Asset ID: |
1-71-1020204.1 |
Update Date: | 2012-07-10 |
Keywords: | |
Solution Type
Technical Instruction Sure
Solution
1020204.1
:
Collecting snapshot on ILOM 3.x and later platforms
Related Items |
- SPARC T4-2
- Sun Netra T5440 Server
- SPARC T3-2
- Sun SPARC Enterprise T5440 Server
- Sun SPARC Enterprise T5120 Server
- SPARC T3-4
- Sun SPARC Enterprise T5220 Server
- SPARC T4-1
- Sun SPARC Enterprise T5240 Server
- SPARC T3-1
- SPARC T4-4
- Sun Blade T6320 Server Module
- Sun Netra T5220 Server
- Sun SPARC Enterprise T5140 Server
|
Related Categories |
- PLA-Support>Sun Systems>SPARC>Usx/Blade/Netra>SN-SPARC: USx
- .Old GCS Categories>Sun Microsystems>Servers>CMT Servers
- .Old GCS Categories>Sun Microsystems>Servers>Blade Servers
- .Old GCS Categories>Sun Microsystems>Servers>NEBS-Certified Servers
|
PreviouslyPublishedAs
254168
Applies to:
Sun Blade T6320 Server Module - Version Not Applicable and later
Sun SPARC Enterprise T5120 Server - Version Not Applicable and later
Sun SPARC Enterprise T5140 Server - Version Not Applicable and later
Sun SPARC Enterprise T5240 Server - Version Not Applicable and later
SPARC T3-1 - Version Not Applicable and later
All Platforms
Goal
Collecting snapshot on ILOM 3.x and later platforms.
Fix
Description
Collecting snapshot on ILOM 3.x and later platforms.
Note that the snapshot data collector is only available since ILOM 3.0.
Steps to Follow
The snapshot utility provides a single solution to collect SP data for use by Sun Services personnel to diagnose problems.
Overview
The Snapshot utility provides a single solution to collect SP data for use by Oracle/Sun Services personnel to diagnose problems. The utility collects log files, runs various commands and collects their output, and sends the data collection as a zip file to a user defined location. The resulting file is a zip file.
It is possible to invoke snapshot in normal mode (via DMTF CLI and BUI), Service mode (via DMTF CLI) and Escalation mode (as a regular bash command). Collecting the snapshot requires the "a" role. Snapshot supports the SFTP (Secure File Transfer Protocal) and FTP (File Transfer Protocal) download protocols as well as HTTPS when using the browser as the target in the BUI. Snapshot also supports encrypting the entire output file.
The information to be collected is organized in logsets. The logsets are :
- o => Linux operating system data
- SP/CMM OS : Linux O/S logs
- SP/CMM OS : Linux O/S commands output
- i => Common ILOM data
- 'show -d properties -level all /'
- /conf
- /X/logs/event/list
- etc.
- h => Hardware specific logs and commands which are non-disruptive
- Includes FMA logs and command output
- Includes IPMI command output
- d => Diagnostics, which may cause the host to reset
- This is platform specific. On platforms that collect hdtl output as part of these tests, using this dataset may reset the host. For this reason, the reset role (r) is required to use this logset.
- F => FRUID; series of commands which dumps & collects raw FRUID images
- All files generated by running fruimage
- S => dataset collected only when in Service mode or higher
- This includes the files in /persist, /var/log/*.log and the output of ps auxwwww
- E => dataset collected only when in Escalation mode
- This includes information specific to the linux kernel and runtime environment along with ILOM binary coredumps
- Black Box Recorder (BBR) data
Note : the CONFIG file available in the root directory of the snapshot output file provides the detail for all the files and command outputs collected, by logset. See an example of a the master CONFIG file in attachment (CONFIG).
Note : There might be some platform-specific commands added to the master file. Some additional commands (hdtl, spdiag, hostdiags ...) are collected as well for C10 or Galaxy platforms. These commands are added to the master file. See an example of additional commands for Galaxy G12 (CONFIG_galaxy_G12) or an example of additional commands for C10 Vayu (CONFIG_C10_vayu). A copy of the config file for any given platform can be obtained by taking a snapshot from that platform.
