Symantec Veritas 5 User Manual

Veritas Cluster Server Installation Guide

Linux for IBM Power

5.0 Release Update 3

Veritas Cluster Server Installation Guide

The softwaredescribed inthis bookis furnishedunder alicense agreementand maybe used
only in accordance with the terms of the agreement.

Product version: 5.0 RU3

Document version: 5.0RU3.0

Legal Notice

Copyright © 2009 Symantec Corporation. All rights reserved.

Symantec, the Symantec Logo, Veritas and Veritas Storage Foundation are trademarks or
registered trademarks of Symantec Corporation or its affiliates in the U.S. and other
countries. Other names may be trademarks of their respective owners.

The product described in this document is distributed under licenses restricting its use,
copying, distribution, and decompilation/reverse engineering. No part of this document
may be reproduced in any form by any means without prior written authorization of
Symantec Corporation and its licensors, if any.

THE DOCUMENTATIONISPROVIDED "ASIS" AND ALLEXPRESS ORIMPLIED CONDITIONS,
REPRESENTATIONS AND WARRANTIES, INCLUDING ANY IMPLIED WARRANTY OF
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT,
ARE DISCLAIMED, EXCEPT TO THE EXTENT THAT SUCH DISCLAIMERS ARE HELD TO
BE LEGALLYINVALID. SYMANTEC CORPORATIONSHALL NOT BELIABLE FOR INCIDENTAL
OR CONSEQUENTIAL DAMAGES IN CONNECTION WITH THE FURNISHING,
PERFORMANCE, OR USE OF THIS DOCUMENTATION. THE INFORMATION CONTAINED
IN THIS DOCUMENTATION IS SUBJECT TO CHANGE WITHOUT NOTICE.

The LicensedSoftware andDocumentation aredeemed tobe commercialcomputer software
as definedin FAR 12.212 and subject to restricted rights asdefined inFAR Section52.227-19
"Commercial Computer Software - Restricted Rights" and DFARS 227.7202, "Rights in
Commercial Computer Software or Commercial Computer Software Documentation", as
applicable, and any successor regulations. Any use, modification, reproduction release,
performance, displayor disclosure of the Licensed Software and Documentation bythe U.S.
Government shall be solely in accordance with the terms of this Agreement.

Symantec Corporation
350 Ellis Street
Mountain View, CA 94043

http://www.symantec.com

Technical Support

Symantec Technical Support maintains support centers globally. Technical
Support’s primary role is to respond to specific queries about product features
and functionality.The Technical Support group also creates contentfor our online
Knowledge Base. The Technical Support group works collaboratively with the
other functional areas within Symantec to answer your questions in a timely
fashion. Forexample, theTechnical Supportgroup works with Product Engineering
and SymantecSecurity Response to provide alerting services andvirus definition
updates.

Symantec’s maintenance offerings include the following:

■ A range of support options that give you the flexibility to select the right

amount of service for any size organization

■ Telephone and Web-based support that provides rapid response and

up-to-the-minute information

■ Upgrade assurance that delivers automatic software upgrade protection

■ Global support that is available 24 hours a day, 7 days a week

■ Advanced features, including Account Management Services

For information about Symantec’s Maintenance Programs, you can visitour Web
site at the following URL:

www.symantec.com/techsupp/

Contacting Technical Support

Customers with a current maintenanceagreement may access Technical Support
information at the following URL:

www.symantec.com/business/support/assistance_care.jsp

Before contacting Technical Support, make sure you have satisfied the system
requirements that are listed in your product documentation. Also, you should be
at thecomputer on which the problem occurred, incase itis necessaryto replicate
the problem.

When you contact Technical Support, please have the following information
available:

■ Product release level

■ Hardware information

■ Available memory, disk space, and NIC information

■ Operating system

■ Version and patch level

■ Network topology

■ Router, gateway, and IP address information

■ Problem description:

■ Error messages and log files

■ Troubleshooting that was performed before contacting Symantec

■ Recent software configuration changes and network changes

Licensing and registration

If yourSymantec product requires registration or a licensekey, accessour technical
support Web page at the following URL:

www.symantec.com/techsupp/

Customer service

Customer service information is available at the following URL:

www.symantec.com/techsupp/

Customer Service is available to assist with the following types of issues:

■ Questions regarding product licensing or serialization

■ Product registration updates, such as address or name changes

■ General product information (features, language availability, local dealers)

■ Latest information about product updates and upgrades

■ Information about upgrade assurance and maintenance contracts

■ Information about the Symantec Buying Programs

■ Advice about Symantec's technical support options

■ Nontechnical presales questions

■ Issues that are related to CD-ROMs or manuals

Documentation feedback

Your feedback on product documentation is important to us. Send suggestions
for improvements and reports on errors or omissions to

clustering_docs@symantec.com. Include the title and document version (located

on the second page), and chapter and section titles of the text on which you are
reporting.

Maintenance agreement resources

If you want to contact Symantec regarding an existing maintenance agreement,
please contact the maintenance agreement administration team for your region
as follows:

Additional enterprise services

Symantec offers a comprehensive setof services that allow you to maximize your
investment in Symantec products and to develop your knowledge, expertise, and
global insight, which enable you to manage your business risks proactively.

