Presentation is loading. Please wait.

Presentation is loading. Please wait.

CDB Namespaces, “service templates” and profile structure Véronique Lefébure June the 13 th 2008 ELFms Brainstorming meeting.

Published byPatrick Andrews Modified over 8 years ago

Similar presentations

Presentation on theme: "CDB Namespaces, “service templates” and profile structure Véronique Lefébure June the 13 th 2008 ELFms Brainstorming meeting."— Presentation transcript:

1 CDB Namespaces, “service templates” and profile structure Véronique Lefébure June the 13 th 2008 ELFms Brainstorming meeting

2 OUTLINE Namespaces –Organisation of templates ACLs Alignment to latest Quattor release Service templates Profile structure –Environment variables –Configuration tree MISC –Future PANC, SLC5, security timeline

3 Namespaces Top directories: –test –preprod –prod –usertest – –profiles –repository –retired (new, to be populated) stages Contain templates

4 Namespaces Under any stage: –pan/ –quattor/ –components/ –monitoring/lemon/ –hardware/ –services/ –os/ –site/cern_cc/ –cluster/ –vpd/ –netinfo/ –serialmap/ Quattor base templates Quattor base templates with cern configuration Make use of all above, service per service OS releases (defaults) Make use of all above, site-specific Make use of all above, cluster-specific Machine data (Serial numbers, mac addresses, …) “vital product data”

5 components/ components/[component_name]/ –config.tpl Pkg_add (“ncm-[component_name]”,version,arch) Default configuration –schema.tpl –[ functions.tpl ]

6 monitoring/lemon/ configuration/ infrastructure/ rpms/ metrics/ sensors/ ACLs: monitoring Service Managers only

7 hardware/ cards/ cpus/ disks/ memory/ rams/ contracts/ vendors/ monitoring/ machines/ ACLs: procurement team only Make use of all above: HW types, ex: “ex_07_3” Make use of /prod/monitoring/*

8 Services/ services/[service_name]/config.tpl Contains: –Packages (use default versions) –Component(s) –Monitoring –Chkconfig –Iptables config

9 Service template: ex: afs_client template services/afs_client/config; # # Packages # variable architecture = if (value("/system/architecture") == "i386") { "i686"; } else { value("/system/architecture") }; variable kernelversion = value("/system/kernel/version"); variable openafsversion = "1.4.6-58.SL5"; "/software/packages" = pkg_add("openafs", openafsversion, architecture); "/software/packages" = pkg_add("openafs-client", openafsversion, architecture); "/software/packages" = pkg_add("openafs-kpasswd", openafsversion, architecture); "/software/packages" = pkg_add("openafs-krb5", openafsversion, architecture); "/software/packages"=pkg_add("kernel-module-openafs-"+kernelversion,openafsversion, architecture); # # Start the service # "/software/components/chkconfig/service/afs/on" = "345"; "/software/components/chkconfig/service/afs/add" = true; "/software/components/chkconfig/service/afs/startstop" = true; # # Monitoring # include pro_monitoring_metrics_afs; include pro_monitoring_sensor_afscm; # # Component # include components/afsclt/config;

10 os/ –i386_slc5/ –x86_64_slc5/ rpms/ –defaults.tpl

11 site/ site/cern_cc/ –configuration/ no_network/config.tpl only_monitoring/config.tpl i386_slc5/ x86_64_slc5/ –core/config.tpl –minimal/config.tpl –components/ –infrastructure/ –rpms/ –services/ –people_acls/ One of them to be included in the cluster template Used by the above (internal) Smods, sysadmins, etc

12 “core” and “minimal” “core” installation: –Aims and PrepareInstall work Incl. sindes, sms-set-state –Quattor –Console and ssh “minimal” installation: –= Core configuration + Lemon monitoring of: hardware, Quattor and “minimal” services User access (krb5 client) Sendmail, ntp, nscd, chkconfig Operator, sysadmins, smods acls

13 ACL’s : ex: root access for sysadmins template site/cern_cc/people_acls/sysadmins; variable sysadmin_list = list("jjmarin","grossir","bclement","tfabio","obouffet","ebonfill","ccor reia","hroussea","rbernard","dhoang","anovais","lgoguey","cguiller","console"); variable number_of_people = length(sysadmin_list); "/software/components/useraccess/users/root/roles" = { i = 0; result = self; while (i < number_of_people) { name = sysadmin_list[i]; result = push(name); i = i + 1; }; result; }; "/software/components/useraccess/roles/" = { i = 0; result = self; while (i < number_of_people) { name = sysadmin_list[i]; result[name]= nlist ("kerberos5", list(nlist("principal",name,"realm","CERN.CH"))); i = i + 1; }; result; };

14 cluster/ cluster/[cluster_name]/config.tpl Contains –Base configuration include site/cern_cc/configuration/x86_64_slc5/minimal/config; –Additionnal services include services/afs_client/config; –Acls include site/cern_cc/people_acls/sysadmin; –Aob “/system/cluster/usercontact” = “x@cern.ch”;x@cern.ch

15 Cluster example: lxdev template cluster/lxdev/config; include {'site/cern_cc/configuration/'+ELFMS_ARCH+'_'+ELFMS_OS+'/minimal/config'}; "/system/cluster/name" = ELFMS_SVCCLASS; "/system/ccdomain" = "FIO"; "/system/defaultstate" = "maintenance"; "/system/contract" = "E"; "/system/importance" = 5; "/system/cluster/description" = "The development cluster for FIO"; "/system/cluster/usercontact" = "project-elfms@cern.ch"; "/system/accounting/name" = ELFMS_RESOURCE ; "/system/rootmail" = "it-dep-fio-lxdev7-rootmail@cern.ch"; include cluster/lxdev/filepartition; include services/afs_client/config; "/system/cluster/tplname" = "lxdev";

16 Profile structure Proposed by FIO/FS object template profile_lxdev30; include stages/prod; include quattor/profile_declarations; variable ELFMS_OS = "slc5"; variable ELFMS_ARCH = "x86_64"; variable ELFMS_SVCCLASS = "lxdev"; variable ELFMS_RESOURCE = "c3"; variable ELFMS_CUSTOMIZATION = undef; include hardware/machines/elonex_2800_64; include vpd/lxdev30; #include monitoring/lemon/hardware/machines/elonex_2800_64; #not ready for slc5 include netinfo_lxdev30; include serial_map_lxc2ri25; "/hardware/rack/name" = "rb46"; include { ‘cluster/’+ELFMS_SVCCLASS+’/config’}; include { if (exists('resources/'+ ELFMS_RESOURCE)) 'resources/'+ ELFMS_RESOURCE }; include quattor/repository_cleanup;

17 Misc Future PANC : See new coding rules and syntax on https://twiki.cern.ch/twiki/bin/view/ELFms/NewPanSyntax https://twiki.cern.ch/twiki/bin/view/ELFms/NewPanSyntax SLC5 progress on https://twiki.cern.ch/twiki/bin/view/ELFms/ScientificLinux5Port https://twiki.cern.ch/twiki/bin/view/ELFms/ScientificLinux5Port Security review for sensors and components: coming ELFms meeting

18 Timeline From now on: ALL SLC5 machine profiles have to comply to the new profile content Beginning of September 2008: update LEAF scripts (used by Remedy/HMS) to support the new profile structure, with backward compatibility By end of September 2008: ALL SLC5 machines should not include ANY pro_* template anymore As far as possible, replace the usage of pro_* templates by the new templates everywhere (i.e. not only slc5 but also slc4(3) )

Download ppt "CDB Namespaces, “service templates” and profile structure Véronique Lefébure June the 13 th 2008 ELFms Brainstorming meeting."

Similar presentations

CCTracker Presented by Dinesh Sarode Leaf : Bill Tomlin IT/FIO URL

CCTracker Presented by Dinesh Sarode Leaf : Bill Tomlin IT/FIO URL
Project Management Summary Castor Development Team Castor Readiness Review – June 2006 German Cancio, Giuseppe Lo Presti, Sebastien Ponce CERN / IT.

Project Management Summary Castor Development Team Castor Readiness Review – June 2006 German Cancio, Giuseppe Lo Presti, Sebastien Ponce CERN / IT.
The CERN Computer Centres October 14 th 2005 CERN.ch.

The CERN Computer Centres October 14 th 2005 CERN.ch.
Site report: CERN Helge Meinhard (at) cern ch HEPiX fall SLAC.

Site report: CERN Helge Meinhard (at) cern ch HEPiX fall SLAC.
Operating Systems Concepts 1. A Computer Model An operating system has to deal with the fact that a computer is made up of a CPU, random access memory.

