Remote Console

Cyclades Configuration

Source: http://users.monash.edu.au/~spindler/archives/2005/06/22/cyclades_configuration/index.html 

Here are some notes from my experiences configuring and deploying cyclades terminal servers.

Naming Conventions etc

We have named the cyclades boxes are named after islands in the Greek Cyclades, ie naxos, paros etc.

Console end -> hostname-c
Machine end -> cyclades-portno

But due to the length and number of these cables I think it is better (and I have been doing this) to label the cable at both ends thusly:

hostame-c cyclades-portno

Eg:

wedgetail-c paros-01

Put enough spaces between the names to enable wrapping the label around the cable.

Adding a machine

Eg. we want to add a new machine named ‘clientname’ to the cyclades named ‘conserver’

1/ Find a cyclades in a nearby rack with a free port.

If you are connecting to a serial port on a machine you will need a 9 pin or 25 pin adaptor. If you are connecting to a RSM card or UTP based serial port on a machine you will need a special cable, contact John F. or myself. Where there is a choice of RSM or serial, like on a V440, use the RSM UTP port.

2/ Note hostname of cyclades and port number.

Eg conserver port 4

3/ create a DNS entry for machine

4/ Add the machine to the cyclades.

Edit /etc/portslave/pslave.conf

Find the entries sX.ipno and add your new machine.

Eg.

s4.ipno 172.16.2X.X #client-c

Save the file to the flash:

# saveconf

Restart portslave to activate new configuration:

# signal_ras hup

Setting Up Cyclades

When first setting up the cyclades:

change default password

run ‘wiz’ (turn off dhcp, enter IP, hostname etc)

/root/.ssh needs to be added to the /etc/config_files, similarly any other files/directories you want preserved after a reboot (above the default – look at contents of this file) need to be added to this file. The command ’saveconf’ saves these to a compress tar file /proc/flash/scripts which is decompressed on boot.

Comment out telnetd from /etc/inetd.conf and add /etc/inetd.conf to /etc/config_files

Comment out webs entry in /etc/inittab and add /etc/inittab to /etc/config_files

replace ntpclient entry in initab with: ::once:/usr/bin/ntpclient -h timeserver -i 300 &

Make sure all.protocol is set to socket_ssh in /etc/portslave/pslave.conf

Make sure all.authtype is set to local in /etc/portslave/pslave.conf

To turn off the verbose POST messages when booting, run bootconf

copy /root/.ssh/authorized_keys2 from another cyclades and add /root/.ssh to /etc/config_file

comment out all.netmasks in /etc/portslave/pslave.conf

check /etc/resolv.conf is sensible

Example entry in /etc/portslave/pslave.conf

s10.ipno 172.16.20.15 # blah-c

s10 is serial port 10, ipno is the IP number, which is the entry in addhost, and the comment afterwards tells the name of the machine on that port. I think this is pretty straight to the point, and as long as we put the comment with the hostname there we know whats on the port.

A seperate ssh connection is created for each port, eg: -RW_ssh ttyS11, having a look through ps and killing of the relevant one will kill a locked connection.

General Usage

To disconnect from a connection is a ’tilda .’ which is the standard ssh disconnect, and a standard Sun ‘tip’ disconnect, so as you can imagine if you have come to the console port by a round-a-bout method you can very accurately shoot yourself in the foot ’tilda break’ (break spelt out) will send a break, thus halting the Sun box. As you can see there are a couple of ways of causing yourself pain, so being able to drop the connection by killing the individual ssh connection to the serial port is a very useful feature (This is done by sshing as root to the cyclades itself).

’tilda tilda .’ will drop the Cyclades connection only.

As for connectors:

E280Rs and Ultra 5/10s can use the DB25 plug that comes from Sun. blades can use the DB9 plugs that come from Sun. Older Sun boxes seem to need the console DB25 connectors that come with the cyclades, so probably different wiring again. Testing on a Sparcstation 20 (further testing abviously need to be done) as long as the cyclades is rebooted (ie power not dropped) the machine will not be halted. V480s, netras and other boxes with UTP serial ports, need a cyclades netra convertor, or a female/female UTP extender with a red (cisco wired) cyclades cable on the end of the standard black UTP cable.

