If you have already installed and setup your Veritas cluster and forget to configure it in secure mode, then this tutorial can be of great help. In this tutorial we will guide you how to enable a secure cluster mode in Veritas InfoScale Enterprise 7 in a 2 node cluster.
First of all you should know that to turn ON secure cluster option in your cluster, your cluster will restart and all the previously added user to your cluster configuration will go, so you should plan this activity accordingly and take proper BACKUP’s.
Prerequisites for Enabling Secure Cluster Mode in VCS
1. Two node cluster.
2. Cluster should be running. Running state can be checked using “hasys -state” or “hastatus -sum”.
3. Verify if cluster is already running as a secure cluster or not.
[root@node1 ~]# haclus -value SecureClus 0 [root@node1 ~]#
Enabling Secure Cluster Mode in Veritas Cluster Server
Now, once you have done some brainstorming, follow below steps to enable a secure cluster feature on your Veritas Cluster server. Here, we are using Veritas latest product Veritas InfoScale Enterprise 7 with Red Hat Linux 6.
Login to any one of the node of the cluster and enter below commands.
[root@node1 ~]# hasys -state
#System Attribute Value
node1 SysState RUNNING
node2 SysState RUNNING
[root@node1 ~]#
[root@node1 ~]# /opt/VRTS/install/installer -security
Veritas InfoScale Enterprise 7.1 Configure Program
Copyright (c) 2016 Veritas Technologies LLC. All rights reserved.
Veritas and the Veritas Logo are trademarks or registered trademarks of
Veritas Technologies LLC or its affiliates in the U.S. and other countries.
Other names may be trademarks of their respective owners.
The Licensed Software and Documentation are deemed to be
"commercial computer software" and "commercial computer software documentation"
as defined in FAR Sections 12.212 and DFARS Section 227.7202.
Logs are being written to /var/tmp/installer-201701280531qrp while
installer is in progress.
Enter the name of any system in the cluster to configure secure mode: node1
Checking communication on node1 .............................................. Done
Checking release compatibility on node1 ...................................... Done
Checking InfoScale Enterprise installation on node1 ............. Version 7.1.0.000
Veritas InfoScale Enterprise 7.1 Configure Program
Cluster information verification:
Cluster Name: got
Cluster ID Number: 100
Systems: node1 node2
Would you like to configure secure mode on the cluster? [y,n,q] (y) y
Checking communication on node1 ............................................ Done
Checking release compatibility on node1 .................................... Done
Checking InfoScale Enterprise installation on node1 ........... Version 7.1.0.000
Checking communication on node2 ............................................ Done
Checking release compatibility on node2 .................................... Done
Checking InfoScale Enterprise installation on node2 ........... Version 7.1.0.000
Checking configured component .............................................. Done
Veritas InfoScale Enterprise 7.1 Configure Program
Following cluster information detected:
Cluster Name: got
Cluster ID: 100
Systems: node1 node2
Service Groups: ClusterService appsg mysg vxfen
Note that all user configurations about this cluster will be deleted during
this transformation. The command
'/opt/VRTSvcs/bin/hauser' can be used to create cluster user manually.
Do you want to enable secure mode in this VCS cluster? [y,n,q] (y)
Do you want to grant read access to everyone? [y,n,q,?] (n)
Do you want to provide any usergroups that you would like
to grant read access? [y,n,q,?] (y) n
Veritas InfoScale Enterprise 7.1 Configure Program
Restarting VCS with secure mode enabled:
Deleting cluster users for VCS ............................................ Done
Configuring a secure cluster for VCS ...................................... Done
Stopping VCS .............................................................. Done
Updating VCS configuration ................................................ Done
Starting VCS on node1 ..................................................... Done
Starting VCS on node2 ..................................................... Done
Confirming VCS startup ....................................... 2 systems RUNNING
Security is successfully enabled
installer log files, summary file, and response file are saved at:
/opt/VRTS/install/logs/installer-201701280531qrp
Would you like to view the summary file? [y,n,q] (n)
This is how you can enable secure cluster feature on your Veritas high availability cluster. If anything fails, then you will see it and also it will be logged to logs, which can be reviewed later. If you need our help in any step, do comment below.
Verifying Secure Cluster Mode is ON or NOT
After you have configured your Veritas cluster as shown above, just check if it is actually enabled and working. Below command verifies that secure cluster is now enabled in our two node cluster.
[root@node1 ~]# haclus -value SecureClus
1
[root@node1 ~]# grep -i SecureClus /etc/VRTSvcs/conf/config/main.cf
SecureClus = 1
[root@node1 ~]#
[root@node1 ~]# cat /etc/redhat-release
Red Hat Enterprise Linux Server release 6.5 (Santiago)
[root@node1 ~]#
Hope this article was helpful to you and know you will able to configure your VCS cluster in secure mode more confidently. Let us know in case you need any help and we would be happy to help you.
Also, don’t forget to subscribe to our blog for more such tutorials by Email. Yes, it’s FREE.
