Home | History | Annotate | Download | only in man5
 te
 CDDL HEADER START

 The contents of this file are subject to the terms of the
 Common Development and Distribution License (the "License"). 
 You may not use this file except in compliance with the License.

 You can obtain a copy of the license at CDDL.txt
 or http://www.opensolaris.org/os/licensing.
 See the License for the specific language governing permissions
 and limitations under the License.

 When distributing Covered Code, include this CDDL HEADER in each
 file and include the License file at CDDL.txt.
 If applicable, add the following below this CDDL HEADER, with the
 fields enclosed by brackets "[]" replaced with your own identifying
 information: Portions Copyright [yyyy] [name of copyright owner]

 CDDL HEADER END
 Copyright 2007 Sun Microsystems, Inc. All rights reserved. Use is subject to license terms.
 SUNW.krb5 5 "31 Jul 2007" "Sun Cluster 3.2" "Sun Cluster Miscellaneous"
 NAME
SUNW.krb5, krb5 - resource type implementation of the Kerberos KDC server

 DESCRIPTION

SUNW.krb5 is the resource type that uses the SUNWsckrb5/etc/SUNW.krb5 file to store the resource properties required to drive the high-availability of the Kerberos server.

 "Standard Properties"

Standard resource properties are overridden for this resource type as follows:


.na
Cheap_probe_interval
.ad




.na
Maximum
.ad


3600 seconds





.na
Default
.ad


30 seconds





.na
Tunable
.ad


Any time








.na
Network_resources_used (string array)
.ad


A list of logical-hostname or shared-address network resources upon which this resource has a dependency. This list contains all network-address resources that appear in the properties Resource_dependencies, Resource_dependencies_weak, Resource_dependencies_restart, or Resource_dependencies_offline_restart.
This property is updated automatically by the RGM, based on the setting of the resource-dependencies properties. You do not set this property directly. Instead, use the Resource_dependencies property.


.na
Category
.ad


Conditional/Optional





.na
Default
.ad


The empty list





.na
Tunable
.ad


Any time








.na
Resource_dependencies (string array)
.ad


Specifies a list of resources upon which a resource depends. This list includes any logical-hostname or shared-address network resources that are used by a resource. The default value for this property is null.
You can specify one or more resource names. Each network resource can contain one or more logical host names. See the clreslogicalhostname(1CL) and clressharedaddress(1CL) man pages for more information.
You can specify an alternate kind of dependency by using the Resource_dependencies_weak, Resource_dependencies_restart, or Resource_dependencies_offline_restart property instead of the Resource_dependencies property.
For more information, see the r_properties(5) man page.


.na
Category
.ad


Optional





.na
Default
.ad


The empty list





.na
Tunable
.ad


Any time








.na
Port_list
.ad




Note - 


Port 88 is associated with krb5kdc(1M) and port 749 belongs to kadmind(1M).




.na
Maximum
.ad


Not applicable





.na
Default
.ad


88/tcp, 749/tcp, and 88/udp





.na
Tunable
.ad


At creation








.na
Retry_count
.ad




.na
Maximum
.ad


10





.na
Default
.ad


2





.na
Tunable
.ad


Any time








.na
Retry_interval
.ad




.na
Maximum
.ad


3600 seconds





.na
Default
.ad


600 seconds





.na
Tunable
.ad


Any time








.na
Thorough_probe_interval
.ad




.na
Maximum
.ad


3600 seconds





.na
Default
.ad


300 seconds





.na
Tunable
.ad


Any time








For more information about standard properties, see the r_properties(5) man page.

 "Extension Properties"

The extension properties associated with the SUNW.krb5 resource type are as follows:


.na
Monitor_retry_count
.ad


The maximum number of restarts by the process monitor facility (PMF) that are allowed for the fault monitor.


.na
Data type
.ad


Integer





.na
Default
.ad


4





.na
Range
.ad


No range defined





.na
Tunable
.ad


Any time








.na
Monitor_retry_interval
.ad


The period of time in minutes during which the PMF counts restarts of the fault monitor.


.na
Data type
.ad


Integer





.na
Default
.ad


2 minutes





.na
Range
.ad


No range defined





.na
Tunable
.ad


Any time








.na
Probe_timeout
.ad


The time-out value in seconds that the fault monitor uses to probe a Kerberos instance.


.na
Data type
.ad


Integer





.na
Default
.ad


90 seconds





.na
Range
.ad


No range defined





.na
Tunable
.ad


Any time







 EXAMPLES

Example 1 Instantiating a Failover Kerberos Resource


This example shows how to instantiate a failover Kerberos resource.



Before you work through this example, ensure that the Sun Cluster HA for Kerberos is installed.



Instantiate a Kerberos resource named krb5-rs in a resource group named krb5-rg. The krb5-rg resource group contains at least one logical hostname resource which identifies the logical hostnames associated with the resource group.


# clresourcetype register SUNW.krb5




# clresource create -g krb5-rg -t SUNW.krb5 krb5-rs





The resource krb5-rs listens on port 88 for krb5kdc and 749 for kadmind.


 ATTRIBUTES

See attributes(5) for descriptions of the following attributes:







ATTRIBUTE TYPEATTRIBUTE VALUE
AvailabilitySUNWkrb5



 SEE ALSO

kinit(1), kadmin(1M), kadmind(1M), krb5dc(1M), pmfadm(1M), svcadm(1M), r_properties(5), Sun Cluster Data Service for Kerberos Guide for Solaris OS