Professional Documents
Culture Documents
Copyright 2006-2009 Brocade Communications Systems, Inc. All Rights Reserved. Brocade, Fabric OS, File Lifecycle Manager, MyView, and StorageX are registered trademarks and the Brocade B-wing symbol, DCX, and SAN Health are trademarks of Brocade Communications Systems, Inc., in the United States and/or in other countries. All other brands, products, or service names are or may be trademarks or service marks of, and are used to identify, products or services of their respective owners. Notice: This document is for informational purposes only and does not set forth any warranty, expressed or implied, concerning any equipment, equipment feature, or service offered or to be offered by Brocade. Brocade reserves the right to make changes to this document at any time, without notice, and assumes no responsibility for its use. This informational document describes features that may not be currently available. Contact a Brocade sales office for information on feature and product availability. Export of technical data contained in this document may require an export license from the United States government. The authors and Brocade Communications Systems, Inc. shall have no liability or responsibility to any person or entity with respect to any loss, cost, liability, or damages arising from the information contained in this book or the computer programs that accompany it. The product described by this document may contain open source software covered by the GNU General Public License or other open source license agreements. To find-out which open source software is included in Brocade products, view the licensing terms applicable to the open source software, and obtain a copy of the programming source code, please visit http:// www.brocade.com/support/oscd.
European Headquarters Brocade Communications Switzerland Srl Centre Swissair Tour B - 4me tage 29, Route de l'Aroport Case Postale 105 CH-1215 Genve 15 Switzerland Tel: +41 22 799 5640 Fax: +41 22 799 5641 Email: emea-info@brocade.com
Document History
Title
Brocade SMI Agent Installation Guide Brocade SMI Agent Installation Guide Brocade SMI Agent Installation Guide Brocade SMI Agent Installation Guide Brocade SMI Agent Installation Guide Brocade SMI Agent Installation Guide Brocade SMI Agent Installation Guide Brocade SMI Agent Installation Guide Brocade SMI Agent Installation Guide Brocade SMI Agent Installation Guide Brocade SMI Agent Installation Guide Brocade SMI Agent Installation Guide
Publication number
53-1000054-01 53-1000054-02 53-1000198-01 53-1000198-02 53-1000445-01 53-1000445-02 53-1000612-01 53-1000612-02 53-1001145-01 53-1001198-01 53-1001198-02 53-1001198-03
Summary of changes
New document. Removed VM directory from CD image path. Updated to support the 110.5.0 release. Rebranded the document using the new Brocade templates. Updated to support the 120.6.0 release Updated the supported Kernel versions for Linux. Updated to support the 120.7.0 release. Updated to support the 120.7.1 release. Updated to support the 120.7.2 release. Updated to support the 120.8.0 release.
Date
April 2006 May 2006 November 2006 March 30, 2007 June 15, 2007 July 20, 2007 November 9, 2007 March 28, 2008 August 11, 2008 December 19, 2008
Minor corrections to the previous version. February 27, 2009 Update description of Proxy configuration dialog box. April 8, 2009
iii
iv
Contents
Chapter 1
Installation Requirements
In this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 Platform requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 Switch requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2 System requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2 SMI-A (Fabric OS) and SMI (EOS) coexistence requirements. . . . . . . 3 Installing SMI-A (Fabric OS) and SMI (EOS) on the same host . . 3
Chapter 2
vi
In this chapter
How this document is organized . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . vii Supported hardware and software. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . vii Whats new in this document . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ix Document conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ix Additional information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . x Getting technical help . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xi Brocade SMI Agent support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xiii Document feedback . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xiii
Chapter 2, Installing the SMI Agent explains how to install and uninstall the Brocade SMI
Agent.
Chapter 3, Silent Installation Status Messages lists the status messages that you might
encounter when performing a silent installation of the Brocade SMI Agent.
Chapter 4, Frequently Asked Questions provides answers to the most frequently asked
questions sent to the SMI Agent Developer Support email address.
Brocade 200E switch Brocade 300 switch Brocade 3000 switch Brocade 3014 switch
vii
Brocade 3016 switch Brocade 3200 switch Brocade 3250 switch Brocade 3600 switch Brocade 3800 switch Brocade 3850 switch Brocade 3900 switch Brocade 4012 switch Brocade 4016 switch Brocade 4018 switch Brocade 4020 switch Brocade 4024 switch Brocade 4100 switch Brocade 4424 switch Brocade 4900 switch Brocade 5000 switch Brocade 5100 switch Brocade 5300 switch Brocade 5410 switch Brocade M5424 switch Brocade 5470 switch Brocade 5480 switch Brocade 7500 Extension Switch Brocade 7500E Extension Switch Brocade 7600 Application Appliance Brocade 12000 director (only on Fabric OS 5.0.x) Brocade 24000 director (single domain only) Brocade 48000 director Brocade Encryption Switch Brocade Multiprotocol Router Model AP7420 (only as a non-proxy switch) Brocade DCX Data Center Backbone Brocade DCX-4S Data Center Backbone
viii
The following blades are supported on the Brocade DCX and DCX-4S: - Port blades: FC8-16, FC8-32, FC8-48 - FC4 port blades - FC10-6 - FC4-16IP - FC4-48C - FA4-18 - FR4-18i - FS8-18
Although many different software and hardware configurations are tested and supported by Brocade Communications Systems, Inc. for SMI-A 120.8.0, documenting all possible configurations and scenarios is beyond the scope of this document. In those instances in which procedures or parts of procedures documented here apply to some switches but not to others, this guide identifies exactly which switches are supported and which are not.
Document conventions
This section describes text formatting conventions and important notices formats.
Text formatting
The narrative-text formatting conventions that are used in this document are as follows: bold text Identifies command and method names Identifies the names of user-manipulated GUI elements Identifies keywords and operands Identifies text to enter at the GUI or CLI Provides emphasis Identifies variables Identifies class properties Identifies paths and Internet addresses Identifies document titles Identifies CLI output Identifies syntax examples
italic text
code text
ix
For readability, command names in the narrative portions of this guide are presented in mixed lettercase: for example, switchShow. In actual examples, command lettercase is often all lowercase. Otherwise, this manual specifically notes those cases in which a command is case sensitive.
NOTE
A note provides a tip, guidance or advice, emphasizes important information, or provides a reference to related information.
ATTENTION
An Attention statement indicates potential damage to hardware or data.
Key terms
For definitions specific to Brocade and Fibre Channel, see the Brocade Glossary. For definitions of SAN-specific terms, visit the Storage Networking Industry Association online dictionary at: http://www.snia.org/education/dictionary
Additional information
This section lists additional Brocade and industry-specific documentation that you might find helpful.
Brocade resources
The following SMI-A documentation can be obtained from developer support at Brocade:
Brocade SMI Agent Users Guide Brocade SMI Agent Developers Guide
To get up-to-the-minute information, join Brocade Connect. Its free! Go to http://www.brocadeconnect.com to register at no cost for a user ID and password. For practical discussions about SAN design, implementation, and maintenance, you can obtain Building SANs with Brocade Fabric Switches through: http://www.amazon.com For additional Brocade documentation, visit the Brocade SAN Info Center and click the Resource Library location: http://www.brocade.com Release notes are available on the Brocade Connect Web site and are also bundled with the Fabric OS firmware.
Technical Support contract number, if applicable Switch model Switch operating system version Error numbers and messages received supportSave command output Detailed description of the problem, including the switch or fabric behavior immediately following the problem, and specific questions
Description of any troubleshooting steps already performed and results Serial console and telnet session logs syslog message logs
2. Switch Serial Number The switch serial number and corresponding bar code are provided on the serial number label, as shown here:
:
*FT00X0054E9* FT00X0054E9
xi
Brocade 200EOn the nonport side of the chassis Brocade 300, 5100, and 5300On the switch ID pull-out tab located on the port side on
the left
Brocade 3014On the top of the chassis, under the insertion arm Brocade 3016 and 4012On the bottom of the switch module Brocade 4016On the top of the switch module Brocade 4018On the top of the blade Brocade 4020 and 4024On the bottom of the switch module Brocade 3250, 3850, and 7600On the bottom of the chassis Brocade 3900 Nonport side of the chassis Brocade 4100, 4900, 7500, and 7500EOn the switch ID pull-out tab located inside the chassis on the port side on the left the bottom of the port side of the switch
Brocade 5000 and Brocade Encryption SwitchOn the switch ID pull-out tab located on Brocade 12000, 24000, and 48000Inside the chassis next to the power supply bays Brocade DCXOn the bottom right on the port side of the chassis Brocade DCX-4SOn the bottom right on the port side of the chassis, directly above the
cable management comb.
Brocade Multiprotocol Router Model AP7420On the bottom of the chassis and on the
back of the chassis. 3. World Wide Name (WWN) Use the wwn command to display the switch WWN. If you cannot use the wwn command because the switch is inoperable, you can get the WWN from the same place as the serial number, except for the Brocade DCX. For the Brocade DCX, access the numbers on the WWN cards by removing the Brocade logo plate at the top of the nonport side of the chassis. For the Brocade 4016, 4018, 4020, and 4024 embedded switches: Provide the license ID. Use the licenseIdShow command to display the WWN. For the Brocade Multiprotocol Router Model AP7420: Provide the switch WWN. Use the switchShow command to display the switch WWN.
xii
Operating system version and patch level Sample code exhibiting problem (if possible) Switch models and operating system versions, including the proxy switch Compiler version Error messages received XML received from the Brocade SMI Agent XML sent to the Brocade SMI Agent Steps followed to produce the problem Server-side console output and log files Thread dump, if the SMI Agent is hanging or if memory consumption goes up
You can use the SMI Agent Configuration Tool to collect the required support information to be sent. Refer to the Brocade SMI Agent Users Guide for information about this tool.
Document feedback
Quality is our first concern at Brocade and we have made every effort to ensure the accuracy and completeness of this document. However, if you find an error or an omission, or you think that a topic needs further development, we want to hear from you. Forward your feedback to: documentation@brocade.com Provide the title and version number of the document and as much detail as possible about your comment, including the topic heading and page number and your suggestions for improvement.
xiii
xiv
Chapter
Installation Requirements
In this chapter
Platform requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Switch requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . System requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . SMI-A (Fabric OS) and SMI (EOS) coexistence requirements . . . . . . . . . . . . .
