Yes, I used the dnsinterfaces attribute in the site table. But makedns doesn’t
use the name that corresponds to eth2, but rather the hostname (from hostname
-f) in the NS records – which corresponds to eth1 in my case.
Maybe I’ll simply have the DNS server listen on eth1 as well. I was hoping to
avoid that, but it may be my easiest solution here.
Sent from Mail for Windows 10
From: Yuan Y Bai
Sent: Sunday, November 5, 2017 10:35 PM
To: xcat-user@lists.sourceforge.net
Cc: xcat-user@lists.sourceforge.net
Subject: Re: [xcat-user] makedns-generated zones and their NS record
Hi Kevin,
In your playgroud, " the DNS server should only be listening on eth2".
So "dnsinterfaces" attribute in site table can control which the network
interfaces DNS should listen on.
dnsinterfaces: The network interfaces DNS should listen on. If it is the same
for all
nodes, use a simple comma-separated list of NICs. To specify
different
NICs for different nodes, use the format:
"xcatmn|eth1,eth2;service|bond0",
where xcatmn is the name of the management node, and DNS
should listen on
the eth1 and eth2 interfaces. All the nods in group 'service'
should
listen on the 'bond0' interface.
NOTE: If using this attribute to block certain interfaces,
make sure
the IP maps to your hostname of xCAT MN is not blocked since
xCAT needs
to use this IP to communicate with the local NDS server on MN.
Best Regards
--------------------------------------------------
Yuan Bai (白媛)
CSTL HPC System Management Development
Tel:86-10-82451401
E-mail: by...@cn.ibm.com
Address: IBM ZGC Campus. Ring Building 28,
ZhongGuanCun Software Park,No.8 Dong Bei Wang West Road, Haidian District,
Beijing P.R.China 100193
IBM环宇大厦
北京市海淀区东北旺西路8号,中关村软件园28号楼
邮编:100193
----- Original message -----
From: "Yuan Y Bai" <by...@cn.ibm.com>
To: xcat-user@lists.sourceforge.net
Cc: xcat-user@lists.sourceforge.net
Subject: Re: [xcat-user] makedns-generated zones and their NS record
Date: Mon, Nov 6, 2017 10:47 AM
Hi Kevin,
Thanks for your summary.
After "xcatconfig -m", there is xcat MN node hpcmn-test, you need to "chdef
hpcmn-test ip=...; makehosts -n", its name and ip will be added into /etc/hosts.
Best Regards
--------------------------------------------------
Yuan Bai (白媛)
CSTL HPC System Management Development
Tel:86-10-82451401
E-mail: by...@cn.ibm.com
Address: IBM ZGC Campus. Ring Building 28,
ZhongGuanCun Software Park,No.8 Dong Bei Wang West Road, Haidian District,
Beijing P.R.China 100193
IBM环宇大厦
北京市海淀区东北旺西路8号,中关村软件园28号楼
邮编:100193
----- Original message -----
From: Kevin Keane <kke...@sandiego.edu>
To: xCAT Users Mailing list <xcat-user@lists.sourceforge.net>
Cc:
Subject: Re: [xcat-user] makedns-generated zones and their NS record
Date: Sat, Nov 4, 2017 12:23 AM
Thanks for that command. I deleted my management node, and used xcatconfig -m
to recreate it. That gave me this:
Object name: hpcmn-test
groups=__mgmtnode
postbootscripts=otherpkgs
postscripts=syslog,remoteshell,syncfiles
setuptftp=yes
makenode -n did not add hpcmn-test to /etc/hosts at all
Good question about the background. We have a (working) cluster running RedHat
6.8. I'm not touching that one for now, but sometimes use it for reference, and
eventually want to both rebuild it with RH 7.4, and also fully automate the
setup to make it reproducible (in part as disaster recovery). For that future
setup, I haven't fully made up my mind yet about the architecture. I might
separate the management node from the user login node, for instance, or I might
switch to statelite or stateful rather than stateless nodes. Currently, I'm
building my own "playground" to be sure I fully understand what I'm doing, and
to try out these various options.
My goal is to have a 100% automated setup (using Ansible). That's why I want to
avoid any manual configuration, and also why I try to accomplish as much as I
can with chdef and chtab (I wrote an Ansible module for those), and - whenever
I can - stay away from commands such as nodedef (which are harder to manage
using Ansible), or manually configuring /etc/hosts.
Right now, I'm using virtual machines for the playground - just one management
node and one compute node. The MN has a public network to the outside world at
eth1 (192.168.20.2), a (simulated) high-speed interconnect network on eth0
(192.168.100.2) and a (simulated) lower-speed management network on eth2
(192.168.101.2). From what I understand, a fairly standard setup, except my
virtual machines don't have IPMI/BMC.
The hostname of the management node is hpcmn-test.kkeane.sandiego.edu. This
will also be associated with the public IP on eth1, and would also be how the
system is being reached from the outside world.
The DNS server should only be listening on eth2.
This setup basically works to my satisfaction. Except for one thing: makedns
fails. I assume makedns uses nsupdate under the hood. nsupdate uses the NS
record in the zone to find the authoritative name server. The NS record would
point to eth1, but my DNS server only listens on eth2.
On Thu, Nov 2, 2017 at 11:05 PM, Yuan Y Bai <by...@cn.ibm.com> wrote:
Hi Kevin,
To add the Management Node to the DB, use command: xcatconfig -m ;
And I saw questions from your mail and tried to give a way to let it work, I
realize I do not know your overall requirements about hosts/DNS clearly , could
you summarize your original requirements?
Let us see if we can do some enhancements here.
Best Regards
--------------------------------------------------
Yuan Bai (白媛)
CSTL HPC System Management Development
Tel:86-10-82451401
E-mail: by...@cn.ibm.com
Address: IBM ZGC Campus. Ring Building 28,
ZhongGuanCun Software Park,No.8 Dong Bei Wang West Road, Haidian District,
Beijing P.R.China 100193
IBM环宇大厦
北京市海淀区东北旺西路8号,中关村软件园28号楼
邮编:100193
----- Original message -----
From: Kevin Keane <kke...@sandiego.edu>
To: xCAT Users Mailing list <xcat-user@lists.sourceforge.net>
Cc:
Subject: Re: [xcat-user] makedns-generated zones and their NS record
Date: Fri, Nov 3, 2017 12:00 AM
Thank you, Yuan and Christian!
Yuan, I haven't tried it, but it seems that your suggestion would not actually
solve my problem. Makehosts would generate, as you were saying, this line:
192.168.20.2 hpcmn-test-eth1 hpcmn-test.kkeane.sandiego.edu
But the DNS server should only listen on 192.168.101.2. That is why I my
preferred solution would be to change the zones to have an NS record that
actually points to the correct NIC: hpcmn-test.imm.sabre.kkeane.sandiego.edu
Christian - you are right. Putting the names into the "hostnames" field was a
bit of a hack. It actually works if there is only one name in that field, but
if there are multiple names in that field, makehosts seems to only use the last
one. And it also seems to *replace* rather than add to the names that xCAT
would ordinarily use.
On Wed, Nov 1, 2017 at 7:04 PM, Yuan Y Bai <by...@cn.ibm.com> wrote:
Hi Kevin,
I am glad that it does work.
For your question about makehosts:
In your example, the short names are all 'hpcmn-test', since 'makehsots'
generate both short name and long name for one nic ip, here you need to
configure nics table for eth1 and eth0, so that, makehosts can generate
different short names for all nics. and you can add specific long name in
nics.nicaliases. Take eth1 and eth2 as example:
public nic: eth1: hpcmn-test.kkeane.sandiego.edu
management nic: eth2: hpcmn-test.imm.sabre.kkeane.sandiego.edu
1, configure hosts table for mangement ip:
"hpcmn-test","192.168.101.2",,,,
2, configure nics table for secondary nics:
"hpcmn-test","eth1!192.168.20.2",,,,,,"eth1!hpcmn-test.kkeane.sandiego.edu",,,,,
3, use the same networks table with yours.
4, use lsdef to see hpcmn-test node definition:
]# lsdef hpcmn-test
Object name: hpcmn-test
groups=all
ip=192.168.101.2
nicaliases.eth1=hpcmn-test.kkeane.sandiego.edu
nicips.eth1=192.168.20.2
postbootscripts=otherpkgs
postscripts=syslog,remoteshell,syncfiles
5. execute 'makehosts hpcmn-test', check /etc/hosts file:
192.168.101.2 hpcmn-test hpcmn-test.imm.sabre.kkeane.sandiego.edu
192.168.20.2 hpcmn-test-eth1 hpcmn-test.kkeane.sandiego.edu
Here makehosts create short name hpcmn-test-eth1 which is different short name
from hpcmn-test. And the long name hpcmn-test.kkeane.sandiego.edu is what your
wanted. If you define hosts table otherinterfaces, it should have different
short name with the node name, so you have errors.
I also think Christian gave your another tips to work this, Thanks Christian.
Best Regards
--------------------------------------------------
Yuan Bai (白媛)
CSTL HPC System Management Development
Tel:86-10-82451401
E-mail: by...@cn.ibm.com
Address: IBM ZGC Campus. Ring Building 28,
ZhongGuanCun Software Park,No.8 Dong Bei Wang West Road, Haidian District,
Beijing P.R.China 100193
IBM环宇大厦
北京市海淀区东北旺西路8号,中关村软件园28号楼
邮编:100193
----- Original message -----
From: Kevin Keane <kke...@sandiego.edu>
To: xCAT Users Mailing list <xcat-user@lists.sourceforge.net>
Cc:
Subject: Re: [xcat-user] makedns-generated zones and their NS record
Date: Thu, Nov 2, 2017 12:00 AM
Thank you, Yuan and Christian!
I have actually pretty much done what both of you had suggested, and it does
work - somewhat.
I have the following networks:
[root@hpcmn-test ~]# tabdump networks
#netname,net,mask,mgtifname,gateway,dhcpserver,tftpserver,nameservers,ntpservers,logservers,dynamicrange,staticrange,staticrangeincrement,nodehostname,ddnsdomain,vlanid,domain,mtu,comments,disable
"hpcpublic","192.168.20.0","255.255.255.0","eth1","192.168.20.1",,,,,,,,,,,,"sabre.kkeane.sandiego.edu","1500","HPC
Public Network",
"hpccompute","192.168.100.0","255.255.255.0","eth0",,"192.168.100.2","<xcatmaster>",,,,"192.168.100.200-192.168.100.229",,,"/z/-compute/",,,"compute.sabre.kkeane.sandiego.edu","1500","HPC
Compute Network",
"hpcmanagement","192.168.101.0","255.255.255.0","eth2","<xcatmaster>","192.168.101.2","<xcatmaster>",,,,"192.168.101.200-192.168.101.229",,,"/z/-imm/",,,"imm.sabre.kkeane.sandiego.edu","1500","HPC
Management Network",
I also have defined hpcmn-test as a node (thanks, Christian, for the tip about
unmanaged!):
Object name: hpcmn-test
groups=all
hostnames=hpcmn-test.kkeane.sandiego.edu
hpcmn-test.imm.sabre.kkeane.sandiego.edu
ip=192.168.101.2
postbootscripts=otherpkgs
postscripts=syslog,remoteshell,syncfiles
When I manually edit /etc/hosts as Yuan suggested, everything does work:
127.0.0.1 localhost
192.168.101.2 hpcmn-test hpcmn-test.imm.sabre.kkeane.sandiego.edu
hpcmn-test.kkeane.sandiego.edu.
But there are two problems with this:
- hpcmn-test.kkeane.sandiego.edu really should be associated with the public IP
(192.168.20.2 in my example)
- makehosts does not honor this name, even though it is in the node's hostnames
attribute. Here is what makehosts produces:
127.0.0.1 localhost
192.168.101.2 hpcmn-test hpcmn-test.imm.sabre.kkeane.sandiego.edu
On Wed, Nov 1, 2017 at 7:00 AM, Christian Caruthers <ccaruth...@lenovo.com>
wrote:
I just had to deal with a similar issue. Try the following:
- Fill out each network in the networks table, including domain name.
Don’t worry about nameservers or gateway unless there is are external resources
that should be used. NOTE defining an external nameserver in networks table
will cause makedns to ignore any IPs in that subnet.
- Define hpcmn-test as an unmanaged node in the cluster (nodeadd
hpcmn-test groups=__Unmanaged or something similar)
- Define its primary interface (the one whose domain matches
site.domain value) in hosts.node/hosts.ip (this should also be what was deinfed
in nodelist above)
- Define all other interfaces in hosts.otherinterfaces with fqdn. For
example:
“hpcmn-test”,”1.2.3.4”,,”hpctest.compute.sabre.kkeane.sandiego.edu:2.3.4.5,hpcmn-test.imm.sabre.kkeane.sandiego.edu:3.4.5.6”,,,,
The domain names listed for each IP in hosts should match the networks.domain
entry for each respective subnet.
Regards,
Christian Caruthers
Lenovo Professional Services
Mobile: 757-289-9872
From: Kevin Keane [mailto:kke...@sandiego.edu]
Sent: Tuesday, October 31, 2017 4:21 PM
To: xCAT Users Mailing list <xcat-user@lists.sourceforge.net>
Subject: [xcat-user] makedns-generated zones and their NS record
I have a management node with three NICs, and want to use makedns to generate
the DNS configuration.
My management node has three names, corresponding to the three NICs:
eth0: hpcmn-test.compute.sabre.kkeane.sandiego.edu
eth1: hpcmn-test.kkeane.sandiego.edu
eth2: hpcmn-test.imm.sabre.kkeane.sandiego.edu
hostname -f returns hpcmn-test.kkeane.sandiego.edu (which is name by which my
management node will be known on our public network).
I have the DNS server listening only on eth2. Consequently, the zones in the
DNS server should have the corresponding name server
hpcmn-test.imm.sabre.kkeane.sandiego.edu. However, the zones generated by
makedns -n instead use the hpcmn-test.kkeane.sandiego.edu name.
$TTL 86400
@ IN SOA hpcmn-test.kkeane.sandiego.edu. root.hpcmn-test.kkeane.sandiego.edu. (
2017103100 10800 3600 604800 86400 )
IN NS hpcmn-test.kkeane.sandiego.edu.
This wreaks havoc with future calls to makedns; updates will time out because
the DNS server is not listening at the IP address that corresponds to this name
(and in fact, makehosts doesn't even put this name into /etc/hosts)
How can I get makedns to generate zones with an NS record that points to
hpcmn-test.imm.sabre.kkeane.sandiego.edu ?
Thanks!
--
_______________________________________________________________________
Kevin Keane | Systems Architect | University of San Diego ITS |
kke...@sandiego.edu
Maher Hall, 192 |5998 Alcalá Park | San Diego, CA 92110-2492 | 619.260.6859
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
xCAT-user mailing list
xCAT-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/xcat-user
--
_______________________________________________________________________
Kevin Keane | Systems Architect | University of San Diego ITS |
kke...@sandiego.edu
Maher Hall, 192 |5998 Alcalá Park | San Diego, CA 92110-2492 | 619.260.6859
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org!
https://urldefense.proofpoint.com/v2/url?u=http-3A__sdm.link_slashdot&d=DwICAg&c=jf_iaSHvJObTbx-siA1ZOg&r=uiTcPxjMR44SPRNNb6l_nA&m=qOGCyyozraYLXWyU1XgEcM6-vkB49PjaqtU3rHORky8&s=S6md-fzBhTt_BUdWEMoT-QGShPLpbyukOaEw_JgsRlE&e=
_______________________________________________
xCAT-user mailing list
xCAT-user@lists.sourceforge.net
https://urldefense.proofpoint.com/v2/url?u=https-3A__lists.sourceforge.net_lists_listinfo_xcat-2Duser&d=DwICAg&c=jf_iaSHvJObTbx-siA1ZOg&r=uiTcPxjMR44SPRNNb6l_nA&m=qOGCyyozraYLXWyU1XgEcM6-vkB49PjaqtU3rHORky8&s=hPKsNXiWqtAcvuIsqfqImkbgNW63t9klIiHq1q_MFnI&e=
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
xCAT-user mailing list
xCAT-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/xcat-user
--
_______________________________________________________________________
Kevin Keane | Systems Architect | University of San Diego ITS |
kke...@sandiego.edu
Maher Hall, 192 |5998 Alcalá Park | San Diego, CA 92110-2492 | 619.260.6859
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org!
