Difference between revisions of "IRIDIA cluster server daemons"
Christensen (talk | contribs) (→NIS) |
(→NIS) |
||
Line 51: | Line 51: | ||
== NIS == |
== NIS == |
||
− | The Network Information System (NIS, formerly Yellow Pages) should be installed. First install packages for shadow passwords: |
+ | The Network Information System (NIS, formerly Yellow Pages) should be installed so that the . First install packages for shadow passwords: |
<pre> |
<pre> |
||
− | + | apt-get install passwd nis |
|
</pre> |
</pre> |
||
− | The NIS configuration |
+ | The NIS configuration files are found in: |
− | |||
<pre> |
<pre> |
||
/etc/defaults/nis |
/etc/defaults/nis |
||
+ | /etc/yp.conf |
||
+ | /etc/ypserv.conf |
||
+ | /etc/ypserv.securenets |
||
+ | </pre> |
||
+ | |||
+ | <tt>majorana</tt> is the NIS master server and <tt>polyphemus</tt> is a slave server. The purpose of a slave server is to answer NIS requests when the master server is down. Information about how to configure the servers and the clients can be found in: |
||
+ | <pre> |
||
+ | /usr/share/doc/nis/nis.debian.howto.gz |
||
+ | </pre> |
||
+ | |||
+ | === Configuration of the master server (<tt>majorana</tt>) === |
||
+ | In /etc/default/nis: |
||
+ | <pre> |
||
+ | NISSERVER=master |
||
+ | NISCLIENT=true |
||
+ | </pre> |
||
+ | Restrict access only to the local network, changing the last line of ypserv.securenets into: |
||
+ | <pre> |
||
+ | 255.255.255.0 192.168.100.0 |
||
+ | </pre> |
||
+ | |||
+ | === Configuration of the Slave server (<tt>polyphemus</tt>) === |
||
+ | Same procedure as for the master server, exept for <tt>/etc/default/nis</tt>: |
||
+ | <pre> |
||
+ | NISSERVER=slave |
||
+ | NISCLIENT=true |
||
+ | NISMASTER=192.168.100.101 # aka r01, aka majorana |
||
+ | </pre> |
||
+ | |||
+ | === Configuration fo the clients === |
||
+ | In <tt>/etc/default/nis</tt>: |
||
+ | <pre> |
||
+ | NISSERVER=false |
||
+ | NISCLIENT=true |
||
+ | </pre> |
||
+ | |||
+ | Add the following lines to <tt>/etc/yp.conf</tt>: |
||
+ | <pre> |
||
+ | domain polyphemus server 192.168.100.101 |
||
+ | domain polyphemus server 192.168.100.1 |
||
</pre> |
</pre> |
||
− | majorana is the NIS master and polyphemus is a slave. |
||
− | Remember to add the last line of the passwd, group, and shadow file ":::::::: |
+ | Remember to add the last line of the passwd, group, and shadow file: "+::0:0:::" in passwd, "+::::::::"in shadow, etc. See the documentation that comes with NIS package for more details. |
− | + | TODO: We need a copy of the configuration file here. |
|
+ | TODO: Do we? The info above are enough to recreate the files from scratch. Moreover, we will have regular backups of the configuration files. |
||
== Trivial FTP == |
== Trivial FTP == |
Revision as of 16:48, 17 February 2005
This page contains information on installing and setting up: DHCP, AIDE, diskless, ...
It is assumed that the servers are running a minimal installation as described in the previous section IRIDIA cluster installing an OS on the servers.
Firewall
Firestarter is a program to easily configure the firewall. Install Firestarter on both servers:
apt-get install firestarter
Apt-get installs nearly an additional 100 packages.
Setup the firewall to accept any connections from the cluster network(192.168.100.0/24) on majorana.
DCHP
A DHCP daemon should be installed on majorana so that IPs are given to the cluster nodes depending on their MAC address. When installing DCHP notice that the package dhcp3 could give some trouble with the /dev/rtc (real-time clock). However, the package named just dhcp seems to work.
We are not going to go through configuring DHCP here, but you can download a working version of the dhcpd.conf file and add any additional nodes.
Notice that the IPs on the cluster LAN should be assigned according to the following rules:
192.168.100.1: polyphemus (p01) 192.168.100.2 - 99: p02-p99 (diskless nodes) 192.168.100.100: majorana (r01) 192.168.100.101 - 254 r02-r155
Finding the MAC address of a node
The MAC address is a sequence of 12 hexadecimal digits, normally coupled and each couple separeted by a ``: or a space. If you do not have it, you can get it in this way:
On the server, type the following:
tail -f /var/log/daemon.log
Switch on the client and let it boot from the network (it will fail)
Look at the server's screen: it will appear a line like
DHCPDISCOVER from 00:13:16:69:71:fa via eth1
the numbers between from and via are the MAC address.
AIDE
AIDE is an intrusion detection system. It should be installed on both the servers. It is quite simple to install:
apt-get install aide update-aide.conf aideinit -y
AIDE checks for changes in the filesystem every day, and compiles a report and mails it to root. The mail is truncated to 1000 lines, but usually the complete report can be found in /var/log/aide.
NIS
The Network Information System (NIS, formerly Yellow Pages) should be installed so that the . First install packages for shadow passwords:
apt-get install passwd nis
The NIS configuration files are found in:
/etc/defaults/nis /etc/yp.conf /etc/ypserv.conf /etc/ypserv.securenets
majorana is the NIS master server and polyphemus is a slave server. The purpose of a slave server is to answer NIS requests when the master server is down. Information about how to configure the servers and the clients can be found in:
/usr/share/doc/nis/nis.debian.howto.gz
Configuration of the master server (majorana)
In /etc/default/nis:
NISSERVER=master NISCLIENT=true
Restrict access only to the local network, changing the last line of ypserv.securenets into:
255.255.255.0 192.168.100.0
Configuration of the Slave server (polyphemus)
Same procedure as for the master server, exept for /etc/default/nis:
NISSERVER=slave NISCLIENT=true NISMASTER=192.168.100.101 # aka r01, aka majorana
Configuration fo the clients
In /etc/default/nis:
NISSERVER=false NISCLIENT=true
Add the following lines to /etc/yp.conf:
domain polyphemus server 192.168.100.101 domain polyphemus server 192.168.100.1
Remember to add the last line of the passwd, group, and shadow file: "+::0:0:::" in passwd, "+::::::::"in shadow, etc. See the documentation that comes with NIS package for more details.
TODO: We need a copy of the configuration file here. TODO: Do we? The info above are enough to recreate the files from scratch. Moreover, we will have regular backups of the configuration files.
Trivial FTP
Trivial FTP (TFTP) allows nodes to boot via network, get configuration files and a kernel during startup.
Install TFTP on majorana:
apt-get install tftp-hpa
TFTP's Configuration is in
/etc/defaults/tftpd-hpa
The bootloader pxelinux.0 is in a package called syslinux. And the file is placed in /usr/lib/syslinux/. It has to moved to the tftp directory (/var/lib/tftpboot) together with the kernel. A sub-directory pxelinux.cfg has to be created. It will contain the configuration files. A hex version of the IP for the nodes has to be created. See the man page of tftp for further information.
Once you have compiled a kernel for the diskless node and installed the diskless image on majorana or installed FAI you should make configuration files like for instance:
cat pxelinux.cfg/C0A86402: DEFAULT vmlinuz-2.6.8-dc root=/dev/nfs
(See kernel-source/documentation/nfsroot.txt)