I think you need to first make sure the Service Node is setup correct. This is a manual process in the mixed cluster environment.
Can you use xdsh to the service node? This will only work if the ssh keys have be setup correctly. Run the following: xdsh service date. If this hangs then run and answer the password prompt. It will setup the ssh keys for you. You must have a password assigned to root on the service node. xdsh service -K If this is successful, then you should be able to run xdsh service date and get the date back. This error indicates the SSL credentials are not correct on the Service NOde. "Verify that the xcatd daemon is running and that your SSL setup is correct. Error dispatching request to lnx0001a:3001: Connection failure: IO::Socket::SSL: SSL connect attempt failed because of handshake problemserror:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca " To get the SSL credentials correct on the service node, do the following: On the mangement node: scp /etc/xcat/ca/ca-cert.pem aix002a:/etc/xcat/ca/ca-cert.pem scp /etc/xcat/cert/ca.pem aix002a:/etc/xcat/cert/ca.pem scp /etc/xcat/cert/server-cred.pem aix002a:/etc/xcat/cert/server-cred.pem Now on the service node, start the xcatd daemon restartxcatd or from the Management Node, run xdsh aix002a "/opt/xcat/sbin/restartxcatd" Can you access the database from the service node? From the Management Node run: xdsh aix002a "/opt/xcat/bin/lsxcatd -a" You can create an /etc/xcatinfo file yourself on the Service Node. I have found in the mixed cluster most service node setup is manual. Substitute your Management NOde name can be resolved from the Service NOde. On aix0002a: vi /etc/xcatinfo and add this one line XCATSERVER=xcatmn1.cluster.com exit chmod 0644 /etc/xcatinfo If all that works, then try the xcat2nim command again. Also give us an lsxcatd -a from the Management node and a lsdef aix002a Lissa K. Valletta 2-3/T12 Poughkeepsie, NY 12601 (tie 293) 433-3102 From: [email protected] To: xCAT Users Mailing list <[email protected]> Date: 03/29/2012 06:53 AM Subject: Re: [xcat-user] xcat linux and nim Hi There's no /etc/xcatinfo on the SN. There are: -rw-r--r-- 1 root system 95 2012-03-09 16:09 /etc/xCATSN drwxr-xr-x 5 root system 4096 2012-03-28 17:11 /etc/xcat/ -rw-r--r-- 1 root system 536 2012-03-28 16:58 /etc/xtab -rw-r--r-- 1 root system 0 2010-04-06 11:04 /etc/xtabdu site.nimprime is set to "nimprime","aix0113a",, xcat2nim output on the xcat linux mgmt server: xcat2nim -t node aix0002a Error: lnx0001a: Could not create a NIM definition for 'aix0002a'. Error: lnx0001a: One or more errors occured. Error: Return=1. xcatd -f output on xcat linux mgmt server: xCAT: Allowing xcat2nim to aix0002a -t node aix0002a for ruxi003 from loopback xCAT: Allowing lsxcatd -d for root from loopback sh: lsnim: command not found looks like it tries to run lsnim on linux -- Mit freundlichen Grüßen / Best Regards Matthias Merk Von: Bruce M Potter <[email protected]> An: xCAT Users Mailing list <[email protected]> Datum: 29.03.2012 12:22 Betreff: Re: [xcat-user] xcat linux and nim Also, did you run the xcat2nim command on the xcat linux mgmt server, or on the aix NIM server? You should run it from the xcat linux mgmt svr. *Theoretically* it should also work from the NIM svr, but we hardly ever test that. When you run it on the xcat linux mgmt svr, xcatd will do some prep work and then should send the request to xcatd on the nim svr. Bruce Potter STSM, Linux & AIX Cluster Development, IBM, Poughkeepsie, NY Email: [email protected] Phone: external: 845-433-7073, internal: TL 293-7073 Guang Cheng Li ---03/29/2012 05:32:43 AM---HI, Could you check if the /etc/xcatinfo on the AIX service node has the From: Guang Cheng Li <[email protected]> To: xCAT Users Mailing list <[email protected]> Cc: xCAT Users Mailing list <[email protected]> Date: 03/29/2012 05:32 AM Subject: Re: [xcat-user] xcat linux and nim HI, Could you check if the /etc/xcatinfo on the AIX service node has the xcatserver info? Something like: p5n03:/#cat /etc/xcatinfo XCATSERVER=c84n01.clusters.com Has you set the site.nimprime attribute? I think the xcat2nim commands should be run on the management