unixadmin.free.fr just another IBM blog and technotes backup

20juil/11

AIX NIM Master Tuning

Abstract: tunables that are occasionally required on the AIX NIM master

1) To support a high number (16 or more) simultaneous installs, you should consider:
increasing max_nimesis_threads

nim -o change -a max_nimesis_threads=60 master

2) no options tcp_sendspace, tcp_recvspace, rfc1323 should already be set in the default AIX install. Watch for them on ifconfig -a, and verify that use_isno is on.

# ifconfig en0
en0: flags=1e080863,4c0<UP,BROADCAST,NOTRAILERS,RUNNING,SIMPLEX,MULTICAST,GROUPR
T,64BIT,CHECKSUM_OFFLOAD(ACTIVE),LARGESEND,CHAIN>
inet 9.19.51.115 netmask 0xffffff00 broadcast 9.19.51.255
tcp_sendspace 262144 tcp_recvspace 262144 rfc1323 1

# no -a | grep isno
use_isno = 1

# no -F -a | grep isno (restricted setting in 6.1. Use -F)
use_isno = 1

3) Consider setting global_export=yes. If you perform frequent simultaneous installs, when one install completes, the default behavior of the master is to unexport NFS exports, remove the completed client from the export lists and re-export the filesystems. During this interval, other "in-flight" client installs may see the message "NFS server not responding, still trying" on the client console.

As an alternative, set global_export. With no clients enabled for install:

# nim -o change -a global_export=yes master

In this configuration, resources are exported read-only for every enabled client, and held exported until the last client completes.

Before, exports list every specific client allowed to mount

# showmount -e
export list for bmark29:
/export/mksysb/image_53ML3 sq07.dfw.ibm.com,sq08.dfw.ibm.com
/export/53/lppsource_53ML3 sq07.dfw.ibm.com,sq08.dfw.ibm.com
/export/53/spot_53ML2/usr sq07.dfw.ibm.com,sq08.dfw.ibm.com

With global_export, exports are read-only for everyone

# exportfs
/export/mksysb/image_53ML3 -ro,anon=0
/export/53/lppsource_53ML3 -ro,anon=0
/export/53/spot_53ML3/usr -ro,anon=0

Realize, of course, anyone can mount these, even if they are not a NIM client
(read-only, AIX install content. Security issue? Probably not for most cases)

SOURCE:TD105569

Remplis sous: AIX, NIM Laisser un commentaire
Commentaires () Trackbacks (0)

Aucun commentaire pour l'instant


Leave a comment

(required)

Aucun trackbacks pour l'instant