Perform the following manual steps to complete the configuration.
To complete the secure cluster configuration
# /opt/VRTSvcs/bin/haconf -makerw
# /opt/VRTSvcs/bin/hagrp -list Frozen=0
# /opt/VRTSvcs/bin/hagrp -freeze groupname -persistent
# /opt/VRTSvcs/bin/haconf -dump -makero
# /opt/VRTSvcs/bin/hastop -all -force
# /opt/VRTSvcs/bin/CmdServer -stop
For RHEL 7, SLES 12, and later distributions:
# systemctl stop CmdServer
For example:
To grant read access to everyone:
Cluster clus1 ( SecureClus=1 DefaultGuestAccess=1 )
Or
To grant access to only root:
Cluster clus1 ( SecureClus=1 )
Or
To grant read access to specific user groups, add or modify SecureClus=1 and GuestGroups={} to the cluster definition.
For example:
cluster clus1 ( SecureClus=1 GuestGroups={staff, guest}
/etc/VRTSvcs/conf/config/main.cf
file on the first node, and add -secure to the WAC application definition if GCO is configured.For example:
Application wac ( StartProgram = "/opt/VRTSvcs/bin/wacstart -secure" StopProgram = "/opt/VRTSvcs/bin/wacstop" MonitorProcesses = {"/opt/VRTSvcs/bin/wac -secure"} RestartLimit = 3 )
/etc/VRTSvcs/conf/config/.secure
file.# touch /etc/VRTSvcs/conf/config/.secure
# /opt/VRTSvcs/bin/hastart
# /opt/VRTSvcs/bin/CmdServer
For RHEL 7, SLES 12, and later distributions:
# systemctl start CmdServer
# /opt/VRTSvcs/bin/haconf -makerw
# /opt/VRTSvcs/bin/hagrp -list Frozen=1
# /opt/VRTSvcs/bin/hagrp -unfreeze groupname -persistent
# /opt/VRTSvcs/bin/haconf -dump -makero