User Tools

Site Tools


cluster:154

Warning: Undefined array key -1 in /usr/share/dokuwiki/inc/html.php on line 1458

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
cluster:154 [2017/03/27 15:07]
hmeij07 [Configure]
cluster:154 [2018/08/17 08:48] (current)
hmeij07
Line 2: Line 2:
 **[[cluster:0|Back]]** **[[cluster:0|Back]]**
  
-==== OpenHPC ====+==== OpenHPC page 1====
  
   * install vanilla CentOS 7.2 on //master//   * install vanilla CentOS 7.2 on //master//
Line 10: Line 10:
  
 <code> <code>
- +              
-[root@ohpc0-test ~]# systemctl stop firewalld                +[root@ohpc0-test ~]# systemctl disable NetworkManager  
 +             
 [root@ohpc0-test ~]# systemctl disable firewalld          [root@ohpc0-test ~]# systemctl disable firewalld         
            
-[root@ohpc0-test ~]#  yum install iptables-services -y                          +[root@ohpc0-test ~]#  yum install iptables-services -y    
 +                       
 [root@ohpc0-test ~]# systemctl enable iptables [root@ohpc0-test ~]# systemctl enable iptables
-[root@ohpc0-test ~]# systemctl enable ip6tables 
  
 [root@ohpc0-test ~]# vi /etc/sysconfig/iptables [root@ohpc0-test ~]# vi /etc/sysconfig/iptables
  
 # lock up port 22: note "eth1" # lock up port 22: note "eth1"
--A INPUT -i enp8s0 -p tcp -m state --state NEW -m tcp -s 129.133.0.0/16 --dport 22 -j ACCEPT+-A INPUT -p tcp -m state --state NEW -m tcp -s 129.133.0.0/16 --dport 22 -j ACCEPT
  
 # local allow: note "eth0" # local allow: note "eth0"
--A INPUT -i enp4s0 -d 192.168.0.0/16 -p tcp --dport 0:65535 -j ACCEPT +-A INPUT -d 192.168.0.0/16 -p tcp --dport 0:65535 -j ACCEPT 
--A INPUT -i enp4s0 -d 192.168.0.0/16 -p udp --dport 0:65535 -j ACCEPT+-A INPUT -d 192.168.0.0/16 -p udp --dport 0:65535 -j ACCEPT
  
-[root@ohpc0-test ~]# vi /etc/sysconfig/ip6tables+[root@ohpc0-test ~]# reboot
  
-comment out port 22 +check firwewall
- +
-[root@ohpc0-test ~]# systemctl restart iptables +
-[root@ohpc0-test ~]# systemctl restart ip6tables+
 [root@ohpc0-test ~]# iptables -L [root@ohpc0-test ~]# iptables -L
 Chain INPUT (policy ACCEPT) Chain INPUT (policy ACCEPT)
-target     prot opt source               destination +...
-ACCEPT     all  --  anywhere             anywhere             state RELATED,ESTABLISHED +
-ACCEPT     icmp --  anywhere             anywhere +
-ACCEPT     all  --  anywhere             anywhere+
 ACCEPT     tcp  --  129.133.0.0/16       anywhere             state NEW tcp dpt:ssh ACCEPT     tcp  --  129.133.0.0/16       anywhere             state NEW tcp dpt:ssh
 ACCEPT     tcp  --  anywhere             192.168.0.0/16       tcp ACCEPT     tcp  --  anywhere             192.168.0.0/16       tcp
Line 44: Line 39:
 REJECT     all  --  anywhere             anywhere             reject-with icmp-host-prohibited REJECT     all  --  anywhere             anywhere             reject-with icmp-host-prohibited
  
-Chain FORWARD (policy ACCEPT) +# copy global hpc /etc/hosts in place 
-target     prot opt source               destination +# check hostname is on provisioning network 
-REJECT     all  --  anywhere             anywhere             reject-with icmp-host-prohibited +[root@ohpc0-test ~]# ping `hostname` 
- +PING ohpc0-test (192.168.1.249) 56(84) bytes of data. 
-Chain OUTPUT (policy ACCEPT) +64 bytes from ohpc0-test (192.168.1.249): icmp_seq=1 ttl=64 time=0.043 ms
-target     prot opt source               destination +
- +
-[root@ohpc0-test ~]# reboot+
  
 </code> </code>
Line 371: Line 363:
  
 </code> </code>
 +
 +page 1 - [[cluster:155|OpenHPC page 2]] - [[cluster:156|OpenHPC page 3]] - [[cluster:160|OpenHPC page 4]]
 \\ \\
 **[[cluster:0|Back]]** **[[cluster:0|Back]]**
cluster/154.1490641632.txt.gz · Last modified: 2017/03/27 15:07 by hmeij07