1 / 14

LCFG Installation

LCFG Installation. Steve Traylen. LCFG – A tool for installation and configuration. UK HEP SYSMAN, RAL. 22 nd April 2002. About LCFG. Started at Edinburgh 9 years ago by Alastair Scobie and Paul Anderson. Installs an RPM based Linux system and configures it.

turk
Download Presentation

LCFG Installation

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. LCFG Installation • Steve Traylen. • LCFG – A tool for installation and configuration. • UK HEP SYSMAN, RAL. • 22nd April 2002. Steve Traylen, RAL, s.m.traylen@rl.ac.uk

  2. About LCFG • Started at Edinburgh 9 years ago by Alastair Scobie and Paul Anderson. • Installs an RPM based Linux system and configures it. • Each machine defined by exactly one profile. • Management also possible; the main difference to Kickstart type methods. Steve Traylen, RAL, s.m.traylen@rl.ac.uk

  3. LCFG Server Components. Steve Traylen, RAL, s.m.traylen@rl.ac.uk

  4. <inet> <allow cfg:template="allow_$ tag_$ daemon_$"> <allow_RECORD cfg:name="telnet"> <allow>192.168., 192.135.30.</allow> </allow_RECORD> ..... </auth> <user_RECORD cfg:name="mickey"> <userhome>/home/MickeyMouseHome</userhome> <usershell>/bin/tcsh</usershell> </user_RECORD> XML profiles Config files +inet.services telnet login ftp +inet.allow telnet login ftp sshd +inet.allow_telnet ALLOWED_NETWORKS +inet.allow_login ALLOWED_NETWORKS +inet.allow_ftp ALLOWED_NETWORKS +inet.allow_sshd ALL +inet.daemon_sshd yes ..... +auth.users myckey +auth.userhome_mickey /home/mickey +auth.usershell_mickey /bin/tcsh LCFG Config Files Read Profile Load Profile HTTP rdxprof ldxprof /etc/shadow Profile Generic /etc/group Object Make XML Profile Component /etc/passwd .... mickey:x:999:20::/home/Mickey:/bin/tcsh .... Web Server Local cache /etc/services XML Profile LCFG Objects /etc/inetd.conf Profile /etc/hosts.allow in.telnetd : 192.168., 192.135.30. in.rlogind : 192.168., 192.135.30. in.ftpd : 192.168., 192.135.30. sshd : ALL Object Client nodes Server inet auth How LCFG Works in One Slide. Abstract configuration parameters for all nodes stored in a central repository A collection of agents read configuration parameters and either generate traditional config files or directly manipulate various services Enrico Ferro, INFN-LNL

  5. Documentation • Server installation guide from WP4 http://datagrid.in2p3.fr/distribution/datagrid/wp4/documentation • Testbed installation guide using LCFG from WP6http://www.lnl.infn.it/datagrid/wp4-install • LCFG Extras, experiances from RAL.http://www.gridpp.ac.uk/tb-support/lcfg-extras/ Steve Traylen, RAL, s.m.traylen@rl.ac.uk

  6. Software Installation • Install a plain Redhat 6.2. • Directory /opt/local requires 4-6 gigabytes. • Apply Redhat’s updates except for RPM v4. • Install edg-updaterep-1.0.1.rpm. • Review `man updaterep` and /etc/updaterep.conf . • Running /usr/sbin/updaterep grabs everything. • Install RPMs in documentation. Steve Traylen, RAL, s.m.traylen@rl.ac.uk

  7. Prepare NFS • Directory /opt/local/linux contains all the RPMS and rpm lists. • Add /opt/local/linux *(ro) to /etc/exports. • LCFG clients use an NFS mounted root file system at install time located at /opt/local/linux/installroot/6.2 • RPM list for root file system is /opt/local/linux/6.2/rpmcfg/installroot • Run make installroot to build the root fs /opt/local/linux/installroot. Steve Traylen, RAL, s.m.traylen@rl.ac.uk

  8. Fetch Machine Profiles and RPM Lists • Maintained in CVS as module edg-release. • CVS tag of edg-release is the overall version of datagrid software, e.g. 1.0, 1.1, 1.1.2 - 1.2 • Set up CVS as described and check out the current release:cvs checkout –r v1_1_4 edg-release. • Profiles: cp edg-release/source/*/var/obj/conf/profile/source/. • RPM lists: cp edg-release/rpmcfg/*/opt/local/linux/6.2/rpmcfg/. Steve Traylen, RAL, s.m.traylen@rl.ac.uk

  9. Customise Machine Profile • Located in /var/obj/conf/profile/source. • Edit site-cfg.h => globus.conf , info-mds.conf, gdmp.conf andothers. • Files testbed001-testbed004 are sample UI, CE, SE and WN. Rename one, e.g. gppui. • Edit gppui; hostname and hardware.+update.modlist eepro100+update.mod_eepro100 alias eth0 eepro100+update.rootpwd hj%4aJkf\k45 Steve Traylen, RAL, s.m.traylen@rl.ac.uk

  10. Compile Machine Profile • Compile gppui profile with /usr/sbin/mkxprof –v –A gppui. • Common errors include: • File not found. • Undefined attributes. • Duplicate values. Steve Traylen, RAL, s.m.traylen@rl.ac.uk

  11. Verify RPM Lists • Located in /opt/local/linux/6.2/rpmcfg. • One per node type, CE-rpm , UI-rpm, NM-rpm, RB-rpm, SE-rpm and WN-rpm. • Use make create TARGET=CE-rpm. • Common errors: • File not found. • Missing RPMS caused by update in the lists or updates in available RPMS. Steve Traylen, RAL, s.m.traylen@rl.ac.uk

  12. Install Clients • Boot floppy disk provided. • Boot procedure: • Kernel boots. • Broadcast for network values. • Mount NFS root file system, init=/etc/dcsrc, download machine profile. • Partition and format hard disk. • Mount hard disk, install RPMS. • Install MBR with LILO. • Reboot, configure according to profile, reboot. Steve Traylen, RAL, s.m.traylen@rl.ac.uk

  13. LCFG, What Is Good? • Configuration is modular so similar machines are easy. • Configuration can be modified. • Converting a CE to an SE, less than a minute. • Installing and backing out is possible. • Snap shot of configuration is available including all the tiny incremental changes. Steve Traylen, RAL, s.m.traylen@rl.ac.uk

  14. LCFG, What is Bad? • Adds a whole new layer of configuration. • Sysadmins have to learn to configure /etc/resolv.conf again. • A software developer knows how to configure /etc/edg/info-mds.conf but not /var/obj/conf/profile/source/ComputingElement.h. • Security problems: host authentication is weak, no shadow passwords. Steve Traylen, RAL, s.m.traylen@rl.ac.uk

More Related