Académique Documents
Professionnel Documents
Culture Documents
TABLE OF CONTENTS
Foreword . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .5
Scope and Intended Audience . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Product Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Your Comments . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Typeface Conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Notes, Tips and Warnings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 5 5 6 6
Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .7
Appropriate Environments for AVE . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8 Limits and Thresholds. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10 Important Terms and Concepts. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11 Avamar . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11 VMware. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
TABLE OF CONTENTS Run ave-post-1.2.sh . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30 Update the Message Of The Day (MOTD) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31 Post-Install Tasks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31 Troubleshooting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32
Postinstallation Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 46
Obtain and Install a Server License . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 46 Modify the Default Schedule . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51 Configure Replication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51 Back Up Configuration Files. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52 Change Avamar Passwords. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52 Configure and Enable the Email Home Feature . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 62 Modify mcserver.xml Email Home Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 63 Configure and Enable the High Priority Events Profile . . . . . . . . . . . . . . . . . . . . . . . 64 Add a Custom Security Notification to Web Login Pages . . . . . . . . . . . . . . . . . . . . . . . . 65 Review AVE Best Practices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 66
FOREWORD
Scope and Intended Audience
Scope. This publication describes how to remotely set up, configure and install all supported configurations of Avamar Virtual Edition v1.2. Intended Audience. The information in this publication is intended primarily for persons responsible for configuring and installing new Avamar Virtual Edition servers for use at customer sites. That person must have knowledge of VMware administration (ESX Server, in particular), including the creation of a Virtual Machine Disk Format (VMDK) environment.
Product Information
For current documentation, release notes, software updates, as well as information about EMC products, licensing and service, go to the EMC Powerlink web site at http://Powerlink.EMC.com.
Your Comments
Your suggestions will help us continue to improve the accuracy, organization and overall quality of the user publications. Please send your opinion of this document to: SSGDocumentation@emc.com Please include the following information: Product name and version Document name, part number and revision (for example, A01) Page numbers Other details that will help us address the documentation issue
Typeface Conventions
The following table provides examples of standard typeface styles used in this publication to convey various kinds of information.
EXAMPLE DESCRIPTION
Bold text denotes actual Graphical User Interface (GUI) buttons, commands, menus and options (any GUI element that initiates action). Also note in the second example that sequential commands are separated by a greater-than (>) character. In this example, you are being instructed to select the Close command from the File menu.
Bold fixed-width text denotes shell commands that must be entered exactly as they appear in this publication. All caps text often denotes a placeholder (token) for an actual value that must be supplied by the user. In this example, FILE would be an actual filename. Regular (not bold) fixed-width text denotes command shell messages. It is also used to list code and file contents.
Installation Complete.
TIP: This is a tip. Tips present optional information intended to improve your productivity or otherwise enhance your experience with our product. Tips never contain information that will cause a failure if ignored.
NOTE: This is a general note. Notes contain ancillary information intended to clarify a topic or procedure. Notes never contain information that will cause a failure if ignored.
INTRODUCTION
EMC Avamar Virtual Edition (AVE) is a single-node non-RAIN (Redundant Array of Independent Nodes) Avamar server that runs as a virtual machine in a VMware ESX Server (3x) environment. It integrates the latest version of Avamar software with Red Hat Enterprise Linux RHEL4.6 as a VMware virtual machine. AVE is similar to existing single-node Avamar offerings on physical machines in the following ways: Runs autonomously as a target for all Avamar client backups. Perfoms replication to a physical Avamar system or another AVE. The AVE virtual machine cannot be configured as an access or accelerator node. Configurations. AVE is available in three configurations: 0.5 TB, 1 TB and 2 TB licensed capacity. It is not scalable; that is, expansion to a multinode Avamar server is not supported. You can increase storage capacity by deploying additional AVEs and dividing backups among them. See the EMC Avamar Compatibility and Interoperability Matrix on the EMC Powerlink web site at http://Powerlink.EMC.com for a complete list of supported ESX Server/AVE configuration scenarios. Installation. Installation of AVE is intended to be done by EMC-trained personnel. Server hardware and the virtual environment must meet resource capability benchmarks according to results from the AVE Performance Assurance Tool (PAT). This tool also simulates the load imposed on the ESX Server so that the customer can gauge the potential impact on the targeted ESX Server. IMPORTANT: The AVE PAT must be run for a minimum of 24 hours prior to sale. Also, this tool must be run at the beginning of the installation process. It is included in the product installation package. For presales purposes, download it from the following Avamar FTP site. ftp://ave_user:avamar@ftp.avamar.com/AVD-1.0
Appropriate Environments for AVE INTRODUCTION Compatibility. AVE supports VMware guest, console and VCB backup clients. Integration with VMware VMotion is supported. Direct Attached Storage (DAS) and Storage Area Network (SAN) are supported. Tapeout is not supported. Typical Avamar software upgrades are supported except in those cases that require a new operating system. In such cases, migration is required.
Appropriate Environments for AVE INTRODUCTION Use the following change rate and capacity data to make this determination:
CUSTOMER ENVIRONMENT CONFIGURATION FILE SERVER MIXED
0.5 TB AVE Required average amount of data added daily (Max. Change Rate)
Less than 2 GB per day For example, this change rate corresponds to 650 GB of 100% file server data capacity or 0.3% daily change rate. See note that follows.
Less than 5 GB per day For example, this change rate corresponds to 500 GB of less than 20% Microsoft Exchange or SQL Server database data and greater than 80% file server data capacity. That is 3% daily change rate for Exchange and SQL Server data, 0.3% for file server data or 1% overall. See note that follows. Less than 10 GB per day For example, this change rate corresponds to 1.0 TB of less than 20% Microsoft Exchange or SQL Server database data and greater than 80% file server data capacity. That is 3% daily change rate for Exchange and SQL Server data, 0.3% for file server data or 1% overall. See note that follows. Less than 20 GB per day
1.0 TB AVE Required average amount of data added daily (Max. Change Rate)
Less than 4 GB per day For example, this change rate corresponds to 1.3 TB of 100% file server data capacity or 0.3% daily change rate. See note that follows.
2.0 TB AVE Required average amount of data added daily (Max. Change Rate)
NOTE: Actual results depend on retention policy and actual data change rate. If the daily change rate is greater than 5 GB per day for a 0.5 TB configuration, 10 GB per day for a 1.0 TB configuration or 20 GB for a 2.0 TB configuration, deployment of a single-node AVE or Avamar software on a qualified physical server node is required.
10
Avamar
Node. The primary building block in any Avamar system is a node. Each node is a self-contained, network-addressable server that runs Avamar software and the Linux operating system on a virtual machine. Single-Node Server. Single-node Avamar servers combine all the features and functions of Avamar software on a single node. Multinode implementations of Avamar servers are capable of subdividing these features into utility and storage nodes. AVE does not support this type of scalable multinode configuration.
VMware
COS. Console Operating System refers to the core VMware ESX Server operating system and root console. COS may also refer to the ESX Service Console. ESX Server Farm. storage. A logical grouping of VMware ESX Servers that share
RDM. Raw disk mapping is a construct that maps a virtual disk to a pass-through SCSI device. VIN. Virtual infrastructure node is a VMware licensing bundle that includes licenses for ESX Server, VMotion and VSMP, and a VirtualCenter node license. VMware ESX Server. VMware ESX Server is the foundation for delivering virtualization-based distributed service to IT environments. A core building block of VMware Infrastructure, ESX Server is a virtualization layer that abstracts processor, memory, storage and networking resources into multiple virtual machines running side-by-side on the same server. VMware Virtual Machine File System (VMFS). VMware VMFS (Virtual Machine File System) is a high-performance cluster file system for ESX Server virtual machines. Each virtual machine is encapsulated in a small set of files and VMFS is the default storage system for these files on physical SCSI disks and partitions. VirtualCenter Management Server. VirtualCenter delivers centralized management, operational automation, resource optimization and high availability to IT environments. VMware Virtual Machine. Representation of a physical machine by software. A virtual machine has its own set of virtual hardware (such as RAM, CPU, NIC and hard disks) upon which an operating system and applications are loaded. The operating system sees a consistent, normalized set of hardware regardless of the actual physical hardware components. VMware virtual machines contain advanced AVAMAR VIRTUAL EDITION 1.2 SYSTEM INSTALLATION MANUAL 11
Important Terms and Concepts INTRODUCTION hardware features such as 64-bit computing and virtual symmetric multiprocessing. Virtual machines are designated to a particular Host, Cluster or Resource Pool and a Datastore when they are created. A virtual machine consumes resources like a physical appliance consumes electricity. While in powered-off, suspended or idle state, it consumes no resources. Once poweredon, it consumes resources dynamically by using more as the workload increases and returning them as the workload decreases. Virtual Infrastructure Client (VI Client). An interface that allows administrators and users to connect remotely to the VirtualCenter Management Server or individual ESX Server installations from any Windows platform. Virtual Infrastructure Web Access. A web interface for virtual machine management and remote consoles access. VMware Consolidated Backup. VMware Consolidated Backup provides an easy to use, centralized facility for LAN-free backup of virtual machines. A set of drivers and scripts enable virtual machine disk contents to be backed up from a centralized Windows Server 2003 proxy server rather than directly from the ESX Server. Host. The virtual representation of the computing and memory resources of a physical machine that runs the ESX Server. Cluster. The aggregate computing and memory resources when one or more physical machines are grouped together to work and be managed as a whole. Machines can be dynamically added or removed from a cluster. Resource Pool. Computing and memory resources from hosts and clusters can be finely partitioned into a hierarchy of resource pools. Datastore. Virtual representations of combinations of underlying physical storage resources in the data center. These physical storage resources can be provisioned from the local SCSI disks of the server, Fibre Channel SAN disk arrays, iSCSI SAN disk arrays or Network Attached Storage (NAS) arrays. Networks. In the virtual environment, networks connect virtual machines to each other or to the physical network outside of the virtual data center.
12
PREINSTALLATION REQUIREMENTS
The Avamar Virtual Edition (AVE) consists of a single-node Avamar server (nonRAIN) with 0.5 TB, 1.0 TB or 2.0 TB licensed capacity that runs on a VMware ESX Server virtual machine. The 0.5 TB AVE is installed into four partitions: One operating system partition (60 GB) Three storage partitions (250 GB each) The 1.0 TB AVE is installed into seven partitions: One operating system partition (60 GB) Six storage partitions (250 GB each) The 2.0 TB AVE is installed into 13 partitions: One operating system partition (60 GB) 12 storage partitions (250 GB each) NOTE: 1 GB is defined here as 230 bytes = 10243 bytes. AVE is a single-node implementation that must be installed in a customerprovided location. Before installation, ensure the preinstallation requirements in this chapter are met.
Hardware Requirements
The following table lists the physical hardware requirements that must be fulfilled before installation of Avamar Virtual Edition:
REQUIREMENT DESCRIPTION
System
Sized and configured such that AVE does not negatively impact the system. That requires a multiprocessor CPU (3.0 GHz or higher). At least 1 GbE capability 13
Network Connection
Processor Memory
2 CPUs
0.5 TB CONFIGURATION
3072 MB
1.0 TB CONFIGURATION
4096 MB
2.0 TB CONFIGURATION
16384 MB IMPORTANT: There must be enough physical memory on the ESX host to accommodate minimum requirements for the AVE, as well as the memory requirements for other guests, including the hypervisor and console services.
14
Minimum Storage I/O Performance NOTE: These metrics are measured by the benchmark tool, which must have been run satisfactorily before AVE installation. Refer to Benchmark Testing (page 17).
