Icm System Rev-draft2

COMMERCIAL-IN-CONFIDENCE

System

Installation and Configuration ManualFOR

AMHS BOLIVIA

AFTN/AMHS system for Bolivia

CONTRACT N°YHYD/040/2010

CDRL SEQUENCE N° 22

Prepared for:

AASANA

Calle Reyes Ortiz esquina Frederico Suazo N° 74Edificio FEDEPETROL 6° - 14°

Pisos, Casilla N° 4382La Paz - BOLIVIA

Prepared by:

Thales Air Systems3, avenue Charles Lindbergh

94150 RUNGISFrance

NUMÉRO DOCUMENT / DOCUMENT NUMBER FORMAT / SIZE PAGE

61 821 895 - 194 A4 1/110

THALES AIR SYSTEMS

F8224 - REV

Ce document et les informations qu’il contient sont confidentiels et sont la propriété exclusive de THALES Air Systems. Ils ne doivent être communiqués qu’aux personnes ayant à en connaître et ne peuvent être reproduits ni divulgués à toute autre personne sans l’autorisation préalable écrite de THALES Air Systems.

This document and the information it contains are property of THALES Air Systems and confidential. They shall not be reproduced nor disclosed to any person except to those having a need to know them, without prior written consent of THALES Air Systems.

THALES Air Systems 312-GEN-T903 Issue A page 1/110

CDRL 22 AMHS BOLIVIA


AFTN/AMHS system for Bolivia

DOCUMENT TITLE:System Installation and Configuration Manual

DOCUMENT CONTENT & PURPOSE:The purpose of this document is to describe the Layout and the Cabling of the Hardware delivered.

INTERNAL APPROVALS

REVISION: rev- draft1 25/03/2011 Signature Date

WRITTEN BY:

P. BLANCHE

Software Engineering

CHECKED BY:

L. RABEYRIN

Software Engineering Manager

APPROVED BY:

H. PLASSART

Work Package Manager

AUTHORISED BY:

M. COURAU

Quality Manager

PROGRAM AND CUSTOMER APPROVALS

THALES PROGRAM QUALITY MANAGER:

M. COURAU

THALES PROGRAM MANAGER:

V. DIZIER

AASANA PROGRAM MANAGER:

F. AZUGA

F8224 61 821 895 - 194 rev- draft1Ce document et les informations qu’il contient sont confidentiels et sont la propriété exclusive de THALES Air Systems. Ils ne doivent être communiqués qu’aux personnes ayant à en connaître et ne peuvent être reproduits ni divulgués à toute autre personne sans l’autorisation préalable écrite de THALES Air Systems.





CHANGES

Rev. Date Ecp n° Description Responsible

Rev – draft1

25/03/2011 First release P. BLANCHE






TABLE OF CONTENTS

1. SCOPE............................................................................................................................................................... 10

1.1 IDENTIFICATION............................................................................................................................................... 10

1.2 PROGRAM OVERVIEW..................................................................................................................................... 10

1.3 DOCUMENT OVERVIEW................................................................................................................................... 101.3.1 Purpose of this Document............................................................................................................................ 101.3.2 Applicability of this Document....................................................................................................................... 101.3.3 Configuration Management Issues for this Document...................................................................................10

2. REFERENCED DOCUMENTS............................................................................................................................ 11

2.1 CONTRACTUAL DOCUMENTS......................................................................................................................... 11

2.2 THALES DOCUMENTS...................................................................................................................................... 11

2.3 PROGRAM RELATED DOCUMENTS................................................................................................................11

3. GENERAL INTRODUCTION.............................................................................................................................. 12

3.1 CONTENT DESCRIPTION................................................................................................................................. 12

3.2 CONVENTIONS USED................................................................................................................................... 12

4. SERVERS INSTALLATION & CONFIGURATION PROCEDURE FOR RED HAT 4...........................................13

4.1 INTRODUCTION............................................................................................................................................. 134.1.1 Appendix utilization...................................................................................................................................... 134.1.2 Command line use....................................................................................................................................... 13

4.2 SERVER SETUP.............................................................................................................................................. 14

4.3 INSTALLATION PROCEDURE..................................................................................................................... 144.3.1 Boot............................................................................................................................................................. 144.3.2 Peripherals selection.................................................................................................................................... 154.3.3 Disk partitionning.......................................................................................................................................... 15

4.3.3.1 Raid partitions....................................................................................................................................... 164.3.3.2 Partitions and physical volumes.............................................................................................................174.3.3.3 Volumes groups and logical volumes.....................................................................................................18

4.3.4 Boot loader configuration.............................................................................................................................. 194.3.5 Network configuration................................................................................................................................... 194.3.6 Language and time zone.............................................................................................................................. 214.3.7 Root (administrator) password...................................................................................................................... 22

F8224 61 821 895 - 194 rev- draft1

Ce document et les informations qu’il contient sont confidentiels et sont la propriété exclusive de THALES Air Systems. Ils ne doivent être communiqués qu’aux personnes ayant à en connaître et ne peuvent être reproduits ni divulgués à toute autre personne sans l’autorisation préalable écrite de THALES Air Systems.





4.3.8 Packages selection...................................................................................................................................... 22

4.4 FIRST START.................................................................................................................................................. 23

4.5 KERNEL CONFIGURATION.......................................................................................................................... 254.5.1 Sources generation...................................................................................................................................... 254.5.2 Kernel tuning................................................................................................................................................ 264.5.3 Kernel compilation........................................................................................................................................ 264.5.4 Kernel installation......................................................................................................................................... 264.5.5 Kernel test................................................................................................................................................... 27

4.6 GENERAL CONFIGURATION....................................................................................................................... 274.6.1 Graphical environment settings.................................................................................................................... 274.6.2 GDM configuration....................................................................................................................................... 284.6.3 Password modification.................................................................................................................................. 284.6.4 Index initialization......................................................................................................................................... 284.6.5 Boot Kernel.................................................................................................................................................. 284.6.6 Filesystem check......................................................................................................................................... 294.6.7 System log................................................................................................................................................... 294.6.8 SSH configuration........................................................................................................................................ 304.6.9 Network....................................................................................................................................................... 30

4.6.9.1 Network interfaces................................................................................................................................ 304.6.9.2 Hosts and addresses............................................................................................................................. 31

4.6.10 Timezone adjustment................................................................................................................................... 314.6.11 SNMP configuration..................................................................................................................................... 314.6.12 Listing of configuration.................................................................................................................................. 33

4.7 SERVICES CONFIGURATION...................................................................................................................... 334.7.1 xinetd configuration...................................................................................................................................... 334.7.2 PAM configuration........................................................................................................................................ 34

4.7.2.1 PAM usage........................................................................................................................................... 344.7.2.2 PAM configuration................................................................................................................................. 34

4.7.3 FTP............................................................................................................................................................. 354.7.4 NTP (Network Time Protocol)....................................................................................................................... 36

4.7.4.1 Start NTP.............................................................................................................................................. 364.7.4.2 Initial synchronization............................................................................................................................ 374.7.4.3 Synchronization checking...................................................................................................................... 37

4.7.5 TFTP........................................................................................................................................................... 374.7.6 Other services.............................................................................................................................................. 37

4.8 PARTITIONNING AND FILES SYSTEMS..................................................................................................374.8.1 Partitionning................................................................................................................................................. 374.8.2 Files system................................................................................................................................................. 38

4.9 PRINTING MANAGEMENT........................................................................................................................... 394.9.1 Configuration................................................................................................................................................ 394.9.2 Add a printer................................................................................................................................................ 394.9.3 Modify a printer............................................................................................................................................ 404.9.4 Remove a printer.......................................................................................................................................... 40

4.10 APPLICATIONS & DRIVERS.................................................................................................................... 404.10.1 HP applications & drivers............................................................................................................................. 40






4.10.1.1 Storage controller drivers....................................................................................................................... 414.10.1.2 HP array configuration utility.................................................................................................................. 424.10.1.3 HP SNMP applications.......................................................................................................................... 42

4.10.2 Hardware listing tool lshw............................................................................................................................. 424.10.3 Configuration listing tool cfg2html.................................................................................................................424.10.4 Network bandwith analyser........................................................................................................................... 43

5. WORKSTATION INSTALLATION & CONFIGURATION PROCEDURE.............................................................44

5.1 INTRODUCTION............................................................................................................................................. 44

5.2 INSTALLATION PROCEDURE..................................................................................................................... 44

5.3 PREREQUISITE............................................................................................................................................... 44

5.4 BOOT & DRIVER SELECTION.....................................................................................................................44

5.5 DISK PARTITIONING.................................................................................................................................... 45

5.6 SYSTEM SETUP............................................................................................................................................. 46

5.7 GENERAL CONFIGURATION....................................................................................................................... 505.7.1 Host name and identity................................................................................................................................. 515.7.2 Desktop / UI tuning....................................................................................................................................... 515.7.3 User creation................................................................................................................................................ 525.7.4 Logon screen............................................................................................................................................... 525.7.5 Drivers installations...................................................................................................................................... 535.7.6 Network....................................................................................................................................................... 53

5.7.6.1 Network interfaces................................................................................................................................ 535.7.6.2 IP addresses......................................................................................................................................... 535.7.6.3 Keep alive............................................................................................................................................. 53

5.7.7 System restoration....................................................................................................................................... 545.7.8 Swap........................................................................................................................................................... 545.7.9 Services....................................................................................................................................................... 545.7.10 NTP............................................................................................................................................................. 555.7.11 Security........................................................................................................................................................ 565.7.12 Power settings............................................................................................................................................. 565.7.13 Remote access............................................................................................................................................ 565.7.14 System cleaning........................................................................................................................................... 56

5.8 APPLICATIONS & LIBRARY INSTALLATIONS........................................................................................575.8.1 Initialization.................................................................................................................................................. 575.8.2 Installation of libraries................................................................................................................................... 575.8.3 Installation of third party applications............................................................................................................57

5.9 CLEANING....................................................................................................................................................... 61

6. NETWORK DEVICES INSTALLATION & CONFIGURATION PROCEDURE.....................................................62

6.1 INTRODUCTION............................................................................................................................................. 62






6.2 SWITCH CISCO 2960G CONFIGURATION...............................................................................................626.2.1 Hardware installation.................................................................................................................................... 626.2.2 initial configuration........................................................................................................................................ 626.2.3 further configuration..................................................................................................................................... 63

6.3 FIP UNIT.......................................................................................................................................................... 646.3.1 Presentation................................................................................................................................................. 646.3.2 Front view description.................................................................................................................................. 656.3.3 Rear view description................................................................................................................................... 666.3.4 Hardware installation.................................................................................................................................... 676.3.5 Configuration................................................................................................................................................ 67

6.3.5.1 Initial Configuration................................................................................................................................ 676.3.5.2 Server Host File Update........................................................................................................................ 686.3.5.3 FIP RTU package installation................................................................................................................686.3.5.4 FIP firmware update.............................................................................................................................. 696.3.5.5 FIP default settings load........................................................................................................................ 696.3.5.6 FIP default settings description..............................................................................................................696.3.5.7 FIP IP addresses.................................................................................................................................. 706.3.5.8 FIP IP interface customization...............................................................................................................706.3.5.9 FIP default IP gateway.......................................................................................................................... 706.3.5.10 FIP asynchronous port customization....................................................................................................716.3.5.11 FIP password........................................................................................................................................ 716.3.5.12 FIP AMSS configuration........................................................................................................................ 716.3.5.13 FIP rsh use........................................................................................................................................... 726.3.5.14 TELECOMMUNICATIONS : FIP............................................................................................................72

6.4 MAINTENANCE MODEM MT5600.............................................................................................................726.4.1 Introduction.................................................................................................................................................. 726.4.2 Hardware configuration................................................................................................................................ 736.4.3 Modem configuration.................................................................................................................................... 736.4.4 Server configuration..................................................................................................................................... 73

7. STORAGE EQUIPMENT INSTALLATION & CONFIGURATION PROCEDURE.................................................75

7.1 INTRODUCTION............................................................................................................................................. 75

7.2 NAS (NETWORK ATTACHED STORAGE).................................................................................................757.2.1 Introduction.................................................................................................................................................. 757.2.2 Hardware installation.................................................................................................................................... 757.2.3 NAS system configuration............................................................................................................................ 767.2.4 NAS storage configuration............................................................................................................................ 797.2.5 Server side configuration.............................................................................................................................. 797.2.6 Workstation side configuration...................................................................................................................... 807.2.7 Management procedures and access modes................................................................................................80

8. APPENDIXES..................................................................................................................................................... 83

8.1 APPENDIX A. HARDWARE CONFIGURATION........................................................................................838.1.1 Obtaining hardware informations.................................................................................................................. 83

8.1.1.1 BIOS/HP PROLIANT DLxxx..................................................................................................................838.1.1.2 Linux..................................................................................................................................................... 83






8.1.2 Hardware reference...................................................................................................................................... 838.1.2.1 HP PROLIANT DL380 G6 SERVERS....................................................................................................838.1.2.2 HP 6000pro SFF PC............................................................................................................................. 84

8.1.3 OS hardware configuration........................................................................................................................... 858.1.3.1 display.................................................................................................................................................. 85

8.2 APPENDIX B. BIOS & ILO CONFIGURATION.........................................................................................858.2.1 BIOS configuration....................................................................................................................................... 85

8.2.1.1 HP PROLIANT DL380 G6..................................................................................................................... 858.2.2 BIOS compatibility parameters..................................................................................................................... 86

8.2.2.1 HP PROLIANT DL380 G6..................................................................................................................... 868.2.3 ILO configuration.......................................................................................................................................... 86

8.2.3.1 HP PROLIANT DL380 G6..................................................................................................................... 86

8.3 APPENDIX C. RAID CONFIGURATION.....................................................................................................878.3.1 Smart array : RAID disks configuration on servers........................................................................................87

8.3.1.1 Old logical drive(s) removing................................................................................................................. 888.3.1.2 Logical drive creation............................................................................................................................. 88

8.3.2 RAID disks duplication.................................................................................................................................. 89

8.4 APPENDIX D. PARTITIONING CONFIGURATION..................................................................................908.4.1 Partitioning information................................................................................................................................. 90

8.4.1.1 HP DL380 G6 Servers........................................................................................................................... 908.4.1.2 HP Z200 workstations........................................................................................................................... 91

8.5 APPENDIX E. FIRMWARE CONFIGURATION.........................................................................................918.5.1 Firmware upgrade........................................................................................................................................ 91

8.5.1.1 HP Proliant DL380 G6........................................................................................................................... 91

8.6 APPENDIX F. NETWORK CONFIGURATION...........................................................................................928.6.1 Hardware interface....................................................................................................................................... 928.6.2 Software interface........................................................................................................................................ 92

8.6.2.1 IP configuration..................................................................................................................................... 928.6.2.2 Routing................................................................................................................................................. 938.6.2.3 DNS...................................................................................................................................................... 938.6.2.4 DHCP................................................................................................................................................... 938.6.2.5 NTP...................................................................................................................................................... 93

8.7 APPENDIX G. SYSTEM BACKUP & RESTORE........................................................................................948.7.1 Backup / restore for servers and workstations...............................................................................................94

8.7.1.1 Introduction........................................................................................................................................... 948.7.1.2 System backup..................................................................................................................................... 948.7.1.3 System restore...................................................................................................................................... 998.7.1.4 Network and identity configuration.......................................................................................................1008.7.1.5 Notes/Troubleshooting......................................................................................................................... 101

8.8 APPENDIX H. SCRIPTS AND CONFIGURATION FILES......................................................................1028.8.1 X11 configuration file.................................................................................................................................. 1028.8.2 iperf service................................................................................................................................................ 1038.8.3 shell profile................................................................................................................................................. 104

8.9 APPENDIX I. SOFTWARE AND FIRMWARE VERSION SUMMARY..................................................105






8.10 APPENDIX J. COTS MEDIA....................................................................................................................1088.10.1 Content...................................................................................................................................................... 1088.10.2 Create CD or DVD from iso images............................................................................................................108

LIST OF FIGURES

Figure 1. Switch Cisco WS-C2960G-24TC-L............................................................................................................62Figure 2. Multitech MT5600..................................................................................................................................... 73Figure 3. NAS Netgear ReadyNAS NVX.................................................................................................................. 75Figure 4. C.1. Initial situation................................................................................................................................... 89Figure 5. C.2. Final situation.................................................................................................................................... 90

LIST OF TABLES

Table 1. Contractual documents................................................................................................................................. 11Table 2. THALES documents..................................................................................................................................... 11Table 3. Program related documents......................................................................................................................... 11






1. SCOPE

1.1 IDENTIFICATION

Program Name : AFTN/AMHS system for Bolivia

System Long Name : System

Document Name : Installation and Configuration Manual

Doc. Short Name : ICM

CDRL Number : 22

THALES Number : 61 821 895 - 194

Revision : rev- draft1

Revision date : 25/03/2011

File Name : document.doc

1.2 PROGRAM OVERVIEW

The programme consists in the design, production, on site delivery, installation, adjustment and commissioning of an AMSS System.

