The Oracle Enterprise Manager Ops Center infrastructure is the software and connections used by the product. You can manage that infrastructure through the user interface and from the command line.
This chapter includes the following sections:
This chapter explains how to set up and manage the Oracle Enterprise Manager Ops Center infrastructure.
The Enterprise Controller, Knowledge Base, Proxy Controllers, and Agent Controllers make up the Oracle Enterprise Manager Ops Center infrastructure. The Enterprise Controller generates the UI, routes jobs, communicates with the Knowledge Base, and stores Oracle Enterprise Manager Ops Center data in the Enterprise Controller Database. The Proxy Controllers directly manage specific assets and carry out jobs. Agent Controllers enable the full range of operating system update and monitoring capabilities on managed operating systems.
You can view and maintain the infrastructure, make changes to its configuration, and configure the connection mode.
Some of the procedures described in this section use the ecadm
, proxyadm
, and agentadm
commands. See Command Line Administration for more information about these commands.
On Oracle Solaris systems, these commands are in the /opt/SUNWxvmoc/bin/
directory.
On Linux systems, these commands are in the /opt/sun/xvmoc/bin/
directory.
You require specific roles to perform infrastructure tasks in Oracle Enterprise Manager Ops Center.
The following table lists the tasks and the role required to complete the task. Contact your administrator if you do not have the necessary role or privilege to complete a task.
Table 2-1 Infrastructure Tasks and Roles
Task | Role |
---|---|
View infrastructure |
Ops Center Admin |
Use connection mode or disconnection mode |
Ops Center Admin |
Configure and Unconfigure Local Agent Controllers |
Ops Center Admin |
Register the Enterprise Controller |
Ops Center Admin |
Run a self diagnosis |
Ops Center Admin |
Check the controller status |
Ops Center Admin |
Associate, enable, or disable networks for Proxy Controllets |
Ops Center Admin |
Configure DHCP, External DHCP servers, and subnets |
Ops Center Admin |
Enable or disable WAN Boot |
Ops Center Admin |
Edit Oracle Solaris 11 credentials |
Ops Center Admin |
Change the HTTP Proxy |
Ops Center Admin |
You can perform various infrastructure operations using Oracle Enterprise Manager Ops Center.
Using Oracle Enterprise Manager Ops Center, you can perform the following tasks:
View infrastructure
Switch to disconnected mode
Switch to connected mode
Download the harvester bundle
Copy content to the Enterprise Controller in disconnected mode
Configure a Local Agent Controller on an Enterprise Controller or a Proxy Controller
Unconfigure a Local Agent Controller on an Enterprise Controller or a Proxy Controller
Configure Oracle Configuration Manager
Register the Enterprise Controller
Run a Self Diagnosis
Check the Status of a Enterprise Controller, Proxy Controller, or Agent Controller
Start an Enterpise Controller or a Proxy Controller
Stop an Enteprise Controller or a Proxy Controller
Put a Proxy Controller in Maintenance Mode
Remove a Proxy Controller from Maintenance Mode
Associate Networks With a Proxy Controller
Enable or Disable Networks for a Proxy Controller
Configure Proxy Controllers to Use a Strong Cipher Suite Configuration
Configure DHCP and Subnets
Configure External DHCP Servers
Check the WAN Boot Status
Change the Default Port for Oracle Solaris 11 WAN Boot
Enable or Disable WAN Boot
Edit Oracle Solaris 11 Credentials
Retain Migration Scripts in Server Pools
Generate a Default Set of OS Provisioning Profiles and Plans
Display Related Assets In Groups
Change the HTTP Proxy
In the Oracle Enterprise Manager Ops Center user interface, you can find infrastructure information in different locations.
Table 2-2 Location of Infrastructure Information in the UI
To See | Location |
---|---|
View Agent Controllers |
Expand Assets in the Navigation pane and select a group of managed operating systems. |
View Proxy Controllers |
Expand Administration in the Navigation pane and select a Proxy Controller. Select Configuration in the center pane. |
View Enterprise Controller configuration |
Expand Administration in the Navigation pane and select a Enterprise Controller. Select Configuration in the center pane. |
Connection Mode |
Expand Administration in the Navigation pane and select the Enterprise Controller. Select Setup Connection Mode in the Actions pane. |
Local Agent Controller |
Expand Administration in the Navigation pane and select the Enterprise Controller. Select Configure Local Agent/Unconfigure Local Agent in the Actions pane. |
Local Agent Controller on a Proxy Controller |
Expand Administration in the Navigation pane and select the Enterprise Controller. Select Configure Agent on Proxy/Unconfigure Agent on Proxy in the Actions pane. |
Register Enterprise Controller |
Expand Administration in the Navigation pane and select the Enterprise Controller. Select Register Enterprise Controller in the Actions pane. |
Run Self Diagnosis |
Expand Administration in the Navigation pane and select an asset. Select Self Diagnosis in the Actions pane. |
Proxy Controller Networks |
Expand Administration in the Navigation pane and select a Proxy Controller. |
Configure DHCP |
Expand Administration in the Navigation pane and select a Proxy Controller. Select DHCP Config in the Actions pane. |
Configure Subnets |
Expand Administration in the Navigation pane and select a Proxy Controller. Select Subnets in the Actions pane. |
Configure External DHCP Servers |
Expand Administration in the Navigation pane and select a Proxy Controller. Select External DHCP Servers in the Actions pane. |
Enterprise Controller for WAN boot |
Expand Administration in the Navigation pane and select a Enterprise Controller. Select Configuration tabs and choose OS Provisioning from the subsystems menu. |
Edit Oracle Solaris 11 Credentials |
Expand Administration in the Navigation pane and select a Enterprise Controller. Select Credentials. |
Migration Scripts in Server Pools |
Expand Administration in the Navigation pane and select a Enterprise Controller. Select Server Pools from the subsystem menu in the Configuration tab. |
OS Provisioning Profiles and Plans |
Expand Administration in the Navigation pane and select a Enterprise Controller. Select OS Provisioning from the subsystem menu in the Configuration tab. |
Assets In Groups |
Expand Administration in the Navigation pane and select a Enterprise Controller. Select BUI from the subsystem menu in the Configuration tab. |
Change HTTP Proxy |
Expand Administration in the Navigation pane and select a Enterprise Controller. Select Change HTTP Proxy in the Actions pane. |
You can view the Proxy Controllers and Agent Controllers currently known to Oracle Enterprise Manager Ops Center and see information about their version and status.
You can install Agent Controllers on operating systems and virtualization tools to manage them. You can view them to see information about Agent Controllers.
The Agent Controller information includes:
Asset Name
Zone Type
Agent Version
Upgrade Version
Downgrade Version
Agent Status (Online or Offline)
Proxy Controllers manage assets and perform jobs. You can view the Proxy Controllers to see information about them.
The Proxy Controllers information includes:
Status (Online or Offline)
Current Version
Available Upgrades
IP Address
Registration Date
To view a Proxy Controller's configuration:
You can view and manage the configuration of the Enterprise Controller. The configuration displays the settings for the subsystems that make up the Enterprise Controller.
To view the Enterprise Controller configuration, select the Enterprise Controller in the Administration section of the Navigation pane, then click the configuration tab. Select one of the subsystems listed below to display its settings.
Note:
Do not modify these settings unless directed by Oracle.
Agent Provisioning: Manages the provisioning of Agent Controllers.
Auto Service Requests: Manages the Auto Service Request (ASR) settings.
Database: Manages the database used by Oracle Enterprise Manager Ops Center.
EC Manager: Manages the Enterprise Controller.
Firmware Provisioning: Manages firmware downloads.
Job Manager: Manages the way that jobs are run.
My Oracle Support (MOS): Manages Oracle Enterprise Manager Ops Center's communications with MOS.
Network/Fabric Manager: Manages networks and fabrics.
OCDoctor: Manages the OCDoctor location and updates.
OS Provisioning: Manages network and fabric settings.
Permission Cache: Manages cache sizes.
Power: Manages energy cost settings.
Proxy Manager: Manages the interactions between the parts of the infrastructure.
Quartz Scheduler: Manages the quartz scheduler.
Role Preferences: Manages role settings.
Update: Manages the settings for the Oracle Solaris 11 IPS repository.
Zone Controller: Manages the zone management settings.
Auto Service Request: Manages the Auto Service Request (ASR) feature.
Storage Library Configuration: Manages the settings for storage libraries.
Virtualization: Manages Oracle VM Server for SPARC failover settings.
Oracle Enterprise Manager Ops Center can operate in either Connected Mode or Disconnected Mode.
In Connected Mode, the software communicates with Oracle web sites and other vendors, gathering patch and update information. In Disconnected Mode, the software operates autonomously using a knowledge base bundle downloaded on a separate system using a harvester script and a local Oracle Solaris 11 repository if you are using Oracle Solaris 11, and does not need an Internet connection.
You can switch between connection modes at any time.
If you are in Connected Mode, or have not selected a connection mode, you can switch to Disconnected Mode.
To use Disconnected Mode, you must download a Knowledge Base bundle.
