r21 - 21 Sep 2008 - 01:54:43 - SergioLiettiYou are here: TWiki > 
Main Web > LogBook > EntryDescriptionNo37
Main Web > LogBook > EntryDescriptionNo37Instalacao do novo Compute Element
Sistema Operacional
[root@sprace ~]# vim /etc/hosts
192.168.1.152 osg-ce.grid osg-ce
[root@sprace ~]# vim /etc/dhcpd.conf
host osg-ce
{
hardware ethernet 00:30:48:89:22:88;
fixed-address osg-ce;
filename "/tftpboot/pxelinux.0";
}
[root@sprace ~]# vim /tftpboot/pxelinux.cfg/default
append ks=nfs:192.168.1.200:/export/linux/kickstart/ks_osgce_instalar.cfg initrd=initrd.img devfs=nomount ksdevice=eth0
[root@sprace ~]# cp /export/linux/kickstart/ks_osgse_instalar.cfg /export/linux/kickstart/ks_osgce_instalar.cfg
[root@sprace ~]# vim /export/linux/kickstart/ks_osgce_instalar.cfg
Configurar como esta no arquivo anexo:
* ks_osgce_instalar.cfg: Kickstart para instala a OSG-CE
[root@sprace ~]# /etc/init.d/dhcpd start [root@sprace ~]# /etc/init.d/xinetd restartMudando na spgrid temporariamente o DNS
[root@spgrid ~]# vim /var/named/chroot/var/named/80.136.200.in-addr.arpa.zone
2008012201 ; Serial
25 IN PTR osg-ce1.
[root@spgrid ~]# vim /var/named/chroot/var/named/sprace.org.br.zone
2008012201 ; Serial
osg-ce1 IN A 200.136.80.25
[root@spgrid ~]# /etc/init.d/named restart
Ja no terminal da maquina
[root@osg-ce ~]# mkdir /opt/scratch/ [root@osg-ce ~]# ln -s /opt/scratch/ /scratch [root@osg-ce ~]# ln -s /opt /usr/local/opt [root@osg-ce ~]# ln -s /home/ /usr/local/home [root@osg-ce ~]# rpm -Uvh ftp://ftp.scientificlinux.org/linux/scientific/4x/i386/misc/RPMS/yum-conf-latest.SL.noarch.rpm; yum -y clean all; yum -y update yum; yum -y update
Configuracao do NIS
[root@osg-ce ~]# yum install ypserv
[root@osg-ce ~]# vim /etc/nsswitch.conf
passwd: files nis
shadow: files nis
group: files nis
protocols: files nis
services: files nis
netgroup: files nis
automount: files nis
aliases: files nis
[root@osg-ce ~]# vim /etc/yp.conf
yperver 192.168.1.150
[root@osg-ce ~]# vim /etc/xinetd.d/time
disable = no
[root@osg-ce ~]# vim /etc/xinetd.d/time-udp
disable = no
[root@osg-ce ~]# chkconfig xinetd on
[root@osg-ce ~]# chkconfig ypserv on
[root@osg-ce ~]# chkconfig portmap on
[root@osg-ce ~]# chkconfig yppasswdd on
[root@osg-ce ~]# domainname grid
[root@osg-ce ~]# /usr/lib/yp/ypinit -m
[root@osg-ce ~]# service xinetd start
[root@osg-ce ~]# service portmap start
[root@osg-ce ~]# service ypserv start
[root@osg-ce ~]# service yppasswdd start
Na spgrid
[root@spgrid ~]# scp /etc/passwd /etc/shadow /etc/group /etc/gshadow root@osg-ce.sprace.org.br:/etc/.Novamente
[root@osg-ce ~]# cd /var/yp/ [root@osg-ce yp]# makeVerifique se ele esta escutando
[root@osg-ce ~]# rpcinfo -u localhost ypservEm outra maquina sem jobs do cluster, teste
[root@node84 ~]# vim /etc/yp.conf ypserver 192.168.1.152 [root@node84 ~]# /etc/init.d/ypbind restart [root@node84 ~]# rpcinfo -u localhost ypbind [root@node84 ~]# ypcat passwdCopiando o home dos usuários da spgrid
[root@spgrid ~]# scp -pr /home/* osg-ce.sprace.org.br:/home/.O home na verdade ficara na storage02, no raid0. Depois de feita a copia do /home para este disco, entao criamos um ponto de montagem para ele
