From 4b914b039f1d878db9547f3da617082c38b27169 Mon Sep 17 00:00:00 2001 From: Juno Date: Tue, 12 Mar 2024 16:58:40 -0400 Subject: [PATCH 01/11] Update some server/switch info, update info on DHCP --- src/infrastructure/network/switches.md | 7 +-- src/infrastructure/servers/elephant.md | 9 ++-- src/infrastructure/servers/erised.md | 4 +- src/services/dhcp.md | 71 +++++--------------------- 4 files changed, 23 insertions(+), 68 deletions(-) diff --git a/src/infrastructure/network/switches.md b/src/infrastructure/network/switches.md index 0d5b7c3..4ce39f3 100644 --- a/src/infrastructure/network/switches.md +++ b/src/infrastructure/network/switches.md @@ -9,7 +9,7 @@ _updated: December 17th, 2023_ FHILL is currently our top level fiber networking switch. It is a [Mikrotik CRS326-24S+2Q+RM](https://mikrotik.com/product/crs326_24s_2q_rm) running `RouterOS v7`. The management interface is assigned to `128.153.145.21`, -and is currently only accessible by plugging in to one of the service ports. +and is currently accessible from within the lab network. If in doubt, the Ethernet port labeled `MGMT/BOOT` should always be configured to allow access to the management interface. @@ -32,7 +32,7 @@ We've configured groups of ports to map to certain [VLANs](../network/vlans.md). | Ports | VID | Name | Speed | |-------|-----|------------|-------| | 0-7 | 3 | cosi\_priv | 10 G | -| 8-15 | 2 | cosi\_pub | 10 G | +| 8-15 | 2 | cosi\_priv | 10 G | | 16-23 | 1 | service | 10 G | | Q0-Q1 | 1 | service | 40 G | | MGMT | 1 | service | 100 M | @@ -44,7 +44,8 @@ _updated: December 17th, 2023_ FCOLO is our fiber network switch in COLO, which we are planning to use as our top level switch once we have moved some critical infrastructure there. It is a [Mikrotik CRS326-24S+2Q+RM](https://mikrotik.com/product/crs326_24s_2q_rm) -running `RouterOS v7`. Its management interface is currently not accessible. +running `RouterOS v7`. The management interface is assigned to `128.153.145.20`, +and is currently accessible from within the lab network. | Ports | Count | |-------------|-------| diff --git a/src/infrastructure/servers/elephant.md b/src/infrastructure/servers/elephant.md index 7674e7d..a9dfc5c 100644 --- a/src/infrastructure/servers/elephant.md +++ b/src/infrastructure/servers/elephant.md @@ -1,8 +1,9 @@ -# ELEPHANT +# Elephant -_updated: Sept 24th 2022_ +_updated: Mar 12th 2024_ -Elephant is a currently unused server with a similar form factor to [Bacon](./bacon.md). +Elephant is a server with a similar form factor to [Bacon](./bacon.md). +It is currently used as a network storage & backup server. | | | | :--- | :--- | @@ -34,8 +35,6 @@ Elephant is a currently unused server with a similar form factor to [Bacon](./ba ## Services -Nothing of value, yet. Planned to be running backup server while using storage provided by [Ampersand](./ampersand.md). - ## Notes Has the same chasis as [Bacon](./bacon.md). diff --git a/src/infrastructure/servers/erised.md b/src/infrastructure/servers/erised.md index d4b7022..160fa4d 100644 --- a/src/infrastructure/servers/erised.md +++ b/src/infrastructure/servers/erised.md @@ -1,6 +1,8 @@ # Erised -_updated: Mar 6th 2024_ +_updated: Mar 12th 2024_ + +Erised is a test environment for Mirror with similar hardware. | | | | :--- | :--- | diff --git a/src/services/dhcp.md b/src/services/dhcp.md index a0e8e0c..b3c19a5 100644 --- a/src/services/dhcp.md +++ b/src/services/dhcp.md @@ -4,71 +4,24 @@ _updated: December 1st, 2023_ Since COSI has it's own network we also run a [DHCP](https://en.wikipedia.org/wiki/Dynamic_Host_Configuration_Protocol) server to manage ip allocations. DHCP is an important service because it allows people temporiliy using our network to avoid setting a static IP address. However, since DHCP servers lease IP address based on client's MAC addresses we can also use our server to easily manage the IPs of other clients on our network. For example, we can manage the ITL machines by manually mapping their MAC addresses to IPs and we never have to worry about setting a static IP on each machine. -## isc-dhcp-server +## Kea We have a single dhcp server running on [TalDos](../infrastructure/servers/taldos.md). In the past we had a fallback server running in a VM. This no longer exists. -We currently use Internet Systems Consortium's implementation of a DHCP server, which -has reached its end-of-life. We are currently working on testing a replacement. +We currently use Internet Systems Consortium's Kea DHCP server. -## DHCP information +## DHCP configuration -| field | value | notes | -| :---- | :---- | :---- | -| domain | cslabs.clarkson.edu | [authoritative dns](../services/authoritative_dns.md) | -| DNS servers | 128.153.145.53 | [recursive dns](../services/recursive_dns.md) | -| NTP Servers | 128.153.2.253, 128.153.5.253 | Operated by OIT | -| Gateway | 128.153.144.1 | OIT Gateway | -| Subnet Mask | 255.255.254.0 | | +### IPv4 +- Subnet: 128.153.144.0/23 +- Address pool: 128.153.144.100-128.153.144.254 +- Gateway: 128.153.144.1 +- DNS servers: 128.153.145.53, 1.1.1.1 +- NTO servers: 128.153.2.253, 128.153.5.253 +- Domain: cslabs.clarkson.edu -## Configuration +### IPv6 -``` -# option definitions common to all supported networks... -option domain-name "cslabs.clarkson.edu"; -option domain-name-servers 1.1.1.1, 1.0.0.1; - -default-lease-time 600; -max-lease-time 7200; - -# The ddns-updates-style parameter controls whether or not the server will -# attempt to do a DNS update when a lease is confirmed. We default to the -# behavior of the version 2 packages ('none', since DHCP v2 didn't -# have support for DDNS.) -ddns-update-style none; - -# If this DHCP server is the official DHCP server for the local -# network, the authoritative directive should be uncommented. -authoritative; - -subnet 128.153.144.0 netmask 255.255.254.0 { - range 128.153.144.100 128.153.144.254; - option routers 128.153.144.1; - option ntp-servers 128.153.2.253, 128.153.5.253; -} - -# Fixed IP addresses can also be specified for hosts. These addresses -# should not also be listed as being available for dynamic assignment. -# Hosts for which fixed IP addresses have been specified can boot using -# BOOTP or DHCP. Hosts for which no fixed address is specified can only -# be booted with DHCP, unless there is an address range on the subnet -# to which a BOOTP client is connected which has the dynamic-bootp flag -# set. -#host fantasia { -# hardware ethernet 08:00:07:26:c0:a5; -# fixed-address fantasia.example.com; -#} - -# You can declare a class of clients and then do address allocation -# based on that. The example below shows a case where all clients -# in a certain class get addresses on the 10.17.224/24 subnet, and all -# other clients get addresses on the 10.0.29/24 subnet. - -#class "foo" { -# match