Node Type: UIs
Firewall requirements
| local port | open to | reason |
|---|
Table of contents
Regular Maintenance work
Nagios
check UIs on t3nagios
User quota on /tmp /scratch ( but not super important )
When a new T3 user is created you have to run on each UI :
# kinit -k -t /root/afs-keytabs/svcusr-t3_puppet.keytab svcusr-t3_puppet@D.PSI.CH && aklog && ls -l /afs/psi.ch/service/linux/puppet/var/puppet/environments/DerekDevelopment/manifests && puppet apply --environment DerekDevelopment /afs/psi.ch/service/linux/puppet/var/puppet/environments/DerekDevelopment/manifests --modulepath=/afs/psi.ch/service/linux/puppet/var/puppet/environments/DerekDevelopment/modules --show_diff --color=false
Emergency Measures
The UIs servers run on the top of amdadm raid10, so they can survive to 1 broken disk ; to repair online the broken disk simply adapt this procedure NodeTypeWNsIntelS2600JF#Degraded_RAID1_or_Failed_RAID0 to these servers. Generally speaking all the mdadm operations apply.
Installation
Because of themdadm raid10 we should never get to the point where a reinstallation is needed ; anyhow the Puppet recipes are in /afs/psi.ch/service/linux/puppet/var/puppet/environments/DerekDevelopment/manifests : -
SL6_ui.pp -
SL6.pp -
tier3-baseclasses.pp - and the partition/raid10 layouts are
/afs/psi.ch/software/linux/dist/scientific/66/x86_64/custom/tier3/t3ui/ks-partition.cfg
alias ROOT='. /afs/cern.ch/sw/lcg/external/gcc/4.8/x86_64-slc6/setup.sh && . /afs/cern.ch/sw/lcg/app/releases/ROOT/5.34.26/x86_64-slc6-gcc48-opt/root/bin/thisroot.sh' alias cscsela='ssh -AX fmartine@ela.cscs.ch' alias cscslogin='ssh -AX fmartine@login.lcg.cscs.ch' alias cscspub='ssh -AX fmartinelli@pub.lcg.cscs.ch' alias dcache='ssh -2 -l admin -p 22224 t3dcachedb.psi.ch' alias dcache04='ssh -2 -l admin -p 22224 t3dcachedb04.psi.ch' alias gempty='git commit --allow-empty-message -m '\'''\''' alias kscustom54='cd /afs/psi.ch/software/linux/dist/scientific/54/custom' alias kscustom57='cd /afs/psi.ch/software/linux/dist/scientific/57/custom' alias kscustom60='cd /afs/psi.ch/software/linux/dist/scientific/60/custom' alias kscustom64='cd /afs/psi.ch/software/linux/dist/scientific/64/custom' alias kscustom66='cd /afs/psi.ch/software/linux/dist/scientific/66/x86_64/custom' alias ksdir='cd /afs/psi.ch/software/linux/kickstart/configs' alias ksprepostdir='cd /afs/psi.ch/software/linux/dist/scientific/60/kickstart/bin' alias l.='ls -d .