[root@osg-ce ~]# vi /etc/auto.master /osghome /etc/auto.osghome --timeout=30 [root@osg-ce ~]# vim /etc/auto.osghome home -rw,soft,bg,rsize=8192,wsize=8192,tcp storage02:/raid0/osghome [root@osg-ce ~]# mkdir /osghome [root@osg-ce ~]# ln -s /osghome/home/ /home [root@osg-ce ~]# chkconfig autofs on
Configuração do NFS
Da spgrid[root@spgrid ~]# scp /etc/hosts.allow osg-ce.sprace.org.br:/etc/.Principalmente a linha
192.168.1. \Feito isso:
[root@osg-ce ~]# vim /etc/exports /usr/local/opt/OSG 192.168.1.0/24(rw,async,no_root_squash) [root@osg-ce ~]# chkconfig nfs on [root@osg-ce ~]# service nfs startDe um nó qualquer
[root@node84 ~]# mount 192.168.1.152:/usr/local/home teste
Configuração do NTP
[root@osg-ce ~]# vim /etc/ntp.conf #Permite acesso ao servidor para sincronizar mas nao permite modificacoes no servico restrict default nomodify notrap noquery # Permite acesso completo para a interface local restrict 127.0.0.1 # Libera acesso a minha rede local restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap #Nosso servidor server pcdsh05.on.br server ntp.cais.rnp.br server ntp.puc-rio.br server ntp1.pucpr.br server ntp.pop-rs.rnp.br driftfile /var/lib/ntp/driftPara ver as permissões:
[root@osg-ce ~]# ntpdc -nc reslist address mask count flags ===================================================================== 0.0.0.0 0.0.0.0 886 noquery, nomodify, notrap 127.0.0.1 255.255.255.255 1 none 127.0.0.1 255.255.255.255 0 ntpport, interface, ignore 192.168.1.152 255.255.255.255 0 ntpport, interface, ignore 200.136.80.25 255.255.255.255 0 ntpport, interface, ignore :: :: 0 nonePara ver o status do servidor:
[root@osg-ce ~]# ntpq -p
remote refid st t when poll reach delay offset jitter
==============================================================================
+b.ntp.br 200.160.7.186 2 u 243 1024 377 162.219 -7.703 0.657
*a.ntp.br 200.160.7.192 2 u 270 1024 377 152.367 -10.902 1.354
+titan.cais.rnp. 69.100.142.49 2 u 728 1024 77 13.516 32.667 1.149
LOCAL(0) LOCAL(0) 10 l 47 64 377 0.000 0.000 0.004
Feito isso
[root@osg-ce ~]# service ntpd start [root@osg-ce ~]# chkconfig ntpd onDe uma maquina qualquer
[root@node84 ~]# ntpdate -d 192.168.1.152
Configuração do DNS(chrooted)
[root@osg-ce ~]# vim /var/named/chroot/etc/named.conf
//Dominio sprace.org.br
zone "sprace.org.br" IN{
type master;
file "sprace.org.br.zone";
allow-update { none; };
};
//Dominio Reverso da sprace.org.br
zone "80.136.200.in-addr.arpa" IN{
type master;
file "80.136.200.in-addr.arpa.zone";
allow-update { none; };
};
//Dominio Grid
zone "grid" IN{
type master;
file "grid.zone";
allow-update { none; };
};
//Dominio reverso grid
zone "1.168.192.in-addr.arpa" IN{
type master;
file "1.168.192.in-addr.arpa.zone";
allow-update { none; };
};
[root@osg-ce ~]# vim /var/named/chroot/var/named/sprace.org.br.zone
$TTL 86400
;Nome do servidor e e-mail do administrador
@ IN SOA osg-ce1.sprace.org.br. root.osg-ce1.sprace.org.br. (
2008012201 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
;Especificando o servidor de nomes
@ IN NS osg-ce1.sprace.org.br.
;Especificando o servidor de e-mails
@ IN MX 5 osg-ce1.sprace.org.br.
