You are viewing a plain text version of this content. The canonical link for it is here.
Posted to tashi-commits@incubator.apache.org by mr...@apache.org on 2009/09/04 20:10:18 UTC
svn commit: r811530 - in /incubator/tashi/site:
docs/documentation-cluster.html xdocs/documentation-cluster.xml
Author: mryan3
Date: Fri Sep 4 20:10:17 2009
New Revision: 811530
URL: http://svn.apache.org/viewvc?rev=811530&view=rev
Log:
Additional DHCP and DNS configuration documentation
Modified:
incubator/tashi/site/docs/documentation-cluster.html
incubator/tashi/site/xdocs/documentation-cluster.xml
Modified: incubator/tashi/site/docs/documentation-cluster.html
URL: http://svn.apache.org/viewvc/incubator/tashi/site/docs/documentation-cluster.html?rev=811530&r1=811529&r2=811530&view=diff
==============================================================================
--- incubator/tashi/site/docs/documentation-cluster.html (original)
+++ incubator/tashi/site/docs/documentation-cluster.html Fri Sep 4 20:10:17 2009
@@ -178,7 +178,38 @@
ipRange1001 = 172.16.1.10-172.16.1.19
reverseDns = True
</pre></div>
- <p>Most of the options are pretty self-explanitory, but the ipRanges are perhaps not. In our environment, the IPs are actually selected by the Tashi scheduler so that information can be given to the DHCP server. This is done so that a guest can get its host name from the DHCP server at boot time instead of getting a randomly assigned IP and no hostname. Additionally, the number after ipRange specifies which network id that IP range is for.</p>
+ <p>Most of the options are pretty self-explanitory, but the ipRanges are perhaps not. In our environment, the IPs are actually selected by the Tashi scheduler so that information can be given to the DHCP server. This is done so that a guest can get its host name from the DHCP server at boot time instead of getting a randomly assigned IP and no hostname. Additionally, the number after ipRange (999 in "ipRange999") specifies which network id that the IP range is for.</p>
+ <p>As a point of reference, the Open Cirrus cluster at ILP uses bind 9.4.2 and ISC's dhcpd 3.0.6. An example command that can be used to generate a DHCP and DNS key and the relevant parts of the config files are below.</p>
+ <p>Key generation:</p>
+ <div class="lit"><pre>
+root@merkabah:# dnssec-keygen -a HMAC-MD5 -b 128 -n HOST merkabah
+</pre></div>
+ <p>/etc/bind/named.conf.local:</p>
+ <div class="lit"><pre>
+key merkabah { algorithm hmac-md5; secret "ABcdEf12GhIJKLmnOpQrsT=="; };
+
+zone "bigdata.research.intel-research.net" {
+ type master;
+ file "/etc/bind/db.bigdata.research.intel-research.net";
+ allow-update { key merkabah; };
+};
+
+zone "16.172.in-addr.arpa" {
+ type master;
+ file "/etc/bind/db.172.16";
+ allow-update { key merkabah; };
+};
+</pre></div>
+ <p>/etc/dhcp3/dhcpd.conf:</p>
+ <div class="lit"><pre>
+use-host-decl-names on;
+key merkabah {
+ algorithm hmac-md5;
+ secret ABcdEf12GhIJKLmnOpQrsT==;
+};
+omapi-key merkabah;
+omapi-port 7911;
+</pre></div>
<h3>Host Networking</h3>
<p>Depending on the networking setup that is present in your environment, you may or may not have to support multiple VLANs. If there is only one LAN on which VMs will be placed, the networking will be relatively simple. Start by creating a bridge device that will connect the physical network card with the VMs. In this case, the /etc/network/interfaces file looks like the following:</p>
<div class="lit"><pre>
Modified: incubator/tashi/site/xdocs/documentation-cluster.xml
URL: http://svn.apache.org/viewvc/incubator/tashi/site/xdocs/documentation-cluster.xml?rev=811530&r1=811529&r2=811530&view=diff
==============================================================================
--- incubator/tashi/site/xdocs/documentation-cluster.xml (original)
+++ incubator/tashi/site/xdocs/documentation-cluster.xml Fri Sep 4 20:10:17 2009
@@ -124,7 +124,42 @@
reverseDns = True
</pre></div>
-<p>Most of the options are pretty self-explanitory, but the ipRanges are perhaps not. In our environment, the IPs are actually selected by the Tashi scheduler so that information can be given to the DHCP server. This is done so that a guest can get its host name from the DHCP server at boot time instead of getting a randomly assigned IP and no hostname. Additionally, the number after ipRange specifies which network id that IP range is for.</p>
+<p>Most of the options are pretty self-explanitory, but the ipRanges are perhaps not. In our environment, the IPs are actually selected by the Tashi scheduler so that information can be given to the DHCP server. This is done so that a guest can get its host name from the DHCP server at boot time instead of getting a randomly assigned IP and no hostname. Additionally, the number after ipRange (999 in "ipRange999") specifies which network id that the IP range is for.</p>
+
+<p>As a point of reference, the Open Cirrus cluster at ILP uses bind 9.4.2 and ISC's dhcpd 3.0.6. An example command that can be used to generate a DHCP and DNS key and the relevant parts of the config files are below.</p>
+
+<p>Key generation:</p>
+<div class="lit"><pre>
+root@merkabah:# dnssec-keygen -a HMAC-MD5 -b 128 -n HOST merkabah
+</pre></div>
+
+<p>/etc/bind/named.conf.local:</p>
+<div class="lit"><pre>
+key merkabah { algorithm hmac-md5; secret "ABcdEf12GhIJKLmnOpQrsT=="; };
+
+zone "bigdata.research.intel-research.net" {
+ type master;
+ file "/etc/bind/db.bigdata.research.intel-research.net";
+ allow-update { key merkabah; };
+};
+
+zone "16.172.in-addr.arpa" {
+ type master;
+ file "/etc/bind/db.172.16";
+ allow-update { key merkabah; };
+};
+</pre></div>
+
+<p>/etc/dhcp3/dhcpd.conf:</p>
+<div class="lit"><pre>
+use-host-decl-names on;
+key merkabah {
+ algorithm hmac-md5;
+ secret ABcdEf12GhIJKLmnOpQrsT==;
+};
+omapi-key merkabah;
+omapi-port 7911;
+</pre></div>
<h3>Host Networking</h3>