https://urldefense.proofpoint.com/v2/url?u=http-3A__sdm.link_slashdot&d=DwICAg&c=jf_iaSHvJObTbx-siA1ZOg&r=uiTcPxjMR44SPRNNb6l_nA&m=tYo9sCZW1w9Raa05p0XLN1r2w63IE4XXyXfJw5HM0qs&s=Hdb21YvdwmfDcE1aj-1p2fe9xm6LIKfrqDG3_B5dkug&e=
_______________________________________________
xCAT-user mailing list
xCAT-user@lists.sourceforge.net
https://urldefense.proofpoint.com/v2/url?u=https-3A__lists.sourceforge.net_lists_listinfo_xcat-2Duser&d=DwICAg&c=jf_iaSHvJObTbx-siA1ZOg&r=uiTcPxjMR44SPRNNb6l_nA&m=tYo9sCZW1w9Raa05p0XLN1r2w63IE4XXyXfJw5HM0qs&s=2YSqn90t_XRLr3-vw9pzrLLvtNDpe_XuKp8Auyl5mVU&e=
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
xCAT-user mailing list
xCAT-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/xcat-user
--
_______________________________________________________________________
Kevin Keane | Systems Architect | University of San Diego ITS |
kke...@sandiego.edu
Maher Hall, 192 |5998 Alcalá Park | San Diego, CA 92110-2492 | 619.260.6859
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org!
https://urldefense.proofpoint.com/v2/url?u=http-3A__sdm.link_slashdot&d=DwICAg&c=jf_iaSHvJObTbx-siA1ZOg&r=uiTcPxjMR44SPRNNb6l_nA&m=OEqm2b1d8YXVc5Mnjy4nAfE4cO3kKJ9yy5I82cH5K-Q&s=yM_QcaINRW5lqVIXXmu7JSW9gnLXgeblOna-2Tqh9PY&e=
_______________________________________________
xCAT-user mailing list
xCAT-user@lists.sourceforge.net
https://urldefense.proofpoint.com/v2/url?u=https-3A__lists.sourceforge.net_lists_listinfo_xcat-2Duser&d=DwICAg&c=jf_iaSHvJObTbx-siA1ZOg&r=uiTcPxjMR44SPRNNb6l_nA&m=OEqm2b1d8YXVc5Mnjy4nAfE4cO3kKJ9yy5I82cH5K-Q&s=WIRB0ELGikKRvgk6U7EFz7E-HGweVc4ICqZCDHfcMxc&e=
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org!
https://urldefense.proofpoint.com/v2/url?u=http-3A__sdm.link_slashdot&d=DwICAg&c=jf_iaSHvJObTbx-siA1ZOg&r=uiTcPxjMR44SPRNNb6l_nA&m=CsBrrAXKCPv4awE5Kre4u1XyfaLEHoWBnQoE2AdMk6Q&s=X2-bfBt24Btr83qDqoO2Xad_CqqttfbtcmA2jm6apZg&e=
_______________________________________________
xCAT-user mailing list
xCAT-user@lists.sourceforge.net
https://urldefense.proofpoint.com/v2/url?u=https-3A__lists.sourceforge.net_lists_listinfo_xcat-2Duser&d=DwICAg&c=jf_iaSHvJObTbx-siA1ZOg&r=uiTcPxjMR44SPRNNb6l_nA&m=CsBrrAXKCPv4awE5Kre4u1XyfaLEHoWBnQoE2AdMk6Q&s=2q95KSjm_1XGMW1HPB3Ew0l_MPL2ib948wPWpXq6idk&e=
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
xCAT-user mailing list
xCAT-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/xcat-user
