Story #2712
Prepare production CNs
Status:
Closed
Priority:
Normal
Assignee:
Category:
Support Operations
Target version:
Start date:
2012-05-07
Due date:
% Done:
100%
Story Points:
Sprint:
Description
Production CN VMs were created a while back. Ensure the systems are up-to-date and consistently configured in preparation for CN installation.
Each of cn-ucsb-1, cn-orc-1, and cn-orc-1 should have:
- dist-upgrade each (will install new kernel), autoremove, reboot.
- ntp enabled, with pool.ntp.com enabled as a server (e.g. http://mule1.dataone.org/OperationDocs/timezone.html )
- resolve.conf should have:
search dataone.org
nameserver 128.111.220.18
nameserver 128.111.220.16
nameserver 174.37.196.55
nameserver 8.8.8.8
nameserver 8.8.4.4
- ldap account authentication should be enabled ( e.g. http://mule1.dataone.org/OperationDocs/ldap_authentication.html )
- /etc/ldap.conf should have dataone-sysadmin for login
- ufw configured with default DENY rule, and SSH enabled (port 22)
Subtasks
History
#1 Updated by Dave Vieglais over 12 years ago
- Status changed from New to Closed
