1. Manuals
  2. Brands
  3. Novell Manuals
  4. Software
  5. BUSINESS CONTINUITY CLUSTERING 1.1 SP1 - 9-21-2010 ADMINISTRATION GUIDE FOR OPEN ENTERPRISE SERVER 1 SP2...
  6. Administration manual

Novell BUSINESS CONTINUITY CLUSTERING 1.1 SP1 - 9-21-2010 ADMINISTRATION GUIDE FOR OPEN ENTERPRISE SERVER 1 SP2 LINUX Administration Manual

Hide thumbs
Table of Contents

Advertisement

Quick Links

Download this manual
AUTHORIZED DOCUMENTATION
Administration Guide for Novell Open Enterprise Server 1 SP2 Linux
Novell
®

Business Continuity Clustering

1.1 SP1
September 21, 2010
www.novell.com

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the BUSINESS CONTINUITY CLUSTERING 1.1 SP1 - 9-21-2010 ADMINISTRATION GUIDE FOR NOVELL OPEN ENTERPRISE SERVER 1 SP2 LINUX and is the answer not in the manual?

Questions and answers

Related Manuals for Novell BUSINESS CONTINUITY CLUSTERING 1.1 SP1 - 9-21-2010 ADMINISTRATION GUIDE FOR NOVELL OPEN ENTERPRISE SERVER 1 SP2 LINUX

Summary of Contents for Novell BUSINESS CONTINUITY CLUSTERING 1.1 SP1 - 9-21-2010 ADMINISTRATION GUIDE FOR NOVELL OPEN ENTERPRISE SERVER 1 SP2 LINUX

  • Page 1: Repeat Step 1 Through Step

    AUTHORIZED DOCUMENTATION Administration Guide for Novell Open Enterprise Server 1 SP2 Linux Novell ® Business Continuity Clustering 1.1 SP1 September 21, 2010 www.novell.com...
  • Page 2 Further, Novell, Inc., reserves the right to make changes to any and all parts of Novell software, at any time, without any obligation to notify any person or entity of such changes.

  • Page 3: Table Of Contents

    Novell Business Continuity Clusters ........
  • Page 4 Migrating Resources to Another Cluster ......... 83 Novell Business Continuity Clustering 1.1 Administration Guide for Linux...
  • Page 5 D.1.1 Setting Up Novell Business Continuity Clustering Software ....97 February 15, 2008 ............98 D.2.1...
  • Page 6 Novell Business Continuity Clustering 1.1 Administration Guide for Linux...

  • Page 7: About This Guide

    This guide describes how to install, configure, and manage Novell Business Continuity Clustering 1.1 Support Pack 1 on Novell Open Enterprise Server 1 Support Pack 2 for Linux (OES 1 SP2 Linux) servers in combination with Novell Cluster Services 1.8.2 for Linux clusters.
  • Page 8 Novell Business Continuity Clustering 1.1 Administration Guide for Linux...

  • Page 9: Overview

    As corporations become more international, fueled in part by the reach of the World Wide Web, the ® requirement for service availability has increased. Novell Cluster Services™ offers corporations the ability to maintain 24x7x365 data and application services to their users while still being able to perform maintenance and upgrades on their systems.

  • Page 10: Disaster Recovery Implementations

    1.2 Disaster Recovery Implementations There are two main Novell Cluster Services implementations that you can use to achieve your desired level of disaster recovery. These include a stretch cluster and a cluster of clusters. The Novell Business Continuity Clustering product automates some of the configuration and processes used in a cluster of clusters.
  • Page 11 Cluster of Clusters A cluster of clusters consists of two or more clusters in which each cluster is located in a geographically separate area. A cluster of clusters provides the ability to fail over selected cluster resources or all cluster resources from one cluster to another cluster. Typically, replication of data blocks between SANs is performed by SAN hardware, but it can be done by host-based mirroring for synchronous replication over short distances.
  • Page 12 An SBD partition must be mirrored between sites.  It accommodates only two sites.  All IP addresses must reside in the same subnet.  The eDirectory partition must span the cluster. Novell Business Continuity Clustering 1.1 Administration Guide for Linux...

