Rev | Author | # | Line |
---|---|---|---|
1 | DanielLawson | 1 | !!!Setting up an [AFS] server under Debian |
2 | |||
12 | AristotlePagaltzis | 3 | A lot of this should translate to other distributions as well, but [YMMV]. |
1 | DanielLawson | 4 | |
5 | !! Before you start | ||
6 | |||
7 | This section is almost definately OS/Distro independant. | ||
8 | |||
9 | ! [Kerberos] | ||
10 | |||
12 | AristotlePagaltzis | 11 | [AFS] depends on a working [Kerberos] installation. Refer to [KerberosNotes]. |
1 | DanielLawson | 12 | |
13 | ! Filesystems and Partitions | ||
14 | |||
12 | AristotlePagaltzis | 15 | Though [AFS] seems fairly filesystem independant, it really prefers having a seperate partition for your AFS cell. Apparently it requires a different fsck(8) for magical reasons too, so its probably best to follow this. Put your first partition on __/vicepa__, and your second on __/vicepb__, and so on. You can also use the namei backend which is slow, but is FS/OS independant, provided you can do normal filesystem stuff. |
1 | DanielLawson | 16 | |
17 | ! Hostname | ||
18 | |||
12 | AristotlePagaltzis | 19 | Some people report [AFS] required their server's hostname to resolve properly via [DNS], or they'd get weird problems for no apparent reason. This does not seem to be consistent and might be [Kerberos] issue. |
2 | DanielLawson | 20 | |
21 | ! Kernel | ||
22 | |||
12 | AristotlePagaltzis | 23 | Make sure [AFS] likes your kernel before continuing, or else things may fail for no good reason. Some people report problems with [AFS] on kernel versions others have no trouble with, so check your own setup. |
1 | DanielLawson | 24 | |
25 | !! Installing [AFS] | ||
26 | |||
3 | DanielLawson | 27 | ! Installing the packages: |
28 | |||
12 | AristotlePagaltzis | 29 | The pertinent [Debian] packages are |
30 | * openafs-dbserver | ||
31 | * openafs-krb5 | ||
32 | * openafs-client | ||
3 | DanielLawson | 33 | |
12 | AristotlePagaltzis | 34 | Your cellname should be your lower-case DNS name, eg __element.tla__. Your DBServer for [AFS] should be the [DNS] name of the machine you are installing on currently. |
3 | DanielLawson | 35 | |
36 | ! Setting up Kerberos | ||
37 | |||
12 | AristotlePagaltzis | 38 | Run the following commands (but see below first): |
39 | |||
4 | DanielLawson | 40 | kadmin.local -e des-cbc-crc:v4 |
7 | NathanWard | 41 | addprinc -randkey afs |
42 | ktadd -k /tmp/afs.keytab afs | ||
43 | quit | ||
3 | DanielLawson | 44 | kadmin.local |
7 | NathanWard | 45 | addprinc root |
12 | AristotlePagaltzis | 46 | (enter passwords) |
7 | NathanWard | 47 | quit |
3 | DanielLawson | 48 | asetkey add 3 /tmp/afs.keytab afs |
7 | NathanWard | 49 | |
12 | AristotlePagaltzis | 50 | Adding a __princ__ for __root__ is probaby a bad idea. The "[Kerberos] Way" is to have user/instance, eg __joeshmoe/admin__, known to [AFS] as __joeshmoe.admin__. |
3 | DanielLawson | 51 | |
52 | ! Partitions | ||
53 | |||
12 | AristotlePagaltzis | 54 | Make sure you have a partition created and mounted at __/vicepa__. If you cant do this with a real partition, make a loopback one as follows: |
3 | DanielLawson | 55 | |
7 | NathanWard | 56 | dd if=/dev/zero of=/var/lib/openafs/vicepa bs=1024k count=32 |
3 | DanielLawson | 57 | mke2fs /var/lib/openafs/vicepa |
8 | PerryLorier | 58 | mkdir /vicepa && mount -oloop /var/lib/openafs/vicepa /vicepa |
7 | NathanWard | 59 | |
12 | AristotlePagaltzis | 60 | You can later add __/vicepb__, __/vicepc__ etc. |
3 | DanielLawson | 61 | |
62 | ! Set up the cell | ||
4 | DanielLawson | 63 | |
12 | AristotlePagaltzis | 64 | Make sure __/etc/openafs/!ThisCell__ looks something like |
4 | DanielLawson | 65 | |
7 | NathanWard | 66 | element.tla |
12 | AristotlePagaltzis | 67 | |
68 | and __/etc/openafs/!CellServDb__ resembles | ||
69 | |||
4 | DanielLawson | 70 | >element.tla # cell |
71 | 10.66.1.101 # afs.element.tla | ||
7 | NathanWard | 72 | |
12 | AristotlePagaltzis | 73 | At this point, make sure you have compiled the OpenAFS modules for your kernel. If you build a new kernel at the same time, reboot now so you can get these modules installed properly. |
3 | DanielLawson | 74 | |
10 | StuartYeates | 75 | You can do this under [Debian] with [make-kpkg(1)]: |
12 | AristotlePagaltzis | 76 | |
77 | # apt-get source openafs-modules-source | ||
78 | # cd /usr/src | ||
79 | # tar xzf openafs.tar.gz | ||
80 | # cd /path/to/kernel/source | ||
81 | # make-kpkg modules_image | ||
82 | # dpkg -i ../openafs-modules*deb | ||
7 | NathanWard | 83 | |
11 | CraigBox | 84 | The [Debian] [Packages|Package], at least, come with a script to do all this for you: |
3 | DanielLawson | 85 | afs-newcell |
86 | |||
87 | ! Set up the root volume: | ||
88 | There is also a script to to this: | ||
89 | afs-rootvol |
lib/blame.php:177: Warning: Invalid argument supplied for foreach() (...repeated 6 times)