After you create a zone, you can use the chzone command to make changes. Some of the things you can do are the following:
- Add nodes to the zone
- Remove nodes from the zone
- Regenerated the keys
- Change sshbetweennodes setting
- Make it the default zone
The following command will add node1-node10 to zone1 and create a group called zone1 on each of the nodes.
chzone zone1 -a node1-node10 -g
The following command will remove node20-node30 from zone1 and remove the group zone1 from those nodes.
chzone zone1 -r node2--node30 -g
The following command will change zone1 such that root cannot ssh between the nodes without entering a password.
#chzone zone1 -s no #lsdef -t zone zone1 Object name: zone1 defaultzone=no sshbetweennodes=no sshkeydir=/etc/xcat/sshkeys/zone1/.ssh
The following command will change zone1 to the default zone.
Note: you must use the
-f flag to force the change. There can only be one default zone in the
#chzone zone1 -f --defaultzone #lsdef -t zone -l Object name: xcatdefault defaultzone=no sshbetweennodes=yes sshkeydir=/root/.ssh Object name: zone1 defaultzone=yes sshbetweennodes=no sshkeydir=/etc/xcat/sshkeys/zone1/.ssh
Finally, if your root ssh keys become corrupted or compromised you can regenerate them.
chzone zone1 -K
chzone zone1 -k <path to SSH RSH private key>
As with the mkzone commands, these commands have only changed the definitions in the database, you must run the following to distribute the keys.
updatenode mycompute -k
xdsh mycompute -K