  • Page 13: Novell Business Continuity Clusters

    1.2.2 Novell Business Continuity Clusters Novell Business Continuity Clusters is a cluster of clusters similar to what is described above, except that the cluster configuration, maintenance, and synchronization have been automated by adding specialized software. Novell Business Continuity Clustering software is an integrated set of tools to automate the setup and maintenance of a Business Continuity infrastructure.

  • Page 14: Usage Scenarios

    The first option is typically used when the purpose of the secondary site is primarily testing by the IT department. The second option is typically used in a company that has more than one large site of operations. Novell Business Continuity Clustering 1.1 Administration Guide for Linux...
  • Page 15 Two-Site Business Continuity Cluster Figure 1-3 Two independent clusters at geographically separate sites Building A Building B Ethernet Switch Ethernet Switch eDirectory DirXML Server Server Server Server Server Server Server Server Fibre Channel Fibre Channel Switch Switch Disk blocks Fibre Channel Fibre Channel Disk Arrays Disk Arrays...
  • Page 16 In either case, snapshot technology can allow for asynchronous replication over long distances. However, the low-cost solution does not necessarily have the performance associated with higher-end Fibre Channel storage arrays. Novell Business Continuity Clustering 1.1 Administration Guide for Linux...

  • Page 17: Installation And Setup

    (http://www.novell.com/products/businesscontinuity/howtobuy.html). 2.1.2 OES 1 SP2 Linux Novell Open Enterprise Server 1 (OES 1) Support Pack 2 for Linux (OES 1 SP2 Linux) must be installed and running on all servers that will be part of the business continuity cluster. Installation and Setup...

  • Page 18: Novell Edirectory 8.8

    IMPORTANT: Novell Business Continuity Clustering 1.1 for Linux is not supported on Novell Open Enterprise Server 2 for Linux (OES 2 Linux). The latest OES 1 Linux patches from the patch channel are required prior to installing Business Continuity Clustering 1.1. For instructions on updating OES 1 Linux with the latest patches, see Patching an OES 1 Linux Server (http://www.novell.com/documentation/oes/install_linux/data/...

  • Page 19: Novell Cluster Services 1.8.2 For Linux

    2.1.5 Novell iManager Novell iManager (the version released with OES 1 SP2) must be installed and running on a server in the eDirectory tree where you are installing Business Continuity Clustering software. As part of the install process, you will be installing snap-ins for the Identity Manager role that are management templates for configuring a business continuity cluster.

  • Page 20: Openslp

    Identity Manager 3 Bundle Edition Identity Manager 3.0.1 is supported with Novell Business Continuity Clustering 1.1 Support Pack 1. It is included with the Identity Manager 3.0.1 Bundle Edition. Instructions for installing and configuring the Identity Manager 3.0.1 Bundle Edition can be found with the Identity Manager 3.0.1...

  • Page 21: Bash

    Whether or not snapshot technology is being used 2.2 Installing Novell Business Continuity Clustering Software It is necessary to run the Novell Business Continuity Clustering installation program when you want  Install and configure Business Continuity Clustering engine software on the cluster nodes for the clusters that will be part of a business continuity cluster.

  • Page 22: Business Continuity Cluster Component Locations

    Switch Switch Disk blocks Fibre Channel Fibre Channel Disk Arrays Disk Arrays Cluster Site 1 Cluster Site 2 Figure 2-1 uses the following abbreviations: BCC eng.: Novell Business Continuity Clustering engine Novell Business Continuity Clustering 1.1 Administration Guide for Linux...

  • Page 23: Downloading The Business Continuity Clustering Software

    Software Before you install Novell Business Continuity Clustering, download and copy the software to a directory on your workstation, then create a CD from the ISO. To download Novell Business Continuity Clustering 1.1 with SP1, go to The Novell Business Continuity Clustering download site (http://download.novell.com/Download?buildid=bdkmSxRgKVk~).
  • Page 24 4 Replace bccadmin with the BCC Administrator user you created. Notice the group ID number of the . In this example, the number 107 is used. This ncsgroup number can be different for each cluster node. Novell Business Continuity Clustering 1.1 Administration Guide for Linux...

  • Page 25: Installing And Configuring Business Continuity Clustering Core Software

    Clustering software to start immediately following the installation, click Next, then click Next again. 5 Repeat the above steps for each cluster node on each Novell Cluster Services cluster that will be part of a business continuity cluster. Installation and Setup...

  • Page 26: Installing The Identity Manager Management Templates For Business Continuity

    Identity Manager” on page 20). If you have installed Novell iManager on an OES 1 SP2 NetWare server or a Windows* server, you can alternatively install the Identity Manager templates on these servers by using the Business Continuity Clustering 1.1 for NetWare installation program. See “Installing the Identity Manager...

  • Page 27: Contents

    The file should appear similar to the example below. <?xml version="1.0"?> <!DOCTYPE profile SYSTEM "/usr/share/autoinstall/dtd/profile.dtd"> <profile xmlns="http://www.suse.com/1.0/yast2ns" xmlns:config="http:// www.suse.com/1.0/configns"> <configure> <bcc> <config-type>New</config-type> <start-now>Yes</start-now> <cluster-dn>cn=my_cluster.o=novell</cluster-dn> <ldap-server>10.1.1.0</ldap-server> <ldap-port>389</ldap-port> <ldap-secure-port>636</ldap-secure-port> <admin-dn>cn=admin.o=novell</admin-dn> <admin-password>password</admin-password> </bcc> </configure> </profile> Edit the above example to apply to your own specific system settings.
  • Page 28 Clean up the Business Continuity Clustering installation source by opening a shell and running one of the commands below, depending on which method you chose in Step 1 on page rm -rf /tmp/bcc_install unmount /mnt/iso Novell Business Continuity Clustering 1.1 Administration Guide for Linux...

  • Page 29: Removing Business Continuity Clustering Core Software

    2.2.7 Removing Business Continuity Clustering Core Software If you need to uninstall Novell Business Continuity Clustering, you can do so by using the Business Continuity Clustering installation program. 1 Using the KDE desktop environment, log in as user , insert the Business Continuity...

  • Page 30: Configuring Nss Mirroring

    When you create a Novell Cluster Services system that utilizes shared storage space (a Storage Area Network or SAN), it is important to remember that all servers attached to the shared device, whether in the cluster or not, have access to all of the volumes on the shared storage space unless you specifically prevent such access.
  • Page 31  “Novell Cluster Services Configuration and Setup” on page 32  “Checking NSS Volume Mirror Status” on page 32 Creating and Mirroring NSS Pools on Shared Storage NSS creates a partition for you when you create a pool. Prior to creating and mirroring NSS pools on shared storage, ensure that you have the following: ...
  • Page 32 You can select or deselect the NCP option. It is selected by default, and is the protocol used by Novell clients. Selecting NCP causes commands to be added to the pool resource load and unload scripts to activate the NCP protocol on the cluster.

  • Page 33: Configuring San-Based Mirroring

    2.4 Setting Up Novell Business Continuity Clustering Software After you have installed and configured Identity Manager and the Business Continuity Clustering software, and you have configured file system mirroring, you need to set up the Novell Business Continuity Clustering software. ...

