The LifeKeeper API is used to allow communications between LifeKeeper Single Server Protection servers and the SteelEye Management Console (SMC). Currently, this API is reserved for internal use only but may be opened up to customer and third party usage in a future release.
Network Configuration
Each LifeKeeper Single Server Protection server provides the API via an SSL Connection on port 778. This port may be changed using the configuration variable API_SSL_PORT in /etc/default/LifeKeeper. This variable is set in /etc/default/LifeKeeper.local.pl on the SMC. (Note: This setting controls API client communications to LifeKeeper Single Server Protection servers, not access to the SMC itself, which is always on port 443). Both LifeKeeper Single Server Protection and the SMC must use the same value for API_SSL_PORT.
Authentication
The LifeKeeper API uses PAM for authentication. Access to the API is only granted to users that are members of the group lkadmin, lkoper or lkguest. Depending on the PAM configuration of the system, this can be accomplished by using the local system files (i.e. /etc/passwd and /etc/group) or by including the user in an LDAP or Active Directory group.
SMC Use of the API
The SMC uses the API to gather information from the LifeKeeper Single Server Protection servers. The SMC uses the credstore utility to manage user account info for LifeKeeper Single Server Protection servers. The SMC uses the LifeKeeper Single Server Protection server name as the key in the credential store, so the system name of the LifeKeeper Single Server Protection server should be passed as the -k option to the credstore utility when specifying credentials for a LifeKeeper Single Server Protection server. The SMC will also check for and use credentials stored in the default key if it does not find credentials for a specific server.
このトピックへフィードバック