mgw config mana

8/11/2019 Mgw Config Mana

1/48

Open Multimedia Gateway, Rel.

Ui5.0 EP2, Operating

Documentation, issue 1

Configuration Management

DN09137376

Issue 1-7

Nokia Siemens Networks is continually striving to reduce the adverse environmental effects of

its products and services. We would like to encourage you as our customers and users to join

us in working towards a cleaner, safer environment. Please recycle product packaging and

follow the recommendations for power use and proper disposal of our products and their compo-

nents.

If you should have questions regarding our Environmental Policy or any of the environmental

services we offer, please contact us at Nokia Siemens Networks for any additional information.


2/48

2

DN09137376 Issue 1-7


Id:0900d80580a1d243

The information in this document is subject to change without notice and describes only the

product defined in the introduction of this documentation. This documentation is intended for the

use of Nokia Siemens Networks customers only for the purposes of the agreement under whichthe document is submitted, and no part of it may be used, reproduced, modified or transmitted

in any form or means without the prior written permission of Nokia Siemens Networks. The

documentation has been prepared to be used by professional and properly trained personnel,

and the customer assumes full responsibility when using it. Nokia Siemens Networks welcomes

customer comments as part of the process of continuous development and improvement of the

documentation.

The information or statements given in this documentation concerning the suitability, capacity,

or performance of the mentioned hardware or software products are given "as is" and all liability

arising in connection with such hardware or software products shall be defined conclusively and

finally in a separate agreement between Nokia Siemens Networks and the customer. However,

Nokia Siemens Networks has made all reasonable efforts to ensure that the instructions

contained in the document are adequate and free of material errors and omissions. Nokia

Siemens Networks will, if deemed necessary by Nokia Siemens Networks, explain issues which

may not be covered by the document.

Nokia Siemens Networks will correct errors in this documentation as soon as possible. IN NO

EVENT WILL Nokia Siemens Networks BE LIABLE FOR ERRORS IN THIS DOCUMENTA-

TION OR FOR ANY DAMAGES, INCLUDING BUT NOT LIMITED TO SPECIAL, DIRECT, INDI-

RECT, INCIDENTAL OR CONSEQUENTIAL OR ANY LOSSES, SUCH AS BUT NOT LIMITED

TO LOSS OF PROFIT, REVENUE, BUSINESS INTERRUPTION, BUSINESS OPPORTUNITY

OR DATA,THAT MAY ARISE FROM THE USE OF THIS DOCUMENT OR THE INFORMATION

IN IT.

This documentation and the product it describes are considered protected by copyrights and

other intellectual property rights according to the applicable laws.

The wave logo is a trademark of Nokia Siemens Networks Oy. Nokia is a registered trademark

of Nokia Corporation. Siemens is a registered trademark of Siemens AG.

Other product names mentioned in this document may be trademarks of their respectiveowners, and they are mentioned for identification purposes only.

Copyright Nokia Siemens Networks 2013/11/15. All rights reserved

f Important Notice on Product SafetyThis product may present safety risks due to laser, electricity, heat, and other sources

of danger.

Only trained and qualified personnel may install, operate, maintain or otherwise handle

this product and only after having carefully read the safety information applicable to this

product.

The safety information is provided in the Safety Information section in the Legal, Safety

and Environmental Information part of this document or documentation set.

The same text in German:

f Wichtiger Hinweis zur ProduktsicherheitVon diesem Produkt knnen Gefahren durch Laser, Elektrizitt, Hitzeentwicklung oder

andere Gefahrenquellen ausgehen.

Installation, Betrieb, Wartung und sonstige Handhabung des Produktes darf nur durch

geschultes und qualifiziertes Personal unter Beachtung der anwendbaren Sicherheits-

anforderungen erfolgen.

Die Sicherheitsanforderungen finden Sie unter Sicherheitshinweise im Teil Legal,

Safety and Environmental Information dieses Dokuments oder dieses Dokumentations-

satzes.


3/48

DN09137376 Issue 1-7

3


Id:0900d80580a1d243

Table of ContentsThis document has 48 pages.

Summary of changes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5

1 Scope of the document . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8

2 Permissions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9

2.1 Permissions for SCLI commands. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9

2.2 Permissions for Web UI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9

3 Configuration management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11

3.1 Configuration locking feature . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12

3.2 Configuration transaction. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13

3.3 Configuration snapshot . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13

4 Configuration management with Web UI . . . . . . . . . . . . . . . . . . . . . . . . 15

4.1 Configuration lock . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15

4.2 Transaction management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17

4.3 Configuration snapshot operations . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19

5 Configuration management with SCLI . . . . . . . . . . . . . . . . . . . . . . . . . . 21

5.1 Configuration lock using SCLI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21

5.1.1 Using exclusive configuration lock to prevent parallel modification . . . . 21

5.1.2 Using the normal, non-exclusive configuration lock for parallel sessions by

the same user . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24

5.2 Transaction using SCLI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29

5.2.1 Executing a successful transaction . . . . . . . . . . . . . . . . . . . . . . . . . . . . 295.2.2 Rollback a transaction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32

5.3 Configuration snapshot using SCLI. . . . . . . . . . . . . . . . . . . . . . . . . . . . 34

5.3.1 Listing configuration snapshots . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34

5.3.2 Defining a new startup configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . 38

5.3.3 Saving a configuration snapshot . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40

5.3.4 Restoring a saved configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42

5.3.5 Deleting a configuration snapshot . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44

5.4 Making configuration changes using the configuration lock, transaction,

and configuration snapshot concept . . . . . . . . . . . . . . . . . . . . . . . . . . . 46


4/48

4

DN09137376 Issue 1-7


Id:0900d80580a1d243

List of TablesTable 1 SCLI commands and user permissions . . . . . . . . . . . . . . . . . . . . . . . . . . 9

Table 2 WebUI operations and user permissions . . . . . . . . . . . . . . . . . . . . . . . . 10

Table 3 Transaction States . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17

Table 4 Parameter descriptions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22

Table 5 Parameter descriptions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25

Table 6 Parameters for executing a transaction command. . . . . . . . . . . . . . . . . 30

Table 7 Parameters of show snapshot list all command. . . . . . . . . . . . . . . . . . . 34




Table 11 Parameters of set snapshot startup command. . . . . . . . . . . . . . . . . . . . 38

Table 12 Parameters of save snapshot config-name command. . . . . . . . . . . . . . 40

Table 13 Parameters of set snapshot command. . . . . . . . . . . . . . . . . . . . . . . . . . 43Table 14 Parameters of delete snapshot command. . . . . . . . . . . . . . . . . . . . . . . 44


5/48

DN09137376 Issue 1-7

5

Configuration Management Summary of changes

Id:0900d80580a23e33

Summary of changesChanges between document issues are cumulative. Therefore, the latest document

issue contains all changes made to previous issues.

Changes between Issue 1-7 and Issue 1-6:

Section Scope of the documentis added.

Permissions for NE3S are removed from section Permissions.

Section Configuration managementhas been updated:

A note for configuration lock is added;

A note for transaction commitment is added;

A reference to NE3S O&M interface in Open MGWis added.

Section Configuration management with Web UIhas been updated as following:

A note for configuration lock is added to subchapter Configuration lock;

A note for node startup is added to subchapter Transaction management.

