Requirements for administering IBM Spectrum Scale RAID

Root authority is required to perform all IBM Spectrum Scale™ RAID administration tasks.

IBM Spectrum Scale RAID commands maintain the appropriate environment across all nodes in the GPFS™ cluster. To achieve this, IBM Spectrum Scale RAID commands use the remote shell and remote file copy commands that you specify on the mmcrcluster command or the mmchcluster command. See the IBM Spectrum Scale: Command and Programming Reference for more information.

The default remote commands are rsh and rcp, but you can designate ssh and scp or any other remote commands with compatible syntax. The rsh and rcp commands that are provided by the Windows Cygwin environment do not support IBM Spectrum Scale. If your cluster includes Windows nodes, you must designate ssh and scp as the remote communication program.

In principle, you can issue IBM Spectrum Scale RAID administration commands from any node in the GPFS cluster. The nodes that you plan to use for administering IBM Spectrum Scale RAID must be able to run remote shell commands on themselves and on any other node in the cluster without the use of a password and without producing any extraneous messages. Similarly, the nodes on which the IBM Spectrum Scale RAID commands are issued must be able to copy files to and from any other node in the GPFS cluster without the use of a password and without producing any extraneous messages.

The way the passwordless access is achieved depends on the particular remote execution program and authentication mechanism being used. For example, for rsh and rcp, you might need a properly configured .rhosts file in the root user's home directory on each node in the GPFS cluster. If the remote program is ssh, you may use private identity files that do not have a password. Or, if the identity file is password protected, you can use the ssh-agent utility to establish an authorized session before issuing mm commands. It is the administrator's responsibility to issue mm commands only from nodes that are configured properly and that can access the rest of the nodes in the GPFS cluster.