cluster:154
This is an old revision of the document!
OpenHPC
- install vanilla CentOS 7.2 on master
- find Install_guide-CentOS7.2-SLURM-1.2.1-x86_64.pdf recipe guide on http://openhpc.community
- turn selinux off
- next switch to iptables
[root@ohpc0-test ~]# systemctl stop firewalld
[root@ohpc0-test ~]# systemctl disable firewalld
[root@ohpc0-test ~]# yum install iptables-services -y
[root@ohpc0-test ~]# systemctl enable iptables
[root@ohpc0-test ~]# systemctl enable ip6tables
[root@ohpc0-test ~]# vi /etc/sysconfig/iptables
# lock up port 22: note "eth0"
-A INPUT -i enp4s0 -p tcp -m state --state NEW -m tcp -s 129.133.0.0/16 --dport 22 -j ACCEPT
# local allow: note "eth1"
-A INPUT -i enp8s0 -d 192.168.0.0/16 -p tcp --dport 0:65535 -j ACCEPT
-A INPUT -i enp8s0 -d 192.168.0.0/16 -p udp --dport 0:65535 -j ACCEPT
[root@ohpc0-test ~]# vi /etc/sysconfig/ip6tables
# comment out port 22
[root@ohpc0-test ~]# systemctl restart iptables
[root@ohpc0-test ~]# systemctl restart ip6tables
[root@ohpc0-test ~]# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT icmp -- anywhere anywhere
ACCEPT all -- anywhere anywhere
ACCEPT tcp -- 129.133.0.0/16 anywhere state NEW tcp dpt:ssh
ACCEPT tcp -- anywhere 192.168.0.0/16 tcp
ACCEPT udp -- anywhere 192.168.0.0/16 udp
REJECT all -- anywhere anywhere reject-with icmp-host-prohibited
Chain FORWARD (policy ACCEPT)
target prot opt source destination
REJECT all -- anywhere anywhere reject-with icmp-host-prohibited
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
[root@ohpc0-test ~]# reboot
cluster/154.1488570067.txt.gz · Last modified: 2017/03/03 19:41 by hmeij07
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
