Actions

Albert: Difference between revisions

From HacDC Wiki

(→‎OS: Updating info)
(added more info on VMs)
Line 198: Line 198:
** RAM: 2048MB
** RAM: 2048MB
** Disk:
** Disk:
*** / - /dev/xvda2
*** / - albert/cthulhu-disk
*** swap - /dev/xvda1
*** swap - albert/cthulhu-swap
*** cache - albert/proxy


====Software====
====Software====
Line 217: Line 218:
===tortoise===
===tortoise===
* Shell server
* Shell server
* ssh key access only
* SSH key access '''only'''
* local network webhosting
* Per user local network webhosting and file shares via hoard.
* xen configs
* xen configs
** CPU: 3
** CPU: 3
** RAM: 128MB
** RAM: 128MB
** Disk:
** Disk:
*** disk.img
*** / - albert/tortoise-disk
**** / - /dev/xvda2
*** swap - albert/tortoise-swap
**** swap - /dev/xvda1
*** /home - albert/tortoise-home
*** home.img
*** /home/users - /srv/share/users
**** /home - /dev/xvdb1
*** /srv/share - hoard:/srv/share
*** var.img
*** /var - albert/tortoise-var
**** /var - /dev/xvdc1
*** /tmp - albert/tortoise-tmp
*** tmp.img
**** /tmp - /dev/xvdd1


====Users====
====Users====
* "staff"/admin accounts in /home/staff
* "staff"/admin accounts in /home/admin
* user accounts in /home/users
* user accounts in /home/users
* use "addshelluser" command in /usr/local/sbin
* To add a new user:
# ~# adduser --disabled-password --ingroup users <username>
# ~# echo <user provided ssh key> > /home/users/<username>/.ssh/authorized_keys
# Notify <user> of account creation and include the ssh oneliner for loggin into the server.


====Config====
====Config====
* Process limit:
* Memory limit:
* mesg -n set in /etc/profile.d
* mesg -n set in /etc/profile.d
* set nosuid (via mount):
* Firewall rules and other network restrictions:
** /var - /dev/xvdc1 var.img - nosuid,nodev
* FS restrictions:
** /home - /dev/xvdb1 home.img - nosuid,nodev
** /var - nosuid,nodev
** /tmp - /dev/xvdd1 tmp.img - nosuid
** /home - nosuid,nodev
** /tmp - nosuid
 
====Software====
Any software can be requested and almost certianly will be installed.
 
 
===hoard===
* File server
** Samba/CIFS
** NFS
** HTTP
** Others upon request.

Revision as of 18:11, 5 March 2015


Specs

Case

  • 3U 19 inch rackmount

PSU

  • ATX PSU with both 4 and 8 pin cpu power connectors
  • Wattage:

Slots

  • 7 stock 3.5 inch hot swap slots
  • 1 front, floppy slot
  • 1 front, 5.25 inch slot
  • 2 internal front 3.5 inch slots
  • 2 3.5 inch slots on spreader bar

Addon Cards

Mother Board

RAM

  • 4GB DDR2 ECC

CPU

  • dual socket dual core Xeon
  • has VM extensions
  • no hyper-threading
  • /proc/cpuinfo
   processor	: 0
   vendor_id	: GenuineIntel
   cpu family	: 6
   model		: 15
   model name	: Intel(R) Xeon(R) CPU            5140  @ 2.33GHz
   stepping	: 6
   microcode	: 0x44
   cpu MHz		: 2333.448
   cache size	: 4096 KB
   fpu		: yes
   fpu_exception	: yes
   cpuid level	: 10
   wp		: yes
   flags		: fpu de tsc msr pae cx8 apic sep cmov pat clflush acpi mmx fxsr sse sse2 ss ht syscall nx lm constant_tsc rep_good nopl pni est ssse3 cx16 hypervisor lahf_lm dtherm
   bogomips	: 4666.89
   clflush size	: 64
   cache_alignment	: 64
   address sizes	: 36 bits physical, 48 bits virtual
   power management:
   
   processor	: 1
   vendor_id	: GenuineIntel
   cpu family	: 6
   model		: 15
   model name	: Intel(R) Xeon(R) CPU            5140  @ 2.33GHz
   stepping	: 6
   microcode	: 0x44
   cpu MHz		: 2333.448
   cache size	: 4096 KB
   fpu		: yes
   fpu_exception	: yes
   cpuid level	: 10
   wp		: yes
   flags		: fpu de tsc msr pae cx8 apic sep cmov pat clflush acpi mmx fxsr sse sse2 ss ht syscall nx lm constant_tsc rep_good nopl pni est ssse3 cx16 hypervisor lahf_lm dtherm
   bogomips	: 4666.89
   clflush size	: 64
   cache_alignment	: 64
   address sizes	: 36 bits physical, 48 bits virtual
   power management:
   
