New System Setup

While we don't set up a new machine very often, sometimes it needs to be done.

Run the Debian Installer
Just use the debian installer for the current release that we are using. See Partitioning Best Practice for how to partition the disks on the machine. When it asks you for network setup, just let it get a DHCP address from the Winnett pool. You should set the hostname to the machine's name, but don't worry about setting the static IP just yet. It will prompt you to make a new user account- just humor it and remove on your first reboot.

Netboot image
We have netboot images available from demeter. If the machine is in configurator (see the next step), it will be able to get a dhcp address. If you set up netboot from the machine, you can use "install", "install-expert", "install-amd64", or "install-amd64-expert" for the appropriate image.

If you do this, it will have difficulty talking to the outside internet due to our weird networking. You can use http://hephaestus/toughguy as a proxy for toughguy so it can get the rest of its packages.

Configurator
See Configurator, and add the machine to configurator. On demeter, run "sudo /usr/local/sbin/update-cfengine" to update the cfengine source files, and run "cfrun -- -- coreserver" to update all coreservers with the new info. After you've done this, copy vmps.db to charon and reload vmpsd so that the machine can get on the UGCS network.

After Debian is installed

 * Set a BIOS password. This is also a good chance to make sure that it will automatically power-on after a power outage (this is important if our power ever goes out)
 * Log in as root and remove the normal user account you created during installation
 * Set up networking as its final IP. Since you already added its MAC address, this shouldn't be a problem.  See Networking for the details of this.

Configuring a machine
CFengine does a pretty good job of setting most things up.


 * Mount demeter:/srv/cfengine as /ug/nfs/cfengine so you can get cfengine stuff installed.
 * Copy /ug/nfs/cfengine/global/inputs/* to /etc/cfengine to "seed" the cfengine stuff.
 * Run "cfagent -v" This will install all the packages UGCS needs as well as a bunch of niceties.  Do not pipe this to less.  You will see some garbled screens- this is debconf ignoring it setting to never prompt and prompting anyways.  Just hit enter all the way through, the config files will get overwritten by the next step.
 * Now that the appropriate packages are installed, run "cfagent -v" to get the rest of the configuration copied over.

Nagios
You now need to add the machine to nagios. If you added it to the right groups in configurator, it should be automatic.

Keys
You now need to set up the various keys each machine has.


 * Kerberos: Add a host/name.ugcs.caltech.edu principal to kerberos (through kadmin.local on zeus)   Then, back on the new machine, run kadmin under sudo and "ktadd -k /etc/krb5.keytab host/name.ugcs.caltech.edu" to set up the kerberos keytab on the local machine.
 * Bacula: See Bacula Setup for generating the bacula key.  After you do this, run "dpkg --configure -a" so dpkg can see that bacula will start normally. (before, it wouldn't start because it couldn't find the local keypair)
 * SSH: Copy the public ssh host key to demeter, and add it to the global known_hosts file. You can do this by simply appending the new key to the end of the existing file.  After this run "cfrun" to update the file on every machine.