Saturday, October 15, 2011

CIS(theta) 2011-2012 - Public Keys! - Meeting IV

The following is a summary of what we've accomplished so far with the 2011-2012 CIS(theta) team. The Shadowfax Cluster is coming along quite well. We have a nice base OS in 64bit Ubuntu 11.04 Natty Narwhal Desktop on top of our AMD dualcore Athlons and gigE LAN. The Unity Desktop isn't that different from the Gnome Desktop we've been using these past few years on Fedora and Ubuntu. Natty is proving very user friendly and easy to maintain! This past week we installed openSSH on a testbed of 4 Linux Boxes and we enabled public-key authenticated ssh as detailed below. Next meeting, we'll install openMPI and we'll use flops.f to stress our mini 8-core cluster! BTW, we need public keys so openMPI can scatter/gather cluster jobs without the overhead of logging into each node as needed. We created a new user common to all nodes called "jobs" in honor of Steve Jobs. The cluster user can simply log into one node and be logged into all nodes at once! We started step 4 as listed below by installing openSSH and enabling public-key authentication. We'll finish step 4 next time by installing and testing openMPI. Maybe we'll rename it step 5?
InstantCluster Step 1: Infrastructure
Make sure your cores have enough ventilation. The room has to have powerful air conditioning too. These two factors may seem trivial but will become crucial when running the entire cluster for extended periods of time! Also, you need to have enough electrical power, preferably with the cabling out of the way, to run all cores simultaneously. Don't forget to do the same with all your Ethernet cabling. We have CAT6E cables to support our gigE Ethernet cards and switches. We are lucky that this step was taken care of for us already!

InstantCluster Step 2: Hardware
You need up to date Ethernet switches plus Ethernet cards and cores as well as plenty of RAM in each Linux box. As stated above, our gigE LAN and switches were already setup for us. Also, we have 64bit dual-core AMD Athlons and our HP boxes have 750 MB of RAM. I'd rather 1 or 2 GB of RAM, but that will have to wait for an upgrade!

InstantCluster Step 3: Firmware
We wasted way too much time last year trying out all kinds of Linux distros looking for a good 64bit base for our cluster. This year we spent way too much time testing out different liveCD distros. Recently, we downgraded from 64bit Ubuntu 10.04 Desktop edition to the 32bit version on our Linux partitions. 64bit gives us access to more RAM and a larger maxint, but was proving to be a pain to maintain. Just to name one problem, jre and flash were hard to install and update on FireFox. Last year we tried Fedora, Rocks, Oscar, CentOS, Scientific Linux and, finally, Ubuntu. 32bit Ubuntu has proven very easy to use and maintain, so I think we'll stick with it for the cluster! We've done this several times over the years using everything from Slakware and KNOPPIX to Fedora and Ubuntu!

InstantCluster Step 4: Software Stack
On top of Ubuntu we need to add openSSH, public-key authentication and openMPI. In step 6 we can discuss an application to scatter/gather over the cluster whether it be graphical (fractals, povray, blender, openGL, animations) or number crunching (C++ or python app for Mersenne Primes or Beal's Conjecture). So, what follows is a summary of what we did to get up to plublic-key authentication. This summary is based on the link listed below. First, we installed openSSH-server from using the proxy server, then:
  1. If you have no .ssh directory in your home directory, ssh to some other machine in the lab; then Ctrl-d to close the connection, creating .ssh and some related files. 
  2. From your home directory, make .ssh secure by entering:
    chmod 700 .ssh
  3. Next, make .ssh your working directory by entering:
    cd .ssh
  4. To list/view the contents of the directory, enter:
    ls -a [we used ls -l]
  5. To generate your public and private keys, enter:
    ssh-keygen -t rsa
    The first prompt is for the name of the file in which your private key will be stored; press Enter to accept the default name (id_rsa).The next two prompts are for the password you want, and since we are trying to avoid entering passwords, just press Enter at both prompts, returning you to the system prompt.
  6. To compare the previous output of ls and see what new files have been created, enter:
    ls -a [we used ls -l]
    You should see id_rsa containing your private key, and containing your public key.
  7. To make your public key the only thing needed for you to ssh to a different machine, enter:
    cat >> authorized_keys
    [The Linux boxes on our LAN, soon to be cluster, have IPs ranging from to So, we copied each file to temp01-temp24 and uploaded these 
    files via ssh to the teacher station. Then we just ran cat tempnn >> authorized_keys 
    for each temp file to generate one master authorized_keys file for all nodes that we could 
    just download to each node's .ssh dir.]
  8. [optional] To make it so that only you can read or write the file containing your private key, enter:
    chmod 600 id_rsa
  9. [optional] To make it so that only you can read or write the file containing your authorized keys, enter:
    chmod 600 authorized_keys
    What we are researching II 
    (look what other people are doing with MPI):
    MPI intro, nice!
    Sample MPI code
    What we are researching I 
    (look what this school did in the 80s and 90s): 
    Thomas Jefferson High courses
    Thomas Jefferson High paper
    Thomas Jefferson High ftp
    Thomas Jefferson High teacher
    Today's Topic:
    CIS(theta) 2011-2012 - Public Keys! - Meeting IV
    Today's Attendance:
    CIS(theta) 2011-2012: GeorgeA, GrahamS, KennyK, LucasE
    Today's Reading:
    Chapter 2 Building Parallel Programs (BPP) using clusters and parallelJava
    Well, that's all folks, enjoy!

No comments:

Post a Comment