The supplies to be delivered by the Programme are listed in the Programme Management Plan. Mainly:

o New servers for OPS systemo Delivery of IAT, UA, A2M

1.3 DOCUMENT OVERVIEW

1.3.1 Purpose of this Document

The purpose of this document is to describe the Layout and the Cabling of the Hardware delivered.

1.3.2 Applicability of this Document

This ICM applies to the management of all AMHS BOLIVIA Program activities.

The Entity Program Manager (PM) is responsible for ensuring that the procedures outlined in the ICM are properly and efficiently implemented.

The ICM is applicable for the duration of the Program.

1.3.3 Configuration Management Issues for this Document

This plan is one of the deliverable items of the Contract Data Requirements List. The Installation andConfiguration Manual therefore shall be maintained under configuration control.

The Entity Data Manager shall be responsible for the archiving of this ICM in the program library as well as the archiving of the electronic copy in the shared directory of the program.






2. REFERENCED DOCUMENTS

2.1 CONTRACTUAL DOCUMENTS

Index THALES # Title

[C1]Contract N°YHYD/040/2010 signed August 19, 2010

Contract

Table 1. Contractual documents

2.2 THALES DOCUMENTS

The following Internal instructions applicable for this document are defined in the THALES Quality Management System.

Index Reference Title

[R1]87200049-GOV-GRP-EN Revision 001 - November 2010

Thales Group Quality, Security and Environment Commitment

[R2]105-QCI-M901-Indice F – July 2010

Commitment to Quality, Security and Environment within Thales Air Systems S.A.

Table 2. THALES documents

2.3 PROGRAM RELATED DOCUMENTS

Index THALES # CDRL # Title

[P1] 61 821 887 - 424 05 System Segment Design Document[P2] 61 821 887 – 148 04 Bill of quantities[P3] 61 821 904 – 558 29 AMSS Interface Control Document [P4] 61 821 – 887 03 Equipment Description Document

Table 3. Program related documents






3. GENERAL INTRODUCTION

3.1 CONTENT DESCRIPTION

The purpose of this document is to assemble all the technical documentation related to hardware and system configuration.

3.2 CONVENTIONS USED

Normal descriptive or explanatory text is written in a variable width sans serif font (Helvetica/Arial).

# This paragraphs style reflect command input line. The # represents the prompt and don’t have to be typed.This paragraphs style represents output of the system.This paragraphs style represent the content of a file.

Inline text notations :

a Label on the graphical user interface.

a Button on the graphical user interface.

a <Key> (keyboard) to strike.

a {variable} which is supposed to expanded with a real value.

Note

All screen shots are given for example only.

In this document {media} refers to the location where data are delivered (path on hard disk, CDROM, …) depending on the mode of delivery.

All the operations described in this documentation are done under an administrator account.






4. SERVERS INSTALLATION & CONFIGURATION PROCEDURE FOR RED HAT 4

4.1 INTRODUCTION

The aim of this section is to describe the installation procedure for the operating system of a server.

This document has been validated for Red Hat 4 update 8 (kernel 2.6.9-89)

4.1.1 Appendix utilization

This document is completed with several appendixes. These appendixes describes specific parameters and consequently are not present in this document :

Appendix A, Hardware configuration (describes the peripherals and their characteristics)

Appendix B, BIOS & ILO Configuration (describes the parameter of BIOS which shall be enabled)

Appendix C, RAID Configuration (describes the configuration of hardware raid features)

Appendix D, Partitioning configuration (describes the set of partitions which shall be created)

Appendix E, Firmware Configuration (describes a procedure to upgrade the firmwares)

Appendix F, Network configuration (describes the IP of each machine)

Appendix G, System Backup & Restore (describes a backup or a restore of a whole operating system)

Appendix H, Scripts and configuration files (content of scripts and configuration files)

References to appendixes are specified along the document, as necessary.

4.1.2 Command line use

Most of the configuration tasks are done using the command line (shell), under the root account. A console can be obtained in a graphical environment (graphical terminal) or directly on the server console, by typing <CTRL><ALT><F1>

The edition of the file is done using vi. The use of vi is

vi {file_to_edit}

Once the modification is done, a file can be saved with the command :wq. More information on using vi can be obtained by <F1> in vi.






4.2 SERVER SETUP

In order to properly install the OS, the server shall be prepared with several procedures. Theses procedures are material specific and are described in appendix.

Therefore, execute first the content (in this order) of the following appendixes :

Appendix A, Hardware configuration

Appendix B, BIOS & ILO Configuration

Appendix C, RAID Configuration

4.3 INSTALLATION PROCEDURE

4.3.1 Boot

Switch on the computer and insert the Red Hat Enterprise Linux 4 ES CDROM disk 1. At boot prompt hits <Enter> once. At CD Found panel select Skip. At Welcome display select Next.

On Language Selection panel :

Select English and press Next.






4.3.2 Peripherals selection

On Keyboard Configuration panel :

Select yours (see Appendix A, Hardware configuration) and press Next.

4.3.3 Disk partitionning

Warning

The swap partition: The swap size is calculated from the memory size. The rules are usually as follows : up to 1Gb RAM Swap=1,5xRam limited to 1 Gb. If the RAM is greater than 1Gb, Swap=1xRam. If the partitioning scheme requires a swap partition that is larger than 2 GB, create an additional swap partition. For example, for 4 GB of RAM, create 2 x 2GB swap partitions.

The principle is to create several partitions (physical or logical), on which a file system is built. These partitions can be :

physical partition

raid partition

logical volume

logical volume on raid partition

First , the underlying partitions are defined, and after, the file system is configured.






On Disk Partitioning Setup panel :

Select Manually Partition with Disk Druid and press Next.

When the Warning message dialog box “…Would you like to initialize this drive erasing ALL DATA” is displayed, press Yes.

4.3.3.1 Raid partitions

If the configuration involve RAID-1 partitions (else jump this step) :

First , each disk shall be partitioned with the same partition (due to RAID-1).

Refer to (see Appendix D, Partitioning configuration) to see the list of partition and their size.

For each partition to create : Select Free and press New to add a new partition (see next screen). Select software RAID for “File system type”.

Once this step is done, create the RAID device :

For each RAID device, select the RAID button.

RAID Level : select RAID-1

Raid members : select the 2 source partitions (the partition shall have the same number : /dev/sdaX, /dev/sdbX for instance).

Then fill Mount Point and File System Type






the same way that is described in “partitions and volumes groups” and Logical Volumes.

On these RAID device, a classical partition or a volume group can be installed.

4.3.3.2 Partitions and physical volumes

At Disk Setup panel :

Disk name and partitions size depend on the configuration (see Appendix D, Partitioning configuration) .

For each partition to create :Select Free and press New to add a new partition (see next screen)

Mount Point: Enter the mount point of the partition. Enter /boot for the boot partition. Nothing entered for the swap partition or physical volume (LVM).

File System Type: Using the pull-down menu, select the appropriate file system type for this partition.

Select ext3: For all normal partitions

Select swap: For the swap partition

Select physical volume (LVM): For the partition corresponding to a volume group.

Size (MB): Size of the partition on disk.

Enter the size (in megabytes) of the partition when Fixed size is selected.

Force to be a primary partition: If unselected, the partition is created as a logical partition (partition from 1 to 4). /boot partition must






be a primary partition.

Then press Ok

4.3.3.3 Volumes groups and logical volumes

When all the partitions are created, and if the configuration requires at least one logical volume then:

For each volume group :Select the LVM partition in the list and press LVM to configure the volume group.

A window "Make LVM Volume Group" is displayed in order to configure the volume group.

Volume Group Name : Enter the name of the volume group (refer to Appendix D, Partitioning configuration)

Then click on Add to add a logical volume within the volume group.

A Window "Make Logical Volume" is displayed in order to configure the logical volume.

Mount Point: Enter the logical volume mount point. Nothing selected for a swap partition

File System Type: Using the pull-down menu, select the appropriate file system type for this logical volume.

Select ext3: For all normal logical volume

Select swap: For the swap logical volume

Logical Volume Name : Enter the name of the logical volume (refer to Appendix D, Partitioning configuration).

Size (MB): Size of the logical volume within the volume group.

Press OK to finish.

Repeat for all logical volumes. When all






logical volume and volumes groups are defined press Next

4.3.4 Boot loader configuration

On Boot loader Configuration panel :

Unselect Use a boot loader password Unselect Configure advanced boot loader options.

Press Next.

4.3.5 Network configuration

On Network Configuration panel :

In Network devices sub-panel, select the ethernet device and press Edit to open the dialog box. Use the information in Appendix F, Network configuration to fill up the ip address and the netmask.

In Hostname sub-panel, select manually and fill the field with the server name (Use the interface name without the “–<ident of the network>” in Appendix F, Network configuration).

Press Next.






On Edit Interface dialog box :

Unselect Configure using DHCP and fill the IP Address and Netmask fields with the information given in Appendix F, Network configuration.

Select Activate on boot .

Press Ok.

On Firewall Configuration panel :Select No Firewall.

On Enable SELinux : Select disable.

Press Next.






4.3.6 Language and time zone

On Additional Language Support panel :

Select English (USA) and press Next.

On Time Zone Selection panel :

Select System clock uses and the location , then press Next.






4.3.7 Root (administrator) password

On Set Root Password panel :

Type the root password and Confirm. Note :It should be at least 6 characters long.

Example : rootroot

Press Next.

Warning

If you loose this password, you will not be able to log in the system. The only possibility is then to boot as single user, to reinitialize this password.

4.3.8 Packages selection

On Package Defaults panel :

Select Customize the set of packages to be installed and press Next.






On Package Group Selection panel :

Scroll down the list and select Everything and press Next.

At this point wait until all the packages are installed. When prompted for changing CD insert the disk required. The complete installation of the packages takes about 25 minutes.

Remove any installation media (DVD or CD-ROM) and press Reboot.

4.4 FIRST START

The first time you start Red Hat Enterprise Linux machine the Setup Agent is presented, which guides the user through the Red Hat Enterprise Linux configuration. Using this tool, set up thensystem time and date, install software, register the machine with Red Hat Network.

On welcome panel , select Next. At license agreement, select Yes then Click Next. At Date/Time panel, modify date and time if necessary (UTC date/time) and Click Next.

On Display Panel :






Select Configure to configure the model of the monitor.

Windows is displayed.

Select the model of the monitor (see Appendix A, Hardware configuration ). If this monitor is not listed, then select "generic CRT Display" or "Generic LCD Display" with the maximum resolution allowed by this monitor.

In the resolution menu, select the screen resolution (in case of a LCD display, this resolution shall be the same as for the monitor). Select the color depth : refer to the graphic card capabilities (Appendix A, Hardware configuration ).

On Red Hat login panel, select «Tell me why I need to register and provide a Red Hat login » then «I can not complete registration at this time, remind me later» and Click Next At User Account panel, click Next , then click Continue.

On Additional CDs, click Next. At Finish Setup, click Next.

You can now log in.

At this point, procedure described in "Appendix E, Firmware Configuration ", shall be executed.






4.5 KERNEL CONFIGURATION

In this chapter, {main_version} represents the major kernel version ((for instance 2.6) {version} represents the kernel version (for instance 2.6.9) {version}-{suffix} represents the extended kernel version (for instance 2.6.9-89.ELsmp) {opt} is an optional feature of the kernel (such as smp or hugememory)

Example : For Linux RedHat 4 update 6 with smp, the version is given by:

# uname –r 2.6.9-89.ELsmp

Under RedHat, the compilation of a 2.6 based kernel is done in several stages which are described below:

Generation of kernel source including Red Hat patches

Modification of kernel parameters

Compilation of this kernel

Installation of the new kernel

4.5.1 Sources generation

Install the sources from the CD of Red Hat sources :

# mkdir –p /root/redhat_packages# cp –p {media}/SRPMS/kernel-{version}-*rpm /root/redhat_packages# rpm –ivh /root/redhat_packages/kernel-{version}-*rpm

Remove all existing builds of previous kernels :

# cd /usr/src/redhat/BUILD# rm -fr kernel-*

Backup and modify the file containing the instructions for source generation :

# cd /usr/src/redhat/SPECS# cp -ip kernel-{main_version}.spec kernel-{main_version}.spec.org

Edit the file kernel-{main_version}.spec and modify the build variables according to :

[...]%define buildup 1%define buildsmp 0%define buildsource 0%define buildhugemem 0%define buildlargesmp 0%define builddoc 0[...]

... for a monoprocessor and monocore machine.

or

[...]%define buildup 0






%define buildsmp 1%define buildsource 0%define buildhugemem 0%define buildlargesmp 0%define builddoc 0[...]

... for a multiprocessor and/or multicore machine.

Generate the sources including the RedHat patches :

# rpmbuild --target i686 -bp kernel-{main_version}.spec

4.5.2 Kernel tuning

Move to the linux kernel source files directory :

# cd /usr/src/redhat/BUILD/kernel-{version}/linux-{version}

In the file Makefile, modify the EXTRAVERSION variable :

[...]EXTRAVERSION = -{suffix}[...]

Backup the .config file :

# cp –ip .config .config.org

Clean the kernel environment :

# make mrproper

Copy the configuration file corresponding best to the system :

# cp –ip configs/kernel-{version_kernel}-{plateforme}-{opt}.config .config

For instance, on a smp machine, enter :

# cp –p configs/kernel-2.6.9-i686-smp.config .config

Edit the .config file in order to activate SLIP module. and search for the line “# CONFIG_SLIP is not set”. Replace this line by :

CONFIG_SLIP=mCONFIG_SLIP_COMPRESSED=yCONFIG_SLIP_SMART=yCONFIG_SLIP_MODE_SLIP6=y

4.5.3 Kernel compilation

Compile the kernel and the modules :

# make

4.5.4 Kernel installation

Backup the existing module directory :

# cd /lib/modules# mv /lib/modules/{version}-{suffix} /lib/modules/{version}-{suffix}.org

Save the old kernel :

# cd /boot






# cp –ip vmlinuz-{version}-{suffix} vmlinuz-{version}-{suffix}.org# cp –ip vmlinux-{version}-{suffix} vmlinux-{version}-{suffix}.org# cp –ip System.map-{version}-{suffix} System.map-{version}-{suffix}.org# cp –ip config-{version}-{suffix} config-{version}-{suffix}.org# cp –ip initrd-{version}.img initrd-{version}.img.org

Install the new one :

# cd /usr/src/redhat/BUILD/kernel-{version}/linux-{version}# cp -ip arch/i386/boot/bzImage /boot/vmlinuz-{version}-{suffix}# cp -ip System.map /boot/System.map-{version}-{suffix}# cp -ip .config /boot/config-{version}-{suffix}# make modules_install

Finally, generate the RAM disk :

# mkinitrd -f initrd-{version}-{suffix}.img {version}-{suffix}

Check the boot configuration file (/boot/grub/grub.conf). It shall contain the appropriate kernel name.

Warning

For the first running of the new kernel, it is better to have 2 kernel to start in the case of a problem (file missing or corrupted , kernel panic, ...). For instance uncomment the monoprocessor/monocore kernel in grub.conf, then comment again thoses lines when the new kernel is validated.

4.5.5 Kernel test

Restart the system.

# shutdown –r 0

4.6 GENERAL CONFIGURATION

4.6.1 Graphical environment settings

Once connected, change the resolution of the screen to match the native resolution in case of a LCD display. For this, select : Applications->Preferences->Screen Resolution. Select the resolution from the popup list. The resolution will be changed at the next session.

Change the default screensaver to avoid CPU overhead. To do this, select from the main menu Applications -> Preferences -> Screen Saver. Select “Blank Screen” and Click OK .

It is also possible to change the default graphical aspect (colors, style, icons, fonts, background) with Applications -> Preferences -> Fonts, Applications -> Preferences -> Desktop Background and Applications -> Preferences -> Themes.

For the desktop background, select no wallpaper and a solid color. For the fonts, in case of a LCD screen select Smoothing=Grayscale, Hinting=Slight, Subpixel=RGB.

