DokuWiki

User Tools

Site Tools

Trace:
cluster:154

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Next revision 		Previous revision
Next revision Both sides next revision
cluster:154 [2017/03/03 19:02]
hmeij07 created 		cluster:154 [2017/03/03 19:41]
hmeij07 [OpenHPC]
Line 4: Line 4:
 ==== OpenHPC ==== ==== OpenHPC ====
  
-  * install vanilla CentOS 7.2+  * install vanilla CentOS 7.2 on //master// 
 +  * find Install_guide-CentOS7.2-SLURM-1.2.1-x86_64.pdf recipe guide on http://openhpc.community 
 +  * turn selinux off 
 +  * next switch to iptables 
 + 
 +<code> 
 + 
 +[root@ohpc0-test ~]# systemctl stop firewalld                 
 +[root@ohpc0-test ~]# systemctl disable firewalld          
 +      
 +[root@ohpc0-test ~]#  yum install iptables-services -y                           
 +[root@ohpc0-test ~]# systemctl enable iptables 
 +[root@ohpc0-test ~]# systemctl enable ip6tables 
 + 
 +[root@ohpc0-test ~]# vi /etc/sysconfig/iptables 
 + 
 +# lock up port 22: note "eth0" 
 +-A INPUT -i enp4s0 -p tcp -m state --state NEW -m tcp -s 129.133.0.0/16 --dport 22 -j ACCEPT 
 + 
 +# local allow: note "eth1" 
 +-A INPUT -i enp8s0 -d 192.168.0.0/16 -p tcp --dport 0:65535 -j ACCEPT 
 +-A INPUT -i enp8s0 -d 192.168.0.0/16 -p udp --dport 0:65535 -j ACCEPT 
 + 
 +[root@ohpc0-test ~]# vi /etc/sysconfig/ip6tables 
 + 
 +# comment out port 22 
 + 
 +[root@ohpc0-test ~]# systemctl restart iptables 
 +[root@ohpc0-test ~]# systemctl restart ip6tables 
 +[root@ohpc0-test ~]# iptables -L 
 +Chain INPUT (policy ACCEPT) 
 +target     prot opt source               destination 
 +ACCEPT     all  --  anywhere             anywhere             state RELATED,ESTABLISHED 
 +ACCEPT     icmp --  anywhere             anywhere 
 +ACCEPT     all  --  anywhere             anywhere 
 +ACCEPT     tcp  --  129.133.0.0/16       anywhere             state NEW tcp dpt:ssh 
 +ACCEPT     tcp  --  anywhere             192.168.0.0/16       tcp 
 +ACCEPT     udp  --  anywhere             192.168.0.0/16       udp 
 +REJECT     all  --  anywhere             anywhere             reject-with icmp-host-prohibited 
 + 
 +Chain FORWARD (policy ACCEPT) 
 +target     prot opt source               destination 
 +REJECT     all  --  anywhere             anywhere             reject-with icmp-host-prohibited 
 + 
 +Chain OUTPUT (policy ACCEPT) 
 +target     prot opt source               destination 
 + 
 +[root@ohpc0-test ~]# reboot 
 + 
 +</code>
  
-  * disable firewalld, install iptables 
-  *  
  
 \\ \\
 **[[cluster:0|Back]]** **[[cluster:0|Back]]**
cluster/154.txt · Last modified: 2018/08/17 12:48 by hmeij07

Page Tools

Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
CC Attribution-Share Alike 4.0 International Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki