Network Configuration
Host Based Authentication
Aspen configures all Full Cluster configurations to allow host based secure shell (SSH) authentication between all nodes for all users. All Aspen installed tools utilize secure shell to perform their functions. The "r" commands are used on some clusters by users or applications, but we do not enable them by default due to possible security risks.
If you require host based remote shell (RSH,REXEC,RLOGIN) between nodes due to your application, users, or administration preferences, you may select that option in your SOW.
E-Mail Configuration
Aspen recommends that you allow the master node in a Full Cluster configuration to e-mail both you and Aspen Systems so that monitoring applications can notify you, and us, of events such as disk failures. Depending on your internal network, firewall, and e-mail server configurations, this may require an internal mail relay host on your network. You may choose the e-mail configuration for your system and enter specific E-Mail settings in your SOW.
Network Time Protocol
Aspen configures your system(s) with the network time protocol (NTP) daemon included with your distribution, and maintains ntp1.aspsys.com and ntp2.aspsys.com for your system(s) to use as time synchronization sources.
In a Full Cluster configuration, all nodes are configured to synchronize from the master node, which in turn receives its time information from Aspen and two other public NTP servers. You may also choose time servers inside your network or publicly available NTP servers, or any combination of Aspen, public, and internal servers as your time source in your SOW.
Ganglia / Web Portal
Aspen installs Ganglia on Full Cluster configurations by default. The Ganglia install can be reached by "http://your-cluster-external-ip-address/ganglia" after the system is delivered, or via "http://cXX.aspsys.com/ganglia" while in Remote System Testing.
Aspen also installs the Apache Web server on your master with a simple web portal that consolidates all the various web applications on your master into a single page with links for your convenience. The web portal is at the document root directory of the server, and can be reached at "http://your-cluster-external-ip-address/" or via "http://cXX.aspsys.com/" while in Remote System Testing.
Aspen Utilities Package
Aspen installs the "aspenutil" package on all Full Cluster configurations by default. We highly recommend that you select this package in your SOW. This package will allow you to copy any node to a re-usable "image" and then restore that image onto the same or a different node. Aspenutil can also perform "bare metal restores", where the failed or new node has no preexisting configuration at all. This capability is used to restore an existing failed node disk, for instance, or to add additional nodes to your cluster.
It can also be used to upgrade your entire cluster by updating a single node, copying it, then restoring every other node of that type with the newer image.
The images contain meta-data for file system re-creation, and our utility changes IP addresses and host names, so no additional configuration is necessary after the restore is complete. It is common to entirely re-image a 256 node cluster in less than an hour using this technology. Installation and operation of "aspenutil" also requires that your cluster be configured with an internal cluster-only network. Use of "aspenutil" does require certain services to be enabled on the master node, listed below.
- DHCP Server – the master node is configured with a DHCP server that serves the configured IP address(s) and host names for all nodes. A standard network layout that utilizes an internal cluster network is required to prevent the master node from serving DHCP requests on your external network. The DHCP server is enabled only on your master internal interface(s), not on its external network interface.
- TFTP Server – the master node is configured with a tftp server that is configured to service tftp requests on the internal cluster network.
- NFS Server – the master, or admin, node is configured to serve the /aspendata/ directory, via nfs, to the internal cluster network.
Master Firewall/NAT Server
Aspen configures all Full Cluster configuration master nodes with a basic "iptables" packet firewall package. If your O.S. or distribution includes packages to manage this firewall via a GUI, that package will be used to configure the firewall. The firewall allows basic services such as SSH (port 22), HTTP (port 80), and HTTPS (port 443), and may allow other port access as required by your configuration.
The master node is also normally configured as a NAT server that masquerades all internal node IP addresses on the internal network so that they may communicate with the outside world. The default configuration does not allow an internal host to act as a server to external nodes.
Run Levels
Most Linux systems utilize run levels to control what services are started after a node is booted. Generally, run level 0 is halted, 1 is single user mode, 2 is single user with networking, 3 is multiuser mode without any X Windows Systems UI started, 4 is unused, 5 is multi-user with X Windows started, and run level 6 is used to reboot the system.
Aspen configures your master node to boot into run level 5 (X windows GUI started) and your nodes to boot into run level 3 (multi-user, no X Windows GUI) unless you select differently in your SOW. The following table shows the default Aspen run-levels by node type.
| Node Type | Default Run Level |
| master | 5 |
| io | 3 |
| admin | 3 |
| node | 3 |