Next, disable the file change monitoring in gnome :

# mkdir -p /etc/gamin# cat > /etc/gamin/gaminrc << 'EOT'notifypoll






fsset ext3 poll 3600fsset vfat poll 3600fsset nfs poll 3600fsset cifs poll 3600EOT

4.6.2 GDM configuration

gdm is the the login manager used by default on Redhat to login in a graphical session. Modify gdm in order to have a background image showing the name of the machine :

# cd /etc/X11/gdm# cp –p gdm.conf gdm.conf.org

Edit the file gdm.conf and replace the lines :

Greeter=/usr/bin/gdmgreeter[...]#Welcome=Welcome#RemoteWelcome=Welcome to %n[...]BackgroundType=0BackgroundImage=BackgroundScaleToFit=true

by

Greeter=/usr/bin/gdmlogin[...]Welcome=Login %nRemoteWelcome=Login %n[...]BackgroundType=1BackgroundImage=/usr/share/pixmaps/bg_info_image.pngBackgroundScaleToFit=false# kill –1 $(pgrep gdm)

4.6.3 Password modification

Log in as root with the password you used during installation (rootroot). Open a terminal window and type:

# passwd

Enter root. Do not care about the warning message BAD PASSWORD: it is too short then confirm by typing root again.

4.6.4 Index initialization

Generate the index for locating files and index for man cross references Open a terminal window and type:

# updatedb# makewhatis

4.6.5 Boot Kernel

The Xeon and P4 based processor supports multi processors emulation (these technologies are called SuperThreading for Xeon and HyperThreading for P4). Note that the 2.6 kernel supports also dual-core processors. To use it you have to boot the SMP kernel even if there is only one processor. In such a case, on a 1-processor machine,the system shows 2 processor (virtuals). On a 2-processors machine, one can see 4 processors (2 x 2 virtuals processors). To control the number of processors , enter this command in order to list the available processors :






# egrep -i "processor|model name" /proc/cpuinfo

The RedHat installation software is supposed to detect automatically this kind of processor (if enabled in BIOS) and offers the choice to boot on 2 types of kernel :

The Uniprocessor kernel

The SMP Kernel

Boot on the SMP kernel.

To boot by default with the correct kernel you have to modify the grub configuration file. For this, log in as root and proceed as follows:

# cd /boot/grub # cp -p grub.conf grub.conf.org

Edit the file grub.conf. In case of a multiprocessor and/or multicore machine, comment the uniprocessor Kernel entry by modifying the file as follows :

# Note that you do not have to rerun grub after making changes to this file# NOTICE: You have a /boot partition. This means that# all kernel and initrd paths are relative to /boot/, eg.# root (hd0,0)# kernel /vmlinuz-version ro root=/dev/cciss/c0d0p2# initrd /initrd-version.img#boot=/dev/cciss/c0d0default=0timeout=5splashimage=(hd0,0)/grub/splash.xpm.gzhiddenmenutitle Red Hat Enterprise Linux ES (2.6.9-89.ELsmp) {optional-parameters} root (hd0,0) kernel /vmlinuz-2.6.9-89.ELsmp ro root=LABEL=/ quiet initrd /initrd-2.6.9-89.ELsmp.img#title Red Hat Enterprise Linux ES-up (2.6.9-89.EL)# root (hd0,0)# kernel /vmlinuz-2.6.9-89.EL ro root=LABEL=/ rhgb quiet# initrd /initrd-2.6.9-89.EL.img

Note

{optional-parameters} shall be expanded according to the Appendix B, BIOS & ILO Configuration , Section B., “BIOS compatibility parameters” ". These optional parameters can be empty.

4.6.6 Filesystem check

When the system restarts due to a halt without shutdown, the file systems shall be checked. By default, the system runs a file system check only by interactive action. In order to make the file system being checked each time this check is needed, create a file called /etc/sysconfig/autofsck containing :

AUTOFSCK_DEF_CHECK=yes

4.6.7 System log

For maintenance purpose, it is recommended to increase the number of system log files that are stored on the System. Change to the log rotation configuration directory :






# cd /etc/logrotate.d/

Edit the syslog file and add or modify the following entries:

/var/log/messages { compress daily size 2M rotate 8 postrotate /bin/kill -HUP `cat /var/run/syslogd.pid 2> /dev/null` 2> /dev/null || true endscript}

/var/log/secure /var/log/maillog /var/log/spooler /var/log/boot.log /var/log/cron { sharedscripts postrotate /bin/kill -HUP `cat /var/run/syslogd.pid 2> /dev/null` 2> /dev/null || true endscript}

Modify the syslog configuration in order to send all the authentification messages in the same file (/var/log/secure) :

# cd /etc

Edit the syslog.conf file and add or modify the following entries :

[...]*.info;auth.none;mail.none;news.none;authpriv.none;cron.none /var/log/messagesauthpriv.*;auth.* -/var/log/secure[...]

4.6.8 SSH configuration

The ssh based communications (ssh, scp, sftp) allow to establish a secure channel between 2 machines. The mechanism uses keys (private and public) to crypt (public key) and uncrypt ( private key) information. (this ssh encoding technique using a couple of public / private keys is based on RSA algorithm).

The basic configuration of ssh consists in the creation of a public and a private key. Each user who want to use ssh on the system shall have this couple of keys.

For root :

# ssh-keygen –t rsa

Select the default choice for each question. At prompt “Enter passphrase” , type <ENTER> twice (the passphrase is empty).

When a ssh is issued from server1 towards {server2} :

# ssh root@{server2}

A password is required by {server2} for the local user root. It is possible to avoid this by exporting the public key of user root on {server1} towards {server2}

On {server1} :

# scp ~/.ssh/id_rsa.pub root@{server2}:~/key.pub

On {server2} :






# cat ~/key.pub >> ~/.ssh/authorized_keys# chmod 600 ~/.ssh/authorized_keys# rm ~/key.pub

4.6.9 Network

4.6.9.1 Network interfaces

During the system installation it is not possible to choose the name of each physical network interface (in fact , the association MAC address <-> IP address). This chapter explain how to modify theses associations.

First shutdown all network interfaces :

# service network stop

Identify all the mac addresses :

# ifconfig -a | grep –i 'hwaddr'

Connect one of the ethernet port of the server to the switch of the first lan.

Enable successively each listed interface (and only this one) with the ip address of the server on the first lan.

# service network stop# ifconfig eth{x} {main_ip_address} netmask {related netmask}

{x} is 0, 1, … according to the number of interface on the server. {main_ip_address} and {related netmask} are given in Appendix F, Network configuration .

Wait a few second during the synchronization of the switch and then run a ping command using a test ip address on the first lan ( for instance, the ip address of the switch on the first lan : see Appendix F, Network configuration ) :

# ping {test_ip}

If the ping command does not respond, switch physically the ethernet cable on an other port of the server. At the end of this procedure, the MAC address of each physical interface are known.

Associate each ip address and MAC address to a specific interface :

# cd /etc/sysconfig/network-scripts

In all files ifcfg*eth*, add/modify the following lines :

HWADDR={mac_address}IPADDR={ip_address}

with the the values collected in the preceding steps.

Finally, configure the aliases names :

# cp -p /etc/modprobe /etc/modprobe.conf.org# vi /etc/modprobe.conf

If needed, change the name of the module for each given line “alias eth{x} {module_name}“

The link between the network card model, the driver/module and the MAC address is given by :

# egrep -i '^[^a-z]|desc.*ether|hwaddr|driver' < /etc/sysconfig/hwconf

4.6.9.2 Hosts and addresses






Edit the file /etc/hosts Add the ip address of the server followed by : {interface_name} with a suffix .localdomain (see Appendix F, Network configuration ) and {interface_name} :

[...]192.168.1.10 server.localdomain server[...]

4.6.10 Timezone adjustment

In order to work in a GMT timezone environment, enter the following :

# cp /usr/share/zoneinfo/GMT /etc/localtime

4.6.11 SNMP configuration

The snmp HP related software shall be installed. See "HP Applications and drivers" chapter if not so.

Activate the snmp services :

# chkconfig --level 345 snmpd on# chkconfig --level 345 snmptrapd on

Change the logging level of snmpd. Edit the file /etc/sysconfig/snmpd.options and replace the content with :

OPTIONS="-LS 1-4 d -Lf /dev/null -p /var/run/snmpd.pid -a"

Configure snmp (this configuration is a basic configuration, in order to allow a user to scan information with a snmpwalk command. This configuration shall be modified in case of a more complex snmp configuration (filtering, permissions, ...) )

The used default parameters are :

Read/Write community string: rw-thales

Read/Only community string: ro-thales

# cd /etc/snmp# cp –p snmp.conf snmp.conf.org# /sbin/hpsnmpconfig[...]Do you wish to use an existing snmpd.conf (y/n) (Blank is n): n

You will now be asked a series of SNMP configuration questions. How you answerthese question will affect the way SNMP behaves. Configuring SNMP could havesecurity implications on your system. If you are not sure how to answer aquestion, you can abort by pressing <Ctrl-c> and no changes will be made toyour SNMP configuration.

Enter the localhost SNMP Read/Write community string(one word, required, no default): Re-enter the same input to confirm: ACCEPTED: inputs match!

Enter localhost SNMP Read Only community string(one word, Blank to skip): Re-enter the same input to confirm: ACCEPTED: inputs match!

Enter Read/Write Authorized Management Station IP or DNS name






(Blank to skip): Enter Read Only Authorized Management Station IP or DNS name(Blank to skip): Enter default SNMP trap community string(One word; Blank to skip): Enter SNMP trap destination IP or DNS name(One word; Blank to skip): The system contact is set tosyscontact Root <root@localhost> (configure /etc/snmp/snmp.local.conf)Do you wish to change it (y/n) (Blank is n): The system location is set tosyslocation Unknown (edit /etc/snmp/snmpd.conf)Do you wish to change it (y/n) (Blank is n):

==============================================================================NOTE: New snmpd.conf entries were added to the top of /etc/snmp/snmpd.conf==============================================================================snmpd is started

Restart all the network services:

# init 1

then

# init 5

Test the accessibility to snmp informations

(here access to OID = enterprises.compaq.cpqDriveArray.cpqDaComponent.cpqDaPhyDrv. \

cpqDaPhyDrvTable.cpqDaPhyDrvEntry.cpqDaPhyDrvCondition ) :

# snmpwalk -c ro-thales -v 2c localhost 1.3.6.1.4.1.232.3.2.5.1.1.37SNMPv2-SMI::enterprises.232.3.2.5.1.1.37.1.6 = INTEGER: 2SNMPv2-SMI::enterprises.232.3.2.5.1.1.37.1.7 = INTEGER: 2

4.6.12 Listing of configuration

This following commands shall be entered once the whole configuration of the server has been done. This gives a summary of the complete configuration of the system.

Login as root , then enter :

# mkdir -p /root/config# cd /root/config# cfg2html

Several files called {hostname}.* are produced. The main file is {hostname}.html which contains all the details about the current configuration.

4.7 SERVICES CONFIGURATION

4.7.1 xinetd configuration

xinetd is a daemon that listens to the ports and launches the associated services when required. It manages services like rlogin, telnet, ftp, rsh, ... All the services launched by xinetd have to be activated in a configuration file.






Each service has its own file in the directory /etc/xinetd.d. To activate a service, edit the associated configuration file and enable the service by setting disable to the value no :

[…]disable = no[…]

The following services shall be updated:

rlogin

telnet

rsh

rexec

time

tftp

First , make a copy of these files :

# for i in rlogin telnet rsh rexec time tftp; do cp –p $i $i.org; done

Then edit and modify these files as explained below. After all modifications, restart xinetd service:

# service xinetd restart

4.7.2 PAM configuration

4.7.2.1 PAM usage

PAM, which stands for Pluggable Authentication Modules, is a way to allow the system administrator to set authentication policy without having to recompile programs which do authentication. PAM allows to control how the modules are plugged into the program by editing a configuration file.

There are four types of modules defined by the PAM standard : auth modules provide the actual authentication, if necessary, asking for and checking a password, and set credentials such as group membership or kerberos tickets. Account modules check to make sure that the authentication is allowed (the account has not expired, the user is allowed to log in at this time of day,etc.). Password modules are used to set passwords. Session modules are used once a user has been authenticated to make it possible to use their account, mounting the user’s home directory or making their mailbox available.

There are four types of actions defined by the PAM :

standard : required All modules are checked even if the previous modules failed

requisite : PAM fails immediately

sufficient : Stop check here

optional : Ignore this module.

4.7.2.2 PAM configuration

All PAM configuration files are located in /etc/pam.d .






First , make a copy of these files :

# for i in rlogin login rsh rexec; do cp –p $i $i.org; done

The following configuration is recommended :

login in order to use telnet as root by from another system. Replace the line :

auth required pam_securetty.so

by:

auth optional pam_securetty.so

core In order to allow to generate core dumps, add the following line at the end of the login file:

session required pam_limits.so

Then edit the /etc/profile and replace the line:

ulimit -S -c 0 > /dev/null 2>&1

by:

ulimit -c unlimited > /dev/null 2>&1

rlogin In order to use rlogin as root account, edit the rlogin file and replace the line:


by:


rsh In order to use rsh as root account, edit the rsh and replace the line:


by:


rexec In order to use rexec as root account, replace the line:


by:


In order to work correctly for remote connection, the settings related to the secured tty shall be modified :

# cp –p /etc/securetty /etc/securetty.org# awk 'BEGIN {for (i=0; i<32;i++) printf "pts/%d\n", i}' >> /etc/securetty

4.7.3 FTP

The default ftp server is vsftp (very secure ftp)

Allow the user root to access to ftp : Edit the /etc/vsftpd.ftpusers file, and comment the line for root :

# Users that are not allowed to login via ftp#rootbindaemonadmlpsync






shutdownhaltmailnewsuucpoperatorgamesnobody

Edit the /etc/vsftpd.user_list file , and comment the line for root :

# vsftpd userlist# If userlist_deny=NO, only allow users in this file# If userlist_deny=YES (default), never allow users in this file, and# do not even prompt for a password.# Note that the default vsftpd pam config also checks /etc/vsftpd.ftpusers# for users that are denied.#rootbindaemonadmlpsyncshutdownhaltmailnewsuucpoperatorgamesnobody

Check if the ftp service is active :

# chkconfig --list vsftpdvsftpd 0:off 1:off 2:off 3:off 4:off 5:off 6:off

If the ftp service is not active , set it active for run level 3, 4 and 5 :

# chkconfig --levels 345 vsftpd on# chkconfig --list vsftpdvsftpd 0:off 1:off 2:off 3:on 4:on 5:on 6:off

Then start the service :

# service vsftpd start

Check the service is started :

# service vsftpd statusvsftpd (pid 803) is running...

4.7.4 NTP (Network Time Protocol)

The Network Time Protocol (NTP) is a protocol used to help synchronize the Linux system clock with an accurate time source. NTP sites are divided into two types :

Type 1: NTP sites using an atomic clock for timing






Type 2: NTP sites with slightly less accurate time sources

it is good practice to have at least one server on the local network being the local time server for all other devices. It makes the correlation of system events on different systems much easier.

4.7.4.1 Start NTP

The /etc/ntp.conf file is the main configuration file for Linux NTP. This file contains the IP addresses of the stratum 1 and stratum 2 servers to be used.

Backup the ntp config file :

# cd /etc; cp –p ntp.conf ntp.conf.org

Modify/add the line server in order to add the IP addresses of the ntp server.

[...]server {ntp_server_ip_address}[...]

Restart the NTP process every time a change is done to the configuration file for the changes to take effect on the running process :

# service ntpd restart

To check if NTP is configured to start at boot (on at level 5), use the line :

# chkconfig --list ntpdntpd 0:off 1:off 2:on 3:on 4:on 5:on 6:off

If not, to get NTP configured to start at boot, use the line :

# chkconfig ntpd on

4.7.4.2 Initial synchronization

Use the ntpdate command to synchronize to the time server while the ntpd process is stopped. Run ntpdate regularly to reduce the jitter then start again ntpd process.

# service ntpd stopShutting down ntpd: [ OK ]# ntpdate -u 142.3.32.227 Feb 18:04:05 ntpdate[5857]: adjust time server 142.3.32.2 offset -0.009961 sec# service ntpd startStarting ntpd: [ OK ]

4.7.4.3 Synchronization checking

Use the ntpq command to see the servers with which you are synchronized. It provides you with a list of configured time servers and the delay, offset and jitter that your server is experiencing with them. For correct synchronization, the delay and offset values should be non-zero and the jitter value should be under 100.

