Base Users Guide: 
| ||
|---|---|---|
| Prev | Appendix E. Kickstart Nodes Reference | Next |
The packages and other common elements of the 411 Secure Information Service.
Parent Nodes:
Sets up the 411 Secure Information Service for clients. The 411 service will automatically configure itself when a file is published. Also puts all current 411 files from the frontend into the kickstart file for services that cannot tolerate a single 411 failure. Note that 411 can never guarentee full absolute success at any single time. It only offers consistancy over the long term.
Parent Nodes:
Sets up the 411 Secure Information Service for Master nodes. Creates the RSA public and private keys for the cluster, and configures Apache for 411.
Parent Nodes:
AutoFS for automounting home directories over NFS or the loopback device.
Parent Nodes:
Base class for all Rocks nodes. This should include compute nodes, frontend nodes, standalone laptops, computer labs, graphics nodes, nfs servers To achieve this level of flexibility this base class should have edges only to those classes that implement the core of Rocks.
Parent Nodes:
Children Nodes:
Additional packages that may be needed on a server that was not originally built with Rocks. Tested on Native CentOS installed build machine.
Parent Nodes:
Children Nodes:
A Rocks Cluster Central server. Can kickstart other servers over the network. Also contains general Apache security setup.
Parent Nodes:
The 'client node' in the graph. This file is used as a connection point for other XML configuration nodes.
Parent Nodes:
Children Nodes:
Compute Appliance Node. You should create your own extend-compute.xml file to add functionality to this appliance type.
Children Nodes:
Add Development Appliance Definition to the Frontend
Parent Nodes:
devel-appliance
Take a root partition, and make it ours! This is the key to determining, on reinstalls, if we should save partitions (because the stamp is there) or blow away all the paritions on the disk (because the stamp isn't there).
Parent Nodes:
Configures a DNS nameserver for the cluster on the frontend. Both forward and reversed zones are defined using the database.
Parent Nodes:
Intended to be run after postshell. Will re-source the probed-ethers.sh and then regenerate configs for the network interfaces, modprobe.conf. ethers-server.xml will have probed the interfaces to create probed-ethers.sh. A user can put "postshell" on the command line and then edit probed-ethers.sh to arbitrarily re-assign mac:interface definitions.
Parent Nodes:
Default firewall rules for all appliances. Disable everything but SSH.
Parent Nodes:
Boot loader configuration for cluster frontends. Puts enough information on the command line to contact the central server on a reinstall.
Parent Nodes:
Do everything needed to kickstart compute nodes or, generally speaking, everything needed to kickstart any node from this machine.
Parent Nodes:
Mail support for nodes in the cluster. These nodes do not accept mail for local delivery. They pass everything to a mail hub (generally the frontend).
Parent Nodes:
Mail hub for the cluster. This node serves as the post-office for the whole cluster.
Parent Nodes:
NAS Appliance Node. You should create your own extend-nas.xml file to add functionality to this appliance type.
Children Nodes:
Place the root ssh public key from the installation machine on to the installed machine While we're at it suck over the SSL CA Cert/Key. This is a quick hack, we need a secure method for this to put our pants back on.
Parent Nodes:
Save the partition info from this node by sending a message back to the frontend. The frontend will store the partition info in the database
Parent Nodes:
Save the partition info for a server node by sending a message to the local host. This will store the partition info in the database. This file is a copy of 'partitions-save' which is connected to the 'client' graph. We need two files because of ordering: we want to save the partitions as early as possible on client nodes so we order 'partitions-save' off 'HEAD', but for server nodes, we need to wait for the database to be configured, so we order 'partitions-save-server' off 'TAIL'.
Parent Nodes:
Allow interaction after all post sections have run If postshell is on the command line, wait until /mnt/sysimage/tmp/postshell is removed interactively.
Parent Nodes:
Children Nodes:
Generates the resolv.conf file for slave nodes. We point to all nameservers listed in the PrivateDNSServers entry in the app_globals table in the database. This node used to be named copy-resolv.xml.
Parent Nodes:
The root node that is used by rolls in order to tell 'kpp' which node should be the root of the traversed graph
Children Nodes:
$Id: server-rootpw.xml,v 1.2 2011/06/21 23:26:04 anoop Exp $ Root Password for the frontend
Parent Nodes:
server
Configure the maximum size of a shared memory segment to be 3/4 of main memory
Parent Nodes:
SNMP Server. Open all the tables to the public and customize a couple site varialbe.
Parent Nodes:
SSH Config for compute nodes and other non-frontend appliances. We are using one key pair among all SSH servers in the cluster. This implies we do not care about Man-in-the-Middle attacks. We have subverted the protection for these attacks for several releases (broadcastSSH). This logic should not be in the ssh.xml node so the frontend will generate its own keypair.
Parent Nodes:
security-client
Node 'bootstrap-packages-core' referenced but not defined in this roll
Node 'c-development' referenced but not defined in this roll
Node 'core' referenced but not defined in this roll
Node 'database' referenced but not defined in this roll
Node 'database-data' referenced but not defined in this roll
Node 'database-schema' referenced but not defined in this roll
Node 'database-sec' referenced but not defined in this roll
Node 'devel-appliance' referenced but not defined in this roll
Node 'login' referenced but not defined in this roll
Node 'login-server' referenced but not defined in this roll
Node 'node' referenced but not defined in this roll
Node 'perl-development' referenced but not defined in this roll
Node 'perl-modules' referenced but not defined in this roll
Node 'python-development' referenced but not defined in this roll
Node 'security-client' referenced but not defined in this roll
Node 'security-server' referenced but not defined in this roll
Node 'server' referenced but not defined in this roll