NPACI Rocks Cluster Distribution: Users Guide: | ||
---|---|---|
Prev | Chapter 5. Customizing your Rocks Installation | Next |
The default Rocks configuration does not enable rsh commands or login to compute nodes. Instead, Rocks uses ssh as a drop in replacement for rsh. There may be some circustances where ssh does not have exactly the same semantics of rsh. Further, there may be some users that cannot modify their application to switch from rsh to ssh. If you are one of these users you may wish to enable rsh on your cluster.
Enabling rsh on your cluster has serious security implicatation. While it is true rsh is limited to the private-side network this does not mean it is as secure as ssh. Talk to your local security expert about why this might be a bad idea |
Enabling rsh is done by modifying the default kickstart graph. First copy the default rsh.xml into the site customization directory:
# cp /home/install/rocks-dist/enterprise/3/en/os/arch/build/graphs/default/rsh.xml \ /home/install/site-profiles/3.3.0/graphs/default/ |
Where arch is your architecture ("i386", "ia64", etc).
Now edit /home/install/site-profiles/3.3.0/graphs/default/rsh.xml and change the following:
<!-- Uncomment to enable RSH on your cluster (this is not very secure!) <edge from="slave-node" to="xinetd"/> <edge from="slave-node" to="rsh"/> --> |
Next follow the instruction and uncomment this block. This will force all appliance types that reference the slave-node class (compute nodes, nas nodes, ...) to enable an rsh service that trusts all hosts on the private side network. This uncommented block should look like this.
<edge from="slave-node" to="xinetd"/> <edge from="slave-node" to="rsh"/> |
To apply your customized configuration scripts to compute nodes, rebuild the distribution:
# cd /home/install # rocks-dist dist |
Then, reinstall your compute nodes.