Transcript WP4-install: LCFG components for EDG

Partner
Logo
WP4 hands-on workshop:
EDG LCFGng exercises
[email protected]
German Cancio – WP4-install LCFG HOW-TO - n° 1
Overview
LCFGng Exercises
1. Simple reconfiguration of root password
2. Changing polling interval, forcing profile updates
3. Managing users
4. Managing RPM’s
5. Installing and managing components
German Cancio – WP4-install LCFG HOW-TO - n° 2
Exercise 1:
Simple client reconfiguration:
changing the root password of the client
German Cancio – WP4-install LCFG HOW-TO - n° 3
Simple client reconfiguration (I)
Proceed:
1. Log on to the server XXX.cern.ch (see blackboard)
1. As root, password: XXXX (see blackboard)
2. Log on your client
1. As root; machine name and password on blackboard
3. On the server, start editing your machine’s configuration file
cd /var/obj/conf/server/source
vi or emacs <mymachine>
4. Change the client’s root password
1. Use an encrypted password generated eg. with perl:
2. perl –e ‘print crypt(“mypassword”,rt);’
3. Change auth.rootpwd to the new encrypted password
German Cancio – WP4-install LCFG HOW-TO - n° 4
Simple client reconfiguration (II)
5. Compile the profile using mkxprof, verifying that no errors or warnings
produced
/usr/sbin/mkxprof –v <mynode>
# use –v –s for updating web pg
6. Wait until the profile is propagated to the client (~ 60 seconds)
The client node is notified automatically of changes using UDP, but sometimes UDP
packages are lost, so there is also a regular polling.
7. On the client, check that the configuration has been received
Run qxprof: qxprof auth.rootpwd
8. On the client, check that /etc/shadow has been updated properly.
9. Open another connection to the client, and verify that your new root
password actually works ;-)
10. On the client, check the auth log file in /var/obj/log/auth
German Cancio – WP4-install LCFG HOW-TO - n° 5
Exercise 2:
Changing client polling interval,
force profile updates
German Cancio – WP4-install LCFG HOW-TO - n° 6
LCFGng polling and profile updates (I)

The client.poll resource defines the polling interval
qxprof client.poll
Poll=5m+1m -> this means that a poll is done every 5 minutes plus a random
interval ranging from zero seconds to 1m.

To change the polling frequence, edit your client component configuration
file, and add a line:
+client.poll




1m+1s
This will set the polling to 1m and a random interval of 1s.
Reminder: the ‘+’ before ‘client’ tells rdxprof to overwrite an existing value.
Run mkxprof on the server
Go to the client, wait for a moment and verify that the polling interval has
been changed in the profile
qxprof client.poll
Poll=1m+1s
German Cancio – WP4-install LCFG HOW-TO - n° 7
LCFGng polling and profile updates (II)
 You
can now run ‘ps –auxwwwww|grep client’ and verify that the
rdxprof process has now the new poll interval.
 LCFG


profile updates can be forced by restarting the client by hand.
/etc/obj/client restart will do this.
This may be useful in case the client process ‘hangs’ for whatever reason.
German Cancio – WP4-install LCFG HOW-TO - n° 8
Exercise 3:
Adding users
German Cancio – WP4-install LCFG HOW-TO - n° 9
Adding users (I)

Users have to be defined in the auth.XXX resources.



auth.users: space separated list of user login names
auth.userpwd_<userX>, auth.userhome_<userX>,
auth.usergroup_<userX> …
But, if we want to ADD a user to the already existing user list, we can’t just
redefine auth.users!

If we define in a header file (animal-farm-users.h)
auth.users

napoleon squealer snowball
And we want to add a user ‘boxer’ in our machine’s config file
#include “animal-farm-users.h”
+auth.users
boxer
The end result will be only ‘boxer’! Since the old value is overwritten.

