Changes

← Older edit

Project Bringing Sexy Back

842 bytes removed, 02:34, 10 January 2019

no edit summary

'''Note''': This is an effort toward the end of Fall 2017 and early Spring 2018 to get new hardware, determining if we can use old hardware for anything, bring many vtluug services back to life plus add new services, fix major problems relating to the page does '''not''' reflect current infrastructure~~, make managing the current infrastructure easier, and to provide enough documentation so that anybody can have a very good understanding~~ . It was for planning purposes. As of ~~how~~ 2019 everything ~~works without having~~ has been migrated to ~~ask the officers about every little thing. This will be summarized~~ new infra, as explained in ~~the~~ [[~~Sysadmin Handbook~~Infrastructure]].

~~One major change~~ If you're looking for the older project [[User:telnorattti|telnoratti]] proposed, details about it are at [[Summer_2013_New_Machines]]. This is ~~running~~ an ~~oVirt cluster~~ effort toward the end of Fall 2017 and early Spring 2018 to get new hardware, determining if we can use old hardware for anything, bring many vtluug services back to life plus add new services, fix major problems relating to the current infrastructure, make managing the current infrastructure easier, and to provide enough documentation so that anybody can have a very good understanding of how everything~~, along with~~ works without having to ask the officers about every little thing. This will be summarized at https://vtluug.org/rtfm.txt One major change offering a VPS service in addition to shell accounts on [[Infrastructure:Acidburn|Acidburn]]. This is not possible with the current hardware.

We are still working on exactly what to ask for, but here are some desirable things:

~~//TODO link items~~

{| class='wikitable' id='sortMe'

!Priority

|}

Ideally we will get 2. A much more detailed price analysis will be done for the SBB.

~~A much more detailed price analysis will be done for the SBB.~~\o/ We got $1300 to get 2 R620s!!

== Hardware Configuration ==

==== Hardware ~~we will definitely have:~~====

* temp88191

* [[Infrastructure:Cyberdelia|Cyberdelia]]

* [[Infrastructure:Wood|Wood]]

* 2x SGI (Phantomphreak/Joey)

* 2x R620s (Meltdown/Spectre)

=== ~~Assuming we do get SBB funding~~ = Configuration ====~~Additional hardware: 2x R620~~

* Router/DNS Server: joey (sry temp88191 is too old)

* NAS: [[Infrastructure:Cyberdelia|Cyberdelia]] due to its HDD capacity

* ~~oVirt hosted-engine~~Libvirt hosts: ~~Both R620s, Phantomphreak~~Meltdown & Spectre

* HPC: [[Infrastructure:Wood|Wood]] due to its 4U height that can easily fit gpus

~~<s>~~

~~=== If we don't get SBB funding ===~~

~~We probably need to get some additional RAM & CPUs for Wood in this case in order to do the cluster.~~

~~Ram for Phantomphreak, Joey, and Wood is about $1/GB so we might as well upgrade all that too.~~

* Router/DNS Server: Joey (sry temp88191 is too old)

* NAS: [[Infrastructure:Cyberdelia|Cyberdelia]]

* oVirt Controller: [[Infrastructure:Wood|Wood]]

* oVirt Workers: [[Infrastructure:Wood|Wood]], Phantomphreak

~~</s>~~

~~We may also get some additional hardware early Spring 2017. This will replace Phantomphreak/Joey, become the oVirt Controller, or the NAS depending on its specs. TBD~~

Diagrams in progress

== Networking ==

See [[Infrastructure:Network]] for a mostly up to date networking layout.

~~This section reflects~~ Public IPv4s are the ~~services decscribed in~~ same except for a few, the ~~following section~~local IPv4 network is different, and IPv6 is completely different because we have a prefix.

==== Public IPv4 addresses ====

|128.173.88.191

|-

|~~oVirt Controller~~One Libvirt Node (out of 2)|~~crashandburn~~meltdown.vtluug.org|128.173.89.~~244~~246

|-

|~~Webserver~~Web/Proxy server

|sczi.vtluug.org

|128.173.88.78

|-

|FreeIPA

|~~zerocool~~chimera.vtluug.org

|128.173.89.247

|-

|~~Mirror~~Primary NFS server|~~mirror~~dirtycow.vtluug.org|128.173.89.~~246~~244

|-

|Matt's server

As per [[User:echarlie|echarlie]], "check rdns. if there isn't an entry, and it's in ece's allocated block, we can use it."

~~==== Private IPv4 addresses ====~~

~~We also use private addresses for things like NAS. This isn't 100% figured out yet, but we will probably do something like use 10.0.0.0-100 as static IPs and run DHCP on 10.0.0.101+.~~

~~==== IPv6 addresses ====~~

~~See [[Infrastructure_2017|Infrastructure 2017]].~~

== Service Importance ==

'''Note''': This ~~secion~~section's PoV does '''not''' taking into account the current state of service. Instead, it assumes services are being installed to a new infrastructure.

