Difference between revisions of "Physical server setup"

From PrgmrWiki
Line 27: Line 27:
  
 
=console server setup=
 
=console server setup=
The opengear console server ports should be configured with the gui. The cyclades ts series  
+
*The opengear console server ports should be configured with the gui. The cyclades ts series ports are configured in /etc/portslave/pslave.conf. If the speed should be different than the default speed (set by all.speed) then set it and the name of the port. See ftp://ftp.cyclades.com/pub/cyclades/cyclades-ts/doc/V_1.4.0/TS140_Manual.pdf
 +
<pre>
 +
s3.tty  ttyS3                                                               
 +
s3.serverfarm  hydra.prgmr.com                                             
 +
s3.speed        115200
 +
</pre>
 +
*Then restart the daemon with the new configuration and save the configuration.
 +
<pre>
 +
[root@???????? /root]# saveconf
 +
Checking the configuration file list...
 +
Compressing configuration files into /tmp/saving_config.tar.gz ... done.
 +
Saving configuration files to flash ... done.
 +
Mar 13 22:29:17 s_evt@???????? 2000-3-14T5:29:17Z ?.?.?.? EVT[14]: Configuration saved to flash. User: root.
 +
</pre>
 
=pdu setup=
 
=pdu setup=
==turn on the port==
+
*turn on the port==
==set the name of the port to the hostname==
+
*set the name of the port to the hostname==
 
=pxe setup=
 
=pxe setup=
==add the host to dhcpd.conf on the appropriate dhcp server==
+
*add the host to dhcpd.conf on the appropriate dhcp server
==setup a pxe configuration file named as the mac address in the tftpboot directory==
+
<pre>
==make a kickstart file referred from the pxe configuration file==
+
host table.prgmr.com {
 +
        hardware ethernet 00:25:90:15:ed:9c;
 +
        fixed-address 64.62.205.207;
 +
        option host-name "table.prgmr.com";
 +
        next-server 216.218.210.87;
 +
        filename "pxelinux.0";
 +
}
 +
</pre>
 +
*The next-server line refers to a tftp server with the pxelinux bootloader, and its convenient for it to also be the dhcp server. In debian, install the syslinux package to get the pxelinux bootloader. When the pxelinux.0 file is in the root directory of the tftp server, the pxe booting server downloads it which then tries to download a file from pxelinux.cfg/ named as an arp type code number then the mac address separated with dashes, or named as the ip address encoded in hex. See http://syslinux.zytor.com/wiki/index.php/PXELINUX.
 +
<pre>
 +
nick@dhcpserver:~$ cat /var/lib/tftpboot/pxelinux.cfg/01-00-25-90-1e-69-9a
 +
SERIAL 0 38400
 +
default centos
 +
label centos
 +
kernel vmlinuz
 +
append initrd=initrd.img serial console=ttyS0,38400n8 ks=http://www.example.net/example-ks.cfg
 +
#append initrd=initrd.img serial console=ttyS0,38400n8
 +
#append initrd=initrd.img serial console=ttyS0,38400n8 rescue
 +
</pre>
 +
*The pxelinux.cfg file refers to the centos installer kernel and initrd which also go in the tftp root directory. They could be downloaded, for example, from http://mirrors.kernel.org/centos/5/os/x86_64/images/pxeboot/. The pxelinux.cfg file also sets the serial console speed of the pxelinux bootloader and on the kernel command line of the installer. The kickstart file is also on the kernel command line, and if the ksdevice option is given anaconda will run totally automatically. See http://fedoraproject.org/wiki/Anaconda/Options and http://fedoraproject.org/wiki/Anaconda/Kickstart for more info about anaconda and kickstart.
 +
*The kickstart file tells what ip address to statically set the server to, what packages to install, and how to setup the filesystems. It also has a %post section where commands can run in a chroot after the rest of the installation is finished as if they were on the running server, before the installer reboots. One easy way to get an example kickstart file, is to go through an installation with anaconda interactively, then a kickstart file with the options chosen will be saved in /root/anaconda-ks.cfg.
 +
<pre>
 +
# Kickstart file automatically generated by anaconda.
 +
 
