在AIX 6.1上安装11gR2 RAC

macleandb-007 # scp p10404530_112030_AIX64-5L_1of7.zip  macleandb-008-privb:/oracle

The authenticity of host ‘macleandb-008-privb (172.168.2.102)’ can’t be established.

RSA key fingerprint is b1:2e:4f:40:7f:46:39:2d:ae:21:86:6f:75:bb:92:32.

Are you sure you want to continue connecting (yes/no)? yes

Warning: Permanently added ‘macleandb-008-privb,172.168.2.102’ (RSA) to the list of known hosts.

p10404530_112030_AIX64-5L_1of7.zip                                                                                                     11%  202MB  51.2MB/s   00:28 ETAKilled by signal 2.

macleandb-007 #

macleandb-007 # scp p10404530_112030_AIX64-5L_1of7.zip  macleandb-008:/oracle

p10404530_112030_AIX64-5L_1of7.zip                                                                                                     17%  299MB  50.6MB/s   00:27 ETAKilled by signal 2.

• · a. Open the /etc/rc.tcpip file, and locate the following line: start /usr/sbin/xntpd “$src_running”
• · b. Change the line to the following: start /usr/sbin/xntpd “$src_running” “-x”
• · c. Save the file.

macleandb-007 # mkdir -p /oracle/app/product/11.2.0/db_1

macleandb-007 # mkdir -p /oracle/app/product/grid

macleandb-007 # chown oracle:oinstall /oracle/app/product/11.2.0/db_1

macleandb-007 # chown grid:oinstall /oracle/app/product/grid

macleandb-007 # chmod 755 /oracle/app/product/11.2.0/db_1

macleandb-007 # chmod 755 /oracle/app/product/grid

macleandb-008 # mkgroup -‘A’ id=’1000′ adms=’root’ oinstall

macleandb-008 # mkgroup -‘A’ id=’1100′ adms=’root’ asmadmin

macleandb-008 # mkgroup -‘A’ id=’1200′ adms=’root’ dba

macleandb-008 # mkgroup -‘A’ id=’1300′ adms=’root’ asmdba

macleandb-008 # mkgroup -‘A’ id=’1301′ adms=’root’ asmoper

macleandb-008 # mkuser id=’1100′ pgrp=’oinstall’ groups=’asmadmin,asmdba,asmoper’ home=’/home/grid’ grid

macleandb-008 #  mkuser id=’1101′ pgrp=’oinstall’ groups=’dba,asmdba’ home=’/home/oracle’ oracle

macleandb-008 #  mkdir -p /oracle/app/product/11.2.0/db_1

macleandb-008 # mkdir -p /oracle/app/product/grid

macleandb-008 # chown oracle:oinstall /oracle/app/product/11.2.0/db_1

macleandb-008 # chown grid:oinstall /oracle/app/product/grid

macleandb-008 # chmod 755 /oracle/app/product/11.2.0/db_1

macleandb-008 # chmod 755 /oracle/app/product/grid

macleandb-007 # id oracle

uid=1101(oracle) gid=1000(oinstall) groups=1200(dba),1300(asmdba)

macleandb-007 # id grid

uid=1100(grid) gid=1000(oinstall) groups=1100(asmadmin),1300(asmdba),1301(asmoper)

macleandb-008 # id oracle

uid=1101(oracle) gid=1000(oinstall) groups=1200(dba),1300(asmdba)

macleandb-008 # id grid

uid=1100(grid) gid=1000(oinstall) groups=1100(asmadmin),1300(asmdba),1301(asmoper)

export ORACLE_BASE=/oracle/app

export PATH=$ORACLE_HOME/bin:$ORACLE_HOME/OPatch:$PATH

export CRS_HOME=$ORACLE_HOME

export LIBPATH=$ORACLE_HOME/lib

oracle profile

umask 022

export AIXTHREAD_SCOPE=S

export ORACLE_HOME=/oracle/app/product/11.2.0/db_1

export ORACLE_BASE=/oracle/app

export PATH=$ORACLE_HOME/bin:$ORACLE_HOME/OPatch:$PATH

export LIBPATH=$ORACLE_HOME/lib

export ORA_NLS10=$ORACLE_HOME/nls/data

export NLS_LANG=”Simplified Chinese”_China.AL32UTF8

core = -1

rss = -1

nofiles = -1

grid:

fsize = -1

data = -1

stack = -1

core = -1

rss = -1

nofiles = -1

$ ulimit -a

time(seconds)        unlimited

file(blocks)         unlimited

data(kbytes)         unlimited

stack(kbytes)        4194304

memory(kbytes)       unlimited

coredump(blocks)     unlimited

nofiles(descriptors) unlimited

threads(per process) unlimited

processes(per user)  unlimited

macleandb-008 # cat /etc/security/limits

oracle:

fsize = -1

data = -1

stack = -1

core = -1

rss = -1

nofiles = -1

grid:

fsize = -1

data = -1

stack = -1

core = -1

rss = -1

nofiles = -1

$ ulimit -a

time(seconds)        unlimited

file(blocks)         unlimited

data(kbytes)         unlimited

stack(kbytes)        4194304

memory(kbytes)       unlimited

coredump(blocks)     unlimited

nofiles(descriptors) unlimited

threads(per process) unlimited

processes(per user)  unlimited

The output of this script is also logged into /tmp/sshUserSetup_2012-12-05-01-27-09.log

Hosts are macleandb-007 macleandb-008

user is grid

Platform:- AIX

Checking if the remote hosts are reachable

PING macleandb-007: (192.168.18.227): 56 data bytes

64 bytes from 192.168.18.227: icmp_seq=0 ttl=255 time=0 ms

64 bytes from 192.168.18.227: icmp_seq=1 ttl=255 time=0 ms

64 bytes from 192.168.18.227: icmp_seq=2 ttl=255 time=0 ms

64 bytes from 192.168.18.227: icmp_seq=3 ttl=255 time=0 ms

64 bytes from 192.168.18.227: icmp_seq=4 ttl=255 time=0 ms

—-macleandb-007 PING Statistics—-

5 packets transmitted, 5 packets received, 0% packet loss

round-trip min/avg/max = 0/0/0 ms

PING macleandb-008: (192.168.18.231): 56 data bytes

64 bytes from 192.168.18.231: icmp_seq=0 ttl=255 time=0 ms

64 bytes from 192.168.18.231: icmp_seq=1 ttl=255 time=0 ms

64 bytes from 192.168.18.231: icmp_seq=2 ttl=255 time=0 ms

64 bytes from 192.168.18.231: icmp_seq=3 ttl=255 time=0 ms

64 bytes from 192.168.18.231: icmp_seq=4 ttl=255 time=0 ms

—-macleandb-008 PING Statistics—-

5 packets transmitted, 5 packets received, 0% packet loss

round-trip min/avg/max = 0/0/0 ms

Remote host reachability check succeeded.

