In order to install the Data Protector client software on Linux based systems and on HP-UX, you need to have a server with the installation server package installed. With an installation server you are able to distribute the software onto new clients or to upgrade existing clients (push installation). I use a virtual machine with a basic installation and no graphical interface in these cases. The installation server is supported on RedHat, CentOS, Oracle Enterprise Linux and SUSE Linux Enterprise Server (details and version information can be found in matrix: Platform_Integrtn_SptMtx.pdf). With the documentation below I show you how to install or upgrade the Data Protector Linux Installation Server. This includes the removal of an older major version and will not take more than five minutes in total.
Remove older Data Protector version:
cp /opt/omni/.omnirc /tmp/.omnirc.sav rpm -qa | grep -i ob2 > /tmp/removeOB2 for PACKAGE in `cat /tmp/removeOB2`; do rpm -e $PACKAGE --nodeps --noscripts; done; cp /etc/services /tmp/services.bak cat /etc/services | sed -e "s/omni/\#omni/" > /tmp/services.new cp /tmp/services.new /etc/services rm /etc/xinetd.d/omni rm -r /etc/opt/omni rm -r /opt/omni rm -r /var/opt/omni rm /tmp/removeOB2 rm /tmp/services.new
Comment: This is not the recommended way to uninstall Data Protector, but the fastest method. Keep in mind that Data Protector site specific patches or other hotfixes may not have been installed with the “OB2” string in the package description.
Install new Data Protector version (Installation Server only):
mkdir /dpinstall (*) mkdir /dpinstall/dp9 mkdir /dpinstall/dp9pb copy ISO file to /dpinstall (**) copy patch bundle file to /dpinstall (***) mount -o loop /dpinstall/TD586-15021.iso /dpinstall/dp9 /dpinstall/dp9/LOCAL_INSTALL/omnisetup.sh -IS umount /dpinstall/dp9 tar -xvf DPLNXBDL_00902.tar -C /dpinstall/dp9pb/ cd /dpinstall/dp9pb ./omnisetup.sh -bundleadd b902 cd / rm -r /dpinstall cp /tmp/.omnirc.sav /opt/omni/.omnirc (****)
* or any other folder with sufficient space
** e.g. TD586-15021.iso – Data Protector 9.00 Linux – use winscp to copy the file
*** e.g. DPLNXBDL_00902.tar – Data Protector 9.02 Linux – use winscp to copy the file
**** if file exists – see remove older version of Data Protector
In the example it is assumed that a patch bundle needs to be installed in addition. If no patch bundle is available the steps 3, 5, 9, 10 and 11 are not required. After the installation it is recommend to check the content of the file .omnirc
; at least the variable OB2_SSH_ENABLED=1
in file /opt/omni/.omnirc
is required in order to distribute new clients using Data Protector GUI. If the file does not exist you can create it from template – cp /opt/omni/.omnirc.TMPL /opt/omni/.omnirc
. If additional updates are available copy the patches onto the server and decompress using command tar
. A rpm package and text file will be generated. Within the text files the command to install the patch can be found. Please keep in mind, Data Protector patches will be installed using a special order; for details see https://www.data-protector.org/wordpress/2013/06/basics-installation-order-patches/.
Register Installation Server in Data Protector Cell:
omnicc -export_is <installation server> (*) omnicc -import_is <installation server> (**)
* This step is required only if the server was already an installation server
** Use the name of the server (FQDN) for “installation server”
If this installation server was already used in the past to install the Data Protector client software, you now can use it to upgrade your existing client using the Data Protector GUI. If this installation server is your first installation server you need to configure SSH based authentication first.
Create public/private rsa key pair:
ssh-keygen (*) ssh <client - short name> (**) ssh <client - FQDN name> (**) ssh <client - IP address> (**) Add public key (***)
* Answer the questions to generate the “key pair”
** You can cancel the login once you accepted the host key for the client
*** Use ssh
to login into the new client and add the public key from the installation server (cat /root/.ssh/id_rsa.pub
) into the file /root/.ssh/authorized_keys
It is assumed that defaults will be used when using the command ssh-keygen
. Furthermore it is assumed that all defaults were used for the SSH configuration and paths.
The lines:
rpm -qa | grep -i ob2 > /tmp/removeOB2
for PACKAGE in `cat /tmp/removeOB2`; do rpm -e $PACKAGE –nodeps –noscripts; done;
can be substitued by (alternative):
rpm -qa | grep OB2 | xargs rpm -e
Best regards
Daniel
Hi Daniel,
Firstly thanks for the post.
Couple of discussion points 🙂
1. I do not have OB2_SSH_ENABLED=1 in omnirc or any of the ‘Create public/private rsa key pair’ notes. I assume this is optional for security? Will Linux agent push not work without it?
2. From my own build notes I also have the below:
(hopefully the packages are on the yum repo already).
Install pre-reqs
a. ‘yum install xinetd’
b. ‘yum install compat-libstdc++-33’
For GRE web-plugin
1. ‘yum install fuse-libs-2.8.3-4.el6.x86_64’
2. ‘yum install fuse-2.8.3-4.el6.x86_64’
3. ‘yum install cifs-utils’
4. ‘yum install ntfs-3g’
and adding DP to the firewall:
‘vi /etc/sysconfig/iptables’
add ‘–A INPUT –p tcp –m state –state NEW –m tcp –dport 5555 –j ACCEPT’
‘/sbin/service iptables save’
Hi Michael,
Regarding your first comment, in general the SSH method is the preferred method to push new clients. If not configured or if omnirc variable is not set, pushing clients will fallback to rexec. Of course, for security reason SSH should be the preferred method and rexec is not available or configured by default when installing a Linux system.
Regarding second comment, yes, xinetd or inetd is a requirement in any way, so I skipped this step. Thanks for the iptables command, I missed this step (normally I do not have installed a firewall when the installation server is located in local network). The other lines are not required on SLES/RedHat (support matrix 😉 ) and the GRE part I install on another dedicated server.
Thanks for contribution.
Best regards
Daniel
Thanks Daniel.
This post was a real help for me