if substring (option vendor-class-identifier, 0, 4) = "SUNW"; -#} -``` +- Not yet configured ## Notes - -As of 12/01/23, the default DNS servers are 1.1.1.1 and 1.0.0.1 (Cloudflare) due to issues with Unbound From b1ad02b3e8ab6f252818545522bfdcba22ca9d35 Mon Sep 17 00:00:00 2001 From: Juno Date: Tue, 26 Mar 2024 12:13:46 -0400 Subject: [PATCH 02/11] update erised info --- src/infrastructure/servers/erised.md | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/src/infrastructure/servers/erised.md b/src/infrastructure/servers/erised.md index 160fa4d..f2c717a 100644 --- a/src/infrastructure/servers/erised.md +++ b/src/infrastructure/servers/erised.md @@ -14,11 +14,11 @@ Erised is a test environment for Mirror with similar hardware. | | | | :--- | :--- | -| CPU | 6 Core Intel Xeon E5410 -| RAM | 8x 8GB (64 GB) -| STORAGE | 3.64 TB -| CONNECTIVITY | -| MOTHERBOARD | Supermicro X9DR7/E-(J)LN4F +| CPU | 2x Intel Xeon E5-2630 V2 (6 cores, 12 threads) +| RAM | 8x 8GB DDR3 ECC (64 GB) +| STORAGE | 56 TB (14x 4TB) +| CONNECTIVITY | 1GB/s Ethernet +| MOTHERBOARD | Supermicro (Unknown model) ## Operating System From 29116a2238272021f4e4e97cc30299789dd39952 Mon Sep 17 00:00:00 2001 From: Juno Date: Wed, 10 Apr 2024 14:46:30 -0400 Subject: [PATCH 03/11] Update info on switches --- src/infrastructure/network/switches.md | 42 +++++++++++++++++--------- 1 file changed, 28 insertions(+), 14 deletions(-) diff --git a/src/infrastructure/network/switches.md b/src/infrastructure/network/switches.md index 4ce39f3..ba49e70 100644 --- a/src/infrastructure/network/switches.md +++ b/src/infrastructure/network/switches.md @@ -4,19 +4,20 @@ The purpose of this document is to provide more detailed descriptions of our man ## FHILL -_updated: December 17th, 2023_ +_updated: April 10th, 2024_ -FHILL is currently our top level fiber networking switch. It is a +FHILL our primary fiber switch on the hill campus. It is a [Mikrotik CRS326-24S+2Q+RM](https://mikrotik.com/product/crs326_24s_2q_rm) running `RouterOS v7`. The management interface is assigned to `128.153.145.21`, and is currently accessible from within the lab network. If in doubt, the Ethernet port labeled `MGMT/BOOT` should always be configured to allow access to the management interface. -| Ports | Count | -|-------------|-------| -| SPF+ (10G) | 24 | -| QSPF+ (40G) | 2 | +| Ports | Count | +|-----------------|-------| +| SPF+ (10G) | 24 | +| QSPF+ (40G) | 2 | +| Ethetnet (100M) | 1 | The switch is physically split into 3 groups of 8 SFP+ ports and 1 group containing the 2 QSFP+ ports. It also has a 100M Ethernet port for management. @@ -35,22 +36,23 @@ We've configured groups of ports to map to certain [VLANs](../network/vlans.md). | 8-15 | 2 | cosi\_priv | 10 G | | 16-23 | 1 | service | 10 G | | Q0-Q1 | 1 | service | 40 G | -| MGMT | 1 | service | 100 M | +| MGMT | 2 | cosi\_priv | 100 M | ## FCOLO -_updated: December 17th, 2023_ +_updated: April 10th, 2024_ -FCOLO is our fiber network switch in COLO, which we are planning to use as our -top level switch once we have moved some critical infrastructure there. It is a +FCOLO is currently our top level fiber switch, located in COLO. +It is a [Mikrotik CRS326-24S+2Q+RM](https://mikrotik.com/product/crs326_24s_2q_rm) running `RouterOS v7`. The management interface is assigned to `128.153.145.20`, and is currently accessible from within the lab network. -| Ports | Count | -|-------------|-------| -| SPF+ (10G) | 24 | -| QSPF+ (40G) | 2 | +| Ports | Count | +|-----------------|-------| +| SPF+ (10G) | 24 | +| QSPF+ (40G) | 2 | +| Ethetnet (100M) | 1 | The switch is physically split into 3 groups of 8 SFP+ ports and 1 group containing the 2 QSFP+ ports. It also has a 100M Ethernet port for management. @@ -60,3 +62,15 @@ containing the 2 QSFP+ ports. It also has a 100M Ethernet port for management. |---|---|---|---|---|---|----|----|----|---|----|----|----|----|---|------|---|------| | 1 | 3 | 5 | 7 | | 9 | 11 | 13 | 15 | | 17 | 19 | 21 | 23 | | Q1 | | MGMT | ``` + +We've configured groups of ports to map to certain [VLANs](../network/vlans.md). +Traffic between cosi\_pub and cosi\_priv is controlled by the +[firewall.](../../services/firewall.md) + +| Ports | VID | Name | Speed | +|-------|-----|------------|-------| +| 0-7 | 3 | cosi\_pub | 10 G | +| 8-15 | 2 | cosi\_priv | 10 G | +| 16-23 | 1 | service | 10 G | +| Q0-Q1 | 1 | service | 40 G | +| MGMT | 2 | cosi\_priv | 100 M | From 08bd1acf46fc42510cf3954408585f3d88e70a32 Mon Sep 17 00:00:00 2001 From: Juno Date: Thu, 11 Apr 2024 11:42:45 -0400 Subject: [PATCH 04/11] remove duplicate pages --- src/computers/cosi-build.md | 1 - src/computers/itl-build.md | 1 - 2 files changed, 2 deletions(-) delete mode 100644 src/computers/cosi-build.md delete mode 100644 src/computers/itl-build.md diff --git a/src/computers/cosi-build.md b/src/computers/cosi-build.md deleted file mode 100644 index 0eafa45..0000000 --- a/src/computers/cosi-build.md +++ /dev/null @@ -1 +0,0 @@ -# COSI Build diff --git a/src/computers/itl-build.md b/src/computers/itl-build.md deleted file mode 100644 index b6c22d6..0000000 --- a/src/computers/itl-build.md +++ /dev/null @@ -1 +0,0 @@ -# ITL Build From 9934426fefdf4dbf3a4fa3585e0186d24f22d1ec Mon Sep 17 00:00:00 2001 From: Juno Date: Thu, 11 Apr 2024 11:44:23 -0400 Subject: [PATCH 05/11] Add Wallace and Gromit to IP allocations --- src/infrastructure/network/ip_allocations.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/infrastructure/network/ip_allocations.md b/src/infrastructure/network/ip_allocations.md index 86fc56f..4bb18de 100644 --- a/src/infrastructure/network/ip_allocations.md +++ b/src/infrastructure/network/ip_allocations.md @@ -36,6 +36,8 @@ _updated: December 15, 2023_ | 2 | [Kasper](../servers/kasper.md) | | 3 | [TalDos](../servers/taldos.md) | | 4 | [Talos](../servers/talos.md) | +| 38 | [Wallace](../servers/wallace.md) | +| 39 | [Gromit](../servers/gromit.md) | | 41 | [Tiamat](../servers/tiamat.md) | | 42 | [Hydra](../servers/hydra.md) | | 43 | [Janet](../servers/janet.md) | From 7538656d4681ac594e73ffb4071db4263e2ade3d Mon Sep 17 00:00:00 2001 From: Juno Date: Thu, 11 Apr 2024 11:52:02 -0400 Subject: [PATCH 06/11] Add info pages for wallace and gromit --- src/infrastructure/servers/gromit.md | 40 +++++++++++++++++++++++++++ src/infrastructure/servers/wallace.md | 40 +++++++++++++++++++++++++++ 2 files changed, 80 insertions(+) create mode 100644 src/infrastructure/servers/gromit.md create mode 100644 src/infrastructure/servers/wallace.md diff --git a/src/infrastructure/servers/gromit.md b/src/infrastructure/servers/gromit.md new file mode 100644 index 0000000..699a3f2 --- /dev/null +++ b/src/infrastructure/servers/gromit.md @@ -0,0 +1,40 @@ +# Gromit + +_updated: April 10, 2024_ + +Gromit is one of COSI's new pair of