 +
install
 +
url --url http://mirrors.kernel.org/centos/5/os/x86_64
 +
lang en_US.UTF-8
 +
keyboard us
 +
network --device eth1 --bootproto static --ip 64.62.173.118 --netmask 255.255.255.128 --gateway 64.62.173.1 --nameserver 216.218.223.67,38.99.2.224 --hostname coral.prgmr.com
 +
rootpw --iscrypted $md5rootpasswordhashgoeshere$
 +
firewall --enabled --port=22:tcp
 +
services --enabled=ntpd
 +
authconfig --enableshadow --enablemd5
 +
selinux --enforcing
 +
timezone --utc America/Los_Angeles
 +
bootloader --location=mbr --driveorder=sda,sdd,sdc,sdb --append="console=tty0 console=ttyS0,38400n8"
 +
reboot
 +
# The following is the partition information you requested
 +
# Note that any partitions you deleted are not expressed
 +
# here so unless you clear all partitions first, this is
 +
# not guaranteed to work
 +
clearpart --all --initlabel --drives=sda,sdb,sdc,sdd
 +
part raid.1 --ondisk sda --size 10240 --asprimary
 +
part raid.2 --ondisk sda --size 1420256 --asprimary
 +
part raid.3 --ondisk sdb --size 10240 --asprimary
 +
part raid.4 --ondisk sdb --size 1420256 --asprimary
 +
part raid.5 --ondisk sdc --size 10240 --asprimary
 +
part raid.6 --ondisk sdc --size 1420256 --asprimary
 +
part raid.7 --ondisk sdd --size 10240 --asprimary
 +
part raid.8 --ondisk sdd --size 1420256 --asprimary
 +
raid / --fstype ext3 --level=RAID1 --device=md0 raid.1 raid.3 raid.5 raid.7
 +
raid pv.10 --fstype "physical volume (LVM)" --level=RAID10 --device=md1 raid.2 raid.4 raid.6 raid.8
 +
volgroup guests --pesize=131072 pv.10
 +
logvol /home --fstype ext3 --fsoptions="noexec" --name=coral_home --vgname=guests --size=10240
 +
logvol /var --fstype ext3 --fsoptions="noexec" --name=coral_var --vgname=guests --size=4096
 +
logvol /distros --fstype ext3 --fsoptions="noexec,ro" --name=distros --vgname=guests --size=3072
 +
logvol /tmp --fstype ext3 --fsoptions="noexec" --name=coral_tmp --vgname=guests --size=1024
 +
logvol swap --fstype=swap --name=coral_swap --vgname=guests --size=1024
 +
 
 +
%packages
 +
@base
 +
@core
 +
@dialup
 +
@editors
 +
@text-internet
 +
keyutils
 +
fipscheck
 +
device-mapper-multipath
 +
bridge-utils
 +
ntp
 +
SDL
 +
mesa-libGL
 +
xz-libs
 +
-autofs
 +
-bluez-libs
 +
-avahi
 +
-pcsc-lite
 +
-wireless-tools
 +
-rhpl
 +
-NetworkManager
 +
-redhat-lsb
 +
-bluez-utils
 +
-cups
 +
-system-config-network-tui
 +
-firstboot-tui
 +
-ccid
 +
-ifd-egate
 +
-coolkey
 +
screen
 +
 
 +
%post
 +
cat > /etc/smartd.conf << EOF
 +
#does a short selftest every day and a long self test every saturday
 +
#logs the tests and errors and sends emails to luke daily when there is a problem and when smartd starts
 +
/dev/sda -d ata -a -s (S/../.././02|L/../../6/03) -l selftest -l error -m lsc@prgmr.com -M daily -M test
 +
/dev/sdb -d ata -a -s (S/../.././03|L/../../6/04) -l selftest -l error -m lsc@prgmr.com -M daily -M test
 +
/dev/sdc -d ata -a -s (S/../.././04|L/../../6/05) -l selftest -l error -m lsc@prgmr.com -M daily -M test
 +
/dev/sdd -d ata -a -s (S/../.././05|L/../../6/06) -l selftest -l error -m lsc@prgmr.com -M daily -M test
 +
EOF
 +
 
 +
e2label /dev/guests/distros DISTROS
 +
 
 +
mkdir /mnt/src
 +
mkdir /mnt/install
 +
mkdir /mnt/dst
 +
 
 +
lvcreate -C y -L 2G -n i386rescue guests
 +
lvcreate -C y -L 2G -n amd64rescue guests
 +
parted --script /dev/mapper/guests-i386rescue 'mklabel msdos mkpart primary 0 2147'
 +
parted --script /dev/mapper/guests-amd64rescue 'mklabel msdos mkpart primary 0 2147'
 +
kpartx -a /dev/mapper/guests-i386rescue
 +
kpartx -a /dev/mapper/guests-amd64rescue
 +
mkfs.ext3 -L RESCUE /dev/mapper/guests-i386rescue1
 +
mkfs.ext3 -L RESCUE /dev/mapper/guests-amd64rescue1
 +
 
