Cool Solutions

OES2 SP1 Install and Migration



By:

September 30, 2009 6:01 pm

Reads: 6662

Comments:3

Score:0

Download the pdf of this article here.

Please keep in mind this is not the only method or set of guides that can be used. Each environment is unique and different. Our setup consists of three different sets of servers. We have non-clustered NetWare servers on HP BL460c blades. We have a 16-node NCS NetWare Cluster on the same set of blades. Lastly, we have about 35 servers (HP DL385) in our regional offices. As such, each server type required a slightly different approach.

We found that because we have a large number of home directories and ZEN NAL app objects, as well as IDM in use that all of our migrations would be done using the ID Transfer scenario. The exception to this is our NCS Cluster (which has not been done yet). Because the majority of our regional servers also have GroupWise on them, we figured it would be quicker to just migrate all the services and then do an ID Transfer. As such, this is a variation on a theme.

As always, TEST, and TEST some more. Use whatever method works best for you, preferably one that is supported.

I’ve tried to remove all server names, IP addresses, and incriminating evidence.

OES2 SP1 Installation

First, if this is a dual-SAN connected server, make sure to disconnect the secondary path and only run the setup with the first connection. There are many ways to install OES2.

We find it faster to install from the network, after we boot from the SLES 10 SP2 DVD. However, you can also use the local DVD/CD drive, or for the blade servers, use the HP ILO to accomplish the same thing (although ILO is limited to 100MB connection, so it’s usually faster to boot from the virtual DVD, and pull the install DVD/CD info from the Linux server we setup as an install source). If you are using the CD/DVD method, please use the SLES 10 SP2 DVD media (to avoid CD swapping). The OES install is only on CD.

If using the media, boot from the SLES 10 SP2 media, select Installation and hit Enter. Then you can skip to page 2. Currently we are only using OES2 SP1 32-bit codebase.

On page 6, you would modify the instructions so that you select CD for the OES2 SP1 CD media (if using the local CD/DVD drive or HP ILO virtual media).

Alternative boot method:

  • Boot from SLES 10 SP2 media
  • Select Installation, but don’t hit Enter
  • At the bottom enter the options: install=nfs://slesadmin.abc.com/install/path hostip=IP netmask=mask gateway=192.168.x.x nameserver=192.168.10.10
  • Paths are:
  • /SLES10SP2_32/CD1
  • /SLES10SP2_64/CD1

Ie: install=nfs://slesadmin.abc.com/install/SLES10SP2_32/CD1 hostip=192.168.10.9 netmask=255.255.255.0 gateway=192.168.1.1 nameserver=192.168.10.10

Next

Check the “include add-on products” and click Next

Click Add

Click NFS

Then click Next.

Click OK

Click Yes, and then Next.

Click Next

Set the “Hardware Clock Set To” to Local Time (this means you’re telling it what the CMOS clock is set to, and on the HP Blades, it’s ALWAYS local time). Make sure USA And Eastern are set as well and click Next. Later we’ll configure for NTP time.

Click Partitioning (we need to change some stuff).

Click “Create Custom Partition Setup” and then click Next (what you see on the next screen may vary depending on if this is a dual-pathed Blade or the standalone regional servers).

Why do we do this? We don’t like to setup one big LUN (virtual disk, logical drive, whatever your RAID hardware calls it) for / (root partition) using Reiserfs.

With OES2, you ALWAYS want to setup a dedicated LUN for your “boot” code, and leave a separate LUN for NSS (if using NSS). NEVER allocate all your disk space to one LUN. Think of this as NetWare, in the sense that you had your DOS partition separate from NetWare partitions, and SYS volume separate from your other volumes.

Select Custom Partitioning and then click Next.

We have two LUNs here. A “boot” LUN (the 15.0 GB LUN) and a secondary LUN for NSS volumes. We are only going to setup the boot LUN for now.

Click Create.