0.5 TB CONFIGURATION
Sequential Read: 60 MB/sec Sequential Write: 30 MB/sec Seek (4 threads/LUN): Throughput: 400 seeks/sec Minimal throughput: 320 seeks/sec
Sequential Read: 75 MB/sec Sequential Write: 60 MB/sec Seek (4 threads/LUN): Throughput: 400 seeks/sec Minimal throughput: 320 seeks/sec
1.0 TB CONFIGURATION
Sequential Read: 80 MB/sec Sequential Write: 40 MB/sec Seek (4 threads/LUN): Throughput: 500 seeks/sec Minimal throughput: 400 seeks/sec
Sequential Read: 100 MB/sec Sequential Write: 80 MB/sec Seek (4 threads/LUN): Throughput: 500 seeks/sec Minimal throughput: 400 seeks/sec
2.0 TB CONFIGURATION
Sequential Read: 150 MB/sec Sequential Write: 120 MB/sec Seek (4 threads/LUN): Throughput: 500 seeks/ sec Minimal throughput: 400 seeks/sec Network Connection VMware Environment 1 GbE network connection
Sequential Read: 150 MB/sec Sequential Write: 120 MB/ sec Seek (4 threads/LUN): Throughput: 500 seeks/ sec Minimal throughput: 400 seeks/sec
See the EMC Avamar Compatibility and Interoperability Matrix on the EMC Powerlink web site at http://Powerlink.EMC.com for a complete list of supported ESX Server/AVE configuration scenarios. VMware Tools installed (during AVE installation) VMotion supported
15
Additional Requirements
Before installation, obtain the following items:
REQUIREMENT DESCRIPTION
PuTTY, WinSCP and VMware Virtual Infrastructure Client AVE Package, operating system security patches (if applicable) Customer Number (Customer ID), Reference ID (Asset Reference ID) Hostnames, IP addresses for: Avamar node to be installed Network Time Protocol (NTP) server Domain Name System (DNS) server SMTP server
Gateway, netmask and domain of the Avamar node to be installed Firewall openings (if appropriate) NOTE: Refer to the Avamar Product Security Manual for basic client-server data port usage and firewall requirements.
16
BENCHMARK TESTING
Before installation of Avamar Virtual Edition (AVE), a benchmark test must be run to ensure that AVE can function at an acceptable level in the virtual environment. This chapter describes how to set up, start and end the testing. There are two purposes for this test: To ensure AVE runs in an environment with acceptable I/O performance. To stress virtual machine resources to determine whether the impact of running AVE is acceptable to other applications on the ESX Server. IMPORTANT: Before running the benchmark test, warn the customer that the test will induce a high load on the host ESX Server. Also, occasionally monitor the ESX Servers performance while the tool is running to determine whether the stress on resources continues to be acceptable. If not, end the test immediately by following the instructions in Ending Benchmark Testing (page 24).
Task List Evaluating the virtual environment requires the following tasks:
Preparing the Virtual Machine (page 18) Running ave-part-XX.sh (page 19) Running netconfig (page 20) Running dpnnetutil (page 21) Installing VMware Tools (page 23) Running Benchmark Testing (page 23) Ending Benchmark Testing (page 24) Analyzing Benchmark Results (page 25) Finalizing Benchmark Testing (page 27)
17
3. Log in as admin user. 4. Click File > Virtual Appliance > Import. 5. Select Import from File and browse to the AVE virtual machine file (OVF extension). Use the wizard to complete installation of the OVF file. A "Completed Successfully" message indicates the end of the installation process.
6. Select the AVE virtual machine you imported. 7. Right-click the AVE virtual machine and choose Edit Settings. The Virtual Machine Properties window appears. 8. Create additional 250 GB hard drives (VMDKs) for the AVE virtual machine. (a) Click Add. The Add Hardware Wizard appears. (b) Select Hard Disk. (c) Click Next. (d) Select Create a new virtual disk. (e) Click Next. (f) Enter 250 GB for Disk Size. (g) Set a Location, either Store with virtual machine or Specify a datastore. (h) If you set Store with virtual machine, go to step k. If not, click Browse and go to step i. (i) In the Browse for Datastore window, navigate to the desired datastore location. (j) Click OK. (k) Click Next. (l) Select Independent for Mode (use the default setting for Persistent). (m)Click Next. (n) Verify the configuration and click Finish.
18
Running ave-part-XX.sh BENCHMARK TESTING (o) Repeat steps a through n. For a 0.5 TB configuration, repeat two more times (for a total of three 250GB hard drives). For a 1.0 TB configuration, repeat five more times (for a total of six 250GB hard drives). For a 2.0 TB configuration, repeat 11 more times (for a total of 12 250 GB hard drives). (p) Click OK. (q) In the Recent Tasks status area (bottom of screen), observe the progress of the hard drive creation. When the status of the Reconfigured Virtual Machine is Completed, go to step 9. 9. In the Commands section of the Virtual Infrastructure Client, click Power On. This command boots the virtual machine. NOTE: An insufficient licensing message at this point might indicate either a shortage of ESX Server licenses or an inability to connect to a license server. Resolve this problem with your network administrator. 10. Read the Virtual Machine Message that appears. 11. Select Create and click OK.
Running ave-part-XX.sh
1. In the Virtual Infrastructure Client, click the Console tab. TIP: Sometimes, the Console tab must be "activated." Do this by clicking in the middle of the Console to put it into command mode. Press CTRL+ALT to regain mouse control.
IMPORTANT: All remaining instructions in this procedure assume that you are logged in to the guest, and not to the ESX Server.
Guest User=root
2. Log in to the guest as user root. When prompted for a password, enter the root password and press ENTER.
19
Running netconfig BENCHMARK TESTING 3. Configure the virtual hard drives by entering the following: /root/ave-part-XX.sh 2>&1 | tee /tmp/ave-part.log Where XX is either: HT - 0.5 TB installation 1TB - 1.0 TB installation 2TB - 2.0 TB installation 4. Wait until all actions are completed. The following actions are performed on each hard drive created in the previous procedure: Partitions the hard drives Creates the filesystems Labels the filesystems Mounts the filesystems Modifies /etc/fstab Creates symbolic links After these actions are completed, Script Completed appears in your command shell.
Running netconfig
IMPORTANT: All instructions in this procedure assume that you are logged in to the guest and not the ESX Server.
Guest User=root
1. On the Virtual Infrastructure Client Console tab, log into the guest as root user. When prompted for a password, enter the root password and press ENTER. 2. Configure the basic networking capabilities of the node (eth0 network interface) by entering the following on a single command line: /usr/sbin/netconfig --ip=STATIC-IP-ADDR --netmask=NETMASK --hostname=HOSTNAME --domain=DOMAIN --device=eth0 --gateway=GATEWAY Where STATIC-IP-ADDR, NETMASK, HOSTNAME, DOMAIN and GATEWAY are the static IP address, netmask, hostname, domain and gateway settings for this node, respectively, as provided by the customer. 3. Restart the network service by entering: service network restart 4. Verify the preceding data by entering: ifconfig
20
Running dpnnetutil BENCHMARK TESTING 5. Verify basic network configuration of eth0 by entering: ping STATIC-IP-ADDR Where STATIC-IP-ADDR is the static IP address you defined in step 2.
Running dpnnetutil
IMPORTANT: All instructions in this procedure assume that you are logged in to the guest, and not to the ESX Server.
Guest User=root
1. From the Virtual Infrastructure Client, login to the guest console. When prompted for a password, enter the root password and press ENTER. 2. Start the dpnnetutil utility by entering: dpnnetutil The following information might appear in your command shell:
Use existing dpnnetutil configuration file "/usr/local/avamar/var/ dpnnetutil.conf" dated DATE?
Where DATE is the actual dpnnetutil.conf file modification date. This command runs the dpnnetutil interactive utility. Navigation tips for dpnnetutil dialog boxes: The TAB key and the arrow keys can be used to navigate among buttons, text data entry fields, checkboxes and any other selectable elements in a dialog box. The spacebar or the ENTER key can be pressed in order to select an element such as YES, NO, OK, CANCEL and checkbox. Pressing the ENTER key in a text data entry field is a shortcut for navigating to and then selecting the OK button. 3. Choose NO. The following information appears in your command shell:
Is this a single-node server?
Where OLD-IP-ADDRESS is the current IP address assigned to this server. 5. Enter the new IP address for this server and choose OK. The following information appears in your command shell:
Please enter the new host name (without the dotted domain) for the single-node server whose new IP address is NEW-IP-ADDRESS and whose old IP address is OLDIP-ADDRESS.
21
Running dpnnetutil BENCHMARK TESTING 6. Enter the new hostname for this server and choose OK. The following information appears in your command shell:
Please enter the name of the parent domain.
7. Enter the correct DNS domain name for this server and choose OK. The following information appears in your command shell:
Please enter the IP address of the primary DNS resolver.
8. Enter the correct IP address for your primary DNS resolver and choose OK. The following information appears in your command shell:
Please enter the IP address of the secondary DNS resolver.
9. Enter the correct IP address for your secondary DNS resolver and choose OK. The following information appears in your command shell:
Please enter the network mask to be used for network interface eth0.
10. Enter the correct network mask for the server eth0 NIC and choose OK. The following information appears in your command shell:
Please enter the default network gateway address.
11. Enter the correct IP address for the default network gateway this server will be using and choose OK. The following information appears in your command shell:
Accept settings and proceed to fix up the network configurations?
12. Choose YES. 13. Read the displayed message and choose OK. 14. Monitor the progress of changes being applied to the node by entering: tail -f /usr/local/avamar/var/log/dpnnetutilbgaux.log Wait until the log entry "INFO: Done" appears. 15. Reboot the guest virtual machine by entering: reboot NOTE: Check and update as necessary the configurations of the external network infrastructure elements (switches and firewalls) to ensure that the node will remain reachable after they have been assigned new IP addresses or new default network gateways. In particular, VLANs and ACLs might need to be updated.
22
3. On the Console tab, log in as user root. 4. Finish installing the VMware Tools by entering the following: mount /dev/cdrom /mnt rpm -ivh /mnt/VMwareTools-VERSION.rpm cd umount /mnt vmware-config-tools.pl Where VERSION is the version of ESX Server VMware Tools on your computer. A sequence of information will appear. Accept the default prompts for all queries except the following: The configuration file /etc/X11/xorg.conf can not be found. Do you want to create a new one? (yes/no) [yes] no Select no. 5. Reboot the virtual machine by entering the following: reboot
1. On the Virtual Infrastructure Client Console tab, log in to the guest as root user. IMPORTANT: All remaining instructions in this procedure assume that you are logged in to the guest, and not to the ESX Server.
23
Ending Benchmark Testing BENCHMARK TESTING 2. Run the benchmark testing by entering: /root/24hr-benchmark.sh The test runs for 24 hours unless you manually end it (see next section). This command also copies operational status data to a log file. IMPORTANT: Occasionally while the test is running, monitor the hosting ESX Servers performance. If the stress on resources is unacceptable, end the test with the instructions in the next section. 3. Save test results by entering: cd /root tar cvf CUSTOMERNAME_benchmark-results.tar YYYYMMDD_benchmark Where YYYYMMDD_benchmark is the directory that was automatically created in step 2.
1. To end the benchmark test, enter the following on the Virtual Infrastructure Client Console tab. /root/kill-benchmark.sh 2. Wait for at least 30 seconds, and then enter: ps -ax | grep benchmark Blank output indicates the test has been stopped. 3. Delete data from the directory created in step 2 of the previous section.
24
TOTAL MINIMAL WRITE THROUGHPUT (24.9315 * 6): 149.589 MB / Second write TOTAL MINIMAL READ THROUGHPUT (25.0609 * 6): 150.3654 MB / Second write TOTAL WRITE THROUGHPUT (SUM): 150.9097 MB / Second write TOTAL READ THROUGHPUT (SUM):
163.8883 MB / Second read
25
Analyzing Benchmark Results BENCHMARK TESTING 0.5 TB Configuration. Minimum acceptable benchmark results are:
FILE SERVER DATA VALUE MIXED DATA VALUE
CONDITIONS
Total Minimal Read Throughput Total Read Throughput Total Minimal Write Throughput Total Write Throughput Total Seek Minimal Throughput for 4 Threads Total Seek Throughput for 4 Threads 1.0 TB Configuration.
CONDITIONS
Total Minimal Read Throughput Total Read Throughput Total Minimal Write Throughput Total Write Throughput Total Seek Minimal Throughput for 4 Threads Total Seek Throughput for 4 Threads 2.0 TB Configuration.
100 MB/sec 100 MB/sec 80 MB/sec 80 MB/sec 400 seeks/sec 500 seeks/sec
CONDITIONS
Total Minimal Read Throughput Total Read Throughput Total Minimal Write Throughput Total Write Throughput Total Seek Minimal Throughput for 4 Threads Total Seek Throughput for 4 Threads
150 MB/sec 150 MB/sec 120 MB/sec 120 MB/sec 400 seeks/sec 500 seeks/sec
150 MB/sec 150 MB/sec 120 MB/sec 120 MB/sec 400 seeks/sec 500 seeks/sec
From the previous tables, determine whether the I/O performance is sufficient for the file server or mixed environment. If benchmark testing does not yield satisfactory results, attempt to resolve I/O issues.
