forked from docs/doc-exports
Yang, Tong
3f5759eed2
Reviewed-by: Hasko, Vladimir <vladimir.hasko@t-systems.com> Co-authored-by: Yang, Tong <yangtong2@huawei.com> Co-committed-by: Yang, Tong <yangtong2@huawei.com>
40 lines
7.8 KiB
HTML
40 lines
7.8 KiB
HTML
<a name="mrs_01_2347"></a><a name="mrs_01_2347"></a>
|
|
|
|
<h1 class="topictitle1">Restoring SSL for the HA Module</h1>
|
|
<div id="body32001227"><div class="section" id="mrs_01_2347__en-us_topic_0000001173949918_section149917405812"><h4 class="sectiontitle">Scenario</h4><p id="mrs_01_2347__en-us_topic_0000001173949918_p15135105819">This section describes how to restore SSL for the HA module of DBService in the cluster where DBService is installed.</p>
|
|
</div>
|
|
<div class="section" id="mrs_01_2347__en-us_topic_0000001173949918_section10520103616594"><h4 class="sectiontitle">Prerequisites</h4><p id="mrs_01_2347__en-us_topic_0000001173949918_p1553373695912">SSL has been enabled for the HA module of DBService.</p>
|
|
<div class="note" id="mrs_01_2347__en-us_topic_0000001173949918_note148422811419"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><p id="mrs_01_2347__en-us_topic_0000001173949918_p080112342418">Check whether SSL is enabled for the HA module of DBService.</p>
|
|
<p id="mrs_01_2347__en-us_topic_0000001173949918_p480113341746">Check <strong id="mrs_01_2347__en-us_topic_0000001173949918_b1864911444911">$BIGDATA_HOME/FusionInsight_BASE_</strong><em id="mrs_01_2347__en-us_topic_0000001173949918_i89933913471">x.x.x</em><strong id="mrs_01_2347__en-us_topic_0000001173949918_b91270874911">/install/FusionInsight-dbservice-2.7.0/ha/module/hacom/conf/hacom.xml</strong>. If the file contains <strong id="mrs_01_2347__en-us_topic_0000001173949918_b065685410525"><hadataprotocol value="ssl"></hadataprotocol></strong>, SSL is enabled.</p>
|
|
</div></div>
|
|
</div>
|
|
<div class="section" id="mrs_01_2347__en-us_topic_0000001173949918_section27556513517"><h4 class="sectiontitle">Procedure</h4><ol id="mrs_01_2347__en-us_topic_0000001173949918_ol780512513519"><li id="mrs_01_2347__en-us_topic_0000001173949918_li148051951256"><span>Log in to the DBService node where SSL needs to be restored as user <strong id="mrs_01_2347__en-us_topic_0000001173949918_b6254826125012">omm</strong>.</span></li><li id="mrs_01_2347__en-us_topic_0000001173949918_li128051519519"><span>Run the following commands to restore the DBService configuration file <strong id="mrs_01_2347__en-us_topic_0000001173949918_b1466174115546">hacom_local.xml</strong>:</span><p><p id="mrs_01_2347__en-us_topic_0000001173949918_p18051052514"><strong id="mrs_01_2347__en-us_topic_0000001173949918_b137121212472">cd $BIGDATA_HOME/FusionInsight_BASE_</strong><em id="mrs_01_2347__en-us_topic_0000001173949918_i387914264712">x.x.x</em><strong id="mrs_01_2347__en-us_topic_0000001173949918_b20712625475">/install/FusionInsight-dbservice-2.7.0/ha/local/hacom/conf/</strong></p>
|
|
<p id="mrs_01_2347__en-us_topic_0000001173949918_p88057514516"><strong id="mrs_01_2347__en-us_topic_0000001173949918_b880519519515">cp hacom_local.xml $BIGDATA_HOME/tmp/</strong></p>
|
|
<p id="mrs_01_2347__en-us_topic_0000001173949918_p198051517512"><strong id="mrs_01_2347__en-us_topic_0000001173949918_b35363222911">cat hacom_local.xml | grep "ssl>" -n | cut -d':' -f1 | xargs | sed 's/ /,/g' |xargs -n 1 -i sed -i '{}d' hacom_local.xm</strong>l</p>
|
|
</p></li><li id="mrs_01_2347__en-us_topic_0000001173949918_li1480511519516"><span>Run the following commands to restore the DBService configuration file <strong id="mrs_01_2347__en-us_topic_0000001173949918_b1184605825410">hacom.xml</strong>:</span><p><p id="mrs_01_2347__en-us_topic_0000001173949918_p9805551452"><strong id="mrs_01_2347__en-us_topic_0000001173949918_b133814919473">cd $BIGDATA_HOME/FusionInsight_BASE_</strong><em id="mrs_01_2347__en-us_topic_0000001173949918_i17644164934712">x.x.x</em><strong id="mrs_01_2347__en-us_topic_0000001173949918_b1533911497470">/install/FusionInsight-dbservice-2.7.0/ha/module/hacom/conf/</strong></p>
|
|
