Manualshelf

Managing HP Serviceguard for Linux, Eighth Edition, March 2008

ManualsBrandsHP ManualsSoftwareHP SAP Linux Serviceguard Cluster Extension
141142143144145146147148149150
Building an HA Cluster Configuration
Preparing Your Systems
Chapter 5144
Configuring Root-Level Access
The subsections that follow explain how to set up root access between the
nodes in the prospective cluster. (When you proceed to configuring the
cluster, you will define various levels of non-root access as well; see
“Controlling Access to the Cluster” on page 180.)
NOTE For more information and advice, see the white paper Securing
Serviceguard at http://docs.hp.com -> High Availability ->
Serviceguard -> White Papers.
Allowing Root Access to an Unconfigured Node
To enable a system to be included in a cluster, you must enable Linux
root access to the system by the root user of every other potential cluster
node. The Serviceguard mechanism for doing this is the file
$SGCONF/cmclnodelist. This is sometimes referred to as a “bootstrap”
file because Serviceguard consults it only when configuring a node into a
cluster for the first time; it is ignored after that. It does not exist by
default, but you will need to create it.
You may want to add a comment such as the following at the top of the
file:
###########################################################
# Do not edit this file!
# Serviceguard uses this file only to authorize access to an
# unconfigured node. Once the node is configured,
# Serviceguard will not consult this file.
###########################################################
The format for entries in cmclnodelist is as follows:
[hostname] [user] [#Comment]
For example:
gryf root #cluster1, node1
sly root #cluster1, node2
bit root #cluster1, node3