{{tag>[ibm aix certification]}}
===== Test 000-221 - AIX 7 Administration =====
* Number of questions: 72
* Time allowed in minutes: 90
* Required passing score: 58%
* Test languages: English
[[http://pic.dhe.ibm.com/infocenter/aix/v7r1/index.jsp|AIX 7.1 Information Center]]
==== System Availability (10%) =====
=== Identify resources used by Cluster Aware AIX ===
For the folling commands to work, you have to have **bos.cluster** installed and running them within a cluster environment.
Query status of nodes:
lscluster -m
Interface state:
lscluster -i -n
Disk info and state:
lscluster -d
Run commands on all nodes:
clcmd ps -ef
=== Configure dump devices and analyze output ===
IBM documentation: [[http://www-01.ibm.com/support/docview.wss?uid=isg3T1000169|Managing System Dump Devices]]
The sysdumpdev command changes the primary or secondary dump device designation in a system that is running. The primary and secondary dump devices are designated in a system configuration object. The new device designations are in effect until you run the sysdumpdev command again, or you restart the system.
It is not recommended that a standalone dump logical volume be mirrored. It is much better practice to have a primary and a secondary dump device, each wholly contained on separate hdisks, rather than mirroring these devices. If for some reason the primary dump device is inaccessible the dump program will then attempt to dump to the secondary device.
== Show information ==
View information about primary and secondary dump device:
sysdumpdev -l
primary /dev/lg_dumplv
secondary /dev/sysdumpnull
copy directory /var/adm/ras
forced copy flag TRUE
always allow dump TRUE
dump compression ON
type of dump traditional
Enable "always allow dump":
sysdumpdev -k
Estimate size of dump for current running system:
sysdumpdev -e
0453-041 Estimated dump size in bytes: 798385766
== Change dump device ==
Create a new LV and change the dump device
sysdumpdev -Pp /dev/dumplv
== Start a dump and analyse ==
Start dump, **reboot** wil take place!
sysdumpstart -p
Shows dump date, time and size
sysdumpdev -L
0453-039
Device name: /dev/lg_dumplv
Major device number: 10
Minor device number: 11
Size: 203220992 bytes
Uncompressed Size: 2208585577 bytes
Date/Time: Tue Oct 8 13:27:09 CEST 2013
Dump status: 0
Type of dump: traditional
dump completed successfully
Copy last dump from dump device
savecore -d /var/adm/ras
0481-183 Saving 203220992 bytes of system dump in /var/adm/ras/vmcore.0.BZ
Analyse dump:
dmpuncompress vmcore.0.BZ
-- replaced with vmcore.0
kdb /var/adm/ras/vmcore.0 /usr/lib/boot/unix_64
/var/adm/ras/vmcore.0 mapped from @ a00000000000000 to @ a00000083a45769
START END
0000000000001000 00000000058A0000 start+000FD8
F00000002FF47600 F00000002FFDF9C8 __ublock+000000
000000002FF22FF4 000000002FF22FF8 environ+000000
000000002FF22FF8 000000002FF22FFC errno+000000
F1000F0A00000000 F1000F0A10000000 pvproc+000000
F1000F0A10000000 F1000F0A18000000 pvthread+000000
Dump analysis on CHRP_SMP_PCI POWER_PC POWER_4 machine with 4 available CPU(s) (64-bit registers)
Processing symbol table...
.......................done
read vscsi_scsi_ptrs OK, ptr = 0x0
(0)> stat
SYSTEM_CONFIGURATION:
CHRP_SMP_PCI POWER_PC POWER_4 machine with 4 available CPU(s) (64-bit registers)
SYSTEM STATUS:
sysname... AIX
nodename.. p630
release... 1
version... 7
build date May 10 2013
build time 11:15:39
label..... j2013_19C1
machine... 005FF6FD4C00
nid....... 5FF6FD4C
time of crash: Tue Oct 8 13:27:09 2013
age of system: 43 min., 59 sec.
xmalloc debug: enabled
FRRs active... 0
FRRs started.. 0
CRASH INFORMATION:
CPU -1 CSA 053A7E80 at time of crash, error code for LEDs: 00000000
(0)>
=== Determine elements necessary to reduce single points of failure ===
* Servers / nodes
* Applications
* Networks and interfaces
* Disks and adapters
=== Understand geographical logical volume manager (GLVM) ===
IBM Documentation [[http://pic.dhe.ibm.com/infocenter/aix/v7r1/index.jsp?topic=%2Fcom.ibm.aix.hacmp.geolvm%2Fha_glvm_standalone.htm|GLVM Overview]]
You can configure geographically mirrored volume groups in AIX® GLVM, without having to install and configure an HACMP™ cluster. The AIX GLVM technology provides the same geographic data mirroring functionality as HACMP/XD for GLVM, only without the automated monitoring and recovery which is provided by HACMP.
**GLVM is intended for non-concurrent access only.** In order to prevent accidental concurrent access, it is recommended that a geographically mirrored volume group not be automatically varied online during system startup.
The RPV device driver does not encrypt the messages that are sent between the RPV client and RPV server. IBM recommends the IP Security (IPsec) feature of AIX for network security.
