Specifications

ManualsBrandsMicroNet ManualsMusical equipmentFibre to SAS/SATA II RAID Subsystem

141

142

143

144

145

146

147

148

149

150

The lkpolicy Tool

In the above resource hierarchy, app depends on both IP and file system. A policy can be set

to disable local recovery or failover of a specific resource. This means that, for example, if the

IP resource's local recovery fails and a policy was set to disable failover of the IP resource,

then the IP resource will not fail over or cause a failover of the other resources. However, if the

file system resource's local recovery fails and the file system resource policy does not have

failover disabled, then the entire hierarchy will fail over.

Note: It is important to remember that resource level policies apply only to the specific

resource for which they are set.

This is a simple example. Complex hierarchies can be configured, so care must be taken when

setting resource-level policies.

The lkpolicy Tool

The lkpolicy tool is the command-line tool that allows management (querying, setting, removing) of

policies on servers running Steeleye Protection Suitefor Linux or SteelEye vAppKeeper. lkpolicy

supports setting/modifying policies, removing policies and viewing all available policies and their

current settings. In addition, defined policies can be set on or off, preserving resource/server settings

while affecting recovery behavior.

The general usage is :

lkpolicy [--list-policies | --get-policies | --set-policy | --remove-policy] <name value pair data...>

The <name value pair data...> differ depending on the operation and the policy being

manipulated, particularly when setting policies. For example: Most on/off type policies only

require --on or --off switch, but the temporal policy requires additional values to describe the

threshold values.

Example lkpolicy Usage

Authenticating With Local and Remote Servers

The lkpolicy tool communicates with Steeleye Protection Suiteand vAppKeeper servers via an API

that the servers expose. This API requires authentication from clients like the lkpolicy tool. The first

time the lkpolicy tool is asked to access a Steeleye Protection Suiteor vAppKeeper server, if the

credentials for that server are not known, it will ask the user for credentials for that server. These

credentials are in the form of a username and password and:

1. Clients must have Steeleye Protection Suite/vAppKeeper admin rights. This means the

username must be in the lkadmin group according to the operating system's authentication

configuration (via pam).It is not necessary to run as root, but the root user can be used since

it is in the appropriate group by default.

2. The credentials will be stored in the credentialstoreso they do not have to be entered

manually each time the tool is used to access this server.

SeeConfiguring Credentials for SteelEye Protection Suiteor Configuring Credentials for vAppKeeper

for more information on the credential store and its management with the credstore utility.

An example session with lkpolicy might look like this:

SteelEye Protection Suite for Linux123