Equipment/Denning
Denning | |
---|---|
Model | Nexcom DNA1110 |
Sub-category | Systems |
Status | Good working order |
Training requirement | yes |
Training link | Unknown |
ACnode | no |
Owner | LHS |
Origin | donation from Tgreer |
Maintainers | Sysadmin team |
Denning
Runs the non-vital services that used to run on Boole. Might get used for other stuff as well. Same hardware as Boole
Runs zone minder, see below.
Also a netboot server, provides:
- Diskless i386 and amd64 debian wheezy
- Rescue and Install for debian wheezy.
- partition magic
- memtest
- dban
- Voyage (a minimised debian disto that can run from readonly media) Warning : the Voyage auto install kernel will reformat things they are booted on without prompting.
Also runs ansible for setting up machines in the space.
Zoneminder/cctv
Has an 8 port video capture card in it. It's currently connected to the 3 yard cameras and the rear lobby camera. The other 4 inputs are disabled until we put more cameras up.
The card is one of these (or a clone):
- http://www.zoneminder.com/wiki/index.php/File:Karta.jpg
- http://www.zoneminder.com/wiki/index.php/Kodicom_8800
The modprobe.d settings I'm using are:
options i2c-algo-bit bit_test=1
options tuner debug=1
options bttv gbuffers=16 card=102,102,102,102,102,102,102,102 radio=0,0,0,0,0,0,0,0 tuner=4,4,4,4,4,4,4,4 audiodev=-1,-1,-1,-1,-1,-1,-1,-1 v4l2=1 bttv_verbose=1 chroma_agc=1 combfilter=2 full_luma_range=1 coring=1
Each input is configured with:
- fps: 10
- alarm fps: 25
- palette: BGR24
- resolution: 640 x 480
This might just about work with all 4 inputs, we may have to drop the resolution to 360 x 288
The old card.
Issues
Has only a single mechanical harddrive so vulnerable to data loss. Maybe look at adopting this for netboot stuffs: https://github.com/askarel/Pantoufle
nfs
Denning runs a few diskless nfs clients via pxe etc, unfortunatly nfs dosn't work very well, and i don't know why.
- The kernel used nfs v3 over tcp
- the mount works on my laptop (manual mounting)
- dosn't work on the spaces "windows" laptop (when netbooting)
- dosn't work on new colin (?) (when netbooting)
- i386 seems to work (?)
- but i386 has a newer kernel...
linkdump:
- https://lists.gnu.org/archive/html/ltib/2010-08/msg00103.html
- https://www.kernel.org/doc/Documentation/filesystems/nfs/nfsroot.txt
todo
- Try other machines incase it's a wierd nic driver bug
- Try more i386 vs. amd64.
- Upgrade kernel on the amd64 diskless image
Ansible procedures
using Ansible with a Rasbperry Pi
dd raspbian image (use the 02-09 one to avoid usb issues) boot pi watch dhcp logs on boole ssh pi@ip passwd: raspberry sudo raspi-config update it expand filesystem change password boot to console advanced options -> hostname cd /etc/network edit interfaces to get a static ip reboot on boole: add hostname to fwd and rev. dns, don't forget to commit your changes. log into denning with ssh keys forwarded add hostname to /etc/ansible/hosts in both the [lhshosts] and [rpis] sections, and [doorbot] if it's a doorbot, make the syslocation="something sensible" then: if it's a replacement for an old machine then: ssh-keygen -R hostname ssh-keygen -R hostname.lan.london.hackspace.org.uk ssh-keygen -R ipv4 address (?) ssh-keygen -R ipv6 address (?) then: cd /etc/ansible install python-apt which ansible needs: ansible -vvv -u pi -k -s -m command -a "apt-get -y install python-apt" "hostname" Then run it ansible-playbook -u pi -s -k -l "hostname" lhs/site.yml The 2nd one will add our users, ssh keys, packages, etc etc. notes: not sure how resolv.conf gets setup, I thought having: iface eth0 inet static [...] dns-nameservers 172.31.24.2 dns-search lan.london.hackspace.org.uk Would sort it, but maybe that dosn't and we got lucky from dhcp? The dns stuff in /etc/network/interfaces appears to be bogus and resolv.conf needs to be done manually, add to ansible.
Removing an admin
edit /etc/ansible/lhs/vars/defaults.yml
, remove them from users, add them to disable_users, then re-run ansible.
Ansible Troubleshooting
- problem, ansible dies in the snmp config cos it can't find a default ipv4 address.
- fix: make sure the machine has an ipv4 default route
- problem, the sshfp stuff just has hostname. rather than hostname.lan.london.hackspace.org.uk.
- fix: edit /etc/hosts on the effected machine so that both the long and short versions of the hostname are in there.