Title: WP4 handson workshop: EDG LCFGng exercises
1WP4 hands-on workshopEDG LCFGng exercises
2Overview
- LCFGng Exercises
- Simple reconfiguration of root password
- Changing polling interval, forcing profile
updates - Managing users
- Managing RPMs
- Installing and managing components
3Exercise 1Simple client reconfigurationchangin
g the root password of the client
4Simple client reconfiguration (I)
- Proceed
- Log on to the server XXX.cern.ch (see blackboard)
- As root, password XXXX (see blackboard)
- Log on your client
- As root machine name and password on blackboard
- On the server, start editing your machines
configuration file - cd /var/obj/conf/server/source
- vi or emacs ltmymachinegt
- Change the clients root password
- Use an encrypted password generated eg. with
perl - perl e print crypt(mypassword,rt)
- Change auth.rootpwd to the new encrypted password
5Simple client reconfiguration (II)
- Compile the profile using mkxprof, verifying that
no errors or warnings produced - /usr/sbin/mkxprof v ltmynodegt use v s for
updating web pg - Wait until the profile is propagated to the
client ( 60 seconds) - The client node is notified automatically of
changes using UDP, but sometimes UDP packages are
lost, so there is also a regular polling. - On the client, check that the configuration has
been received - Run qxprof qxprof auth.rootpwd
- On the client, check that /etc/shadow has been
updated properly. - Open another connection to the client, and verify
that your new root password actually works -) - On the client, check the auth log file in
/var/obj/log/auth
6Exercise 2Changing client polling interval,
force profile updates
7LCFGng polling and profile updates (I)
- The client.poll resource defines the polling
interval - qxprof client.poll
- Poll5m1m -gt this means that a poll is done
every 5 minutes plus a random interval ranging
from zero seconds to 1m. - To change the polling frequence, edit your client
component configuration file, and add a line - client.poll 1m1s
- This will set the polling to 1m and a random
interval of 1s. - Reminder the before client tells rdxprof
to overwrite an existing value. - Run mkxprof on the server
- Go to the client, wait for a moment and verify
that the polling interval has been changed in the
profile - qxprof client.poll
- Poll1m1s
8LCFGng polling and profile updates (II)
- You can now run ps auxwwwwwgrep client and
verify that the rdxprof process has now the new
poll interval. - LCFG profile updates can be forced by restarting
the client by hand. - /etc/obj/client restart will do this.
- This may be useful in case the client process
hangs for whatever reason.
9Exercise 3Adding users
10Adding users (I)
- Users have to be defined in the auth.XXX
resources. - auth.users space separated list of user login
names - auth.userpwd_ltuserXgt, auth.userhome_ltuserXgt,
auth.usergroup_ltuserXgt - But, if we want to ADD a user to the already
existing user list, we cant just redefine
auth.users! - If we define in a header file (animal-farm-users.h
) - auth.users napoleon squealer snowball
- And we want to add a user boxer in our
machines config file - include animal-farm-users.h
- auth.users boxer
- The end result will be only boxer! Since the
old value is overwritten. - The EXTRA macro defined in macros-cfg.h is useful
here. - include animal-farm-users.h
- EXTRA(auth.users) boxer
- The end result will be auth.users napoleon
squealer snowball boxer
11Adding users (II)
- Exercise
- Edit your machines configuration file, include
animal-farm-users.h, and add the following
user - Username Horse Boxer
- Login name boxer
- Encrypted password ltpick onegt
- Home directory /home/boxer
- Group farm
- Shell /bin/sh
- Hint have a look at how animal-farm-users.h
defines users -) - Hint2 use the EXTRA macro -)
- Compile the configuration with mkxprof
- On the client, verify that /etc/password and
/etc/shadow have been regenerated, and that the
home directory has been created.
12Adding users (III)
- Exercise (contd.)
- Removing users just remove all configuration
entries related to the user (or remove
appropriate include statements), and re-run
mkxprof. - Note that the home directories of removed users
are not deleted. - Homework Check the man page of the auth
component (man edg-lcfg-auth) for more resources
to configure.
13Exercise 4Adding and removing RPMs
14Adding and removing RPMs (I)
- In order to add/remove packages to a client, the
corresponding RPMs have to be added to the
Repository and to the RPM configuration files. - Updaterpms requires to generate special RPM
header files. These RPM header files are created
and updated by running make in the repository
area directories after downloading the RPMs. - Have a look at the Makefile under
/opt/local/linux/6.2/RPMS/LCFGng - The RPM configuration files are stored under
/opt/local/linux/6.2/rpmcfg - The configuration file is defined by the
component configuration resource
updaterpms.rpmcfg - Run on the client qxprof updaterpms.rpmcfg to
find out your configuration file.
