Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

setting up nim with pull mode

Posted on 2011-03-18
3
855 Views
Last Modified: 2013-11-17
ok wmp.. you won! :-)      as always

In order to create the mksysb of my clients (as you said in my last question) how:

do I setup nim side to connect to client using nimsh with openssl (rsh is not allow here)
do I setup the clients to work in the nim enviromnet, shoud I starta ny daemon?

As I told you I need all mysysb of all clients updated every week.

Thanks.

Israel.
0
Comment
Question by:sminfo
  • 2
3 Comments
 
LVL 68

Accepted Solution

by:
woolmilkporc earned 500 total points
ID: 35163917
Yep,

good decision to let NIM do the work!

If you can't use rsh communication you must use nimsh.

Steps required to set it up using openssl (better use smitty instead of commandline, because each setup has several steps which have to be executed in the right order):

- On the NIM master:
"smitty nim_ssl" -> "enable" -> (Use the install options only if you don't have openssl installed yet) -> Go.
smitty will run a "make" against a Makefile which will create all required configs, generate keys and enable SSL on the master.

- On the NIM client:
"smitty nim_config_services" -> "Communication protocol... nimsh" -> "Enable Crypto... yes" -> (Again, use the install options only if openssl is not yet there)  -> Go.
smitty will check for openssl availability on master and client and will start the nimsh daemon in SSL mode. It will also make an appropriate entry in inittab, and it will tell the master that the client is now using secure nimsh.

I made the experience that this setup will not always work at the first attempt, and will also sometimes cease to work after reboot.
The solution is simple: Just issue "stopsrc -s nimsh" and "startsrc -s nimsh" on the client.
Afaik IBM have fixed this in 5.3.12 and 6.1.4 (or so).

Now you've set up secure nimsh communication between master and this client. In the future they will communicate this way.
Enabling SSL on the master has of course to be done only once, but each client has to be configured individually. There is no bulk change option for clients.

Do you need assistance in setting up a command for the master to pull the mksysb from the client?

Basically, you must first remove the old mksysb resource with "nim -o remove mksysb_resource_name".
Attention: This does not remove the old image from disk, so if you're giving a new name to your resources at every run (I don't recommend this, why should one do it this way?) remove it from disk manually.

Next, create a new mksysb resource and populate it by pulling the image from the client in one run:

nim -o define -t mksysb -F -a server=master -a location=/directory/path -a mk_image=yes -a source=your_client_node mksysb_resource_name

Of course you can also use "smitty nim_mkres -> mksysb" for the above.

Have fun with NIM! It's a true challenge, but that's what it makes really interesting!

wmp
0
 

Author Closing Comment

by:sminfo
ID: 35164087
What did you say Fun?  jeee.. Please, I've spent  a week with this.. and today I found this workaround to the NFS error on nim...

https://www.ibm.com/developerworks/forums/thread.jspa?messageID=14556339

I'm  testing again to create the SPOT from the mksysb to install a new LPAR..
Thanks WMP
0
 
LVL 68

Expert Comment

by:woolmilkporc
ID: 35164143
Strange "workaround"!

I can remember old 4.2 days and even back then NIM did not like its filesystems in /etc/exports, it insisted on doing all the NFS stuff on its own instead.
Funny that this behaviour is called "new" in your article!

If you do employ NIM it's very, very good practice letting it do ALL the work instead of playing around with homemade tricks.

Thx for the points!

wmp
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

This tech tip describes how to install the Solaris Operating System from a tape backup that was created using the Solaris flash archive utility. I have used this procedure on the Solaris 8 and 9 OS, and it shoudl also work well on the Solaris 10 rel…
My previous tech tip, Installing the Solaris OS From the Flash Archive On a Tape (http://www.experts-exchange.com/articles/OS/Unix/Solaris/Installing-the-Solaris-OS-From-the-Flash-Archive-on-a-Tape.html), discussed installing the Solaris Operating S…
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
In a previous video, we went over how to export a DynamoDB table into Amazon S3.  In this video, we show how to load the export from S3 into a DynamoDB table.

829 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question