198
edits
Changes
→DHCP configuration
== Introduction ==
These are detailed instructions for setting up an F18 installation on a [http://calxeda.com Calxeda] Highbank box such as a [http://boston.co.uk Boston] [http://www.boston.co.uk/solutions/viridis/default.aspx Viridis] server. These instructions are a more detailed (and specific) version of the notes at [[:fedora:Architectures/ARM/F18/HighBank]]
== Assumptions ==
# Highbank box is on a private LAN 192.168.1.0/24
# F18 x86_64 host has two NICs - one to private LAN, one to Internet
== Packages Required ==
* dhcp
* tftp-server
* httpd
== NAT configuration ==
The firewall and NAT is configured with a iptables script:
1. Stop/disable firewalld
<pre>
systemctl stop firewalld
systemctl disable firewalld
</pre>
2. Start/enable iptables
<pre>
systemctl start iptables
systemctl enable iptables
</pre>
3. Run the iptables script and save the iptables rules
<pre>
/root/iptables.sh
iptables-save > /etc/sysconfig/iptables
</pre>
File: /root/iptables.sh
<pre>
#!/bin/bash
echo "Setting iptables rules"
iptables -F
iptables -t nat -F
# Add loopback interface
iptables -A INPUT -i lo -j ACCEPT
iptables -A OUTPUT -o lo -j ACCEPT
# Allow DNS
iptables -A INPUT -i em1 -p tcp --dport 2049 -j ACCEPT
iptables -A INPUT -i em1 -p udp --dport 2049 -j ACCEPT
iptables -A INPUT -i em1 -p tcp --dport 111 -j ACCEPT
iptables -A INPUT -i em1 -p udp --dport 111 -j ACCEPT
iptables -A INPUT -i em1 -p tcp --dport 53 -j ACCEPT
iptables -A INPUT -i em1 -p udp --dport 53 -j ACCEPT
iptables -A INPUT -i em1 -p tcp --dport 22 -j ACCEPT
iptables -A INPUT -i em1 -p tcp --dport 80 -j ACCEPT
iptables -A INPUT -i em1 -p tcp --dport 443 -j ACCEPT
iptables -A INPUT -i p11p1 -s 192.168.1.0/24 -j ACCEPT
iptables -t nat -A POSTROUTING -s 192.168.1.0/24 -o em1 -j MASQUERADE
iptables -A FORWARD -s 192.168.1.0/24 -j ACCEPT
iptables -A FORWARD -d 192.168.1.0/24 -j ACCEPT
iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
# Drop whatever else may come to input
iptables -P INPUT DROP
iptables -P OUTPUT ACCEPT
iptables -P FORWARD ACCEPT
</pre>
== DHCP configuration ==
1. Start/enable the network service
<pre>
systemctl start network
systemctl enable network
</pre>
2. Set static ip address on interface facing private network
File: /etc/sysconfig/network-scripts/ifcfg-p11p1
<pre>
TYPE=Ethernet
DEVICE=p11p1
BOOTPROTO=static
NM_CONTROLLED=yes
ONBOOT=yes
IPADDR=192.168.1.254
NETMASK=255.255.255.0
NETWORK=192.168.1.0
BROADCAST=192.168.1.255
DNS1=142.204.43.43
DNS2=8.8.8.8
DOMAIN="proximity.on.ca senecac.on.ca"
HWADDR=00:0A:CD:1E:83:BA
</pre>
3. Restart the NetworkManager service
<pre>
systemctl restart NetworkManager
</pre>
4. Configure dhcpd
File: /etc/dhcp/dhcpd.conf
<pre>
option domain-name-servers 142.204.1.2,142.204.43.43;
default-lease-time 86400;
max-lease-time 86400;
authoritative;
log-facility local7;
allow booting;
allow bootp;
subnet 192.168.1.0 netmask 255.255.255.0 {
option routers 192.168.1.254;
option subnet-mask 255.255.255.0;
option broadcast-address 192.168.1.255;
range 192.168.1.100 192.168.1.199;
next-server 192.168.1.254;
host seneca0 { option host-name "seneca0"; hardware ethernet fc:2f:40:48:06:a0; fixed-address 192.168.1.100;}
}
</pre>
== TFTP configuration ==
# Create <code>/var/lib/tftpboot/pxelinux/pxelinux.cfg</code>
# Create <code>/var/lib/tftpboot/f18-highbank</code>
# Place these files in <code>/var/lib/tftpboot/f18-highbank</code>:#* http://fedoraproject.org/w/uploads/c/cf/F18-highbank.ks#* http://dl.fedoraproject.org/pub/fedora-secondary/releases/18/Fedora/armhfp/os/images/pxeboot/initrd-highbank.img#* http://dl.fedoraproject.org/pub/fedora-secondary/releases/18/Fedora/armhfp/os/images/pxeboot/vmlinuz-highbank#* http://dl.fedoraproject.org/pub/fedora-secondary/releases/18/Fedora/armhfp/os/images/pxeboot/upgrade-highbank.img#* http://dl.fedoraproject.org/pub/fedora-secondary/releases/18/Fedora/armhfp/os/images/pxeboot/uImage-highbank#* http://dl.fedoraproject.org/pub/fedora-secondary/releases/18/Fedora/armhfp/os/images/pxeboot/uInitrd-highbank# Change <code>disable = yes</code> to <code>disable = no</code> in <code>/etc/xinetd.d/tftp</code># Reload/restart xinetd (note: restart needed if there were previously no available services): <code>systemctl restart xinetd</code>
== PXE configuration ==
# Place PXE configuration in <code>/var/lib/tftpboot/pxelinux/pxelinux.cfg</code>, named "01-mac" e.g., "01-fc-2f-40-48-06-a0"- repeat once for each node
PXE configuration file contents:
kernel f18-highbank/vmlinuz-highbank
initrd f18-highbank/initrd-highbank.img
append console=ttyAMA0 ip=eth0:dhcp ks=<nowiki>http://192.168.1.254/f18-highbank/F18-highbank.ks </nowiki> rd.shell
== HTTP configuration ==
# Configure httpd to serve <code>/var/lib/tftpboot/f18-highbank</code> as <code>/f18-highbank</code> by adding this text to <code>/etc/httpd/conf.d/f18-highbank.conf</code>:
Alias /f18-highbank "/var/lib/tftpboot/f18-highbank"
<Directory "/var/lib/tftpboot/f18-highbank">
Options Indexes
AllowOverride None
Order allow,deny
Allow from 192.168.1.0/24
Deny from all
</Directory>
== IPMI Control of the Highbank Server ==
Fedora includes a version of ipmitool but this does not include the Calxeda (cxoem) extensions. You can build the Calxeda version from the source:
git clone git://sources.calxeda.com/ipmitool.git
cd ipmitol
./configure
make
sudo make install
The cxmanage wrapper script can also be retrieved in a similar way:
git clone git://sources.calxeda.com/cxmanage.git
cd cxmanage
python setup.py install
== Getting Console Access on the Highbank Server ==
You can connect to the console of a particular node on the Highbank server with:
ipmitool -I lanplus -H '''ipaddress''' -U admin -P admin sol activate
Change the IP address to address the management processor on the desired node.
== Node Power Control on the Highbank Server ==
Turn a node on:
ipmitool -H '''ipaddress''' -U admin -P admin chassis power on
Reset a node (hard):
ipmitool -H '''ipaddress''' -U admin -P admin chassis power reset
Turn a node off:
ipmitool -H '''ipaddress''' -U admin -P admin chassis power off