chsh -s /bin/tcsh and you (user) don’t exist error

Sometimes, you are a non-root user and you wish to change shell and you have an error

$ chsh -s /bin/tcsh
chsh you (user xxxxxxxxx) don't exist

This error occurs when the userID and Passowrd is using LDAP or Active Directory so there is no local account in the /etc/passwd where it first looks to. I used Centrify where we can configure the Default Shell Environment on AD. But there is a simple workaround if you do not want to bother your system administrator

First check that you have install tcsh. I have it!

$ chsh -l
/bin/bash
/bin/cdax/bash
/bin/cdax/csh
/bin/cdax/ksh
/bin/cdax/rksh
/bin/cdax/sh
/bin/cdax/tcsh
/bin/csh
/bin/ksh
/bin/rksh
/bin/sh
/bin/tcsh
/sbin/nologin
/usr/bin/bash
/usr/bin/cdax/bash
/usr/bin/cdax/dzsh
/usr/bin/cdax/sh
/usr/bin/dzsh
/usr/bin/sh
/usr/sbin/nologin
/usr/bin/tmux

Next Step: Check your current shell

$ echo "$SHELL"
/bin/bash

Step 3: Write a simple .profile file

$ vim ~/.profile
if [ "$SHELL" != "/bin/tcsh" ]
then
    export SHELL="/bin/tcsh"
    exec /bin/tcsh -l    # -l: login shell again
fi

Step 4: In your .bashrc, just add the “source ~/.profile”

# .bashrc

# Source global definitions
if [ -f /etc/bashrc ]; then
        . /etc/bashrc
fi

source ~/.profile

Source the .bashrc again

$ source ~/.bashrc

Basic Introduction to Git (Part 2)

Initialising a Repository in an Existing Directory

If you wish to have a project directory under version control with GIt, do the following

$ cd /home/user/my_project
$ git init

If you wish to add existing files into the version control

$ git add *.sh
$ git add LICENSE
$ git commit --m "Gekko Menu Help Application"
[master (root-commit) c98ae91] Gekko Menu Help Application
 1 file changed, 73 insertions(+)
 create mode 100755 mymenu.sh

You have an initial commit and tracked files. Hooray.

Checking the status of your Files

[user1@node1 menu]$ git status
# On branch master
nothing to commit, working directory clean

This means you have a clean working directory; in other words, none of your tracked files are modified.

Adding new files to your Git Directory

Let’s say you added a new file called check_license_abaqus.sh into the Project Directory, you will have something like

# On branch master
# Untracked files:
#   (use "git add <file>..." to include in what will be committed)
#
#       check_license_abaqus.sh
nothing added to commit but untracked files present (use "git add" to track)

To add files

[user1@node1 menu]$ git add check_license_abaqus.sh
[user1@node1 menu]$ git status
# On branch master
# Changes to be committed:
#   (use "git reset HEAD <file>..." to unstage)
#
#       new file:   check_license_abaqus.sh
#

To remove file

[user1@node1 menu]$ git rm check_license_abaqus.sh -f
rm 'check_license_abaqus.sh'
[user1@node1 menu]$ git status
# On branch master
nothing to commit, working directory clean

To see log, you want to use the command

[user1@node1 menu]$ git log
commit xxxxxxxxx
Author: user1 <kmyemail_used_in_Github@hotmail.com>
Date:   Sun Sep 25 23:50:33 2022 +0800

    Gekko Menu Help Application

There are many more usage. For more information, do take a look at 2.3 Git Basics – Viewing the Commit History

References:

  1. 2.2 Git Basics – Recording Changes to the Repository
  2. 2.3 Git Basics – Viewing the Commit History
  3. 2.4 Git Basics – Undoing Things

Intel OpenVINO 2022.2 is available

Key Updates includes:

Broader Model & Hardware Support

  • Preview support for upcoming Intel® processors, including the Intel® Data Center GPU Flex Series and Intel® Arc™ GPU
  • Support for 4th Gen Intel® Xeon Scalable processor (code named Sapphire Rapids)
  • Reduced memory consumption when using dynamic shapes on CPU to improve efficiency of NLP applications

Portability and Performance

Introducing new performance hint “Cumulative throughput” in AUTO device plug-in, enabling multiple accelerators (e.g. multiple GPUs) to be used at once maximizing inferencing performance.

To download the latest release, do take a look at Intel® Distribution of OpenVINO™ Toolkit

Basic Introduction to GitHub (Part 1)

GitHub is the largest code-hosting platform in the world. It uses Git as version control and the repository is based on GitHub. Features such as Pull Requests, Project Boards and GitHub are central and found in one place.

Sign up for a Free Account

To start using GitHub, please go to https://github.com/join and follow the instruction

Creating a PAT of SSH Key

A PAT is a string of characters that can be used in place of a password against the GitHub API and on command lone.

You may need to understand the various scopes on GitHub such as repo, admin: repo_hook, users etc. For more information, do take a look at https://docs.github.com/en/developers/apps/building-oauth-apps/scopes-for-oauth-apps#available-scopes

For starters, you may want to go to https://github.com/settings/tokens and click on Generate new token

On Linux, you can generate your SSH key using the email that you have created in your GitHub User Account

[user1@node1 ~]$ ssh-keygen -t rsa -C "myemail_used_in_Github@hotmail.com"
Generating public/private rsa key pair.
Enter file in which to save the key (/home/user1/.ssh/id_rsa):
/home/user1/.ssh/id_rsa already exists.
Overwrite (y/n)? y
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/user1/.ssh/id_rsa.
Your public key has been saved in /home/user1/.ssh/id_rsa.pub.
The key fingerprint is:
........
........

Adding the SSH Key to the ssh-agent

Although this is not mandatory, adding the SSH Key to the SSH Agent is a good practice that will keep the SSH Key safe. The SSH-agent is an SSH Key Manager that helps to keep the SSH key safe because it protects your SSH keys from being exported. The SSH Agent also saves you from having to type the passphrase you create. every time your SSH key is used.

Before you check, you want to check your ~/.ssh/config first

$ vim ~/.ssh/config
Host * 
AddKeysToAgent yes

At the Terminal,

$ ssh-add ~/.ssh/id_rsa

Copy your SSH Public Key to the field. In your ~/.ssh/config, it should have a .pub extension like id_rsa.pub

Configuring Git

To intialise the Git. Do the following. You may want to take a look at

[user1@node1 ~]$ git config --global user.name "Melvin Soh"
[user1@node1 ~]$ git config --global user.email "kittycool@hotmail.sg"
[user1@node1 ~]$ git config --global init.defaultBranch main
[user1@node1 ~]$ git config --list
credential.helper=netrc -f ~/.netrc.gpg -v
user.name=user1
user.email=myemail_used_in_Github@hotmail.com
init.defaultbranch=main

To continue, See Basic Introduction to GitHub (Part 2)

References:

  1. 1.5 Getting Started – Installing Git
  2. 1.6 Getting Started – First-Time Git Setup

Basic Commands for Mellanox Network Switches for Break-out-Ports

More information can be found at Command Line Interface (CLI)

Point 1: To configure Break-Out

> enable
# configure terminal
# interface ethernet ?
R2-R8-LEAF01 [standalone: master] (config) # interface ethernet ?
<Device/Port>[-<Device/Port>]
1/1/1
1/1/2
1/1/3
1/1/4
1/3/1
1/3/2
1/3/3
1/3/4
1/5/1
1/5/2
1/5/3
1/5/4
1/7/1
1/7/2
1/7/3
1/7/4
1/9/1
1/9/2
1/9/3
1/9/4
.....
.....
1/25
1/26
1/27
1/28
1/29
1/30
1/31
1/32
# interface ethernet 1/25 shutdown
# interface ethernet 1/26 shutdown
# interface ethernet 1/25
# (config interface ethernet 1/25) # module-type qsfp-split-4 force

The resulting interface will become

Ethernet 1/25/1
Ethernet 1/25/2
Ethernet 1/25/3
Ethernet 1/25/4

Speed configuration can be found at

interface ethernet 1/25/1
# speed 25G

Using Ethtool to query Network and Driver Information

Ethtool is a utility for configuration of Network Interface Cards (NICs). This utility allows querying and changing settings such as speed, port, auto-negotiation, PCI locations and checksum offload on many network devices, especially Ethernet devices.

1. Query the specified network device for associated driver information

# ethtool -i ens3f1np1
driver: mlx5_core
version: 5.7-1.0.2
firmware-version: 16.34.1002 (MT_0000000416)
expansion-rom-version:
bus-info: 0000:0f:00.1
supports-statistics: yes
supports-test: yes
supports-eeprom-access: no
supports-register-dump: no
supports-priv-flags: yes

2. Enable an operator to easily identify the adapter by sight.
This involves blinking one or more LEDs on the specified network port.

# ethtool -p ens3f1np1 5

where integer 5 represents the time in seconds to perform the action,

3. Turn off the AutoNegotiation and fixed it at 25GB

ethtool -s ens3f1np1 --speed 25000 --autoneg off --duplex full

References:

Red Hat Documentation 11.8. Ethtool

Using firewall-cmd to configure gateways and isolated client network on CentOS-7 and Rocky Linux 8

Objectives:

Compute Nodes in an HPC environment are usually physically isolated from the public network and has to route through the gateway which are often found in Head Node or any delegated Node in small or small-medium size cluster to access the internet or to access company LAN to access LDAP, you can use the firewall-cmd to route the traffic through the interconnect facing the internet.

