Permalink
Cannot retrieve contributors at this time
Name already in use
A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
cgi-updater/README.md
Go to fileThis commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
87 lines (65 sloc)
2.17 KB
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
## Update CGI computers remotely | |
Updates Ubuntu 14.04 computers with latest version of R, RStudio, R | |
libraries, Python and BioPython, for bioinformatics training. | |
### Remote computer requirements: | |
- ClusterShell | |
- ssh key authentication for all 10 laptops | |
- Wired connection (wireless in the building is flaky) | |
### Usage | |
Setup your `/etc/hosts` and map the target laptops as e.g. cgi01, | |
cgi02, etc. The Ubuntu machines don't have openssh-server installed | |
on them, so install it, copy the keys, and then disable password | |
authentication. | |
```sh | |
# On the laptops | |
local$ sudo apt-get update && sudo apt-get -y install openssh-server | |
local$ sudo sed -i 's/#Pass.*/PasswordAuthentication no/' /etc/ssh/sshd_config | |
``` | |
Then create an ssh keys and copy it over: | |
```sh | |
remote$ idf=~/.ssh/id_rsa-cgi-202 | |
remote$ ssh-keygen -f $idf -N "" | |
remote$ for host in cgi{01..10}; do ssh-copy-id -i $idf cgi_user@$host; done | |
``` | |
Add the identity file to your `~/.ssh/config` | |
```ssh_config | |
Host cgi* | |
IdentityFile ~/.ssh/id_rsa-cgi-202 | |
User cgi_user | |
``` | |
Test that the keys work with: | |
```sh | |
remote$ alias clush="clush -B -w cgi[01-10]" | |
remote$ type clush # verify alias | |
remote$ clush id -u | |
1000 | |
``` | |
On each computer, locally restart SSH server for the disabled password | |
authentication to take effect. | |
```sh | |
local$ sudo service ssh restart | |
``` | |
Running sudo remotely is a pain, so use the same key for remote root | |
access. | |
```sh | |
local$ sudo mkdir -p /root/.ssh | |
local$ sudo sh -c "echo $(tail -1 ~/.ssh/authorized_keys) >> /root/.ssh/authorized_keys" | |
local$ sudo cat /root/.ssh/authorized_keys | |
``` | |
In the present configuration, commands are normally executed as | |
cgi_user. To execute as root, use the `-l root` option of `clush`: | |
```sh | |
remote$ clush -l root id -u | |
0 | |
remote$ clush -l root --copy cgi-updater-payload.sh --dest /root/ | |
remote$ clush -l root ls /root/ | |
# Remove the `-B` flag to stream output to troubleshoot problems | |
remote$ alias clush="clush -w cgi[01-10]" | |
remote$ clush -l root ./cgi-updater-payload.sh | |
``` | |
### Finishing up | |
Verify R and biopython versions: | |
```sh | |
remote$ clush -l root "R --version | awk 'NR == 1 {print \$3}'" | |
remote$ clush -l root "pip show biopython | awk '/Version/ {print \$2}'" | |
``` |