Select 1: /dev/sda and click OK. (the naming will change depending upon your hardware)

Select Primary Partition and click OK

Make sure to set the file system to Ext3 and the size to 1.0 GB and the mount to /boot

Click OK

Click Create

Choose 1: /dev/sda and click OK
Choose Primary Partition and click OK

Change “file system” to Swap.
Set to +2GB and click OK (don’t forget the mount point of swap)

Click Create and Primary Partition again.

Change file system to Ext3 and let it use the rest of the LUN and mount point is /

Click Finish as I’m not sure what other partitions to make at this point. You can only have 4 Primary Partitions in Linux/OES (per disk/device/LUN).

We’re going to leave LUN #2 alone for now. This will be used later for NSS/EVMS volumes.

Click Finish

Click Software

Always uncheck the Novell AppArmor. For OES it will depend upon what type of install you are doing (there’s other docs I’m preparing for Migration scenarios). However, ALL OES2 servers should have the following items selected:

  1. Novell eDirectory
  2. Novell Backup/SMS
  3. Novell iManager (you never know when you’ll need it on the server)
  4. Novell Storage Services (this should auto-check the Novell LUM, and Novell NCP, but I will list them here anyway)
  5. Novell Linux User Management (LUM)
  6. Novell NCP Server/Dynamic Storage Technology

Depending upon your server (new install vs. migration) you may also check the “Novell Pre-Migration Server). For a new server install you would NOT check that box. We choose to install NSS even if we aren’t going to use it right away (again, never know when you may want/need it). I find the NCP server handy so that you can use native Linux EXT3 partitions and attach to them with Windows PC’s via the Novell Client (as opposed to having to muck around with SAMBA configurations). This also adds NCP file locking if using GroupWise and the ConsoleOne Windows Management snapins.

For an Identity Transfer operation (migration), make sure that you selected the Pre-Migration Server option.

Depending on the server you are transferring, you may have to select iPrint and DHCP, in addition to other items. Scroll down and make sure you selected NSS.

I also install the C Compiler tools because you never know when you may need them.
(Most notably on Vmware, or if using the HP Proliant Support Pack–because it installs non-kernel drivers sometimes and therefore you need the Compiler to recompile the kernel for non-stock drivers).

Click Accept.

Click Accept again.

Click Accept again.

Click Install

Wait for it to create the partitions

It should reboot and launch the rest of the install

Enter in the password. This should be diff. than the eDirectory Admin password. Click Next.

Uncheck the “change hostname via DHCP”. We don’t give out DHCP in the server room. Follow your standard naming convention.

FOR Identity Transfer/Migrations:

You must enter a TEMPORARY name here. I suggest a format of:

Temp-oldserver (ie: temp-buff, temp-dis03, etc.)

Click Next.

Set firewall to disabled (for now).
Also Disable IPv6. I’ve had issues with it in the past.

Click Network Interfaces

On the Blade servers, the first HP NIC is the “primary” one. (For the standalone servers with pass-through boards). You must double-check by looking at ILO for the MAC address and comparing to what SLES shows.

Sometimes Linux assigns the NIC in reverse order (ie, 2nd NIC will be eth0, 1st NIC will be eth1). Make sure to find the MAC address of the NIC and compare against what Linux finds (click Edit and you can go to the Advanced section and verify the hardware address). Otherwise you may THINK that first NIC listed is the primary NIC (eth0) and it’s not. Then your install fails later because of this. Alternatively you can disable the secondary NIC in the BIOS and re-enable it later.

Set the IP and Netmask.

Click Hostname and Name Server

FOR Identity Transfer/Migration:

You must use a TEMPORARY IP address. When the migration is finished, the temporary server name and IP will be removed automatically from the OES2 server.

Enter the appropriate DNS servers and click OK (double-check that hostname and domain are still correct).

Click the Routing button

Enter the default gateway and click OK (obviously the gateway can differ depending on where the server is installed).

Click Next

I believe it puts the “configured” NIC on the top now, even though we hopefully configured the second one. Click Next.

Select the VNC Remote Administration so that it is enabled. We choose to use this so that we can use the NRM (Novell Remote Manager) VNC Consoles option. ILO will work as well, albeit slower (and the mouse cursor has issues until you install the HP drivers).

Click Next.

