Veritas InfoScale™ Operations Manager 8.0.2 Installation and Configuration Guide

Last Published:
Product(s): InfoScale & Storage Foundation (8.0.2)
Platform: AIX,HP-UX,Linux,Solaris,VMware ESX,Windows
  1. Section I. Installing and configuring Veritas InfoScale Operations Manager
    1. Planning your Veritas InfoScale Operations Manager installation
      1.  
        About Veritas InfoScale Operations Manager
      2. Downloading Veritas InfoScale Operations Manager 8.0.2
        1.  
          Downloading Management Server files
        2.  
          Downloading managed host files
      3.  
        Using the product documentation
      4.  
        Host considerations for installing Veritas InfoScale Operations Manager
      5. Typical Veritas InfoScale Operations Manager deployment configuration
        1.  
          Centralized management of Storage Foundation High Availability hosts
      6.  
        Veritas InfoScale Operations Manager 8.0.2 installation overview
      7.  
        Choosing a Management Server host
      8.  
        Choosing the managed hosts
    2. System requirements
      1.  
        Operating system requirements
      2.  
        Cloud (AWS, Azure, Google) deployment requirements
      3. Third-party required libraries
        1.  
          32-bit SNIA Common HBA API required on Windows hosts
      4. System resource requirements
        1.  
          About space estimation for data logs
        2.  
          About the frequency of managed host, enclosure and switch information discovery
      5.  
        Supported hardware
      6.  
        Web browser requirements
      7. Network and firewall requirements
        1.  
          Internet Protocol version requirements
      8.  
        Proxy server requirements
    3. Installing, upgrading, and uninstalling Veritas InfoScale Operations Manager
      1.  
        Packages included in Veritas InfoScale Operations Manager
      2. About installing Management Server
        1.  
          Installing Management Server on Linux (on premises and cloud)
        2.  
          Installing Management Server on Windows (on premises and cloud)
      3.  
        Verifying Management Server installation on Linux
      4.  
        Verifying Management Server installation on Windows
      5.  
        Configuring Veritas InfoScale Operations Manager on Linux and Windows
      6.  
        Implementing US Executive Order (EO) requirements
      7.  
        Configuring Veritas InfoScale Operations Manager Management Server and Agents in FIPS mode on Linux
      8.  
        Configuring Service groups using CLI script
      9.  
        Configuring Veritas InfoScale Operations Manager Management Server on Linux using CLI
      10.  
        Importing third-party certificates for xprtld
      11. About installing managed host
        1.  
          Installing managed host on UNIX/Linux
        2.  
          Installing managed host on Windows
        3.  
          Installing managed host through Solaris JumpStart
        4.  
          About cloning virtual machines
        5.  
          About migrating virtual machines
      12.  
        Verifying managed host installation on UNIX
      13.  
        Verifying managed host installation on Windows
      14. About upgrading Management Server
        1.  
          Upgrading Management Server on Linux
        2.  
          Upgrading Management Server on Windows
        3.  
          Migrating the managed hosts to 2048-bit certificate
      15. About backing up and restoring Veritas InfoScale Operations Manager data
        1.  
          Taking regular backups of Veritas InfoScale Operations Manager data on Linux
        2.  
          Backing up Veritas InfoScale Operations Manager data on Linux before upgrading to version 8.0.2
        3.  
          Restoring backed up data on Linux
        4.  
          Taking regular backups of Veritas InfoScale Operations Manager data on Windows
        5.  
          Backing up Veritas InfoScale Operations Manager data on Windows before upgrading to version 8.0.2
        6.  
          Restoring backed up data on Windows
      16. About upgrading managed hosts to Veritas InfoScale Operations Manager 8.0.2
        1.  
          Upgrading managed host using the console
        2.  
          Upgrading managed host on UNIX/Linux using operating system commands
        3.  
          Upgrading managed host on Windows using the installer package
      17.  
        Verifying the version of Management Server in the console
      18.  
        Verifying the version of a managed host in the console
      19.  
        Uninstalling Management Server on Linux
      20.  
        Uninstalling Management Server on Windows
      21.  
        Uninstalling managed host on UNIX
      22.  
        Uninstalling managed host on Windows
    4. Configuring Veritas InfoScale Operations Manager in a high availability and disaster recovery environment
      1. Configuring the high availability feature in Veritas InfoScale Operations Manager
        1. Configuring a new Veritas InfoScale Operations Manager installation in high availability environment
          1.  
