Project

General

Profile

Demande #944

installation nouveau serveur

Added by Quentin Gibeaux almost 10 years ago. Updated over 9 years ago.

Status:
Fermé
Priority:
Normale
Assignee:
Category:
-
Target version:
Start date:
09/27/2012
Due date:
10/31/2012
% Done:

100%

Estimated time:
(Total: 2.00 h)
Spent time:
10.50 h (Total: 12.50 h)
Difficulté:

Description

une nouvelle machine est hébergée à la fondation free, il faut l'installer correctement.

  • trouver un nom
  • ajouter un enregistrement dns vers la machine et son drac
  • installer etckeeper
  • installer munin
  • mettre un firewall
  • intégrer au réseau vpn
  • changer le nom en yopo
  • installer OpenStack en utilisant http://wiki.debian.org/OpenStackPuppetHowto avec les variations suivantes:
    • le volume group utilisé pour allouer des disques n'a pas le nom standard : vg au lieu de volume-group. Sur le puppet master bm0001.the.re:
      node 'bm0008.the.re' inherits compute {
        nova_config { 'routing_source_ip': value => $::ipaddress_eth0 }
        class { 'nova::volume::iscsi':
          volume_group        => 'vg',
          iscsi_helper        => 'iscsitarget',
        }
      }
      
    • le fichier /etc/puppet/files/hosts est modifié pour ajouter yopo pour qu'il soit connu des autres hosts. Sur le puppet master bm0001.the.re:
      # Fondation Free, april, admins@april.org                                                                                                         
      88.191.250.11   bm0008.the.re
      192.168.100.8   bm0008.the
      

Files

console.png (63.1 KB) console.png console Loïc Dachary, 09/22/2012 07:02 PM
launch.png (70.5 KB) launch.png lancementconsole Loïc Dachary, 09/22/2012 07:06 PM

Subtasks

Demande #959: mise a jour du wiki avec les informations pour yopoFerméLoïc Dachary

Actions

Related issues

Related to Admins - Demande #956: plage d'IP routée par le VPN April et dédiée à yopoFermé09/23/2012

Actions

History

#1

Updated by Loïc Dachary almost 10 years ago

Je propose d'installer OpenStack sur cette machine. Oui : le cloud mono-machine ça existe ;-)

#2

Updated by Loïc Dachary almost 10 years ago

  • Assignee set to Loïc Dachary
  • Target version set to April Camp septembre 2012
#3

Updated by Loïc Dachary almost 10 years ago

DNS ne répond pas: /etc/resolv.conf

search april.org april-int
nameserver 192.168.2.12
nameserver 192.168.1.12

ajout de 8.8.8.8
cat /etc/resolv.conf
search april.org april-int
nameserver 8.8.8.8
nameserver 192.168.2.12
nameserver 192.168.1.12

puis installation dnsmasq et utilisation du resolver local
cat /etc/resolv.conf
search april.org april-int
nameserver 127.0.0.1
nameserver 192.168.2.12
nameserver 192.168.1.12

#4

Updated by Loïc Dachary almost 10 years ago

Supprime non-free et contrib

diff --git a/apt/sources.list b/apt/sources.list
index bc6a722..5d4b5e1 100644
--- a/apt/sources.list
+++ b/apt/sources.list
@@ -1,9 +1,9 @@
-deb http://ftp.fr.debian.org/debian/ squeeze main non-free contrib
-deb-src http://ftp.fr.debian.org/debian/ squeeze main non-free contrib
+deb http://ftp.fr.debian.org/debian/ squeeze main  
+deb-src http://ftp.fr.debian.org/debian/ squeeze main  

-deb http://security.debian.org/ squeeze/updates main contrib non-free
-deb-src http://security.debian.org/ squeeze/updates main contrib non-free
+deb http://security.debian.org/ squeeze/updates main  
+deb-src http://security.debian.org/ squeeze/updates main  

 # squeeze-updates, previously known as 'volatile'
-deb http://ftp.fr.debian.org/debian/ squeeze-updates main contrib non-free
-deb-src http://ftp.fr.debian.org/debian/ squeeze-updates main contrib non-free
+deb http://ftp.fr.debian.org/debian/ squeeze-updates main  
+deb-src http://ftp.fr.debian.org/debian/ squeeze-updates main  

#5

Updated by Loïc Dachary almost 10 years ago

echo deb http://ftp.fr.debian.org/debian/ wheezy main > /etc/apt/sources.list.d/wheezy.list
#6

Updated by Loïc Dachary almost 10 years ago

Définition de bm0008.the.re pour pointer sur yopo.april.org

#8

Updated by Loïc Dachary almost 10 years ago

Le firewall n'est pas compatible avec OpenStack, il est désactivé:

# update-rc.d firewall disable
update-rc.d: using dependency based boot sequencing
insserv: warning: current start runlevel(s) (empty) of script `firewall' overwrites defaults (2 3 4 5).
insserv: warning: current stop runlevel(s) (0 1 2 3 4 5 6) of script `firewall' overwrites defaults (0 1 6).
# /etc/init.d/firewall stop
#9

Updated by Loïc Dachary almost 10 years ago

Le package privateur contenant le firmware pour la carte réseau est mis à jour depuis le repository non-free

apt-get install firmware-bnx2

#10

Updated by Loïc Dachary almost 10 years ago

Apres upgrade wheezy, yopo ne reboot pas. Acces via https://drac-yopo.april.org/ montre que le kernel ne trouve pas vg/root. Pour booter sur le kernel précédent il faut augmenter le timeout de grub. Il est de 5 secondes et il faut plus de 5 secondes pour relancer la console drac après un reboot.

(initramfs) mount -t ext4 /dev/sda1 /mnt
(initramfs) vi /mnt/grub/grub.cfg
changer timeout a 50
(initramfs) umount /mnt

#11

Updated by Loïc Dachary almost 10 years ago

Pour booter en mode rescue, download une image rescue sur sa propre machine:

# wget -O debian.iso http://cdimage.debian.org/cdimage/wheezy_di_beta2/amd64/iso-cd/debian-wheezy-DI-b2-amd64-netinst.iso

Aller sur https://drac-yopo.april.org/ et cliquer sur "Launch Virtual Console" qui va lancer une console qui marche avec du java libre.
lancementconsole
Ajouter debian.iso en cliquant sur l'entrée de menu Virtual Media
console
Rebooter avec "Macros" => "Control-Alt-Del", taper sur F11 pour avoir le menu de boot et selectionner le device virtuel iDrac.

#12

Updated by Loïc Dachary almost 10 years ago

Ou clicquer pour lancer la console

#13

Updated by Loïc Dachary almost 10 years ago

Après avoir fait plusieurs tenatives pour convaincre mdadm de detecter les devices au boot, ça a finit par marcher.
Avant que ça marche on parvenait a booter en faisant:

(initramfs) mdadm --assemble /dev/md0 /dev/sda2 /dev/sdb2
(initramfs) lvm vgscan
(initramfs) vgscan -ay

Après ça boot tout seul, il détecte md0 ( c'est scripts/local-top/mdadm qui fait le travail ).
Sans pour autant qu'on puisse déterminer quelle modification est responsable de cette correction.
Le git diff de /etc au moment ou ça s'est mis a marcher contient peut-être un indice:
commit 04b7caf697a92caa31159b2af406d4bf668a7091
Author: root <root@yopo.april.org>
Date:   Sat Sep 22 20:41:16 2012 +0200

    saving uncommitted changes in /etc prior to apt run

diff --git a/default/grub b/default/grub
index b3a3467..1780b68 100644
--- a/default/grub
+++ b/default/grub
@@ -3,8 +3,8 @@
 # For full documentation of the options in this file, see:
 #   info -f grub -n 'Simple configuration'

