date:20181128

Re: [xcat-user] Using chrony instead of ntp?

2018-11-28 Thread GONG Jie

Hello Vinícius Ferrão,

Please make sure chronyd is installed on the node you intend to use it. And 
redo the xCAT ntp setup procedure on that node.

For the xCAT management node, do the following,
  1. Make sure chronyd is installed on xCAT management node.
  2. Run `makentp’

For xCAT compute nodes, do the following,
  1. Make sure chronyd is installed on xCAT compute nodes you intend to use 
chronyd
  2. Run `xdsh compute_nodes setupntp’, where compute_nodes is your node range.

GONG Jie (龚颉)
China Systems & Technology Lab, Beijing
Tel: +86-10-82454979
Email: gong...@linux.vnet.ibm.com
Address: Ring Building, No.28, Zhongguancun Software Park, No.8 Dongbeiwang 
West Road, Haidian District, Beijing, P.R.China 100193



> On Nov 29, 2018, at 05:36, Vinícius Ferrão  wrote:
> 
> Hello Casandra,
> 
> Thanks for sharing the correct info. In a case of an already deployed xCAT on 
> RHEL7, is it possible to change it back to chronyd instead of ntpd?
> 
> Which steps are needed?
> 
> Thanks,
> 
> Sent from my iPhone
> 
> On 28 Nov 2018, at 19:24, Casandra H Qiu  > wrote:
> 
>> If xCAT found there is chronyd on the system, it will use chrony, otherwise 
>> it will default back to ntp.
>> 
>> 
>> Thanks,
>> Casandra Qiu
>> 
>> ...
>> Casandra Hong Qiu
>> Phone: (845) 433-9291, t/l 293-9291
>> Office: Building 8, 3-B-04
>> cxh...@us.ibm.com 
>> 
>> 
>> 
>> Ryan Novosielski ---11/28/2018 03:49:48 PM---You happen to know 
>> if this is possible to make use of also on RHEL7 without much fuss? Sent 
>> from my
>> 
>> From: Ryan Novosielski mailto:novos...@rutgers.edu>>
>> To: xCAT Users Mailing list > >
>> Date: 11/28/2018 03:49 PM
>> Subject: Re: [xcat-user] Using chrony instead of ntp?
>> 
>> 
>> 
>> 
>> You happen to know if this is possible to make use of also on RHEL7 without 
>> much fuss?
>> 
>> Sent from my iPhone
>> 
>> On Nov 28, 2018, at 15:16, Casandra H Qiu > > wrote:
>> xCAT is modified the code on 2.14.3 to use chrony instead of ntp for RHEL8 
>> support. 
>> 
>> 
>> Thanks,
>> Casandra Qiu
>> 
>> ...
>> Casandra Hong Qiu
>> Phone: (845) 433-9291, t/l 293-9291
>> Office: Building 8, 3-B-04
>> cxh...@us.ibm.com 
>> 
>> 
>> 
>> Kevin Keane ---11/28/2018 02:21:59 PM---xCAT is designed to use 
>> ntp, of course. But RedHat makes chrony the default (and in the upcoming RHE
>> 
>> From: Kevin Keane mailto:kke...@sandiego.edu>>
>> To: xCAT Users Mailing list > >
>> Date: 11/28/2018 02:21 PM
>> Subject: [xcat-user] Using chrony instead of ntp?
>> 
>> 
>> 
>> 
>> xCAT is designed to use ntp, of course. But RedHat makes chrony the default 
>> (and in the upcoming RHEL 8, ntpd will not even be included any more).
>> 
>> What do I need to consider when using chrony instead of ntpd? Obviously, I 
>> can't run makentp, and would have to configure it manually. Is there 
>> anything else I need to pay attention to?
>> 
>> Thanks!
>> ___
>> Kevin Keane | Systems Architect | University of San Diego ITS | 
>> kke...@sandiego.edu 
>> Maher Hall, 192 |5998 Alcalá Park | San Diego, CA 92110-2492 | 619.260.6859
>> 
>> REMEMBER! No one from IT at USD will ever ask to confirm or supply your 
>> password.
>> These messages are an attempt to steal your username and password. Please do 
>> not reply to, click the links within, or open the attachments of these 
>> messages. Delete them!
>> 
>> ___
>> xCAT-user mailing list
>> xCAT-user@lists.sourceforge.net 
>> https://lists.sourceforge.net/lists/listinfo/xcat-user 
>> 
>> 
>> ___
>> xCAT-user mailing list
>> xCAT-user@lists.sourceforge.net 
>> https://lists.sourceforge.net/lists/listinfo/xcat-user 
>> [attachment 
>> "graycol.gif" deleted by Casandra H Qiu/Poughkeepsie/IBM] 
>> ___
>> xCAT-user mailing list
>> xCAT-user@lists.sourceforge.net 
>> https://lists.sourceforge.net/lists/listinfo/xcat-user 
>> 
>> 
>> 
>> 
>> ___
>> xCAT-user mailing list
>> xCAT-user@lists.sourceforge.net 
>> https://lists.sourceforge.net/lists/listinfo/xcat-user 
>> 
> ___
> xCAT-user mailing list
>

Re: [xcat-user] [External] How to restrict xCAT's NFS shares?

2018-11-28 Thread Bin XA Xu

xCAT team are considering not to generate the default export entries for /tftproot and /install,  but you can follow up the documents to created it per your demand. (For example, some cases (service node,  statelite) requires NFS and you want to use xcat MN as its NFS server )
 
This will introduce some inconveniences.
 
Bin Xu
HPC Software DevelopmentSoftware Defined Infrastructure, IBM Systems
Phone: 86-010-82454067
E-mail: bx...@cn.ibm.com
 
 
- Original message -From: Kevin Keane To: xCAT Users Mailing list Cc:Subject: Re: [xcat-user] [External] How to restrict xCAT's NFS shares?Date: Thu, Nov 29, 2018 7:17 AM 
Yes, you appear to be correct. I just, for testing, uninstalled all of xCAT. Then I manually removed the entries, and re-installed the xCAT RPMs. Lo and behold - it did in fact re-create the entries (but did not remove them when uninstalling xCAT).
 
Thanks for the help!
___Kevin Keane | Systems Architect | University of San Diego ITS | kke...@sandiego.eduMaher Hall, 192 |5998 Alcalá Park | San Diego, CA 92110-2492 | 619.260.6859
REMEMBER! No one from IT at USD will ever ask to confirm or supply your password.These messages are an attempt to steal your username and password. Please do not reply to, click the links within, or open the attachments of these messages. Delete them!
  

On Wed, Nov 28, 2018 at 2:51 PM Christian Caruthers  wrote:
I believe that is created when xCAT is installed. Not sure which RPM does it, though. Possible the main xCAT or xCAT-server package. I don’t see the file in any of the packages, so I’m guessing it’s created by a script.
 
Regards,
Christian Caruthers
Lenovo Professional Services
Mobile: 757-289-9872
 
From: Kevin Keane Sent: Wednesday, November 28, 2018 17:26To: xCAT Users Mailing list Subject: Re: [xcat-user] [External] How to restrict xCAT's NFS shares?
 
My question is actually, how does the /etc/exports get generated, and how do I get xCAT to generate the exports file without the world-writable permissions?
 
Thanks,
___Kevin Keane | Systems Architect | University of San Diego ITS | kke...@sandiego.eduMaher Hall, 192 |5998 Alcalá Park | San Diego, CA 92110-2492 | 619.260.6859
REMEMBER! No one from IT at USD will ever ask to confirm or supply your password.These messages are an attempt to steal your username and password. Please do not reply to, click the links within, or open the attachments of these messages. Delete them!
 
 
 
On Wed, Nov 28, 2018 at 1:50 PM Christian Caruthers  wrote:
So long as the shares are available to your provisioning network, it should not break anything.
 
Regards,
Christian Caruthers
Lenovo Professional Services
Mobile: 757-289-9872
 
From: Kevin Keane Sent: Wednesday, November 28, 2018 16:37To: xCAT Users Mailing list Subject: [External] [xcat-user] How to restrict xCAT's NFS shares?
 
I noticed that xCAT shares /tftpboot and /install as world-writeable. Is there a way to restrict these NFS shares to only the networks within the cluster, without making them globally available?
 
Specifically, xCAT creates this /etc/exports file:
 
/tftpboot *(rw,no_root_squash,sync,no_subtree_check)/install *(rw,no_root_squash,sync,no_subtree_check)
 
I would like it to instead create this:
 
/tftpboot  192.168.10.0/24(rw,no_root_squash,sync,no_subtree_check)
/tftpboot  192.168.11.0/24(rw,no_root_squash,sync,no_subtree_check)/install  192.168.10.0/24(rw,no_root_squash,sync,no_subtree_check)
/install  192.168.11.0/24(rw,no_root_squash,sync,no_subtree_check)
 
(where 192.168.10.0 and 192.168.11.0 are two networks defined in the network table)
 
Is that doable?
 
Thanks!
___Kevin Keane | Systems Architect | University of San Diego ITS | kke...@sandiego.eduMaher Hall, 192 |5998 Alcalá Park | San Diego, CA 92110-2492 | 619.260.6859
REMEMBER! No one from IT at USD will ever ask to confirm or supply your password.These messages are an attempt to steal your username and password. Please do not reply to, click the links within, or open the attachments of these messages. Delete them!
 
___xCAT-user mailing listxCAT-user@lists.sourceforge.nethttps://lists.sourceforge.net/lists/listinfo/xcat-user___xCAT-user mailing listxCAT-user@lists.sourceforge.nethttps://lists.sourceforge.net/lists/listinfo/xcat-user
___xCAT-user mailing listxCAT-user@lists.sourceforge.nethttps://lists.sourceforge.net/lists/listinfo/xcat-user
 


___
xCAT-user mailing list
xCAT-user@lists.sourceforge.net

Re: [xcat-user] [External] How to restrict xCAT's NFS shares?

2018-11-28 Thread Kevin Keane

Yes, you appear to be correct. I just, for testing, uninstalled all of
xCAT. Then I manually removed the entries, and re-installed the xCAT RPMs.
Lo and behold - it did in fact re-create the entries (but did not remove
them when uninstalling xCAT).

Thanks for the help!

___
Kevin Keane | Systems Architect | University of San Diego ITS |
kke...@sandiego.edu
Maher Hall, 192 |5998 Alcalá Park | San Diego, CA 92110-2492 | 619.260.6859

*REMEMBER! **No one from IT at USD will ever ask to confirm or supply your
password*.
These messages are an attempt to steal your username and password. Please
do not reply to, click the links within, or open the attachments of these
messages. Delete them!




On Wed, Nov 28, 2018 at 2:51 PM Christian Caruthers 
wrote:

> I believe that is created when xCAT is installed. Not sure which RPM does
> it, though. Possible the main xCAT or xCAT-server package. I don’t see the
> file in any of the packages, so I’m guessing it’s created by a script.
>
>
>
> Regards,
>
> *Christian Caruthers*
>
> Lenovo Professional Services
>
> Mobile: 757-289-9872
>
>
>
> *From:* Kevin Keane 
> *Sent:* Wednesday, November 28, 2018 17:26
> *To:* xCAT Users Mailing list 
> *Subject:* Re: [xcat-user] [External] How to restrict xCAT's NFS shares?
>
>
>
> My question is actually, how does the /etc/exports get generated, and how
> do I get xCAT to generate the exports file without the world-writable
> permissions?
>
>
>
> Thanks,
>
> ___
> Kevin Keane | Systems Architect | University of San Diego ITS |
> kke...@sandiego.edu
> Maher Hall, 192 |5998 Alcalá Park | San Diego, CA 92110-2492 |
> 619.260.6859
>
> *REMEMBER! **No one from IT at USD will ever ask to confirm or supply
> your password*.
> These messages are an attempt to steal your username and password. Please
> do not reply to, click the links within, or open the attachments of these
> messages. Delete them!
>
>
>
>
>
>
>
> On Wed, Nov 28, 2018 at 1:50 PM Christian Caruthers 
> wrote:
>
> So long as the shares are available to your provisioning network, it
> should not break anything.
>
>
>
> Regards,
>
> *Christian Caruthers*
>
> Lenovo Professional Services
>
> Mobile: 757-289-9872
>
>
>
> *From:* Kevin Keane 
> *Sent:* Wednesday, November 28, 2018 16:37
> *To:* xCAT Users Mailing list 
> *Subject:* [External] [xcat-user] How to restrict xCAT's NFS shares?
>
>
>
> I noticed that xCAT shares /tftpboot and /install as world-writeable. Is
> there a way to restrict these NFS shares to only the networks within the
> cluster, without making them globally available?
>
>
>
> Specifically, xCAT creates this /etc/exports file:
>
>
>
> /tftpboot *(rw,no_root_squash,sync,no_subtree_check)
> /install *(rw,no_root_squash,sync,no_subtree_check)
>
>
>
> I would like it to instead create this:
>
>
>
> /tftpboot 192.168.10.0/24(rw,no_root_squash,sync,no_subtree_check)
>
> /tftpboot 192.168.11.0/24(rw,no_root_squash,sync,no_subtree_check)
> /install 192.168.10.0/24(rw,no_root_squash,sync,no_subtree_check)
>
> /install 192.168.11.0/24(rw,no_root_squash,sync,no_subtree_check)
>
>
>
> (where 192.168.10.0 and 192.168.11.0 are two networks defined in the
> network table)
>
>
>
> Is that doable?
>
>
>
> Thanks!
>
> ___
> Kevin Keane | Systems Architect | University of San Diego ITS |
> kke...@sandiego.edu
> Maher Hall, 192 |5998 Alcalá Park | San Diego, CA 92110-2492 |
> 619.260.6859
>
> *REMEMBER! **No one from IT at USD will ever ask to confirm or supply
> your password*.
> These messages are an attempt to steal your username and password. Please
> do not reply to, click the links within, or open the attachments of these
> messages. Delete them!
>
>
>
> ___
> xCAT-user mailing list
> xCAT-user@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/xcat-user
>
> ___
> xCAT-user mailing list
> xCAT-user@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/xcat-user
>
___
xCAT-user mailing list
xCAT-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/xcat-user

Re: [xcat-user] [External] How to restrict xCAT's NFS shares?

2018-11-28 Thread Christian Caruthers

I believe that is created when xCAT is installed. Not sure which RPM does it, 
though. Possible the main xCAT or xCAT-server package. I don’t see the file in 
any of the packages, so I’m guessing it’s created by a script.

Regards,
Christian Caruthers
Lenovo Professional Services
Mobile: 757-289-9872

From: Kevin Keane 
Sent: Wednesday, November 28, 2018 17:26
To: xCAT Users Mailing list 
Subject: Re: [xcat-user] [External] How to restrict xCAT's NFS shares?

My question is actually, how does the /etc/exports get generated, and how do I 
get xCAT to generate the exports file without the world-writable permissions?

Thanks,

___
Kevin Keane | Systems Architect | University of San Diego ITS | 
kke...@sandiego.edu
Maher Hall, 192 |5998 Alcalá Park | San Diego, CA 92110-2492 | 619.260.6859

REMEMBER! No one from IT at USD will ever ask to confirm or supply your 
password.
These messages are an attempt to steal your username and password. Please do 
not reply to, click the links within, or open the attachments of these 
messages. Delete them!




On Wed, Nov 28, 2018 at 1:50 PM Christian Caruthers 
mailto:ccaruth...@lenovo.com>> wrote:
So long as the shares are available to your provisioning network, it should not 
break anything.

Regards,
Christian Caruthers
Lenovo Professional Services
Mobile: 757-289-9872

From: Kevin Keane mailto:kke...@sandiego.edu>>
Sent: Wednesday, November 28, 2018 16:37
To: xCAT Users Mailing list 
mailto:xcat-user@lists.sourceforge.net>>
Subject: [External] [xcat-user] How to restrict xCAT's NFS shares?

I noticed that xCAT shares /tftpboot and /install as world-writeable. Is there 
a way to restrict these NFS shares to only the networks within the cluster, 
without making them globally available?

Specifically, xCAT creates this /etc/exports file:

/tftpboot *(rw,no_root_squash,sync,no_subtree_check)
/install *(rw,no_root_squash,sync,no_subtree_check)

I would like it to instead create this:

/tftpboot 
192.168.10.0/24(rw,no_root_squash,sync,no_subtree_check)
/tftpboot 
192.168.11.0/24(rw,no_root_squash,sync,no_subtree_check)
/install 
192.168.10.0/24(rw,no_root_squash,sync,no_subtree_check)
/install 
192.168.11.0/24(rw,no_root_squash,sync,no_subtree_check)

(where 192.168.10.0 and 192.168.11.0 are two networks defined in the network 
table)

Is that doable?

Thanks!

___
Kevin Keane | Systems Architect | University of San Diego ITS | 
kke...@sandiego.edu
Maher Hall, 192 |5998 Alcalá Park | San Diego, CA 92110-2492 | 619.260.6859

REMEMBER! No one from IT at USD will ever ask to confirm or supply your 
password.
These messages are an attempt to steal your username and password. Please do 
not reply to, click the links within, or open the attachments of these 
messages. Delete them!


___
xCAT-user mailing list
xCAT-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/xcat-user
___
xCAT-user mailing list
xCAT-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/xcat-user

Re: [xcat-user] [External] How to restrict xCAT's NFS shares?

2018-11-28 Thread Kevin Keane

My question is actually, how does the /etc/exports get generated, and how
do I get xCAT to generate the exports file without the world-writable
permissions?

Thanks,

___
Kevin Keane | Systems Architect | University of San Diego ITS |
kke...@sandiego.edu
Maher Hall, 192 |5998 Alcalá Park | San Diego, CA 92110-2492 | 619.260.6859

*REMEMBER! **No one from IT at USD will ever ask to confirm or supply your
password*.
These messages are an attempt to steal your username and password. Please
do not reply to, click the links within, or open the attachments of these
messages. Delete them!




On Wed, Nov 28, 2018 at 1:50 PM Christian Caruthers 
wrote:

> So long as the shares are available to your provisioning network, it
> should not break anything.
>
>
>
> Regards,
>
> *Christian Caruthers*
>
> Lenovo Professional Services
>
> Mobile: 757-289-9872
>
>
>
> *From:* Kevin Keane 
> *Sent:* Wednesday, November 28, 2018 16:37
> *To:* xCAT Users Mailing list 
> *Subject:* [External] [xcat-user] How to restrict xCAT's NFS shares?
>
>
>
> I noticed that xCAT shares /tftpboot and /install as world-writeable. Is
> there a way to restrict these NFS shares to only the networks within the
> cluster, without making them globally available?
>
>
>
> Specifically, xCAT creates this /etc/exports file:
>
>
>
> /tftpboot *(rw,no_root_squash,sync,no_subtree_check)
> /install *(rw,no_root_squash,sync,no_subtree_check)
>
>
>
> I would like it to instead create this:
>
>
>
> /tftpboot 192.168.10.0/24(rw,no_root_squash,sync,no_subtree_check)
>
> /tftpboot 192.168.11.0/24(rw,no_root_squash,sync,no_subtree_check)
> /install 192.168.10.0/24(rw,no_root_squash,sync,no_subtree_check)
>
> /install 192.168.11.0/24(rw,no_root_squash,sync,no_subtree_check)
>
>
>
> (where 192.168.10.0 and 192.168.11.0 are two networks defined in the
> network table)
>
>
>
> Is that doable?
>
>
>
> Thanks!
>
> ___
> Kevin Keane | Systems Architect | University of San Diego ITS |
> kke...@sandiego.edu
> Maher Hall, 192 |5998 Alcalá Park | San Diego, CA 92110-2492 |
> 619.260.6859
>
> *REMEMBER! **No one from IT at USD will ever ask to confirm or supply
> your password*.
> These messages are an attempt to steal your username and password. Please
> do not reply to, click the links within, or open the attachments of these
> messages. Delete them!
>
>
> ___
> xCAT-user mailing list
> xCAT-user@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/xcat-user
>
___
xCAT-user mailing list
xCAT-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/xcat-user

Re: [xcat-user] Using chrony instead of ntp?

2018-11-28 Thread Vinícius Ferrão

Hello Casandra,

Thanks for sharing the correct info. In a case of an already deployed xCAT on 
RHEL7, is it possible to change it back to chronyd instead of ntpd?

Which steps are needed?