1 2 2 3
Platform requirements
Your software environment must meet the following requirements before you install the Brocade SMI Agent (SMI-A):
Minimum of 512 MB RAM One of the following operating systems (32-bit versions only): - Microsoft Windows Server 2003 (SP2) - Microsoft Windows Server 2008 - Microsoft Windows Vista Business Edition (SP1) - Sun Solaris 9 - Sun Solaris 10 - Linux Red Hat AS 3.0 - Linux Red Hat AS 4.0 - Linux SUSE Enterprise Desktop 10 - AIX 5.3 For Linux, Solaris, and AIX, a graphical interface is required for standard installation, but not for
silent installation. In Windows Vista, if you do not have Administrator privileges, you cannot stop and start the server. To start and stop the server, you must have Administrator privileges and the ConfigurationTool.bat file must be invoked using the Run As Administrator option. Sun Microsystems JRE version 1.5.0_11 is bundled with the SMI-A and is automatically installed when the SMI-A is installed. VMWare ESX Server 3.5 is supported on the following operating systems:
NOTE
Microsoft Windows Server 2003 Microsoft Windows 2008 Linux Red Hat AS 4.0
Other virtualization software is not supported.
Switch requirements
Switch requirements
When possible, upgrade your switches to Fabric OS v6.2.0 or higher. In particular, the proxy switch should be running Fabric OS 6.2.0 or higher. The SMI-A does not support proxy switches running Fabric OS v6.0.x or lower. It is not necessary to choose the principal switch as the proxy. Only fabrics in which all user accounts are equivalent on all switches have been tested. For RBAC, only fabrics containing all Fabric OS 5.2.0, 5.3.0, or 6.0.x and higher switches and in which all user accounts are equivalent on all switches have been tested.
System requirements
Table 1 lists the memory and CPU recommendations.
TABLE 1
Requirements
System requirements
SAN with 1-5,000 switch ports
less than 512 MB 2 GB 3 GHz
The memory required for running the SMI-A depends on the following:
number of switches number of ports number of devices in a single fabric number of fabrics being managed
You should increase the memory as these numbers increase. You should also check the memory usage of all applications and services running on the host and adjust the memory accordingly. If the agent is used to manage multiple fabrics, use the total number of switch ports in all fabrics to determine the memory usage. Fabric OS v5.2.0 and later support a zoning database size of 1 MB. To support a 1 MB zoning database, the entire fabric must be upgraded to v5.2.0 or later. If any pre-v5.2.0 switches are part of the fabric, the maximum zone database size is 256 KB. If the zoning database size exceeds 256 KB, switches not upgraded to Fabric OS v5.2.0 or later are segmented out of the fabric. You should also increase the memory heap size for the JVM based on the number of switches and number of switch ports and devices. After you install the SMI Agent, you can increase the heap size using the following procedure. This document uses <SMIAgent> to refer to the installation folder, although your installation folder might be different (if you change it from the default).
NOTE
To increase the heap size 1. Open the start_server file for editing. This file is in the following location: Linux, Solaris, and AIX: Windows: <SMIAgent>/agent/server/jserver/bin/start_server <SMIAgent>\agent\server\jserver\bin\start_server.bat
Windows only: If you installed the SMI-A as a service, open the jserverd.ini file for editing, instead of the start_server file. The jserverd.ini file is in the following location: C:\Windows\system32\jserverd.ini 2. Modify the JVM flag in the file. The default value of the JVM flag is: -Xmx512m. For example, to increase the memory from 512 MB to 1024 MB, change this value to: -Xmx1024m. For most fabrics, 512 MB is usually sufficient. 3. Restart the SMI Agent, if it is already started.
4 GB RAM or higher 3 GHz CPU 1 GB JVM memory size for each agent
By default, during installation both the SMI (EOS) and SMI-A (Fabric OS) are configured to use ports 5988 and 5989. When the agents co-exist in the same host, they must be configured to run on different ports. SMI (EOS) versions earlier than 2.6 do not provide an option to change ports during installation. For SMI (EOS) versions earlier than 2.6, you must install the SMI (EOS) before you install the SMI-A (Fabric OS). If the SMI-A (Fabric OS) is installed in a host in which and SMI (EOS) agent is already installed, the SMI-A (Fabric OS) registers to the SLP service that is installed by the SMI (EOS) agent. If a client queries the SLP service running in the host, the service lists both the SMI-A (Fabric OS) and SMI (EOS) agents.
Installing SMI-A (Fabric OS) and SMI (EOS) on the same host
The following procedures provide the basic installation order for installing the two SMI agents. Complete instructions for installing the SMI-A (Fabric OS) are provided in Chapter 2, Installing the SMI Agent. See the Brocade SMI Agent for EOS Products Installation Guide for instructions for installing the SMI (EOS). Perform one of the following procedures depending on which SMI is to use the default ports and which version of SMI (EOS) you are running.
SMI-A (Fabric OS) uses the default ports, and SMI (EOS) version is earlier than 2.6
1. Install the SMI (EOS) agent. 2. Change the http and https port numbers using the Server Configuration tool and restart the SMI (EOS) agent. 3. Install the SMI-A (Fabric OS) using the default ports (5988 and 5989).
SMI-A (Fabric OS) uses the default ports, and SMI (EOS) version is 2.6 or later
1. Install the SMI-A (Fabric OS) agent using the default ports (5988 and 5989). 2. Install the SMI (EOS) agent with non-default ports (for example, http: 6000 and https: 6001).
