Enable Secure Cluster Feature in Veritas InfoScale Enterprise 7 (VCS)

If you have already installed and setup your Veritas cluster and forget to configure it in secure mode, then this tutorial can be of great help. In this tutorial we will guide you how to enable a secure cluster mode in Veritas InfoScale Enterprise 7 in a 2 node cluster.

First of all you should know that to turn ON secure cluster option in your cluster, your cluster will restart and all the previously added user to your cluster configuration will go, so you should plan this activity accordingly and take proper BACKUP’s.

 

Enable Secure Cluster Feature in Veritas InfoScale Enterprise 7 (VCS)

 

Prerequisites for Enabling Secure Cluster Mode in VCS

1. Two node cluster.

2. Cluster should be running. Running state can be checked using “hasys -state” or “hastatus -sum”.

3. Verify if cluster is already running as a secure cluster or not.

[root@node1 ~]# haclus -value SecureClus
0
[root@node1 ~]# 

 

Enabling Secure Cluster Mode in Veritas Cluster Server

 

Now, once you have done some brainstorming, follow below steps to enable a secure cluster feature on your Veritas Cluster server. Here, we are using Veritas latest product Veritas InfoScale Enterprise 7 with Red Hat Linux 6.

Login to any one of the node of the cluster and enter below commands.

 

[root@node1 ~]# hasys -state
#System    Attribute               Value
node1       SysState                RUNNING
node2       SysState                RUNNING
[root@node1 ~]#


[root@node1 ~]# /opt/VRTS/install/installer -security


        Veritas InfoScale Enterprise 7.1 Configure Program                                        

Copyright (c) 2016 Veritas Technologies LLC. All rights reserved. 
Veritas and the Veritas Logo are trademarks or registered trademarks of 
Veritas Technologies LLC or its affiliates in the U.S. and other countries. 
Other names may be trademarks of their respective owners.

The Licensed Software and Documentation are deemed to be 
"commercial computer software" and "commercial computer software documentation" 
as defined in FAR Sections 12.212 and DFARS Section 227.7202.

Logs are being written to /var/tmp/installer-201701280531qrp while 
installer is in progress.

Enter the name of any system in the cluster to configure secure mode: node1

Checking communication on node1 .............................................. Done
Checking release compatibility on node1 ...................................... Done
Checking InfoScale Enterprise installation on node1 ............. Version 7.1.0.000

	

     Veritas InfoScale Enterprise 7.1 Configure Program                                        

Cluster information verification:

Cluster Name: got
Cluster ID Number: 100
Systems: node1 node2

Would you like to configure secure mode on the cluster? [y,n,q] (y) y

Checking communication on node1 ............................................ Done
Checking release compatibility on node1 .................................... Done
Checking InfoScale Enterprise installation on node1 ........... Version 7.1.0.000
Checking communication on node2 ............................................ Done
Checking release compatibility on node2 .................................... Done
Checking InfoScale Enterprise installation on node2 ........... Version 7.1.0.000
Checking configured component .............................................. Done


      Veritas InfoScale Enterprise 7.1 Configure Program                                        

Following cluster information detected:

Cluster Name: got
Cluster ID: 100
Systems: node1 node2
Service Groups: ClusterService appsg mysg vxfen

Note that all user configurations about this cluster will be deleted during 
this transformation. The command 
'/opt/VRTSvcs/bin/hauser' can be used to create cluster user manually.

Do you want to enable secure mode in this VCS cluster? [y,n,q] (y) 

Do you want to grant read access to everyone? [y,n,q,?] (n) 

Do you want to provide any usergroups that you would like 
to grant read access? [y,n,q,?] (y) n



      Veritas InfoScale Enterprise 7.1 Configure Program                                        

Restarting VCS with secure mode enabled:

Deleting cluster users for VCS ............................................ Done
Configuring a secure cluster for VCS ...................................... Done
Stopping VCS .............................................................. Done
Updating VCS configuration ................................................ Done
Starting VCS on node1 ..................................................... Done
Starting VCS on node2 ..................................................... Done
Confirming VCS startup ....................................... 2 systems RUNNING

Security is successfully enabled

installer log files, summary file, and response file are saved at:

/opt/VRTS/install/logs/installer-201701280531qrp

Would you like to view the summary file? [y,n,q] (n) 

 

This is how you can enable secure cluster feature on your Veritas high availability cluster. If anything fails, then you will see it and also it will be logged to logs, which can be reviewed later. If you need our help in any step, do comment below.

 

Verifying Secure Cluster Mode is ON or NOT

After you have configured your Veritas cluster as shown above, just check if it is actually enabled and working. Below command verifies that secure cluster is now enabled in our two node cluster.

 

[root@node1 ~]# haclus -value SecureClus
1
[root@node1 ~]# grep -i SecureClus /etc/VRTSvcs/conf/config/main.cf
        SecureClus = 1
[root@node1 ~]#
[root@node1 ~]# cat /etc/redhat-release
Red Hat Enterprise Linux Server release 6.5 (Santiago)
[root@node1 ~]#

 

Hope this article was helpful to you and know you will able to configure your VCS cluster in secure mode more confidently. Let us know in case you need any help and we would be happy to help you.

Also, don’t forget to subscribe to our blog for more such tutorials by Email. Yes, it’s FREE.

Buy me a coffeeBuy me a coffee

Add Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.