VM hosts. These servers are much newer +and more well-equipped for VM hosting than our other hardware, and are set up to +allow us to move more of our services to virtual machines for easier backups +and better reliability. + +| | | +| :--- | :--- | +| Location | [COLO](../racks.md#colo) +| IP Addresses | 128.153.145.39 +| Deployed | true + +## Hardware + +| | | +| :--- | :--- | +| CPU | 2x Intel(R) Xeon(R) CPU E5-2697 V3 @ 3.60GHz +| RAM | 128 GB +| STORAGE | 4x 4 TB 3.5" HDDs, 1x 240GB 2.5" SSD +| CONNECTIVITY | 10 Gigabit SFP+ NIC + +## Operating System + +| | | +| :--- | :--- | +| OS | GNU/Linux +| Distro | Proxmox VE 8.1 +| Last updated | April 2024 +| End of life | TBA +| Enrolled in COSI auth | false +| NFS Mount | false + +## VMs + +_updated: April 10, 2024_ + +## Notes diff --git a/src/infrastructure/servers/wallace.md b/src/infrastructure/servers/wallace.md new file mode 100644 index 0000000..60d8032 --- /dev/null +++ b/src/infrastructure/servers/wallace.md @@ -0,0 +1,40 @@ +# Wallace + +_updated: April 10, 2024_ + +Wallace is one of COSI's new pair of VM hosts. These servers are much newer +and more well-equipped for VM hosting than our other hardware, and are set up to +allow us to move more of our services to virtual machines for easier backups +and better reliability. + +| | | +| :--- | :--- | +| Location | [COLO](../racks.md#colo) +| IP Addresses | 128.153.145.38 +| Deployed | true + +## Hardware + +| | | +| :--- | :--- | +| CPU | 2x Intel(R) Xeon(R) CPU E5-2697 V3 @ 3.60GHz +| RAM | 128 GB +| STORAGE | 4x 4 TB 3.5" HDDs, 1x 240GB 2.5" SSD +| CONNECTIVITY | 10 Gigabit SFP+ NIC + +## Operating System + +| | | +| :--- | :--- | +| OS | GNU/Linux +| Distro | Proxmox VE 8.1 +| Last updated | April 2024 +| End of life | TBA +| Enrolled in COSI auth | false +| NFS Mount | false + +## VMs + +_updated: April 10, 2024_ + +## Notes From a98a480b9419a2cecc9eaaee90ca436090525e96 Mon Sep 17 00:00:00 2001 From: Juno Date: Thu, 11 Apr 2024 11:56:47 -0400 Subject: [PATCH 07/11] fix typo CI --- _typos.toml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/_typos.toml b/_typos.toml index 30a4b8d..3c3dcd6 100644 --- a/_typos.toml +++ b/_typos.toml @@ -7,4 +7,8 @@ extend-ignore-identifiers-re = [ "2RW103_ZL2*", # Ignore "typos" in nftables config "iif", "oif", + # NTO servers + "NTO", + # MUC (Multi-User Chat) + "muc.*", "muc_*", "MUC", ] From 83628c4bf6e484aea0d8e1c377a8f35315480011 Mon Sep 17 00:00:00 2001 From: Juno Date: Thu, 11 Apr 2024 11:57:20 -0400 Subject: [PATCH 08/11] Fix dead links in sidebar --- src/SUMMARY.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/SUMMARY.md b/src/SUMMARY.md index 9bf0c43..1fa0d20 100644 --- a/src/SUMMARY.md +++ b/src/SUMMARY.md @@ -31,8 +31,8 @@ # Equipment - [Computers](./equipment/computers/index.md) - - [COSI Build](./computers/cosi-build.md) - - [ITL Build](./computers/itl-build.md) + - [COSI Build](./equipment/computers/cosi-build.md) + - [ITL Build](./equipment/computers/itl-build.md) - [Steggo](./equipment/computers/steggo.md) - [Intel Mini](./equipment/computers/mini-intel.md) - [arm64 Mini](./equipment/computers/mini-arm64.md) From ae65b7b8b0a12b7b764566e7e61aa48922c56b18 Mon Sep 17 00:00:00 2001 From: Juno Date: Thu, 11 Apr 2024 12:32:28 -0400 Subject: [PATCH 09/11] Fix incorrect VID on FHILL --- src/infrastructure/network/switches.