Difference between revisions of "Agile testbed"
From PDP/Grid Wiki
Jump to navigationJump to search (→NAT) |
|||
| Line 55: | Line 55: | ||
and, optionally, | and, optionally, | ||
| + | * a pre-generated ssh host key (highly recommended!) | ||
* a recipe for automated customization | * a recipe for automated customization | ||
* a host key for SSL | * a host key for SSL | ||
| Line 71: | Line 72: | ||
/etc/init.d/dnsmasq restart | /etc/init.d/dnsmasq restart | ||
| + | Now almost everything is ready to start building a VM. If ssh is to be used later on to log in to the machine (and this is almost '''always''' the case), it is tremendously '''useful''' to have a pre-generated host key (for otherwise each time the machine is re-installed the host key changes, and ssh refuses to log in until you remove the offending key from the known_hosts. This '''will happpen'''). Therefore, run | ||
| + | /usr/local/bin/keygen <hostname> | ||
| + | to pre-generate the ssh keys. | ||
| + | |||
| + | Depending on the purpose of the machine, an X.509 host certificate needs to be issued. | ||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
* (optional) generate or request an X509 host certificate. For local machines in the .testbed domain, Dutchgrid certificates won't be issued, but a testbed-wide CA is in use, ask Dennis. The certificate and key are stored in | * (optional) generate or request an X509 host certificate. For local machines in the .testbed domain, Dutchgrid certificates won't be issued, but a testbed-wide CA is in use, ask Dennis. The certificate and key are stored in | ||
/var/local/hostkeys/pem/<hostname>/hostcert.pem | /var/local/hostkeys/pem/<hostname>/hostcert.pem | ||
| Line 110: | Line 109: | ||
** With Debian preseeding, this may be automated by either setting <tt>d-i netcfg/dhcp_options select Retry network autoconfiguration</tt> or <tt>d-i netcfg/dchp_timeout string 60</tt>. | ** With Debian preseeding, this may be automated by either setting <tt>d-i netcfg/dhcp_options select Retry network autoconfiguration</tt> or <tt>d-i netcfg/dchp_timeout string 60</tt>. | ||
* Sometimes, a storage device is re-used (especially when recreating a domain after removing it '''and''' the associated storage). The re-use may cause the partitioner to see an existing LVM definition and fail, complaining that the partition already exists; you can re-use an existing LVM volume by using the argument: <tt>--disk vol=vmachines/blah</tt>. | * Sometimes, a storage device is re-used (especially when recreating a domain after removing it '''and''' the associated storage). The re-use may cause the partitioner to see an existing LVM definition and fail, complaining that the partition already exists; you can re-use an existing LVM volume by using the argument: <tt>--disk vol=vmachines/blah</tt>. | ||
| − | |||
=== importing a VM image from another source === | === importing a VM image from another source === | ||