Chapter
In this chapter
Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 Before installing the SMI Agent on Linux, Solaris, and AIX. . . . . . . . . . . . . . . 5 Install the Brocade SMI Agent using the wizard . . . . . . . . . . . . . . . . . . . . . . . 6 Install the Brocade SMI Agent in silent mode . . . . . . . . . . . . . . . . . . . . . . . . 27 Post-installation considerations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31 Uninstall the Brocade SMI Agent . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31
Introduction
This chapter describes the steps for installing and uninstalling the Brocade SMI Agent (SMI-A) on Windows, Linux, Solaris, and AIX. You can install the SMI-A either using a wizard or in silent mode, with no user intervention. When SMI-A installation is complete, the following shortcuts are automatically added to the Start menu:
Brocade SMI Agent Configuration Tool Start CIMOM Stop CIMOM Start SMI Agent Service (Available only if the SMI-A is installed as a service) Stop SMI Agent Service (Available only if the SMI-A is installed as a service) Uninstall Brocade SMI Agent
If you are installing both the SMI-A (Fabric OS) and the SMI (EOS) on the same host, see SMI-A (Fabric OS) and SMI (EOS) coexistence requirements on page 3 for additional requirements and instructions.
NOTE
3. Stop the service using the stop_agent_service script. 4. Start the new SMI-A installation, as described in Install the Brocade SMI Agent using the wizard, next, or Install the Brocade SMI Agent in silent mode on page 27.
Installs Sun Microsystems JRE 1.5.0_11, which is bundled with the installer. The JRE is
installed in the directory local to <SMIAgent>.
Allows you to configure Fabric Manager database server information (SMIAgentConfig.xml file). Provides option for enabling security for the SMI-A. During Windows installation, if security is enabled with Windows Domain Authentication,
you must always provide the Windows Domain login credentials to connect to the SMI Agent; otherwise, all communication to the SMI-A will fail.
If security is enabled without Windows Domain Authentication, you must always provide
the local account credentials to connect to the SMI Agent; otherwise, all communication to the SMI-A will fail.
During Linux, Solaris, and AIX installations, if security is enabled during installation, then
you must always start the SMI-A as root; otherwise, all communication to the SMI-A will fail.
Provides options for enabling mutual authentication for client and indications. Provides options for importing client certificates into the Server truststore and for exporting
Server certificates to a specified directory.
Allows you to configure http and https port information. Allows you to configure eventing and ARR TCP ports (SMIAgentConfig.xml file). Allows you to configure secure eventing and ARR TCP ports (SMIAgentConfig.xml file). Provides options for enabling console and file logging (jserver.properties file). Allows you to configure proxy connections (provider.xml file). Provides option for starting the SMI-A as a Windows service or Linux/Solaris/AIX daemon. Installs the Brocade SMI Agent Configuration Tool, which allows you to change the SMI-A configuration settings after the installation. Refer to the Brocade SMI Agent Users Guide for information about the Configuration Tool.
NOTE
To enable security on Linux, Solaris, and AIX, you must start the installation process by logging in as root. To enable security on Windows, you must start the installation process by logging in as a user with administrator privileges. The installation wizard launches, as shown in Figure 1.
FIGURE 1
Installation wizard
If the installation wizard does not launch, you might be installing in silent mode. Silent mode is triggered when you run the installation file using the -f option. Check for the presence of the SilentInstallation.properties file and, if you do not want to install in silent mode, either move that file to another folder, or rename the file. For information about silent mode installation, see Install the Brocade SMI Agent in silent mode on page 27. 3. Accept the license agreement and click Next. The System Configuration window appears.
FIGURE 2
System configuration
4. Ensure that you have the required disk space for the installation, and click Next. The Introduction window appears.
FIGURE 3
Introduction
5. Read the introduction and click Next. The Choose Installation Folder window appears. The following figure shows the default installation folder for Windows, C:\SMIAgent.
FIGURE 4
6. Click Next to accept the default installation location, or enter a different location and click Next.
NOTE
7.
Do not specify spaces in the path or folder name. Windows, Solaris, Linux only: If the installer detects an existing SMI Agent installation, you are prompted whether you want to import the existing configuration. (The installer cannot detect an existing installation on the AIX platform.) This prompt does not appear if the previous SMI Agent installation was terminated.
If you do not want to import the existing configuration files, click Cancel, and go to step 9; otherwise, click OK to copy the configuration files from the existing installation directory to the new installation directory. When you click OK, the Importing Configuration window appears. This window displays the paths of the configuration files. Select the configuration that you want to import and click Next.
FIGURE 5
Importing configuration
Windows only: The type of domain authentication is not imported from the previous installation.
NOTE
If the import fails, you are notified of the failure at the end of this installation procedure. The HTTP Port Configuration window appears. This window displays the default port number for non-secured CIMOM communication.
10
FIGURE 6
8. Use the default port number, or enter a new port number. The range of valid port numbers is from 1 to 65535; however, it is recommended that you use a value between 1024 and 65535. 9. Click Next. If the port is in use, you get an error message and are prompted to enter a new port. If the port is not in use, the HTTPS Port Configuration window appears. This window displays the port number that will be used for secured CIMOM communication.
FIGURE 7
11
10. Use the default HTTPS port number, or enter a new port number. The range of valid port numbers is from 1 to 65535; however, it is recommended that you use a value between 1024 and 65535. 11. Click Install. After the installation finishes, the Fabric Manager Server Configuration window appears.
NOTE
Full installation is not complete at this time. Do not cancel or abort the installation wizard. For all platforms except AIX: If you imported an existing configuration, this window does not display. Skip to step 13.
FIGURE 8
This window allows you to specify the connection information for an existing Brocade Fabric Manager server. Not all users have a Fabric Manager server installed and running in their environment. The information that you enter here allows the SMI-A to report on historical port statistics by retrieving the data from the Fabric Manager database server. If your management application does not make use of historical port statistics, you do not need to enter any connection information on this screen. Driver This field is already populated with the default driver that is bundled in the agent: com.sybase.jdbc2.jdbc.SybDriver. Do not change this driver information. The database URL should be in the form:
jdbc:subprotocol:subname:host:port/dbname
URL
For example, if the Fabric Manager database server is installed on the same host as the SMI-A, the URL is: jdbc:sybase:Tds:localhost:2638/fabman Otherwise, replace localhost with the Fabric Manager database server host IP address.
12
The database user on whose behalf the connection is being made. The default DSN user name is: dba The users password. The default DSN password is: sql
This information is stored in the configuration file SMIAgentConfig.xml located at <SMIAgent>\agent\server\jserver\bin. You can use the SMI Agent Configuration tool to change these settings after installation. 12. Enter database schema information, and click Next. The Enabling Mutual Authentication for Client window appears.
FIGURE 9
13. Choose whether to enable mutual authentication (trust by certificate) between client management applications and the Brocade SMI Agent by selecting one of the following options, and then click Next:
13
FIGURE 10
14. Choose whether to enable mutual authentication (trust by certificate) between client management application event system and the Brocade SMI Agent by selecting one of the following options, and then click Next:
NOTE
The SMI Agent uses this connection to send asynchronous event notifications, similar to SNMP, to the management application event system. The Importing client certificate for Mutual Authentication for Clients window appears.
14
FIGURE 11
This window allows you to import a security certificate into the SMI Agent server truststore. If mutual authentication for clients is enabled, this certificate will be used. If mutual authentication for clients is not enabled, you can provide a security certificate now, which will be used if you enable mutual authentication for clients later.
NOTE
You can import only certificates generated using Java Keytool or OpenSSL. If mutual authentication for clients is enabled and if you do not provide a security certificate, then the Brocade-provided client certificate (client.cer) will be used to authenticate clients. 15. Enter the path of the client certificate and the alias name of the certificate, and click Next. The Importing client certificate for Mutual Authentication for Indication window appears.
15
FIGURE 12
This window allows you to import a security certificate into the SMI Agent server truststore. If mutual authentication for indications is enabled, this certificate will be used. If mutual authentication for indications is not enabled, you can provide a security certificate now, which will be used if you enable mutual authentication for indications later.
NOTE
You can import only certificates generated using Java Keytool or OpenSSL. If mutual authentication for indications is enabled and if you do not provide a security certificate, then the Brocade-provided security certificate (clientind.cer) will be used for authentication. 16. Enter the path of the client certificate and the alias name of the certificate, and click Next. The Exporting Server certificate for Mutual Authentication for Clients window appears.
16
FIGURE 13
This window allows you specify a file name and directory in which to export the SMI Agent server certificate (server.cer) used for mutual authentication for clients. If mutual authentication for clients is enabled and if you do not export the SMI Agent server certificate, then the client keystore, truststore, and server certificates will be used for authentication. If mutual authentication for clients is not enabled, you can provide the server certificate information now, which will be used if you enable mutual authentication for clients later. 17. Enter the directory and the file name, and click Next. The Exporting Server certificate for Mutual Authentication for Indication window appears.
17
FIGURE 14
This window allows you specify a file name and directory in which to export the SMI Agent server certificate (serverind.cer) used for mutual authentication for indications. If mutual authentication for indications is enabled and if you do not export the SMI Agent server certificate, then the client keystore, truststore, and server certificates will be used for authentication. If mutual authentication for indications is not enabled, you can provide the server certificate information now, which will be used if you enable mutual authentication for indications later. 18. Enter the directory and the file name, and click Next. The Enabling Security window appears.
18
FIGURE 15
Enabling security
19. Enable or disable authentication for the SMI Agent by selecting one of the following options, and then click Next:
NOTE
To enable security on an AIX platform, add the following lines to the /etc/pam.conf file, if not already added:
wsi-wbem-server wsi-wbem-server wsi-wbem-server wsi-wbem-server auth required /usr/lib/security/pam_aix session required /usr/lib/security/pam_aix password required /usr/lib/security/pam_aix account required /usr/lib/security/pam_aix
If you selected No, the Eventing and ARR TCP Port Configuration window appears (Figure
18 on page 21); skip to step 22.
If you selected Yes for Linux or Solaris systems, the Eventing and ARR TCP Port
Configuration window appears (Figure 18); skip to step 22.
If you selected Yes for Windows systems, the Enter Type of Domain Authentication window
appears (Figure 16). Continue with the instructions in step 20 to set up user authentication for Windows.
19
FIGURE 16
20. (Windows with security enabled only) Select whether to validate users against the domain user database, and then click Next:
If you selected No, the Eventing and ARR TCP Port Configuration window appears
(Figure 18); skip to step 22.
If you selected Yes, the Enter Valid Domain Name window appears (Figure 17). Continue
with step 21. Domain authentication is not available on Linux, AIX, and Solaris platforms.