  • Page 34: Configuring Identity Manager Drivers For The Business Continuity Cluster

    7 Choose to import a preconfigured driver from the server, select the Identity Manager preconfigured template for cluster resource synchronization, then click Next. The template name is BCCClusterResourceSynchronization.xml 8 Fill in the values on the wizard page as prompted, then click Next. Novell Business Continuity Clustering 1.1 Administration Guide for Linux...
  • Page 35 BCC enabled resource are also placed in the landing zone. IMPORTANT: The context must already exist and must be specified using dot format without the tree name. For example, siteA.Novell. Prior to performing this step, you could create a separate container in eDirectory specifically for these cluster pool and volume objects.
  • Page 36 Ensure that there are no spaces (beginning or end) in the specified context, and do not use the following format: cn=DriverName.ou=OrganizationalUnitName.o=OrganizationName 5 Specify the requested driver information for the driver in the other cluster. Use the same format specified in Step 6 Click Next, then click Finish. Novell Business Continuity Clustering 1.1 Administration Guide for Linux...
  • Page 37 Synchronizing Identity Manager Drivers After creating the BCC-specific Identity Manager drivers and SSL certificates, if you are adding a new cluster to an existing business continuity cluster, you must synchronize the BCC-specific Identity Manager drivers. If the BCC-specific Identity Manager drivers are not synchronized, clusters cannot be enabled for business continuity.
  • Page 38 Cluster Three You could also have Cluster One synchronize with Cluster Two, Cluster Two synchronize with Cluster Three, and Cluster Three synchronize back to Cluster Two as illustrated in Figure 2-5. Novell Business Continuity Clustering 1.1 Administration Guide for Linux...

  • Page 39: Configuring Clusters For Business Continuity

     Be enabled for business continuity. 2.4.2 Configuring Clusters for Business Continuity The following tasks must be performed on each separate Novell Cluster Services cluster that you want to be part of the business continuity cluster:  “Enabling Clusters for Business Continuity” on page 40 ...

  • Page 40: Enabling Clusters For Business Continuity

    The BCC-specific Identity Manager drivers configured and running.  Be enabled for business continuity. 2 Add the administrator username and password that the selected cluster will use to connect to the selected peer cluster. Novell Business Continuity Clustering 1.1 Administration Guide for Linux...

  • Page 41: Adding Resource Script Search And Replace Values

    When adding the administrator username, do not include the context for the user. For example, instead of bccadmin bccadmin.prv.novell Rather than using the Admin user to administer your BCC, you should consider creating another user with sufficient rights to the appropriate contexts in your eDirectory tree to manage your BCC.

  • Page 42: Adding San Management Configuration Information

    This is the IP address or DNS name that is used for SAN management.  Namespace: If you selected the CIM Client check box on the previous page, accept the default namespace, or specify a different namespace for your SAN. Novell Business Continuity Clustering 1.1 Administration Guide for Linux...
  • Page 43  Edit Flags: This is an advanced feature, and should not be used except under the direction of Novell Support. 7c Click Apply and OK on the Script Details page, then click OK on the Resource Properties page to save your script changes.

  • Page 44: Enabling Reiser And Ext3 File Systems To Run On Secondary Clusters

    EVMS CSM container when you created it. This value is case- sensitive and should exactly match the container name. 10 Using a text editor, copy and paste the script into the Script Parameters text bcc_csm_util.pl box. Novell Business Continuity Clustering 1.1 Administration Guide for Linux...

  • Page 45: Configuring Cluster Resources For Business Continuity

    In order for the BCC Administrator user to gain access to the cluster administration files ( /admin/ ) on other Linux cluster nodes in your BCC, you must add that user to the novell/cluster on each cluster node. For instructions, see “Adding the BCC Administrator User to the ncsgroup ncsgroup on Each Cluster Node”...

  • Page 46: Enabling A Cluster Resource For Business Continuity

    IMPORTANT: Adding resource script search and replace values for the entire cluster is recommended rather than adding those values for individual cluster resources. You should contact Novell Support prior to adding search and replace values for individual cluster resources. Novell Business Continuity Clustering 1.1 Administration Guide for Linux...
  • Page 47 To enable a resource for business continuity, certain values (such as IP addresses, DNS names, and tree names) specified in resource load and unload scripts need to be changed in corresponding resources in the other clusters. You need to add the search and replace strings that are used to transform cluster resource load and unload scripts from this cluster to another cluster.

  • Page 48: Managing A Novell Business Continuity Cluster

    Section 2.5.6, “Business Continuity Clustering Console Commands,” on page 52 2.5.1 Migrating a Cluster Resource to Another Cluster Although there is now an automatic failover feature for Novell Business Continuity Clustering, it is recommended that you manually migrate resources from one cluster to another cluster. See Appendix B, “Setting Up Auto-Failover,”...
  • Page 49 manually start the cluster resource on another cluster in the business continuity cluster. If the source cluster site fails, you must go to the destination cluster site to manually migrate or bring up resources at that site. Each resource starts on its preferred node on the destination cluster. TIP: You can use the command to start resources on nodes other than the cluster migrate...

  • Page 50: Changing Cluster Peer Credentials

    6 Edit the administrator username and password that the selected cluster will use to connect to the selected peer cluster, then click OK. When specifying a username, you don’t need to include the Novell eDirectory context for the user name.

  • Page 51: Generating A Cluster Report

    3 In the left column, click Clusters, then click the BCC Manager link. 4 Specify a cluster name, or browse and select one. Using this page, you can see if all cluster peer connections are up or if one or more peer connections are down.

  • Page 52: Business Continuity Clustering Console Commands

    Clustering for an entire cluster. 2.5.6 Business Continuity Clustering Console Commands Novell Business Continuity Clustering provides some server console commands to help you perform certain business continuity cluster-related tasks. Some of the commands can be used both with Novell Cluster Services and with Novell Business Continuity Clustering.
  • Page 53 Console Command Description Disables Business Continuity Clustering for the cluster disable [resource] specified resource. The resource you specify must be a member of a cluster that has already been enabled for Business Continuity Clustering. If no resource is specified, the entire cluster is disabled for Business Continuity Clustering.

  • Page 54: Business Continuity Cluster Failure Types

    SAN vendor documentation might use different terms such as mask and unmask.  Section 2.6.1, “SAN-Based Mirroring Failure Types and Responses,” on page 55  Section 2.6.2, “Host-based Mirroring Failure Types and Responses,” on page 56 Novell Business Continuity Clustering 1.1 Administration Guide for Linux...

  • Page 55: San-Based Mirroring Failure Types And Responses

    2.6.1 SAN-Based Mirroring Failure Types and Responses SAN-based mirroring failure types and responses are described in the following sections:  “Primary Cluster Fails but Primary SAN Does Not” on page 55  “Primary Cluster and Primary SAN Both Fail” on page 55 ...

  • Page 56: Host-Based Mirroring Failure Types And Responses

    Primary Cluster Fails but Primary SAN Does Not Section 2.6.1, “SAN-Based Mirroring Failure Types and Responses,” on page 55. Do not disable MSAP (Multiple Server Activation Prevention), which is enabled by default. Novell Business Continuity Clustering 1.1 Administration Guide for Linux...
  • Page 57 Primary Cluster and Primary SAN Both Fail Bring up your primary SAN or iSCSI target before bringing up your cluster servers. Then run the command from a secondary cluster server. Ensure that Cluster Scan For New Devices remirroring completes before bringing downed cluster servers back up. If necessary, promote the former primary SAN back to primary.
  • Page 58 Novell Business Continuity Clustering 1.1 Administration Guide for Linux...

  • Page 59: Upgrading Business Continuity Clustering For Linux

    3.1 Upgrading Business Continuity Clustering from 1.0 to 1.1 for NetWare Perform the upgrade from Business Continuity Clustering 1.0 (NetWare only) to 1.1 for NetWare on each node in every Novell Cluster Services cluster that is part of your existing business continuity cluster. ...

  • Page 60: Installing Or Upgrading Identity Manager

    3.1.2 Installing or Upgrading Identity Manager You must upgrade to or install Identity Manager 2.x or 3 on one cluster server in each the Novell Cluster Services clusters of your BCC. If you are upgrading to Identity Manager on a BCC server ®...

