Difference between revisions of "CoE Cluster november 2011/Dell Cluster installation"
From Teknologisk videncenter
m (→IPTABLES) |
m (→IPTABLES) |
||
| Line 54: | Line 54: | ||
# Fjern alle tidligere regler | # Fjern alle tidligere regler | ||
| − | $FW -F | + | $FW -F INPUT |
| + | $FW -F OUTPUT | ||
| + | $FW -F FORWARD | ||
| + | $FW -F -t nat | ||
| + | |||
# Sæt default politik til afvisning | # Sæt default politik til afvisning | ||
Revision as of 12:33, 8 November 2011
Contents
Hardware
Each group installs Ubuntu 10.10 32 bit on four Dell PowerEdge 1750 bladeserver with 36,5GB harddisk.
Filesystem
- / filesystem 2 GB primary
- /tmp filesystem 5 GB logical
- /var filesystem 5 GB primary
- /usr filesystem 6 GB logical
- swap filesystem 2 GB logical
- /home filesystem remaining space
Updating Ubuntu
Update
sudo bash
apt-get update
apt-get upgradeList installed packages
Number of installed packages
root@newclusterh:~# <input>dpkg --get-selections | wc -l</input>
962Searching installed packages
root@newclusterh:~# <input>dpkg --get-selections | grep nfs</input>
libnfsidmap2 install
nfs-common install
nfs-kernel-server install
root@newclusterh:~# <input>dpkg -L nfs-common</input>
/.
/etc
/etc/init.d
/etc/init
/etc/init/statd.conf
/etc/init/statd-mounting.conf
/etc/init/rpc_pipefs.conf
/etc/init/gssd.conf
<notice>...OUTPUT OMITTED...</notice>IPTABLES
#!/bin/bash
#
# Start firewall
#
# Tillader ping indefra og ud.
# Lukker for al anden trafik.
# Diverse erklæringer
FW=iptables
INT_NET="10.0.0.0/24"
EXT_NET="172.16.4.0/24"
EXT_IP="172.16.4.99"
EXT_IF="eth0"
# Fjern alle tidligere regler
$FW -F INPUT
$FW -F OUTPUT
$FW -F FORWARD
$FW -F -t nat
# Sæt default politik til afvisning
$FW -P FORWARD ACCEPT
# Tillad ping indefra
$FW -A FORWARD -s $INT_NET -p icmp --icmp-type echo-request -j ACCEPT
# Tillad pong udefra
$FW -A FORWARD -d $INT_NET -p icmp --icmp-type echo-reply -j ACCEPT
# Source NAT på udgående pakker
$FW -t nat -A POSTROUTING -o $EXT_IF -s $INT_NET -j SNAT --to-source $EXT_IP