<p id="mrs_01_2347__en-us_topic_0000001173949918_p680515520510"><strong id="mrs_01_2347__en-us_topic_0000001173949918_b16805151453">cp hacom.xml $BIGDATA_HOME/tmp/</strong></p>
|
|
<p id="mrs_01_2347__en-us_topic_0000001173949918_p128051455520"><strong id="mrs_01_2347__en-us_topic_0000001173949918_b11805205359">sed -i 's#<hadataprotocol.*#<hadataprotocol value="udp"/>#g' hacom.xml</strong></p>
|
|
<p id="mrs_01_2347__en-us_topic_0000001173949918_p188052051955"><strong id="mrs_01_2347__en-us_topic_0000001173949918_b1180511510517">sed -i 's#<rpcsupportssl.*#<rpcsupportssl value="true"/>#g' hacom.xml</strong></p>
|
|
<div class="note" id="mrs_01_2347__en-us_topic_0000001173949918_note87561551357"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><p id="mrs_01_2347__en-us_topic_0000001173949918_p28051551459"><strong id="mrs_01_2347__en-us_topic_0000001173949918_b56771319175517">$BIGDATA_HOME/FusionInsight_BASE_</strong><em id="mrs_01_2347__en-us_topic_0000001173949918_i1767871985514">x.x.x</em><strong id="mrs_01_2347__en-us_topic_0000001173949918_b1678191918557">/install/FusionInsight-dbservice-2.7.0</strong> is the installation directory of DBService. Modify it based on the upgrade environment.</p>
|
|
</div></div>
|
|
</p></li><li id="mrs_01_2347__en-us_topic_0000001173949918_li980575357"><span>Go to the <strong id="mrs_01_2347__en-us_topic_0000001173949918_b6134447788">$BIGDATA_HOME/FusionInsight_BASE_</strong><em id="mrs_01_2347__en-us_topic_0000001173949918_i313594718819">x.x.x</em><strong id="mrs_01_2347__en-us_topic_0000001173949918_b413611476813">/install/FusionInsight-dbservice-2.7.0/ha/module/hacom/script/</strong> directory and run the following command to restart the HA process:</span><p><p id="mrs_01_2347__en-us_topic_0000001173949918_p11603141193718"><strong id="mrs_01_2347__en-us_topic_0000001173949918_b1254713599367">./stop_ha.sh</strong></p>
|
|
<p id="mrs_01_2347__en-us_topic_0000001173949918_p128681594371"><strong id="mrs_01_2347__en-us_topic_0000001173949918_b122329663712">./start_ha.sh</strong></p>
|
|
</p></li><li id="mrs_01_2347__en-us_topic_0000001173949918_li9862191613388"><span>Run the following command to obtain the PID of the HA process:</span><p><p id="mrs_01_2347__en-us_topic_0000001173949918_p109174212385"><strong id="mrs_01_2347__en-us_topic_0000001173949918_b1519974595110">ps -ef |grep "ha.bin" |grep DBSERVICE</strong></p>
|
|
</p></li><li id="mrs_01_2347__en-us_topic_0000001173949918_li2019910452513"><span>Run the following command to check whether the protocol is changed to TCP:</span><p><div class="p" id="mrs_01_2347__en-us_topic_0000001173949918_p19634758153815"><strong id="mrs_01_2347__en-us_topic_0000001173949918_b16199245135117">netstat -nap | grep </strong><em id="mrs_01_2347__en-us_topic_0000001173949918_i11991645145118">pid</em> <strong id="mrs_01_2347__en-us_topic_0000001173949918_b11179203985216">| </strong><strong id="mrs_01_2347__en-us_topic_0000001173949918_b171971452514">grep -v unix</strong><ul id="mrs_01_2347__en-us_topic_0000001173949918_ul780513514510"><li id="mrs_01_2347__en-us_topic_0000001173949918_li0805115453">If yes, no further action is required.</li><li id="mrs_01_2347__en-us_topic_0000001173949918_li78061351756">If no, contact O&M support.</li></ul>
|
|
<pre class="screen" id="mrs_01_2347__en-us_topic_0000001173949918_screen680635651">[omm@host03]\><strong id="mrs_01_2347__en-us_topic_0000001173949918_b1180655651">netstat -nap | grep </strong><em id="mrs_01_2347__en-us_topic_0000001173949918_i178065510512">49989</em>
|
|
(Not all processes could be identified, non-owned process info
|
|
will not be shown, you would have to be root to see it all.)
|
|
tcp 0 0 127.0.0.1:20054 0.0.0.0:* LISTEN 49989/ha.bin
|
|
udp 0 0 10.10.10.10:20052 0.0.0.0:* 49989/ha.bin
|
|
udp 0 0 10.10.10.10:20053 0.0.0.0:* 49989/ha.bin</pre>
|
|
</div>
|
|
</p></li></ol>
|
|
</div>
|
|
</div>
|
|
<div>
|
|
<div class="familylinks">
|
|
<div class="parentlink"><strong>Parent topic:</strong> <a href="mrs_01_2356.html">Using DBService</a></div>
|
|
</div>
|
|
</div>
|
|
|