Firmware upgrades

To find the version of the cyclades software:

# cat /proc/version
Linux version 2.2.14 (root@dell) (gcc version 2.95.2 19991030 (2.95.3 prerelease/franzo))
#12 Thu Aug 26 10:43:14 PDT 2004
Cyclades-TS2000-Linux V_1.3.12-1 (Aug/26/04)

To upgrade (after reading all documentation regarding upgrade, ie upgrade matrix and release notes):

# cd /proc/flash
# ftp patch
ftp> bin
ftp> cd /pub/sun/cyclades/VERSION/
ftp> get zImage
ftp> bye
# reboot

Where to from here

The version of the cyclades software boot image can be determined by doing a ‘cat /proc/bdinfo’

I forgot the root password!

If you need to get into the cyclades, and you have forgotten the root password like I did, attach a console to the console port. Turn the cyclades on, when the self test starts, keep hitting escape, the boot will pause, hit back space until it will not go any further, type linux single. Once you are at the single user prompt, type passwd, change passwd, and make sure you do a saveconf.

Syslogging

Add the following line to /etc/portslave/pslave.conf:

all.DB_user_logs        on

Modify:

all.data_buffering      255
all.syslog_buffering    255
all.syslog_sess 0
all.dont_show_DBmenu 2

Replace the ‘# local syslog clients’ onwards in /etc/syslog-ng/syslog-ng.conf with:

# local syslog clients
options {
        use_fqdn(yes);
        sync(0);
        keep_hostname(yes);
};
source inter { internal();};
source src_dev_log { unix-stream("/dev/log"); };
source s_kernel { file("/proc/kmsg"); };
source s_serial {
        file("/var/run/DB/ttyS1.data");
        file("/var/run/DB/ttyS2.data");
        file("/var/run/DB/ttyS3.data");
        file("/var/run/DB/ttyS4.data");
        file("/var/run/DB/ttyS5.data");
        file("/var/run/DB/ttyS6.data");
        file("/var/run/DB/ttyS7.data");
        file("/var/run/DB/ttyS8.data");
        file("/var/run/DB/ttyS9.data");
        file("/var/run/DB/ttyS10.data");
        file("/var/run/DB/ttyS11.data");
        file("/var/run/DB/ttyS12.data");
        file("/var/run/DB/ttyS13.data");
        file("/var/run/DB/ttyS14.data");
        file("/var/run/DB/ttyS15.data");
        file("/var/run/DB/ttyS16.data");
        file("/var/run/DB/ttyS17.data");
        file("/var/run/DB/ttyS18.data");
        file("/var/run/DB/ttyS19.data");
        file("/var/run/DB/ttyS20.data");
        file("/var/run/DB/ttyS21.data");
        file("/var/run/DB/ttyS22.data");
        file("/var/run/DB/ttyS23.data");
        file("/var/run/DB/ttyS24.data");
        file("/var/run/DB/ttyS25.data");
        file("/var/run/DB/ttyS26.data");
        file("/var/run/DB/ttyS27.data");
        file("/var/run/DB/ttyS28.data");
        file("/var/run/DB/ttyS29.data");
        file("/var/run/DB/ttyS30.data");
        file("/var/run/DB/ttyS31.data");
        file("/var/run/DB/ttyS32.data");
};

destination console { usertty("root"); };
destination remote { tcp("loghost" port(514)); };

filter f_alerts { level(err .. alert); };

# send only criticals messages to logged root user
log { source(src_dev_log); filter(f_alerts); destination(console); };
log { source(inter); filter(f_alerts); destination(console); };
log { source(s_kernel); filter(f_alerts); destination(console); };
# send all messages to syslog server
log { source(src_dev_log); destination(remote); };
log { source(inter); destination(remote); };
log { source(s_kernel); destination(remote); };
log { source(s_serial); destination(remote); };
Advertisements

Categories: Remote Console

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s