Before switching to disconnected mode, you must obtain a Knowledge Base bundle using the Harvester script. This procedure is described below.
The harvester is a script that you can run on an Internet-facing system to create a Knowledge Base bundle and to download OS update and firmware content.
To use disconnected mode, you must use the harvester to obtain a Knowledge Base bundle. In connected mode, you can use the harvester to obtain specific content and upload that content to the Enterprise Controller using the Bulk Upload action in the update library.
To obtain a KB bundle, use the following general procedure:
Identify a system that can connect to the Internet.
Download the harvester bundle.
Use the harvester script to download content.
Copy the KB bundle and OS update content onto the Enterprise Controller system using portable media.
You must select a system from which to run the harvester script.
The selected system must use either Oracle Solaris or Linux and must be Internet-facing.
The harvester bundle contains the script harvester.sh
and signing utilities for signature checking and generation of the downloaded software.
To download the script:
harvester_bundle-latest.zip
.You can use the harvester script to obtain a KB bundle and OS update content.
Run the harvester script using one or more of the options described below. You can edit the config.ini
file to store some of these values. Values entered in the config.ini
do not need to be provided when the harvester script is run.
--user
My Oracle Support user name: Specify the valid My Oracle Support user name. You can set this value in the HTTP_USER=""
field of the config.ini
file. This option is required if you have not added the MOS user name to the config.ini
file.
--password-file
password file: Specify the full path name of a file that contains only the MOS password. You can set either the password or the location of the password file in the HTTP_PASSWD=""
field of the config.ini
file. This option is required if you have not added the password to the config.ini
file.
Note:
Due to security reasons, avoid storing your password in clear text inside a file when working with the harvester in disconnected mode. If you choose to use a text file, use it with caution and set its permissions to 400, store it in a safe directory allowing only safe user(s) to use it.
Starting with harvester version 2.16, the harvester script checks the password file permissions and provides a warning if the permissions are other than 400. You can continue and let the script change the permissions to 400 or quit and take necessary actions such as changing the password and the permissions before the next run.
--proxy-server
proxy server URL: Specify the URL of the proxy server. You can set this value in the PROXY_URL=""
field of the config.ini
file.
--proxy-user
proxy server user name: Specify a username for the proxy server. You can set this value in the PROXY_USER=""
field of the config.ini
file.
--proxy-password-file
proxy server password file: Specify the full path name of a file that contains only the proxy server password. You can set either the password or the location of the password file in the PROXY_PASSWD=""
field of the config.ini
file.
--storage-dir
directory: Specify the temporary directory for storing the downloaded contents. The default location is /var/tmp/offline
. You can set this value in the STANDALONE_DIR=""
field of the config.ini
file.
--mark-new-patches
: The harvester script creates a dated folder which includes hard links to all the patches that were downloaded in the current run. All patches still go to the storage directory. This flag is useful in incremental downloads to identify which are the newly downloaded files. Using hardlinks eliminates the need for a full copy of each file. You can set this value in the MARK_NEW_PATCHES=
field of the config.ini
file.
--kb-only
: Download only the Knowledge Base bundle without downloading any patches.
--download-patches
list: Specify the distributions for which you want to download all the Oracle Solaris patches. Specify a quoted, space separated list of the names of Oracle Solaris OS distributions for which you want to download patches. If the distribution is not specified, the patches for all Oracle Solaris distributions are downloaded. Available distributions are:
SOLARIS_10_0_SPARC
SOLARIS_10_0_X86
SOLARIS_9_0_SPARC
SOLARIS_8_0_SPARC
FIRMWARE
The disk space requirement on the Internet-facing system and the Enterprise Controller to run the harvester script with the --download-patches
option is approximately 150 GB for a distribution.
Note:
The harvester script might take several hours to finish running with the --download-patches
option. You can upload the patches in bulk from the EIS DVD.
--download-baseline
ID: Specify the Oracle Solaris baseline ID to download.
Note:
When you use the --download-baseline
option, you must use the --download-patches
option. You can use the option only for one distribution.
--show-baselines
distribution: This option displays the baselines for a given distribution. You can enter only one distribution at a time. Valid distributions are:
SOLARIS_10_0_SPARC
SOLARIS_10_0_X86
SOLARIS_9_0_SPARC
SOLARIS_8_0_SPARC
--revisions
number: Specify the number of revisions of a patch to download. By default, the revision number is 100. You can set this value in the REVISIONS=
field of the config.ini
file.
--from-date
mm-yyyy: Only download patches that are newer than the specified date.
--patches-from-file
file : Download all the patches from a file. The format of the file must be one patch per line without the .zip
extension.