The logsets are grouped in datasets that are available from CLI/BUI and defined as following :
- "normal" collects ILOM, SPOS & Hardware (logsets = ioh)
- "fruid" collects everything in "normal" plus FRUID (logsets = Fioh)
- "full" collects everything in "fruid" plus Diagnostic tests (logsets = Fiohd)
- because full includes the "d" logset, collecting a "full" dataset may reset the host. Snapshot will request confirmation before collecting this dataset.
There is also a -logonly version for each dataset. These versions are intended for situations where the SP/CMM software is malfunctioning. Using this dataset causes snapshot to only collect "log" files as indicated by their entries in the snapshot config file. No commands or normal files are collected.
Note : It is possible to check which logsets were used and if the log-only option was used via the README file available in the snapshot directory. Example from a normal-logonly:
bash-3.00$ more sn-br-sp-sca11_xx.xx.xx.xx_2009-03-02T15-24-37/README
Archive Name: sn-br-sp-sca11_xx.xx.xx.xx_2009-03-02T15-24-37.zip
Config File: /usr/local/bin/../lib/snapshot/snapshot.conf
Version: 1.1
LOG-ONLY MODE: no
Log Sets: ioh
SP SW DOWN: no
Max Domains: 1
It is possible to encrypt the resulting zip file. The user will be prompted for the password used for encryption in order to decrypt the file. See below for the details.
The snapshot utility is implemented as an spsh target in /X/diag namespace with the following properties :
- dataset
- dump_uri
- encrypt_output
- result
-> help /X/diag/snapshot
/SP/diag/snapshot : Take snapshot of system for diagnostic purposes
Targets:
Properties:
dataset : dataset
dataset : Possible values = normal, normal-logonly, fruid, fruid-logonly, full, full-logonly
dataset : User role required for set = a
dump_uri : initiate snapshot to URI. URI syntax and examples:
ftp://user[:password]@host//absolute-directory-path/
ftp://user[:password]@host/relative-directory-path/
sftp://user[:password]@host/absolute-directory-path/
ex: sftp://[email protected]/tmp/
dump_uri : Possible values = sftp, ftp
dump_uri : User role required for set = a
encrypt_output : encrypt snapshot output file
encrypt_output : Possible values = true, false
encrypt_output : User role required for set = a
result : snapshot command result
result : User role required for set = a
Collect the snapshot
Snapshot supports HTTPS, SFTP and FTP download protocols and encrypt file and can be invoked from Normal, Service and Escalation mode. The data collection will start as soon as the dump_uri property is defined.
Collect from the Browser User Interface
It is possible to collect data and invoke snapshot from the BUI. The BUI offers to select the dataset to be used or to specify the logset; as well as the -logonly options.
Note : The Service and Escalation datasets are not available from the BUI. See the attached screenshot.
Here are the details of the /X/diag/snapshot target.
Define the dataset: Before collecting the information, the dataset must be set in order to collect the proper level of information. As previously stated, the logsets are grouped in datasets that are available from CLI/BUI and defined as following :
- "normal" collects ILOM, SPOS & Hardware (logsets = ioh)
- "fruid" collects everything in "normal" plus FRUID (logsets = Fioh)
- "full" collects everything in "fruid" plus Diagnostic tests (logsets = Fiohd)
- because "full" includes the "d" logset, collecting a "full" dataset may reset the host. For this reason, the (r)eset role is required to select the "full" dataset.
Plus the -logonly versions.
The dataset is a property of the /X/diag/snapshot target and may be changed prior to starting the data collection. The default value is "normal", which will be sufficient for the vast majority of diagnostic cases.
-> show /X/diag/snapshot
/X/diag/snapshot
Targets:
Properties:
dataset = normal
dump_uri = (Cannot show property)
encrypt_output = false
result = (none)
Commands:
cd
set
show
-> help /X/diag/snapshot dataset
Properties:
dataset : dataset
dataset : Possible values = normal, normal-logonly, fruid, fruid-logonly, full, full-logonly
dataset : User role required for set = a
-> set /X/diag/snapshot dataset=full
Set 'dataset' to 'full'
-> show /X/diag/snapshot
/X/diag/snapshot
Targets:
Properties:
dataset = full
dump_uri = (Cannot show property)
encrypt_output = false
result = (none)
Commands:
cd
set
show
Define the encryption mode: It is possible to encrypt the resulting zip file. The user will be prompted for an encryption password at time of starting the collection. The user will be prompted for the password used for encryption in order to decrypt the file.
