• No results found

Configuring the SFTP for Actively Transferring Files over the Northbound Interface (Password Authentication)

2.4 Setting an Inventory Export Task

2.5.2 Configuring the SFTP for Actively Transferring Files over the Northbound Interface (Password Authentication)

When the U2000 server actively uploads files to the NMS over the northbound interface, the U2000 server functions as an FTP client and the NMS functions as an FTP server. To ensure data security during file transmission, users can set the SFTP encryption mode.

Prerequisites

l Use PuTTY to log in to the U2000 server in SSH mode as user ossuser. For an HA system, you have logged in to the active and standby servers. For a remote HA system, you have logged in to the active and standby servers. For an SLS system, you have logged in to all servers.

l You have logged in to the NMS server as user UserA.

UserA is an NMS server user. Replace it as required.

Context

l When the password authentication is used, the password for logging in to the NMS server is required to set up an SFTP connection.

l Unless otherwise specified, perform the following operations on each U2000 server: NOTE

XFTPService0X01 indicates the XFTP service name of the U2000 server. Replace it as required.

For a single-server system, the XFTP service name is XFTPService0101. For an HA system, the service is deployed on the active server. The service name is XFTPService0101. For a remote HA system, the service is deployed on the active and standby servers. The service name is

XFTPService0101. For an SLS system, the service is deployed on the master and slave servers. The service name for the master server is XFTPService0101. The service name for the first slave server is XFTPService0201. The service name for the second slave server is XFTPService0301. This method applies to other service names of other servers.

l When the XFTP service uploads files in FTP mode:

– If the northbound server runs the Linux or Unix operating system, use the vsftpd software whose version is 2.0.5 or later.

– If the northbound server runs the Windows operating system, use the ftpserver service delivered with the system.

NOTICE

l In an SLS system, you need to perform the following steps only on the master and slave servers.

l In an HA or remote HA system, you need to perform the following steps only on the active server.

l In an ATAE cluster online remote HA system, you need to perform the following steps only on the master and slave servers (include active site and standby site).

Procedure

Step 1 Run the vi command to modify the /etc/ssh/sshd_config file and configure SFTP parameters on the NMS server.

su - root

Password: Password of user root # vi /etc/ssh/sshd_config

Table 2-7 lists the parameters to be configured. Table 2-7 Parameters to be configured for the SFTP

Parameter Value

PasswordAuthentica- tion

yes/no. Set this parameter to yes. l yes: password authentication is used. l no: password authentication is not used.

Parameter Value

MaxStartups Number of concurrent connections. The calculation method is as follows:

1. Run the following command to query the number of the SFTP tasks deployed on the U2000 server:

–If the installed U2000 server software is a Chinese edition, run the following command:

# vi /opt/oss/server/etc/XFTPService/locale/zh_CN/ TaskInfoCache.xml

–If the installed U2000 server software is an English edition, run the following command:

# vi /opt/oss/server/etc/XFTPService/locale/en_US/ TaskInfoCache.xml ... <ftpset> <dest>10.10.10.10</dest> <localpath... <localpath... </ftpset> ...

The preceding command output is used as an example. 10.10.10.10 indicates the IP address of the northbound server, and each localpath value corresponds to a task. Record the number of tasks and enter :q! to exit the vi editor. 2. Run the following command to query the number of threads

occupied by the SFTP tasks:

# cat /opt/oss/server/etc/XFTPService/ModuleParam.xml |grep TaskThreadNum

<param name="TaskThreadNum">10</param>

The preceding command output is used as an example. 10 indicates the number of threads occupied by the SFTP tasks. Record the number of threads.

3. The number of concurrent connections is obtained by multiplying the number of tasks by the number of occupied threads.

NOTE

If you change the number of SFTP tasks, you must change the number of concurrent connections at the same time.

If... Then... The NMS server is running Solaris The OpenSS H has been installed Run the pkginfo OpenSS H comman d, and the followin g comman d output is displaye d: Securit y OpenSSH OpenSSH Portabl e for Solaris

# ps -ef | grep sshd | grep -v grep

root 27748 1 0 Dec 25 ? 2:13 /usr/local/sbin/sshd

root 21923 27748 0 11:11:31 ? 0:02 /usr/local/sbin/sshd -R

l If the command output contains /usr/local/sbin/ sshd, the SFTP service is running. Run the following command to restart the SFTP service: # /etc/init.d/opensshd restart

l If no command output is displayed, the SFTP service has not started. Run the following command to start the SFTP service:

If... Then... No OpenSS H has been installed Run the pkginfo OpenSS H comman d, and the followin g comman d output is displaye d: ERROR: informa tion for "OpenSS H" was not found # svcs -a | grep ssh online 17:27:13 svc:/network/ssh:defaul

l If the command output contains online, the SFTP service is running. Run the following command to restart the SFTP service:

# svcadm restart svc:/network/ssh:default l If the command output contains disabled, the SFTP

service has not started. Run the following command to start the SFTP service:

# svcadm enable svc:/network/ssh:default

The NMS server is running

SUSE Linux # service sshd statusChecking for service sshd running

l If the command result contains running, the SFTP service is running. Run the following command to restart the SFTP service:

# service sshd restart

l If the command result does not contain running, the SFTP service is disabled. In this case, contact Huawei technical support.