--instructions
: Use this option to display instructions for moving downloaded Knowledge Base bundles and patches to the Enterprise Controller system.
--update
: Use this option to check for updates for the harvester script.
Example 2-1 Running Harvester Script with MOS Account
Running the harvester script to download only the knowledge base bundle.
# ./harvester.sh --kb-only
Ops Center Harvester version 2.10 (Jun 18 2012 [Build 57]) (SunOS)
Download log file is located in /var/tmp/harvester-wget.log
Checking for connectivity...
[OK] Connected successfully. No updates were found (current: 2.10, online: 2.10).
[OK] Directory /var/tmp/offline not found. This directory will be created.
[Channels list (channels.xml)] Downloaded successfully
Stage 1: Downloading/refreshing required Knowledge Base files
[AS_3_0_AMD64 Knowledge] Downloaded successfully
[AS_4_0_S390 Knowledge] Downloaded successfully
[AS_3_0_IA32 Knowledge] Downloaded successfully
[ES_3_0_IA32 Knowledge] Downloaded successfully
[ES_3_0_AMD64 Knowledge] Downloaded successfully
[FIRMWARE Knowledge] Downloaded successfully
[ES_4_0_AMD64 Knowledge] Downloaded successfully
[AS_4_0_IA32 Knowledge] Downloaded successfully
[AS_4_0_AMD64 Knowledge] Downloaded successfully
[OS_IMAGES Knowledge] Downloaded successfully
...
...
Example 2-2 Running Harvester Script to Download Oracle Solaris 10 SPARC patches
Running the harvester script to download Oracle Solaris 10 patches up to four revisions for a SPARC distribution
./harvester.sh --download-patches "SOLARIS_10_0_SPARC SOLARIS_10_0_X86" --revisions 4
Example 2-3 Running Harvester Script to Display Baselines for Oracle Solaris 10 SPARC
Running the harvester script to display the available Oracle Solaris baselines for an Oracle Solaris 10 SPARC distribution.
./harvester.sh --download-patches SOLARIS_10_0_SPARC --download-baseline
Example 2-4 Running Harvester Script to Download Security Baselines for Oracle Solaris 10 SPARC
Running the harvester script to download the security baseline DEC-2009 for an Oracle Solaris 10 SPARC distribution.
./harvester.sh --download-patches SOLARIS_10_0_SPARC --download-baseline 40030030
When you have downloaded the Knowledge Base bundle or OS update content, move it to the Enterprise Controller system using portable media.
If you are using disconnected mode, use these procedures to copy the content into Oracle Enterprise Manager Ops Center. If you are using connected mode, you need to upload the content in bulk.
You can upload a new knowledge base bundle to the Enterprise Controller.
Follow this procedure if you used the --kb-only
option.
standalone-<timestamp>.tar.gz
to the Enterprise Controller system. By default, this file is in the /var/tmp/offline
directory.You can upload a new knowledge base bundle to the Enterprise Controller and upload the patch content.
Follow this procedure to upload a new knowledge base bundle to the Enterprise Controller and to upload the patch content.
A local Agent Controller is an Agent Controller installed on the Enterprise Controller or Proxy Controller OS.
The operating systems and hardware that support the Enterprise Controller and Proxy Controllers are always managed, but configuring a local Agent Controller enables additional monitoring, reports, and jobs.
Note:
Any job that would cause the Enterprise Controller system to restart, such as an OS update job that requires a reboot, cannot be performed through Oracle Enterprise Manager Ops Center.
Note:
On Oracle Solaris 10, the local Agent Controller uses Java 6 version. If a later version of Java 6 is already installed on the system, then the local Agent Controller uses the already installed greater version. Starting from 12.3.2, if Java 7 version is installed on the system, then the local Agent Controller uses the Java 7 version instead of the Java 6 version.
Configuring the Local Agent Controller on the Enterprise Controller system provides additional monitoring data on the system that supports the Enterprise Controller and enables some additional jobs.
Follow these steps to configure the Local Agent Controller on the Enterprise Controller.
You can unconfigure the Local Agent Controller to halt monitoring of the Enterprise Controller system.
Follow these steps to unconfigure the Local Agent Controller on the Enterprise Controller.
Configuring the Local Agent Controller on a Proxy Controller system lets you monitor the system that supports the Proxy Controller and launch jobs that target it.
Follow these steps to configure a Local Agent Controller on a Proxy Controller.
Oracle Configuration Manager is a tool that customizes and enhances the support experience by collecting configuration information and uploading it to the Oracle repository.
When the configuration data is uploaded on a regular basis, customer support representatives can analyze this data and provide better service.
