Clusters must be able to authenticate to themselves and to peer clusters. In order for one cluster to connect to a second cluster, the first cluster must be able to authenticate to the second cluster. For each node, add the authentication credentials (user name and password) of the user that the selected cluster will use to authenticate to a selected peer cluster.
Configure peer cluster credentials on one node in each peer cluster in the business continuity cluster:
Log in as the root user on the cluster node where you want to add peer credentials in this cluster, then open a terminal console.
You can use any node in the cluster to specify credentials.
At the command prompt, enter
cluster connections <cluster_name>
For example, this lists the BCC peer clusters and credential information. At this point, the credentials have not been provided and are reported as invalid.
cluster connections cluster1 Connection status for cluster: cluster1 Cluster Name Username Connection Status cluster1 <unknown> Invalid Credentials cluster2 <unknown> Invalid Credentials
Verify that all clusters are present in the list.
If the clusters are not present, the Identity Manager drivers are not synchronized.
If synchronization is in progress, wait for it to complete, then try cluster connections again.
If you need to synchronize, see Synchronizing Identity Manager Drivers.
For each cluster in the list, enter the following command at the command prompt, then enter the bccadmin user name and password when you are prompted:
cluster credentials <cluster_name>
For example, issue the command once for each peer cluster:
cluster credentials cluster1 Enter the credentials for the specified cluster. Press CTRL+C to cancel. Username: bccadmin Password: Please wait... The credentials for cluster cluster1 have been saved. cluster credentials cluster2 Enter the credentials for the specified cluster. Press CTRL+C to cancel. Username: bccadmin Password: Please wait... The credentials for cluster cluster2 have been saved.
If you created different BCC Administrator users for each peer cluster, you will provide the respective credentials for each cluster.
Verify that the peer clusters are recognized as being members of the same BCC. Enter the cluster connections command and cluster view command to view the status.
For example, on cluster1:
cluster connections cluster1 Connection status for cluster: cluster1 Cluster Name Username Connection Status cluster1 bccadmin OK cluster2 bccadmin OK cluster view Cluster cluster1 This node c1_node1 [epoch 1 master node c1_node2] Cluster nodes [c1_node1, c1_node2] BCC peer clusters [cluster1, cluster2]
If you created different BCC Administrator users for each peer cluster, each peer cluster would report a different user name in the cluster connections command.
NOTE:If the cluster view report shows only one peer cluster instead of showing all the peer clusters, execute the command cluster refresh -p on that node. For more information, Section 10.2.1, Incorrect Status in the Cluster View Report After Enabling BCC on Peer Clusters.
Add the BCC Administrator user to the ncsgroup for the cluster. Repeat the following steps for every node in the peer cluster:
As the root user, open the /etc/group file in a text editor.
Locate the line that reads ncsgroup, then modify it to include the bccadmin user.
For example, change
ncsgroup:!:107:
to
ncsgroup:!:107:bccadmin
For example, change
ncsgroup:!:107:bccd
to
ncsgroup:!:107:bccd,bccadmin
The file should contain one of the above lines, but not both.
Notice the group ID number of the ncsgroup. In this example, the number 107 is used. This number can be different for each cluster node.
Save the /etc/group file.
At the server console prompt, enter the following to verify that the bccadmin user is a member of the ncsgroup.
id bccadmin
Repeat the previous steps on a node in each peer cluster in turn.
The nodes in the other peer clusters know about the peer clusters, but they do not yet have the credentials needed to connect.
(Optional) Use iManager to verify that the peer clusters are communicating their status.
Log in to iManager as the BCC administrator.
Select Clusters > My Clusters.
BCC-enabled clusters are identified by a check in the BCC column.
Click the cluster name of a peer cluster.
Select the BCC Manager tab.
The connection status is good for this peer cluster. There are no BCC-enabled resources at this time.
Return to the My Clusters page, select another peer cluster, then go to its BCC Manager tab.
The connection status is good for the other peer cluster. There are no BCC-enabled resources at this time.