Software¶
Initial Software Adjustments¶
installed some basic stuff:
apt-get install etckeeper git-core sysstat iftop htop sysv-rc-conf \ sysv-rc-conf sun-java6-plugin
sun-java6-plugin was installed to enable remote console within iceweasel through IPMI
On main node (head1):
logwatch dlocate dpkg-dev
backported/uploaded/installed cfengine3 . Basic configuration is in place. To cause updates of configurations across nodes use:
cf-runagent -o '-b update'
Configuration would also be tried to be updated automagically if current one available at a node is faulty.
installed nut (lenny’s version)
- Configuration
- copied/adjusted templates into /etc/nut
- adduser nut dialout # to access serial
- TODO
- configure/enable upsmon:
- copy/rename upsmon.conf.sample upssched-cmd upssched.conf.sample from /usr/share/doc/nut/examples/
domain name change: although Microway advised not to do so, on head1 I have done:
cd /etc sed -i -e 's/cl\.dartmouth.edu/hydra.dartmouth.edu/g' \ dhcp3/dhcpd.conf lynx-cur/local.cfg hosts defaultdomain printcap resolv.conf*reconfigured exim4 so it could serve us mail
update-alternatives --config editor to point to vim
disable torque/maui tandem:
sysv-rc-conf pbs off
They didn’t bother to package torque/maui so it is installed under usr/local, so might be tricky to get completely away from this planet.
custom banner /etc/issue.net
Packages removed from all the nodes
avahi-daemon gnome libnss-mdns
Packages removed from computing nodes
Backup¶
We are using BackupPC to backup head1 and possible some other things. head2 is the backup RAID and that is where backuppc was setup to run. It access head1 node via rsh and calls /usr/local/sbin/tarCreate wrapper.
TODO¶
- remove mdadm from the nodes – no need
Software not coming from Debian proper¶
There is quite a bit, but some of it we would not care.
We don’t care about
- torque/maui
- ...
But we should care about
Available under /usr/local/bin:
- anytermd
Should allow serial console from WEB GUI (may be we shouldn’t care whenever we setup proper SOL way)
Available under /usr/local/sbin
- ipmimon
Collects and makes available health status from the nodes.
TODO: it seems to query more nodes/heads than we have
Available under /usr/sbin
- 3dm2
Interface to 3ware card. Installed not via package, but binary packages available from http://debian-unofficial.org (TODO)
IPMI¶
Setting up a new user¶
Using ipmitool can carry out control over IPMI module on MB:
>sudo ipmitool -I open shell
ipmitool> user set name 3 yoh
ipmitool> user set password 3 XXX
ipmitool> user enable 3
ipmitool> user priv 3 4
Load IPMI modules whenever:
modprobe ipmi_devintf
modprobe ipmi_si
TODO (so far was just done partially in web interface for head1)
- Use NTP for time synchronization (might need zone specification)
- Enforce https
- Enable ssh access (though not yet sure what to do with it)
- Enable SMTP logging
- Figure out MAC addresses? ;)
- Configure mouse so they stay in sync
EDAC¶
For now just manually added loading of e752x_edac module to /etc/modules.
Bootstrapping of new system¶
cd /etc/apt; rcp head1:$PWD/{sources.list,trust*.gpg} .; apt-get update; apt-get install cfengine3
cd /var/lib/cfengine3/ppkeys/; rcp localhost.pub head1:/var/lib/cfengine3/ppkeys/root-`ifconfig bond0 | sed -n '/inet addr/s/.*addr:\(.*\) Bc.*/\1/p'`.pub; rcp head1:/var/lib/cfengine3/ppkeys/localhost.pub /var/lib/cfengine3/ppkeys/root-10.0.0.1.pub
cd /var/lib/cfengine3; mv inputs masterfiles; mkdir inputs; cd inputs; rcp head1:/etc/cfengine3/{update.cf,failsafe.cf} .