Skip to content. | Skip to navigation

Personal tools

Navigation

You are here: Home / Wiki / Ukimage

Ukimage

Stuff I did to make a node image for University of Kentucky and Georgia Tech. Much of this overlaps with local image creation (see newimage.txt). 

Start with one of our freshly loaded images.

A. FreeBSD (while running single user):

* Make sure local filesystems are mounted:
  mount -at ufs

* /root/.cvsup/auth
  Customize host/domain, change the password.  Then run "cvpasswd" giving the
  password just used.  Put the line spit out by cvpasswd in the boss node's
  /usr/testbed/sup/cvsupd.passwd file.

* /root/.ssh
  Remove known_hosts if it exists.  Put in local boss root pub key.
  Leave in our pub key if acceptible.

* /etc/localtime
  Copy the correct file over from /usr/share/zoneinfo

* /usr/local/etc/emulab/master.passwd
  Change the root password, this file will get installed by prepare.

* /etc/ssh/ssh_host*
  Generate new host keys.  Actually, copy from an existing image if
  available (i.e., we use a single host key across all images and OSes
  within a testbed).

* /etc/emulab/{client,emulab}.pem
  Generate new ones.  This needs to be done on the site's boss node.
  Go into the source tree "ssl" subdirectory and edit the *.cnf.in files
  to update the "[ req_distinguished_name ]" section with the appropriate
  country, state, city, etc.  Then do a "gmake boss-installX" which generates
  the certs and installs the server-side.  Grab the emulab.pem and client.pem
  from that directory to put in the images.

* Unmount filesystems, and remount root read-only to be safe:
  cd /
  umount -h <fs node name>
  umount -at ufs
  mount -u -o ro /


B. While running Linux (single user):

* /root/.cvsup/auth
  Customize host/domain, leave password alone?

* /root/.ssh
  Remove known_hosts if it exists.  Put in local boss root pub key.
  Leave in our pub key if acceptible.

* /etc/localtime
  Copy the correct file over from /usr/share/zoneinfo

* /etc/ssh/ssh_host*
  Generate new host keys.  Actually, copy from an existing image if
  available (i.e., we use a single host key across all images and OSes
  within a testbed).

* /etc/testbed/shadow
  Change the root password, this file will get installed by prepare.

* /etc/testbed/{client,emulab}.pem
  Generate new ones.  This needs to be done on the site's boss node.
  Go into the source tree "ssl" subdirectory and edit the *.cnf.in files
  to update the "[ req_distinguished_name ]" section with the appropriate
  country, state, city, etc.  Then go to the build directory and do a
  "gmake boss-installX" which generates the certs and installs the
  server-side.  Grab the emulab.pem and localhost.pem from that directory
  to put in the images as emulab.pem and client.pem.  [ NOTE: we can
  get by without the certs if the client tmcc and server tmcd are built
  without SSL support (tmcc-nossl and tmcd-nossl targets).

* Remount root filesystem read-only (IMPORTANT!)
  cd /
  mount -o remount,ro /

* Fsck it for good luck.  Actually, not only good luck but also resets
  some time stamp that forces an fsck periodically
  fsck -f <root device>

D. Frisbee MFS (boss:/tftpboot/frisbee/boot/mfsroot):

E. FreeBSD MFS (boss:/tftpboot/boot/mfsroot):

F. Dealing with SCSI disks (or RAID).

* Since we have IDE disks, it takes a little more work to create an
  image on IDE disks for a site with SCSI disks.

* For FreeBSD, you need to make sure that the kernel includes support
  for the host adaptor in question.  You can look at output from the
  "newnode" (aka GENERIC) kernel if necessary.  If the HA is not already
  supported in our various TESTBED configs, add it and rebuild and install
  the kernels in the image.  Then, in the image, you need to change /etc/fstab
  to refer to "da" disks rather than "ad" disks.

* For Linux, it is even more of a PITA.  As with BSD, you need to configure
  our kernel with generic SCSI support and support for the HA.  Note that
  by default, Linux includes SCSI as a module, but to load a module into the
  Linux kernel at boot time, you need to have a little MFS (initrd) that
  contains the appropriate modules.  We just build a kernel with the SCSI
  stuff hardwired instead.  Anyway, once you have a kernel, modify /etc/fstab
  to talk about "sda" rather than "hda".  Now you also have to modify
  /etc/lilo.conf, again, to reference "sda" rather than "hda".  But, once
  you have done that, you cannot rerun lilo as it will complain about not
  having an sda disk; i.e., lilo looks at the config file to figure out
  what disk to write the new stuff to, and that file now says "sda" instead
  of the "hda" that you are constructing the image on!  Go ahead and create
  the image without re-running lilo.  When you boot Linux from the image for
  the first time, interrupt lilo (type anything once lilo starts loading the
  image) and then type:

	 linux root=/dev/sda2

  (assuming Linux is in partition 2 on the disk).  This will boot it up
  using SCSI as the root disk.  Now, assuming your kernel has the appropriate
  SCSI support, the machine will come up ok.  Then login as root and run
  "lilo" to fix things up for good (remember to create a new image afterward).