cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2806
Views
40
Helpful
82
Replies

LMS 3.1 installation/migration issues

yjdabear
VIP Alumni
VIP Alumni

1. Can LMS 3.1 function without tftp? I'm not so much concerned about LMS installing /opt/CSCOpx/bin/in.tftpd when it finds the Sol 10 tftpd binary is intentionally removed, but whether the product has any dependency on /tftpboot/ later on during day-to-day operations, even with TFTP not used in RME and assorted places.

2. On one of the boxes, wrapper.pl keeps ending prematurely with the following, even though RBackup.sh is right there:

...

Backing up CiscoView data now

Backing up CiscoView done

IPM backup starts now

IPM BackUp Loaction /product/ehealth/backups/lms26backup/0/ipm

Exiting the backup process.

Reason: RBackup.sh is not available

The exact same steps backed up the data fine on another box.

3. On the above box where wrapper.pl functions fine, "dmgtd stop" takes hours but still fails to shut down all LMS processes:

Daemon Management stopping. This may take a few minutes.

WARNING: Daemon Manager terminated with SIGKILL.

INFO : Stopping DBEngine processes registered to Daemon Manager

WARNING: Please check if all processes have been terminated using

WARNING: the command - "ps -ef|grep CSCOpx" and

WARNING: terminate them if any processes are running.

casuser 21339 20353 0 15:58:40 ? 0:00 /opt/CSCOpx/objects/wfengine/program/GGScript

casuser 21356 20353 0 15:58:45 ? 0:00 /opt/CSCOpx/objects/wfengine/program/DataStore

casuser 20353 1 0 15:35:17 ? 0:18 /opt/CSCOpx/objects/wfengine/program/PolicyServer

casuser 21342 20353 0 15:58:40 ? 0:01 /opt/CSCOpx/objects/wfengine/program/GGLogger

casuser 21355 20353 0 15:58:45 ? 0:05 /opt/CSCOpx/objects/wfengine/program/OpsBREngine

casuser 21343 20353 0 15:58:41 ? 0:00 /opt/CSCOpx/objects/wfengine/program/GGProxy

casuser 21344 20353 0 15:58:41 ? 0:00 /opt/CSCOpx/objects/wfengine/program/GGHelper

casuser 21357 20353 0 15:58:45 ? 0:01 /opt/CSCOpx/objects/wfengine/program/PolicyScheduler

82 Replies 82

Joe Clarke
Cisco Employee
Cisco Employee

It depends on the device types being managed as to whether or not TFTP is required. For example, If you are managing IOS switches with vlan.dat files, then TFTP is absolutely required. If all of your devices support alternative protocols for config and image copy operations, then you can get away without TFTP.

I don't have a copy of wrapper.pl, and it will be a few days before I'm back in the office to get one. Since this is Solaris, you might try running truss on the backup to see what file it's looking for:

truss -a -f -vall -rall -wall -o /tmp/truss.out COMMAND

dmgtd stop shouldn't take hours. At the very most, it should take 75 minutes. However, the problem with the CWA processes not stopping is a known bug which was fixed in LMS 3.1.

Regarding the last issue: That's odd. This is LMS 3.1 here. So it's exhibiting the symptom of a bug that's supposed to have been fixed?

I was under the impression that you were migrating data, and these were still LMS 3.0 daemons. If they are 3.1 daemons, then there may be something else wrong. If the problem is reproducible, you should get the output of ptree on the dmgtd PID when things are running. This will help isolate why dmgtd is not shutting everything down properly.

Doh, I got confused. It was LMS 2.6 actually. Those wfengine processes seemed to have died eventually some time, after lingering for +/- a day.

I also ran into a warning during LMS 3.1 installation that Sun Cluster patch:

WARNING: Ensure that you have installed the recommended Solaris 10 cluster patches released

WARNING: on Apr/17/07, in this server.

WARNING: If these cluster patches are not installed, please download and install them

WARNING: from http://www.sun.com/.

WARNING: Otherwise, some features of the CiscoWorks applications will not function properly.

If my Sol 10 box is not using clustering, is this patch needed? Would my LMS be missing "features"?

Regarding the necessity of the TFTP daemon, I see the following errors for "Partially Successful" devices under "Config Archive":

VLAN Config fetch is not supported using SCP.VLAN Config fetch is not supported using TFTP.

Does it mean RME tries other procotols than TFTP for vlan.dat? I have the impression that newer IOS no longer uses vlan.dat, as the latter's contents are included in the regular startup/running configs. If so (and when we get there), can TFTP be done away with in LMS completely then? Would the removal/absence of /tftpboot cause any issue with LMS 3.1, whether TFTP is used by RME/etc. or not? Will LMS create /tftpboot automatically whenever it sees fit (my current /tftpboot is a symlink, since the actual / fils system is very small).

We are unable to adequately detect the Sun cluster patch. You must make sure that yoy have at least the April 2007 cluster patch installed. I recommend August 2007 or later.

If other protocols are selected for config fetch, they will be passed to the vlan.dat fetch code, but will be summarily rejected. Only TFTP will work for fetching vlan.dat.

Yes, vlan.dat is obsolete in newer versions of IOS. If all of your devices move to a release that supports protocols other than TFTP for config and software operations, then you can do away with TFTP.

Could you clarify whether we need the cluster patches even when we're not using clustering? Thanks.

The patch has nothing to do with Sun Cluster Manager. Cluster here refers to a cluster of recommend Solaris patches. Yes, you absolutely need this recommended patch cluster.

I see. So it's a bad choice of words in the LMS 3.1 installer then.

Another concern that comes up is regarding the CSCsr20682 (Solaris IPMP) patch I requested produced for LMS 3.1. It's much smaller than the original.

ls -al /opt/CSCOpx/MDC/tomcat/webapps/cwhp/WEB-INF/lib

-rwxr-x--- 1 casuser casusers 152118 Jul 18 13:59 ctm.jar

-rwxr-x--- 1 casuser casusers 304869 Jun 15 16:04 ctm.jar.old

cksum ctm.jar

2048561110 152118 ctm.jar

This is the correct cksum. I generally create smaller jar files than the originals.

A follow-up question on the TFTP issue: Does LMS 3.1 do anything else to enable its own TFTPD other than adding " /opt/CSCOpx/bin/in.tftpd" to /etc/inetd.conf ? I was told that the default TFTPD, even if enabled, doesn't show up there on Sol 10. So I assume there's more to be done than simply touching inetd.conf?

How feasible is it to implement an enhancement request that LMS fetches vlan.dat using non-TFTP protocols? Would that be considered unnecessary because 12.1(20)E and up starts advising configuring VLAN from config mode?

On Solaris 10, the lines in inetd.conf will automatically be converted to inetadm commands (see inetadm -l svn:/network/tftp). From then on, all modifications must be done with inetadm.

Yeah, I think adding further support to the vlan.dat fetching code would be futile since this is now an obsolete convention.

I just learned from Cisco AS that apart from the deprecated "VLAN database mode", vlan.dat is also used on switches serving as VTP servers. I suppose this kills the idea of trying to turn off TFTP on the LMS server then.

I haven't heard this. I have a VTP server in the lab running without vlan.dat. In fact, trying to enter vlan database on one such switch, you get the following:

% Warning: It is recommended to configure VLAN from config mode,

as VLAN database mode is being deprecated. Please consult user

documentation for configuring VTP/VLAN in config mode.

Did your AS contact present any documentation on using vlan.dat for a VTP server?

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco