Manualshelf

Designing Disaster Tolerant High Availability Clusters, 10th Edition, March 2003 (B7660-90013)

ManualsBrandsHP ManualsSoftwareHP Serviceguard Continentalclusters
211212213214215216217218219220
Building a Continental Cluster
Building the ContinentalClusters Configuration
Chapter 5212
After the cmapplyconcl command has been run successfully, you can
remove this entry from the /.rhosts file if you wish. Remember,
however, that the entry must be present in the /.rhosts file when you
use cmapplyconcl at a later time.
NOTE The cmclnodelist file does not provide the required type of access for
the cmapplyconcl command.
You must also create the /etc/opt/cmom/cmomhosts file on all nodes.
This file allows nodes that are running monitor packages to obtain
information from other nodes about the health of each cluster. The file
must contain entries that allow access to all nodes in the continental
cluster by the nodes where monitors are running.
You define the order of security checking by creating entries of the
following types:
order deny,allow If deny is first, the deny list is checked first to see if
the node is there, then the allow list is checked.
deny from lists all the nodes that are denied access. Permissible
entries are:
all All hosts are denied access.
domain Hosts whose names match, or end in,
this string are allowed access, e.g.
hp.com.
hostname The named host (for example,
kitcat.myco.com) is denied access.
IP address Either a full IP address, or a partial
IP address of 1 to 3 bytes for subnet
restriction is allowed.
network/netmask This pair of addresses allows more
precise restriction of hosts, (e.g.
10.163.121.23/225.225.0.0).
network/nnnCIDR This specification is like the
network/netmask specification,
except the netmask consists of nnn
high-order 1 bits. CIDR stands for