Client Configuration

From Nuclear Physics Group Documentation Pages
Jump to navigationJump to search

Follow these step-by-step instructions to configure a new client system on the NPG network. These are the basic instructions and probably don't include absolutely every step you need to take to configure a client in every situation, but they should get you most of the way there.

Pre-Install Preparation

Here are some things you should know before you start installing Linux on a system.

Choose a Partition Layout

For most general purpose workstations it's safe to accept the default partition layout from the installer (in most cases this makes a 100 MB /boot partition and a second partition that contains an LVM with separate volumes for / and swap). For special cases (especially servers) you'll probably have to spend some time thinking about how the system will be used to determine the best partitioning layout. Look here for a fairly comprehensive introduction to the Linux filesystem. Generally it's a good idea to put /boot on a separate partition, which only needs to be about 100 MB.

Networking

Before you set up a machine it's a good idea to collect the IP addresses and other configuration information you'll need to have on hand before you start the OS install. As a general rule NPG machines should have a static IP address and hostname reserved for them by UNH. If this is a brand new machine and there aren't any spare hostnames lying around you'll have to register a new one before you start. Make sure to add any new hostnames to the DNS (for farm addresses) and LDAP netgroup configurations in order for them to be able to access necessary network services (the firewall is configured to block connections to things like LDAP and NFS from machines it doesn't know about).

If you're using an existing NPG hostname, run this command on an NPG system to find its IP address:

nslookup <hostname> 

IP Addresses you should know

UNH

  • Netmask: 255.255.252.0
  • Default Gateway: 132.177.88.1
  • Primary DNS: 132.177.88.37
  • Secondary DNS: 132.177.88.76

Farm

  • Netmask: 255.255.252.0
  • Primary DNS: 10.0.0.253
  • Secondary DNS: 10.0.0.251

Note: Farm Connections do not use a default gateway.

Vlans

If the machine you're configuring is located in the server room and only has a connection to the Farm switch you can configure a vlan interface to connect to the outside world. You won't be able to set it up during the install process, which means that you shouldn't try to use a netinstall disk to install the system. Once you've installed the OS here's how you configure the VLAN:

  • Make sure the interface connected to the switch is configured and running.
  • Run this command:
vconfig add <interface-name> <vlan-id> 

where <interface-name> is the name of the network device (e.g. eth0) and the vlan-id is the ID number you want to use. For example the following command:

vconfig add eth0 2

would create a vlan inteface called eth0.2 which can now be configured as if it were a normal interface connected to the UNH network.

Downloading Install Disks

The Research Computing Center in Morse Hall hosts repository mirrors for CentOS and Fedora, so if you're looking to Download a DVD or CD iso to install one of these operating systems it's probably fastest to download from there. The URL is

http://mirror.sr.unh.edu/

Here are some quick links for various ISO images you might want to use:

CentOS =

64 Bit

32 Bit

Fedora

64 Bit

32 Bit

Installing CentOS 5

This guide assumes you're using the CentOS 5 DVD install image. See here for notes on using the netinstall disk.

  1. Download a CentOS CD or DVD image and burn it to a disk.
  2. Boot from the disk. You may need to change the system's boot device settings in the BIOS to get this to work. Often pressing F12 during startup will bring up a menu of devices you can choose from.
  3. Select the language and keyboard layout. Unless you have a really good reason not to, just pick U.S. English.
  4. Partition the hard drive. If you followed my advice and planned your partition layout ahead of time you already know what you need to do. In any case make sure you're at least 99.98% certain that you've got everything configured the way it should be before you apply your partitioning layout (both because in certain cases you could accidentally erase some data, and that it's kind of a pain in the butt to reconfigure partitioning after the fact).
  5. At this point if you opted to review your layout you may be asked to configure your bootloader preferences. It's generally safe to accept defaults here.
  6. Configure the Network (see above for details).
    • Set a static IPv4 address/netmask and disable IPv6 for each interface.
    • Set the hostname for the system manually
    • Set the Gateway and DNS configuration
  7. Set the region / Time Zone to America/New_York (though this is probably the default).
  8. Set the root password using the standard admin password scheme
  9. At the package configuration screen just select Customize later and move to the next step.
  10. At this point the system is going to format the disk(s) and copy the OS onto the system. It'll take a while. This is a good time to go grab a snack and a cup of coffee. Once this finishes you'll be prompted to reboot the system. Make sure to take the install CD out to ensure the system boots from the new CentOS install. Once the system reboots you need to make some configuration changes.
  11. Since you'll configure the NPG custom firewall later just accept the default firewall settings.
  12. Set SELinux to Disabled
  13. Enable Network Time Protocol
  14. Create User
    • First, create a local user for the system to use in case LDAP is unavailable. I usually just set the username to the machine's hostname, and the password to the standard administrator password.
    • Click Use Network Login to configure LDAP authentication
    • Under the User Information tab check Enable LDAP Support and then click Configure LDAP
    • Set the LDAP Server to ldap://einstein.unh.edu (if you're setting up a machine with a connection to the farm network use ldap://einstein.farm.physics.unh.edu)
    • Check Use TLS to encrypt connections and then click Download CA Certificate
    • Under the Authentication tab check Enable LDAP Support
  15. At this point your install should be finished. Reboot and continue on to Client_Configuration#Post-Install Configuration Post-Install Configuration
    • Set the Base DN to dc=physics,dc=unh,dc=edu



Post-Install Configuration

Installing Fedora 14