Difference between revisions of "Prometheus.uio.no"
From medicin.ncmm.IT
(→Configuring the network) |
(→Set up firewall on panoptis.uiono) |
||
Line 136: | Line 136: | ||
</pre> | </pre> | ||
− | ==== Set up firewall on panoptis. | + | ==== Set up firewall on panoptis.uio.no ==== |
<pre> | <pre> |
Revision as of 15:56, 17 July 2019
prometheus.uio.no is the front-end node for the NCMM cryoSPARC platform.
cryoSPARC is a platform used for obtaining 3D structural information from single-particle cryoEM data
Contents
Preparing the host
from jump-biotek, after pxebooting and installing the OS:
ssh prometheus.uio.no
Configuring the virsh serial port for the guest OS
cp /etc/default/grub /etc/default/grub.orig vi /etc/default/grub insert the following lines for serial console: GRUB_TIMEOUT=5 GRUB_DISTRIBUTOR="$(sed 's, release .*$,,g' /etc/system-release)" GRUB_DEFAULT=saved GRUB_DISABLE_SUBMENU=true GRUB_TERMINAL_OUTPUT="console serial" GRUB_CMDLINE_LINUX="crashkernel=auto rd.lvm.lv=internvg/root rd.lvm.lv=internvg/swap rd.lvm.lv=internvg/usr console=tty1 console=ttyS0,115200" GRUB_SERIAL_COMMAND="serial --speed=115200 --unit=0 --word=8 --parity=no --stop=1" GRUB_DISABLE_RECOVERY="true" cp /boot/grub2/grub.cfg /boot/grub2/grub.cfg.orig grub2-mkconfig -o /boot/grub2/grub.cfg systemctl reboot
Installing base-line software and prerequisites
yum install -y fail2ban* vim* etckeeper* git* collectd* lm_* ncdu bzip2 lsof --skip-broken
Allocating extra space for the /lsc partition
parted /dev/vdb (parted) mklabel gtp New disk label type? gpt mkpart primary xfs 1 -1 (parted) p Model: Virtio Block Device (virtblk) Disk /dev/vdb: 42.9GB Sector size (logical/physical): 512B/512B Partition Table: gpt Disk Flags: Number Start End Size File system Name Flags 1 1049kB 42.9GB 42.9GB primary (parted) quit Information: You may need to update /etc/fstab. quit
Format the partition
[root@prometheus ~]# mkfs.xfs /dev/vdb1 meta-data=/dev/vdb1 isize=512 agcount=4, agsize=2621312 blks = sectsz=512 attr=2, projid32bit=1 = crc=1 finobt=0, sparse=0 data = bsize=4096 blocks=10485248, imaxpct=25 = sunit=0 swidth=0 blks naming =version 2 bsize=4096 ascii-ci=0 ftype=1 log =internal log bsize=4096 blocks=5119, version=2 = sectsz=512 sunit=0 blks, lazy-count=1 realtime =none extsz=4096 blocks=0, rtextents=0 [root@prometheus ~]# blkid /dev/vdb1 /dev/vdb1: UUID="450b41db-e9a4-49df-beb5-d4ccef7461a3" TYPE="xfs" PARTLABEL="primary" PARTUUID="d189b7ce-c419-4457-9281-13b9f988caa6"
Test the partition and mount it
#add an auxiliary space under /lsc vi /etc/fstab #RT 3485324 UUID=450b41db-e9a4-49df-beb5-d4ccef7461a3 /lsc xfs defaults 0 0 mount /dev/vdb1 /lsc df -h umount /lsc mount -a df -h
Misc settings for comfortable editing
vi ~/.vimrc 1 syntax enable 2 set tabstop=4 3 set softtabstop=4 4 set expandtab 5 set number 6 set showcmd " show command in bottom bar 7 set cursorline " highlight current line 8 filetype indent on " load filetype-specific indent files 9 set wildmenu 10 set showmatch 11 set incsearch " search as characters are entered 12 set hlsearch " highlight matches 13 nnoremap <leader><space> :nohlsearch<CR> 14 " set foldenable " enable folding 15 " set foldlevelstart=10 " open most folds by default 16 " set foldnestmax=10 " 10 nested fold max 17 " space open/closes folds 18 nnoremap <space> za 19 " set foldmethod=indent " fold based on indent level vi ~/.bashrc alias ls='LC_ALL=C ls --color=auto --literal --human-readable --group-directories-first --classify'
Configuring collectd
General configuration
systemctl stop collectd systemctl enable collectd ssh prometheus.uio.no cp /etc/collectd.conf /etc/collectd.conf.orig scp ~georgmar/ncmm/files/etc/collectd.conf prometheus:/etc/collectd.conf vi /etc/collectd.conf :s/TEMPLATEHOST\.uio\.no/prometheus.uio.no/g :s/TEMPLATEINTHOST\.internal\.biotek/intprometheus.internal.biotek/g :wq /usr/sbin/collectd -T systemctl start collectd
Set up firewall on panoptis.uio.no
ssh root@panoptis -- "firewall-cmd --permanent --zone=public --add-rich-rule='rule family="ipv4" source address="192.168.8.144/32" port port=2003 protocol="tcp" accept' && firewall-cmd --reload" ssh root@panoptis -- "firewall-cmd --permanent --zone=public --add-rich-rule='rule family="ipv4" source address="192.168.8.144/32" port port=2004 protocol="tcp" accept' && firewall-cmd --reload"