iscsiadm -m node --targetname "iqn.1986-03.com.hp:storage.msa2012i.0834d5ecda.a" --rescan
+ on dijkstra: add aliases to the wwids (show topology)
- + on dijkstra: /etc/init.d/multipath-tools reload
+ + on dijkstra: service multipath-tools reload
}}}
== via telnet interface ==
vgcreate vg_ganeti /dev/cciss/c0d0p3
}}}
-=== create kvmU symbolic links ===
-
-On each node, create vmlinuz and initrd symlinks as expected by the kvm
-hypervisor (not strictly required if all guests will boot from their own
-kernels):
-
-{{{
- ln -s -T /boot/vmlinuz-2.6.32-5-amd64 /boot/vmlinuz-2.6-kvmU
- ln -s -T /boot/initrd.img-2.6.32-5-amd64 /boot/initrd.img-2.6-kvmU
-}}}
-
=== exchange ssh keys ===
on each node:
--mac-prefix 00:16:37 \
--no-ssh-init \
--no-etc-hosts \
- --hypervisor-parameters kvm:initrd_path=/boot/initrd.img-2.6-kvmU,kernel_path=/boot/vmlinuz-2.6-kvmU \
+ --hypervisor-parameters kvm:initrd_path=,kernel_path= \
foobar.debian.org
}}}
then:
reload multipath-tools on gnt-master (normaly bm-bl1):
- /etc/init.d/multipath-tools reload
+ service multipath-tools reload
add the WWNs to dsa-puppet/modules/multipath/files/bm-multipath.conf and define the alias and commit that file to git.
then:
* stop and start iscsi:
{{{
- /etc/init.d/open-iscsi stop &&
+ service open-iscsi stop &&
sleep 3 &&
- (cd / && env -i /etc/init.d/open-iscsi start)
+ service open-iscsi start)
}}}
* not sure if this is necessary again:
* for the wwid thing in there create an entry in multipath.conf with a proper name, then reload multipathd
{{{
vi /etc/multipath.conf
- /etc/init.d/multipath-tools reload
+ service multipath-tools reload
echo show topology | multipathd -k
ls -l /dev/mapper
}}}
* setup [[puppet|howto/puppet-setup]] (run the puppet client two or three times until things converge.)
-
-* fix nsswitch for ud fu. (you might have to restart sshd here)
-{{{
- sed -i -e 's/^passwd:\[[:space:]]\+compat$/passwd: compat db/;
- s/^group:\[[:space:]]\+compat$/group: db compat/;
- s/^shadow:\[[:space:]]\+compat$/shadow: compat db/' \
- /etc/nsswitch.conf
- (cd / && env -i /etc/init.d/ssh restart)
-}}}
-
* on the host, run ud-replicate
{{{
- echo draghi.debian.org,draghi,db.debian.org,db,82.195.75.106,::ffff:82.195.75.106 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAy1mAS0xIOZH9OrJZf1Wv9qYORv5Z5fmpF0o8Y4IMdS+ZzTjN1Sl8M77jaFTJbumJNs+n2CMcX8CoMemQEPBoRe20a5t3dExPQ3c7FNU0z+WIVFbu/oTTkAWGp5gCDwF3pg2QxUjqYc0X4jpv6pkisyvisij6V/VJ5G1hsIMuKqrCKYyyyiJJytfzSfRrBx2QvB5ZWQxhYeSYDoLDvuF31qUy4TLZ/HR3qZQ1cBrP9dCh5d+GQxdY9LuO6zjlnSyU64GHkyjYt3p03AKG4plD7WHX01bD0DQQ/NOFVwFhOZ63mePyridPuqBMFW39jBf4jSsewV95RE5VbY04+MY4XQ== root@draghi >> /etc/ssh/ssh_known_hosts &&
+ echo draghi.debian.org,draghi,db.debian.org,db,82.195.75.106,::ffff:82.195.75.106,2001:41b8:202:deb:1a1a:0:52c3:4b6a ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAy1mAS0xIOZH9OrJZf1Wv9qYORv5Z5fmpF0o8Y4IMdS+ZzTjN1Sl8M77jaFTJbumJNs+n2CMcX8CoMemQEPBoRe20a5t3dExPQ3c7FNU0z+WIVFbu/oTTkAWGp5gCDwF3pg2QxUjqYc0X4jpv6pkisyvisij6V/VJ5G1hsIMuKqrCKYyyyiJJytfzSfRrBx2QvB5ZWQxhYeSYDoLDvuF31qUy4TLZ/HR3qZQ1cBrP9dCh5d+GQxdY9LuO6zjlnSyU64GHkyjYt3p03AKG4plD7WHX01bD0DQQ/NOFVwFhOZ63mePyridPuqBMFW39jBf4jSsewV95RE5VbY04+MY4XQ== root@draghi >> /etc/ssh/ssh_known_hosts &&
ud-replicate
}}}
* install debian.org which brings you shells and much other fun
{{{
- apt-get install debian.org debian.org-recommended
-}}}
-
-* On handel, make sure the certs exist for the new host
-{{{
- : :: handel :: : && sudo -u puppet make -C /srv/puppet.debian.org/ca/ install
+ apt-get install -y debian.org debian.org-recommended
}}}
* run puppet a couple times
{{{
- puppetd -t; puppetd -t; puppetd -t; puppetd -t
+ puppet agent -t; puppet agent -t; puppet agent -t; puppet agent -t
}}}
* try to login using your user and ssh key. you should get a homedir.
After that run puppet on puppetmaster once, so the ferm config get
adjusted.
- : __handel__ && puppetd -t --environment=production
+ : __handel__ && puppet agent -t --environment=production
: ::client:: && me=$(hostname -f) && [ "$me" != "${me%debian.org}" ] && apt-get update &&
apt-get install -y --no-install-recommends puppet libaugeas-ruby1.8 augeas-lenses lsb-release &&
- /etc/init.d/puppet stop &&
- (puppetd -t || true ) &&
+ service puppet stop &&
+ (puppet agent -t || true ) &&
cd /var/lib/puppet/ssl/certificate_requests &&
echo sha256sum output: && echo &&
sha256sum $me.pem &&
Then run (this will change the configs in /etc):
- : ::client:: && puppetd -t
+ : ::client:: && puppet agent -t --pluginsync
-This run will start puppet after reconfiguring it, so if you are
-unhappy with what just happened, you'll need to stop it again to do
+This run will start puppet after reconfiguring it, so if you are
+unhappy with what just happened, you'll need to stop it again to do
repair.
Double check apt - the puppet setup usually results in duplicate apt
sources, since we ship a few under sources.list.d. Remove any unnecessary
entries from sources.list.
+On handel, make sure the certs exist for the new host
+
+ : :: handel :: : && sudo -u puppet make -C /srv/puppet.debian.org/ca/ install
+
We ship a samhain config file that includes /lib and /usr/lib. This will
almost certainly be different than the config file on the machine, so it
will result in 1000s of files changed.
** bridge-utils (ditto)
** vlan (same)
** iproute
-** traceroute
-** emacs22-nox or emacs22
+** traceroute (inetutils-traceroute instead, available on all arches)
+** emacs22-nox or emacs22 (emacs23-nox or emacs23 instead)
** lshw
** mcelog (useful on kfreebsd?)
** lsof
-** timeout
-** strace
+** timeout (replaced by coreutils)
+** strace (ktrace instead)
== Operational ==
=== Broken Packages ===
-* molly-guard (ssh check broken) (<a href="http://bugs.debian.org/548099">#548099</a>)
-