Operating Systems Concepts 1. A Computer Model An operating system has to deal with the fact that a computer is made up of a CPU, random access memory.
Welcome Course 20410B Module 0: Introduction Audience

Welcome Course 20410B Module 0: Introduction Audience
Automating Linux Installations at CERN G. Cancio, L. Cons, P. Defert, M. Olive, I. Reguero, C. Rossi IT/PDP, CERN presented by G. Cancio.

Automating Linux Installations at CERN G. Cancio, L. Cons, P. Defert, M. Olive, I. Reguero, C. Rossi IT/PDP, CERN presented by G. Cancio.
CERN IT Department CH-1211 Genève 23 Switzerland www.cern.ch/i t Some Hints for “Best Practice” Regarding VO Boxes Running Critical Services and Real Use-cases.

CERN IT Department CH-1211 Genève 23 Switzerland t Some Hints for “Best Practice” Regarding VO Boxes Running Critical Services and Real Use-cases.
Installation Overview Charles (Cal) Loomis & Mohammed Airaj LAL, Univ. Paris-Sud, CNRS/IN2P3 24-25 October 2013.

Installation Overview Charles (Cal) Loomis & Mohammed Airaj LAL, Univ. Paris-Sud, CNRS/IN2P October 2013.
Dan Lawson, All Sites VectorBase Releases. 2 VectorBase 2012 A release cycle for VectorBase Regular release every 2 months In place since June 2010 Latest.

Dan Lawson, All Sites VectorBase Releases. 2 VectorBase 2012 A release cycle for VectorBase Regular release every 2 months In place since June 2010 Latest.
EGEE is a project funded by the European Union under contract IST-2003-508833 Quattor Installation of Grid Software C. Loomis (LAL-Orsay) GDB (CERN) Sept.

EGEE is a project funded by the European Union under contract IST Quattor Installation of Grid Software C. Loomis (LAL-Orsay) GDB (CERN) Sept.
AI project components: Facter and Hiera

AI project components: Facter and Hiera
INFSO-RI-508833 Enabling Grids for E-sciencE www.eu-egee.org Status of LCG-2 porting Stephen Childs, Brian Coghlan and Eamonn Kenny Grid-Ireland/EGEE October.

INFSO-RI Enabling Grids for E-sciencE Status of LCG-2 porting Stephen Childs, Brian Coghlan and Eamonn Kenny Grid-Ireland/EGEE October.
October,18-22 2004 Scientific Linux INFN/Trieste B.Gobbo – Compass R.Gomezel - T.Macorini - L.Strizzolo INFN - Trieste.

October, Scientific Linux INFN/Trieste B.Gobbo – Compass R.Gomezel - T.Macorini - L.Strizzolo INFN - Trieste.
Large Computer Centres Tony Cass Leader, Fabric Infrastructure & Operations Group Information Technology Department 14 th January 2009 1 and medium.

Large Computer Centres Tony Cass Leader, Fabric Infrastructure & Operations Group Information Technology Department 14 th January and medium.
EGEE is a project funded by the European Union under contract IST-2003-508833 Build Infrastructure & Release Procedures Integration.

EGEE is a project funded by the European Union under contract IST Build Infrastructure & Release Procedures Integration.
CERN Manual Installation of a UI – Oxford 19-21 July - 1 LCG2 Administrator’s Course Oxford University, 19 th – 21 st July 2004. Developed.

CERN Manual Installation of a UI – Oxford July - 1 LCG2 Administrator’s Course Oxford University, 19 th – 21 st July Developed.
Olof Bärring – WP4 summary- 4/9/2002 - n° 1 Partner Logo WP4 report Plans for testbed 2

Olof Bärring – WP4 summary- 4/9/ n° 1 Partner Logo WP4 report Plans for testbed 2
CERN IT Department CH-1211 Genève 23 Switzerland www.cern.ch/i t Evolution of virtual infrastructure with Hyper-V Juraj Sucik, Slavomir Kubacka Internet.

CERN IT Department CH-1211 Genève 23 Switzerland t Evolution of virtual infrastructure with Hyper-V Juraj Sucik, Slavomir Kubacka Internet.
PROOF Cluster Management in ALICE Jan Fiete Grosse-Oetringhaus, CERN PH/ALICE CAF / PROOF Workshop, 29.11.07.

PROOF Cluster Management in ALICE Jan Fiete Grosse-Oetringhaus, CERN PH/ALICE CAF / PROOF Workshop,

Similar presentations

Ads by Google