NP04 Computer Installation
Linux installation Service (aims2)
NP04 Linux computers are installed using the Automated Installation Management System service (AIMS2,
https://twiki.cern.ch/twiki/bin/view/LinuxSupport/Aims2).
- AIMS2 allows the user to perform remote PXE (Preboot eXecution Environment) installations, minimising human intervention.
- The system is based, and extends, the Kickstart software from the RedHat distribution.
Steps for Linux operating system installation.
- Register computers in Landb (network.cern.ch).
- For systems with multiple interfaces in Landb bind the MAC address to the interface.
- Responsible user -
NP04-NETWORK-ADMIN E-GROUP EP DT
- Main user -
NP04-ONL-ADMINS E-GROUP EP URD
- Enable PXE boots in the BIOS of each computer.
- Determine the kickstart file to use or create a new kickstart file. (np04online/ks)
Configure Computers with Ansible
Setup ansible.
- Login as yourself on np04-srv-010 (or srv-009)
- Use an existing np04online or get the np04online software NP04OnlineRepo.
-
cd np04online/ansible
-
source np04-ansible.sh
- This sets the environment variables to find the
hosts
and ansible.cfg
files in the np04online/ansible/playbook
directory.
Steps for a freshly installed computer.
- Add computer in
hosts
file (if a new computer)
-
np04online/ansible/playbooks/hosts
- Add DNS name of PC to appropriate sections in hosts file.
- Fix keytab file.
- Run once for each computer. (new-pc-name.cern.ch)
- Might be able to fix this in the kickstart file.
- ansible-playbook -k fix-keytab.yml --limit=new-pc-name.cern.ch
- Enter root password when prompted.
- Execute standard CERN puppet modules outside the computing center.
-
ansible-playbook locmap.yml --limit=computer.cern.ch
- Major os configurations after install (requires computer reboot)
-
ansible-playbook os.yml --limit=computer.cern.ch
- Disable selinux and firewall.
- Turn off yum autoupdates.
- Reboot computer to pick up selinux change.
- Configure computer for DAQ operations.
- mount nfs shares, add users, install software, turn on monitoring, daq
-
ansible-playbook config.yml
Other Actions
- Add users
- >
ansible-playbook users.yml
- Install software
- >
ansible-playbook install_software.yml
- Change network config
- >
ansible-playbook network.yml
- >
ansible-playbook tuned.yml
- > Set MTU to 9000
- Resize local home area and create volume for /scratch * >
umount /home; lvreduce -L 10G /dev/cc_np04-srv-029/home; mkfs.xfs -f /dev/cc_np04-srv-029/home ; mount /home; lvcreate -l 100%FREE -n scratch cc_np04-srv-029; mkfs.xfs /dev/cc_np04-srv-029/scratch; mkdir /scratch;
* > edit /etc/fstab
, and issue mount -a
Special Actions
Configure NFS Servers
NFS servers are np04-srv-007 and np04-srv-008
- Configure nfs1 - home and sw directories - np04-srv-007
- ansible-playbook lvm-nfs1.yml (uses lvm-nfs1.sh)
- ansible-playbook nfs1.yml (uses nfs1.exports)
- Configure nfs2 - rscratch and back directories - np04-srv-008
- ansible-playbook lvm-nfs2.yml (uses lvm-nfs2.sh)
- ansible-playbook nfs2.yml (uses nfs2.exports)
Installation
List each installation.
np04-srv-014 - 20-June-2019 used np04daq7.ks
- np04daq7.ks kickstart file was used.
- Computer rebooted.
- Access only with root password.
- No .k5login file for root created.
- In the past I have seen the root .k5login file created from the members of the Responsible user egroup.
-
ansible-playbook -k locmap.yml --limit=np04-srv-014.cern.ch
-
ansible-playbook -k os.yml --limit=np04-srv-014.cern.ch
- Reboot np04-srv-014 to pickup changes from
os.yml
playbook.
--
DavidGeoffreySavage - 2019-06-20