Changes

Page history
Added different addgroup/adduser commands for Debian authored by Caleb Wheeler's avatar Caleb Wheeler
Hide whitespace changes
Inline Side-by-side
Post-Install-Setup.md
View page @ de5b1d6c
This document will instruct the user on the post install setup of a Debian 10 Front-End computer used in a standalone test stand environment. This document will instruct the user on the post install setup of a Debian 10 Front-End computer used in a standalone test stand environment.
**For this documentation, our front end computer will be named ‘x2fec’** **For this documentation, our front end computer will be named ‘x2fec’**
# Update /etc/apt/sources.list # Update /etc/apt/sources.list
If there is a line trying to read packages from a DVD or CD, comment it out. If there is a line trying to read packages from a DVD or CD, comment it out.
If these lines don't exist, add them If these lines don't exist, add them
For bullseye: For bullseye:
``` ```
deb http://deb.debian.org/debian/ bullseye main deb http://deb.debian.org/debian/ bullseye main
deb http://deb.debian.org/debian/ bullseye-updates main deb http://deb.debian.org/debian/ bullseye-updates main
``` ```
For buster: For buster:
``` ```
deb http://deb.debian.org/debian/ buster main deb http://deb.debian.org/debian/ buster main
``` ```
# update package # update package
Run the following: Run the following:
``` ```
apt-get update apt-get update
``` ```
All sources should load without error. All sources should load without error.
If there are any packages that need updating, update with If there are any packages that need updating, update with
``` ```
apt-get dist-upgrade apt-get dist-upgrade
``` ```
# Create 'controls' user and group # Create 'controls' user and group
Log into the new front end as root. At the command line, type the following as root: Log into the new front end as root. At the command line, type the following as root:
```plaintext
groupadd -g 1001 controls ## Rocky
useradd -u 1001 -s /bin/bash -m -g controls controls
passwd controls ```plaintext
``` groupadd -g 1001 controls
useradd -u 1001 -s /bin/bash -m -g controls controls
# install some helpful packages passwd controls
```
```
apt install vim emacs tmux sudo ## Debian (bullseye, Debian 11)
``` ```plaintext
/usr/sbin/addgroup --gid 1001 controls
**Note: The LIGO standard UID for controls is 1001 across all systems. Any hosts connected to the FEC should follow this standard** /usr/sbin/adduser --uid 1001 --shell /bin/bash --ingroup controls controls
```
Add 'controls' and 'cdsadmin' user to sudo group. Create /etc/sudoers.d/users with the following:
# install some helpful packages
```plaintext
cdsadmin ALL=(ALL) NOPASSWD: ALL ```
controls ALL=(ALL) NOPASSWD: ALL apt install vim emacs tmux sudo
``` ```
**_From this point on, we will be using the ‘controls’ user with sudo privileges to enter the commands. Commands will be entered into the command line and will be denoted with the prefix ‘controls@x2fec’_** **Note: The LIGO standard UID for controls is 1001 across all systems. Any hosts connected to the FEC should follow this standard**
# Create CDS directories Add 'controls' and 'cdsadmin' user to sudo group. Create /etc/sudoers.d/users with the following:
as controls ```plaintext
cdsadmin ALL=(ALL) NOPASSWD: ALL
```plaintext controls ALL=(ALL) NOPASSWD: ALL
sudo mkdir /opt/cdscfg /opt/rtcds /opt/rtapps ```
sudo chown -R controls:controls /opt/cdscfg /opt/rtcds /opt/rtapps
sudo mkdir -p /frames/full /frames/trend /frames/trend/minute /frames/trend/minute_raw /frames/trend/second **_From this point on, we will be using the ‘controls’ user with sudo privileges to enter the commands. Commands will be entered into the command line and will be denoted with the prefix ‘controls@x2fec’_**
