Chapter 2 Preparing for Production

This chapter provides guidelines and procedures for tuning the N1 System Manager.

This chapter discusses the following topics:

• Security Considerations

• Performance Guidelines

• N1 System Manager Performance Tuning

• Management Server Rehosting

Security Considerations

The following list provides security considerations that you should be aware of when you are using the N1 System Manager.

• The Java^TM Web Console that is used to launch the N1 System Manager's browser interface uses self-signed certificates. These certificates should be treated with the appropriate level of trust by clients and users.

• The terminal emulator applet that is used by the browser interface for the serial console feature does not provide a certificate-based authentication of the applet. The applet also requires that you enable SSHv1 for the management server. For certificate-based authentication or to avoid enabling SSHv1, use the serial console feature by running the connect command from the n1sh shell.

• SSH fingerprints that are used to connect from the management server to the provisioning network interfaces on the manageable servers are automatically acknowledged by the N1 System Manager software. This automation might make managed servers vulnerable to “man-in-the middle” attacks.

• The Web Console (Sun ILOM Web GUI) autologin feature for Sun Fire X4100 and Sun Fire X4200 servers exposes the server's service processor credentials to users who can view the web page source for the Login page. To avoid this security issue, disable the autologin feature by running the n1smconfig utility. See Configuring the N1 System Manager for details.

Performance Guidelines

To ensure the best performance in your N1 System Manager environment, adhere to the following guidelines and recommendations:

• Before you run discovery, tune the N1 System Manager as described in To Increase the N1 System Manager Performance.

• Maximize the number of managed servers per group, and run operations against groups instead of against a large number of individual servers. Running operations on a group minimizes the number of groups you need to manage and minimizes the number of jobs you need to submit in order to accomplish a given task.

N1 System Manager Performance Tuning

Tune the N1 System Manager for maximum performance based on the number of managed servers you plan to manage. The following procedure should be done before you run discovery.

To Increase the N1 System Manager Performance

Steps

1. Log in to the management server as root.

2. Linux only: Update the NFS file.

   1. Edit the file /etc/sysconfig/nfs file and add the following line:

      RPCNFSDCOUNT=32

   2. Save and close the file.

   3. Type /etc/init.d/nfs restart to restart NFS.

3. Update the package.cache.xml file.

   Edit the /opt/sun/n1gc/lib/package.cache.xml file and locate the line containing attribute name="FirmwareInfos". Update the line to read as follows:

   <attribute name="FirmwareInfos" refresh-interval="-1" delay="none" persistent="true"/>

   This instruction ensures that the first invocation of the show server command after a restart of the N1 System Manager does not take a long time to complete.

4. Stop N1 System Manager.

   • On a Solaris management server, type svcadm disable n1sm

   • On a Linux management server, type /etc/init.d/n1sminit stop

   Wait for all N1 System Manager processes to stop.

5. Start N1 System Manager.

   • On a Solaris management server, type svcadm enable n1sm

   • On a Linux management server, type /etc/init.d/n1sminit start

Next Steps

If you have updated an earlier version of N1 System Manager to version 1.3, you can now use N1 System Manager 1.3.

If you have completed a first-time install of N1 System Manager 1.3, perform the following tasks:

• Log in to the N1 System Manager as described in Accessing the N1 System Manager Through the Command Line in Sun N1 System Manager 1.3 Discovery and Administration Guide.

• Define the N1 System Manager users as described in Managing Users in Sun N1 System Manager 1.3 Discovery and Administration Guide.

• Define the N1 System Manager roles as described in Managing Roles in Sun N1 System Manager 1.3 Discovery and Administration Guide.

• Run discovery to locate and identify the manageable servers as described in SP-Based Discovery in Sun N1 System Manager 1.3 Discovery and Administration Guide .

• Create the operating system distributions for the managed servers as described in Managing UNIX OS Distributions in Sun N1 System Manager 1.3 Operating System Provisioning Guide.

• Create the operating system profiles for the managed servers as described in Managing OS Profiles in Sun N1 System Manager 1.3 Operating System Provisioning Guide.

• Install the operating system distributions on the managed servers as described in Installing the UNIX OS on Managed Servers in Sun N1 System Manager 1.3 Operating System Provisioning Guide.

• Back up your N1 System Manager installation as described in Chapter 3, Backing Up and Restoring, in Sun N1 System Manager 1.3 Discovery and Administration Guide.

For problem resolution procedures, see Sun N1 System Manager 1.3 Troubleshooting Guide.

Management Server Rehosting

Rehosting is the process of relocating an installed and configured N1 System Manager management server to a new network. The new network may have a completely different configuration, in which case the management server's network settings must be changed.

