Re: [xcat-user] 回复: New to xcat : stateless, genimage, postscripts, chain and groups

2016-03-09 Thread Xiao Peng Wang 
1. For the latest master branch, the mount /proc and /sys have been done for Ubuntu. That means it will be ready in next release.
2. Which version of xCAT were you using? Show it with 'lsxcatd -a'
3. genimage won't do the syncfile, but packimage does.
 
Could you give me more detail of how you will use Ansible?
ThanksBest Regards--Wang Xiaopeng (王晓朋)IBM China System Technology LaboratoryTel: 86-10-82453455Email: w...@cn.ibm.comAddress: 28,ZhongGuanCun Software Park,No.8 Dong Bei Wang West Road, Haidian District Beijing P.R.China 100193
 
 
- Original message -From: Thomas Hummel To: xcat-user@lists.sourceforge.netCc:Subject: Re: [xcat-user] 回复: New to xcat : stateless, genimage, postscripts, chain and groupsDate: Tue, Mar 8, 2016 12:56 AM 
On 02/22/2016 06:40 AM, Xiao Peng Wang wrote:> 1. We have done the approach that mount of /proc, /sys and /dev/ before install> packages and umount them after the installing for Ubuntu, and will apply it for rh.Hello and thanks for your answer (sorry for the delay, I was in vacation).I'm not sure I got it correctly : this mechanism is ready but not yetreleased, is that correct ?> 2. You can just make the multiple tasks to be specified as comma separated:> # nodeset  osimage=rhels6.6-x86_64-netboot-compute,runcmd=bmcsetup,shellI'd swear that when I tried this syntax, only one "action" was put inthe chain table (as opposed to, the wanted sequence of action)...That's why we kept editing the chain table or kept using nodech.> 4. run_ps is added in mypostscript for debuggingOk, sorry I read the script to fast. It is indeed *added* (I thoughtmypostscript was overwritten).> 5. otherpkgs postscript which is executed to install addiation packages will not> be run for diskless node through updatenode. The ospkgs is still run on diskless> node, but it does not make sence since boot of the system will lose the update.> The 'syncfiles' script will be run for diskless node.Ok, but what about genimage ? Aren't packages and additional packagesinstalled in the chroot installed by running ospkg and otherpkgspostscripts ? Isn't it the case for the sync'ed files in the image(syncfile postscript run at genimage time) ?Or in other words, does genimage install packages and sync files throughpostscripts or not at all ?Anyway, we decided to populate the image with ansible (using the chrootconnection type) so we can cross write updates in the image and onrunning nodes with almost the exact same tasks.Thanks.--Thomas HUMMEL--Transform Data into Opportunity.Accelerate data analysis in your applications withIntel Data Analytics Acceleration Library.Click to learn more.http://makebettercode.com/inteldaal-eval___xCAT-user mailing listxCAT-user@lists.sourceforge.nethttps://lists.sourceforge.net/lists/listinfo/xcat-user 


--
Transform Data into Opportunity.
Accelerate data analysis in your applications with
Intel Data Analytics Acceleration Library.
Click to learn more.
http://pubads.g.doubleclick.net/gampad/clk?id=278785111=/4140___
xCAT-user mailing list
xCAT-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/xcat-user

Re: [xcat-user] Updatenode -k won't create id_rsa key without prompting for password

2016-03-09 Thread Josh Nielsen 
Casandra,

Good news. Setting sshbetweennodes explicitly to ALLGROUPS automatically
provided both the id_rsa and id_rsa.pub keys in /root/.ssh/ when
'remoteshell' ran this time (in xCAT 2.8.3)! So that's all it was.

Except the strange thing is that we never had to set that before. Perhaps
whatever version we had before 2.8.3 didn't need it, but 2.8.3 does now.
But we were on 2.8.3 already with the last deploy, so... I have no idea how
this worked a few months ago without setting sshbetweennodes explicitly (or
why the default settings didn't have the same result), but I'm glad after
banging my head on this for about two weeks to make some headway finally.
Thanks for the suggestion!

