I will quickly summarize the barebone list of 'todo' for you to setup a CentOS 7 system and make it play with the ageing Topspin 1.3 PL10 version application.
I assume that you have built a system with CentOS 7 32 bit version (about the 64 bit version, later).
You enter the commands shown here in a BASH shell window. Unless mentioned otherwise, you should be root or use the 'sudo' method to execute the command as a superuser.
Firewall configuration :
By default, CentOS 7 enables firewalld daemon in place of the older iptables. Please note that kernel still uses iptables functionality for network packet filtering but firewalld is the wrapper that communicates with this function. So the so-called 'iptables service' is not installed in CentOS 7 by default.
You can install iptables as root (or sudo user) via : yum install iptables-services
Then, if you are paranoid like me, you can disable the firewalld daemon and enable iptables in one step like so :
systemctl disable firewalld; systemctl stop firewalld; systemctl start iptables; systemctl enable iptables
The semicolon separates each command on the same line and so the steps of stopping firewalld and starting iptables services are done with very little gap in time between the two commands. For that duration, in theory, the system is vulnerable when the Kernel netfilter table is fleshed of all rules, but we are probably talking on the order of milliseconds and so it should be fine.
Please make sure that you have enabled full access to the eth1 network interface. In my case the iptables entry contains the following to ensure that the communication between the Linux machine and NMR console is unhindered by the firewall :
-A INPUT -i eth1 -j ACCEPT
In case you are wondering, since this dedicated interface card is not connected to the internet and the spectrometer is on the so-called 'non routable subnet' i.e. 149.236.99.0, there are no security problems involved in this configuration.
Other Linux and Network related configurations specific to CentOS 7 :
CentOS 7 defines the network interface cards with a new naming scheme and the flexlm license manager will not recognize these names. The names look something like 'p4p1' instead of the older 'eth0'. To restore this older naming, you have to take a few steps :
Topspin 1.3 specific things to install on the Linux Side :
I once again take it that you have installed the Topspin 1.3 PL10 software under the /opt/topspin tree. The install script will throw up a few errors but for the present you ignore those. The check list in the following will address all those. The bold faced names are those of programs or files that need to be installed/updated :
I assume that you have built a system with CentOS 7 32 bit version (about the 64 bit version, later).
You enter the commands shown here in a BASH shell window. Unless mentioned otherwise, you should be root or use the 'sudo' method to execute the command as a superuser.
Firewall configuration :
By default, CentOS 7 enables firewalld daemon in place of the older iptables. Please note that kernel still uses iptables functionality for network packet filtering but firewalld is the wrapper that communicates with this function. So the so-called 'iptables service' is not installed in CentOS 7 by default.
You can install iptables as root (or sudo user) via : yum install iptables-services
Then, if you are paranoid like me, you can disable the firewalld daemon and enable iptables in one step like so :
systemctl disable firewalld; systemctl stop firewalld; systemctl start iptables; systemctl enable iptables
The semicolon separates each command on the same line and so the steps of stopping firewalld and starting iptables services are done with very little gap in time between the two commands. For that duration, in theory, the system is vulnerable when the Kernel netfilter table is fleshed of all rules, but we are probably talking on the order of milliseconds and so it should be fine.
Please make sure that you have enabled full access to the eth1 network interface. In my case the iptables entry contains the following to ensure that the communication between the Linux machine and NMR console is unhindered by the firewall :
-A INPUT -i eth1 -j ACCEPT
In case you are wondering, since this dedicated interface card is not connected to the internet and the spectrometer is on the so-called 'non routable subnet' i.e. 149.236.99.0, there are no security problems involved in this configuration.
Other Linux and Network related configurations specific to CentOS 7 :
CentOS 7 defines the network interface cards with a new naming scheme and the flexlm license manager will not recognize these names. The names look something like 'p4p1' instead of the older 'eth0'. To restore this older naming, you have to take a few steps :
- /etc/default/grub : In this file, you most probably already have an entry such as : GRUB_CMDLINE_LINUX="crashkernel=auto..." etc. Add, within the double quotes, the following phrase at the end of this line : net.ifnames=0 biosdevname=0"
- eth0 : you create or edit a file : ifcfg-eth0. The entries in my case looks as below :
- TYPE="Ethernet"
BOOTPROTO="dhcp"
DEFROUTE="yes"
IPV4_FAILURE_FATAL="no"
IPV6INIT="yes"
IPV6_AUTOCONF="yes"
IPV6_DEFROUTE="yes"
IPV6_FAILURE_FATAL="no"
NAME="eth0"
UUID="95260f6a-4ac2-4fa2-b72b-32a67b46103a"
DEVICE="eth0"
ONBOOT="yes"
DNS1="128.95.120.1"
DOMAIN="128.95.172.1"
PEERDNS="yes"
PEERROUTES="yes"
IPV6_PEERDNS="yes"
IPV6_PEERROUTES="yes"
IPV6_PRIVACY="no"
NM_CONTROLLED="no" - The things we need to focus on in this file are those in red and blue.
- You set BOOTPROTO to "dhcp" if your system derives its IPV4 address from a DHCP server (in case you are wondering, DHCP stands for Dynamic Host Configuration Protocol) - similar to the router at home that provides addresses to all the devices you connect
- You should set this to "none", if you are provided a 'static ip' address by your network czar for this system (less common nowadays).
- The NAME field is what identifies this interface card as 'eth0', which will keep the flexlm license manager happy for starting Topspin later. The DEVICE field is only optional and so you can even remove it to avoid confusion between NAME and DEVICE definitions.
- ONBOOT is what tells the system that the network card should be started up when a reboot occurs. When troubleshooting network issues, we normally set this to 'no', since a inactive/failed Network card startup normally hangs the system for a long time during boot. Once everything is working, this should be set to "yes".
- You must set the NM_CONTROLLED to "no".
- NetworkManager is a so-called daemon that handles network address allocation and such in a mobile environment such as a wifi network space and when you are moving around with a laptop. This is the module that makes it possible for your smartphone automatically connect with the wifi in that coffee shop that you visited a month ago without asking any questions.
- IN a static environment such as a desktop workstation system, it is quite safe to turn this off (I will tell how, in a bit). Turning off NetworkManager control means that the definitions in the ifcfg-ethX files will be the ONLY ones used for configuration of the network for both eth0 and eth1, even after a system reboot.
- As to the blue entries, these are not needed at all, if you your BOOTPROTO is set to "dhcp". The DHCP server will supply these automatically. They are there in my case because, I copied this file from a static IP configuration. They do not hurt to keep, though.
Topspin 1.3 specific things to install on the Linux Side :
I once again take it that you have installed the Topspin 1.3 PL10 software under the /opt/topspin tree. The install script will throw up a few errors but for the present you ignore those. The check list in the following will address all those. The bold faced names are those of programs or files that need to be installed/updated :
- Install bootparamd. The Topspin 1.3 DVD has a copy, if you cannot download the 'bootparamd.i686' version from the default repository. As of this writing, the EPEL repository is not yet up for CentOS 7 32 bit version. So, you may have to use the rpm in the DVD.
- Install portreserve. This is nothing but the portmapper, which is needed for communication between the CCU and the PC.
- Check that the installation script successfully updated the following. You can edit these files by hand and add the following, if the install script didn't do it :
- /etc/hosts. The entries pertaining to Topspin are :
- 149.236.99.1 ASP_ST2
149.236.99.99 spect - /etc/exports
- /usr/diskless/dl_usr spect(sync,ro)
/usr/diskless/clients/spect spect(sync,rw,no_root_squash)
- /etc/services : the following line should be there
- bruker_ls 1753/tcp # FLEXlm licensing for Bruker
- /etc/hosts.allow : make sure that this entry is present
- ALL : 149.236.99.99
- Configuring NFS :
- Since the CCU/11 uses, by now a rather old implementation of NFS i.e. version 2, the NFS server on the Linux side should be explicitly enabled to accommodate that. Many distributions will have the default configuration set to honor NFS connection requests using either version 3 or 4.
- Make sure you have the following entry in /etc/sysconfig/nfs
- RPCNFSDARGS="-V 2"
No comments:
Post a Comment