Thanks,

Sent from my iPhone

> On 28 Nov 2018, at 19:24, Casandra H Qiu  wrote:
> 
> If xCAT found there is chronyd on the system, it will use chrony, otherwise 
> it will default back to ntp.
> 
> 
> Thanks,
> Casandra Qiu
> 
> ...
> Casandra Hong Qiu
> Phone: (845) 433-9291, t/l 293-9291
> Office: Building 8, 3-B-04
> cxh...@us.ibm.com
> 
> 
> 
> Ryan Novosielski ---11/28/2018 03:49:48 PM---You happen to know 
> if this is possible to make use of also on RHEL7 without much fuss? Sent from 
> my
> 
> From: Ryan Novosielski 
> To: xCAT Users Mailing list 
> Date: 11/28/2018 03:49 PM
> Subject: Re: [xcat-user] Using chrony instead of ntp?
> 
> 
> 
> 
> You happen to know if this is possible to make use of also on RHEL7 without 
> much fuss?
> 
> Sent from my iPhone
> 
> On Nov 28, 2018, at 15:16, Casandra H Qiu  wrote:
> xCAT is modified the code on 2.14.3 to use chrony instead of ntp for RHEL8 
> support. 
> 
> 
> Thanks,
> Casandra Qiu
> 
> ...
> Casandra Hong Qiu
> Phone: (845) 433-9291, t/l 293-9291
> Office: Building 8, 3-B-04
> cxh...@us.ibm.com
> 
> 
> 
> Kevin Keane ---11/28/2018 02:21:59 PM---xCAT is designed to use 
> ntp, of course. But RedHat makes chrony the default (and in the upcoming RHE
> 
> From: Kevin Keane 
> To: xCAT Users Mailing list 
> Date: 11/28/2018 02:21 PM
> Subject: [xcat-user] Using chrony instead of ntp?
> 
> 
> 
> xCAT is designed to use ntp, of course. But RedHat makes chrony the default 
> (and in the upcoming RHEL 8, ntpd will not even be included any more).
> 
> What do I need to consider when using chrony instead of ntpd? Obviously, I 
> can't run makentp, and would have to configure it manually. Is there anything 
> else I need to pay attention to?
> 
> Thanks!
> ___
> Kevin Keane | Systems Architect | University of San Diego ITS | 
> kke...@sandiego.edu
> Maher Hall, 192 |5998 Alcalá Park | San Diego, CA 92110-2492 | 619.260.6859
> 
> REMEMBER! No one from IT at USD will ever ask to confirm or supply your 
> password.
> These messages are an attempt to steal your username and password. Please do 
> not reply to, click the links within, or open the attachments of these 
> messages. Delete them!
> 
> ___
> xCAT-user mailing list
> xCAT-user@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/xcat-user
> 
> ___
> xCAT-user mailing list
> xCAT-user@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/xcat-user[attachment 
> "graycol.gif" deleted by Casandra H Qiu/Poughkeepsie/IBM] 
> ___
> xCAT-user mailing list
> xCAT-user@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/xcat-user
> 
> 
> ___
> xCAT-user mailing list
> xCAT-user@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/xcat-user
___
xCAT-user mailing list
xCAT-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/xcat-user

Re: [xcat-user] [External] Re: Excluding a node from discovery?

2018-11-28 Thread Christian Caruthers

If you define the mac address and set the chain table so xCAT will not try to 
"do" anything with the node:

chdef {NODE} currstate=boot currchain=boot chain=boot

nodeset {NODE} boot

You probably don't need all of those chain table settings, but that should 
catch everything. This way, the DHCP server will not attempt to discover or 
install when a PXE request is received.

Regards,
Christian Caruthers
Lenovo Professional Services
Mobile: 757-289-9872

From: Casandra H Qiu 
Sent: Wednesday, November 28, 2018 15:12
To: xCAT Users Mailing list 
Subject: [External] Re: [xcat-user] Excluding a node from discovery?


If mac address defined, DHCP server already knows this node. bmcdiscover will 
not send genesis kernel , but the node attribute will be replaced from discover 
packet if there are difference.

For the mtms-based discover, the bmcdiscover will send findme packet and 
looking for per-definied node with same mtm/serial. Yes, if it didn't find, 
that would cause bmcdiscover to think this node hasn't been discovered, the 
temp bmc discover will not be removed from xcat database.

The discover packet should contain same info as what defined for the storage 
node (CPU, disksize, mtm/serial, memory), i think you should just keep mac, 
mtm/serial for the storage node, it will not run into discovery process.

...
Casandra Hong Qiu
Phone: (845) 433-9291, t/l 293-9291
Office: Building 8, 3-B-04
cxh...@us.ibm.com



[Inactive hide details for Kevin Keane ---11/28/2018 02:18:03 PM---If I remove 
mtms and serial from the storage node definition,]Kevin Keane ---11/28/2018 
02:18:03 PM---If I remove mtms and serial from the storage node definition, how 
would that cause bmcdiscover to ig

From: Kevin Keane mailto:kke...@sandiego.edu>>
To: xCAT Users Mailing list 
mailto:xcat-user@lists.sourceforge.net>>
Date: 11/28/2018 02:18 PM
Subject: Re: [xcat-user] Excluding a node from discovery?





If I remove mtms and serial from the storage node definition, how would that 
cause bmcdiscover to ignore this node? It seems to me that in the contrary, 
that would cause bmcdiscover to think this node hasn't been discovered yet.

But your response inspired a thought - if I do the opposite and *add* mtms, 
serial and MAC address to the storage node object, would that be enough to get 
bmcdiscover to think this node has already been discovered? Or do I need any 
other settings?

_
Kevin Keane | Systems Architect | University of San Diego ITS | 
kke...@sandiego.edu
Maher Hall, 192 |5998 Alcalá Park | San Diego, CA 92110-2492 | 619.260.6859

REMEMBER! No one from IT at USD will ever ask to confirm or supply your 
password.
These messages are an attempt to steal your username and password. Please do 
not reply to, click the links within, or open the attachments of these 
messages. Delete them!


On Wed, Nov 28, 2018 at 11:02 AM Casandra H Qiu 
mailto:cxh...@us.ibm.com>> wrote:
You may need to remove mtms/serial number from storage node definition.
Also, you should remove mac address from storage node definition,
"makedhcp -d storagenode " to remove from DHCP lease file


Thanks,
Casandra Qiu

...
Casandra Hong Qiu
Phone: (845) 433-9291, t/l 293-9291
Office: Building 8, 3-B-04
cxh...@us.ibm.com



Kevin Keane ---11/28/2018 01:03:36 PM---I am looking for a way to exclude one 
node from being discovered (MTMS-based discovery).

From: Kevin Keane mailto:kke...@sandiego.edu>>
To: xCAT Users Mailing list 
mailto:xcat-user@lists.sourceforge.net>>
Date: 11/28/2018 01:03 PM
Subject: [xcat-user] Excluding a node from discovery?




I am looking for a way to exclude one node from being discovered (MTMS-based 
discovery).

The background is that we have quite a few compute nodes, and one storage node. 
The storage node is managed separately, but is of course connected to the same 
networks as the compute nodes. If I blindly run bmcdiscover on the whole 
subnet, it will discover the storage node. The worst-case scenario is that I 
accidentally reformat it and lose data.

So I am looking for a way to keep this node from ever even being discovered in 
the first place. Any ideas?

Thanks!

___
Kevin Keane | Systems Architect | University of San Diego ITS | 
kke...@sandiego.edu
Maher Hall, 192 |5998 Alcalá Park | San Diego, CA 92110-2492 | 619.260.6859

REMEMBER! No one from IT at USD will ever ask to confirm or supply your 
password.
These messages are an attempt to steal your username and password. Please do 
not reply to, click the links within, or open the attachments of these 
messages. Delete them!

Re: [xcat-user] [External] How to restrict xCAT's NFS shares?

2018-11-28 Thread Christian Caruthers

So long as the shares are available to your provisioning network, it should not 
break anything.

Regards,
Christian Caruthers
Lenovo Professional Services
Mobile: 757-289-9872

From: Kevin Keane 
Sent: Wednesday, November 28, 2018 16:37
To: xCAT Users Mailing list 
Subject: [External] [xcat-user] How to restrict xCAT's NFS shares?

I noticed that xCAT shares /tftpboot and /install as world-writeable. Is there 
a way to restrict these NFS shares to only the networks within the cluster, 
without making them globally available?

Specifically, xCAT creates this /etc/exports file:

/tftpboot *(rw,no_root_squash,sync,no_subtree_check)
/install *(rw,no_root_squash,sync,no_subtree_check)

I would like it to instead create this:

/tftpboot 
192.168.10.0/24(rw,no_root_squash,sync,no_subtree_check)
/tftpboot 
192.168.11.0/24(rw,no_root_squash,sync,no_subtree_check)
/install 
192.168.10.0/24(rw,no_root_squash,sync,no_subtree_check)
/install 
192.168.11.0/24(rw,no_root_squash,sync,no_subtree_check)

(where 192.168.10.0 and 192.168.11.0 are two networks defined in the network 
table)

Is that doable?

Thanks!

___
Kevin Keane | Systems Architect | University of San Diego ITS | 
kke...@sandiego.edu
Maher Hall, 192 |5998 Alcalá Park | San Diego, CA 92110-2492 | 619.260.6859

REMEMBER! No one from IT at USD will ever ask to confirm or supply your 
password.
These messages are an attempt to steal your username and password. Please do 
not reply to, click the links within, or open the attachments of these 
messages. Delete them!


___
xCAT-user mailing list
xCAT-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/xcat-user

[xcat-user] How to restrict xCAT's NFS shares?

2018-11-28 Thread Kevin Keane

I noticed that xCAT shares /tftpboot and /install as world-writeable. Is
there a way to restrict these NFS shares to only the networks within the
cluster, without making them globally available?

Specifically, xCAT creates this /etc/exports file:

/tftpboot *(rw,no_root_squash,sync,no_subtree_check)
/install *(rw,no_root_squash,sync,no_subtree_check)

I would like it to instead create this:

/tftpboot 192.168.10.0/24(rw,no_root_squash,sync,no_subtree_check)
/tftpboot 192.168.11.0/24(rw,no_root_squash,sync,no_subtree_check)
/install 192.168.10.0/24(rw,no_root_squash,sync,no_subtree_check)
/install 192.168.11.0/24(rw,no_root_squash,sync,no_subtree_check)

(where 192.168.10.0 and 192.168.11.0 are two networks defined in the
network table)

Is that doable?

Thanks!

___
Kevin Keane | Systems Architect | University of San Diego ITS |
kke...@sandiego.edu
Maher Hall, 192 |5998 Alcalá Park | San Diego, CA 92110-2492 | 619.260.6859

*REMEMBER! **No one from IT at USD will ever ask to confirm or supply your
password*.
These messages are an attempt to steal your username and password. Please
do not reply to, click the links within, or open the attachments of these
messages. Delete them!
___
xCAT-user mailing list
xCAT-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/xcat-user

Re: [xcat-user] Using chrony instead of ntp?

2018-11-28 Thread Casandra H Qiu


If xCAT found there is chronyd on the system,  it will use chrony,
otherwise it will default back to ntp.


Thanks,
Casandra Qiu

...
Casandra Hong Qiu
Phone: (845) 433-9291, t/l 293-9291
Office: Building 8, 3-B-04
cxh...@us.ibm.com





From:   Ryan Novosielski 
To: xCAT Users Mailing list 
Date:   11/28/2018 03:49 PM
Subject:Re: [xcat-user] Using chrony instead of ntp?



You happen to know if this is possible to make use of also on RHEL7 without
much fuss?

Sent from my iPhone

On Nov 28, 2018, at 15:16, Casandra H Qiu  wrote:



  xCAT is modified the code on 2.14.3 to use chrony instead of ntp for
  RHEL8 support.


  Thanks,
  Casandra Qiu

  ...
  Casandra Hong Qiu
  Phone: (845) 433-9291, t/l 293-9291
  Office: Building 8, 3-B-04
  cxh...@us.ibm.com



  Kevin Keane ---11/28/2018 02:21:59 PM---xCAT is designed
  to use ntp, of course. But RedHat makes chrony the default (and in
  the upcoming RHE

  From: Kevin Keane 
  To: xCAT Users Mailing list 
  Date: 11/28/2018 02:21 PM
  Subject: [xcat-user] Using chrony instead of ntp?





  xCAT is designed to use ntp, of course. But RedHat makes chrony the
  default (and in the upcoming RHEL 8, ntpd will not even be included
  any more).

  What do I need to consider when using chrony instead of ntpd?
  Obviously, I can't run makentp, and would have to configure it
  manually. Is there anything else I need to pay attention to?

  Thanks!


  ___

  Kevin Keane | Systems Architect | University of San Diego ITS |
  kke...@sandiego.edu
  Maher Hall, 192 |5998 Alcalá Park | San Diego, CA 92110-2492 |
  619.260.6859


  REMEMBER! No one from IT at USD will ever ask to confirm or supply
  your password.
  These messages are an attempt to steal your username and password.
  Please do not reply to, click the links within, or open the
  attachments of these messages. Delete them!


  ___
  xCAT-user mailing list
  xCAT-user@lists.sourceforge.net
  https://lists.sourceforge.net/lists/listinfo/xcat-user





  ___
  xCAT-user mailing list
  xCAT-user@lists.sourceforge.net
  https://lists.sourceforge.net/lists/listinfo/xcat-user[attachment
  "graycol.gif" deleted by Casandra H Qiu/Poughkeepsie/IBM]
  ___
  xCAT-user mailing list
  xCAT-user@lists.sourceforge.net
  https://lists.sourceforge.net/lists/listinfo/xcat-user







___
xCAT-user mailing list
xCAT-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/xcat-user

Re: [xcat-user] Using chrony instead of ntp?