Enterprise services that are available include the following:

customercare_apac@symantec.comAsia-Pacific and Japan

semea@symantec.comEurope, Middle-East, and Africa

supportsolutions@symantec.comNorth America and Latin America

Symantec EarlyWarning Solutions

Managed Security Services

Consulting Services

Educational Services

To access more information about Enterprise services, please visit our Web site
at the following URL:

www.symantec.com

Select your country or language from the site index.

These solutions provide early warning of cyber attacks, comprehensive threat
analysis, and countermeasures to prevent attacks before they occur.

These servicesremove theburden ofmanaging andmonitoring securitydevices
and events, ensuring rapid response to real threats.

Symantec Consulting Services provide on-site technical expertise from
Symantec andits trustedpartners. SymantecConsulting Servicesoffer avariety
of prepackaged and customizable options that include assessment, design,
implementation, monitoring,and managementcapabilities. Each is focused on
establishing andmaintaining the integrity and availability of your IT resources.

Educational Services provide a full array of technical training, security
education, security certification, and awareness communication programs.

Contents

Technical Support ..... ..... ..... .... . .... . .... . .... ..... ..... .... . .... . .... ..... ..... .... . .... . .... . .... ..... ... 4

Chapter 1 Introducing Veritas Cluster Server ..... . .... ..... ..... .... . .... . .... 13

About Veritas Cluster Server ..... ..... .... . .... . .... . .... ..... ..... .... . .... . .... . .... 13

About VCS basics .... . .... . .... ..... ..... .... . .... . .... . .... ..... ..... .... . .... . .... . .... . 13

About multiple nodes . .... . .... . .... . .... ..... ..... .... . .... . .... . .... ..... .... . ... 14

About shared storage .... .... . .... . .... . .... ..... ..... .... . .... . .... ..... ..... .... . 14

About LLT and GAB . .... . .... . .... . .... ..... ..... .... . .... . .... . .... ..... .... . .... . 15

About network channels for heartbeating .... ..... .... . .... . .... . .... ..... .. 15

About preexisting network partitions ... . .... . .... ..... ..... .... . .... . .... . .. 16

About VCS seeding ... . .... ..... .... . .... . .... . .... ..... ..... .... . .... . .... . .... .... 16

About VCS features . .... . .... . .... ..... ..... .... . .... . .... . .... ..... .... . .... . .... . .... .. 17

Veritas Installation Assessment Service ... .... . .... . .... . .... ..... ..... .... . 17

About VCS notifications .... ..... .... . .... . .... . .... ..... ..... .... . .... . .... . .... . 17

About global clusters ... . .... . .... ..... ..... .... . .... . .... . .... ..... .... . .... . .... . 17

About I/O fencing .... .... . .... . .... . .... ..... ..... .... . .... . .... . .... ..... ..... .... . 18

About VCS optional components ... . .... . .... ..... ..... .... . .... . .... . .... ..... ..... 18

About Symantec Product Authentication Service (AT) .... ..... .... . .... . 19

About Cluster Manager (Java Console) . .... . .... . .... ..... ..... .... . .... . .... . 20

About Veritas Cluster Server Management Console .... . .... . .... ..... ... 20

About VCS Simulator ..... ..... .... . .... . .... ..... ..... .... . .... . .... . .... ..... .... 20

Chapter 2 Planning to install VCS .. .... . .... . .... . .... ..... ..... .... . .... . .... . .... ..... 23

About planning to install VCS .... ..... ..... .... . .... . .... . .... ..... ..... .... . .... . .... 23

Hardware requirements .... ..... ..... .... . .... . .... . .... ..... ..... .... . .... . .... . .... .. 23

Required disk space .... ..... ..... .... . .... . .... . .... ..... ..... .... . .... . .... ..... .. 24

Supported operating systems ... . .... ..... ..... .... . .... . .... ..... ..... .... . .... . .... . 25

Required Linux RPMs for VCS ... . .... ..... ..... .... . .... . .... . .... ..... ..... ... 26

Supported software . ..... ..... .... . .... . .... . .... ..... ..... .... . .... . .... . .... ..... ..... . 27

Chapter 3 Preparing to install VCS .... . .... . .... . .... ..... ..... .... . .... . .... . .... ..... 29

About preparing to install VCS ... .... . .... . .... . .... ..... ..... .... . .... . .... . .... .... 29

Preparing to configure the clusters in secure mode . ..... .... . .... . .... . .... ... 29

Installing the root broker for the security infrastructure . ..... .... . .... 33

Contents8

Creating authentication broker accounts on root broker

system ..... .... . .... . .... ..... ..... .... . .... . .... . .... ..... ..... .... . .... . .... . .. 34

Creating encrypted files for the security infrastructure ... .... . .... . .... 35

Preparing the installation system for the security

infrastructure ... ..... ..... .... . .... . .... . .... ..... ..... .... . .... . .... ..... .... 37

Performing preinstallation tasks .... . .... . .... ..... .... . .... . .... . .... ..... ..... .... . 38

Obtaining VCS license keys . ..... ..... .... . .... . .... . .... ..... ..... .... . .... . .... 39

Setting up the private network . . .... . .... ..... ..... .... . .... . .... . .... ..... .... 40

Configuring SuSE network interfaces .... ..... ..... .... . .... . .... . .... ..... ... 42

Setting up inter-system communication .... ..... ..... .... . .... . .... . .... .... 44

Setting up shared storage ... . .... . .... . .... ..... ..... .... . .... . .... ..... ..... .... 46

