cfgassist command

Description

Set date and time zone

Set the date and time zone of the Virtual I/O Server.

Change passwords

Change the passwords for the users of the Virtual I/O Server.

Set system security

Set or unset the security settings by enforcing security rules and configuring firewall settings on the Virtual I/O Server.

Virtual I/O Server TCP/IP configuration

Set the TCP/IP configuration parameters that the Virtual I/O Server requires. The parameters include the host name, the IP address, the interface on which the IP is to be configured, the subnet mask, the gateway, the name server address, and the domain name.

Install and update software

Use to install and update software on the Virtual I/O Server.

Storage Management

Manage the storage on the Virtual I/O Server. Management operations include creation, deletion, or modification to the following storage devices: volume groups, logical volumes, physical volumes, storage pools, and virtual media repositories.

Devices

Manage the devices on the Virtual I/O Server, including virtual devices. Management operations include configuring or unconfiguring devices, changing characteristics of devices, removing devices, and configuring shared Ethernet adapters, link aggregation, and virtual local area network (VLAN).

Performance

Manage the performance tools on the Virtual I/O Server by using the following topas functions:

1. Topas recordings:

   The Virtual I/O Server supports local, central electronics process (CEC), and cluster recording capabilities. These recordings can be either persistent or normal. Persistent recordings are recordings that run on the Virtual I/O Server and continue to run after the Virtual I/O Server reboots. Normal recordings are recordings that run for a specified time interval. The recording data files that are generated are stored in /home/ios/perf/topas. Local recordings gather data about the Virtual I/O Server, whereas CEC recordings gather data about any AIX® logical partitions that are running on the same CEC as the Virtual I/O Server. The data collected consists of dedicated and shared logical partition data, as well as a set of aggregated values that provide an overview of the partition set. Cluster recordings gather data from a list of hosts that are specified in a cluster configuration file. This list is considered a single cluster. The cluster configuration file is populated with host names and IP addresses by using the xmtopas configuration option for the cfgassist command. These hosts can belong to various CECs that are not on the same CEC as the Virtual I/O Server, although the xmtopas option, which is responsible for gathering data outside of the Virtual I/O Server, must be enabled to start the CEC and cluster recordings. The recording format can be specified by the user as either binary or nmon.

   Persistent recordings are started by the cfgassist command with the option to specify the cut and retention of the recording. The user can specify the number of days of recording to be stored per recording file (cut) and the number of days of recording to be retained (retention) before the recording can be deleted. Not more than one instance of persistent recording of the same type (CEC or local recording) can be run in a system. When a persistent recording is started, the recording command is called with user-specified options. The same set of command-line options used by this persistent recording is added to inittab entries. This ensures that the recording is started automatically on reboot or restart of the system.

   If a system is already running a persistent local recording (binary or nmon recording format), a user might want to start a new persistent recording of a local binary recording. To start a new persistent recording, the existing persistent recording must first be stopped by using the stop persistent recording option available under the stop recording option. Then a new persistent local recording has to be started from the start persistent local recording option. Starting a persistent recording fails if a persistent recording of the same recording format is already running in the system. Recordings are deleted after the specified retention period. By default, local persistent recordings run on the Virtual I/O Server.

2. Performance Manager

   This function configures the Performance Manager (perfmgr) agent to gather data about performance of the Virtual I/O Server to analyze the data. The generated recordings are picked up by the Electronic Service Agent (ESA) agent, which sends the data to IBM support for analysis.

   After the agent is started, it runs various scripts internally to collect various data and generates a single data file named stats.send. All the individual data files and the stats.send file are stored in /var/perf/pm/daily/<hostname>/. Normally, the stats.send file is generated every midnight from the list of individual data files, which are generated by internally called scripts. A user can generate the stats.send file on demand by running the Retransmit Recorded Data menu.

Role-based access control

Role-based access control (RBAC) concepts are a part of the core set of security functions. RBAC provides a mechanism in the VIOS system through which the padmin -specific system functions can also be managed through users by using the roles assigned to them. RBAC addresses two aspects of system management: convenience and flexibility through the split of system management functions as roles. RBAC permits the system administrator to define roles based on the job functions within an organization. The administrator assigns authorizations to these roles, which might require detailed operations to manage resources. Users are granted membership in the roles (defining the authority and responsibility for the user) based on their job requirements. In other words, a role confers to a set of permissions or authorizations to the assigned user. Also implementation could allow for hierarchies of roles. RBAC simplifies the system administration due to the following reasons:

• RBAC permits you to implement and enforce companywide security policies consistently with regard to system management and access control.
• It is expected that a role or job function definition within an organization remains the same as compared to resources and users. Hence, a change in the role definition is not required.
• By breaking down system functions into smaller units, RBAC permits you to protect the system to a greater extent. The isolation enforced around smaller units of administration confines the attackers to the smallest unit of power in the system.
• RBAC reduces the likelihood of making mistakes of commission and omission in granting privileges to users.
• RBAC permits you to enforce the traditional least privilege model of security.

Electronic Service Agent

Electronic Service Agent automatically monitors and collects hardware problem information and sends this information to IBM® support. It also can collect hardware, software, system configuration, and performance management information which can help IBM support assist in diagnosing problems.

Shared storage pools

Shared storage pools manage the cluster and VIOS nodes, storage pool, and logical units. The following are the submenu options of shared storage pools:

• Manage cluster and VIOS node
• Manage storage pools in cluster
• Manage logical units in storage pool

Manage cluster and VIOS node

Using this menu option, the user can create or delete a cluster, list existing clusters, add or delete VIOS nodes from a cluster, and list nodes in a cluster.

Manage storage pools in cluster

Using this menu option, the user can list storage pools in a cluster, list, change, or show physical volumes in a storage pool, and set or modify storage pool threshold alert.

Manage logical units in storage pool

Using this menu option, the user can create and map logical units, unmap logical units, delete logical units, list logical units, list logical unit maps, create logical unit snapshots, list logical unit snapshots, roll back to snapshot, and delete snapshots.