AIX files modified by PowerHA SystemMirror

The following AIX® files are modified to support PowerHA® SystemMirror®. They are not distributed with PowerHA SystemMirror.

• /etc/hosts
• /etc/inittab
• /etc/services
• /etc/snmpdv3.conf file
• /etc/snmpd.conf file
• /etc/syslog.conf and /etc/rsyslog.conf files
• /var/spool/cron/crontabs/root

/etc/hosts

The cluster event scripts use the /etc/hosts file for name resolution. All cluster node IP interfaces must be added to this file on each node.

PowerHA SystemMirror might modify this file to ensure that all nodes have the necessary information in their /etc/hosts file, for proper PowerHA SystemMirror operations.

If you delete service IP labels from the cluster configuration by using SMIT, you must also them from the /etc/hosts file. Removing service IP label from the /etc/hosts file reduces the possibility of having conflicting entries if the labels are reused with different addresses in a future configuration.

DNS and NIS are not available during PowerHA SystemMirror-related name resolution. Hence, PowerHA SystemMirror IP addresses must be maintained locally.

/etc/inittab

The /etc/inittab file is modified in the following cases:

• PowerHA SystemMirror is configured for IP address takeover.
• The Start at System Restart option is chosen on the SMIT System Management (C-SPOC) > PowerHA SystemMirror Start Cluster Services panel.
• The /etc/inittab file has the following entry in the /user/es/sbin/cluster/etc/rc.init:

  hacmp:2:once:/usr/es/sbin/cluster/etc/rc.init

  This entry starts the PowerHA SystemMirror communications daemons, clcomd, and the clstrmgr subsystem.

Modifications to the /etc/inittab file due to IP address takeover

The following entry is added to the /etc/inittab file for PowerHA SystemMirror network startup with IP address takeover:

harc:2:wait:/usr/es/sbin/cluster/etc/harc.net # PowerHA SystemMirror network startup

Modifications to the /etc/inittab file due to system restart

The /etc/inittab file is used by the init process to initialize processes during system restart.

When the system restarts, the /etc/inittab file calls the /usr/es/sbin/cluster/etc/rc.cluster script to start PowerHA SystemMirror. The entry is added to the /etc/inittab file if the Start at system restart option is selected in the SMIT System Management (C-SPOC) > PowerHA SystemMirror Services > Start Cluster Services panel or when the system restarts.

The following entry starts the PowerHA SystemMirror communications daemons, clcomd and clstrmgr.

hacmp:2:once:/usr/es/sbin/cluster/etc/rc.init

Because some of the daemons that are started through the rc.tcpip script are required during the system restart, PowerHA SystemMirror adds an inittab entry for the harc.net script with a run level of 2. The harc.net script starts the following daemons when you restart the system:

• syslogd
• portmap
• inetd

The harc.net script also has code to start the following NFS-related daemons:

• nfsd
• rpc.mountd
• rpc.statd
• rpc.lockd

The code to start the NFS-related daemons is commented out, and you can uncomment if needed.

The syslogd, portmap, and inetd daemons are common to both the rc.tcpip script and the harc.net script. However, there is always the possibility that the NFS-related daemons are added to the rc.tcpip script by the user.

For more information about the files that are involved in starting and stopping PowerHA SystemMirror, see Starting and stopping cluster services.

/etc/services

The /etc/services file defines the sockets and protocols that are used for network services on a system. The ports and protocols that are used by the PowerHA SystemMirror components are defined here.

clinfo_deadman 6176/tcp
clinfo_client  6174/tcp
clsmuxpd       6270/tcp
clm_lkm        6150/tcp
clm_smux       6175/tcp
godm           6177/tcp
topsvcs        6178/udp
grpsvcs        6179/udp
emsvcs         6180/udp
clcomd         6191/tcp

/etc/snmpdv3.conf file

The Simple Network Management Protocol (SNMP) version 3 is the default version that is used by the AIX operating system. You can configure SNMP version 3 with the /etc/snmpdv3.conf file.

The SNMP daemon reads the /etc/snmpdv3.conf file when it starts and when a refresh command or a kill command is used. The /etc/snmpdv3.conf file specifies the community names and associated access privileges and views, hosts for trap notification, logging attributes, parameter configurations, and SMUX configurations for the snmpd daemon.

The PowerHA SystemMirror installation process adds a clsmuxpd password at the /etc/snmpdv3.conf file. The following line is added to the end of the /etc/snmpdv3.conf file to include the Management Information Base (MIB) variables for PowerHA SystemMirror that are supervised by the Cluster Manager:

smux  1.3.6.1.4.1.2.3.1.2.1.5 clsmuxpd_password # PowerHA SystemMirror clsmuxpd

The /usr/es/sbin/cluster/clstat utility and the /usr/es/sbin/cluster/utilities/cldump utility do not work if the internet MIB tree is not enabled in the /etc/snmpdv3.conf file. These utilities use the risc6000clsmuxpd (1.3.6.1.4.1.2.3.1.2.1.5) MIB subtree.

To enable the risc6000clsmuxpd (1.3.6.1.4.1.2.3.1.2.1.5) MIB subtree in the /etc/snmpdv3.conf file, complete the following steps:

1. From the command line, enter vi /etc/snmpdv3.conf.
2. On a new line in the /etc/snmpdv3.conf file, add the following entry: VACM_VIEW defaultView 1.3.6.1.4.1.2.3.1.2.1.5 - included -
3. To stop the snmpd daemon on the hosts where you changed the /etc/snmpdv3.conf file, enter stopsrc -s snmpd from the command line.
4. To start the snmpd daemon on the hosts where you changed the /etc/snmpdv3.conf file, enter startsrc -s snmpd from the command line.

If your system is running SNMP version 3, the community name is found in the VACM_GROUP entry in the /etc/snmpdv3.conf file.

The clinfo daemon also receives the SNMP community name by using the same process. You can use the -c flag with the clinfo daemon to specify an SNMP community name.

Note: If you want to protect the SNMP community name, do not use the -c flag with the clinfo daemon. If you use the -c flag, an unauthorized user might use the ps command to identify the SNMP community name. To protect the SNMP community name, change the permissions on the following files so that these files cannot be read by unauthorized users:

• /etc/snmpd.conf
• /smit.log
• /usr/tmp/snmpd.log
• /var/hacmp/log/hacmp.out
• /etc/snmpd.peers

/etc/snmpd.conf file

Simple Network Management Protocol (SNMP) version 3 is the default version that is used for the AIX operating system. However, you can use SNMP version 1 and configure it with the /etc/snmpd.conf file.

You can switch from SNMP version 3 to SNMP version 1 by using the snmpv3_ssw command.

The SNMP daemon reads the /etc/snmpdv3.conf file when it starts and when a refresh command or a kill command is used. The /etc/snmpd.conf file specifies the community names and associated access privileges and views, hosts for trap notification, logging attributes, parameter configurations, and SMUX configurations for the snmpd daemon.

The PowerHA SystemMirror installation process adds a clsmuxpd password to the /etc/snmpd.conf file. The following line is added at the end of the /etc/snmpd.conf file to include the PowerHA SystemMirror Management Information Base (MIB) variables that are supervised by the Cluster Manager:

smux  1.3.6.1.4.1.2.3.1.2.1.5 clsmuxpd_password # PowerHA SystemMirror clsmuxpd

The SNMP version 1 community name is the first name found that is not private or system in the output of the lssrc -ls snmpd command.

The clinfo daemon also receives the SNMP community name by using the same process. You can use the -c flag with the clinfo daemon to specify an SNMP community name.

Note: If you want to protect the SNMP community name, do not use the -c flag with the clinfo daemon. If you use the -c flag, an unauthorized user might use the ps command to identify the SNMP community name. To protect the SNMP community name, change the permissions on the following files so that these files cannot be read by unauthorized users:

• /etc/snmpd.conf
• /smit.log
• /usr/tmp/snmpd.log
• /var/hacmp/log/hacmp.out
• /etc/snmpd.peers

/etc/snmpd.peers

The /etc/snmpd.peers file configures snmpd SMUX peers.