Scenario:

Traffic will be routed through the Head Node’s eno1 (internet facing) from the Head Node’s eno2 (private network). The interconnect eno1 is attached to a switch where the compute nodes are similarly attached. Some

  1. 192.168.1.0/24 is the private network subnet.
  2. 192.168.1.1 is the IP Address of the Head Node
  3. 155.1.1.2 is the IP Address of the external-facing ethernet ie eno1

Check the zones.

# firewall-cmd --list-all-zones

Check the Active Zones

# firewall-cmd --get-active-zones
external
  interfaces: eno2
internal
  interfaces: eno1

Enable masquerade at the Head Node’s External Zone

IP masquerading is a process where one computer acts as an IP gateway for a network. For masquerading, the gateway dynamically looks up the IP of the outgoing interface all the time and replaces the source address in the packets with this address.

You use masquerading if the IP of the outgoing interface can change. A typical use case for masquerading is if a router replaces the private IP addresses, which are not routed on the internet, with the public dynamic IP address of the outgoing interface on the router.

For more information. Do take a look at 5.10. Configuring IP Address Masquerading

# firewall-cmd --zone=external --query-masquerade 
no
# firewall-cmd --zone=external --add-masquerade --permanent
# firewall-cmd --reload

Compute Nodes at the Private Network 

(Assuming that eno1 is connected to the private switch). It is very important that you input the gateway at the compute node’s /etc/sysconfig/network-scripts/ifcfg-eno1)

.....
.....
DEVICE=enp47s0f1
ONBOOT=yes
IPADDR=192.168.1.2 #Internal IP Address of the Compute Node
NETMASK=255.255.255.0
GATEWAY=192.168.1.1 #Internal IP Address of the Head Node

Next, you have to put the Network Interface of the Client in the Internal Zone of the firewall-cmd. Assuming that eno1 is also used by the Client Network

# firewall-cmd --zone=internal --change-interface=eno1 --permanent

You may want to set the selinux to disabled

# setenforce 0

Configure the Head Node’s External Zone.

For Zoning, do take a look at 5.7.8. Using Zone Targets to Set Default Behavior for Incoming Traffic

For this setting, we have chosen target “default”

# firewall-cmd --zone=external --set-target=default

You can configure other settings. For the External Zone. For example, add SSH Service, mDNS

# firewall-cmd --permanent --zone=external --add-service=ssh
# firewall-cmd --permanent --zone=external --add-service=mdns
# firewall-cmd --runtime-to-permanent
# firewall-cmd --reload

Make sure the right Ethernet is placed in the right Zone. For External-Facing Ethernet Card, (eno2), you may want to place it

# firewall-cmd --zone=external --change-interface=eno2 --permanent

For Internal Facing Ethernet Card, (eno1), you want want to place it

# firewall-cmd --zone=internal --change-interface=eno1 --permanent

Configure the firewall-Source of Internal Network (eno1)

# firewall-cmd --zone=internal --add-source=192.168.1.0/24

Checking the Settings in the “firewall-cmd –get-active-zones”

# firewall-cmd --get-active-zones
internal (active)
  target: default
  icmp-block-inversion: no
  interfaces: eno1
  sources: 192.168.1.0/32
  services: dhcpv6-client mdns ssh
  ports:
  protocols:
  forward: no
  masquerade: no
  forward-ports:
  source-ports:
  icmp-blocks:
  rich rules:
public (active)
  target: default
  icmp-block-inversion: no
  interfaces: eno2
  sources:
  services: dhcpv6-client ssh
  ports: 
  protocols:
  forward: no
  masquerade: yes
  forward-ports:
  source-ports:
  icmp-blocks:
  rich rules:

Check the Firewall Status

systemctl status firewalld.service

Encountering shm_open permission denied issues with hpcx

If you are using Nvidia hpc-x and encountering issues like the one below during your MPI Run

shm_open(file_name=/ucx_shm_posix_77de2cf3 flags=0xc2) failed: Permission denied

The error message indicates that the shared memory has no permission to be used,  The permission of /dev/shm is found to be 755, not 777, causing the error. The issue can be resolved after the permission is changed to 777. To change and verify the changes:

% chmod 777 /dev/shm 
% ls -ld /dev/shm
drwxrwxrwx 2 root root 40 Jul  6 15:18 /dev/sh