IRIDIA cluster server daemons

From IridiaWiki
(Difference between revisions)
Jump to: navigation, search
(NIS)
(NIS)
Line 51: Line 51:
   
 
== NIS ==
 
== NIS ==
The Network Information System (NIS, formerly Yellow Pages) should be installed. First install packages for shadow passwords:
+
The Network Information System (NIS, formerly Yellow Pages) should be installed so that the . First install packages for shadow passwords:
 
<pre>
 
<pre>
TODO: apt-get install WHAT
+
apt-get install passwd nis
 
</pre>
 
</pre>
   
The NIS configuration file is found in:
+
The NIS configuration files are found in:
 
 
<pre>
 
<pre>
 
/etc/defaults/nis
 
/etc/defaults/nis
  +
/etc/yp.conf
  +
/etc/ypserv.conf
  +
/etc/ypserv.securenets
  +
</pre>
  +
  +
<tt>majorana</tt> is the NIS master server and <tt>polyphemus</tt> is a slave server. The purpose of a slave server is to answer NIS requests when the master server is down. Information about how to configure the servers and the clients can be found in:
  +
<pre>
  +
/usr/share/doc/nis/nis.debian.howto.gz
  +
</pre>
  +
  +
=== Configuration of the master server (<tt>majorana</tt>) ===
  +
In /etc/default/nis:
  +
<pre>
  +
NISSERVER=master
  +
NISCLIENT=true
  +
</pre>
  +
Restrict access only to the local network, changing the last line of ypserv.securenets into:
  +
<pre>
  +
255.255.255.0 192.168.100.0
  +
</pre>
  +
  +
=== Configuration of the Slave server (<tt>polyphemus</tt>) ===
  +
Same procedure as for the master server, exept for <tt>/etc/default/nis</tt>:
  +
<pre>
  +
NISSERVER=slave
  +
NISCLIENT=true
  +
NISMASTER=192.168.100.101 # aka r01, aka majorana
  +
</pre>
  +
  +
=== Configuration fo the clients ===
  +
In <tt>/etc/default/nis</tt>:
  +
<pre>
  +
NISSERVER=false
  +
NISCLIENT=true
  +
</pre>
  +
  +
Add the following lines to <tt>/etc/yp.conf</tt>:
  +
<pre>
  +
domain polyphemus server 192.168.100.101
  +
domain polyphemus server 192.168.100.1
 
</pre>
 
</pre>
majorana is the NIS master and polyphemus is a slave.
 
   
Remember to add the last line of the passwd, group, and shadow file "::::::::+". (See the documentation for NIS)
+
Remember to add the last line of the passwd, group, and shadow file: "+::0:0:::" in passwd, "+::::::::"in shadow, etc. See the documentation that comes with NIS package for more details.
   
Since NIS might give you trouble, you should stick to the old configuration file, which you have backed up ofcourse. TODO: We need a copy of the configuration file here.
+
TODO: We need a copy of the configuration file here.
  +
TODO: Do we? The info above are enough to recreate the files from scratch. Moreover, we will have regular backups of the configuration files.
   
 
== Trivial FTP ==
 
== Trivial FTP ==

Revision as of 16:48, 17 February 2005

This page contains information on installing and setting up: DHCP, AIDE, diskless, ...

It is assumed that the servers are running a minimal installation as described in the previous section IRIDIA cluster installing an OS on the servers.

Contents

Firewall

Firestarter is a program to easily configure the firewall. Install Firestarter on both servers:

apt-get install firestarter

Apt-get installs nearly an additional 100 packages.

Setup the firewall to accept any connections from the cluster network(192.168.100.0/24) on majorana.

DCHP

A DHCP daemon should be installed on majorana so that IPs are given to the cluster nodes depending on their MAC address. When installing DCHP notice that the package dhcp3 could give some trouble with the /dev/rtc (real-time clock). However, the package named just dhcp seems to work.

We are not going to go through configuring DHCP here, but you can download a working version of the dhcpd.conf file and add any additional nodes.

Notice that the IPs on the cluster LAN should be assigned according to the following rules:

192.168.100.1:           polyphemus (p01)
192.168.100.2 - 99:      p02-p99 (diskless nodes)
192.168.100.100:         majorana (r01)
192.168.100.101 - 254    r02-r155

Finding the MAC address of a node

The MAC address is a sequence of 12 hexadecimal digits, normally coupled and each couple separeted by a ``: or a space. If you do not have it, you can get it in this way:

On the server, type the following:

tail -f /var/log/daemon.log

Switch on the client and let it boot from the network (it will fail)

Look at the server's screen: it will appear a line like

DHCPDISCOVER from 00:13:16:69:71:fa via eth1

the numbers between from and via are the MAC address.

AIDE

AIDE is an intrusion detection system. It should be installed on both the servers. It is quite simple to install:

apt-get install aide
update-aide.conf
aideinit -y

AIDE checks for changes in the filesystem every day, and compiles a report and mails it to root. The mail is truncated to 1000 lines, but usually the complete report can be found in /var/log/aide.

NIS

The Network Information System (NIS, formerly Yellow Pages) should be installed so that the . First install packages for shadow passwords:

apt-get install passwd nis

The NIS configuration files are found in:

/etc/defaults/nis
/etc/yp.conf
/etc/ypserv.conf
/etc/ypserv.securenets

majorana is the NIS master server and polyphemus is a slave server. The purpose of a slave server is to answer NIS requests when the master server is down. Information about how to configure the servers and the clients can be found in:

/usr/share/doc/nis/nis.debian.howto.gz

Configuration of the master server (majorana)

In /etc/default/nis:

NISSERVER=master
NISCLIENT=true

Restrict access only to the local network, changing the last line of ypserv.securenets into:

255.255.255.0   192.168.100.0

Configuration of the Slave server (polyphemus)

Same procedure as for the master server, exept for /etc/default/nis:

NISSERVER=slave
NISCLIENT=true
NISMASTER=192.168.100.101 # aka r01, aka majorana

Configuration fo the clients

In /etc/default/nis:

NISSERVER=false
NISCLIENT=true

Add the following lines to /etc/yp.conf:

domain polyphemus server 192.168.100.101
domain polyphemus server 192.168.100.1

Remember to add the last line of the passwd, group, and shadow file: "+::0:0:::" in passwd, "+::::::::"in shadow, etc. See the documentation that comes with NIS package for more details.

TODO: We need a copy of the configuration file here. TODO: Do we? The info above are enough to recreate the files from scratch. Moreover, we will have regular backups of the configuration files.

Trivial FTP

Trivial FTP (TFTP) allows nodes to boot via network, get configuration files and a kernel during startup.

Install TFTP on majorana:

apt-get install tftp-hpa

TFTP's Configuration is in

/etc/defaults/tftpd-hpa

The bootloader pxelinux.0 is in a package called syslinux. And the file is placed in /usr/lib/syslinux/. It has to moved to the tftp directory (/var/lib/tftpboot) together with the kernel. A sub-directory pxelinux.cfg has to be created. It will contain the configuration files. A hex version of the IP for the nodes has to be created. See the man page of tftp for further information.

Once you have compiled a kernel for the diskless node and installed the diskless image on majorana or installed FAI you should make configuration files like for instance:

cat pxelinux.cfg/C0A86402:
DEFAULT vmlinuz-2.6.8-dc root=/dev/nfs

(See kernel-source/documentation/nfsroot.txt)

Personal tools