Difference between revisions of "Network"

Revision as of 19:10, 8 February 2015

Along with the complete overhaul of the network comes a complete overhaul of this page. As the network will have rough edges for a while, so will this page.

Information

Networks

Procedures

Create a Makers Local LDAP server

Create a new VM

Convert a normal logical volume to a DRBD

Create a Makers Local VM host

Delegates

• hfuller
• JimShoe
• Enabrintain

Road Map

• Update router firmware.
• Verify backup solution.
• Establish non-Zimbra password-changing app general LDAP management app, to replace the ldapadmin script for adding NFC and USB tags.
  • The basis is already started: [1]
• fix provisioning to be independent of zimbra.
• Migrate from Zimbra's integrated LDAP to slapd (of some variety).
• Look for remaining items that depend on Zimbra, address these, and decommission Zimbra.
• make dev and other VMs/boxes use LDAP login (PAM)
• convert VPN to use LDAP login (depends on PAM LDAP login, probably)
• Make a print server so you only need a generic driver to print at the shop.
• Set up all boxes to email to netadmin when they have problems (forward root email).
• Establish Xen management system
  • One of [2] most likely; Ctrl+F xen
• Begin updating and upgrading VMs
• Establish general host management system
  • For VMs and physical boxes alike, but mostly the VMs; probably Ajenti if it's a good fit

News

Newest on top.

• TIL do not turn on "Auto IP Aliasing" in your UBNT access points' settings if you want your wireless clients to be able to talk to each other!!! Hfuller (talk) 00:09, 8 February 2015 (CST)
• DNS changes for User:ctag's project - added cerealbox.256.* Hfuller (talk) 21:48, 21 January 2015 (CST)
• We had a disk pre-failure warning on vm3 so its data was migrated to a new host, vm4, and then I swapped vm3 for vm4. The VMs are split half and half right now and we are running quite well. I forgot to install more RAM in vm4 so it only has 2GB right now. The lighter VMs can run there until I install more RAM. Hfuller (talk) 21:02, 21 January 2015 (CST)
• I think that everyone's NFC tags are reregistered that need to be. User:Omegix has the door working so I guess we can close that particular case. Hfuller (talk) 20:21, 21 January 2015 (CST)
• ocserv (OpenConnect/AnyConnect) VPN added. It does not use LDAP yet. This will happen after zimbra decommissioning. Hfuller (talk) 00:45, 14 October 2014 (CDT)
• Phones installed various places in the shop. Thanks User:Opticron. Hfuller (talk) 00:45, 14 October 2014 (CDT)
• UPS batteries. actually happened like last week. Hfuller (talk) 18:09, 19 September 2014 (CDT)
• Web - Stopped /root/gnucash/check.sh from running because it was pegging cpu. Jimshoe (talk) 21:41, 4 September 2014 (CDT)
• Web - Added $wgJobRunRate = 0.1 to wiki's LocalSettings.php Jimshoe (talk) 21:41, 4 September 2014 (CDT)
• I set up projects.makerslocal.org for Ludum Dare. It's currently screwed up though. Hfuller (talk) 00:41, 28 August 2014 (CDT)
• The door now agrees with CasCADE about what an NFC tag should look like. We will need to re-register any NFC tags that were registered before, but only worked on the door. Hfuller (talk) 00:41, 28 August 2014 (CDT)
• vm2 (on old kratos hardware) crashed one time about a week ago. I'm getting really nervous about the mainboard, CPU, or PSU in that machine. The PSU is pretty new, so I'm guessing mainboard or CPU... either way, I bought some DDR2 and will add it to vm3 soon, bringing it to a similar spec of vm2, and then we don't have to worry about reliability as much. Which is good, because atm, I am unsure if I can call kratos' old hardware reliable. Hfuller (talk) 21:50, 2 August 2014 (CDT)
• Migrated one VM host (vm2?) to be running on top of old kratos hardware. So, we have vm3 (Switchvox hardware) and vm2 (old kratos hardware). Hfuller (talk) 21:56, 29 July 2014 (CDT)
• Fixed DNS FQDN wonkiness. So now, stuff like tainslaptop.256.makerslocal.org will work. I know I said this before, but now it really works, for real. Hfuller (talk) 19:48, 29 July 2014 (CDT)
• Lots of stuff going on! Two new VM hosts vm2 and vm3 are set up on the exact same platform, same xen and drbd and debian versions, etc... VM migration is working well between these. Some VMs (backup) run on vm3, the rest currently run on vm2. We need to get a machine beefy enough to run all VMs again - old kratos can do this, and I THINK the hardware on that is in a usable state (all failed parts replaced) now. So that's on the top of the to-do list now. (I may move it down, depending on what I feel like doing - there's high demand for VPN for sure.) So anyway, we can cross these off the list: Hfuller (talk) 16:45, 27 July 2014 (CDT)
  • Enable live migration of all VMs between 2-3 VM hosts.
  • Set up netadmin list and send welcome messages, etc.
  • Replace disk in kratos with 300GB VelociRaptor.
• Holy hell, disk failures left and right. Tl;dr: kratos is now a switchvox box, it's got another failing disk in it, vm2 is hosting everything, none of the boxes are really workable (kratos has failing disk again and vm2 has no RAM). Good news is we have a new box thanks to User:Compuhacker that has a lot of RAM and is generally good. So we can use that, at least for a while, and vm2 seems to be supporting the essentials in the meantime.
• router reconfigured to support adding dhcp clients' host names to its /etc/hosts, and it is therefore now responding to NS requests for these names. the fqdn is something like hfuller-pc.256.makerslocal.org. I also made one minor change to allow the switch and router to detect each other over cdp. Hfuller (talk) 01:36, 14 May 2014 (CDT)
  • hfuller@router# compare
  • [edit service dhcp-server]
  • >hostfile-update enable
  • [edit service]
  • +lldp {
  • + legacy-protocols {
  • + cdp
  • + }
  • + management-address 10.56.1.1
  • +}
• router (UBNT EdgeRouter Lite) updated to UBNT software version 1.4.1 to hopefully fix our dhcp issues. There are some cool new features, too. Hfuller (talk) 01:36, 14 May 2014 (CDT)