Setup instructions for the Ubuntu 16.04 workstations and servers in the laboratory environment. Replace systemctl with Upstart start|stop for Ubuntu 14.04.
sudo tee /etc/sudoers.d/administrator <<EOF
administrator ALL=(ALL) NOPASSWD: ALL
EOF
sudo chmod 600 /etc/sudoers.d/administratorTo setup static IP address.
sudo tee -a /etc/network/interfaces <<EOF
auto eth0
iface eth0 inet static
address 192.168.0.1
netmask 255.255.255.0
gateway 192.168.0.254
dns-domain myhost.domainname
dns-nameservers 192.168.0.0
EOFGPU
sudo add-apt-repository ppa:graphics-drivers/ppa
sudo apt-get update
sudo apt-get install nvidia-375sudo apt-get install openssh-serversudo apt-get install krb5-user samba sssd ntp
Samba's default config is useless. Create a new one.
sudo mv /etc/samba/smb.conf /etc/samba/smb.conf.bak
sudo tee /etc/samba/smb.conf <<EOF
[global]
workgroup = WORKGROUP
client signing = yes
client use spnego = yes
kerberos method = secrets and keytab
realm = WORKGROUP.DOMAINNAME.JP
security = ads
EOF
SSSD does not have a default config. Must create one.
sudo tee /etc/sssd/sssd.conf <<EOF
[sssd]
services = nss, pam, sudo
config_file_version = 2
domains = WORKGROUP.DOMAINNAME.JP
[domain/WORKGROUP.DOMAINNAME.JP]
id_provider = ad
auth_provider = ad
access_provider = ad
ldap_id_mapping = False
sudo_provider = none
load printers = no
printcap name = /dev/null
printing = bsd
EOF
sudo chown root:root /etc/sssd/sssd.conf
sudo chmod 600 /etc/sssd/sssd.confMake sure there is a FQDN in /etc/hosts.
Obtain krb5 first.
sudo kinit AdministratorThen restart the services.
sudo systemctl restart ntp.service
sudo systemctl restart smbd.service
sudo systemctl restart nmbd.service
sudo net ads join -k
sudo systemctl restart sssd.serviceAutoFS + NFS solution.
sudo apt-get install nfs-kernel-server autofsExample: mounting home directory at 192.168.0.1:/home/<user>.
echo "/home /etc/auto.home" | sudo tee -a /etc/auto.master
echo "* -fstype=nfs4,sec=sys,soft,intr,nodded,nosuid,noatime,async 192.168.0.1:/home/&" | sudo tee /etc/auto.home
sudo systemctl restart autofs.serviceExample: mounting data directory at <server>:/data.
echo "/nfs /etc/auto.nfs" | sudo tee -a /etc/auto.master
echo "* -fstype=nfs4,sec=sys,soft,intr,nodev,nosuid,noatime,async &:/data" | sudo tee /etc/auto.nfs
sudo systemctl restart autofs.serviceExample: mounting cephFS.
echo "/- /etc/auto.direct" | sudo tee -a /etc/auto.master
echo "/ceph -fstype=ceph,name=admin,secret=RANDOM_SECRET_KEY,noatime 192.168.0.1:6789:/" | sudo tee /etc/auto.direct
sudo systemctl restart autofs.servicesudo apt-get install cephDisable mlocate to check ceph disks.
sudo tee /etc/updatedb.conf <<EOF
PRUNE_BIND_MOUNTS="yes"
# PRUNENAMES=".git .bzr .hg .svn"
PRUNEPATHS="/tmp /var/spool /media /home/.ecryptfs /var/lib/ceph"
PRUNEFS="NFS nfs nfs4 ceph rpc_pipefs afs binfmt_misc proc smbfs autofs iso9660 ncpfs coda devpts ftpfs devfs mfs shfs sysfs cifs lustre tmpfs usbfs udf fuse.glusterfs fuse.sshfs curlftpfs ecryptfs fusesmb devtmpfs"
EOFAdd a config in /etc/fstab, and mount. Here is an example for setting /dev/sdb1 partition to be mounted on /mnt/disk1, and making an export dir data/ inside.
