Configuring the   rsh services in aix.

Step 1

 uncomment the following line in "/etc/inetd.conf"

shell   stream  tcp6    nowait  root    /usr/sbin/rshd         rshd



#  vi /etc/inetd.conf



## service  socket  protocol  wait/  user    server    server program
##  name     type             nowait         program     arguments
##
ftp     stream  tcp6    nowait  root    /usr/sbin/ftpd         ftpd
telnet  stream  tcp6    nowait  root    /usr/sbin/telnetd      telnetd -a 

shell   stream  tcp6    nowait  root    /usr/sbin/rshd         rshd


step 2
After making the changes in " /etc/inetd.conf" , you need to refresh the  inetd deamon.

  # refresh -s inetd

Step 3

 
Add the hosts from where you want to connect  to the   .rhosts  file  of the server






#  cd   ~

# vi .rhosts

server1
server2
server3










Kindly check  the permissions of this file also, it should be 600.

* Make sure that both files (/etc/hosts.equiv  & /.rhosts) have
permissions of 600; they're ignored otherwise.

  For non-root user's you need  to add  the hosts in the /etc/hosts.equiv  file.

 /.rhosts is used for  root rsh attempts.

password-less  ssh   authentication

why to use it?

1. suppose you are a system admin and you jump from 1 server to another frequently. that means that everytime you jump you have to give the password. that can be tough if the password's are complex .

2. Suppose you are scheduling the cron jobs and backup scripts which needs to login to remote servers. In this situation you can use this password-less  authentication .


How to configure the passwordless  ssh authentication ?

Step 1: .. Firstly we need to create  public and private keys using "ssh-key-gen" command  on server1.



[abhi@server1] $   ssh-keygen

Generating public/private rsa key pair.
Enter file in which to save the key (/home/abhi/.ssh/id_rsa):[Enter key]
Enter passphrase (empty for no passphrase): [Press enter key]
Enter same passphrase again: [Pess enter key]
Your identification has been saved in /home/abhi/.ssh/id_rsa.
Your public key has been saved in /home/abhi/.ssh/id_rsa.pub.

The key fingerprint is:
34:b3:de:af:56:68:18:18:34:d5:de:67:2fdf2:35:g7 abhi@server1

This command will  create two files in ".ssh" directory inside your's home directory (in this case it will  be /home/abhi/.ssh)


 1.   id_rsa 
 2.   id_rsa.pub --  this file will contain the public/private   key.


Step 2: You need  to Copy the public key to  the second server(let it's  ip be 192.168.20.1)   using "ssh-copy-id" command.

[abhi@server1] $ ssh-copy-id -i  ~/.ssh/id_rsa.pub  192.168.20.1

abhi@server2's password:
Now try logging into the machine, with "ssh 'remote-host'", and check in:

.ssh/authorized_keys

to make sure we haven't added extra keys that you weren't expecting.

Note: ssh-copy-id appends the keys to the remote-host’s .ssh/authorized_key.

Step 3: Login to remote-host(192.168.20.1) without entering the password
 
[abhi@server1]  $ ssh  192.168.20.1
Last login: Sun April16 12:18:12 2012 from 192.168.20.1







it dosesn't ask's for password.


cheers                                                                                                                                                                              

asynchronus I/O (aioserver)

creating raw logical volumes

Any logical volume that doesn't have filesystem on it is raw logical volume.

some applications like oracle,informix needs and  uses  raw`LV's.

***Every logical volume you are creating will have two entries in /dev  directory i.e. one block device and one character device.

suppose yours application team asks for some raw LV'S . i.e. oracle team.

step1:  let me create one LV named "list"

 step 2: goto /dev  directory and check that device files are available.

 #cd /dev


# ls -l list
brw-rw----   1 root     system       10, 11 Oct 04 15:27 list
# ls -l rlist
crw-rw----   1 root     system       10, 11 Oct 04 15:27 rlist
#

here we see that the block device is having the name same as the logical device name"list" . but the chacter device is having the name "rlist"

step 3:  now we have to change the ownership  of the file rlist to oracle:oracle  ,so that it can be used by oracle team.

