Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
576
Views
0
Helpful
2
Replies

Cisco Ace - Gracefully shut down rserver with SSL connections

krilleorg
Level 1
Level 1

‎11-26-2008 05:21 AM

Hello

I run a ace module in a 6509

Version A2(1.2) [build 3.0(0)A2(1.2)

How do i gracefully shut down a rserver with current ssl connections?

http://www.cisco.com/en/US/docs/app_ntwk_services/data_center_app_services/ace_appliances/vA3_1_0/command/reference/realserv.html#wpmkr1015382

In this dokument it says that the: no inservice command resets all ssl connections. I want to let clients finish their ssl connections, then take the server out of service.

Does it let the clients finish their ssl sessions, if i take the rserver out of service with the: inservice standby command under serverfarm > rserver instead?

as in:

http://www.cisco.com/en/US/docs/app_ntwk_services/data_center_app_services/ace_appliances/vA3_1_0/command/reference/servfarm.html#wpmkr1036418

If it does, I have another problem, i want do restrict what commands my webmasters can run, and they need to shut down a server grecefully but limit other commands. If i give there users any of the predefined roles or try to make a own role, a can't make them gain access to take a rserver out of service (no inservice or inservice standby command i missing) in a serverfarm...? but my admin user can run those commands.

Does anyone have a idea what role that work or if i make my own role what rules i should use?

Appreciate any help!

//Kristoffer

Labels:
0 Helpful
2 Replies 2

ciscocsoc
Level 4
Level 4

‎11-26-2008 07:57 AM

Hi Kristoffer,

The minimum required access is modify to real-inservice.

ace1/Test(config)# role SCOPED1

ace1/Test(config-role)# description Allow control of servers

ace1/Test(config-role)# rule 1 permit modify feature real-inservice

ace1/Test(config-role)# rule 2 permit create feature config-copy

ace1/Test(config-role)# exit

ace1/Test(config)# exit

Then create a user and associate it with the scope.

ace1/Test(config)# username adminScoped password ReallySecret role SCOPED1 domain default-domain

Roles are documented in the Virtualisation Guide and in the Command Reference.

HTH

Cathy

0 Helpful

krilleorg
Level 1
Level 1
In response to ciscocsoc

‎11-26-2008 11:40 PM

doesn't seem to have that command:

rule 1 permit modify feature real-inservice

do you know what relese it is supported in?

or any other useful page a can look at the software releses or development train?

//Kristoffer

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents