DokuWiki

User Tools

Site Tools

Trace:
cluster:154

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Next revision 		Previous revision
Next revision Both sides next revision
cluster:154 [2017/03/03 19:02]
hmeij07 created 		cluster:154 [2017/03/08 19:05]
hmeij07 [Configure]
Line 4: Line 4:
 ==== OpenHPC ==== ==== OpenHPC ====
  
-  * install vanilla CentOS 7.2+  * install vanilla CentOS 7.2 on //master// 
 +  * find Install_guide-CentOS7.2-SLURM-1.2.1-x86_64.pdf recipe guide on http://openhpc.community 
 +  * turn selinux off 
 +  * next switch to iptables
  
-  * disable firewalld, install iptables +<code>
-  * +
  
 +[root@ohpc0-test ~]# systemctl stop firewalld                
 +[root@ohpc0-test ~]# systemctl disable firewalld         
 +     
 +[root@ohpc0-test ~]#  yum install iptables-services -y                          
 +[root@ohpc0-test ~]# systemctl enable iptables
 +[root@ohpc0-test ~]# systemctl enable ip6tables
 +
 +[root@ohpc0-test ~]# vi /etc/sysconfig/iptables
 +
 +# lock up port 22: note "eth0"
 +-A INPUT -i enp4s0 -p tcp -m state --state NEW -m tcp -s 129.133.0.0/16 --dport 22 -j ACCEPT
 +
 +# local allow: note "eth1"
 +-A INPUT -i enp8s0 -d 192.168.0.0/16 -p tcp --dport 0:65535 -j ACCEPT
 +-A INPUT -i enp8s0 -d 192.168.0.0/16 -p udp --dport 0:65535 -j ACCEPT
 +
 +[root@ohpc0-test ~]# vi /etc/sysconfig/ip6tables
 +
 +# comment out port 22
 +
 +[root@ohpc0-test ~]# systemctl restart iptables
 +[root@ohpc0-test ~]# systemctl restart ip6tables
 +[root@ohpc0-test ~]# iptables -L
 +Chain INPUT (policy ACCEPT)
 +target     prot opt source               destination
 +ACCEPT     all  --  anywhere             anywhere             state RELATED,ESTABLISHED
 +ACCEPT     icmp --  anywhere             anywhere
 +ACCEPT     all  --  anywhere             anywhere
 +ACCEPT     tcp  --  129.133.0.0/16       anywhere             state NEW tcp dpt:ssh
 +ACCEPT     tcp  --  anywhere             192.168.0.0/16       tcp
 +ACCEPT     udp  --  anywhere             192.168.0.0/16       udp
 +REJECT     all  --  anywhere             anywhere             reject-with icmp-host-prohibited
 +
 +Chain FORWARD (policy ACCEPT)
 +target     prot opt source               destination
 +REJECT     all  --  anywhere             anywhere             reject-with icmp-host-prohibited
 +
 +Chain OUTPUT (policy ACCEPT)
 +target     prot opt source               destination
 +
 +[root@ohpc0-test ~]# reboot
 +
 +</code>
 +
 +  * next add OpenHPC component, install the RPM package which also enables repo EPEL
 +
 +<code>
 +
 +[root@ohpc0-test ~]# yum install http://build.openhpc.community/OpenHPC:/1.2/CentOS_7.2/x86_64/ohpc-release-1.2-1.x86_64.rpm
 +
 +Installed:
 +  ohpc-release.x86_64 0:1.2-1
 +Dependency Installed:
 +  epel-release.noarch 0:7-9
 +
 +[root@ohpc0-test ~]# yum repolist
 +repo id                       repo name
 +OpenHPC                       OpenHPC-1.2 - Base
 +OpenHPC-updates               OpenHPC-1.2 - Updates
 +base/7/x86_64                 CentOS-7 - Base
 +*epel/x86_64                  Extra Packages for Enterprise Linux 7 - x86_64
 +extras/7/x86_64               CentOS-7 - Extras
 +updates/7/x86_64              CentOS-7 - Updates
 +
 +</code>
 +
 +  * Next provisioning, pull down a suite of packages
 +
 +<code>
 +
 + yum -y groupinstall ohpc-base
 + yum -y groupinstall ohpc-warewulf
 +# for openlava if we decide not slurm
 + yum install tcl-devel
 +
 + systemctl enable ntpd.service
 + systemctl start ntpd
 + systemctl status ntpd
 +
 + yum -y groupinstall ohpc-slurm-server
 +
 +</code>
 +
 +  * Configure ''ib0'' and ''IPoIB'' if needed, consult  [[cluster:145|Infiniband]], also consult the PDF file.
 +
 +==== Configure ====
 +
 +  * Warewulf (do yourself a favor and check changes in file to avoid typos)
 +
 +<code>
