Self-defining Execution Steps in a Protected Group

The execution steps of the protected group is frozen and unfrozen database to synchronized data in eReplication, to execute protected group normally, you can customize the execution prepared steps before frozen or unfrozen. For example, checking the database status.

Prerequisites

Context

When the protected group is LUN, you can modify the execution step in a protected group.

Procedure

  1. On the menu bar, choose Protection.
  2. In the function pane, select the recovery plan to be modified and click Procedure.
  3. Click Edit.

    The Edit dialog box is displayed.

  4. Select the modified step.
  5. Select script name.

    A self-defined script is not provided by eReplication, so the script provider must ensure the script correctness. Before configuring the script, ensure that the script has been verified by tests.

    1. If the host type is Agent, perform the following operations:
      1. Log in to the service host where the protected object resides and obtain the script template for self-defining the execution script.

        The name of a self-defined execution script must contain 4 to 32 characters, including letters, digits, underscores (_) and hyphens (-), but cannot start with a hyphen (-). The script name extension must be .bat (for Windows) or .sh (for Linux/UNIX).

        • In Windows, the script path is %OceanStor BCManager Agent install path%\bin\thirdparty\sample and the script sample name is sample.bat.
        • In Linux/UNIX, the script path is /home/rdadmin/Agent/sbin/thirdparty/sample and the script sample name is sample.sh.
      2. Place the self-defined execution script in a specified path.
        • In Windows: the path is %OceanStor BCManager Agent install path%\bin\thirdparty\
        • In Linux/UNIX: the path is /home/rdadmin/Agent/sbin/thirdparty/
      3. Set the owner and execute permission of the self-defined execution script.

        In Linux/UNIX, run the chown root xxx.sh command to set the script owner to root. Run the chmod 500 xxx.sh command to set the script execution permission to 500,

        where xxx is the name of the self-defined script.

        If you do not set the owner and execute permission of the self-defined script, the script may be modified by hackers, posing security risks.

    2. If the host type is Agentless, perform the following operations:
      1. Log in to the Linux service host where the protected object resides, obtain the script template, and customize the execution script based on the template.

        The name of a customized script contains 4 to 32 characters, including only letters, digits, underscores (_), and hyphens (-), and must start with a letter, digit, or underscore (_). The script name extension is .sh.

        The script template is stored in /xxxx/Agentless/custom/sample, and the script template name is sample.sh. xxxx indicates the user-defined Agentless installation directory.

      2. Place the customized execution script in the specified path to ensure that the script can be queried in the BCManager system.

        The script is stored in /xxxx/Agentless/custom, where xxxx indicates the user-defined Agentless installation directory.

      3. Set the owner and execute permission of the user-defined execution script.

        Run the chown xxx:BCManager xxxx.sh command to set the script owner to xxx:BCManager. Run the chmod 500 xxxx.sh command to set the script execution permission to 500.

        xxx indicates the user-defined Agentless installation user, and xxxx indicates the user-defined script name.

        If you do not set the owner and execute permission of the customized script, the uploaded script cannot be executed.

      4. Run the following command to configure sudoer of the script of invoking the permissions of other users in the customized script.

        echo "xxx1 ALL=(xxx2) NOPASSWD:xxx3" >> /etc/sudoers.d/CUSTOM

        xxx1 indicates the user-defined Agentless installation user, xxx2 indicates another user, and xxx3 indicates the absolute path of the script or command invoked by the customized script.

  6. Select host(Group) and input script name.
  7. In the right group box, select or deselect Enable the step to enable or disable a step and click Apply.
  8. Click Close.

Exception Handling

After protected group execution steps are modified, the modification takes effect when the protected group is executed the next time. You are advised to implement execute protected group immediately after the protected group execution steps are modified to ensure correct configurations.

Parent topic: DR Protection
Copyright © Huawei Technologies Co., Ltd.