Difference between revisions of "Prometheus.uio.no"

From medicin.ncmm.IT
Jump to: navigation, search
(Configuring the network)
(Set up firewall on panoptis.uiono)
Line 136: Line 136:
 
</pre>
 
</pre>
  
==== Set up firewall on panoptis.uiono ====
+
==== Set up firewall on panoptis.uio.no ====
  
 
<pre>
 
<pre>

Revision as of 15:56, 17 July 2019

prometheus.uio.no is the front-end node for the NCMM cryoSPARC platform.


cryoSPARC is a platform used for obtaining 3D structural information from single-particle cryoEM data

Preparing the host

from jump-biotek, after pxebooting and installing the OS:

ssh prometheus.uio.no

Configuring the virsh serial port for the guest OS

cp /etc/default/grub /etc/default/grub.orig
vi /etc/default/grub 
insert the following lines for serial console:
GRUB_TIMEOUT=5
GRUB_DISTRIBUTOR="$(sed 's, release .*$,,g' /etc/system-release)"
GRUB_DEFAULT=saved
GRUB_DISABLE_SUBMENU=true
GRUB_TERMINAL_OUTPUT="console serial"
GRUB_CMDLINE_LINUX="crashkernel=auto rd.lvm.lv=internvg/root rd.lvm.lv=internvg/swap rd.lvm.lv=internvg/usr console=tty1 console=ttyS0,115200"
GRUB_SERIAL_COMMAND="serial --speed=115200 --unit=0 --word=8 --parity=no --stop=1"
GRUB_DISABLE_RECOVERY="true"

cp /boot/grub2/grub.cfg /boot/grub2/grub.cfg.orig
grub2-mkconfig -o /boot/grub2/grub.cfg
systemctl reboot

Installing base-line software and prerequisites

yum install -y fail2ban* vim* etckeeper* git* collectd* lm_* ncdu bzip2 lsof --skip-broken

Allocating extra space for the /lsc partition

parted /dev/vdb
(parted) mklabel gtp
New disk label type? gpt
mkpart primary xfs 1 -1
(parted) p
Model: Virtio Block Device (virtblk)
Disk /dev/vdb: 42.9GB
Sector size (logical/physical): 512B/512B
Partition Table: gpt
Disk Flags: 

Number Start End Size File system Name Flags
1 1049kB 42.9GB 42.9GB primary

(parted) quit 
Information: You may need to update /etc/fstab.
quit


Format the partition

[root@prometheus ~]# mkfs.xfs /dev/vdb1 
meta-data=/dev/vdb1 isize=512 agcount=4, agsize=2621312 blks
= sectsz=512 attr=2, projid32bit=1
= crc=1 finobt=0, sparse=0
data = bsize=4096 blocks=10485248, imaxpct=25
= sunit=0 swidth=0 blks
naming =version 2 bsize=4096 ascii-ci=0 ftype=1
log =internal log bsize=4096 blocks=5119, version=2
= sectsz=512 sunit=0 blks, lazy-count=1
realtime =none extsz=4096 blocks=0, rtextents=0
[root@prometheus ~]# blkid /dev/vdb1 
/dev/vdb1: UUID="450b41db-e9a4-49df-beb5-d4ccef7461a3" TYPE="xfs" PARTLABEL="primary" PARTUUID="d189b7ce-c419-4457-9281-13b9f988caa6" 

Test the partition and mount it


#add an auxiliary space under /lsc
vi /etc/fstab
#RT 3485324
UUID=450b41db-e9a4-49df-beb5-d4ccef7461a3 /lsc xfs defaults 0 0
mount /dev/vdb1 /lsc
df -h
umount /lsc
mount -a
df -h

Misc settings for comfortable editing

 
vi ~/.vimrc

1 syntax enable
2 set tabstop=4
3 set softtabstop=4
4 set expandtab
5 set number
6 set showcmd " show command in bottom bar
7 set cursorline " highlight current line
8 filetype indent on " load filetype-specific indent files
9 set wildmenu
10 set showmatch
11 set incsearch " search as characters are entered
12 set hlsearch " highlight matches
13 nnoremap <leader><space> :nohlsearch<CR>
14 " set foldenable " enable folding
15 " set foldlevelstart=10 " open most folds by default
16 " set foldnestmax=10 " 10 nested fold max
17 " space open/closes folds
18 nnoremap <space> za
19 " set foldmethod=indent " fold based on indent level

vi ~/.bashrc
alias ls='LC_ALL=C ls --color=auto --literal --human-readable --group-directories-first --classify'

Configuring collectd

General configuration

systemctl stop collectd
systemctl enable collectd
ssh prometheus.uio.no cp /etc/collectd.conf /etc/collectd.conf.orig
scp ~georgmar/ncmm/files/etc/collectd.conf prometheus:/etc/collectd.conf
vi /etc/collectd.conf
:s/TEMPLATEHOST\.uio\.no/prometheus.uio.no/g
:s/TEMPLATEINTHOST\.internal\.biotek/intprometheus.internal.biotek/g
:wq
/usr/sbin/collectd -T
systemctl start collectd

Set up firewall on panoptis.uio.no

ssh root@panoptis -- "firewall-cmd --permanent --zone=public --add-rich-rule='rule family="ipv4" source address="192.168.8.144/32" port port=2003 protocol="tcp" accept' && firewall-cmd --reload"
ssh root@panoptis -- "firewall-cmd --permanent --zone=public --add-rich-rule='rule family="ipv4" source address="192.168.8.144/32" port port=2004 protocol="tcp" accept' && firewall-cmd --reload"