110 likes | 287 Views
LCFG Installation. Steve Traylen. LCFG – A tool for installation and configuration. GRIDPP – ETF Meeting. 28 th May 2002. About LCFG. Started at Edinburgh 9 years ago by Alastair Scobie and Paul Anderson. Installs an RPM based Linux system and configures it.
E N D
LCFG Installation • Steve Traylen. • LCFG – A tool for installation and configuration. • GRIDPP – ETF Meeting. • 28th May 2002. Steve Traylen, RAL, s.m.traylen@rl.ac.uk
About LCFG • Started at Edinburgh 9 years ago by Alastair Scobie and Paul Anderson. • Installs an RPM based Linux system and configures it. • Each machine defined by exactly one profile. • Management also possible; the main difference to Kickstart type methods. Steve Traylen, RAL, s.m.traylen@rl.ac.uk
<inet> <allow cfg:template="allow_$ tag_$ daemon_$"> <allow_RECORD cfg:name="telnet"> <allow>192.168., 192.135.30.</allow> </allow_RECORD> ..... </auth> <user_RECORD cfg:name="mickey"> <userhome>/home/MickeyMouseHome</userhome> <usershell>/bin/tcsh</usershell> </user_RECORD> XML profiles Config files +inet.services telnet login ftp +inet.allow telnet login ftp sshd +inet.allow_telnet ALLOWED_NETWORKS +inet.allow_login ALLOWED_NETWORKS +inet.allow_ftp ALLOWED_NETWORKS +inet.allow_sshd ALL +inet.daemon_sshd yes ..... +auth.users myckey +auth.userhome_mickey /home/mickey +auth.usershell_mickey /bin/tcsh LCFG Config Files Read Profile Load Profile HTTP rdxprof ldxprof /etc/shadow Profile Generic /etc/group Object Make XML Profile Component /etc/passwd .... mickey:x:999:20::/home/Mickey:/bin/tcsh .... Web Server Local cache /etc/services XML Profile LCFG Objects /etc/inetd.conf Profile /etc/hosts.allow in.telnetd : 192.168., 192.135.30. in.rlogind : 192.168., 192.135.30. in.ftpd : 192.168., 192.135.30. sshd : ALL Object Client nodes Server inet auth How LCFG Works in One Slide. Abstract configuration parameters for all nodes stored in a central repository A collection of agents read configuration parameters and either generate traditional config files or directly manipulate various services Enrico Ferro, INFN-LNL
LCFG Server Components. Steve Traylen, RAL, s.m.traylen@rl.ac.uk
Software Installation • Install a plain Redhat 6.2. • Central Software Repository. • Scripts for checking for and installing updates. • Scripts for configuring software from profiles. Steve Traylen, RAL, s.m.traylen@rl.ac.uk
Machine Profiles • EDG profiles are in CVS as is all EDG software. • Profiles allow for localisation via site-cfg.h • Profiles can modified for hardware differences. • Modular construction allows an experiment to maintain its components. Steve Traylen, RAL, s.m.traylen@rl.ac.uk
Client Installs • Everything is configured before installation which can be validated. • Just requires a boot floppy or there is a new PXE boot configuration. Steve Traylen, RAL, s.m.traylen@rl.ac.uk
LCFG, What is Bad? • Adds a whole new layer of configuration. • Sysadmins have to learn to configure /etc/resolv.conf again. • A software developer knows how to configure /etc/edg/info-mds.conf but not /var/obj/conf/profile/source/ComputingElement.h. • Security problems: host authentication is weak, no shadow passwords. Steve Traylen, RAL, s.m.traylen@rl.ac.uk
LCFG, What Is Good? • Configuration is modular so similar machines are easy. • Configuration can be modified. • Converting a CE to an SE, less than a minute. • Installing and backing out is possible. • Snap shot of configuration is available including all the tiny incremental changes. Steve Traylen, RAL, s.m.traylen@rl.ac.uk
LCFG, What is Good • Machine profiles create well defined enviroments for end users. • Whole installations can be developed rather than individual bits of software. Steve Traylen, RAL, s.m.traylen@rl.ac.uk