beautypg.com

3 configuring a synchronization managed client – HP Linux Server Management Software User Manual

Page 38

background image

5.

Distribute the package control script and package ASCII configuration files clusterwide:

# ccp csync csync.conf $SGCONF/csync/

6.

Apply the package and start it:

# cmapplyconf -P csync.conf
# cmmodpkg -e csync

Test the csync Package Configuration

Test the configuration by performing the following steps:

1.

On a managed client, use the command:

# cfagent --no-lock --verbose --no-splay

The verbose output will display the client, checking for updated copies of the master
policy files, copying them into /var/opt/cfengine/inputs if needed, and then
executing the contents of cfagent.conf/cf.main.

2.

On the master server, test the cfrun command:

# cfrun -- --inform

--inform

instructs the remote cfagent to use the --inform flag which will produce

messages for all changes cfengine performs on the system. For additional information,
the --verbose command can also be helpful:

# cfrun -v -- --verbose

The -v instructs cfrun itself to be more verbose and the --verbose is passed on to the
remote cfagent.

For additional troubleshooting information, refer to

“cfengine Troubleshooting”

(page 42)

.

2.3.2.3 Configuring a Synchronization Managed Client

When manually configuring managed clients, the basic steps are:

Exchanging security keys. This establishes the trust relationship between the managed client
and master server.

Copying update.conf from the master server to the managed client.

Setting a schedule for which cfagent will perform synchronization operations.

For a Serviceguard cluster, each member must be individually configured as a cfengine client.
After configuring each member, if you add new members to the cluster, you must manually
configure each new member as well. Repeat the configuration tasks described below on each
cluster member.

For all other newly managed clients, start by configuring the trust relationship between the client
and the master server. The master and client systems exchange security keys to authenticate each
other. The master server’s public key needs to be copied to the client and the client’s public key
is copied to the master server:

1.

As root, use cfkey to create the public and private key pair for this cluster member:

# /opt/dsau/sbin/cfkey

This creates keys named localhost.priv and localhost.pub in the directory
/var/opt/dsau/cfengine/ppkeys

.

2.

Copy this client’s key to the master server. The master server uses the following naming
convention for the client keys: ->.pub.

Using this naming convention, push the client’s public key to the master server’s ppkeys
directory using the following naming convention:

38

Configuration Synchronization