Conditions in which you need to rehost the management server are as follows:

• The N1 System Manager is installed and configured on a management server in a test environment, and the management server is now ready to be moved to the production environment.

• The N1 System Manager is installed and configured on a management server in a production environment, and is being relocated to a new network.

Rehosting the N1 System Manager management server is comprised of three major tasks:

• Disabling N1 System Manager start on reboot

• Reconfiguring operating system Files

• Reconfiguring the management server

N1 System Manager 1.3 does not support managed server rehosting.

Disabling N1 System Manager Start on Reboot

You must disable the N1 System Manager Start on Reboot feature before you rehost your management server.

If you change the hostname or IP address of the management server and then reboot the server, and N1 System Manager is configured to start at boot, then N1 System Manager could start with an invalid hostname or IP address or hostname.

1. Typeps -ef | grep [Nn]1 to display the N1 System Manager processes that might be running

2. Type kill -9 PID where PID is the process ID of the N1 System Manager process

The following task must be performed before you make any rehosting changes to the management server.

To Disable N1 System Manager Start on Reboot

Steps

1. Log in as root on the management server.

2. Stop N1 System Manager.

   • On a Solaris management server, type svcadm disable -s n1sm.

   • On a Linux management server, type /etc/init.d/n1sminit stop. Wait for all process to stop.

   Wait for all process to stop, then type ps -ef | grep [Nn]1 to display any N1 System Manager processes that might be running.

   To stop any remaining N1 System Manager processes, type kill -9 PID where PID is the process ID of the N1 System Manager process.

3. Type n1smconfig to run the configuration process.

   Step through the configuration process and accept the displayed values. Do not change any value except when asked whether to Enable N1SM to start at each boot.

4. When asked Enable N1SM to start at each boot? (n/[y]), type n.

   Step through the rest of the configuration process and accept the displayed values. Type n when asked whether to restart N1SM.

5. Ensure all N1 System Manager process have stopped as described in Step 2.

Next Steps

Reconfigure the management server system files as described in the next section.

Reconfiguring Operating System Files

This section provides the procedures for reconfiguring the operating system files. This must be done before you reconfigure the N1 System Manager.

To Reconfigure Solaris Operating System Files for Rehosting

Before You Begin

Ensure that the N1 System Manager Start on Reboot feature has been disabled as described in Disabling N1 System Manager Start on Reboot.

Steps

1. Log in as root on the management server.

2. Edit the file /etc/hosts and change the displayed hostname and IP address to the new hostname and IP address.

3. Edit the file /etc/nodename and change the displayed hostname to the new hostname.

4. Edit the /etc/hostname.port type where port type is the name of the Ethernet port type.

   The port type name is dependent on the underlying hardware, for example /etc/hostname.bge0 or /etc/hostname.hme0.

   Change the displayed hostname to the new hostname.

5. Power down the management server.

6. Connect the management server to the new network.

7. Reboot the management server.

   When the management server has completed rebooting, ensure that no N1 System Manager processes are running.

Next Steps

Reconfigure the N1 System Manager system files as described in Reconfiguring the Management Server.

To Reconfigure Linux Operating System Files for Rehosting

Before You Begin

Ensure that the N1 System Manager Start on Reboot feature has been disabled as described in Disabling N1 System Manager Start on Reboot.

Steps

1. Log in as root on the management server.

2. Edit the file /etc/hosts and change the displayed hostname and IP address to the new hostname and IP address.

3. Edit the file /etc/sysconfig/network and change the displayed hostname to the new hostname.

4. Edit each /etc/sysconfig/network-scripts/ifcfg-ethx where ethx is the name of the Ethernet port type.

   For example /etc/sysconfig/network-scripts/ifcfg-eth0 and /etc/sysconfig/network-scripts/ifcfg-eth1.

   Change the displayed IP address to the new IP address. If your management server uses separate Ethernet ports for the management and provisioning networks, ensure that you specify the correct IP address to each port.

5. Power down the management server.

6. Connect the management server to the new network.

7. Reboot the management server.

   When the management server has completed rebooting, ensure that no N1 System Manager processes are running.

Next Steps

Reconfigure the N1 System Manager system files as described in the next section.

Reconfiguring the Management Server

This section provides the procedure for reconfiguring N1 System Manager on the management server.

To Reconfigure the Management Server For Rehosting

Before You Begin

Operating system files must be reconfigured for rehosting as described in Reconfiguring Operating System Files.

Steps

1. Log in as root on the management server.

2. Ensure the N1 System Manager is not running.

3. Type n1smconfig to start the reconfiguration process.

4. Respond to each of the configuration prompts according to the requirements of the network to which the N1 System Manager management server is being rehosted.

   For configuration details, see Configuring the N1 System Manager.