Manualshelf

Veritas Storage Foundation 5.1 SP1 for Oracle RAC Administrator"s Guide (5900-1512, April 2011)

ManualsBrandsHP ManualsSoftwareHP-UX 11i Volume Management (LVM/VxVM) Software
61626364656667686970
Figure 1-11
CP server and SF Oracle RAC clusters with authentication broker
and root broker
Server
Authentication broker
Root broker
Client1
Authentication
broker
Client2
Authenticaton
broker
Client clusters ...
Entities on behalf of which authentication is done, are referred to as principals.
On the SF Oracle RAC cluster nodes, the current VCS installer creates the
Authentication Server credentials on each node in the cluster, creates Web
credentials for VCS users, and then sets up trust with the root broker. It also
creates a VCS service group for the authentication broker. The installer then
proceeds to start VCS in secure mode.
Typically, in an existing VCS cluster with security configured, a root broker would
already have been configured and an authentication broker will be running on
each cluster node.
How secure communication between the CP servers and SF Oracle RAC
clusters work
CP server and SF Oracle RAC cluster node communication involve the following
entities:
vxcpserv for the CP server
cpsadm for the SF Oracle RAC cluster node
Figure 1-12 displays a schematic of the end-to-end communication flow with
security enabled on CP server and SF Oracle RAC clusters.
67Overview of Veritas Storage Foundation for Oracle RAC
About preventing data corruption with I/O fencing