[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 870
  • Last Modified:

setting up nim with pull mode

ok wmp.. you won! :-)      as always

In order to create the mksysb of my clients (as you said in my last question) how:

do I setup nim side to connect to client using nimsh with openssl (rsh is not allow here)
do I setup the clients to work in the nim enviromnet, shoud I starta ny daemon?

As I told you I need all mysysb of all clients updated every week.

Thanks.

Israel.
0
sminfo
Asked:
sminfo
  • 2
1 Solution
 
woolmilkporcCommented:
Yep,

good decision to let NIM do the work!

If you can't use rsh communication you must use nimsh.

Steps required to set it up using openssl (better use smitty instead of commandline, because each setup has several steps which have to be executed in the right order):

- On the NIM master:
"smitty nim_ssl" -> "enable" -> (Use the install options only if you don't have openssl installed yet) -> Go.
smitty will run a "make" against a Makefile which will create all required configs, generate keys and enable SSL on the master.

- On the NIM client:
"smitty nim_config_services" -> "Communication protocol... nimsh" -> "Enable Crypto... yes" -> (Again, use the install options only if openssl is not yet there)  -> Go.
smitty will check for openssl availability on master and client and will start the nimsh daemon in SSL mode. It will also make an appropriate entry in inittab, and it will tell the master that the client is now using secure nimsh.

I made the experience that this setup will not always work at the first attempt, and will also sometimes cease to work after reboot.
The solution is simple: Just issue "stopsrc -s nimsh" and "startsrc -s nimsh" on the client.
Afaik IBM have fixed this in 5.3.12 and 6.1.4 (or so).

Now you've set up secure nimsh communication between master and this client. In the future they will communicate this way.
Enabling SSL on the master has of course to be done only once, but each client has to be configured individually. There is no bulk change option for clients.

Do you need assistance in setting up a command for the master to pull the mksysb from the client?

Basically, you must first remove the old mksysb resource with "nim -o remove mksysb_resource_name".
Attention: This does not remove the old image from disk, so if you're giving a new name to your resources at every run (I don't recommend this, why should one do it this way?) remove it from disk manually.

Next, create a new mksysb resource and populate it by pulling the image from the client in one run:

nim -o define -t mksysb -F -a server=master -a location=/directory/path -a mk_image=yes -a source=your_client_node mksysb_resource_name

Of course you can also use "smitty nim_mkres -> mksysb" for the above.

Have fun with NIM! It's a true challenge, but that's what it makes really interesting!

wmp
0
 
sminfoAuthor Commented:
What did you say Fun?  jeee.. Please, I've spent  a week with this.. and today I found this workaround to the NFS error on nim...

https://www.ibm.com/developerworks/forums/thread.jspa?messageID=14556339

I'm  testing again to create the SPOT from the mksysb to install a new LPAR..
Thanks WMP
0
 
woolmilkporcCommented:
Strange "workaround"!

I can remember old 4.2 days and even back then NIM did not like its filesystems in /etc/exports, it insisted on doing all the NFS stuff on its own instead.
Funny that this behaviour is called "new" in your article!

If you do employ NIM it's very, very good practice letting it do ALL the work instead of playing around with homemade tricks.

Thx for the points!

wmp
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now