Earthdevruis » History » Version 4
Joseph Foley, 2013-03-15 16:15
status updateds
| 1 | 1 | Joseph Foley | h1. Earthdevruis |
|---|---|---|---|
| 2 | |||
| 3 | @earth.dev.ru.is@ is a high-performance linux server owned by the RU Speech Research group under Jón Gúðnason <jg@ru.is>. The machine lives in DevNet (the development network in the RU basement). |
||
| 4 | |||
| 5 | The main DevNet contact is Joe Foley <foley@ru.is>. He also installed th machine machine. |
||
| 6 | |||
| 7 | 4 | Joseph Foley | h2. Status |
| 8 | |||
| 9 | * Earth has been reinstalled with 12.04.2 64-bit [foley] |
||
| 10 | * Kerberos/AFS has been configured [foley] |
||
| 11 | * /home is being restored from the backup disk (mounted on /mnt/backup) [foley] |
||
| 12 | |||
| 13 | |||
| 14 | 1 | Joseph Foley | h2. Installation |
| 15 | |||
| 16 | h3. Turn on PXE for network boot/install |
||
| 17 | |||
| 18 | # Reboot |
||
| 19 | # While the machine is rebooting, hit F2 (or F1) so that it goes to BIOS setup |
||
| 20 | ## Click on system options, then networking |
||
| 21 | ## Set the network adapter to have PXE enabled |
||
| 22 | ## Save options |
||
| 23 | # Make sure that the machine is connected to the DevNet switches |
||
| 24 | # Reboot |
||
| 25 | |||
| 26 | h3. Netboot and pick installer |
||
| 27 | |||
| 28 | # After PXE initializes, you should get an installer menu |
||
| 29 | # Choose Ubuntu 12.04.2 64-bit (Alternate) |
||
| 30 | # You'll have to pick region and keyboard. You want to pick the Icelandic keyboard |
||
| 31 | |||
| 32 | h3. Partitioning the hard drive |
||
| 33 | |||
| 34 | It's a good idea to separate the operating system, home directory, and data storage. In addition, you will need a swap file and an AFS cache partition. |
||
| 35 | The AFS cache partition should be ext2 or ext3. To make this easier to manage, you should have all except for a boot partition in LVM (logical volume manager) |
||
| 36 | |||
| 37 | # Choose manual partitioning of hard drive |
||
| 38 | # Create a /boot primary paritition of around 300MB. Make sure it is "bootable" |
||
| 39 | # Go into the LVM manager |
||
| 40 | ## Create a new physical volume with the remaining space on the drive |
||
| 41 | ## Create these logical volumes with these names and sizes. You'll need to remember where they should be mounted also. |
||
| 42 | 2 | Joseph Foley | *** afscache 2GB (for @/var/cache/openafs@) |
| 43 | *** swap 8GB |
||
| 44 | *** slash 60GB (for @/@) |
||
| 45 | *** home 50GB (for @/home@) |
||
| 46 | *** export [Remaining space] (for @/export@) |
||
| 47 | 1 | Joseph Foley | ## Save changes and exit the manager |
| 48 | # In the partition manager, set these options for the partitions |
||
| 49 | 2 | Joseph Foley | ** boot: labeled boot, format as ext2, mounted at /boot, set "bootable" flag |
| 50 | ** afscache: 0% reserved, labeled afscache, format as ext2 or ext3, mounted at @/var/cache/openafs@ |
||
| 51 | ** swap: swapspace |
||
| 52 | ** slash: labeled slash, format as ext4, mounted at @/@ |
||
| 53 | ** home: 0% reserved, labeled home, format as ext4, mounted at @/home@ |
||
| 54 | ** export: 0% reserved, labeled export, format as ext4, mounted at @/export@ |
||
| 55 | 1 | Joseph Foley | # Save changes |
| 56 | # The installation should continue for a while |
||
| 57 | |||
| 58 | h3. Picking server options |
||
| 59 | |||
| 60 | 3 | Joseph Foley | You'll have to pick a user. This is the default devnet user: |
| 61 | * user: devnet |
||
| 62 | * password: hakkavelin |
||
| 63 | |||
| 64 | Once everything is setup, you should delete the user (or change the password). _Avoid logging in as root unless absolutely necessary!_ |
||
| 65 | |||
| 66 | 1 | Joseph Foley | This may vary, but these are probably the settings you want: |
| 67 | * Basic Ubuntu Server |
||
| 68 | * SSH server |
||
| 69 | * Ubuntu Desktop |
||
| 70 | 3 | Joseph Foley | |
| 71 | h3. Kerberos (single sign on) and AFS |
||
| 72 | |||
| 73 | Follow the directions at https://samvinna.ru.is/projects/projects/devnet-documentation/wiki/AFS_Client_Installation |
||
| 74 | |||
| 75 | Very brief synopsis without some details: |
||
| 76 | # Install the packages. Remember that the Kerberos realm is DEV.RU.IS and theAFS cell is dev.ru.is. Case matters! |
||
| 77 | <pre> |
||
| 78 | sudo apt-get install krb5-auth-dialog krb5-user krb5-clients libpam-ccreds libpam-krb5 build-essential dkms linux-headers-`uname -r` openafs-modules-dkms openafs-{client,krb5} |
||
| 79 | </pre> |
||
| 80 | # Get a kerberos administrator (currently foley) to generate a keytab for @/etc/krb5.keytab@ |
||
| 81 | # Add the principals for administrators into @/root/.k5login@ |
||
| 82 | <pre> |
||
| 83 | foley@DEV.RU.IS |
||
| 84 | jg@DEV.RU.IS |
||
| 85 | simonhk@DEV.RU.IS |
||
| 86 | </pre> |
||
| 87 | # Reboot |
||
| 88 | # Adjust the @/etc/ssh/sshd_config@ settings to allow GSSAPI options (set them all to yes) |
||
| 89 | # see if you can ssh in using your DevNet @DEV.RU.IS principal to the root account |
||
| 90 | |||
| 91 | To add users, you need to find out the user's AFS ID. |
||
| 92 | # My AFS id is 7812 as below: |
||
| 93 | <pre> pts examine foley |
||
| 94 | libprot: unable to build security class (getting token) |
||
| 95 | libprot: Could not get afs tokens, running unauthenticated |
||
| 96 | Name: foley, id: 7812, owner: system:administrators, creator: foley.afsadm, |
||
| 97 | membership: 25, flags: S----, group quota: 20.</pre> |
||
| 98 | # sudo adduser --uid 7812 foley |
||
| 99 | ## Hit return when it asks for your password and do not retry |
||
| 100 | ## Fill out the user's information |