Managing Systems and Workgroups: A Guide for HP-UX System Administrators

ManualsBrandsHP ManualsSoftwareHP-UX 11i v1.6 Technical Computing (TCOE) LTU

171

172

173

174

175

176

177

178

179

180

Conﬁguring a System

Using Distributed Systems Administration Utilities

Chapter 3176

The -v instructs cfrun itself to be more verbose and the

--verbose is passed on to the remote cfagent.

For additional troubleshooting information, please refer to

“cfengine Troubleshooting” on page 182.

Conﬁguring a Synchronization Managed Client When manually

conﬁguring managed clients, the basic steps are:

• Exchanging security keys. This establishes the trust relationship

between the managed client and master server.

• Copying update.conf from the master server to the managed client.

• Setting a schedule for which cfagent will perform synchronization

operations.

To conﬁgure a Serviceguard cluster as a client of an existing cfengine

master server, then each cluster member is treated as if it were a

standalone system and conﬁgured individually. If you add new members

to the cluster, each must be conﬁgured appropriately.

If you are adding a new member to a Serviceguard cluster and that

cluster is running the csync package, then the members of the cluster

are automatically conﬁgured as cfengine-managed clients. In this

scenario, the csync package acts as the master server. New members

will be automatically conﬁgured as a managed clients and also able to

handle failover for the package. The package’s storage infrastructure and

ﬁlesystem should be conﬁgured before adding the member to the cluster.

To add a new managed client, start by conﬁguring the trust relationship

between the client and the master server. The two systems exchange

security keys to authenticate each other. The master server’s public key

needs to be copied to the client and the client’s public key is copied to the

master server:

1. As root, create the client’s security key using cfkey:

# mkdir -p /var/opt/cfengine/ppkeys

# cd /var/opt/cfengine/ppkeys

# /opt/dsau/sbin/cfkey

This creates the ﬁles localhost.pub and localhost.priv for this client.

2. Copy this client’s key to the master server. The master server uses

the following naming convention for the client keys,

<client_IP_address

>.pub.