Section Configuration management with SCLIis updated as follows:.

A note for configuration lock is added to subchapter Using the normal, non-

exclusive configuration lock for parallel sessions by the same user;

A note for node startup is added to subchapter Executing a successful transac-

tion;

Section Configuration management via NetAct is removed from the document.


Section Permissionsis updated.

Section Configuration managementhas been updated as following:

The description for Normal configuration lock and Exclusive configuration

lock are added.


The transaction states icons are added to subchapter Transaction management.

Section Configuration management with SCLIis updated as follows:

Summary and parameter descriptions are updated throughout the chapter.

Section Configuration management via NetActis updated as follows:.

The name of the chapter is changed from Configuration management via NMS

to Configuration management via NetAct.

Fragments AoM and HWM is added to subchapter Introduction;

For subchapter NE3S WS Interface:

Fragments PM, AoM and HWM are updated;A note for encryption is added;

Subchapter Basic configurationis updated;

SubchapterAudit trail logging operations via NE3S-WS interfaceis added;

Subchapter Configuration snapshot in NE3SAgent, Configuration lock in

NE3SAgent, and Transaction timeout in NE3SAgentare updated;

Subchapter Configuring using SCLI commandsis added.



The Tools tab is replaced with Configuration > Settings.

The transaction status contents are removed from subchapter Transaction man-agement.
http://x%3Dd%3Do%3Dc/s-000030.pdfhttp://x%3Dd%3Do%3Dc/s-000030.pdf


6/48

6

DN09137376 Issue 1-7


Id:0900d80580a23e33

Summary of changes


The reference to Adding nodes/blades to the system configuration is removed.



Configuration transaction is updated.

Section Configuration management with SCLIis updated as follows:.

Summary is updated to subchapter Executing a successful transaction;

Summary is updated to subchapter Rollback a transaction;




The whole chapter is updated.

Section Configuration management via NMSis updated as follows:.

Table NE3S WS supported fragments and features is updated to subchapter

NE3S WS Interface;

Subchapter Basic configurationis updated;

Subchapter Configuration snapshot in NE3SAgent, Configuration lock in

NE3SAgent, and Transaction timeout in NE3SAgentare added.




Subchapter Using configuration lock in Web UIis updated;

Subchapter Naming configuration snapshotis updated;

Subchapter Deleting the configuration snapshotis updated;

Subchapter Saving existing configuration snapshot as startupis updated;

Section Using exclusive configuration lock to prevent parallel modificationhas been

updated:

Table Parameter descriptions has been updated;

Section Using configuration lock for parallel sessions by same userhas been

updated:

Step Enable configuration lock has been updated.

Section Configuration management via NMSis added.


Section Required permissionsis added.

Section Configuration managementhas been updated:

Description of Configuration locking feature has been updated;

Description of Configuration snapshot has been updated;


Section Configuration lock using SCLIhas been updated:

Step Execute an action in configuration directory of Using exclusive configura-

tion lock to prevent parallel modificationhave been updated;

Step Execute an action in session 2 of Using configuration lock for parallel

sessions by one user have been updated;

Section Transaction using SCLIhas been updated:
http://x%3Dd%3Do%3Dc/s-000005.pdfhttp://x%3Dd%3Do%3Dc/s-000005.pdf


7/48

DN09137376 Issue 1-7

7

Configuration Management Summary of changes

Id:0900d80580a23e33

Step sequence of Rollback a successful transactionhas been updated;

Section Configuration snapshot using SCLIhas been updated:

Defining a new startup configurationhave been updated;

Taking a configuration snapshot have been updated;

Listing configuration snapshotshave been updated;

Deleting a configuration snapshothave been updated;


8/48

8

DN09137376 Issue 1-7


Id:0900d80580a2e2e5

Scope of the document

1 Scope of the documentThis document is applicable to Open Multimedia Gateway (Open MGW) and Open

Border Gateway (Open BGW).

In this document, Open Multimedia Gateway (Open MGW) refers to both Open Multime-

dia Gateway (Open MGW) and Open Border Gateway (Open BGW).


9/48

DN09137376 Issue 1-7

9

Configuration Management Permissions

Id:0900d80580a23f27

2 Permissions

2.1 Permissions for SCLI commandsYou must have correct permissions for executing SCLI commands. SCLI commands

and their related user permissions are provided in the following table:

2.2 Permissions for Web UI

You must have correct permissions for executing the WebUI procedures.

Tasks Permissions

Creating a new Configuration Directory

object

fsConfigManageAll or

fsConfigManageExclSecurity

Adding attributes to the Configuration

Directory object



Modifying the attributes of the Configura-

tion Directory object



Viewing the Configuration Directory

objects

fsConfigView

Deleting the Configuration Directory

object



Using exclusive configuration lock to

prevent parallel modification

fsGlobalConfigLock

Using configuration lock for parallel

sessions by same user

fsGlobalConfigLock

Defining a new startup configuration fsConfigManageAll orfsConfigSnapshotManage

Taking a configuration snapshot fsConfigSnapshotManage or

fsConfigManageAll

Restoring a saved configuration fsConfigSnapshotManage or

fsConfigManageAll

Listing configuration snapshots fsConfigSnapshotManage orfs

ConfigView

Deleting a configuration snapshot fsConfigSnapshotManage or

fsConfigManageAll

Executing a successful transaction No permissions required

Rollback a transaction No permissions required

Committing a transaction No permissions required

Table 1 SCLI commands and user permissions


10/48

10

DN09137376 Issue 1-7


Id:0900d80580a23f27

Permissions

g For executing WebUI operations you must acquire thefsWebUIAllowClientSession permission to login to the WebUI before performing

any operation on the web interface.

WebUI procedures and their related user permissions are provided in the following

table:

Tasks Permissions

Configuration lock:

Acquiring configuration lock

Releasing configuration lock

fsGlobalConfigLock

Creating a snapshot fsConfigManageAll or

fsConfigSnapshotManage

Viewing a snapshot fsConfigView orfsConfigManageAll or


Modifying a snapshot fsConfigManageAll or


Deleting a snapshot fsConfigManageAll or


Transaction Management No permissions required.

Table 2 WebUI operations and user permissions


11/48

DN09137376 Issue 1-7

11

Configuration Management Configuration management

Id:0900d80580a23f29

3 Configuration managementThe configuration management of the Open MGW consists of management interfaces,

data storage and managed objects. Management interfaces are Structured Command

Line Interface (SCLI), Web User interface (Web UI) and NE3S interface towards NetAct.

See User Interfaces in Open MGW document for detailed information about SCLI and

Web UI. For detailed information about NE3S, see NE3S O&M interface in Open MGW

document

Configuration data is stored in a Configuration Directory server and in binary files. These

data formats form an integrated configuration data management solution. The different

data formats are not visible on the management interfaces.

Configuration changes affect the runtime configuration of the Open MGW. Using the

snapshot, the changes can be permanently stored on the disk. A snapshot contains all

LDAP data and specific binary files. The user can store several snapshots onto the disk,

and also restore to a previous snapshot.

Configuration data

In Open MGW, some parts of the configuration data are stored in binary configuration

files, which are centralized in a Cluster Administrator (CLA) unit and the disk, but copies

of them can exist on each functional unit if needed. The configuration data is included in

multiple files. The configuration files are loaded from disk and distributed also to other

units from the CLA.

