Solved

setting up nim with pull mode

Posted on 2011-03-18
3
861 Views
Last Modified: 2013-11-17
ok wmp.. you won! :-)      as always

In order to create the mksysb of my clients (as you said in my last question) how:

do I setup nim side to connect to client using nimsh with openssl (rsh is not allow here)
do I setup the clients to work in the nim enviromnet, shoud I starta ny daemon?

As I told you I need all mysysb of all clients updated every week.

Thanks.

Israel.
0
Comment
Question by:sminfo
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 68

Accepted Solution

by:
woolmilkporc earned 500 total points
ID: 35163917
Yep,

good decision to let NIM do the work!

If you can't use rsh communication you must use nimsh.

Steps required to set it up using openssl (better use smitty instead of commandline, because each setup has several steps which have to be executed in the right order):

- On the NIM master:
"smitty nim_ssl" -> "enable" -> (Use the install options only if you don't have openssl installed yet) -> Go.
smitty will run a "make" against a Makefile which will create all required configs, generate keys and enable SSL on the master.

- On the NIM client:
"smitty nim_config_services" -> "Communication protocol... nimsh" -> "Enable Crypto... yes" -> (Again, use the install options only if openssl is not yet there)  -> Go.
smitty will check for openssl availability on master and client and will start the nimsh daemon in SSL mode. It will also make an appropriate entry in inittab, and it will tell the master that the client is now using secure nimsh.

I made the experience that this setup will not always work at the first attempt, and will also sometimes cease to work after reboot.
The solution is simple: Just issue "stopsrc -s nimsh" and "startsrc -s nimsh" on the client.
Afaik IBM have fixed this in 5.3.12 and 6.1.4 (or so).

Now you've set up secure nimsh communication between master and this client. In the future they will communicate this way.
Enabling SSL on the master has of course to be done only once, but each client has to be configured individually. There is no bulk change option for clients.

Do you need assistance in setting up a command for the master to pull the mksysb from the client?

Basically, you must first remove the old mksysb resource with "nim -o remove mksysb_resource_name".
Attention: This does not remove the old image from disk, so if you're giving a new name to your resources at every run (I don't recommend this, why should one do it this way?) remove it from disk manually.

Next, create a new mksysb resource and populate it by pulling the image from the client in one run:

nim -o define -t mksysb -F -a server=master -a location=/directory/path -a mk_image=yes -a source=your_client_node mksysb_resource_name

Of course you can also use "smitty nim_mkres -> mksysb" for the above.

Have fun with NIM! It's a true challenge, but that's what it makes really interesting!

wmp
0
 

Author Closing Comment

by:sminfo
ID: 35164087
What did you say Fun?  jeee.. Please, I've spent  a week with this.. and today I found this workaround to the NFS error on nim...

https://www.ibm.com/developerworks/forums/thread.jspa?messageID=14556339

I'm  testing again to create the SPOT from the mksysb to install a new LPAR..
Thanks WMP
0
 
LVL 68

Expert Comment

by:woolmilkporc
ID: 35164143
Strange "workaround"!

I can remember old 4.2 days and even back then NIM did not like its filesystems in /etc/exports, it insisted on doing all the NFS stuff on its own instead.
Funny that this behaviour is called "new" in your article!

If you do employ NIM it's very, very good practice letting it do ALL the work instead of playing around with homemade tricks.

Thx for the points!

wmp
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When you do backups in the Solaris Operating System, the file system must be inactive. Otherwise, the output may be inconsistent. A file system is inactive when it's unmounted or it's write-locked by the operating system. Although the fssnap utility…
Let's say you need to move the data of a file system from one partition to another. This generally involves dismounting the file system, backing it up to tapes, and restoring it to a new partition. You may also copy the file system from one place to…
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…

687 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question