=== Maintain hardware (CEC/Blade Hardware), deferred or concurrent firmware, AMM firmware (for Power Blades), whether an adapter replacement or new installation. ===
See hardware manuals and IBM Fix central for updates. [[http://www-933.ibm.com/support/fixcentral|IBM Fix central]]
==== Storage Management (21%) =====
=== Manage storage devices (traditional disk, Solid State Drives, and tape) including redundancy ===
Show disk size in MB, lspv only works if disk is in a volume group:
getconf DISK_SIZE /dev/hdisk0
=== Manage physical and virtual devices ===
The cfgmgr command configures devices and optionally installs device software into the system.
cfgmgr
Show physical devices:
lspv
hdisk0 005ff6fd4c672d8d rootvg active
hdisk1 005ff6fd44f62149 datavg active
hdisk2 0042579a00041f31 datavg active
hdisk3 005ff6fd8cc976b8 rootvg active
=== Create and manage volume groups ===
List volume groups:
lsvg
rootvg
datavg
Show volume group information:
lsvg rootvg
VOLUME GROUP: rootvg VG IDENTIFIER: 005ff6fd00004c000000014185113848
VG STATE: active PP SIZE: 128 megabyte(s)
VG PERMISSION: read/write TOTAL PPs: 1092 (139776 megabytes)
MAX LVs: 256 FREE PPs: 962 (123136 megabytes)
LVs: 11 USED PPs: 130 (16640 megabytes)
OPEN LVs: 10 QUORUM: 1 (Disabled)
TOTAL PVs: 2 VG DESCRIPTORS: 3
STALE PVs: 1 STALE PPs: 1
ACTIVE PVs: 2 AUTO ON: yes
MAX PPs per VG: 32512
MAX PPs per PV: 1016 MAX PVs: 32
LTG size (Dynamic): 256 kilobyte(s) AUTO SYNC: no
HOT SPARE: no BB POLICY: relocatable
PV RESTRICTION: none INFINITE RETRY: no
List logical volumes within volume group:
lsvg -l rootvg
rootvg:
LV NAME TYPE LPs PPs PVs LV STATE MOUNT POINT
hd5 boot 1 2 2 closed/syncd N/A
hd6 paging 4 8 2 open/syncd N/A
hd8 jfs2log 1 2 2 open/syncd N/A
hd4 jfs2 2 4 2 open/syncd /
hd2 jfs2 12 24 2 open/syncd /usr
hd9var jfs2 32 64 2 open/stale /var
hd3 jfs2 1 2 2 open/syncd /tmp
hd1 jfs2 1 2 2 open/syncd /home
hd11admin jfs2 1 2 2 open/syncd /admin
lg_dumplv sysdump 16 16 1 open/syncd N/A
livedump jfs2 2 4 2 open/syncd /var/adm/ras/livedump
Create volume group datavg, pp size = 128MB with 2 disks:
mkvg -y datavg -s 128 hdisk1 hdisk2
Change volume group characteristics:
chvg
Add / remove physical volume to volume group:
extendvg vg3 hdisk3 hdisk8
reducevg vg01 hdisk1
Remove volume group:
varyoffvg
exportvg
=== Create and manage logical volumes ===
Create logical volume:
mklv -t jfs2 -y instimglv datavg 5000
Extend logical volume:
extendlv testlv 8
extendlv lv05 10M
Sync stale logical volume:
syncvg -l hd9var
=== Create and manage filesystems ===
Create file system:
crfs -v jfs2 -d instimglv -m /usr/sys/inst.images -A yes
Resize filesystem:
chfs -a size=20G /usr/sys/inst.images
==== System and Network Security (4%) ====
There are five (5) components to the RBAC security database:
* Authorizations
* Roles
* Privileged Commands
* Privileged Devices
* Privileged Files
The predifined roles are:
* The ISSO (Information System Security Officer) role manages all other roles. This makes it the most powerful role on the system.
* SA - Systems Administrator
* SO - System Operator
[[http://www.ibm.com/developerworks/aix/library/au-aix_rbac|RBAC Tour]]
=== Configure Role Based Access Control ===
Create and assign role to user so that user can shutdown system.
Create authorization:
mkauth shut_auth
Set security attributes
setsecattr -c accessauths=shut_auth /usr/sbin/shutdown
Create role
mkrole authorizations=shut_auth admin_role
Modify user
chuser roles=admin_role benst
Read security databases and load into the kernel
setkst
Test:
swrole admin_role
rolelist -e
/usr/sbin/shutdown -Fr
=== Configure and Manage remote access ===
Install OpenSSH?
==== Partition Management (11%) ====
=== Configure and manage Logical Partitions (LPARs), including DLPAR operations ===
=== Create and manage Workload Partitions (WPAR), including Versioned WPARs and planning for Live Application Mobility ===
=== Understand HMC, SDMC and IVM interfaces ===
=== Create and Manage VIO Server partitions (including working with virtual repositories) ===
=== Understand and explain LPAR and WPAR migration and mobility at a basic level ===
==== Performance Management and Tuning ====
=== Use performance monitoring tools, and plan for future growth ===
=== Analyze output from performance monitoring tools ===
=== Configure system tunables to support optimal application performance ===
==== Network Management (11%) ====
=== Configure network devices (including Etherchannel, IPv4, and IPv6) ===
=== Troubleshoot network issues ===
=== Configure TCP/IP, with and without VLAN support ===
==== System Management (18%) ====
=== Create, maintain and modify user accounts ===
=== Manage services and subsystems (using chtcp, etc) ===
=== Configure Electronic Service Agent ===
=== Configure the system and device attributes ===
=== Use AIX system management tools (for example: DSM, Director, NIM) ===
=== Install, apply, commit, or reject software ===
=== Create and manage paging space ===
=== Use Cron and At functions ===
==== Install and Manage AIX (11%) ====
=== Understand and manage AIX instance startup ===
=== Backup and restore AIX ===
=== Migrate WPARs from AIX 6 to AIX 7 ===
=== Install AIX and use NIM environments ===
=== Install Versioned WPARs ===
==== General administrative tasks (7%) ====
=== Create and use ksh and Perl scripts at a basic level ===
=== Use AIX commands such as TAR, CPIO, DD, RPM, SAVEVGSTRUC, and explain their use ===