In Open MGW, some parts of the configuration data are stored in LDAP (Lightweight

Directory Access Protocol) server database files, which are centralized in a master

LDAP server. This master LDAP is located in a Cluster Administrator (CLA) node.

However, configuration data can also be stored in the disk and local slave LDAP server

(copies) of other nodes if needed. The configuration data is included in multiple LDAP

database files. Configuration data in the LDAP server is loaded from the startup config-

uration volume (disk) into volatile memory.

Configuration management features

Configuration management offers many useful features that provide a more resilient

management system than traditional databases or configuration files:

Centralized and replicated data storage.

Both LDAP and binary data formats are available in a redundant pair of centralized

system disks, from which all software and configuration data can be loaded.

Data entry verification for catching errors in new entries before they are propagated

to the applications.

Data validation guarantees that the erroneous values are not accepted. Validation

is based on application plug-ins that are executed by the Configuration Validator, a

centralized service deployed in /Directory RG.

Protection against parallel modification of a parameter.

Possibility to revert back to a previous configuration if the changes cause undesired

results.

Dynamic configuration

It is possible to change the configuration by reloading a snapshot that has been taken

from a previous configuration. For managing snapshots, the following SCLI commands

can be used:
http://uimgw_ui_user_interfaces.pdf/http://uimgw_ui_user_interfaces.pdf/


12/48

12

DN09137376 Issue 1-7


Id:0900d80580a23f29

Configuration management

set snapshot startup

delete snapshot

show snapshot

3.1 Configuration locking feature

The SCLI or Web UI interface provides a mechanism to avoid parallel modification of the

configuration directory server by multiple users. To protect against parallel changes, you

must acquire a configuration lock before executing the configuration altering commands.

Acquiring the configuration lock is not mandatory, as different users can handle the parts

of the configuration independently. In case there are instances of multiple users using

the same configuration objects and interfering with each other, the configuration lock

protects against such unintended side effects. When configuration changes are done via

NE3S, an configuration lock is invoked by NE3S internally for the operation.

Therefore, to ensure that there is no parallel modification, you must acquire the config-uration lock. By acquiring an exclusive configuration lock through SCLI, neither the

same user ID with different session nor other users with different IDs can make any

change to the configuration data. In this way the configuration lock is enabled only for

one SCLI session. It is not possible to acquire exclusive configuration lock by WebUI.

Normal configuration lock

User interface adapters (e.g. WebUI/SCLI) supports an explicit interface or command to

acquire and release the non-exclusive (normal) configuration lock.

By using normal configuration lock, one user can obtain several configuration lock

sessions in parallel, but other users can not acquire any configuration lock.

gIf you do not release all the configuration locks in different sessions (Web UI & SCLI),otherwise other users will not be able to acquire any configuration lock until your config-

uration locks are released automatically.

If a different user in another session (WebUI/SCLI) holds the non-exclusive (normal)

configuration lock, user interface adapters (WebUI/SCLI) do not allow the execution of

write-like configuration management operations, nor do they allow the acquisition of the

exclusive or non-exclusive configuration lock (using set config mode on, for exam-

ple).

Exclusive configuration lock

If any user in another session (via WebUI/SCLI) holds the exclusive configuration lock,

user interface adapters (WebUI/SCLI) do not allow the execution of a configuration man-agement operation that modifies the configuration, nor does it allow the acquisition of

the configuration lock (using set config mode oncommand, for example). Show or

read-like commands continue to work.

User interface adapters (WebUI/SCLI) allow the execution of configuration management

operations, if the same user in another session (SCLI/WebUI) already holds the non-

exclusive configuration lock, but the user will be denied to make any modifications if the

same user holds the exclusive configuration lock in another session.


13/48

DN09137376 Issue 1-7

13

Configuration Management Configuration management

Id:0900d80580a23f29

3.2 Configuration transaction

g Transaction usage is not recommended in Open MGW, because only part of configura-tions is supported by the transaction feature.

Configuration transaction feature provides a mechanism to bundle multiple changes to

the configuration directory server in one bulk transaction. This prevents a non-complete

configuration from harming the functionality of the system.

Transactions are used to speed up bulk operations, such as adding a couple of virtual

local area networks (VLANs). The operations in different sub domains can be bundled

into one transaction, for example, first add an interface and then assign an IP address

to it. When the transaction is committed, the NE bundles the necessary changes and

take them into use at once. With transaction feature, the operator can rollback an

ongoing transaction. But a committed transaction cannot be rolled back.

The nature of a transaction partially follows theACIDproperties:

A: Atomicity - changes are performed at once as if they were single operations.

C: Consistent - data is in consistent state when the transaction starts and ends.

I: Isolation - changes happening as a part of a transaction are not visible to others

(unless the data is committed).

D: Durability - changes once done are persistent. But to survive system restart, user

needs to save the snapshot.

g You must remember the following: Acquire a configuration lock before executing transaction operation. Otherwise the

configuration changes of the transaction will be lost if another user obtains a config-

uration lock before you commit the transaction operation. Transaction feature supports at the most only one transaction at a time.

Making configuration changes from multiple transactions in parallel is not supported.

Commands started outside of a transaction, (for example, showcommands), will

see the configuration data as it was before the transaction started.

Once a transaction is successfully executed, you must commit it. Committing a trans-

action instructs the Configuration Directory to commit the data. The configuration

changes can then be seen by other users. This is in contrast to the rollbackoption

which instructs the Configuration Directory to ignore the changes done.

3.3 Configuration snapshotConfiguration Directory content is volatile from system restart perspective. The configu-

ration displayed through management interfaces and NE (network element) software is

called a running configuration.

Running configuration can be saved to disks. These saved configurations are also

referred to as snapshots.

A network element may have multiple saved configurations, and one of the saved con-

figurations is always designated as a startup configuration. User is able to select, which

configuration is the startup configuration.

Open MGW provides a mechanism to create and save snapshots of the active configu-

ration data, and set it as the startup configuration. The changes to the active configura-tion data are transient and are lost once the system is restarted. To make these


14/48

14

DN09137376 Issue 1-7


Id:0900d80580a23f29

Configuration management

configuration changes persistent, you should save the configuration snapshot. The

snapshot can be taken via SCLI, WebUi or NE3S. Taking a snapshot by NE3S allows

you to choose the time when a snapshot is taken (before or after the activation of a con-

figuration plan).

g If both CLA nodes are not operating with full redundancy on hardware (node, disk) andsoftware level, a configuration snapshot cannot be taken. Taking a snapshot will be

possible again after the standby CLA node is available again.


15/48

DN09137376 Issue 1-7

15

Configuration Management Configuration management with Web UI

Id:0900d80580a2e3a7

4 Configuration management with Web UI

4.1 Configuration lockPurpose

To avoid parallel modification of the Configuration Directory by multiple users. Also to

prevent modifications within parallel sessions of the same user.

Steps

1

Acquire the lock.

Select Configuration > Settings > Configuration Lock > Acquire to acquire the config-

uration lock.

The Operation Messageis displayed. The message contains a confirmation message

and lock information that lists the user name and the reference count.

g When you acquire a lock, other users in other sessions cannot perform operations thatmodify the configuration, until the lock is released. However, the same user in another

session can make configuration changes.