Setting the PATH variable . . .... . .... . .... ..... ..... .... . .... . .... . .... ..... ..... 47

Setting the MANPATH variable ... . .... ..... ..... .... . .... . .... ..... ..... .... . . 47

Setting the kernel.panic tunable . ..... ..... .... . .... . .... . .... ..... ..... .... . .. 48

Optimizing LLT media speed settings on private NICs .... . .... . .... . .... 48

Guidelines for setting the media speed of the LLT

interconnects .... .... . .... . .... ..... ..... .... . .... . .... . .... ..... ..... .... . .... 48

Mounting the product disc .... . .... . .... ..... ..... .... . .... . .... . .... ..... ..... .. 49

Performing automated pre-installation check .... ..... .... . .... . .... ..... .. 49

Chapter 4 Installing and configuring VCS .... ..... .... . .... . .... . .... ..... ..... ... 51

About installing and configuring VCS . .... ..... ..... .... . .... . .... . .... ..... ..... .. 51

Getting your VCS installation and configuration information

ready .... . .... ..... ..... .... . .... . .... ..... ..... .... . .... . .... . .... ..... ..... .... . .... . . 52

Optional VCS RPMs ... ..... .... . .... . .... . .... ..... .... . .... . .... . .... ..... ..... ... 54

About the VCS installation program . . .... . .... ..... ..... .... . .... . .... ..... ..... ... 55

Optional features of the installvcs program .... . .... . .... ..... ..... .... . ... 55

Interacting with the installvcs program ..... .... . .... . .... ..... ..... .... . ... 56

About installvcs program command options .... . .... . .... ..... ..... .... . .. 56

Installing VCS using installonly option .... ..... ..... .... . .... . .... ..... ..... 59

Configuring VCS using configure option ... .... . .... . .... . .... ..... ..... .... . 59

Installing and configuring VCS 5.0 RU3 .... ..... ..... .... . .... . .... . .... ..... ..... . 60

Overview of tasks ... ..... ..... .... . .... . .... . .... ..... ..... .... . .... . .... . .... ..... . 60

Starting the software installation ..... ..... .... . .... . .... . .... ..... ..... .... . .. 61

Specifying systems for installation . . .... . .... ..... ..... .... . .... . .... . .... .... 62

Licensing VCS . .... . .... ..... ..... .... . .... . .... ..... ..... .... . .... . .... . .... ..... ... 63

Choosing VCS RPMs for installation . ..... .... . .... . .... . .... ..... ..... .... . .. 64

Choosing to install VCS RPMs or configure VCS ..... .... . .... . .... . .... ... 65

Starting the software configuration . .... . .... . .... . .... ..... ..... .... . .... . ... 66

Specifying systems for configuration ... . .... ..... ..... .... . .... . .... ..... .... 67

Configuring the basic cluster . ..... .... . .... . .... . .... ..... ..... .... . .... . .... ... 67

Configuring the cluster in secure mode . .... . .... . .... . .... ..... ..... .... . ... 69

Adding VCS users ..... ..... .... . .... . .... ..... ..... .... . .... . .... . .... ..... ..... .... 71

Configuring SMTP email notification ... . .... . .... . .... ..... ..... .... . .... . ... 71

Configuring SNMP trap notification . . .... . .... . .... ..... ..... .... . .... . .... . . 73

Configuring global clusters ... .... . .... . .... . .... ..... ..... .... . .... . .... . .... ... 74

Installing VCS RPMs ... ..... .... . .... . .... . .... ..... ..... .... . .... . .... . .... ..... .. 75

Creating VCS configuration files . . .... . .... . .... ..... ..... .... . .... . .... . .... .. 76

Starting VCS ... . .... . .... ..... ..... .... . .... . .... . .... ..... ..... .... . .... . .... . .... .. 77

Completing the installation ..... ..... .... . .... . .... . .... ..... .... . .... . .... . .... . 77

About enabling LDAP authentication for clusters that run in

secure mode ... ..... .... . .... . .... ..... ..... .... . .... . .... . .... ..... ..... .... . .. 78

Installing the Java Console . .... . .... . .... ..... ..... .... . .... . .... . .... ..... ..... . 80

Installing VCS Simulator ... ..... .... . .... . .... ..... ..... .... . .... . .... . .... ..... . 82

Verifying the cluster after installation .... ..... ..... .... . .... . .... . .... ..... . 84

Verifying and updating licenses on the system ... .... . .... . .... . .... ..... ..... .. 84

Checking licensing information on the system ..... .... . .... . .... . .... ..... 84

Updating product licenses using vxlicinst . . .... . .... . .... ..... ..... .... . .... 85

Accessing the VCS documentation ... . .... . .... . .... ..... ..... .... . .... . .... . .... .... 86

Chapter 5 Configuring VCS clusters for data integrity . ..... .... . .... . ... 87

About configuring VCS clusters for data integrity . ..... .... . .... . .... . .... ..... 87

About I/O fencing components ..... ..... .... . .... . .... . .... ..... ..... .... . .... . .... . . 88

About data disks .... . .... . .... ..... ..... .... . .... . .... . .... ..... ..... .... . .... . .... . 88

About coordination points .... .... . .... . .... . .... ..... ..... .... . .... . .... . .... ... 88

About setting up disk-based I/O fencing .... . .... . .... . .... ..... ..... .... . .... . .... 89

Preparing to configure disk-based I/O fencing ... ..... .... . .... . .... . .... ..... ... 92

