Escolar Documentos
Profissional Documentos
Cultura Documentos
VMAX
Version 8.2.0
Installation Guide
REV 01
Copyright 2014-2016 EMC Corporation. All rights reserved. Published in the USA.
Published March, 2016
EMC believes the information in this publication is accurate as of its publication date. The information is subject to change
without notice.
The information in this publication is provided as is. EMC Corporation makes no representations or warranties of any kind with
respect to the information in this publication, and specifically disclaims implied warranties of merchantability or fitness for a
particular purpose. Use, copying, and distribution of any EMC software described in this publication requires an applicable
software license.
EMC, EMC, and the EMC logo are registered trademarks or trademarks of EMC Corporation in the United States and other
countries. All other trademarks used herein are the property of their respective owners.
For the most up-to-date regulatory document for your product line, go to EMC Online Support (https://support.emc.com).
EMC Corporation
Hopkinton, Massachusetts 01748-9103
1-508-435-1000 In North America 1-866-464-7381
www.EMC.com
CONTENTS
Tables
5
About this content
Chapter 1
Pre-installation considerations
11
Chapter 2
15
Chapter 3
21
CONTENTS
TABLES
1
2
TABLES
As part of an effort to improve its product lines, EMC periodically releases revisions of its
software and hardware. Therefore, some functions described in this document might not
be supported by all versions of the software or hardware currently in use. The product
release notes provide the most up-to-date information on product features.
Contact your EMC technical support professional if a product does not function properly
or does not function as described in this document.
This document was accurate at publication time. New versions of this document might be
released on the EMC Online Support website. Check the EMC Online Support site https://
support.EMC.com to ensure that you are using the latest version of this document.
Purpose
This document describes how to configure and use Unisphere for VMAX.
Related documentation
The following EMC publications provide additional information:
l
Indicates a hazardous situation which, if not avoided, will result in death or serious
injury.
WARNING
Indicates a hazardous situation which, if not avoided, could result in death or serious
injury.
CAUTION
Indicates a hazardous situation which, if not avoided, could result in minor or moderate
injury.
NOTICE
Note
Bold
Italic
Monospace
Used for:
l
System code
Monospace italic
Monospace bold
[]
{}
...
10
CHAPTER 1
Pre-installation considerations
This chapter lists some points to consider before installing Unisphere 360:
l
l
l
l
l
l
Pre-installation considerations
11
Pre-installation considerations
The Unisphere 360 installer is for a use with a fresh install only. Upgrading is not
supported for V8.2.0.
The user performing the installation must have operating system administrator
permissions on the system.
On Linux systems, before starting the installation procedure, create the postgres
user and group. For more information about how to do this, see Setting up the
PostgreSQL user on Linux on page 13.
Linux
The following Linux versions are supported:
l
Operating system
Windows
Linux
Minimum processor
16 GB
16 GB
120 GB
120 GB
12
Windows 7
Windows 8
Windows 10
Pre-installation considerations
Firefox version 40
13
Pre-installation considerations
14
CHAPTER 2
Installing Unisphere 360
15
In the Where Would You Like to Install field, type the installation path.
4. Click Next.
5. In the Ports Configuration page, do the following:
a. In the HTTPS Port No field, type the HTTPS port number, or accept the default value
of 8470.
b. In the DB Port No field, type the database port number, or accept the default value
of 3424.
c. Click Next.
6. In the X.509 Certificate-based Client Authentication page, do one of the following:
Note
7. In the Pre-Installation Summary page, review the summary information and click
Install.
The installation operation completes.
8. In the Install Complete page, click Done.
16
Note that instances of the following special characters are stripped from the
alias: @:?;|<>[]+=,*/\
b. Type the admin user name and press Enter.
The admin user name must match CN/UPN of the X.509 certificate (minus any
special characters that are stripped out) as configured in step 5.a on page 17.
This user is created in Unisphere 360 and assigned administration privileges to
bootstrap administration of the system.
Installing Unisphere 360 on a Linux system
17
6. In the Pre-Installation Summary panel, review the summary information and press
Enter.
The installation operation completes.
7. In the Install Complete panel, press Enter to exit the installer.
When using X.509 certificate-based authentication, ensure that the certificate for
Unisphere 360 is imported into the trust store for each Unisphere for VMAX to be
enrolled. For more information about this, refer to Secure communication between
Unisphere 360 and Unisphere for VMAX on page 22.