Best regards,
Josh

On Tue, Mar 8, 2016 at 3:33 PM, Casandra H Qiu  wrote:

> mmm, I don't have system with xCAT 2.8.3. but I think sshbetweenodes
> attribute is available for while. if it is not defined in the site table,
> the default should be set up passwordless between nodes.
> "nslookup nodename" still works after you update the hostname, right?
> can u able to find any error message from logs? maybe in the
> /var/log/message.
>
> Thanks,
> Casandra
> ...
> Casandra Hong Qiu
> Phone: (845) 433-9291, t/l 293-9291
> Office: B/002, Floor 3, Z13
> cxh...@us.ibm.com
>
>
>
> [image: Inactive hide details for Josh Nielsen ---03/08/2016 03:58:33
> PM---Thanks for the response Casandra. I should firstly note that]Josh
> Nielsen ---03/08/2016 03:58:33 PM---Thanks for the response Casandra. I
> should firstly note that I have xCAT 2.8.3. I know I need to upg
>
> From: Josh Nielsen 
> To: xCAT Users Mailing list 
> Date: 03/08/2016 03:58 PM
> Subject: Re: [xcat-user] Updatenode -k won't create id_rsa key without
> prompting for password
> --
>
>
>
>
> Thanks for the response Casandra. I should firstly note that I have xCAT
> 2.8.3. I know I need to upgrade, but not only has this worked in the past
> but I also successfully deployed 50+ nodes back in November with the exact
> same xCAT version I have now and using the same osimage for Centos 6.5,
> same kickstart, same defined postscripts, etc. So something else has
> changed, perhaps in our environment?
>
> That being said, I did not see sshbetweennodes specified at all in the
> site table. The following are the only two references to ssh in the table:
>
> #tabdump site | grep -i ssh
> "maxssh","8",,
> "rsh","/usr/bin/ssh",,
>
> Is 'sshbetweennodes' only a feature of versions newer than 2.8.X, or has
> it been around a while?
>
> Lastly, you said that remoteshell copies over id_rsa.pub (regardless - in
> either scenario), and I have seen that before as well, but actually I am
> not seeing any id_rsa* keys (public or private) copied to the node at all.
> And even an updatenode -k is only producing the id_rsa (if I manually type
> the password) but not the .pub, which is also odd. But authorized_keys is
> populated with the rsa public key signature. Something else must be going
> on.
>
> P.S. The only other issue I'm still dealing with, which may irrelevant for
> this issue, is a hostname problem to where if I run the ifcfg-eth
> postscript it updates the hostname in /etc/sysconfig/network from the
> correct node name to "localhost". My forward and reverse lookup entries in
> DNS are present, and the hostname is set correctly by the kickstart before
> ifcfg-eth is run, and remains there if it is not run, which I presume it
> gets from either the node definition in dhcpd.leases which is created with
> 'makedhcp' and/or the DNS entries for the host's IP. On the off chance that
> key copying could be tied to name resolution inconsistencies I thought I
> might mention that as well.
>
> Thanks,
> Josh
>
> On Tue, Mar 8, 2016 at 1:20 PM, Casandra H Qiu <*cxh...@us.ibm.com*
> > wrote:
>
>can u check the site table if sshbetweennodes is set up? The default
>for sshbetweennodes is ALLGROUPS, and will enable passwordless between
>nodes. this attribute will be ignored if zone table is set up, so please
>check zone table also.
>
>if it enables, the remoteshell postscript will copy id_rsa and
>id_rsa.pub over to compute node, otherwise, it only copies id_rsa.pub.
>
>from source code, updatenode -k is always required password.
>
>
>Thanks,
>Casandra
>...
>Casandra Hong Qiu
>Phone: *(845) 433-9291* <%28845%29%20433-9291>, t/l 293-9291
>Office: B/002, Floor 3, Z13
> *cxh...@us.ibm.com* 
>
>
>
>[image: Inactive hide details for Josh Nielsen ---03/08/2016 12:51:58
>PM---Yes, I just verified. It is present, but that alone is not s]Josh
>Nielsen ---03/08/2016 12:51:58 PM---Yes, I just verified. It is present,
>but that alone is not sufficient for that node to be able to

Re: [xcat-user] Updatenode -k won't create id_rsa key without prompting for password