The NMS server is running any other OS

Contact Huawei technical support.

Step 3 Perform the following operations on the U2000 server to change the value of the DefaultFTPType parameter in the ModuleParam.xml file.

This operation must be performed on each server where the XFTPService0X01 service is deployed.

$ cd /opt/oss/server/etc/XFTPService $ vi ModuleParam.xml

NOTE

If DefaultFTPType is set to 1, the SFTP encryption mode is used. If DefaultFTPType is set to 0, the plaintext FTP mode is used.

To change the SFTP encryption mode to the plaintext FTP mode, change the value of DefaultFTPType to 0 and restart the XFTPService0X01 service.

<GeneralParams> …

<param name="DefaultFTPType">1</param>

</GeneralParams>

Press Esc and run the :wq command to save the file and exit the vi editor.

Step 4 Run the following command on the U2000 server to restart the XFTPService0X01 service to make the modification take effect.

This operation must be performed on each server where the XFTPService0X01 service is deployed.

$ . /opt/oss/server/svc_profile.sh $ svc_adm -cmd status | grep XFTP

You can obtain the service name of XFTPService0X01 for the server on which the current operation is performed from the command output. XFTPService0X01 is used as an example. Replace it as required.

$ svc_adm -cmd restartsvc XFTPService0X01

Step 5 Run the following command on the U2000 server to view the XFTPService0X01 service status.

This operation must be performed on each server where the XFTPService0X01 service is deployed.

$ svc_adm -cmd status | grep XFTP

l If the XFTPService0X01 service is in the running state in the command output, the service is running properly.

l If the XFTPService0X01 service is in the not running state in the command output, the service is not started. When this occurs, contact Huawei technical support.

Step 6 Perform the following operations on the U2000 client to configure FTP server information: 1. Log in to the U2000 client.

2. Choose Software > FTP Auto Upload Management > Target Server Settings (traditional style); alternatively, double-click System Management in Application Center and choose Settings > FTP Auto Upload Management > Target Server Settings (application style).

In the Target Server Setting window, the configured FTP server information is displayed.

3. Select an FTP server whose information needs to be configured and click Add. 4. Set the FTP server parameters, as described in Table 2-8.

Table 2-8 Parameters in the Target Server Setting window Parameter Description Module Type/ Module Name

The module type consists of NBI FM, NBI CM, NBI PM, NBI Inventory, CME NBI, CME NCCDM, License Management, NBI Server Backup, NBI Log, EBC Counter, EBC Data, and LTE Trace Data. A module name indicates that the configured FTP server is used to transfer the files corresponding to the modules in the U2000. For example, if the module name is northbound alarm, it indicates that the configured FTP server is used to transfer the files of northbound alarm modules in the U2000 server.

Server IP IP address of the FTP server

User Name User name used to log in to the FTP server. Password Password used to log in to the FTP server. Confirm

Password

Enter the password again that is used to log in to the FTP server. Server

Directory

Directory for storing a file after it is transferred to the FTP server. The directory name cannot contain the following special characters: colon (:), asterisk (*), question mark (?), quotation mark ("), less than (<), greater than (>), and vertical bar (|).

NOTE

When you log in to the U2000 server as user ftpuser, ensure that the server directory starts with "/export/home/sysm", for example, "/export/home/sysm/ ftproot".

Source Directory

Directory for storing the LTE Trace Data need to be uploaded.

NOTE

This parameter only can be configured when you modify or add a FTP server whose Module Name is LTE Trace Data.

File Compressio n Type

Whether to compress a file before transferring it. –NONE: Transfer a file without compressing it. –ZIP: Transfer a file after compressing it.

5. Click OK. The configuration setting is completed.

The added parameters are saved and displayed in the Target Server Setting window. 6. Choose Software > FTP Auto Upload Management > File Upload Browser

(traditional style); alternatively, double-click System Management in Application Center and choose Settings > FTP Auto Upload Management > File Upload Browser (application style) to check the status of the files to be uploaded.

The files to be uploaded and files that fail to be uploaded are displayed in the Upload File Browser window.

2.6 (Optional) Manually Exporting Inventory Management

Files

Besides automatic export, you can also manually export inventory management files.

Prerequisites

l You have logged in to the U2000 client.

l You are authorized to perform inventory management.

Procedure

Step 1 Choose Configuration > Inventory Management (traditional style); alternatively, double- click Trace and Maintenance in Application Center and choose Monitor > Inventory Management (application style) . The Inventory Management window is displayed. Step 2 Perform relevant operations according to the data to be exported.

Inventory Data to Be

Exported Operation

Inventory data of all MOs of an NE

Right-click the NE node, and then choose Export > Export All from the shortcut menu.

Inventory data of all the external data of an NE

Right-click the NE node, and then choose Export > Export External Data from the shortcut menu.

NOTE

External data refers to the inventory data of special components that is unable to be reported.

Inventory data of an MO of an NE

Right-click the MO node, and then choose Export from the shortcut menu.

Step 3 Set the file name, save path, and save type of the file in the Save dialog box. Step 4 Click Save to finish the automatic export configuration.

Step 5 Click Close to close the Message dialog box. ----End

Download now "U2000 Northbound Inven..."

Outline

Related documents