03 Enabling Remote Log Ins


Overview

In order to use Cloud Control to manage the Oracle Virtual Machine Manager (OVM), the OVMM has to allow remote log ins.

References

Investigation

During the procedure described in 02 Setting Cloud for IaaS , the OEM manual at 4.2 Registering the Oracle VM Manager referred to MOS document 1490283.1 which says that TCPS has to be enabled as described in 4.9 Enabling Remote Log Ins before the OVMM can be discovered by OEM. (The document reference is for OVM 3.1. I am using the OVM 3.2 one instead.)

4.9 Enabling Remote Log Ins has the following warning:

Important

You should not configure remote log ins unless directed to by Oracle Support.

Once secure TCP connectivity has been configured, it cannot be disabled again. There are no remote (regular) TCP connections allowed.

There could be some friction between the OVM people and the OEM people. However, MOS document 1456338.1 (which is referred to at the bottom of 4.9 Enabling Remote Log Ins ) says that:

Beginning with Oracle VM Manager 3.1.1 release, TCPS is required for communication between Oracle VM Manager and Oracle Enterprise Manager.

After reviewing MOS document 1456338.1 , I decided to go with the simpler procedure described in 4.9 Enabling Remote Log Ins .

Procedure

I followed the procedure described in 4.9 Enabling Remote Log Ins as follows:

[oracle@melbourne ~]$ cd /u01/app/oracle/ovm-manager-3/bin
[oracle@melbourne bin]$ ./secureOvmmTcpGenKeyStore.sh
Generate OVMM TCP over SSH key store by following steps:
Enter keystore password:
Re-enter new password:
What is your first and last name?
  [Unknown]:  OVM
What is the name of your organizational unit?
  [Unknown]:  melbourne
What is the name of your organization?
  [Unknown]:  YAOCM
What is the name of your City or Locality?
  [Unknown]:  Melbourne
What is the name of your State or Province?
  [Unknown]:  Victoria
What is the two-letter country code for this unit?
  [Unknown]:  AU
Is CN=OVM, OU=melbourne, O=YAOCM, L=Melbourne, ST=Victoria, C=AU correct?
  [no]:  yes

Enter key password for <ovmm>
        (RETURN if same as keystore password):
Re-enter new password:
[oracle@melbourne bin]$ ./secureOvmmTcp.sh
Enabling OVMM TCP over SSH service

Please enter the Oracle VM manager user name: admin

Please enter the Oracle VM manager user password:

Please enter the password for TCPS key store :

The job of enabling OVMM TCPS service is committed, please restart OVMM to take effect.


[oracle@melbourne bin]$ su -
Password:
[root@melbourne ~]# service ovmm restart
Stopping Oracle VM Manager                                 [  OK  ]
Starting Oracle VM Manager                                 [  OK  ]

Issues

This procedure caused the issue described in OVMM Fails to Enable TCPS Connections .

To resolve this, I re-ran the procedure as root instead of oracle .