| Asset ID: |
1-79-1516025.1 |
| Update Date: | 2016-12-07 |
| Keywords: | |
Solution Type
Predictive Self-Healing Sure
Solution
1516025.1
:
How To Configure NIS Master, Slave And Client Configuration In Exalogic Virtual Environment
| Related Items |
- Exalogic Elastic Cloud X5-2 Eighth Rack
- Oracle Exalogic Elastic Cloud Software
- Exalogic Elastic Cloud X3-2 Half Rack
- Exalogic Elastic Cloud X3-2 Hardware
|
| Related Categories |
- PLA-Support>Eng Systems>Exalogic/OVCA>Oracle Exalogic>MW: Exalogic Core
|
In this Document
Applies to:
Oracle Exalogic Elastic Cloud Software - Version 2.0.1.0.0 and later
Exalogic Elastic Cloud X5-2 Eighth Rack
Exalogic Elastic Cloud X3-2 Half Rack
Exalogic Elastic Cloud X3-2 Hardware
Linux x86-64
Oracle Virtual Server(x86-64)
Purpose
This document provides a step-by-step illustration of how to setup and configure Exalogic virtual environment to provide an NIS environment comprised of MASTER/SLAVE servers and NIS CLIENTS.
Scope
Prerequisites for NIS configuration
- Create NIS vServers used as Master and Slave by selecting “LARGE” for vServer type and “IPoIB-vserver-shared-storage” & “Client Access EoIB network” for vNet Selection.
- Verify that you have following yp rpm’s installed on NIS vServers.
ypserv-2.19-9.el5_8.1
yp-tools-2.9-1.el5
ypbind-1.19-12.el5_6.1
- In case you do not have required yp rpm’s in above step 2) follow below steps for installing required YP packages on NIS VMs
a) Create directory “/etc/yum.repos.d”
b) Run below command for downloading the yum repository.
c) Run “yum install ypserv” command to install YP serv on NIS VMs
Details
Following are the detailed steps for configuring NIS in Exalogic virtual environment.
Create VMs for running NIS Master & Slave
Create a Distribution Group
Create a new distribution group called "NIS-Group". Refer to section "9.2.5 Creating Distribution Groups" under Oracle® Exalogic Elastic Cloud Administrator's Guide which has information on creating new distribution group.
Creating the VM
Create two vServers. These two vServers will be used for running NIS Master and Slave servers. Refer to section "9.2.7 Creating vServers" under Oracle® Exalogic Elastic Cloud Administrator's Guide which has information on creating vServers.
Create vServer with following settings:
- vServer Type Selection: LARGE
- vNet Selection: IPoIB-vserver-shared-storage & Client Access EoIB network(s)
- Distribution Group: NIS-Group
Making NIS VM Full Member of IPoIB Partition
- Locate the vm.cfg of the two NIS servers by ssh into any one of the dom0. Following are steps for doing this.
[root@scae03cn05 ~]# cd /OVS/Repositories/0004fb00000300000ca29f8ce7f571fa/
[root@scae03cn05 0004fb00000300000ca29f8ce7f571fa]# cd VirtualMachines/
[root@scae03cn05 VirtualMachines]# grep -r NIS .
./0004fb0000060000d4f615c6df13c8f1/vm.cfg:OVM_simple_name = 'NIS-server'
./0004fb000006000090905fcfdfffbdb3/vm.cfg:OVM_simple_name = 'NIS-server-2'
- Edit the vm.cfg file as follows:
[root@scae03cn05 VirtualMachines]# vi ./0004fb0000060000d4f615c6df13c8f1/vm.cfg
- Change the pKey for the IPoIB-vserver-shared-storage, For e.g. if the pkey is 0x8005. It would appear in the vm.cfg file as 0x0005 in 2 places. Modify it to 0x8005.
Note: PKey for IPoIB-vserver-shared-storage may be different. Please check the PKey for IPoIB-vserver-shared-storage network in your rack and make the change as needed. In this example we assume pkey is 8005. Pkey for IPoIB-vserver-shared-storage network can be found by clicking on the IPoIB-vserver-shared-storage network from EMOC BUI console under Networks accordion.
exalogic_ipoib = [{'pkey': ['0x0005', '0x0003'], 'port': '1'}, {'pkey': ['0x0005', '0x0003'], 'port': '2'}]
To
exalogic_ipoib = [{'pkey': ['0x8005', '0x0003'], 'port': '1'}, {'pkey': ['0x8005', '0x0003'], 'port': '2'}]
- Repeat above steps 2 and 3 for the second NIS VM. This change will require restart of the vServers. This will be done in the following steps.