#chown  oracle:oracle   /dev/ rlist

N-port Virtualization(NPIV)

through NPIV partitions of managed systems  can access the SAN storage directly through the same physical fibre channel adapter.

ex...
         suppose you have assigned 200 GB storage to vio server.this  200GB storage you can assign to the  logical partitions through mapping lv, pv  to the scsi adapters of the particular partitions. what happens when a  single LPAR needs  100GB  and there is only 50 GB storage left in VIO Server partition.
                                               .again you have to assign a LUN to VIO Server and then  you have to create  lv to provide the more,space. this can be tough  and time-taking if many server's are there. for reducing this over head NPIV was introduced through which we can directly assign the storage to the partitions.


 SAN  ------------->  LUN -------------->MAPPED TO THE PORT OF PHYSICAL FC ADAPTER





* Each virtual fibre channel adapter on each client logical partition receives a pair of unique WWPNs. The client logical partition uses one WWPN to log into the SAN at any given time. The other WWPN is used when you move the client logical partition to another managed system.

*Using their unique WWPNs and the virtual fibre channel connections to the physical fibre channel adapter, the operating systems that run in the client logical partitions discover, instantiate, and manage their physical storage located on the SAN


To enable N_Port ID Virtualization (NPIV) on the managed system, you create the required virtual fibre channel adapters and connections as follows:
1.using HMC  create virtual fibre channel adapters on the VIO Server logical partition and map  them  with virtual fibre channel adapters on the client logical partitions.

 2..When you create a virtual fibre channel adapter on a client logical partition, the HMC generates a pair of unique WWPNs for the client virtual fibre channel adapter.this you can see through HMC by viewing the properties of client FC adapter.

 3. we need to check whether the HBA port is connected to the SAN switch on which NPIV  is enabled.
that that we run $lsnport command on vio server.


 if fabric parameter is "1" . then NPIV is supported
 if it is "0" it means NPIV is not supported.

$lsnports


name             physloc                fabric 
fcs0              ---                          1
fcs1              ---                          1
fcs2              ---                           1


here fabric parameter is set to"1". that means NPIV is supported and we can do mapping.

now check the virtual FC adapter on the vio server that you have created

$lsdev  -vpd|grep vfchost
vfchost0  
vfchost1

for mapping the virtual FC adapter to physical FC adapter use the "vfcmap" command

$vfcmap -vadapter vfchost1   -fcp  fcs1

to check that mapping has been done correctly and the clients are able to login to the SAN.

#lsmap -vadapter vfchost1 -npiv 

micro partitioning.

we are distributing the processing capability of one or more physical processor among the partitions

using micro partitioning we can increase the overall utilization of processor resources within the system.


suppose we are having   4 processors  i.e. 4 processing units(PU) and we are having four partitions.you have assigned 1PU to all partitions.you  find that on all the partitions about 50% of processor is un-utilized  now .you want to create some more partitions . options are

1.that you have to add more processors to the server  that will add extra cost or burden to ur's firm.or

2.  you can free some processing units from all the lpar's as they are only 50% utilized atmost. this you can do by DLPAR operation through HMC ,if you don't want to reboot.

you can re-assign the processors according to ur's need :here i have reassigned the processing units so, that i can utilize those processor more efficiently and assign the freed PU to the new partitions that i want to create..

lpar1      minimum  .1      desired .3        maximum. .5
lpar 2     minimum .1       desired .2         maximum .3
lpar3      minimum .1       desired .4         maximum .6
lpar4      minimum .1       desired .3         maximum. .6


PROCESSING UNITS(PU) -  the capability of assigning less than 1 processor to a partition is call ed micro-partitioning.
                          for allocating less than 1 processor ,we use processing units(PU)

1 processor corresponds to  1 PU

** we can assign minimun of 1/10 i.e. 0.1 PU to a  partition.
** minimum granuality for assigning extra PU is .01

what is minimum,desired and maximum ?

minimum --  partition will not start if this much PU is not available
desired------  partition will use this much of PU ,if available
maximum ---  partition can be increased to this amount if using Dlpar.

here click to "advanced"

what is capped and uncapped?

capped---processing capability can never exceed the entitled (assigned) processing capability of partition.

uncapped --  the processing capability can exceed the entitled capacity when resources are available in there shared -processor pool and the partition is eligible to run.

* higher the uncapped weight of partition the more processing units it will receive.
* uncapped weight ranges between 0 to 255. default is 128.

power hypervisor

power hypervisor is the firmware layer sitting between the   hosted operating system and the server hardware.

suppose you are having p570 box in which you have created 4 Logical Partitions. you have assigned logical resources to  each of them. power hypervisor keeps track of the resources allocated to each partition and also take care that partitions don't access the other partition's assigned resources .

**power hypervisor enforces partition integrity by providing security layer between logical partitions.

** it provides VLAN channel between logical partitions that helps to reduce the need of physical ethernet adapter.


** it also monitors the service processor.if there is any loss of SP it will perform reset/reload operation.if it is not corrected it will notify the operating system.

power hypervisor provides following types of virtual I/O adapters.
  1. virtual scsi
   2. virtual ethernet
   3. virtual FC
  4. virtual console

what is virtual scsi?
for virtualization of storage,power hypervisor gives you virtual scsi mechanism.

virtual scsi adapter is needed for this which is defined in vio server partition.


there are two types of virtual scsi adapter
 virtual client scsi adapter
 virtual server scsi adapter

 all the scsi physical storage devices are assigned  to vio server.

how the adapters are connected?

1.using DLPAR operation , you can create  virtual scsi  server adapter if you don't want to reboot the server.
  2.on client partitions also  you define the virtual client scsi adapters. through DLPAR operation. mapping should be correct.

ex. of mapping the adaapters

while defining server adapter, note the following
slot no.  3
remote partition  partition2
remote partition virtual slot number  4

for client adapter
slot no. - 4
remote partition  vios
remote partition slot no.  3

3. after that run#cfgdev on vio server . one virtual host device (vhost) device will be available on vio server that represents that particular partition.

4. you cam map the logical  volume etc  to  a particular partition virtual host device and that will be available as a disk on client partition  after running the #cfgmgr command on that partition.


 vitual scsi can be used as
1. virtual disk
2. virtual optical devices(vtopt)
3. virtual tape.

VIRTUAL ETHERNET

power hypervisor provides a virtual ethernet switch function that allows partitions on the same server to use a fast and secure communication without any need of physical intercconnection.

***virtual ethernet is a part of base system configuration and doesn't need vio server.

creating users in company environment

creating a admin user won

# mkuser -a won

assigning the password to user won

#passwd won

it will not prompt for password when user logs in first time.

#pwdadm -c won

removing a disk from user-defined VG

check the activated volume group.

#lsvg -o

rootvg
datavg
quavg

#lsvg -p datavg

vpath12
vpath13

now using the migratepv command migrate all the  filesystem from vpath13 to vapth12

#migratepv vpath13  vpath12


check that any pp is allocated

#lspv -M vpath13 or # lspv -l vpath13


check whether all the filesytems are available

#lsvg -l datavg

now reduce the disk vpath13 from VG

#reducevg vpath13  datavg

now remove the vpath13 .

#rmdev -Rdl vpath13
vpath13 deleted



note: there is no need to unmount the filesystems or varyoff vg while running migratepv command.

SMIT

The System Management Interface Tool (SMIT) provides a menu-driven interface that
provides access to most of the common system management functions within one
consistent environment.
                   SMIT is managed by ODM.It also contains all of the menus, screens and
commands that SMIT uses.


..........Special symbols on the screen are used to indicate how data is to be entered:

*              A required field
#              A numeric value is required for this field.
/               A pathname is required for this field.
X             A hexadecimal value is required for this field.
?              The value entered will not be displayed.
+              A pop-up list or ring is available.


                                                    log files

$HOME/smit.log 
this log files keeps records all the menus and dialog box visited and also all the commands runwith the output.it also records any errors during the SMIT session.




 $HOME/smit.script 
shell script containing all aix commands executed through SMIT.

performance monitoring.