CS1000E Rls. 7.5 Installation

Previous page Next page

1. Install Linux base on CPDC card(s)

Load the Linux base:

The first step in the installation process is to load the Linux base on the CPDC cards.
You will need to load (and patch) as many cards as your installation requires. The procedure is the same for each.

We can interact with a CPDC card either via serial a TTY cable, or via a USB keyboard and VGA monitor connected to the cards faceplate. The bootable software installation USB thumb drive is placed in any one of the three faceplate USB slots.

Power up the card, and be prepared to press F to choose a boot method. The option appears on the screen within a few seconds of booting, immediately after the option to enter bios configuration, and only stays onscreen a few seconds.

At the Boot Option Menu, arrow down to select Flash Drive:

Next, tell the system to run through the configuration script via serial or KVM. Up until this point the same output will appear on both the serial port and the monitor, if connected. If Enter is pressed without input, the system defaults to serial - com1.

Proceed through all the "are you sure?" prompts, keep pressing enter to proceed....

A basic configuration may not include a DNS server.
Set the date and time if needed, and confirm that it is correct - this is important!

NOTE: If the date is not changed to the current date when installing Linux Base, the certificates may fall.

Next set the root and admin2 passwords. These must meet complexity requirements so good luck! WRITE THEM DOWN!
The root password is rarely needed, beware though, as it might expire. The admin2 password is used to directly access the base element after the installation has completed, eg, when the element is NOT registered with the security domain.

On the Deployment Server screen, enter [Y]es for one CPDC card only (UCM0). An installation has only ONE deployment server.

This ends the configuration script. The system will now automatically install and configure packages. The process takes approximately 17 minutes and will include a reboot.

When the installation process is complete, the card reboots to a FQDN login prompt:

These steps should be repeated for all CPDC cards.

Upload and apply patches:

Use a SFTP file transfer program (winSCP/Transmit) to upload the Service-updates (patches) and Service-pack to each CPDC card in turn. The patching directories are:

Always patch the PRIMARY UCM0 first, then the backup UCM1, followed by any Member servers.

Service Updates:
After uploading the SU's, login with admin2 and pload the SU's, one at a time, in the following order:

  1. cs1000-linuxBase-x.xx.xx.xx-xx
  2. cs1000-baseWeb-x.xx.xx.xx-xx
  3. cs1000-patchWeb-x.xx.xx.xx-xx

Use pload <patchname> and pins <handlenumber> for each patch file to load and apply it.
OR, pload <patchname> each patch file, and pins --all to install and apply the SU's all at once.

Service Pack:
The Service pack applies additional patches depending on the deployed applications, and so should be applied AFTER deployment. We can uploaded the file now, but don't forget to load it later! Use: spload <filename.zip>, followed by spins to install.

Use pstat and spstat to see which service updates/pack are in service.

Linux Base patching commands:

Service-Update commands:
ploadLoad patches
pinsInstall patches
plisShow info about a patch
poosPut patch Out of Service
poutUnload Patch from system
pstatPatch status
 
Service-Pack commands:
sploadLoad service packs
spinsInstall service packs
spstatService pack status

The following commands may also be useful for getting a snapshot of server status before and after patching:

Password Expiration:

By default the root and nortel passwords will expire after 90 days, locking out the accounts. We shall set them to never expire (never age). Login as root, and issue the following commands:

# passwd root -x -1 
# passwd nortel -x -1

The command chage --list root can be used to confirm the password will never expire.

Note: The root user can only login directly, either via the COM1 console, or through an attached keyboard and monitor.

Hosts file:

Because most systems do not use DNS servers, the PC's hosts file must be modified to allow browser navigation via the FQDN. The hosts file is found in the following directory (you may have to "show hidden files/folders" first, in Folder Options):

C:\Windows\System32\drivers\etc\
Open the file with Notepad and add a line at the bottom with the following for each FQDN:
192.168.75.13 ucm0.mypbx.com (substituting your cards IP address and FQDN)

To modify the hosts file on a Windows 7 machine, Notepad must be opened with administrator's privileges. Right click on the Notepad icon and select Run as administrator. Then from the file menu choose Open, navigate to the hosts file, make changes and save it.

Now we can continue to Configure and Join the Secure Domain....

Previous page Next page