# ntpq -p remote refid st t when poll reach delay offset jitter==============================================================================*142.3.22.23 142.3.32.2 3 u 260 1024 377 12.605 3.170 5.751 142.3.26.157 0.0.0.0 16 u - 1024 0 0.000 0.000 4000.00 LOCAL(0) LOCAL(0) 5 l 26 64 377 0.000 0.000 0.008

4.7.5 TFTP






The defaut path of the tftp server must be changed. Edit the file /etc/xinetd.d/tftp. Modify this file as follow :

[...]server_args = /[...]

Reload the configuration :

# service xinetd reload

4.7.6 Other services

Several services are useless in the case of the current configuration. Theses one are : smartd, cpuspeed, iiim, isdn, FreeWnn, pcmcia, hpoj, canna, mdmonitor, rhnsd, openibd, autofs, apmd.

Disable theses services in all runlevels by :

# for i in smartd cpuspeed iiim isdn FreeWnn pcmcia hpoj canna mdmonitor rhnsd openibd autofs apmd; do chkconfig $i off done

4.8 PARTITIONNING AND FILES SYSTEMS

4.8.1 Partitionning

The partitioning of external disk bay can be done using Redhat installer. Nevertheless, this partitioning is not mandatory to start the system. For many reasons (disk bay disponibility, failure, etc), it can be necessary to partitionate the external bay after system installation. Of course, this partitioning must be done once time in the case of an external bay shared by a cluster.

To partitionate an external bay, first enter the following command:

Stop the system :

# shutdown -h 0

Connect the external bay to the PC. Switch on the the external bay, and wait for the message : “Start Completed” on led display.

Start the system and login as root:

Next, set the msdos label for all external disks. These disks are named /dev/cciss/c0d1, /dev/cciss/c0d2 (see the table in Appendix D, Partitioning configuration ).

# parted /dev/cciss/c0d1 mklabel msdos# […]

Create the partition, according to the table in appendix for each disk :

for the first partition (the quorum in most cases ) :

# parted /dev/cciss/c0d0 mkpart primary \1 \1+{size_of_first_partition_in_mb}

for the second partition :

# parted /dev/cciss/c0d0 mkpart primary ext3 \






2+{size_of_1st_partition_in_mb} \ 2+{size_of_1st_partition_in_mb} +{size_of_2nd_partition_in_mb}

for the third partition :

# parted /dev/cciss/c0d0 mkpart primary ext3 \ 3+{size_of_1st_partition_in_mb} + {size_of_2nd_partition_in_mb} \ 3+{size_of_1st_partition_in_mb} + {size_of_2nd_partition_in_mb} +{size_of_3rd_partition_in_mb}

and so on.

In the first command, the word ext3 is omitted because this partition is supposed to be a quorum (that is to say, a partition with no file system).

At the end of the parted commands, enter :

# partprobe

to make sure that the shared partitions (on a share storage array, or a SAN) are available on all the servers.

Warning

The size of a disk given by the constructor is given in unities such as one MB is equal to 1.000.000 (10002) and not to 1.048.576 (10242)

4.8.2 Files system

Install an ext3 file system over each partition which is not a “quorum” partition :

# mke2fs –j /dev/cciss/c0d0p2# mke2fs –j /dev/cciss/c0d0p3

Then the file system can be used with mount points. The mount points can be defined in /etc/fstab

[…]/dev/cciss/c0d0p2 {mount_point_1} ext3 defaults 1 2/dev/cciss/c0d0p3 {mount_point_2} ext3 defaults 1 2[…]

Warning

Normally, this mount points shall not be defined in case of a cluster with a shared bay.

Terminate by verifying the creation of these partitions by :

# fdisk –lDisk /dev/cciss/c0d0: 146.8 GB, 146812108800 bytes255 heads, 32 sectors/track, 35140 cylindersUnits = cylinders of 8160 * 512 = 4177920 bytes

Device Boot Start End Blocks Id System/dev/cciss/c0d0p1 1 1 4064 83 Linux/dev/cciss/c0d0p2 2 34112 139172880 83 Linux

(This output is truncated to /dev/cciss/c0d1 only)

4.9 PRINTING MANAGEMENT






4.9.1 Configuration

Login as root. Enable cups service by :

# chkconfig cups on

Remove the browsing capability of cups (which allow to “discover” printers in a local network and to automatically declare them) :

# cd /etc/cups# cp –p cupsd.conf cupsd.conf.org

Edit the file cupsd.conf and transform all lines :

#Browsing On

or

Browsing On

in

Browsing Off

Restart cups :

# service cups start

4.9.2 Add a printer

In this chapter, all the printers are supposed to be accessed by network with jetdirect protocol, and are also supposed to be postscript printers.

First it is necessary to create a printer postscript description file (called PPD file) with A4 default dimensions enabled. A PPD file is specific to each printer and most of them can be found at http://www.openprinting.org/printer_list.cgi. If a PPD file is not available, it is possible to use a generic postscript file. In this case, it will be necessary to check that the printing layout is correct. Also, some specific printer options (two sides, high resolution, additional input tray ,...) can be unavailable.

Here, we suppose that a specific PPD file (named {PPD} ) is available in the /usr/share/cups/model directory. In the default case (generic postscript), {PPD} is equal to postscript.ppd. First, create a new PPD file :

# gunzip < /usr/share/cups/model/{PPD}.gz > /etc/cups/ppd/{PPD}-a4.ppd || cp /usr/share/cups/model/{PPD} /etc/cups/ppd/{PPD}-a4.ppd

Then set the default dimensions to A4. Edit /etc/cups/ppd/{PPD}-a4.ppd an modify this file as follows :

*DefaultPageSize: A4[...]*DefaultPageRegion: A4[...]*DefaultImageableArea: A4[...]*DefaultPaperDimension: A4

Then create a printer using this ppd :

# lpadmin -p {printer_name} -L "{local}" -D "{description}" -E -v socket://{ip_address_printer} -P /etc/cups/ppd/{PPD}-a4.ppd




http://www.openprinting.org/printer_list.cgi



where {printer_name} is the name of the printer, {local} the location of the printer (can be empty), {description} the description of the printer (can be empty). For {ip_address_printer} refer to network appendix.

The printer is then created and can be used with the command lpr –P {printer_name}

Warning

The 9100 port on the printer shall be available from the server (not filtered by a firewall for instance). In order to check the state of this port, it is possible to run the command :

# nmap -p 9100 {printer_name}

4.9.3 Modify a printer

To modify a printer, first remove this printer (see below) and create the printer again with new characteristics (see above).

4.9.4 Remove a printer

Login as root. Enter :

# lpadmin –x {printer}

4.10 APPLICATIONS & DRIVERS

4.10.1 HP applications & drivers

Copy all the HP package form the Thales COTS media in the directory : /root/extra_packages

For information : All the applications and drivers HP are available within the "HP proliant support pack for Redhat Enterprise" package (also named psp). To download this package, go to :

http://h20000.www2.hp.com/bizsupport/TechSupport/DriverDownload.jsp?prodNameId=3716247&lang=en&cc=us&prodTypeId=18964&prodSeriesId=3716246&taskId=135

and download the latest version of the "HP proliant support pack for Redhat Enterprise" in the right OS version.

Extract the content of all psp packages :

# tar -C /root/extra_packages -xzf psp*.tar.gz# cd /root/extra_packages/*/*/linux# for i in *.tar.gz; do tar xzf $i; done

The HP packages uses the /opt directory to store its binary. Create a link to store /opt in /usr :

# mkdir /usr/opt# ln -s /usr/opt /opt

All the packages are supposed to be copied from a media in /root/extra_packages

4.10.1.1 Storage controller drivers

Warning








This installation shall be done AFTER the recompilation of the kernel. Otherwise, the driver will not be available. If a recompilation of kernel occurs after the installation of theses drivers, they shall be installed again.

This step is needed only in some special cases :

Compatibility problem (Redhat and controllers)

hardware problem involving controllers.

Install the cpq_cciss package :

# cd /root/extra_packages/*/*/linux# rpm –ivh cpq_cciss-*.rpm

Restart the server (during restart, let grub start with the default kernel configuration) :

# shutdown –r 0

During the installation of these packages, the installers modify the grub configuration in order to create new entries for the new initrd files. Modifiy the grub.conf file to have only one title entry in this file. The concerned entry shall match the following name : HP-initrd-{version}.img-0 (see the meaning of {version} in kernel configuration chapter). Modify the line containing initrd by removing the HP suffix “-0”.

In order to do this modification, edit the /boot/grub/grub.conf as following :

# grub.conf generated by anaconda## Note that you do not have to rerun grub after making changes to this file# NOTICE: You have a /boot partition. This means that# all kernel and initrd paths are relative to /boot/, eg.# root (hd0,0)# kernel /vmlinuz-version ro root=/dev/cciss/c0d0p2# initrd /initrd-version.img#boot=/dev/cciss/c0d0default=0fallback=0timeout=5splashimage=(hd0,0)/grub/splash.xpm.gzhiddenmenutitle HP-2.6.9-89.ELsmp root (hd0,0) kernel /vmlinuz-2.6.9-89.ELsmp ro root=/dev/vgsyst/lvroot quiet initrd /HP-initrd-2.6.9-89.ELsmp.img

Rename the initrd files to keep only the last version :

# cd /boot# for i in HP-initrd*; do mv $i-0 $i; done

Restart the server :

# shutdown –r 0

4.10.1.2 HP array configuration utility

This utility works in command line mode only.

Install the hpacucli package :






# cd /root/extra_packages/*/*/linux# rpm –ivh hpacucli-*.rpm

It is possible to manage the array of disks without booting.

For instance, the following command displays the status of the first array on the server :

# echo "controller slot=1 array A physicaldrive all show" | hpacucli

4.10.1.3 HP SNMP applications

Log in as root account on the server and install the binary packages :

# cd /root/extra_packages/*/*/linux# rpm –ivh hp-health-{package_version}.*.rpm# rpm –ivh hp-snmp-agents-{package_version}.*.rpm

Install the mibs for hp mibs :

First download the latest mibs package at : http://h18013.www1.hp.com/products/servers/management/hpsim/mibkit.html. Copy the package in /root/extra_packages.

Install the mibs :

# cd /root/extra_packages/*/*/linux# tar -C /usr/share/snmp/mibs -xzf upd*mib.tar.gz

4.10.2 Hardware listing tool lshw

lshw is a command line tool which produce a detailed list of hardware configuration.

Copy the 2 packages (lshw, lshw-gui) from the Thales COTS media in the directory : /root/extra_packages. For information, this tool can be found at http://dag.wieers.com/rpm/packages/lshw


# cd /root/extra_packages/*/*/linux# rpm –ivh lshw-*i386.rpm

4.10.3 Configuration listing tool cfg2html

cfg2html is a command line tool which produces a detailed list of the configuration (hardware/system/applications).

Copy the packages from the Thales COTS media in the directory : /root/extra_packages. For information, this tool can be found at http://www.cfg2html.com .


# cd /root/extra_packages# rpm –ivh cfg2html-*rpm

4.10.4 Network bandwith analyser

iperf is a tool which analyses the ip (tcp and udp) bandwith between 2 machines.

Copy the packages from the Thales COTS media in the directory : /root/extra_packages.For information, this tool can be found at http://sourceforge.net/projects/iperf




http://sourceforge.net/projects/iperf

http://www.cfg2html.com/

http://dag.wieers.com/rpm/packages/lshw

http://h18013.www1.hp.com/products/servers/management/hpsim/mibkit.html



Log in as root account on the server and install from the source packages :

# cd /root/extra_packages# tar -C /tmp -xzf iperf*.tar.gz# cd /tmp/iperf*# ./configure# make && make install

Create a service based on iperf command :

First, create the file /etc/init.d/iperf-srv (given in the appendix "Scripts and configuration files"). Then enter :

# chmod 755 /etc/init.d/iperf-srv# chkconfig iperf-srv on






5. WORKSTATION INSTALLATION & CONFIGURATION PROCEDURE

5.1 INTRODUCTION

The aim of this section is to describe the installation procedure for the operating system of a workstation.

This document has been validated for Windows XP Pro 32bits + Service Pack 3.

This document cover the installation of Windows XP from Microsoft Media.

5.2 INSTALLATION PROCEDURE

5.3 PREREQUISITE

A floppy disk is available with the driver for the storage controller for the machine to be installed. An archive containing theses drivers is available on the Thales Media.

The Product Key for Microsoft Windows XP is available (25 characters long).

An external (USB) floppy drive is available.

5.4 BOOT & DRIVER SELECTION

Switch on the computer and insert the Windows XP 32bits with service pack 3 disk 1. Type <Enter> once.

Whee the message Type F6... is displayed at the bottom of the screen, type <F6> (in order to provide a storage driver).

Plug the floppy drive and type S . The system now show a list of all the available drivers. Select the driver corresponding to the storage controller of the machine (see hardware configuration appendix) and type <ENTER>.

Type <ENTER> to continue.






5.5 Disk partitioning

The system shows the disk layout.

If the disk is not already empty, then for each existing partition :

type D in order to delete the partition

type L to confirm

Type C to create a new partition.

Enter the size of the partition in Mb. (this size is given in the partition appendix).

Type <ENTER> to start the installation.

Select "Format the partition using the NTFS file system (quick)"






The installation begin and the files are copied from the media on the disk. This task take several minutes. At the end of this process, the system restart and start from the hard disk after a few seconds. Do not remove the installation media.

5.6 System setup

After the boot, Windows initiate the configuration of the system. This step take several minutes.

On "regional and language options" screen, select Customize . On Regional tab, select the correct format and location. Select OK.

Select Details. If the default input language (English US) is not correct, select Add. Select the correct input language and the correct keyboard layout. Select OK. Choose the default input language and then select OK.

Select Next to continue.






In the windows "Personalize your software" , enter admin in Name field and a name of an organization in Organization field (if applicable).







The product key screen is displayed.

Enter the 5 x 5 characters of the key in the 5 fields.

On the screen Computer name and administrator password, enter the name of the machine. Enter admin twice as administrator password.







On the screen Date and time settings, set the correct date and choose the time zone.


On the screen Networking settings, Select Custom settings and Next. On the next screen, select Internet Protocol in the list and then Properties.

Enter the ip address, the subnet mask and (if needed) the default gateway (theses informations are given in network appendix).Select OK and Next to continue.

On the screen Workgroup or Computer domain, Keep the default selection and select Next.

Note

This step is drop out by the system if the network card is not recognized at this time (due to a network driver which is not available).






The system finish the installation. This step can take several minutes.

When the automatic configuration is finished, the system display a Window "Display settings". Select OK twice.

A welcome screen is displayed. Select Next.

On the screen help protect your PC select Not Right Now. Then select Next.

If the system display a screen "how will this computer connect to the internet", select Skip.

On the screen "Ready to register with Microsoft" select "Not at this time" then Next.

On the screen "Who will use this computer" enter admin in the field "Your name" . Then select Next.

Select Finish. The system is now ready for a first login.

5.7 GENERAL CONFIGURATION

This chapter explains how to configure the Windows workstation in a way which saves cpu usage and memory in order to have a more efficient system. For this purpose, the assumptions are :

the workstation is working in a secured environment (not directly connected to internet or on a network implying a security risk).






the workstation is used by users who run only dedicated applications, under an account with no administrative rights.

nobody except an administrator installs applications or tools or modifies the existing configuration.

new installation or configuration modification shall refer to this document in order to see if the proposed configuration is compatible with new ones.

All the configuration steps of this chapter are made using the admin account.

5.7.1 Host name and identity

Start -> My computer-> properties -> computer name -> change. Type a new name. Validate by OK.

In the case where the current machine is a result of a cloning operation (refer to System Backup & Restore appendix), generate a new Computer Security Identifier (SID) :

Run cmd and enter newsid. Select Next / Random SID / Next. Select Automatically Reboot and finish with Next.

5.7.2 Desktop / UI tuning

Change the default appearance

Right click on desktop -> Settings.

Select the screen resolution to be the same as the native resolution of the used monitor.

Right click on desktop -> Appearance.

Windows and buttons : select Windows classic style.

Right click on desktop -> Appearance -> Effects .

Unselect Use the following transitions... . Select Cleartype in "Use the following method..."

Explorer settings

Run -> (enter) explorer. Then select View -> Details

Select Tools -> Folders options.

General tab

o select Use windows classic folders.

View tab :

o select display the full path in the title bar.

o unselect Hide extensions for known file types.

Select Apply to all folders. Confirm with Yes. Select OK (twice).

Shortcut creation






Create a shortcut for explorer : Right click on desktop -> new -> shortcut. Location of the item = explorer.exe, name of shortcut= explorer.

Task bar customization

Right click on start menu -> properties.

o general tab

Number of programs on start menu : set to 0. Unselect E-mail.

o advanced tab

unselect Highlight newly installed programs, unselect help and support, select my computer -> Don't display, select my music -> Don't display, select my pictures -> Don't display, unselect printers and faxes, unselect search, unselect Set program access, unselect List my most recently....Confirm with OK.

Connection mode

Start -> Control Panel ->user accounts.

Unselect Use the welcome screen. Then select Apply options and quit the control panel.

Autorun

Disable the autorun for all the devices : Run regedit. Then modify or create the following keys and values (key : value; all numerical values are given in decimal form)

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoDriveTypeAutoRun : 255 (REG_DWORD)

5.7.3 User creation

Start -> Control Panel ->user accounts.

Select Change an account. Select admin and then create a password. Enter admin as password (twice). Answer no for the question make your files and folders private.

Select Back and then create a new account. Enter wsuser as the new account name. Select Next. Keep computer administrator as type of account, the select create account. Repeat the preceding step in order to create a password for wsuser (equal to wsuser).

5.7.4 Logon screen

Control panel -> user accounts -> change the the way the users log on or off. Unselect "Use the welcome screen".

Run -> (enter) regedit. Then modify or create the followings keys and values (key : value; all numerical values are given in decimal form)

(the type of the value (REG_SZ, REG_DWORD) is given for information and must not be entered).

HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\ThemeManager\ThemeActive : 0 (REG_SZ)HKEY_USERS\.DEFAULT\Control Panel\Desktop\FontSmoothing : 2 (REG_DWORD)






HKEY_USERS\.DEFAULT\Control Panel\Desktop\FontSmoothingType : 2 (REG_DWORD)

5.7.5 Drivers installations

All the drivers are available on the Thales media.

First create a directory in which all the drivers an applications will be stored. start -> run -> cmd and type :

mkdir c:\app

Copy the drivers from the Thales media in this directory c:\app.

Each drivers is provided as a .exe or a .msi files. Theses drivers are :

network drivers (several can be provided if the machine use one or several additional network cards)

graphical driver

sound driver

In order to install theses drivers :

case of .exe file : double click on the .exe file. An information windows is displayed. Select all default options to perform the installation. Reboot if needed.

case of a .msi file : right click -> install. Select all default options to perform the installation. Reboot if needed.

5.7.6 Network

5.7.6.1 Network interfaces

Start -> Control Panel -> Network connections

Rename the available network interfaces : select Local network connection. rename this interface (type <F2>) with the name eth0.

Similarly, rename the other interfaces Local network connection 2, Local network connection 3, and so on with eth1, eth2, and so on.

5.7.6.2 IP addresses

start -> run -> cmd and type for each interface available :

> netsh interface ip set address {interface} static {ip_address} {netmask} {gateway} 1

{interface}, {ip_address}, {netmask}, {gateway} can be found in network appendix.

For each interface which is not listed in the network appendix, enter :

> netsh interface set interface {interface} disabled

5.7.6.3 Keep alive

The goal is to setup the keepalive parameters in order to detect the network disconnection as soon as possible.

The meaning of theses parameters is :






KeepAliveTime : determines the interval of time (in milliseconds) without any activity before sending KeepAlive frames.

KeepAliveInterval : determines the interval of time (in milliseconds) before repetition of KeepAlive frames.

TcpMaxDataRetransmissions : determines the maximum number of KeepAlive frames sent without response before disconnection.

Run regedit. Then modify or create the following keys and values (key : dword value; all numerical values are given in decimal form).

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\KeepAliveTime : 15000HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\KeepAliveInterval : 5000HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\TcpMaxDataRetransmissions : 5

5.7.7 System restoration

My computer-> properties -> system restore.

Select Turn Off system restore. validate by OK.

5.7.8 Swap

Set the swap file size.

My computer-> properties -> advanced -> Settings (performance) . In the performance options window, select advanced -> Change (Virtual memory).

In virtual memory window, select Custom size. Enter the same value for swap in initial size and maximum size.

The rule for the size of the swap is :

if physical memory is less than 2Gb, swap=physical memory size.

otherwise (> 2Gb), swap=2Gb.

Select Set / OK / OK to valid. Select YES to reboot.

5.7.9 Services

Run services.msc. Select the following items (name displayed in the left column) in services.msc

Terminal Services

-> properties. Set startup type to Automatic. Validate by OK.

Telnet

-> properties. Set startup type to Automatic. Validate by OK.

Server

-> properties. Set startup type to disable. Validate by OK.






Wireless zero configuration


System restore service


SSDP Discovery services


Indexing Service


Help and Support


Automatic updates


Remote registry


Themes


Reboot the machine : start -> shutdown. Select restart.

5.7.10 NTP

In order to configure Windows to act like a ntp client :

Run regedit. Then modify or create the following keys and values (key : value; all numerical values are given in decimal form)

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\Parameters\Type : NTP (REG_SZ)HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\Config\AnnounceFlags : 5 (REG_DWORD)HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\TimeProviders\NtpClient\SpecialPollInterval : 900 (REG_DWORD)HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\TimeProviders\NtpServer\Enabled : 0 (REG_DWORD)HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\TimeProviders\NtpClient\Enabled : 1 (REG_DWORD)HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\Parameters\NtpServer : {ip_address_ntp_server},0x1 (REG_SZ)HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\Config\MaxPosPhaseCorrection : 54000 (REG_DWORD)






HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\Config\MaxNegPhaseCorrection : 54000 (REG_DWORD)

{ip_address_ntp_server} can be found in network appendix.

Next, restart the service and force a synchronization. Run cmd and enter :

# net stop w32time && net start w32time && w32tm /resync /rediscover

5.7.11 Security

Start -> Control Panel -> Security center -> change the way security alerts me.

Unselect Firewall, Automatics updates, virus protection. Select OK and quit the control panel.

Configure the firewall and updates services :

firewall

Control panel -> Windows firewall. Select Off (check before the station belongs to a secured network. See the warning and hypothesis at the beginning of this chapter). Validate by OK.

Automatic updates

My computer-> properties -> automatic updates. Select Turn Off. ( See the warning and hypothesis at the beginning of this chapter). Validate by OK.

5.7.12 Power settings

Control panel -> power Option -> Hibernate

Unselect enable hibernation

Control panel -> power Option -> power schemes

Select Home Office desk as power schemes. For Turn off hard disks, select Never, for system standby, select never. For the monitor, select an adequate delay. Validate by OK.

5.7.13 Remote access

My computer-> properties -> remote.

Unselect Allow remote assistance (Remote assistance), and Allow users to connect remotely (remote desktop). Validate by OK.

5.7.14 System cleaning

Remove application :

Start -> Control Panel -> Add or Remove Windows components

accessories and utilities : unselect games

unselect MSN explorer, outlook express, Windows messenger.






5.8 APPLICATIONS & LIBRARY INSTALLATIONS

5.8.1 Initialization

All installer files used in this chapter shall be copied in the directory c:\app.

All the configuration steps of this chapter are made using the admin account.

5.8.2 Installation of libraries

.net V2.0 framework redistribuable

.net is a framework for application development

url : http://www.microsoft.com/downloads/en/details.aspx?FamilyID=0856eacb-4362-4b0d-8edd-aab15c5e04f5&displaylang=en

Run dotnetfx-2.0.exe. Select Next , Accept , Install , Finish

.net V3.0 framework redistribuable

.net is a framework for application development

url : http://www.microsoft.com/downloads/en/details.aspx?FamilyID=10cc340b-f857-4a14-83f5-25634c3bf043

Run dotnetfx-3.0.exe. Select I have read... , Install , Exit

Microsoft Visual C++ 2008 redistribuable

Microsoft Visual C++ redistribuable is a set of library for applications developped with Microsoft Visual C++.

url : http://www.microsoft.com/downloads/en/details.aspx?FamilyID=9b2da534-3e03-4391-8a4d-074b9f2bc1bf&displaylang=en

Run vcredist_x86*.exe. Select Next , I have Read... , Install , Finish

5.8.3 Installation of third party applications

7-zip

7-zip is an archive manager.

url : http://www.7-zip.org

Run 7z*.exe

Select Accept, Next / , Next, Next, Next, and Install. Select your Language.




http://www.7-zip.org/

http://www.microsoft.com/downloads/en/details.aspx?FamilyID=9b2da534-3e03-4391-8a4d-074b9f2bc1bf&displaylang=en

http://www.microsoft.com/downloads/en/details.aspx?FamilyID=9b2da534-3e03-4391-8a4d-074b9f2bc1bf&displaylang=en

http://www.microsoft.com/downloads/en/details.aspx?FamilyID=10cc340b-f857-4a14-83f5-25634c3bf043?

http://www.microsoft.com/downloads/en/details.aspx?FamilyID=0856eacb-4362-4b0d-8edd-aab15c5e04f5&displaylang=en

http://www.microsoft.com/downloads/en/details.aspx?FamilyID=0856eacb-4362-4b0d-8edd-aab15c5e04f5&displaylang=en



Select the following file associations : .7z, .bz2, .cab, .cpio, .gz, .iso, .rar, .rpm, .tar, .tgz, .z, .zip

Sysinternal suite

The Sysinternal suite provides several tools for the Windows system management.

url : http://technet.microsoft.com/en-us/sysinternals/default.aspx

Download the Sysinternals Suite which includes all the sysinternal tools. Extract the content of SysinternalSuite.zip in C:\Windows\system32

For each message concerning the overwrite of an existing file, select No.

windirstat

windirstat is a disk usage statistic viewer.

url : http://windirstat.info

Run the installer windirstat*.exe.

Select Accept, Next, Next, Install and Close. Go to C:\Program Files\windirstat.

Create a shortcut for windirstat.exe.

Move this shortcut in C:\Documents and Settings\All Users\Start Menu\Programs\Accessories.

ClearTweak

ClearTweak is a tool for tuning Clear Type.

url : http://www.ioisland.com/cleartweak

Run the installer ClearTweak*.exe. Select Next, Next, Next, Next.

Go to C:\Program Files\ioIsland\ClearTweak.

Create a shortcut for ClearTweak.exe.

Move this shortcut in C:\Documents and Settings\All Users\Start Menu\Programs\Accessories.

iperf

iperf is a tool for network bandwidth monitoring

url : http://sourceforge.net/projects/iperf

Run the iperf*.exe file. In "Unzip to folder" , type c:\Program Files\iperf.

Select Unzip.

scite

scite is a text editor.





http://www.ioisland.com/cleartweak

http://windirstat.info/

http://technet.microsoft.com/en-us/sysinternals/default.aspx



url : http://www.scintilla.org/SciTE.html

Extract the content of wscite.zip in C:\Program Files.

Go to C:\Program Files\wscite.

Create a shortcut for scite.exe (right click ->create shortcut).

Move the shortcut in C:\Documents and Settings\All Users\Start Menu.

firefox

firefox is a web browser.

url : http://www.mozilla.com/en-US

Run the installer Firefox*.exe. Select Next / accept / custom. Unselect DOM and Quality feedback. Select Next / Finish.

adobe reader

adobe reader is a pdf file reader.

url : http://www.adobe.com

Run the installer Adbe*.exe.

Select Next / accept / install.

Restart : select No.

cygwin

Cygwin is a UNIX environment like running under Windows.

url : http://www.cygwin.com

In a cmd Windows , enter

# mkdir c:\cygwin\home\admin

Download all the cygwin packages (all common tools including a X11 environment (except development packages) . The list of all packages to download is given in the file appendix.




http://www.cygwin.com/

http://www.adobe.com/

http://www.mozilla.com/en-US/

http://www.scintilla.org/SciTE.html



unzip cygwin.zip in c:\cygwin then run setup.exe. Select install from directory

Select c:\cygwin root as root directory.

Select all the package for installation :

Click on install to switch from all : default to all : install. Select Next.

Run c:\cygwin\cygwin.bat

In the shell window, enter :






# echo -e '\n\n\n' | ssh-keygen -t rsa

pdfcreator

pdfcreator is a tool which creates under Windows a new printer (a pdf printer). This printer generates pdf files from any documents.

url : http://sourceforge.net/projects/pdfcreator

Run the installer PDFCreator*setup*.exe.

Select the default language. Then select accept / Standard Installation. Name of the printer : pdfprinter. Next / Unselect toolbar install / Next / Unselect PDFCreator Browse, COM samples / Next / Next / Unselect create a desktop icon and create an entry in Windows explorer / Install / Finish

Run PdfCreator and select Printer->Options. Select Format->PDF->Compression

For Color images and Greyscales images, select ZIP in the compress field. Select Save.

After all these installations, restart the system :

Start -> Restart

5.9 CLEANING

In order to finalize the installation / configuration :

Delete the unused files

Run in a cmd window :

# cleanmgr /d c:

Select Downloaded Program Files, Temporary Internet Files, Recycle Bin, Temporary Files, WebClient. Unselect the other choices. Run the cleaning with OK.

Defragment the disk

Run in a cmd window :

# defrag c:

The windows machine is now ready to use.




http://sourceforge.net/projects/pdfcreator



6. NETWORK DEVICES INSTALLATION & CONFIGURATION PROCEDURE

6.1 INTRODUCTION

The aim of this document is to provide a procedure to configure the network devices.

6.2 SWITCH CISCO 2960G CONFIGURATION

This chapter explains how to configure a Cisco WS-C2960G-24TC-L switch. This switch provides 20 ports (Gibagit) and 4 uplinks (Gibagit).

6.2.1 Hardware installation

url : http://www.cisco.com/en/US/products/ps6406/index.html

Figure 1. Switch Cisco WS-C2960G-24TC-L

Connect the switch 2960G to an AC power source.

Wait until the boot of the switch is finished (can take several minutes). The press the mode button during 3 seconds. The leds are changing. Press always the button mode during 10 seconds. The switch restart with its factory settings.

After the new boot (2 leds are green, not blinking), press during 3 second the mode button. All the led switch to green (except for the second one).

The switch is ready to be configured.

6.2.2 initial configuration

In an administrator Windows session, run a cmd Windows. Then enter :

> ipconfig> netsh interface ip set address "local Area Connection" static 10.0.0.5 255.255.255.0

Plug a straight cable between the Windows PC and the #1 port of the switch. Wait until the ping respond.

Run internet explorer and type this url : http://10.0.0.1.




http://169.254.0.20/

http://www.cisco.com/en/US/products/ps6406/index.html



Fill the following informations :

management Interface : 1

IP address/netmask/gateway : see the appendix "Network configuration"

switch password : admin

hostname : see the appendix "Network configuration"

telnet access : enable

telnet password : admin

SNMP : enable

SNMP read community : ro-thales

SNMP write community : rw-thales

Select Submit to validate.

Wait until the browser display an error (due to the new ip address on a different subnet).

Change the ip address of the Windows PC to its normal address (see the appendix "Network configuration", or the result of ipconfig command, before netsh) :

> netsh interface ip set address name="local" static {ip_adress} {netmask} {gateway} 1

The switch is now available for a configuration with Cisco assistant.

6.2.3 further configuration

The Cisco assistant must be installed on the Windows PC. For this , download this tool at : http://www.cisco.com/web/go/configassist . Run the installer and select all the default options. A shortcut is available in the start menu.

Now , run a web browser.




http://www.cisco.com/web/go/configassist



Enter the following url : http://{ip_address_of_switch}.

Fill Username / password

In the main view, select Configure -> Port Settings.

For all ports, select Enable, Speed = Auto, Duplex = Auto.

Select Submit to validate.

The switch is now ready to use. It is possible to connect this switch to other switches using the 4 uplink ports.

6.3 FIP UNIT

6.3.1 Presentation

FIP (Front-end processor over IP) units offer asynchronous interfaces through TCP/IP connections over the duplicated LAN.

A FIP unit is an asynchronous RS232 sub-system based on the N2240 product from the NETLINE (also referred as NAMIP for Network Access Module for IP).

The following drawing describes this architecture:






Each asynchronous port can be accessed through a TCP/IP connection:

IP address of the FIP unit

TCP port associated to asynchronous port (2000 for port 0, 2001 for port 1…)

Communication over TCP/IP connection is done according to a specific THALES protocol, allowing:

dynamic configuration of asynchronous port

surveillance of port status

formatted data reception/transmission

error detection

The FIP Unit provides:

2 network ports (RJ45 connectors 1 10BT port and 1 100BT port),

1 console port (RJ45 connector),

4 serial ports (15 pins connectors),

1 power supply.