2018-11-28 Thread Kevin Keane

Casandra,

Thank you very much - I didn't know that. Just tried it on RHEL 7, and
makentp indeed detects that chrony is installed instead of ntp, and then
proceeds to configure chronyd.

Awesome!

___
Kevin Keane | Systems Architect | University of San Diego ITS |
kke...@sandiego.edu
Maher Hall, 192 |5998 Alcalá Park | San Diego, CA 92110-2492 | 619.260.6859

*REMEMBER! **No one from IT at USD will ever ask to confirm or supply your
password*.
These messages are an attempt to steal your username and password. Please
do not reply to, click the links within, or open the attachments of these
messages. Delete them!




On Wed, Nov 28, 2018 at 12:49 PM Ryan Novosielski 
wrote:

> You happen to know if this is possible to make use of also on RHEL7
> without much fuss?
>
> Sent from my iPhone
>
> On Nov 28, 2018, at 15:16, Casandra H Qiu  wrote:
>
> xCAT is modified the code on 2.14.3 to use chrony instead of ntp for RHEL8
> support.
>
>
> Thanks,
> Casandra Qiu
>
> ...
> Casandra Hong Qiu
> Phone: (845) 433-9291, t/l 293-9291
> Office: Building 8, 3-B-04
> cxh...@us.ibm.com
>
>
>
> Kevin Keane ---11/28/2018 02:21:59 PM---xCAT is designed to
> use ntp, of course. But RedHat makes chrony the default (and in the
> upcoming RHE
>
> From: Kevin Keane 
> To: xCAT Users Mailing list 
> Date: 11/28/2018 02:21 PM
> Subject: [xcat-user] Using chrony instead of ntp?
> --
>
>
>
> xCAT is designed to use ntp, of course. But RedHat makes chrony the
> default (and in the upcoming RHEL 8, ntpd will not even be included any
> more).
>
> What do I need to consider when using chrony instead of ntpd? Obviously, I
> can't run makentp, and would have to configure it manually. Is there
> anything else I need to pay attention to?
>
> Thanks!
>
> ___
> Kevin Keane | Systems Architect | University of San Diego ITS |
> *kke...@sandiego.edu* 
> Maher Hall, 192 |5998 Alcalá Park | San Diego, CA 92110-2492 | 619.260.6859
>
>
> *REMEMBER! **No one from IT at USD will ever ask to confirm or supply
> your password*.
> These messages are an attempt to steal your username and password. Please
> do not reply to, click the links within, or open the attachments of these
> messages. Delete them!
>
> ___
> xCAT-user mailing list
> xCAT-user@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/xcat-user
>
>
> ___
> xCAT-user mailing list
> xCAT-user@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/xcat-user
>
> ___
> xCAT-user mailing list
> xCAT-user@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/xcat-user
>
___
xCAT-user mailing list
xCAT-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/xcat-user

Re: [xcat-user] Using chrony instead of ntp?

2018-11-28 Thread Ryan Novosielski

You happen to know if this is possible to make use of also on RHEL7 without 
much fuss?

Sent from my iPhone

On Nov 28, 2018, at 15:16, Casandra H Qiu 
mailto:cxh...@us.ibm.com>> wrote:


xCAT is modified the code on 2.14.3 to use chrony instead of ntp for RHEL8 
support.


Thanks,
Casandra Qiu

...
Casandra Hong Qiu
Phone: (845) 433-9291, t/l 293-9291
Office: Building 8, 3-B-04
cxh...@us.ibm.com



Kevin Keane ---11/28/2018 02:21:59 PM---xCAT is designed to use 
ntp, of course. But RedHat makes chrony the default (and in the upcoming RHE

From: Kevin Keane mailto:kke...@sandiego.edu>>
To: xCAT Users Mailing list 
mailto:xcat-user@lists.sourceforge.net>>
Date: 11/28/2018 02:21 PM
Subject: [xcat-user] Using chrony instead of ntp?





xCAT is designed to use ntp, of course. But RedHat makes chrony the default 
(and in the upcoming RHEL 8, ntpd will not even be included any more).

What do I need to consider when using chrony instead of ntpd? Obviously, I 
can't run makentp, and would have to configure it manually. Is there anything 
else I need to pay attention to?

Thanks!

___
Kevin Keane | Systems Architect | University of San Diego ITS | 
kke...@sandiego.edu
Maher Hall, 192 |5998 Alcalá Park | San Diego, CA 92110-2492 | 619.260.6859

REMEMBER! No one from IT at USD will ever ask to confirm or supply your 
password.
These messages are an attempt to steal your username and password. Please do 
not reply to, click the links within, or open the attachments of these 
messages. Delete them!

___
xCAT-user mailing list
xCAT-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/xcat-user


___
xCAT-user mailing list
xCAT-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/xcat-user
___
xCAT-user mailing list
xCAT-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/xcat-user

Re: [xcat-user] Using chrony instead of ntp?

2018-11-28 Thread Casandra H Qiu


xCAT is modified the code on 2.14.3 to use chrony instead of ntp for RHEL8
support.


Thanks,
Casandra Qiu

...
Casandra Hong Qiu
Phone: (845) 433-9291, t/l 293-9291
Office: Building 8, 3-B-04
cxh...@us.ibm.com





From:   Kevin Keane 
To: xCAT Users Mailing list 
Date:   11/28/2018 02:21 PM
Subject:[xcat-user] Using chrony instead of ntp?



xCAT is designed to use ntp, of course. But RedHat makes chrony the default
(and in the upcoming RHEL 8, ntpd will not even be included any more).

What do I need to consider when using chrony instead of ntpd? Obviously, I
can't run makentp, and would have to configure it manually. Is there
anything else I need to pay attention to?

Thanks!


___
Kevin Keane | Systems Architect | University of San Diego ITS |
kke...@sandiego.edu
Maher Hall, 192 |5998 Alcalá Park | San Diego, CA 92110-2492 | 619.260.6859


REMEMBER! No one from IT at USD will ever ask to confirm or supply your
password.
These messages are an attempt to steal your username and password. Please
do not reply to, click the links within, or open the attachments of these
messages. Delete them!


___
xCAT-user mailing list
xCAT-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/xcat-user







___
xCAT-user mailing list
xCAT-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/xcat-user

Re: [xcat-user] Excluding a node from discovery?

2018-11-28 Thread Casandra H Qiu


If mac address defined,  DHCP server already knows this node.  bmcdiscover
will not send genesis kernel  , but  the node attribute will be replaced
from discover packet if there are difference.

For the mtms-based discover,  the bmcdiscover will send findme packet and
looking for per-definied node with same mtm/serial.  Yes, if it didn't
find,  that would cause bmcdiscover to think this node hasn't been
discovered, the temp bmc discover will not be removed from xcat database.