Initializing disks as VxVM disks .... . .... . .... . .... ..... ..... .... . .... . .... . .... 93

Identifying disks to use as coordinator disks . . .... ..... ..... .... . .... . .... . 95

Checking shared disks for I/O fencing . .... . .... . .... ..... ..... .... . .... . .... . 95

Setting up disk-based I/O fencing manually . . .... . .... ..... ..... .... . .... . .... ... 99

Setting up coordinator disk groups . . .... . .... ..... ..... .... . .... . .... . .... .... 99

Creating I/O fencing configuration files ... ..... .... . .... . .... . .... ..... .... 100

Modifying VCS configuration to use I/O fencing .... . .... ..... ..... .... . . 101

Verifying I/O fencing configuration . . .... ..... ..... .... . .... . .... . .... ..... . 102

Removing permissions for communication .... . .... ..... ..... .... . .... . ... 103

9Contents

Chapter 6 Verifying the VCS installation ... ..... .... . .... . .... . .... ..... ..... .... 105

About verifying the VCS installation . . .... . .... ..... ..... .... . .... . .... . .... ..... . 105

About the LLT and GAB configuration files . .... . .... ..... ..... .... . .... . .... . .. 105

About the VCS configuration file main.cf .... ..... ..... .... . .... . .... ..... ..... .. 107

Sample main.cf file for VCS clusters .... .... . .... . .... . .... ..... ..... .... . ... 108

Sample main.cf file for global clusters . .... . .... ..... ..... .... . .... . .... . ... 110

Verifying the LLT, GAB, and VCS configuration files . . .... . .... . .... ..... .... 113

Contents10

Verifying LLT, GAB, and cluster operation . . .... . .... . .... ..... ..... .... . .... . .. 113

Verifying LLT ... . .... . .... ..... ..... .... . .... . .... . .... ..... ..... .... . .... . .... . ... 114

Verifying GAB ... ..... ..... .... . .... . .... . .... ..... ..... .... . .... . .... ..... ..... .... 116

Verifying the cluster . . .... ..... ..... .... . .... . .... . .... ..... ..... .... . .... . .... . . 117

Verifying the cluster nodes ... . .... ..... ..... .... . .... . .... . .... ..... ..... .... . 118

Chapter 7 Adding and removing cluster nodes ... ..... ..... .... . .... . .... ... 121

About adding and removing nodes ... ..... ..... .... . .... . .... . .... ..... ..... .... . .. 121

Adding a node to a cluster . .... . .... . .... ..... ..... .... . .... . .... . .... ..... ..... .... . . 121

Setting up the hardware . . .... . .... . .... ..... ..... .... . .... . .... . .... ..... ..... . 122

Preparing for a manual installation when adding a node ... . .... ..... . 123

Installing VCS RPMs for a manual installation . .... . .... ..... ..... .... . .. 124

Adding a license key .... . .... . .... ..... ..... .... . .... . .... . .... ..... ..... .... . ... 125

Setting up the node to run in secure mode .... . .... . .... . .... ..... ..... .... 126

Configuring LLT and GAB . .... . .... . .... ..... ..... .... . .... . .... . .... ..... ..... 128

Adding the node to the existing cluster . .... . .... . .... ..... ..... .... . .... . .. 130

Starting VCS and verifying the cluster .... ..... .... . .... . .... . .... ..... ..... 131

Removing a node from a cluster .... . .... . .... . .... ..... ..... .... . .... . .... . .... .... 131

Verifying the status of nodes and service groups . ..... .... . .... . .... . ... 132

Deleting the departing node from VCS configuration ... ..... .... . .... . 133

Modifying configuration files on each remaining node . . .... . .... ..... 136

Removing security credentials from the leaving node .... . .... . .... . .. 136

Unloading LLT and GAB and removing VCS on the departing

node ... . .... ..... ..... .... . .... . .... . .... ..... ..... .... . .... . .... . .... ..... ..... 137

Chapter 8 Installing VCS on a single node . .... ..... ..... .... . .... . .... ..... .... 139

About installing VCS on a single node .... . .... ..... ..... .... . .... . .... . .... ..... . 139

Creating a single-node cluster using the installer program ..... .... . .... . .. 139

Preparing for a single node installation . .... ..... ..... .... . .... . .... ..... .. 140

Starting the installer for the single node cluster . ..... .... . .... . .... ..... 140

Creating a single-node cluster manually . .... . .... ..... ..... .... . .... . .... . .... .. 141

Setting the path variable for a manual single node

installation ... . .... ..... ..... .... . .... . .... . .... ..... ..... .... . .... . .... . .... . 141

Installing the VCS software manually on a single node .... ..... ..... .. 141

Renaming the LLT and GAB startup files . .... . .... . .... . .... ..... ..... .... 142

Modifying the startup files .... . .... . .... . .... ..... ..... .... . .... . .... . .... ..... 142

Verifying single-node operation ..... .... . .... . .... . .... ..... .... . .... . .... . .. 142

Adding a node to a single-node cluster . .... . .... . .... . .... ..... ..... .... . .... . ... 143

Setting up a node to join the single-node cluster .... ..... .... . .... . .... . . 144

Installing and configuring Ethernet cards for private

network . ..... ..... .... . .... . .... ..... ..... .... . .... . .... . .... ..... ..... .... . ... 144

Configuring the shared storage . . .... ..... ..... .... . .... . .... ..... ..... .... . .. 145

