From a Browser

Use a web browser from any system on the same network as the 5800 system, as follows:

1. Type https:// followed by the administrative IP address of the cell and 8090 (the GUI port number) on the browser URL line, as in this example:

https://10.7.227.101:8090/

In a multicell configuration, you must use the administrative IP address of the master cell, the cell with the lowest cell ID, to perform administrative tasks on any cell in the system.

If your web browser does not have the Java trademark Web Start plug-in, the system automatically downloads it at this point.

You might see messages about unverified certificates as you start the GUI. Unless you have reason to suspect that another site is impersonating the administrative IP address of the 5800 system, you can ignore these messages.

2. Type the administrative password in the Password field.

The default administrative password is admin. Passwords are case-sensitive. See Administrative Password for more information.

3. Click Login.

The main screen of the 5800 system GUI is displayed in FIGURE 1-1.

If the GUI does not start, see To Set MIME Associations for the Browser.

To Set MIME Associations for the Browser

Your browser must have the correct MIME association to handle .jnlp files and invoke Java Web Start program. Most browsers are configured to handle .jnlp files by default. If the GUI does not start, make sure the MIME associations in the browser are configured correctly. You configure MIME associations differently depending on which browser you are using. For example, if you are using a Mozilla browser, you might have to configure the MIME association as follows:

1. Choose Edit > Preferences from the browser toolbar.

2. Choose Navigator > Helper Applications.

3. Click New Type.

4. For Mime Type, type application/x-javaws.

5. For Description, type something like Java Web Start.

6. For Extension, type jnlp.

7. Select Open it with and provide the location of the javaws application (for example, /usr/jdk/instances/jdk1.5.0/bin/javaws).

If you don’t know where the javaws application is on your system, you might have to search for it.

8. Click OK to close all windows.

To Launch the GUI From the Command Line

Complete the following steps from any system on the same network as the 5800 system, as follows:

1. Issue the following command from the command line of any system on the same network as the 5800 system:

javaws https://adminIP:8090/admgui.jnlp

where adminIP is the administrative IP address of the cell. For example, if the administrative IP address of the cell is 10.7.227.101, you enter the following command at the command line:

javaws https://10.7.227.101:8090/admgui.jnlp

Note - In a multicell configuration, you must use the administrative IP address of the master cell, the cell with the lowest cell ID, to perform administrative tasks on any cell in the system.

2. Type the administrative password in the Password field.

The default administrative password is admin. Passwords are case-sensitive. See Administrative Password for more information.

3. Click Login.

The main screen of the 5800 system GUI, as shown in FIGURE 1-1, is displayed.

FIGURE 1-1 Main GUI Screen

Figure shows the main Status at a Glance screen for the GUI.

Getting Help on the GUI

To view information about the 5800 system GUI software, click the Help button (shown in FIGURE 1-2) in the 5800 system GUI toolbar.

FIGURE 1-2 Help Button in Toolbar

Figure shows question mark symbol indicating the help button.

The Help panel (shown in FIGURE 1-3) includes a Navigation pane on the left. and a Topic pane on the right.

To display a Help topic, use the Contents, Index, and Search tabs in the Navigation pane. Click the Search tab and click Tips on Searching to learn about the search feature.

FIGURE 1-3 GUI Help Pane

Figure shows help text for Status at a Glance panel.

TABLE 1-1 describes the Help tabs.

TABLE 1-1 Help Tabs
Tab	Description
Contents	Click a folder icon to display subtopics. Click a page icon to display the Help page for that topic in the Topic pane.
Index	Click an index entry to display the corresponding Help page.
Search	Type the words for which you want to search and click Search. The Navigation pane displays a list of topics that match your search criteria in order of relevancy. Click a topic link to display the Help page for that topic. Click the Tips on Searching link for information about how to improve your search results. To search for a particular word or phrase within a topic, click in the Topic pane, press Ctrl+F, type the word or phrase for which you are searching, and click Find.

The Help panel icons are described in TABLE 1-2.

TABLE 1-2 Help Icons
Control/Indicator	Description
	Go back to the previous Help topic that you viewed in the current session.
	Go forward to the next Help topic that you viewed in the current session.
	Print the current Help topic.

Logging Out of the GUI

To log out of the 5800 system GUI, click the Log Out button (shown in FIGURE 1-4) in the 5800 system GUI toolbar.

FIGURE 1-4 Log Out Button in Toolbar

Figure shows arrow pointing to door for log out button.

Multiple Users Accessing the CLI or GUI

No more than five users should be simultaneously logged in to the CLI or GUI. The 5800 system allows only one GUI or CLI user at time to perform write operations.

When you select a write operation in the GUI or CLI, the system checks to see if any other CLI or GUI user currently holds write privileges. If not, the system allows you to perform the write operation. You then have write privileges for 15 minutes, or until you log out of the system, whichever occurs first.

Task Overview

TABLE 1-3 lists the administrative tasks available for the 5800 system, whether you can perform the task from the GUI or CLI, and a reference to more information in this guide.

TABLE 1-3 5800 System Administrative Tasks
Task	Available From GUI?	Available From CLI?	See This Section
Configure the administrative IP address	✔	✔	Administrative IP Address
Configure the data IP address	✔	✔	Data IP Address
Configure the service node IP address	✔	✔	Service Node IP Address
Configure the administrative password	✔	✔	Administrative Password
Configure a public key		✔	The Public Key
Configure authorized data subnetworks	✔	✔	Authorized Subnetworks
Configure the gateway	✔	✔	The Gateway
Configure an NTP server	✔	✔	NTP Servers
Check the system time	✔	✔	NTP Servers
Configure DNS	✔	✔	DNS
Start and stop system components	✔	✔	Starting and Stopping System Components
Delete all data from the system	✔	✔	Deleting All Data From the System
Configure email notifications	✔	✔	Configuring System Notifications
Configure the external log host	✔	✔	Configuring System Notifications
Configure the metadata schema	✔	✔	Configuring Metadata and Virtual File System Views
Configure virtual file system views	✔	✔	Configuring Metadata and Virtual File System Views
Monitor the system	✔	✔	Monitoring the System Using the CLI Monitoring the 5800 System Using the GUI
Use NDMP to implement disaster recovery	NA	NA	Implementing Disaster Recovery