LISTSERV 16.5 - QSERV-L Archives

Hi,

After some discussions with Mattieu, Benoit and Jerome, we plan to deploy: 

1) a new qserv build / interactive machine with the following requirements: 

* SL7
* Public IP address. Note however that you will have to provide the IP adress of the clients (or a subnetwork @ SLAC) from which you plan to login to this build machine.
* This machine will be used as the _only_ access point to the qserv cluster through SSH. If you need more interactive/build nodes, please let us know.
* password and kerberos (eg. principal: [log in to unmask]) authentications enabled.
* access to your AFS home directories (eg. /afs/in2p3.fr/home/f/fjammes).
* qserv local account (home directory: /home/qserv)
* sudo -u qserv enabled on this machine.
* SPS enabled.
* Screen package deployed on this machine.
* I guess that this machine will be used mainly to compile the qserv software, to check that the software is running correctly, and to generate RPMs. Anything else? 


2) The qserv cluster itself (ccqserv0[10-49]): 

* SL7
* Private subnetwork (no access to outside CC-IN2P3).
* Kerberos (and password) authentications enabled. Note that you will have to use your kerberos token to access these nodes without password.
* Access to your AFS home directories (eg. /afs/in2p3.fr/home/f/fjammes).
* qserv local account (home directory: /home/qserv)
* sudo -u qserv enabled on these machines.
* SPS enabled
* Deployment of the qserv sofware through puppet using RPMs. Note that I didn't try to generate a RPM yet (no time for that until now :p)


Moreover: 

* 3 puppet profiles: build/interactive, master and slave.

* Note that we don't want to let you use SSH key authentication as qserv user for traceability reasons. 

* You asked me if it would be possible to open all the ports between the build node and the qserv cluster. Could you be more precise please? We will open only ports you really need only, so please give us a list of ports.

* Why do you need a NFS server on a Qserv build node? Since we plan to configure SPS on this node (and on the qserv cluster), I guess that your requirement is useless, right? 

* I agree that we should have a short meeting in the coming days. However, I am not really available a 16:00... We could do that later in the afternoon or in the evening (until midnight for me) if you are available.

Please let me know quickly if you still have new requirements or questions.

Cheers,

Yvan



---
Yvan Calas
CC-IN2P3 -- Storage Group
21 Avenue Pierre de Coubertin
CS70202
F-69627 Villeurbanne Cedex
Tel: +33 4 72 69 41 73


########################################################################
Use REPLY-ALL to reply to list

To unsubscribe from the QSERV-L list, click the following link:
https://listserv.slac.stanford.edu/cgi-bin/wa?SUBED1=QSERV-L&A=1