Oracle Configuration Manager is installed with Oracle Enterprise Manager Ops Center. If you did not configure Oracle Configuration Manager during installation, you can do so using the command line.
This procedure requires that Java 7 be configured on the Enterprise Controller.
You can register your Enterprise Controller with Oracle. This lets you register your assets, which associates the asset data with a My Oracle Support (MOS) account and makes the assets visible in the MOS portal. This option is not available if the Enterprise Controller was registered during the initial configuration.
Follow these steps to register the Enterprise Controller.
You can run a self-diagnosis on the Enterprise Controller, on Proxy Controllers, or on operating system assets.
The self-diagnosis runs the OCDoctor's --troubleshoot
option, which can identify some common issues and aid in troubleshooting.
You can check the status of the Enterprise Controller and Proxy Controllers from the command line, and stop or start them if necessary.
Oracle Enterprise Manager Ops Center only functions while the Enterprise Controller is online, and each Proxy Controller must be online for the product to interact with its managed assets.
The Enterprise Controller can be in one of two states. In the online state, the Enterprise Controller is running normally. In the offline state, the Enterprise Controller is stopped and cannot be used.
You can check the status of the Enterprise Controller using the ecadm
command.
The Enterprise Controller can be in a stopped state due to a system reboot or maintenance. While the Enterprise Controller is stopped, Oracle Enterprise Manager Ops Center does not function.
You can start the Enterprise Controller using the ecadm
command.
When the Enterprise Controller is online, Oracle Enterprise Manager Ops Center functions normally. However, certain maintenance tasks can only be performed when the Enterprise Controller is offline.
You can stop the Enterprise Controller using the ecadm
command.
You can check the status of a Proxy Controller using the proxyadm
command.
To check the status of a Proxy Controller, perform the following steps:
You can put a Proxy Controller in maintenance mode. While in maintenance mode, a Proxy Controller cannot discover new assets or act as a target for asset migration, and incidents are not generated for the Proxy Controller. However, the Proxy Controller continues to manage its current assets.
Follow this procedure to put a Proxy Controller in maintenance mode.
You can remove a Proxy Controller from maintenance mode. When a Proxy Controller is removed from maintenance mode, it can discover assets and act as a target for asset migration as normal.
Follow this procedure to remove a Proxy Controller form maintenance mode.
Proxy Controllers must have access to networks to manage the assets on those networks.
You can associate Proxy Controllers with specific networks and enable or disable those networks.
Note:
If a Proxy Controller is connected to an asset using multiple networks, but management traffic between the Proxy Controller and agent must use a specific network, the Proxy Controller must have a NIC whitelisting file to identify the usable NICs.
You can associate networks with a Proxy Controller. A Proxy Controller can manage assets on any network that has been associated with it. You can only associate a network with a Proxy Controller if the network is reachable from the Proxy Controller.
To associate networks with a Proxy Controller, perform the following steps:
You can enable or disable specific networks for a Proxy Controller. Networks are enabled by default when they are associated with a Proxy Controller.
Enabled networks are used normally. Proxy Controllers cannot manage assets on disabled networks. If you attempt to disable a network on a Proxy Controller that is being used to manage assets, you are asked to migrate those assets to a different Proxy Controller before you can disable the network.
The selected networks are enabled or disabled.
You can change the Enterprise Controller IP address and then update the Proxy Controllers with the new Enterprise Controller IP address using the proxyadm
command.
To change the IP address of the Enterprise Controller, stop the Enterprise Controller, change the IP address, and then restart the Enterprise Controller.
Once the Enterprise Controller IP address is changed, you must update the Proxy Controllers with the new Enterprise Controller IP address using the proxyadm
command.
Note:
Do not modify the host name of the Enterprise Controller, Proxy Controller, and Agent Controller system.To update the Proxy Controller with the new Enterprise Controller IP address:
Stop the Proxy Controller using the proxyadm
command with the stop
subcommand and the -w
option. For example:
# proxyadm stop -w
To change the IP address on an Oracle Solaris 10 configuration, see http://docs.oracle.com/cd/E19253-01/816-4554/gbwxb/index.html, and to change the IP address on an Oracle Solaris 11 configuration, see https://docs.oracle.com/cd/E23824_01/html/821-1458/gjwiq.html.
On the Proxy Controller, update the /var/opt/sun/xvm/persistence/scn-proxy/connection.properties
URL property to point to the new IP address of the Enterprise Controller. Update this URL property through the command line interface using the proxyadm
command with the update
subcommand and the -s
option:
proxyadm update -s|--satellite-ip <ip>
Restart the Proxy Controller using the proxyadm
command with the start
subcommand and the -w
option. For example:
# proxyadm start -w
Changing the IP address for the Proxy Controllers is not supported. However, you can create a new Proxy Controller and move the assets to the new Proxy Controller.