            Prerequisites for configuring a new Management Server in high availability environment
          2.  
            Performing initial configuration of Management Server in HA environment
          3.  
            Creating the base service groups for HA configuration
          4.  
            Creating the base service groups for CFS HA configuration
          5.  
            Completing the configuration of a Management Server installation in HA environment
        2. Configuring an existing Veritas InfoScale Operations Manager installation in high availability environment
          1.  
            Prerequisites for configuring an existing Management Server in high availability environment
          2.  
            Modifying the default IP address and host name of the existing Management Server
      2.  
        Configuring CMS HA on Linux using Command Line (CLI)
      3. Configuring Management Server in one-to-one DR environment
        1.  
          Prerequisites for configuring a Management Server in DR environment
        2.  
          Performing initial configuration of Management Server installation in DR environment
        3.  
          Creating the base service groups for DR configuration
        4.  
          Enabling DR configuration
      4. Configuring Veritas InfoScale Operations Manager in high availability and disaster recovery environment
        1.  
          Prerequisites for configuring a Management Server in HA-DR environment
        2.  
          Performing initial configuration of Management Server installation in DR environment
        3.  
          Creating the base service groups for DR configuration
        4.  
          Enabling DR configuration
      5. About upgrading the high availability configurations
        1.  
          Upgrading Management Server in high availability environment
      6. About upgrading the high availability and disaster recovery configurations
        1.  
          Upgrading Management Server in high availability and disaster recovery environment
      7.  
        Removing the high availability configuration
    5. Installing and uninstalling Veritas InfoScale Operations Manager add-ons
      1.  
        About deploying Veritas InfoScale Operations Manager add-ons
      2.  
        Downloading a Veritas InfoScale Operations Manager add-on
      3. Uploading a Veritas InfoScale Operations Manager add-on to the repository
        1.  
          Upload Solutions to Repository panel options
      4. Installing a Veritas InfoScale Operations Manager add-on
        1.  
          Install - Download Add-on panel options
        2.  
          Install - Select hosts panel options for add-ons
      5. Uninstalling a Veritas InfoScale Operations Manager add-on
        1.  
          Uninstall panel options
      6. Removing a Veritas InfoScale Operations Manager add-on from the repository
        1.  
          Remove panel options
      7. Canceling deployment request for a Veritas InfoScale Operations Manager add-on
        1.  
          Cancel Deployment Request panel options
      8. Installing a Veritas InfoScale Operations Manager add-on on a specific managed host
        1.  
          Install panel options
      9. Uninstalling a Veritas InfoScale Operations Manager add-on from a specific managed host
        1.  
          Uninstall panel options
      10.  
        Enabling a Veritas InfoScale Operations Manager add-on on a specific managed host
      11.  
        Disabling a Veritas InfoScale Operations Manager add-on from a specific managed host
      12.  
        Refreshing the repository
      13.  
        Restarting the web server
  2. Section II. Setting up the Management Server environment
    1. Basic Veritas InfoScale Operations Manager tasks
      1.  
        About the communication between the managed hosts and Management Server
      2.  
        Connecting to Veritas InfoScale Operations Manager Management Server
      3.  
        Stopping and starting the Web application
      4.  
        About the Management Server perspective
    2. Adding and managing hosts
      1. Overview of host discovery
        1.  
          How Veritas InfoScale Operations Manager discovers hosts
        2.  
          Supported features for host discovery options
      2. Overview of agentless discovery
        1.  
          About agentless discovery using the Control Host
        2.  
          About agentless discovery of remote hosts
        3.  
          Prerequisites for agentless configuration
        4.  
          How agentless discovery of a UNIX or Linux host works
        5.  
          How agentless discovery of a Windows host works
        6.  
          Requirements for agentless discovery of UNIX hosts
        7.  
          Requirements for agentless discovery of Windows hosts
        8.  
          Requirements for deep array discovery for agentless hosts
        9.  
          Commands that require the root access for agentless discovery of UNIX hosts
        10.  
          Using the privilege control software with agentless discovery of UNIX hosts
        11.  
          SSH configuration requirements for agentless discovery
        12. About installing OpenSSH on a UNIX host
          1.  
            Installing OpenSSH on AIX
          2.  
            Installing OpenSSH on Linux
      3. Adding the managed hosts to Management Server using an agent configuration
        1.  
          Add agent hosts panel options
      4. Adding the managed hosts to Management Server using an agentless configuration
        1.  
          Add agentless hosts panel options
      5. Adding Agentless hosts to the Management Server using Profile
        1.  
          Add agentless hosts panel options using Profile
      6.  
        Adding managed hosts to Management Server using the Auto Configure (gendeploy.pl) script
      7. Editing the agentless host configuration
        1.  
          Edit agentless host panel options
      8.  
        Refreshing the details of the managed host
      9.  
        Removing managed hosts from the Management Server domain
    3. Setting up user access
      1.  
        About managing authentication brokers and authentication domains in the Veritas InfoScale Operations Manager domain
      2. Adding Lightweight Directory Access Protocol or Active Directory-based authentication on Management Server
        1.  
          Add LDAP/AD panel options
        2.  
          Add LDAP/AD panel options to specify the domain name
      3.  
        Unconfiguring Lightweight Directory Access Protocol or Active Directory configuration from the authentication broker
      4. Configuring LDAP using CLI
        1.  
          Configuring an LDAP domain
        2.  
          Assigning permissions to a user group
        3.  
          Unconfiguring an existing LDAP configuration
        4.  
          Changing the password for a bind user
      5.  
        Configuring Single Sign-On in Veritas InfoScale Operations Manager
      6.  
        Enabling the authentication domain
      7.  
        Disabling the authentication domain
      8.  
        About predefined roles in Veritas InfoScale Operations Manager
      9.  
        About Organizations, objects, and roles in Veritas InfoScale Operations Manager
      10.  
        Assigning permissions to user groups for a perspective
      11.  
        Modifying permissions assigned to user groups for a perspective
      12.  
        Deleting permissions assigned to user groups on a perspective
      13.  
        Restricting users or user groups from accessing the Veritas InfoScale Operations Manager console
      14.  
        Example: Managing user access in Veritas InfoScale Operations Manager using Organizations and existing user groups
    4. Setting up fault monitoring
      1.  
        About alerts and rules
      2. Creating rules in the Management Server perspective
        1.  
          Create Rule - Select the type of fault conditions to trigger this rule panel options
        2.  
          Create Rule - Select one or more fault topics which will trigger this rule panel options
        3.  
          Create Rule - Setup notifications panel options
        4.  
          Create Rule - Enter name and description panel options
      3. Editing rules in the Management Server perspective
        1.  
          Edit Rule - Select the type of fault condition to trigger this rule panel options
        2.  
          Edit Rule - Select one or more fault topics which will trigger this rule panel options
        3.  
          Edit Rule - Setup notifications panel options
        4.  
          Edit Rule - Enter name and description panel options
      4. Deleting rules in the Management Server perspective
        1.  
          Delete Rule panel options
      5. Enabling rules in the Management Server perspective
        1.  
          Enable Rule panel options
      6. Disabling rules in the Management Server perspective
        1.  
          Disable Rule panel options
      7.  
        About faults and risks
      8. Suppressing faults in the Management Server perspective
        1.  
          Suppress Faults panel options
      9.  
        Restoring a suppressed fault in the Management Server perspective
      10. Suppressing a fault definition in the Management Server perspective
        1.  
          Suppress the fault definition panel options
      11.  
        Restoring a suppressed fault definition in the Management Server perspective
    5. Setting up virtualization environment discovery
      1.  
        About the virtualization technologies supported
      2.  
        About Control Hosts in Veritas InfoScale Operations Manager
      3.  
        Requirements for discovering vCenter and ESX servers using Veritas InfoScale Operations Manager
      4.  
        About near real-time discovery of VMware events
      5. Setting up near real-time discovery of VMware events
        1.  
          Configuring the VMware vCenter Server to generate SNMP traps
      6.  
        Configuration settings for VMware vCenter discovery
      7. Requirements for discovering the Solaris zones
        1.  
          Requirements for the zlogin utility on non-Global Zones
        2.  
          Requirements for devices exported to non-Global Zones
        3.  
