perfSONAR-VM Installation Guide Last updated: Activity: Dissemination Level: Authors: 02-09-2012 SA2 T3 PU D. Stoykov Document Revision History Version 0.1 Date Description of change Person 02-09-12 First draft issued D. Stoykov Table of Contents 1 Introduction 1 2 Installation 2 2.1 System Requirements 2 2.1.1 Supported platforms 2 2.1.2 Hardware requirements 2 2.2 3 VM installation 2 Guest OS setup 4 3.1 Initial (mandatory) steps 4 3.1.1 Set root password 4 3.1.2 Configure hostname and network settings 4 3.2 Bibliography Optional setup 5 3.2.1 Restrict SSH access 5 3.2.2 Configure time servers 5 3.2.3 Configure an e-mail alias for the root account 5 3.2.4 Configure SMTP relay servers 6 7 iii Introduction 1 The perfSONAR-VM is a preconfigured virtual appliance intended to simplify deployment of perfSONAR measurement points (MPs). It is based on the CentOS 6.3 operating system and contains all the measurement components of perfSONAR – BWCTL-MP, OWAMP-MP and a HADES MP. BWCTL-MP and OWAMP-MP are fully functional and ready to receive measurement requests out of the box. The HADES MP has the necessary packages and dependencies installed; however it still requires the configuration files to be pushed from the central server before it will operate. The perfSONAR-VM is delivered in two formats: Open Virtualization Format (OVF) package, which can be deployed on any hypervisor that supports the OVF standard. VMware virtual machine format (a .vmx and a .vmdk file). This allows for faster and more convenient deployment on VMware products, such as VMware ESX/ESXi, VMware Workstation and VMware Player. 1 2 Installation 2.1 System Requirements 2.1.1 Supported platforms The following platforms are supported by the VMware format version: VMware ESX/ESXi 4.0 or later VMware Workstation 6.5.0 or later VMware Player 3.0 or later VMware Server 2.0 The OVF version can be deployed on any virtualization platform that conforms to the standard. 2.1.2 Hardware requirements The perfSONAR-VM is configured with the following resources: 1 virtual CPU (core) 1 GB RAM (can be lowered in memory-constrained environments) 16 GB disk space provisioned o ~ 3 GB will be actually occupied on systems that support thin provisioning VM installation 2.2 For the VMware version, download the perfsonar-vm.vmx and perfsonar-vm.vmdk files into a single directory. o For desktop software (VMware Workstation, VMware Player) open the virtual machine by double-clicking on the perfsonar-vm.vmx file. Make sure the network adapter is using a bridged network connection. o For ESX/ESXi/vSphere: 2 use the VMware Converter to deploy the virtual machine (select ”VMware workstation or other VMware virtual machine” as source type). upload both files to a directory on the datastore, then right-click on the .vmx file, choose “Add to Inventory” and follow the prompts. For the OVF version, refer to documentation of your preferred hypervisor for instruction on how to deploy a virtual machine from the OVF template. Regardless of the platform, make sure the virtual network interface is bridged to the proper network segment in case there is more than one available. 3 Guest OS setup 3 After booting the virtual machine, login to the console with the following default credentials: User: root Password: perfsonar Initial (mandatory) steps 3.1 After performing these steps the server is connected to the network and ready to perform measurements. 3.1.1 Set root password Change the root password by issuing the passwd command. Unless ~]# passwd Changing password for user root. New UNIX password: Retype new UNIX password: passwd: all authentication tokens updated successfully. ~]# 3.1.2 Configure hostname and network settings Use the system-config-network interactive tool to configure network settings (hostname, static IP address, network mask, default gateway, DNS servers). Alternatively, direct editing of the network configuration files can be used. /etc/sysconfig/network /etc/sysconfig/network-scripts/ifcfg-eth0 /etc/resolv.conf After configuration is finished, restart the network service: ~]# /etc/init.d/network restart 4 3.2 Optional setup 3.2.1 Restrict SSH access By default SSH access is enabled from all hosts on the network and on the Internet. To increase security it is recommended to restrict access to only those hosts that will be used to manage the server. To do so edit the /etc/hosts.allow file, find the line starting with sshd and replace the ALL keyword with the IP addresses of the hosts should be able to connect via SSH. sshd: 172.16.0.5 172.16.0.1 3.2.2 Configure time servers The NTP daemon is enabled by default, but is set up to sync with public servers from the pool.ntp.org project. In order to get more precise results, which is important for one-way delay measurements, it is recommended to replace them with ones closer to your location. Ideally that would be stratum 1 time servers within your institution or NREN. 1. In the file /etc/ntp.conf, comment the existing server definition lines and add new ones in accordance with the recommendations above. #server 0.centos.pool.ntp.org #server 1.centos.pool.ntp.org #server 2.centos.pool.ntp.org server ntp.example.org server ntp2.example.org 2. Restart the NTP daemon. ~]# service ntpd restart 3. Verify time synchronization is working correctly by checking logging output: ~]# tail -f /var/log/messages After some time you should see a line similar to this: Aug 26 07:02:34 mx1 ntpd[2118]: synchronized to 91.210.88.73, stratum 1 3.2.3 Configure an e-mail alias for the root account By default the root account receives mail from the system with regularly generated reports or upon certain unexpected critical events. Therefore it is recommended to redirect all e-mail destined to the root account to another address, that will be regularly checked by the person or team responsible for the server. 5 To do so edit the file /etc/aliases and add a line similar to this: root: support@example.com Then update the aliases database by running: ~]# newaliases 3.2.4 Configure SMTP relay servers While a networked host may be able to deliver outgoing mail by itself, it is recommended and often required to configure a mail relay server (smart host). To do so edit the file /etc/postfix/main.cf and add a line similar to this: relayhost = [smtp.example.com] Then reload the postfix mail transfer agent (MTA) configuration: ~]# service postfix reload 6 Bibliography 1. Timekeeping in VMware Virtual Machines. http://www.vmware.com/files/pdf/Timekeeping-In-VirtualMachines.pdf . 2010. VMware Inc. 2. Red Hat Enterprise Linux Deployment Guide. http://access.redhat.com/knowledge/docs/Red_Hat_Enterprise_Linux/ . 2012. Red Hat, Inc. 3. BWCTL MP Installation Guide. https://forge.geant.net/forge/display/perfsonar/Documentation .2012. A. Guerrero, Sz. Trocha, R. Karch 4. OWAMP MP Installation Guide. https://forge.geant.net/forge/display/perfsonar/Documentation .2012. H. Calim, Sz. Trocha, R. Karch 5. 7