When using Lightweight Directory Access Protocol (LDAP) or Active Directory (AD),
ensure that you use the same user names as when signing in to Unisphere for VMAX
using LDAP/AD. For more information about this, refer to Using Lightweight Directory
Access Protocol or Active Directory on page 22.
The port number is configured during installation. The default HTTPS port number is
8470.
If the host IP address is an IPv6 address, surround the IP address with square
brackets, for example:
https://[2001:db8:ffff:ffff:ffff:ffff:ffff:ffff]:8470/
unisphere360
If the host IP address is an IPv4 address, type the IP address as normal, for example:
https://198.51.100.255:8470/unisphere360
2. Do one of the following:
l
At the login window, type the Unisphere Initial Setup User username and
password.
The default username for the Unisphere Initial Setup User in Unisphere 360 is
admin and the default password is admin.
3. Click Login.
Command
Start server
./cirrus start
Stop server
./cirrus stop
19
20
CHAPTER 3
Configuring security settings
This chapter explains how to configure security settings for Unisphere 360:
l
l
l
l
l
l
l
l
l
21
Importing CA or self-signed certificates from Unisphere for VMAX into the Unisphere
360 trust store on page 25
Importing CA-signed certificates into the Unisphere 360 trust store on page 24
For Windows:
install_dir/Unisphere360/config/application.properties
22
Type the path and name of the file to export, for example C:\Users
\Administrator\Desktop\u4v.cer.
Click Browse to navigate to the folder. Type the name of the file, if required.
7. Click Next.
8. In the Completing the Certificate Export Wizard page, review the information and click
Finish.
After you finish
The newly saved certificate can be imported into Unisphere 360. For more information,
refer to Importing CA or self-signed certificates from Unisphere for VMAX into the
Unisphere 360 trust store on page 25.
2. In the Network Info panel, take note of the assigned IP address, either IPv4 or IPv6.
3. Click Operations > Certificate Management for Unisphere Server.
The Certificate Management for Unisphere Server wizard displays.
Obtaining a Unisphere for VMAX certificate for use in Unisphere 360
23
4. In the Welcome to certificate management for Unisphere Server page, click Next.
5. In the Choose appropriate option page, select Certificate Import/Delete and click
Next.
6. In the Certificate Import/Delete page, select the Unisphere server certificate and click
Delete.
7. When the operation completes, click Cancel to close the wizard.
8. Click Operations > Certificate Management for Unisphere Server.
The Certificate Management for Unisphere Server wizard displays.
9. In the Welcome to certificate management for Unisphere Server page, click Next.
10. In the Choose appropriate option page, select Generate Self Signed Certificate for
Unisphere Server and click Next.
11. In the Generate Self Sign Certificate page, type appropriate values for each field. In
the CN field, type the assigned IP address you noted in step 2 on page 23.
12. Click Next.
13. When the operation completes. click Cancel to close the wizard.
eManagement reboots and regenerates the keystore to contain the new certificate.
After you finish
The newly generated certificate can be saved and imported into Unisphere 360. For more
information, refer to Obtaining a Unisphere for VMAX certificate for use in Unisphere
360 on page 23 and Importing CA or self-signed certificates from Unisphere for VMAX into
the Unisphere 360 trust store on page 25.
4. For each root CA and intermediate CA certificate, run the import command.
l
24
-file rootca_signed_certificate_file
-keystore keystore.jks -trustcacerts
l
In the commands above, alias is a unique, user-defined name for the certificate
imported, for example, root.
Note
Ensure that you import all of the intermediate certificates, as well as the root
certificate.
5. When prompted to do so, enter the keystore password.
6. Start the Unisphere 360 server.
For more information, refer to Starting and stopping the Unisphere 360 server on page
18.
Importing CA or self-signed certificates from Unisphere for VMAX into the Unisphere 360 trust store
25
In the commands above, alias is a unique, user-defined name for the certificate
imported, for example, u4v1234 which references a unique ID of the Unisphere for
VMAX instance.
6. When prompted to do so, enter the keystore password.
7. Start the Unisphere 360 server.
For more information, refer to Starting and stopping the Unisphere 360 server on page
18.
26
7. Import the CA-signed certificate and enter the trust store password when prompted to
do so.
For more information, refer to Importing CA-signed certificates into the Unisphere 360
trust store on page 24.
If the following error message is returned:
keytool error: java.lang.Exception: Failed to establish chain from
reply
For Linux:
install_dir/Unisphere360/config/application.properties
27
For Linux:
install_dir/Unisphere360/config/application.properties
To disable host name (FQDN, IP, DNS entry) verification, add the following line:
tls.host-name-verifier-allow-all=true