Bringing up the existing node .... ..... ..... .... . .... . .... . .... ..... ..... .... . . 145

Installing the VCS software manually when adding a node to a

single node cluster .... . .... . .... . .... ..... ..... .... . .... . .... . .... ..... ..... 146

Configuring LLT . . .... . .... ..... ..... .... . .... . .... . .... ..... ..... .... . .... . .... . .. 146

Configuring GAB when adding a node to a single node

cluster ..... ..... .... . .... . .... . .... ..... ..... .... . .... . .... ..... ..... .... . .... . . 149

Starting LLT and GAB ... ..... ..... .... . .... . .... . .... ..... ..... .... . .... . .... . .. 149

Reconfiguring VCS on the existing node . . .... . .... ..... ..... .... . .... . .... 149

Verifying configuration on both nodes . . .... ..... ..... .... . .... . .... . .... .. 150

Chapter 9 Uninstalling VCS .... .... . .... . .... ..... ..... .... . .... . .... . .... ..... ..... .... . .. 153

About the uninstallvcs program . . .... ..... ..... .... . .... . .... . .... ..... ..... .... . .. 153

Preparing to uninstall VCS . .... ..... ..... .... . .... . .... . .... ..... ..... .... . .... . .... . 153

Uninstalling VCS 5.0 RU3 . . .... ..... ..... .... . .... . .... . .... ..... ..... .... . .... . .... . 154

Removing VCS 5.0 RU3 RPMs .... ..... .... . .... . .... ..... ..... .... . .... . .... . . 154

Running uninstallvcs from the VCS 5.0 RU3 disc ... . .... ..... ..... .... . . 155

Appendix A Advanced VCS installation topics .... ..... .... . .... . .... . .... ..... . 157

Using the UDP layer for LLT ... . .... ..... ..... .... . .... . .... . .... ..... .... . .... . .... . 157

When to use LLT over UDP . .... . .... ..... ..... .... . .... . .... . .... ..... ..... .... 157

Configuring LLT over UDP .... . .... ..... ..... .... . .... . .... . .... ..... ..... .... . 157

Performing automated VCS installations . .... . .... . .... ..... ..... .... . .... . .... . 164

Syntax in the response file .... .... . .... . .... . .... ..... ..... .... . .... . .... . .... . 165

Example response file ... .... . .... . .... . .... ..... ..... .... . .... . .... . .... ..... ... 165

Response file variable definitions . . .... . .... ..... ..... .... . .... . .... . .... .... 166

Installing VCS with a response file where ssh or rsh are disabled ..... .... 171

11Contents

Index . . .... ..... ..... .... . .... . .... ..... ..... .... . .... . .... . .... ..... ..... .... . .... . .... . .... ..... ..... .... . .... . .... . .. 173

Contents12

Chapter

Introducing Veritas Cluster Server

This chapter includes the following topics:

■ About Veritas Cluster Server

■ About VCS basics

■ About VCS features

■ About VCS optional components

1

About Veritas Cluster Server

Veritas™ Cluster Server by Symantec is a high-availability solution for cluster
configurations. Veritas Cluster Server (VCS) monitors systems and application
services, and restarts services when hardware or software fails.

About VCS basics

A single VCS cluster consists of multiple systems that are connected in various
combinations to shared storage devices. When a system is part of a VCS cluster,
it is a node. VCS monitors and controls applications running in the cluster on
nodes, and restarts applications in response to a variety of hardware or software
faults.

Applications can continue to operate with little or no downtime. In some cases,
such asNFS, this continuation is transparentto high-level applications and users.
In other cases, a user might have to retry an operation, such as a Web server
reloading a page.

Client workstation Client workstation

Public network

Shared storage

VCS private
network

VCS nodes

Introducing Veritas Cluster Server

14

About VCS basics

Figure 1-1illustrates a typical VCS configurationof four nodes that are connected

to shared storage.

Figure 1-1

Client workstations receive service over the public network from applications
running on VCS nodes. VCS monitors the nodes and their services. VCS nodes in
the cluster communicate over a private network.

About multiple nodes

VCS runs in a replicated state on each node in the cluster. A private network
enables the nodes to share identical state information about all resources. The
private network also recognizes active nodes, the nodes that join or leave the
cluster, and failed nodes. The private network requires two communication
channels to guard against network partitions.

Example of a four-node VCS cluster

About shared storage

A VCS hardware configuration typically consists of multiple nodes that are
connected to shared storage through I/O channels. Shared storage provides
multiple systems with an access path to the same data. It also enables VCS to
restart applications on alternate nodes when a node fails, which ensures high
availability.

VCS nodes can only access physically-attached storage.

Figure 1-2 illustrates the flexibility of VCS shared storage configurations.

Fully shared storage Distributed shared storage

About VCS basics

15Introducing Veritas Cluster Server

Figure 1-2

About LLT and GAB

VCS uses two components, LLT and GAB, to share data over private networks
among systems. These components provide the performance and reliability that
VCS requires.

LLT (Low Latency Transport) provides fast, kernel-to-kernel communications,
and monitors network connections.

LLT configuration files are as follows:

■ /etc/llthosts—lists all the nodes in the cluster

Two examples of shared storage configurations

■ /etc/llttab file—describes the local system’s private network links to the other

nodes in the cluster

GAB (Group Membership and Atomic Broadcast) provides the global message
order that is required to maintain a synchronized state among the nodes. It
monitors diskcommunications suchas theVCS heartbeat utility. The /etc/gabtab
file is the GAB configuration file.

