[Rocks-Discuss] 411 and extend-compute.xml not applied to new compute nodes
Scott Roberts
What logs can I examine to determine why my 411 and extend-compute.xml settings are not being applied to new compute nodes, or nodes that I've just rebuilt? In all fairness, this behavior didn't manifest itself until I attempted to run "rocks update". However, "rocks create distro" completes with no errors, and my 411 and extend-compute.xml did not change.
Any help would be greatly appreciated!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2207 bytes
Desc: not available
Url : https://lists.sdsc.edu/pipermail/npaci-rocks-discussion/attachments/20111014/40d7073a/smime.p7s
Anoop Rajendra
# rocks list host profile <nodename>
-a
Scott Roberts
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: r4n4.txt
Url: https://lists.sdsc.edu/pipermail/npaci-rocks-discussion/attachments/20111014/0e833b06/r4n4.txt
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2207 bytes
Desc: not available
Url : https://lists.sdsc.edu/pipermail/npaci-rocks-discussion/attachments/20111014/0e833b06/smime.p7s
Anoop Rajendra
includes the extend-compute.xml configuration.
However extend-compute.xml is creating directories in /home on the
compute nodes. This will not work because the /home directory on
compute nodes is automounted from the frontend.
Since there is other content in extend-compute.xml, have you made sure
that they were also not run? For example, you've turned iptables and
cpuspeed services off. Have you checked whether they were indeed
turned off?
WRT 411, what is the exact error you're seeing?
What is the output of
# rocks sync users
-a
Scott Roberts
OK, yes, iptables and cpuspeed services are off. So perhaps it is just a problem with 411. Specifically, my Files.mk contains:
FILES = $(AUTOMOUNT) \
/etc/ldap.conf \
/etc/openldap/ldap.conf \
/etc/nsswitch.conf \
/etc/pam.d/system-auth \
/etc/auto.master \
/etc/auto.clsp \
/etc/auto.home \
/etc/auto.export \
/etc/auto.corpora \
/etc/auto.hynek \
/etc/profile.d/hltcoe.csh \
/etc/profile.d/hltcoe.sh \
/etc/profile.d/java.csh \
/etc/profile.d/java.sh
None of the auto or profile.d files are copied to r4n4 as part of the build, and "rocks sync host" has no effect.
# rocks sync users
Reloading maps
Reloading maps
Reloading maps
Reloading maps
Reloading maps
Reloading maps
Reloading maps
Reloading maps
make: Entering directory `/var/411'
rm -rf /etc/411.d/*
make
make[1]: Entering directory `/var/411'
/opt/rocks/sbin/411put --comment="#" /etc/auto.clsp
411 Wrote: /etc/411.d/etc.auto..clsp
Size: 579/253 bytes (encrypted/plain)
/opt/rocks/sbin/411put --comment="#" /etc/auto.clsp
411 Wrote: /etc/411.d/etc.auto..clsp
Size: 579/253 bytes (encrypted/plain)
/opt/rocks/sbin/411put --comment="#" /etc/auto.corpora
411 Wrote: /etc/411.d/etc.auto..corpora
Size: 611/276 bytes (encrypted/plain)
/opt/rocks/sbin/411put --comment="#" /etc/auto.corpora
411 Wrote: /etc/411.d/etc.auto..corpora
Size: 611/276 bytes (encrypted/plain)
/opt/rocks/sbin/411put --comment="#" /etc/auto.export
411 Wrote: /etc/411.d/etc.auto..export
Size: 611/275 bytes (encrypted/plain)
/opt/rocks/sbin/411put --comment="#" /etc/auto.export
411 Wrote: /etc/411.d/etc.auto..export
Size: 611/275 bytes (encrypted/plain)
/opt/rocks/sbin/411put --comment="#" /etc/auto.home
411 Wrote: /etc/411.d/etc.auto..home
Size: 599/269 bytes (encrypted/plain)
/opt/rocks/sbin/411put --comment="#" /etc/auto.home
411 Wrote: /etc/411.d/etc.auto..home
Size: 599/269 bytes (encrypted/plain)
/opt/rocks/sbin/411put --comment="#" /etc/auto.hynek
411 Wrote: /etc/411.d/etc.auto..hynek
Size: 599/270 bytes (encrypted/plain)
/opt/rocks/sbin/411put --comment="#" /etc/auto.hynek
411 Wrote: /etc/411.d/etc.auto..hynek
Size: 599/270 bytes (encrypted/plain)
/opt/rocks/sbin/411put --comment="#" /etc/auto.master
411 Wrote: /etc/411.d/etc.auto..master
Size: 8003/5744 bytes (encrypted/plain)
