Run commands on multiple LPARs - Aix

This is a discussion on Run commands on multiple LPARs - Aix ; Hello, again, Folks, AIX newbie alert (old VMS guy trying to find his way around UN*X after 20 years away)... Is there any software available for running a single command, even something simple like "date" (to verify thet NTP is ...

+ Reply to Thread
Results 1 to 6 of 6

Thread: Run commands on multiple LPARs

  1. Run commands on multiple LPARs

    Hello, again, Folks,

    AIX newbie alert (old VMS guy trying to find his way around UN*X after
    20 years away)...

    Is there any software available for running a single command, even
    something simple like "date" (to verify thet NTP is working as
    expected), on multiple LPARs?

    Since someone is bound to ask, yes, we have security set up so root can
    ssh to another LPAR. So, yes, the "script it in a 'for ... do' loop"
    idea works well, thanx much.

    I'm looking for a way to avoid having "for ... do" variants for every
    command I need to execute across an entire group of LPARs (multiple
    HACMP clusters).

    Any / all ideas are welcome, invited and requested.

    David J Dachtera

  2. Re: Run commands on multiple LPARs

    On Aug 29, 12:59*pm, David J Dachtera
    wrote:
    > Hello, again, Folks,
    >
    > AIX newbie alert (old VMS guy trying to find his way around UN*X after
    > 20 years away)...
    >
    > Is there any software available for running a single command, even
    > something simple like "date" (to verify thet NTP is working as
    > expected), on multiple LPARs?
    >
    > Since someone is bound to ask, yes, we have security set up so root can
    > ssh to another LPAR. So, yes, the "script it in a 'for ... do' loop"
    > idea works well, thanx much.
    >
    > I'm looking for a way to avoid having "for ... do" variants for every
    > command I need to execute across an entire group of LPARs (multiple
    > HACMP clusters).
    >
    > Any / all ideas are welcome, invited and requested.
    >
    > David J Dachtera


    Take a look at the dsh command.

    $ man dsh

    dsh(08/31/07) dsh(08/31/07)

    dsh Command

    Purpose

    dsh - Concurrently runs commands on multiple nodes and
    hardware devices.
    .............................


    $ which_fileset dsh
    /opt/diagnostics/probes/dsh csm.diagnostics 1.4.0.0
    /opt/csm/bin/dcp -> /opt/csm/bin/dsh csm.dsh 1.4.0.0
    /opt/csm/bin/dsh csm.dsh 1.4.0.0



  3. Re: Run commands on multiple LPARs

    On Aug 29, 2:59 pm, David J Dachtera
    wrote:
    > Hello, again, Folks,
    >
    > AIX newbie alert (old VMS guy trying to find his way around UN*X after
    > 20 years away)...
    >
    > Is there any software available for running a single command, even
    > something simple like "date" (to verify thet NTP is working as
    > expected), on multiple LPARs?
    >
    > Since someone is bound to ask, yes, we have security set up so root can
    > ssh to another LPAR. So, yes, the "script it in a 'for ... do' loop"
    > idea works well, thanx much.
    >
    > I'm looking for a way to avoid having "for ... do" variants for every
    > command I need to execute across an entire group of LPARs (multiple
    > HACMP clusters).
    >
    > Any / all ideas are welcome, invited and requested.
    >
    > David J Dachtera


    remote root access = stop the bus; we lock down the root user so it
    can't be used via SSH and only allows root login to the console i.e.
    via HMC. never, ever, ever allow remote root access. Ever. .rsh
    and .rlogin are evil. NIM uses very dodgy network protocols like NFS
    and TFTP but that's seemingly unavoidable; though once going NIM can
    be setup to use "secure NIM"
    SSH keys are the way I do remote access WITH MY OWN LOGIN. shared
    users are another no NO.
    what output are you after ?
    I run a weekly AIX audit of all LPAR's and put this into a Subversion
    repository and use that for reference.

    HTH
    HAND

  4. Re: Run commands on multiple LPARs

    On 29 Aug, 03:59, David J Dachtera wrote:
    > Hello, again, Folks,
    >
    > AIX newbie alert (old VMS guy trying to find his way around UN*X after
    > 20 years away)...
    >
    > Is there any software available for running a single command, even
    > something simple like "date" (to verify thet NTP is working as
    > expected), on multiple LPARs?
    >
    > Since someone is bound to ask, yes, we have security set up so root can
    > ssh to another LPAR. So, yes, the "script it in a 'for ... do' loop"
    > idea works well, thanx much.
    >
    > I'm looking for a way to avoid having "for ... do" variants for every
    > command I need to execute across an entire group of LPARs (multiple
    > HACMP clusters).
    >
    > Any / all ideas are welcome, invited and requested.
    >
    > David J Dachtera


    Have a look at Cluster Systems Management (CSM). It is an extra
    package on top of AIX and I am not aware of the cost so I cant comment
    on if its worth the price. From an admin point of view, it makes life
    easier when you have to manage alot of machines, including dsh which
    was mentioned before and what you are after. Check this link for more.

    http://publib.boulder.ibm.com/infoce...m7ia10114.html

    hth,
    Duncan

  5. Re: Run commands on multiple LPARs

    Henry schrieb:
    > On Aug 29, 2:59 pm, David J Dachtera
    > wrote:
    >> Hello, again, Folks,
    >>
    >> AIX newbie alert (old VMS guy trying to find his way around UN*X after
    >> 20 years away)...
    >>
    >> Is there any software available for running a single command, even
    >> something simple like "date" (to verify thet NTP is working as
    >> expected), on multiple LPARs?
    >>
    >> Since someone is bound to ask, yes, we have security set up so root can
    >> ssh to another LPAR. So, yes, the "script it in a 'for ... do' loop"
    >> idea works well, thanx much.
    >>
    >> I'm looking for a way to avoid having "for ... do" variants for every
    >> command I need to execute across an entire group of LPARs (multiple
    >> HACMP clusters).
    >>
    >> Any / all ideas are welcome, invited and requested.
    >>
    >> David J Dachtera

    >
    > remote root access = stop the bus; we lock down the root user so it
    > can't be used via SSH and only allows root login to the console i.e.
    > via HMC. never, ever, ever allow remote root access. Ever. .rsh
    > and .rlogin are evil. NIM uses very dodgy network protocols like NFS
    > and TFTP but that's seemingly unavoidable; though once going NIM can
    > be setup to use "secure NIM"
    > SSH keys are the way I do remote access WITH MY OWN LOGIN. shared
    > users are another no NO.
    > what output are you after ?
    > I run a weekly AIX audit of all LPAR's and put this into a Subversion
    > repository and use that for reference.
    >
    > HTH
    > HAND


    Hi,

    just a short remark. IMHO security has to be in balance with manageability.
    There are ways to assure that only certain users from certain systems can access
    root account via SSH.

    e.g. see ssh_config file parameters:

    AllowedAuthentications, AllowedUsers, AllowedGroups, PasswordAuthentication
    (no), PermitRootLogin without-password,

    Regards,
    Uwe Auer

  6. Re: Run commands on multiple LPARs

    Hi,

    from my linux box i use clusterssh it works Great!!
    http://clusterssh.wiki.sourceforge.net/Main+Page

    I know there are others too:

    Clusterm @ http://sourceforge.net/projects/clusterm/

    Omnitty @ http://omnitty.sourceforge.net/

    Tentakel @ http://tentakel.biskalar.de/


    hope it helps!

    Ciao


    On Aug 29, 4:59*am, David J Dachtera
    wrote:
    > Hello, again, Folks,
    >
    > AIX newbie alert (old VMS guy trying to find his way around UN*X after
    > 20 years away)...
    >
    > Is there any software available for running a single command, even
    > something simple like "date" (to verify thet NTP is working as
    > expected), on multiple LPARs?
    >
    > Since someone is bound to ask, yes, we have security set up so root can
    > ssh to another LPAR. So, yes, the "script it in a 'for ... do' loop"
    > idea works well, thanx much.
    >
    > I'm looking for a way to avoid having "for ... do" variants for every
    > command I need to execute across an entire group of LPARs (multiple
    > HACMP clusters).
    >
    > Any / all ideas are welcome, invited and requested.
    >
    > David J Dachtera



+ Reply to Thread