Storage Foundation 7.2 Configuration and Upgrade Guide - Solaris

Last Published:
Product(s): InfoScale & Storage Foundation (7.2)
Platform: Solaris
  1. Section I. Introduction and configuration of Storage Foundation
    1. Introducing Storage Foundation
      1. About Storage Foundation
        1.  
          About Veritas Replicator Option
      2.  
        About Veritas InfoScale Operations Manager
      3.  
        About Veritas Services and Operations Readiness Tools (SORT)
    2. Configuring Storage Foundation
      1.  
        Configuring Storage Foundation using the installer
      2. Configuring SF manually
        1. Configuring Veritas Volume Manager
          1.  
            Starting and enabling the configuration daemon
          2.  
            Starting the volume I/O daemon
          3.  
            Using vxinstall to configure Veritas Volume Manager
        2. Configuring Veritas File System
          1.  
            Loading and unloading the file system module
          2.  
            vxtunefs command permissions and Cached Quick I/O
      3.  
        Configuring SFDB
  2. Section II. Upgrade of Storage Foundation
    1. Planning to upgrade Storage Foundation
      1.  
        About the upgrade
      2.  
        Supported upgrade paths
      3. Preparing to upgrade SF
        1.  
          Getting ready for the upgrade
        2.  
          Creating backups
        3. Pre-upgrade planning for Volume Replicator
          1. Planning an upgrade from the previous VVR version
            1.  
              Planning and upgrading VVR to use IPv6 as connection protocol
          2.  
            Additional settings for using VVR in a localized environment
        4.  
          Verifying that the file systems are clean
        5.  
          Upgrading the array support
      4.  
        Using Install Bundles to simultaneously install or upgrade full releases (base, maintenance, rolling patch), and individual patches
    2. Upgrading Storage Foundation
      1. Upgrading Storage Foundation to 7.2 using the product installer
        1.  
          Upgrading Storage Foundation with the product installer
      2. Upgrading Volume Replicator
        1. Upgrading VVR without disrupting replication
          1.  
            Upgrading VVR on the Secondary
          2.  
            Upgrading VVR on the Primary
      3.  
        Upgrading language packages
      4.  
        Upgrading SFDB
    3. Performing an automated SF upgrade using response files
      1.  
        Upgrading SF using response files
      2.  
        Response file variables to upgrade SF
      3.  
        Sample response file for SF upgrade
    4. Upgrading SF using Boot Environment upgrade
      1.  
        About ZFS Boot Environment (BE) upgrade
      2.  
        Supported upgrade paths for Boot Environment upgrade
      3. Performing Boot Environment upgrade on Solaris 11 systems
        1.  
          Creating a new Solaris 11 BE on the primary boot disk
        2.  
          Upgrading SF using the installer for upgrading BE on Solaris 11
        3.  
          Completing the SF upgrade on BE on Solaris 11
        4.  
          Verifying Solaris 11 BE upgrade
        5. Administering BEs on Solaris 11 systems
          1.  
            Reverting to the primary BE on a Solaris 11 system
      4.  
        About Live Upgrade in a Volume Replicator (VVR) environment
    5. Performing post-upgrade tasks
      1.  
        Optional configuration steps
      2.  
        Recovering VVR if automatic upgrade fails
      3.  
        Resetting DAS disk names to include host name in FSS environments
      4.  
        Upgrading disk layout versions
      5.  
        Upgrading VxVM disk group versions
      6.  
        Updating variables
      7.  
        Setting the default disk group
      8. Upgrading the Array Support Library
        1.  
          Adding JBOD support for storage arrays for which there is not an ASL available
        2. Unsuppressing DMP for EMC PowerPath disks
          1.  
            Converting a foreign disk to auto:simple
          2.  
            Converting a defined disk to auto:simple
          3.  
            Converting a powervxvm disk to auto:simple
      9.  
        Converting from QuickLog to Multi-Volume support
      10.  
        Verifying the Storage Foundation upgrade
  3. Section III. Post configuration tasks
    1. Performing configuration tasks
      1.  
        Changing root user into root role
      2.  
        Installing language packages
      3.  
        Switching on Quotas
      4.  
        Enabling DMP support for native devices
      5. About configuring authentication for SFDB tools
        1.  
          Configuring vxdbd for SFDB tools authentication
  4. Section IV. Configuration and Upgrade reference
    1. Appendix A. Installation scripts
      1.  
        Installation script options
      2.  
        About using the postcheck option
    2. Appendix B. Configuring the secure shell or the remote shell for communications
      1.  
        About configuring secure shell or remote shell communication modes before installing products
      2.  
        Manually configuring passwordless ssh
      3.  
        Setting up ssh and rsh connection using the installer -comsetup command
      4.  
        Setting up ssh and rsh connection using the pwdutil.pl utility
      5.  
        Restarting the ssh session
      6.  
        Enabling and disabling rsh for Solaris

Manually configuring passwordless ssh

The ssh program enables you to log into and execute commands on a remote system. ssh enables encrypted communications and an authentication process between two untrusted hosts over an insecure network.