```
# Create CDS directories
# Setup CDS Repositories for Debian 10
as controls
Instructions for CDS repositories setup can be found [here](https://git.ligo.org/cds/software/advligorts/-/wikis/Enabling-Debian-CDS-Software-Repositories)
```plaintext
# Create site, ifo directories sudo mkdir /opt/cdscfg /opt/rtcds /opt/rtapps
sudo chown -R controls:controls /opt/cdscfg /opt/rtcds /opt/rtapps
Modify the commands below to fit your ifo and site, as controls: sudo mkdir -p /frames/full /frames/trend /frames/trend/minute /frames/trend/minute_raw /frames/trend/second
```
```
export SITE=TST # Setup CDS Repositories for Debian 10
export site=tst
export IFO=X1 Instructions for CDS repositories setup can be found [here](https://git.ligo.org/cds/software/advligorts/-/wikis/Enabling-Debian-CDS-Software-Repositories)
export ifo=x1
``` # Create site, ifo directories
```plaintext Modify the commands below to fit your ifo and site, as controls:
mkdir -p /opt/rtcds/$site/$ifo/chans/daq/archive
mkdir -p /opt/rtcds/$site/$ifo/log ```
mkdir -p /opt/rtcds/$site/$ifo/scripts export SITE=TST
mkdir -p /opt/rtcds/$site/$ifo/chans/tmp export site=tst
mkdir -p /opt/rtcds/$site/$ifo/chans/ipc export IFO=X1
mkdir -p /opt/rtcds/$site/$ifo/rtbuild export ifo=x1
mkdir -p /opt/rtcds/$site/$ifo/medm ```
mkdir -p /opt/rtcds/$site/$ifo/target/gds/bin
mkdir -p /opt/rtcds/$site/$ifo/target/gds/param ```plaintext
``` mkdir -p /opt/rtcds/$site/$ifo/chans/daq/archive
mkdir -p /opt/rtcds/$site/$ifo/log
# Install Required Software mkdir -p /opt/rtcds/$site/$ifo/scripts
mkdir -p /opt/rtcds/$site/$ifo/chans/tmp
It is recommended to copy and paste the command below mkdir -p /opt/rtcds/$site/$ifo/chans/ipc
mkdir -p /opt/rtcds/$site/$ifo/rtbuild
```plaintext mkdir -p /opt/rtcds/$site/$ifo/medm
sudo apt-get install nfs-common nfs-kernel-server subversion ntp dkms build-essential cmake pkg-config psmisc linux-headers-$(uname -r) flex bison ldas-tools-al-dev ldas-tools-framecpp-dev libboost-all-dev git mkdir -p /opt/rtcds/$site/$ifo/target/gds/bin
``` mkdir -p /opt/rtcds/$site/$ifo/target/gds/param
```
# Setup NFS export of /opt/rtcds directory
The FEC exports the /opt/rtcds directory to the directly connected workstation, insert workstation ip into `<workstation-ip>`. Directions for mounting the NFS mount on the workstation will be included in the workstation setup instructions.**If you are configuring your front-end as a cymac (front-end and workstation on the same host), you can skip this step.** # Install Required Software
Add the following content to `/etc/exports` and run `/usr/sbin/exportfs -a`. Restart the nfs-server.service.
It is recommended to copy and paste the command below
```plaintext
sudo cat /etc/exports ```plaintext
/opt/rtcds <workstation-ip>(rw,sync,no_subtree_check) sudo apt-get install nfs-common nfs-kernel-server subversion ntp dkms build-essential cmake pkg-config psmisc linux-headers-$(uname -r) flex bison ldas-tools-al-dev ldas-tools-framecpp-dev libboost-all-dev git
``` ```
after /etc/exports is modified, update the ntp server with: # Setup NFS export of /opt/rtcds directory
The FEC exports the /opt/rtcds directory to the directly connected workstation, insert workstation ip into `<workstation-ip>`. Directions for mounting the NFS mount on the workstation will be included in the workstation setup instructions.**If you are configuring your front-end as a cymac (front-end and workstation on the same host), you can skip this step.**
``` Add the following content to `/etc/exports` and run `/usr/sbin/exportfs -a`. Restart the nfs-server.service.