* --color=auto' alias ll='ls -l --color=auto' alias ls='ls --color=tty' alias mc='. /usr/libexec/mc/mc-wrapper.sh' alias pdir='cd /afs/psi.ch/service/linux/puppet/var/puppet/environments/DerekDevelopment/' alias pdirf='cd /afs/psi.ch/service/linux/puppet/var/puppet/environments/FabioDevelopment/' alias pdirmanifests='cd /afs/psi.ch/service/linux/puppet/var/puppet/environments/DerekDevelopment/manifests/' alias pdirredhat='cd /afs/psi.ch/service/linux/puppet/var/puppet/environments/DerekDevelopment/modules/Tier3/files/RedHat' alias pdirsolaris='cd /afs/psi.ch/service/linux/puppet/var/puppet/environments/DerekDevelopment/modules/Tier3/files/Solaris/5.10' alias vi='vim' alias which='alias | /usr/bin/which --tty-only --read-alias --show-dot --show-tilde' alias yumdir5='cd /afs/psi.ch/software/linux/dist/scientific/57/scripts' alias yumdir6='cd /afs/psi.ch/software/linux/dist/scientific/6/scripts' alias yumdir7='cd /afs/psi.ch/software/linux/dist/scientificlinux/7x/x86_64/Tier3/all' alias yumdir7old='cd /afs/psi.ch/software/linux/dist/scientific/70.PLEASE_DO_NOT_USE_AND_DO_NOT_RENAME/scripts'
10Gbs Net
Hello Fabio ( From Frank.Lendzian@psi.ch ) The following Patches are now prepared: 13-18666,13-18667,19-18668 They are connected to FEX105 Port 20,21,22 The Ports are configured to Vlan 410
Services
Basically only SSHd. netstat -tupl
Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 localhost:6012 *:* LISTEN 187500/sshd tcp 0 0 localhost:6013 *:* LISTEN 42521/sshd tcp 0 0 localhost:6014 *:* LISTEN 189056/sshd tcp 0 0 localhost:6015 *:* LISTEN 189378/sshd tcp 0 0 *:40127 *:* LISTEN - tcp 0 0 localhost:6016 *:* LISTEN 2263/sshd tcp 0 0 *:39808 *:* LISTEN 6294/rpc.statd tcp 0 0 *:7937 *:* LISTEN 7244/nsrexecd tcp 0 0 localhost:6018 *:* LISTEN 194482/sshd tcp 0 0 *:7938 *:* LISTEN 7244/nsrexecd tcp 0 0 *:5666 *:* LISTEN 7101/nrpe tcp 0 0 localhost:smux *:* LISTEN 6633/snmpd tcp 0 0 *:8008 *:* LISTEN 7244/nsrexecd tcp 0 0 *:8649 *:* LISTEN 7092/gmond tcp 0 0 *:fs-agent *:* LISTEN 7244/nsrexecd tcp 0 0 *:sunrpc *:* LISTEN 6272/rpcbind tcp 0 0 *:ssh *:* LISTEN 6650/sshd tcp 0 0 localhost:x11-ssh-offset *:* LISTEN 160721/sshd tcp 0 0 *:45498 *:* LISTEN - tcp 0 0 localhost:6011 *:* LISTEN 185231/sshd udp 0 0 *:sunrpc *:* 6272/rpcbind udp 0 0 *:ipp *:* 6099/portreserve udp 0 0 t3ui01.psi.ch:ntp *:* 6661/ntpd udp 0 0 localhost:ntp *:* 6661/ntpd udp 0 0 *:ntp *:* 6661/ntpd udp 0 0 *:7938 *:* 7244/nsrexecd udp 0 0 localhost:syslog *:* 6122/syslog-ng udp 0 0 *:snmp *:* 6633/snmpd udp 0 0 *:931 *:* 6272/rpcbind udp 0 0 *:37028 *:* 6294/rpc.statd udp 0 0 *:38950 *:* - udp 0 0 localhost:958 *:* 6294/rpc.statd udp 0 0 *:bootpc *:* 6027/dhclient udp 0 0 *:afs3-callback *:* -
Backups
Not needed.| NodeTypeForm | |
|---|---|
| Hostnames | t3ui0[1,2,3] |
| Services | ssh, freeNX |
| Hardware | Dalco |
| Install Profile | t3uisl6 |
| Guarantee/maintenance until | 09.2019 |
Topic revision: r7 - 2016-11-08 - FabioMartinelli
CmsTier3
CmsTier3 Web
Create New Topic
Index
Search
Changes
Notifications
Statistics
Preferences
Home 
Site map
CmsTier3 web
RSS Feed
Account 
Copyright © 2008-2024 by the contributing authors. All material on this collaboration platform is the property of the contributing authors. Ideas, requests, problems regarding TWiki? Send feedback