Create a new UNIX account named smuser with the default shell as ksh. You may also need to modify the profile for the smuser account, as indicated later in this chapter.
Important! You should install the Policy Server using the smuser UNIX account, but do not configure the Sun Java System or Apache on Linux Web Server for the FSS Administrative UI or the OneView Monitor GUI because the installer modifies the Web server's configuration files and smuser does not have the appropriate root privileges. Thus, when you run the Policy Server installer, do not select Web Server(s) or OneView Monitor when prompted to choose components.
After the Policy Server installation is complete, run the Policy Server Configuration Wizard (located in siteminder_installation\install_config_info\ca-ps-config.bin) as root to configure the FSS Administrative UI or the OneView Monitor GUI.
When the Policy Server is placed under load, it opens a large number of sockets and files. If the default limit parameters are not adequate for the load, a large number of sockets and files can become a problem. Modify the default limit parameters to avoid associated problems.
To view the default limit parameters, type the following command in a shell window:
ulimit -a
The system displays a message similar to the following example:
$ ulimit -a |
|
time(seconds) |
unlimited |
file(blocks) |
unlimited |
data(kbytes |
2097148 |
stack(kbytes) |
8192 |
coredump(blocks) |
unlimited |
nofiles(descriptors) |
256 |
vmemory(kbytes) |
unlimited |
In the example, the nofiles parameter is set to 256. The parameter is the total number of files (sockets + files descriptors) that this shell and its descendants have been allocated. If this parameter is not set high enough, the Policy Server returns numerous socket errors. The most common socket error is 10024, or too many open files.
Increase the nofiles parameter value for proper Policy Server operation under load. You can change this value by running the following command:
ulimit -n
For example, to set the value to 1024, place the following command in the profile file of the smuser account:
ulimit -n 1024
The Policy Server is bound by the nofiles parameter in the smuser account ulimit for the number of connections to it.
The LC_* variables are sometimes set by default in the profile file of the smuser account. Use of the LC_* environment variables are not permitted. Unset them before installing the Policy Server.
To unset the LC_* environment variables, open the profile file of the smuser account and unset them.
The LANG environment variable is not permitted. Unset it before installing the Policy Server.
To unset the variable, add the unset LANG command to the profile file of the smuser account.
|
Copyright © 2012 CA.
All rights reserved.
|
|