          Requirements for file systems exported to non-Global Zones
      8.  
        Requirements for discovering Solaris Logical domains
      9.  
        Requirements for discovering logical partitions
      10.  
        Requirements for Microsoft Hyper-V virtualization discovery
      11.  
        Requirements for Kernel-based Virtual Machine (KVM) virtualization discovery
      12. Adding a virtualization server
        1.  
          Add Virtualization Server panel options
        2.  
          Add Virtualization Server panel options
      13. Editing a virtualization discovery configuration
        1.  
          Edit Configuration panel options
        2.  
          Edit Configuration panel options for method selection
      14. Refreshing a virtualization discovery configuration
        1.  
          Refreshing an ESX Server discovery
      15.  
        Removing a virtualization discovery configuration
      16.  
        Configuring performance metering for a VMware vCenter server
      17.  
        Disable performance metering for a VMware vCenter server
    6. Deploying hot fixes, packages, and patches
      1.  
        About deploying Veritas InfoScale Operations Manager hot fixes
      2.  
        About deploying maintenance release packages and patches
      3.  
        About deploying base release packages
      4.  
        Downloading a hot fix, package, or patch
      5.  
        Uploading a Veritas InfoScale Operations Manager hot fix or package to the repository
      6. Installing a Veritas InfoScale Operations Manager hot fix, package, or patch
        1.  
          Install - Download hot fix, package, or patch panel options
        2.  
          Install - Select hosts panel options
      7.  
        Removing a hot fix, package, or patch from the repository
      8.  
        Canceling deployment request for a hot fix, package, or patch
      9.  
        Installing a Veritas InfoScale Operations Manager hot fix on a specific managed host
    7. Configuring Management Server settings
      1.  
        Configuring the Management Server settings
      2.  
        Configuring SMTP settings for email notifications
      3. Configuring SNMP trap settings for alert notifications
        1.  
          Configuring SNMPv3 settings
      4.  
        Configuring the proxy server settings
      5.  
        Configuring two-factor authentication (2FA)
      6.  
        Setting the period for retaining the alert and the task logs in the database
      7.  
        Configuring Web server settings
      8.  
        Setting the generation time for subscribed reports
      9.  
        Configuring advance authorization settings
      10.  
        Enabling or disabling policy signatures for the data center
      11.  
        Forwarding audit logs
    8. Setting up extended attributes
      1.  
        About using extended attributes
      2.  
        Adding an extended attribute
      3.  
        Modifying an extended attribute
      4.  
        Deleting an extended attribute
    9. Viewing information on the Management Server environment
      1.  
        Viewing the details of an add-on, hot fix, package, or patch on SORT website
      2.  
        Viewing the hosts configured in the Management Server domain
      3.  
        Viewing the details of the authentication broker and the domains associated with the broker
      4.  
        Viewing faults in the Management Server perspective
      5.  
        Viewing the faults definitions
      6.  
        Viewing details of alert logs
      7.  
        Viewing the details of rules
      8.  
        Viewing the details of active users logged in to Management Server
      9.  
        Viewing the Management Server settings
      10.  
        Viewing the list of extended attributes
      11.  
        Viewing audit information for Management Server
      12.  
        Viewing task information for the data center
      13.  
        Viewing or exporting a list of available policy signatures
  3. Appendix A. Troubleshooting
    1. Management Server (MS)
      1.  
        Veritas InfoScale Operations Manager processes running on Management Server for Linux
      2.  
        Veritas InfoScale Operations Manager services running on Management Server for Windows
      3.  
        Commands to start and stop the Veritas InfoScale Operations Manager processes on Management Server on Linux
      4.  
        Commands to start and stop the Veritas InfoScale Operations Manager processes on Management Server on Windows
      5.  
        Management Server log file locations on Linux
      6.  
        Management Server log file locations on Windows
    2. Managed host (MH)
      1.  
        Veritas InfoScale Operations Manager processes running on managed host on Unix/Linux
      2.  
        Veritas InfoScale Operations Manager services running on managed host on Windows
      3.  
        Commands to start and stop Veritas InfoScale Operations Manager processes on managed host on UNIX/Linux
      4.  
        Managed host log files
      5.  
        Agentless driver log files
      6.  
        Gathering information for troubleshooting
  4.  
    Index

