Lade...
 
Seitenaktionen
Drucken

Configure AFS Server

Configure AFS Server


This is only a quick step through configuring a AFS Server:



Create a partition for AFS (we use LVM here):

lvcreate -L 20g -n vicepa vg_system
mkfs.ext3 /dev/vg_system/vicepa
echo "/dev/vg_system/vicepa /vicepa ext3 defaults 0 0" >> /etc/fstab
mkdir /vicepa
mount /vicepa


bos server

Wipe odd config files that come with rpms:
rm /etc/openafs/*
rm /etc/openafs/server/*


Start bos server:
bosserver -noauth


Configure Cell Name:

bos setcellname dopey.redflo.de redflo.de -noauth


Note: The first parameter is the fqdn of the AFS Server. The second parameter is the AFS cell name - usually looking like a domain name. This has to be lower case.

Configure server processes:


bos create dopey.redflo.de buserver simple /usr/lib64/openafs/buserver -cell redflo.de -noauth
bos create dopey.redflo.de ptserver simple /usr/lib64/openafs/ptserver -cell redflo.de -noauth
bos create dopey.redflo.de vlserver simple /usr/lib64/openafs/vlserver -cell redflo.de -noauth


Configure AFS to use Kerberos:


kadmin.local
kadmin.local: add_principal -randkey -e des-cbc-crc:v4 afs/redflo.de
kadmin.local: add_principal admin
<enter the password you like to use for afs adminitration>
kadmin.local:  ktadd -k /etc/afs.keytab -e des-cbc-crc:v4 afs/redflo.de
Entry for principal afs/redflo.de with kvno (kvno number), encryption type DES cbc mode with CRC-32 added to keytab WRFILE:/etc/afs.keytab.


Note the "kvno" number from output of the ktadd command. Now transport the afs.keytab to your afs server (if it is not the kerberos server)

bos adduser dopey.redflo.de admin -cell redflo.de -noauth
asetkey add (kvno number) /etc/afs.keytab afs/redflo.de


You have to use the kvno number you noted in the step before for the asetkey command.

Configure admin for protection DB:


pts createuser -name admin -cell redflo.de -noauth
pts adduser admin system:administrators -cell redflo.de -noauth
pts membership admin -cell redflo.de -noauth


Restart bos server:

bos restart dopey.redflo.de -all -cell redflo.de -noauth



Start file server:


bos create dopey.redflo.de fs fs /usr/lib64/openafs/fileserver /usr/lib64/openafs/volserver /usr/lib64/openafs/salvager -cell redflo.de -noauth


Create root volume:


vos create dopey.redflo.de /vicepa root.afs -cell redflo.de -noauth


Create update server:


bos create dopey.redflo.de upserver simple "/usr/lib64/openafs/upserver -crypt /etc/openafs -clear /usr/lib64/openafs" -cell redflo.de -noauth


Autostart:


On suse linux be sure to set
REGENERATE_CELL_INFO="no"

in /etc/sysconfig/openafs-server

Make the server start automatically:
chkconfig -a openafs-server



Erstellt von redflo. Letzte Änderung: Samstag März 6, 2010 11:05:36 GMT-0000 by redflo.
Kommentare