Exclusive configuration lock is not supported in the current Web UI. For scenarios that

require the use of exclusive configuration lock, refer to section Using exclusive configu-

ration lock to prevent parallel modification.

2 Perform configuration changes.

You can perform any operation; for example, you can Create a new measurement job,

Delete a License, Create a VRF, or Delete an IPv4 aggregate route.

If you realize that the operation you are performing in a session requires more time than

the idle timeout, extend the lock idle timeout. To extent the idle timeout, refer to step

Extending the lock idle timeout.

After you have extended the lock idle timeout, continue making configuration changes.

3

Extending the lock idle timeout.

Select Configuration > Settings > Configuration Lock > Touch to extend the idle

timeout. The idle timeout is 300 s.The Operation Messageis displayed. The message contains a confirmation message

and lock information that lists the user name and the reference count.

g Extend the lock idle timeout if any operation you are performing in a session requiresmore time than the idle timeout.

4

Release the lock.

Select Configuration > Settings > Configuration Lock > Release to release the config-

uration lock.


16/48

16

DN09137376 Issue 1-7


Id:0900d80580a2e3a7

Configuration management with Web UI

The Operation Messageis displayed. The message contains a confirmation message

and lock information that lists the user name and the reference count if another user has

acquired the configuration lock.

gMake sure you have released all the configuration locks in different sessions (Web UI &SCLI), otherwise other user can not acquire any configuration lock until your configura-

tion locks are released automatically.


17/48

DN09137376 Issue 1-7

17


Id:0900d80580a2e9d6

4.2 Transaction management

Purpose

To speed up the bulk operations or to perform several operations in a sequentialmanner.

Summary

The users are kept informed of the WebUI transactions via the status bar that is dis-

played at the bottom of the WebUI page. It displays the name of the NE (Network

Element) to which the user is logged in. Status of any ongoing transaction in any WebUI

session is shown via an icon (supported with a tool tip). Transaction related operations

which are primarily performed via Configuration > Settings > Transaction

menu, can also be performed via the context menu that is attached to the icon.

Different states of the icon further provide the details of the transaction in WebUI ses-

sions. For more information refer to the following table:

Before you start/commit/rollback a transaction it is recommended to use the Refresh

option which allows you to get the latest state of transaction started in any WebUI

session. Note that there can be only one transaction running for a single WebUI session.

Another transaction cannot be initiated until the ongoing transaction is either committed,

rolled back or expires.

g Node startup is prevented when a transaction is ongoing. Therefore, once the transac-tion is settled, node startup proceeds and the new data is visible

Steps

1

Configure time for a transaction.

Select Configuration > Settings > Transaction > Configure Time to set the time out for

a transaction.

The Transaction Operationis displayed. Enter the following:

Time out: Enter the time in seconds. The time value in the range from 1 to 30 s.

Idle time out: Enter the time in seconds. The time value in the range from 1 to 1800 s

2 Start a transaction.

Select Configuration > Settings > Transaction > Start to start a transaction.

Transaction status Icon state

No ongoing Transaction in any webui session

Transaction ongoing in current login session

Invalid Transaction in current login session

Transaction ongoing in different webui session

Table 3 Transaction States


18/48

18

DN09137376 Issue 1-7


Id:0900d80580a2e9d6

The Operation Messageis displayed. The message contains the result of the operation

performed.

After a transaction is started, you can perform several operations in a sequential manner

(for example, you can Create a new measurement job, Delete a License, Create aVRF, and Delete an IPv4 aggregate route). Transaction has to be committed in order

to view the changes in the configuration directory for it to be displayed for another user

in another session.

3 Commit or rollback a transaction.

When the configuration changes are done, you can either commit or rollback a transac-

tion.

Commit a transaction.

Select Configuration > Settings > Transaction > Commit to commit the transaction.

The Operation Messageis displayed. The message contains a confirmationmessage and the relevant transaction ID.

After you commit the transaction, the manipulations done on the data during a trans-

action are saved in the configuration directory and are displayed to another user in

another session.

Rollback a transaction.

Select Configuration > Settings > Transaction > Rollback to rollback a transaction.

The Operation Messageis displayed. The message contains a confirmation

message and the relevant transaction ID.

After you rollback the transaction, the manipulations done on the data during a trans-

action are not saved in the configuration directory.


19/48

DN09137376 Issue 1-7

19


Id:0900d805809914c3

4.3 Configuration snapshot operations

Purpose

To view, create, modify, or delete a configuration snapshot, and set it as the startup con-figuration.

Steps

1

View the Configuration Snapshot page

Select Configuration > Settings > Configuration Snapshot.

The Configuration Snapshotpage is displayed.

The following information about the configuration snapshot is displayed:

Current startup: This field mentions the name of the current startup configuration

snapshot. This field can only be viewed.

The table displays the list of available configuration snapshots that can be used to select

the startup configuration. The buttons below the table is used to create or delete a con-

figuration snapshot.

Startup: To select from the table the current startup.

Name: The name of the configuration snapshot.

Build information: This field informs about the build that is being used.

2

Create a configuration snapshot.

a) Click New.

A new row appears in the table.b) Enter the name of the configuration snapshot. The name must not be more than 30

characters and no special characters are allowed.

c) You can either save the configuration snapshot or cancel the changes:

Click Saveto save the configuration snapshot.

or

Click Cancel to cancel the changes made.

g The current state of the configuration directory is created as a snapshot.

3 Setting the configuration as the startup configuration.

a) Select the check box in the Startupcolumn of the configuration snapshot that needs

to be set as the start-up configuration.

b) You can either save or cancel the changes.

Click Saveto save and set the configuration snapshot as the start-up configuration.

or

Click Cancel to cancel the changes made.

4

Delete a configuration snapshot.

a) Select the configuration snapshot and click Delete.

A confirmation message is displayed.


20/48

20

DN09137376 Issue 1-7


Id:0900d805809914c3

b) Click Deleteto delete the configuration snapshot.

g The current startup configuration snapshot cannot be deleted.


21/48

DN09137376 Issue 1-7

21

Configuration Management Configuration management with SCLI

Id:0900d80580a2e323

5 Configuration management with SCLI

5.1 Configuration lock using SCLI

5.1.1 Using exclusive configuration lock to prevent parallel modification

Summary

This section describes how a user can acquire an exclusive configuration lock. By exe-

cuting the command set config-mode exclusive, neither the same user nor other

users with different IDs can make any changes to the Configuration Directory Server.

Exclusive configuration lock is acquired if all the conditions are met as specified:

a) Neither exclusive nor non-exclusive lock is held by any user in any session.

b) There are no ongoing commands.

Holding the exclusive lock prevents other sessions by the same user or by different

users from acquiring the configuration lock. It also prevents users from starting configu-

ration-changing commands in another session, be it one of yours or one of another user.

If any user in another session holds the exclusive configuration lock, user interface

adapters do not allow the execution of a configuration management operation that

modifies the configuration, nor does it allow the acquisition of the configuration lock.

Show or read-like commands continue to work.

Steps

1

Enable configuration lock.

To enable the configuration lock in the exclusive mode, enter the following command:

set config-mode exclusive wait-timeout [seconds] lock-timeout

[minutes]

For more information on how to acquire the exclusive configuration lock refer to the Con-

figuration locking featureintroduction .


22/48

22

DN09137376 Issue 1-7


Id:0900d80580a2e323

Configuration management with SCLI

Parameter Description Value range

exclusive The exclusiveparameter in the

command helps you to acquireconfiguration lock for exclusive

use. Exclusive configuration lock

is successfully acquired if the fol-

lowing conditions are met:

a) Neither the exclusive nor the

non-exclusive lock is held by

any user in any session

b) There are no ongoing configu-

ration modifications.

Exclusive lock prevents the

acquiring of the configuration lock

in any session. It also prevents the

execution of configuration-

changing commands in another

session either by the same user or

by another user.

exclusive configuration lock ties or

binds the lock to one and only one

SCLI session.

-

wait-timeout wait-timeoutparameter

defines the time duration for whichthe system waits to acquire a lock

if a configuration changing

command is running in another

session. This parameter is not

applicable if another user has

already acquired the lock. It is

applicable only if no one has


The default value is 60

seconds.

lock-timeout The parameterlock-timeout

is the maximum time, in minutes,

after which the configuration lockwill be released. To fully prevent

any idle timeout, specify 0. Note

that no idle timeout (0) might

result in a situation that requires a

restart of the configuration lock

recovery group

(/ConfLockServer) to release

the configuration lock in some

failure scenarios.


minutes. 0means no

lock-idle time-out.

Table 4 Parameter descriptions


23/48

DN09137376 Issue 1-7

23

Configuration Management Configuration management with SCLI

Id:0900d80580a2e323

2 Execute an action in configuration directory.

You can execute an action in the configuration directory server by using the relevant

SCLI command.For example:

add networking address /SSH ip-address 10.12.12.12/24 iface

front_eth0

The command is executed successfully. IP address is added to the specified owner and

interface.

To verify if the IP address is successfully added, execute the following command:

show networking address owner /SSH

The following sample output is generated:

address instance default interfaces:

front_eth0

address : 10.12.12.12/24

owner : /SSH

Alternately, you can also view the IP address by executing the showcommand using

ifaceparameter:

show networking address iface front_eth0

The following sample output is generated:


front_eth0

address : 10.12.12.12/24

owner : /SSH

g In order to make configuration changes persistent, you must make a configurationsnapshot and set it as the new startup configuration. This is the last operation executed

before releasing the configuration lock. It can also be done at any other point.

3

Release configuration lock.

To release the configuration lock, enter the following command:

set config-mode off

gIf you do not release the lock, it will automatically be released after a set time or imme-

diately when the started SCLI session is terminated.


24/48

24

DN09137376 Issue 1-7


Id:0900d80580a41c7c

5.1.2 Using the normal, non-exclusive configuration lock for parallel

sessions by the same user

Purpose

To use configuration lock so that parallel modification by the same user is possible but

by another user is not possible.

Using the set config-modecommand, users can perform configuration lock opera-

tions. Configuration lock can be used to prevent other management users of the network

element from changing the configuration. Depending on the situation, you may or may

not want to use this feature.

For example, if you coordinate your changes with other users, that is, one user touches

one part of the configuration and another user touches another part, and there is no risk

of an overlap between the two change sets, then it is acceptable to do the changes

without acquiring the configuration lock.

All management interfaces, including the ones facing the network management system,

obey the configuration lock. This means that, by acquiring the configuration lock locally,

you can block changes to the configuration coming in from the network management

system. You can acquire configuration lock in normal (non-exclusive) mode (on) or in

exclusive mode (exclusive), or release it (off) or reset its idle timeout (touch).

Summary

This command acquires the configuration lock if all the conditions are met as specified:

a) No other user holds the configuration lock (either exclusive or normal).

b) There are no ongoing configuration-changing commands.

c) The same user does not hold the exclusive configuration lock.

Acquiring the normal, non-exclusive lock prevents other users from acquiring the con-

figuration lock. It also prevents starting configuration-changing commands being run by

other users. It does not prevent running configuration-changing commands in another

of your sessions. While holding the configuration lock, the same user can acquire the

configuration lock in another session in non-exclusive mode or start configuration-

changing commands in another parallel session even without explicitly acquiring the

non-exclusive configuration lock. If generally using the configuration lock, it is recom-

mended, though, to acquire it in each session to avoid not noticing the timing out of the

configuration lock due to inactivity.

Steps

1


To enable configuration lock, enter the following command:

set config-mode on wait-timeout [seconds] lock-timeout [minutes]

The following message is displayed:

Lock is acquired successfully.


25/48

DN09137376 Issue 1-7

25


Id:0900d80580a41c7c


on The parameter onin the

command helps you to acquirenormal configuration lock (non-

exclusive). Normal configuration

lock can be acquired if the follow-

ing conditions are met:

a) No other user holds the con-

figuration lock (either exclu-

sive or normal)

b) There are no ongoing configu-

ration-changing commands in

another session.

c) The same user does not hold

the exclusive configuration

lock.

Acquiring the normal, non-exclu-

sive lock prevents other users

from acquiring the configuration

lock. It also prevents other users

from executing configuration-

changing commands.

However, It does not prevent the

same user from running configu-

ration changing commands in

another session.

For using configuration lock, in

general, it is recommended, to

acquire configuration lock in each

session. This is done in order to

avoid unexpected scenarios like

the lock getting released in the

session it was acquired, when the

same user has still not finished the

modification in the current

session.

-

Table 5 Parameter descriptions


26/48

26

DN09137376 Issue 1-7


Id:0900d80580a41c7c

2

Check that the configuration lock is acquired.

Execute the following command to check that the configuration lock is acquired in this

session:

show config-mode status

The following example output is generated:

Configuration Lock StatusLock is hold by uid: 10009,

ongoingCmds:0 , Total count of references: 1

3

Execute an action by a user with different id.To check if a user with a different user id can make any change to the Configuration

Directory server, enter the following command:

add networking address /CLA-0 iface lo ip-address 127.0.254.2/32

The following output is generated:

The command was not executed. You or another user is currently

holding the configuration lock in another session, blocking all

configuration changes.

For more details, see "show config-mode status"

The command is not executed successfully as the lock is acquired by you.

wait-timeout wait-timeoutparameter

defines the time duration for which

the system waits to acquire a lockif a configuration changing

command is running in another

session. This parameter is not

applicable if another user has

already acquired the lock. It is

applicable only if no one has



seconds.

lock-timeout The parameter lock-timeoutis

the maximum time, in minutes,

after which the configuration lock

will be released. To fully preventany idle timeout, specify 0. Note

that no idle timeout (0) might

result in a situation that requires a

restart of the configuration lock

recovery group

(/ConfLockServer) to release

the configuration lock in some

failure scenarios.


minutes. 0means no

lock-idle time-out.


Table 5 Parameter descriptions (Cont.)


27/48

DN09137376 Issue 1-7

27


Id:0900d80580a41c7c

4 Start session 2 and acquire the configuration lock a second time.

You can acquire a second configuration lock in another session of yours (while still

holding the lock in the first session), by using the following command:set config-mode on

The following message is displayed:


The command is executed successfully, as a single user can acquire multiple configu-

ration locks for multiple sessions.

5

Execute an action in session 2.

To execute an action in session 2, enter the following command:

add networking address /CLA-0 iface lo ip-address 127.0.254.4/32The command is executed successfully.

6

Release the configuration lock for session 1.

To release the configuration lock for session 1, enter the following command:

set config-mode off

The configuration lock acquired for the session 1 is released. If the lock is not released,

it will automatically be released after a set time or immediately when the started SCLI

session is terminated.

7

Execute an action by a user with different id.

To check if a user with a different user id can make any change to the Configuration

Directory server, enter the following command:


The command is not executed and the following output is generated:

The command was not executed. You or another user is currently

holding the configuration lock in another session, blocking all

configuration changes.

For more details, see "show config-mode status"

The action is not performed successfully because the configuration lock is still held byyou.

8

Check if configuration lock can be acquired by different users.

To check if the configuration lock can be acquired by another user other than you, enter

the following command:

set config-mode on

The lock is not acquired and the following output is returned:

The configuration lock is already acquired by another user in

another session.

For more details, see "show config-mode status."


28/48

28

DN09137376 Issue 1-7


Id:0900d80580a41c7c

This is because the configuration lock cannot be acquired by another user, until you

release all the instances of the acquired configuration lock.

9 Release the configuration lock for session 2.

To release the configuration lock for session 2, enter the following command:

set config-mode off

The configuration lock acquired for the session 2 is released. If the lock is not released,

it will automatically be released after a set time or immediately when the started SCLI

session is terminated.

g Make sure you have released all the configuration locks in different sessions (Web UI &SCLI), otherwise other user can not acquire any configuration lock until your configura-

tion locks are released automatically.

1

Enable configuration lock for a user with different id.

When all the instances of the configuration lock acquired by you has been released, an

user with different id can acquire the lock, by using the following command:

set config-mode on

If the lock is acquired successfully and the following output is generated:


g If you are executing a command which takes longer than 10 minutes, then change thedefault lock time-out by entering the following command:

set config-mode on lock-timeout Where, is the new lock time-out value. In other words

if no command is executed for a duration which is more than the new lock-timeout value,

the configuration lock will be released. However, it is unlikely for a single command to

take more than 10 minutes.

Acquiring the configuration lock prevents multiple users, with different user ID, from exe-

cuting commands that change the configuration. If you have the configuration lock for

session 1, you can still acquire the configuration lock for session 2, using the same user

ID. Once acquired, the configuration lock is reference counted. The reference count

increases with every set config-mode onand decreases with every set config-

mode offor any session exit. The lock is released when the reference count reaches

zero.The current status of the lock can be obtained by using the following command:

show config-mode status

g If you do not release the lock by running the set config-mode offcommand, thelock is automatically released when you exit from the interactive fsclishsession. In

order to make configuration changes persistent, you must make a configuration

snapshot and set it as the new startup configuration. This might be the last operation

executed before releasing the configuration lock. It can also be done at any other point.

g Making a configuration snapshot without holding the configuration lock might causepartial configuration changes from other operators to be included in the configuration

snapshot. The configuration lock helps preventing such situations.


29/48

DN09137376 Issue 1-7

29


Id:0900d80580a2e2f7

5.2 Transaction using SCLI

5.2.1 Executing a successful transaction

Summary

Transaction functionality provides a mechanism to bundle multiple changes to the con-

figuration directory server in one bulk transaction. This prevents a non-complete config-

uration from harming the functionality of the system. A transaction is started and certain

actions are performed to add, delete, or modify a data, then the transaction is committed

so that the actions executed are visible to all the users. If the action is not committed,

the changes are not visible to all users.

The start transactioncommand starts read-write transactions in the Configuration

Directory. No other read-write transactions are allowed until this transaction is commit-

ted, rolled back, or aborted due to an error. Parallel read operations in the Configuration

Directory are still possible. Configuration Directory transactions have an idle timeout,which can be defined by the idle-timeout parameter. By default its value is set to

300000ms in case interactive session and 20000ms in case of non-interactive session.

Transactions can be aborted due to idle timeout, if both of the following conditions are

true:

1. No operations were executed in the context of the transaction for longer than the

time specified as idle timeout.

2. There is a request to start another read-write transaction If there is already an

ongoing read-write transaction, the start operation blocks by default until the trans-

action is concluded. To avoid this blocking, the timeoutparameter can be passed

- specifying the blocking time-out. If the transaction could not be started within the

period of the blocking timeout, an appropriate error is returned.

g Node startup is prevented when a transaction is ongoing. Once the transaction issettled, node startup proceeds and the new data is visible.

In this example, a transaction is started after first acquiring the optional configuration

lock. If acquiring the configuration lock, always acquire it first before starting a transac-

tion, do not acquire the configuration lock after starting a transaction. After doing an

exemplary configuration change the transaction is committed and the configuration lock

is released.

You can only rollback an ongoing transaction. A committed transaction can not be rolled

back.

For more information on Transaction feature, refer to section Configuration Transaction.

Steps

1 Enable configuration lock.


set config-mode on

You must enable the configuration lock to avoid parallel modifications by multiple users.


30/48

30

DN09137376 Issue 1-7


Id:0900d80580a2e2f7

2 Start the transaction.

To start a transaction enter the following command:

start transaction

g No other transactions are allowed until this transaction is committed, rolled back, oraborted due to an error. Parallel read operations in Configuration Directory, for example

show configcan still be executed. When starting a transaction, two optional parame-

ters can be passed by the operator:

The plain timeoutparameter defines how long the start transaction command must

wait, if it cannot start a transaction because of an ongoing transaction. It will only return

after timeout milliseconds, if the transaction does not start successfully. If the transac-

tion starts successfully then it returns immediately.

The idle-timeout parameters define, how soon idle transactions are aborted due to inac-

tivity. A transaction is aborted if both the conditions mentioned here are satisfied:

1. No operations have been executed in the context of the transaction for longer than

the time specified as idle timeout.

2. There is a request to start another read-write transaction.

3

Execute an action in the Configuration Directory.

You can execute single or multiple actions in the configuration directory server by using

the relevant SCLI command. For example:

add networking address /SSH ip-address 11.0.0.0/32 iface front-

eth0

g For add networking address command, an extra token dedicated is providedin the cluster. This token is available for backwards compatibility of the software and

does not have any effect on the command. Hence dedicatedis not described in this

guide.

The command with dedicatedtoken is as follows:

Parameter Description

idle-

timeout

Idle transaction timeout (in milliseconds). Transaction gets aborted

by the server if no operations happen for more than timeout millisec-

onds. Please note that timeout is triggered only if there is a pending

start read-write transaction request while another read-write transac-tion is ongoing. This means that an idle transaction might stay open

for longer than the specified timeout if no other read-write transaction

request is made.

In case of interactive sessions the default idle timeout is 300000ms

and in case of non-interactive sessions the default idle timeout is

20000ms.

timeout Timeout for executing the operation in milliseconds (ms). The default

timeout value is 5000ms.

Table 6 Parameters for executing a transaction command.


31/48

DN09137376 Issue 1-7

31


Id:0900d80580a2e2f7

add networking address dedicated

4

Commit the transaction.

To commit the transaction, use the following command:

commit transaction

g You must commit the transaction so that the changes made in the configuration directoryserver are reflected.

