Veritas Access Installation Guide

Last Published:
Product(s): Access (7.4.1)
Platform: Linux
  1. Introducing Veritas Access
    1.  
      About Veritas Access
  2. Licensing in Veritas Access
    1.  
      About Veritas Access product licensing
  3. System requirements
    1.  
      Important release information
    2. System requirements
      1. Linux requirements
        1.  
          Operating system RPM installation requirements and operating system patching
        2.  
          Kernel RPMs that are required to be installed with exact predefined RPM versions
        3.  
          OL kernel RPMs that are required to be installed with exact predefined RPM versions
        4.  
          Required operating system RPMs for OL 7.4
        5.  
          Required operating system RPMs for RHEL 7.3
        6.  
          Required operating system RPMs for RHEL 7.4
      2.  
        Software requirements for installing Veritas Access in a VMware ESXi environment
      3.  
        Hardware requirements for installing Veritas Access virtual machines
      4.  
        Management Server Web browser support
      5.  
        Supported NetBackup versions
      6.  
        Supported OpenStack versions
      7.  
        Supported Oracle versions and host operating systems
      8.  
        Supported IP version 6 Internet standard protocol
    3. Network and firewall requirements
      1.  
        NetBackup ports
      2.  
        OpenDedup ports and disabling the iptable rules
      3.  
        CIFS protocols and firewall ports
    4.  
      Maximum configuration limits
  4. Preparing to install Veritas Access
    1.  
      Overview of the installation process
    2.  
      Hardware requirements for the nodes
    3.  
      Connecting the network hardware
    4. About obtaining IP addresses
      1.  
        About calculating IP address requirements
      2.  
        Reducing the number of IP addresses required at installation time
    5.  
      About checking the storage configuration
  5. Deploying virtual machines in VMware ESXi for Veritas Access installation
    1.  
      Setting up networking in VMware ESXi
    2.  
      Creating a datastore for the boot disk and LUNs
    3.  
      Creating a virtual machine for Veritas Access installation
  6. Installing and configuring a cluster
    1.  
      Installation overview
    2.  
      Summary of the installation steps
    3.  
      Before you install
    4. Installing the operating system on each node of the cluster
      1.  
        About the driver node
      2.  
        Installing the operating system on the target Veritas Access cluster
      3.  
        Installing the Oracle Linux operating system on the target Veritas Access cluster
    5. Installing Veritas Access on the target cluster nodes
      1.  
        Installing and configuring the Veritas Access software on the cluster
      2.  
        Veritas Access Graphical User Interface
    6. About managing the NICs, bonds, and VLAN devices
      1.  
        Selecting the public NICs
      2.  
        Selecting the private NICs
      3.  
        Excluding a NIC
      4.  
        Including a NIC
      5.  
        Creating a NIC bond
      6.  
        Removing a NIC bond
      7.  
        Removing a NIC from the bond list
    7. About VLAN tagging
      1.  
        Creating a VLAN device
      2.  
        Removing a VLAN device
      3.  
        Limitations of VLAN tagging
    8.  
      Replacing an Ethernet interface card
    9.  
      Configuring I/O fencing
    10.  
      About configuring Veritas NetBackup
    11.  
      About enabling kdump during an Veritas Access configuration
    12.  
      Reconfiguring the Veritas Access cluster name and network
    13.  
      Configuring a KMS server on the Veritas Access cluster
  7. Automating Veritas Access installation and configuration using response files
    1.  
      About response files
    2.  
      Performing a silent Veritas Access installation
    3.  
      Response file variables to install and configure Veritas Access
    4.  
      Sample response file for Veritas Access installation and configuration
  8. Displaying and adding nodes to a cluster
    1.  
      About the Veritas Access installation states and conditions
    2.  
      Displaying the nodes in the cluster
    3.  
      Before adding new nodes in the cluster
    4.  
      Adding a node to the cluster
    5.  
      Adding a node in mixed mode environment
    6.  
      Deleting a node from the cluster
    7.  
      Shutting down the cluster nodes
  9. Upgrading Veritas Access and operating system
    1.  
      Upgrading the operating system and Veritas Access
  10. Upgrading Veritas Access using a rolling upgrade
    1.  
      About the rolling upgrades
    2.  
      Supported rolling upgrade paths for upgrades on RHEL and Oracle Linux
    3.  
      Performing a rolling upgrade using the installer
  11. Uninstalling Veritas Access
    1.  
      Before you uninstall Veritas Access
    2. Uninstalling Veritas Access using the installer
      1.  
        Removing Veritas Access 7.4.1 RPMs
      2.  
        Running uninstall from the Veritas Access 7.4.1 disc
  12. Appendix A. Installation reference
    1.  
      Installation script options
  13. Appendix B. Configuring the secure shell for communications
    1.  
      Manually configuring passwordless SSH
    2.  
      Setting up the SSH and the RSH connections
  14. Appendix C. Manual deployment of Veritas Access
    1.  
      Deploying Veritas Access manually on a two-node cluster in a non-SSH environment
    2.  
      Enabling internal sudo user communication in Veritas Access