/opt/rocks/sbin/411put --comment="#" /etc/auto.master
411 Wrote: /etc/411.d/etc.auto..master
Size: 8003/5744 bytes (encrypted/plain)
/opt/rocks/sbin/411put --comment="#" /etc/auto.misc
411 Wrote: /etc/411.d/etc.auto..misc
Size: 1462/905 bytes (encrypted/plain)
/opt/rocks/sbin/411put --comment="#" /etc/auto.net
411 Wrote: /etc/411.d/etc.auto..net
Size: 2739/1852 bytes (encrypted/plain)
/opt/rocks/sbin/411put --comment="#" /etc/auto.share
411 Wrote: /etc/411.d/etc.auto..share
Size: 490/190 bytes (encrypted/plain)
/opt/rocks/sbin/411put --comment="#" /etc/auto.smb
411 Wrote: /etc/411.d/etc.auto..smb
Size: 1702/1084 bytes (encrypted/plain)
/opt/rocks/sbin/411put --comment="#" /etc/ldap.conf
411 Wrote: /etc/411.d/etc.ldap..conf
Size: 16842/12293 bytes (encrypted/plain)
/opt/rocks/sbin/411put --comment="#" /etc/openldap/ldap.conf
411 Wrote: /etc/411.d/etc.openldap.ldap..conf
Size: 1033/590 bytes (encrypted/plain)
/opt/rocks/sbin/411put --comment="#" /etc/nsswitch.conf
411 Wrote: /etc/411.d/etc.nsswitch..conf
Size: 3505/2417 bytes (encrypted/plain)
/opt/rocks/sbin/411put --comment="#" /etc/pam.d/system-auth
411 Wrote: /etc/411.d/etc.pam..d.system-auth
Size: 2427/1621 bytes (encrypted/plain)
/opt/rocks/sbin/411put --comment="#" /etc/profile.d/hltcoe.csh
411 Wrote: /etc/411.d/etc.profile..d.hltcoe..csh
Size: 587/256 bytes (encrypted/plain)
/opt/rocks/sbin/411put --comment="#" /etc/profile.d/hltcoe.sh
411 Wrote: /etc/411.d/etc.profile..d.hltcoe..sh
Size: 632/295 bytes (encrypted/plain)
/opt/rocks/sbin/411put --comment="#" /etc/profile.d/java.csh
411 Wrote: /etc/411.d/etc.profile..d.java..csh
Size: 547/230 bytes (encrypted/plain)
/opt/rocks/sbin/411put --comment="#" /etc/profile.d/java.sh
411 Wrote: /etc/411.d/etc.profile..d.java..sh
Size: 547/229 bytes (encrypted/plain)
/opt/rocks/sbin/411put --nocomment /etc/passwd
411 Wrote: /etc/411.d/etc.passwd
Size: 12660/9195 bytes (encrypted/plain)
/opt/rocks/sbin/411put --nocomment /etc/group
411 Wrote: /etc/411.d/etc.group
Size: 11590/8402 bytes (encrypted/plain)
/opt/rocks/sbin/411put --nocomment /etc/shadow
411 Wrote: /etc/411.d/etc.shadow
Size: 12238/8887 bytes (encrypted/plain)
make[1]: Leaving directory `/var/411'
make: Leaving directory `/var/411'
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2207 bytes
Desc: not available
Url : https://lists.sdsc.edu/pipermail/npaci-rocks-discussion/attachments/20111014/669afdbc/smime.p7s
Anoop Rajendra
# ssh r4n4.local
# 411-get --all
-a
Scott Roberts
Traceback (most recent call last):
File "/opt/rocks/bin/411get", line 214, in ?
app.run()
File "/opt/rocks/bin/411get", line 177, in run
contents, meta = self.get(file)
File "/opt/rocks/lib/python2.4/site-packages/rocks/service411.py", line 519, in get
return self.decrypt(contents)
File "/opt/rocks/lib/python2.4/site-packages/rocks/service411.py", line 710, in decrypt
self.readKeys()
File "/opt/rocks/lib/python2.4/site-packages/rocks/service411.py", line 588, in readKeys
shared_file = open(self.shared_filename, 'r')
IOError: [Errno 2] No such file or directory: '/etc/411-security/shared.key'
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2207 bytes
Desc: not available
Url : https://lists.sdsc.edu/pipermail/npaci-rocks-discussion/attachments/20111014/62ece819/smime.p7s
Anoop Rajendra
# rocks sync host sharedkey r4n4.local
And then re-run
# rocks sync users
-a
Scott Roberts
How do I resolve this so that when I rebuild another node, or add a new one, that the 411 shared key gets populated? I didn't have this issue before.
Url : https://lists.sdsc.edu/pipermail/npaci-rocks-discussion/attachments/20111014/393002d5/smime.p7s
Anoop Rajendra
# service sec-channel status
If it is, restart it. If not, start it. If it errors out when it
starts, let me know.
-a
Scott Roberts
Thanks for the help!
Url : https://lists.sdsc.edu/pipermail/npaci-rocks-discussion/attachments/20111014/75ab649e/smime.p7s