Hi:
Traylen, SM (Steve) writes:
>
> I am just in the process of setting up LCFG to control
> some boxes and have a number of questions about
> things I am presently unsure of. There are quite a few
> questions here I am afraid.
>
> o Do all the objects mentioned in
> http://iven.home.cern.ch/iven/lcfg/lcfg-install.html
> exist. In particular has someone written a obj-xntpd before
> I go and write one?
I have requested this several times, but never got an answer. it's
interesting that the following line appears in /etc/dhcpd.conf:
#option time-servers 137.138.16.69;
I think this line was in the CERN version I started from.
> o I have mkxprof running as a daemon on the server and
> rdxprof polling on the client. They are doing a fine job
> updating the local DBM files on each client. This
> information is currently not being processed into
> the clients config files other than at boot time
> when lcfg.init is launched from init. Should I have
> a cron job running or something to process the updated
> DBM files on each client? I had thought I had only
> needed this for rpm updates.
Some things happen automagically, some need an explicit update.
RPM updates seem to happen by themselves. Things like NFS mounting
don't.
You can do this on a client to force things.
/etc/obj/globus run
I wouldn't do a cron script since you might wind up doing something
you don't want to do.
Also, did you discover already that there is usually one crucial file
you must update before a client "sees" that its profile has changed?
mkxprof will run fine oh wait ... you are running mkxprof as a
daemon. That was deprecated a few months ago. Current solution (see
INFN's LCFG page) is to run mkxprof by hand, and run rdxprof as a
daemon.
> o As a stopgap for the lack of a obj-xntpd I have been using
> the filecopy object to install a ntp.conf for the RAL
> environment. This is fine but I am not sure if there is
> a resource that contains a list of init.d services to
> be started at boot time rather than a list of LCFG objects
> to be started.
Nose around in /var/obj/conf/profile/source, you will find lines like
boot.services syslog update auth inet mailng profile nfsmount
make sure xntpd is included.
> o I would be interested to know what method people are using for
> transferring and preserving ssh_keys and gatekeeper keys during LCFG
> installation and possibly reinstallation.
We put our gatekeeper keys in a shared directory on the LCFG server,
and this directory is mounted by all clients that need it. The name
of the key/cert files need to include more info than just
"hostcert.pem", e.g. "CE_hostcert.pem" or "grid001-hostcert.pem" would
work, since there is typically more than one key/cert in this
directory. We haven't got a way to preserve ssh keys yet.
JT
|