Download the pdf of this article here.
Please keep in mind this is not the only method or set of guides that can be used. Each environment is unique and different. Our setup consists of three different sets of servers. We have non-clustered NetWare servers on HP BL460c blades. We have a 16-node NCS NetWare Cluster on the same set of blades. Lastly, we have about 35 servers (HP DL385) in our regional offices. As such, each server type required a slightly different approach.
We found that because we have a large number of home directories and ZEN NAL app objects, as well as IDM in use that all of our migrations would be done using the ID Transfer scenario. The exception to this is our NCS Cluster (which has not been done yet). Because the majority of our regional servers also have GroupWise on them, we figured it would be quicker to just migrate all the services and then do an ID Transfer. As such, this is a variation on a theme.
As always, TEST, and TEST some more. Use whatever method works best for you, preferably one that is supported.
I’ve tried to remove all server names, IP addresses, and incriminating evidence.
OES2 SP1 Installation
First, if this is a dual-SAN connected server, make sure to disconnect the secondary path and only run the setup with the first connection. There are many ways to install OES2.
We find it faster to install from the network, after we boot from the SLES 10 SP2 DVD. However, you can also use the local DVD/CD drive, or for the blade servers, use the HP ILO to accomplish the same thing (although ILO is limited to 100MB connection, so it’s usually faster to boot from the virtual DVD, and pull the install DVD/CD info from the Linux server we setup as an install source). If you are using the CD/DVD method, please use the SLES 10 SP2 DVD media (to avoid CD swapping). The OES install is only on CD.
If using the media, boot from the SLES 10 SP2 media, select Installation and hit Enter. Then you can skip to page 2. Currently we are only using OES2 SP1 32-bit codebase.
On page 6, you would modify the instructions so that you select CD for the OES2 SP1 CD media (if using the local CD/DVD drive or HP ILO virtual media).
Alternative boot method:
- Boot from SLES 10 SP2 media
- Select Installation, but don’t hit Enter
- At the bottom enter the options: install=nfs://slesadmin.abc.com/install/path hostip=IP netmask=mask gateway=192.168.x.x nameserver=192.168.10.10
- Paths are:
Ie: install=nfs://slesadmin.abc.com/install/SLES10SP2_32/CD1 hostip=192.168.10.9 netmask=255.255.255.0 gateway=192.168.1.1 nameserver=192.168.10.10
Check the “include add-on products” and click Next
Then click Next.
Click Yes, and then Next.
Set the “Hardware Clock Set To” to Local Time (this means you’re telling it what the CMOS clock is set to, and on the HP Blades, it’s ALWAYS local time). Make sure USA And Eastern are set as well and click Next. Later we’ll configure for NTP time.
Click Partitioning (we need to change some stuff).
Click “Create Custom Partition Setup” and then click Next (what you see on the next screen may vary depending on if this is a dual-pathed Blade or the standalone regional servers).
Why do we do this? We don’t like to setup one big LUN (virtual disk, logical drive, whatever your RAID hardware calls it) for / (root partition) using Reiserfs.
With OES2, you ALWAYS want to setup a dedicated LUN for your “boot” code, and leave a separate LUN for NSS (if using NSS). NEVER allocate all your disk space to one LUN. Think of this as NetWare, in the sense that you had your DOS partition separate from NetWare partitions, and SYS volume separate from your other volumes.
Select Custom Partitioning and then click Next.
We have two LUNs here. A “boot” LUN (the 15.0 GB LUN) and a secondary LUN for NSS volumes. We are only going to setup the boot LUN for now.
Select 1: /dev/sda and click OK. (the naming will change depending upon your hardware)
Select Primary Partition and click OK
Make sure to set the file system to Ext3 and the size to 1.0 GB and the mount to /boot
Choose 1: /dev/sda and click OK
Choose Primary Partition and click OK
Change “file system” to Swap.
Set to +2GB and click OK (don’t forget the mount point of swap)
Click Create and Primary Partition again.
Change file system to Ext3 and let it use the rest of the LUN and mount point is /
Click Finish as I’m not sure what other partitions to make at this point. You can only have 4 Primary Partitions in Linux/OES (per disk/device/LUN).
We’re going to leave LUN #2 alone for now. This will be used later for NSS/EVMS volumes.
