Difference between revisions of "Highbank Fedora Installation Config"

Introduction

These are detailed instructions for setting up an F18 installation on a Calxeda Highbank box such as a Boston Viridis server. These instructions are a more detailed (and specific) version of the notes at fedora:Architectures/ARM/F18/HighBank

Assumptions

1. Highbank box is on a private LAN 192.168.1.0/24
2. F18 x86_64 host has two NICs - one to private LAN, one to Internet

Packages Required

• dhcp
• tftp-server
• httpd

NAT configuration

The firewall and NAT is configured with a iptables script:

1. Stop/disable firewalld

systemctl stop firewalld
systemctl disable firewalld

2. Start/enable iptables

systemctl start iptables
systemctl enable iptables

3. Run the iptables script and save the iptables rules

/root/iptables.sh
iptables-save > /etc/sysconfig/iptables

File: /root/iptables.sh

#!/bin/bash
echo "Setting iptables rules"
iptables -F
iptables -t nat -F
# Add loopback interface
iptables -A INPUT -i lo -j ACCEPT
iptables -A OUTPUT -o lo -j ACCEPT
# Allow DNS
iptables -A INPUT -i em1 -p tcp --dport 2049 -j ACCEPT
iptables -A INPUT -i em1 -p udp --dport 2049 -j ACCEPT
iptables -A INPUT -i em1 -p tcp --dport 111 -j ACCEPT
iptables -A INPUT -i em1 -p udp --dport 111 -j ACCEPT
iptables -A INPUT -i em1 -p tcp --dport 53 -j ACCEPT
iptables -A INPUT -i em1 -p udp --dport 53 -j ACCEPT
iptables -A INPUT -i em1 -p tcp --dport 22 -j ACCEPT
iptables -A INPUT -i em1 -p tcp --dport 80 -j ACCEPT
iptables -A INPUT -i em1 -p tcp --dport 443 -j ACCEPT
iptables -A INPUT -i p11p1 -s 192.168.1.0/24 -j ACCEPT

iptables -t nat -A POSTROUTING -s 192.168.1.0/24 -o em1 -j MASQUERADE
iptables -A FORWARD -s 192.168.1.0/24 -j ACCEPT
iptables -A FORWARD -d 192.168.1.0/24 -j ACCEPT

iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
# Drop whatever else may come to input
iptables -P INPUT DROP
iptables -P OUTPUT ACCEPT
iptables -P FORWARD ACCEPT

DHCP configuration

1. Start/enable the network service

systemctl start network
systemctl enable network

2. Set static ip address on interface facing private network

File: /etc/sysconfig/network-scripts/ifcfg-p11p1

TYPE=Ethernet
DEVICE=p11p1
BOOTPROTO=static
NM_CONTROLLED=yes
ONBOOT=yes
IPADDR=192.168.1.254
NETMASK=255.255.255.0
NETWORK=192.168.1.0
BROADCAST=192.168.1.255
DNS1=142.204.43.43
DNS2=8.8.8.8
DOMAIN="proximity.on.ca senecac.on.ca"
HWADDR=00:0A:CD:1E:83:BA

3. Restart the NetworkManager service

systemctl restart NetworkManager

4. Configure dhcpd

File: /etc/dhcp/dhcpd.conf

option domain-name-servers 142.204.1.2,142.204.43.43;

default-lease-time 86400;
max-lease-time 86400;
authoritative;
log-facility local7;

allow booting;
allow bootp;

subnet 192.168.1.0 netmask 255.255.255.0 {
        option routers 192.168.1.254;
        option subnet-mask 255.255.255.0;
        option broadcast-address 192.168.1.255;
        range 192.168.1.100 192.168.1.199;
        next-server 192.168.1.254;
        host seneca0 { option host-name "seneca0";      hardware ethernet fc:2f:40:48:06:a0;    fixed-address 192.168.1.100;}
}

TFTP configuration

1. Create /var/lib/tftpboot/pxelinux/pxelinux.cfg
2. Create /var/lib/tftpboot/f18-highbank
3. Place these files in /var/lib/tftpboot/f18-highbank:
   • http://fedoraproject.org/w/uploads/c/cf/F18-highbank.ks
   • http://dl.fedoraproject.org/pub/fedora-secondary/releases/18/Fedora/armhfp/os/images/pxeboot/initrd-highbank.img
   • http://dl.fedoraproject.org/pub/fedora-secondary/releases/18/Fedora/armhfp/os/images/pxeboot/vmlinuz-highbank
   • http://dl.fedoraproject.org/pub/fedora-secondary/releases/18/Fedora/armhfp/os/images/pxeboot/upgrade-highbank.img
   • http://dl.fedoraproject.org/pub/fedora-secondary/releases/18/Fedora/armhfp/os/images/pxeboot/uImage-highbank
   • http://dl.fedoraproject.org/pub/fedora-secondary/releases/18/Fedora/armhfp/os/images/pxeboot/uInitrd-highbank
4. Change disable = yes to disable = no in /etc/xinetd.d/tftp
5. Reload/restart xinetd (note: restart needed if there were previously no available services): systemctl restart xinetd

PXE configuration

1. Place PXE configuration in /var/lib/tftpboot/pxelinux/pxelinux.cfg, named "01-mac" e.g., "01-fc-2f-40-48-06-a0" - repeat once for each node

PXE configuration file contents:

menu title F18 HighBank Boot Options

default Highbank-Install
prompt 1
timeout 100

label Highbank-Install
    kernel f18-highbank/vmlinuz-highbank
    initrd f18-highbank/initrd-highbank.img
    append console=ttyAMA0 ip=eth0:dhcp ks=http://192.168.1.254/f18-highbank/F18-highbank.ks rd.shell

HTTP configuration

1. Configure httpd to serve /var/lib/tftpboot/f18-highbank as /f18-highbank by adding this text to /etc/httpd/conf.d/f18-highbank.conf:

Alias /f18-highbank "/var/lib/tftpboot/f18-highbank"

<Directory "/var/lib/tftpboot/f18-highbank">
   Options Indexes
   AllowOverride None
   Order allow,deny
   Allow from 192.168.1.0/24
   Deny from all
</Directory>

IPMI Control of the Highbank Server

Fedora includes a version of ipmitool but this does not include the Calxeda (cxoem) extensions. You can build the Calxeda version from the source:

git clone git://sources.calxeda.com/ipmitool.git
cd ipmitol
./configure
make
sudo make install

The cxmanage wrapper script can also be retrieved in a similar way:

git clone git://sources.calxeda.com/cxmanage.git
cd cxmanage
python setup.py install

Getting Console Access on the Highbank Server

You can connect to the console of a particular node on the Highbank server with:

ipmitool -I lanplus -H ipaddress -U admin -P admin sol activate

Change the IP address to address the management processor on the desired node.

Node Power Control on the Highbank Server

Turn a node on:

ipmitool -H ipaddress -U admin -P admin chassis power on

Reset a node (hard):

ipmitool -H ipaddress -U admin -P admin chassis power reset

Turn a node off:

ipmitool -H ipaddress -U admin -P admin chassis power off