Oracle® Solaris Cluster System Administration Guide

Exit Print View

Updated: October 2015


  • Verify that the two manager services are running.

    # svcs system/cluster/manager\*
    STATE      STIME    FMRI
    online     Oct_30   svc:/system/cluster/manager-glassfish3:default
    online     Oct_30   svc:/system/cluster/manager:default 

    Use the svcadm command to disable or enable system/cluster/manager-glassfish3. This action stops and restarts the application server. You should keep system/cluster/manager online. You do not need to disable or enable it.

  • If you cannot connect to Oracle Solaris Cluster Manager, determine if the common agent container is running by entering usr/sbin/cacaoadm status. If the common agent container is not running, you will get the login page but you cannot authenticate. You can manually start the common agent container by entering /usr/sbin/cacaoadm start.

How to Configure Common Agent Container Security Keys

Oracle Solaris Cluster Manager uses strong encryption techniques to ensure secure communication between the Oracle Solaris Cluster Manager web server and each cluster node.

Cacao connection errors can occur when you are using the data service configuration wizards in the GUI or performing other GUI tasks. This procedure copies the security files for the common agent container to all cluster nodes. This ensures that security files for the common agent container are identical on all cluster nodes and that the copied files retain the correct file permissions. Performing this procedure synchronizes the security keys.

  1. On each node, stop the security file agent.
    phys-schost# /usr/sbin/cacaoadm stop
  2. On one node, change to the /etc/cacao/instances/default/ directory.
    phys-schost-1# cd /etc/cacao/instances/default/
  3. Create a tar file of the /etc/cacao/instances/default/ directory.
    phys-schost-1# tar cf /tmp/SECURITY.tar security
  4. Copy the /tmp/Security.tar file to each of the cluster nodes.
  5. On each node where you copied the/tmp/SECURITY.tar file, extract the security files.

    Any security files that already exist in the /etc/cacao/instances/default/ directory are overwritten.

    phys-schost-2# cd /etc/cacao/instances/default/
    phys-schost-2# tar xf /tmp/SECURITY.tar
  6. Delete each copy of the tar file to avoid security risks.

    You must delete each copy of the tar file to avoid security risks.

    phys-schost-1# rm /tmp/SECURITY.tar
    phys-schost-2# rm /tmp/SECURITY.tar
  7. On each node, start the security file agent.
    phys-schost# /usr/sbin/cacaoadm start

How to Check the Network Bind Address

If you receive a System Error message when you try to view information about a node other than the node running the GUI, check whether the common agent container network-bind-address parameter is set to the correct value of

Perform the following steps on each node of the cluster.

  1. Determine the network bind address.
    phys-schost# cacaoadm list-params | grep network

    If the network bind address is set to anything other than, you will need to change it to the desired address.

  2. Stop and start cacao before and after the change.
    phys-schost# cacaoadm stop
    phys-schost# cacaoadm set-param network-bind-address=
    phys-schost# cacaoadm start