2016-03-09 Thread Casandra H Qiu 

if nslookup works fine, the name resolution should not have problem.  but
you can run "makedns -n" , "makedhcp -n" and "makedhcp -a" again.

the remoteshell postscript is the file copies SSH Key over to compute
nodes, should be default postscripts which defined in your node
definitions,
you can add "set -x" to this file, the log information will be on the
node /var/log/xcat/xcat.log

u can  show me the site table, network table and lsdef for one of nodes if
nothing works? :(


Thanks,
Casandra
...
Casandra Hong Qiu
Phone: (845) 433-9291, t/l 293-9291
Office: B/002, Floor 3, Z13
cxh...@us.ibm.com





From:   Josh Nielsen 
To: xCAT Users Mailing list 
Date:   03/09/2016 11:16 AM
Subject:Re: [xcat-user] Updatenode -k won't create id_rsa key without
prompting for password



I should also mention that for kicks last week we tried deploying one VM
that had been defined in the hpvmgroupA group 4 months ago with the rest of
them, but had not been deployed and had been delayed until now, and it too
is experiencing the same problems with the keys as well as our (unrelated?)
hostname issues, so I'm going for something that changed in our
environment, be it networking related, DNS, perhaps permissions, or any
host of other variables that can change on systems involved with the xCAT
deploy process. I just wish there were a meaningful error or way to
determine the root issue more easily.

On Wed, Mar 9, 2016 at 10:01 AM, Josh Nielsen 
wrote:
  Yes. Sorry that I did not mention it before, but they are stateful nodes.
  I have never used stateless nodes and have nothing configured for
  stateless. I'm just puzzled what could have changed in four months since
  I last I deployed 50+ VMs with the same osimage template and postscripts
  they used at that time. I'm deploying Centos 6.5 to a series of VMs on
  ESXi (standalone - not vSphere managed) on an HP CX7000 Blade chassis.
  I'm PXE booting as the method of delivering the kickstart, and I'm only
  having problems post-kickstart (or so it seems...). And the deploy is
  completely abstracted to the VM guest operating system level, so nothing
  specific to HP.

  I'm obscuring the IPs in the following excerpt from my xCAT 'hosts'
  table, but the only real change in xCAT was that I defined a third ('C')
  group of VMs that run on the HP cluster following the pattern I had done
  for the previous 50+ VMs which were divided between the A and B groups:

  "hpvmgroupA","|\D+(\d+).*$|X.Y.101.($1-0)|",,,"HP Compute nodes compute
  interface",
  "hpvmgroupB","|\D+(\d+).*$|X.Y.102.($1-0)|",,,"HP Compute nodes compute
  interface",
  "hpvmgroupC","|\D+(\d+).*$|X.Y.103.($1-0)|",,,"HP Compute nodes compute
  interface",

  Otherwise, if you do an lsdef and look at a node that was deployed
  successfully which was part of hpvmgroupA and one that I am currently
  trying to deploy in hpvmgroupC they are identical except for the details
  that should differ like IP address and other things; and the osimage for
  the Centos 6.5 image (which points to the *.tmpl kickstart files and the
  otherpkgs *.tmpl files) is the same. So perhaps something else in my
  environment changed?

  My coworker and I have tried delving into the code and placing echoes as
  debugging statements, and have looked at the -V verbose output of various
  commands, but can't seem to find a meaningful error as to why it is not
  fetching either the id_rsa or id_rsa.pub files. Perhaps this was taken
  care of in a certain postscript that I have taken for granted before and
  forgotten to run this time? I have no idea.

  -Josh

  On Tue, Mar 8, 2016 at 10:34 PM, Daniel Letai  wrote:
   Can you confirm you are deploying stateful nodes and not stateless ?


   On 03/09/2016 12:53 AM, Josh Nielsen wrote:
 My coworker just pointed out that the /xcatpost/mypostscript on
 the nodes that are deployed actually have this line:

 ENABLESSHBETWEENNODES='NO'
 export ENABLESSHBETWEENNODES

 That's interesting, given that sshbetweennodes (without 'enable'
 as the beginning of the parameter name?) was not defined at all in
 the site table and the default is supposedly enabled(?). However,
 I just set sshbetweennodes in site to
 "sshbetweennodes","ALLGROUPS",, and am now redeploying to see if
 it makes a difference.

 The man page for site says:

  sshbetweennodes:  Comma separated list of groups to enable
 passwordless root
                                     ssh during install, or xdsh
 -K. Default is ALLGROUPS.
                                     Set to NOGROUPS,if you do not
 wish to enabled any groups.
                                     Service Nodes are not affected
 by this

Re: [xcat-user] Updatenode -k won't create id_rsa key without prompting for password

2016-03-09 Thread Josh Nielsen 
Hi Christopher,

I checked our 'nameservers' field in the site table and it is pointing to
our external DNS server, which I think was a required configuration for
makedns -e to work. Updates for new entries to the external DNS server,
which is the master of the slave DNS servers on the SNs, propagate down to
the SNs immediately. But I would be hesitant to add the SNs to the list of
IPs in that field lest it break something in the external DNS
configuration.

The oddest thing however is that "none of the above" (the SNs slave DNS or
external DNS server) are making it into resolv.conf, but rather the MN's IP
(which used to - once upon a time - host the master DNS server before we
changed to an external DNS configuration). The only field in the site table
pointing to the MN is the 'master' field, as it should be.

And here is a sample of one particular node in question. None of it points
to the MN's IP, and 'xcatmaster ' is relativized between SNs for the group
the node is in:

nfsserver=[SN1_IP]
os=centos6.5

postscripts=syslog,remoteshell,ospkgs,addsiteyum,syncfiles,fstab,setupntp,otherpkgs
primarynic=eth0
profile=compute
provmethod=centos6.5-x86_64-install-compute
serialflow=hard
serialport=0
serialspeed=115200
servicenode=[SN1_DNS_NAME],[SN2_DNS_NAME]
status=booting
tftpserver=[SN1_DNS_NAME]
xcatmaster=[SN1_IP]

-Josh

On Tue, Mar 8, 2016 at 4:54 PM, Christopher Samuel 
wrote:

> On 09/03/16 09:37, Josh Nielsen wrote:
>
> > Actually, I take it back, some of the nodes have the MN's IP in their
> > resolv.conf (which has no DNS server) after a kickstart install, which
> > is possibly why the localhost assignment happens since a lookup would
> > fail. I think only if I run a postscript that I specifically created to
> > edit the /etc/resolv.conf and point it to the SNs which run DNS servers
> > does it allow the node to resolve its name. I wish the kickstart would
> > populate the resolv.conf file with its service node IPs by default (and
> > I thought it used to??).
>
> xCAT should populate your /etc/resolv.conf with the "nameservers"
> attribute from your site table.
>
> Ours certainly do - and we've got a variety of xCAT versions deployed
> for our various clusters (2.8.1, 2.8.5 (x3) & 2.10) on the "If it ain't
> broke, don't fix it" principle.
>
> All the best,
> Chris
> --
>  Christopher SamuelSenior Systems Administrator
>  VLSCI - Victorian Life Sciences Computation Initiative
>  Email: sam...@unimelb.edu.au Phone: +61 (0)3 903 55545
>  http://www.vlsci.org.au/  http://twitter.com/vlsci
>
>
>
> --
> Transform Data into Opportunity.
> Accelerate data analysis in your applications with
> Intel Data Analytics Acceleration Library.
> Click to learn more.
> http://makebettercode.com/inteldaal-eval
> ___
> xCAT-user mailing list
> xCAT-user@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/xcat-user
>
--
Transform Data into Opportunity.
Accelerate data analysis in your applications with
Intel Data Analytics Acceleration Library.
Click to learn more.
http://pubads.g.doubleclick.net/gampad/clk?id=278785111=/4140___
xCAT-user mailing list
xCAT-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/xcat-user

Re: [xcat-user] Updatenode -k won't create id_rsa key without prompting for password

2016-03-09 Thread Josh Nielsen 
I should also mention that for kicks last week we tried deploying one VM
that had been defined in the hpvmgroupA group 4 months ago with the rest of
them, but had not been deployed and had been delayed until now, and it too
is experiencing the same problems with the keys as well as our (unrelated?)
hostname issues, so I'm going for something that changed in our
environment, be it networking related, DNS, perhaps permissions, or any
host of other variables that can change on systems involved with the xCAT
deploy process. I just wish there were a meaningful error or way to
determine the root issue more easily.

On Wed, Mar 9, 2016 at 10:01 AM, Josh Nielsen 
wrote:

> Yes. Sorry that I did not mention it before, but they are stateful nodes.
> I have never used stateless nodes and have nothing configured for
> stateless. I'm just puzzled what could have changed in four months since I
> last I deployed 50+ VMs with the same osimage template and postscripts they
> used at that time. I'm deploying Centos 6.5 to a series of VMs on ESXi
> (standalone - not vSphere managed) on an HP CX7000 Blade chassis. I'm PXE
> booting as the method of delivering the kickstart, and I'm only having
> problems post-kickstart (or so it seems...). And the deploy is completely
> abstracted to the VM guest operating system level, so nothing specific to
> HP.
>
> I'm obscuring the IPs in the following excerpt from my xCAT 'hosts' table,
> but the only real change in xCAT was that I defined a third ('C') group of
> VMs that run on the HP cluster following the pattern I had done for the
> previous 50+ VMs which were divided between the A and B groups:
>
> "hpvmgroupA","|\D+(\d+).*$|X.Y.101.($1-0)|",,,"HP Compute nodes compute
> interface",
> "hpvmgroupB","|\D+(\d+).*$|X.Y.102.($1-0)|",,,"HP Compute nodes compute
> interface",
> "hpvmgroupC","|\D+(\d+).*$|X.Y.103.($1-0)|",,,"HP Compute nodes compute
> interface",
>
> Otherwise, if you do an lsdef and look at a node that was deployed
> successfully which was part of hpvmgroupA and one that I am currently
> trying to deploy in hpvmgroupC they are identical except for the details
> that should differ like IP address and other things; and the osimage for
> the Centos 6.5 image (which points to the *.tmpl kickstart files and the
> otherpkgs *.tmpl files) is the same. So perhaps something else in my
> environment changed?
>
> My coworker and I have tried delving into the code and placing echoes as
> debugging statements, and have looked at the -V verbose output of various
> commands, but can't seem to find a meaningful error as to why it is not
> fetching either the id_rsa or id_rsa.pub files. Perhaps this was taken care
> of in a certain postscript that I have taken for granted before and
> forgotten to run this time? I have no idea.
>
> -Josh
>
> On Tue, Mar 8, 2016 at 10:34 PM, Daniel Letai  wrote:
>
>> Can you confirm you are deploying stateful nodes and not stateless ?
>>
>>
>> On 03/09/2016 12:53 AM, Josh Nielsen wrote:
>>
>> My coworker just pointed out that the /xcatpost/mypostscript on the nodes
>> that are deployed actually have this line:
>>
>> ENABLESSHBETWEENNODES='NO'
>> export ENABLESSHBETWEENNODES
>>
>> That's interesting, given that sshbetweennodes (without 'enable' as the
>> beginning of the parameter name?) was not defined at all in the site table
>> and the default is supposedly enabled(?). However, I just set
>> sshbetweennodes in site to "sshbetweennodes","ALLGROUPS",, and am now
>> redeploying to see if it makes a difference.
>>
>> The man page for site says:
>>
>>  sshbetweennodes:  Comma separated list of groups to enable passwordless
>> root
>> ssh during install, or xdsh -K.
>> Default is ALLGROUPS.
>> Set to NOGROUPS,if you do not wish to
>> enabled any groups.
>> Service Nodes are not affected by
>> this attribute
>> they are always setup with
>> passwordless root access to nodes and
>> other SN.
>>
>> -Josh
>>
>> On Tue, Mar 8, 2016 at 4:26 PM, Josh Nielsen 
>> wrote:
>>
>>> Here is what I see in /var/log/messages when remoteshell is run:
>>>
>>> Mar  7 14:28:41 xcat-serv1 node0087c xcat: remoteshell:  setup
>>> /etc/ssh/sshd_config and ssh_config
>>> Mar  7 14:28:41 xcat-serv1 node0087c xcat: Install: setup root .ssh
>>> Mar  7 14:28:42 xcat-serv1 xcat-serv1 xCAT[16025]: xCAT: Allowing
>>> getcredentials ssh_dsa_hostkey from node0087c
>>> Mar  7 14:28:42 xcat-serv1 node0087c xCAT: remoteshell: getting
>>> ssh_host_dsa_key
>>> Mar  7 14:28:42 xcat-serv1 xcat-serv1 xCAT[16027]: xCAT: Allowing
>>> getcredentials ssh_rsa_hostkey from node0087c
>>> Mar  7 14:28:42 xcat-serv1 node0087c xCAT: ssh_rsa_hostkey
>>> Mar  7 14:28:42 xcat-serv1 node0087c xCAT: start up sshd
>>>
>>> I see new timestamps on authorized_keys and

