Installation Servers
Introduction
AIMS2 servers have two main roles. The first is to service client requests, handling new registrations, permissions checks and interaction with the database. The second role is to service TFTP requests. The following sections should outline how an AIMS2 server is configured and how (should you need to) deployed.
Installing from RPM
An AIMS2 server is best deployed from RPM. RPMs can be found at
/afs/cern.ch/project/linux/dev/aims2project/server...
Building a new RPM
tbc
Sources
Sources for
aims2server are available at
/afs/cern.ch/project/linux/dev/aims2project/server/
SOAP Interface
To connect to the SOAP interface, you need to use the following parameters in your connection method.
URI:
urn:/aims2server
PROXY:
http://SERVERNAME/aims2server/aims2server.cgi
SERVERNAME must match that of the defined Kerberos prinicpals. See
aims2krb for more information.
Modules
aims2server modules are installed in
/usr/lib/perl5/site_perl/aims2server/
For example,
..
use aims2server::ldap;
use aims2server::db;
..
Methods
Methods that the client are allowed to execute are documented in
soap.pm
and
server.pm
# These are our callable methods. Anything else will croak below.
for my $Method qw(AddHost RemoveHost GetHostByName AddImage RemoveImage GetImageByName ListAllImages EnablePXE DisablePXE HostHistory GetKickstartFile UpdateKickstartFile)
use subs qw(new SetUser AddImage RemoveImage GetImageByName AddHost RemoveHost GetHostByName EnablePXE DisablePXE GetKickstartFile UpdateKic
kstartFile RemoveKickstartFile);
Authentication
For more information on configuring the server for Kerberos authentication, take a look a the
aims2krb documentation.
Database
aims2server database supported is provided by Oracle.
The database configuration is set at
/etc/aims2/
After installing the RPM, this file must be updated.
Accessing the database via SQLPlus
To access the database directory, the following can be used
sqlplus aims2/PASSWORD@ITCORE
Server-side configuration
most AIMS2 server configuration comes from the
conf
table in the database (which has a simple schema of KEY/VALUE/DESCRIPTION), this includes the various credentials used for accessing other databases (such as CDB or LDAP or LANDB). Use interactive access, look for and/or update
CDB_CONN/CDB_USER/CDB_PASS
etc.
Synchronization Daemon
To maintain the server stays in sync with the database, each server has a daemon running. This daemon maintains a persistent connection to the database
Starting the daemon
/sbin/service aims2sync start
Stopping the daemon
/sbin/service aims2sync stop
Status and connection handling
The daemon will first place a running lock in
/tmp/aims2sync.RUNNING
. This lock must be in place for connections to the SOAP interface to be permitted. If the daemon is not running, you will see an error like
Error: Syncronisation is not enabled.
To resolve this, start the daemon.
During normal operation the daemon will maintain a connection to the database. If the connection fails for any reason, the daemon will disconnect from the database (if not already forced) and go to sleep for a period of
$DELAY
seconds. As this happens it will also send out a message to administrators that there is a problem. After
$DELAY
, the daemon will try to re-connect. The daemon will retry this until it can re-connect, each time sleeping for
$DELAY+RAND
. On re-connection, the daemon notifies server administrators that things are again OK.
Daemon Logging
The daemon will log output to
/var/log/lxsoft-aims2db-sync.log
TFTP Structure
The following directory structure (slight editted for your viewing pleasure) shows how an aims2 server /tftpboot/ is configured.
[root@lxsoft01 tftpboot]# ls -R | grep ":$" | sed -e 's/:$//' -e 's/[^-][^\/]*\//--/g' -e 's/^/ /' -e 's/-/|/'
|-aims2prod
|---boot
|-----IMAGENAME001
|-----IMAGENAME002..
|---loader
|---other
|-----util
|-------u-boot-3.8-i386-amccresetup
|---pxelinux.cfg
|-windows
|---config
|---isos
|---loader
|-----winxpe
|---trigger
Please note that
/pxelinux.cfg
and
/boot/
are dynamic directories, that is, their contents is maintained by the aims2 syncronisation daemon (
/bin/aims2sync
). You will not be able to manually add a configuration file (
01-*
) to the
/pxelinux.cfg
directory unless it is registered in the aims2 database. PXE menus configurations are not affected. Directories in
/boot
are maintained by the daemon. Any directory not known to the database is removed.
There is also a README within
/pxelinux.cfg
for more information.