Changeset 1878 for branches/fc15-dev/server/doc
- Timestamp:
- Jun 7, 2011, 12:58:14 PM (13 years ago)
- Location:
- branches/fc15-dev
- Files:
-
- 3 edited
Legend:
- Unmodified
- Added
- Removed
-
branches/fc15-dev
- Property svn:mergeinfo changed
/trunk (added) merged: 1811,1813-1819,1821-1825,1838,1848-1856,1858-1872,1877
- Property svn:mergeinfo changed
-
branches/fc15-dev/server/doc/install-ldap
r1698 r1878 28 28 29 29 # Inside cn=config. These changes definitely require a restart. 30 nsslapd-ldapifilepath: /var/run/ dirsrv/slapd-scripts.socket30 nsslapd-ldapifilepath: /var/run/slapd-scripts.socket 31 31 nsslapd-ldapilisten: on 32 32 nsslapd-syntaxcheck: off … … 51 51 - chown fedora-ds:fedora-ds /var/run/dirsrv 52 52 - chown fedora-ds /etc/dirsrv/keytab 53 - chmod 755 /var/run/dirsrv54 53 - /sbin/service dirsrv start 55 54 - Use ldapvi -b cn=config to add these indexes (8 of them): -
branches/fc15-dev/server/doc/install-xen
r1693 r1878 1 # install Hardy 2 # this involves complicated partitioning (with lvm) 3 # the popular version of Grub doesn't cope with this. 4 # Thus, we need a boot partition not under LVM 5 # allocate about 1G for /root ext3 filesystem 6 # partition the two disks the same way 7 # that means you have two disks, each with a 1G partition and 8 # a "rest-of-the-space"G partition 9 # now, combine the two 1G partitions into a RAID 1 (as /boot ext3) 10 # take the two other partitions, another RAID 1 (set up as lvm) 11 # create one volume group the same as the host 12 # in that volume group, create two lvs one of them named root (ext3) 13 # and one named swap (copy sizes, 10G root and 2G swap) 14 # F11 will suggest ext4, DON'T USE IT. 1 # install Squeeze 2 # Configure each drive with a 1G partition and a rest-of-the-space partition, as RAID 3 # Create a RAID1 for the 1G partitions 4 # Create a RAID1 for each pair of rest-of-the-space partitions 5 # Create an ext3 /boot on the 1G RAID1 6 # Create an LVM volume group named after the machine's short hostname 7 # Create an LV called "swap" that is the same size as the machine's physical RAM 8 # Create an LV called "root" that is 50G ext4 9 10 # ??? F11 will suggest ext4, DON'T USE IT. 15 11 # - New filesystem, so it's scary 16 12 # - The hosts can't mount it 17 13 # - Grub can't cope with it 18 14 19 # enable backports (because Xen 3.3 is in hardy backports) 20 apt-get update 21 apt-get dist-upgrade 15 # install useful utility packages 16 aptitude install htop ipmitool emacs23-nox vim memtest86 memtest86+ ntp ntpdate git smartmontools kpartx apticron bwm-ng bzip2 ethtool i2c-tools lm-sensors mii-diag molly-guard mtr-tiny nbd-client nbd-server rlwrap strace tcpdump tree 17 git config --global color.ui auto 18 22 19 # install Xen 23 apt-get install ubuntu-xen-server 20 aptitude install xen-linux-system 21 24 22 # download Debathena archive key, verify 25 apt-key add ... 26 # add Debathena repos to etc/apt.d/sources.list 27 # install Debathena software 28 apt-get install debathena-clients 23 (aptitude install debian-keyring && 24 cd /tmp && 25 wget http://debathena.mit.edu/apt/debathena-archive.asc && 26 kcr_fingerprint=$(gpg --keyring /usr/share/keyrings/debian-keyring.gpg --no-default-keyring --list-keys --with-colons kcr@debian.org | grep ^pub | cut -f 5 -d :) && 27 gpg --primary-keyring /tmp/debathena.gpg --no-default-keyring --import debathena-archive.asc && 28 gpg --primary-keyring /tmp/debathena.gpg --no-default-keyring --refresh-keys && 29 gpg --primary-keyring /tmp/debathena.gpg --no-default-keyring --keyring /usr/share/keyrings/debian-keyring.gpg --check-sigs --with-colons debathena@mit.edu | grep '^sig:!' | cut -d: -f5 | grep -q $kcr_fingerprint && 30 gpg --primary-keyring /tmp/debathena.gpg --no-default-keyring --export debathena@mit.edu | apt-key adv --import) 31 32 # add Debathena repos to etc/apt/sources.list.d 33 cat <<EOF > /etc/apt/sources.list.d/debathena.list 34 deb http://debathena.mit.edu/apt squeeze debathena debathena-config debathena-system openafs 35 deb-src http://debathena.mit.edu/apt squeeze debathena debathena-config debathena-system openafs 36 EOF 37 38 # install host keytab 39 cp $keytab /etc/krb5.keytab 40 k5srvutil change 41 k5srvutil delold 42 # install ~/.k5login 43 # install Debathena software (hit enter to take the defaults at the 44 # configuration prompts) 45 aptitude update 46 aptitude install debathena-clients debathena-ssh-server-config 29 47 # compare packages with another server 30 dpkg -l48 dpkg -l 31 49 # reconfigure so that we can get an MTA, although we don't 32 # want the hosts to accept mail ( smart host, does not takemail)50 # want the hosts to accept mail (mail sent by smarthost; no local mail) 33 51 # outgoing.mit.edu 34 dpkg reconfigure xm4-config52 dpkg-reconfigure exim4-config 35 53 # answer questions properly 36 54 # change root alias in /etc/aliases to be the same as scripts server 37 55 # reload it 38 56 newaliases 39 # ssh key for host...40 # install host keytab 57 # clone the xen config (/etc/xen) 58 git clone -b squeeze ssh://scripts@scripts.mit.edu/mit/scripts/git/xen.git /etc/xen 41 59 # copy conserver config (we need to version this) 42 # clone the xen config (/etc/xen) 43 git clone ssh://scripts@scripts.mit.edu/mit/scripts/git/xen.git /etc/xen 44 60 aptitude install sudo conserver-{server,client} 45 61 # setup conserver 46 cat /etc/conserver/console.cf # add the correct entires here 62 cat <<EOF > /etc/conserver/conserver.cf 63 config * { 64 sslrequired no; 65 } 66 default full { 67 rw *; 68 } 69 default * { 70 logfile /var/log/conserver/&.log; 71 timestamp "1lab"; 72 include full; 73 sslrequired no; 74 options reinitoncc; 75 } 76 default xen { 77 type exec; 78 exec sudo xm console f; 79 execsubst f=cs; 80 } 81 access * { 82 trusted 127.0.0.1; 83 } 84 EOF 47 85 visudo # add conservr to sudoers list with: 48 86 conservr ALL=(ALL) NOPASSWD: /usr/sbin/xm console * 87 88 # setup munin and nagios 89 aptitude install munin-node 90 cat <<EOF >> /etc/munin/munin-node.conf 91 allow ^18\.187\.1\.128$ 92 allow ^18\.181\.0\.65$ 93 allow ^18\.181\.0\.51$ 94 EOF 95
Note: See TracChangeset
for help on using the changeset viewer.