Hitachi Storage Command Suite Hitachi Device Manager Software SMI-S Provider Installation and User Guide FASTFIND LINKS Document Organization Software Version Getting Help Contents MK-96HC138-06
Copyright © 2008 Hitachi Data Systems Corporation, ALL RIGHTS RESERVED Notice: No part of this publication may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopying and recording, or stored in a database or retrieval system for any purpose without the express written permission of Hitachi Data Systems Corporation (hereinafter referred to as “Hitachi Data Systems”).
Contents Preface .................................................................................................. vii Intended Audience ............................................................................................ viii Software Version............................................................................................... viii Release Notes ................................................................................................... viii Document Revision Level ................
propdir ............................................................................................. 1-12 logdir ............................................................................................... 1-12 Saving the cimom.properties File............................................................... 1-12 org.wbemservices.wbem.cimom.pswdprov .......................................... 1-12 Setting the Service Discovery Feature ..............................................................
Troubleshooting ................................................................................... 2-1 Calling the Hitachi Data Systems Support Center .................................................2-2 Acronyms and Abbreviations ....................................................................
Preface This manual describes the Hitachi Device Manager CIM/WBEM installation. In this manual, Hitachi Device Manager is abbreviated to Device Manager.
Intended Audience This manual is intended for users who manage systems containing storage subsystems (disk array devices).
Document Revision Level Revision Date Description MK-96HC138-00 June 2006 Initial Release MK-96HC138-01 November 2006 Revision 1, supersedes and replaces MK-96HC138-00 MK-96HC138-02 February 2007 Revision 2, supersedes and replaces MK-96HC138-01 MK-96HC138-03 June 2007 Revision 3, supersedes and replaces MK-96HC138-02 MK-96HC138-04 October 2007 Revision 4, supersedes and replaces MK-96HC138-03 MK-96HC138-05 February 2008 Revision 5, supersedes and replaces MK-96HC138-04 MK-96HC138-06 M
Document Conventions This document uses the following typographic conventions: Convention Description Bold Indicates text on a window, other than the window title, including menus, menu options, buttons, fields, and labels. Example: Click OK. Italic Indicates a variable, which is a placeholder for actual text provided by the user or system. Example: copy source-file target-file Note: Angled brackets (< >) are also used to indicate variables.
Convention for Storage Capacity Values Storage capacity values for logical devices are calculated based on the following values: 1 1 1 1 KB (kilobyte) = 1,024 bytes MB (megabyte) = 1024 kilobytes or 1,0242 bytes GB (gigabyte) = 1024 megabytes or 1,0243 bytes TB (terabyte) = 1024 gigabytes or 1,0244 bytes Getting Help The Hitachi Data Systems Support Center staff is available 24 hours a day, seven days a week.
xii Preface Hitachi Device Manager SMI-S Provider Installation and User Guide
1 Overview and Setup of CIM/WBEM This chapter gives an overview of CIM/WBEM (Web-Based Enterprise Management) provided by Device Manager and explains how to set up CIM/WBEM.
Device Manager and CIM/WBEM Device Manager supports WBEM defined by the standards-setting organization DMTF. WBEM is a standard proposed by the DMTF for managing networked devices, including hosts and storage subsystems, over the Internet. WBEM enables you to share data about devices in different environments (such as environments with different vendors, operating systems, or protocols) without considering the differences. WBEM is based on CIM, an object-oriented information model.
From a CIM client, you can specify a namespace by using the following procedure: • Specify the SMI-S version. Specify root/smis/smisxx (xx is an abbreviation for the version number). For example, to specify version 1.2.0, enter root/smis/smis12 The latest namespaces that complies with the specified SMI-S version is selected. • Specify the condition current. Enter root/smis/current. The current namespace is selected.
