Deployment Environment Requirements

This section describes hardware and software environments required for deploying the maintenance terminal, eReplication Server, and eReplication Agent to ensure that eReplication can work correctly.

The eReplication Server can be deployed on physical servers and mainstream virtualization platforms, such as VMware and Hyper-V.
To ensure the stability of DR and backup, you are advised to deploy the eReplication Server on an independent server. Note that the eReplication Server and the service host cannot be deployed on the same server.
The time zones of the servers where the eReplication Server is deployed at the production and DR sites must be the same. In addition, the same time source has been configured, and the time has been synchronized.
To prevent time deviation caused by different time zones, ensure that the time zone of the maintenance accessing eReplication is the same as that of the server where the eReplication Server is deployed.
To deploy the eReplication Server on a VM, ensure that the eReplication Server exclusively occupies the VM resources.
To prevent DR service unavailability caused by software conflicts, ensure that Huawei GaussDB software is not installed on the server where the eReplication Server is to be installed. Check method: Log in to the server where the eReplication Server is to be installed as user root and run the ps -ef|grep gaussdb command. If the command output contains the GaussDB process, install the eReplication Server on another server.

Maintenance Terminal Requirements

Table Maintenance terminal requirements describes maintenance terminal requirements.

**Table 1** Maintenance terminal requirements
Item	Requirement
Operating system	Chinese and English operating systems
Browser	Edge 120 - Edge 121 Firefox 120 - Firefox 121 Chrome 118 - Chrome 120
Network	Ensure that the maintenance terminal can access the physical server or VM where the eReplication Agent and eReplication Server are to be installed. Besides, the IP address of the maintenance terminal must be a free IP address.

eReplication Deployment Environment Requirements

eReplication is composed of the eReplication Server and eReplication Agent. Table eReplication Server environment specifications describes their deployment environment requirements.

**Table 2** eReplication Server environment specifications
Specifications	Requirement
Operating system	SUSE Linux Enterprise Server 12 SP5 x86_64 EulerOS release 2.0(SP12)x86_64 EulerOS release 2.0(SP12)aarch64 NOTICE: The installed operating system supports Chinese and English. If the system is EulerOS, you can use the OceanStor BCManager 8.5.1_EulerOS_ARM.zip or OceanStor BCManager 8.5.1_EulerOS_X86.zip software package to install the Euler OS. After the installation is complete, for the default password of account root, see the default password of the account for the target node on the Type A (Background) sheet in the OceanStor BCManager 8.5.1 eReplication Account List (Storage Disaster Recovery).
CPU	Minimum configuration: 2-core 1.6 GHz CPU Standard configuration: 4-core 1.6 GHz CPU or higher
Memory	Minimum configuration: 4 GB DDR Standard configuration: 8 GB DDR or higher NOTE: If the physical memory capacity is 4 GB, the available physical memory capacity must be 2 GB at least. If the physical memory capacity is 8 GB, the available physical memory capacity must be 4 GB at least. If the installation environment is a VM, the VM cannot use dynamic memory allocation. If the installation environment is a Linux operating system, the requirements on swap are as follows: If the memory capacity ranges from 4 GB to 8 GB, the swap value must be 8 GB. If the memory capacity ranges from 8 GB to 16 GB, the swap value must be the same as the memory capacity. If the memory capacity is greater than 16 GB, the swap value must be 16 GB.
Free disk space	If the Linux operating system is installed, the requirements for disk partitions are as follows: /: ≥ 50 GB swap: ≥ 8 GB /opt: ≥ 10 GB
Bandwidth of the management network	2 Mbit/s or higher In the Disaster Recovery Data Center Solutions (Active-Passive Mode) and (Geo-Redundant Mode), if two eReplication Servers are deployed. The bandwidth of the management network between the eReplication Servers is 2 Mbit/s or higher.
Deployment mode	Single-node mode eReplication is deployed on one node. If a node is faulty, DR protection cannot be provided. Active-standby mode (automatic recovery) The eReplication software is deployed on two nodes in sequence. The two nodes work in active/standby mode. Users use the floating IP address to access the eReplication management page. The active node provides services by default. The configuration data of the active node is automatically backed up to the standby node. When the active node is faulty, the system automatically switches the standby node to the active node to provide DR protection. Active-standby mode (manual recovery) The eReplication software is deployed on two nodes in sequence. The two nodes work in active/standby mode. Users use the IP address of the active node to access the eReplication management page. The data of the active node is automatically backed up to the standby node. When the active node is faulty, you need to manually switch the standby node to the active node to provide DR protection.

Requirements for Configuring Permission on Installation Packages and Directories

To decompress an installation package, note the following:

The name of the directory where the installation package resides can contain only letters, digits, underscores (_), hyphens (-), and one space.
The package cannot be decompressed to the installation directory of eReplication. In Linux, the installation path of the eReplication Server is fixed to /opt/BCManager.

