SL:Virtual Machines: Unterschied zwischen den Versionen
imported>Burghardt |
imported>Burghardt |
||
Zeile 257: | Zeile 257: | ||
Todo: |
Todo: |
||
* "ssh user@tmgsimd" takes ''very'' long to display the password prompt. Obviously it runs into a 30 second timeout. But what is it waiting for? |
* "ssh user@tmgsimd" takes ''very'' long to display the password prompt. Obviously it runs into a 30 second timeout. But what is it waiting for? |
||
− | * vm-tools - Udo will do |
||
== See also == |
== See also == |
Aktuelle Version vom 7. Februar 2014, 14:24 Uhr
Current state
02.2014:
- tmgsim1 - dead
- tmgsim2 - dead
- tmgsim3 - dead
- tmgsim4 - Available, Windows/Gwdg
- tmgsim5 - power down, Roman Seibel
- tmgsim6 - power down, Udo Burghardt - useable by everyone
- tmgsim7 - power down, Ansgar Kellner
- tmgsim8 - power down, Youssef Shehadeh
- tmgsim9 - power down, Saleh Al-Shadly
- tmgsima - Available, Udo Burghardt
- tmgsimd - Available, Omar Alfandi + Arne Bochem
Additional infrastructure machines:
- slgm - Gateway
- zabbix3 - Monitoring attempt
- vma1 - vmware assistant
Virtual Machines
tmgsim1.sl.tmg.loc - Windows 7
Quad Core, 6 GiB Ram. 32 GB Disk, transparent access to AFS Storage.
Installation
Example walkthrough with a windows machine:
Windows 7 Professional 64 bit, english Internal name: win7sim1 Manually set IP Address to 172.29.22.201 / 16 on the first run. Update 07.2011: DHCP delivers 192.168.22.61 Because this would NOT work with Qualnet (only 172.22./16 as client address range has been bought) switch to bridged mode and to DHCP with DNS tmgsim1.tmg.loc
Disable IPv6 Enable ICMP in Firewall <reboot> Enable Remote Desktop with "any version"
Install Firefox
Microsoft: 2 Important Updates <reboot> Microsoft: 62 (!) Important Updates in several steps <reboot> Install Notepad++ 5.8.7 Install Updatechecker 1.038 Firefox: Prefbar
Activate Windows. Licenses are available from MSDNAA
Install KfW 3.2.2 32bit + 64bit Install Network Identity Manager 2.0.102 32bit + 64bit Install OpenAFS 1.5.78 64bit
Change Computer Name --> UG-UMINTMGSIM1 to join Active Directoy (The DNS Name stays tmgsim1.tmg.loc though!) Update 07.2011: tmgsim1.sl.tmg.loc Join Active Directory (one needs to be a Domain Admin to do so)
Granted Remote Desktop manually (no groups mechanism available in AD for this task) access to:
- akellne
- oalfand
- shartung
- staheri
- yelhajj
- geyu -- local user account, no Admin. (Local due to problems with
UG-STUDENT
.) - uburgha
- gtest2 -- user only, no Admin
- c.wehrberger
- pmemarm
I've put these five user accounts into group ADMINISTRATORS
! This way it is possible to log in with gwdg\username
also for administrative tasks.
Please note that only one single user can run a Remote Desktop session at any given time. If you want to share a single virtual machine you need to create yourself a schedule...
Installed Qualnet 5.0.1 connected to license server. Tested usage from a remote site as described below.
Multiple-User access
- it is possible to run applications in the background without being logged in: you may close the Remote Desktop window and leave everything running!
- ONLY ONE user can have an established Remote Desktop connection at any given point in time.
- when a second user tries to connect the first one will get a message box.
- the first user has the priority. He may simply deny lo loose his connection.
- if that first user is not watching his terminal then an automatically implied answer is "yes, loosing the connection is ok for me"!
- there are ONLY TWO Qualnet licenses. You need to talk with each other to schedule usage of these.
Remote Access from outside
The system is reachable only from inside the Institute's LAN.
The Remote Desktop inside the guest is configured in the default manner, listening on standard port 3389.
You may login to login.informatik.uni-goettingen.de
(Staff only. Students and staff may use login.stud.informatik.uni-goettingen.de
) and forward any unused local port (e.g. 12345) to
tmgsim1.sl.tmg.loc:3389 (Updated 07.2011)
- on unixoid OS' use
ssh -L 12345:tmgsim1.sl.tmg.loc:3389 user@login.informatik.uni-goettingen.de
- on Windows you may use PuTTY, see https://intra.informatik.uni-goettingen.de/wiki/index.php/SshTunnel for a screenshot showing forwarding a port.
The result is the same: with this tunnel established it is possible to use the standard Remote Desktop application to connect to localhost:12345
.
For Linux run something like this:
~$ rdesktop -u gwdg\\username -g1200x1000 -a16 localhost:12345
Updates
Someone should be responsible for keeping the system up-to-date!
- Udo, 26.04.2011
Several Windows Updates Firefox 3.6.13 --> 3.6.16 --> 4.0 IE 9 Notepad++ 5.8.7 --> 5.9 Java 1.6.0.24 --> 1.6.0.25
- Udo 07.2011 Network jumping 172.xxx --> 192.168.22.x
tmgsim2.sl.tmg.loc
Deleted...
tmgsim3.sl.tmg.loc
Deleted...
tmgsim4.sl.tmg.loc
ESXi: once again Windows 7 Prof, english, 64bit, new installation because the Migration from the old Virtualbox-Containers is not as simple as expected...