26
the data on the virtual machine. To do this, enter the following command in the Virtual Infrastructure Client Console tab as user root: /usr/local/avamar/bin/dtsh --cleanup
If minimum acceptable benchmark results cannot be achieved, you must delete the virtual machine by performing the following. IMPORTANT: Do not perform the following procedure if benchmark results are satisfactory. In that case, continue installing AVE in Avamar Virtual Edition Installation (page 28).
Guest User=root
1. Log in as root user. 2. On the Virtual Infrastructure Client Console tab, enter: poweroff 3. In left pane, right-click the virtual machine you want to remove. 4. Click Delete from Disk.
27
Requirements
To run the avqinstall program, you must have OS admin, root and dpn user privileges. The dpnid key must be available to avqinstall. The avqinstall program uses sudo to run various operations non-interactively as the OS user dpn. The default sudo configuration in Red Hat Enterprise Linux is adequate to permit avqinstall to use sudo because avqinstall runs as the OS root user.
28
Log File
The avqinstall program logs activity to the /usr/local/avamar/var/log/ avqinstall.log file. This log file contains time-stamped information, including: How avqinstall invokes other programs. Standard output and standard error messages from programs invoked by avqinstall. Informational messages about decision-making processes applied by avqinstall. The accuracy of time stamps depends on the accuracy of the system clocks on the Avamar Virtual Edition node. Time stamps on lines of output from other programs usually indicate the completion time of those programs. Output from other programs is first written to a temporary file and then appended to the install.log file. Time stamps are provided in UTC time zone, using a format identical to that used by various server-side tools.
Run avqinstall
Guest User=root
1. Log into the guest as user root on the Virtual Infrastructure Client Console tab. When prompted for a password, enter the root password and press ENTER. 2. Extract and uncompress the Avamar software package by entering: cd /usr/local/avamar/src/ tar -zxvf v4.*.gz 3. To install dpnavqinstall, enter: rpm -ivh RHEL4_64/dpnavq*.rpm Information similar to the following might appear in your command shell:
root@ave:/usr/local/avamar/src/#: rpm -ivh RHEL4_64/dpnavq*.rpm Preparing... 1:dpnavqinstall ########################################### [100%] ########################################### [100%]
29
Install and Configure Server Software AVAMAR VIRTUAL EDITION INSTALLATION 4. Set up the install configuration file: (a) Edit install.conf by using a text editor (vi or emacs): emacs -nw /usr/local/avamar/var/install.conf (b) Set the value for each parameter that applies to your configuration. If a parameter does not apply to your configuration, leave the comment symbol (#). (c) Save the file and exit the editor. Refer to Installation Configuration File (page 29) for more details on the parameters used in the install.conf file. 5. Enter the following command: avqinstall If errors occur during the installation, review the /usr/local/avamar/var/ log/avqinstall.log to determine why the installation did not complete successfully. Resolve any problems, and then rerun avqinstall. 6. Disable the NTP service by performing the following steps. (a) Enter the following commands: chkconfig ntpd off service ntpd stop (b) Verify NTP service has been stopped by entering the following command: service ntpd status
Run ave-post-1.2.sh
Guest User=root
1. On the Virtual Infrastructure Client Console tab, log in as user root. 2. Run the following script: /root/ave-post-1.2.sh 2>&1 | tee /tmp/ave-post.log The following information appears in your command shell:
Setting disk readonly value...DONE Setting disk warning value...DONE Moving original morning_cron_run...DONE Creating morning_cron_run maintenance script...DONE Moving original evening_cron_run...DONE Creating evening_cron_run maintenance script...DONE Checking permissions on /usr/local/avamar/bin/morning_cron_run...DONE Checking permissions on /usr/local/avamar/bin/evening_cron_run...DONE Removing user accounts...DONE Changing permissions on messages file...DONE Changing permissions on mcserver.log.0...DONE Changing permissions on mcserver.log.0.1...DONE Script complete.
30
1. On the Virtual Infrastructure Client Console tab, log in as user root. 2. Issue the following commands: cd /etc cp -p motd x-motd_YYYYMMDD Where YYYYMMDD is the current date. 3. Using a Unix text editor, change the MOTD in the /etc/motd_YYYYMMDD file. The standard text is the following:
This is an Axion-E Node Please read the documentation before performing any administrative functions on this node. For help, email support@avamar.com, go to www.avamar.com, or call 866-928-2627 (866.9.AVAMAR) Avamar: A new breed of Storage Technology
Determination of whether AVE is suitable for a "File Server" or "Mixed" environment is made based on the results of the benchmark test. 4. Exit the command environment. 5. Log in again to the command environment to confirm that the MOTD is correct. 6. Exit the command environment.
Post-Install Tasks
After a successful Avamar server software installation, complete the system setup tasks: 1. Define backup schedules. 2. Register clients. 3. Install client packages (vVERSION-client.tar.gz), if any exist in /usr/local/avamar/src/.
31
Troubleshooting
This section addresses potential problems when running avqinstall.
32
Install and Configure Server Software AVAMAR VIRTUAL EDITION INSTALLATION 2. If either avqinstall or subsystem configuration and startup processes are running: Wait for the processes to complete. Use SIGTERM (kill -TERM) to stop the subsystem configuration or startup program process ids.
33
Overview
Enterprise (or external) authentication provides a mechanism that allows users to log into multiple systems by using the same user ID and password. The Avamar Virtual Edition external authentication feature is not a single-user ID/password login, fully-integrated into an external authentication system on which users are created and managed. Instead, the same user ID must be created on both Avamar Virtual Edition and external systems while the password is set and managed externally. Avamar Login Manager provides access to the external authentication databases through the standard Pluggable Authentication Module (PAM) library of the Linux operating system. Login Manager uses the domains configuration file to identify the supported domains.
Task List To set up and configure Avamar external authentication, you must perform the
following tasks that are applicable for your site: Back Up Configuration Files (page 35) Configure LDAP Interface (page 36) Configure NIS Interface (page 39) Configure Users (page 42)
34
Avamar Components
Avamar Administrator, Avamar Enterprise Manager and Avamar Web Access support external authentication. This capability is not available for Avamar serverlevel administration such as the following: Operating system user accounts: root, admin and dpn Special Avamar system administrative user accounts: MCUser and root
External Systems
The following categories of external authentication systems are supported:
CATEGORY DESCRIPTION
Lightweight Directory Access Protocol (LDAP) Network Information Service (NIS), SUN Yellow Pages (YP)
Hierarchical directory structure X.500 standard system such as: Microsoft Active Directory Service (MS ADS) Novell NDS and eDirectory Flat workgroup-based database structure of user IDs, passwords and other system parameters comparable to Microsoft Windows NT such as: Master NIS Server - Primary Domain Controller (PDC) Slave NIS Servers - Backup Domain Controllers (BDC)
35
LDAP domain name IP address or fully-qualified domain/hostname of the LDAP authentication server Distinguished name (DN) of the user used for LDAP queries Password of DN used for LDAP queries
root user password for Linux operating system admin user password for Linux operating system Avamar system admin username (normally "MCUser") and password
NOTE: If you cannot find ldapsearch, download it from ftp.avamar.com/software. Log in as user "avamar_ftp" with password "anonymous".
Configuring LDAP
User=root
1. Log into the server as user root. When prompted for a password, enter the root password and press ENTER. 2. Open /etc/avamar/domains.cfg in a Unix text editor.
36
Configure LDAP Interface SETTING UP ENTERPRISE AUTHENTICATION (OPTIONAL) 3. Add the following entry in the Customer Specific Domains section, then save the file: DOMAIN=ID Where DOMAIN (format: example.com) is a unique customer-specific LDAP domain used for addressing PAM, and ID is an integer larger than 1. IDs 0 and 1 are reserved for Avamar internal use. IMPORTANT: Step 4 requires the creation of a symbolic link for DOMAIN=ID. Instead of DOMAIN=ID, an existing ldap=3 is available for use (by uncommenting the line). If ldap=3 is used, skip step 4 because the symbolic link already exists. The DOMAIN part of the entry (either ldap or a unique LDAP domain) appears in the Avamar Administrator Authentication System list. The entry of a unique DOMAIN clarifies which LDAP domain is used for external authentication. 4. Create a unique lm_ldap file and symbolically link to it by entering: ln -sf /etc/pam.d/lm_ldap /etc/pam.d/lm_NUMBER Where NUMBER is the LDAP domain ID in step 3. NOTE: Skip this step if ldap=3 was used in step 3.
User=admin
5. Log into the server as user admin. 6. Load the admin OpenSSH key by entering: ssh-agent bash ssh-add ~admin/.ssh/admin_key You are prompted to enter a passphrase. 7. Enter the admin user account passphrase and press ENTER. 8. Confirm the systemname and lmaddr are set up correctly by entering: avmaint config --avamaronly |grep systemname avmaint config --avamaronly |grep lmaddr These commands display the hostname and IP address of the server.
User=root
9. As user root, create a symbolic link from ldap.conf to ldap.conf.winad by entering: ln -sf /etc/ldap.conf.winad /etc/ldap.conf 10. Set correct group ownership and file permissions for ldap.conf by entering: chown root:root /etc/ldap.conf chmod 0600 /etc/ldap.conf
37
Configure LDAP Interface SETTING UP ENTERPRISE AUTHENTICATION (OPTIONAL) 11. Confirm the symbolic link is correctly set up by entering: ls -l /etc/ldap.conf The following information appears in your command shell:
/etc/ldap.conf -> /etc/ldap.conf.winad
12. In a Unix text editor, open /etc/ldap.conf. 13. Modify the following entries, then save the file: host HN-IPADD Where HN-IPADD is the fully-qualified hostname or IP address of your LDAP server. base dc=DOMAIN, dc=com Where DOMAIN is the first part of the LDAP domain name. For example: example.com would be displayed as dc=example, dc=com. binddn cn=PROXYUSER, ou=PROXYUNIT, ou=PROXYORG, dc=DOMAIN, dc=com Where PROXYUSER, PROXYUNIT, PROXYORG and DOMAIN comprise parts of the distinguished name of user used to bind with the LDAP server. Components include: cn - common name ou - organizational or unit name dc - domain For example: Distinguished name avamaruser.users.avamar.emc.com Components: cn=avamaruser, ou=users, ou=avamar, dc=emc, dc=com bindpw PWD Where PWD is the password of the user used to bind with the LDAP server. 14. Restart Login Manager by entering: service lm restart 15. Confirm configuration changes were accepted by entering: avmgr lstd All domains used in Avamar authentication are displayed. 16. Confirm the LDAP server can be queried by entering: ldapsearch -x -W -h HOSTNAME -b dc=DISTINGUISHED_NAME -D cn=VALID_USERNAME, cn=users,dc=DISTINGUISHED_NAME Where HOSTNAME is the hostname or IP address of the LDAP server, dc=DISTINGUISHED_NAME is the domain part of the distinguished name (the two "dc" components) and VALID_USERNAME is a valid user in the LDAP server domain.
38
Configure NIS Interface SETTING UP ENTERPRISE AUTHENTICATION (OPTIONAL) For example: ldapsearch -x -W -h 10.0.100.21 -b dc=aelab01,dc=com -D cn=administrator,cn=users,dc=aelab01,dc=com IMPORTANT: Your command must be entered on a single command line (no line feeds or returns allowed). Space limitations in this publication caused some of the previous commands to continue (wrap) to more than one line. A success message or referral result should be displayed. A failure in communication or authentication indicates a problem.
1. Log into the server as user root. When prompted for a password, enter the root password and press ENTER. 2. Open /etc/avamar/domains.cfg in a Unix text editor. 3. Add the following entry in the Customer Specific Domains section, then save the file: DOMAIN=ID Where DOMAIN (format: example.com) is a unique customer-specific NIS domain used for addressing PAM, and ID is an integer larger than 1. IDs 0 and 1 are reserved for Avamar internal use. IMPORTANT: Step 4 requires the creation of a symbolic link for this entry. Instead of DOMAIN=ID, an existing nis=2 is available for use (by uncommenting the line). If nis=2 is used, skip step 4 because the symbolic link already exists. The DOMAIN part of the entry (either nis or a unique NIS domain) appears in the Avamar Administrator Authentication System list. Entering a unique DOMAIN clarifies which NIS domain is used for external authentication. 4. Create a unique lm_nis file and symbolically link to it by entering: ln -sf /etc/pam.d/lm_nis /etc/pam.d/lm_NUMBER Where NUMBER is the NIS domain ID in step 3. NOTE: If nis=2 was used in step 3, skip this step.
39
Configure NIS Interface SETTING UP ENTERPRISE AUTHENTICATION (OPTIONAL) 5. Set correct group ownership and file permissions for the lm_nis file by entering: chown root:root /etc/pam.d/lm_NUMBER chmod 0600 /etc/pam.d/lm_NUMBER Where NUMBER is the NIS domain ID in step 3. 6. Confirm the symbolic link is correctly set up by entering: ls -l /etc/pam.d/lm_NUMBER Where lm_NUMBER is the file created in step 4. The following information appears in your command shell:
/etc/pam.d/lm_NUMBER -> lm_nis
7. In a Unix text editor, open lm_NUMBER (created in step 4). 8. Modify the following entries, then save the file:
auth required /lib/security/pam_nis.so domain=NISDOMAIN domain=NISDOMAIN account required /lib/security/pam_nis.so
9. Log into the server as user admin. 10. Load the admin OpenSSH key by entering: ssh-agent bash ssh-add ~admin/.ssh/admin_key You are prompted to enter a passphrase. 11. Enter the admin user account passphrase and press ENTER. 12. Confirm the systemname and lmaddr are set up correctly by entering: avmaint config --avamaronly |grep systemname avmaint config --avamaronly |grep lmaddr These commands display the hostname and IP address of the server.
User=root
13. As user root, restart Login Manager by entering: service lm restart 14. With keys loaded, confirm configuration changes were accepted by entering: avmgr lstd All domains used in Avamar authentication are displayed. 15. Open /etc/sysconfig/network in a Unix text editor. 16. Add the following entry, then save the file: NISDOMAIN=DOMAINNAME Where DOMAINNAME is the NIS domain in step 3. 17. Open /etc/yp.conf in a Unix text editor.
40
Configure NIS Interface SETTING UP ENTERPRISE AUTHENTICATION (OPTIONAL) 18. Add the following entry: domain NISDOMAIN server NISSERVERNAME_IP Where NISDOMAIN is the NIS domain in step 3 and NISSERVERNAME_IP is the NIS server hostname or IP address. Examples: domain hq server 122.138.190.3 domain hq server unit.example.com 19. Set ypbind to automatically start by entering: /sbin/chkconfig ypbind on 20. Confirm the previous settings by entering: /sbin/chkconfig --list ypbind The following information appears in your command shell:
ypbind 0:off 1:off 2:off 3:on 4:on 5:on 6:off
Numbers 3, 4 and 5 should be "on". If not, enter: /sbin/chkconfig --level NUMBERS ypbind on Where NUMBERS is a comma-separated list of the numbers you want to set "on" (for example, /sbin/chkconfig --level 3,4 ypbind on). 21. Start the ypbind daemon by entering: service ypbind restart The following information appears in your command shell: Shutting down NIS services: [ OK or FAIL ] Binding to the NIS domain: [ OK ] Listening for NIS domain server: NOTE: Shutting down NIS services can fail if it has not started already. In that case, listening for the NIS domain server should fail because the default NIS domain has not yet been set up. A delay in the start() section is usually required between the ypbind and ypwhich (in next step) commands. 22. Confirm NIS configuration by entering: ypwhich This command displays the IP address or the fully-qualified domain name of the NIS server. ypcat -d NISDOMAIN passwd | grep USER-ID Where NISDOMAIN is the NIS domain in step 3 and USER-ID is the partial or whole name of a user registered in the external authentication system. These commands verify that data can be retrieved from the NIS domain server by returning user login data from the NIS server.
41
Configure Users
1. Start Avamar Administrator. Refer to the Avamar System Administration Manual for instructions on the use of this application. 2. Create the users who require login access to Avamar Virtual Edition. The username must match exactly the user ID on the LDAP or NIS server. Create external users in the proper LDAP or NIS server domain location (for example, the root "/" or other directory like "/clients/"). When creating users, the external domain appears in the Authentication System list. IMPORTANT: The Everyone option (which creates a user called "*") applies the selected permission to all users set up in the external authentication system. Ensure that this is your intention before using it. 3. Confirm the creation of the external users by logging into Avamar Administrator or Avamar Enterprise Manager as the external user. Log in according to the following rules: User ID is followed by @DOMAIN. Where DOMAIN is the LDAP or NIS server domain you specified in step 3 of the previous applicable section. For example: SueV@example.com User password is the same as entered in the external LDAP or NIS system. Domain path is where external users reside (for example, "/clients/"). 4. Back up your configuration files (page 52). IMPORTANT: This step can help avoid the need to reconfigure external authentication at a future date. For instance, an Avamar software upgrade might overwrite configuration files with default values. Resetting external authentication is easier if configuration files are backed up.
42
Troubleshooting
After configuring external authentication, confirm connectivity and name resolution to external authentication systems. If problems occur, use the following information to troubleshoot them.
LDAP Authentication
Ensure you are able to log in as the user ID that is used to query the LDAP directory. That user ID is defined in the domains.cfg file. Ensure the "ou" part of the distinguished name that contains the user ID has no spaces (for example: ou=unit name). Use only supported characters within Avamar when creating and using the external user ID.
NIS Authentication
Use the following commands to check the service status of ypbind and to test whether the NIS database can be queried: service --status-all |grep yp chkconfig --list ypbind ypwhich ypcat Refer to Configure NIS Interface (page 39) for additional information about using these commands.
Authentication Failure
Determine the system in which authentication is failing. Avamar Virtual Edition Authentication failure is normally due to incorrect user ID or domain path. Login Manager Authentication failure is normally due to incorrect configuration. Refer to Debugging Login Manager (page 44) to confirm the external domain is properly defined.
43
Troubleshooting SETTING UP ENTERPRISE AUTHENTICATION (OPTIONAL) Use the following functional block diagram to analyze the flow of external authentication.
Refer to Restoring ldap Configuration After Upgrade (page 45) if external authentication failures occur after an Avamar software upgrade.
1. Log into the server as user root. When prompted for a password, enter the root password and press ENTER. 2. Stop Login Manager by entering: service lm stop 3. Troubleshoot Login Manager by entering: /usr/local/avamar/bin/lm --debug This command runs a script. 4. Collect troubleshooting information by performing the following: (a) In a separate command shell, enter: avmgr lstd (b) In Avamar Administrator, log in as the external user to capture the troubleshooting output. 5. Stop running the lm --debug command by pressing CTRL + C.
44
Troubleshooting SETTING UP ENTERPRISE AUTHENTICATION (OPTIONAL) 6. Restart Login Manager by entering: service lm start 7. Exit the command shell.
1. Log into the server as user root. When prompted for a password, enter the root password and press ENTER. 2. Replace the new ldap.conf.winad file with the rpmsave verion by entering: cd /etc cp -p ldap.conf x-ldap.conf cp -p ldap.conf.rpmsave ldap.conf y The last entry overwrites the file. 3. Replace the new domains.cfg file with the rpmsave version by entering: cd /usr/local/avamar/etc cp domains.cfg x-domains.cfg cp domains.cfg.rpmsave domains.cfg y The last entry overwrites the file. 4. Stop and restart Login Manager by entering: service lm restart 5. Exit the command shell. 6. Log in to confirm that external authentication is restored.
45
POSTINSTALLATION CONFIGURATION
Following installation of the Avamar Virtual Edition, the following postinstallation tasks must be performed:
Task List
Obtain and Install a Server License (page 46) Modify the Default Schedule (page 51) Configure Replication (page 51) Back Up Configuration Files (page 52) Change Avamar Passwords (page 52) Configure and Enable the Email Home Feature (page 62) Add a Custom Security Notification to Web Login Pages (page 65) Review AVE Best Practices (page 66)
1. Log into the guest as user root on the Virtual Infrastructure Client Console tab. 2. Log into the server as user admin. 3. Load the admin OpenSSH key by entering: ssh-agent bash ssh-add ~admin/.ssh/admin_key You are prompted to enter a passphrase. 4. Enter the admin user account passphrase and press ENTER.
46
Obtain and Install a Server License POSTINSTALLATION CONFIGURATION 5. Enter: gathergsankeydata The following information appears in the console:
Enter your customer account number (as found on your EMC Purchase Order Confirmation):
6. Enter your EMC Customer Number and press ENTER. Your EMC Customer Number can be found on your EMC Purchase Order Confirmation. Valid Customer Numbers conform to the following format: CN-YYMMDDNNNNN Where YY is a two-digit year, MM is a two-digit month, DD is a two-digit day of the month and NNNNN is a five-digit numerical sequence. The following information appears in the console:
Enter your Avamar system asset ID number (as found on your EMC Purchase Order Confirmation):
7. Enter your system Reference ID and press ENTER. The system Reference ID is found on your EMC Purchase Order Confirmation. Valid system Reference IDs conform to the following format: A-YYYYNNNNNN Where YYYY is a four-digit year and NNNNNN is a six-digit numerical sequence. The following information appears in the console:
Please enter the Internet Domain for this Account: [***********]
8. Enter your corporate internet domain and press ENTER. The following information appears in the console:
Your answers were: Customer account ID: [CN-************] Customer asset ID: [A-**********] Internet Domain: [***********] Is this correct? [y(es), n(o), e(xit)]:
9. Enter y and press ENTER. At this point, the gsankeydata.xml license key information file should be present in the local directory, from which gathergsankeydata was run in step 5. 10. Open your web browser and log into your AvaSphere Customer Support Portal user account.
47
Obtain and Install a Server License POSTINSTALLATION CONFIGURATION The EMC Avamar Support main page appears.
11. Click Avamar Key Generation. The EMC Avamar Support key generation page appears.
12. Click Browse... The Choose File dialog box appears. 13. Locate the license key information file.
48
Obtain and Install a Server License POSTINSTALLATION CONFIGURATION 14. Double-click the license key information file or select the license key information file and click Open. The Choose File dialog box closes. 15. Switch to EMC Avamar Support key generation page and enter the email address to which you want the license key file sent. IMPORTANT: This must be an email account from which you can save the attached license key file and copy it to the Avamar server. 16. Click Generate Key. The EMC Avamar Support enter terabytes page appears. This page allows you to specify the number of Capacity Terabyte Licenses you want to allocate to this Avamar server.
17. Enter the number of Capacity Terabyte Licenses you want to allocate to this Avamar server in the Terabyte field. 18. Click Generate Key. The EMC Avamar Support final key generation page appears, confirming that your license key has been emailed to the address you entered in step 15.
49
Obtain and Install a Server License POSTINSTALLATION CONFIGURATION 19. Open your email program and access the email account you entered in step 15. The license key file is an email attachment with the following naming convention: ASSET-NAME.xml Where ASSET-NAME is typically the Avamar server hostname as defined in corporate DNS. 20. Open the Avamar Key Information email message and save the ASSET-NAME.xml email attachment to a convenient temporary directory or folder. 21. Use WinSCP or an equivalent program to copy the ASSET-NAME.xml license key file from the temporary directory or folder to the Avamar server /tmp directory. IMPORTANT: In order to activate your license using the avmaint license command, the Avamar server data server subsystem (also known as GSAN) must be running.
User=admin
22. Switch to your command shell session and ensure that you are still logged in as user admin and that the admin OpenSSH key is still loaded. 23. Verify that the data server subsystem (also known as GSAN) is running by entering: dpnctl status gsan The following information appears in your console:
dpnctl: INFO: gsan status: ready
24. Change file permissions on the ASSET-NAME.xml license key file and activate the license by entering: chmod 644 /tmp/ASSET-NAME.xml avmaint license /tmp/ASSET-NAME.xml --avamaronly Where ASSET-NAME.xml is the license key file you downloaded in steps 20 thru 22. 25. Verify that the server license is correctly installed by entering: avmaint license --avamaronly License information appears in the console.
50
Configure Replication
If applicable, configure replication according to instructions in the Avamar System Administration Manual.
51
1. Ensure that you are logged into the server as user root. 2. Create a backup of all updated configuration files by entering: cd /root /usr/local/avamar/bin/backup_upgrade_files mv /tmp/backups_DATE_TIME /root/ cd /root tar czvf backups_DATE_TIME.tgz backups_DATE_TIME/ scp backups_DATE_TIME.tgz root@NODE00:/root/ scp backups_DATE_TIME.tgz root@NODE01:/root/ Where DATE_TIME is a timestamp, and NODE00 and NODE01 are the IP addresses of other Avamar server nodes in the customers environment, respectively (such as the replication source or target, if applicable). The DATE_TIME timestamp is automatically generated (YYYYMMDD_HHMMSS format) by the backup_upgrade_files script. TIP: Change to the /tmp directory to determine the tarball filename.
52
Change Avamar Passwords POSTINSTALLATION CONFIGURATION 3. Enter: change-passwords The following information appears in your command shell:
Identity added: /home/dpn/.ssh/dpnid (/home/dpn/.ssh/dpnid) Identity added: /home/dpn/.ssh/dpnid.prev (/home/dpn/.ssh/dpnid.prev) Identity added: /home/dpn/.ssh/dpnid.orig (/home/dpn/.ssh/dpnid.orig) Do you wish to specify one or more additional SSH passphrase-less private keys that are authorized for root operations? Answer n(o) here unless there are known inconsistencies in ~root/.ssh/authorized_keys2 files among the various nodes (as might be evident if you had been prompted for a root password in a previous run of this program). Note that the following keys will be used automatically (there is no need to re-specify them here): /home/dpn/.ssh/dpnid y(es), n(o), h(elp), q(uit/exit): --------------------------------------------------------
4. Enter n and press ENTER. The following information appears in your command shell:
The following is a test of OS root authorization with the currently loaded SSH key(s). If during this test you are prompted for an OS root password, then you might be missing an appropriate "dpnid" key for one or more nodes. -> In that event, re-run this program and, when prompted, specify as many SSH private key files as are necessary in order to complete root operations on all nodes. Starting root authorization test with 600 second timeout... End of root authorization test. -------------------------------------------------------Change OS (login) passwords? y(es), n(o), q(uit/exit):
You want to change the admin, dpn or root operating system user account passwords. You do not want to change the admin, dpn or root operating system user account passwords.
Enter y and press ENTER. Enter n and press ENTER. Proceed to step 16.
53
You want to change the admin operating system user account password. You do not want to change the admin operating system user account password.
Enter y and press ENTER. Enter n and press ENTER. Proceed to step 10.
7. Enter the new admin operating system user account password and press ENTER. The following information appears in your command shell:
Please enter the same OS password again. (Entering an empty (blank) line twice quits/exits.)
8. Reenter the new admin operating system user account password and press ENTER. The following information appears in your command shell:
Accepted OS password for "admin". -------------------------------------------------------Change OS password for "dpn"? y(es), n(o), q(uit/exit):
You want to change the dpn operating system user account password. You do not want to change the dpn operating system user account password.
Enter y and press ENTER. Enter n and press ENTER. Proceed to step 13.
Please enter a new OS (login) password for user "dpn". (Entering an empty (blank) line twice quits/exits.)
10. Enter the new dpn operating system user account password and press ENTER. The following information appears in your command shell:
Please enter the same OS password again. (Entering an empty (blank) line twice quits/exits.)
11. Reenter the new dpn operating system user account password and press ENTER. The following information appears in your command shell:
Accepted OS password for "dpn". -------------------------------------------------------Change OS password for "root"? y(es), n(o), q(uit/exit): y
54
You want to change the root operating system user account password. You do not want to change the root operating system user account password.
Enter y and press ENTER. Enter n and press ENTER. Proceed to step 16.
13. Enter the new root operating system user account password and press ENTER. The following information appears in your command shell:
Please enter the same OS password again. (Entering an empty (blank) line twice quits/exits.)
14. Reenter the new root operating system user account password and press ENTER. The following information appears in your command shell:
Accepted OS password for "root". ======================================================== Change SSH keys? y(es), n(o), q(uit/exit): y
You want to create new admin or dpnid OpenSSH keys. You do not want to create new admin or dpnid OpenSSH keys.
Enter y and press ENTER. Enter n and press ENTER. Proceed to step 21.
55
You want to create a new admin OpenSSH key. You do not want to create a new admin OpenSSH key.
Enter y and press ENTER. Enter n and press ENTER. Proceed to step 20.
17. Enter the new admin OpenSSH passphrase and press ENTER. The following information appears in your command shell:
Please enter the same SSH key again. (Entering an empty (blank) line twice quits/exits.)
18. Reenter the new admin OpenSSH passphrase and press ENTER. The following information appears in your command shell:
Accepted SSH key for "admin". -------------------------------------------------------Redo passphrase-less elevated-privilege SSH key "dpnid"? y(es), n(o), h(elp), q(uit/exit):
You want to create a new dpnid OpenSSH key. You do not want to create a new dpnid OpenSSH key.
56
You want to change the MCUser or root internal Avamar server user account passwords. You do not want to change the MCUser or root internal Avamar server user account passwords.
21. Enter the current internal Avamar server root user account password (not the operating system root password) and press ENTER. The following information appears in your command shell:
Checking Avamar Server root password (300 second timeout)... Avamar Server current root password accepted. -------------------------------------------------------Change Avamar Server password for "MCUser"? y(es), n(o), q(uit/exit): y
You want to change the internal Avamar server MCUser password. You do not want to change the internal Avamar server MCUser password.
Enter y and press ENTER. Enter n and press ENTER. Proceed to step 26.
23. Enter the new internal Avamar server MCUser password and press ENTER. The following information appears in your command shell:
Please enter the same Avamar Server password again. (Entering an empty (blank) line twice quits/exits.)
24. Reenter the new internal Avamar server MCUser password and press ENTER. The following information appears in your command shell:
Accepted Avamar Server password for "MCUser". -------------------------------------------------------Change Avamar Server password for "root"? y(es), n(o), q(uit/exit):
57
You want to change the internal Avamar server root password. You do not want to change the internal Avamar server root password.
Enter y and press ENTER. Enter n and press ENTER. Proceed to step 29.
Please enter a new Avamar Server password for user "root". (Entering an empty (blank) line twice quits/exits.)
26. Enter the new internal Avamar server root password and press ENTER. The following information appears in your command shell:
Please enter the same Avamar Server password again. (Entering an empty (blank) line twice quits/exits.)
27. Reenter the new internal Avamar server root password and press ENTER. The following information appears in your command shell:
Accepted Avamar Server password for "root". -------------------------------------------------------Do you wish to proceed with your password changes on the selected node? Answering y(es) will proceed with password updates. Answering n(o) or q(uit) will not proceed. y(es), n(o), q(uit/exit): y
Accept Changes?
28. Do one of the following:
IF DO THIS
You want to accept changes made to passwords or OpenSSH keys during this utility session. You want to exit this utility session without making changes to passwords or OpenSSH keys.
58
4. Enter the new MCUser password in the Password field and click Save.
59
Change Avamar Passwords POSTINSTALLATION CONFIGURATION 5. In the Virtual Infrastructure Client, click the Console tab.
Guest User=admin
6. Log into the guest as user admin. 7. Load the admin OpenSSH key by entering: ssh-agent bash ssh-add ~admin/.ssh/admin_key You are prompted to enter a passphrase. 8. Enter the admin user account passphrase and press ENTER. 9. Enter: dpnctl stop ems emserver.sh --renameserver --uselocalmcs dpnctl start
2. Log in to the server as user admin. 3. In a Unix text editor, open mcclimcs.xml in the following path: ~admin/.avamardata/var/mc/cli_data/prefs/ 4. Locate the following entries:
<MCSConfig> <MCS mcsprofile="local" mcsaddr="AVAMARSERVER" mcsport="7778" mcsuserid="MCUser" mcspasswd="PASSWORD" /> <!-- add more profiles if needed here and set default to select default --> </MCSConfig>
60
Change Avamar Passwords POSTINSTALLATION CONFIGURATION 5. Change the mcspasswd="PASSWORD" entry to agree with the new internal Avamar server MCUser password that you previously set by using the change-passwords utility. 6. Save your changes.
User=dpn
7. Switch user to the dpn user account by entering: su - dpn When prompted for a password, enter the dpn password and press ENTER. 8. Load the dpn OpenSSH key by entering: ssh-agent bash ssh-add ~dpn/.ssh/dpnid 9. In a Unix text editor, open mcclimcs.xml in the following path: ~dpn/.avamardata/var/mc/cli_data/prefs/ 10. Repeat steps 4 thru 6. 11. Switch back to the admin user account by entering: exit exit
User=admin
User=root
12. Switch user to root by entering: su When prompted for a password, enter the root password and press ENTER. 13. In a Unix text editor, open mcclimcs.xml in the following path: ~root/.avamardata/var/mc/cli_data/prefs/ IMPORTANT: The mcclimcs.xml file might not be present on all servers. If this is the case, skip step 14. 14. Repeat steps 4 thru 6.
User=admin
61
This is the corporate outgoing SMTP mail server that will be used to send Email Home messages.
IMPORTANT: In most cases, some arrangement must be made to allow emails originating from the Avamar server to be forwarded though the outgoing SMTP mail server to EMC Technical Support through the Internet.: In order for Email Home messages to be received by EMC Technical Support, they must be sent using a valid email address with access to your corporate outgoing SMTP mail server.
IMPORTANT: If you do not configure the Email Home feature to send messages from a valid email address, messages generated by the Email Home feature will be rejected by the EMC incoming email server. Furthermore, EMC Technical Support will be completely unaware that these programmatically-generated messages were rejected, and because a valid sending email account is not known, programmaticallygenerated warnings to the sender that these messages could not be sent will never be viewed by anyone who can correct the problem.
Modify mcserver.xml Email Home Settings (page 63) Configure and Enable the High Priority Events Profile (page 64)
62
1. Log into the guest as user admin by clicking on the Console tab in the Virtual Infrastructure Client. 2. Load the admin OpenSSH key by entering: ssh-agent bash ssh-add ~admin/.ssh/admin_key You are prompted to enter a passphrase. 3. Enter the admin user account passphrase and press ENTER. 4. Change directories by entering: cd /usr/local/avamar/var/mc/server_data/prefs 5. Open mcserver.xml in a Unix text editor. 6. Find the com.avamar.asn.module.mail node (shown below).
<root type="system"> <node name="com"> <node name="avamar"> <node name="asn"> <node name="module"> <node name="mail"> <entry key="smtpHost" value="mail"/> <entry key="admin_mail_sender_address" value=""/>
NOTE: Substantial portions of mcserver.xml have been omitted for clarity. 7. Change the smtpHost entry (mail) to the name of your outgoing SMTP mail server as defined in corporate DNS (for example, smtp.example.com). 8. Change the admin_mail_sender_address entry to a valid email address. For example: jsmith@example.com. 9. Save your changes. 10. Restart the administrator server by entering: dpnctl stop mcs dpnctl start 11. Close the command shell.
63
You want to use the (unmodifiable) factory default settings. You want to use new custom settings.
Select the existing High Priority Events profile. Perform step 4, then go directly to step 9. Skip steps 5 through 8 because the default High Priority Events profile is not modifiable. Create a copy of the existing High Priority Events profile by select it and clicking Copy. 1. The Save As dialog box appears. 2. Enter a name for this new profile in the Save As field and click OK. 3. The Save As dialog box closes. 4. Select the High Priority Events profile copy you just created.
4. Unset the Disabled option. IMPORTANT: The Manage Event Codes tab is used to select which event codes will trigger an email notification. However, the High Priority Events profile has been preconfigured to only send notifications for specific high priority events. EMC Technical Support recommends that you use the default settings. 5. Select the High Priority Events profile copy you created in step 3 and click Edit. The Edit Profile Custom Profile High Priority Events dialog box appears. AVAMAR VIRTUAL EDITION 1.2 SYSTEM INSTALLATION MANUAL 64
Add a Custom Security Notification to Web Login Pages POSTINSTALLATION CONFIGURATION 6. Click the Email Notification tab. 7. Enter:
FIELD SETTING
Avamar Administrator Notification High Priority Events IMPORTANT: Unless you have a good reason to change this field, EMC Technical Support recommends that you use the default email header.
Ensure that emailhome@avamar.com is listed. TIP: To add additional recipients, enter a valid Internet email address in the Enter Recipient field and click +. To remove a recipient, select that recipient in the Recipient Email List and click -.
8. Click OK. The Edit Profile Custom Profile High Priority Events dialog box closes. 9. Switch to Manage All Profiles dialog box and click OK. The Manage All Profiles dialog box closes.