The discover packet should contain same info as what defined for the
storage node (CPU, disksize, mtm/serial, memory),  i think you should
just keep mac, mtm/serial for the storage node, it will not run into
discovery process.

...
Casandra Hong Qiu
Phone: (845) 433-9291, t/l 293-9291
Office: Building 8, 3-B-04
cxh...@us.ibm.com





From:   Kevin Keane 
To: xCAT Users Mailing list 
Date:   11/28/2018 02:18 PM
Subject:Re: [xcat-user] Excluding a node from discovery?



If I remove mtms and serial from the storage node definition, how would
that cause bmcdiscover to ignore this node? It seems to me that in the
contrary, that would cause bmcdiscover to think this node hasn't been
discovered yet.

But your response inspired a thought - if I do the opposite and *add* mtms,
serial and MAC address to the storage node object, would that be enough to
get bmcdiscover to think this node has already been discovered? Or do I
need any other settings?


_
Kevin Keane | Systems Architect | University of San Diego ITS |
kke...@sandiego.edu
Maher Hall, 192 |5998 Alcalá Park | San Diego, CA 92110-2492 | 619.260.6859


REMEMBER! No one from IT at USD will ever ask to confirm or supply your
password.
These messages are an attempt to steal your username and password. Please
do not reply to, click the links within, or open the attachments of these
messages. Delete them!







On Wed, Nov 28, 2018 at 11:02 AM Casandra H Qiu  wrote:
  You may need to remove mtms/serial number from storage node definition.
  Also, you should remove mac address from storage node definition,
  "makedhcp -d storagenode " to remove from DHCP lease file


  Thanks,
  Casandra Qiu

  ...
  Casandra Hong Qiu
  Phone: (845) 433-9291, t/l 293-9291
  Office: Building 8, 3-B-04
  cxh...@us.ibm.com



  Kevin Keane ---11/28/2018 01:03:36 PM---I am looking for a way to exclude
  one node from being discovered (MTMS-based discovery).

  From: Kevin Keane 
  To: xCAT Users Mailing list 
  Date: 11/28/2018 01:03 PM
  Subject: [xcat-user] Excluding a node from discovery?



  I am looking for a way to exclude one node from being discovered
  (MTMS-based discovery).

  The background is that we have quite a few compute nodes, and one storage
  node. The storage node is managed separately, but is of course connected
  to the same networks as the compute nodes. If I blindly run bmcdiscover
  on the whole subnet, it will discover the storage node. The worst-case
  scenario is that I accidentally reformat it and lose data.

  So I am looking for a way to keep this node from ever even being
  discovered in the first place. Any ideas?

  Thanks!


  ___
  Kevin Keane | Systems Architect | University of San Diego ITS |
  kke...@sandiego.edu
  Maher Hall, 192 |5998 Alcalá Park | San Diego, CA 92110-2492 |
  619.260.6859


  REMEMBER! No one from IT at USD will ever ask to confirm or supply your
  password.
  These messages are an attempt to steal your username and password. Please
  do not reply to, click the links within, or open the attachments of these
  messages. Delete them!


  ___
  xCAT-user mailing list
  xCAT-user@lists.sourceforge.net
  https://lists.sourceforge.net/lists/listinfo/xcat-user



  ___
  xCAT-user mailing list
  xCAT-user@lists.sourceforge.net
  https://lists.sourceforge.net/lists/listinfo/xcat-user[attachment
  "graycol.gif" deleted by Casandra H Qiu/Poughkeepsie/IBM] [attachment
  "graycol.gif" deleted by Casandra H Qiu/Poughkeepsie/IBM]
  ___
  xCAT-user mailing list
  xCAT-user@lists.sourceforge.net
  https://lists.sourceforge.net/lists/listinfo/xcat-user



___
xCAT-user mailing list
xCAT-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/xcat-user

[xcat-user] Using chrony instead of ntp?

2018-11-28 Thread Kevin Keane

xCAT is designed to use ntp, of course. But RedHat makes chrony the default
(and in the upcoming RHEL 8, ntpd will not even be included any more).

What do I need to consider when using chrony instead of ntpd? Obviously, I
can't run makentp, and would have to configure it manually. Is there
anything else I need to pay attention to?

Thanks!

___
Kevin Keane | Systems Architect | University of San Diego ITS |
kke...@sandiego.edu
Maher Hall, 192 |5998 Alcalá Park | San Diego, CA 92110-2492 | 619.260.6859

*REMEMBER! **No one from IT at USD will ever ask to confirm or supply your
password*.
These messages are an attempt to steal your username and password. Please
do not reply to, click the links within, or open the attachments of these
messages. Delete them!
___
xCAT-user mailing list
xCAT-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/xcat-user

Re: [xcat-user] Excluding a node from discovery?

2018-11-28 Thread Kevin Keane

If I remove mtms and serial from the storage node definition, how would
that cause bmcdiscover to ignore this node? It seems to me that in the
contrary, that would cause bmcdiscover to think this node hasn't been
discovered yet.

But your response inspired a thought - if I do the opposite and *add* mtms,
serial and MAC address to the storage node object, would that be enough to
get bmcdiscover to think this node has already been discovered? Or do I
need any other settings?

_
Kevin Keane | Systems Architect | University of San Diego ITS |
kke...@sandiego.edu
Maher Hall, 192 |5998 Alcalá Park | San Diego, CA 92110-2492 | 619.260.6859

*REMEMBER! **No one from IT at USD will ever ask to confirm or supply your
password*.
These messages are an attempt to steal your username and password. Please
do not reply to, click the links within, or open the attachments of these
messages. Delete them!




On Wed, Nov 28, 2018 at 11:02 AM Casandra H Qiu  wrote:

> You may need to remove mtms/serial number from storage node definition.
> Also, you should remove mac address from storage node definition,
> "makedhcp -d storagenode " to remove from DHCP lease file
>
>
> Thanks,
> Casandra Qiu
>
> ...
> Casandra Hong Qiu
> Phone: (845) 433-9291, t/l 293-9291
> Office: Building 8, 3-B-04
> cxh...@us.ibm.com
>
>
>
> [image: Inactive hide details for Kevin Keane ---11/28/2018 01:03:36
> PM---I am looking for a way to exclude one node from being discove]Kevin
> Keane ---11/28/2018 01:03:36 PM---I am looking for a way to exclude one
> node from being discovered (MTMS-based discovery).
>
> From: Kevin Keane 
> To: xCAT Users Mailing list 
> Date: 11/28/2018 01:03 PM
> Subject: [xcat-user] Excluding a node from discovery?
> --
>
>
>
> I am looking for a way to exclude one node from being discovered
> (MTMS-based discovery).
>
> The background is that we have quite a few compute nodes, and one storage
> node. The storage node is managed separately, but is of course connected to
> the same networks as the compute nodes. If I blindly run bmcdiscover on the
> whole subnet, it will discover the storage node. The worst-case scenario is
> that I accidentally reformat it and lose data.
>
> So I am looking for a way to keep this node from ever even being
> discovered in the first place. Any ideas?
>
> Thanks!
>
> ___
> Kevin Keane | Systems Architect | University of San Diego ITS |
> *kke...@sandiego.edu* 
> Maher Hall, 192 |5998 Alcalá Park | San Diego, CA 92110-2492 | 619.260.6859
>
>
> *REMEMBER! **No one from IT at USD will ever ask to confirm or supply
> your password*.
> These messages are an attempt to steal your username and password. Please
> do not reply to, click the links within, or open the attachments of these
> messages. Delete them!
>
> ___
> xCAT-user mailing list
> xCAT-user@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/xcat-user
>
>
> ___
> xCAT-user mailing list
> xCAT-user@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/xcat-user
>
___
xCAT-user mailing list
xCAT-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/xcat-user

Re: [xcat-user] Excluding a node from discovery?