;adicionando endereços
osg-ce IN A 200.136.80.4
access IN A 200.136.80.3
osg-se IN A 200.136.80.27
ftp-01 IN A 200.136.80.14
osg-ce1 IN A 200.136.80.25
;Adicionando o servidor www
www IN CNAME access
[root@osg-ce ~]# vim /var/named/chroot/var/named/grid.zone
$TTL 86400
@ IN SOA osg-ce.grid. root.osg-ce.grid. (
2008011901 ; Serial
8H ; Refresh
2H ; Retry
1W ; Expire
1D ) ; Minimum
;Servidor de nomes
@ IN NS osg-ce.grid.
;Servidor de e-mail
@ IN MX 0 osg-ce.grid.
;Especificando enderecos
@ IN A 192.168.1.152 ;(ip do servidor)
osg-ce IN A 192.168.1.152
;Adicionando apelidos
mail IN CNAME osg-ce
[root@osg-ce ~]# vim /var/named/chroot/var/named/80.136.200.in-addr.arpa.zone
$TTL 86400
@ IN SOA osg-ce1.sprace.org.br. root.osg-ce1.sprace.org.br. (
2008012201 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
;Especificando o servidor de nomes
@ IN NS osg-ce1.sprace.org.br.
;Adicionando os enderecos reversos
3 IN PTR access.sprace.org.br.
4 IN PTR osg-ce.
14 IN PTR ftp-01.
27 IN PTR osg-se.
25 IN PTR osg-ce1.
[root@osg-ce ~]# vim /var/named/chroot/var/named/1.168.192.in-addr.arpa.zone
$TTL 86400
@ IN SOA osg-ce.grid. root.osg-ce.grid. (
2008011901 ; Serial
8H ; Refresh
2H ; Retry
1W ; Expire
1D ) ; Minimum
;Especificando o servidor de nomes
@ IN NS osg-ce.grid.
;Adicionando endereços reversos
152 IN PTR osg-ce.grid.
[root@osg-ce ~]# chkconfig named on
Testando em um nó
[root@node84 ~]# vim /etc/resolv.conf nameserver 192.168.1.152
Monitoramento do Ganglia
[root@osg-ce ~]# wget http://dag.wieers.com/rpm/packages/rrdtool/rrdtool-1.0.50-3.el4.rf.i386.rpm [root@osg-ce ~]# rpm -ivh rrdtool-1.0.50-3.el4.rf.i386.rpm [root@osg-ce tmp]# wget http://downloads.sourceforge.net/ganglia/ganglia-3.0.6-1.src.rpm?modtime=1197841780&big_mirror=0 [root@osg-ce ~]# cd /tmp/ [root@osg-ce tmp]# rpm -i /root/ganglia-3.0.6-1.src.rpm [root@osg-ce tmp]# cd /usr/src/redhat/SPECS [root@osg-ce SPECS]# rpmbuild -ba --target noarch ganglia.specInstalar dependências
[root@osg-ce SPECS]# cd /root/ [root@osg-ce ~]# wget http://dag.wieers.com/rpm/packages/rrdtool/rrdtool-devel-1.0.50-3.el4.rf.i386.rpm [root@osg-ce ~]# rpm -ivh rrdtool-devel-1.0.50-3.el4.rf.i386.rpm [root@osg-ce ~]# yum install libart_lgpl-devel libpng-devel [root@osg-ce ~]# cd /usr/src/redhat/SPECS [root@osg-ce SPECS]# rpmbuild -ba --target noarch ganglia.spec [root@osg-ce SPECS]# rpmbuild -ba --target i686 ganglia.spec [root@osg-ce SPECS]# cd /usr/src/ [root@osg-ce src]# rpm -ivh */RPMS/*/ganglia-gmetad-*rpm [root@osg-ce src]# yum install php-gd.i386 [root@osg-ce src]# rpm -i */RPMS/*/ganglia-web*rpm [root@osg-ce src]# chkconfig --level 345 gmetad on [root@osg-ce src]# chkconfig httpd onConfigurando o gmond
[root@osg-ce src]# mount -t nfs 192.168.1.200:/export /teste; [root@osg-ce src]# cd /teste [root@osg-ce teste]# rpm -ivh ganglia-monitor-core-gmond-2.5.4-8.i386.rpm [root@osg-ce teste]# cd [root@osg-ce ~]# umount /teste/ [root@osg-ce ~]# rmdir /teste/ [root@osg-ce ~]# vim /etc/gmond.conf name "SPGRID Cluster" owner "SPRACE-HEP" url "http://osg-ce1.sprace.org.br/" trusted_hosts 200.136.80.25 num_nodes 86 setuid ganglia location "0,3,0"
Obter Certificado