During installation, PowerHA SystemMirror adds the following entry to include the clsmuxpd password to this file:

clsmuxpd  1.3.6.1.4.1.2.3.1.2.1.5  "clsmuxpd_password" # PowerHA SystemMirror/ES for AIX clsmuxpd

/etc/syslog.conf and /etc/rsyslog.conf files

During the installation process, PowerHA SystemMirror reads the subsystem. Depending on the subsystem, following entries are added to the file that directs the output from PowerHA SystemMirror related problems to certain files.

# example:
# "mail messages, at debug or higher, go to Log file. File must exist."
# "all facilities, at debug and higher, go to console"
# "all facilities, at crit or higher, go to all users"
#  mail.debug           /usr/spool/mqueue/syslog
#  *.debug              /dev/console
#  *.crit                       *
#  *.debug              /tmp/syslog.out     rotate size 100k files 4
#  *.crit               /tmp/syslog.out     rotate time 1d
local0.crit /dev/console
local0.info /var/hacmp/adm/cluster.log
user.notice /var/hacmp/adm/cluster.log
daemon.notice /var/hacmp/adm/cluster.log

If you want to use the /rtc/rsyslogd.conf file after installing PowerHA SystemMirror, you can run the following command to convert the existing /etc/syslog.conf file into the /etc/rsyslog.conf file on all the cluster nodes.

/usr/sbin/syslog_ssw -c /etc/syslog.conf /etc/rsyslog.conf

Then, convert the syslogd daemon by running the following command:

syslog_ssw -r

An output that is similar to the following example is displayed:

0513-077 Subsystem has been changed.
Start daemon: syslogd
0513-059 The syslogd Subsystem has been started. Subsystem PID is 4456860.

You can view the following entries in the /etc/rsyslog.conf file and you might also view more entries based on your /etc/rsyslog.conf configuration file.

aso.notice /var/log/aso/aso.log
aso.info /var/log/aso/aso_process.log
aso.debug /var/log/aso/aso_debug.log
caa.debug;caa. /var/adm/ras/syslog.caa .info /var/adm/ras/syslog.txt
local0.info;user.notice;daemon.notice /var/hacmp/adm/cluster.log

Irrespective of the syslogd daemon type, the lssrc command always displays the state of the subsystem as syslog. To determine the type of syslogd daemon that is enabled, run the following commands:

• ps -ef | grep syslog
  An output similar to the following example is displayed:

  root 26869770 4128770 0 04:19:37 - 0:00 /usr/sbin/rsyslogd

• odmget -q "subsysname = 'syslogd'" SRCsubsys
  An output similar to the following example is displayed:

  
  SRCsubsys:
  subsysname = "syslogd"
  synonym = ""
  cmdargs = ""
  path = "/usr/sbin/rsyslogd" <<<< rsyslogd is enabled
  uid = 0
  auditid = 0
  standin = "/dev/console"
  standout = "/dev/console"
  standerr = "/dev/console"
  action = 1
  multi = 1
  contact = 3
  svrkey = 0
  svrmtype = 0
  priority = 20
  signorm = 0
  sigforce = 0
  display = 1
  waittime = 20
  grpname = "ras"

  Note:

  • The /etc/rsyslog.conf file must be identical on all cluster nodes.
  • PowerHA SystemMirror does not support rotation of log files when the rsyslogd daemon is enabled because the rsyslogd daemon requires special mechanism to rotate the log files.

/var/spool/cron/crontabs/root

The /var/spool/cron/crontabs/root file contains commands that are needed for basic system control. The installation process adds PowerHA SystemMirror log file rotation to the file.

During the installation process, PowerHA SystemMirror adds entries to this file that direct the output from PowerHA SystemMirror related problems to certain files.

0 0 * * * /usr/es/sbin/cluster/utilities/clcycle 1>/dev/null 2>/dev/null # PowerHA SystemMirror for AIX Logfile rotation