Thursday May 17, 2007

CACAO and JES

I had customer that was setting up an jump start image to preinstall the Java Enterprise System. They were running into errors with CACAO. It seems that the host information was from the Jump Start System was not being updated. At least until they logged on the first time with the GUI. So below is the link to reset the CACAO host information...

Here is the doc extract and link to reset CACAO in case of host name change or compromised system. http://docs.sun.com/app/docs/doc/819-2971/6n57mi2el?a=view

How to Regenerate Common Agent Container Security Keys

Sun Cluster Manager uses strong encryption techniques to ensure secure communication between the Sun Cluster Manager web server and each cluster node.

The keys that Sun Cluster Manager uses are stored under the /etc/opt/SUNWcacao/security directory on each node. They should be identical across all cluster nodes.

Under normal operation, these keys can be left in their default configuration. If you change the host name of a cluster node, you must regenerate the common agent container security keys. You might also need to regenerate the keys because a possible key compromise (for example, root compromise on the machine). To regenerate the security keys, use the following procedure.

1. On all cluster nodes, stop the common agent container management daemon.

# /opt/SUNWcacao/bin/cacaoadm stop

2. On one node of the cluster, regenerate the security keys.

phys-schost-1# /opt/SUNWcacao/bin/cacaoadm create-keys --force

3. Restart the common agent container management daemon on the node on which you regenerated the security keys.

phys-schost-1# /opt/SUNWcacao/bin/cacaoadm start

4. Create a tar file of the /etc/cacao/instances/default directory.

phys-schost-1# cd /etc/cacao/instances/default phys-schost-1# tar cf /tmp/SECURITY.tar security

5. Copy the /tmp/Security.tar file to each of the cluster nodes.

6. On each node to which you copied the/tmp/SECURITY.tar file, extract the security files.

Any security files that already exist in the /etc/opt/SUNWcacao/ directory are overwritten.

phys-schost-2# cd /etc/cacao/instances/default

phys-schost-2# tar xf /tmp/SECURITY.tar

7. Delete the /tmp/SECURITY.tar file from each node in the cluster.

You must delete each copy of the tar file to avoid security risks.

phys-schost-1# rm /tmp/SECURITY.tar

phys-schost-2# rm /tmp/SECURITY.tar

8. On all nodes, restart the common agent container management daemon.

phys-schost-1# /opt/SUNWcacao/bin/cacaoadm start

9. Restart Sun Cluster Manager.

# /usr/sbin/smcwebserver restart
About

leroyk

Search

Categories
Archives
« April 2014
SunMonTueWedThuFriSat
  
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
   
       
Today