EDG LCFGng: concepts [email protected] Fabric Management Tutorial - n° 2 LCFG (Local...

EDG LCFGng: concepts

[email protected]

Fabric Management Tutorial - n° 2

LCFG (Local ConFiGuration system)

LCFG is originally developed by the Computer Science Department of Edinburgh University

Handles automated installation, configuration and management of machines

Basic features:

automatic installation of O.S.

installation/upgrade/removal of all (rpm-based) software packages

centralized configuration and management of machines

extendible to configure and manage EDG middleware and custom application software


A collection of components read configuration parameters and generate traditional service config files, and notify/restart affected services

Abstract configuration parameters for all nodes stored in a central repository

ldxprof

LoadProfile

Generic

Component

ProfileObject

rdxprof

ReadProfile

LCFG Objects

Local cache

Client nodes

Web Server

HTTP

XML Profile

LCFG Config Files

Make XMLProfile

Server

LCFG system architecture

+inet.services telnet login ftp

+inet.allow telnet login ftp sshd

+inet.allow_telnet ALLOWED_NETWORKS

+inet.allow_login ALLOWED_NETWORKS

+inet.allow_ftp ALLOWED_NETWORKS

+inet.allow_sshd ALL

+inet.daemon_sshd yes

.....

+auth.users mickey

+auth.userhome_mickey /home/mickey

+auth.usershell_mickey /bin/tcsh

+inet.services telnet login ftp

+inet.allow telnet login ftp sshd

+inet.allow_telnet ALLOWED_NETWORKS

+inet.allow_login ALLOWED_NETWORKS

+inet.allow_ftp ALLOWED_NETWORKS

+inet.allow_sshd ALL

+inet.daemon_sshd yes

.....

+auth.users mickey

+auth.userhome_mickey /home/mickey

+auth.usershell_mickey /bin/tcsh

Config files


A collection of agents read configuration parameters and either generate traditional config files or directly manipulate various services


ldxprof

LoadProfile

Generic

Component

ProfileObject

rdxprof

ReadProfile

LCFG Objects

Local cache

Client nodes

Web Server

HTTP

XML Profile

LCFG Config Files

Make XMLProfile

Server


<inet>

<allow cfg:template="allow_$ tag_$ daemon_$">

<allow_RECORD cfg:name="telnet">

<allow>192.168., 192.135.30.</allow>

</allow_RECORD>

.....

</auth>

<user_RECORD cfg:name="mickey">

<userhome>/home/MickeyMouseHome</userhome>

<usershell>/bin/tcsh</usershell>

</user_RECORD>

<inet>

<allow cfg:template="allow_$ tag_$ daemon_$">

<allow_RECORD cfg:name="telnet">

<allow>192.168., 192.135.30.</allow>

</allow_RECORD>

.....

</auth>

<user_RECORD cfg:name="mickey">

<userhome>/home/MickeyMouseHome</userhome>

<usershell>/bin/tcsh</usershell>

</user_RECORD>

XML profiles




ldxprof

LoadProfile

Generic

Component

ProfileObject

rdxprof

ReadProfile

LCFG Components

Local cache

Client nodes

Web Server

HTTP

XML Profile

LCFG Config Files

Make XMLProfile

Server


LCFGclient

inet auth




ldxprof

LoadProfile

Generic

Component

ProfileObject

rdxprof

ReadProfile

LCFG Objects

Local cache

Client nodes

Web Server

HTTP

XML Profile

LCFG Config Files

Make XMLProfile

Server


ProfileObject

inet auth

/etc/shadow/etc/shadow

/etc/group/etc/group

/etc/passwd

....

mickey:x:999:20::/home/Mickey:/bin/tcsh

....

/etc/passwd

....

mickey:x:999:20::/home/Mickey:/bin/tcsh

....


LCFG: configuration changes

Server-side: after modifying the config files, a tool (mkxprof) is run which recreates the new xml profile for all the nodes affected by the changes mkxprof notifies via UDP the nodes affected by the changes

Client-side: another tool (rdxprof) downloads the new profile from the server usually activated by an LCFG component at boot


LCFG: what’s a component?

Component == object

It's a Perl script (also shell scripts accepted for historic reasons)

Each component provides a Configure() method invoked on startup or when configuration changes

A simple and typical component behaviour: Started when notified of a configuration change (new XML

profile)

Configures the appropriate services, by translating config parameters into a traditional config file and …

.. notifies a service if necessary (e.g. restarting a init.d service).


LCFG: Software Package Management

LCFG also manages the RPM packages to be installed on the client nodes.

The software to install is defined in a file on the server containing a list of RPM packages

The required RPM packages are installed/upgraded/removed by the LCFG package manager (updaterpms)

started automatically at boot and via cron.

Can be started by hand.


Updaterpms and local packages

By default, updaterpms will remove all RPM’s which are not declared in the configuration file of the node.

Be careful when using updaterpms if you have added packages by hand

The EDG version of updaterpms can be configured to allow locally installed packages (disabled by default)


LCFGng Server Installation

The LCFGng server holds the following services: Network installations (Diskette, PXE) Software repository (RPM’s) Configuration Database

This requires to run: DHCP server: for network boot information NFS server: for accessing RPM’s and installroot image HTTP server: delivers XML node configurations

The LCFGng server has to run Linux RedHat 6.2. Currently, RH62 and RH73 clients can be installed and managed from it.

The LCFGng installation guide tells you in detail how to install the server.

The LCFGng server is the only node not managed by LCFG itself.

EDG LCFGng: concepts [email protected] Fabric Management Tutorial - n° 2 LCFG (Local...

Documents

Transcript of EDG LCFGng: concepts [email protected] Fabric Management Tutorial - n° 2 LCFG (Local...