Note:
You can change the IP address for an Agent Controller.
You can configure Proxy Controllers to use a strong cipher suite configuration.
If you want to discover assets that use a strong cipher suite configuration, you must download two policy files and move them to your Proxy Controller systems.
UnlimitedJCEPolicyJDK7.zip
link and download the file.UnlimitedJCEPolicyJDK7.zip
file.local_policy.jar
and US_export_policy.jar
files to the /usr/jdk/jdk<latest version>/jre/lib/security/
directory on the Proxy Controller.Oracle Enterprise Manager Ops Center uses DHCP services or WAN boot to support OS provisioning.
DHCP servers enable you to obtain the IP configuration and the rest of the information needed on the NIC. WAN boot enables you to provision Oracle Solaris 10 or 11 on a SPARC platform across the network. With WAN boot, the software explicitly configures the information in the Open Boot PROM (OBP) and uses WAN boot for installation. See About Configuring the Enterprise Controller for WAN Boot for more information about WAN boot.
Oracle Solaris 10 uses the Oracle DHCP server with a Proxy Controller that is running Oracle Solaris 10. Oracle Solaris 11 uses an ISC DHCP server. You can configure DHCP directly, or direct a Proxy Controller to use an external DHCP server. You can also configure subnets to work with specific DHCP servers.
Note:
Configure the DHCP services in the Oracle Enterprise Manager Ops Center user interface, not from the command line.
The following information is included in this section:
You can configure and enable DHCP services on a Proxy Controller. DHCP configuration configures and enables basic DHCP services on the Proxy Controller to support OS provisioning operations. The Proxy Controller must be in the same subnet as the target hosts for OS provisioning to work.
The DHCP Config action configures and enables either an Oracle Solaris DHCP server, or an Internet Standards Consortium (ISC) DHCP server, on the Proxy Controller that you select.
The DHCP Config action requires that you specify the Ethernet interface through which the Proxy Controller should provide DHCP services, for example bge0. You can establish DHCP services on all the Ethernet interfaces in the Proxy Controller. The Proxy Controller's Ethernet interface that you specify must be connected to the network where the target systems for OS provisioning are connected. In the same way, the Ethernet interface that you select in the Boot Network Device field of the Provision OS Wizard must be connected to the network where the Proxy Controller is providing DHCP services.
The DHCP Config and External DHCP Servers actions are mutually exclusive. Use one of these actions to configure DHCP services to support OS provisioning operations. The DHCP Config action is more commonly used, and is simpler to implement.
The Provision OS Wizard supplies the specific identity information that the target system requests, using the basic DHCP services that you establish on the Proxy Controller.
Figure 2-1 shows the basic DHCP configuration.
You can configure DHCP using Oracle Enterprise Manager Ops Center.
To configure DHCP, perform the following steps:
Note:
You can configure DHCP server on the Proxy Controller to listen to multiple Ethernet interfaces. For example, consider the following network configuration for the Proxy Controller:
e1000g0 203.0.113.2 e1000g1 192.0.2.2 e1000g2 198.51.100.2
If you configure the DHCP server to listen to e1000g1 and e1000g2, then the target system must have the IP address in the range of 192.0.2.0/24 or 198.51.100.0/24.
You can configure subnets to use the DHCP server on a Proxy Controller for purposes in addition to OS provisioning, or to define subnets that are used with external DHCP servers.
Configuring subnets is not required to establish the basic DHCP services that are required for OS provisioning, unless you are using an external DHCP server.
You configure subnets for the following reasons:
To provide IP address, DNS server, and router information to systems that can request them on the same network where the Proxy Controller is providing basic DHCP services for OS provisioning;
If you configure an external DHCP server instead of configuring a DHCP server on a Proxy Controller, you must configure a subnet for each network from which you might receive relayed DHCP requests.
Use the Subnets action to specify an IP address range that the DHCP server can use to assign IP addresses to systems that request them. The IP addresses that you specify in the Low IP Address and High IP Address fields for the subnet define the boundaries of the IP address range.
The IP addresses within the range that you specify cannot be used for OS provisioning operations. For example, if you specify 192.0.2.2 and 192.0.2.128 as the low and high IP addresses, you could not use any of the IP addresses within that range, including the low and high addresses, as values for the IP Address or IP Address Ranges fields in the Provision OS Wizard.
You can configure subnets using Oracle Enterprise Manager Ops Center.
To configure subnets, perform the following steps:
You can use DHCP servers that are external to Proxy Controllers to provide the DHCP services that OS provisioning operations require.