 + 
 +perl -pi -e "s/device = eth1/device = enp8s0/" /etc/warewulf/provision.conf
 +
 +perl -pi -e "s/^\s+disable\s+= yes/ disable = no /" /etc/xinetd.d/tftp
 +   
 +perl -pi -e "s/cgi-bin>\$/cgi-bin>\n Require all granted/" /etc/httpd/conf.d/warewulf-httpd.conf
 +perl -pi -e "s/Allow from all/Require all granted/" /etc/httpd/conf.d/warewulf-httpd.conf
 +
 +  
 +# -ni not -pi
 +perl -ni -e "print unless /^\s+Order allow,deny/" /etc/httpd/conf.d/warewulf-httpd.conf
 +
 +# restart/enable services
 +systemctl restart xinetd
 +systemctl enable mariadb.service
 +systemctl restart mariadb
 +systemctl enable httpd.service
 +systemctl restart httpd
 +
 +
 +</code>
 +
 +  * Now let get ready to provision a node. First we need to build a CHROOT environment.
 +
 +<code>
 +
 +# defined repo
 +less /usr/libexec/warewulf/wwmkchroot/centos-7.tmpl
 +
 +# admin area
 +ls -R /opt/ohpc/admin/
 +
 +# use another disk for images
 +mkdir /data
 +mkfs.xfs -f /dev/sdb1
 +mount /data
 +mkdir -p /data/ohpc/images/centos7.2
 +
 +# this yields an error as 7.2.1511 is already deprecated
 +wwmkchroot centos-7 /data/ohpc/images/centos7.2
 +"This directory (and version of CentOS) is deprecated.  For normal users,
 +you should use /7/ and not /7.2.1511/ in your path."
 +# so we follow their advise and edit the repo destination s/7.2.1511/7/
 +vi /usr/libexec/warewulf/wwmkchroot/centos-7.tmpl
 +
 +# try again
 +wwmkchroot centos-7 /data/ohpc/images/centos7.2
 +# ls /data/ohpc/images/centos7.2/
 +bin  boot  dev  etc  fastboot  home  lib  lib64  media  mnt  opt  
 +proc  root  run  sbin  srv  sys  tmp  usr  var
 +# du -hs /data/ohpc/images/centos7.2/
 +490M    /data/ohpc/images/centos7.2/
 +
 +</code>
 +
 +  * Next customize the CHROOT environment
 +
 +<code>
 +
 +cp -p /etc/resolv.conf /data/ohpc/images/centos7.2/etc/
 +yum -y --installroot=/data/ohpc/images/centos7.2 groupinstall ohpc-slurm-client
 +yum -y --installroot=/data/ohpc/images/centos7.2 install kernel
 +yum -y --installroot=/data/ohpc/images/centos7.2 install ntp
 +yum -y --installroot=/data/ohpc/images/centos7.2 install lmod-ohpc
 +# pass on infiniband
 +
 +# if it does not exist on **master** issue command ''wwinit ssh''
 +cat ~/.ssh/cluster.pub
 +cat ~/.ssh/cluster.pub >> /data/ohpc/images/centos7.2/root/.ssh/authorized_keys
 +
 +echo "192.168.1.249:/home /home nfs nfsvers=3,rsize=1024,wsize=1024,cto 0 0 " \
 +      >> /data/ohpc/images/centos7.2/etc/fstab
 +echo "192.168.1.249:/opt/ohpc/pub /opt/ohpc/pub nfs nfsvers=3 0 0 " \
 +      >> /data/ohpc/images/centos7.2/etc/fstab
 +
 +chroot /data/ohpc/images/centos7.2 systemctl enable ntpd
 +echo "server 192.168.1.249" >> /data/ohpc/images/centos7.2/etc/ntp.conf
 +
 +# finally on **master** issue
 +perl -pi -e "s/ControlMachine=\S+/ControlMachine=ohpc0-test/" /etc/slurm/slurm.conf
 +echo "/home *(rw,no_subtree_check,fsid=10,no_root_squash)" >> /etc/exports
 +echo "/opt/ohpc/pub *(ro,no_subtree_check,fsid=11)" >> /etc/exports
 +exportfs -ra
 +systemctl restart nfs
 +systemctl enable nfs-server
 +
 +</code>
 +
 +  * Next we PXE boot the compute node for imaging (after building bootstrp image and VNFS)
 +
 +<code>
 +
 +# Both are loaded in database
 +echo "drivers += updates/kernel" >> /etc/warewulf/bootstrap.conf
 +wwbootstrap `uname -r`
 +# Bootstrap image '3.10.0-327.el7.x86_64' is ready
 +wwvnfs -y --chroot /data/ohpc/images/centos7.2
 +# VNFS 'centos7.2' has been imported
 +# Wrote a new configuration file at: /etc/warewulf/vnfs/centos7.2.conf
 +
 +
 +</code>
 \\ \\
 **[[cluster:0|Back]]** **[[cluster:0|Back]]**
cluster/154.txt · Last modified: 2018/08/17 12:48 by hmeij07

Page Tools

Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
CC Attribution-Share Alike 4.0 International Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki