Author: buildbot
Date: Thu Mar 21 13:59:09 2013
New Revision: 855418
Log:
Staging update by buildbot for vcl
Modified:
websites/staging/vcl/trunk/content/ (props changed)
websites/staging/vcl/trunk/content/confluence_export/lab.pm-provisioning-module.html
Propchange: websites/staging/vcl/trunk/content/
------------------------------------------------------------------------------
--- cms:source-revision (original)
+++ cms:source-revision Thu Mar 21 13:59:09 2013
@@ -1 +1 @@
-1458375
+1459315
Modified:
websites/staging/vcl/trunk/content/confluence_export/lab.pm-provisioning-module.html
==============================================================================
---
websites/staging/vcl/trunk/content/confluence_export/lab.pm-provisioning-module.html
(original)
+++
websites/staging/vcl/trunk/content/confluence_export/lab.pm-provisioning-module.html
Thu Mar 21 13:59:09 2013
@@ -21,7 +21,7 @@
<link href="/css/vcl.css" rel="stylesheet" type="text/css">
<link href="/css/code.css" rel="stylesheet" type="text/css">
- <title>Apache VCL - Lab.pm provisioning module</title>
+ <title>Apache VCL - Using VCL to Broker Access to Pre-installed
Machines</title>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
@@ -77,40 +77,42 @@
</div>
<div id="content">
- <h1 class="title">Lab.pm provisioning module</h1>
+ <h1 class="title">Using VCL to Broker Access to Pre-installed Machines</h1>
<p>The Lab.pm provisioning module is used to broker access to standalone
pre-installed Linux or Solaris machines. These machines could be in an
existing walk-in computer lab or racked in a server room.</p>
<p>There are four main parts needed to setup a standalone machine to use with
-the Lab.pm module.
-1. a non-root account called vclstaff on the target machines
-1. ssh idenitity key for vclstaff account, this key is used by the vcld
-process on the management node
-1. ssh service running on port 24 of the target machines
-1. vclclientd running on the target machines, vclclientd in the bin
-directory of the vcld release</p>
+the Lab.pm module.</p>
+<ol>
+<li>a non-root account called vclstaff on the target machines</li>
+<li>ssh idenitity key for vclstaff account, this key is used by the vcld
+process on the management node</li>
+<li>ssh service running on port 24 of the target machines</li>
+<li>vclclientd running on the target machines, vclclientd in the bin
+directory of the vcld release</li>
+</ol>
<p>For distribution to a large set of machines, an rpm or package could be
created to distribute vclclientd and related files.</p>
-<p><a name="Lab.pmprovisioningmodule-Howitworks."></a></p>
-<h1 id="how-it-works">How it works.</h1>
+<h1 id="howitworks">How it works</h1>
<p>The Lab.pm module confirms an assigned node or lab machine is accessible
using the ssh identity key on port 24. If this succeeds, then a small
configuration file with the state, user's id and the users' remote IP
address is sent to the node along with a flag to trigger the vclclientd
process to either open or close the remote access port. Currently this
module only supports Linux and Solaris lab machines. </p>
-<p><a name="Lab.pmprovisioningmodule-"></a></p>
-<h1></h1>
-<p><a name="Lab.pmprovisioningmodule-Howtosetup:"></a></p>
-<h1 id="how-to-setup">How to setup:</h1>
+<h1 id="howtosetup">How to setup:</h1>
<p>All commands are run as root.</p>
-<p><em>1.</em> Create the non-root vclstaff account on target machine</p>
-<div class="codehilite"><pre> <span class="n">on</span> <span
class="n">linux:</span> <span class="n">useradd</span> <span
class="o">-</span><span class="n">d</span> <span class="sr">/home/</span><span
class="n">vclstaff</span> <span class="o">-</span><span class="n">m</span>
<span class="n">vclstaff</span>
+<ol>
+<li>
+<p>Create the non-root vclstaff account on target machine</p>
+<div class="codehilite"><pre><span class="n">on</span> <span
class="n">linux:</span> <span class="n">useradd</span> <span
class="o">-</span><span class="n">d</span> <span class="sr">/home/</span><span
class="n">vclstaff</span> <span class="o">-</span><span class="n">m</span>
<span class="n">vclstaff</span>
</pre></div>
-<p><em>2.</em> Generate ssh identity keys for vclstaff account. Do not enter a
-passphrase for the key, just hit enter when prompted.</p>
+</li>
+<li>
+<p>Generate ssh identity keys for vclstaff account. Do not enter a passphrase
for
+the key, just hit enter when prompted.</p>
<div class="codehilite"><pre><span class="n">su</span> <span
class="o">-</span> <span class="n">vclstaff</span>
<span class="n">ssh</span><span class="o">-</span><span
class="n">keygen</span> <span class="o">-</span><span class="n">t</span> <span
class="n">rsa</span>
<span class="n">Generating</span> <span class="n">public</span><span
class="o">/</span><span class="n">private</span> <span class="n">rsa</span>
<span class="n">key</span> <span class="n">pair</span><span class="o">.</span>
@@ -126,26 +128,38 @@ passphrase for the key, just hit enter w
<p>At this point we have created a private key /home/vclstaff/.ssh/id_rsa and
the public key /home/vclstaff/.ssh/id_rsa.pub.</p>
+</li>
+<li>
<p>Copy the public key to /home/vclstaff/.ssh/authorized_keys file</p>
<div class="codehilite"><pre><span class="n">cat</span> <span
class="sr">/home/</span><span class="n">vclstaff</span><span
class="sr">/.ssh/i</span><span class="n">d_rsa</span><span
class="o">.</span><span class="n">pub</span> <span class="o">></span> <span
class="sr">/home/</span><span class="n">vclstaff</span><span
class="sr">/.ssh/</span><span class="n">authorized_keys</span>
</pre></div>
+</li>
+<li>
<p>Copy the private key to the management node. This can be stored in
/etc/vcl/lab.key. This private key is used by vcld to remotely log into the
the lab machine.</p>
-<div class="codehilite"><pre><span class="n">Edit</span> <span
class="sr">/etc/</span><span class="n">vcld</span><span class="o">.</span><span
class="n">conf</span>
-<span class="n">Set</span> <span class="n">the</span> <span
class="n">variables</span> <span class="n">IDENTITY_linux_lab</span> <span
class="ow">and</span> <span class="n">IDENTITY_solaris_lab</span> <span
class="n">to</span> <span class="k">use</span> <span class="n">this</span>
+</li>
+<li>
+<p>Edit /etc/vcld.conf
+Set the variables IDENTITY_linux_lab and IDENTITY_solaris_lab to use this new
key.
+It should look like:</p>
+<div class="codehilite"><pre><span class="n">IDENTITY_solaris_lab</span><span
class="o">=</span><span class="sr">/etc/</span><span class="n">vcl</span><span
class="o">/</span><span class="n">lab</span><span class="o">.</span><span
class="n">key</span>
+<span class="n">IDENTITY_linux_lab</span><span class="o">=</span><span
class="sr">/etc/</span><span class="n">vcl</span><span class="o">/</span><span
class="n">lab</span><span class="o">.</span><span class="n">key</span>
</pre></div>
-<p>new key.
- It should look like:
- IDENTITY_solaris_lab=/etc/vcl/lab.key
- IDENTITY_linux_lab=/etc/vcl/lab.key</p>
-<p>Test out the newly created key from the vcl management node:
-ssh -i /etc/vcl/lab.key vclstaff@target_lab_machine</p>
-<p><em>3.</em> Set ssh server on target machine to listen on port 24. Edit
+</li>
+<li>
+<p>Test out the newly created key from the vcl management node:</p>
+<div class="codehilite"><pre><span class="n">ssh</span> <span
class="o">-</span><span class="n">i</span> <span class="sr">/etc/</span><span
class="n">vcl</span><span class="o">/</span><span class="n">lab</span><span
class="o">.</span><span class="n">key</span> <span
class="n">vclstaff</span><span class="nv">@target_lab_machine</span>
+</pre></div>
+
+
+</li>
+<li>
+<p>Set ssh server on target machine to listen on port 24. Edit
/etc/ssh/sshd_config on target lab machine(s).</p>
<div class="codehilite"><pre><span class="n">echo</span> <span
class="s">"Port 24"</span> <span class="o">>></span> <span
class="sr">/etc/ss</span><span class="n">h</span><span class="o">/</span><span
class="n">sshd_config</span>
</pre></div>
@@ -154,116 +168,125 @@ ssh -i /etc/vcl/lab.key vclstaff@target_
<p>For advanced ssh configurations one may need to also add vclstaff to the
AllowUsers directive or some other group which would work with ones
existing campus ssh login restrictions, if any.</p>
-<div class="codehilite"><pre><span class="n">Restart</span> <span
class="n">sshd:</span> <span class="sr">/etc/i</span><span
class="n">nit</span><span class="o">.</span><span class="n">d</span><span
class="o">/</span><span class="n">sshd</span> <span class="n">restart</span>
+</li>
+<li>
+<p>restart sshd</p>
+<div class="codehilite"><pre><span class="sr">/etc/i</span><span
class="n">nit</span><span class="o">.</span><span class="n">d</span><span
class="o">/</span><span class="n">sshd</span> <span class="n">restart</span>
</pre></div>
+</li>
+<li>
<p>retest to make sure sshd is accessible on port 24</p>
<div class="codehilite"><pre><span class="n">ssh</span> <span
class="o">-</span><span class="n">p24</span> <span class="o">-</span><span
class="n">i</span> <span class="sr">/etc/</span><span class="n">vcl</span><span
class="o">/</span><span class="n">lab</span><span class="o">.</span><span
class="n">key</span> <span class="n">vclstaff</span><span
class="nv">@target_lab_machine</span>
</pre></div>
-<p><em>4.</em> Copy vclclientd and vclclientd init script to
target_lab_machine, from
+</li>
+<li>
+<p>Copy vclclientd and vclclientd init script to target_lab_machine, from
managenment node:</p>
-<div class="codehilite"><pre><span class="n">scp</span> <span
class="o">-</span><span class="n">P24</span> <span class="sr">/usr/</span><span
class="nb">local</span><span class="sr">/vcl/</span><span
class="n">bin</span><span class="o">/</span><span class="n">vclclientd</span>
+<div class="codehilite"><pre><span class="n">scp</span> <span
class="o">-</span><span class="n">P24</span> <span class="sr">/usr/</span><span
class="nb">local</span><span class="sr">/vcl/</span><span
class="n">bin</span><span class="sr">/vclclientd
vclstaff@target_lab_machine:/</span><span class="n">home</span><span
class="o">/</span><span class="n">vclstaff</span>
+<span class="n">scp</span> <span class="o">-</span><span class="n">P24</span>
<span class="sr">/usr/</span><span class="nb">local</span><span
class="sr">/vcl/</span><span class="n">bin</span><span
class="sr">/S99vclclient.linux target_lab_machine:/</span><span
class="n">etc</span><span class="sr">/init.d/</span><span
class="n">S99vclclient</span><span class="o">.</span><span
class="n">linux</span>
</pre></div>
-<p>vclstaff@target_lab_machine:/home/vclstaff</p>
-<div class="codehilite"><pre><span class="n">scp</span> <span
class="o">-</span><span class="n">P24</span> <span class="sr">/usr/</span><span
class="nb">local</span><span class="sr">/vcl/</span><span
class="n">bin</span><span class="o">/</span><span
class="n">S99vclclient</span><span class="o">.</span><span
class="n">linux</span>
-</pre></div>
-
-
-<p>target_lab_machine:/etc/init.d/S99vclclient.linux</p>
-<div class="codehilite"><pre><span class="n">add</span> <span
class="n">this</span> <span class="n">start</span> <span class="n">up</span>
<span class="n">script</span> <span class="n">to</span> <span
class="n">the</span> <span class="n">appropriate</span> <span
class="n">run</span> <span class="nb">time</span> <span class="n">levels</span>
+<p>add this start up script to the appropriate run time levels</p>
+</li>
+<li>
+<p>Start vclclientd:</p>
+<div class="codehilite"><pre><span class="sr">/etc/i</span><span
class="n">nit</span><span class="o">.</span><span class="n">d</span><span
class="o">/</span><span class="n">S99vclclient</span><span
class="o">.</span><span class="n">linux</span> <span class="n">start</span>
</pre></div>
-<p>Start vclclientd :
-/etc/init.d/S99vclclient.linux start{<em>}5.</em> Add computers to the VCL
-database as one normally would.</p>
-<p>Make sure to select the Lab provisioning module it is labeled as "Computing
-Lab"</p>
-<p><em>6.</em> Insert an image into the image table for this lab machine:</p>
+</li>
+<li>
+<p>Add computers to the VCL database as one normally would. Make sure to set
the
+type of the computer to <b>lab</b> and the Provisioning Engine to <b>Computing
Lab
+</b></p>
+</li>
+<li>
+<p>Insert an image into the image table for this lab machine. You can set name
and
+prettyname to whatever you want. We'll use "lab-machine-image1" and "Lab
Machine image"
+in the example SQL:</p>
<div class="codehilite"><pre><span class="n">INSERT</span> <span
class="n">INTO</span> <span class="sb">`vcl`</span><span
class="o">.</span><span class="sb">`image`</span>
-<span class="p">(</span><span class="sb">`id`</span> <span class="p">,</span>
-<span class="sb">`name`</span> <span class="p">,</span>
-<span class="sb">`prettyname`</span> <span class="p">,</span>
-<span class="sb">`ownerid`</span> <span class="p">,</span>
-<span class="sb">`platformid`</span> <span class="p">,</span>
-<span class="sb">`OSid`</span> <span class="p">,</span>
-<span class="sb">`imagemetaid`</span> <span class="p">,</span>
-<span class="sb">`minram`</span> <span class="p">,</span>
-<span class="sb">`minprocnumber`</span> <span class="p">,</span>
-<span class="sb">`minprocspeed`</span> <span class="p">,</span>
-<span class="sb">`minnetwork`</span> <span class="p">,</span>
-<span class="sb">`maxconcurrent`</span> <span class="p">,</span>
-<span class="sb">`reloadtime`</span> <span class="p">,</span>
-<span class="sb">`deleted`</span> <span class="p">,</span>
-<span class="sb">`test`</span> <span class="p">,</span>
-<span class="sb">`lastupdate`</span> <span class="p">,</span>
-<span class="sb">`forcheckout`</span> <span class="p">,</span>
-<span class="sb">`maxinitialtime`</span> <span class="p">,</span>
-<span class="sb">`project`</span> <span class="p">,</span>
-<span class="sb">`size`</span> <span class="p">,</span>
-<span class="sb">`architecture`</span> <span class="p">,</span>
-<span class="sb">`description`</span> <span class="p">,</span>
-<span class="sb">`usage`</span> <span class="p">,</span>
-<span class="sb">`basedoffrevisionid`</span><span class="p">)</span>
+<span class="p">(</span><span class="sb">`name`</span><span class="p">,</span>
+<span class="sb">`prettyname`</span><span class="p">,</span>
+<span class="sb">`ownerid`</span><span class="p">,</span>
+<span class="sb">`imagetypeid`</span><span class="p">,</span>
+<span class="sb">`platformid`</span><span class="p">,</span>
+<span class="sb">`OSid`</span><span class="p">,</span>
+<span class="sb">`lastupdate`</span><span class="p">,</span>
+<span class="sb">`forcheckout`</span><span class="p">)</span>
<span class="n">VALUES</span>
-<span class="p">(</span><span class="s">'8'</span> <span
class="p">,</span> <span class="s">'lab-machine-image1'</span><span
class="p">,</span> <span class="s">'Lab Machine image'</span><span
class="p">,</span> <span class="s">'1'</span><span class="p">,</span>
<span class="s">'1'</span><span class="p">,</span> <span
class="s">'15'</span><span class="p">,</span> <span
class="n">NULL</span><span class="p">,</span>
-<span class="s">'512'</span><span class="p">,</span> <span
class="s">'1'</span><span class="p">,</span> <span
class="s">'1024'</span><span class="p">,</span> <span
class="s">'100'</span><span class="p">,</span> <span
class="n">NULL</span> <span class="p">,</span> <span
class="s">'5'</span><span class="p">,</span> <span
class="s">'0'</span><span class="p">,</span> <span
class="s">'0'</span><span class="p">,</span> <span
class="n">NOW</span><span class="p">(),</span> <span
class="s">'1'</span><span class="p">,</span> <span
class="s">'0'</span><span class="p">,</span> <span
class="s">'vcl'</span><span class="p">,</span>
+<span class="p">(</span><span
class="s">'lab-machine-image1'</span><span class="p">,</span>
+<span class="s">'Lab Machine image'</span><span class="p">,</span>
+<span class="s">'1'</span><span class="p">,</span>
+<span class="p">(</span><span class="n">SELECT</span> <span
class="n">id</span> <span class="n">FROM</span> <span
class="n">imagetype</span> <span class="n">WHERE</span> <span
class="n">name</span> <span class="o">=</span> <span
class="s">'lab'</span><span class="p">),</span>
+<span class="s">'1'</span><span class="p">,</span>
+<span class="p">(</span><span class="n">SELECT</span> <span
class="n">id</span> <span class="n">FROM</span> <span class="n">OS</span> <span
class="n">WHERE</span> <span class="n">name</span> <span class="o">=</span>
<span class="s">'centos5'</span><span class="p">),</span>
+<span class="n">NOW</span><span class="p">(),</span>
+<span class="s">'1'</span><span class="p">);</span>
</pre></div>
-<p>'1500',
- 'x86', NULL , NULL , '0'
- );</p>
-<p>Insert information into the imagerevision table. Note 'Lab Machine image'
+</li>
+<li>
+<p>Insert a record into the imagerevision table. Note 'Lab Machine image'
can be what ever you want.</p>
<div class="codehilite"><pre><span class="n">INSERT</span> <span
class="n">INTO</span> <span class="sb">`vcl`</span><span
class="o">.</span><span class="sb">`imagerevision`</span> <span
class="p">(</span>
-<span class="sb">`id`</span> <span class="p">,</span>
<span class="sb">`imageid`</span> <span class="p">,</span>