Example :
-> show /X/diag/snapshot encrypt_output
/X/diag/snapshot
Properties:
encrypt_output = false
-> set /X/diag/snapshot encrypt_output=true
Set 'encrypt_output' to 'true'
-> show /X/diag/snapshot encrypt_output
/X/diag/snapshot
Properties:
encrypt_output = true
-> set /X/diag/snapshot dump_uri=sftp://user@xx.xx.xx.xx/tmp/Tests
Enter remote user password: *********
Enter encryption passphrase for snapshot output file: ***
Confirm encryption passphrase for snapshot output file: ***
Set 'dump_uri' to 'sftp://user@xx.xx.xx.xx/tmp/Tests'
When the zip.e file is ready, then decrypt and unzip.
% openssl aes-128-cbc -d -in sn-br-sp-sca11_xx.xx.xx.xx_2009-03-02T15-54-15.zip.e -out sn-br-sp-sca11_xx.xx.xx.xx_2009-03-02T15-54-15.zip
enter aes-128-cbc decryption password: *******
% unzip -q sn-br-sp-sca11_xx.xx.xx.xx_2009-03-02T15-54-15.zip
Start the data collection
The data collection will start as soon as the dump_uri property is properly set.
It is possible to send the zip file resulting from the snapshot data collection to a remote system via https (BUI), SFTP (BUI/CLI) and FTP (BUI/CLI).
The dump_uri property will contain this information.
-> help /X/diag/snapshot dump_uri
Properties:
dump_uri : initiate snapshot to URI. URI syntax and examples:
ftp://user[:password]@host//absolute-directory-path/
ftp://user[:password]@host/relative-directory-path/
sftp://user[:password]@host/absolute-directory-path/
ex: sftp://[email protected]/tmp/
dump_uri : Possible values = sftp, ftp
dump_uri : User role required for set = a
Example using the FTP protocol :
-> set dump_uri=ftp://user@xx.xx.xx.xx//tmp/
Enter remote user password: *********
Set 'dump_uri' to 'ftp://user@xx.xx.xx.xx//tmp/'
Notes :
- By default FTP references the user's home directory,
- For absolute paths, the double slash after the host is needed,
- It is not possible to specify the filename for the snapshot zip file; snapshot generates its own filename,
- Which means that the dump_uri is a reference to a directory (not a file) that must exist and be writable
Example using the SFTP protocol :
-> set /X/diag/snapshot dump_uri=sftp://user@xx.xx.xx.xx/home/user
Enter remote user password: *********
Set 'dump_uri' to 'sftp://user@xx.xx.xx.xx/home/user'
If the URI contains the password then the system will not prompt you for it.
-> set /X/diag/snapshot dump_uri=sftp://user:password@xx.xx.xx.xx/home/user
Set 'dump_uri' to 'sftp://user@xx.xx.xx.xx/home/user'
Service mode (logsets = S)
When the Service mode is enabled, it is possible to collect the snapshot including the extra information gathered while running in Service mode.
This extra information will be stored in the spos_info/service/, spos_logs/service/ and ilom/service/ directories.
Similar to Normal mode, set the dataset to the appropriate value and start the data collection by setting the dump_uri property.
Setting the dataset to normal will result in using the iohS logsets.
Setting the dataset to fruid will result in using the FiohS logsets.
Setting the dataset to full will result in using the FiohdS logsets.
-> show SESSION mode
/X/sessions/22
Properties:
mode = service
-> show /X/diag/snapshot dataset
/X/diag/snapshot
Properties:
dataset = fruid
-> set /X/diag/snapshot dump_uri=sftp://user@xx.xx.xx.xx/home/user
Enter remote user password: *********
Set 'dump_uri' to 'sftp://user@xx.xx.xx.xx/home/user'
Escalation mode (logset = E)
When running in Escalation mode, it is possible to invoke snapshot from the bash command line. The dataset/logset can be defined via the "-L" option.
WARNING: No user role checking is performed in escalation mode. BE CAREFUL especially with the diagnostics logset. This extra information will be stored in the ilom/escalation/ and spos_info/escalation/ directories.