See “About the LLT and GAB configuration files” on page 105.

About network channels for heartbeating

For the VCS private network, two network channels must be available to carry
heartbeat information.These networkconnections alsotransmit other VCS-related
information.

Each Linux for IBM Power cluster configuration requires at least two network
channels between the systems. The requirement for two channels protects your
cluster against network partitioning. For more information on network
partitioning, refer to the Veritas Cluster Server User's Guide.

VCS private network: two
ethernet connections

Shared disks

Public network

galaxy nebula

Introducing Veritas Cluster Server

16

About VCS basics

Figure 1-3 illustrates a two-node VCS cluster where the nodes galaxy and nebula

have two private network connections.

Figure 1-3

Two Ethernet connections connecting two nodes

About preexisting network partitions

A preexistingnetwork partition refers to a failure inthe communicationchannels
that occurswhile thesystems aredown andVCS cannot respond. When the systems
start, VCS is vulnerable to network partitioning, regardless of the cause of the
failure.

About VCS seeding

To protect your cluster from a preexisting network partition, VCS uses a seed. A
seed is a function of GAB that determines whether or not all nodes have joined a
cluster. For this determination, GAB requires that you declare the number of
nodes in the cluster. Note that only seeded nodes can run VCS.

GAB automatically seeds nodes under the following conditions:

■ An unseeded node communicates with a seeded node

■ All nodes in the cluster are unseeded but can communicate with each other

When thelast system starts and joins the cluster, the clusterseeds and starts VCS
on all nodes. You can then bring down and restart nodes in any combination.
Seeding remains in effect as long as at least one instance of VCS is running
somewhere in the cluster.

Perform a manual seed to run VCS from a cold start when one or more systems
of the cluster are unavailable. VCS does not start service groupson a systemuntil
it has a seed.

About VCS features

You can use the Veritas Installation Assessment Service to assess your setup for
VCS installation.

See “Veritas Installation Assessment Service” on page 17.

VCS offersthe following features that you can configureduring VCSconfiguration:

See “About VCS notifications” on page 17.VCS notifications

See “About global clusters” on page 17.VCS global clusters

See “About I/O fencing” on page 18.I/O fencing

Veritas Installation Assessment Service

The Veritas Installation Assessment Service (VIAS) utility assists you in getting
ready fora Veritas Storage Foundation and High AvailabilitySolutions installation
or upgrade. The VIAS utility allows the preinstallation evaluation of a
configuration, to validate it prior to starting an installation or upgrade.

https://vias.symantec.com/

About VCS features

17Introducing Veritas Cluster Server

About VCS notifications

You can configure both SNMP and SMTP notifications for VCS. Symantec
recommends you to configure one of these notifications. You have the following
options:

■ Configure SNMP trap notification of VCS events using the VCS Notifier

component

■ Configure SMTP email notification of VCS events using the VCS Notifier

component.

See the Veritas Cluster Server User’s Guide.

About global clusters

Global clustersprovide the ability to failover applications between geographically
distributed clusters when disaster occurs. You require a separate license to
configure global clusters. You must add this license during the installation. The
installer only asks about configuring global clusters if you have used the global
cluster license.

See the Veritas Cluster Server User's Guide.

Introducing Veritas Cluster Server

18

About VCS optional components

About I/O fencing

I/O fencing protects the data on shared disks when nodes in a cluster detect a
change in the cluster membership that indicates a split brain condition.

See the Veritas Cluster Server User's Guide.

The fencing operation determines the following:

■ The nodes that must retain access to the shared storage

■ The nodes that must be ejected from the cluster

This decision prevents possible data corruption. The installvcs program installs
the VCSI/O fencingdriver, VRTSvxfen. To protect data on shared disks, you must
configure I/O fencing after you install and configure VCS.

I/O fencing technology uses coordination points for arbitration in the event of a
network partition.

Note: Symantec recommends that you use I/O fencing to protect your cluster
against split-brain situations.

About VCS optional components

You can add the following optional components to VCS:

Symantec Product
Authentication Service

Veritas Cluster Server
Management Console

To configure the optional components, make sure to install all RPMs when the
installation program prompts you.

Figure 1-4 illustrates a sample VCS deployment with the optional components

configured.

See “About Symantec Product Authentication Service

(AT)” on page 19.

See “AboutVeritas ClusterServer ManagementConsole”
on page 20.

See “AboutCluster Manager (JavaConsole)” on page20.Cluster Manager (Java console)

See “About VCS Simulator” on page 20.VCS Simulator

Symantec Product
Authentication Service
root broker

VCS cluster 1 VCS cluster 2

VCS Management Console
management server

Optional

About VCS optional components

19Introducing Veritas Cluster Server

About Symantec Product Authentication Service (AT)

Figure 1-4

Typical VCS setup with optional components

VCS uses Symantec Product Authentication Service (AT) to provide secure
communication between cluster nodes and clients. It uses digital certificates for
authentication and SSL to encrypt communication over the public network to
secure communications.

AT uses the following brokers to establish trust relationship between the cluster
components:

■ Root broker

A root broker serves as the main registration and certification authority; it
has a self-signed certificate and can authenticate other brokers. The root
broker is only used during initial creation of an authentication broker.

A root broker can serve multiple clusters. Symantec recommends that you
install a single root broker on a utility system. The utility system, such as an
email server or domain controller, can be highly available.

■ Authentication brokers

Authentication brokers serve as intermediate registration and certification
authorities. Authentication brokers have root-signed certificates. Each node
in VCS serves as an authentication broker.

See Symantec Product Authentication Service documentation for more
information.

Introducing Veritas Cluster Server

20

About VCS optional components

See “Preparing to configure the clusters in secure mode” on page 29.

About Cluster Manager (Java Console)

Cluster Manager (Java Console) offers complete administration capabilities for
your cluster. Use the different views in the Java Console to monitor clusters and
VCS objects, including service groups, systems, resources, and resource types.

You canperform manyadministrative operations using the Java Console. You can
also perform these operations using the command line interface or using the
Veritas Cluster Server Management Console.

See “Installing the Java Console” on page 80.

See Veritas Cluster Server User's Guide.

About Veritas Cluster Server Management Console

Veritas Cluster Server Management Console is a high availability management
solution that enables monitoring and administering clusters from a single Web
console.

You canconfigure VeritasCluster Server Management Console to manage multiple
clusters.

Refer to the Veritas Cluster Server Management Console Implementation Guide
for installation, upgrade, and configuration instructions.

For information on updates and patches for VCS Management Console, see

http://seer.entsupport.symantec.com/docs/308405.htm.

To download the most current version of VCS Management Console, go to

www.symantec.com/business/cluster-server and click Utilities.

About VCS Simulator

VCS Simulator enables you to simulate and test cluster configurations. Use VCS
Simulator to view and modify service group and resource configurations and test
failover behavior. VCS Simulator can be run on a stand-alone system and does
not require any additional hardware.

VCS Simulator runs an identical version of the VCS High Availability Daemon
(HAD) as in a cluster, ensuring that failover decisions are identical to those in an
actual cluster.

You cantest configurationsfrom different operating systems using VCS Simulator.
For example, you can run VCS Simulator on a Windows system and test VCS

About VCS optional components

configurations for Windows, Linux, and Solaris clusters. VCS Simulator also
enables creating and testing global clusters.

You can administer VCS Simulator from the Java Console or from the command
line.

21Introducing Veritas Cluster Server

Introducing Veritas Cluster Server

22

About VCS optional components

Chapter

Planning to install VCS

This chapter includes the following topics:

■ About planning to install VCS

■ Hardware requirements

■ Supported operating systems

■ Supported software

About planning to install VCS

2

Every node where you want to install VCS must meet the hardware and software
requirements.

For the latest information on updates, patches, and software issues, read the
following Veritas Technical Support TechNote:

http://entsupport.symantec.com/docs/285834

To find information on supported hardware, see the hardware compatibility list
(HCL) in the following TechNote:

http://entsupport.symantec.com/docs/286819

Hardware requirements

Table 2-1 lists the hardware requirements for a VCS cluster.

Planning to install VCS

24

Hardware requirements

Table 2-1

VCS nodes

DVD drive

Disks

Disk space

Network Interface
Cards (NICs)

Fibre Channel or
SCSI host bus
adapters

Hardware requirements for a VCS cluster

DescriptionItem

From 1 to 32 Linux PPC systems running the supported Linux PPC
operating system version.

One drive in a system that can communicate to all the nodes in the
cluster.

Typical VCS configurations require that shared disks support the
applications that migrate between systems in the cluster.

The VCS I/O fencing feature requires that all data and coordinator
disks support SCSI-3 Persistent Reservations (PR).

See “About setting up disk-based I/O fencing” on page 89.

Note: VCSmay requiremore temporarydisk spaceduring installation

than the specified disk space.

In addition to the built-in public NIC, VCS requires at least one more
NIC per system. Symantec recommends two additional NICs.

You can also configure aggregated interfaces.

Typical VCSconfiguration requiresat leastone SCSIor FibreChannel
Host Bus Adapter per system for shared data disks.

Required disk space

Confirm that your system has enough free disk space to install VCS.

Table 2-2 shows the approximate disk space usage by directory for the Veritas

Cluster Server RPMs.

Table 2-2

optional total

Each VCS node requires at least 256 megabytes.RAM

Disk space requirements and totals

Totals/var/usr/opt/Packages

283 MB1 MB8 MB271 MB3 MBRequired

60 MB7 MB0 MB52 MB1 MBOptional

343 MB8 MB8 MB323 MB4 MBRequired and

Note: If you do not have enough free space in /var, then use the installvcs
command with tmppath option. Make sure that the specified tmppath file system
has the required free space.

Supported operating systems

VCS operates on the Linux operating systems and kernels distributed by Red Hat
and SUSE.

Table 2-3 lists the supported operating system versions for Red Hat Enterprise

Linux (RHEL) and SUSE Linux Enterprise Server (SLES). The table also lists the
supported kernel versions and the architecture.

Supported operating systems

25Planning to install VCS

Table 2-3

Supported Linux operating system and kernel versions

ArchitectureKernelOperating System

ppc642.6.18-53.el5RHEL 5 Update 1

ppc642.6.18-92.el5RHEL 5 Update 2

SLES 10 with SP1

2.6.16.46-0.12-smp

SLES 10 with SP2

2.6.16.60-0.21-smp

ppc642.6.16.46-0.12-default

ppc642.6.16.60-0.21-default

Note: If your system runs an older version of either Red Hat Enterprise Linux or
SUSE Linux Enterprise Server, you must upgrade the operating system before
you attempt to install the VCS software. Refer to the Red Hat or SUSE
documentation for more information on upgrading your system.