The EXTRA macro defined in macros-cfg.h is useful here.
#include “animal-farm-users.h”
EXTRA(auth.users) boxer

The end result will be: auth.users
napoleon squealer snowball boxer
German Cancio – WP4-install LCFG HOW-TO - n° 10
Adding users (II)
Exercise:

Edit your machine’s configuration file, include “animal-farm-users.h”, and
add the following user:






Username: “Horse Boxer”
Login name: boxer
Encrypted password: <pick one>
Home directory: /home/boxer
Group: farm
Shell: /bin/sh

Hint: have a look at how ‘animal-farm-users.h’ defines users ;-)

Hint2: use the EXTRA macro ;-)

Compile the configuration with mkxprof

On the client, verify that /etc/password and /etc/shadow have been
regenerated, and that the home directory has been created.
German Cancio – WP4-install LCFG HOW-TO - n° 11
Adding users (III)
Exercise (contd.):
 Removing
users: just remove all configuration entries related to the
user (or remove appropriate #include statements), and re-run
mkxprof.
 Note
that the home directories of removed users are not deleted.
 Homework:
Check the man page of the auth component (man edglcfg-auth) for more resources to configure.
German Cancio – WP4-install LCFG HOW-TO - n° 12
Exercise 4:
Adding and removing RPMs
German Cancio – WP4-install LCFG HOW-TO - n° 13
Adding and removing RPM’s (I)


In order to add/remove packages to a client, the corresponding RPM’s have
to be added to the Repository and to the RPM configuration files.
Updaterpms requires to generate special ‘RPM header files’. These RPM
header files are created and updated by running ‘make’ in the repository
area directories after downloading the RPM’s.



Have a look at the Makefile under /opt/local/linux/6.2/RPMS/LCFGng
The RPM configuration files are stored under
/opt/local/linux/6.2/rpmcfg
The configuration file is defined by the component configuration resource
updaterpms.rpmcfg

Run on the client: qxprof updaterpms.rpmcfg to find out your configuration
file.
German Cancio – WP4-install LCFG HOW-TO - n° 14
Adding and removing RPMs (II)
 Adding

a RPM to the Repository:
Copy the RPM to the repository location on the server, ie.
cp myrpm-1.2-3.noarch.rpm /opt/local/linux/6.2/RPMS/WPx

Generate the RPM ‘header’ file by issuing
cd /opt/local/linux/6.2/RPMS/WPx; make


The ‘header’ file is named as the original RPM but starting with a ‘.’
Don’t forget to run make!
 Removing
a RPM from the Repository
cd /opt/local/linux/6.2/RPMS/WPx
rm myrpm-1.2-3 .myrpm-1.2.3
# remove both RPM and header
German Cancio – WP4-install LCFG HOW-TO - n° 15
Adding and removing RPMs (III)
 Adding




an RPM to the configuration:
Include a line with a ‘+’ and the name of the RPM.
The version and release can be specified, or set to ‘*-*’ which means:
take the latest version-release of this package found on the server
Example: +emacs-21.4-3
 take the emacs 21.4 release 3
Example: +xeyes-*-*
 take the latest version of xeyes
 Removing


RPM’s from the configuration listed in a included template:
Use the ‘-’ prefix instead of ‘+’ for removing an RPM even if it has been
declared in a header file.
Example: -xeyes-*-*
 remove (any version of) xeyes
German Cancio – WP4-install LCFG HOW-TO - n° 16
Adding and removing RPM’s (IV)
 Ignoring