Example :
bash-2.05b# snapshot
Usage: snapshot [-l] [-v] [-q] [-{y|n}] [-e [-P encryption-password]] [-L ] [-p user-password] -u
set = one or more letters from logset field in configuration file entries
estination-URI (i.e. the target directory) may be specified as:
file:///path
protocol://host/path
protocol://username@host/path
protocol://username:password@host/path
protocol = 'sftp', 'tftp', 'ftp', 'ftps', 'http', or 'https'
bash-2.05b# snapshot -L E -u sftp://[email protected]/tmp/Tests
Enter password for user "user":
Collecting data into sftp://[email protected]/tmp/Tests/sn-br-sp-sca11_xx.xx.xx.xx_2009-03-02T21-12-24.zip
@ Snapshot Complete.
bash-2.05b# snapshot -L oihFE -u sftp://[email protected]/tmp/Tests
Enter password for user "user":
Collecting data into sftp://[email protected]/tmp/Tests/sn-br-sp-sca11_xx.xx.xx.xx_2009-03-02T21-15-28.zip
Snapshot Complete.
Check the result
The /X/diag/snapshot target has a "result" property that reports information about the status of the data collection.
When the snapshot is running.
-> show /X/diag/snapshot result
/X/diag/snapshot
Properties:
result = Running
When the snapshot has completed successfully.
-> show /X/diag/snapshot result
/X/diag/snapshot
Properties:
result = Collecting data into sftp://[email protected]/home/user/sn-br-sp-sca11_xx.xx.xx.xx_2009-01-23T09-33-07.zip
Snapshot Complete.
Done.
When a problem occurred while collecting the data, the result property will also return the reason for the failure.
-> ls
/X/diag/snapshot
Targets:
Properties:
dataset = normal
dump_uri = (Cannot show property)
encrypt_output = false
result = Access denied to remote resource
Exited with error code 109
Commands:
cd
set
show
Here is a list of common errors (not exhaustive) :
Result | Error Code | Help |
Unsupported protocol |
101 |
Use ‘help dump_uri’ to list the supported protocols |
Failed initialization |
102 |
Confirm that sft-server is properly running on the remote target. For Solaris, check the sftp entry in the /etc/ssh/sshd_config file. |
Couldn't resolve host name |
106 |
The name provided for the remote is host is unknown. Ultimately, use the IP address. |
Couldn't connect to server |
107 |
Connection to the remote host is not possible (invalid IP address, ssh is not running on the remote host etc...) |
Access denied to remote resource |
109 |
Check that the target directory is valid (perms etc...) on the remote host |
Login denied |
167 |
Bad password provided, user does not exist etc... |
Disk full or allocation exceeded |
170 |
No space left on the target location on remote host. |
Remote file not found |
178 |
No filename should be specified in the dump_uri |
Structure of the snapshot directory
After unzipping the resulting snapshot zip file, the following structure is available :
- fruid :
- contains information about FRUID
- exists when the "F" logset was collected
- ilom
- common ILOM data
- exists when the "i" logset was collected
- ipmi
- IPMI data
- exists when the "h" logset was collected
- spos_info
- Linux O/S commands output
- exists when the "o" logset was collected
- spos_logs
- Linux O/S commands output
- exists when the "o" logset was collected
- spos_info/service
- more Linux commands output (ps output)
- exists when the "S" logset was collected
- spos_logs/service/
- more Linux logs information (/var/log/*.log)
- exists when the "S" logset was collected
- ilom/service/
- more ILOM configuration files (/persist/*)
- exists when the "S" logset was collected
- spos_info/escalation
- more Linux information
- exists when the "E" logset was collected
- ilom/escalation
- more /conf, coredumps information
- exists when the "E" logset was collected
See an example of a the master CONFIG file in attachment (CONFIG).
Note : There might be some platform-specific commands added to the master file. Some additional commands (hdtl, spdiag, hostdiags ...) are collected as well for C10 or Galaxy platforms. These commands are added to the master file. See an example of additional commands for Galaxy G12 (CONFIG_galaxy_G12) or example of additional commands for C10 Vayu (CONFIG_C10_vayu). A copy of the config file for any given platform can be obtained by taking a snapshot from that platform.