CIM/WBEM Features of Device Manager CIM/WBEM of Device Manager provides the four features specified in SMI-S: • Objection operation feature • Indication feature • Service discovery feature • Performance information acquisition feature These features are described below: • Object operation feature The SMI-S specifications, to which Device Manager conforms, define the interfaces for devices that make up a storage network, such as storage subsystems, virtual storage systems, switches, and hosts.
Preparing to Use the CIM/WBEM Features CIM/WBEM features are disabled by default in the Device Manager settings. To use them, you must specify the following settings after installation: • Basic settings required to use the CIM/WBEM features • Setting the port used by CIM/WBEM features • Settings required to use SSL (Secure Sockets Layer) in the CIM/WBEM features Basic Settings Required to Use the CIM/WBEM Features To use the CIM/WBEM features, you must first enable them.
If any service program is running (normally, another WBEM service program) that is using the same port to be used by an object operation feature, the object operation feature is not available. If any service program is running (normally, another SLP service (or SLP daemon)) that uses the same port (427) to be used by the service discovery feature, an attempt to start the SLP service (or SLP daemon) for Device Manager will fail.
Note: When upgrading Device Manager from version 4.2 or earlier to 4.3 or later, check the httpsd.conf file. If it contains coding that enables SSL functionality in the CIM/WBEM features, remove or comment out the coding before upgrading. For details about disabling SSL, refer to Chapter 7 of the Hitachi Device Manager and Provisioning Manager Installation and Configuration Guide. When the version of Device Manager is 4.2 or earlier, the httpsd.
Setting up the Ports Used by CIM/WBEM Features Opening and Closing Ports According to the Communication Type Ports can be opened or closed according to the communication type used by CIM/WBEM features. Security can be enhanced by closing unused ports. To open or close the port: 1. Using the server.cim.support.protocol property in the property file (server.properties) of the Device Manager server, set up whether to open or close each port according to the communication type. The setting values for server.
Changing the Port Number In the initial state, the port numbers used by the CIM/WBEM features are as follows: • HTTP port number: 5988 • HTTPS port number: 5989 To specify the port number: 1. Change the port number set in the Device Manager server property file (server.properties). For details, see the server.properties file. – To change the HTTP port number: Change the port number set in server.cim.http.port. – To change the HTTPS port number: Change the port number set in server.cim.https.port.
Setting up the Properties File Used by the CIM/WBEM Feature When executing CIM, you must set up the properties files for the Device Manager server, then restart Device Manager. The following table lists the Device Manager server properties. Table 1-4 Required Settings for Device Manager Server When Executing CIM Settings Required File Name Property Enable CIM, specify ports used in CIM, and configure settings required to use the performance information acquisition feature and the job setting feature.
server.cim.http.port To use non-SSL for the CIM interface, specify the HTTP port number. Default: 5988 server.cim.https.port To use SSL for the CIM interface, specify the port number of HTTPS. Default: 5989 server.cim.agent To use the CIM interface to acquire performance information of storage subsystems, specify the name of the host on which the Device Manager agent is installed. If you do not set this property, you cannot acquire performance information. Default: None server.cim.support.
The jserver.properties File This property file sets up the operating environment for the WBEM Service. It is stored in the following directory when Device Manager is installed: In Windows: installation-folder-for-the-Device-Manager-server\HiCommandServer\config In Solaris or Linux: installation-directory-for-the-Device-Manager-server/HiCommandServer/config The contents of the wbemservices.properties file are as follows. classpath This property sets classpath required for operating the WBEM Service.
Setting the Service Discovery Feature To use the service discovery feature of Device Manager, you need the following prerequisite software: • In Windows or Linux: OpenSLP 1.0.11 OpenSLP is attached to Device Manager. When you install Device Manager, the required file is copied. For details on OpenSLP, see the OpenSLP website (http://www.openslp.org/). • In Solaris: SUNWslpr package and SUNWslpu package These packages are attached to the Solaris system.