The following hosts are reachable: macleandb-007 macleandb-008.

The following hosts are not reachable: .

All hosts are reachable. Proceeding further…

firsthost macleandb-007

numhosts 2

The script will setup SSH connectivity from the host macleandb-007 to all

the remote hosts. After the script is executed, the user can use SSH to run

commands on the remote hosts or copy files between this host macleandb-007

and the remote hosts without being prompted for passwords or confirmations.

NOTE 1:

As part of the setup procedure, this script will use ssh and scp to copy

files between the local host and the remote hosts. Since the script does not

store passwords, you may be prompted for the passwords during the execution of

the script whenever ssh or scp is invoked.

NOTE 2:

AS PER SSH REQUIREMENTS, THIS SCRIPT WILL SECURE THE USER HOME DIRECTORY

AND THE .ssh DIRECTORY BY REVOKING GROUP AND WORLD WRITE PRIVILEDGES TO THESE

directories.

Do you want to continue and let the script make the above mentioned changes (yes/no)?

yes

The user chose yes

Please specify if you want to specify a passphrase for the private key this script will create for the local host. Passphrase is used to encrypt the private key and makes SSH much more secure. Type ‘yes’ or ‘no’ and then press enter. In case you press ‘yes’, you would need to enter the passphrase whenever the script executes ssh or scp.

The estimated number of times the user would be prompted for a passphrase is 4. In addition, if the private-public files are also newly created, the user would have to specify the passphrase on one additional occasion.

Enter ‘yes’ or ‘no’.

yes

The user chose yes

Creating .ssh directory on local host, if not present already

Creating authorized_keys file on local host

Changing permissions on authorized_keys to 644 on local host

Creating known_hosts file on local host

Changing permissions on known_hosts to 644 on local host

Creating config file on local host

If a config file exists already at /home/grid/.ssh/config, it would be backed up to /home/grid/.ssh/config.backup.

Removing old private/public keys on local host

Running SSH keygen on local host

Enter passphrase (empty for no passphrase):

Enter same passphrase again:

Generating public/private rsa key pair.

Your identification has been saved in /home/grid/.ssh/id_rsa.

Your public key has been saved in /home/grid/.ssh/id_rsa.pub.

The key fingerprint is:

a6:87:38:26:11:7a:1e:d6:4a:eb:2b:6d:54:68:bc:29 grid@macleandb-007

The key’s randomart image is:

+–[ RSA 1024]—-+

|                 |

|                 |

| …             |

| .+o.            |

|..*+.   S        |

|E=+= . +         |

| += + o .        |

|..oo . .         |

| oo.             |

+—————–+

Creating .ssh directory and setting permissions on remote host macleandb-007

THE SCRIPT WOULD ALSO BE REVOKING WRITE PERMISSIONS FOR group AND others ON THE HOME DIRECTORY FOR grid. THIS IS AN SSH REQUIREMENT.

The script would create /home/grid/.ssh/config file on remote host macleandb-007. If a config file exists already at /home/grid/.ssh/config, it would be backed up to /home/grid/.ssh/config.backup.

The user may be prompted for a password here since the script would be running SSH on host macleandb-007.

Warning: Permanently added ‘macleandb-007,192.168.18.227’ (RSA) to the list of known hosts.

grid@macleandb-007’s password:

Done with creating .ssh directory and setting permissions on remote host macleandb-007.

Creating .ssh directory and setting permissions on remote host macleandb-008

THE SCRIPT WOULD ALSO BE REVOKING WRITE PERMISSIONS FOR group AND others ON THE HOME DIRECTORY FOR grid. THIS IS AN SSH REQUIREMENT.

The script would create /home/grid/.ssh/config file on remote host macleandb-008. If a config file exists already at /home/grid/.ssh/config, it would be backed up to /home/grid/.ssh/config.backup.

The user may be prompted for a password here since the script would be running SSH on host macleandb-008.

Warning: Permanently added ‘macleandb-008,192.168.18.231’ (RSA) to the list of known hosts.

grid@macleandb-008’s password:

Done with creating .ssh directory and setting permissions on remote host macleandb-008.

Copying local host public key to the remote host macleandb-007

The user may be prompted for a password or passphrase here since the script would be using SCP for host macleandb-007.

grid@macleandb-007’s password:

Done copying local host public key to the remote host macleandb-007

Copying local host public key to the remote host macleandb-008

The user may be prompted for a password or passphrase here since the script would be using SCP for host macleandb-008.

grid@macleandb-008’s password:

Done copying local host public key to the remote host macleandb-008

Creating keys on remote host macleandb-007 if they do not exist already. This is required to setup SSH on host macleandb-007.

Creating keys on remote host macleandb-008 if they do not exist already. This is required to setup SSH on host macleandb-008.

Generating public/private rsa key pair.

Your identification has been saved in .ssh/id_rsa.

Your public key has been saved in .ssh/id_rsa.pub.

The key fingerprint is:

57:10:a3:c8:c6:ec:55:3f:1c:ea:c3:c5:ef:bf:23:b6 grid@macleandb-008

The key’s randomart image is:

+–[ RSA 1024]—-+

|          =..    |

|     + . o B .   |

|      * o . B    |

|     o . o o o   |

|      . S =   .  |

|         . . .   |

|              .  |

|             o o |

|            .Eo.+|

+—————–+

Updating authorized_keys file on remote host macleandb-007

Updating known_hosts file on remote host macleandb-007

The script will run SSH on the remote machine macleandb-007. The user may be prompted for a passphrase here in case the private key has been encrypted with a passphrase.

Updating authorized_keys file on remote host macleandb-008

Updating known_hosts file on remote host macleandb-008

The script will run SSH on the remote machine macleandb-008. The user may be prompted for a passphrase here in case the private key has been encrypted with a passphrase.

cat: 0652-050 Cannot open /home/grid/.ssh/known_hosts.tmp.

cat: 0652-050 Cannot open /home/grid/.ssh/authorized_keys.tmp.

SSH setup is complete.

————————————————————————

Verifying SSH setup

===================

The script will now run the date command on the remote nodes using ssh

to verify if ssh is setup correctly. IF THE SETUP IS CORRECTLY SETUP,

THERE SHOULD BE NO OUTPUT OTHER THAN THE DATE AND SSH SHOULD NOT ASK FOR

PASSWORDS. If you see any output other than date or are prompted for the

password, ssh is not setup correctly and you will need to resolve the

issue and set up ssh again.

The possible causes for failure could be:

1. The server settings in /etc/ssh/sshd_config file do not allow ssh

for user grid.

2. The server may have disabled public key based authentication.

3. The client public key on the server may be outdated.

4. /home/grid or /home/grid/.ssh on the remote host may not be owned by grid.

5. User may not have passed -shared option for shared remote users or

may be passing the -shared option for non-shared remote users.

6. If there is output in addition to the date, but no password is asked,

it may be a security alert shown as part of company policy. Append the

additional text to the <OMS HOME>/sysman/prov/resources/ignoreMessages.txt file.

————————————————————————

–macleandb-007:–

Running /usr/bin/ssh -x -l grid macleandb-007 date to verify SSH connectivity has been setup from local host to macleandb-007.

IF YOU SEE ANY OTHER OUTPUT BESIDES THE OUTPUT OF THE DATE COMMAND OR IF YOU ARE PROMPTED FOR A PASSWORD HERE, IT MEANS SSH SETUP HAS NOT BEEN SUCCESSFUL. Please note that being prompted for a passphrase may be OK but being prompted for a password is ERROR.

The script will run SSH on the remote machine macleandb-007. The user may be prompted for a passphrase here in case the private key has been encrypted with a passphrase.

Wed Dec  5 01:28:15 GMT+08:00 2012

————————————————————————

–macleandb-008:–

Running /usr/bin/ssh -x -l grid macleandb-008 date to verify SSH connectivity has been setup from local host to macleandb-008.

IF YOU SEE ANY OTHER OUTPUT BESIDES THE OUTPUT OF THE DATE COMMAND OR IF YOU ARE PROMPTED FOR A PASSWORD HERE, IT MEANS SSH SETUP HAS NOT BEEN SUCCESSFUL. Please note that being prompted for a passphrase may be OK but being prompted for a password is ERROR.

The script will run SSH on the remote machine macleandb-008. The user may be prompted for a passphrase here in case the private key has been encrypted with a passphrase.

Wed Dec  5 01:28:20 GMT+08:00 2012

————————————————————————

————————————————————————

Verifying SSH connectivity has been setup from macleandb-007 to macleandb-007

IF YOU SEE ANY OTHER OUTPUT BESIDES THE OUTPUT OF THE DATE COMMAND OR IF YOU ARE PROMPTED FOR A PASSWORD HERE, IT MEANS SSH SETUP HAS NOT BEEN SUCCESSFUL.

Wed Dec  5 01:28:16 GMT+08:00 2012

————————————————————————

————————————————————————

Verifying SSH connectivity has been setup from macleandb-007 to macleandb-008

IF YOU SEE ANY OTHER OUTPUT BESIDES THE OUTPUT OF THE DATE COMMAND OR IF YOU ARE PROMPTED FOR A PASSWORD HERE, IT MEANS SSH SETUP HAS NOT BEEN SUCCESSFUL.

Wed Dec  5 01:28:21 GMT+08:00 2012

————————————————————————

-Verification from complete-

SSH verification complete.

$ ./sshUserSetup.sh -user oracle -hosts “macleandb-007 macleandb-008”  -advanced PromptPassphrase

The output of this script is also logged into /tmp/sshUserSetup_2012-12-05-01-31-18.log

Hosts are macleandb-007 macleandb-008

user is oracle

Platform:- AIX

Checking if the remote hosts are reachable

PING macleandb-007: (192.168.18.227): 56 data bytes

64 bytes from 192.168.18.227: icmp_seq=0 ttl=255 time=0 ms

64 bytes from 192.168.18.227: icmp_seq=1 ttl=255 time=0 ms

64 bytes from 192.168.18.227: icmp_seq=2 ttl=255 time=0 ms

64 bytes from 192.168.18.227: icmp_seq=3 ttl=255 time=0 ms

64 bytes from 192.168.18.227: icmp_seq=4 ttl=255 time=0 ms

—-macleandb-007 PING Statistics—-

5 packets transmitted, 5 packets received, 0% packet loss

round-trip min/avg/max = 0/0/0 ms

PING macleandb-008: (192.168.18.231): 56 data bytes

64 bytes from 192.168.18.231: icmp_seq=0 ttl=255 time=0 ms

64 bytes from 192.168.18.231: icmp_seq=1 ttl=255 time=0 ms

64 bytes from 192.168.18.231: icmp_seq=2 ttl=255 time=0 ms

64 bytes from 192.168.18.231: icmp_seq=3 ttl=255 time=0 ms

64 bytes from 192.168.18.231: icmp_seq=4 ttl=255 time=0 ms

—-macleandb-008 PING Statistics—-

5 packets transmitted, 5 packets received, 0% packet loss

round-trip min/avg/max = 0/0/0 ms

Remote host reachability check succeeded.

The following hosts are reachable: macleandb-007 macleandb-008.

The following hosts are not reachable: .

All hosts are reachable. Proceeding further…

firsthost macleandb-007

numhosts 2

The script will setup SSH connectivity from the host macleandb-007 to all

the remote hosts. After the script is executed, the user can use SSH to run

commands on the remote hosts or copy files between this host macleandb-007

and the remote hosts without being prompted for passwords or confirmations.

NOTE 1:

As part of the setup procedure, this script will use ssh and scp to copy

files between the local host and the remote hosts. Since the script does not

store passwords, you may be prompted for the passwords during the execution of

the script whenever ssh or scp is invoked.

NOTE 2:

AS PER SSH REQUIREMENTS, THIS SCRIPT WILL SECURE THE USER HOME DIRECTORY

AND THE .ssh DIRECTORY BY REVOKING GROUP AND WORLD WRITE PRIVILEDGES TO THESE

directories.

Do you want to continue and let the script make the above mentioned changes (yes/no)?

yes

The user chose yes

Please specify if you want to specify a passphrase for the private key this script will create for the local host. Passphrase is used to encrypt the private key and makes SSH much more secure. Type ‘yes’ or ‘no’ and then press enter. In case you press ‘yes’, you would need to enter the passphrase whenever the script executes ssh or scp.

The estimated number of times the user would be prompted for a passphrase is 4. In addition, if the private-public files are also newly created, the user would have to specify the passphrase on one additional occasion.

Enter ‘yes’ or ‘no’.

yes

The user chose yes

Creating .ssh directory on local host, if not present already

Creating authorized_keys file on local host

Changing permissions on authorized_keys to 644 on local host

Creating known_hosts file on local host

Changing permissions on known_hosts to 644 on local host

Creating config file on local host

If a config file exists already at /home/oracle/.ssh/config, it would be backed up to /home/oracle/.ssh/config.backup.

Removing old private/public keys on local host

Running SSH keygen on local host

Enter passphrase (empty for no passphrase):

Enter same passphrase again:

Generating public/private rsa key pair.

Your identification has been saved in /home/oracle/.ssh/id_rsa.

Your public key has been saved in /home/oracle/.ssh/id_rsa.pub.

The key fingerprint is:

de:e1:bd:ac:7d:f0:25:68:3c:80:33:24:53:ae:31:fb oracle@macleandb-007

The key’s randomart image is:

+–[ RSA 1024]—-+

|       ..        |

|      o..        |

|      o+..       |

|       =+ .      |

|      o So.o .   |

|       o o o* . .|

|        E o..+ o |

|           o .o  |

|          ..+.   |

+—————–+

Creating .ssh directory and setting permissions on remote host macleandb-007

THE SCRIPT WOULD ALSO BE REVOKING WRITE PERMISSIONS FOR group AND others ON THE HOME DIRECTORY FOR oracle. THIS IS AN SSH REQUIREMENT.

The script would create /home/oracle/.ssh/config file on remote host macleandb-007. If a config file exists already at /home/oracle/.ssh/config, it would be backed up to /home/oracle/.ssh/config.backup.

The user may be prompted for a password here since the script would be running SSH on host macleandb-007.

Warning: Permanently added ‘macleandb-007,192.168.18.227’ (RSA) to the list of known hosts.

oracle@macleandb-007’s password:

Done with creating .ssh directory and setting permissions on remote host macleandb-007.

Creating .ssh directory and setting permissions on remote host macleandb-008

THE SCRIPT WOULD ALSO BE REVOKING WRITE PERMISSIONS FOR group AND others ON THE HOME DIRECTORY FOR oracle. THIS IS AN SSH REQUIREMENT.

The script would create /home/oracle/.ssh/config file on remote host macleandb-008. If a config file exists already at /home/oracle/.ssh/config, it would be backed up to /home/oracle/.ssh/config.backup.

The user may be prompted for a password here since the script would be running SSH on host macleandb-008.

Warning: Permanently added ‘macleandb-008,192.168.18.231’ (RSA) to the list of known hosts.

oracle@macleandb-008’s password:

Done with creating .ssh directory and setting permissions on remote host macleandb-008.

Copying local host public key to the remote host macleandb-007

The user may be prompted for a password or passphrase here since the script would be using SCP for host macleandb-007.

oracle@macleandb-007’s password:

Done copying local host public key to the remote host macleandb-007

Copying local host public key to the remote host macleandb-008

The user may be prompted for a password or passphrase here since the script would be using SCP for host macleandb-008.

oracle@macleandb-008’s password:

Done copying local host public key to the remote host macleandb-008

Creating keys on remote host macleandb-007 if they do not exist already. This is required to setup SSH on host macleandb-007.

Creating keys on remote host macleandb-008 if they do not exist already. This is required to setup SSH on host macleandb-008.

Generating public/private rsa key pair.

Your identification has been saved in .ssh/id_rsa.

Your public key has been saved in .ssh/id_rsa.pub.

The key fingerprint is:

b2:b1:d7:2d:2a:bf:d9:76:5c:2a:6e:97:d9:7d:7c:3e oracle@macleandb-008

The key’s randomart image is:

+–[ RSA 1024]—-+

|                 |

|                 |

|                 |

|                 |

|      o S        |

|       = . .  .  |

|      o . o..* o |

|      .. ++.B .E=|

|       o==o+   .=|

+—————–+

Updating authorized_keys file on remote host macleandb-007

Updating known_hosts file on remote host macleandb-007

The script will run SSH on the remote machine macleandb-007. The user may be prompted for a passphrase here in case the private key has been encrypted with a passphrase.

Updating authorized_keys file on remote host macleandb-008

Updating known_hosts file on remote host macleandb-008

The script will run SSH on the remote machine macleandb-008. The user may be prompted for a passphrase here in case the private key has been encrypted with a passphrase.

cat: 0652-050 Cannot open /home/oracle/.ssh/known_hosts.tmp.

cat: 0652-050 Cannot open /home/oracle/.ssh/authorized_keys.tmp.

SSH setup is complete.

————————————————————————

Verifying SSH setup

===================

The script will now run the date command on the remote nodes using ssh

to verify if ssh is setup correctly. IF THE SETUP IS CORRECTLY SETUP,

THERE SHOULD BE NO OUTPUT OTHER THAN THE DATE AND SSH SHOULD NOT ASK FOR

PASSWORDS. If you see any output other than date or are prompted for the

password, ssh is not setup correctly and you will need to resolve the

issue and set up ssh again.

The possible causes for failure could be:

1. The server settings in /etc/ssh/sshd_config file do not allow ssh

for user oracle.

2. The server may have disabled public key based authentication.

3. The client public key on the server may be outdated.

4. /home/oracle or /home/oracle/.ssh on the remote host may not be owned by oracle.

5. User may not have passed -shared option for shared remote users or

may be passing the -shared option for non-shared remote users.

6. If there is output in addition to the date, but no password is asked,

it may be a security alert shown as part of company policy. Append the

additional text to the <OMS HOME>/sysman/prov/resources/ignoreMessages.txt file.

————————————————————————

–macleandb-007:–

Running /usr/bin/ssh -x -l oracle macleandb-007 date to verify SSH connectivity has been setup from local host to macleandb-007.

IF YOU SEE ANY OTHER OUTPUT BESIDES THE OUTPUT OF THE DATE COMMAND OR IF YOU ARE PROMPTED FOR A PASSWORD HERE, IT MEANS SSH SETUP HAS NOT BEEN SUCCESSFUL. Please note that being prompted for a passphrase may be OK but being prompted for a password is ERROR.

The script will run SSH on the remote machine macleandb-007. The user may be prompted for a passphrase here in case the private key has been encrypted with a passphrase.

Wed Dec  5 01:31:50 GMT+08:00 2012

————————————————————————

–macleandb-008:–

Running /usr/bin/ssh -x -l oracle macleandb-008 date to verify SSH connectivity has been setup from local host to macleandb-008.

IF YOU SEE ANY OTHER OUTPUT BESIDES THE OUTPUT OF THE DATE COMMAND OR IF YOU ARE PROMPTED FOR A PASSWORD HERE, IT MEANS SSH SETUP HAS NOT BEEN SUCCESSFUL. Please note that being prompted for a passphrase may be OK but being prompted for a password is ERROR.

The script will run SSH on the remote machine macleandb-008. The user may be prompted for a passphrase here in case the private key has been encrypted with a passphrase.

Wed Dec  5 01:31:55 GMT+08:00 2012

————————————————————————

————————————————————————

Verifying SSH connectivity has been setup from macleandb-007 to macleandb-007

IF YOU SEE ANY OTHER OUTPUT BESIDES THE OUTPUT OF THE DATE COMMAND OR IF YOU ARE PROMPTED FOR A PASSWORD HERE, IT MEANS SSH SETUP HAS NOT BEEN SUCCESSFUL.

Wed Dec  5 01:31:51 GMT+08:00 2012

————————————————————————

————————————————————————

Verifying SSH connectivity has been setup from macleandb-007 to macleandb-008

IF YOU SEE ANY OTHER OUTPUT BESIDES THE OUTPUT OF THE DATE COMMAND OR IF YOU ARE PROMPTED FOR A PASSWORD HERE, IT MEANS SSH SETUP HAS NOT BEEN SUCCESSFUL.

Wed Dec  5 01:31:57 GMT+08:00 2012

————————————————————————

-Verification from complete-

SSH verification complete.

macleandb-007 # lsattr -E -l sys0 -a maxuproc

maxuproc 16384 Maximum number of PROCESSES allowed per user True

macleandb-007 # lsattr -El sys0 | grep maxuproc | awk ‘{print $2}’

16384

macleandb-007 # lsattr -El sys0 | grep ncargs | awk ‘{print $2}’

256

macleandb-008 #  chdev -l sys0 -a maxuproc=16384

sys0 changed

macleandb-008 #  lsattr -E -l sys0 -a maxuproc

maxuproc 16384 Maximum number of PROCESSES allowed per user True

macleandb-008 #  lsattr -El sys0 | grep maxuproc | awk ‘{print $2}’

16384

macleandb-008 #  lsattr -El sys0 | grep ncargs | awk ‘{print $2}’

256

macleandb-007 # /usr/sbin/no -p -o tcp_ephemeral_low=9000 -o tcp_ephemeral_high=65500

Setting tcp_ephemeral_low to 9000

Setting tcp_ephemeral_low to 9000 in nextboot file

Setting tcp_ephemeral_high to 65500

Setting tcp_ephemeral_high to 65500 in nextboot file

macleandb-007 # /usr/sbin/no -p -o udp_ephemeral_low=9000 -o udp_ephemeral_high=65500

Setting udp_ephemeral_low to 9000

Setting udp_ephemeral_low to 9000 in nextboot file

Setting udp_ephemeral_high to 65500

Setting udp_ephemeral_high to 65500 in nextboot file

macleandb-008 # /usr/sbin/no -p -o tcp_ephemeral_low=9000 -o tcp_ephemeral_high=65500

Setting tcp_ephemeral_low to 9000

Setting tcp_ephemeral_low to 9000 in nextboot file

Setting tcp_ephemeral_high to 65500

Setting tcp_ephemeral_high to 65500 in nextboot file

macleandb-008 #  /usr/sbin/no -p -o udp_ephemeral_low=9000 -o udp_ephemeral_high=65500

Setting udp_ephemeral_low to 9000

Setting udp_ephemeral_low to 9000 in nextboot file

Setting udp_ephemeral_high to 65500

Setting udp_ephemeral_high to 65500 in nextboot file

no -po tcp_sendspace=65536

no -po tcp_recvspace=65536

no -po sb_max=41943040

no -po udp_sendspace=2097152

no -po udp_recvspace=20971520

no -r -o ipqmaxlen=512

macleandb-007 # no -po rfc1323=1

Setting rfc1323 to 1

Setting rfc1323 to 1 in nextboot file

Change to tunable rfc1323, will only be effective for future connections

macleandb-008 # no -a |grep “rfc1323”

rfc1323 = 1

macleandb-008 # ioo -o aio_maxreqs

aio_maxreqs = 65536

macleandb-007 # su – grid

$ cd oradata01

$ mkdir ocr

$ cd ..

$ mkdir oradata02/ocr

$ mkdir oradata03/ocr

$ mkdir oradata01/vote

$ mkdir oradata02/vote

$ mkdir oradata03/vote

Node reachability check passed from node “macleandb-007”

Checking user equivalence…

User equivalence check passed for user “oracle”

Checking node connectivity…

Checking hosts config file…

Verification of the hosts config file successful

Node connectivity passed for subnet “172.168.1.0” with node(s) macleandb-008,macleandb-007

TCP connectivity check passed for subnet “172.168.1.0”

Node connectivity passed for subnet “172.168.2.0” with node(s) macleandb-008,macleandb-007

TCP connectivity check passed for subnet “172.168.2.0”

Node connectivity passed for subnet “192.168.18.128” with node(s) macleandb-008,macleandb-007

TCP connectivity check passed for subnet “192.168.18.128”

Interfaces found on subnet “172.168.1.0” that are likely candidates for VIP are:

macleandb-008 en0:172.168.1.102 en0:172.168.1.102

macleandb-007 en0:172.168.1.101 en0:172.168.1.101

Interfaces found on subnet “172.168.2.0” that are likely candidates for VIP are:

macleandb-008 en1:172.168.2.102 en1:172.168.2.102

macleandb-007 en1:172.168.2.101 en1:172.168.2.101

Interfaces found on subnet “192.168.18.128” that are likely candidates for VIP are:

macleandb-008 en5:192.168.18.231 en5:192.168.18.231

macleandb-007 en5:192.168.18.227 en5:192.168.18.227 en5:192.168.18.227

WARNING:

Could not find a suitable set of interfaces for the private interconnect

Checking subnet mask consistency…

Subnet mask consistency check passed for subnet “172.168.1.0”.

Subnet mask consistency check passed for subnet “172.168.2.0”.

Subnet mask consistency check passed for subnet “192.168.18.128”.

Subnet mask consistency check passed.

Node connectivity check passed

Checking multicast communication…

Checking subnet “172.168.1.0” for multicast communication with multicast group “230.0.1.0”…

Check of subnet “172.168.1.0” for multicast communication with multicast group “230.0.1.0” passed.

Checking subnet “172.168.2.0” for multicast communication with multicast group “230.0.1.0”…

Check of subnet “172.168.2.0” for multicast communication with multicast group “230.0.1.0” passed.

Checking subnet “192.168.18.128” for multicast communication with multicast group “230.0.1.0”…

Check of subnet “192.168.18.128” for multicast communication with multicast group “230.0.1.0” passed.

Check of multicast communication passed.

Check for multiple users with UID value 0 passed

Time zone consistency check passed

Checking shared storage accessibility…

Disk                                  Sharing Nodes (2 in count)

————————————  ————————

/dev/rhdisk2                          macleandb-008 macleandb-007

/dev/rhdisk3                          macleandb-008 macleandb-007

/dev/rhdisk4                          macleandb-008 macleandb-007

/dev/rhdisk5                          macleandb-008 macleandb-007

/dev/rhdisk6                          macleandb-008 macleandb-007

$ cluvfy stage -pre crsinst -n macleandb-007,macleandb-008

Performing pre-checks for cluster services setup

Checking node reachability…

Node reachability check passed from node “macleandb-007”

Checking user equivalence…

User equivalence check passed for user “oracle”

Checking node connectivity…

Checking hosts config file…

Verification of the hosts config file successful

Node connectivity passed for subnet “172.168.1.0” with node(s) macleandb-008,macleandb-007

TCP connectivity check passed for subnet “172.168.1.0”

Node connectivity passed for subnet “172.168.2.0” with node(s) macleandb-008,macleandb-007

TCP connectivity check passed for subnet “172.168.2.0”

Node connectivity passed for subnet “192.168.18.128” with node(s) macleandb-008,macleandb-007

TCP connectivity check passed for subnet “192.168.18.128”

Interfaces found on subnet “172.168.1.0” that are likely candidates for VIP are:

macleandb-008 en0:172.168.1.102 en0:172.168.1.102

macleandb-007 en0:172.168.1.101 en0:172.168.1.101

Interfaces found on subnet “172.168.2.0” that are likely candidates for VIP are:

macleandb-008 en1:172.168.2.102 en1:172.168.2.102

macleandb-007 en1:172.168.2.101 en1:172.168.2.101

Interfaces found on subnet “192.168.18.128” that are likely candidates for VIP are:

macleandb-008 en5:192.168.18.231 en5:192.168.18.231

macleandb-007 en5:192.168.18.227 en5:192.168.18.227 en5:192.168.18.227

WARNING:

Could not find a suitable set of interfaces for the private interconnect

Checking subnet mask consistency…

Subnet mask consistency check passed for subnet “172.168.1.0”.

Subnet mask consistency check passed for subnet “172.168.2.0”.

Subnet mask consistency check passed for subnet “192.168.18.128”.

Subnet mask consistency check passed.

Node connectivity check passed

Checking multicast communication…

Checking subnet “172.168.1.0” for multicast communication with multicast group “230.0.1.0”…

Check of subnet “172.168.1.0” for multicast communication with multicast group “230.0.1.0” passed.

Checking subnet “172.168.2.0” for multicast communication with multicast group “230.0.1.0”…

Check of subnet “172.168.2.0” for multicast communication with multicast group “230.0.1.0” passed.

Checking subnet “192.168.18.128” for multicast communication with multicast group “230.0.1.0”…

Check of subnet “192.168.18.128” for multicast communication with multicast group “230.0.1.0” passed.

Check of multicast communication passed.

Total memory check passed

Available memory check passed

Swap space check passed

Free disk space check passed for “macleandb-008:/oracle/app/product/grid”

Free disk space check passed for “macleandb-007:/oracle/app/product/grid”

Free disk space check failed for “macleandb-008:/tmp/”

Check failed on nodes:

macleandb-008

Free disk space check passed for “macleandb-007:/tmp/”

Check for multiple users with UID value 1101 passed

User existence check passed for “oracle”

Group existence check passed for “oinstall”

Group existence check passed for “dba”

Membership check for user “oracle” in group “oinstall” [as Primary] passed

Membership check for user “oracle” in group “dba” passed

Run level check passed

Hard limits check passed for “maximum open file descriptors”

Soft limits check passed for “maximum open file descriptors”

Hard limits check passed for “maximum user processes”

Soft limits check passed for “maximum user processes”

System architecture check passed

Kernel version check passed

Kernel parameter check passed for “ncargs”

Kernel parameter check passed for “maxuproc”

Kernel parameter check passed for “tcp_ephemeral_low”

Kernel parameter check passed for “tcp_ephemeral_high”

Kernel parameter check passed for “udp_ephemeral_low”

Kernel parameter check passed for “udp_ephemeral_high”

Package existence check passed for “bos.adt.base”

Package existence check passed for “bos.adt.lib”

Package existence check passed for “bos.adt.libm”

Package existence check passed for “bos.perf.libperfstat”

Package existence check passed for “bos.perf.perfstat”

Package existence check passed for “bos.perf.proctools”

Package existence check passed for “xlC.aix61.rte”

Package existence check passed for “xlC.rte”

Operating system patch check failed for “Patch IZ97457”

Check failed on nodes:

macleandb-008,macleandb-007

Operating system patch check failed for “Patch IZ89165”

Check failed on nodes:

macleandb-008,macleandb-007

Check for multiple users with UID value 0 passed

Current group ID check passed

Starting check for consistency of primary group of root user

Check for consistency of root user’s primary group passed

Starting Clock synchronization checks using Network Time Protocol(NTP)…

NTP Configuration file check started…

NTP Configuration file check passed

No NTP Daemons or Services were found to be running

PRVF-5507 : NTP daemon or service is not running on any node but NTP configuration file exists on the following node(s):

macleandb-008,macleandb-007

Clock synchronization check using Network Time Protocol(NTP) failed

Core file name pattern consistency check passed.

User “oracle” is not part of “system” group. Check passed

Default user file creation mask check passed

Checking consistency of file “/etc/resolv.conf” across nodes

File “/etc/resolv.conf” does not exist on any node of the cluster. Skipping further checks

File “/etc/resolv.conf” is consistent across nodes

Time zone consistency check passed

User ID < 65535 check passed

Kernel 64-bit mode check passed

Pre-check for cluster services setup was unsuccessful on all the nodes.

Test “Oracle Database 11g R2 (11.2.0) Preinstall (AIX)” executed at 05-Dec-2012 01:40:28