Importing third-party certificates for xprtld

Veritas InfoScale Operations Manager (VIOM)lets you import third-party certificates for the xprtld service on Management Servers that run on Linux. It also lets you import third-party certificates for the agents on AIX, Linux, and Solaris, provided that the agent version is 7.3.1 or later. VIOM supports the use of a third-party certificate without a passphrase for xprtld that runs on port 5634. However, it only supports 2048-bit certificates.

To generate a third-party certificate for xprtld

  1. Use the openssl command as follows to generate a private key and a certificate signing request (CSR):

    openssl req -newkey rsa:2048 -nodes -keyout sfmAgentPrivateKeyFileName -out sfmAgentCSRFileName

    For example:

    openssl req -newkey rsa:2048 -nodes -keyout sfm_agent.private.key -out sfm_agent.csr

  2. The openssl command prompts you to provide some information that is to be added to the CSR. Specify the exact values that are provided in the following example: 
    Country Name (2 letter code) [XX]: . 
State or Province Name (full name) []: . 
Locality Name (eg, city) [Default City]: . 
Organization Name (eg, company) [Default Company Ltd]: vx 
Organizational Unit Name (eg, section) []: sfm_domain@nameOfCMS 
Common Name (eg, your name or your server's hostname) []: sfm_agent 
Email Address []:

    Note:

    The nameOfCMS value should match exactly with the value of the cs_config_name attribute that is present in the /etc/default/sfm_resolv.conf file on the Central Management Server (CMS).

    Specify the exact values that are provided in the following example for this additional information that is also to be sent with the CSR:

    A challenge password []: .
 An optional company name []:
  3. Send the CSR file - for example, sfm_agent.csr - to your certificate signing authority and ask them to provide the corresponding certificate. The certificate should be provided in the pem format, along with the intermediate CA certificate and the root CA certificate, and it should support SSL clients. Veritas recommends that you assign a validity of 10 years to the certificate, or the maximum duration possible.
  4. Optionally, run the following command to verify the purpose of the certificate, including the support for SSL clients:

    openssl x509 -purpose -noout -in sfmAgentCertFileName

    For example:

    openssl x509 -purpose -noout -in sfm_agent.cert.pem

    Certificate purposes:

    SSL client : Yes SSL client CA :No

    SSL server : Yes SSL server CA :No

    Netscape SSL server : Yes Netscape SSL server CA : No

  5. Ensure that you have the following files ready before you import the certification on a Management Server:

    File

    Sample file name

    Private key file for sfm_agent

    sfm_agent.private.key

    Certificate file for sfm_agent

    sfm_agent.cert.pem

    Certificate file for intermediate CA

    intermediate.cert.pem

    Certificate file for root CA

    ca.cert.pem

To import a third-party certificate on a Management Server and on the agents

  1. Copy all the files that are mentioned in the last step of the previous procedure on the Management Server at the appropriate location, for example: /viom/certs/.

  2. Run the following command to import the certificates:

    /opt/VRTSsfmh/bin/perl /opt/VRTSsfmh/util/import_sfm_agent_certificate.pl --import_sfm_agent_cert --sfm_agent_certificate=/viom/certs/sfmAgentCertificateFileName --sfm_agent_privatekey=/viom/certs/sfmAgentPrivateKeyFileName --subCA_certificate=/viom/certs/intermediateCertificateFileName --rootCA_certificate=/viom/certs/caCertificateFileName

    For example:

    /opt/VRTSsfmh/bin/perl /opt/VRTSsfmh/util/import_sfm_agent_certificate.pl --import_sfm_agent_cert --sfm_agent_certificate=/viom/certs/sfm_agent.cert.pem --sfm_agent_privatekey=/viom/certs/sfm_agent.private.key --subCA_certificate=/viom/certs/intermediate.cert.pem --rootCA_certificate=/viom/certs/ca.cert.pem

    The certificates are imported on the agents automatically.

  3. Follow the instructions and provide the appropriate input at the prompts that the command displays.

    You may encounter certain situations that you can address as follows:

    • The certificate import process restarts all the VIOM services on the Management Server and the xprtld service on all the managed hosts. After the certificate is successfully imported, if a managed host does not yet use the new certificate, check whether that host is registered on multiple Management Servers. If so, unconfigure the managed host from the Management Servers other than the one on which this new certificate was installed, and then restart the xprtld service on the host.

    • The certificate cannot be imported on the managed hosts that are on VIOM 7.3 or an earlier version. Upgrade such hosts to VIOM 8.0 or a later supported version (refer to the Veritas InfoScale Operations Manager Hardware and Software Compatibility Lists document), and then run the command to import the certificate again.

    • The certificate cannot be imported on managed hosts that are unreachable from the Management Server. After the import process is complete, address the connectivity issue for the managed hosts that were unreachable. Then, add the managed hosts to the Management Server again; the new certificate gets automatically installed on the managed hosts.