Highlighted
Wazr Frequent Contributor.
Frequent Contributor.
836 views

How do you configure an RCP agent to communicate with OMi via a Virtual IP?

Hi everyone,

We've installed Operations Agent 12.01.020 on a Windows Server 2012 VM, with the direct intention for this to be a Reverse Channel Proxy agent that will forward events through a firewall to an OMi 10.12IP deployment. We then configured the Reverse Channel Proxy as per the admin documentation, so that it could talk to OMi (detailed steps below). The OMi deployment is all on Windows Server 2012, and has a Primary and a Secondary DPS, configured for automatic failover. The OMi environment also has 2 Gateway servers which sit behind a load balanced virtual IP. This allows users and data sources to connect to either gateway through a highly available configuration.

When we configured the Reverse Channel Proxy on the agents, however, we could not find any way to do so through the load balanced VIP. The agents on the OMI Gateway servers seem to only register with the RCP agent via their own hostnames, not the load balanced VIP (see detailed steps below).

This is an issue, because we need to be able to send events to the RCP agent and have them forwarded onto the OMi environment with assurance that they will travel through the load balancer for obvious reasons.

At this point, it would seem that someone needs to send events to the RCP agent and specify that they want to connect to a specific OMi Gateway hostname, not the load balanced VIP which would select the best OMi Gateway automatically.


The big question: How do we configure the RCP to communicate via the Virtual IP?

 

The following is a summary of how we configured the RCP implementation:
1. Install the agent that we intend to be an RCP on a new VM, pointing it to the MANAGER_ID of the OMi deployment.

2. Test that the new agent has connectivity to the OMi deployment via the load balanced VIP.
>bbcutil -gettarget omi-collector-vip.domain.com
Node: omi-collector-vip.domain.com:383 (xx.xx.xx.xx)

3. Issue the certificate request from the to-be-RCP agent, and subsequently grant the request in OMi.

4. Confirm the certificates appear on the to-be-RCP agent.
>ovcert -list
+---------------------------------------------------------+
| Keystore Content |
+---------------------------------------------------------+
| Certificates: |
| exxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx (*) |
+---------------------------------------------------------+
| Trusted Certificates: |
| CA_xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx_2048 |
...
+---------------------------------------------------------+

5. Configure the RCP process.
>ovconfchg -ns bbc.rcp -set SERVER_PORT 50000
>ovcreg -add "%ovinstalldir%\newconfig\DataDir\conf\bbc\ovbbcrcp.xml"
>ovc -kill
>ovc -start
>ovc
ovbbccb OV Communication Broker CORE (964) Running
ovbbcrcp OV RC PROXY COREXT (2564) Running
ovcd OV Control CORE (1520) Running
ovconfd OV Config and Deploy COREXT (5736) Running
>ovbbcrcp -status
Status: OK

6. Confirm we now have a listener on port 50000.
>netstat -a -n -o | findstr 50000
TCP 0.0.0.0:50000 0.0.0.0:0 LISTENING 2564
TCP [::]:50000 [::]:0 LISTENING 2564

7. On the OMi Gateway servers, configure the agent to communicate with the RCP agent.
>ovconfchg -ns bbc.cb -set ENABLE_REVERSE_ADMIN_CHANNELS true
>ovconfchg -ns bbc.cb -set GENERATE_OVEVENT_FOR_FAILED_RC_NODES TRUE
>ovconfchg -ns bbc.cb -set RC_CHANNELS rcp-server.domain.com:50000

8. On the RCP VM, confirm communication is established between the RCP and the OMi Gateways.
>ovbbcrcp -status
Status: OK
(Namespace, Port, Bind Address, Open Sockets)

bbc.rcp 50000 ANY 1

Admin Reverse Channel Connections Accepted
omi-gw-1.domain.com:383 bxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx BBC 12.02.001; ovbbccb 12.02.001
omi-gw-2.domain.com:383 bxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx BBC 12.02.001; ovbbccb 12.02.001

Admin Reverse Channel Connections Opened

Normal Connections
Incoming
localhost:23318 exxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx BBC 12.01.020; ovbbcrcp 12.01.020

Any help anyone can provide is greatly appreciated.

Thanks,
Warren

0 Likes
1 Reply
Micro Focus Expert
Micro Focus Expert

Re: How do you configure an RCP agent to communicate with OMi via a Virtual IP?

Each GW establishes an admin reverse channel to each RCP.  There is a role swap that allows the RCP to talk back to that GW.  There is no communication path from the RCP to the LB.  Therefore you would need to use opr-agt -primmgr to switch an RCP from one GW to another if its GW goes down.  It is described in "Outbound-Only communication with multiple gateway servers" at https://docs.software.hpe.com/OMi/10.62/Content/OMi/AdminGuide/BBC/bbc_configuring_outbound-only_communication.htm.

CP.

0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.