"Secure by default" and Sun Cluster 3.2

If you choose the "Secure by default" option when installing Solaris 10 11/06 (which is equal to run "netservices limited" lateron), then you need to perform the following steps prior to installing Sun Cluster 3.2:

  1. Ensure that the local_only property of rpcbind is set to false:
    # svcprop network/rpc/bind:default | grep local_only

    if local_only is not set to false, run:

    # svccfg
    svc:> select network/rpc/bind
    svc:/network/rpc/bind> setprop config/local_only=false
    svc:/network/rpc/bind> quit
    # svcadm refresh network/rpc/bind:default

     It is needed for cluster communication between nodes.

  2. Ensure that the tcp_listen property of webconsole is set to true:
    # svcprop /system/webconsole:console | grep tcp_listen

    If tcp_listen is not true, run:

    # svccfg
    svc:> select system/webconsole
    svc:/system/webconsole> setprop options/tcp_listen=true
    svc:/system/webconsole> quit
    # svcadm refresh svc:/system/webconsole:console
    # /usr/sbin/smcwebserver restart

    It is needed for Sun Cluster Manager communication.

    To verify if the port is listen to *.6789 you can execute
    # netstat -a | grep 6789


Posted on: Jul 14, 2007

Posted by: tf

Category: Sun Cluster

Permanent link to this entry

Comments:

Thanks very much for writting this.

Posted by msl on July 15, 2007 at 01:02 AM CEST #

Post a Comment:
Comments are closed for this entry.

This blog copyright 2009 by tf