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/infrastructure/network/switches.md b/src/infrastructure/network/switches.md index ba49e70..4d3f891 100644 --- a/src/infrastructure/network/switches.md +++ b/src/infrastructure/network/switches.md @@ -32,7 +32,7 @@ We've configured groups of ports to map to certain [VLANs](../network/vlans.md). | Ports | VID | Name | Speed | |-------|-----|------------|-------| -| 0-7 | 3 | cosi\_priv | 10 G | +| 0-7 | 2 | cosi\_priv | 10 G | | 8-15 | 2 | cosi\_priv | 10 G | | 16-23 | 1 | service | 10 G | | Q0-Q1 | 1 | service | 40 G | From 10612a5636a73ba1d0f0950162f44ad9cb993a0c Mon Sep 17 00:00:00 2001 From: Juno Date: Thu, 11 Apr 2024 13:47:50 -0400 Subject: [PATCH 10/11] add wallace and gromit to sidebar --- src/SUMMARY.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/SUMMARY.md b/src/SUMMARY.md index 1fa0d20..f33dc1e 100644 --- a/src/SUMMARY.md +++ b/src/SUMMARY.md @@ -18,12 +18,14 @@ - [Elephant](./infrastructure/servers/elephant.md) - [Eldwyn](./infrastructure/servers/eldwyn.md) - [Erised](./infrastructure/servers/erised.md) + - [Gromit](./infrastructure/servers/gromit.md) - [Hydra](./infrastructure/servers/hydra.md) - [Janet](./infrastructure/servers/janet.md) - [Kasper](./infrastructure/servers/kasper.md) - [Talos](./infrastructure/servers/talos.md) - [TalDos](./infrastructure/servers/taldos.md) - [Tiamat](./infrastructure/servers/tiamat.md) + - [Wallace](./infrastructure/servers/wallace.md) - [Ziltoid](./infrastructure/servers/ziltoid.md) - [Virtual Machines](./infrastructure/vms.md) From 2a7c547bfb591c1f6fedbdeacdf0010076d4322c Mon Sep 17 00:00:00 2001 From: Juno Date: Thu, 11 Apr 2024 14:32:23 -0400 Subject: [PATCH 11/11] Add capabilities --- src/infrastructure/servers/index.md | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) diff --git a/src/infrastructure/servers/index.md b/src/infrastructure/servers/index.md index a953f6c..3786c6c 100644 --- a/src/infrastructure/servers/index.md +++ b/src/infrastructure/servers/index.md @@ -4,6 +4,27 @@ _updated: Sept 17th 2022_ This chapter contains an alphabetically ordered list of all of COSI's physical server. For our purposes a server is any computer that is mounted on a rack. Our servers are spread across the university colocation in Old Main (colo), SC 334-A (the server room), and the SC 252 (the second floor). +## Capabilities +> Note: Reference benchmark data is provided by https://www.cpubenchmark.net. +> These scores only provide a rough estimate of servers' performance. Especially +> with older CPUs, performance under real-world workloads can vary +> significantly. + +| Server Name | CPUs | CPU Family/Model | Cores/Threads | Ref. Bench | RAM Size/Type | +|-------------|------|------------------|---------------|------------|---------------| +| Erised | 2 | Xeon E5-2630v2 | 6/12 | 7484 | 64 GB DDR3 | +| Gromit | 2 | Xeon E5-2697v3 | 14/28 | 18717 | 128 GB DDR4 | +| Hydra | 2 | Opteron 6376 | 16/16 | 5572 | 64 GB DDR3 | +| Janet | 2 | Xeon E5-2640 | 6/12 | 6325 | 80 GB DDR3 | +| Kasper | 1 | Xeon E5-2620 | 6/12 | 5290 | 8 GB DDR3 | +| Mirror | 2 | Xeon E5504 | 4/4 | 1519 | 64 GB DDR3 | +| TalDos | 2 | Xeon E5620 | 4/8 | 3502 | 12 GB DDR3 | +| Talos | 1 | Xeon E3-1220v2 | 4/4 | 4666 | 4 GB DDR3 | +| Tiamat | 2 | Opteron 6220 | 8/8 | 4753 | 64 GB DDR3 | +| Wallace | 2 | Xeon E5-2697v3 | 14/28 | 18717 | 128 GB DDR4 | +| Ziltoid | 1 | Xeon E3-1220v2 | 4/4 | 4666 | 4 GB DDR3 | + + ## Template ```text