Configuring advanced node failure detection on hardware management console (HMC) with CIM server

A Hardware Management Console (HMC) can be used with advance node failure detection to prevent cluster partitions when a cluster node has actually failed.

For HMC setup, follow these steps:
  1. Ensure the *CIMOM TCP server is running on your IBM® i. You can look for the QUMECIMOM job within the QSYSWRK subsystem to see whether it is running. If the job is not running, you can start it with the command STRTCPSVR *CIMOM
  2. Start of changeEnsure the *SSHD TCP server is running on your IBM i. (on the green screen command entry display: STRTCPSVR *SSHD). In order to start the *SSHD server, you need to ensure that the QSHRMEMCTL system value is set to 1.End of change
  3. You must use the physical monitor and keyboard attached to your HMC. You cannot telnet or use a web interface to the HMC
  4. Open a restricted shell by right-clicking on the desktop, then select terminals/xterm.
  5. You will get a new shell window on the desk top in which you can enter commands.
  6. In the next step you, will be using the secure copy command on the HMC. However, you must have a home directory associated with your profile on the IBM i. For example, if you use QSECOFR as the profile name on the scp command, you will need to have a /home/QSECOFR directory created in the integrated file system on the IBM i.
  7. Use the secure copy command to copy a file to your IBM i cluster node. (scp /etc/Pegasus/server.pem QSECOFR@LP0236A:/server_name.pem) In the above command, change LP0236A to the name of your IBM i system name and change the server_name.pem to hmc_name.pem. For example, name the file myhmc.pem.
  8. Sign off the HMC
  9. Sign on your IBM i system and bring up a green screen command entry display
  10. Enter the PASE shell environment. (on the green screen command entry display: call qp2term)
  11. Move the HMC digital certificate (mv /myhmc.pem /QOpenSys/QIBM/UserData/UME/Pegasus/ssl/truststore/myhmc.pem (in the above, replace the name, myhmc.pem, with your specific file name)
  12. Add the digital certificate to the truststore (/QOpenSys/QIBM/ProdData/UME/Pegasus/bin/cimtrust -a -U QSECOFR -f /QOpenSys/QIBM/UserData/UME/Pegasus/ssl/truststore/myhmc.pem -T s)
  13. In the above, replace the name, myhmc.pem, with your specific file name.
  14. Exit the PASE shell by pressing F3.
  15. End the CIM server. On the green screen command entry display: ENDTCPSVR *CIMOM.
  16. Restart the CIM server to pick up the new certificate. (on the green screen command entry display: STRTCPSVR *CIMOM