  • Page 61: Resetting Bcc Administrator User Credentials

    3.1.4 Resetting BCC Administrator User Credentials The BCC Administrator user credentials that were set for Business Continuity Clustering 1.0 do not work with Business Continuity Clustering 1.1. A fully distinguished eDirectory name (FDN) was required for Business Continuity Clustering 1.0, but Business Continuity Clustering 1.1 requires only the BCC administrator name.

  • Page 62: Upgrading Business Continuity Clustering From 1.0 Or 1.1 For Netware To 1.1 For Linux

    Section 3.1, “Upgrading Business Continuity Clustering from 1.0 to 1.1 for NetWare,” on page IMPORTANT: All cluster nodes in every cluster in your BCC must be upgraded to Business Continuity Clustering 1.1 for NetWare before converting clusters to Novell Cluster Services for Linux.

  • Page 63: Troubleshooting Business Continuity Clustering

    Troubleshooting Business Continuity Clustering 1.1 ® This section contains the following topics to help you troubleshoot Novell Business Continuity Clustering 1.1.  Section 4.1, “Cluster Connection States,” on page 64  Section 4.2, “Driver Ports,” on page 65  Section 4.3, “Excluded Users,” on page 66 ...

  • Page 64: Cluster Connection States

    The connection state numbers are recorded in a log file that you can use to view connection and status changes for BCC. Novell Business Continuity Clustering 1.1 Administration Guide for Linux...

  • Page 65: Driver Ports

    The default path to the log file on Linux is . The administrator might have /var/log/messages changed this path from the default. Search for BCCD to view BCC related messages and entries in the log file. ® To view the log file on NetWare 1 At the NetWare server console, enter log +copy syslog 2 Using an editor, open the file that is referenced in the message that appears.

  • Page 66: Excluded Users

    This container is sometimes referred to as the landing zone. The server objects for the virtual server of a business-continuity-enabled resource are also placed in the landing zone. Novell Business Continuity Clustering 1.1 Administration Guide for Linux...

  • Page 67: Certificates

    If SSL certificates are not present or have not been created, Identity Manager drivers might not start or function properly. Novell recommends using SSL certificates for encryption and security. NOTE: You should create or use a different certificate than the default (dummy) certificate (BCC Cluster Sync KMO) that is included with BCC.

  • Page 68: Clusters Cannot Communicate

    Novell Support.  Section 4.7.1, “Using BCC Startup Flags on NetWare,” on page 69  Section 4.7.2, “Using BCC Startup Flags on Linux,” on page 69 Novell Business Continuity Clustering 1.1 Administration Guide for Linux...

  • Page 69: Using Bcc Startup Flags On Netware

    Organizational Unit (OU) when browsing the eDirectory tree during the BCC installation. To resolve this and similar problems, rename the c:\program files\common files\novell directory on the Windows machine where the installation is being run and restart the Business Continuity Clustering 1.1 installation program.

  • Page 70: Identity Manager Drivers Do Not Synchronize Objects From One Cluster To Another

    1a Start your Internet browser and enter the URL for iManager. The URL is http://server_ip_address/nps/iManager.html. Replace server_ip_address with the IP address or DNS name of the server that has iManager and the Identity Manager preconfigured templates for iManager installed. Novell Business Continuity Clustering 1.1 Administration Guide for Linux...

  • Page 71: Peer Cluster Communication Not Working

     LIBC has not been updated. See OES SP2, NW6.5 SP5 Update 1: TID # 2974185 (http:// support.novell.com/docs/Readmes/InfoDocument/2974185.html).  A firewall is blocking port 5988 or 5989 (CIM). 4.13 Resource Does Not Migrate to Another...

  • Page 72: Resource Cannot Be Brought Online

    On the resource object, change the NCS:BCC State attribute to 0 to set the resource to the primary state. Also, increment the NCS:Revision attribute one number so that Novell Cluster Services recognizes that the resource properties have been updated. See...

  • Page 73: Resource Script Search And Replace Functions Do Not Work

    4.18 Resource Script Search and Replace Functions Do Not Work If resource script search and replace functions are not working, the problem might be caused by one of the following conditions:  You did not click the Apply button on the Properties page. Clicking OK when entering the scripts does not apply the changes to the directory.

  • Page 74: Blank Error String Imanager Error Appears While Bringing A Resource Online

    If you get an error in iManager with a blank error string (no text appears with the error message) while attempting to bring a resource online, it is possible that Novell Cluster Services views the resource as secondary even though BCC has changed the resource to primary and iManager shows the resource as primary.

  • Page 75: Mapping Drives In Login Scripts

    This method requires a client reboot.  TID 10057730 (http://support.novell.com/docs/Tids/Solutions/10057730.html) information on modifying the server cache Time To Live (TTL) value on the Novell Client 4.24 Mapping Drives to Home Directories by Using the %HOME_DIRECTORY Variable Consider the following when mapping drives in login scripts in a BCC.

  • Page 76: Bcc Error Codes

    SAN, and one for LDIF/ICE. The NSMI script must then call each NCF file separately. TID 10057730 (http://support.novell.com/docs/Tids/Solutions/10057730.html) information on modifying the server cache Time To Live (TTL) value on the Novell Client. A sample NSMI script is included below:...
  • Page 77 1017 Invalid BCC API version 1018 Could not find a pool for the specified cluster resource 1019 Error managing the SAN via the Novell SAN Management Interface 1020 CIM Client error 1021 Error creating a system resource (mutex, semaphore, etc.)
  • Page 78 2 Open the file that is referenced in the message that appears. You can get additional information on how to use the log file by entering at the help log NetWare server console. Novell Business Continuity Clustering 1.1 Administration Guide for Linux...

  • Page 79: A Implementing A Multiple-Tree Bcc

    Identity Manager to quickly copy the 10,000 users to the new tree. For more information on copying User objects by using Identity Manager, see “Migrating or Copying User Objects” (http://www.novell.com/documentation/idmdrivers/index.html?page=/ documentation/idmdrivers/edirectory/data/brj81j4.html) in the Identity Manager Driver for eDirectory Implementation Guide.

  • Page 80: Creating Ssl Certificates

    2 Specify your username and password, specify the tree where you want to log in, then click Login. 3 In the left column, click DirXML Utilities, then click NDS-to-NDS Driver Certificates. 4 Specify the requested driver information for both eDirectory trees. Novell Business Continuity Clustering 1.1 Administration Guide for Linux...

  • Page 81: Synchronizing The Bcc-Specific Identity Manager Drivers

    You must specify the driver name (including the context) you supplied in Step 8 on page 34 the current tree. Use the following format when specifying the driver name: DriverName.DriverSet.OrganizationalUnit.OrganizationName Ensure that there are no spaces (beginning or end) in the specified context, and do not use the following format: cn=DriverName.ou=OrganizationalUnitName.o=OrganizationName A.4 Synchronizing the BCC-Specific Identity...
  • Page 82 Three You could also have Cluster One synchronize with Cluster Two, Cluster Two synchronize with Cluster Three, and Cluster Three synchronize back to Cluster Two as is illustrated in Figure 2-5. Novell Business Continuity Clustering 1.1 Administration Guide for Linux...

  • Page 83: Migrating Resources To Another Cluster

    Alternate Three-Cluster Identity Manager Synchronization Scenario Figure A-3 Cluster DirXML Sync Cluster Cluster Three To change your BCC synchronization scenario: 1 In the Connections section of the Business Continuity Cluster Properties page, select one or more peer clusters that you want a cluster to synchronize to, then click Edit. In order for a cluster to appear in the list of possible peer clusters, that cluster must have the following: ...
  • Page 84 Novell Business Continuity Clustering 1.1 Administration Guide for Linux...

  • Page 85: B Setting Up Auto-Failover

    Setting Up Auto-Failover Auto-Failover is available beginning in Business Continuity Clustering 1.1. To set up the auto- failover feature, you must enable it, then configure the auto-failover settings. WARNING: Auto-Failover is disabled by default and is not recommended. It should only be enabled after a thorough examination and review of your network and geographic site infrastructure.