Execute the following command to view if the IP address is added to the specified owner

and interface:

show networking address

The following sample output is displayed:


front_eth0

address : 11.0.0.0/32

owner : /SSH

5

Release the configuration lock.

To release the configuration lock, enter the following command:

set config-mode off

gIf you do not release the lock, it will automatically be released after a set time or imme-diately when the started SCLI session is terminated.


32/48

32

DN09137376 Issue 1-7


Id:0900d8058098ce3f

5.2.2 Rollback a transaction

Purpose

To rollback a transaction using SCLI command.

Summary

Rollbackoption instructs the system to ignore the changes done to Configuration

Directory. This is in contrast to the commitoption which ensures that once the transac-

tion is committed, the data is committed to the Configuration Directory and the changes

are visible to the users. To rollback a transaction, you must first start a transaction and

then execute certain actions to add, delete or modify a data, the transaction is then rolled

back. A successfully started but later timed out transaction has to be rolled back before

you can start a new one in the same SCLI session.

The transaction can be rolled back even if no changes were submitted during transac-

tion.

For more information on Transaction feature, refer to section Configuration Transaction.

Steps

1



set config-mode on


2 Start the transaction.

To start a transaction, enter the following command:

start transaction

3

Execute an action in the configuration directory.

You can execute single or multiple actions in the Configuration Directory server by using

the relevant SCLI command. For example:

add networking address dedicated /SSH ip-address 10.12.12.12/24

iface eth0

4

Rollback transaction.

To rollback a transaction, enter the following command:

rollback transaction

After the transaction is rolled back, the changes to the Configuration Directory server is

removed.

Once you execute the show networking addresscommand, the following sample

output is displayed:

address instance default interfaces:eth1

type : dedicated

address : 10.102.230.171/24


33/48

DN09137376 Issue 1-7

33


Id:0900d8058098ce3f

owner : /SSHeth1

type : dedicated

address : 10.102.230.174/24

owner : /TargetInfo

g Here all the pending changes are discarded and the currently active configuration is notmodified. A new transaction has to be started after the rollback in order to execute the

Configuration Directory transaction changes.

5

Disable configuration lock.

To disable the configuration lock, enter the following command:

set config-mode off

gIf you do not release the lock, it will automatically be released after a set time.


34/48

34

DN09137376 Issue 1-7


Id:0900d805809b5985

5.3 Configuration snapshot using SCLI

5.3.1 Listing configuration snapshots

Summary

Saved configuration snapshots can be listed with show snapshotcommands. This

operation shows configuration or startup configuration within a certain delivery, or all

installed deliveries depending on which option is chosen. A certain delivery can have

one or multiple snapshots but only one of them is a startup snapshot. A saved configu-

ration can be considered as a snapshot of the running configuration from the point of

time when the configuration is saved. A software delivery is a set of software compo-

nents that work together to provide the functionality of the network element. Only

software deliveries as a whole can be installed and activated in the target system

You can use any of the options:

1. current-startup - Shows the startup configuration of a certain delivery

2. currentall-startup - Shows the startup configurations of all deliveries

3. list - Shows configurations of a certain delivery

4. listall- Shows all configurations of all deliveries

Steps

1

View the startup configuration of a certain delivery.

To view the startup configuration of a certain delivery, execute the following command:

show snapshot current-startup delivery-name

In case the delivery name is not given, the active delivery name is used.

You can set the log levels by selecting the following parameters:


current-

startup

This parameter shows the startup configuration in a certain delivery.

In case the delivery name is not given, the active delivery name is

used.

delivery-

name

A software delivery is a set of software components that work

together to provide the functionality of the network element. Only

software deliveries as a whole can be installed and activated in the

target system.

trace Enables the execution line trace in trace log. Trace log is stored at

/tmp/SS_FConfigure/fsconfigure_trace.log . Trace log is

not visible on the console. Any user with access to the bash shell via

the SCLI command shell bash full, has access to this trace log

file of the operation.

Table 7 Parameters of show snapshot list allcommand.


35/48

DN09137376 Issue 1-7

35


Id:0900d805809b5985

2

View all the startup configurations within all the installed deliveries.

To view all the startup configuration of all the installed deliveries, execute the following

command:

show snapshot currentall-startup


verbose Verbose level can be:

1.CRITICAL

2. ERROR

3. WARNING

4. INFO

5. DEBUG

The higher the number, the more verbose is the log. quietoption

overrides the verboseoption if both of them are given.

quiet Suppresses normal debugging message on the console except for

critical failure messages. quietoption overrides the verbose

option if both of them are given.


Table 7 Parameters of show snapshot list allcommand. (Cont.)


curretnall-startup

This parameter shows all the startup configurations within all theinstalled deliveries.







1. CRITICAL

2. ERROR

3. WARNING4. INFO

5. DEBUG








36/48

36

DN09137376 Issue 1-7


Id:0900d805809b5985

3 List all the snapshots in a certain delivery.

To list all the snapshots of a certain delivery, execute the following command:

show snapshot list delivery-name

In case the delivery name is not given, the active delivery name is used.


4

List all the snapshots within all the installed deliveries.

To list all the snapshots from all the installed deliveries, use the following command:

show snapshot listall ]



list This parameter lists all the snapshots in a certain delivery. In case

the delivery name is not given, the active delivery name is used.

delivery-

name

A software delivery is a set of software components that work

together to provide the functionality of the network element. Only

software deliveries as a whole can be installed and activated in the

target system.







1. CRITICAL

2. ERROR

3. WARNING

4. INFO

5. DEBUG








listall Lists all the snapshots in all the installed deliveries.



37/48

DN09137376 Issue 1-7

37


Id:0900d805809b5985



not visible on the console. Any user with access to the bash shell viathe SCLI command shell bash full, has access to this trace log



1. CRITICAL

2. ERROR

3. WARNING

4. INFO

5. DEBUG







Table 10 Parameters of show snapshot list allcommand. (Cont.)


38/48

38

DN09137376 Issue 1-7


Id:0900d80580994d63

5.3.2 Defining a new startup configuration

Summary

A snapshot can be designated as a new startup configuration with the set snapshot

startupcommand.

A startup configuration is a configuration which is loaded when the system starts up.

Defining a startup configuration does not change the running configuration automati-

cally. The command always generates a normal log file describing the various steps

involved in generating a snapshot. The log file is stored at

/var/log/fsconfigure.log . Additionally a trace log file with more detailed logs is

generated if the traceoption is chosen. It is stored at

/tmp/SS_FConfigure/fsconfigure_trace.log .Any user with access to the

bash shell via the SCLI command shell bash full, has access to the normal log file

of the operation as well as the trace log file of the line execution. quietoption sup-

presses the normal debugging messages on the console except for critical failure mes-

sages. quietoption overrides the verboseoption if both of them are given.

Steps

1 Define a new startup configuration.

To define a new startup configuration, use the following command.

set snapshot startup config-name

[verbose|quiet|


39/48

DN09137376 Issue 1-7

39


Id:0900d80580994d63


1.CRITICAL

2. ERROR

3. WARNING

4. INFO

5. DEBUG







Table 11 Parameters of set snapshot startupcommand. (Cont.)