65
66
67
Install and Test Avamar HP-UX Client (Contingent) SYSTEM READINESS TESTING
68
69
1. Enter admin and press ENTER. You are prompted to enter a password. 2. Enter the standard admin password and press ENTER. A command prompt appears. 3. In most cases, immediately load the admin OpenSSH key by entering: ssh-agent bash ssh-add ~admin/.ssh/admin_key You are prompted to enter a passphrase. 4. Enter the admin user account passphrase.
1. Switch user to root by entering: su - root When prompted for a password, enter the root password and press ENTER.
70
Switching to the dpn User Account APPENDIX A LOGGING INTO THE AVAMAR SERVER 2. Enter the root password and press ENTER. If you need to switch back to user admin, use the exit command to close the root subshell.
Switch User to admin
1. Switch to the dpn user account by entering the following: su - dpn When prompted for a password, enter the dpn password and press ENTER. 2. Load the dpnid OpenSSH key by entering: ssh-agent bash ssh-add ~dpn/.ssh/dpnid NOTE: The dpnid OpenSSH key does not require a passphrase.
71
avqinstall
avqinstall is a command-line program that assists with software installation and configuration on new Avamar servers. IMPORTANT: Only use avqinstall when performing server software installation on a new server that has never been deployed at a customer site. Running avqinstall against an operational server could result in permanent loss of data. The avqinstall program replaces avw_install as the preferred method for installing Avamar server software. Unlike avw_install which requires user interaction, avqinstall uses a configuration file usr/local/avamar/var/install.conf (page 74). Use avqinstall to install Avamar server software releases 3.6, 3.7, 4.0 and 4.1. The avqinstall program logs activity to the /usr/local/avamar/var/log/ avqinstall.log file. This log file contain time-stamped information, including: How avqinstall invokes other programs. Standard output and standard error messages from programs invoked by avqinstall. Informational messages about decision-making processes applied by avqinstall. The dpnavqinstall package, which is included with customer tarballs, contains avqinstall and auxiliary files.
72
Synopsis
avqinstall [--(no)check] [--help] [--(no)require_clean_system] [--(no)unpack] [--version=X.Y.Z.B]
Command Options
--help --(no)check Shows help, then exits. Does not perform certain sanity checks. Default is --check. --(no)require_clean_system Does not require a system without backup data. Default is --require_clean_system. --(no)unpack Does not unpack/install Avamar server tarball. Default is --unpack. --version=X.Y.Z.B Selects server tarball version X.Y.Z.B.
Requirements
The avqinstall program requires access to a command-line shell on each node. You must have OS admin, root and dpn user privileges. The dpnid key must be available to avqinstall. To run various operations noninteractively across multiple nodes as either the OS root or the OS admin user, avqinstall and other utilities must load the dpnid OpenSSH private key into an ssh-agent environment. In addition to using OpenSSH, avqinstall uses sudo to run various operations non-interactively on the utility node or single-node server as the OS user dpn. The default sudo configuration in Red Hat Enterprise Linux is adequate to permit avqinstall to use sudo because avqinstall runs as the OS root user. The avqinstall program requires the following hardware and software: A qualified hardware platform (for example, ADS). A pre-configured version of Red Hat Enterprise Linux (for example, RHEL 4.6). Packages, files and directories under /usr/local/avamar/, /etc/ and /data01/, which are pre-installed by the Avamar-supplied OS installation.
73
gsan_encrypt_at_rest
Specifies whether or not to encrypt gsan backup data at rest. 1 Sets encryption at rest, which can cause a performance penalty. 0 (default)
gsan_key_account_id
Specifies an account id to be included with gsan license key source data. NOTE: For 4.x and later releases, the Avamar server runs without a license for a 30-day grace period. This attribute value can be left unspecified during the 30-day grace period. After the grace period, you must obtain a license key. The default is a synthesized value of the form CN-YYYYMMDD.
gsan_key_asset_reference_id
Specifies an asset reference id to be included with gsan license key source data. NOTE: For 4.x and later releases, the Avamar server runs without a license for a 30-day grace period. This attribute value can be left unspecified during the 30-day grace period. After the grace period, you must obtain a license key. The default id is a synthesized value, the unqualified hostname.
gsan_hfs_port
Specifies the gsan TCP contact port for nonSSL communications. If a port number is specified, the usersettings.cfg file is updated. Default is 27000.
gsan_other_options
Specifies a list of space-separated commandline options for start.dpn, to be appended to the installation tool's list of options. No options are necessary under ordinary circumstances. There is no default value.
gsan_password
Specifies the gsan root user password. If a password is specified, the usersettings.cfg file is updated. Default is the password specified by the --password setting in the usersettings.cfg file. The password is typically a factory default, such as 8*******.
74
gsan_rain
Specifies whether the gsan uses RAIN. 0 Disables RAIN on a multi-node server. IMPORTANT: Disabling RAIN is not recommended. RAIN is a feature of multinode systems that enables backup data to survive an unrecoverable loss of one storage node. 1 (default) Enables RAIN. Setting this value is meaningful only for servers of three or more nodes. Servers with two or fewer nodes are always configured to be non-RAIN. Default is 1.
gsan_ssl_port
This is a start.dpn parameter. Specifies the gsan TCP contact port for SSL communications. Default is 29000.
gsan_systemname
Specifies the gsan systemname parameter value. This value need not be the same as the hostname of the utility node or single-node server. The default is the unqualified hostname of the utility node or single-node server, specified in uppercase.
local_time_zone
Specifies the name of a local time zone for the utility node or single-node server. If specified, name one of the existing time zone files relative to the directory /usr/share/zoneinfo. For example, US/Pacific. Default is UTC.
mcs_mcuser_password
Specifies the password for the gsan MCUser user id. Setting a password value for this attribute updates the static Administrator preferences. The factory default is MCUser1.
mcs_nat_address
Specifies an externally-translated Internet Protocol version 4 (IPv4) address that backup clients use to contact the Avamar Administrator. Specify this value only if the address that must be used by client hosts is different from that assigned to network interface eth0 on the utility node or single-node server. There is no default value.
75
mcs_remote_hfs_port
Specifies the TCP contact port number on the remote Avamar server to use when authenticating Avamar Enterprise Manager logins. This attribute is meaningful only if mcs_remote_host is defined. Default is 27000.
mcs_remote_host
Specifies the name of a utility node or singlenode server running an instance of Avamar Administrator against which to authenticate Avamar Enterprise Manager logins. Default is Local host (utility node or singlenode server).
mcs_remote_mcuser_password
Specifies the password for the MCUser account on the remote Avamar server against which to authenticate Avamar Enterprise Manager logins. This attribute is meaningful only if mcs_remote_host is defined. There is no default value.
mcs_remote_rmi_port
Specifies the remote RMI (Java remote method invocation) TCP port on the remote Avamar server against which to authenticate Avamar Enterprise Manager logins. This attribute is meaningful only if mcs_remote_host is defined. Default is 7778.
mcs_smtp_server
Specifies the SMTP (mail) server name or IP address to which the Avamar server can post email. The specified SMTP server, intervening firewalls or both might have to be updated to permit the Avamar server to post mail to the SMTP server. Default is mail.
server_tarball_version
Specifies the version number of a server tarball to be installed. A customer tarball with the corresponding version must exist in /usr/local/avamar/src/. The version number, if specified, must be in a form compatible with the axion_install tool, such as 4.1.0.620. Default is the highest version numbered customer tarball in /usr/local/avamar/src/ appropriate for the OS (3.x for RHEL3, 4.x for RHEL4).
76
storage_node_ipv4_addresses
Specifies a list of storage node IPv4 addresses separated by whitespace. Specifying addresses for this attributes updates the probe.out file. If no addresses are specified, and there is no pre-existing probe.out file, avqinstall assumes a single-node server. The single-node server assumption fails (avqinstall quits with an error) unless the node type has been set correctly. TIP: Pre-configure the probe.out file by running dpnnetutil instead of specifying storage nodes addresses for this attribute. Default is addresses specified in /usr/local/ avamar/var/probe.out or $SYSPROBEDIR/ probe.out, if available.
time_servers
Specifies a list of hostnames or IPv4 addresses separated by whitespace for NTP time servers. If a hostname resolves to multiple addresses, then all addresses are used. There is no default value.
77
avqinstall APPENDIX B INSTALLATION SUPPLEMENTAL REFERENCE 10. Gathers gsan license key data (gathergsankeydata) unless a gsan license key file already exists. 11. Checks for a gsan license key on Avamar 3.x servers and quits if a license key is not present. 12. Configures local time and network time service (avw-time). 13. Starts the Avamar login manager service (lm). 14. Updates usersettings.cfg. 15. Starts gsan (start.dpn). 16. Verifies that gsan has started (opstatus.dpn). 17. Starts the mcs (avsetup_mcs, mcserver.sh --init, mcserver.sh -start, avsetup_webstart and avsetup_mccli). 18. Starts the EMS (avsetup_ems, emserver.sh --init, emserver.sh -start and emwebapp.sh --start). 19. Creates a checkpoint (cp_cron). 20. Validates the checkpoint (hfscheck_cron). 21. Enables maintenance tasks (mcserver.sh --installcron). 22. Starts the web server (website create-cfg, website init, website restart and gen-ssl-cert). 23. Updates dpnctl's version tracking file. 24. Checks Avamar subsystem status. 25. Removes the dpnavqinstall package by using an at job.
78
avw_install
avw_install is a program that provides a web-based wizard that assists with software installation and configuration on new Avamar servers. IMPORTANT: The information presented in this topic is for reference purposes only and should not be used in lieu of proper installation documentation. Instead, when performing any Avamar server software installation, use the correct Avamar server software installation publication for your specific server hardware platform.
IMPORTANT: Only use avw_install when performing server software installation on a new server that has never been deployed at a customer site. Running avw_install against an operational server could result in permanent loss of data.
NOTE: If avw_install is left unattended for a long period of time (for example, over night), be advised that nightly log rotation restarts the web server. This could interfere with your avw_install session. Therefore, it is best to plan enough time to completely finish your avw_install session in one sitting.
79
avw_install APPENDIX B INSTALLATION SUPPLEMENTAL REFERENCE 14.avw_check_dpn (page 87) 15. avw_start_dpn (page 88) 16. avw_avsetup_mcs (page 90) 17. avw_avsetup_ems (page 92) 18. avw_checkpoint (page 93) 19. avw_crontab_dpn (page 93) 20. avw_website_create_cfg (page 94) 21. avw_finale (page 94) 22. avw-cleanup.php (page 95)
1. avw_login
(1) Log In - Authorized Users Only This page is a protective measure that is intended to prevent avw_install from being run by an unauthorized user. Enter the factory-default Avamar root server password for this server. If this is a new server, it should be the factory default root password (8RttoTriz). However, if the root password has been changed and another password is recorded in usersettings.cfg, then enter that password instead.
2. avw_intro
(2) avw_install VERSION Where VERSION is the specific version of avw_install you will be running. NOTE: The avw_install version might not directly correlate to the specific Avamar server software release you will be installing. This is because avw_install supports multiple server software tarballs being present on the same Avamar server. If avw_install was previously run, one or more option check boxes are provided that allow re-running specific tasks. Furthermore, clicking Start will automatically bypass any successfully completed tasks. This page also offers configuration tips for Mozilla Firefox users.
3. avw_check_node_type
(3) Check for Correct Node Type This page is a protective measure that is intended to prevent avw_install from being run on an unsupported node type (for example, storage node). If avw_install determines that this node is an unsupported type, an error message appears and avw_install will terminate.
80
4. avw_verify_down
(4) Check for System Activity If the dpnctl utility is available, this page runs dpnctl status as a background operation in order to ensure that the Avamar server has been completely shutdown before proceeding with the actual software installation. TIP: Click TASK LOG to monitor progress or review results of this task.
5. avw_verify_atd
(5) Verify That the atd Service Is Running This page indicates whether or not the atd service is running. atd is used by avw_install for starting various processes without commingling those process groups with that of the Apache web server. Without the atd service, some processes would die as soon as the web server is restarted. If atd is not running, an attempt is made to start it. If atd is not running and cannot be started, an error is returned and avw_install exits.
6. avw_axion_install
(6.1) Select Avamar Software Release If there is only one customer tarball, then it is presented in a text box. If there is more than one customer tarball, then select the correct one from the menu. In most cases, this should be the latest release. The customer tarball with the highest version number is presented as the default setting. (6.2) Unpack and Install Avamar Software This page runs the following commands as a root user background task: cd /usr/local/avamar/src tar xzvf TARBALL RHEL3/axion_install RHEL3/axion_install --version =VERSION --nochecks Where TARBALL is the actual customer tarball filename and VERSION is the specific Avamar server software release being installed in this avw_install session. TIP: Click TASK LOG to monitor progress or review results of this task.