In this procedure, you first create a DSA key pair. From the key pair, you append the public key from the source system to the authorized_keys file on the target systems.

Figure: Creating the DSA key pair and appending it to target systems illustrates this procedure.

Figure: Creating the DSA key pair and appending it to target systems

Creating the DSA key pair and appending it to target systems

Read the ssh documentation and online manual pages before enabling ssh. Contact your operating system support provider for issues regarding ssh configuration.

Visit the Openssh website that is located at: http://www.openssh.com/ to access online manuals and other resources.

To create the DSA key pair

  1. On the source system (sys1), log in as root, and navigate to the root directory.
    sys1 # cd /
  2. Make sure the /.ssh directory is on all the target installation systems (sys2 in this example). If that directory is not present, create it on all the target systems and set the write permission to root only:

    Solaris 11:

    sys2 # mkdir /root/.ssh

    Change the permissions of this directory, to secure it.

    Solaris 11:

    sys2 # chmod go-w /root/.ssh
  3. To generate a DSA key pair on the source system, type the following command:
    sys1 # ssh-keygen -t dsa

    System output similar to the following is displayed:

    Generating public/private dsa key pair.
Enter file in which to save the key (//.ssh/id_dsa):

    For Solaris 11:

    Your identification has been saved in /root/.ssh/id_dsa.
Your public key has been saved in /root/.ssh/id_dsa.pub.
  4. Press Enter to accept the default location of /.ssh/id_dsa.
  5. When the program asks you to enter the passphrase, press the Enter key twice.
    Enter passphrase (empty for no passphrase):

    Do not enter a passphrase. Press Enter.

    Enter same passphrase again:

    Press Enter again.

To append the public key from the source system to the authorized_keys file on the target system, using secure file transfer

  1. Make sure the secure file transfer program (SFTP) is enabled on all the target installation systems (sys2 in this example).

    To enable SFTP, the /etc/ssh/sshd_config file must contain the following two lines:

    PermitRootLogin           yes
  Subsystem          sftp      /usr/lib/ssh/sftp-server
  2. If the lines are not there, add them and restart ssh.

    To restart ssh on Solaris 11, type the following command:

  3. From the source system (sys1), move the public key to a temporary file on the target system (sys2).

    Use the secure file transfer program.

    In this example, the file name id_dsa.pub in the root directory is the name for the temporary file for the public key.

    Use the following command for secure file transfer: 

    sys1 # sftp sys2

    If the secure file transfer is set up for the first time on this system, output similar to the following lines is displayed:

    Connecting to sys2 ...
The authenticity of host 'sys2 (10.182.00.00)' 
can't be established. DSA key fingerprint is
fb:6f:9f:61:91:9d:44:6b:87:86:ef:68:a6:fd:88:7d.
Are you sure you want to continue connecting (yes/no)?
  4. Enter yes.

    Output similar to the following is displayed:

    Warning: Permanently added 'sys2,10.182.00.00' 
(DSA) to the list of known hosts.
root@sys2 password:
  5. Enter the root password of sys2.
  6. At the sftp prompt, type the following command:
    sftp> put /.ssh/id_dsa.pub

    The following output is displayed:

    Uploading /.ssh/id_dsa.pub to /id_dsa.pub
  7. To quit the SFTP session, type the following command:
    sftp> quit
  8. To begin the ssh session on the target system (sys2 in this example), type the following command on sys1:
    sys1 # ssh sys2

    Enter the root password of sys2 at the prompt:

    password:
  9. After you log in to sys2, enter the following command to append the id_dsa.pub file to the authorized_keys file:
    sys2 # cat /id_dsa.pub >> /.ssh/authorized_keys
  10. After the id_dsa.pub public key file is copied to the target system (sys2), and added to the authorized keys file, delete it. To delete the id_dsa.pub public key file, enter the following command on sys2:
    sys2 # rm /id_dsa.pub
  11. To log out of the ssh session, enter the following command:
    sys2 # exit
  12. Run the following commands on the source installation system. If your ssh session has expired or terminated, you can also run these commands to renew the session. These commands bring the private key into the shell environment and make the key globally available to the user root:
    sys1 # exec /usr/bin/ssh-agent $SHELL
sys1 # ssh-add
      Identity added: //.ssh/id_dsa

    This shell-specific step is valid only while the shell is active. You must execute the procedure again if you close the shell during the session.

To verify that you can connect to a target system

  1. On the source system (sys1), enter the following command:
    sys1 # ssh -l root sys2 uname -a

    where sys2 is the name of the target system.

  2. The command should execute from the source system (sys1) to the target system (sys2) without the system requesting a passphrase or password.
  3. Repeat this procedure for each target system.