As an example :
bash-3.00$ pwd
sn-br-sp-sca11_xx.xx.xx.xx_2009-03-02T15-44-34
bash-3.00$ more README
Archive Name: sn-br-sp-sca11_xx.xx.xx.xx_2009-03-02T15-44-34.zip
Config File: /usr/local/bin/../lib/snapshot/snapshot.conf
Version: 1.1
LOG-ONLY MODE: no
Log Sets: Fiohd
SP SW DOWN: no
Max Domains: 1
bash-3.00$ ls -la
total 194
drwx--x--x 7 sdutille divers 9 Mar 2 15:47 .
drwxrwxrwx 159 sdutille staff 456 Mar 2 22:47 ..
-rw------- 1 sdutille divers 6090 Dec 18 06:51 CONFIG
-rw------- 1 sdutille divers 200 Mar 2 07:44 README
drwx--x--x 2 sdutille divers 38 Mar 2 15:47 fruid
drwx--x--x 3 sdutille divers 8 Mar 2 15:47 ilom
drwx--x--x 2 sdutille divers 6 Mar 2 15:47 ipmi
drwx--x--x 3 sdutille divers 17 Mar 2 15:47 spos_info
drwx--x--x 2 sdutille divers 11 Mar 2 15:47 spos_logs
Making ILOM snapshot work with explorer:
Explorer 6.1 will be able to collect snapshot data from systems running ILOM 3.0.
Background: It is assumed that explorer will be run as root on a host dedicated to collecting one or more ILOM snapshot output files (the Explorer Host). This is potentially the platform host itself. In general, explorer will login to the SP or CMM using SSH public key authentication, start snapshot with its output directed back to the host running explorer, then collect the .zip output file once snapshot is complete. The zip file will be collected at the end of the explorer execution and made available in the ../ilom directory of the explorer.
There are several preparation steps necessary for an ILOM SP/CMM to work with explorer.
Setup public key authentication on SP/CMM
1. Create a user on the SP/CMM with the administration (a) role.
Below, replace "X" with "SP" or "CMM" based on your platform.
-> create /X/users/expluser
Creating user...
Enter new password:
create: Password length must be between 8 and 16 characters
Enter new password: *********
Enter new password again: *********
Created /X/users/expluser
-> set /X/users/expluser role=ao
Set 'role' to 'ao'
2. Load the public key.
So that the Explorer Host root user can login to the SP or CMM as user expluser, you must make the Explorer Host's root user's public key available to the SP or CMM via one of its supported protocols. The load_uri supports numerous protocols. To use sftp, scp or ftp, be sure to supply the username and password in the URI. e.g. set load_uri=sftp://username:password@host/absolute/path/to/public/key
First, generate a key on the Explorer Host. This is the key that will be loaded on the SP / CMM (do not use passphrase) :
bash-3.00# ssh-keygen -t dsa
Generating public/private dsa key pair.
Enter file in which to save the key (//.ssh/id_dsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in //.ssh/id_dsa.
Your public key has been saved in //.ssh/id_dsa.pub.
The key fingerprint is:
d9:93:ce:38:53:32:65:9c:60:30:be:00:76:df:05:fe root@host
Log to the SP/CMM from the Explorer Host as expluser :
bash-3.00# ssh [email protected]
Password:
Waiting for daemons to initialize...
Daemons ready
Sun(TM) Integrated Lights Out Manager
Version 3.0.4.0-bld_55-t
Copyright 2010 Sun Microsystems, Inc. All rights reserved.
Use is subject to license terms.
->
Make sure to clear any existing key :
-> cd /X/users/expluser/ssh/keys/1
/X/users/expluser/ssh/keys/1
-> set clear_action=true
Are you sure you want to clear /X/users/expluser/ssh/keys/1 (y/n)? y
Set 'clear_action' to 'true'
Then load the key on the SP :
-> cd /X/users/expluser/ssh/keys/1
/X/users/expluser/ssh/keys/1
-> set load_uri=tftp://1.2.3.4/.ssh/id_dsa.pub
Load successful.