[root@osg-ce ~]# mkdir /OSG [root@osg-ce ~]# mount 192.168.1.150:/usr/local/opt/OSG /OSG/ [root@osg-ce ~]# ln -s /OSG/ /usr/local/opt/OSG [root@osg-ce ~]# . /OSG/setup.sh [root@osg-ce ~]# cd $VDT_LOCATION [root@osg-ce OSG]# source ./setup.sh [root@osg-ce ~]# date Thu Jan 17 09:01:07 BRST 2008 [root@osg-ce OSG]# cd /root/ [root@osg-ce ~]# cert-request -ou s -host osg-ce.sprace.org.br -dir . -label osg-ce -agree -email mdias1@ift.unesp.br -phone +55.11.XXXXXX -reason "Instaling a new Computer Element head node for SPRACE site" -name "Marco Dias" Choose a registration authority to which you are affiliated. osg Choose a virtual organization under your OSG affiliation: dosarRecebido o e-mail com o certificado
[root@osg-ce ~]# . /OSG/setup.sh [root@osg-ce ~]# cert-retrieve -certnum XXXX -label osg-ce -dir . -prefix osg-ce.sprace.org.br [root@osg-ce ~]# mv osg-ce.sprace.org.brcert.pem /etc/grid-security/hostcert.pem [root@osg-ce ~]# mv osg-ce.sprace.org.brkey.pem /etc/grid-security/hostkey.pem [root@osg-ce ~]# chmod 400 /etc/grid-security/hostkey.pem [root@osg-ce ~]# chmod 444 /etc/grid-security/hostcert.pem
Firewall
Não dá para mostrar as regras aqui!! Logo o procedimento será[root@spgrid ~]# scp /etc/init.d/firewall osg-ce.sprace.org.br:/etc/init.d/.e na osg-ce
CORPIF="eth1" CORPIP="200.136.80.25" SERVICEIF="eth0" SERVICEIP="192.168.1.152" [root@osg-ce ~]# chkconfig firewall onO teste é feito em um node qualquer
[root@node84 ~]# more /etc/sysconfig/network NETWORKING=yes HOSTNAME=node84 GATEWAY=192.168.1.152 NISDOMAIN=grid [root@node84 ~]# /etc/init.d/network restart [root@node84 ~]# route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1 169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth1 0.0.0.0 192.168.1.152 0.0.0.0 UG 0 0 0 eth1
Instalacão do OSG
Instalacao do PACMAN
[root@osg-ce ~]# cd /opt/ [root@osg-ce opt]# wget http://physics.bu.edu/pacman/sample_cache/tarballs/pacman-latest.tar.gz [root@osg-ce opt]# tar --no-same-owner -xzvf pacman-latest.tar.gz [root@osg-ce opt]# cd pacman-3.21 [root@osg-ce pacman-3.21]# source setup.sh
Preparacão
[root@osg-ce ~]# mkdir /opt/osg-0.8.0 [root@osg-ce ~]# ln -s /opt/osg-0.8.0/ /OSG/ [root@osg-ce ~]# . /opt/pacman-3.21/setup.sh [root@osg-ce ~]# cd /opt/osg-0.8.0/ [root@osg-ce ~]# pacman -get OSG:ce [root@osg-ce ~]# cd /OSG/ [root@osg-ce OSG]# source setup.sh [root@osg-ce OSG]# pacman -get OSG:Globus-Condor-Setup [root@osg-ce OSG]# pacman -get OSG:ManagedFork [root@osg-ce OSG]# $VDT_LOCATION/vdt/setup/configure_globus_gatekeeper --managed-fork y --server y
Post Install
[root@osg-ce1 ~]# visudo
Runas_Alias GLOBUSUSERS = ALL, !root
globus ALL=(GLOBUSUSERS) \
NOPASSWD: /opt/osg-0.8.0/globus/libexec/globus-gridmap-and-execute \
-g /etc/grid-security/grid-mapfile \
/opt/osg-0.8.0/globus/libexec/globus-job-manager-script.pl *
globus ALL=(GLOBUSUSERS) \
NOPASSWD: /opt/osg-0.8.0/globus/libexec/globus-gridmap-and-execute \
-g /etc/grid-security/grid-mapfile \
/opt/osg-0.8.0/globus/libexec/globus-gram-local-proxy-tool *
[root@osg-ce1 ~]# . /OSG/setup.sh
[root@osg-ce1 ~]# $VDT_LOCATION/vdt/setup/configure_monalisa --prompt
monalisa
SPRACE
OSG
[root@osg-ce1 ~]# vim $VDT_LOCATION/MonaLisa/Service/VDTFarm/ml.properties
MonaLisa.Location=Sao Paulo
MonaLisa.Country=Brazil
MonaLisa.LAT=-23.5592
MonaLisa.LONG=-46.7358
[root@osg-ce1 ~]#vdt-register-service --name MLD --enable
[root@osg-ce1 ~]# cd /etc/grid-security/
[root@osg-ce1 grid-security]# cp hostkey.pem containerkey.pem
[root@osg-ce1 grid-security]# cp hostcert.pem containercert.pem
[root@osg-ce1 grid-security]# chown globus: containerkey.pem containercert.pem
[root@osg-ce1 grid-security]# cp /opt/osg-0.8.0/post-install/gsi-authz.conf /etc/grid-security/.
[root@osg-ce1 grid-security]# cp /opt/osg-0.8.0/post-install/prima-authz.conf /etc/grid-security/.
[root@osg-ce1 ~]# . /OSG/setup.sh
[root@osg-ce1 ~]# /opt/osg-0.8.0/vdt/sbin/vdt-register-service -name
gums-host-cron --enable
vdt-register-service: updated cron service 'gums-host-cron'
vdt-register-service: desired state = enable
vdt-register-service: cron time = '12 6,12,18,0 * * *'
vdt-register-service: cron command =
'/opt/osg-0.8.0/gums/scripts/gums-host-cron'
[root@osg-ce1 ~]# /opt/osg-0.8.0/vdt/sbin/vdt-control --on gums-host-cron
enabling cron service gums-host-cron... no crontab for root
ok
Pedindo o certificado para o apache
[mdias@spgrid ~]$ . /OSG/setup.sh [mdias@spgrid ~]$ cert-request -ou s -dir . -host osg-ce.sprace.org.br -service http -label osg-ce.http [mdias@spgrid ~]$ . /OSG/setup.sh [mdias@spgrid ~]$ cert-retrieve -certnum 21546 -dir . -label osg-ce.http using CA doegrids Checking that the usercert and ./osg-ce.httpkey.pem match writing RSA key ./usercert.pem and ./userkey.pem now contain your Globus credential [mdias@spgrid ~]$ scp usercert.pem userkey.pem osg-ce1.sprace.org.br:/home/mdias/. [root@osg-ce1 mdias]# mkdir /etc/grid-security/http [root@osg-ce1 mdias]# cp ./usercert.pem /etc/grid-security/http/httpcert.pem [root@osg-ce1 mdias]# cp ./userkey.pem /etc/grid-security/http/httpkey.pem [root@osg-ce1 mdias]# chmod 444 /etc/grid-security/http/httpcert.pem [root@osg-ce1 mdias]# chmod 400 /etc/grid-security/http/httpkey.pem [root@osg-ce1 mdias]# chown -R daemon.daemon /etc/grid-security/httpE finalmente
[root@osg-ce1 ~]# hostname osg-ce.sprace.org.br [root@osg-ce1 ~]#vdt-control --on
TODO List:
-trocar hostname e IP no /etc/sysconfig/network para o mesmo da spgrid -colocar o IP 192.168.1.150 no lugar de 192.168.1.152 no /etc/sysconfig/network/ifcfg-ethX -Trocar as interfaces de rede para ficar padrão| I | Attachment | Action | Size | Date | Who | Comment |
|---|---|---|---|---|---|---|
 cfg | ks_osgce_instalar.cfg | manage | 2.3 K | 15 Jan 2008 - 18:16 | MarcoAndreFerreiraDias | Kickstart para instala a OSG-CE |
Main Web
Users
Groups
Index
Search
Changes
Notifications
Statistics
PreferencesQR Code
 |
|
Copyright © by the contributing authors. All material on this collaboration platform is the property of the contributing authors. Ideas, requests, problems regarding TWiki? Send feedback