This is an old revision of the document!
[root@ohpc0-test ~]# systemctl stop firewalld [root@ohpc0-test ~]# systemctl disable firewalld [root@ohpc0-test ~]# yum install iptables-services -y [root@ohpc0-test ~]# systemctl enable iptables [root@ohpc0-test ~]# systemctl enable ip6tables [root@ohpc0-test ~]# vi /etc/sysconfig/iptables # lock up port 22: note "eth0" -A INPUT -i enp4s0 -p tcp -m state --state NEW -m tcp -s 129.133.0.0/16 --dport 22 -j ACCEPT # local allow: note "eth1" -A INPUT -i enp8s0 -d 192.168.0.0/16 -p tcp --dport 0:65535 -j ACCEPT -A INPUT -i enp8s0 -d 192.168.0.0/16 -p udp --dport 0:65535 -j ACCEPT [root@ohpc0-test ~]# vi /etc/sysconfig/ip6tables # comment out port 22 [root@ohpc0-test ~]# systemctl restart iptables [root@ohpc0-test ~]# systemctl restart ip6tables [root@ohpc0-test ~]# iptables -L Chain INPUT (policy ACCEPT) target prot opt source destination ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED ACCEPT icmp -- anywhere anywhere ACCEPT all -- anywhere anywhere ACCEPT tcp -- 129.133.0.0/16 anywhere state NEW tcp dpt:ssh ACCEPT tcp -- anywhere 192.168.0.0/16 tcp ACCEPT udp -- anywhere 192.168.0.0/16 udp REJECT all -- anywhere anywhere reject-with icmp-host-prohibited Chain FORWARD (policy ACCEPT) target prot opt source destination REJECT all -- anywhere anywhere reject-with icmp-host-prohibited Chain OUTPUT (policy ACCEPT) target prot opt source destination [root@ohpc0-test ~]# reboot
[root@ohpc0-test ~]# yum install http://build.openhpc.community/OpenHPC:/1.2/CentOS_7.2/x86_64/ohpc-release-1.2-1.x86_64.rpm Installed: ohpc-release.x86_64 0:1.2-1 Dependency Installed: epel-release.noarch 0:7-9 [root@ohpc0-test ~]# yum repolist repo id repo name OpenHPC OpenHPC-1.2 - Base OpenHPC-updates OpenHPC-1.2 - Updates base/7/x86_64 CentOS-7 - Base *epel/x86_64 Extra Packages for Enterprise Linux 7 - x86_64 extras/7/x86_64 CentOS-7 - Extras updates/7/x86_64 CentOS-7 - Updates
yum -y groupinstall ohpc-base yum -y groupinstall ohpc-warewulf # for openlava if we decide not slurm yum install tcl-devel systemctl enable ntpd.service systemctl start ntpd systemctl status ntpd yum -y groupinstall ohpc-slurm-server
perl -pi -e "s/device = eth1/device = enp8s0/" /etc/warewulf/provision.conf perl -pi -e "s/^\s+disable\s+= yes/ disable = no /" /etc/xinetd.d/tftp perl -pi -e "s/cgi-bin>\$/cgi-bin>\n Require all granted/" /etc/httpd/conf.d/warewulf-httpd.conf perl -pi -e "s/Allow from all/Require all granted/" /etc/httpd/conf.d/warewulf-httpd.conf # -ni not -pi perl -ni -e "print unless /^\s+Order allow,deny/" /etc/httpd/conf.d/warewulf-httpd.conf # restart/enable services systemctl restart xinetd systemctl enable mariadb.service systemctl restart mariadb systemctl enable httpd.service systemctl restart httpd
# defined repo less /usr/libexec/warewulf/wwmkchroot/centos-7.tmpl # admin area ls -R /opt/ohpc/admin/ # use another disk for images mkdir /data mkfs.xfs -f /dev/sdb1 mount /data mkdir -p /data/ohpc/images/centos7.2 # this yields an error as 7.2.1511 is already deprecated wwmkchroot centos-7 /data/ohpc/images/centos7.2 "This directory (and version of CentOS) is deprecated. For normal users, you should use /7/ and not /7.2.1511/ in your path." # so we follow their advise and edit the repo destination s/7.2.1511/7/ vi /usr/libexec/warewulf/wwmkchroot/centos-7.tmpl # try again wwmkchroot centos-7 /data/ohpc/images/centos7.2 # ls /data/ohpc/images/centos7.2/ bin boot dev etc fastboot home lib lib64 media mnt opt proc root run sbin srv sys tmp usr var # du -hs /data/ohpc/images/centos7.2/ 490M /data/ohpc/images/centos7.2/