Difference between revisions of "Equipment/Boole"

From London Hackspace Wiki
Jump to navigation Jump to search
m
(update with the changes to denning etc.)
Line 19: Line 19:
 
A 1U Intel Atom machine in the rack in the basement, specs etc [http://www.nexcom.com/Products/network-and-communication-solutions/desktop-appliance/desktop-appliance/communication-gateway-dna-1110# here]
 
A 1U Intel Atom machine in the rack in the basement, specs etc [http://www.nexcom.com/Products/network-and-communication-solutions/desktop-appliance/desktop-appliance/communication-gateway-dna-1110# here]
  
Is our core router, has both FTTC lines connected to it. DHCP and DNS server. Runs the spacefed node for the space and is an ldap server.
+
Boole is our core router, has both FTTC lines connected to it. DHCP and DNS server. Runs the spacefed node for the space and is an ldap server.
 
 
Also a netboot server, provides:
 
 
 
* Diskless i386 and amd64 debian wheezy
 
* Rescue and Install for debian wheezy.
 
* partition magic
 
* memtest
 
* [http://www.dban.org/ dban]
 
* [http://linux.voyage.hk/ Voyage] (a minimised debian disto that can run from readonly media) '''Warning''' : the Voyage auto install kernel will '''reformat''' things they are booted on ''without prompting''.
 
 
 
Also runs [http://www.ansibleworks.com/docs/intro_getting_started.html ansible] for setting up machines in the space.
 
  
 
=== Issues ===
 
=== Issues ===
  
On boot unbound can fail to start due to ipv6 dad not finishing in time for it to bind to it's ipv6 address, see this: http://lists.debian.org/debian-devel/2012/11/msg00038.html I added sleep 10 to the unboudn init scripts.
+
On boot unbound can fail to start due to ipv6 dad not finishing in time for it to bind to it's ipv6 address, see this:
 
 
We have have installed the latest versio of the rp-pppoe ppp plugin so we can use a 1508 byte mtu to avoid having to do mss clamping.
 
 
 
=== using Ansible with a Rasbperry Pi ===
 
 
 
<nowiki>
 
dd raspbian image (use the 02-09 one to avoid usb issues)
 
boot pi
 
watch dhcp logs on boole
 
ssh pi@ip
 
passwd: raspberry
 
 
 
sudo raspi-config
 
update it
 
expand filesystem
 
change password
 
boot to console
 
advanced options -> hostname
 
 
 
cd /etc/network
 
edit interfaces to get a static ip
 
reboot
 
 
 
log into boole with ssh keys forwarded
 
 
 
add hostname to dns
 
add hostname to /etc/ansible/hosts in both the [lhshosts] and [rpis]
 
sections, and [doorbot] if it's a doorbot, make the syslocation="something sensible"
 
 
 
then:
 
 
 
if it's a replacement for an old machine then
 
ssh-keygen -R hostname
 
ssh-keygen -R hostname.lan.london.hackspace.org.uk
 
ssh-keygen -R ipv4 address (?)
 
ssh-keygen -R ipv6 address (?)
 
 
 
then:
 
 
 
cd /etc/ansible
 
ansible -v -s -u pi -k  -m command -a "apt-get -y install python-apt" "hostname*"
 
ansible-playbook -u pi -s -k -l "perlman*" lhs/site.yml
 
 
 
The 2nd one will add our users, ssh keys, packages, etc etc.
 
 
 
notes:
 
 
 
not sure how resolv.conf gets setup, I thought having:
 
 
 
iface eth0 inet static
 
        [...]
 
        dns-nameservers 172.31.24.2
 
        dns-search lan.london.hackspace.org.uk
 
 
 
would sort it, but maybe that dosn't and we got lucky from dhcp?
 
  
the dns stuff in /etc/network/interfaces appears to be bogus and resolv.conf needs to be
+
http://lists.debian.org/debian-devel/2012/11/msg00038.html I added sleep 10 to the unbound init scripts.
done manually, add to ansible.
 
  
</nowiki>
+
We have have installed the latest version of the rp-pppoe ppp plugin so we can use a 1508 byte mtu to avoid having to do mss clamping.

Revision as of 18:45, 4 January 2014

Boole
Hackspace Unknown.png
Model Nexcom DNA1110
Sub-category Systems
Status Good working order
Training requirement yes
Training link Unknown
ACnode no
Owner LHS
Origin donation from Tgreer
Location Basement rack
Maintainers Sysadmin team

A 1U Intel Atom machine in the rack in the basement, specs etc here

Boole is our core router, has both FTTC lines connected to it. DHCP and DNS server. Runs the spacefed node for the space and is an ldap server.

Issues

On boot unbound can fail to start due to ipv6 dad not finishing in time for it to bind to it's ipv6 address, see this:

http://lists.debian.org/debian-devel/2012/11/msg00038.html I added sleep 10 to the unbound init scripts.

We have have installed the latest version of the rp-pppoe ppp plugin so we can use a 1508 byte mtu to avoid having to do mss clamping.

Retrieved from ‘https://wiki.london.hackspace.org.uk/w/index.php?title=Equipment/Boole&oldid=39428