= How to build a SandBox console =

== New Instructions as of 8/22/2011 ==

=== Base system ===
 1. Boot Ubuntu 10.10 Server installation medium (you may need a usb-cdrom).
 1. preform a standard installation using the installation defaults, with noted devations:
  1. Partition - Choose "Guided use entire disk" (No LVM)
  1. User Name / Password - Use the well known orbit default
  1. Roles - Add the ssh server role
 1. Check that the network interfaces get the correct address from the correct networks:
  1. eth0 - DMZ
  1. eth1 - Control

=== NFS Mounting ===
We no longer do AutoFS/auto.home since there is a long standing lag bug with the daemon that is not fixable. We've now move to direct mounting of the /home mount point.
 1. Install the nfs common libraries 
    {{{
    apt-get install nfs-common
    }}}
 1. add the follow line to /etc/fstab
    {{{
    home:/export/home /home nfs _netdev,auto 0  0
    }}} 

=== LDAP Authentication ===
Since Autofs is not use this process is some what simpler.
 1. Install ldap libraries. This process will ask you a bunch of ldap related questions that will be used to prime the ldap.confs (there are 2). It's not critical to get them correct as we're just going to replace those conf's any way. (Accepting the defaults is ok).
    {{{
    apt-get install libpam-ldap libnss-ldap
    }}}
 1. The /etc/ldap.conf is one of two files that configures the ldap client. The non-comment lines in this file are as follows:
    {{{
    base dc=orbit-lab,dc=org
    uri ldap://ldap.orbit-lab.org/
    ldap_version 3
    binddn
    rootbinddn cn=admin,dc=orbit-lab,dc=org
    pam_password md5
    nss_initgroups_ignoreusers backup,bin,daemon,games,gnats,irc,libuuid,libvirt-qemu,list,lp,mail,man,messagebus,news,ntp,postfix,proxy,root,sshd,statd,sync,sys,syslog,usbmux,uucp,www-data
    }}}
    You could edit this file and change all the values to reflect this (leaveing the rest as comments) or simply replace the one you have with this one.[[wiki:ldap.conf]]
 1. The /etc/ldap/ldap.conf is the second file that guides the client. It have very few actual lines:
    {{{
    BASE    dc=orbit-lab,dc=org
    URI     ldap://ldap.orbit-lab.org
    }}}
    Again you can edit it directly or copy this version.
 1. The /etc/nsswitch.conf file should have the follow non comment lines:
    {{{
    passwd:         files ldap compat
    group:          files ldap compat
    shadow:         files compat

    hosts:          files dns
    networks:       files

    protocols:      db files
    services:       db files
    ethers:         db files
    rpc:            db files

    netgroup:       nis
    }}}
    Again you can edit it directly or copy this version.
 1. Finally add the follow line to the /etc/sudoers file (note this is done with the visudo command).
    {{{
    %admin ALL=(ALL) ALL
    %sysadmin ALL=NOPASSWD: ALL
    }}}
    This has to be done manually.

=== OMF ===



== Old instructions as of 5/xx/2011 ==
Steps on setting up this ubuntu Server are as follows[[BR]]
 1. Attach a usb cd drive and start the cd install.[[BR]]
 2. Choose Entire disk with help from installer to do the partitioning of the FS[[BR]]
    Choose dhcp for eth0 during setup.
 3. Setup the Network Interfaces[[BR]]
    eth0 - Goes into the DMZ network, so please modify the /etc/network/interfaces file to for eth0 [[BR]]
    the ability to attain an ip address using dhcp.[[BR]]
    Please update the dhcpd.conf file with eth0 mac address for console.sbX[[BR]]
    eth1 - Is the ConsoleC address for sandbox.[[BR]]
    Please update /etc/network/interfaces to [[BR]]
    iface eth1 inet static [[BR]]
    address 10.1x.0.10 - (x) is the sandbox number [[BR]]
    netmask 255.255.0.0 [[BR]]
 4. Please Install libpam-ldap,libnss-ldap,autofs and autofs-ldap packages using apt.[[BR]]
 5. Please modify /etc/ldap/ldap.conf to the following [[BR]]
    BASE	dc=orbit-lab,dc=org [[BR]]
    URI	ldap://ldap.orbit-lab.org  [[BR]]
 6. You can copy /etc/ldap.conf from another sandbox or set the following attributes yourself[[BR]]
     host ldap.orbit-lab.org [[BR]]
     base dc=orbit-lab,dc=org [[BR]]
     ldap_version 3 [[BR]]
     rootbinddn cn=admin,dc=orbit-lab,dc=org [[BR]]
     timelimit 30 [[BR]]
     bind_timelimit 30 [[BR]]
     idle_timelimit 360 [[BR]]
     pam_check_host_attr yes [[BR]]
     pam_password crypt [[BR]]
     Copy the /etc/ldap.secret file from another sandbox or ask the administrator for the password. [[BR]]
     Modify /etc/nsswitch.conf for the users and autofs to use LDAP
 7. For autofs we need to modify /etc/default/autofs file so that the autofs daemon knows what the master   
    map is. [[BR]]
    
{{{
    LDAPURI="ldap://ldap1.orbit-lab.org/"
    LDAPBASE="ou=auto.master,dc=orbit-lab,dc=org"

}}}
 8. Copy the /etc/nsswitch.conf file to this new machine from another sandbox or modify the file for your [[BR]] self to include ldap for login and automount to be done by ldap.
                          Please ensure that you start autofs
   Modify the sudoers file to include sysadmin group with privileges to become root without password or   
  just[[BR]]copy the sudoers file from an existing sandbox. 
 9. Install the mail packages , so that the mail can be sent from the sandbox.[[BR]]
    {{{           apt-get install postfix mailutils  }}} [[BR]]
   When you begin installing the postfix package configuration it will ask you configuration details, please select to install the package as a '''Satellite''' system. After that copy the main.cf file from another sandbox.
 10. Install logwatch, ntp and cfengine2 packages. [[BR]]
 11. Configure cfengine2 , which should copy the config files for logwatch and ntp.[[BR]]
 12. OMF Install -To manage your nodes
 To install omf packages modify your apt source tree to include mytestbed url and then run update on the apt for it to pull down the package information. The above steps can be done by these steps[[BR]]
{{{
 echo "deb http://pkg.mytestbed.net/ubuntu karmic/" >> /etc/apt/sources.list
   apt-get update
}}}


   
 For the console we need to add the following packages
   omf-resctl liboml omf-expectl omf-common omf-aggrmgr . Please try and install the latest release[[BR]]
{{{
    apt-get install liboml omf-expctl-5.2 omf-common-5.2 omf-aggmgr-5.2
}}}
 13. OMF Configuration
    Copy a working config file for /etc/omf-expctl-5.2/nodehandler.yaml from another sandbox and modify its 
    ip addresses for the Sandbox. The XMPP server is repository2.
 14. In the inventory52 database , nodes table please make sure that the control ip is set to the ip of the eth1 interface (non dmz) interface.
     Once you start the expirement you can go to the following ip and see the serial console
     10.1.10x.17 x is the sandbox(x) number , the last 4 hex numbers are used to denote the ip address of each node of sandbox.
     node2 for sandbox would be 10.1.10x.18

 15. We still have omf5 as the default so please do the following
     Just to add to our notes, we need to make sure machine have fully qualified host name (some services depend on it). So 

(in /etc/hostname) 
console.sb2.orbit-lab.org

(in /etc/hosts) 
127.0.0.1	console.sb2.orbit-lab.org console

As for the old omf we need to:

rm /usr/bin/omf   #(it is actually a soft link to /etc/alternatives/omf)[[BR]]

scp -r sb1.orbit-lab.org:/opt/nodehandler4-4.4.0 /opt/nodehandler4-4.4.0[[BR]]

scp -r sb1.orbit-lab.org:/etc/nodehandler4 /etc/nodehandler4[[BR]]

scp sb1.orbit-lab.org:/usr/bin/omf /usr/bin/omf[[BR]]


which will set the 4.4 as a default omf.