The DHCP Config and External DHCP Servers actions are mutually exclusive. Use only one of these two actions to configure DHCP services to support OS provisioning operations. The DHCP Config action is more commonly used, and is simpler to implement.
Figure 2-2 illustrates DHCP configuration using External DHCP servers.
Figure 2-2 DHCP Configuration Using External DHCP Servers
You run the scinstall_ext_dhcp.pl
script on the External DHCP server to establish communication between the Proxy Controller and the External DHCP server. The Subnets pane allows you to define subnets where DHCP relay traffic is expected. The External DHCP Servers pane configures the Proxy Controller to relay DHCP configuration information that the Provision OS Wizard supplies. The Provision OS Wizard supplies the specific identity information that the target system requests. The target system makes its DHCP requests, which are relayed to the External DHCP server. The routers or other network asset that connects the External DHCP server to the Proxy Controller must have DHCP relay capabilities enabled.
The External DHCP Servers action is only compatible with Oracle Solaris DHCP server and not with ISC DHCP server. External DHCP Servers are only compatible with Proxy Controllers installed on Oracle Solaris 10.
You can configure external DHCP servers using Oracle Enterprise Manager Ops Center.
To configure external DHCP servers, perform the following steps:
Use wget
to get the scninstall_ext_dhcp.pl
script from the Proxy Controller to the External DHCP server.
On the external DHCP server, execute the following command to get the scninstall_ext_dhcp.pl
script from the Proxy Controller.
# wget http://proxy_ip:8004/pub/scninstall_ext_dhcp.pl
Where proxy_ip
is the IP address of the Proxy Controller.
Grant execute permissions for the script.
# chmod +x scninstall_ext_dhcp.pl
Install the script as root user.
# ./scninstall_ext_dhcp.pl install
This performs the following actions:
Sets up scnospadmin
user.
Downloads the SUNWscnosp-extdhcp
package from the proxy directory.
Sets up the configuration file for limited commands to run from scnospadmin
user.
Sets up SSH keys to allow SSH/SCP commands from the Proxy Controller to the external DHCP server without requiring passwords.
In the Administration pane, select the Proxy Controller where you want to configure an external DHCP server.
Select External DHCP Servers in the Actions pane. The External DHCP Servers Configuration dialog box is displayed.
Select a DHCP server. To create a new DHCP server on the selected Proxy Controller, select Create New DHCP Server. To modify an existing DHCP server, select the existing DHCP server from the drop-down list. Click Refresh to update the list of DHCP servers.
In the External DHCP Servers Configuration dialog box, provide the following information:
DHCP Server Name: Enter the name of the DHCP server.
DHCP Server IP: Enter the IP address of the DHCP server.
Network IP: Enter the network address where you want to establish or modify DHCP services.
Network Interface: Select a Network Interface.
DHCP Type: Select either ISC or Oracle Solaris to implement either the Internet Standards Consortium (ISC) reference DHCP server, or the Oracle Solaris native DHCP server.
Netmask: Enter the netmask for the network where you want to establish or modify DHCP services.
Gateway IP: Enter the gateway IP.
IP Range: Enter the IP addresses to use as the lower and upper limits of the IP address range that systems on this subnet can use.
Name Server: Enter the IP addresses of the DNS servers that systems should use.
Domain Name: Enter the names of the DNS domains that systems should use to resolve host names.
Click Create DHCP Server to create the DHCP server configuration that you specified. A message indicates that a job to create the external DHCP server was submitted. Click OK to dismiss the message.
WAN Boot lets you use HTTP to boot and install software on SPARC systems over a wide area network (WAN).
The security features are designed to protect data confidentiality while installing the Oracle Solaris OS on SPARC-based systems over a large public network. You can use DHCP or WAN boot for Oracle Solaris 10 provisioning, but WAN boot is the default connection for Oracle Solaris 11 provisioning on SPARC systems.
When you install Oracle Enterprise Manager Ops Center on a SPARC-based ILOM, ALOM, or M-series system that is running on an Oracle Solaris OS, the software configures the Enterprise Controller to be a WAN boot server.
The Oracle Solaris 10 and Oracle Solaris 11 WAN Boot status is indicated in the user interface. A value of true
indicates that WAN boot is enabled for the specified operating system, while a value of false
indicates that it is disabled.
To check the WAN Boot status, perform the following steps:
The default port for WAN boot and the Oracle Solaris 11 Automated Installer (AI) is 5555.