81
7. avw_run_probe
(7.1) Enumerate Avamar Nodes (Probe) Enter the names of all utility nodes to be probed. Separate multiple utility node names with white space. The first name must be that of this host (the node on which avw_install is running). The text box is pre-populated with that hostname. (7.2) Verify Utility Node Addresses Edit utility node names and corresponding IP addresses. Any names entered in the previous page that did not resolve will be denoted with Enter.IP.Address.Here instead of an actual IP address. The first name must match that of this host. The reason for this restriction is to ensure that modules are not probed in the wrong order. If the first name does not match that in the usersettings.cfg --server entry, then the --server entry is updated. If avw_install determined that you are installing software on a multi-node server and DHCP is present, the Do DHCP Client Node Discovery (probe): option will be shown. Setting this option will run either the probe command on multi-node configurations or the probesingle command on single-node configurations, which will automatically populate the list of storage addresses. TIP: Click TASK LOG to monitor progress or review results of this task.
Manual Entry
(7.3) Manually Enter Storage Node Addresses If the Do DHCP Client Node Discovery (probe): option was not set on page 7.2, then enter storage node addresses and/or address ranges into the text box, prefixed with the name of the corresponding utility node. /usr/local/avamar/var/probe.out file is updated with the utility node addresses from page 7.2 and the storage node addresses from this page.
Run probe
(7.3) Run Probe Command If the Do DHCP Client Node Discovery (probe): option was set on page 7.2, then the probe or probesingle command is run against the list of utility nodes specified on page 7.2 in order to update the /usr/local/avamar/var/probe.out. If the name of a utility node does not resolve, or an IP address supplied on page 7.2 conflicts with the address returned by gethostbyname(), then the user-supplied IP address from page 7.2 is explicitly used as an argument to probe or probesingle. This is to avoid problems either with probe or probesingle resolving names to undesired addresses, or with lack of name resolution altogether. TIP: Click TASK LOG to monitor probe progress.
82
avw_install APPENDIX B INSTALLATION SUPPLEMENTAL REFERENCE (7.4) Verify Probe File This page runs mapall date as an admin user background task. All nodes in the probe.out file must respond. TIP: Click TASK LOG to monitor progress or review results of this task.
8. avw_verify_os
(8) Verify Operating System Version This page runs the following command as a background operation: mapall --all 'cat /etc/redhat-release' The output is examined for any inconsistent entry among the operating system release strings. All nodes in the probe.out file must respond. This is intended to ensure that all nodes are running the same version of the operating system. This does not necessarily ensure that all nodes are running the correct version of the operating system, only that the version is consistent across all nodes. TIP: Click TASK LOG to monitor progress or review results of this task.
9. avw_verify_avtar_config
(9) Verify Local Avtar Configuration Files This page examines various settings in ~admin/.avamar and /usr/local/avamar/etc/usersettings.cfg to verify that they are correct.
10. avw_clean_data
(10.1) Check for Pre-Existing Avamar Data This page runs a mapall command in the background to determine if any gsan.log files exist underneath /data0?/cp.* or /data0?/cur on the storage nodes. TIP: Click TASK LOG to monitor progress or review results of this task.
Clean Servers
(10.2) Clean Up: Enter Files and Directories to Preserve If the server was determined to be clean, this page offers a text box in which you can enter additional objects to preserve in the storage node data directories.
83
avw_install APPENDIX B INSTALLATION SUPPLEMENTAL REFERENCE Default pre-defined list of objects to preserve is as follows: avamar home local lost+found ugprep vardir Most of these objects are typically found only on /data01, but the previous find command does not discriminate as to where they are found. The main intention is to clean up directories that might have been created by previous dt operations.
Dirty Servers
(10.2) Clean Up: Enter Files and Directories to Preserve If the server was determined to be dirty, this page is used to set several options and enter a specific automatically-generated confirmation phrase that will cause this server to be cleaned (all Avamar data will be permanently deleted).
FIELD/OPTION DESCRIPTION
Yes, DESTROY Existing Avamar Data Yes, REALLY Destroy Existing Avamar Data Acknowledgement Phrase
In order to permanently delete (clean) any preexisting data from this Avamar server, you must set this option. In order to permanently delete (clean) any preexisting data from this Avamar server, you must set this option. In order to permanently delete (clean) any preexisting data from this Avamar server, you must enter the entire confirmation phrase (for example, I-wishto-destroy-utterly-all-Avamar-data-on-thissystem.-XXXX) into this field and change all hyphens (-) to spaces. There are two methods for doing this: 1. Manually enter the entire acknowledgement phrase by way of the computer keyboard and replace all hyphens (-) with spaces as you type. 2. Copy the entire acknowledgement phrase (for example, I-wish-to-destroy-utterly-allAvamar-data-on-this-system.-XXXX) onto your computer clipboard. Then, paste the entire acknowledgement phrase (including the random four-character sequence at the end) into this field. Finally, replace all hyphens (-) with spaces.
84
avw_install APPENDIX B INSTALLATION SUPPLEMENTAL REFERENCE (10.3) Clean Data Directories This page runs the following command: export SYSPROBEUSER=root && mapall /usr/bin/find /data0?/* ! -name OBJECT1 ... -maxdepth 0 -exec /bin/rf -rf {} \; Any object not named in the pre-defined list of objects to preserve is removed. TIP: Click TASK LOG to monitor progress or review results of this task.
11. avw_gathergsankeydata
(11.1) Enter Source Data For Avamar Server License This page is used to enter the following:
FIELD DESCRIPTION
Account ID
This is the EMC Customer Number, which is found on the EMC Purchase Order Confirmation. Valid Customer Numbers conform to the following format: CN-YYMMDDNNNNN Where YY is a two-digit year, MM is a two-digit month, DD is a two-digit day of the month and NNNNN is a five-digit numerical sequence.
Asset Reference ID
The asset reference ID is found on the EMC Purchase Order Confirmation. Valid asset reference IDs conform to the following format: A-YYYYNNNNNN Where YYYY is a four-digit year and NNNNNN is a six-digit numerical sequence.
(11.2) Gather License Source Data This page runs the following command as a background operation: gathergsankeydata --nointeractive --output='/usr/local/avamar/var/gsankeydata.xml' --account_id=CUSTOMER-ID --asset_reference_id=ASSET-ID TIP: Click TASK LOG to monitor progress or review results of this task. (11.3) Review License Key Source Data This page displays the XML data produced by gathergsankeydata and provides some instructions for generating a valid license key. AVAMAR VIRTUAL EDITION 1.2 SYSTEM INSTALLATION MANUAL 85
12. avw_configure_time
(12.1) Enter Time Configuration Information This page is used to enter the following:
FIELD DESCRIPTION
Enter the IP addresses of NTP (port 123/udp) time servers. If ntp resolves to one or more IP addresses, then the text box will be pre-populated with those addresses. Otherwise, the text box is blank.
Enter a new system time if the displayed system time is not accurate. Select a local time zone from the pull-down menu. Refer to Time Zone Application Notes (page 36) for additional information about specifying a usable local time zone.
(12.2) Install Time Configuration This page runs avw-time, which is essentially a non-interactive version of asktime, as a background task. Things in common with asktime: avw-time creates and distributes ntpd configuration files to each node by way of mktime.custom, dpn-time-config and timedist. The timedist function shuts down and restarts ntpd by way of timesyncmon. timedist also installs a local cron job, ntpd_keepalive_cron that periodically attempts to revive ntpd if ntpd has quit. Differences from asktime: avw-time does not know about US public Internet time servers. avw-time does not support dedicated Avamar subnets. Therefore, configuring any additional nodes that might be added at a later date requires an update to the NTP configurations on #.s and #.0 (the internal time servers). Use asktime to perform this update. Answering yes at the asktime Do you have a dedicated subnet? prompt allows all time clients in a given subnet to query the internal time servers, but it requires knowing about all of the relevant subnets. avw-time reads an asktime-compatible answers file, but does not write to the answers file. Maintenance of the answers file is presently done by way of avw_configure_time sub-program. TIP: Click TASK LOG to monitor progress or review results of this task.
86
13. avw_lm_start
(13) Start Login Manager This page runs the following commands as root: service lm stop service lm start IMPORTANT: avw_install only starts the login manager (lm) process, it does not configure any external authentication systems (for example, Windows Active Directory, OpenLDAP, and so forth) for use with your Avamar server. Refer to the Setting Up Enterprise Authentication topic in your Avamar System Installation and Upgrade Manual for additional information.
TIP: Click TASK LOG to monitor progress or review results of this task.
14.avw_check_dpn
(14.1) Run Pre-Startup System Checks This page runs the check.dpn command. TIP: Click TASK LOG to monitor progress or review results of this task. (14.2) Review System Check Results After check.dpn has successfully completed and Review System Check Results >> is clicked from the previous page, this page lists check.dpn results.
87
15. avw_start_dpn
(15.1) Enter Avamar Server Startup Parameters This page is used to enter or set the following:
FIELD/OPTION DESCRIPTION
Server Root Password Server Name HFS Port SSL Port Use Non-RAIN Configuration (not recommended)
This field is pre-populated with the password from usersettings.cfg. This field is pre-populated with a name based on this hostname. Default value is 27000. Default value is 29000. This option only appears on multi-node servers with more than two storage nodes (1x3 or larger servers). Set this option if you want to disable RAIN on this server.
Set this option if this capability is desired. An encryption salt value will be automatically generated. IMPORTANT: Setting the Encrypt Data At Rest (incurs performance penalty) option will provide additional security but will also impact server performance.
If set, startup parameters are read from avw_start_dpn_options.txt and passed to start.dpn. This field is optional. Beginning with version 4.0, when you deploy a new Avamar server, you have a 30 day grace period in which to obtain a valid server license key. For the sake of clarity and because we expect that most customers will elect to obtain licensing at a later date, the licensing procedure is documented separately from the avw_install session.
License Key
(15.2) Confirm Avamar Server Startup Parameters This page provides an opportunity to review settings made in the previous page before they are actually used to initialize and start the Avamar server. If the Use Non-RAIN Configuration (not recommended) option was set on page 15.1, this page is also used to set several options and enter a specific automatically-generated confirmation phrase that will cause this Avamar server to be initialized without RAIN. If the Use Options File option was set on page 15.1, this page lists the additional options read from avw_start_dpn_options.txt.
88
avw_install APPENDIX B INSTALLATION SUPPLEMENTAL REFERENCE This page is used to enter or set or set the following:
FIELD/OPTION DESCRIPTION
Yes, use a NonRAIN Configuration Yes, REALLY use a Non-RAIN Configuration Acknowledgement Phrase
In order to initialize this Avamar server without RAIN, you must set this option. In order to initialize this Avamar server without RAIN, you must set this option. In order to initialize this Avamar server without RAIN, you must enter the entire confirmation phrase (for example, I-understand-that-a-configurationwithout-RAIN-is-contraindicated.-XXXX) into this field and change all hyphens (-) to spaces. There are two methods for doing this: 1. Manually enter the entire acknowledgement phrase by way of the computer keyboard and replace all hyphens (-) with spaces as you type. 2. Copy the entire acknowledgement phrase (for example, I-understand-that-a-configurationwithout-RAIN-is-contraindicated.-XXXX) onto your computer clipboard. Then, paste the entire acknowledgement phrase (including the random four-character sequence at the end) into this field. Finally, replace all hyphens (-) with spaces.
TIP: Use the << Change and Confirm Avamar Server Startup Parameters >> buttons to review previous settings and return to this page, respectively. (15.3) Initialize and Start Avamar Server This page updates the /usr/local/avamar/etc/usersettings.cfg --password and --hfsport settings if changes are made from the factory default settings. If the Encrypt Data At Rest (incurs performance penalty) option was set, this page updates /usr/local/avamar/var/dpn_failsafe_data.txt with an obfuscated form of the automatically generated encryption salt, along with the MAC address of the eth0 NIC. Finally, this page runs the following command as a background task: start.dpn --clean --password=PASSWORD --systemname=NAME --sslport=PORT --lmaddr=ADDR --encryptatrest=SALT --expert --hfsport=PORT --paritygroups=none NOTE: The --paritygroups=none option is supplied if the non-RAIN conditions were satisfied on pages 14.1 and 14.2.
