Purpose
Prepares a node to be defined to
a peer domain.
Syntax
preprpnode [-k]
[-h] [-TV] node_name1 [node_name2 ...
]
preprpnode -f │ -F { file_name │ "–" }
[-k] [-h] [-TV]
Description
The preprpnode command
prepares security on the node on which the command is run so it can
be defined in a peer domain. It allows for peer domain operations
to be performed on this node and must be run before the node can join
a peer domain using the mkrpdomain or addrpnode command.
Before
the mkrpdomain command is issued on a node,
the preprpnode command must be run on each
node to be defined to the new peer domain, using the name of the node
that is to run the mkrpdomain command as
the parameter. This gives the mkrpdomain node
the necessary authority to create the peer domain configuration on
each new node and set up additional security.
Before the addrpnode command
is issued on a node, the preprpnode command
must be run on each node that is to be added, using the names of
all online nodes as the parameters. This gives the online nodes the
authority to perform the necessary operations on the new node.
The
preprpnode command
performs the following:
- Establishes trust with the node names specified on the command
by adding their public keys to the trusted host list.
- Modifies the resource monitoring and control (RMC) access control
list (ACL) file to enable access to peer domain resources on this
node from the other nodes in the peer domain. This allows peer domain
operations to occur on the node. The RMC subsystem is refreshed so
that these access changes will take effect.
- RMC remote connections are enabled.
If the nodes that are to be defined to a peer domain
are already in a management domain, you do not need to exchange public
keys. You can use the -k flag to omit this
step.
Flags
- -f | -F { file_name | "–" }
- Reads a list of node names from file_name.
Each line of the file is scanned for one node name. The pound sign
(#) indicates that the remainder of the
line (or the entire line if the # is in
column 1) is a comment.
Use -f "-" or -F
"-" to specify STDIN as the
input file.
- -k
- Specifies that the command should not exchange public keys.
- -h
- Writes the command's usage statement to standard output.
- -T
- Writes the command's trace messages to standard error. For your
software service organization's use only.
- -V
- Writes the command's verbose messages to standard output.
Parameters
- node_name1 [node_name2 ...
]
- Specifies the node (or nodes) from which peer domain commands
can be accepted. Typically, this is the name of the node that will
be running the mkrpdomain command when
forming the peer domain. When adding to the peer domain, it is a list
of the nodes that are currently online in the peer domain. The node
name is the IP address or the long or short version of the DNS host
name. The node name must resolve to an IP address.
Security
The user of the preprpnode command
needs write permission to the access control list (ACL) file. Permissions
are specified in the ACL file. See the RSCT: Administration Guide for
details on the ACL file and how to modify it.
Exit Status
- 0
- The command ran successfully.
- 1
- An error occurred with RMC.
- 2
- An error occurred with a command-line interface script.
- 3
- An incorrect flag was entered on the command line.
- 4
- An incorrect parameter was entered on the command line.
- 5
- An error occurred that was based on incorrect command-line input.
Restrictions
This command must run on a
node that will be defined to the peer domain.
Implementation Specifics
This command is
part of the Reliable Scalable Cluster Technology (RSCT) fileset for AIX®.
Standard Input
When the -f
"-" or -F "-" flag
is specified, this command reads one or more node names from standard
input.
Standard Output
When the -h flag
is specified, this command's usage statement is written to standard
output. All verbose messages are written to standard output.
Standard Error
All trace messages are written
to standard error.
Examples
- Suppose mkrpdomain will be issued from nodeA.
To prepare nodeB, nodeC,
and nodeD to be defined to a new peer domain,
ApplDomain, run this command on nodeB,
on nodeC, and then on nodeD:
preprpnode nodeA
- Suppose nodeA and nodeB are
online in ApplDomain. To prepare nodeC to
be added to the existing domain, run this command on nodeC:
preprpnode nodeA nodeB
Alternatively,
create a file called
onlineNodes with these
contents:
nodeA
nodeB
Then, run this command on
nodeC:
preprpnode -f onlineNodes
Location
- /usr/sbin/rsct/bin/preprpnode
Files
The access control list (ACL) file
— /var/ct/cfg/ctrmc.acls — is modified.
If this file does not exist, it is created.