1 / 10

LCFG Installation

LCFG Installation. Steve Traylen. LCFG – A tool for installation and configuration. GRIDPP – ETF Meeting. 28 th May 2002. About LCFG. Started at Edinburgh 9 years ago by Alastair Scobie and Paul Anderson. Installs an RPM based Linux system and configures it.

ahanu
Télécharger la présentation

LCFG Installation

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. LCFG Installation • Steve Traylen. • LCFG – A tool for installation and configuration. • GRIDPP – ETF Meeting. • 28th May 2002. Steve Traylen, RAL, s.m.traylen@rl.ac.uk

  2. About LCFG • Started at Edinburgh 9 years ago by Alastair Scobie and Paul Anderson. • Installs an RPM based Linux system and configures it. • Each machine defined by exactly one profile. • Management also possible; the main difference to Kickstart type methods. Steve Traylen, RAL, s.m.traylen@rl.ac.uk

  3. <inet> <allow cfg:template="allow_$ tag_$ daemon_$"> <allow_RECORD cfg:name="telnet"> <allow>192.168., 192.135.30.</allow> </allow_RECORD> ..... </auth> <user_RECORD cfg:name="mickey"> <userhome>/home/MickeyMouseHome</userhome> <usershell>/bin/tcsh</usershell> </user_RECORD> XML profiles Config files +inet.services telnet login ftp +inet.allow telnet login ftp sshd +inet.allow_telnet ALLOWED_NETWORKS +inet.allow_login ALLOWED_NETWORKS +inet.allow_ftp ALLOWED_NETWORKS +inet.allow_sshd ALL +inet.daemon_sshd yes ..... +auth.users myckey +auth.userhome_mickey /home/mickey +auth.usershell_mickey /bin/tcsh LCFG Config Files Read Profile Load Profile HTTP rdxprof ldxprof /etc/shadow Profile Generic /etc/group Object Make XML Profile Component /etc/passwd .... mickey:x:999:20::/home/Mickey:/bin/tcsh .... Web Server Local cache /etc/services XML Profile LCFG Objects /etc/inetd.conf Profile /etc/hosts.allow in.telnetd : 192.168., 192.135.30. in.rlogind : 192.168., 192.135.30. in.ftpd : 192.168., 192.135.30. sshd : ALL Object Client nodes Server inet auth How LCFG Works in One Slide. Abstract configuration parameters for all nodes stored in a central repository A collection of agents read configuration parameters and either generate traditional config files or directly manipulate various services Enrico Ferro, INFN-LNL

  4. LCFG Server Components. Steve Traylen, RAL, s.m.traylen@rl.ac.uk

  5. Software Installation • Install a plain Redhat 6.2. • Central Software Repository. • Scripts for checking for and installing updates. • Scripts for configuring software from profiles. Steve Traylen, RAL, s.m.traylen@rl.ac.uk

  6. Machine Profiles • EDG profiles are in CVS as is all EDG software. • Profiles allow for localisation via site-cfg.h • Profiles can modified for hardware differences. • Modular construction allows an experiment to maintain its components. Steve Traylen, RAL, s.m.traylen@rl.ac.uk

  7. Client Installs • Everything is configured before installation which can be validated. • Just requires a boot floppy or there is a new PXE boot configuration. Steve Traylen, RAL, s.m.traylen@rl.ac.uk

  8. LCFG, What is Bad? • Adds a whole new layer of configuration. • Sysadmins have to learn to configure /etc/resolv.conf again. • A software developer knows how to configure /etc/edg/info-mds.conf but not /var/obj/conf/profile/source/ComputingElement.h. • Security problems: host authentication is weak, no shadow passwords. Steve Traylen, RAL, s.m.traylen@rl.ac.uk

  9. LCFG, What Is Good? • Configuration is modular so similar machines are easy. • Configuration can be modified. • Converting a CE to an SE, less than a minute. • Installing and backing out is possible. • Snap shot of configuration is available including all the tiny incremental changes. Steve Traylen, RAL, s.m.traylen@rl.ac.uk

  10. LCFG, What is Good • Machine profiles create well defined enviroments for end users. • Whole installations can be developed rather than individual bits of software. Steve Traylen, RAL, s.m.traylen@rl.ac.uk

More Related