Differences

This shows you the differences between two versions of the page.

--- cluster:154 [2017/03/27 19:07] – [Configure] hmeij07
+++ cluster:154 [2018/08/17 12:48] (current) – hmeij07
@@ Line 2: / Line 2: @@
 **[[cluster:0|Back]]**
-==== OpenHPC ====
+==== OpenHPC page 1====
   * install vanilla CentOS 7.2 on //master//
@@ Line 10: / Line 10: @@
 <code>
-[root@ohpc0-test ~]# systemctl stop firewalld
+[root@ohpc0-test ~]# systemctl disable NetworkManager
 [root@ohpc0-test ~]# systemctl disable firewalld
 [root@ohpc0-test ~]#  yum install iptables-services -y
 [root@ohpc0-test ~]# systemctl enable iptables
-[root@ohpc0-test ~]# systemctl enable ip6tables
 [root@ohpc0-test ~]# vi /etc/sysconfig/iptables
 # lock up port 22: note "eth1"
--A INPUT -i enp8s0 -p tcp -m state --state NEW -m tcp -s 129.133.0.0/16 --dport 22 -j ACCEPT
+-A INPUT -p tcp -m state --state NEW -m tcp -s 129.133.0.0/16 --dport 22 -j ACCEPT
 # local allow: note "eth0"
--A INPUT -i enp4s0 -d 192.168.0.0/16 -p tcp --dport 0:65535 -j ACCEPT
+-A INPUT -d 192.168.0.0/16 -p tcp --dport 0:65535 -j ACCEPT
--A INPUT -i enp4s0 -d 192.168.0.0/16 -p udp --dport 0:65535 -j ACCEPT
+-A INPUT -d 192.168.0.0/16 -p udp --dport 0:65535 -j ACCEPT
-[root@ohpc0-test ~]# vi /etc/sysconfig/ip6tables
+[root@ohpc0-test ~]# reboot
-# comment out port 22
+# check firwewall
-[root@ohpc0-test ~]# systemctl restart iptables
-[root@ohpc0-test ~]# systemctl restart ip6tables
 [root@ohpc0-test ~]# iptables -L
 Chain INPUT (policy ACCEPT)
-target     prot opt source               destination
+...
-ACCEPT     all  --  anywhere             anywhere             state RELATED,ESTABLISHED
-ACCEPT     icmp --  anywhere             anywhere
-ACCEPT     all  --  anywhere             anywhere
 ACCEPT     tcp  --  129.133.0.0/16       anywhere             state NEW tcp dpt:ssh
 ACCEPT     tcp  --  anywhere             192.168.0.0/16       tcp
@@ Line 44: / Line 39: @@
 REJECT     all  --  anywhere             anywhere             reject-with icmp-host-prohibited
-Chain FORWARD (policy ACCEPT)
+# copy global hpc /etc/hosts in place
-target     prot opt source               destination
+# check hostname is on provisioning network
-REJECT     all  --  anywhere             anywhere             reject-with icmp-host-prohibited
+[root@ohpc0-test ~]# ping `hostname`
+PING ohpc0-test (192.168.1.249) 56(84) bytes of data.
-Chain OUTPUT (policy ACCEPT)
+bytes from ohpc0-test (192.168.1.249): icmp_seq=1 ttl=64 time=0.043 ms
-target     prot opt source               destination
-[root@ohpc0-test ~]# reboot
 </code>
@@ Line 371: / Line 363: @@
 </code>
+page 1 - [[cluster:155|OpenHPC page 2]] - [[cluster:156|OpenHPC page 3]] - [[cluster:160|OpenHPC page 4]]
 \\
 **[[cluster:0|Back]]**