Installing and running GroupWise Monitor (GWMon) and GWHA on SLES 15 or SLES 12

  • 7024943
  • 30-Nov-2020
  • 19-Mar-2021

Environment

GroupWise 18.3

Situation

In order for Linux GWMon to monitor GroupWise agents on Linux servers, it needs to have GWHA installed on all the servers that GroupWise agents are running.  This document is not a replacement for the GroupWise 2018 Installation guide but is intended to highlight some of the critical steps.

Since SLES 15, xinetd is no longer supported.  Systemd is the new replacement.  Systemd enables faster server startup because of multi-threading.  For more information, refer to SLES 15 administration guide.

Resolution

1.      Ensure GWHA is installed correctly and functioning.

When GroupWise 18.3 is installed on SLES12 and SLES 15, it will lay down gwha.socket and gwha@.service in /usr/lib/systemd/system.

SLES 12 is supporting both xinetd and Systemd. You can still enable gwha using the Network Services. If you want to use Systemd to support gwha, you can disable the gwha through the Network Services.

To enable the GWHA on SLES 12 and SLES 15 using systemd:

systemctl enable gwha.socket

 

This will create a symbolic link from /etc/system/system/sockets.target.wants to

gwha.socket in /usr/lib/system/system.  This will enable gwha.socket started at the server reboot.

To start the gwha.socket at run time,

systemctl start gwha.socket

 

systemctl status gwha.socket gives you the status of the gwha. gwha@.service will only be invoked when there is a connection to gwha port 8400 for action. 

 

gwha reads in the /etc/opt/novell/groupwise/gwha.conf to manage the local GroupWise agents.

To test if gwha is functioning as it should, do the following:

a.      Create a user who you can use to log in to gwha.

e.g.  useradd  gwhauser

        passwd   gwhauser

        ( provide your password)

       If you intend to have one GWMon to monitor agents on multiple servers, you need to have the same user and password created in all these servers.

Steps to test gwha using telnet:

 

telnet <ip address of your server or 127.0.0.1>  8400

telnet 137.65.67.100 8400

Trying 137.65.67.100...

Connected to 137.65.67.100.

Escape character is '^]'.

user:

Enter your gwha user name and password.  If gwha rejects your user name and password by displaying “bye”, you need to check these 3 things.

1.      You have created valid user and its correct password.

2.      Make sure PAM is installed on your server. Pluggable Authentication Modules ( PAM )  .

Make sure “Additional PAM modules” are installed on your SLES 15 server.  If they are installed, pam_unix.so and pam_unix2.so should be in /lib64/security.

 

3.      Make sure you have added the created user to /etc/opt/novell/groupwise/gwha.allow

e.g.

# Uncomment or add the local user(s) names that are allowed

# access to the gwha service to manage groupwise agents.

#

#gwhauser

Gwha

               Once you can log in to gwha, you can do a few of these testing to verify your configuration.

               user: gwha

password: novell

version: 1.0

000 Ok

               e.g. 

               status <po>.<domain>

               It should have returns such as

               009 program is running

               To end the telnet session, type quit.

               Important notes:

If you started the gwha using network services or xinetd, gwha will be running a single instance.  You need to quit to exit the session, otherwise other session such as gwmonitor will not work.

If you started the gwha through systemd, gwha can run in multiple instances.

2.      Configure GWMon

Follow the detailed instruction in GroupWise 2018 Installation guide to install the GroupWise Monitor software and to configure.

There should be a start up grpwise-ma in /etc/sysconfig, in which you can modify the monitor options.  E.g.

# GroupWise monitor options

#

 

# To enable the GroupWise High Availablilty service to allow the Monitor

# Agent to restart other GroupWise agents, use the example line

# and provide a valid Linux user and password. The Linux user does not

# need any specific permissions.  The --hapoll option controls how often,

# in seconds, that the Monitor Agent polls to determine if an agent is running.

# You may also add other Monitor Agent startup options to this variable.

# Example: --hauser username --hapassword password --hapoll 120

GROUPWISE_MA_OPTIONS="--hauser gwha --hapassword novell --hapoll 20"

 

There should be a monitor.xml file created in /opt/novell/groupwise/agents/share.

e.g.