sudo /usr/sbin/exportfs -a
sudo systemctl status nfs-server.service ```plaintext
``` sudo cat /etc/exports
# Setup NTP /opt/rtcds <workstation-ip>(rw,sync,no_subtree_check)
```
The front-end needs to be synced to an NTP source. You need to know the address of the local NTP server. At the IFOs, this may be the core router.
after /etc/exports is modified, update the ntp server with:
Define server in /etc/ntp.conf. Examples are server ntp.ligo-la.caltech.edu server lesath.ligo.caltech.edu server ntp.stanford.edu
```
# Install advligorts packages, Setup RCG sudo /usr/sbin/exportfs -a
sudo systemctl status nfs-server.service
**Option A** - Install from packages ```
# Setup NTP
If you will not be doing RCG code development, but you are using Debian 10 or later, just check out the package
The front-end needs to be synced to an NTP source. You need to know the address of the local NTP server. At the IFOs, this may be the core router.
these are enough for a standalone (CyMAC) system.
Define server in /etc/ntp.conf. Examples are server ntp.ligo-la.caltech.edu server lesath.ligo.caltech.edu server ntp.stanford.edu
```plaintext
sudo apt-get install advligorts-rcg advligorts-cpu-isolator-dkms advligorts-daqd # Install advligorts packages, Setup RCG
```
**Option A** - Install from packages
Install these also if the front end is not a standalone, i.e. if the DAQ will run on a different server.
If you will not be doing RCG code development, but you are using Debian 10 or later, just check out the package
```
sudo apt-get install advligorts-transport-common advligorts-transport-pubsub these are enough for a standalone (CyMAC) system.
```
```plaintext
**Option B** - Install master from Git repository If you are going to do development, especially on Debian 8 and newer, use a git checkout Create the 'rtscore' directory for it and go to it sudo apt-get install advligorts-rcg advligorts-cpu-isolator-dkms advligorts-daqd
```
```plaintext
controls@x2fec $ cd /opt/rtcds Install these also if the front end is not a standalone, i.e. if the DAQ will run on a different server.
controls@x2fec /opt/rtcds $ mkdir rtscore
controls@x2fec /opt/rtcds $ cd rtscore ```
``` sudo apt-get install advligorts-transport-common advligorts-transport-pubsub
```
Now clone the repo
**Option B** - Install master from Git repository If you are going to do development, especially on Debian 8 and newer, use a git checkout Create the 'rtscore' directory for it and go to it
```plaintext
controls@x2fec /opt/rtcds/rtscore $ git clone https://git.ligo.org/cds/advligorts ```plaintext
controls@x2fec /opt/rtcds/rtscore $ ln -s advligorts release controls@x2fec $ cd /opt/rtcds
``` controls@x2fec /opt/rtcds $ mkdir rtscore
# Setup Environment variables controls@x2fec /opt/rtcds $ cd rtscore
## lowercase vars ```
At the top of ```/etc/advligorts/env``` and ```/etc/advligorts/systemd_env```, make sure lowercase vars ```ifo``` and ```site``` are set as in this example: Now clone the repo
``` ```plaintext
SITE=TST controls@x2fec /opt/rtcds/rtscore $ git clone https://git.ligo.org/cds/advligorts
IFO=X1 controls@x2fec /opt/rtcds/rtscore $ ln -s advligorts release
site=tst ```
ifo=x1 # Setup Environment variables
``` ## lowercase vars
## Set RCG_LIB_PATH At the top of ```/etc/advligorts/env``` and ```/etc/advligorts/systemd_env```, make sure lowercase vars ```ifo``` and ```site``` are set as in this example:
You will also need to set the RCG_LIB_PATH environment variable for the controls user. This can be set in ```/etc/advligorts/env```
```
with the following addition. SITE=TST
IFO=X1
```plaintext site=tst
ifo=x1
# LIGO site environment files with hand-curated model paths ```
if [ $BASH_VERSION ] ; then
if [ -e /opt/rtcds/userapps/release/etc/userapps-user-env.sh ] ; then ## Set RCG_LIB_PATH
source /opt/rtcds/userapps/release/etc/userapps-user-env.sh You will also need to set the RCG_LIB_PATH environment variable for the controls user. This can be set in ```/etc/advligorts/env```
fi
fi with the following addition.
```plaintext
# Prefer USERAPPS_LIB_PATH for user model paths.
# LIGO sites use USERAPPS_LIB_PATH # LIGO site environment files with hand-curated model paths
# but fall back on RCG_LIB_PATH if USERAPPS_LIB_PATH if [ $BASH_VERSION ] ; then
# is undefined if [ -e /opt/rtcds/userapps/release/etc/userapps-user-env.sh ] ; then
export RCG_LIB_PATH=${USERAPPS_LIB_PATH:-$RCG_LIB_PATH} source /opt/rtcds/userapps/release/etc/userapps-user-env.sh
fi
# make sure model host parameter is correct fi
CHECK_MODEL_IN_HOST=true
```
# Prefer USERAPPS_LIB_PATH for user model paths.
## add environment to controls bashrc # LIGO sites use USERAPPS_LIB_PATH
# but fall back on RCG_LIB_PATH if USERAPPS_LIB_PATH
At the top of ```/home/controls/.bashrc``` add # is undefined
export RCG_LIB_PATH=${USERAPPS_LIB_PATH:-$RCG_LIB_PATH}
```
# add CDS environment # make sure model host parameter is correct
if [ -e /etc/advligorts/env ]; then CHECK_MODEL_IN_HOST=true
source /etc/advligorts/env ```
fi
## add environment to controls bashrc
# ensure new files are group writeable
umask 0002 At the top of ```/home/controls/.bashrc``` add
```
```
# finish user groups # add CDS environment
if [ -e /etc/advligorts/env ]; then
Add the controls user to the advligorts group and vice versa source /etc/advligorts/env
fi
```plaintext
sudo usermod -a -G advligorts controls # ensure new files are group writeable
sudo usermod -a -G controls advligorts umask 0002
``` ```
# Install userapps # finish user groups
Checkout trunk of cds_user_apps (this will take a long time) using Subversion Add the controls user to the advligorts group and vice versa
```plaintext ```plaintext
cd /opt/rtcds sudo usermod -a -G advligorts controls
mkdir userapps sudo usermod -a -G controls advligorts
cd userapps ```
```
# Install userapps
then checkout the userapps directory from svn. You will need a kerberos name and password.
Checkout trunk of cds_user_apps (this will take a long time) using Subversion
```
svn co https://redoubt.ligo-wa.caltech.edu/svn/cds_user_apps/trunk ```plaintext
ln -s trunk release cd /opt/rtcds
``` mkdir userapps
cd userapps
# Install EPICS Base ```
We will get the Base and the python scripts that go with it then checkout the userapps directory from svn. You will need a kerberos name and password.
```plaintext ```
sudo apt-get install epics-dev epics-seq-dev epics-asyn-dev medm striptool caqtdm epics-extensions-dev python3-pyepics python3-pcaspy epics-pcas-dev svn co https://redoubt.ligo-wa.caltech.edu/svn/cds_user_apps/trunk
``` ln -s trunk release
```
## Install ezca, add soft-links (skip for CyMAC or standalone)
# Install EPICS Base
To build the real-time models, you also need the EPICS ezca package. However, this currently installs a level down at '/usr/lib/epics/extensions', so we need to add soft-links at /usr/lib/epics directories
We will get the Base and the python scripts that go with it
```plaintext
sudo apt install epics-ezca-dev ```plaintext
cd /usr/lib/epics sudo apt-get install epics-dev epics-seq-dev epics-asyn-dev medm striptool caqtdm epics-extensions-dev python3-pyepics python3-pcaspy epics-pcas-dev
cd include ```
sudo ln -s ../extensions/include/ezca.h ezca.h
cd ../lib/linux-x86_64 ## Install ezca, add soft-links (skip for CyMAC or standalone)
sudo ln -s ../../extensions/lib/x86_64-linux-gnu/libezca.h libezca.h
sudo ln -s ../../extensions/lib/x86_64-linux-gnu/libezca.so.3.15.3 libezca.so To build the real-time models, you also need the EPICS ezca package. However, this currently installs a level down at '/usr/lib/epics/extensions', so we need to add soft-links at /usr/lib/epics directories
```
```plaintext
# Install caRepeater service sudo apt install epics-ezca-dev
cd /usr/lib/epics
We want to make sure caRepeater starts on boot. The file 'caRepeater.service' comes with EPICS base 3.15.5 and later. It needs to be customized to location of caRepeater. Create the file `/etc/systemd/system/caRepeater.service` with the following contents cd include
sudo ln -s ../extensions/include/ezca.h ezca.h
```plaintext cd ../lib/linux-x86_64
# sudo ln -s ../../extensions/lib/x86_64-linux-gnu/libezca.h libezca.h
# Linux systemd service file for the EPICS CA Repeater sudo ln -s ../../extensions/lib/x86_64-linux-gnu/libezca.so.3.15.3 libezca.so
# ```
# To install this file, as root:
# cp caRepeater.service /etc/systemd/system # Install caRepeater service
# chmod 664 /etc/systemd/system/caRepeater.service
# systemctl daemon-reload We want to make sure caRepeater starts on boot. The file 'caRepeater.service' comes with EPICS base 3.15.5 and later. It needs to be customized to location of caRepeater. Create the file `/etc/systemd/system/caRepeater.service` with the following contents
# systemctl enable caRepeater
# systemctl start caRepeater ```plaintext
# #
# To check the status: # Linux systemd service file for the EPICS CA Repeater
# systemctl status caRepeater #
[Unit] # To install this file, as root:
Description=EPICS CA Repeater # cp caRepeater.service /etc/systemd/system
Requires=network.target # chmod 664 /etc/systemd/system/caRepeater.service
After=network.target # systemctl daemon-reload
[Service] # systemctl enable caRepeater
ExecStart=/usr/bin/caRepeater # systemctl start caRepeater
Restart=always #
User=daemon # To check the status:
[Install] # systemctl status caRepeater
WantedBy=multi-user.target [Unit]
``` Description=EPICS CA Repeater
Requires=network.target
After creating the file in the above directory, complete the install by enabling the service to start at boot and starting the service now. After=network.target
[Service]
```plaintext ExecStart=/usr/bin/caRepeater
sudo chmod 664 /etc/systemd/system/caRepeater.service Restart=always
sudo systemctl daemon-reload User=daemon
sudo systemctl enable --now caRepeater [Install]
``` WantedBy=multi-user.target
```
# CPU isolation
After creating the file in the above directory, complete the install by enabling the service to start at boot and starting the service now.
[Instructions](https://git.ligo.org/cds/software/advligorts/-/wikis/CPU-Isolation)
```plaintext
# Final housekeeping sudo chmod 664 /etc/systemd/system/caRepeater.service
sudo systemctl daemon-reload
To ensure we have the correct read and write permissions, perform the following commands sudo systemctl enable --now caRepeater
```
```plaintext
sudo chown -R advligorts:advligorts /frames/ # CPU isolation
sudo chown -R controls:advligorts /opt/rtcds/$site/
sudo chmod -R 0774 /opt/rtcds/$site/$ifo/ [Instructions](https://git.ligo.org/cds/software/advligorts/-/wikis/CPU-Isolation)
```
# Final housekeeping
# Setup the DAQ
To ensure we have the correct read and write permissions, perform the following commands
```plaintext
sudo chown -R advligorts:advligorts /frames/
sudo chown -R controls:advligorts /opt/rtcds/$site/
sudo chmod -R 0774 /opt/rtcds/$site/$ifo/
```
# Setup the DAQ
[DAQ Setup](DAQ-Setup) [DAQ Setup](DAQ-Setup)
\ No newline at end of file