15Adding and removing RPMs (II)
- Adding a RPM to the Repository
- Copy the RPM to the repository location on the
server, ie. - cp myrpm-1.2-3.noarch.rpm /opt/local/linux/6.2/RPM
S/WPx - Generate the RPM header file by issuing
- cd /opt/local/linux/6.2/RPMS/WPx make
- The header file is named as the original RPM
but starting with a . - Dont forget to run make!
- Removing a RPM from the Repository
- cd /opt/local/linux/6.2/RPMS/WPx
- rm myrpm-1.2-3 .myrpm-1.2.3 remove both RPM
and header
16Adding and removing RPMs (III)
- Adding an RPM to the configuration
- Include a line with a and the name of the
RPM. - The version and release can be specified, or set
to - which means take the latest
version-release of this package found on the
server - Example emacs-21.4-3 ? take the emacs 21.4
release 3 - Example xeyes-- ? take the latest version of
xeyes - Removing RPMs from the configuration listed in a
included template - Use the - prefix instead of for removing an
RPM even if it has been declared in a header
file. - Example -xeyes-- ? remove (any version of)
xeyes
17Adding and removing RPMs (IV)
- Ignoring locally installed RPMs
- By default, updaterpms removes all RPMs which
are not found in the RPM configuration file. - However, it is possible to avoid erasing some
RPMs by declaring them in the RPM configuration
file - xeyes--i ? keeps any version of xeyes you
have on the node. - It is also possible to set the updaterpms.localpkg
s resource to yes.
18Adding and removing RPMs (V)
- By default, updaterpms is started by via cron at
1 AM. It is not started automatically on config
changes. - Updaterpms can be also started by hand, by
running the updaterpms component - /etc/obj/updaterpms start
- Note that, if you use wildcards (-) in the RPM
config, the wilcard expansion is done when you
run updaterpms, and not when you run mkxprof! - Documentation man page for updaterpms (man
updaterpms), man page for the updaterpms
component (man edg-lcfg-updaterpms)
19Adding and removing RPMs (VI)
- Exercise Add RPMs to the configuration of your
node. - Edit in /opt/local/linux/6.2/rpmcfg your RPM
configuration file (hint use qxprof on the
client to find out which one to edit) - Add the following RPM package the latest version
of the package called edg-lcfg-syslog. - Start the updaterpms component. Verify that the
package has been installed by running rpm q
edg-lcfg-syslog. - Remove the package from the node using
rpm e edg-lcfg-syslog - Run again updaterpms. The package should be
installed again. - Edit the RPM configuration file, and remove the
line for edg-lcfg-syslog. - Start the updaterpms component verify that
edg-lcfg-syslog is removed.
20Exercise 5Adding, configuring, running
components
21Adding/configuring LCFGng components (I)
- LCFG components are packaged in two RPMs
- edg-lcfg-foo or lcfg-foo contains all necessary
files for the client - edg-lcfg-foo-defaults or lcfg-foo-defaults
contains the server default configuration. - The LCFGng server RPM can be installed with the
rpm command on the server, while as the client
RPM has to be installed with updaterpms on the
client (see exercise 4). - A component has to be also added to two component
resources - profile.components ? list of components
used on the client - boot.services ? list of components to start
at boot time - Each component requires also some specific
configuration - Pprofile.version_ltcomponentgt ? set to 1.
- ltcomponentXgt.resourceY (component specific
resources).
22Adding/configuring LCFGng components (II)
- Exercise Add the syslog component to your
client. - Verifications
- Verify that edg-lcfg-syslog RPMs are available on
the server (hint in the RPMS/LCFGng directory). - Verify that the RPM header files are also
there. - Verify that the server RPM is installed on the
server. - Add to your RPM configuration file the latest
version of edg-lcfg-syslog. - On the client, run /etc/obj/updaterpms start. The
RPM should be now installed - Verify with rpm q on client.
23Adding/configuring LCFGng components (III)
- On the client, read the edg-lcfg-syslog man page.
Look specially at the RESOURCES section. - (On the server), edit your component
configuration file, and - add the necessary entries for profile.components,
boot.services (use the EXTRA macro) - define profile.version_syslog to 1.
- Set the kern. messages to go to
/var/log/kernel.log (see the man page above!) - Run mkxprof. Verify on the client (with qxprof)
that the resources are OK. - On the client, start the syslog component with
/etc/obj/syslog start - From now on, the component is reconfigured
automatically. - Look at the /etc/syslog.conf file. Is the kern.
entry there? - Remove the kern. entry in the component
configuration file. Run mkxprof, and verify that
the kern. entry has been removed from
/etc/syslog.conf on the client.
24Adding/configuring LCFGng components (IV)
- The same principle described here applies to all
components. - Most components are included by default in the
EDG RPM and component configuration files. - However, they may require site-specific
configurations.