   processor	: 2
   vendor_id	: GenuineIntel
   cpu family	: 6
   model		: 15
   model name	: Intel(R) Xeon(R) CPU            5140  @ 2.33GHz
   stepping	: 6
   microcode	: 0x44
   cpu MHz		: 2333.448
   cache size	: 4096 KB
   fpu		: yes
   fpu_exception	: yes
   cpuid level	: 10
   wp		: yes
   flags		: fpu de tsc msr pae cx8 apic sep cmov pat clflush acpi mmx fxsr sse sse2 ss ht syscall nx lm constant_tsc rep_good nopl pni est ssse3 cx16 hypervisor lahf_lm dtherm
   bogomips	: 4666.89
   clflush size	: 64
   cache_alignment	: 64
   address sizes	: 36 bits physical, 48 bits virtual
   power management:
   
   processor	: 3
   vendor_id	: GenuineIntel
   cpu family	: 6
   model		: 15
   model name	: Intel(R) Xeon(R) CPU            5140  @ 2.33GHz
   stepping	: 6
   microcode	: 0x44
   cpu MHz		: 2333.448
   cache size	: 4096 KB
   fpu		: yes
   fpu_exception	: yes
   cpuid level	: 10
   wp		: yes
   flags		: fpu de tsc msr pae cx8 apic sep cmov pat clflush acpi mmx fxsr sse sse2 ss ht syscall nx lm constant_tsc rep_good nopl pni est ssse3 cx16 hypervisor lahf_lm dtherm
   bogomips	: 4666.89
   clflush size	: 64
   cache_alignment	: 64
   address sizes	: 36 bits physical, 48 bits virtual
   power management:


GPU

  • NVIDIA Corporation NV43 [GeForce 6600] (rev a2)

BIOS/UEFI

  • Make - ?
  • Version - ?
Menu
  • ?Setup
  • ?View Post
  • ?Boot Select

OS

  • Debian
    • Version - stable
    • Arch - amd64

Config

DomU
  • Shell server - tortoise
  • File server - hoard
  • Squid Proxy - cthulhu
Storage
  • Partitions #FIXME
    • All drives have stripe for /boot
    • 1TB drives
    • 500GB drives
    • 250GB drives
  • Soft RAID # FIXME
    • the /boot stripe is RAID1
    • 250GB drives
    • 500GB drives
    • 1TB drives
  • LVM
  • Volume Groups
    • albert
      • home
        • /home
      • root
        • /
      • swap
        • Contiguous LV.
      • nas
        • Attached to hoad.
        • Shell users' /home/users/*
        • Generic storage.
      • proxy
        • Attached to cthulhu.
        • Contains the cache from the proxies.
      • cthulhu-disk - 4GB
      • cthulhu-swap - 1GB
      • hoard-disk - 4GB
      • hoard-swap - 128MB
      • tortoise-disk - 4GB
      • tortoise-home - 50GB (will be reduced)
      • tortoise-swap - 128MB
      • tortoise-tmp - 10GB
      • tortoise-var - 30GB
      • template.debian-testing-minimal - 4GB
      • to be removed
        • template-swap
        • vms

Software

Xen HVM

  • domain configs /mnt/vm-images/config
  • default image storage /mnt/vm-images
  • configs trcked with git
    • use /mnt/vm-images/config/.commit to commit changes as nonroot user

VMs

cthulhu

  • xen configs
    • CPU: 2
    • RAM: 2048MB
    • Disk:
      • / - albert/cthulhu-disk
      • swap - albert/cthulhu-swap
      • cache - albert/proxy

Software

Squid
  • Not configured
  • repo: #FIXME
  • Caches - all include official install/live isos/images
    • debian/ubuntu/mint apt traffic
      • does not cache Packages* files - prevents stale package lists
    • fedora/centos yum traffic
    • slackware/slax/porteus
      • caches data from official sources only
    • gentoo/funtoo
      • #will coordinate with mirage

tortoise

  • Shell server
  • SSH key access only
  • Per user local network webhosting and file shares via hoard.
  • xen configs
    • CPU: 3
    • RAM: 128MB
    • Disk:
      • / - albert/tortoise-disk
      • swap - albert/tortoise-swap
      • /home - albert/tortoise-home
      • /home/users - /srv/share/users
      • /srv/share - hoard:/srv/share
      • /var - albert/tortoise-var
      • /tmp - albert/tortoise-tmp

Users

  • "staff"/admin accounts in /home/admin
  • user accounts in /home/users
  • To add a new user:
  1. ~# adduser --disabled-password --ingroup users <username>
  2. ~# echo <user provided ssh key> > /home/users/<username>/.ssh/authorized_keys
  3. Notify <user> of account creation and include the ssh oneliner for loggin into the server.

Config

  • Process limit:
  • Memory limit:
  • mesg -n set in /etc/profile.d
  • Firewall rules and other network restrictions:
  • FS restrictions:
    • /var - nosuid,nodev
    • /home - nosuid,nodev
    • /tmp - nosuid

Software

Any software can be requested and almost certianly will be installed.


hoard

  • File server
    • Samba/CIFS
    • NFS
    • HTTP
    • Others upon request.