Version 16 (modified by 13 years ago) ( diff ) | ,
---|
How to build a SandBox console
New Instructions as of 8/22/2011
Base system
- Boot Ubuntu 10.10 Server installation medium (you may need a usb-cdrom).
- preform a standard installation using the installation defaults, with noted devations:
- Partition - Choose "Guided use entire disk" (No LVM)
- User Name / Password - Use the well known orbit default
- Roles - Add the ssh server role
- Check that the network interfaces get the correct address from the correct networks:
- eth0 - DMZ
- eth1 - Control
NFS Mounting
We no longer do AutoFS/auto.home since there is a long standing lag bug with the daemon that is not fixable. We've now move to direct mounting of the /home mount point.
- Install the nfs common libraries
apt-get install nfs-common
- add the follow line to /etc/fstab
home:/export/home /home nfs _netdev,auto 0 0
LDAP Authentication
Since Autofs is not use this process is some what simpler.
- Install ldap libraries. This process will ask you a bunch of ldap related questions that will be used to prime the ldap.confs (there are 2). It's not critical to get them correct as we're just going to replace those conf's any way. (Accepting the defaults is ok).
apt-get install libpam-ldap libnss-ldap
- The /etc/ldap.conf is one of two files that configures the ldap client. The non-comment lines in this file are as follows:
base dc=orbit-lab,dc=org uri ldap://ldap.orbit-lab.org/ ldap_version 3 binddn rootbinddn cn=admin,dc=orbit-lab,dc=org pam_password md5 nss_initgroups_ignoreusers backup,bin,daemon,games,gnats,irc,libuuid,libvirt-qemu,list,lp,mail,man,messagebus,news,ntp,postfix,proxy,root,sshd,statd,sync,sys,syslog,usbmux,uucp,www-data
You could edit this file and change all the values to reflect this (leaveing the rest as comments) or simply replace the one you have with this one.ldap.conf - The /etc/ldap/ldap.conf is the second file that guides the client. It have very few actual lines:
BASE dc=orbit-lab,dc=org URI ldap://ldap.orbit-lab.org
Again you can edit it directly or copy this version. - The /etc/nsswitch.conf file should have the follow non comment lines:
passwd: files ldap compat group: files ldap compat shadow: files compat hosts: files dns networks: files protocols: db files services: db files ethers: db files rpc: db files netgroup: nis
Again you can edit it directly or copy this version. - Finally add the follow line to the /etc/sudoers file (note this is done with the visudo command).
%admin ALL=(ALL) ALL %sysadmin ALL=NOPASSWD: ALL
This has to be done manually.
OMF
Old instructions as of 5/xx/2011
Steps on setting up this ubuntu Server are as follows
- Attach a usb cd drive and start the cd install.
- Choose Entire disk with help from installer to do the partitioning of the FS
Choose dhcp for eth0 during setup. - Setup the Network Interfaces
eth0 - Goes into the DMZ network, so please modify the /etc/network/interfaces file to for eth0
the ability to attain an ip address using dhcp.
Please update the dhcpd.conf file with eth0 mac address for console.sbX
eth1 - Is the ConsoleC address for sandbox.
Please update /etc/network/interfaces to
iface eth1 inet static
address 10.1x.0.10 - (x) is the sandbox number
netmask 255.255.0.0
- Please Install libpam-ldap,libnss-ldap,autofs and autofs-ldap packages using apt.
- Please modify /etc/ldap/ldap.conf to the following
BASE dc=orbit-lab,dc=org
URI ldap://ldap.orbit-lab.org
- You can copy /etc/ldap.conf from another sandbox or set the following attributes yourself
host ldap.orbit-lab.org
base dc=orbit-lab,dc=org
ldap_version 3
rootbinddn cn=admin,dc=orbit-lab,dc=org
timelimit 30
bind_timelimit 30
idle_timelimit 360
pam_check_host_attr yes
pam_password crypt
Copy the /etc/ldap.secret file from another sandbox or ask the administrator for the password.
Modify /etc/nsswitch.conf for the users and autofs to use LDAP
- For autofs we need to modify /etc/default/autofs file so that the autofs daemon knows what the master
map is.
LDAPURI="ldap://ldap1.orbit-lab.org/" LDAPBASE="ou=auto.master,dc=orbit-lab,dc=org"
- Copy the /etc/nsswitch.conf file to this new machine from another sandbox or modify the file for your
self to include ldap for login and automount to be done by ldap.
Please ensure that you start autofs
Modify the sudoers file to include sysadmin group with privileges to become root without password or
just
copy the sudoers file from an existing sandbox.
- Install the mail packages , so that the mail can be sent from the sandbox.
apt-get install postfix mailutils
When you begin installing the postfix package configuration it will ask you configuration details, please select to install the package as a Satellite system. After that copy the main.cf file from another sandbox. - Install logwatch, ntp and cfengine2 packages.
- Configure cfengine2 , which should copy the config files for logwatch and ntp.
- OMF Install -To manage your nodes
To install omf packages modify your apt source tree to include mytestbed url and then run update on the apt for it to pull down the package information. The above steps can be done by these steps
echo "deb http://pkg.mytestbed.net/ubuntu karmic/" >> /etc/apt/sources.list apt-get update
For the console we need to add the following packages
omf-resctl liboml omf-expectl omf-common omf-aggrmgr . Please try and install the latest release
apt-get install liboml omf-expctl-5.2 omf-common-5.2 omf-aggmgr-5.2
- OMF Configuration Copy a working config file for /etc/omf-expctl-5.2/nodehandler.yaml from another sandbox and modify its ip addresses for the Sandbox. The XMPP server is repository2.
- In the inventory52 database , nodes table please make sure that the control ip is set to the ip of the eth1 interface (non dmz) interface.
Once you start the expirement you can go to the following ip and see the serial console 10.1.10x.17 x is the sandbox(x) number , the last 4 hex numbers are used to denote the ip address of each node of sandbox. node2 for sandbox would be 10.1.10x.18
- We still have omf5 as the default so please do the following
Just to add to our notes, we need to make sure machine have fully qualified host name (some services depend on it). So
(in /etc/hostname) console.sb2.orbit-lab.org
(in /etc/hosts) 127.0.0.1 console.sb2.orbit-lab.org console
As for the old omf we need to:
rm /usr/bin/omf #(it is actually a soft link to /etc/alternatives/omf)
scp -r sb1.orbit-lab.org:/opt/nodehandler4-4.4.0 /opt/nodehandler4-4.4.0
scp -r sb1.orbit-lab.org:/etc/nodehandler4 /etc/nodehandler4
scp sb1.orbit-lab.org:/usr/bin/omf /usr/bin/omf
which will set the 4.4 as a default omf.
Attachments (3)
-
ldap.conf
(9.0 KB
) - added by 13 years ago.
/etc/ldap.conf
-
ldap.2.conf
(214 bytes
) - added by 13 years ago.
/etc/ldap/ldap.conf
-
nsswitch.conf
(527 bytes
) - added by 13 years ago.
/etc/nsswitch.conf
Download all attachments as: .zip