When the Enterprise Controller is installed on an Oracle Solaris 11 operating system, you can change the default port by editing the configuration in the Service Management Facility (SMF) configuration service. When you change the default port in Oracle Solaris 11, Oracle Enterprise Manager Ops Center resolves the port at deployment time based on the SMF configuration and uses the new port for WAN boot. The svccfg command enables you to modify the service configuration.
Note:
To ensure that WAN boot downloads the miniroot, the OS profile, and the OS manifest from the same server, Oracle Enterprise Manager Ops Center disables multicastDNS (mDNS) on the Proxy Controller.
The following example changes the port from 5555 to 7000:
Oracle Solaris 11 provisioning and updating require an Oracle Solaris 11 Repository.
A key file and a certificate file are used to connect to the repository. If these files are missing or have expired, you can provide a new key and certificate.
If you do not have valid key and certificate files, go to https://pkg-register.oracle.com
and log in using your MOS credentials to download them.
Expand the Administration section in the Navigation pane, then click Credentials.
If a set of credentials with the certificate category exists, select it and click the Edit icon, then supply the new key and certificate.
In the Key field, click Browse and select the key file on the local system, or enter the full key text.
In the Certificate field, click Browse and select the key file on the local system, or enter the full key text.
Click Update.
If no set of credentials with the certificate category exists, click Create Credentials in the Actions pane, then enter the new credentials.
In the protocol field, select Certificate.
Enter a name for the set of credentials.
(Optional) Enter a description for the set of credentials.
In the Key field, click Browse and select the key file on the local system, or enter the full key text.
In the Certificate field, click Browse and select the key file on the local system, or enter the full key text.
Click Create.
When you create a server pool, migration scripts in the global zones are deleted to create consistency. You can edit the Enterprise Controller settings to retain these scripts.
To retain migration scripts in server pools, perform the following steps:
keep.migration.script
property to true
.By default, Oracle Enterprise Manager Ops Center does not automatically generate OS Provisioning profiles and plans when a new image is imported or a new update is downloaded.
You can enable the automatic generation of these plans and profiles.
createS11Profiles
property to true
.By default, a user-created group only displays assets that have been added to that group. You can edit the group settings so that related assets are displayed using the same format as the main assets tree.
For example, if this property is enabled, a server that has been added to a user-created group displays its operating system.
Note:
If multiple related assets have been independently added to the same user-created group, duplicate entries may appear.
com.oracle.sysman.showSubTreeInGroups
property to true
.If your Enterprise Controller accesses the Internet through an HTTP proxy, you can edit the HTTP proxy information.
To change the HTTP Proxy, perform the following steps:
You can enable the diagnostics mode to collect diagnostics data for all jobs that are run.
When the diagnostics mode is enabled, the diagnostics data for each job is collected under the /var/opt/sun/xvm/logs/diagnostics/<jobID.RunID>
directory.
Note:
Enabling the diagnostic mode degrades the performance of Oracle Enterprise Manager Ops Center.To enable the diagnostic mode:
DiagnosticsOn
property to true
to collect diagnostics data for all jobs that are run.DiagnosticsOnForFailedJobs
property to true
to collect diagnostics data only if a job fails.Note:
After the diagnostics data is collected, the diagnostics mode should be disabled by modifying the value of system property to false.When ASR is enabled, Oracle Enterprise Manager Ops Center periodically launches a job to enable assets for ASR, and attempts to activate all assets when they are discovered.
You can rebalance assets of a Proxy Controller.
You can view the Oracle Enterprise Manager Ops Center documents for additional information.
For more information, see these Oracle resources:
For more information about using Disconnected mode, see Oracle Enterprise Manager Ops Center Use Disconnected Mode
For information on using the harvester script to upload the content in bulk, see Oracle Enterprise Manager Ops Center Configuration Reference
To download the harvester script, go to https://updates.oracle.com/OCDoctor/harvester_bundle-latest.zip
For information on the advantages of managing assets using Agent Controller, see Oracle Enterprise Manager Ops Center Operations Reference
For Oracle Technology Network Java SE Downloads page, go to http://www.oracle.com/technetwork/java/javase/downloads/jce-7-download-432124.html
For more information on WAN boot connection, see Oracle Enterprise Manager Ops Center Operations Reference
To provide a new key and certificate for Oracle Solaris 11, go to https://pkg-register.oracle.com
For more information on product administration, see http://docs.oracle.com/cd/E59957_01/nav/administer.htm
For end-to-end examples, see the Deploy How To library at http://docs.oracle.com/cd/E59957_01/nav/deploy.htm
and the Operate How To library at http://docs.oracle.com/cd/E59957_01/nav/operate.htm
For more information on Enterprise Manager Ops Center, see the Ops Center blog at https://blogs.oracle.com/opscenter/