node. Thanks, ------------------------------------------------------------------------- Li,Guang Cheng (李光成) IBM China System Technology Laboratory Email: [email protected] Address: Building 28, ZhongGuanCun Software Park, No.8, Dong Bei Wang West Road, Haidian District Beijing 100193, PRC 北京市海淀区东北旺西路8号中关村软件园28号楼 邮编: 100193 Matthias.Merk---2012-03-29 16:54:39---Hi, [email protected] 2012-03-29 16:53 Please respond to xCAT Users Mailing list <[email protected]> To xCAT Users Mailing list <[email protected]> cc Subject Re: [xcat-user] xcat linux and nim Hi, Thanks for the link. Everthing is in the hosts file on both nodes, i can ssh from mn to sn and vice versa using their hostnames. does it have to be in the dns? The aix service node is able to resolve the hostname of the mn. on another note i tried "xcat2nim" on the sn with the following result: Unable to open socket connection to xcatd daemon on lnx0001a:3001. Verify that the xcatd daemon is running and that your SSL setup is correct. Error dispatching request to lnx0001a:3001: Connection failure: IO::Socket::SSL: SSL connect attempt failed because of handshake problemserror:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca at /opt/xcat/lib/perl/xCAT/Client.pm line 159. -- Mit freundlichen Grüßen / Best Regards Matthias Merk Guang Cheng Li <[email protected]> schrieb am 29.03.2012 10:38:24: > Von: Guang Cheng Li <[email protected]> > An: xCAT Users Mailing list <[email protected]> > Kopie: xCAT Users Mailing list <[email protected]> > Datum: 29.03.2012 10:40 > Betreff: Re: [xcat-user] xcat linux and nim > > HI, > > xdsh could work for non-root users, but for updatenode, you will > have to be root. https://sourceforge.net/apps/mediawiki/xcat/ > index.php?title=Granting_Users_xCAT_privileges gives some > instructions on the non-root users within xCAT cluster. > > For the problem you are seeing, seems to me that this is related to > the DNS hostname resolution, could the aix service node resolve the > MN hostname? > > Thanks, > ------------------------------------------------------------------------- > Li,Guang Cheng (李光成) > IBM China System Technology Laboratory > Email: [email protected] > Address: Building 28, ZhongGuanCun Software Park, > No.8, Dong Bei Wang West Road, Haidian District Beijing 100193, PRC > > 北京市海淀区东北旺西路8号中关村软件园28号楼 > 邮编: 100193 > > [Bild entfernt] Matthias.Merk---2012-03-29 15:11:42---Nevermind the > ssh issue - i didn't get that it's always root's key. > > [email protected] > 2012-03-29 15:10 > > Please respond to > xCAT Users Mailing list <[email protected]> > > [Bild entfernt] > To > > [Bild entfernt] > xCAT Users Mailing list <[email protected]> > > [Bild entfernt] > cc > > [Bild entfernt] > > [Bild entfernt] > Subject > > [Bild entfernt] > Re: [xcat-user] xcat linux and nim > > [Bild entfernt] > > [Bild entfernt] > > > Nevermind the ssh issue - i didn't get that it's always root's key. > Is it possbile to get xdsh and updatenode to work each users key or does > it have to be root's key? > > But i ran into another problem with updatenode: > $ updatenode aixservice -P > aix0113a: Thu Mar 29 09:02:28 MSZ 2012 xcataixpost: Could not determine > server name. > > > > TIA > > -- > Mit freundlichen Grüßen / Best Regards > > Matthias Merk > > [email protected] schrieb am 29.03.2012 08:41:14: > > > Von: [email protected] > > An: xCAT Users Mailing list <[email protected]> > > Datum: 29.03.2012 08:42 > > Betreff: Re: [xcat-user] xcat linux and nim > > > > Hi, > > > > So far so good - i got to the point where the nim is a service partition > > > and is able to access the management nodes mysql database remotely. > > One problem i have is that "updatenode aixservice -P" isn't working -> " > > Error: aix0113a: Permission denied (publickey)." > > But i'm able to ssh into the node via agent forwarding. (agent runs on > my > > workstation and i connect to the management node) > > > > In sshd debug output > > debug1: Could not open authorized keys '/etc/ssh/root_keys': A file or > > directory in the path name does not exist. > > > > I tried putting my key in /etc/ssh/root_keys to no avail. > > > > xdsh gives me the same error. it seems that it's not using my key. > > $ xdsh aixservice date > > aix0113a: Permission denied (publickey). > > > > sshd debug: > > > > debug1: trying public key file /etc/ssh/ruxi003_keys > > debug1: fd 5 clearing O_NONBLOCK > > debug3: secure_filename: checking '/etc/ssh' > > debug3: secure_filename: checking '/etc' > > debug3: secure_filename: checking '/' > > debug2: key_type_from_name: unknown key type 'no-port-forwarding' > > debug3: key_read: missing keytype > > debug2: user_key_allowed: check options: 'no-port-forwarding ssh-rsa > > <...key...>' > > debug1: restore_uid: 0/0 > > debug2: key not found > > Failed publickey for ruxi003 from 192.168.121.16 port 44687 ssh2 > > debug1: audit event euid 0 user ruxi003 event 6 (SSH_failpubkey) > > debug1: Return Val-1 for auditproc:0 > > debug3: mm_answer_keyallowed: key 200901e8 is not allowed > > debug1: Failed to collect Cookie from Keystore > > > > any ideas? > > > > TIA > > -- > > Mit freundlichen Grüßen / Best Regards > > > > Matthias Merk > > > > > > > > Von: Guang Cheng Li <[email protected]> > > An: xCAT Users Mailing list <[email protected]> > > Kopie: [email protected] > > Datum: 21.02.2012 09:35 > > Betreff: Re: [xcat-user] xcat linux and nim > > > > > > > > HI, > > > > The Linux/AIX mixed configuration should work with xCAT but not formally > > > supported, someone in the team has verified this configuration and > > documented the steps at > > https://sourceforge.net/apps/mediawiki/xcat/index.php?title=Linux/ > > AIX_mixed_cluster_configuration > > and > > https://sourceforge.net/apps/mediawiki/xcat/index.php? > > title=Mixed_Cluster_Support_for_SLES > > , but there is no guarantee that it could work perfectly, there might be > > > bugs. If you would like to have a try, go ahead. if you run into any > > problems, please post the issues and questions on mailing list and we > can > > assist. > > > > Thanks, > > > ------------------------------------------------------------------------- > > Li,Guang Cheng (李光成) > > IBM China System Technology Laboratory > > Email: [email protected] > > Address: Building 28, ZhongGuanCun Software Park, > > No.8, Dong Bei Wang West Road, Haidian District Beijing 100193, PRC > > > > 北京市海淀区东北旺西路8号中关村软件园28号楼 > > 邮编: 100193 > > > > Matthias.Merk---2012-02-21 16:28:44---Hello > > > > [email protected] > > 2012-02-21 16:26 > > > > Please respond to > > xCAT Users Mailing list <[email protected]> > > > > > > > > > > To > > > > [email protected] > > > > cc > > > > > > Subject > > > > [xcat-user] xcat linux and nim > > > > > > > > > > > > Hello > > > > I'm running xcat (2.6.9) on SLES11 and an extra NIM server on AIX 6.1 in > > > the same network. The xcat server is where all our admins connect and > > manage servers with rpower, rcons etc. It is configured to managed both > > x86-blades and power hardware. > > > > Is it possible to service all LPARs with nim through xcat on the linux > > server eg. install a aix lpar via nim by issuing a rinstall on the linux > > > xcat server? > > If so is there a document or could you point me in the right direction? > > > > TIA > > > > -- > > Mit freundlichen Grüßen / Best Regards > > > > Matthias Merk > > ---------------- > > Disclaimer: > > Diese Nachricht dient ausschließlich zu Informationszwecken und ist nur > > für den Gebrauch des angesprochenen Adressaten bestimmt. > > > > This message is only for informational purposes and is intended solely > for > > > > the use of the addressee. > > ---------------- > > > > > ------------------------------------------------------------------------------ > > Keep Your Developer Skills Current with LearnDevNow! > > The most comprehensive online learning library for Microsoft developers > > is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3, > > Metro Style Apps, more. Free future releases when you subscribe now! > > http://p.sf.net/sfu/learndevnow-d2d > > _______________________________________________ > > xCAT-user mailing list > > [email protected] > > https://lists.sourceforge.net/lists/listinfo/xcat-user > > > > [Anhang "pic10904.gif" gelöscht von Matthias Merk/ARZ/AT] > > > ------------------------------------------------------------------------------ > > Keep Your Developer Skills Current with LearnDevNow! > > The most comprehensive online learning library for Microsoft developers > > is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3, > > Metro Style Apps, more. Free future releases when you subscribe now! > > http://p.sf.net/sfu/learndevnow-d2d > > _______________________________________________ > > xCAT-user mailing list > > [email protected] > > https://lists.sourceforge.net/lists/listinfo/xcat-user > > > > > > ---------------- > > Disclaimer: > > Diese Nachricht dient ausschließlich zu Informationszwecken und ist nur > > für den Gebrauch des angesprochenen Adressaten bestimmt. > > > > This message is only for informational purposes and is intended solely > for > > the use of the addressee. > > ---------------- > > > ------------------------------------------------------------------------------ > > This SF email is sponsosred by: > > Try Windows Azure free for 90 days Click Here > > http://p.sf.net/sfu/sfd2d-msazure > > _______________________________________________ > > xCAT-user mailing list > > [email protected] > > https://lists.sourceforge.net/lists/listinfo/xcat-user > > ---------------- > Disclaimer: > Diese Nachricht dient ausschließlich zu Informationszwecken und ist nur > für den Gebrauch des angesprochenen Adressaten bestimmt. > > This message is only for informational purposes and is intended solely for > the use of the addressee. > ---------------- > ------------------------------------------------------------------------------ > This SF email is sponsosred by: > Try Windows Azure free for 90 days Click Here > http://p.sf.net/sfu/sfd2d-msazure > _______________________________________________ > xCAT-user mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/xcat-user > [Anhang "pic25062.gif" gelöscht von Matthias Merk/ARZ/AT] > ------------------------------------------------------------------------------ > This SF email is sponsosred by: > Try Windows Azure free for 90 days Click Here > http://p.sf.net/sfu/sfd2d-msazure > _______________________________________________ > xCAT-user mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/xcat-user ---------------- Disclaimer: Diese Nachricht dient ausschließlich zu Informationszwecken und ist nur für den Gebrauch des angesprochenen Adressaten bestimmt. This message is only for informational purposes and is intended solely for the use of the addressee. ---------------- ------------------------------------------------------------------------------ This SF email is sponsosred by: Try Windows Azure free for 90 days Click Here http://p.sf.net/sfu/sfd2d-msazure _______________________________________________ xCAT-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/xcat-user [attachment "pic25950.gif" deleted by Bruce M Potter/Poughkeepsie/IBM] ------------------------------------------------------------------------------ This SF email is sponsosred by: Try Windows Azure free for 90 days Click Here http://p.sf.net/sfu/sfd2d-msazure _______________________________________________ xCAT-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/xcat-user ------------------------------------------------------------------------------ This SF email is sponsosred by: Try Windows Azure free for 90 days Click Here http://p.sf.net/sfu/sfd2d-msazure _______________________________________________ xCAT-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/xcat-user ---------------- Disclaimer: Diese Nachricht dient ausschließlich zu Informationszwecken und ist nur für den Gebrauch des angesprochenen Adressaten bestimmt. This message is only for informational purposes and is intended solely for the use of the addressee. ---------------- ------------------------------------------------------------------------------ This SF email is sponsosred by: Try Windows Azure free for 90 days Click Here http://p.sf.net/sfu/sfd2d-msazure _______________________________________________ xCAT-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/xcat-user ------------------------------------------------------------------------------ This SF email is sponsosred by: Try Windows Azure free for 90 days Click Here http://p.sf.net/sfu/sfd2d-msazure _______________________________________________ xCAT-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/xcat-user