sudo tee -a /etc/fstab <<EOF
/dev/sdb1 /mnt/disk1 ext4 errors=remount-ro 0 2
/mnt/disk1/data /srv/nfs4/data none bind 0 0
EOF
sudo mkdir -p /mnt/disk1
sudo mount /mnt/disk1
sudo mkdir -p /mnt/disk1/data
sudo chmod 777 /mnt/disk1/datasudo mkdir -p /srv/nfs4/data
sudo mount /srv/nfs4/data
sudo tee -a /etc/exports <<EOF
/srv/nfs4 192.168.0.1/24(rw,async,fsid=0,crossmnt,no_root_squash,no_subtree_check) \
localhost(rw,async,fsid=0,crossmnt,no_root_squash,no_subtree_check)
/srv/nfs4/data 192.168.0.1/24(rw,async,nohide,insecure,no_subtree_check) \
localhost(rw,async,nohide,insecure,no_subtree_check)
EOF
sudo service nfs-kernel-server restartTo make the login screen secure.
sudo mkdir -p /etc/lightdm/lightdm.conf.d
sudo tee /etc/lightdm/lightdm.conf.d/50-userlist.conf <<EOF
[SeatDefaults]
greeter-hide-users=true
greeter-show-manual-login=true
allow-guest=false
EOFThis might be necessary if suspend completely stops networking.
http://www.blackmanticore.com/665a42b4e20739c523f3d14842596d11
sudo tee /etc/polkit-1/localauthority/50-local.d/com.ubuntu.disable-suspend.pkla <<EOF
[Disable suspend (upower)]
Identity=unix-user:*
Action=org.freedesktop.upower.suspend
ResultActive=no
ResultInactive=no
ResultAny=no
[Disable suspend (logind)]
Identity=unix-user:*
Action=org.freedesktop.login1.suspend
ResultActive=yes
ResultInactive=no
ResultAny=yes
[Disable suspend when others are logged in (logind)]
Identity=unix-user:*
Action=org.freedesktop.login1.suspend-multiple-sessions
ResultActive=yes
ResultInactive=no
ResultAny=yes
EOFThis applies to those NOT mounting home directory from the server, and not usually required.
https://wiki.debian.org/LDAP/PAM
sudo tee /usr/share/pam-configs/mkhomedir <<EOF
Name: Create home directory during login
Default: yes
Priority: 900
Session-Type: Additional
Session:
required pam_mkhomedir.so umask=0022 skel=/etc/skel
EOF
sudo pam-auth-updatesudo tee /etc/environment <<EOF
PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games:/usr/local/cuda/bin"
JAVA_HOME="/usr/lib/jvm/default-java"
LD_LIBRARY_PATH="/usr/local/cuda/lib64"
EOFDisabling auto-upgrades.
sudo tee /etc/apt/apt.conf.d/20auto-upgrades <<EOF
APT::Periodic::Update-Package-Lists "0";
APT::Periodic::Unattended-Upgrade "0";
EOFReplacing Japanese apt repo.
sudo sed -i".back" -e "s,//jp.archive.ubuntu.com,//ftp.riken.go.jp/Linux,g" /etc/apt/sources.listsudo apt-get install gridengine-exec gridengine-client ganglia-monitor mpich2Make sure to exclude #127.0.1.1 <hostname> from /etc/hosts.
ssh gridmaster
sudo qconf -ah hostname.domainname.jp
sudo qconf -ae hostname.domainname.jp
sudo qconf -as hostname.domainname.jp
sudo qconf -mattr exechost complex_values gpu=1,ga=gtx-1080,mem_free=32g hostname
sudo qconf -mhgrp @exec
sudo qconf -mq main.qDownload the toolkit from NVIDIA.
https://developer.nvidia.com/cuda-toolkit
sudo systemctl stop lightdm.service
sudo sh cuda_8.0.27_linux-run
sudo reboot