preprpnode Command

Purpose

Prepares a node to be defined to a peer domain.

Syntax

preprpnode [-k] [-h] [-TV] node_name1 [node_name2 ... ]

preprpnode -f-F { file_name"–" } [-k] [-h] [-TV]

Description

The preprpnode command prepares security on the node on which the command is run so it can be defined in a peer domain. It allows for peer domain operations to be performed on this node and must be run before the node can join a peer domain using the mkrpdomain or addrpnode command.

Before the mkrpdomain command is issued on a node, the preprpnode command must be run on each node to be defined to the new peer domain, using the name of the node that is to run the mkrpdomain command as the parameter. This gives the mkrpdomain node the necessary authority to create the peer domain configuration on each new node and set up additional security.

Before the addrpnode command is issued on a node, the preprpnode command must be run on each node that is to be added, using the names of all online nodes as the parameters. This gives the online nodes the authority to perform the necessary operations on the new node.

The preprpnode command performs the following:
  1. Establishes trust with the node names specified on the command by adding their public keys to the trusted host list.
  2. Modifies the resource monitoring and control (RMC) access control list (ACL) file to enable access to peer domain resources on this node from the other nodes in the peer domain. This allows peer domain operations to occur on the node. The RMC subsystem is refreshed so that these access changes will take effect.
  3. RMC remote connections are enabled.

If the nodes that are to be defined to a peer domain are already in a management domain, you do not need to exchange public keys. You can use the -k flag to omit this step.

Flags

-f | -F { file_name | "–" }
Reads a list of node names from file_name. Each line of the file is scanned for one node name. The pound sign (#) indicates that the remainder of the line (or the entire line if the # is in column 1) is a comment.

Use -f "-" or -F "-" to specify STDIN as the input file.

-k
Specifies that the command should not exchange public keys.
-h
Writes the command's usage statement to standard output.
-T
Writes the command's trace messages to standard error. For your software service organization's use only.
-V
Writes the command's verbose messages to standard output.

Parameters

node_name1 [node_name2 ... ]
Specifies the node (or nodes) from which peer domain commands can be accepted. Typically, this is the name of the node that will be running the mkrpdomain command when forming the peer domain. When adding to the peer domain, it is a list of the nodes that are currently online in the peer domain. The node name is the IP address or the long or short version of the DNS host name. The node name must resolve to an IP address.

Security

The user of the preprpnode command needs write permission to the access control list (ACL) file. Permissions are specified in the ACL file. See the RSCT: Administration Guide for details on the ACL file and how to modify it.

Exit Status

0
The command ran successfully.
1
An error occurred with RMC.
2
An error occurred with a command-line interface script.
3
An incorrect flag was entered on the command line.
4
An incorrect parameter was entered on the command line.
5
An error occurred that was based on incorrect command-line input.

Restrictions

This command must run on a node that will be defined to the peer domain.

Implementation Specifics

This command is part of the Reliable Scalable Cluster Technology (RSCT) fileset for AIX®.

Standard Input

When the -f "-" or -F "-" flag is specified, this command reads one or more node names from standard input.

Standard Output

When the -h flag is specified, this command's usage statement is written to standard output. All verbose messages are written to standard output.

Standard Error

All trace messages are written to standard error.

Examples

  1. Suppose mkrpdomain will be issued from nodeA. To prepare nodeB, nodeC, and nodeD to be defined to a new peer domain, ApplDomain, run this command on nodeB, on nodeC, and then on nodeD:
    preprpnode nodeA
  2. Suppose nodeA and nodeB are online in ApplDomain. To prepare nodeC to be added to the existing domain, run this command on nodeC:
    preprpnode nodeA nodeB
    Alternatively, create a file called onlineNodes with these contents:
    nodeA 
    nodeB
    Then, run this command on nodeC:
    preprpnode -f onlineNodes

Location

/usr/sbin/rsct/bin/preprpnode

Files

The access control list (ACL) file — /var/ct/cfg/ctrmc.acls — is modified. If this file does not exist, it is created.