2018-11-28 Thread Casandra H Qiu


You may need to remove mtms/serial number from storage node definition.
Also,  you should remove mac address from storage node definition,
"makedhcp -d storagenode "   to remove from DHCP lease file


Thanks,
Casandra Qiu

...
Casandra Hong Qiu
Phone: (845) 433-9291, t/l 293-9291
Office: Building 8, 3-B-04
cxh...@us.ibm.com





From:   Kevin Keane 
To: xCAT Users Mailing list 
Date:   11/28/2018 01:03 PM
Subject:[xcat-user] Excluding a node from discovery?



I am looking for a way to exclude one node from being discovered
(MTMS-based discovery).

The background is that we have quite a few compute nodes, and one storage
node. The storage node is managed separately, but is of course connected to
the same networks as the compute nodes. If I blindly run bmcdiscover on the
whole subnet, it will discover the storage node. The worst-case scenario is
that I accidentally reformat it and lose data.

So I am looking for a way to keep this node from ever even being discovered
in the first place. Any ideas?

Thanks!


___
Kevin Keane | Systems Architect | University of San Diego ITS |
kke...@sandiego.edu
Maher Hall, 192 |5998 Alcalá Park | San Diego, CA 92110-2492 | 619.260.6859


REMEMBER! No one from IT at USD will ever ask to confirm or supply your
password.
These messages are an attempt to steal your username and password. Please
do not reply to, click the links within, or open the attachments of these
messages. Delete them!


___
xCAT-user mailing list
xCAT-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/xcat-user







___
xCAT-user mailing list
xCAT-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/xcat-user

[xcat-user] Excluding a node from discovery?

2018-11-28 Thread Kevin Keane

I am looking for a way to exclude one node from being discovered
(MTMS-based discovery).

The background is that we have quite a few compute nodes, and one storage
node. The storage node is managed separately, but is of course connected to
the same networks as the compute nodes. If I blindly run bmcdiscover on the
whole subnet, it will discover the storage node. The worst-case scenario is
that I accidentally reformat it and lose data.

So I am looking for a way to keep this node from ever even being discovered
in the first place. Any ideas?

Thanks!

___
Kevin Keane | Systems Architect | University of San Diego ITS |
kke...@sandiego.edu
Maher Hall, 192 |5998 Alcalá Park | San Diego, CA 92110-2492 | 619.260.6859

*REMEMBER! **No one from IT at USD will ever ask to confirm or supply your
password*.
These messages are an attempt to steal your username and password. Please
do not reply to, click the links within, or open the attachments of these
messages. Delete them!
___
xCAT-user mailing list
xCAT-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/xcat-user

Re: [xcat-user] [External] Encrypted passwords in passwd table

2018-11-28 Thread Jarrod Johnson

It can only work for the root passwd.  You can take the value in /etc/shadow 
and copy it in verbatim instead of the plain value.  Root password can be 
non-recoverably encrypted (you only need to tell the nodes how to prove someone 
knows a password, not actually know the password itself).  For things like 
IPMI, the password must be known by xCAT, and for such passwords there's no 
encryption available.

For IPMI, if wanting to have an encrypted storage of the password, you can skip 
xCAT configuration and use confluent which does have support for recoverable 
encryption, though the default behavior has decryption key in the clear, and if 
the user wants to protect the decryption key, the functionality exists but is 
not documented (it requires the user either type a password or chain it to a 
key of their choosing).  There has been plans to be able to bind copies of the 
crypto keys to system TPMs, but so far no one has actually asked for that.

From: Christian Caruthers 
Sent: Wednesday, November 28, 2018 8:50 AM
To: xCAT Users Mailing list (xcat-user@lists.sourceforge.net) 

Subject: [External] [xcat-user] Encrypted passwords in passwd table

Looking to set up encrypted passwords, and the only documentation I see it on 
the old SF site:

https://sourceforge.net/p/xcat/wiki/Encrypted_root_password_in_passwd.tab/

Is there any newer documentation? I didn't see it on the readthedocs site. 
Also, does this only work for the root password, or can it also be used for 
IPMI?

Regards,
Christian Caruthers
Lenovo Professional Services
Mobile: 757-289-9872

___
xCAT-user mailing list
xCAT-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/xcat-user

[xcat-user] Encrypted passwords in passwd table

2018-11-28 Thread Christian Caruthers

Looking to set up encrypted passwords, and the only documentation I see it on 
the old SF site:

https://sourceforge.net/p/xcat/wiki/Encrypted_root_password_in_passwd.tab/

Is there any newer documentation? I didn't see it on the readthedocs site. 
Also, does this only work for the root password, or can it also be used for 
IPMI?

Regards,
Christian Caruthers
Lenovo Professional Services
Mobile: 757-289-9872

___
xCAT-user mailing list
xCAT-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/xcat-user

Re: [xcat-user] Using chrony instead of ntp?

Re: [xcat-user] [External] How to restrict xCAT's NFS shares?

Re: [xcat-user] [External] How to restrict xCAT's NFS shares?

Re: [xcat-user] [External] How to restrict xCAT's NFS shares?

Re: [xcat-user] [External] How to restrict xCAT's NFS shares?

Re: [xcat-user] Using chrony instead of ntp?

Re: [xcat-user] [External] Re: Excluding a node from discovery?

Re: [xcat-user] [External] How to restrict xCAT's NFS shares?

[xcat-user] How to restrict xCAT's NFS shares?

Re: [xcat-user] Using chrony instead of ntp?

Re: [xcat-user] Using chrony instead of ntp?

Re: [xcat-user] Using chrony instead of ntp?

Re: [xcat-user] Using chrony instead of ntp?

Re: [xcat-user] Excluding a node from discovery?

[xcat-user] Using chrony instead of ntp?

Re: [xcat-user] Excluding a node from discovery?

Re: [xcat-user] Excluding a node from discovery?

[xcat-user] Excluding a node from discovery?

Re: [xcat-user] [External] Encrypted passwords in passwd table

[xcat-user] Encrypted passwords in passwd table

20 matches

Site Navigation

Mail list logo

Footer information