GCE
From FarmShare
(Difference between revisions)
Line 29: | Line 29: | ||
hmm, instance has only internal IP, and can't ping barley-storage01, let's look at that: https://developers.google.com/compute/docs/networking | hmm, instance has only internal IP, and can't ping barley-storage01, let's look at that: https://developers.google.com/compute/docs/networking | ||
+ | |||
+ | The networking doc says any outgoing connection is allowed. Firewalls in the way: | ||
+ | * none on GCE side (outgoing) | ||
+ | * central firewall - project Stanford FarmShare, no incoming GlusterFS ports allowed, filed request | ||
+ | * iptables on barley-storage01, added to puppet iptables fragment | ||
+ | * gluster auth.allow, currently ''*'' (gluster volume info) |
Revision as of 17:50, 12 July 2012
our GCE project ID is stanford.edu:barley-gce
I created a standard instance, it gets Ubuntu 12.04 by default. 3.7GB per core, up to 8 cores. ~7GB usable /tmp
https://developers.google.com/compute/docs/hello_world
minimum requirements
- qmaster on senpai1 needs to be able to talk to execd on instance
- user information from ldap needs to be present on instance
- user data directory needs to be present on instance (e.g. /mnt/glusterfs)
Can compare to barley-tesq for LDAP settings.
LDAP
sudo aptitude install ldap-utils libpam-ldap libnss-ldap
compare /etc/nsswitch.conf and /etc/ldap.conf to the one on barley-testq
test anonymous bind:
ldapsearch -x -h ldap.stanford.edu -b "cn=accounts,dc=stanford,dc=edu" "(objectClass=*)"
The above command works from barley-testq but not from GCE instance, either firewall or IP ACL if I had to guess?
OK, give up on that for now.
GlusterFS
sudo aptitude install glusterfs-client sudo mkdir -p /mnt/glusterfs
hmm, instance has only internal IP, and can't ping barley-storage01, let's look at that: https://developers.google.com/compute/docs/networking
The networking doc says any outgoing connection is allowed. Firewalls in the way:
- none on GCE side (outgoing)
- central firewall - project Stanford FarmShare, no incoming GlusterFS ports allowed, filed request
- iptables on barley-storage01, added to puppet iptables fragment
- gluster auth.allow, currently * (gluster volume info)