Difference between revisions of "Server Provisioning"
Jump to navigation
Jump to search
imported>Bryan (Created page with "This is intended to be a reference for setting up a VM or Server for AllStatLink. = Server Overview = == Basic Requirements == AllStarLink has standardized on Ubuntu 16.0...") |
imported>Bryan |
||
| Line 18: | Line 18: | ||
When provisioning a new server | When provisioning a new server | ||
| − | * check the VM is setup (cpu/mem/disk) as it should be, if not contact the provider | + | * check the VM is setup (cpu/mem/disk) as it should be, if not contact the provider |
| − | + | ||
cat /proc/cpuinfo |grep processor | cat /proc/cpuinfo |grep processor | ||
processor : 0 | processor : 0 | ||
| Line 25: | Line 25: | ||
processor : 2 | processor : 2 | ||
processor : 3 | processor : 3 | ||
| − | + | ||
* on the server install python (apt-get install python). This is needed for the ansibile provisioning | * on the server install python (apt-get install python). This is needed for the ansibile provisioning | ||
| Line 38: | Line 38: | ||
=== Mandatory Configs === | === Mandatory Configs === | ||
| − | * The network should be configured to use /etc/network/interfaces | + | * The network should be configured to use /etc/network/interfaces, and add DNS and the firewall to it and search in the allstarlink.org domain |
| + | |||
| + | # The primary network interface | ||
| + | auto eth0 | ||
| + | iface eth0 inet static | ||
| + | address 44.103.0.49 | ||
| + | netmask 255.255.255.0 | ||
| + | network 44.103.0.0 | ||
| + | broadcast 44.103.0.255 | ||
| + | gateway 44.103.0.1 | ||
| + | dns-nameservers 44.103.0.4 1.1.1.1 | ||
| + | dns-search allstarlink.org | ||
| + | up /etc/network/firewall.sh | ||
| + | |||
| + | |||
* There is typically only one network interface, and it will be named dynamically. We must setup this using udev to be persistant | * There is typically only one network interface, and it will be named dynamically. We must setup this using udev to be persistant | ||
| − | |||
root@server# ifconfig |grep HWaddr | root@server# ifconfig |grep HWaddr | ||
eth0 Link encap:Ethernet HWaddr 52:54:00:73:86:06 | eth0 Link encap:Ethernet HWaddr 52:54:00:73:86:06 | ||
| − | + | ||
Now take this HWaddr and put it in the config file | Now take this HWaddr and put it in the config file | ||
| − | + | echo 'SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="52:54:00:73:86:06", ATTR{dev_id}=="0x0", ATTR{type}=="1", NAME="eth0"' >/etc/udev/rules.d/70-persistent-net.rules | |
| − | echo 'SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="52:54:00:73:86:06", ATTR{dev_id}=="0x0", ATTR{type}=="1", NAME="eth0"' >/etc/udev/rules.d/70-persistent-net.rules | ||
| − | |||
Revision as of 17:42, 5 August 2018
This is intended to be a reference for setting up a VM or Server for AllStatLink.
Server Overview
Basic Requirements
AllStarLink has standardized on Ubuntu 16.04 LTS for it's servers.
The minimum configuration of any server will be 2 cores of 2 GHz or faster, 4 GiB of ram and 40 GiB of Disk.
All new servers shall support IPv6, or have it available from the hosting provider.
Reverse IP's shall be delegated via a CNAME to $NAME.PTR.allstarlink.org, where $NAME is the name of the server.
All servers shall be partitioned to use / as the only partition unless a specific configuration is required.
Install guide
When provisioning a new server
- check the VM is setup (cpu/mem/disk) as it should be, if not contact the provider
cat /proc/cpuinfo |grep processor processor : 0 processor : 1 processor : 2 processor : 3
- on the server install python (apt-get install python). This is needed for the ansibile provisioning
- setup the server in the infrastructure configs and push the users and keys to it.
Mandatory Software
All servers require this software
apt-get install ntp python vim screen ipsec-tools strongswan fail2ban
Mandatory Configs
- The network should be configured to use /etc/network/interfaces, and add DNS and the firewall to it and search in the allstarlink.org domain
# The primary network interface
auto eth0
iface eth0 inet static
address 44.103.0.49
netmask 255.255.255.0
network 44.103.0.0
broadcast 44.103.0.255
gateway 44.103.0.1
dns-nameservers 44.103.0.4 1.1.1.1
dns-search allstarlink.org
up /etc/network/firewall.sh
- There is typically only one network interface, and it will be named dynamically. We must setup this using udev to be persistant
root@server# ifconfig |grep HWaddr eth0 Link encap:Ethernet HWaddr 52:54:00:73:86:06
Now take this HWaddr and put it in the config file
echo 'SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="52:54:00:73:86:06", ATTR{dev_id}=="0x0", ATTR{type}=="1", NAME="eth0"' >/etc/udev/rules.d/70-persistent-net.rules