20
FIGURE 17
21. (Windows with domain security enabled only) Enter name of the domain that the SMI Agent will use to authenticate user credentials, and click Next. The Eventing and ARR TCP Port Configuration window appears. For all platforms except AIX: If you imported an existing configuration, this window does not display. Skip to step 23.
FIGURE 18
The ARR port is the port through which the switches in the fabric send data (large payload responses) back to the SMI-A.
21
The eventing port is the port through which the switch connects to the SMI-A to deliver events. If a firewall exists between the SMI-A and the fabric, these ports must be open in the firewall. The ARR and eventing port ranges are from 0 to 65535. When you choose values for the ARR and eventing ports, make sure they are not one of the assigned TCP ports. The Installation wizard does not check for this. You can see a list of assigned TCP ports at: http://www.iana.org/assignments/port-numbers ARR and eventing ports are optional. If you do not configure them, or if you configure them with a value of 0, the SMI Agent dynamically allocates a port during server startup. 22. To allow the SMI Agent to allocate ports dynamically when started, enter 0 for each port number or leave this form blank, and click Next; to assign a specific port or range of ports, enter port numbers or range, and click Next.
NOTE
Ports cannot be the same or in use. The SMI Agent does not verify whether the ports are available. The Enabling Console And/Or File Logging window appears.
FIGURE 19
23. Set up logging as follows, and then click Next. a. To display detailed messages in the console, select Yes.
NOTE
To view console messages the SMI Agent must be running from a console session, not as a service. Selecting yes to enable console messages when SMI Agent is running as a service does not affect the system. b. To disable file logging, select No.
22
Figure 20 shows the Windows default log file name and location.
FIGURE 20
c. d.
Enter the complete path to the log file. Enter the number of log files and the maximum size of the log files. The minimum log file size is 1 KB. The file count is a value between 1 and 99. The default is 20 log files of 10240 kilobytes (10 MB) each. When the specified size is exceeded on the first log file, logs will be written to the next log file. When approximately the specified number of KB have been written to one log file, another log file is opened.
NOTE
Sometimes log file will exceed the size specified because of a limitation in Java logging. After the server is stopped, the size of the log file will be reduced to the size specified.
e.
Click Next.
The Proxy Connections Configuration window appears. For all platforms except AIX: If you imported an existing configuration, this window does not display. Skip to step 26.
23
FIGURE 21
24. Configure the fabrics that you want the SMI Agent to proxy. For each fabric, click Add and fill out the values in the Proxy Configuration window.
FIGURE 22
Proxy configuration IP address of the proxy switch in IPv6 or IPv4 format (for example: 100.200.100.200) Username to be used to log in to the switch (for example: admin) Password to be used to log into the switch (for example: password) Protocol: RPC, Secure RPC, or Any. RPC is used for a non-secure connection and Secure RPC is used for a secure connection. Any means that first a secure channel is tried and if it fails, then a non-secure channel is tried. Type of login: Non SecureSAN, SecureSAN, or Any. Non SecureSAN is used to connect to non-secure fabrics and SecureSAN is used to connect to secure fabrics. Any means that SMI-A first attempts a secure connection and if it fails, attempts to connect in non-secure mode. Note: Although it is a listed option, SecureSAN is not supported.
Login-scheme
24
No. of RPC Handles Number of RPC connections to be used to connect to the switch. The possible range of values is 1 to 20. The default value is 5.
NOTE
Fabric OS limits the number of RPC handles allowed per switch; therefore increasing the RPC handles decreases the number of connections per switch. 25. After all the fabrics are configured in the Proxy Connections Configuration window, click Next. The Important Information window appears.
FIGURE 23
26. Click Next.
Important information
The Configuring and Starting as a Service window or Start Agent as a Daemon window appears.
25
FIGURE 24
27. Select Yes to start the SMI Agent as a service, and click Next.
NOTE
If you choose not to run the SMI Agent as a service, the agent does not stop or restart automatically. You must manually start and stop the SMI Agent using the start_server script. The Installation Completed window appears. This window displays a message if any errors occurred during installation; check the log file for details.
FIGURE 25
28. Click Done.
Installation completed
26
ATTENTION
In silent mode, the terms of the end user license agreement cannot be displayed for acceptance. Silent installation means that, by default, you accept the same license agreement displayed during normal installation.
TABLE 2
Parameters
INSTALLER_LOG_FILE =
CHOSEN_DIALOG_BUTTON =
27
TABLE 2
Parameters
REG_COMPONENT_LOCATION
IND_AUTH_DISABLED = 1
IMPORT_CLIENT_CERTIFICATE_MUTUAL _AUTH_CLIENT_FILEPATH =
EXPORT_SERVER_CERTIFICATE_MUTUAL _AUTH_CLIENT_FILENAME =
28
TABLE 2
Parameters
EXPORT_SERVER_CERTIFICATE_MUTUAL _AUTH_INDICATION_DIR =
WINDOWS_DOMAIN_AUTH_DISABLED = 1
WINDOWS_DOMAIN_NAME = EVENTING_PORT =
ARR_PORT =
SECURE_EVENTING_PORT =
SECURE_ARR_PORT =
CONSOLE_LOGGING_DISABLED = 1
FILE_LOGGING_DISABLED = 1
LOG_FILE_NAME =
29
TABLE 2
Parameters
where filename is the absolute path of the properties file. If the properties file name is the default name, SilentInstallation.properties, then you can run the installation file without the -f option, as follows: On Windows: On Linux: On Solaris: On AIX: CD_Image\Windows\install.exe CD_Image/Linux/install.bin CD_Image/Solaris/install.bin CD_Image/AIX/install.bin
The SMI-A is installed to the location specified in the USER_INSTALL_DIR parameter of the properties file. The status of the installation, along with any error messages, is reported in the installation log file, which is in the location specified in the INSTALLER_LOG_FILE parameter of the properties file. The status of the installation is SUCCESS only if all of the installation operations succeeded; otherwise, the overall installation status is FAILED. Refer to Chapter 3, Silent Installation Status Messages for details about the status messages.