-GRUB_DEFAULT=0
-GRUB_TIMEOUT=5
+GRUB_DEFAULT=1
+GRUB_TIMEOUT=30
 GRUB_DISTRIBUTOR=`lsb_release -i -s 2> /dev/null || echo Debian`
 GRUB_CMDLINE_LINUX_DEFAULT="quiet" 
 GRUB_CMDLINE_LINUX="" 
diff --git a/init.d/.depend.boot b/init.d/.depend.boot
index 03ffdf5..0193230 100644
--- a/init.d/.depend.boot
+++ b/init.d/.depend.boot
@@ -1,4 +1,4 @@
-TARGETS = mountkernfs.sh udev mountdevsubfs.sh bootlogd keyboard-setup hwclock.sh hostname.sh checkroot.sh mdadm-raid mtab.sh checkroot-bootclean.sh kmod lvm2 checkfs.sh mountall.sh urandom procps mountall-bootclean.sh udev-mtab networking rpcbind portmap nfs-common mountnfs.sh mountnfs-bootclean.sh kbd console-setup bootmisc.sh stop-bootlogd-single
+TARGETS = mountkernfs.sh udev mountdevsubfs.sh bootlogd keyboard-setup hwclock.sh hostname.sh checkroot.sh mdadm-raid mtab.sh checkroot-bootclean.sh kmod lvm2 checkfs.sh mountall.sh urandom procps mountall-bootclean.sh udev-mtab networking portmap rpcbind nfs-common mountnfs.sh mountnfs-bootclean.sh kbd console-setup bootmisc.sh stop-bootlogd-single
 INTERACTIVE = udev keyboard-setup checkroot.sh checkfs.sh kbd console-setup
 udev: mountkernfs.sh
 mountdevsubfs.sh: mountkernfs.sh udev
@@ -19,12 +19,12 @@ procps: bootlogd mountkernfs.sh mountall.sh udev
 mountall-bootclean.sh: mountall.sh
 udev-mtab: udev mountall.sh
 networking: mountkernfs.sh mountall.sh urandom
-rpcbind: networking mountall.sh
 portmap: networking mountall.sh
+rpcbind: networking mountall.sh
 nfs-common: rpcbind hwclock.sh
 mountnfs.sh: mountall.sh networking rpcbind nfs-common
 mountnfs-bootclean.sh: mountall.sh mountnfs.sh
 kbd: mountall.sh mountnfs.sh mountnfs-bootclean.sh
 console-setup: mountall.sh mountnfs.sh mountnfs-bootclean.sh kbd
 bootmisc.sh: mountall.sh mountnfs.sh mountnfs-bootclean.sh udev
-stop-bootlogd-single: mountall.sh udev keyboard-setup console-setup networking rpcbind nfs-common lvm2 mountdevsubfs.sh mdadm-raid checkfs.sh hwclock.sh mountnfs.sh mountnfs-bootclean.sh mountkernfs.sh urandom hostname.sh portmap checkroot.sh bootlogd procps mtab.sh kbd mountall-bootclean.sh checkroot-bootclean.sh kmod udev-mtab bootmisc.sh
+stop-bootlogd-single: mountall.sh udev keyboard-setup console-setup hwclock.sh mountdevsubfs.sh checkroot.sh networking mountnfs.sh mountnfs-bootclean.sh portmap urandom mdadm-raid rpcbind lvm2 checkfs.sh mountkernfs.sh hostname.sh nfs-common bootlogd procps mtab.sh kbd mountall-bootclean.sh checkroot-bootclean.sh kmod udev-mtab bootmisc.sh
diff --git a/init.d/.depend.start b/init.d/.depend.start
index fffc2fc..303dcc1 100644
--- a/init.d/.depend.start
+++ b/init.d/.depend.start
@@ -1,9 +1,9 @@
-TARGETS = motd killprocs rpcbind portmap nfs-common rsyslog openvpn atd dnsmasq mdadm acpid ssh dbus postfix exim4 munin-node cron rsync bootlogs single rc.local rmnologin stop-bootlogd
+TARGETS = motd killprocs portmap rpcbind nfs-common rsyslog openvpn dnsmasq mdadm atd acpid ssh dbus postfix exim4 munin-node cron rsync bootlogs single rc.local rmnologin stop-bootlogd
 INTERACTIVE = openvpn
 openvpn: rsyslog
-atd: rsyslog
 dnsmasq: rsyslog
 mdadm: rsyslog
+atd: rsyslog
 acpid: rsyslog
 ssh: rsyslog
 dbus: rsyslog
@@ -13,6 +13,6 @@ munin-node: dnsmasq
 cron: rsyslog dnsmasq
 rsync: rsyslog dnsmasq
 single: killprocs motd bootlogs
-rc.local: rpcbind nfs-common atd rsyslog postfix dnsmasq mdadm exim4 openvpn portmap munin-node motd bootlogs acpid ssh cron rsync dbus
-rmnologin: rpcbind nfs-common atd rsyslog postfix dnsmasq mdadm exim4 openvpn portmap munin-node motd bootlogs acpid ssh cron rsync dbus
-stop-bootlogd: rpcbind nfs-common atd rsyslog postfix dnsmasq mdadm exim4 openvpn portmap munin-node motd bootlogs acpid ssh cron rsync dbus
+rc.local: openvpn rsyslog postfix dnsmasq portmap mdadm atd exim4 rpcbind nfs-common munin-node motd bootlogs acpid ssh cron rsync dbus
+rmnologin: openvpn rsyslog postfix dnsmasq portmap mdadm atd exim4 rpcbind nfs-common munin-node motd bootlogs acpid ssh cron rsync dbus
+stop-bootlogd: openvpn rsyslog postfix dnsmasq portmap mdadm atd exim4 rpcbind nfs-common munin-node motd bootlogs acpid ssh cron rsync dbus
diff --git a/init.d/.depend.stop b/init.d/.depend.stop
index 2209561..f1b3b09 100644
--- a/init.d/.depend.stop
+++ b/init.d/.depend.stop
@@ -1,15 +1,15 @@
-TARGETS = firewall urandom portmap openvpn atd mdadm postfix exim4 munin-node sendsigs dnsmasq rsyslog umountnfs.sh rpcbind nfs-common hwclock.sh networking umountfs lvm2 umountroot mdadm-raid halt reboot
-sendsigs: atd postfix exim4 openvpn firewall munin-node
+TARGETS = firewall urandom portmap openvpn mdadm atd postfix exim4 munin-node sendsigs dnsmasq rsyslog umountnfs.sh rpcbind nfs-common hwclock.sh networking umountfs lvm2 umountroot mdadm-raid halt reboot
+sendsigs: openvpn postfix atd exim4 firewall munin-node
 dnsmasq: postfix exim4 munin-node
-rsyslog: atd postfix sendsigs mdadm exim4 openvpn firewall dnsmasq
-umountnfs.sh: atd postfix rsyslog exim4 openvpn firewall sendsigs munin-node
+rsyslog: openvpn sendsigs postfix mdadm atd exim4 firewall dnsmasq
+umountnfs.sh: openvpn rsyslog postfix atd exim4 sendsigs firewall munin-node
 rpcbind: umountnfs.sh
 nfs-common: umountnfs.sh
-hwclock.sh: atd rsyslog nfs-common
-networking: umountnfs.sh postfix rpcbind exim4 openvpn portmap munin-node
-umountfs: umountnfs.sh atd postfix mdadm rpcbind exim4 openvpn networking firewall urandom portmap hwclock.sh munin-node
+hwclock.sh: rsyslog atd nfs-common
+networking: openvpn postfix portmap exim4 rpcbind umountnfs.sh munin-node
+umountfs: hwclock.sh openvpn postfix portmap urandom mdadm atd exim4 rpcbind firewall networking umountnfs.sh munin-node
 lvm2: umountfs
 umountroot: lvm2 umountfs
-mdadm-raid: lvm2 mdadm umountfs
+mdadm-raid: mdadm lvm2 umountfs
 halt: umountroot
 reboot: umountroot
diff --git a/mdadm/mdadm.conf b/mdadm/mdadm.conf
index c6a99ad..dc7ef50 100644
--- a/mdadm/mdadm.conf
+++ b/mdadm/mdadm.conf
@@ -5,6 +5,7 @@