The FIP Unit includes:

one Motorola MPC860 processor.

an Operating System based on Xinu (Unix family).

a software provided by THALES.

The FIP Unit includes:

one Motorola MPC860 processor.

an Operating System based on Xinu (Unix family).

a software provided by THALES.

6.3.2 Front view description

The following picture describes the front view of the FIP Unit:

Front view of the FIP Unit provides:

LED used to monitor the activity on networks:






o LAN:Yellow when the Ethernet connection to the first LAN is in service (interface il0)

o LAN1:Yellow when the Ethernet connection to the second LAN is in service (interface il1)

LED used to monitor the activity on asynchronous lines (4 LED for each line):

o TXD:Green flashing when data transmission on asynchronous port n

o RXD:Green flashing when data reception on asynchronous port n

o STL:Yellow when a TCP connection is established between server and FIP unit for port n

o DCD:Green when DCD signal is UP on asynchronous port

Power on LED

Reset button

RJ45 Console port

RJ45 console connector description:

EIA CCITT V24 Pin Direction (FIP <=> Host)SG TS 102 04 <=>RD RD 104A 05 <=TD ED 103A 06 =>DCD DP 109 07 <=DTR CPD 108 08 =>

6.3.3 Rear view description

The following picture describes the rear view of the FIP Unit:

Rear view of the FIP Unit provides:

Main power connector

Power off/on button

4 serial ports (DB15 connectors)

2 Ethernet ports (RJ45 connectors) : LAN0 is 10 BaseT, LAN1 is 100 BaseT

RJ45 Network connector description:

Signal Pin Direction (FIP <=> Host)TD + 01 =>TD - 02 =>RD + 03 <=RD - 06 <=

15 pin asynchronous connector description:

EIA CCITT V24 Pin Direction (FIP<=> Host)






FG Ground 101 01 <=>TD ED 103A 02 =>RTS DPE 105 03 =>RD RD 104A 04 <=DCD DP 109 05 <=RC BTR 115A 06 <=SG TS 102 08 <=>CTS PAE 106 10 <=TC BTE 114A 15 <=

V24/V28 DB15-DB25 straight DTE cable description:

EIA CCITT V24 DB15 Pin Direction DB25 PinFG Ground 101 01 <=> 01TD ED 103A 02 => 02RTS DPE 105 03 => 04RD RD 104A 04 <= 03DCD DP 109 05 <= 08RC BTR 115A 06 <= 17SG TS 102 08 <=> 07CTS PAE 106 10 <= 05TC BTE 114A 15 <= 15


Insert the FIP unit into the cabinet.

Refer to the "Hardware cabling document" to connect all cables.

Switch on the FIP unit.

Wait until LEDS stop flashing.

6.3.5 Configuration

The AERMAC application shall be already installed according to AMSS ICM, before proceeding with the FIP configuration.

6.3.5.1 Initial Configuration

Warning

This procedure should be performed only if it is the first use of the FIP unit.

Connect the FIP unit to the COM port of your Laptop using a standard ethernet cable and the RJ11/DB9 converter provided. On your Laptop, run the Hyperterminal with the following configuration: COM1 / 19200 bds / 8 bits / No parity / 1 stop bit / No flow control

Power on the FIP unit. Enter <Ctrl G> to activate the console.

# edit admin

Update the field MYADDR with the IP address of the FIP Unit on the main LAN.






Example : MYADDR=10.36.183.181

Enter <Ctrl X> to exit and save.

# edit rcmds

Add the following line at the end of the file (if not already added).

*:*:*


# edit inittab

Add the following line at the end of the file (if not already added).

rshd&


# reset

Exit the HyperTerminal.

Note

If you need help to use the editor, type ? to access the help screen. To exit the help screen, type any character

To verify that the modifications have been successful :

# rsh {FIP_IP_address} ls

The list of files of the NAMIP unit should be displayed on screen.

The FIP can also be accessed via a telnet connection :

# telnet {FIP_IP_address}

6.3.5.2 Server Host File Update

Each time a new FIP unit is configured, it should be declared in the hosts file of each server.

Log in as root account on the server.

Edit the hosts file:

# vi /etc/hosts

Add the following lines if not already defined:

{FIP_IP_address_lan1} {FIP_name_lan1}{FIP_IP_address_lan2} {FIP_name_lan2}

For instance :

10.36.183.161 bahfip1_110.36.183.220 bahfip1_2

6.3.5.3 FIP RTU package installation

Extract fip.tgz package :






$ cd {path}# (copy fiprtu-{version}.tgz file here)$ tar xzf fiprtu-{version}.tgz

6.3.5.4 FIP firmware update

Firmware update using FTP.

Upload FIP executable:

$ $ cd {path}/fiprtu-{version}$ ftp –uftp> open {FIP_IP_address}ftp> user fip {password}ftp> binaryftp> put updateftp> quit

Note: FIP unit will automatically reset

6.3.5.5 FIP default settings load

Thales default settings load using FTP.

Upload FIP configuration:

$ cd {path}/fiprtu-{version}$ ftp –uftp> open {FIP_IP_address}ftp> user fip {password}ftp> binaryftp> put backupftp> quit

reset FIP unit :

rsh {FIP_IP_address} reset

6.3.5.6 FIP default settings description

FIP RTU default settings

Default console configuration:

Default password is admin

rsh is activate for everybody

Default network configuration:

Default IP address on LAN0 is 192.168.10.121/24

Default IP address on LAN1 is 192.168.11.121/24

Default asynchronous ports configuration:






Number of asynchronous ports is 4

Port base number is 2000

6.3.5.7 FIP IP addresses

If only one interface is used (LAN0), from hyperterminal:

192.168.10.121] edit admin

Comment the line IFCONFIG_1_HOST as following:

#IFCONFIG_1_HOST

<Ctrl X> to exit & save

Fill FIP IP address(es), from hyperterminal :

192.168.10.121] edit admin

fill FIP IP address on “fip-1” line for FIP on LAN0 interface

fill FIP IP address on “fip-2“ line for FIP on LAN1 interface if LAN1 is used


192.168.10.121] reset

6.3.5.8 FIP IP interface customization

If FIP default IP netmask and/or broadcast on interface(s) are not correct.

Modify netmask and/or broadcast settings, from hyperterminal:

192.168.10.121] edit admin

Change the lines IFCONFIG_0_NMSK for netmask on LAN0 interface

Change the lines IFCONFIG_0_BCST for broadcast on LAN0 interface

Change the lines IFCONFIG_1_NMSK for netmask on LAN1 interface if LAN1 is used

Change the lines IFCONFIG_1_BCST for broadcast on LAN1 interface if LAN1 is used


192.168.10.121] reset

6.3.5.9 FIP default IP gateway

If a default IP gateway is needed.

Activate the gateway, from hyperterminal:

192.168.10.121] edit admin

Uncomment the line GATEWAY as following:GATEWAY=gateway







Fill gateway IP address, from hyperterminal:

192.168.10.121] edit hosts

fill gateway IP address on “gateway” line


Reset FIP unit, from hyperterminal:

192.168.10.121] reset

6.3.5.10 FIP asynchronous port customization

For 2 asynchronous ports FIP unit.

Change the number of ports:

192.168.10.121] edit admin

Change the line ASYNCD_NPORTS as following:ASYNCD_NPORTS=2



192.168.10.121] reset

6.3.5.11 FIP password

To change FIP password

Change default password, from hyperterminal:

192.168.10.121] edit admin

Change the line PASSWD as following:PASSWD=mypass



192.168.10.121] reset

6.3.5.12 FIP AMSS configuration

AMSS IP addresses

Fill AMSS IP address(es), from hyperterminal:

192.168.10.121] edit hosts

fill IP address on LAN1 of AMSS member A on “amssa-1” line






fill IP address on LAN1 of AMSS member B on “amssb-1” line

fill IP address on LAN1 of AMSS service on “amss-1” line

fill IP address on LAN2 of AMSS member A on “amssa-2” line

fill IP address on LAN2 of AMSS member B on “amssb-2” line

fill IP address on LAN2 of AMSS service on “amss-2” line


6.3.5.13 FIP rsh use

To restrict rsh use.

Restrict rsh use, from hyperterminal:

192.168.10.121] edit rcmds

Comment the line *:*:* as following:

#*:*:*



192.168.10.121] reset

6.3.5.14 TELECOMMUNICATIONS : FIP

A failed unit must be replaced by a spare FIP unit:

new FIP unit must be completely configured (may be done in advance, according to the procedures afore-mentionned)

new FIP unit must be set with same IP addresses as failed unit

6.4 MAINTENANCE MODEM MT5600

This chapter explains how to use a MT5600 Multitech modem.

6.4.1 Introduction

The MT5600 Multitech Modem is an analogic modem which provides high-speed data and fax communication.

Thales Air Systems uses two of these modems for Remote Site Maintenance (RSM).

url : http://www.multitech.com/en_US/PRODUCTS/Families/MultiModemII




http://www.multitech.com/en_US/PRODUCTS/Families/MultiModemII



Figure 2. Multitech MT5600

6.4.2 Hardware configuration

One modem is connected to each server through its single serial port (ttyS0).

Refer to [P4] document to connect all cables.

6.4.3 Modem configuration

Connect the modem to the COM port of your laptop using a standard RS232 cable.

Run Hyperterminal on your laptop with the following configuration :

COM1 / 9600 bds / 8 bits / No parity / 1 stop bit / No flow control

If you don’t have any Laptop or PC, you can connect to the modem from the server by using cu tool:

# cu –l /dev/ttyS0 –s 9600# ~. (tild and dot) to disconnect from the modem and exit from the tool

Power on the modem.

From the Hyperterminal, enter the following sequence:

ATZAT&FAT&C0AT&D0AT$SB9600AT$MB9600ATS0=2AT&W0

For each of these commands, the modem should return “OK” as a result code.

Power off then, power on again the modem to take into account the new configuration.

From the Hyperterminal, enter the following sequence:

AT&V0

Check that the previous configuration was saved in profile 0 and is currently in use.

6.4.4 Server configuration






The following procedure should be done on both servers.

Log in as root.

Insert the DVD deliveredf by Thales Air Systems into the DVD-drive.

Extract the script “slip”

# mkdir -p /usr/local/THALES/DELIVERY# cd /usr/local/THALES/DELIVERY# cp /media/cdrom/SOFTWARE/SOFTWARE/THALES/RSM/slip .# eject

Remove the DVD-ROM from the drive and close the tray.

Modify the SLIP parameters in the script

# cd /usr/local/THALES/DELIVERY/# vi slip

Modify the following parameters

LIN_DEVICE=/dev/ttyS0SL_DEVICE=sl0

Close and save the file

Install the script as a service

# cp /usr/local/THALES/DELIVERY/slip /etc/rc.d.init.d/

Configure the service :

# chmod 755 slip# chkconfig --add slip

Start the service:

# service slip start

Check that the SLIP service is running:

# ps –eafl | grep slattach

The following process must be running:

/sbin/slattach -L -s 9600 /dev/ttyS0






7. STORAGE EQUIPMENT INSTALLATION & CONFIGURATION PROCEDURE

7.1 INTRODUCTION

The aim of this document is to provide the procedures to configure the storage equipments like Network Attached Storage (NAS), or Storage Area Network (SAN) which can be used by the servers, the workstations (if any) or the both.

7.2 NAS (NETWORK ATTACHED STORAGE)

7.2.1 Introduction

The NAS netgear ReadyNAS NVX is a compact box which can include up to 4 disks. These disks can be grouped in a single logical volume using X-RAID2 technology (X-RAID2 is different from RAID, but offers at least the same functionnalities in a more flexible way). This NAS allow 2 ethernet connections.

url : http://www.netgear.com/business/products/storage/readyNAS-NVX/RNDX4210.aspx

Figure 3. NAS Netgear ReadyNAS NVX


Normally, the NAS is connected on the LAN1 directly on a switch. But , in order to make a first configuration, the NAS shall be connected directly on a PC with a crossed cable.

Once the network cable is connected between the workstation and the LAN1 port of the NAS, switch on the NAS. The boot starts and takes several minutes. Several messages are displayed on the LCD screen in front of the box.




http://www.netgear.com/business/products/storage/readyNAS-NVX/RNDX4210.aspx



7.2.3 NAS system configuration

The management interface of the NAS is available by a web interface and gives access to all configuration tasks.

First, the ip address of the NAS shall be known. The default ip address (192.168.168.x) is displayed on the LCD screen.

On the PC, under Windows XP/2003 (in an administrator session) setup a compatible ip address. Run a cmd Windows and enter :

> netsh interface ip set address name="local" static 192.168.1.y 255.255.255.0

where x is not equal to y. Then enter :

> ping 192.168.1.x

Wait until the ping respond. Run internet explorer using the url : https://192.168.1.x/admin . Confirm the security exception if needed.

The default (user , password) are : (admin , netgear1 )

In network/interfaces submenu, enter use vales below in ip assignment

Enter the ip address and netmask (the ip address and netmask can be found in the network appendix).

Enter auto negotiation in speed duplex mode and 1500 in MTU.

Select apply. After a few seconds, change the url in the browser : https://{new-ip}/admin

In network / global settings submenu, enter the hostname and the gateway (see network appendix ). Clean (if not empty) the DNS settings. Select apply.




https://192.168.1.x/admin

https://192.168.1.x/admin



Select the menu Security/admin password.

Enter admin in new admin password and confirm. Select apply

Select the menu Security/Security mode.

Select share (and keep the default workgroup). Select apply.

Select apply.

Select the menu Service/Standard file protocols.

Select the items CIFS, NFS, FTP, HTTP. For FTP and HTTP, keep all default parameters. Unselect the other protocols. Select apply.

Select the menu Services/Discovery Services. Unselect Bonjour Service and UPnP. Select apply. Select OK for all messages popup windows.

Select the menu System/clock.

Select the correct timezone, adjust the correct time and date, and fill the NTP fields if a ntp server is available (see network appendix).






Select the menu System/alerts/SNMP.

Select Enable SNMP service. Enter ro-thales in community field. Select apply.

Select the menu System performances. Select the items :

Enable fast CIFS writes.

Unselect all the other items.

Select apply.






7.2.4 NAS storage configuration

Select the menu Shares/Share listing

Select the toggle delete for all previously defined shared and select the button delete.

Select Shares/add shares.

Create 2 shares:

backup_syst (description="backup of operating system, iso images", no password)

backup_app (description="backup of application data", no password)

Select apply. Then select Shares/Share listing

For each of theses shares, select (using the icons) :

CIFS, and set default access to read/write

NFS, and set default access to read/write

FTP, and set default access to read/write

HTTP and set default access to read only

For NFS, in the section "Share Access restructions", select "Root provilege-enabled hosts". In this field, enter the ip addresses of the servers (including the first and the second lan, if applicable). Refer to the Network Appendix for these ip addresses.

7.2.5 Server side configuration

On each server, login as root. Create first a mount point and then edit the /etc/fstab file :

# mkdir -p /home/mnt/backup_syst /home/mnt/backup_app

Edit the mount point table :

# vi /etc/fstab

and add the following lines at the end of this file (for {nas_ip}, refer to network appendix) :






# NAS Storage{nas_ip}:/backup_app /home/mnt/backup_app nfs noauto,intr,user 0 0{nas_ip}:/backup_syst /home/mnt/backup_syst nfs noauto,intr,user 0 0

Check that the backup_app and backup_syst volumes are available :

# mount /home/mnt/backup_app# mount /home/mnt/backup_syst# df

7.2.6 Workstation side configuration

No specific configuration is needed.

7.2.7 Management procedures and access modes

All the management procedures are done using a web browser. In case of a network problem, the solution is to establish a direct link with a crossed cable between a PC and the NAS.

Obtain basic information

Go to the url : https://{nas_ip}/admin .

Select Volume/Volume settings

The X-RAID status is displayed with the state of each physical disks. The status of the RAID must be "Redundant"

Select Status/Health

A summary of the state of the hardware components is displayed (disk, fan, temperature sensor). Each component must have a OK status.

Go to the url : https://{nas_ip}/admin . A summary of the useful information is displayed on the login page.

Restart or stop the NAS

Go to the url : https://{nas_ip}/admin . Select the menu system/shutdown. Select shutdown and reboot device (or shutdown and turn off device) and then select apply. The NAS takes several minutes to restart.

Restart or stop the NAS in case of a troubleshooting

If the web interface does not respond, push the on/off button in the front of the box. Then press this button a second time. The NAS initiate a shutdown. Push again on/off after a few seconds to restart the NAS.