Re: [xcat-user] Updatenode -k won't create id_rsa key without prompting for password

2016-03-09 Thread Josh Nielsen 
Yes. Sorry that I did not mention it before, but they are stateful nodes. I
have never used stateless nodes and have nothing configured for
stateless. I'm just puzzled what could have changed in four months since I
last I deployed 50+ VMs with the same osimage template and postscripts they
used at that time. I'm deploying Centos 6.5 to a series of VMs on ESXi
(standalone - not vSphere managed) on an HP CX7000 Blade chassis. I'm PXE
booting as the method of delivering the kickstart, and I'm only having
problems post-kickstart (or so it seems...). And the deploy is completely
abstracted to the VM guest operating system level, so nothing specific to
HP.

I'm obscuring the IPs in the following excerpt from my xCAT 'hosts' table,
but the only real change in xCAT was that I defined a third ('C') group of
VMs that run on the HP cluster following the pattern I had done for the
previous 50+ VMs which were divided between the A and B groups:

"hpvmgroupA","|\D+(\d+).*$|X.Y.101.($1-0)|",,,"HP Compute nodes compute
interface",
"hpvmgroupB","|\D+(\d+).*$|X.Y.102.($1-0)|",,,"HP Compute nodes compute
interface",
"hpvmgroupC","|\D+(\d+).*$|X.Y.103.($1-0)|",,,"HP Compute nodes compute
interface",

Otherwise, if you do an lsdef and look at a node that was deployed
successfully which was part of hpvmgroupA and one that I am currently
trying to deploy in hpvmgroupC they are identical except for the details
that should differ like IP address and other things; and the osimage for
the Centos 6.5 image (which points to the *.tmpl kickstart files and the
otherpkgs *.tmpl files) is the same. So perhaps something else in my
environment changed?

My coworker and I have tried delving into the code and placing echoes as
debugging statements, and have looked at the -V verbose output of various
commands, but can't seem to find a meaningful error as to why it is not
fetching either the id_rsa or id_rsa.pub files. Perhaps this was taken care
of in a certain postscript that I have taken for granted before and
forgotten to run this time? I have no idea.

-Josh

On Tue, Mar 8, 2016 at 10:34 PM, Daniel Letai  wrote:

> Can you confirm you are deploying stateful nodes and not stateless ?
>
>
> On 03/09/2016 12:53 AM, Josh Nielsen wrote:
>
> My coworker just pointed out that the /xcatpost/mypostscript on the nodes
> that are deployed actually have this line:
>
> ENABLESSHBETWEENNODES='NO'
> export ENABLESSHBETWEENNODES
>
> That's interesting, given that sshbetweennodes (without 'enable' as the
> beginning of the parameter name?) was not defined at all in the site table
> and the default is supposedly enabled(?). However, I just set
> sshbetweennodes in site to "sshbetweennodes","ALLGROUPS",, and am now
> redeploying to see if it makes a difference.
>
> The man page for site says:
>
>  sshbetweennodes:  Comma separated list of groups to enable passwordless
> root
> ssh during install, or xdsh -K.
> Default is ALLGROUPS.
> Set to NOGROUPS,if you do not wish to
> enabled any groups.
> Service Nodes are not affected by this
> attribute
> they are always setup with
> passwordless root access to nodes and
> other SN.
>
> -Josh
>
> On Tue, Mar 8, 2016 at 4:26 PM, Josh Nielsen 
> wrote:
>
>> Here is what I see in /var/log/messages when remoteshell is run:
>>
>> Mar  7 14:28:41 xcat-serv1 node0087c xcat: remoteshell:  setup
>> /etc/ssh/sshd_config and ssh_config
>> Mar  7 14:28:41 xcat-serv1 node0087c xcat: Install: setup root .ssh
>> Mar  7 14:28:42 xcat-serv1 xcat-serv1 xCAT[16025]: xCAT: Allowing
>> getcredentials ssh_dsa_hostkey from node0087c
>> Mar  7 14:28:42 xcat-serv1 node0087c xCAT: remoteshell: getting
>> ssh_host_dsa_key
>> Mar  7 14:28:42 xcat-serv1 xcat-serv1 xCAT[16027]: xCAT: Allowing
>> getcredentials ssh_rsa_hostkey from node0087c
>> Mar  7 14:28:42 xcat-serv1 node0087c xCAT: ssh_rsa_hostkey
>> Mar  7 14:28:42 xcat-serv1 node0087c xCAT: start up sshd
>>
>> I see new timestamps on authorized_keys and copy.sh when it is run, so it
>> is actually doing something.
>>
>> Is there a substantial difference between remoteshell and updatenode -k?
>> Why does updatenode -k successfully copy the id_rsa key to the node if I
>> type in the password?
>>
>> As for the hostname in /etc/sysconfig/network, actually if I run just the
>> kickstart and remove ifcfg-eth from the list of postscripts (in the node
>> definition's postscripts= field) to execute automatically it ends up
>> looking like this:
>> # cat /etc/sysconfig/network
>> NETWORKING=yes
>> HOSTNAME=3(NXDOMAIN)
>>
>> But when I manually run updatenode node0087c -P ifcfg-eth it works
>> correctly. (Also it changes the  /etc/sysconfig/network-scripts/ifcfg-eth0
>> file's BOOTPROTO parameter from dhcp to static and sets the IPADDR, as it
>> should).
>> # cat

Re: [xcat-user] rsyslog and genesis image

2016-03-09 Thread Jean-Baptiste Denis 
> First of all, I wonder where the screenlog.0 line comes from. I guess it is
> injected in the mknb stage, but I don't see how I can change that. Any idea ?
> I'd like to add a catchall line (*.* @192.168.132.2). It's working when I add 
> it
> manually directory in the booted image after a reloading of the rsyslog
> configuration.

The screenlog line is added in the dhclient-script script of the genesis image :
(/opt/xcat/share/xcat/netboot/genesis/x86_64/fs/sbin/dhclient-script)

if [ ! -z "$new_log_servers" ]; then
 head -n -1 /etc/rsyslog.conf > /etc/rsyslog.conf.new
 cp /etc/rsyslog.conf.new /etc/rsyslog.conf
fi
for ls in $new_log_servers; do
 echo *.* @$ls >> /etc/rsyslog.conf
done

I really don't know why the file is managed this way.

> Maybe something like :
> 
> $ModLoad imfile
> $InputFileName /screenlog.0
> $InputFileTag screenlog:
> $InputFileStateFile stat-screenlog
> 
> instead of the screenlog line ? I didn't try it though.

My current rsyslog.conf file is :

$ModLoad imuxsock
$ModLoad immark
$MarkMessagePeriod 1200

$ModLoad imfile
$InputFileName /screenlog.0
$InputFileTag screenlog:
$InputFileStateFile stat-screenlog
$InputRunFileMonitor
$InputFilePollInterval 2

*.emerg *
*.* @192.168.132.2

# keep the last comment line empty, because it is dynamically trimmed of
# at boot by dhclient-script
#

I'm not satisfied with hard-coding the ip address of the syslog server though...

The invalid line is still added by dhclient-script (where does the
new_syslog_servers variable comes from ? I didn't find anything), but I've got
everything I want : all syslog logs are forwarded and also the screenlog.0 file.

What do you think ?

Jean-Baptiste



--
Transform Data into Opportunity.
Accelerate data analysis in your applications with
Intel Data Analytics Acceleration Library.
Click to learn more.
http://pubads.g.doubleclick.net/gampad/clk?id=278785111=/4140
___
xCAT-user mailing list
xCAT-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/xcat-user