Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations derfloh on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
ITO Agent for Linux on DMZ
- Thread starter unixrobot
- Start date
I think this may be helpful, first of all, assign a NAT IP address to the Linux server and also make necessary changes on your DNS (for management), then make sure you have "connectivity" through the firewall/s (you can define which port range to use, even TCP or UDP for your DCE/RPC communication).
You can specify the port range on the opcinfo file in the agent side (Linux Box).
Make sure you can access both ways (server<->agent) the defined port range + TCP 135 (epmap-end point mapper).
The following lines will do the trick:
OPC_DIST_MODE DIST_RPC
OPC_RESTRICT_TO_PROCS opcctla
OPC_COMM_PORT_RANGE 13001
OPC_RESTRICT_TO_PROCS opcdista
OPC_COMM_PORT_RANGE 13002-13003
OPC_RESTRICT_TO_PROCS opcmsga
OPC_COMM_PORT_RANGE 13004-13006
OPC_RESTRICT_TO_PROCS opccma
OPC_COMM_PORT_RANGE 13007
My two cents, let me know how did it go, ok?
C.
You can specify the port range on the opcinfo file in the agent side (Linux Box).
Make sure you can access both ways (server<->agent) the defined port range + TCP 135 (epmap-end point mapper).
The following lines will do the trick:
OPC_DIST_MODE DIST_RPC
OPC_RESTRICT_TO_PROCS opcctla
OPC_COMM_PORT_RANGE 13001
OPC_RESTRICT_TO_PROCS opcdista
OPC_COMM_PORT_RANGE 13002-13003
OPC_RESTRICT_TO_PROCS opcmsga
OPC_COMM_PORT_RANGE 13004-13006
OPC_RESTRICT_TO_PROCS opccma
OPC_COMM_PORT_RANGE 13007
My two cents, let me know how did it go, ok?
C.
- Thread starter
- #3
Thank you for your message vlan! These steps are described in the OpenView ITO manual and did follow them when tried to setup the agent. I went as far as establishing connection, but my connection keeps dying (agent is running, node is reachable and ITO thinks that agent is not running. Reinforcing distribution works, but then 1 minute later ITO again thinks it's not running. On the node side everything looks smooth: all agents are running. And another interesting thing is that when I do opcragt -status <node_name> from the management server, I do get return that everything is running.
Ok, then, let´s try a few things, when you re-distribute to the agents, do you get a message saying it was succesfully distributed?
If you preform a netstat -a on the node (client side) do you get any SYN_SENT status?
Also make sure there are no errors (communication's error) on the opcerror file when you restart the agents.
Please ley me know how it goes...
Regards,
Vlan52
![[sunshine]](/data/assets/smilies/sunshine.gif "[sunshine] [sunshine]")
If you preform a netstat -a on the node (client side) do you get any SYN_SENT status?
Also make sure there are no errors (communication's error) on the opcerror file when you restart the agents.
Please ley me know how it goes...
Regards,
Vlan52
- Thread starter
- #5
I install Linux agents manually, not using ITO FTP agent push feature, here is the procedure that I follow:
0) On the management server I add NATTED server's address to /etc/hosts <- public address and opc.hosts <- NAT address
On Linux node:
1) tar xvf opc_pkg.z
2) rpm -i dce.rpm
3) rpm -i --nodeps OPC.rpm
4) /opt/OV/bin/OpC/install/opcactivate <management_server_FQDN> -mode standalone
5) /opt/OV/bin/OpC/opcagt -status
ITO Managed Node status :
-------------------------
Control Agent /opt/OV/bin/OpC/opcctla (23784) is running
Message Agent /opt/OV/bin/OpC/opcmsga (23785) is running
Subagent 1:
Action Agent /opt/OV/bin/OpC/opcacta (23786) is running
6) When I assign templates I get 3 more running :
ITO Managed Node status :
-------------------------
Control Agent /usr/OV/bin/OpC/intel/opcctla (116) is running
Message Agent /usr/OV/bin/OpC/intel/opcmsga (166) is running
Subagent 1:
Action Agent /usr/OV/bin/OpC/intel/opcacta (168) is running
Logfile Encapsulator /usr/OV/bin/OpC/intel/opcle (171) is running
Monitor Agent /usr/OV/bin/OpC/intel/opcmona (174) is running
Message Interceptor /usr/OV/bin/OpC/intel/opcmsgi (176) is running
Done.
I cannot execute commands right away unless I follow this procedure:
I go to ITO_server and execute set of commands for NATTED servers:
Below is /etc/opt/OV/share/conf/OpC/mgmt_sv/rspmgrs/file, where <IP_OF_ITO_SERVER> is IP address for ITO server:
############################################################
#
#Responsible Manager Configurations for a NAT Management Server
#
RESPMGRCONFIGS
RESPMGRCONFIG
DESCRIPTION "Configuration for a NAT Management Server"
SECONDARYMANAGERS
ACTIONALLOWMANAGERS
ACTIONALLOWMANAGER
NODE IP <IP_OF_ITO_SERVER>""
DESCRIPTION "Internally known address"
############################################################
I execute:
/opt/OV/bin/OpC/opcsw -installed nat_linux.test.com
I get a HEX number: c3724332
cp /etc/opt/OV/share/conf/OpC/mgmt_sv/respmgrs/file
/etc/opt/OV/share/conf/OpC/mgmt_sv/respmgrs/c3724332
/opt/OV/bin/OpC/opchbp -stop nat_linux.test.com
/opt/OV/bin/OpC/opchbp -start nat_linux.test.com
opcragt -distrib -templates -force nat_linux.test.com
7) After successfull template distribution I get NORMAL message in ITO stating that Information has been successfully distributed.
8) I try to execute a command from ITO on that node and I get a return from the command back.
9) netstat -a on Linux node shows that status with ITO_server is ESTABLISHED.
10) After several minutes I can no longer execute commands on that node and I get response that agent is not running
11) I execute opcragt -status NATTED_NODE and I do get all 6 running from that node:
ITO Managed Node status :
-------------------------
Control Agent /usr/OV/bin/OpC/intel/opcctla (116) is running
Message Agent /usr/OV/bin/OpC/intel/opcmsga (166) is running
Subagent 1:
Action Agent /usr/OV/bin/OpC/intel/opcacta (168) is running
Logfile Encapsulator /usr/OV/bin/OpC/intel/opcle (171) is running
Monitor Agent /usr/OV/bin/OpC/intel/opcmona (174) is running
Message Interceptor /usr/OV/bin/OpC/intel/opcmsgi (176) is running
Done.
0) On the management server I add NATTED server's address to /etc/hosts <- public address and opc.hosts <- NAT address
On Linux node:
1) tar xvf opc_pkg.z
2) rpm -i dce.rpm
3) rpm -i --nodeps OPC.rpm
4) /opt/OV/bin/OpC/install/opcactivate <management_server_FQDN> -mode standalone
5) /opt/OV/bin/OpC/opcagt -status
ITO Managed Node status :
-------------------------
Control Agent /opt/OV/bin/OpC/opcctla (23784) is running
Message Agent /opt/OV/bin/OpC/opcmsga (23785) is running
Subagent 1:
Action Agent /opt/OV/bin/OpC/opcacta (23786) is running
6) When I assign templates I get 3 more running :
ITO Managed Node status :
-------------------------
Control Agent /usr/OV/bin/OpC/intel/opcctla (116) is running
Message Agent /usr/OV/bin/OpC/intel/opcmsga (166) is running
Subagent 1:
Action Agent /usr/OV/bin/OpC/intel/opcacta (168) is running
Logfile Encapsulator /usr/OV/bin/OpC/intel/opcle (171) is running
Monitor Agent /usr/OV/bin/OpC/intel/opcmona (174) is running
Message Interceptor /usr/OV/bin/OpC/intel/opcmsgi (176) is running
Done.
I cannot execute commands right away unless I follow this procedure:
I go to ITO_server and execute set of commands for NATTED servers:
Below is /etc/opt/OV/share/conf/OpC/mgmt_sv/rspmgrs/file, where <IP_OF_ITO_SERVER> is IP address for ITO server:
############################################################
#
#Responsible Manager Configurations for a NAT Management Server
#
RESPMGRCONFIGS
RESPMGRCONFIG
DESCRIPTION "Configuration for a NAT Management Server"
SECONDARYMANAGERS
ACTIONALLOWMANAGERS
ACTIONALLOWMANAGER
NODE IP <IP_OF_ITO_SERVER>""
DESCRIPTION "Internally known address"
############################################################
I execute:
/opt/OV/bin/OpC/opcsw -installed nat_linux.test.com
I get a HEX number: c3724332
cp /etc/opt/OV/share/conf/OpC/mgmt_sv/respmgrs/file
/etc/opt/OV/share/conf/OpC/mgmt_sv/respmgrs/c3724332
/opt/OV/bin/OpC/opchbp -stop nat_linux.test.com
/opt/OV/bin/OpC/opchbp -start nat_linux.test.com
opcragt -distrib -templates -force nat_linux.test.com
7) After successfull template distribution I get NORMAL message in ITO stating that Information has been successfully distributed.
8) I try to execute a command from ITO on that node and I get a return from the command back.
9) netstat -a on Linux node shows that status with ITO_server is ESTABLISHED.
10) After several minutes I can no longer execute commands on that node and I get response that agent is not running
11) I execute opcragt -status NATTED_NODE and I do get all 6 running from that node:
ITO Managed Node status :
-------------------------
Control Agent /usr/OV/bin/OpC/intel/opcctla (116) is running
Message Agent /usr/OV/bin/OpC/intel/opcmsga (166) is running
Subagent 1:
Action Agent /usr/OV/bin/OpC/intel/opcacta (168) is running
Logfile Encapsulator /usr/OV/bin/OpC/intel/opcle (171) is running
Monitor Agent /usr/OV/bin/OpC/intel/opcmona (174) is running
Message Interceptor /usr/OV/bin/OpC/intel/opcmsgi (176) is running
Done.
- Status
Similar threads