Fresh Installation (was temporary 172.22.98.204, now 192.168.22.64)
Qualnet 5.0.2Integration in Gwdg / Active Directory Enable Remote Access for individually picked accounts Enable All ICMPv4 (for ping-Tests)
Remote Access is granted only for a few users:
C:\Users\lu>net localgroup "Remote Desktop Users" Alias name Remote Desktop Users Comment Members in this group are granted the right to logon remotely Members ----------------------------------------------------------------------------- GWDG\akellne GWDG\gtest2 GWDG\oalfand GWDG\pmemarm GWDG\shartun GWDG\staheri GWDG\uburgha GWDG\yelhajj UG-STUDENT\c.wehrberger UG-STUDENT\hang.zhang1 UG-STUDENT\s.hosseini1 The command completed successfully.
Administrator rights may be granted on demand ---> User:Burghardt
tmgsim5.sl.tmg.loc
Roman Seibel:
Ubuntu 11.04 Natty Server, 64bit, 4GiB Ram, Dual Core, 16GB Disk
tmgsim6.sl.tmg.loc
Udo:
Ubuntu 11.04 Natty Serverdebian Squeeze, 32bit, 1GiB Ram, Dual Core, 8 GB Disk
- useable by everyone, including OpenAFS $HOME
~$ ssh -p 22222 ub@tmgsim6.sl.tmg.loc ub@tmgsim6.sl.tmg.loc's password: Linux tmgsim6 2.6.32-5-686 #1 SMP Sun Sep 23 09:49:36 UTC 2012 i686 // // tmgsim6.sl.tmg.loc // ub@tmgsim6:~$ pwd /afs/informatik.uni-goettingen.de/user/u/ub
tmgsim7.sl.tmg.loc
Ansgar Kellner:
Ubuntu 11.04 Natty Server, 32bit, 4GiB Ram, Dual Core, 12 GB Disk
tmgsim8.sl.tmg.loc
Youssef El Hajj Shehadeh:
Ubuntu 11.10 Oneiric Server, 32bit, 2GiB Ram, Dual Core, 32 GB Disk
# host tmgsim8.sl.tmg.loc tmgsim8.sl.tmg.loc has address 192.168.22.68
Local accounts only (no ldap/kerberos/...)
tmgsim9.sl.tmg.loc
Saleh Al-Shadley:
Ubuntu 11.10 Oneiric Server, 32bit, 1GiB Ram, 8 GB Disk
tmgsima
Udo Burghardt
tmgsimd.sl.tmg.loc
02.2014: Linux simulation machine. Omar Alfandi / Arne Bochem
Requested configuration: 6GiB Ram + 100 GB disk -- this a "no backup" system.
Delivered:
- 2 * Dual Core Xeon @ 2.4 GHz (= four cores)
- 4 GiB Ram (6 GiB requested, will only deliver if machine does actually swap.)
- 4 GB disk for operating system
- 100 GB disk for simulation data, mounted on /srv
Though Ubuntu 14.04 is not finished yet I decided to give it a try
server-amd64-daily-build-20140207.iso
tmgsimd.sl.tmg.loc has address 192.168.22.70
Local (installation-time) user: lu
echo "apt-get update && apt-get -d -y dist-upgrade">/usr/local/sbin/gu && chmod +x /usr/local/sbin/gu apt-get dist-upgrade 2>&1 | tee -a /var/log/apt/apt-get-upgrade_$(date +%F).log
apt-get install htop jed mc lsof uptimed screen byobu molly-guard update-notifier-common exim4 apt-get install libnss-ldap libpam-ldap auth-client-config ldap-auth-client ldap-auth-config apt-get install krb5-config krb5-user krb5-multidev libpam-krb5 openafs-krb5 apt-get install openafs-client openafs-krb5 nscd
id user # funktioniert kinit user # funktioniert aklog # funktioniert nun
scp gtest2@login.stud.informatik.uni-goettingen.de:/etc/pam.d/* /etc/pam.d/ apt-get install libpam-afs-session apt-get install libpam-ck-connector libpam-cap
Test:
~$ ssh gtest2@tmgsimd.sl.tmg.loc pwd gtest2@tmgsimd.sl.tmg.loc's password: /afs/informatik.uni-goettingen.de/user/g/gtest2
Access restriction: access granted for all senslab user:
cat /etc/security/access.conf -:stud:ALL +:senslab tmg admins:ALL -:ALL EXCEPT root:ALL getent group senslab senslab:*:6172:ub,ashah,c.wehrberger,mohamad.hotait,felipe.cadenamuniz,s.hosseini1,shartun,hang.zhang1,arne.bochem,araha,pmemarm,hbrosen,gtest2,oalfandi,brosenne,pmemarmo,taheri,kellner,sensorlab,uburgha,rseibel
Is the above list real??? Who is responsible for removing them??? -- tell Udo
root access granted via sudo:
getent group sudo sudo:x:27:lu,oalfandi,arne.bochem
Disks:
df -h |grep sd /dev/sda1 3.9G 1.3G 2.5G 35% / /dev/sdb1 99G 60M 94G 1% /srv
Todo:
- "ssh user@tmgsimd" takes very long to display the password prompt. Obviously it runs into a 30 second timeout. But what is it waiting for?
See also
- SL:tmg94 -- the host
- SL:Remote Access
- SL:Topology