-> ls -d properties
/X/users/expluser/ssh/keys/1
Properties:
fingerprint = c0:98:22:33:60:84:ec:b8:88:ba:cb:5c:fc:1c:6b:37
algorithm = ssh-dss
embedded_comment = (none)
bit_length = 1024
load_uri = (Cannot show property)
clear_action = (Cannot show property)
Note that using the tfpt protocol is just an example here.
The load_uri supports numerous protocols. To use sftp, scp or ftp, be sure to supply the username and password in the URI. e.g. set load_uri=scp://root:password@host/.ssh/id_dsa.pub
Refer to the Oracle Integrated Lights Out Manager (ILOM) 3.0 CLI Procedures Guide for the syntax and usage.
3. Log again to the SP user account from the Explorer Host
From the account on the Explorer Host running explorer (usually root), login once to the user account just created on the SP in order to accept the host key
# ssh [email protected]
The authenticity of host 'xx.xx.xx.xx' can't be established.
RSA key fingerprint is ec:29:8c:8c:3d:82:59:15:f3:4b:fe:dd:12:52:7e:49.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'xx.xx.xx.xx' (RSA) to the list of known hosts.
Sun(TM) Integrated Lights Out Manager
Version 3.0.4.0-bld_55-t
Copyright 2008 Sun Microsystems, Inc. All rights reserved.
Use is subject to license terms.
->
Note that no password is now required.
During the explorer execution, if the snapshot collection fails with "ilomsnapshot_start: SSH hostkey must be accepted" , see example:
# /opt/SUNWexplo/bin/explorer
:
17:27:21 T5440[29340] explorer: explorer ID: explorer.84aabf4a.T5440-2010.04.22.08.27
17:27:22 T5440[29340] ilomsnapshot_start: RUNNING
17:27:22 T5440[29340] ilomsnapshot_start: SSH hostkey must be accepted.
:
then generate a new key on the SP :
- Log in to the SP
- Set the key type by typing the following:
-> set /X/services/ssh generate_new_key_type=dsa|rsa
- Set the action to true.
-> set /X/services/ssh generate_new_key_action=true
When running explorer, you can check the result for the snapshot data collection via the ilom/snapshot_*.* files.
If the "ilom/snapshot_start.err" file reports a "Host key verification failed."
Example:
# cat /opt/SUNWexplo/output/explorer.xxxxxxxx.T5440-2010.04.26.07.10/ilom/snapshot_start.err
***********************************************************
* WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! *
***********************************************************
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that the RSA host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
db:83:8e:44:xx:yy:zz:7d:f5:89:ef:88:c6:aa:bb:cc.
Please contact your system administrator.
Add correct host key in /.ssh/known_hosts to get rid of this message.
Offending key in /.ssh/known_hosts:2
RSA host key for 10.mm.mmm.YYY has changed and you have requested strict checking.
Host key verification failed.
Then the old key for the SP must be removed from the Explorer Host :
# rm /.ssh/known_hosts
Setup a user on the Explorer Host to receive snapshot data.
There must be a user account on the Explorer Host that can be accessed from the SP or CMM via ftp or sftp. This user account must be able to write into the dropoff directory.
1. Create the user
# useradd expltest
# passwd expltest
New Password:
Re-enter new Password:
passwd: password successfully changed for expltest
See svcadm(1M) if necessary to allow ftp or sftp
2. Configure ilomsnapshotinput.txt
The ilomsnapshotinput.txt file lives in /etc/opt/SUNWexplo on the Explorer Host. This file contains one line per SP or CMM to have its ILOM snapshot data collected.
Note that explorer requires the permissions for ilomsnapshotinput.txt to be 400 or 600.
Here is the empty file that is distributed with Explorer:
# Input file for extended ilom snapshot data collection
# Format:
# SPHOST SPUSER PROTO DESTHOST DESTPICKUP DESTDROPOFF DESTUSER DESTPASSWORD
# Explorer requires the mode of ilomsnapshotinput.txt is 0400 or 0600
# SPHOST: hostname or IP address of SP or CMM.
# SPUSER: explorer logs in to SP/CMM as this user.
# PROTO={ftp|sftp}
# DESTHOST: hostname or IP address of system running explorer (this system).
# Use "-" to have explorer lookup IP address for hostname from hosts table.
# DESTPICKUP: Absolute path of directory on this system where explorer will be
# receive snapshots. Use "-" to use /tmp.
# DESTDROPOFF: directory where snapshot will deposit output. When PROTO is sftp
# this must be an absolute path to a directory. Use "-" to use /tmp.
# DESTUSER: snapshot logs in to the system running explorer as this user
# DESTPASSWORD: DESTUSER's password
#
# mysp.mydom spuser sftp ftpzone-lomnet /zones/ftpzone/export/ftp/incoming /ftp/incoming explrecvuser explrecvuser-password
The file allows for the user explrecvuser to have a different view of the filesystem than the Explorer Host root user. This may be useful in systems with zones or other configurations that want to provide increased security around the user explrecvuser. In most cases, the default configuration will work fine.
Add an entry in ilomsnapshotinput.txt for every SP/CMM that will have its snapshot data collected by this Explorer Host. For example:
* xx.xx.xx.XX expluser sftp - - - expltest expltest
* The user on the explorer host (expltest in this example) can have its login access restricted or removed and the account can be made very secure, just so long as it is possible to write into the dropoff directory on the explorer host using ftp or sftp.
Starting from Explorer 6.4 and later, it's possible to specify the dataset (normal, full, fruid) in the ilomsnapshotinput.txt file.
Example :
# Input file for extended ilom snapshot data collection
# Format
# SPHOST SPUSER PROTO DESTHOST DESTPICKUP DESTDROPOFF DATASET DESTUSER DESTPASSWORD
# Explorer requires the mode of ilomsnapshotinput.txt is 0400 or 0600
# SPHOST :hostname or IP address of SP or CMM.
# SPUSER :explorer logs in to SP/CMM as this user.
# PROTO={ftp|sftp}
# DESTHOST :hostname or IP address of system running explorer (this system).
# Use - to have explorer lookup IP address for hostname from hosts table.
# DESTPICKUP :Absolute path of directory on this system where explorer will
# receive snapshots. Use - to use /tmp.
# DESTDROPOFF :directory where snapshot will deposit output. When PROTO is sftp
# this must be an absolute path to a directory. Use - to use /tmp.
# DATASET :dataset for which snapshot to be collected.
# DESTUSER :snapshot logs in to the system running explorer as this user
# DESTPASSWORD:DESTUSER's password
# mysp.mydom spuser sftp ftpzone-lomnet /zones/ftpzone/export/ftp/incoming /ftp/incoming fruid explrecvuser explrecvuser-password
xx.xx.xx.xx expluser sftp - - - normal expltest expltest_password
xx.xx.xx.xx expluser sftp - - - full expltest expltest_password
3. Invoke Explorer
Run Explorer as normal.
# explorer
Feb 07 18:23:35 explorer_host[5037] explorer: explorer ID: explorer.xxxxxxxx.explorer_host-2011.02.07.10.23
Feb 07 18:23:35 explorer_host[5037] ilomsnapshot_start: RUNNING
[ÃÂâÃÂÃÂÃÂæ]
Feb 07 18:32:52 explorer_host[5037] ilomsnapshot_finish: RUNNING
Feb 07 18:38:12 explorer_host[5037] explorer: data collection complete
Feb 07 18:38:21 explorer_host[5037] explorer: removing previous explorers from /opt/SUNWexplo/output
Feb 07 18:38:21 explorer_host[5037] explorer: Explorer finished
Run Explorer only to collect ILOM snapshot.
# explorer -w !default,ilomsnapshot
4. When the explorer data collection has completed, the snapshot will then be available in the 'ilom' directory.
Example :
# pwd
/opt/SUNWexplo/output/explorer.xxxxxxxx.explorer_host-2011.02.07.10.23/ilom/xx.xx.xx.xx
# ls
snapshot_finish.out
snapshot_start.out
SP_Host_xx.xx.xx.xx_2011-02-07T09-03-25.zip
Sun SPARC Enterprise T5220 Server
Sun Blade T6320 Server Module
Netra T5220 AC
Sun Netra T5220 Server
Sun SPARC Enterprise T5140 Server
Sun SPARC Enterprise T5240 Server
Sun Netra T5440 Server
Sun SPARC Enterprise T5440 Server
Internal Comments
For internal Sun use only.
ILOM, snapshot, explorer
Attachments
This solution has no attachment