Symantec supports only Red Hat and SUSE distributed kernel binaries.

Symantec products operate on subsequent kernel and patch releases provided
the operating systems maintain kernel ABI (application binary interface)
compatibility.

Information about the latest supported Red Hat erratas and updates and SUSE
service packs is available in the following TechNote. The TechNote also includes
any updatesto the supported operating systems and software. Read thisTechNote
before you install Symantec products.

http://entsupport.symantec.com/docs/285834

Planning to install VCS

26

Supported operating systems

Required Linux RPMs for VCS

Make sure you installed the following operating system-specific RPMs on the
systems where you want to install or upgrade VCS. VCS will support any updates
made to the following RPMs, provided the RPMs maintain the ABI compatibility.

Table 2-4 lists the RPMs that VCS requires for a given Linux operating system.

Table 2-4

RHEL 5

SLES 10

Required RPMs

Required RPMsOperating system

glibc-2.5-34.ppc.rpm

glibc-2.5-34.ppc64.rpm

glibc-common-2.5-34.ppc.rpm

libgcc-4.1.2-44.el5.ppc.rpm

libgcc-4.1.2-44.el5.ppc64.rpm

compat-libgcc-296-2.96-138.ppc.rpm

libstdc++-4.1.2-44.el5.ppc.rpm

libstdc++-4.1.2-44.el5.ppc64.rpm

compat-libstdc++-296-2.96-138.ppc.rpm

compat-libstdc++-33-3.2.3-61.ppc.rpm

compat-libstdc++-33-3.2.3-61.ppc64.rpm

java-1.4.2-gcj-compat-1.4.2.0-40jpp.115.ppc.rpm

glibc-2.4-31.54.ppc.rpm

glibc-64bit-2.4-31.54.ppc.rpm

compat-libstdc++-64bit-5.0.7-22.2.ppc.rpm

compat-libstdc++-5.0.7-22.2.ppc.rpm

compat-2006.1.25-11.2.ppc.rpm

libgcc-4.1.2_20070115-0.21.ppc.rpm

libgcc-64bit-4.1.2_20070115-0.21.ppc.rpm

libstdc++-4.1.2_20070115-0.21.ppc.rpm

libstdc++-64bit-4.1.2_20070115-0.21.ppc.rpm

Supported software

Veritas Cluster Server supports the previous and next versions of Storage
Foundation to facilitate product upgrades, when available.

VCS supports the following volume managers and files systems:

■ ext2, ext3, reiserfs, NFS, NFSv4, and bind on LVM2, Veritas Volume Manager

(VxVM) 5.0, and raw disks.

■ Veritas Volume Manager (VxVM) with Veritas File System (VxFS)

■ VxVM

VRTSvxvm-common-5.0.33.00-RU3_SLES10
VRTSvxvm-platform-5.0.33.00-RU3_SLES10
VRTSvxvm-common-5.0.33.00-RU3_RHEL5
VRTSvxvm-platform-5.0.33.00-RU3_RHEL5

■ VxFS

VRTSvxfs-common-5.0.33.00-RU3_SLES10
VRTSvxfs-platform-5.0.33.00-RU3_SLES10
VRTSvxfs-common-5.0.33.00-RU3_RHEL5
VRTSvxfs-platform-5.0.33.00-RU3_RHEL5

Supported software

27Planning to install VCS

Planning to install VCS

28

Supported software

Chapter

Preparing to install VCS

This chapter includes the following topics:

■ About preparing to install VCS

■ Preparing to configure the clusters in secure mode

■ Performing preinstallation tasks

About preparing to install VCS

Before you perform the preinstallation tasks, make sure you reviewed the
installation requirements,set up the basic hardware, and plannedyour VCS setup.

3

Preparing to configure the clusters in secure mode

You can set up Symantec Product Authentication Service (AT) for the cluster
during the VCS installation or after the installation.

If you want to enable AT in a cluster at a later time, refer to the Veritas Cluster
Server User's Guide for instructions.

The prerequisites to configure a cluster in secure mode are as follows:

■ A system in your enterprise is configured as root broker (RB).

If a root broker system does not exist, install and configure root broker on a
system.

See “Installing the root broker for the security infrastructure” on page 33.

■ An authentication broker (AB) account for each node in the cluster is set up

on the root broker system.
See “Creating authentication broker accounts on root broker system”

on page 34.

Preparing to install VCS

30

Preparing to configure the clusters in secure mode

■ The system clocks of the root broker and authentication brokers must be in

sync.

The installvcs program provides the following configuration modes:

Automatic mode

Semi-automatic
mode

Manual mode

The root broker system must allow rsh or ssh passwordless login to
use this mode.

This mode requires encrypted files (BLOB files) from the AT
administrator to configure a cluster in secure mode.

The nodes in the cluster must allow rsh or ssh passwordless login.

See “Setting up inter-system communication” on page 44.

This mode requires root_hash file and the root broker information
from the AT administrator to configure a cluster in secure mode.

The nodes in the cluster must allow rsh or ssh passwordless login.

See “Setting up inter-system communication” on page 44.

Figure 3-1 depicts the flow of configuring VCS cluster in secure mode.