If after the first push of the on/off button the NAS does not respond, push this button for 10 sec. The NAS stop without a clean shutdown. In this case, restart the NAS and wait until the boot is completed.

Login on the admin page : https://{nas_ip}/admin

Go to system/shutdown. Select shutdown and reboot device and perform volume scan on next boot. Select Apply . A scan process start in order to correct possible errors due to the dirty restart. This task take can take several minutes.

replace a failed disk

The replacing of a failed disk must be done if a disk is detected as failed in the view Status/Health.

In this case, simply remove the disk from the NAS : press the button under the failed disk. The latch pops out and the disk tray can be pulled out. Then extract the disk from the tray and replace it with a new one (wich must have the same model reference).

Replace the tray in the NAS. The NAS automatically restart a synchronization of the disks (see Volume/Volume settings page). This task can take several hours.

Warning

When the disk is running, don't remove a disk if its state is not detected failed.

Access to the shares from Windows

In a cmd Windows, enter :

net use X: \\{nas_ip}\{share}

where {share} is either backup_app or backup_syst. The same thing can be done using the Windows explorer.

Access to the shares from Linux :

The shares shall exist in /etc/fstab. In this case enter (as any user, not only root) :

# mount /mnt/backup_app

Access to the shares with command line ftp

From Windows or Linux, enter

# ftp {ip_nas}






and connect as anonymous (password empty). Then enter :

# cd {share}

Access to the shares with a browser, using http or ftp

From any web browser use the url http://{nas_ip}/{share} or ftp://{nas_ip}/{share}






8. APPENDIXES

8.1 APPENDIX A. HARDWARE CONFIGURATION

8.1.1 Obtaining hardware informations

8.1.1.1 BIOS/HP PROLIANT DLxxx

To obtain the informations listed below, follow theses instructions : Press <F9> when the PC restart and then access to BIOS informations menus

8.1.1.2 Linux

Once the system is started, login as root and run the the command

# cd ~/config# cfg2html# cdrecord -scanbus > cdrecord.txt

The file generated is called : {hostname}.html

8.1.2 Hardware reference

8.1.2.1 HP PROLIANT DL380 G6 SERVERS

HP links (quickspecs) :

http://h18000.www1.hp.com/products/quickspecs/13234_na/13234_na.PDF

Model ProLiant DL380 G6

RAM 3 x 2 GB @ 1333 Mhz

BIOS see Version appendix

Processor(s) Intel(R) Xeon(R) CPU E5540 @ 2.53GHz

iLO see Version appendix

USB 82801JI (ICH10 Family) USB UHCI/EHCI Controller

RAID controllerSmart Array P410i Controller, with BBWC 512Mb . firmware : see Version appendix







VGA compatible controller

VGA compatible controller : ATI Technologies Inc ES 1000

KVM Switch Avocent ECS17KMM8-202 , 8 ethernet ports

Monitor Avocent ECS17KMM8-202, 17" screen

Keyboard included in Avocent ECS17KMM8-202

Mouse Touchpad (on Avocent ECS17KMM8-202)

Hard drive(s) 4 x 72.8 GB | 1000 b/k = 67.8 | 1024b/k 15K RPM, 2"5 COMPAQ , SAS

CD/DVD DVD RW AD-7586H KP03

Network devices Broadcom NetXtreme II BCM5709 Gigabit Ethernet (4-ports)

8.1.2.2 HP 6000pro SFF PC

HP links (quickspecs) :


Model HP Compaq 6000 Pro SFF PC

RAM 2 GB @ 1333 Mhz

BIOS see Version appendix

Processor(s) Pentium(R) Dual-Core CPU E5500 @ 2.80GHz

USB 82801JD/DO (ICH10 Family) USB UHCI Controller

disk controller 82801JD/DO (ICH10 Family) SATA AHCI Controller

Intel VGA compatible controller

Intel 4 Series Chipset Integrated Graphics Controller

Monitor HP LA1951g, 19" screen

Keyboard HP qwerty PS/2 keyboard







Mouse HP USB mouse wheel+3B

Hard drive(s) 1 x 320 GB | 1000 b/k = 298 | 1024b/k 7.2K RPM, 3"5 , SATA II

CD/DVD CDDVDW TS-H653R

Network devices82567LM-3 Gigabit

NetXtreme BCM5761 Gigabit Ethernet PCIe

8.1.3 OS hardware configuration

In this chapter, are given the parameters to setup in the operating system in order to match the hardware of the differents machines.

8.1.3.1 display

The display involves : the Avocent ECS17KMM8 keyboard/touchpad/screen combo and the ES1000 graphic card.

The Avocent ECS17KMM8 display use a 60Hz frequency for vertical refresh. and provides a native resolution of 1280x1024 in a 17" wide format.

Modifiy the /etc/X11/xorg.conf file with the content given in the appendix "Scripts and configuration files"

8.2 APPENDIX B. BIOS & ILO CONFIGURATION

8.2.1 BIOS configuration

8.2.1.1 HP PROLIANT DL380 G6

During boot process, when the following message is displayed:

Press <F9> for the ROM-Based Setup Utility

Press the <F9> key.

In Main menu:

Select Advanced options

o Select Restore default system settings

Select Yes , select to restore.

Select System options

o Select Embedded port COM A.

Select Enabled (if not already selected).






o Select Embedded port COM B.

Select Enabled (if not already selected).

o Press the <Esc> key to go back to main menu.

Select Date and Time.

o Enter the Date.

o Enter the UTC Time.

o Press <Enter> to go back to main menu.

Select Server Availability.

o Select ASR Status.

Select Disabled.


Select Advanced Options.

o Select Post F1 Prompt

Select Disabled

o Select Advanced system ROM option

Select Power on Logo

Select Disabled.


Press the <Esc> key to exit utility.

Press the <F10> key to confirm.

8.2.2 BIOS compatibility parameters


No BIOS compatibility parameters is required.

8.2.3 ILO configuration








ILO : Press <F8>

Press the <F8> key.

In Main menu:

Select Network

o Select DNS DHCP

o Press <SPACE> to have : DHCP enable : OFF

o Press <F10> to validate

o In network menu, select NIC and TCP/IP

fill IP adress, subnet mask and gateway address (use <TAB> to navigate). Refer to the network appendix for these values.

Press <F10> to validate

Select USER

o Select Add

fill the following fileds :

username: tilc

login name: tilc

password: ans@thales

light out privilege: select all privileges with yes

Select File

o Select Exit and press <ENTER>

Check of accessibility of ILO :

In a web browser, enter the url : http://{ilo_ip_address}.

Enter the user and password (see above) in order to connect.

8.3 APPENDIX C. RAID CONFIGURATION

8.3.1 Smart array : RAID disks configuration on servers

Switch on the server (ML370 G3 or DL380 G6).







Press <F8>, to run the Option ROM Configuration for Array Utility

Press the <F8> key to enter in the utility.

8.3.1.1 Old logical drive(s) removing

If you have one or more logical drive(s) already configured, follow this step, else skip it.

In Main menu:

For each logical drive(s) to delete, select Delete Logical Drive.

Highlight the logical drive to delete Logical Drive # N.

Press <F8> key to delete the logical drive.

Press <F3> key to confirm the deletion.

Press <Enter> to continue.

8.3.1.2 Logical drive creation

In Main menu:

Select Create Logical Drive.

In Available Physical Drives panel:

Select SCSI Port 2, ID 0, 72.8 GB.

Select SCSI Port 2, ID 1, 72.8 GB.

or

Select SAS Port 2, ID 0, 146.7 GB.

Select SAS Port 2, ID 1, 146.7 GB.

In RAID Configurations panel:

Select RAID 1+0.

In Spare panel:

Unselect Use one drive as spare.

In Maximum Boot partition panel:

Choose Disable (4GB maximum).

Press <Return> to create the logical drive.






Save configuration by pressing <F8>.

Press <Enter> to go back to main menu.

Restart the procedure if there is an other logical drive to create

or

Press <Esc> to exit from the utility.

8.3.2 RAID disks duplication

This chapter explain how to duplicate the content of a RAID-1 couple of disks from a server (called server-0) onto an other server (called server 1).

Figure 4. C.1. Initial situation

Stop the 2 servers. remove the network cable for server 1.

Extract Disk 1-0, Disk 0-1 and Disk 1-1

Put Disk 1-0 in the Disk 1-1 rack. Here each server has one disk plugged : Disk 0-0 for server 0, Disk 1-0 for server 1.

Then start the 2 servers. Wait until the OS is completely started.

Plug the disks : Disk 1-1 in the free rack 1-0 and Disk 0-1 in rack 0-1.






Figure 5. C.2. Final situation

The color of the led on Disk 1-1 and Disk 1-0 is first red and then green-blinking (after a few seconds).

When the leds become green without blinking, the 2 disks are synchronized.

The server 1 must now be configured in order to change its identity (name and network configuration, involving the mac address modification).

8.4 APPENDIX D. PARTITIONING CONFIGURATION

8.4.1 Partitioning information

8.4.1.1 HP DL380 G6 Servers

The disks used are 4*72.8 GB | 1000 b/k (=67.8 | 1024b/k GB) SAS. From now on, one gigabyte (GB) is supposed to be equal to 10243 bytes, and one megabyte (MB) to 10242 bytes.

The disks on slot 1 and slot 2 are grouped in a hardware-RAID1 logical disk (/dev/cciss/c0d0). This logical disk is used for the system.

The disks on slot 3 and slot 4 are grouped in a hardware-RAID1 logical disk (/dev/cciss/c0d1). This logical disk is used for the data.

Partitions :

Device TypeSize (Mb)

Mount point

File system/partition

/dev/cciss/c0d0p1Primary256 /boot ext3/dev/cciss/c0d0p2Primary32768 - lvm/dev/cciss/c0d0p3Primary36864 - lvm

Volumes groups :

Volume group name Usage Physical volume






vgsyst System

/dev/cciss/c0d0p2

vgdata Data /dev/cciss/c0d0p3

Note

The size of a volume group is the sum of all the logical partitions which belongs to this volume group and the free size (see the table below). The size of the volume group match the size of its physical volume.

Note

2GB remains free on vgsyst

Logical volumes :

Logical volume name Volume group nameSize (Mb)

Mount point

Filesystem

lvroot vgsyst 2048 / ext3lvusr vgsyst 10240 /usr ext3lvvar vgsyst 2048 /var ext3lvswap1 vgsyst 2048 - -lvswap2 vgsyst 2048 - -lvswap3 vgsyst 2048 - -lvtmp vgsyst 10240 /tmp ext3lvdata vgdata 36864 /home ext3

8.4.1.2 HP Z200 workstations

The disks used are 1*500 GB | 1000 b/k (=465.6 | 1024b/k GB) SATA II. From now on, one gigabyte (GB) is supposed to be equal to 10243 bytes, and one megabyte (MB) to 10242 bytes.

Partitions (the device name is a UNIX-like name):

Device TypeSize (Mb)

Mount point

File system/partition

/dev/sdaPrimary237568 C: NTFS

Note

The capacity of the disk is not use completely in order to use short stroking on the disk.

8.5 APPENDIX E. FIRMWARE CONFIGURATION

8.5.1 Firmware upgrade

8.5.1.1 HP Proliant DL380 G6

Burn the firmware dvd iso image (this iso image is available on the Thales COTS DVD).






Insert the CD and reboot the server :

Select "Firmware maintenance" on the CD main screen.

On the langage screen, select "Continue"

EULA screen : select "Agree"

Select the tab "Firmware Update". In this tab, select the link "Install firmware"

Select all the updates in the section named "Updates to be installed". This updates concerns :

o BIOS - System ROM

o Light Out Management (ILO)

o Network cards (if applicable)

o Storage controller

Select install. The installation can take several minutes.

Select Exit. The server reboot.

8.6 APPENDIX F. NETWORK CONFIGURATION

8.6.1 Hardware interface

1 hardware interface is used on each server. This hardware interface is available on mother board.

8.6.2 Software interface

8.6.2.1 IP configuration

naming rules for the alias :

main servers : <ident of the application><ident in the cluster>-<ident of the network> for the all the network cards

cluster : <ident of the application>-<ident of the network> for the floating ip address for the cluster

ilo port : <ident of the application>ilo<ident in the cluster>-<ident of the network>

alias IP/netmask interfaceboamss-1 142.3.14.89/255.255.0.0 eth2boamss-2 142.150.14.89/255.255.0.0 eth3boamssa-1 142.3.14.81/255.255.0.0 eth2boamssa-2 142.150.14.81/255.255.0.0 eth3boamssb-1 142.3.14.82/255.255.0.0 eth2






boamssb-2 142.150.14.82/255.255.0.0 eth3boamssiloa142.3.14.85/255.255.0.0 ilo portboamssilob142.3.14.86/255.255.0.0 ilo portbobck-1 142.3.14.70/255.255.0.0 eth2bobck-2 142.150.14.70/255.255.0.0 eth3bofip01-1 142.3.14.121/255.255.0.0 eth2bofip01-2 142.150.14.121/255.255.0.0eth3bofip02-1 142.3.14.122/255.255.0.0 eth2bofip02-2 142.150.14.122/255.255.0.0eth3bofip03-1 142.3.14.123/255.255.0.0 eth2bofip03-2 142.150.14.123/255.255.0.0eth3bofip04-1 142.3.14.124/255.255.0.0 eth2bofip04-2 142.150.14.124/255.255.0.0eth3bofip05-1 142.3.14.125/255.255.0.0 eth2bofip05-2 142.150.14.125/255.255.0.0eth3bofip06-1 142.3.14.126/255.255.0.0 eth2bofip06-2 142.150.14.126/255.255.0.0eth3bofip07-1 142.3.14.127/255.255.0.0 eth2bofip07-2 142.150.14.127/255.255.0.0eth3bofip08-1 142.3.14.128/255.255.0.0 eth2bofip08-2 142.150.14.128/255.255.0.0eth3bofip09-1 142.3.14.129/255.255.0.0 eth2bofip09-2 142.150.14.129/255.255.0.0eth3bofip10-1 142.3.14.130/255.255.0.0 eth2bofip10-2 142.150.14.130/255.255.0.0eth3bolan1sw1 142.3.14.61/255.255.0.0 -bolan2sw1 142.150.14.61/255.255.0.0 -bows01-1 142.3.14.201/255.255.0.0 eth0bows01-2 142.150.14.201/255.255.0.0eth1bows02-1 142.3.14.202/255.255.0.0 eth0bows02-2 142.150.14.202/255.255.0.0eth1bows03-1 142.3.14.203/255.255.0.0 eth0bows03-2 142.150.14.203/255.255.0.0eth1bows04-1 142.3.14.204/255.255.0.0 eth0bows04-2 142.150.14.204/255.255.0.0eth1

8.6.2.2 Routing

N/A

8.6.2.3 DNS

N/A

8.6.2.4 DHCP






N/A

8.6.2.5 NTP

hostnamentp server

* N/A

8.7 APPENDIX G. SYSTEM BACKUP & RESTORE

8.7.1 Backup / restore for servers and workstations

8.7.1.1 Introduction

This chapter explains how to manage the backup and the restoration of a whole system, on a server or a workstation.

The following chapter requires a live CD “clonezilla”. This CD can be obtained by burning an iso file of the “clonezilla” Live CD. (go to url http://clonezilla.org ). Version of the live CD used : see "Appendix versions".

Once this Live CD is available, a boot on the CD give an access to and interactive tools which allows to backup or restore a system to or from an external device.

The backups and restoration works for Linux (ext2/ext3 based file systems) and Windows systems (fatxx/NTFS based file systems).

Requirements : a backup server (with a nfs server) or an external USB disk is available and provide enough space to store the backups.

8.7.1.2 System backup

This chapter explains how to backup a system using a network connection (nfs).

8.7.1.2.1 Step 1 : boot

Shutdown the server or the workstation. Then insert the Live CD “clonezilla”.




http://clonezilla.org/



Select “Clonezilla live“

or

Select “Other modes of Clonezilla live > Clonezilla live (to RAM...)“ to load all the CD in memory (the process take a few minutes more but it is possible to eject the CD at the end of the boot, and then to restore several machines with only one CD).

On some PC (HP workstation for instance), the boot is stopped after a few seconds. In this case, restart the PC, and select “Other modes of Clonezilla live > Clonezilla live (Failsafe mode...)”. If the live CD failed to start, restart the PC, select TAB and enter "vga=0 pci=conf1" as additionnal parameters.

press Return.

the system start. This step can take up to 3 minutes.

8.7.1.2.2 Step 2 : configuration

On language panel, Select “en_US“ and press Return.