Always uncheck the Novell AppArmor. For OES it will depend upon what type of install you are doing (there’s other docs I’m preparing for Migration scenarios). However, ALL OES2 servers should have the following items selected:
- Novell eDirectory
- Novell Backup/SMS
- Novell iManager (you never know when you’ll need it on the server)
- Novell Storage Services (this should auto-check the Novell LUM, and Novell NCP, but I will list them here anyway)
- Novell Linux User Management (LUM)
- Novell NCP Server/Dynamic Storage Technology
Depending upon your server (new install vs. migration) you may also check the “Novell Pre-Migration Server). For a new server install you would NOT check that box. We choose to install NSS even if we aren’t going to use it right away (again, never know when you may want/need it). I find the NCP server handy so that you can use native Linux EXT3 partitions and attach to them with Windows PC’s via the Novell Client (as opposed to having to muck around with SAMBA configurations). This also adds NCP file locking if using GroupWise and the ConsoleOne Windows Management snapins.
For an Identity Transfer operation (migration), make sure that you selected the Pre-Migration Server option.
Depending on the server you are transferring, you may have to select iPrint and DHCP, in addition to other items. Scroll down and make sure you selected NSS.
I also install the C Compiler tools because you never know when you may need them.
(Most notably on Vmware, or if using the HP Proliant Support Pack–because it installs non-kernel drivers sometimes and therefore you need the Compiler to recompile the kernel for non-stock drivers).
Click Accept again.
Click Accept again.
Wait for it to create the partitions
It should reboot and launch the rest of the install
Enter in the password. This should be diff. than the eDirectory Admin password. Click Next.
Uncheck the “change hostname via DHCP”. We don’t give out DHCP in the server room. Follow your standard naming convention.
FOR Identity Transfer/Migrations:
You must enter a TEMPORARY name here. I suggest a format of:
Temp-oldserver (ie: temp-buff, temp-dis03, etc.)
Set firewall to disabled (for now).
Also Disable IPv6. I’ve had issues with it in the past.
Click Network Interfaces
On the Blade servers, the first HP NIC is the “primary” one. (For the standalone servers with pass-through boards). You must double-check by looking at ILO for the MAC address and comparing to what SLES shows.
Sometimes Linux assigns the NIC in reverse order (ie, 2nd NIC will be eth0, 1st NIC will be eth1). Make sure to find the MAC address of the NIC and compare against what Linux finds (click Edit and you can go to the Advanced section and verify the hardware address). Otherwise you may THINK that first NIC listed is the primary NIC (eth0) and it’s not. Then your install fails later because of this. Alternatively you can disable the secondary NIC in the BIOS and re-enable it later.
Set the IP and Netmask.
Click Hostname and Name Server
FOR Identity Transfer/Migration:
You must use a TEMPORARY IP address. When the migration is finished, the temporary server name and IP will be removed automatically from the OES2 server.
Enter the appropriate DNS servers and click OK (double-check that hostname and domain are still correct).
Click the Routing button
Enter the default gateway and click OK (obviously the gateway can differ depending on where the server is installed).
I believe it puts the “configured” NIC on the top now, even though we hopefully configured the second one. Click Next.
Select the VNC Remote Administration so that it is enabled. We choose to use this so that we can use the NRM (Novell Remote Manager) VNC Consoles option. ILO will work as well, albeit slower (and the mouse cursor has issues until you install the HP drivers).
We may change the Proxy section later.
I usually skip the test.
(because it won’t work unless it goes through the proxy anyway).
DO NOT use LDAP with OES. OES uses it’s own LDAP server (eDirectory). You CANNOT use OpenLDAP and eDir at the same time.
For this, we’d install into the existing tree. Insert the proper tree name. (Assuming you are installing into an existing environment, vs. a brand new install).
I also uncheck the Require TLS for Simple Binds. It tends to cause issues if you don’t uncheck it.
Input the IP of: 192.168.10.5
That’s the DS Master replica server. Enter the admin userid in LDAP format and the password.
Be careful here. Enter the server context in LDAP format (there’s no browse button, so you have to know where the server will be installed to). I leave everything else the same.
We may change the DIB location later, not sure yet.
For now, I pointed to the Unix server for time. That should be okay since the netware server also points to that to get time. Be sure to enter the SLP information and add both IP’s in there. Click Next.
I leave these as-is. Click Next.
I click Next here.
Now wait a long time for this and iManager to install.