30
Post-installation considerations
Post-installation considerations
The Brocade SMI Agent supports SLP to allow applications to discover the existence, location, and configuration of WBEM services in enterprise networks. If you want Service Location Protocol (SLP) support, you must install and start the SLP daemon prior to starting the SMI-A. See the Brocade SMI Agent Users Guide for instructions on installing and starting the SLP daemon. After you install the SMI-A, you can change many of the configuration settings using the Brocade SMI Agent Configuration Tool. For example, you can:
reconfigure the ports used by the SMI-A enable and disable logging and configure different levels of logging add and remove fabrics
See the Brocade SMI Agent Users Guide for instructions on using this tool.
Linux, Solaris, or AIX: ./<SMIAgent>/UninstallerData/Uninstall_Brocade_SMI_Agent If you installed the SMI-A using the wizard, the Uninstall wizard launches and directs you through the uninstallation process (see Figure 26). If you installed the SMI-A in silent mode, the SMI-A is automatically uninstalled in silent mode.
31
FIGURE 26
32
Chapter
When you install the SMI-A in silent mode, status messages are written to the installation log file, the name and location of which is specified in the properties file. The format of each status message is:
SMIAgent;120.8.0;Operation=opname;Status=status;StatusCode=code;StatusMessage=msg;
where opname is the name of the operation, status is either Passed or Failed, code is the numeric status code, and msg is the status message. Table 3 lists the possible operation names and, for each operation, the possible status, status codes, and status messages.
TABLE 3
Operation name
Choose Installer Folder Name
Status code
0 -1 -2 -3 0 -5 -5 -6 -7 -16 0 0 0 -5 -22 0 0 -5 -22
Status message
Successful Your system drive does not have disk space required for the installation Invalid Folder Installation Folder Name contains a space CIMOM Ports Configured Configured HTTP port in use Configured HTTPS port in use Invalid Port Range Non Numeric or Negative CIMOM Ports HTTP and HTTPS cannot be the same Successful Disabled Mutual Authentication for SMI Agent Enabled Mutual Authentication for SMI Agent Configured HTTP port in use Invalid Parameter for Mutual Authentication for Client Disabled Mutual Authentication for Indication Enabled Mutual Authentication for Indication Configured HTTP port is in use Invalid Parameter for Mutual Authentication for Indication
FM Server Configuration Passed Mutual Authentication for Client Passed Passed Failed Failed Mutual Authentication for Indication Passed Passed Failed Failed
33
TABLE 3
Operation name
Import client certificate for mutual authentication for client
Status code
0 -31 -32 -33 -34 -35 -40 0 -31 -32 -33 -34 -35 -40 0 -31 -33 -36 -38 -39 -41 0 -31 -33 -36 -38 -39 -41
Status message
Successful Invalid file path. Alias name must not contain special characters Empty file location Empty alias name Failed to import Duplicate alias name Successful Invalid file path. Alias name must not contain special characters Empty file location Empty alias name Failed to import Duplicate alias name Successful Invalid file path. Empty file location Output file must not contain special characters Empty output file name Failed to export Duplicate output file name Successful Invalid file path. Empty file location Output file must not contain special characters Empty output file name Failed to export Duplicate output file name
34
TABLE 3
Operation name
Eventing and ARR Configuration
Status code
0 -6 -10 -11 -12 -17 -18 -19 0 -23 -24 -25 -26 -27 -28 -29 -30 0 0 0 -5 -8 -9 -20 -21 -22 0 0 -22
Status message
Eventing and ARR ports configured Invalid Port Range Ports used for Eventing and ARR cannot be the same Eventing Port value should not be negative ARR Port value should not be negative Invalid or Non-numeric port Port used for Eventing is already configured as HTTP or HTTPS port Port used for ARR is already configured as HTTP or HTTPS port; Secure Eventing and ARR ports configured Port used for Secure ARR is already configured as HTTP or HTTPS port, or is negative Ports used for Secure Eventing and Secure ARR cannot be the same Ports used for Secure Eventing and Eventing cannot be the same Ports used for Secure Eventing and ARR cannot be the same Ports used for Secure ARR and Eventing cannot be the same Ports used for Secure ARR and ARR cannot be the same Invalid port number provided for Secure ARR or Eventing port. The valid port range is 065535. Port used for Secure Eventing is already configured as HTTP or HTTPS port, or is negative. Disabled Security for SMI Agent. Enabled Security for SMI Agent. Enabled Security for SMI Agent without Windows domain authentication Configured HTTP port is in use You should be a root user to enable security Windows domain name should not be empty for enabling security on Windows Windows domain authentication failed Windows domain authentication failed. Failed to stop the server. Invalid Parameter for Security Enabled Console Logging Disabled Console Logging Invalid Parameter for Console Logging
Security
Console Logging
35
TABLE 3
File Logging
Operation name
Status code
0 0 -13 -14 -15 -22 0 0 0
Status message
Disabled File Logging Enabled File Logging Invalid Log File Size Invalid file size count Empty File location Invalid Parameter for File Logging Disabled SMI Agent as Service Enabled SMI Agent as Service Installer has detected that already one SMI Agent is installed as a service. This operation will remove the old one and install the new one You must be a root user to install SMI Agent as a service Invalid parameter for SMI Agent as Service SMI Agent was successfully installed on your machine. SMI Agent overall installation failed.
-8 -22 0 -100
36
Chapter
This chapter contains questions most frequently sent to the SMI Agent Developer Support email address.
Besides Windows Domain authentication, does the SMI Agent support local user
authentication?
What are the Eventing and ARR TCP Ports? Do they relate to indications? What encryption method is used to encrypt the password field in provider.xml? How do I report a problem and what information should I provide? Does the Brocade SMI Agent need to point to every switch in a fabric or just one switch in each fabric to collect the data?
Can the SMI Agent proxy for two fabrics that are in different subnets? Should I designate multiple proxies into a fabric? What are the best practices concerning this? In using Windows domain authentication, do I need to include the domain name along with the
username for authentication?
What are some situations that might require restarting the SMI Agent? How do I start and stop the SMI Agent? How do I tell what version of SMI-A I am running?
See the Frequently Asked Questions chapter in the Brocade SMI Agent Users Guide for additional questions and answers. Besides Windows Domain authentication, does the SMI Agent support local user authentication? SMIAgent 110.4.0 and higher support authenticating the user against the system on which it is installed. By default when you configure security, the users credentials (username and password) are validated against the ones present on the local system. To ensure this happens, follow these steps: 1. During SMI-A installation, enable security and Select No for Windows domain authentication. 2. Create a local user on the Windows system where the agent is installed. What are the Eventing and ARR TCP Ports? Do they relate to indications? These ports are used by the agent to receive events and ARP responses from the fabric. The client is not required to fill in these ports; the operating system selects the ports dynamically. One probable use case for specifying these ports is if there is a firewall between the fabric and the host. In this case, you can specify a fixed port to be opened by the administrator for eventing or ARR. What encryption method is used to encrypt the password field in provider.xml? The SMI Agent comes with a utility to encrypt the password. This utility is in the following directory: Linux, Solaris, and AIX: Windows: <SMIAgent>/agent/bin/PasswordEncryptor <SMIAgent>\agent\bin\PasswordEncryptor.bat
37
How do I report a problem and what information should I provide? Fill in the Submit Problem Report form at the partner web site. Does the Brocade SMI Agent need to point to every switch in a fabric or just one switch in each fabric to collect the data? Just one switch per fabric. If the switches in the fabric do not all have the same Fabric OS version, then you should designate the switch with the highest supported Fabric OS version as the proxy. It is not necessary to choose the principal switch as the proxy. Can the SMI Agent proxy for two fabrics that are in different subnets? Yes. Should I designate multiple proxies into a fabric? What are the best practices concerning this? You can have only one connection at a time into the fabric. The only advantage in designating multiple proxies is that if the first proxy fails to connect, the SMI-A tries the next proxy until it finds one that works. In using Windows domain authentication, do I need to include the domain name along with the username for authentication? No. You should provide only the username, as shown:
UserPrincipal up = new UserPrincipal("username"); PasswordCredential pc = new PasswordCredential("password");
What are some situations that might require restarting the SMI Agent? Restarting of the SMIAgent is required when:
configuration parameters, such as the debug level or log file name, are changed. host IP, HTTP, or HTTPS port is changed. firmware download configuration entry in SMIAgentConfig.xml is changed.
How do I start and stop the SMI Agent? See the Brocade SMI Agent Users Guide for instructions on starting and stopping the SMI Agent. How do I tell what version of SMI-A I am running? The title bar in the Brocade SMI Agent Configuration Tool displays the version of the SMI-A, for versions 120.7.0 and later. See the Brocade SMI Agent Users Guide for information on the Configuration Tool. You can also check the file version.txt in the agent/server/jserver/bin directory.
38
Index
D
Distributed Management Task Force (DMTF), xi
R
requirements for installation, 1 return codes for silent installation, 33
E
error codes for silent installation, 33
S
silent installation error codes, 33 on Windows, 27 SMI (EOS) installation requirements, 3 SMI-A installing as a service, 5 installing on Windows, 6 uninstalling, 31 Storage Management Initiative (SMI), xi Storage Management Initiative Specification (SMI-S), xi Storage Networking Industry Association (SNIA), xi supported platforms, 1
F
Fibre Channel Association, xi frequently asked questions (FAQs), 37
H
heap size, increasing, 3 help, SMI agent support, xiii
I
increasing heap size, 3 installation requirements, 1 installing SMI-A as a service, 5 installing SMI-A on Windows, 6 installing SMI-A with SMI (EOS), 3
U
uninstalling SMI-A, 31
W
Web Based Enterprise Management (WBEM), xi
M
memory requirements, 2
P
platform support, 1
39
40