====== Head Node Setup ======
All of the instructions here on our pages are supplemental to the official [[http://www.rocksclusters.org/roll-documentation/base/5.4/install-frontend.html| Rocks installation guide]]. //Use this guide to install your front-end and use our information only as a additional help.//
  * Make sure your hardware meets the Rocks requirements. You can view them here 
    * http://www.rocksclusters.org/roll-documentation/base/5.4/getting-started.html
  * Download Rocks 5.4 for Linux from their website here. You can download individual rolls or the jumbo DVD disk.
    * [[http://www.rocksclusters.org/wordpress/?page_id=123|http://www.rocksclusters.org/wordpress/?page_id=123]]. 
  * Rocks comes with CentOS for the operating system but we opted to use Scientific Linux 5.5 instead. Scientific Linux iso(s) can be downloaded here
    * [[http://ftp2.scientificlinux.org/linux/scientific/55/iso/|http://ftp2.scientificlinux.org/linux/scientific/55/iso/]].
  * Burn all images to CD or DVD disks.



===== General Information =====
^  Software  ^^  Cluster Information  ^^
^  Rocks Version |  5.4-0 x86_64  ^  Fully-Qualified Host Name |  grow-prod.its.uiowa.ed  |
^  Operating System |  Scientific Linux 5.5  ^  Cluster Name |  GROW  |
^  Rolls Installed |  area51-5.4-0.x86_64  ^  Certificate Organization |  University of Iowa  |
^  |  base-5.4-0.x86_64  ^  Certificate Locality |  Iowa City  |
^  |  condor-5.4-0.x86_64  ^  Certificate State |  Iowa  |
^  |  ganglia-5.4-0.x86_64  ^  Certificate Country |  US  |
^  |  kernel-5.4-0.x86_64  ^  Contact |  daniel-squires@uiowa.edu  |
^  |  web-server-5.4-0.x86_64  ^  URL |  http://grow-prod.its.uiowa.edu  |
^  |  service-pack-5.4.2-1.x86_64  ^  Latitude/Longitude |  N41.65 -91.55  |


===== Install Head Node =====
==== Network Information ====
Private ethernet configuration will most likely be the default that Rocks provides. You will have to get public ethernet information from your provider.
Click [[grow:network_info#grow-prod|here]] to view the network information for the GROW head node.
==== Root Password =====
Enter a password. Try to use a good mix of letters (upper and lower case), numbers, and special characters.
^  Password |  rootpasswd  |
^  Confirm | rootpasswd  |

==== Time Configuration ====
Use a location closest to your cluster location. Leave the NTP Server as the default.
^  Time Zone |  America/Chicago  |
^  NTP Server |  pool.ntp.org  |

==== Disk Partitioning ====
Rocks lets you choose between manual and auto partitioning.
Click [[grow:node_roles#partitioning_scheme|here]] to view our head node partitions.

===== Enable the Web Access =====
This section enables web access to the front-end so that we can use wordpress and the ganglia web server to monitor the cluster.

Execute the following:
<xterm2 root>
[root@grow-prod ~]# rocks open host firewall localhost network=public protocol=tcp service=www
[root@grow-prod ~]# rocks sync host firewall localhost''\\
</xterm2>

Edit the following file by doing the following:
  - Comment out the UserDir Disable (with "#")
  - Uncomment the UserDir public_html (remove "#")
  - Enable users public_html directories by uncommenting the following <Directory> block shown below.

<xterm2 root>
[root@grow-prod ~]# sudo vi /etc/httpd/conf/httpd.conf
</xterm2>
<file text "/etc/httpd/conf/httpd.conf">
#UserDir disable
UserDir public_html

<Directory /home/*/public_html>
    AllowOverride FileInfo AuthConfig Limit
    Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
    <Limit GET POST OPTIONS>
        Order allow,deny
        Allow from all
    </Limit>
    <LimitExcept GET POST OPTIONS>
        Order deny,allow
        Deny from all
    </LimitExcept>
</Directory>
</file>

Restart http.
<xterm2 root>
[root@grow-prod ~]# /etc/init.d/httpd restart
</xterm2>

Edit the following file:
<xterm2 root>
[root@grow-prod ~]# vi /etc/sysconfig/iptables
</xterm2>

Add the following lines to iptables file.
<file text "/etc/sysconfig/iptables">
# Uncomment the lines below to activate web access to the cluster.
-A INPUT -m state --state NEW -p tcp --dport https -j ACCEPT
-A INPUT -m state --state NEW -p tcp --dport www -j ACCEPT
</file>

Restart iptables.
<xterm2 root>
[root@grow-prod ~]# service iptables restart
</xterm2>
===== Disable root login =====
Edit the ssh_config file.
<xterm2 root>
[root@grow-prod ~]# vi /etc/ssh/sshd_config
</xterm2>
Change the PermitRootLogin to read "without-password". It may be commented out with "#". Remove the comment on this line if so. This will allow root to use ssh with public key authentication but not passwords.</fc> 
<file text "/etc/ssh/sshd_config">
PermitRootLogin without-password
</file>
 
Restart the service.
<xterm2 root>
[root@grow-prod ~]# /etc/init.d/sshd restart
</xterm2>
====== Notes ======

====== Contact Info ======
This Dokuwiki page is maintained by:\\
Daniel Squires\\
University of Iowa\\
Department of Computer Science\\
Email: <daniel-squires@uiowa.edu>