As you know, we have to install Oracle Management Agent to the targets to be able to manage them via our Enterprise Manager. In OEM Cloud Control 12c, we can “Add Host Targets Wizard” which is accessible from the web interface. We can manually enter required information of host or we can use auto-discovery method.
If we’ll use auto discovery, we need an active agent to discover targets in network. This agent can scan local services or network. “Nmap” is used for scanning network. Nmap requires root privileges to be able to use raw sockets for “Syn Scanning” (a method to detect open ports through firewalls). So we need to configure “privilege delegation” in the host of our agent (which we’ll use for scanning).
Click “setup”, “security” and then “privilege delegation”.
Currently I have only one active agent (it’s the agent installed on OEM Cloud Control server), so I’ll configure privilege delegation for it. Click “edit”.
Select “sudo”, enter “/usr/bin/sudo -u %RUNAS% %COMMAND%” as sudo command. Click update. So we said that this host supports sudo for privilege delegation but in fact, we haven’t configured sudo yet. Connect to the host (in this case it’s our cloud control server), edit /etc/sudoers file, put remark sign before “Defaults requiretty” add a user (i.e. oracle):
Shell
1
2
3
4
5
6
|
vi /etc/sudoers
#Defaults requiretty
root ALL=(ALL)
ALL
oracle ALL=(ALL)
ALL
|
As soon as you save the changes, oracle will be added to sudoers and be able to run commands as root with sudo. Now we’re ready to discovery new hosts using this host.
Click “setup”, “add target” and then “configure auto discovery”.
Click “configure” to set up IP scanning.
Click “create” to create a new search.
Click “add” to add agents which we’ll use for scanning.
Select the agent(s) for scanning. So you can use multiple agents to scan networks faster.
Enter the target IP subnet and then click job details.
Select “new” to be able to enter credentials of the user you added as sudoer, this information will be saved so you can use it later. You can give a meaningful name for it. Click “save and submit IP scan”.
Search job will start immediately. You can click “refresh IP scan results” to refresh the results. When it’s done we can check the auto discovery results page.
Click “setup”, “add target” and then “auto discovery results”. We see that new discovered hosts as 192.168.100.200 – Unfortunately there’s no DNS in my virtual network so IP address couldn’t be resolved. I could add this host to /etc/hosts file of my cloud control to see its name instead of its IP. Click over the host name and then click “promote”.
Select the correct agent and click next.
Enter the installation directory for the agent. It says this directory will be created but don’t forget the user should be able to create this directory. For example, “oracle” user can not create a directory in root partition so I created “/oracle” directory and give ownership to “oracle” user in target server before I start deploying the agent. Click “plus” button to enter new credentials.
Enter the credentials to install agent. Do not forget to add “oracle” user to sudoers on target server like we did on cloud control server! As I see Oracle Enterprise Linux 5.5 has /usr/bin/sudo but Cloud Control’s default sudo location is /usr/local/bin/sudo so change the privileged delegation setting according to the location of sudo.
Click “deploy agent” to start installing Management Agent to target server.
Wait until agent is deployed.
Here we can see the new host.
If you don’t want to use auto discovery, you can add hosts manually. Click “setup”, “add target”, “add targets manually”, then click “add host”.
Click “add” button to enter hostname (or IP) of the target server you want to add. Select the platform and click next.
Next steps are same with adding “discovered targets”, you enter the location to install agent, enter the credentials then click next.
Review the settings click “Deploy Agent” to start the installing agent to the target server. As usual, you should configure sudo in target system.
No comments:
Post a Comment