On a standard qwerty US keyboard, select “Don’t touch keymap” to jumps to the next screen.

Otherwise, select “Select keymap from full list“ and press Return. A list is displayed with the available keyboard. For instance, for a french keyboard, select "pc/azerty/French/Same as X11 (latin 9)/Standard".

In this list, select the correct keyboard mapping. For instance, for a french keyboard, select "pc/azerty/French/Same as X11 (latin 9)/Standard" and type Return.






The system then show the main screen for the access to “clonezilla”. Select “Start clonezilla” and type Return.

Select “device image” and type Return.

The following steps require either a machine running a nfs server or a USB external disk in order to give access to a storage space. Consequently, this machine or the external disk must have enough space to store the image(s). The external USB disk must provide a partition with FAT32 file system.

The current sizes are (operating systems just after install , without datas) :

Windows XP Pro (including SP2 or SP3) or Windows 2003 (with SP2) : 6Gb

Linux Redhat 4 update x (full Install) : 5Gb.

Linux Redhat 5 update x (full Install) : 6Gb.

For operating systems with datas and applications, consider the disk usage and divide by 2.






Case of a nfs server :

First, unplug all the network cables connected to a switch except the one giving access to the NFS server.

Select “nfs_server” and type Return. The system ask for a nfs version. Select NFS v2,v3 and type Return.

The system will now ask for network configuration parameters.

Case of a local device :

Select “local dev” and type Return. The system will now scan the available local devices.


Select the network device to use (this has a "active : yes" label). Select “static” for the IP Address. Then enter in this order, on the following screens :

- IP address (the same IP as the machine being backuped)

- netmask (the same netmask as the machine being backuped)

- default gateway (if needed)

- nameserver (clear this field)


Insert the USB cable into one of the slot of the machine. Wait 30 seconds and then type Return

Select the USB disk in the list. Check the size and the label of the disk, in order to make the difference with the non USB local disks. Type Return.


The system ask for the IP address of the nfs server (see before).

Enter the address and type Return.







The system ask for a directory (nfs) on the backup server. Enter "/backup_syst” .If needed, create this directory on the backup server and export it using NFS.

If the network configuration is correct, the NFS directory is mounted and the system shows the mount point. Type Return.


Select / as top directory

Select beginner Mode.






8.7.1.2.3 Step 3 : backup

Select “savedisk” and type Return

Enter a name for the directory containing the image files, with this format : {server_name}-img-{yy}{mm}{dd}-{hh}{mm}

and type Return.

The system then ask for the disks to be saved :

The disks are listed with a name like hdX for ide disks and sdX for SCSI or SATA disks

Warning

SCSI disks on HP controllers with a device name like cciss/cXdY are shown as sdZ.. In order to select the good device, check the label and the size of the disk in the list.

Type Return.

The system ask for a confirmation. Type y then Return.

The backup start. Wait for the end of the process and type 1 to reboot the machine.

( The duration depends on the size of the partitions on disk. With a 10Gb used space, a 100Mb/s network speed and a 2Ghz CPU, the backup takes about 25min ).






8.7.1.3 System restore

This chapter explains how to restore a system from a server (using nfs) or a local device (USB disk). First, refer to backup chapter and execute all the steps in "boot" and "configuration".

8.7.1.3.1 Step 3 : restore

Select “restoredisk” and and type Return

The system displays a list of all the sub-directories (of the storage directory) which contains a backup.

Select the wanted backup directory for the restoration and type Return

The system then asks for the disks on which the backup will be restored :

The disks are listed with a name like hdX for ide disks and sdX for SCSI or SATA disks.

Warning

SCSI disks on HP controllers with a device name like cciss/cXdY are shown as sdZ

type Return.

The system ask (2 times) a confirmation before running the process. Type y (2 times) and Return.






The restore start. Wait for the end of the process and type 1 to reboot the machine.

( The duration depends on the size of the partitions on disk. With a 10Gb used spaced, and a 100Mb/s network speed and a 2Ghz CPU, the duration is about 20min ).

Warning

In the case of a system which is restored on a blank hard disk, the step 3 must be done 2 times. The first time, clonezilla put a label on the disk and create the partition. An error message is displayed (which is normal).The second time, the system restore the partitions.

Note

The boot manager is changed in the case of a restoration of a Linux system. Instead of the first screen of the original system, a line “ESC to access menu” is displayed before the boot => It is possible to access to the original detailed boot menu by typing ESC

8.7.1.4 Network and identity configuration

In the case of machine "A" which is restored on a machine "B" (A and B are the same model of machine), a network and identity configuration is needed.

If not, problems of IP address conflict can occur.

8.7.1.4.1 Windows based operating system.

Restart the machine and login with an administrator account.

Run cmd and type :

ipconfig /allnetsh interface show interface

Theses commands show the ethernet adapter name and their configuration. Enter a new ip address for the ethernet adapter which need to be reconfigure :

netsh interface ip set address "Local Area Connection" static {ip_address} {netmask} {gateway} 1

{ip_address}, {netmask}, {gateway} can be found in network appendix.

Run cmd and enter newsid. Select Next/Random SID/Next.

Select Rename the computer to. and type the new hostname of the machine.

Select Automatically Reboot and finish with Next.






8.7.1.4.2 Linux Red Hat based operating system.

Restart the machine. During the boot, the system detects that the hardware (in fact the mac addresses of the ehernet adapters) have changed.

Each adapter which is not present in the current system is displayed in a windows with tree choices : Remove configuration / keep Configuration / Do nothing. Select for each of these removed adapters : Remove configuration.

Then each adapter wich is new in the current system is displayed in a windows with three choices : Configure / Ignore / Do nothing. Select for each of these new adapters : Configure.

Enter a static ip default address for each adapter (theses adresses will be replaced) : 192.168.1.10 for eth0, 192.168.1.11 for eth1, and so on. Enter 255.255.255.0 as netmask. Left blank the gateway field.

Login as root.

Check that the /etc/hosts is correct (all aliases are present) and check that the file /usr/local/bin/config_hweth.pl exists.

In this case: run the command :

config_hweth.pl -r -n {new hostname}

Otherwise (/usr/local/bin/config_hweth.pl does not exist), configure the ip addresses using the chapter "Network interfaces" of the main documentation.

In all the cases, restart the system :

shutdown -r 0

8.7.1.5 Notes/Troubleshooting

If, during the utilization of the “clonezilla system CD”, a wrong information is entered (directory, backup or restore method), select “cancel” to return to the preceding menu. In some cases, it is not possible to escape from a “menu loop”. In this case, type CTRL-ALT-DEL to restart the system.

In the case where several disks are displayed : Clonezilla displays the device names of the disks like hdX (ide) or sdX (SCSI/SATA). Sometimes, it is useful to list partitions associated to each disks, to localize the system disk. In this case, type CTRL-ALT-F2 run the commands :

# sudo su -# /sbin/fdisk –l

To see how the disks hdX or sdX are associated with physical disks :

# ls -l /dev/sd?

Return to the main screen by CTRL-ALT-F1

It is possble that the speed of the ethernet link is not correct due to a bad negociation between the local ethernet card and the switch on which the machine is connected. In this case, the backup or the restore is very slow.

Enter these commands :

# sudo su - # ethtool ethX

where ethX is the active interface.






Speed must be equal to 100 or 1000, and duplex must be equal to full. If not, set the ethernet parameters :

# ethtool -s ethX autoneg off speed {speed} duplex full

where {speed} is either 100 or 1000, depending on the ethernet card/switch.

In the case of a Windows workstation, it is mandatory to perform the following tasks before making a backup:

o Check disk: Click on the Start button then select Run, enter cmd for access to the Windows command prompt and run the command:

# chkdsk /F c:

Answer yes and reboot the workstation. Then the system will perform the check disk and reboot the workstation automatically a second time.

o Defragmentation: In the Windows command prompt run the command:

# defrag c:

The defragmentation process can take severals hours.

8.8 APPENDIX H. SCRIPTS AND CONFIGURATION FILES

8.8.1 X11 configuration file

File : /etc/X11/xorg.conf

Description : configuration of X11 for ES1000 graphical card with a 1280x1024 Avocent 17" display :

Section "ServerLayout" Identifier "single head configuration" Screen 0 "Screen0" 0 0 InputDevice "Keyboard0" "CoreKeyboard"EndSection

Section "InputDevice" Identifier "Keyboard0" Driver "kbd" Option "XkbModel" "pc105" Option "XkbLayout" "gb"EndSection

Section "Device" Identifier "Videocard0" Driver "radeon"EndSection

Section "Screen" Identifier "Screen0" Device "Videocard0" DefaultDepth 24 SubSection "Display"






Viewport 0 0 Depth 24 Modes "1280x1024" "1280x960" "1280x800" "1152x864" "1152x768" "1024x768" "800x600" "640x480" EndSubSectionEndSection

8.8.2 iperf service

File : /etc/init.d/iperf-srv

Description : service for the iperf command

#!/bin/bash## iperf-srv: Starts iperf in server mode## chkconfig: 345 90 10# description: iperf is a network monitoring tool## processname: iperf# config:

# Source function library.[ -f /etc/rc.d/init.d/functions ] || exit 0. /etc/rc.d/init.d/functions

export PROC=iperfexport BINARY=/usr/local/bin/$PROCexport LOG=/var/log/$(basename $0).logexport IPERF_OPTS="-f M"

RETVAL=0

# start server if not already started# -----------------------------------start() { pid=$(pidofproc $PROC) if [ "$pid" != "" ]; then echo -e "$PROC already running => \c" echo_failure echo RETVAL=1 else echo -n $"Starting iperf server : " # iperf in daemon & server mode # ----------------------------- nohup $BINARY -s $IPERF_OPTS &>/dev/null & sleep 1 pid=$(pidofproc $PROC) if [ "$pid" = "" ]; then






RETVAL=1 echo_failure echo else RETVAL=0 echo_success echo fi fi return $RETVAL}

# stop the server# ---------------stop() { echo -n $"Stopping iperf server : " killproc $(basename $BINARY) RETVAL=$? echo return $RETVAL}

# main# ----case "$1" in start) start ;; stop) stop ;; status) status $(basename $BINARY) ;; restart) stop; sleep 1; start ;; *) echo $"Usage: $0 {start|stop|status|restart}"; exit 1 ;;esac

exit $RETVAL

8.8.3 shell profile

file : /root/.bash_profile

description : shell environment customization

# Get the aliases and functionsif [ -f ~/.bashrc ]; then . ~/.bashrcfi

# User specific environment and startup programs

PATH=$PATH:$HOME/bin

export PATHunset USERNAME






set -o viexport HISTFILESIZE=10000export HISTSIZE=10000export HISTTIMEFORMAT='%d/%m/%y %H:%M # '

export PATH="/usr/local/bin:"$PATH":.:"export PS1='\H:\033[2m$PWD'`echo '\033[0m';echo "# "`export LANG=C

alias ll='ls -l'alias la='ls -la'alias h='history|tail -50'alias r='fc -e -'alias ltt='ls -rlt|tail -20'alias lt='ls -rlt'alias rm='\rm -i'alias pg='less -d -e -i -F -X'alias bc='bc -q -l ~/.bcrc'echo "============================================================================"uname -n | sed 's/\..*//' | figlet -f slantecho -e "\n$(uname -s) V$(uname -r)\n"dateecho "============================================================================"echo

8.9 APPENDIX I. SOFTWARE AND FIRMWARE VERSION SUMMARY

This appendix give the versions of the package or meta-package used for the configuration of servers, workstations and operating systems.

Software description

Version / packageoperating system

Origin

HP Proliant firmware

9.20(B) N/A HP (http://www.hp.com)

Clonezilla Live CD

20100721 N/A http://clonezilla.org

HP Proliant firmware / details : ILO

2.01 (08/04/2010 N/A HP (http://www.hp.com))

HP Proliant firmware / details : BIOS

P62 (08/16/2010) N/A HP (http://www.hp.com)

HP Proliant firmware / details : RAID controller

3.52 N/A HP (http://www.hp.com)

HP Compaq 6000 Pro SFF PC :

786G2 v01.09 (08/25/2009)N/A HP (http://www.hp.com)




http://www.hp.com/

http://www.hp.com/

http://www.hp.com/

http://www.hp.com/

http://clonezilla.org/

http://www.hp.com/





Origin

BIOSNetgear RNDX firmware

RAIDiator 4.2.12 N/A Netgear (http://www.netgear.com)

Cisco 2960G firmware

12.2(50)SE4 N/A Cisco (http://www.cisco.com)

Red Hat operating system

4 update 8 N/A Red Hat (http://www.redhat.com)

Windows operating system

XP Pro + service pack 3 N/A Microsoft (http://www.microsoft.com/en/us/default.aspx

Red Hat operating system / details : kernel

2.6.9-89.ELsmp

Redhat 4 update 8

Red Hat (http://www.redhat.com)

HP Proliant support Pack

psp-8.30.rhel4.i686.en.tar.gz

Redhat 4 update 8

HP (http://www.hp.com)

Blackbox terminal server driver

40002086_N.src.rpm

Redhat 4 update 8

digi (http://www.digi.com)

cfg2htmlcfg2html-linux-1.63-1.noarch.rpm

Redhat 4 update 8

http://www.cfg2html.com

iperf iperf-2.0.4.tar.gz

Redhat 4 update 8

NLANR/DAST (http://sourceforge.net/projects/iperf)

lshwlshw-2.12.1-1.el4.rf.i386.rpm

Redhat 4 update 8

http://ezix.org/project/wiki/HardwareLiSter

cygwin 1.5.21Windows XP pro + SP3

http://www.cygwin.org

7-zip 9.20Windows XP pro + SP3

http://www.7-zip.org

Sysinternal suite

091001Windows XP pro + SP3

http://ezix.org/project/wiki/HardwareLiSter http://technet.microsoft.com/ en-us/sysinternals/default.aspx

windirstat 1_1_2 Windows XP pro

http://ezix.org/project/wiki/HardwareLiSter http://windirstat.info













http://www.cfg2html.com/

http://www.digi.com/

http://www.hp.com/

http://www.redhat.com/



http://www.netgear.com/

http://www.netgear.com/





Origin

+ SP3

iperf for windows

1.7.0Windows XP pro + SP3

NLANR/DAST (http://sourceforge.net/projects/iperf)

scite for windows

2.01Windows XP pro + SP3


Adobe Reader for windows


http://www.scintilla.org/SciTE.html http://www.adobe.com

PdfCreator 0.9.8Windows XP pro + SP3


.NET redistribuable


Microsoft (http://www.microsoft.com/en/us/default.aspx)

.NET redistribuable



Microsoft Visual C++ redistribuable

2008Windows XP pro + SP3









http://www.adobe.com/






8.10 APPENDIX J. COTS MEDIA

8.10.1 Content

In this appendix, "media" refer to a path on the NAS. This path can be accessed using a mount point. Refer to "Storage equipment Installation" appendix for more informations and to "Network" appendix for the ip addresse of the NAS.

This appendix give the content of the THALES COTS media.

This media contains the COTS used to install and configure the operating systems. It contains also system the backup of the operating systems.

path description of the content

./COTS/OPERATING_SYSTEMS/LINUX This directory contains all the drivers and tools uses for the LINUX installation & configuration.

./COTS/OPERATING_SYSTEMS/WINDOWSThis directory contains all the drivers and tools uses for the WINDOWS installation & configuration.

./images

This directory contains all the system backup of the different operating systems (1 backup => 1 subdirectory, with a name : {machine_name}-img-{yy}{mm}{dd}-{hh}{mm} ). refer to "System Backup & Restore" appendix for more details.

./isos This directory contains all the iso images used for installation & configuration, including operating system CD or DVD, and firmware CD or DVD

For instance, in order to access to isos directory :

on a server, enter

mount {nas_ip}:/backup_syst /home/mnt/backup_syst

Then, the full path to access to isos directory is : /home/mnt/backup_syst/isos

on a workstation

Use explorer -> tools->map network drive. enter X: as drive and \\{nas_ip}\backup_syst as folder.

Then, the full path to access to isos directory is : X:\isos

8.10.2 Create CD or DVD from iso images

In order to burn an iso image on a CD or a DVD : mount the media in order to have access to the iso image file (called {path_of_iso_image}).

Insert in the DVD/CD writer à CD-R or a DVD-+R. (no CD-RW or DVD-+RW allowed. Only quality brand CD or DVD.).

Run the following command :

cdrecord -v -eject -dao speed=4 dev=/dev/dvd {path_of_iso_image}




Icm System Rev-draft2

Documents

Transcript of Icm System Rev-draft2