We may change the Proxy section later.

I usually skip the test.

(because it won’t work unless it goes through the proxy anyway).

Click Next

DO NOT use LDAP with OES. OES uses it’s own LDAP server (eDirectory). You CANNOT use OpenLDAP and eDir at the same time.

For this, we’d install into the existing tree. Insert the proper tree name. (Assuming you are installing into an existing environment, vs. a brand new install).

I also uncheck the Require TLS for Simple Binds. It tends to cause issues if you don’t uncheck it.

Click Next.

Input the IP of: 192.168.10.5

That’s the DS Master replica server. Enter the admin userid in LDAP format and the password.

Click Next.

Be careful here. Enter the server context in LDAP format (there’s no browse button, so you have to know where the server will be installed to). I leave everything else the same.

We may change the DIB location later, not sure yet.

Click Next.

For now, I pointed to the Unix server for time. That should be okay since the netware server also points to that to get time. Be sure to enter the SLP information and add both IP’s in there. Click Next.

I leave these as-is. Click Next.

I click Next here.

Now wait a long time for this and iManager to install.

For now we leave this local. We may change to LDAP later, but unsure (plus there’s a LUM module in OES as well). Basically this means that any accounts created on this Linux server are ONLY stored on this server (same for passwords). We don’t plan on creating other “local only” accounts.

Click Next.

Click Next

Click Yes.

Click Next.

Click Next.

We can always clone it for autoyast later, but until we get all the specifics ironed out, I’m unchecking this and click Finish.

Technically at this point, you are finished with the install. However, it is STRONGLY advised that you patch the server before:

  1. Creating any NSS items
  2. Enabling MPIO (multi-pathing)
  3. Doing an ID-Transfer (or any migration with the Migration Utilities)

Once the server is up and running, before creating any NSS partitions or enabling Multi-pathing, we need to apply updates. We have setup an SMT (Subscription Management Tool) server on Linux (the same server that hosts our install media and our Auto-yast configurations). SMT is a patch “proxy” server that downloads all the patches from the Novell Customer Center (NCC) so that we don’t have to configure every server to download these patches from the internet. Instead, we point the servers to the SMT server. Think of it as a “lite” version of Patchlink for Linux/OES2.

You may either use the SLES/OES2 server to get the SMT conf file or you can use WinSCP and copy it from your PC to the SLES/OES2 server.

Once you have the script from the SMT server:

Type:

chmod +x clientSetup4SMT.sh

Now type:

./clientSetup4SMT.sh –host smt.abc.com

That’s a ” – -” (dash dash without a space) in front of the host line

Hit Enter

Y

Then type:

suse_register

Hit Enter and wait

The icon will normally be orange.

Click it.

It will usually come up and tell you a few patches to update. Update those (this updates the ZMD process itself).

If it needs a reboot, it will tell you.

Wait a little while longer (or reboot if you want) and then it’ll usually come up with a list of about 248 packages to update.

The default list will contain security patches first, followed by “mandatory/recommended” patches to SLES10 and OES2.

I usually apply those (reboot needed I believe)

After that, you’ll usually get a GREEN icon like above. I do NOT apply the optional patches.

SLES 10/OES2 Multi-pathing

This section is how to enable multi-pathing (MPIO) when booting from the SAN. As you can see, we have two paths.

Now, we follow TID 3594167 (which states we need a fully patched system, so that’s why I patch first).

So far we’ve done steps 1-4, now we do step 5.

(Quit out of the partitioner)

Open a terminal and type:

(as per step 5)

Step 6:

Type:

Step 7:

Type:

multipath –v2 –d

You should see:

NEW STEP:

Edit multipathd.conf file as per Xiotech:

At the prompt type:

gedit /etc/multipath.conf

Enter the information as shown:

(note the spaces).

We may change round-robin, but I’m not sure yet. Have to find out from Novell about clustering and if this is acceptable.

Step 8 from the Novell TID:

(there didn’t appear to be any changes required when I tested)

Step 9:

Step 10:

Reboot the server

Step 11:

Open a terminal prompt and type:

multipath –ll

Here’s a key for the output of the multipath command:

Go into iManager -> Storage -> Devices

I selected the 29 GB partition and clicked Initialize.

Then I go to “volumes”

Click New

Click Next

Click New Pool

Click Next

Check the box next to “used size” and enter in the amount you want to use.

Click Finish

So I checked the box next to “GW” and clicked Next

For NON-GroupWise volumes, you want the following attributes:

  1. Backup
  2. Directory Quotas
  3. Salvage

For GW volumes, you want:

  1. Backup
  2. Flush Files Immediately

For both volume types:

Set Lookup Namespace to “long”

I checked the “Allow Mount point to be Renamed” and clicked Finish

NOTE: While the Novell OES2 documentation states that it’s advised to NOT use the Unix lookup Namespace (in fact, it defaults to Long), it has been suggested that for GROUPWISE only (with less than a million files) that you use Unix to force case-sensitivity. I have not yet tested this in the test lab. It does appear from the documentation that you can easily change these namespaces.

According to the docs, if you enable directory quotas (like for H drives and stuff), you have to do this after you create the volume:

/etc/init.d/ncp2nss restart

Post Installation Steps

This is for Symantec NetBackup to work properly with NSS.

You need to edit the /etc/opt/novell/nss/nssstart.cfg file and add the two following statements/lines:

/ListXattrNWmetadata
/CtimeIsMetadataModTime

That’s an “I” in the CtimeIs statement, not an “l” ( the documentation on Symantec’s site is difficult to read).

I restart the server after this to ensure that it’s loaded.

Setup NRM

We need to change a few more items.

Login to NRM (Novell Remote Manager) on the temporary OES2 server, using the following format:

https://dnsnameofserver.abc.com:8009 (same as it is for NetWare)

You must login as admin.dec or the “root” user. You cannot login as yourself just yet.

Click “Manage NCP Services” -> Manage NCP Server

Click the value of “2″ next to the OPLOCK_SUPPORT_LEVEL and set to a value of 0 (that’s a zero).

NRM will automatically restart the ndsd process to make the change take effect.

Now click the “configure” icon:

Click the “Edit httpstkd config file”

Scroll all the way down to the bottom and ADD the following two lines:

Then click Save Changes.

You now have two choices. You can either restart the entire server, or restart the following process to make the Email changes take effect:

rcnovell-httpstkd restart (this may also take a minute or so) – this makes the email change take effect

VN:F [1.9.22_1171]
Rating: 0.0/5 (0 votes cast)

Categories: Uncategorized

Disclaimer: This content is not supported by Novell. It was contributed by a community member and is published "as is." It seems to have worked for at least one person, and might work for you. But please be sure to test it thoroughly before using it in a production environment.

3 Comments

  1. By:Magic31

    Kevin,

    GREAT! step by step guide on how to setup OES2!!

    Three little suggestions:

    -You missed adding your found ncp ‘MAXIMUM_CACHED_SUBDIRECTORIES_PER_VOLUME 500000′ setting. As you’ve type a book already, maybe add a link to your previous blog? :P

    -Some added notes on what to expect with openSLP could be of value. That’s (still) one slippery thing to watch out for with OES2L.

    -Would be great if there was a PDF version attached so people can download this bookwork! ;)

    Now where is that rep button here?!

    Cheers,
    Willem

    VN:F [1.9.22_1171]
    Rating: 0.0/5 (0 votes cast)
  2. By:khurni

    Those are awesome suggestions. I’ve got a few more additions to it as well for some LUM config I just found.

    I may submit a separate article about SLP

    I can certainly do a PDF version, but will have to see if Novell can post it, or find a free space to plop it up for a download URL.

    Again, great suggestions!

    VN:F [1.9.22_1171]
    Rating: 0.0/5 (0 votes cast)
  3. By:susantci

    I am setting up a test OES2 server today. I am not using the identity stuff but this will be very helpful in getting us started.

    Thanks for taking the time.
    Susan

    VN:F [1.9.22_1171]
    Rating: 0.0/5 (0 votes cast)

Comment

RSS