Cybersecurity
DevOps Cloud (ADM)
IT Operations Cloud
Download the pdf of this article here.
Please keep in mind this is not the only method or set of guides that can be used. Each environment is unique and different. Our setup consists of three different sets of servers. We have non-clustered NetWare servers on HP BL460c blades. We have a 16-node NCS NetWare Cluster on the same set of blades. Lastly, we have about 35 servers (HP DL385) in our regional offices. As such, each server type required a slightly different approach.
We found that because we have a large number of home directories and ZEN NAL app objects, as well as IDM in use that all of our migrations would be done using the ID Transfer scenario. The exception to this is our NCS Cluster (which has not been done yet). Because the majority of our regional servers also have GroupWise on them, we figured it would be quicker to just migrate all the services and then do an ID Transfer. As such, this is a variation on a theme.
As always, TEST, and TEST some more. Use whatever method works best for you, preferably one that is supported.
I've tried to remove all server names, IP addresses, and incriminating evidence.
First, if this is a dual-SAN connected server, make sure to disconnect the secondary path and only run the setup with the first connection. There are many ways to install OES2.
We find it faster to install from the network, after we boot from the SLES 10 SP2 DVD. However, you can also use the local DVD/CD drive, or for the blade servers, use the HP ILO to accomplish the same thing (although ILO is limited to 100MB connection, so it's usually faster to boot from the virtual DVD, and pull the install DVD/CD info from the Linux server we setup as an install source). If you are using the CD/DVD method, please use the SLES 10 SP2 DVD media (to avoid CD swapping). The OES install is only on CD.
If using the media, boot from the SLES 10 SP2 media, select Installation and hit Enter. Then you can skip to page 2. Currently we are only using OES2 SP1 32-bit codebase.
On page 6, you would modify the instructions so that you select CD for the OES2 SP1 CD media (if using the local CD/DVD drive or HP ILO virtual media).
Alternative boot method:
Ie: install=nfs://slesadmin.abc.com/install/SLES10SP2_32/CD1 hostip=192.168.10.9 netmask=255.255.255.0 gateway=192.168.1.1 nameserver=192.168.10.10
Next
Check the "include add-on products" and click Next
Click Add
Click NFS
Then click Next.
Click OK
Click Yes, and then Next.
Click Next
Set the "Hardware Clock Set To" to Local Time (this means you're telling it what the CMOS clock is set to, and on the HP Blades, it's ALWAYS local time). Make sure USA And Eastern are set as well and click Next. Later we'll configure for NTP time.
Click Partitioning (we need to change some stuff).
Click "Create Custom Partition Setup" and then click Next (what you see on the next screen may vary depending on if this is a dual-pathed Blade or the standalone regional servers).
Why do we do this? We don't like to setup one big LUN (virtual disk, logical drive, whatever your RAID hardware calls it) for / (root partition) using Reiserfs.
With OES2, you ALWAYS want to setup a dedicated LUN for your "boot" code, and leave a separate LUN for NSS (if using NSS). NEVER allocate all your disk space to one LUN. Think of this as NetWare, in the sense that you had your DOS partition separate from NetWare partitions, and SYS volume separate from your other volumes.
Select Custom Partitioning and then click Next.
We have two LUNs here. A "boot" LUN (the 15.0 GB LUN) and a secondary LUN for NSS volumes. We are only going to setup the boot LUN for now.
Click Create.
Select 1: /dev/sda and click OK. (the naming will change depending upon your hardware)
Select Primary Partition and click OK
Make sure to set the file system to Ext3 and the size to 1.0 GB and the mount to /boot
Click OK
Click Create
Choose 1: /dev/sda and click OK
Choose Primary Partition and click OK
Change "file system" to Swap.
Set to 2GB and click OK (don't forget the mount point of swap)
Click Create and Primary Partition again.
Change file system to Ext3 and let it use the rest of the LUN and mount point is /
Click Finish as I'm not sure what other partitions to make at this point. You can only have 4 Primary Partitions in Linux/OES (per disk/device/LUN).
We're going to leave LUN #2 alone for now. This will be used later for NSS/EVMS volumes.
Click Finish
Click Software
Always uncheck the Novell AppArmor. For OES it will depend upon what type of install you are doing (there's other docs I'm preparing for Migration scenarios). However, ALL OES2 servers should have the following items selected:
Depending upon your server (new install vs. migration) you may also check the "Novell Pre-Migration Server). For a new server install you would NOT check that box. We choose to install NSS even if we aren't going to use it right away (again, never know when you may want/need it). I find the NCP server handy so that you can use native Linux EXT3 partitions and attach to them with Windows PC's via the Novell Client (as opposed to having to muck around with SAMBA configurations). This also adds NCP file locking if using GroupWise and the ConsoleOne Windows Management snapins.
For an Identity Transfer operation (migration), make sure that you selected the Pre-Migration Server option.
Depending on the server you are transferring, you may have to select iPrint and DHCP, in addition to other items. Scroll down and make sure you selected NSS.
I also install the C Compiler tools because you never know when you may need them.
(Most notably on Vmware, or if using the HP Proliant Support Pack--because it installs non-kernel drivers sometimes and therefore you need the Compiler to recompile the kernel for non-stock drivers).
Click Accept.
Click Accept again.
Click Accept again.
Click Install
Wait for it to create the partitions
It should reboot and launch the rest of the install
Enter in the password. This should be diff. than the eDirectory Admin password. Click Next.
Uncheck the "change hostname via DHCP". We don't give out DHCP in the server room. Follow your standard naming convention.
You must enter a TEMPORARY name here. I suggest a format of:
Temp-oldserver (ie: temp-buff, temp-dis03, etc.)
Click Next.
Set firewall to disabled (for now).
Also Disable IPv6. I've had issues with it in the past.
Click Network Interfaces
On the Blade servers, the first HP NIC is the "primary" one. (For the standalone servers with pass-through boards). You must double-check by looking at ILO for the MAC address and comparing to what SLES shows.
Sometimes Linux assigns the NIC in reverse order (ie, 2nd NIC will be eth0, 1st NIC will be eth1). Make sure to find the MAC address of the NIC and compare against what Linux finds (click Edit and you can go to the Advanced section and verify the hardware address). Otherwise you may THINK that first NIC listed is the primary NIC (eth0) and it's not. Then your install fails later because of this. Alternatively you can disable the secondary NIC in the BIOS and re-enable it later.
Set the IP and Netmask.
Click Hostname and Name Server
You must use a TEMPORARY IP address. When the migration is finished, the temporary server name and IP will be removed automatically from the OES2 server.
Enter the appropriate DNS servers and click OK (double-check that hostname and domain are still correct).
Click the Routing button
Enter the default gateway and click OK (obviously the gateway can differ depending on where the server is installed).
Click Next
I believe it puts the "configured" NIC on the top now, even though we hopefully configured the second one. Click Next.
Select the VNC Remote Administration so that it is enabled. We choose to use this so that we can use the NRM (Novell Remote Manager) VNC Consoles option. ILO will work as well, albeit slower (and the mouse cursor has issues until you install the HP drivers).
Click Next.
We may change the Proxy section later.
I usually skip the test.
(because it won't work unless it goes through the proxy anyway).
Click Next
DO NOT use LDAP with OES. OES uses it's own LDAP server (eDirectory). You CANNOT use OpenLDAP and eDir at the same time.
For this, we'd install into the existing tree. Insert the proper tree name. (Assuming you are installing into an existing environment, vs. a brand new install).
I also uncheck the Require TLS for Simple Binds. It tends to cause issues if you don't uncheck it.
Click Next.
Input the IP of: 192.168.10.5
That's the DS Master replica server. Enter the admin userid in LDAP format and the password.
Click Next.
Be careful here. Enter the server context in LDAP format (there's no browse button, so you have to know where the server will be installed to). I leave everything else the same.
We may change the DIB location later, not sure yet.
Click Next.
For now, I pointed to the Unix server for time. That should be okay since the netware server also points to that to get time. Be sure to enter the SLP information and add both IP's in there. Click Next.
I leave these as-is. Click Next.
I click Next here.
Now wait a long time for this and iManager to install.
For now we leave this local. We may change to LDAP later, but unsure (plus there's a LUM module in OES as well). Basically this means that any accounts created on this Linux server are ONLY stored on this server (same for passwords). We don't plan on creating other "local only" accounts.
Click Next.
Click Next
Click Yes.
Click Next.
Click Next.
We can always clone it for autoyast later, but until we get all the specifics ironed out, I'm unchecking this and click Finish.
Technically at this point, you are finished with the install. However, it is STRONGLY advised that you patch the server before:
Once the server is up and running, before creating any NSS partitions or enabling Multi-pathing, we need to apply updates. We have setup an SMT (Subscription Management Tool) server on Linux (the same server that hosts our install media and our Auto-yast configurations). SMT is a patch "proxy" server that downloads all the patches from the Novell Customer Center (NCC) so that we don't have to configure every server to download these patches from the internet. Instead, we point the servers to the SMT server. Think of it as a "lite" version of Patchlink for Linux/OES2.
You may either use the SLES/OES2 server to get the SMT conf file or you can use WinSCP and copy it from your PC to the SLES/OES2 server.
Once you have the script from the SMT server:
Type:
chmod x clientSetup4SMT.sh
Now type:
./clientSetup4SMT.sh –host smt.abc.com
That's a " - -" (dash dash without a space) in front of the host line
Hit Enter
Y
Then type:
suse_register
Hit Enter and wait
The icon will normally be orange.
Click it.
It will usually come up and tell you a few patches to update. Update those (this updates the ZMD process itself).
If it needs a reboot, it will tell you.
Wait a little while longer (or reboot if you want) and then it'll usually come up with a list of about 248 packages to update.
The default list will contain security patches first, followed by "mandatory/recommended" patches to SLES10 and OES2.
I usually apply those (reboot needed I believe)
After that, you'll usually get a GREEN icon like above. I do NOT apply the optional patches.
This section is how to enable multi-pathing (MPIO) when booting from the SAN. As you can see, we have two paths.
Now, we follow TID