Difference between revisions of "Managing the security training sites"

From PDP/Grid Wiki
Jump to navigationJump to search
(Add jeep to the list)
(re-installation, log files and daemons)
Line 70: Line 70:
 
=== re-installation ===
 
=== re-installation ===
  
It may be necessary to start from scratch with a machine. This is easier than a new installation, as the definition already exists in XCP and cobbler. The only thing that needs to be reset is the bootloader. The script [[Media:Vm-reinstall.sh]] does just that. After that, run the command
+
It may be necessary to start from scratch with a machine. This is easier than a new installation, as the definition already exists in XCP and cobbler. The only thing that needs to be reset is the bootloader. The script [[Media:Vm-reinstall1.sh]] does just that. It also reboots the machine, so it will go into installing right away.
xe vm-reboot vm=wms.darknet
 
to initiate the reinstallation. Cobbler has some tricks to preserve ssh host keys and minion keys from a previous installation, but this may or may not work. In one experiment it actually seemed not to have worked. There is a bug in the restore_keys function, which is now remedied in the keep_more_files snippet in cobbler.
 
  
Otherwise make sure to remove the minion key from cobbler
+
The previous ssh and salt keys are preserved during the installation, so it should not be necessary to re-initialize. Should this fail, check the following:
  salt-key -d <machine>
+
 
before starting the machine, otherwise the minion will fail and ssh login will be more cumbersome as the correct ssh key has not yet been installed by salt!
+
* Does the minion ping from the salt master?
 +
cobbler# salt 'ce.vogsphere' test.ping
 +
* If so, everything is ok.
 +
* If not, check the logfile of the master to see if a different key was presented
 +
  /var/log/salt/master
 +
* Log on to the console of the VM and restart the minion:
 +
pool-bl0b# xe console name-label=ce.vogsphere
 +
* Restart the minion. Check the minion logfile. If the key is rejected because it changed, the minion will halt again.
 +
* In that case, make sure to remove the minion key from cobbler
 +
  salt-key -d ce.vogsphere
  
 
== Darknet CA ==
 
== Darknet CA ==

Revision as of 01:27, 22 March 2014