Expanding the Root Partition
Once the VM is up and running, you will need to expand the root partition to use the extra space allocated for a LARGE size vServer. Following are the steps for expanding the Root partition.
- Turn off the swap.
- Remove the extended partition temporarily. You can do this by going to "fdisk /dev/xvda", delete both Linux partition (type 83) xvda and swap xvda3, recreate a new partition (xvda2) larger in size leaving space for the swap partition, recreate the swap partition and quit. Following are steps which illustrate this.
[root@test ~]# fdisk /dev/xvda
The number of cylinders for this disk is set to 1044.
There is nothing wrong with that, but this is larger than 1024,
and could in certain setups cause problems with:
1) software that runs at boot time (e.g., old versions of LILO)
2) booting and partitioning software from other OSs
(e.g., DOS FDISK, OS/2 FDISK)
Command (m for help): d
Partition number (1-4): 3
Command (m for help): d
Partition number (1-4): 2
Command (m for help): n
Command action
e extended
p primary partition (1-4)
p
Partition number (1-4): 2
First cylinder (14-1044, default 14):
Using default value 14
Last cylinder or +size or +sizeM or +sizeK (14-1044, default 1044): 980
Command (m for help): n
Command action
e extended
p primary partition (1-4)
p
Partition number (1-4): 3
First cylinder (981-1044, default 981):
Using default value 981
Last cylinder or +size or +sizeM or +sizeK (981-1044, default 1044):
Using default value 1044
Command (m for help): t
Partition number (1-4): 3
Hex code (type L to list codes): 82
Changed system type of partition 3 to 82 (Linux swap / Solaris)
Command (m for help): w
The partition table has been altered!
Calling ioctl() to re-read partition table.
WARNING: Re-reading the partition table failed with error 16: Device or resource busy.
The kernel still uses the old table.
The new table will be used at the next reboot.
Syncing disks.
[root@test ~]# reboot
Broadcast message from root (pts/0) (Wed Dec 5 13:48:48 2012):
- Reboot the virtual server again to see the new partition table. Once it is rebooted, resize the root file system according to the new partition size.
- Re-enable swap by running the following commands. Make sure the label (SWAP-hda3) matches the one in /etc/fstab.
# mkswap /dev/xvda3 -L SWAP-hda3
# swapon /dev/xvda3
Setting Up NIS Environment
Verify NIS RPM Packages
Run the following command against each node of your system to identify which version of the required NIS software packages are currently installed:
[root@nis-server-1 ~]# rpm -qa|grep -e ypserv -e yp-tools -e ypbind
ypserv-2.19-9.el5_8.1
yp-tools-2.9-1.el5
ypbind-1.19-12.el5_6.1
Configure the NIS Master and Slave
Follow below steps for configuring NIS server.
- Edit "/etc/sysconfig/network" file and add NISDOMAIN and domainname entries defining your NIS domain. Following is example for this:
NETWORKING=yes
NETWORKING_IPV6=no
HOSTNAME=nis-server-1
NISDOMAIN=us.oracle.com
domainname=us.oracle.com
- Edit "/etc/hosts" file. Refer to following example on this:
127.0.0.1 localhost.localdomain localhost
::1 localhost6.localdomain6 localhost6
10.133.221.22 nis-server-1-eoib.us.oracle.com nis-server-1-eoib
172.47.0.79 nis-server-1.us.oracle.com nis-server-1
172.47.0.78 nis-server-2.us.oracle.com nis-server-2
We must use vserver-shared-storage network(172.47.0.x)
- Edit "/etc/nsswitch.conf" as shown in following example:
edit /etc/nsswitch.conf, for example:
# To use db, put the "db" in front of "files" for entries you want to be
# looked up first in the databases
#
# Example:
#passwd: db files nisplus nis
#shadow: db files nisplus nis
#group: db files nisplus nis
passwd: files nis
shadow: files nis
group: files nis
:
- Within /etc/yp.conf append entries identifying each NIS server in the system (both MASTER and SLAVE servers)
The /etc/yp.conf file is used to provide NIS clients with the list of NIS Servers that can be used to satisfy NIS related queries.
Edit /etc/yp.conf and add a domain entry for each NIS MASTER or SLAVE server you have elected to configure, for example :
Master side:
domain us.oracle.com server nis-server-1.us.oracle.com
domain us.oracle.com server nis-server-2.us.oracle.com
ypserver nis-server-1.us.oracle.com
Slave Server side:
domain us.oracle.com server nis-server-1.us.oracle.com
domain us.oracle.com server nis-server-2.us.oracle.com
ypserver nis-server-2.us.oracle.com
- Edit "/var/yp/Makefile" file and change NOPUSH configuration from "true" to "false", as shown below:
# If we have only one server, we don't have to push the maps to the
# slave servers (NOPUSH=true). If you have slave servers, change this
# to "NOPUSH=false" and put all hostnames of your slave servers in the file
# /var/yp/ypservers.
#
# vvvvvv 21-JUN-20012 (APARKMAN) vvvvvvv
# NOPUSH=true (disable default)
NOPUSH=false
# ^^^^^^ 21-JUN-2012 (APARKMAN) ^^^^^^
:
- Stop NIS related Services on MASTER and SLAVE nodes as shown below:
[root@nis-server-1 yp]# service ypserv stop
Stopping YP server services: [ OK ]
[root@nis-server-1 yp]# service ypbind stop
Shutting down NIS services: [ OK ]
[root@nis-server-1 yp]# service yppasswdd stop
Stopping YP passwd service: [ OK ]
[root@nis-server-1 yp]# service ypxfrd stop
Stopping YP map server: [ OK ]
- Start the YPSERV service.
[root@nis-server-1 yp]# service ypserv start
Starting YP server services: [ OK ]
- Execute "ypinit -m" command to identify SLAVE serves to the NIS MASTER:
[root@nis-server-1 yp]# /usr/lib64/yp/ypinit -m
At this point, we have to construct a list of the hosts which will run NIS
servers. nis-server-1 is in the list of NIS server hosts. Please continue to add
the names for the other hosts, one per line. When you are done with the
list, type a <control D>.
next host to add: nis-server-1
next host to add: nis-server-2.us.oracle.com
next host to add: >>>[CTRL-D]<<<
The current list of NIS servers looks like this:
nis-server-1
nis-server-2.us.oracle.com
Is this correct? [y/n: y] y
We need a few minutes to build the databases...
Building /var/yp/us.oracle.com/ypservers...
Running /var/yp/Makefile...
gmake[1]: Entering directory `/var/yp/us.oracle.com'
Updating passwd.byname...
Updating passwd.byuid...
Updating group.byname...
Updating group.bygid...
Updating hosts.byname...
Updating hosts.byaddr...
Updating rpc.byname...
Updating rpc.bynumber...
Updating services.byname...
Updating services.byservicename...
Updating netid.byname...
Updating protocols.bynumber...
Updating protocols.byname...
Updating mail.aliases...
gmake[1]: Leaving directory `/var/yp/us.oracle.com'
From above snippet you can see that "nis-server-1" has been set up as a NIS master server. Now you can run "ypinit -s nis-server-1" command on all slave server.
- Start the remaining NIS services (ypbind, yppasswdd and ypxfrd) on the MASTER as follows:
[root@nis-server-1 yp]# service ypbind start
Binding to the NIS domain: [ OK ]
Listening for an NIS domain server..
[root@nis-server-1 yp]# service yppasswdd start
Starting YP passwd service: [ OK ]
[root@nis-server-1 yp]# service ypxfrd start
Starting YP map server: [ OK ]
- In Slave vm, do the following:
[root@nis-server-2 yp]# service ypserv start
Starting YP server services: [ OK ]
- Review NIS and YP Configuration. Invoke "nisdomainname" and "domainname" commands to confirm the NISDOMAIN has been appropriately set as follows:
[root@nis-server-2 yp]# nisdomainname
us.oracle.com
[root@nis-server-2 yp]# domainname
us.oracle.com
- Run "ypinit -s" command to initialize NIS configuration on the SLAVE Execute /usr/lib64/yp/ypinit -s and provide as it's argument the hostname identified within the output when you ran "/usr/lib64/yp/ypinit -m" command on the SLAVE. Following is example of command for reference:
[root@nis-server-2 etc]# /usr/lib64/yp/ypinit -s nis-server-1.us.oracle.com
We will need a few minutes to copy the data from nis-server-2.us.oracle.com.
Transferring protocols.byname...
Trying ypxfrd ... success
Transferring netid.byname...
Trying ypxfrd ... success
Transferring group.byname...
Trying ypxfrd ... success
Transferring hosts.byaddr...
Trying ypxfrd ... success
Transferring protocols.bynumber...
Trying ypxfrd ... success
Transferring ypservers...
Trying ypxfrd ... success
Transferring services.byname...
Trying ypxfrd ... success
Transferring hosts.byname...
Trying ypxfrd ... success
Transferring passwd.byuid...
Trying ypxfrd ... success
Transferring mail.aliases...
Trying ypxfrd ... success
Transferring passwd.byname...
Trying ypxfrd ... success
Transferring rpc.byname...
Trying ypxfrd ... success
Transferring rpc.bynumber...
Trying ypxfrd ... success
Transferring services.byservicename...