Test Results

~~~~~~~~~~~~

ID     NAME                 RESULT  VALUE

====== ==================== ======= ==========================================

A00010 OS Certified?        PASSED  Certified

A00015 HARDWARE_BITMODE 64? PASSED  is 64-bit

A00016 System mode 64-bit?  FAILED  bootinfo error

A00020 User in /etc/passwd? PASSED  userOK

A00040 Group in /etc/group? PASSED  GroupOK

A00050 Enter ORACLE_HOME    RECORD

A00060 ORACLE_HOME Valid?   FAILED  OHnotvalid

A00070 O_H Permissions OK?  FAILED  ORACLE_HOME must exist for this rule

A00080 oraInventory Permiss PASSED  oraInventoryNotFound

A00090 Got Software Tools?  PASSED  ld_nm_ar_make_found

A00100 Umask Set to 022?    PASSED  UmaskOK

A00110 ulimits OK?          FAILED  StackTooSmall

A00140 LDLIBRARYPATH Unset? PASSED  UnSet

A00160 LIBPATH Unset?       PASSED  UnSet

A00190 Enter JDK Home       RECORD

A00200 JDK Version          FAILED  JDK home is missing

A00210 Other O_Hs in PATH?  PASSED  NoneFound

A00220 Other OUI Up?        PASSED  NoOtherOUI

A00230 /tmp Adequate?       PASSED  TempSpaceOK

A00240 Disk Space OK?       SKIPPED This rule needs an accessible ORACLE_..>

A00250 Swap (in MB)         RECORD  512

A00260 RAM (in MB)          PASSED  509440

A00270 SwapToRAM OK?        FAILED  SwapLessThanRAM

A00290 IP Address           RECORD  192.168.18.227

A00300 Domain Name          RECORD  NotFound

A00310 DNS Lookup           FAILED  Host not correctly registered in DNS

A00320 /etc/hosts Format    FAILED  no entry found

A00330 Kernel Parameters OK FAILED  NoAccess

A00335 aio_maxreqs OK?      FAILED  ioo error

A00340 AIXTHREAD_SCOPE=S?   PASSED  AIXTHREAD_SCOPEOK

A00350 LINK_CNTRL is Unset? PASSED  LINK_CNTRLunset

A00410 Got OS Patches?      PASSED  PatchesNotRequired

A00430 Got OS Packages?     FAILED  [gpfs.base] not installed

A00445 TCP/UDP Ephemeral OK PASSED  Ephemeral OK

macleandb-007 # /tmp/unzip p10404530_112030_AIX64-5L_3of7.zip

macleandb-007 # ./rootpre.sh

./rootpre.sh output will be logged in /tmp/rootpre.out_12-12-05.01:14:00

Checking if group services should be configured….

Nothing to configure.

Changing groupname of /home/grid/app/oraInventory to oinstall.

The execution of the script is complete.

macleandb-007 # /oracle/app/product/grid/root.sh

Performing root user operation for Oracle 11g

The following environment variables are set as:

ORACLE_OWNER= grid

ORACLE_HOME=  /oracle/app/product/grid

Enter the full pathname of the local bin directory: [/usr/local/bin]:

Creating /usr/local/bin directory…

Copying dbhome to /usr/local/bin …

Copying oraenv to /usr/local/bin …

Copying coraenv to /usr/local/bin …

Creating /etc/oratab file…

Entries will be added to the /etc/oratab file as needed by

Database Configuration Assistant when a database is created

Finished running generic part of root script.

Now product-specific root actions will be performed.

Using configuration parameter file: /oracle/app/product/grid/crs/install/crsconfig_params

Creating trace directory

User ignored Prerequisites during installation

User grid has the required capabilities to run CSSD in realtime mode

OLR initialization – successful

root wallet

root wallet cert

root cert export

peer wallet

profile reader wallet

pa wallet

peer wallet keys

pa wallet keys

peer cert request

pa cert request

peer cert

pa cert

peer root cert TP

profile reader root cert TP

pa root cert TP

peer pa cert TP

pa peer cert TP

profile reader pa cert TP

profile reader peer cert TP

peer user cert

pa user cert

Adding Clusterware entries to inittab

CRS-2672: Attempting to start ‘ora.mdnsd’ on ‘macleandb-007’

CRS-2676: Start of ‘ora.mdnsd’ on ‘macleandb-007’ succeeded

CRS-2672: Attempting to start ‘ora.gpnpd’ on ‘macleandb-007’

CRS-2676: Start of ‘ora.gpnpd’ on ‘macleandb-007’ succeeded

CRS-2672: Attempting to start ‘ora.cssdmonitor’ on ‘macleandb-007’

CRS-2672: Attempting to start ‘ora.gipcd’ on ‘macleandb-007’

CRS-2676: Start of ‘ora.cssdmonitor’ on ‘macleandb-007’ succeeded

CRS-2676: Start of ‘ora.gipcd’ on ‘macleandb-007’ succeeded

CRS-2672: Attempting to start ‘ora.cssd’ on ‘macleandb-007’

CRS-2672: Attempting to start ‘ora.diskmon’ on ‘macleandb-007’

CRS-2676: Start of ‘ora.diskmon’ on ‘macleandb-007’ succeeded

CRS-2676: Start of ‘ora.cssd’ on ‘macleandb-007’ succeeded

clscfg: -install mode specified

Successfully accumulated necessary OCR keys.

Creating OCR keys for user ‘root’, privgrp ‘system’..

Operation successful.

Now formatting voting disk: /oradata/oradata01/vote/vote1.

Now formatting voting disk: /oradata/oradata02/vote/vote2.

Now formatting voting disk: /oradata/oradata03/vote/vote3.

CRS-4603: Successful addition of voting disk /oradata/oradata01/vote/vote1.

CRS-4603: Successful addition of voting disk /oradata/oradata02/vote/vote2.

CRS-4603: Successful addition of voting disk /oradata/oradata03/vote/vote3.

##  STATE    File Universal Id                File Name Disk group

—  —–    —————–                ——— ———

1. ONLINE   08a3980556c04f05bf2286c0ad1a0924 (/oradata/oradata01/vote/vote1) []

2. ONLINE   21d4c2b231be4fdcbf4d44a3f19455f2 (/oradata/oradata02/vote/vote2) []

3. ONLINE   03619a54a99f4f9fbfc6b22cef4c31da (/oradata/oradata03/vote/vote3) []

Located 3 voting disk(s).

macleandb-008 # /home/grid/app/oraInventory/orainstRoot.sh

Changing permissions of /home/grid/app/oraInventory.

Adding read,write permissions for group.

Removing read,write,execute permissions for world.

Changing groupname of /home/grid/app/oraInventory to oinstall.

The execution of the script is complete.

macleandb-008 # /oracle/app/product/grid/root.sh

Performing root user operation for Oracle 11g

The following environment variables are set as:

ORACLE_OWNER= grid

ORACLE_HOME=  /oracle/app/product/grid

Enter the full pathname of the local bin directory: [/usr/local/bin]:

Creating /usr/local/bin directory…

Copying dbhome to /usr/local/bin …

Copying oraenv to /usr/local/bin …

Copying coraenv to /usr/local/bin …

Creating /etc/oratab file…

Entries will be added to the /etc/oratab file as needed by

Database Configuration Assistant when a database is created

Finished running generic part of root script.

Now product-specific root actions will be performed.

Using configuration parameter file: /oracle/app/product/grid/crs/install/crsconfig_params

Creating trace directory

User ignored Prerequisites during installation

User grid has the required capabilities to run CSSD in realtime mode

OLR initialization – successful

Adding Clusterware entries to inittab

CRS-4402: The CSS daemon was started in exclusive mode but found an active CSS daemon on node unknown, number unknown, and is terminating

An active cluster was found during exclusive startup, restarting to join the cluster

Configure Oracle Grid Infrastructure for a Cluster … succeeded

macleandb-008 #

Oracle Clusterware version on node [macleandb-007] is [11.2.0.3.0]

$ crsctl query crs activeversion

Oracle Clusterware active version on the cluster is [11.2.0.3.0]

$ crsctl stat res -t

——————————————————————————–

NAME           TARGET  STATE        SERVER                   STATE_DETAILS

——————————————————————————–

Local Resources

——————————————————————————–

ora.LISTENER.lsnr

ONLINE  ONLINE       macleandb-007

ONLINE  ONLINE       macleandb-008

ora.asm

OFFLINE OFFLINE      macleandb-007               Instance Shutdown

OFFLINE OFFLINE      macleandb-008

ora.gsd

OFFLINE OFFLINE      macleandb-007

OFFLINE OFFLINE      macleandb-008

ora.net1.network

ONLINE  ONLINE       macleandb-007

ONLINE  ONLINE       macleandb-008

ora.ons

ONLINE  ONLINE       macleandb-007

ONLINE  ONLINE       macleandb-008

ora.registry.acfs

OFFLINE OFFLINE      macleandb-007

OFFLINE OFFLINE      macleandb-008

——————————————————————————–

Cluster Resources

——————————————————————————–

ora.LISTENER_SCAN1.lsnr

1        ONLINE  ONLINE       macleandb-007

ora.macleandb-007.vip

1        ONLINE  ONLINE       macleandb-007

ora.macleandb-008.vip

1        ONLINE  ONLINE       macleandb-008

ora.cvu

1        ONLINE  ONLINE       macleandb-007

ora.oc4j

1        ONLINE  ONLINE       macleandb-007

ora.scan1.vip

1        ONLINE  ONLINE       macleandb-007

$ crsctl stat res -t -init

——————————————————————————–

NAME           TARGET  STATE        SERVER                   STATE_DETAILS

——————————————————————————–

Cluster Resources

——————————————————————————–

ora.asm

1        OFFLINE OFFLINE                               Instance Shutdown

ora.cluster_interconnect.haip

1        ONLINE  ONLINE       macleandb-007

ora.crf

1        ONLINE  ONLINE       macleandb-007

ora.crsd

1        ONLINE  ONLINE       macleandb-007

ora.cssd

1        ONLINE  ONLINE       macleandb-007

ora.cssdmonitor

1        ONLINE  ONLINE       macleandb-007

ora.ctssd

1        ONLINE  ONLINE       macleandb-007               OBSERVER

ora.diskmon

1        OFFLINE OFFLINE

ora.drivers.acfs

1        ONLINE  ONLINE       macleandb-007

ora.evmd

1        ONLINE  ONLINE       macleandb-007

ora.gipcd

1        ONLINE  ONLINE       macleandb-007

ora.gpnpd

1        ONLINE  ONLINE       macleandb-007

ora.mdnsd

1        ONLINE  ONLINE       macleandb-007