- 物理ホスト
--設定
----マネージャでの作業
cp -p /etc/opt/jp1ajs2/conf/permitted_host_manager.conf.model /etc/opt/jp1ajs2/conf/permitted_host_manager.conf
chmod +w /etc/opt/jp1ajs2/conf/permitted_host_manager.conf
vim /etc/opt/jp1ajs2/conf/permitted_host_manager.conf
# Connection permitted host
127.0.0.1
192.168.137.181
192.168.137.182
192.168.137.183
cp -p /etc/opt/jp1ajs2/conf/permitted_host_agent.conf.model /etc/opt/jp1ajs2/conf/permitted_host_agent.conf
chmod +w /etc/opt/jp1ajs2/conf/permitted_host_agent.conf
vim /etc/opt/jp1ajs2/conf/permitted_host_agent.conf
# Connection permitted host
127.0.0.1
192.168.137.181
192.168.137.182
192.168.137.183
/opt/jp1ajs2/bin/jajs_spmd_stop
/opt/jp1ajs2/bin/jajs_spmd_status
/opt/jp1ajs2/bin/ajsqlstop
/opt/jp1ajs2/bin/ajsqlstatus
--有効にする場合
/opt/jp1ajs2/bin/jajs_config -k "[JP1_DEFAULT\JP1AJS2COMMON]" "CONNECTIONRESTRICTION"="all"
--無効にする場合
/opt/jp1ajs2/bin/jajs_config -k "[JP1_DEFAULT\JP1AJS2COMMON]" "CONNECTIONRESTRICTION"="none"
/opt/jp1ajs2/bin/jajs_config -k "[JP1_DEFAULT\JP1AJSMANAGER]" "CONRESTRICTLOG"="all"
/opt/jp1ajs2/bin/jajs_config -k "[JP1_DEFAULT\JP1AJSMANAGER]" "CONRESTRICTSYSLOG"="all"
/opt/jp1ajs2/bin/jajs_spmd
/opt/jp1ajs2/bin/jajs_spmd_status
/opt/jp1ajs2/bin/ajsqlstart
/opt/jp1ajs2/bin/ajsqlstatus
vim /etc/opt/jp1ajs2/conf/permitted_host_manager.conf
192.168.137.184
/opt/jp1ajs2/bin/jajs_pmtcon -m -v
/opt/jp1ajs2/bin/jajs_pmtcon -m -u
vim /etc/opt/jp1ajs2/conf/permitted_host_agent.conf
192.168.137.184
/opt/jp1ajs2/bin/jajs_pmtcon -a -v
/opt/jp1ajs2/bin/jajs_pmtcon -a -u
----エージェントでの作業
cp -p /etc/opt/jp1ajs2/conf/permitted_host_agent.conf.model /etc/opt/jp1ajs2/conf/permitted_host_agent.conf
chmod +w /etc/opt/jp1ajs2/conf/permitted_host_agent.conf
vim /etc/opt/jp1ajs2/conf/permitted_host_agent.conf
# Connection permitted host
127.0.0.1
192.168.137.181
192.168.137.182
192.168.137.183
/opt/jp1ajs2/bin/jajs_spmd_stop
/opt/jp1ajs2/bin/jajs_spmd_status
/opt/jp1ajs2/bin/ajsqlstop
/opt/jp1ajs2/bin/ajsqlstatus
--有効にする場合
/opt/jp1ajs2/bin/jajs_config -k "[JP1_DEFAULT\JP1AJS2COMMON]" "CONNECTIONRESTRICTION"="all"
--無効にする場合
/opt/jp1ajs2/bin/jajs_config -k "[JP1_DEFAULT\JP1AJS2COMMON]" "CONNECTIONRESTRICTION"="none"
/opt/jp1ajs2/bin/jajs_spmd
/opt/jp1ajs2/bin/jajs_spmd_status
/opt/jp1ajs2/bin/ajsqlstart
/opt/jp1ajs2/bin/ajsqlstatus
vim /etc/opt/jp1ajs2/conf/permitted_host_agent.conf
192.168.137.184
/opt/jp1ajs2/bin/jajs_pmtcon -a -v
/opt/jp1ajs2/bin/jajs_pmtcon -a -u
--動作確認
tail -f /var/log/messages
ls -ltr /var/opt/hitachi/HNTRLib2/spool
tail -f /var/opt/hitachi/HNTRLib2/spool/hntr21.log
----マネージャへの接続制限の確認
mmm190からmmm181へリモートコマンドを実行
export JP1_USERNAME=jp1admin
export AJSMANAGERHOST=mmm181
/opt/jp1ajs2/bin/ajsprint -F AJSROOT1 "/*"
export -n AJSMANAGERHOST
接続元制限していない場合、リモートコマンド実行可能
接続元制限している場合、リモートコマンドは実行できない