89
TIP: Click TASK LOG to monitor progress or review results of this task. (15.4) Check for Avamar Server errors This page runs the following command as a background task: mapall --noerror 'egrep "FATAL|ERROR" /data01/cur/gsan.log TIP: Click TASK LOG to monitor progress or review results of this task.
16. avw_avsetup_mcs
(16.1) Enter Avamar Administrator Startup Parameters This page is used to enter or set the following:
FIELD DESCRIPTION
This field is pre-populated with the factory default password MCUser1. This field is either a pull-down menu or a text box, the latter possibly pre-populated with the path of a candidate directory. The candidate name selection method should work for one or more of Sun Microsystems various types of Java releases (for example, jre1.5.0_12).
SMTP Server Host Name or IP Address Avamar Server IP Address for NAT
Enter the outgoing SMTP mail server hostname as defined in corporate DNS or IP address. If client computers must use a different externally translated address in order to contact the MCS, then enter that IP address here.
(16.2) Confirm Avamar Administrator Startup Parameters This page provides an opportunity to review settings made in the previous page before they are actually used to initialize and start the MCS. TIP: Use the << Change and Confirm Avamar Administrator Startup Parameters >> buttons to review previous settings and return to this page, respectively.
90
avw_install APPENDIX B INSTALLATION SUPPLEMENTAL REFERENCE (16.3) Initialize Avamar Administrator, Part 1 Runs the following command as a background task: avsetup_mcs --hfsaddr=AVAMARSERVER --localdns=AVAMARSERVER --hfsport=PORT --java=PATH --mcpass=PASSWORD [--natextaddr=IP-ADDR] --rootpass=PASSWORD --smtphost=SMTP-SERVER --noprompt The --java=PATH, --mcpass=PASSWORD, --smtphost=SMTP-SERVER and --natextaddr=IP-ADDR information is from page 14.1. The --hfsaddr=AVAMARSERVER, --localdns=AVAMARSERVER, --hfsport=PORT and --rootpass=PASSWORD information is derived from usersettings.cfg. If an --hfsport=PORT setting is unavailable, then the default of 27000 is used. TIP: Click TASK LOG to monitor progress or review results of this task. (16.4) Initialize Avamar Administrator, Part 2 This page runs mcserver.sh --init as an at job. TIP: Click TASK LOG to monitor progress or review results of this task. (16.5) Start Avamar Administrator This page runs mcserver.sh --start as an at job. TIP: Click TASK LOG to monitor progress or review results of this task. (16.6) Configure Administrator Web Interface This page runs the following command as root: avsetup_webstart NOTE: Because avsetup_webstart is run as a foreground task, a TASK LOG link does not appear on this page. (16.7) Configure Administrator Command Line Interface This page runs the following command: avsetup_mccli NOTE: Because avsetup_mccli is run as a foreground task, a TASK LOG link does not appear on this page.
91
17. avw_avsetup_ems
(17.1) Enter Avamar Enterprise Manager Startup Parameters This page is used to configure the Avamar Enterprise Manager application. Enter or set the following:
FIELD DESCRIPTION
(OPTIONAL) remote Avamar Server Host Name or IP Address remote Avamar MCUser Account Password remote Avamar Server Port This field is pre-populated with the factory default password MCUser1. This field is pre-populated with the factory default Avamar server data port 27000/tcp. This field is pre-populated with the factory default MCS data port 7778/tcp.
(17.2) Initialize Avamar Enterprise Manager, Part 1 This page runs the following command as a background task: avsetup_ems TIP: Click TASK LOG to monitor progress or review results of this task. (17.3) Initialize Avamar Enterprise Manager, Part 2 This page runs one of the following commands as an at job, depending on the contents of the fields from page 15.1: emserver.sh --init --force --uselocalmcs - or emserver.sh --init --force --nouselocalmcs --mcshostname=SERVER --mcuserap=PASSWORD --hfsport=PORT --mcsport=PORT Where --mcshostname=SERVER, --mcuserap=PASSWORD, --hfsport=PORT and --mcsport=PORT information is all taken from the input fields on page1, if and only if a remote server name or IP address was specified. TIP: Click TASK LOG to monitor progress or review results of this task. (17.4) Start Avamar Enterprise Manager This page runs emserver.sh --start as an at job.
92
TIP: Click TASK LOG to monitor progress or review results of this task. (17.5) Start Jakarta Tomcat Service This page runs emwebapp.sh --start as an at job. TIP: Click TASK LOG to monitor progress or review results of this task. (17.6) Check Jakarta Tomcat Service This page runs the following command as a background task: curl -i -o /dev/null http://localhost:8080/cas/login.faces If the Tomcat service is not running, this will return an error. TIP: Click TASK LOG to monitor progress or review results of this task.
18. avw_checkpoint
(18.1) Create Checkpoint This page runs cp_cron as a background task. TIP: Click TASK LOG to monitor progress or review results of this task. (18.2) Validate Checkpoint This page runs hfscheck_cron as a background task. TIP: Click TASK LOG to monitor progress or review results of this task.
19. avw_crontab_dpn
(19) Install Maintenance Cron Jobs This page saves the old dpn crontab (if found) and installs a new one with the following command: crontab -u dpn /usr/local/avamar/etc/dpn_crontab TIP: Click TASK LOG to monitor progress or review results of this task.
93
20. avw_website_create_cfg
(20) Configure Avamar Web Application This page runs the following command as root: website create-cfg This performs all of the required configuration of Avamar web application, short of restarting the web server. NOTE: The website init and website restart operations are not performed here because those operations are unnecessary and performing those operations would interfere with avw_install.
TIP: Click TASK LOG to monitor progress or review results of this task.
21. avw_finale
(21) avw_install Completion This page shows Review (Optional) >> and Finish buttons. Clicking Review (Optional) >> within one minute displays a final review page that provides summary information about each avw_install task. TIP: Displaying the final review page by clicking Review (Optional) >> is not required. However, it is highly recommended that you do so in order to ensure that no unexpected results go unnoticed.
IMPORTANT: If you wait longer than one minute to click Review (Optional) >>, an error might occur because avw_install might be disabled. If this occurs, try pointing your browser at http://AVAMARSERVER or http://AVAMARSERVER/em. A MAIN LOG link to the avw-log-monitor.php application, which allows viewing and saving of the avw_install.log file. It is easy to re-enable avw_install if it is necessary to do so after disabling it. Refer to How Do I Reinstall avw_install? (page 99) for additional information.
94
22. avw-cleanup.php
This is run automatically one minute after the (21) avw_install Completion page appears. As root, gives at a job to be run at the top of the next minute. This at job does the following: 1. Creates /usr/local/avamar/var/avw-cleanup.log. 2. Verifies that /usr/local/avamar/var/avw_install-cleanup.enable exists. If it does not exist, then avw_install exits with an error. 3. Deletes the cleanup.enable file. 4. Deletes various temporary files in /tmp. 5. Runs the following command: rpm -e dpnavwinstall This deletes the package containing avw_install after applying various cleanups. 6. Renames /usr/local/avamar/var/avw_install.log to /usr/local/avamar/var/avw_install.log.N. Where N is a non-colliding integer. 7. Changes the ownership and permissions of the renamed log file to root:admin, 640.
Installation Directories
/usr/local/avamar/bin/ /usr/local/avamar/lib/avw_install/ /usr/local/avamar/lib/avw_install/html/ /usr/local/avamar/lib/avw_install/tasks/ /usr/local/avamar/lib/avw_install/classes/ /usr/local/avamar/lib/avw_install/conf/ /usr/local/avamar/lib/avw_install/pear/
95
96
97
You are using Firefox 1.5 or later on Windows. You are using Firefox 1.5 or later on Linux. You are using Firefox 1.0 on Windows.
1. Choose Tools > Options > Tabs. 2. Set the Force links that open new windows to open in: a new tab option. 1. Choose Edit > Preferences > Tabs. 2. Set the Force links that open new windows to open in: a new tab option. 1. Enable single window mode. To do this, enter about:config in the browser address field, then double-click the following preference item in order to set its value to true:
browser.tabs.showSingleWindowModePrefs
2. Choose Tools > Options > Advanced. 3. Set the Force links that open new windows to open in: a new tab option. You are using Firefox 1.0 on Linux. 1. Enable single window mode. To do this, enter about:config in the browser address field, then double-click the following preference item in order to set its value to true:
browser.tabs.showSingleWindowModePrefs
2. Choose Edit > Preferences > Advanced. 3. Set the Force links that open new windows to open in: a new tab option. If you use single window mode, watch for new tabs after clicking on the MAIN LOG and TASK LOG links.
98
avw_install APPENDIX B INSTALLATION SUPPLEMENTAL REFERENCE The following table shows several example alternative port setups and the base URL used to access avw_install following the alternative configuration:
AVW-ENABLE SETUP COMMAND DESCRIPTION/BASE URL
avw-enable --https_port=443
Configures avw_install to run on standard HTTPS port 443. Base URL used to access avw_install in this configuration is: https://AVAMARSERVER
avw-enable --https_port=80
Configures HTTPS to run on standard HTTP port 80. Base URL used to access avw_install in this configuration is: https://AVAMARSERVER:80 NOTE: Port 80 must be explicitly supplied.
avw-enable --http_only
Runs on straight HTTP, not HTTPS http://AVAMARSERVER (or http://localhost) Base URL used to access avw_install in this configuration is: http://AVAMARSERVER or http://localhost
Troubleshooting
How Do I Verify that avw_install Has Been Disabled? avw_install should automatically remove itself and all supporting programs from your Avamar server. You can verify that this successfully occurred by performing the following: 1. Verify that the base URL does not serve a web page. The default base URL is https://SERVER:1234. If you changed the default avw_install data port (page 98), use the correct base URL for your specific configuration. 2. Log into the utility node as root and enter the following command: rpm -e dpnavwinstall Monitor results for error messages. 3. Using a text editor, verify that /etc/sudoers has been scrubbed of the avw_install mods section and that there are no special entries for the apache user. 4. Verify that the /etc/httpd/conf.d/ssl.conf file has been scrubbed of the avw_install mods section and that there is no Listen 0.0.0.0:1234 directive present anywhere in the file. How Do I Reinstall avw_install? the following command as root: You can reinstall avw_install by entering
rpm -ivh dpnavwinstall-VERSION.i386.rpm Only do this if something went drastically wrong with the installation and you must re-run avw_install. AVAMAR VIRTUAL EDITION 1.2 SYSTEM INSTALLATION MANUAL 99
avw-time
avw-time is a simplified, non-interactive version of asktime. The avw-time is an auxiliary program called by avqinstall. The avw-time program is not intended for use by end users. Synopsis avw-time [--config=PATH] [--debug] [--help] [--indicate_completion=PATH] [--nodes=NODE-LIST] [--verbose]
Options
--config=PATH Specifies the path to the configuration file (asktime.answers). Default is /usr/local/avamar/var/time-configfiles/asktime.answers. --debug --help --indicate_completion=PATH --nodes=NODE-LIST Specifies a dry run. Shows help, then exits. Creates a file at PATH to indicate completion. Specifies a list of nodes on which to configure time. Default is all. --verbose Provides maximum information.
Notes
avw-time updates the following files:
FILE DESCRIPTION
Red Hat Enterprise Linux system time zone configuration file. Configuration file for the University of Delaware ntpd service. Red Hat Enterprise Linux configuration file for ntpdate. Copy of the selected zone information file for the local time zone (for example, US/Pacific).
100
avw-time APPENDIX B INSTALLATION SUPPLEMENTAL REFERENCE avw-time relies on asktime.answers, a configuration file created by avqinstall. The following table contains the attributes inserted into the asktime.answers file by avqinstall:
ATTRIBUTE DESCRIPTION
asktime.external_time_servers
List of IPv4 addresses for NTP time servers taken from the time_servers attribute of avqinstall. Each address is separated by whitespace. The asktime.external_time_servers attribute is not present unless asktime.have_external_time_servers is equal to yes (y).
asktime.have_external_time_servers
Boolean y (yes) or n (no) depending on whether external time servers have been specified. Name of the local time zone file for the utility node or single-node server (for example US/Pacific) found in the /usr/share/zoneinfo/ directory. This name is taken from the local_time_zone attribute of avqinstall.
asktime.zoneinfo_filename
avw-time uses the same set of auxiliary programs that asktime uses (dpn-timeconfig, mktime, timedist and timesyncmon).
101