Manually configuring passwordless SSH

You can use the SSH to log into and execute commands on a remote system. SSH enables encrypted communications and an authentication process between two untrusted hosts over an insecure network.

In this procedure, you first create a DSA key pair. From the key pair, you append the public key from the source system to the authorized_keys file on the target systems.

To create the DSA key pair

  1. On the source system (sys1), log in as root user, and navigate to the root directory.
    sys1 # cd /root
  2. To generate a DSA key pair on the source system, type the following command:
    sys1 # ssh-keygen -t dsa

    System output similar to the following is displayed:

    Generating public/private dsa key pair.
Enter file in which to save the key (/root/.ssh/id_dsa):
  3. Press Enter to accept the default location of /root/.ssh/id_dsa.
  4. When the program asks you to enter the pass phrase, press the Enter key twice.
    Enter passphrase (empty for no passphrase):

    Do not enter a pass phrase. Press Enter.

    Enter same passphrase again:

    Press Enter again.

  5. Output similar to the following lines appears.
    Your identification has been saved in /root/.ssh/id_dsa.
Your public key has been saved in /root/.ssh/id_dsa.pub.
The key fingerprint is:
1f:00:e0:c2:9b:4e:29:b4:0b:6e:08:f8:50:de:48:d2 root@sys1

To append the public key from the source system to the authorized_keys file on the target system using secure file transfer

  1. From the source system (sys1), move the public key to a temporary file on the target system (sys2).

    Use the secure file transfer program.

    In this example, the file name id_dsa.pub in the root directory is the name for the temporary file for the public key.

    Use the following command for secure file transfer: 

    sys1 # sftp sys2

    If the secure file transfer is set up for the first time on this system, output similar to the following lines is displayed:

    Connecting to sys2 ...
The authenticity of host 'sys2 (10.182.00.00)' 
can't be established. DSA key fingerprint is
fb:6f:9f:61:91:9d:44:6b:87:86:ef:68:a6:fd:88:7d.
Are you sure you want to continue connecting (yes/no)?
  2. Type yes.

    Output similar to the following is displayed:

    Warning: Permanently added 'sys2,10.182.00.00' 
(DSA) to the list of known hosts.
root@sys2 password:
  3. Enter the root password of sys2.
  4. At the sftp prompt, type the following command:
    sftp> put /root/.ssh/id_dsa.pub

    The following output is displayed:

    Uploading /root/.ssh/id_dsa.pub to /root/id_dsa.pub
  5. To quit the SFTP session, type the following command:
    sftp> quit
  6. Add the id_dsa.pub keys to the authorized_keys file on the target system. To begin the SSH session on the target system (sys2 in this example), type the following command on sys1:
    sys1 # ssh sys2

    Enter the root password of sys2 at the prompt:

    password:

    Type the following commands on sys2:

    sys2 # cat /root/id_dsa.pub >> /root/.ssh/authorized_keys
sys2 # rm  /root/id_dsa.pub
  7. Run the following commands on the source installation system. If your SSH session has expired or terminated, you can also run these commands to renew the session. These commands fetch the private key into the shell environment and make the key globally available to the root user.
    sys1 # exec /usr/bin/ssh-agent $SHELL
sys1 # ssh-add
    Identity added: /root/.ssh/id_dsa

    This shell-specific step is valid only while the shell is active. You must execute the procedure again if you close the SSH during the session.

To verify that you can connect to a target system

  1. On the source system (sys1), enter the following command:
    sys1 # ssh -l root sys2 uname -a

    where sys2 is the name of the target system.

  2. The command should execute from the source system (sys1) to the target system (sys2) without the system requesting a pass phrase or password.
  3. Repeat this procedure for each target system.