----エージェントへの接続制限の確認
mmm190からmmm182へジョブを実行
vim /root/job1.sh
#!/bin/bash
OUT=`date`" "`id`
echo $OUT >> /root/job1.log
vim /root/unitbackup.txt
unit=jg1,,jp1admin,;
{
ty=g;
cm="jg1";
el=jobnet1,n,+0+0;
cl=su;
op=mo;
op=tu;
op=we;
op=th;
op=fr;
cl=sa;
unit=jobnet1,,jp1admin,;
{
ty=n;
cm="jobnet1";
sz=10x8;
el=job11,j,+80+48;
sd=1,2019/11/03;
st=1,23:58;
cy=1,(1,d);
sh=1,ca;
shd=1,2;
ex="mmm182";
unit=job11,,jp1admin,;
{
ty=j;
cm="job1";
sc="/root/job1.sh";
un="root";
tho=0;
ex="mmm182";
}
}
}
export JP1_USERNAME=jp1admin
/opt/jp1ajs2/bin/ajsleave -F AJS3SCHEDULE001 /jg1/jobnet1
/opt/jp1ajs2/bin/ajsdefine -F AJS3SCHEDULE001 -f -d / /root/unitbackup.txt
/opt/jp1ajs2/bin/ajsprint -F AJS3SCHEDULE001 "/*"
/opt/jp1ajs2/bin/ajsentry -F AJS3SCHEDULE001 -n /jg1/jobnet1
/opt/jp1ajs2/bin/ajsshow -F AJS3SCHEDULE001 -R /jg1/jobnet1
接続元制限していない場合、ジョブは実行可能
接続元制限している場合、ジョブは異常検出終了(KAVU4721-E 要求が拒否されました(10808))
- 論理ホスト
--設定
----マネージャでの作業
cp -p /mnt/sdc2/jp1ajs/jp1ajs2/conf/permitted_host_manager.conf.model /mnt/sdc2/jp1ajs/jp1ajs2/conf/permitted_host_manager.conf
chmod +w /mnt/sdc2/jp1ajs/jp1ajs2/conf/permitted_host_manager.conf
vim /mnt/sdc2/jp1ajs/jp1ajs2/conf/permitted_host_manager.conf
# Connection permitted host
127.0.0.1
192.168.137.190
192.168.137.191
192.168.137.192
192.168.137.194
192.168.137.195
192.168.137.196
192.168.137.183
cp -p /mnt/sdc2/jp1ajs/jp1ajs2/conf/permitted_host_agent.conf.model /mnt/sdc2/jp1ajs/jp1ajs2/conf/permitted_host_agent.conf
chmod +w /mnt/sdc2/jp1ajs/jp1ajs2/conf/permitted_host_agent.conf
vim /mnt/sdc2/jp1ajs/jp1ajs2/conf/permitted_host_agent.conf
# Connection permitted host
127.0.0.1
192.168.137.190
192.168.137.191
192.168.137.192
192.168.137.194
192.168.137.195
192.168.137.196
192.168.137.183
/etc/opt/jp1ajs2/jajs_stop.cluster mmm190
/opt/jp1ajs2/bin/jajs_spmd_status -h mmm190
/opt/jp1ajs2/bin/ajsqldetach -h mmm190
/opt/jp1ajs2/bin/ajsqlstop
/opt/jp1ajs2/bin/ajsqlstatus -h mmm190
--有効にする場合
/opt/jp1ajs2/bin/jajs_config -k "[mmm190\JP1AJS2COMMON]" "CONNECTIONRESTRICTION"="all"
--無効にする場合
/opt/jp1ajs2/bin/jajs_config -k "[mmm190\JP1AJS2COMMON]" "CONNECTIONRESTRICTION"="none"
/opt/jp1ajs2/bin/jajs_config -k "[mmm190\JP1AJSMANAGER]" "CONRESTRICTLOG"="all"
/opt/jp1ajs2/bin/jajs_config -k "[mmm190\JP1AJSMANAGER]" "CONRESTRICTSYSLOG"="all"
/etc/opt/jp1ajs2/jajs_start.cluster mmm190
/opt/jp1ajs2/bin/jajs_spmd_status -h mmm190
/opt/jp1ajs2/bin/ajsqlstart
/opt/jp1ajs2/bin/ajsqlattach -h mmm190
/opt/jp1ajs2/bin/ajsqlstatus -h mmm190
vim /mnt/sdc2/jp1ajs/jp1ajs2/conf/permitted_host_manager.conf
192.168.137.184
/opt/jp1ajs2/bin/jajs_pmtcon -h mmm190 -m -v
/opt/jp1ajs2/bin/jajs_pmtcon -h mmm190 -m -u
vim /mnt/sdc2/jp1ajs/jp1ajs2/conf/permitted_host_agent.conf
192.168.137.184
/opt/jp1ajs2/bin/jajs_pmtcon -h mmm190 -a -v
/opt/jp1ajs2/bin/jajs_pmtcon -h mmm190 -a -u
----エージェントでの作業
cp -p /mnt/sdc2/jp1ajs/jp1ajs2/conf/permitted_host_agent.conf.model /mnt/sdc2/jp1ajs/jp1ajs2/conf/permitted_host_agent.conf
chmod +w /mnt/sdc2/jp1ajs/jp1ajs2/conf/permitted_host_agent.conf
vim /mnt/sdc2/jp1ajs/jp1ajs2/conf/permitted_host_agent.conf
# Connection permitted host
127.0.0.1
192.168.137.190
192.168.137.191
192.168.137.192
192.168.137.194
192.168.137.195
192.168.137.196
192.168.137.183
/etc/opt/jp1ajs2/jajs_stop.cluster mmm194
/opt/jp1ajs2/bin/jajs_spmd_status -h mmm194
/opt/jp1ajs2/bin/ajsqldetach -h mmm194
/opt/jp1ajs2/bin/ajsqlstop
/opt/jp1ajs2/bin/ajsqlstatus -h mmm194
--有効にする場合
/opt/jp1ajs2/bin/jajs_config -k "[mmm194\JP1AJS2COMMON]" "CONNECTIONRESTRICTION"="all"
--無効にする場合
/opt/jp1ajs2/bin/jajs_config -k "[mmm194\JP1AJS2COMMON]" "CONNECTIONRESTRICTION"="none"
/etc/opt/jp1ajs2/jajs_start.cluster mmm194
/opt/jp1ajs2/bin/jajs_spmd_status -h mmm194
/opt/jp1ajs2/bin/ajsqlstart
/opt/jp1ajs2/bin/ajsqlattach -h mmm194
/opt/jp1ajs2/bin/ajsqlstatus -h mmm194
vim /mnt/sdc2/jp1ajs/jp1ajs2/conf/permitted_host_agent.conf
192.168.137.184
/opt/jp1ajs2/bin/jajs_pmtcon -h mmm194 -a -v
/opt/jp1ajs2/bin/jajs_pmtcon -h mmm194 -a -u
--動作確認
tail -f /var/log/messages
ls -ltr /var/opt/hitachi/HNTRLib2/spool
tail -f /var/opt/hitachi/HNTRLib2/spool/hntr24.log
----マネージャへの接続制限の確認
mmm181からmmm190へリモートコマンドを実行
export JP1_USERNAME=jp1admin
export AJSMANAGERHOST=mmm190
/opt/jp1ajs2/bin/ajsprint -F AJS3SCHEDULE001 "/*"
export -n AJSMANAGERHOST
接続元制限していない場合、リモートコマンド実行可能
接続元制限している場合、リモートコマンドは実行できない
----エージェントへの接続制限の確認
mmm181からmmm194へジョブを実行
vim /mnt/sdc2/job1.sh
#!/bin/bash
OUT=`date`" "`id`
echo $OUT >> /mnt/sdc2/job1.log
vim /root/unitbackup.txt
unit=jg1,,jp1admin,;
{
ty=g;
cm="jg1";
el=jobnet1,n,+0+0;
cl=su;
op=mo;
op=tu;
op=we;
op=th;
op=fr;
cl=sa;
unit=jobnet1,,jp1admin,;
{
ty=n;
cm="jobnet1";
sz=10x8;
el=job11,j,+80+48;
sd=1,2019/11/03;
st=1,23:58;
cy=1,(1,d);
sh=1,ca;
shd=1,2;
ex="mmm194";
unit=job11,,jp1admin,;
{
ty=j;
cm="job1";
sc="/mnt/sdc2/job1.sh";
un="root";
tho=0;
ex="mmm194";
}
}
}
export JP1_USERNAME=jp1admin
/opt/jp1ajs2/bin/ajsleave -F AJSROOT1 /jg1/jobnet1
/opt/jp1ajs2/bin/ajsdefine -F AJSROOT1 -f -d / /root/unitbackup.txt
/opt/jp1ajs2/bin/ajsprint -F AJSROOT1 "/*"
/opt/jp1ajs2/bin/ajsentry -F AJSROOT1 -n /jg1/jobnet1
/opt/jp1ajs2/bin/ajsshow -F AJSROOT1 -R /jg1/jobnet1
接続元制限していない場合、ジョブは実行可能
接続元制限している場合、ジョブは異常検出終了(KAVU4721-E 要求が拒否されました(1301))
--待機系への反映
--マネージャ
共通定義情報の出力
/opt/jp1base/bin/jbsgetcnf -h mmm190 > /root/jbscnf.txt
scp /root/jbscnf.txt mmm192:/root
共通定義情報の取り込み
ssh mmm192 "/opt/jp1base/bin/jbssetcnf /root/jbscnf.txt"
--エージェント
共通定義情報の出力
/opt/jp1base/bin/jbsgetcnf -h mmm194 > /root/jbscnf.txt
scp /root/jbscnf.txt mmm196:/root
共通定義情報の取り込み
ssh mmm196 "/opt/jp1base/bin/jbssetcnf /root/jbscnf.txt"