 +
#change sshd_config settings
 +
perl -p -i -e "s/#PermitRootLogin yes/PermitRootLogin no/g" /etc/ssh/sshd_config
 +
perl -p -i -e "s/PasswordAuthentication yes/PasswordAuthentication no/g" /etc/ssh/sshd_config
 +
</pre>
 
=network boot the server=
 
=network boot the server=

Revision as of 07:41, 4 February 2011

switch setup

The dell, cisco (except for catos), hp and foundry switches all use a fairly similar cisco ios-like syntax. CatOS is totally different (and evil). These examples are from a cisco 3750 but other ios-like switch command lines are similar.

  • set the switch port to the right vlan
daiba#configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
daiba(config)#interface GigabitEthernet1/0/2
daiba(config-if)#switchport mode access
daiba(config-if)#switchport access vlan 42
  • set the port description to the hostname of the server
daiba(config-if)#description exampleserver.prgmr.com
  • The new configuration is now active, but it should be saved.
daiba(config-if)#exit
daiba(config)#exit
daiba#
32w4d: %SYS-5-CONFIG_I: Configured from console by console              
daiba#copy run start
Destination filename [startup-config]? 
Building configuration...
[OK]
daiba#

console server setup

s3.tty  ttyS3                                                                 
s3.serverfarm   hydra.prgmr.com                                               
s3.speed        115200
  • Then restart the daemon with the new configuration and save the configuration.
[root@???????? /root]# saveconf
Checking the configuration file list...
Compressing configuration files into /tmp/saving_config.tar.gz ... done.
Saving configuration files to flash ... done.
Mar 13 22:29:17 s_evt@???????? 2000-3-14T5:29:17Z ?.?.?.? EVT[14]: Configuration saved to flash. User: root.

pdu setup

  • turn on the port==
  • set the name of the port to the hostname==

pxe setup

  • add the host to dhcpd.conf on the appropriate dhcp server
host table.prgmr.com {
        hardware ethernet 00:25:90:15:ed:9c;
        fixed-address 64.62.205.207;
        option host-name "table.prgmr.com";
        next-server 216.218.210.87;
        filename "pxelinux.0";
}
  • The next-server line refers to a tftp server with the pxelinux bootloader, and its convenient for it to also be the dhcp server. In debian, install the syslinux package to get the pxelinux bootloader. When the pxelinux.0 file is in the root directory of the tftp server, the pxe booting server downloads it which then tries to download a file from pxelinux.cfg/ named as an arp type code number then the mac address separated with dashes, or named as the ip address encoded in hex. See http://syslinux.zytor.com/wiki/index.php/PXELINUX.
nick@dhcpserver:~$ cat /var/lib/tftpboot/pxelinux.cfg/01-00-25-90-1e-69-9a 
SERIAL 0 38400
default centos
label centos
kernel vmlinuz
append initrd=initrd.img serial console=ttyS0,38400n8 ks=http://www.example.net/example-ks.cfg
#append initrd=initrd.img serial console=ttyS0,38400n8 
#append initrd=initrd.img serial console=ttyS0,38400n8 rescue
  • The pxelinux.cfg file refers to the centos installer kernel and initrd which also go in the tftp root directory. They could be downloaded, for example, from http://mirrors.kernel.org/centos/5/os/x86_64/images/pxeboot/. The pxelinux.cfg file also sets the serial console speed of the pxelinux bootloader and on the kernel command line of the installer. The kickstart file is also on the kernel command line, and if the ksdevice option is given anaconda will run totally automatically. See http://fedoraproject.org/wiki/Anaconda/Options and http://fedoraproject.org/wiki/Anaconda/Kickstart for more info about anaconda and kickstart.
  • The kickstart file tells what ip address to statically set the server to, what packages to install, and how to setup the filesystems. It also has a %post section where commands can run in a chroot after the rest of the installation is finished as if they were on the running server, before the installer reboots. One easy way to get an example kickstart file, is to go through an installation with anaconda interactively, then a kickstart file with the options chosen will be saved in /root/anaconda-ks.cfg.
# Kickstart file automatically generated by anaconda.