Before installing the eReplication Server in Linux, ensure that permission of directories at each level (755 by default in Table 3) listed in Table 3 and that of the / root directory are properly assigned. Otherwise, users ICUser, Tomcat, and GaussDB have no operation permission on installation directories of the eReplication Server, interrupting services. In this manner, you are advised to set permission of these directories to 755.

**Table 3** Description of directory permission
Directory	Description	Impact
/usr/local	GaussDB database installation directory	If the permission is improper, the database cannot be normally started.
/usr/lib	Directory for saving file lib of the GaussDB database	If the permission is improper, the database may fail to be normally started.
/usr/lib64	Directory for saving file lib of the GaussDB database	If the permission is improper, the database may fail to be normally started.
/opt	Directory under which the eReplication Server is installed and data of the GaussDB data is saved	If the permission is improper, eReplication may unable to run properly.
/usr/sbin	Save directory of logs collected by running the DataCollect command.	If the permission is improper, eReplication may fail to collect logs.

Run the ls -ld directory name command to check the permission information about a directory.
Run the ll command to check owners and permission information about the files.

The following details the process using directory /opt as an example:

Log in as user root to the server where eReplication is to be installed.
Run the cd /opt command to go to directory /opt.
Run the chmod 755 /opt command to set permission on the directory to 755.

Requirements for Configuring the Host File

Before eReplication Server installation, the permission on the host file must meet the following configuration requirements:

Ensure host file hosts contains information about the mapping between the management IP address of the eReplication Server and the host name.

If the mapping is not configured, the eReplication service cannot be started after eReplication installation.
If the mapping is improperly configured, the eReplication Server cannot be logged in after it has been installed and started.

To configure the mapping between the management IP address of the eReplication Server and the host name, perform the following steps:

Linux:

Log in to the eReplication Server as user root.
Run the cd /etc command to go to the directory where file hosts resides.
Run the vi hosts command to open file hosts.
Press i to enter the editing mode and edit file hosts.
Assume that the management IP address of the eReplication Server is 192.168.10.10 and the host name is host01. Add the following content to the hosts file.
```
192.168.10.10 host01
```
Run the hostname command to check the host name.
Press Esc, and run the :wq! command to save the change and exit.

Requirements for Configuring the Encryption Algorithm

For Linux, to enhance operating system security, you are advised to set sha256 as the password encryption algorithm for operating systems of physical servers and VMs on which the eReplication Server and eReplication Agent are to be installed. Otherwise, the passwords of the ICUser, DRManager, and rdadmin maintenance accounts created during software installation may use the default MD5 encryption algorithm of the OS. However, the MD5 encryption algorithm may be cracked. To change the encryption algorithm for operating systems, perform the following steps:

SUSE Linux:

Log in as user root to the server where the eReplication Server or eReplication Agent is to be installed.
Run the vi /etc/default/passwd command and press Insert to edit the passwd file, and check the current encryption algorithm of the operating system (the value of CRYPT).
- If the current encryption algorithm is sha256 or sha512, go to 4.
- If the current encryption algorithm is not sha256 or sha512, go to 3.
Change the value of CRYPT to sha256.
Add the explanatory note # in the CRYPT_FILES=blowfish field and make the parameter is invalid.
Press Esc, and run the :wq! command to save the change and exit.

Red Hat Linux:

Log in as user root to the server where the eReplication Server or eReplication Agent is to be installed.
Run the authconfig --test | grep hashing command, and check the current encryption algorithm of the operating system.
- If the current encryption algorithm is sha256 or sha512, end the operation.
- If the current encryption algorithm is not sha256 or sha512, go to 3.
Run the authconfig --passalgo=sha256 --update command to change the encryption algorithm to sha256.

If the encryption algorithm is not modified before eReplication is installed, change the passwords of the ICUser, DRManager, and rdadmin maintenance accounts after the encryption algorithm is modified to make the configuration take effect. For details about how to change passwords, see OceanStor BCManager 8.5.1 eReplication Account List (Storage Disaster Recovery).

Requirements on User IDs

The OS accounts created during eReplication Server installation occupy UIDs 20000, 20001, 20002, and 20003 and group ID 20000 by default. If these IDs are occupied, eReplication Server will fail to be installed.

You can run the following two commands to check whether the current system environment meets the requirements. If both the two commands have no output, the environment meets the requirements.

cat /etc/passwd | awk -F: '{print $1, $3}' | grep -wE "20000|20001|20002" | sed 's/ //g' | grep -vE "ICUser20000|Tomcat20001|GaussDB20002"

cat /etc/group | awk -F: '{print $1, $3}' | grep -w 20000 | grep -v LEGO