Configuring server-based fencing on the VCS cluster manually

The configuration process for the client or VCS cluster to use CP server as a coordination point requires editing the /etc/vxfenmode file.

You need to edit this file to specify the following information for your configuration:

Note:

Whenever coordinator disks are used as coordination points in your I/O fencing configuration, you must create a disk group (vxfencoorddg). You must specify this disk group in the /etc/vxfenmode file.

See Setting up coordinator disk groups.

The customized fencing framework also generates the /etc/vxfentab file which has security setting and the coordination points (all the CP servers and disks from disk group specified in /etc/vxfenmode file).

To configure server-based fencing on the VCS cluster manually

  1. Use a text editor to edit the following file on each node in the cluster:

    /etc/default/vxfen

    You must change the values of the VXFEN_START and the VXFEN_STOP environment variables to 1.

  2. Use a text editor to edit the /etc/vxfenmode file values to meet your configuration specifications.

    If your server-based fencing configuration uses a single highly available CP server as its only coordination point, make sure to add the single_cp=1 entry in the /etc/vxfenmode file.

    The following sample file output displays what the /etc/vxfenmode file contains:

    See Sample vxfenmode file output for server-based fencing.

  3. After editing the /etc/vxfenmode file, run the vxfen init script to start fencing.

    For example:

    # /etc/init.d/vxfen.rc start
  4. Make sure that /etc/vxfenmode file contains the value of security is set to 1.

    Make sure that following command displays the certificate being used by cpsadm client,

    EAT_DATA_DIR=/vat/VRTSvcs/vcsauth/data/CPSADM cpsat showcred