install
url --url http://mirrors.kernel.org/centos/5/os/x86_64
lang en_US.UTF-8
keyboard us
network --device eth1 --bootproto static --ip 64.62.173.118 --netmask 255.255.255.128 --gateway 64.62.173.1 --nameserver 216.218.223.67,38.99.2.224 --hostname coral.prgmr.com
rootpw --iscrypted $md5rootpasswordhashgoeshere$
firewall --enabled --port=22:tcp
services --enabled=ntpd
authconfig --enableshadow --enablemd5
selinux --enforcing
timezone --utc America/Los_Angeles
bootloader --location=mbr --driveorder=sda,sdd,sdc,sdb --append="console=tty0 console=ttyS0,38400n8"
reboot
# The following is the partition information you requested
# Note that any partitions you deleted are not expressed
# here so unless you clear all partitions first, this is
# not guaranteed to work
clearpart --all --initlabel --drives=sda,sdb,sdc,sdd
part raid.1 --ondisk sda --size 10240 --asprimary
part raid.2 --ondisk sda --size 1420256 --asprimary
part raid.3 --ondisk sdb --size 10240 --asprimary
part raid.4 --ondisk sdb --size 1420256 --asprimary
part raid.5 --ondisk sdc --size 10240 --asprimary
part raid.6 --ondisk sdc --size 1420256 --asprimary
part raid.7 --ondisk sdd --size 10240 --asprimary
part raid.8 --ondisk sdd --size 1420256 --asprimary
raid / --fstype ext3 --level=RAID1 --device=md0 raid.1 raid.3 raid.5 raid.7 
raid pv.10 --fstype "physical volume (LVM)" --level=RAID10 --device=md1 raid.2 raid.4 raid.6 raid.8
volgroup guests --pesize=131072 pv.10
logvol /home --fstype ext3 --fsoptions="noexec" --name=coral_home --vgname=guests --size=10240
logvol /var --fstype ext3 --fsoptions="noexec" --name=coral_var --vgname=guests --size=4096
logvol /distros --fstype ext3 --fsoptions="noexec,ro" --name=distros --vgname=guests --size=3072
logvol /tmp --fstype ext3 --fsoptions="noexec" --name=coral_tmp --vgname=guests --size=1024
logvol swap --fstype=swap --name=coral_swap --vgname=guests --size=1024

%packages
@base
@core
@dialup
@editors
@text-internet
keyutils
fipscheck
device-mapper-multipath
bridge-utils
ntp
SDL
mesa-libGL
xz-libs
-autofs
-bluez-libs
-avahi
-pcsc-lite
-wireless-tools
-rhpl
-NetworkManager
-redhat-lsb
-bluez-utils
-cups
-system-config-network-tui
-firstboot-tui
-ccid
-ifd-egate
-coolkey
screen

%post
cat > /etc/smartd.conf << EOF
#does a short selftest every day and a long self test every saturday
#logs the tests and errors and sends emails to luke daily when there is a problem and when smartd starts
/dev/sda -d ata -a -s (S/../.././02|L/../../6/03) -l selftest -l error -m lsc@prgmr.com -M daily -M test
/dev/sdb -d ata -a -s (S/../.././03|L/../../6/04) -l selftest -l error -m lsc@prgmr.com -M daily -M test
/dev/sdc -d ata -a -s (S/../.././04|L/../../6/05) -l selftest -l error -m lsc@prgmr.com -M daily -M test
/dev/sdd -d ata -a -s (S/../.././05|L/../../6/06) -l selftest -l error -m lsc@prgmr.com -M daily -M test
EOF

e2label /dev/guests/distros DISTROS

mkdir /mnt/src
mkdir /mnt/install
mkdir /mnt/dst

lvcreate -C y -L 2G -n i386rescue guests
lvcreate -C y -L 2G -n amd64rescue guests
parted --script /dev/mapper/guests-i386rescue 'mklabel msdos mkpart primary 0 2147'
parted --script /dev/mapper/guests-amd64rescue 'mklabel msdos mkpart primary 0 2147'
kpartx -a /dev/mapper/guests-i386rescue
kpartx -a /dev/mapper/guests-amd64rescue
mkfs.ext3 -L RESCUE /dev/mapper/guests-i386rescue1
mkfs.ext3 -L RESCUE /dev/mapper/guests-amd64rescue1

#change sshd_config settings
perl -p -i -e "s/#PermitRootLogin yes/PermitRootLogin no/g" /etc/ssh/sshd_config
perl -p -i -e "s/PasswordAuthentication yes/PasswordAuthentication no/g" /etc/ssh/sshd_config

network boot the server