Difference between revisions of "Agile testbed"

From PDP/Grid Wiki
Jump to navigationJump to search
Line 18: Line 18:
  
 
These four machines all run [http://www.debian.org/releases/stable/ Debian squeeze] with [http://www.linux-kvm.org/page/Main_Page KVM] for virtualization, managed by [http://libvirt.org/ libvirt].
 
These four machines all run [http://www.debian.org/releases/stable/ Debian squeeze] with [http://www.linux-kvm.org/page/Main_Page KVM] for virtualization, managed by [http://libvirt.org/ libvirt].
 
These hosts cannot be accessed directly; they live in a LAN with no inbound connectivity. The management host '''bleek.nikhef.nl''' is the entry point to the entire testbed. It takes care of network address translation (NAT) of the 10.198.0.0/16 range used inside the testbed, resolving hostnames and handing out ip addresses (with dnsmasq), serving home directories, and serving VM installation details such as kickstart files (Red Hat/Fedora) and preseed configurations (Debian).
 
 
Access to bleek.nikhef.nl is restricted to users who have a home directory with their ssh pulic key in ~/.ssh/authorized_keys.
 
 
Since all access has to go through bleek, it is convenient to set up ssh to proxy connections to *.testbed through bleek in combination with sharing connections, in ~/.ssh/config:
 
 
Host *.testbed
 
CheckHostIP no
 
ProxyCommand ssh -q -A bleek.nikhef.nl /usr/bin/nc %h %p 2>/dev/null
 
 
Host *.nikhef.nl
 
ControlMaster auto
 
ControlPath /tmp/%h-%p-%r.shared
 
 
  
 
There are some more machines with an earlier setup using Xen on CentOS 5, but these will be phased out and reinstalled.
 
There are some more machines with an earlier setup using Xen on CentOS 5, but these will be phased out and reinstalled.
Line 93: Line 78:
 
|  
 
|  
 
|}
 
|}
 +
 +
=== The head node ===
 +
 +
These hosts cannot be accessed directly; they live in a LAN with no inbound connectivity. The management host '''bleek.nikhef.nl''' is the entry point to the entire testbed. It takes care of network address translation (NAT) of the 10.198.0.0/16 range used inside the testbed, resolving hostnames and handing out ip addresses (with dnsmasq), serving home directories, and serving VM installation details such as kickstart files (Red Hat/Fedora) and preseed configurations (Debian).
 +
 +
Access to bleek.nikhef.nl is restricted to users who have a home directory with their ssh pulic key in ~/.ssh/authorized_keys.
 +
 +
Since all access has to go through bleek, it is convenient to set up ssh to proxy connections to *.testbed through bleek in combination with sharing connections, in ~/.ssh/config:
 +
 +
Host *.testbed
 +
CheckHostIP no
 +
ProxyCommand ssh -q -A bleek.nikhef.nl /usr/bin/nc %h %p 2>/dev/null
 +
 +
Host *.nikhef.nl
 +
ControlMaster auto
 +
ControlPath /tmp/%h-%p-%r.shared
  
 
== Network ==
 
== Network ==

Revision as of 23:24, 20 February 2013

Retrieved from "https://wiki.nikhef.nl/grid/index.php?title=Agile_testbed&oldid=8817"