Trying ypxfrd ... success
Transferring group.bygid...
Trying ypxfrd ... success
nis-server-2.us.oracle.com's NIS data base has been set up. If there were warnings, please review to see what went wrong, and fix it accordingly. At this point, make sure that "/etc/passwd" and "/etc/group" files have been edited so that when the NIS is activated, the data bases you have just created will be used, instead of the /etc ASCII files.
- Execute following commands for auto restart of NIS services during NIS Master and Slave VMs reboot.
chkconfig portmap on
chkconfig ypserv on
chkconfig yppasswdd on
chkconfig ypxfrd on
chkconfig ypbind on
chkconfig nscd on
chkconfig rpcidmapd on
Note:
Make sure each daemon is restarted automatically on a system reboot, especially:
chkconfig rpcidmapd on
chkconfig ypbind on
chkconfig nscd on
Configuring ZFSSA and Other VMs as NIS Clients
We configure both ZFS Storage Appliance heads and other client VMs in Exalogic Virtual environment to act as NIS clients which talk to NIS Master and Slave VM's. Following section show information on configuring ZFS Storage Appliance heads and VM's as NIS clients.
Configuring NIS Client on ZFS Storage Appliance
Following are steps for configuring NIS client on ZFS Storage Appliance.
- Go to ZFS ->Configuration->Service ->Directory Services-> NIS.
- Put correct Domain name to match NIS server.
- Under Server(s) add NIS master and slave on to the list, In this e.g. 172.47.0.79 and 172.47.0.78. Below is screenshot of ZFS Storage Appliance BUI Console for reference with these changes.
- Apply the changes and restart the NIS service by clicking on refresh button highlighted in above screenshot.
-
You also need to change the "Custom NFSv4 identity domain" to match your NIS domain as shown in the screenshot below. Leaving it blank will cause problems. Restart the NFS service after making this change.
Configuring NIS Client VMs
Follow below steps for configuring NIS Client VMs.
- Edit "/etc/sysconfig/network" file and add NISDOMAIN and domainname entries defining your NIS domain as shown in below example:
NETWORKING=yes
NETWORKING_IPV6=no
HOSTNAME=<NIS client VM hostname>
NISDOMAIN=us.oracle.com
domainname=us.oracle.com
- Edit "/etc/hosts" as shown in following example:
172.47.0.79 nis-server-1.us.oracle.com nis-server-1
172.47.0.78 nis-server-2.us.oracle.com nis-server-2
We must use vserver-shared-storage network(172.47.0.x)
- Edit "/etc/nsswitch.conf" as follows:
# To use db, put the "db" in front of "files" for entries you want to be
# looked up first in the databases
#
# Example:
#passwd: db files nisplus nis
#shadow: db files nisplus nis
#group: db files nisplus nis
passwd: files nis
shadow: files nis
group: files nis
:
- Edit "/etc/yp.conf" as shown in following example:
domain us.oracle.com server nis-server-1.us.oracle.com
domain us.oracle.com server nis-server-2.us.oracle.com
- Edit "/etc/idmapd.conf" file as follows:
- Run "service rpcidmapd restart" command
[root@nis-1 NisTest]# service rpcidmapd restart
Stopping RPC idmapd: [ OK ]
Starting RPC idmapd: [ OK ]
- Start ypbind
[root@nis-1 ]# service ypbind start
- Add nscd startup on each client. It is critical that nscd daemon is started for optimal NIS performance on each client. It is started with the command:
[root@nis-1 ]# service nscd start
NIS Setup To Manage OS User Accounts
In some cases NIS users are used as OS user accounts. For e.g. using NIS users as sudo/su accounts or logging into putty sessions. In these use cases of using NIS users as OS user accounts, we will have to do following additional configuration.
1) Edit "/etc/passwd" file on all NIS VM's i.e. NIS Master, Slaves and Clients.
2) Append below line at the bottom of "/etc/passwd" file on all NIS VM's and save the changes.
+::::::
If above configuration is not in place, we will see below error message when logging (or) sudo'ing using NIS user.
id: cannot find name for user ID <uid>
id: cannot find name for group ID <gid>
id: cannot find name for user ID <uid>
Test the NIS configuration
Please validate your NIS configuration by reviewing the steps from the Test your configuration section from Document ID : 1470844.1 - How To Configure NIS Master, Slave And Client Configuration On Compute Nodes In Exalogic Elastic Cloud Software 2.x Physical Environment
References
<NOTE:1470844.1> - How To Configure NIS Master, Slave And Client Configuration On Compute Nodes In Exalogic Elastic Cloud Software 2.x Physical Environment
Attachments
This solution has no attachment