  • Page 86: Creating An Auto-Failover Policy

    (that is, one cluster has a valid connection to the specified cluster), failover does not occur. More complex rules can be constructed that contain multiple conditions. Novell Business Continuity Clustering 1.1 Administration Guide for Linux...

  • Page 87: Adding Or Editing Monitor Configurations

    If previously configured, the fields under Failover Policy Configuration should already contain information on the policies that were created in the Cluster Membership Monitoring Settings section of the page. 1 Under Failover Policy Configuration, select a policy and click Edit to further refine a rule. Click Delete to remove the rule, or click New to create a new rule that you can add the additional failover conditions to.
  • Page 88 The nodepnt and nodecnt monitors do not support optional parameters. 6 Click Apply to save your settings. NOTE: See the BCC NDK documentation (http://developer.novell.com/documentation/cluster/ index.html?page=/documentation/cluster/ncss_enu/data/bktitle.html) for more information on creating custom failover policies. Novell Business Continuity Clustering 1.1 Administration Guide for Linux...

  • Page 89: C Security Considerations

    Security Considerations This section contains specific instructions on how to configure and maintain a business continuity cluster in the most secure way possible.  Section C.1, “Security Features,” on page 89  Section C.2, “Security Configuration,” on page 89  Section C.3, “Other Security Considerations,”...

  • Page 90: Bcc Configuration Settings

    WARNING: You should not change these configuration settings unless instructed to do so by Novell Support. Doing so can have adverse affects on your cluster nodes and BCC. The following XML is saved on the NCS:BCC Settings attribute on the local Cluster object in eDirectory.
  • Page 91 On Linux, the above XML is written to . It should be /etc/opt/novell/bcc/bccsettings.xml noted that on Linux this file might be overwritten by Business Continuity Clustering at any time. Therefore, any changes to this file on Linux are ignored and lost. All changes should be made in eDirectory.
  • Page 92 </peer> To disable SSL for inter-cluster communication, you would change the <address> attribute to specify with the IP address, as shown in the following example: http:// <peer> <cluster>chicago_cluster</cluster> <tree>DIGITALAIRLINES-TREE</tree> <address>http://10.1.1.10</address> </peer> Novell Business Continuity Clustering 1.1 Administration Guide for Linux...

  • Page 93: Security Information For Other Products

    The BCC management address of now specifies non-secure HTTP chicago_cluster communication. The BCC management port can also be changed by modifying the NCS:BCC Peers attribute values. The default ports for secure and non-secure inter-cluster communication are 5989 and 5988 respectively. For example, if you want to change the secure port on which OpenWBEM listens from port 5989 to port 1234, you would change the attribute value in the above examples to:...

  • Page 94: Other Security Considerations

     When a BCC is administered by users outside of the corporate firewall, the HTTPS protocol should be used. A VPN should also be employed. Novell Business Continuity Clustering 1.1 Administration Guide for Linux...
  • Page 95  If a server is accessible from outside the corporate network, a local server firewall should be employed to prevent direct access by a would-be intruder.  Audit logs should be kept and analyzed periodically. Security Considerations...
  • Page 96 Novell Business Continuity Clustering 1.1 Administration Guide for Linux...

  • Page 97: D Documentation Updates

    Refer to the publication date, which appears on the title page, to determine the release date of this guide. For the most recent version of the Novell Business Continuity Clustering 1.1 for Linux Administration Guide, see the BCC Documentation Web site (http://www.novell.com/...

  • Page 98: February 15, 2008

    D.2.2 Troubleshooting Business Continuity Clustering 1.1 Location Change Section 4.4, “Security The NCP server objects for the virtual server of a BCC enabled resource Equivalent User,” on page 66 are also placed in the landing zone. Novell Business Continuity Clustering 1.1 Administration Guide for Linux...

This manual is also suitable for:

Business continuity clustering 1.1 sp1

Table of Contents