<?xml version="1.0" ?>

<OPTIONS>

               <FILE_VERSION value="2" upgrade_allowed="1" />

               <HOME_MTA address="137.65.67.104" port="7100" />

               <LANG value="en" />

               <HTTP>

                              <HTTP_POLL_CYCLE value="300" />

                              <HTTP_PORT value="8200" />

                              <HTTP_BROWSER_REFRESH value="300" />

                              <HTTP_NEW_BROWSER value="0" />

                              <HTTP_AUTHENTICATE value="1" />

                              <HTTP_USER      value="Z3c6Z3c=" />

                              <HTTP_POLL_USER          value="Z3c6Z3c=" />

                              <HTTP_SSL_REQUIRED value="1" />

                              <HTTP_SSL_CERT value="/home/rtse/tools/sslcert/server.crt" />

                              <HTTP_SSL_KEY value="/home/rtse/tools/sslcert/server.key" />

               </HTTP>

               <SNMP>

                              <SNMP_COMMUNITY value="public" />

                              <SNMP_POLL_CYCLE value="300" />

                              <SNMP_NUM_RETRIES value="2" />

                              <SNMP_TIME_OUT          value="30" />

                              <SNMP_FORCE_SNMP value="0" />

               </SNMP>

               <LOG>

                              <LOG_PATH path="/var/log/novell/groupwise/gwmon" />

                              <LOG_DISK size="5120" age="7" />

                              <LOG_HISTORY size="5120" age="7" />

                              <LOG_ACCOUNTING size="10240" age="7" />

                              <LOG_ACCOUNTING_PATH path="/var/log/novell/groupwise/gwmon/acct" />

                              <LOG_EDITOR value="" />

               </LOG>

               <NOTIFY>

                              <NOTIFY_LIST value="" />

                              <NOTIFY_DOMAIN_NAME value="" />

                              <NOTIFY_RELAY_ADDRESS value="" />

                              <NOTIFY_SNMP_TRAP value="FALSE" />

                              <NOTIFY_SNMP_TRAP_TARGET value="" />

                              <NOTIFY_RESET value="900"/>

                              <NOTIFY_OPTIONS  value="-1" />

                              <NOTIFY_PERIODIC value="0" />

                              <NOTIFY_MIN_THRESHOLD value="0" />

               </NOTIFY>

               <TRACE>

                              <TRACE_LISTEN_PORT value="0" />

                              <TRACE_FREQUENCY  value="300" />

                              <TRACE_AGENTS  value="FALSE" />

                              <TRACE_ACTIVE  value="FALSE" />

               </TRACE>

               <GROUPS  expanded="FALSE" subgroup="FALSE">

               </GROUPS>

</OPTIONS>

To start GroupWise Monitor :

     rcgrpwise-ma start

Cause

Important notes:

In order for GWMon to manage the agents, GWMon will log into each agent in the system through its http portal to collect their current status using the http user and its password configured in the GWAMIN configuration.  So it is important to have the http user and password configured.

GWMon will loop through all the agents configured in the system. For each agent, GWMon logs into the gwha of the agent’s server and retrieve the status of the agent. If the agent is down, it receives a return of “007 program not running”.  GWMon will issue start on this downed agent.  ( The GWMon appears not honoring the configured poll cycle on my test system is because I have so many obsoleted agents and when GWMon reaches one of those, it takes a connection timeout before moving on to the next agent.)

 

To test the operation of the GWMon :

To avoid delay in testing, bring up all the agents and then bring up the GWMon .

Stop one of your agents and let GWMon restart it through the help of gwha.

Currently, GWMon does not support the restart of gwdva, though you can manually restart the gwdva from gwha’s telnet session.