 # by default, scan all partitions (/proc/partitions) for MD superblocks.
 # alternatively, specify devices to scan, using wildcards if desired.
+#DEVICE /dev/sda2 /dev/sdb2
 DEVICE partitions

 # auto-create devices with Debian standard permissions
diff --git a/udev/rules.d/70-persistent-cd.rules b/udev/rules.d/70-persistent-cd.rules
index aee8300..2858aba 100644
--- a/udev/rules.d/70-persistent-cd.rules
+++ b/udev/rules.d/70-persistent-cd.rules
@@ -10,3 +10,11 @@ SUBSYSTEM=="block", ENV{ID_CDROM}=="?*", ENV{ID_PATH}=="pci-0000:00:1f.2-scsi-4:
 SUBSYSTEM=="block", ENV{ID_CDROM}=="?*", ENV{ID_PATH}=="pci-0000:00:1f.2-scsi-4:0:0:0", SYMLINK+="dvd", ENV{GENERATED}="1" 
 SUBSYSTEM=="block", ENV{ID_CDROM}=="?*", ENV{ID_PATH}=="pci-0000:00:1f.2-scsi-4:0:0:0", SYMLINK+="dvdrw", ENV{GENERATED}="1" 

+# Virtual_CD (pci-0000:00:1a.0-usb-0:1.2:1.1-scsi-0:0:0:0)
+SUBSYSTEM=="block", ENV{ID_CDROM}=="?*", ENV{ID_PATH}=="pci-0000:00:1a.0-usb-0:1.2:1.1-scsi-0:0:0:0", SYMLINK+="cdrom1", ENV{GENERATED}="1" 
+SUBSYSTEM=="block", ENV{ID_CDROM}=="?*", ENV{ID_PATH}=="pci-0000:00:1a.0-usb-0:1.2:1.1-scsi-0:0:0:0", SYMLINK+="dvd1", ENV{GENERATED}="1" 
+
+# Virtual_CD (pci-0000:00:1a.0-usb-0:1.2:1.1-scsi-0:0:0:0)
+SUBSYSTEM=="block", ENV{ID_CDROM}=="?*", ENV{ID_SERIAL}=="iDRAC_Virtual_CD_20080519-0:0", SYMLINK+="cdrom2", ENV{GENERATED}="1" 
+SUBSYSTEM=="block", ENV{ID_CDROM}=="?*", ENV{ID_SERIAL}=="iDRAC_Virtual_CD_20080519-0:0", SYMLINK+="dvd2", ENV{GENERATED}="1" 
+

#14

Updated by Loïc Dachary almost 10 years ago

  • Due date set to 09/22/2012
  • Status changed from En cours de traitement to Résolu
  • % Done changed from 0 to 100
#15

Updated by Loïc Dachary over 9 years ago

  • Status changed from Résolu to Fermé
#16

Updated by Loïc Dachary over 9 years ago

  • Target version changed from April Camp septembre 2012 to Octobre 2012

Also available in: Atom PDF