I#m currently working on a shutdown scenario for our servers. My Nagios (centos) Server is the one connected to the UPS (APC) running apcupsd. It shuts down the servers in the propper way:
1. all VMs inside the Citrix XenServer
2. the XenServer itself (both done over a bash script running localy on the XenServer, using xe commands for the VMs).
3. then the open-e storege, which holds the images of the VMs is shut down
(points 1-3 are the reason, why apcupsd in server/client mode won't work, because, that won't handle waiting for the correct order of the shutdown).
And here comes my problem:
ASG V8 seams not to be configurable for being shutdown remotely.
Trys:
1) generating a group shutdown and configure sudo to let all menbers os shutdown group do /sbin/halt or /sbin/shutdown without password.
This simply ignores the NOPASSWD part in /etc/sudoers
2) permit root login and ssh-keys in /etc/ssh/sshd_config.
This won't work, because ASg overwirtes sshd_conifg each (re)boot
AND ASG deletes any authorized_keys in /root/.ssh
Any other ways to attempt the goal (running apcupsd in a highre version of ASG is not, because it most likely won't let me do custom-scripts for apcupsd). AND I HAVE TO run ASG at least as long as the XenServer and the open-e Storage have to communicate with each other
1. all VMs inside the Citrix XenServer
2. the XenServer itself (both done over a bash script running localy on the XenServer, using xe commands for the VMs).
3. then the open-e storege, which holds the images of the VMs is shut down
(points 1-3 are the reason, why apcupsd in server/client mode won't work, because, that won't handle waiting for the correct order of the shutdown).
And here comes my problem:
ASG V8 seams not to be configurable for being shutdown remotely.
Trys:
1) generating a group shutdown and configure sudo to let all menbers os shutdown group do /sbin/halt or /sbin/shutdown without password.
This simply ignores the NOPASSWD part in /etc/sudoers
2) permit root login and ssh-keys in /etc/ssh/sshd_config.
This won't work, because ASg overwirtes sshd_conifg each (re)boot
AND ASG deletes any authorized_keys in /root/.ssh
Any other ways to attempt the goal (running apcupsd in a highre version of ASG is not, because it most likely won't let me do custom-scripts for apcupsd). AND I HAVE TO run ASG at least as long as the XenServer and the open-e Storage have to communicate with each other