Prerequisites to add hosts and install SnapCenter Plug-in for PostgreSQL
Before you add a host and install the plug-in packages, you must complete all the requirements. SnapCenter Plug-in for PostgreSQL is available in both Windows and Linux environments.
-
You must have installed Java 11 on your host.
IBM Java is not supported. -
For Windows, plug-in Creator Service should be running using the “LocalSystem” windows user, which is the default behavior when Plug-in for PostgreSQL is installed as domain administrator.
-
When installing a plug-in on a Windows host, if you specify a credential that is not built-in or if the user belongs to a local workgroup user, you must disable UAC on the host. SnapCenter Plug-in for Microsoft Windows will be deployed by default with the PostgreSQL plug-in on Windows hosts.
-
SnapCenter Server should have access to the 8145 or custom port of Plug-in for PostgreSQL host.
Windows hosts
-
You must have a domain user with local administrator privileges with local login permissions on the remote host.
-
While installing Plug-in for PostgreSQL on a Windows host, SnapCenter Plug-in for Microsoft Windows is installed automatically.
-
You must have enabled the password-based SSH connection for the root or non-root user.
-
You must have installed Java 11 on your Windows host.
Linux hosts
-
You must have enabled the password-based SSH connection for the root or non-root user.
-
You must have installed Java 11 on your Linux host.
-
For PostgreSQL clusters that are running on a Linux host, while installing Plug-in for PostgreSQL, SnapCenter Plug-in for UNIX is installed automatically.
-
You should have bash as the default shell for plug-in installation.
Supplemental commands
To run a supplemental command on the SnapCenter Plug-in for PostgreSQL, you must include it in the allowed_commands.config
file.
allowed_commands.config
file is located in the "etc" subdirectory of the SnapCenter Plug-in for PostgreSQL directory.
Default: C:\Program Files\NetApp\SnapCenter\Snapcenter Plug-in Creator\etc\allowed_commands.config
Custom path: <Custom_Directory>\NetApp\SnapCenter\Snapcenter Plug-in Creator\etc\allowed_commands.config
Default: /opt/NetApp/snapcenter/scc/etc/allowed_commands.config
Custom path: <Custom_Directory>allowed_commands.config
To allow supplemental commands on the plug-in host, open allowed_commands.config
file in an editor. Enter each command on a separate line. It is not case sensitive.
For example,
command: mount
command: umount
Ensure that you specify the fully qualified pathname. Enclose the pathname in quotation marks (") if it contains spaces. For example,
command: "C:\Program Files\NetApp\SnapCreator commands\sdcli.exe"
command: myscript.bat
If the allowed_commands.config
file is not present, the commands or script execution will be blocked and the workflow will fail with the following error:
"[/mnt/mount -a] execution not allowed. Authorize by adding the command in the file %s on the plugin host."
If the command or script is not present in the allowed_commands.config
, the command or script execution will be blocked and the workflow will fail with the following error:
"[/mnt/mount -a] execution not allowed. Authorize by adding the command in the file %s on the plugin host."
|
You should not use a wildcard entry (*) to allow all commands. |
Configure sudo privileges for non-root users for Linux host
SnapCenter 2.0 and later releases allow a non-root user to install the SnapCenter Plug-ins Package for Linux and to start the plug-in process. The plug-in processes will be running as an effective non-root user. You should configure sudo privileges for the non-root user to provide access to several paths.
What you will need
-
Sudo version 1.8.7 or later.
-
For the non-root user, ensure that the name of the non-root user and the user's group should be the same.
-
Edit the /etc/ssh/sshd_config file to configure the message authentication code algorithms: MACs hmac-sha2-256 and MACs hmac-sha2-512.
Restart the sshd service after updating the configuration file.
Example:
#Port 22 #AddressFamily any #ListenAddress 0.0.0.0 #ListenAddress :: #Legacy changes #KexAlgorithms diffie-hellman-group1-sha1 #Ciphers aes128-cbc #The default requires explicit activation of protocol Protocol 2 HostKey/etc/ssh/ssh_host_rsa_key MACs hmac-sha2-256
About this task
You should configure sudo privileges for the non-root user to provide access to the following paths:
-
/home/LINUX_USER/.sc_netapp/snapcenter_linux_host_plugin.bin
-
/custom_location/NetApp/snapcenter/spl/installation/plugins/uninstall
-
/custom_location/NetApp/snapcenter/spl/bin/spl
Steps
-
Log in to the Linux host on which you want to install the SnapCenter Plug-ins Package for Linux.
-
Add the following lines to the /etc/sudoers file by using the visudo Linux utility.
Cmnd_Alias HPPLCMD = sha224:checksum_value== /home/LINUX_USER/.sc_netapp/snapcenter_linux_host_plugin.bin, /opt/NetApp/snapcenter/spl/installation/plugins/uninstall, /opt/NetApp/snapcenter/spl/bin/spl, /opt/NetApp/snapcenter/scc/bin/scc Cmnd_Alias PRECHECKCMD = sha224:checksum_value== /home/LINUX_USER/.sc_netapp/Linux_Prechecks.sh Cmnd_Alias CONFIGCHECKCMD = sha224:checksum_value== /opt/NetApp/snapcenter/spl/plugins/scu/scucore/configurationcheck/Config_Check.sh Cmnd_Alias SCCMD = sha224:checksum_value== /opt/NetApp/snapcenter/spl/bin/sc_command_executor Cmnd_Alias SCCCMDEXECUTOR =checksum_value== /opt/NetApp/snapcenter/scc/bin/sccCommandExecutor LINUX_USER ALL=(ALL) NOPASSWD:SETENV: HPPLCMD, PRECHECKCMD, CONFIGCHECKCMD, SCCCMDEXECUTOR, SCCMD Defaults: LINUX_USER !visiblepw Defaults: LINUX_USER !requiretty
If you are having a RAC setup, along with the other allowed commands, you should add the following to the /etc/sudoers file: '/<crs_home>/bin/olsnodes'
You can obtain the value of crs_home from the /etc/oracle/olr.loc file.
LINUX_USER is the name of the non-root user that you created.
You can obtain the checksum_value from the sc_unix_plugins_checksum.txt file, which is located at:
-
_C:\ProgramData\NetApp\SnapCenter\Package Repository\sc_unix_plugins_checksum.txt _ if SnapCenter Server is installed on Windows host.
-
_/opt/NetApp/snapcenter/SnapManagerWeb/Repository/sc_unix_plugins_checksum.txt _ if SnapCenter Server in installed on Linux host.
|
The example should be used only as a reference for creating your own data. |