~~'''All''' necessary services send notifications to officers for alerts.~~Syntax:* Overall service (hostname)

~~Syntax:~~* Service (VM name | Container name)** CommentServices running on each host are covered in the following sections

=== ~~Urgent~~ Essential ===

==== Bare Metal ====

* Routing (joey)

* DNS (joey)

* ~~NAS~~ Firewall (~~cyberdelia~~joey)* ~~oVirt hosted-engine (crash and burn)~~** oVirt requires DNS & NAS* Monitoring (~~crashandburn)~~** crashandburn.vtluug.org "new" dell 2900 - ~~also oVirt dashboard~~** oVirt mostly takes care of this for us*** See https://ovirt.org/blog/2017/12/ovirtdirtycow, dell 2900 -~~metrics~~cyberdelia, r310 -~~store~~shellshock)** Prometheus or Nagios if more detailed monitoring is neededLibvirt hosts (meltdown, spectre)

==== VMs ====

* FreeIPA (~~zerocool~~chimera) ~~==== K8s ====~~* ~~Sczi proxy~~ Web services (sczi)** For proxying *.vtluug.org because we don't have unlimited v4* vtluug.org Shell (~~vtluug~~acidburn)* wiki.vtluug.org (wiki_vtluug)* gobblerpedia.org (wiki_gobblerpedia)* hokieprivacy.org (hokieprivacy)* pSQL (wikidb)** For storing wiki.vtluug.org & gobblerpedia.org

=== Very Important ===

==== Bare Metal ====

* VPS system ~~(crashandburn)~~via Libvirt

** Somewhat automated system where a user is given a VM

** ~~Possibly is really easy with oVirt~~Give each user an ipv6 address** Possibly do something like <user>.users.vtluug.orgNAS Backup

==== VMs ====

* ~~Shell (acidburn)~~** Member pages @ vtluug.org/~user* rsyslog elk (theplague)

** Need to research this a bunch

* ~~Mail~~ jitsi.vtluug.org (~~acidburn~~jitsi)** ~~Possibly in Docker instead of VM~~ ~~==== K8s ====~~Proxy through sczi* ~~Wadsworth~~ emby.vtluug.org (~~wadsworth~~emby)* ~~duckhunter9000 (duckhunter)~~* Proxy through sczi* ~~truncatedcone~~ mirror.vtluug.org (~~truncatedcone~~mirror)* ~~multimediamanv2~~ syncthing discovery server (~~multimediaman~~sync)** Produces /files/irc-vtluug.org

=== Important ===

==== VMs ====

* mirror.vtluug.org (mirror)

* Tahoe-LAFS (crashoverride)

** Possibly put in container

* telnet BBS

** How tf do these things work

* wargame.vtluug.org (wargame)

* Archive Team Warrior

~~==== K8s ====~~

* linx.vtlug.org (linx)

* bash.vtluug.org (bash)

* foodfor.vtluug.org (foorfor)

** .pickfood, .foodvote

* emby.vtluug.org (emby)

* map.vtluug.org (map)

* jitsi.vtluug.org (jitsi)

=== Other things to consider ===

* diaspora*

* finger (kerberos-based)

* talkd

== Migration ==

=== VTLUUG Site ===

* ~~Migrate to docker~~ ~~=== VTLUUG wiki ===~~* Backup content* Migrate to dockerSetup on sczi via the web ansible role

=== VTLUUG & Gobblerpedia wiki ===* Backup contentusing dumpBackup.xml script* ~~Migrate~~ Setup on sczi via the web ansible role* Restore content to ~~docker~~new wiki

=== Wadsworth/phenny ===

* ~~Backup db (for .in)~~Use irc3 module instead* ~~Migrate to docker~~Setup on acidburn via the small-services ansible role

=== VTBash ===

* ~~Migrate to docker~~Setup on sczi via the web ansible role

=== Hokieprivacy ===

* ~~Migrate to docker~~Setup on sczi via the web ansible role

=== Linx ===

* ~~Move files to NAS~~* Migrate to dockerSetup on sczi via the web ansible role

=== Acidburn ===

* Migrate homedirs to dirtycow NAS* ~~Currently have a ton of uses - most~~ Implement background tmux irc systemd service (or just tell people ~~don't~~ to use ~~it anymore~~crontabs @reboot (sounds like u got a problem w/ systemd)) === User Accounts ===*Setup on chimera via freeipa-server ansible role* ~~Have people re-register with FreeIPA~~Import LDAP accounts to freeipa

=== /tank ===

* ~~Backup then clean up~~Move main stuff to dirtycow** Either to tardis or Clean up a ~~temporary NAS~~bit

== Issues with current services ==

=== Gobblerpedia ===

* Lots of out of ~~dat~~ date information* Building templates(populate automatically from database)

=== Wadsworth/phenny ===

=== Hokieprivacy ===

* Mobile formatting is fucked~~, at least for FF on Android~~-- someone should look into the hugo templates and fix

* Out of date

=== vtluug.org/files ===

* Need easy way fo non-root to add stuff here

=== vtluug.org/users/~$USERNAME ===

* should document for users

* maybe support dynamic server-side content (probably not; use js)

=== mail ===

* Train spamassassin(use corpus)

* Sieve doesn't seem to work

=== gopherspace ===

* who tf uses gopher(fwiw, gopher was 90% of the goal of project bringing sexy back)* legacy IP only, b/c pygopherd is shite

=== TOR services ===

Pew

Administrators

398

edits

Changes

Project Bringing Sexy Back

Navigation menu

Personal tools

Namespaces

Variants

Views

More

Search

Navigation

Tools