LCFG testbed upgrade Enrico Ferro INFNLNL E Ferro
LCFG: testbed upgrade Enrico Ferro INFN-LNL E. Ferro, CNAF, april 2002 1
Summary ® ® Configuration files structure RPM management Add a line to globus. conf Add a user E. Ferro, CNAF, april 2002 2
Configuration files structure (1) ® For each node testbed<n> there is a file with the same name in /var/obj/conf/profile/source ® Each node includes: – "macros-cfg. h": some macro definitions – "site-cfg. h": site specific data (dns, domain, etc. . . ). This file contains definitions used in the other files. – "linuxdef-cfg. h": a basic Linux configuration – "client_testbed-cfg. h": additional configuration for the testbed ® In addition each node include a “node-type” file with specific resources: – Storage. Element-cfg. h – Computing. Element-cfg. h – Etc. . E. Ferro, CNAF, april 2002 3
Configuration files structure (2) ® Currently each value is stored as: – <object>. <resource> <value> – update. bootdisk hda ® A hierarchical structure is implemented as an IDs list + some resources identified by these IDs: – inet. etcservices lcfgack – inet. etcsrvconf_lcfg 732/udp – inet. etcsrvconf_lcfgack 733/udp E. Ferro, CNAF, april 2002 4
Configuration files structure (3) ® This is the standard way to define a value for a resource of the object bigbang: – bigbang. config /etc/bigbang. conf – bigbang. options --debug-universe – bigbang. enabled yes ® It is possible to override a resource previously defined using “+”: – +bigbang. options --debug-earth E. Ferro, CNAF, april 2002 5
RPM management (1) ® As for resources, also for the RPM there is a hierarchical structure. ® The high-level RPM list is stored into the resources update. rpmcfg and updaterpms. rpmcfg ® For example for Worker. Node the value for these two resources is "WN-rpm". This file includes: – rh 62 -release-rpm. h and rh 62 -updates-rpm. h: Red. Hat stuff – lcfg-common-rpm. h and lcfg-client-rpm. h: LCFG stuff – openssh-rpm. h: openssh – security-rpm. h: CA certificates – apps_common-rpm. h, CMS-rpm. h, . . . : applications software – Worker. Node-rpm. h: RPM specific for a WN E. Ferro, CNAF, april 2002 6
RPM management (2) ® As for resources, it is possible to override, add and remove packages. ® To add a new package bigbang-1. 0. i 386. rpm simply add this line to a RPM list: – bigbang-1. 0 ® To force to use a 1. 2 release instead of a previously defined one: – +bigbang-1. 2 ® To remove a package already included and install a new one: – -bigbang-*-* – +bigcrunch-1. 0 E. Ferro, CNAF, april 2002 7
RPM management (3) ® Q: How can I check if I have all the required RPM for the testbed? ® A: We use a script that simulates the installation process without installing the RPM. It require as parameter an high-level RPM list (e. g. CE-rpm). ® The script can be found in the WP 4 LCFG FAQ document: – http: //datagrid. in 2 p 3. fr/cgibin/cvsweb. cgi/fabric_mgt/installation/documentation/faq E. Ferro, CNAF, april 2002 8
Add a line to globus. conf ® A object manage the globus. conf files. As example we want to add a new line to this file. ® The resource gconflines holds a list of id: each id is used to identify a line of globus. conf. ® We use a macro (EXTRA) to append a string to an existing resource. You can put the following lines into a new file (e. g. Custom. Config-cfg. h) and include this one into your node specific file (e. g. testbed 005). – EXTRA (globus. gconflines) add 1 – globus. gconfline_add 1 MOREINFO=” 123456789” ® After a “mkxprof -a -n” this line will be added to globus. conf: – MOREINFO=” 123456789” ® Of course you can add more lines: – EXTRA (globus. gconflines) add 2 add 3 – globus. gconfline_add 2 MOREINFO 2=”asdf” – globus. gconfline_add 3 MOREINFO 3=”qwer” E. Ferro, CNAF, april 2002 9
Add a user ® There is a resource (auth. users) that holds a list of the username. We want do add a new user, John Brown – EXTRA(auth. users) john – auth. usercomment_john John Brown – auth. useruid_john 4096 – auth. userpwd_john jhaw 2 l. Zpp 8 p. Qs ® Currently the password is still crypted with the classic DES-based algorithm crypt(), with a password and the "salt". You can use a simple Perl script: – perl -e 'printf crypt("Pa. SSw. Or. D", "Sl"). "n"' E. Ferro, CNAF, april 2002 10
- Slides: 10