locally installed RPM’s:
By default, updaterpms removes all RPM’s which are not found in the
RPM configuration file.
However, it is possible to avoid erasing some RPM’s by declaring them in
the RPM configuration file:
xeyes-*-*:i
 keeps any version of xeyes you have on the node.
It is also possible to set the updaterpms.localpkgs resource to ‘yes’.
German Cancio – WP4-install LCFG HOW-TO - n° 17
Adding and removing RPMs (V)
 By
default, updaterpms is started by via cron at 1 AM. It is not started
automatically on config changes.
 Updaterpms
component:
can be also started by hand, by running the updaterpms
/etc/obj/updaterpms start
 Note
that, if you use wildcards (*-*) in the RPM config, the wilcard
expansion is done when you run updaterpms, and not when you run
mkxprof!
 Documentation:
man page for updaterpms (man updaterpms), man page
for the updaterpms component (man edg-lcfg-updaterpms)
German Cancio – WP4-install LCFG HOW-TO - n° 18
Adding and removing RPMs (VI)
Exercise: Add RPM’s to the configuration of your node.
1. Edit in /opt/local/linux/6.2/rpmcfg your RPM configuration file
(hint: use qxprof on the client to find out which one to edit)
2. Add the following RPM package: the latest version of the package called
“edg-lcfg-syslog”.
3. Start the updaterpms component. Verify that the package has been
installed by running ‘rpm –q edg-lcfg-syslog’.
4. Remove the package from the node using
‘rpm –e edg-lcfg-syslog’
5. Run again updaterpms. The package should be installed again.
6. Edit the RPM configuration file, and remove the line for edg-lcfg-syslog.
7. Start the updaterpms component; verify that edg-lcfg-syslog is removed.
German Cancio – WP4-install LCFG HOW-TO - n° 19
Exercise 5:
Adding, configuring, running components
German Cancio – WP4-install LCFG HOW-TO - n° 20
Adding/configuring LCFGng components (I)

LCFG components are packaged in two RPM’s:





edg-lcfg-foo or lcfg-foo: contains all necessary files for the client
edg-lcfg-foo-defaults or lcfg-foo-defaults: contains the server default
configuration.
The LCFGng server RPM can be installed with the rpm command on the
server, while as the client RPM has to be installed with updaterpms on the
client (see exercise 4).
A component has to be also added to two component resources:

profile.components
 list of components used on the client

boot.services
 list of components to start at boot time
Each component requires also some specific configuration:


Pprofile.version_<component>
<componentX>.resourceY …
 set to 1.
(component specific resources).
German Cancio – WP4-install LCFG HOW-TO - n° 21
Adding/configuring LCFGng components (II)
Exercise: Add the syslog component to your client.
1.
Verifications:
a) Verify that edg-lcfg-syslog RPMs are available on the server (hint:
in the RPMS/LCFGng directory).
b) Verify that the RPM ‘header’ files are also there.
c) Verify that the server RPM is installed on the server.
2.
3.
Add to your RPM configuration file the latest version of edg-lcfgsyslog.
On the client, run /etc/obj/updaterpms start. The RPM should
be now installed
•
Verify with rpm –q on client.
German Cancio – WP4-install LCFG HOW-TO - n° 22
Adding/configuring LCFGng components (III)
4. On the client, read the edg-lcfg-syslog man page. Look specially at the
‘RESOURCES’ section.
5. (On the server), edit your component configuration file, and
•
add the necessary entries for profile.components, boot.services (use
the EXTRA macro)
•
define profile.version_syslog to 1.
•
Set the kern.* messages to go to /var/log/kernel.log (see the man page
above!)
6. Run mkxprof. Verify on the client (with qxprof) that the resources are
OK.
7. On the client, start the syslog component with
/etc/obj/syslog start
8. From now on, the component is reconfigured automatically.
9. Look at the /etc/syslog.conf file. Is the kern.* entry there?
10. Remove the kern.* entry in the component configuration file. Run mkxprof,
and verify that the kern.* entry has been removed from /etc/syslog.conf
on the client.
German Cancio – WP4-install LCFG HOW-TO - n° 23
Adding/configuring LCFGng components (IV)
 The
same principle described here applies to all components.
 Most
components are included by default in the EDG RPM and
component configuration files.
 However,
they may require site-specific configurations.
German Cancio – WP4-install LCFG HOW-TO - n° 24