|
Page 6 of 8
Add/Modify resources to support handsfree installation of clients with ssh support
Remember, I only installed the ssh_server bundle after I had made the mksysb resource. The generaic mksysb lacks ssh support - on purpose. I want each installation to generate it's own unique host ID.
What you may not be aware of is that the default lpp_resource created by nim does not include the software we need to install ssh_server support on AIX clients. To add this support to our installation we need to
- add software to the lpp_resource
- add a software_bundle resource that NIM can install during the installation
- add bosinst_data resource for hands free installation
If you dont do it this way you run the risk of having the same hostid
credentials in the /etc/ssh directory on all your systems.
On the nim server I have the following filesets installed to support ssh:
# lslpp -L | grep open
openssh.base.client 5.4.0.6100 C F Open Secure Shell Commands
openssh.base.server 5.4.0.6100 C F Open Secure Shell Server
openssh.man.en_US 5.4.0.6100 C F Open Secure Shell
openssh.msg.en_US 5.4.0.6100 C F Open Secure Shell Messages -
openssl.base 0.9.8.1300 C F Open Secure Socket Layer
openssl.license 0.9.8.1300 C F Open Secure Socket License
openssl.man.en_US 0.9.8.1300 C F Open Secure Socket Layer
In the lpp_source only the following filesets are installed
# nim -o showres lpp_6106 | grep open
openssl.base 0.9.8.1300 I N usr,root
openssl.license 0.9.8.1300 I N usr
openssl.man.en_US 0.9.8.1300 I N usr
To help update the the lpp_resource with the software we need we will first create the installp_bundle resource and use that to tell nim what software to add to the lpp_resource. In short, use nim resources whnever you can to help prevent ommissions.
Because all our resources are to be in a seperate volume group copy the standard bundle to /export/nim and then define the copy as the resource
# cp /usr/sys/inst.data/sys_bundles/openssh_server.bnd /export/nim
# nim -o define -t installp_bundle -a server=master -a location=/export/nim/openssh_server.bnd openssh_serverAnd now you can use the bundle to update the lpp_source with the software needed by the bundle
# nim -o update -a source=/dev/cd0 -a installp_bundle=openssh_server lpp_${OSLEVEL}
/export/6106/lpp/installp/ppc/openssh.man.en_US.5.4.0.6100.I
/export/6106/lpp/installp/ppc/openssh.base.5.4.0.6100.I
bosinst_data resource for hands free installation
The last resource we need is a bos_install resource - for hands-free installation. Again we copy a file from the master system to the NIM volume group and define it. This time though, we also modify the resource. Read carefully!
# cp /bosinst.data /export/nim/bosinst_hdisk0_install
When we made our initial mksysb one side effect was that the file /bosinst.data was made with default settings. For an automatic installation there are a number of lines we need to change:
The lines to change are from:
PROMPT = yes
RECOVER_DEVICES = Default
ACCEPT_LICENSES =
ACCEPT_SWMA =
IMPORT_USER_VGS =
to:
PROMPT = no
RECOVER_DEVICES = no
ACCEPT_LICENSES = yes
ACCEPT_SWMA = yes
IMPORT_USER_VGS = no
And simplify the target_disk_data: stanza from:
target_disk_data:
PVID = 00f67207e26dbb8d
PHYSICAL_LOCATION = U8233.E8B.107207P-V41-C21-T1-L8100000000000000
CONNECTION = vscsi0//810000000000
LOCATION =
SIZE_MB = 70006
HDISKNAME = hdisk0
to:
target_disk_data:
HDISKNAME = hdisk0
Remember it is the file /export/nim/bosinst_hdisk0_install that needs to be edited.
Then make the last nim resource using:
# nim -o define -t bosinst_data -a server=master -a location="/export/nim/bosinst_hdisk0_install" bosinst_hd0
The completed nim resources are:
# lsnim
master machines master
boot resources boot
nim_script resources nim_script
n392 networks ent
mksb_6106_generic resources mksysb
spot_6106 resources spot
lpp_6106 resources lpp_source
openssh_server resources installp_bundle
bosinst_hd0 resources bosinst_data
|
