1 / 16

Managing Ensembles

This document provides an in-depth analysis of managing ensembles within stand-alone Beowulf systems. It covers essential topics, including the configuration of universally accessible machines, internal node naming conventions, and IP address management. Moreover, it offers insights into DHCP and BOOTP for cloning nodes, facilitating system upgrades, and recovering from failures. Security strategies using IP masquerading and host access restrictions are also discussed. This guide is invaluable for administrators looking to optimize operations in a controlled networking environment.

sereno
Télécharger la présentation

Managing Ensembles

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Managing Ensembles Nilesh M. Bhide

  2. System Access Models • The Stand-alone System • Beowulf system unattached to any external network • The Universally Accessible Machine • Every node is accessible from the entire Internet • The Guarded Beowulf • A single front-end (“worldly node”)

  3. Assigning Names • Internal host names of the format • <cluster-letter><node-number> • Reserved IP addresses • 10.0.0.0 - 10.255.255.255 • 172.16.0.0 - 172.31.255.255 • 192.168.0.0 - 192.168.255.255 • Dynamically assigned Address • DHCP, BOOTP

  4. Cloning Nodes • Configure one internal node and clone rest of them • Advantages • Quick and easy configuration of internal nodes • Facilitates major system upgrades • Easy recovery from disk failures, accidental file system corruption

  5. Cloning Nodes (contd.) • Steps involved • Manual configuration of a single internal node • Install NFS automounter • Creation of tar images for each partition • omit /proc, which is not a physical disk partition • tar zclf /worldly/nfsroot/partition-name.tgz .

  6. Cloning Nodes (contd.) • Setting up a clone root partition • Create a root directory for cloning on the worldly node. This should we exported via NFS • This directory should contain bin, dev, etc, lib, mnt, proc, sbin, tmp subdirectories • tar -C / -c -f - dev | tar xf - • tmp and etc subdirectories should be empty • etc/fstab enrty : “none /proc proc default 0 0” • Replace NFS root sbin/init script • Export NFS root directory

  7. Cloning Nodes (contd.) • Setting up BOOTP • set up /etc/bootptab file .default:\ :sm=255.255.255.0:\ :ht=ether:\ :gw=192.168.1.1\ :rp=/export/nfsroot/: b002:ip=192.168.1.2:ha=0080c8638a2c=.default b003:ip=192.168.1.3:ha=0080c86359d9=.default • Enable bootpd daemon on the worldly node • /etc/inetd.conf

  8. Cloning Nodes (contd.) • Building a boot clone floppy • CACR Beowulf cloning software • http://www.cacr.caltech.edu/beowulf • Building NFSROOT kernel • /usr/src/linux • mknod /dev/nfsroot b 0 255 • rdev zImage /dev/nfsroot • dd if=zImage of=/dev/fd0 bs=512

  9. Basic System Administration • Booting and Shutting Down • /sbin/shutdown -h now (using prsh) • ATX power supplies • /sbin/shutdown -p now • The node file system • / :The root partition, containig system configuration and log files • /boot : An optional partition for storing kernel images

  10. Basic System Administration • /home : A partition containing all user directories • /opt : An optional partition for additional software • /usr : A partition containing all standard system software • /scratch : A partition used as scratch space for large temporary data files

  11. Basic System Administration • Account Management • NIS, NIS+ • useradd, adduser, linuxconf • Replicating /etc/passwd, /etc/group • NIS vs. Replication

  12. Basic System Administration • PRSH - Parallel Remote Shell • http://www.cacr.caltech.edu/beowulf/. • e.g., prsh -- killall amok

  13. Security Strategies • CERT: http://www.cert.org • System Configuration • Stand-alone, Universally accessible, Guarded • IP Masquerading • NAT (Network Address Translation) • Client node set up • route add default gw 192.168.1.1 • or /etc/sysconfig/network configuration (GATEWAY, GATEWAYDEV)

  14. Security Strategies (Contd.) • Worldly node set up • IP Masquerade HOWTO in /usr/doc/HOWTO/mini • FORWARD_IPV4=true in /etc/sysconfig/network • Configure IP masquerading rules using ipfwadm • ipfwadm -F -p deny • ipfwadm -F -a masq -S 192.168.1.0/24 -D 0.0.0.0/0 • /etc/rc.d/rc.localor/etc/rc.d/init.d • ipfwadm-wrapper for 2.2 Linux kernels

  15. Security Strategies (Contd.) • Restricting host access • TCP wrappers package • tcpd daemon invoked by inetd and listed in /etc/inetd.conf • /etc/hosts.deny and /etc/hosts.allow e.g., in.rshd: 10.0.0.0/255.255.255.0 • Placing worldly node behind firewall • SSH: http://www.ssh.fi/

  16. Job Scheduling • Keeps user-developed applications from interfering with each other. • Currently no standard exists for job schedulers • BPROC (Beowulf Distributed Process Space) • http://www.beowulf.org/software/bproc.html

More Related