3. Register the SLP service as a Windows service. Execute the following command: > slpd -install To automatically start the service when Windows starts, execute the command with the auto option. > slpd -install auto This operation is required only once. Even if you restart the Windows system, you do not need to re-register the daemon. If you execute the command without the auto option, you need to manually start the SLP service.
4. Start the SLP daemon by restarting Solaris or executing the following command: # /etc/init.d/slpd start If Device Manager is uninstalled, stop or cancel the SLP daemon, as required. You can cancel the SLP daemon by using either of the following methods: • Delete /etc/init.d/slpd or rename it. • Delete /etc/inet/slp.conf or rename it. In Linux When Device Manager is installed, the OpenSLP file is copied at the same time.
Starting and Stopping the Service Discovery Feature In Windows To manually start the SLP service, perform either of the following procedures: • From Administrative Tools, choose Services and then Service Location Protocol to start the SLP service.
In Linux To manually start the SLP daemon, execute the following command: installation-directory-for-the-Device-Manager-server/HiCommandServer/wsi/bin/slpd.sh start To stop the SLP daemon, execute the following command: installation-directory-for-the-Device-Manager-server/HiCommandServer/wsi/bin/slpd.sh stop The following shows an example of executing the commands: # /opt/HiCommand/HiCommandServer/wsi/bin/slpd.sh start # /opt/HiCommand/HiCommandServer/wsi/bin/slpd.
Acquiring Performance Information Device Manager can obtain performance information of a storage subsystem using the CIM interface. The following storage subsystems are supported: Universal Storage Platform V/VM, Universal Storage Platform, Network Storage Platform, AMS, WMS, SMS, and 9500V.
Figure 1-2 Example System Configuration for Collecting Performance Data of a Storage Subsystem This section describes the system configuration that is required to use the performance information acquisition feature. • Management server A management server is a server in which Device Manager server version 5.9 or later is installed. You must set the management server so that CIM/WBEM can be used. For details, see Preparing to Use the CIM/WBEM Features.
Even if you use a machine, which is different from the management server, for the host to acquire performance information, the OS for the host that acquires performance information must be Windows, Solaris, or Linux. You cannot use a host on which HP-UX or AIX is running to acquire performance information. For details about the OSs (Windows, Solaris, and Linux) supported by the Device Manager agent, see the Hitachi Device Manager Agent Installation Guide.
Preparations in the host that acquires performance information Configure the settings shown below for the performance information-acquiring host: To configure the settings: 1. Install the Device Manager agent. To acquire performance information, a CCI/LIB is necessary. If you install the Device Manager agent on a host, a necessary CCI/LIB is installed. However, if a CCI/LIB is already installed on the host, it is not overwritten. In this case, verify that the CCI/LIB version is 01-12-03/03 or later. 2.
Preparations in the Device Manager server For the Device Manager server property, specify the name of the host from which performance information is acquired. To specify the host name for the server.cim.agent property in the server.properties file, use one of the following methods: • When specifying the host name during the installation of the Device Manager server: Enter the host name as indicated in the message displayed during the installation of the Device manager server.
Table 1-5 Values to Specify in the perf_cmddev.properties File Setting Item Raid ID Value Specify one of the following depending on the type of the target storage subsystem: R600 for Universal Storage Platform V R601 for Universal Storage Platform VM R500 for Hitachi USP R501 for Hitachi NSC55 Serial number Specify the serial number of the storage subsystem by using decimal numbers. LDEV number Specify the CU:LDEV number of the command device by using decimal numbers.
The parameters for the perf_findcmddev command are described below. If you specify no parameter, multiple parameters, or upper-case parameters, the method for specifying the command is displayed. view This parameter displays the settings for the command devices currently defined in the perf_cmddev.properties file. If an unrecognizable value is defined in the perf_cmddev.properties file, that value is displayed as UNKNOWN.
Acquiring Performance Data for Hitachi SMS, Hitachi AMS/WMS, Thunder 9500 or Thunder 9200 This section describes the settings required to acquire performance information of the Hitachi SMS, Hitachi AMS/WMS, Thunder 9500, or Thunder 9200 storage subsystems.
hdvmmodpolluser Command Format The hdvmmodpolluser command is stored in the following location: • Windows: installation-folder-for-the-Device-Managerserver\HiCommandServer\tools\hdvmmodpolluser.bat • Solaris or Linux: installation-folder-for-the-Device-Managerserver/HiCommandServer/tools/hdvmmodpolluser.
User Permissions for Using CIM/WBEM Features The following table shows the user permissions for using CIM/WBEM features, based on the Device Manager permissions and executable CIM methods.
Security Settings for CIM/WBEM Functionality CIM/WBEM functionality supports SSL communication for the following functions: • Object operations In the object operation feature, a CIM client acts as an SSL client and the Device Manager server acts as an SSL server. By default, you can perform SSL communication in object operations. If you want to modify a keystore file used for SSL, see Authenticating File Operations.
Modifying the Keystore File for Object Operations Following is the default location of the keystore file used for CIMOM object operations (the keystore password is wbemssl). At this location, the keystore file can be used without modification: • Windows: installation-folder-for-the-Device-Managerserver\HiCommandServer\wsi\server\jserver\bin\.keystore • Solaris or Linux: installation-directory-for-the-Device-Managerserver/HiCommandServer/wsi/server/jserver/bin/.keystore To modify the keystore file: 1.
4. Modify the MOF file (WBEMSolutions_CIMXMLSObjectManagerAdapter_instances.mof). Specify in the MOF file the keystore password that was encrypted in step 2 of this procedure.
Specifying Two-Way Authentication for the Object Operation You can use HiKeytool to set up two-way authentication for object operations. First Setup Procedure Performed in a CIM Client Create a keystore file for the CIM and export the client authentication file. For details on creating a keystore file and exporting an authentication file, see Creating a Keystore File and Exporting an Authentication File from a Keystore File.
4. Stop the Device Manager server as indicated in the displayed message. – Windows: Select Start, All Programs, Hitachi Storage Command Suite, Device Manager, then Stop Server. – Solaris or Linux: Execute the following command: installation-directory-for-the-Device-Managerserver/suitesrvcntl -stop_hdvm The following shows an example of executing the command: # /opt/HiCommand/suitesrvcntl -stop_hdvm 5. Type 2 in the submenu. The mofcomp command is executed and the MOF file is compiled.
7. Enter the alias, the truststore password, and the client authentication file name. Enter the client authentication file name by absolute path. An input example is shown below. Enter alias:foocorpclient Enter truststore-password:trustssl Enter authentication-filename(absolute path):c:\tmp\client.cer At completion of processing, you are returned to the SMI-S main panel. 8. In the SMI-S main panel, enter 5.
Specifying Two-Way Authentication for Event Indications This section describes how to set up two-way authentication for event indications. First Setup Procedure Performed in a CIM Client Create a keystore file for the CIM and export the client authentication file. For details, see Creating a Keystore File and Exporting an Authentication File from a Keystore File.
3. Stop the Device Manager server: – In Windows, select Start, All Programs, Hitachi Storage Command Suite, Device Manager, then Stop Server. – In Solaris or Linux, execute the following command: installation-directory-for-the-Device-Managerserver/suitesrvcntl -stop_hdvm The following shows an example of executing the command: # /opt/HiCommand/suitesrvcntl -stop_hdvm 4. Specify, in the MOF file, the encrypted keystore password that was obtained in step 2 of this procedure.
8. If (Current setting: SSL without two-way authentication) appears at item 2 in the SMI-S main panel, type 2. If (Current setting:SSL with two-way authentication) appears in the SMI-S main panel, skip to step 11. When you type 2 in the SMI-S main panel, a submenu appears as in the example shown below. You must stop the Device Manager Server before specifying this setting. 1) SSL without two-way authentication 2) SSL with two-way authentication > 9.
11. In the SMI-S main panel, enter 4. This option starts processing to import the client authentication file to the truststore file for event indications. The truststore file for the event indication (the truststore password is indtrust) is stored in the following location: – Windows: installation-folder-for-the-Device-Managerserver\HiCommandServer\wsi\server\jserver\bin\.ind.truststore – Solaris or Linux: installation-directory-for-the-Device-Managerserver/HiCommandServer/wsi/server/jserver/bin/.ind.
Disabling Two-way Authentication Use HiKeytool for disabling two-way authentication for object operations or event indications. 1. Open a command prompt or terminal window, navigate to installationdirectory-for-the-Device-Manager-server/HiCommandServer and run HiKeytool. – For Windows, type HiKeytool.bat, and press the Enter key. – For Solaris or Linux, type HiKeytool.sh and press the Enter key. 2. The HiKeytool main panel appears. Enter 2. The SMI-S main panel appears as in the example shown below.
5. Enter 1. The mofcomp command is executed and the MOF file is compiled. You are returned to the SMI-S main panel when the mofcomp command has completed execution. Cautions: • If you type the same number as the current setting, you are immediately returned to the SMI-S main panel. • If mofcomp command execution fails, the following message appears: The compilation of the MOF file failed. In this case, collect all files in the following directory, and then contact maintenance personnel.
Authenticating File Operations This section describes the following operations required for SSL-encrypted communication between the Device Manager server and the CIM client using the CIM/WBEM functions: • Creating a keystore file • Exporting authentication files from a keystore file • Creating a truststore file and importing authentication files These operations use the Java (JDK1.4.0) tool hcmdskeytool (for Windows) or keytool (for Solaris and Linux).
Creating a Keystore File To create a keystore file: 1.
Exporting an Authentication File from a Keystore File To export an authentication file from a keystore file: 1. Execute the following command: – Windows: hcmdskeytool -export -keystore keystore-filename -storepass keystore-password -alias alias -file authentication-file-name – Solaris or Linux: keytool -export -keystore keystore-filename -storepass keystorepassword -alias alias -file authentication-file-name 2.
Overview and Setup of CIM/WBEM Hitachi Device Manager SMI-S Provider Installation and User Guide 1-43
2 Troubleshooting This chapter provides contact information for the Hitachi Data Systems Support Center.
Calling the Hitachi Data Systems Support Center If you need to call the Hitachi Data Systems Support Center, make sure to provide as much information about the problem as possible, including: • The circumstances surrounding the error or failure, • The exact content of any error messages displayed. The Hitachi Data Systems customer support staff is available 24 hours a day, seven days a week.
Acronyms and Abbreviations CIM CIMOM Common Information Model Common Information Model Object Manager DMTF Distributed Management Task Force Hitachi USP A generic term for: Hitachi Universal Storage Platform Hitachi Network Storage Controller HTTP HyperText Transfer Protocol LDEV logical device MOF Managed Object Format SLP SMI-S SNIA-CTP Service Location Protocol Storage Management Initiative - Specification (SNIA) Storage Network Industry Association-Conformance Testing Program WBEM
Acronyms-2 Acronyms and Abbreviations Hitachi Device Manager SMI-S Provider Installation and User Guide
Hitachi Device Manager SMI-S Provider Installation and User Guide
Hitachi Data Systems Corporate Headquarters 750 Central Expressway Santa Clara, California 95050-2627 U.S.A. Phone: 1 408 970 1000 www.hds.com info@hds.com Asia Pacific and Americas 750 Central Expressway Santa Clara, California 95050-2627 U.S.A. Phone: 1 408 970 1000 info@hds.com Europe Headquarters Sefton Park Stoke Poges Buckinghamshire SL2 4HD United Kingdom Phone: + 44 (0)1753 618000 info.eu@hds.