For now we leave this local. We may change to LDAP later, but unsure (plus there’s a LUM module in OES as well). Basically this means that any accounts created on this Linux server are ONLY stored on this server (same for passwords). We don’t plan on creating other “local only” accounts.
We can always clone it for autoyast later, but until we get all the specifics ironed out, I’m unchecking this and click Finish.
Technically at this point, you are finished with the install. However, it is STRONGLY advised that you patch the server before:
- Creating any NSS items
- Enabling MPIO (multi-pathing)
- Doing an ID-Transfer (or any migration with the Migration Utilities)
Once the server is up and running, before creating any NSS partitions or enabling Multi-pathing, we need to apply updates. We have setup an SMT (Subscription Management Tool) server on Linux (the same server that hosts our install media and our Auto-yast configurations). SMT is a patch “proxy” server that downloads all the patches from the Novell Customer Center (NCC) so that we don’t have to configure every server to download these patches from the internet. Instead, we point the servers to the SMT server. Think of it as a “lite” version of Patchlink for Linux/OES2.
You may either use the SLES/OES2 server to get the SMT conf file or you can use WinSCP and copy it from your PC to the SLES/OES2 server.
Once you have the script from the SMT server:
chmod +x clientSetup4SMT.sh
./clientSetup4SMT.sh –host smt.abc.com
That’s a ” – -” (dash dash without a space) in front of the host line
Hit Enter and wait
The icon will normally be orange.
It will usually come up and tell you a few patches to update. Update those (this updates the ZMD process itself).
If it needs a reboot, it will tell you.
Wait a little while longer (or reboot if you want) and then it’ll usually come up with a list of about 248 packages to update.
The default list will contain security patches first, followed by “mandatory/recommended” patches to SLES10 and OES2.
I usually apply those (reboot needed I believe)
After that, you’ll usually get a GREEN icon like above. I do NOT apply the optional patches.
SLES 10/OES2 Multi-pathing
This section is how to enable multi-pathing (MPIO) when booting from the SAN. As you can see, we have two paths.
Now, we follow TID 3594167 (which states we need a fully patched system, so that’s why I patch first).
So far we’ve done steps 1-4, now we do step 5.
(Quit out of the partitioner)
Open a terminal and type:
(as per step 5)
multipath –v2 –d
You should see:
Edit multipathd.conf file as per Xiotech:
At the prompt type:
Enter the information as shown:
(note the spaces).
We may change round-robin, but I’m not sure yet. Have to find out from Novell about clustering and if this is acceptable.
Step 8 from the Novell TID:
(there didn’t appear to be any changes required when I tested)
Reboot the server
Open a terminal prompt and type:
Here’s a key for the output of the multipath command:
Go into iManager -> Storage -> Devices
I selected the 29 GB partition and clicked Initialize.
Then I go to “volumes”
Click New Pool
Check the box next to “used size” and enter in the amount you want to use.
So I checked the box next to “GW” and clicked Next
For NON-GroupWise volumes, you want the following attributes:
- Directory Quotas
For GW volumes, you want:
- Flush Files Immediately
For both volume types:
Set Lookup Namespace to “long”
I checked the “Allow Mount point to be Renamed” and clicked Finish
According to the docs, if you enable directory quotas (like for H drives and stuff), you have to do this after you create the volume:
Post Installation Steps
This is for Symantec NetBackup to work properly with NSS.
You need to edit the /etc/opt/novell/nss/nssstart.cfg file and add the two following statements/lines:
That’s an “I” in the CtimeIs statement, not an “l” ( the documentation on Symantec’s site is difficult to read).
I restart the server after this to ensure that it’s loaded.
We need to change a few more items.
Login to NRM (Novell Remote Manager) on the temporary OES2 server, using the following format:
https://dnsnameofserver.abc.com:8009 (same as it is for NetWare)
You must login as admin.dec or the “root” user. You cannot login as yourself just yet.
Click “Manage NCP Services” -> Manage NCP Server
Click the value of “2″ next to the OPLOCK_SUPPORT_LEVEL and set to a value of 0 (that’s a zero).
NRM will automatically restart the ndsd process to make the change take effect.
Now click the “configure” icon:
Click the “Edit httpstkd config file”
Scroll all the way down to the bottom and ADD the following two lines:
Then click Save Changes.
You now have two choices. You can either restart the entire server, or restart the following process to make the Email changes take effect:
rcnovell-httpstkd restart (this may also take a minute or so) – this makes the email change take effect