Skip Navigation Links | |
Exit Print View | |
Oracle Solaris Cluster Geographic Edition System Administration Guide Oracle Solaris Cluster 4.1 |
1. Introduction to Administering the Geographic Edition Software
3. Administering the Geographic Edition Infrastructure
4. Administering Access and Security
5. Administering Cluster Partnerships
Creating and Modifying a Partnership
Introduction to Creating and Modifying a Partnership
How to Modify Partnership Properties
Joining an Existing Partnership
How to Add a New Node to a Cluster in a Partnership
Renaming a Cluster That Is in a Partnership
How to Rename a Cluster That Is in a Partnership
Leaving or Deleting a Partnership
How to Resynchronize a Partnership
7. Administering Protection Groups
8. Monitoring and Validating the Geographic Edition Software
9. Customizing Switchover and Takeover Actions
A. Standard Geographic Edition Properties
B. Legal Names and Values of Geographic Edition Entities
C. Disaster Recovery Administration Example
E. Troubleshooting Geographic Edition Software
F. Deployment Example: Replicating Data With MySQL
Before you create a partnership between two clusters, you must configure the Geographic Edition software for secure communication between the two clusters. The configuration must be reciprocal. For example, you must configure the cluster cluster-paris to trust the cluster cluster-newyork, and you must also configure the cluster cluster-newyork to trust the cluster cluster-paris.
This section contains the following procedures:
Before You Begin
Ensure that the following conditions are met:
The cluster on which you want to create the partnership is running.
The geoadm start command must have already been run on this cluster and the partner cluster. For more information about using the geoadm start command, see Enabling the Geographic Edition Software.
The cluster name of the partner cluster is known.
The host information of the partner cluster must defined in the local host file. The local cluster needs to know how to reach the partner cluster by name.
If the clusters are in different domains, include the domain name in the entry, as logicalhostname.domainname. However, the cluster name itself must not include the domain.
You must be assigned the Geo Management RBAC rights profile to complete this procedure. For more information about RBAC, see Geographic Edition Software and RBAC.
Running this command on one node of the local cluster imports the keys from the remote cluster to one node of the cluster.
# geops add-trust -c remotepartnerclustername
Specifies the logical hostname of the cluster with which to form a partnership. The logical hostname is used by the Geographic Edition software and maps to the name of the remote partner cluster. For example, a remote partner cluster name might resemble the following:
cluster-paris
If the clusters are on different domains, also specify the fully qualified domain name. For example, two clusters in a partnership that have different domains might resemble the following:
cluster-paris.france cluster-newyork.usa
When you use this option with the add-trust or remote-trust subcommand, the option specifies the alias where the public keys on the remote cluster are stored. An alias for certificates on the remote cluster has the following pattern:
remotepartnercluster.certificate[0-9]*
Keys and only keys that belong to the remote cluster should have their alias match this pattern.
For more information about the geops command, refer to the geops(1M) man page.
# geops verify-trust -c remotepartnerclustername[.domainname]
This command verifies the trust from the node on which you run the command to all nodes of the partner cluster.
See Also
For a complete example of how to configure and join a partnership, see Example 5-4.
Before You Begin
Ensure that the following conditions are met:
The cluster on which you want to remove trust is running.
The cluster name of the partner cluster is known.
The host information of the partner cluster must defined in the local host file. The local cluster needs to know how to reach the partner cluster by name.
You must be assigned the Geo Management RBAC rights profile to complete this procedure. For more information about RBAC, see Geographic Edition Software and RBAC.
Run the following command on both clusters:
# geops leave
# geops remove-trust -c remotepartnerclustername
Perform this step on all the nodes of the local cluster, and then repeat this step on all nodes of the partner cluster.
Specifies the logical hostname of the cluster from which you want to remove the keys. The name for the remote cluster must be identical to the cluster name you specified when adding trust with the geops add-trust command. You do not need to specify the fully qualified name if the remote cluster is reachable by partial name.
When you use this option with the add-trust or remote-trust subcommand, the option specifies the alias where the public keys on the remote cluster are stored. An alias for certificates on the remote cluster has the following pattern:
remotepartnercluster.certificate[0-9]*
Keys and only keys that belong to the remote cluster should have their alias match this pattern.
For more information about the geops command, refer to the geops(1M) man page.