40/48

40

DN09137376 Issue 1-7


Id:0900d805809bf303

5.3.3 Saving a configuration snapshot

Summary

A snapshot of the current configuration can be taken with the save snapshot

command. This operation persistently saves the currently running configuration as a

snapshot. A saved configuration can be considered as a snapshot of the running con-

figuration from the point of time when the configuration is saved. Multiple snapshots can

exist simultaneously.The snapshot should be saved with a given name otherwise the

existing startup configuration will be overwritten by default.

The command always generates a normal log file describing the various steps involved

in generating a snapshot. The log file is stored at /var/log/fsconfigure.log .

Additionally a trace log file with more detailed logs is generated if the trace option is

chosen. It is stored at /tmp/SS_FConfigure/fsconfigure_trace.log .Any user

with access to the bash shell via the SCLI command shell bash fullhas access to

the normal log file of the operation as well as the tracelog file of the line execution.quietoption suppresses the normal debugging messages on the console except for

critical failure messages. quietoption overrides the verboseoption if both of them are

given.At this moment, the snapshot name can only be a combination of alphanumerical

characters and underscore with length not longer than 30 characters.

g If LDAP server is not available or LDAP switchover is in progress, a configurationsnapshot cannot be taken. Taking a snapshot will be possible again after LDAP server

is available

Steps

1

Take a snapshot of the current configuration by specifying the configuration

name.

To take a snapshot of the current configuration by specifying the configuration name,

use the following command:

save snapshot config-name startup []

You can use the following optional parameters:


config-name Specifies the name of the snapshot file used as the new startup con-

figuration for a given software delivery. You must use the short name(same filename as the save snapshot command, for example

VyYRV3z4_2009060415465 ). This parameter is mandatory and

generates an automatic list of snapshots from which user can select.

Configuration name can only be a combination of alphanumerical

characters and underscore with length not longer than 30 charac-

ters.

startup This operation persistently saves the currently running configuration

as a snapshot and then marks it as a startup snapshot.

Table 12 Parameters of save snapshot config-namecommand.


41/48

DN09137376 Issue 1-7

41


Id:0900d805809bf303

Example:

To take a configuration snapshot and save it to the file snapshot01042009 , enter:

save snapshot config-name snapshot01042009 startup



not visible on the console. Any user with access to the bash shell viathe SCLI command shell bash full, has access to this trace log



1. CRITICAL

2. ERROR

3. WARNING

4. INFO

5. DEBUG







Table 12 Parameters of save snapshot config-namecommand. (Cont.)


42/48

42

DN09137376 Issue 1-7


Id:0900d805809d1dda

5.3.4 Restoring a saved configuration

Summary

The current configuration can be replaced with a configuration from a saved snapshot.

This means that, the restored configuration will become active for the applications in the

running system.

g The restored configuration is not automatically taken into use during node or clusterrestart, unless it is also set (or is already defined) as the startupconfiguration.

This operation overwrites the runtime active configuration from a saved snapshot

belonging to the active delivery. The operation replaces the previously running configu-

ration and the system is re-configured according to the restored configuration. The

restored configuration does not persist over system reset unless the configuration has

been saved as the startupsnapshot. A saved configuration can be considered as a

snapshot of the running configuration from the point of time when the configuration is

saved. The command always generates a normal log file describing the various steps

involved in restoring a snapshot.

The log file is stored at /var/log/fsconfigure.log . Additionally a trace log file with

more detailed logs is generated if the traceoption is chosen. It is stored at

/tmp/SS_FConfigure/fsconfigure_trace.log .Any user with access to the

bash shell via the SCLI command shell bash full, has access to the normal log file

of the operation as well as the trace log file of the line execution. quietoption sup-

presses normal debugging messages on console except for critical failure messages.

quietoption overrides the verboseoption if both of them are given.

g It is recommended not to use restore snapshotfunctionality whenever there aredeployment related changes in the cluster. Instead, it is recommended to mark the con-figuration as a startup and reboot the cluster. For more information on how to mark a

configuration as start up, see, Defining a new startup configurationsection in Configu-

ration Management guide.

Steps

1

Overwrite the current configuration with a snapshot.

To overwrite the current configuration with a snapshot, use the following command:

restore snapshot config-name []]

You can use the following parameters:


43/48

DN09137376 Issue 1-7

43


Id:0900d805809d1dda

Example:

restore snapshot config-name config-

R_FPT_1.27.WR.32.d.1301301403.362394-INITIAL



figuration for a given software delivery. You must use the short name(same filename as the save snapshot command, for example





ters.







1. CRITICAL

2. ERROR

3. WARNING

4. INFO

5. DEBUG



quiet Suppresses normal debugging message on the console except forcritical failure messages. quietoption overrides the verbose


Table 13 Parameters of set snapshotcommand.


44/48

44

DN09137376 Issue 1-7


Id:0900d80580994d69

5.3.5 Deleting a configuration snapshot

Summary

Existing configuration snapshots can be deleted with the delete snapshot

command.

This operation deletes the named snapshot. It should be used with caution as the con-

figuration will be lost permanently. A saved configuration can be considered as a

snapshot of the running configuration from the point of time when the configuration is

saved. The command always generates a normal log file describing the various steps

involved in deleting a snapshot.

The log file is stored at /var/log/fsconfigure.log . Additionally a trace log file with

more detailed logs is generated if the traceoption is chosen. It is stored at

/tmp/SS_FConfigure/fsconfigure_trace.log .

Any user with access to the bash shell via the SCLI command shell bash full, has

access to the normal log file of the operation as well as the trace log file of the line exe-

cution. quietoption suppresses normal debugging messages on the console except

for critical failure messages. quietoption overrides verboseoption if both of them are

given.

g startupconfiguration cannot be deleted.

Steps

1

Delete a configuration snapshot.

To delete a configuration snapshot using, execute the following command:

delete snapshot config-name

[]

You can use the following parameters:



figuration for a given software delivery. You must use the short name

(same filename as the save snapshot command, for example





ters.






Table 14 Parameters of delete snapshotcommand.


45/48

DN09137376 Issue 1-7

45


Id:0900d80580994d69


1.CRITICAL

2. ERROR

3. WARNING

4. INFO

5. DEBUG







Table 14 Parameters of delete snapshotcommand. (Cont.)


46/48

46

DN09137376 Issue 1-7


Id:0900d805809be047

5.4 Making configuration changes using the configuration

lock, transaction, and configuration snapshot concept

PurposeTo make a configuration change using the three features of configuration management:

configuration lock, transaction, and configuration snapshot.

Summary

To make configuration changes using the configuration locking, transaction, and the

configuration snapshot concept. In this example, you will add IP addresses to the

loopback interface on the CLA-0 node. You will also reverse the changes made to the

Configuration Directory.

Steps

1



set config-mode on


2

Initiate a bulk transaction.

To start a transaction, enter the following command:

start transaction

You can execute multiple commands and bundle them as one transaction; for example,you can add two IP addresses to the loopback interface on the CLA-0 node as part of

one single transaction. This is called bulk transaction.

3

Adding IP addresses.

To add two IP addresses to the loopback interface on the CLA-O node, enter the follow-

ing command:



g

For add networking address command, an extra token dedicated is provided

in the cluster. This token is available for backwards compatibility of the software and

does not have any effect on the command. Hence dedicatedis not described in this

guide.

The co

mgw config mana

Documents