<span class="sb">`revision`</span> <span class="p">,</span>
<span class="sb">`userid`</span> <span class="p">,</span>
<span class="sb">`datecreated`</span> <span class="p">,</span>
<span class="sb">`deleted`</span> <span class="p">,</span>
-<span class="sb">`datedeleted`</span> <span class="p">,</span>
<span class="sb">`production`</span> <span class="p">,</span>
-<span class="sb">`comments`</span> <span class="p">,</span>
-<span class="sb">`imagename`</span>
-<span class="p">)</span>
+<span class="sb">`imagename`</span><span class="p">)</span>
<span class="n">VALUES</span> <span class="p">(</span>
-<span class="n">NULL</span> <span class="p">,</span> <span
class="s">'8'</span><span class="p">,</span> <span
class="s">'1'</span><span class="p">,</span> <span
class="s">'1'</span><span class="p">,</span> <span
class="n">NOW</span><span class="p">(),</span> <span
class="s">'0'</span><span class="p">,</span> <span
class="n">NULL</span> <span class="p">,</span> <span
class="s">'1'</span><span class="p">,</span> <span
class="n">NULL</span> <span class="p">,</span> <span
class="s">'lab-machine-image1'</span>
-<span class="p">)</span>
+<span class="p">(</span><span class="n">SELECT</span> <span
class="n">id</span> <span class="n">FROM</span> <span class="n">image</span>
<span class="n">WHERE</span> <span class="n">name</span> <span
class="o">=</span> <span class="s">'lab-machine-image1'</span><span
class="p">),</span>
+<span class="mi">0</span><span class="p">,</span>
+<span class="mi">1</span><span class="p">,</span>
+<span class="n">NOW</span><span class="p">(),</span>
+<span class="mi">0</span><span class="p">,</span>
+<span class="mi">1</span><span class="p">,</span>
+<span class="s">'lab-machine-image1'</span><span class="p">)</span>
</pre></div>
-<p>Insert information into the resource table.</p>
+</li>
+<li>
+<p>Insert a record into the resource table.</p>
<div class="codehilite"><pre><span class="n">INSERT</span> <span
class="n">INTO</span> <span class="sb">`vcl`</span><span
class="o">.</span><span class="sb">`resource`</span> <span class="p">(</span>
-<span class="sb">`id`</span> <span class="p">,</span>
<span class="sb">`resourcetypeid`</span> <span class="p">,</span>
<span class="sb">`subid`</span>
<span class="p">)</span>
<span class="n">VALUES</span> <span class="p">(</span>
-<span class="n">NULL</span> <span class="p">,</span> <span
class="s">'13'</span><span class="p">,</span> <span
class="s">'8'</span>
+<span class="mi">13</span><span class="p">,</span>
+<span class="p">(</span><span class="n">SELECT</span> <span
class="n">id</span> <span class="n">FROM</span> <span class="n">image</span>
<span class="n">WHERE</span> <span class="n">name</span> <span
class="o">=</span> <span class="s">"lab-machine-image1"</span><span
class="p">)</span>
<span class="p">)</span>
</pre></div>
-<p><em>7.</em> Set up the image to computer group mappings and grant
access.</p>
+</li>
+<li>
+<p>Set up the image to computer group mappings and grant access.</p>
<p>These next steps will be done using the VCL web interface</p>
<ol>
-<li>Create a new Image group. Manage groups, add a new image resrouce
group.</li>
-<li>Create a new Computer group. Manage groups, add a new computer
-resrouce group.</li>
-<li>Add new image (inserted above) to the image group just created in step
1.</li>
-<li>Add machines that have vclclientd to the computer group created in step
-2.</li>
-<li>Assign new computer group to be controlled by management node. Select
-Management Nodes, Edit Management Node Mapping</li>
-<li>Grant access to the new lab image and computer group in the privilege
-tree.</li>
+<li>
+<p>Create a new Image group</p>
+<p>Manage Groups->Add New Resource Group
+ 1. Create a new Computer group</p>
+<p>Manage Groups->Add New Resource Group
+ 1. Add new image (inserted above) to the image group just created in step
1.</p>
+<p>Manage Images->Edit Image Grouping
+ 1. Add machines that have vclclientd to the computer group created in step
2</p>
+<p>Manage Computers->Edit Computer Grouping
+ 1. Assign new computer group to be controlled by management node</p>
+<p>Management Nodes->Edit Management Node Mapping
+ 1. Grant access to the new lab image and computer group in the privilege
tree.</p>
+</li>
+</ol>
+</li>
</ol>
</div>
