User Tools

Site Tools


default_server_setup

Default setups for new servers

Summary

All Hosts

The following software is installed

  • fail2ban - security - blocks ssh login attempts after a number of failures
  • etckeeper - monitoring - version control for /etc
  • munin-node - monitoring - simple graphs of lots of services
  • nagios-plugins and check_mk_agent - monitoring - constantly check services and health
  • ntp - keeps accurate time

Physical Hosts

Additional software for monitoring is added to physical hosts.

  • smartmontools - monitor non-raided drive health through SMART
  • mpt-status - monitors some LSI RAID arrays
  • mcelog - logs machine check exceptions, such as ECC errors in memory
  • Dell OpenManage - configure and monitor Dell server hardware
  • check_openmanage - nagios checks for Dell server hardware
  • HP Management Component Pack - configure and monitor HP server hardware
  • check_hpasm - nagios checks for HP server hardware

Detailed Setup for Physical Servers

OS Installation

  • Install Ubuntu LTS from the “Server” CD or ISO file (instructions are different for every server type)
    • enter networking information manually (don't configure with DHCP)
    • use default LVM file system config
    • choose the profile “openssh server” when prompted

Post Install Configuration

  • set the root password
  • enable the firewall
  • install updates and reboot

Configure services on other servers

  • add server to ansible host groups and run deploy playbook
  • setup hardware monitoring
  • add server to Nagios (check_mk) and Munin
  • setup backups on Eris - Bacula

Documentation


Detailed Setup for LXD Hosts

  • Install the ZFS packages: zfsutils-linux zfs-initramfs
  • Setup ZFS storage
    • set compression=lz4 and xattr=sa
  • Install the LXD packages: lxd criu
  • Configure LXD
  • lxd init
  • Create a network bridge config in LXD
  • lxc profile create bridge
    lxc profile edit bridge
    
    name: bridge
    config: {}
    devices:
        eth0:
            nictype: bridged
            parent: br0
            type: nic
    
    lxc profile apply NAME bridge

Detailed Setup for KVM Guests

OS Installation

  • Create a new LVM partition for the guest
  • Login to KVM host and run virt-manager
  • Click “New” in the toolbar: Enter the hostname as the server name
  • Choose Local install media, click Forward
  • Choose Use ISO image, browse to the ISO image file
  • Select the OS type and version (usually Linux and Ubuntu), click Forward
  • Enter the Memory and CPU limits, click Forward
  • Choose Select managed or other existing storage, Browse to the LVM partition created earlier, click Forward
  • Choose Customize configuration before install
  • Click Advanced Options, choose Bridge for the network option
  • Verify Virt Type is kvm and Architecture is x86_64, click Finish
  • Remove the Sound device, if it was created
  • Select the storage device (usually Disk 1), select Advanced options, then Performance options, change Cache mode to none (allows live migration), click Apply
  • Select Display VNC, change the keymap to en-us (fixes OS X X11 keymapping issues), click Apply
  • Click Begin Installation and install Ubuntu
    • enter networking information manually (don't configure with DHCP)
    • use default LVM file system config
    • choose the profile “openssh server” when prompted

Post Install Configuration

  • set the root password
  • enable the firewall
  • install updates and reboot

Configure services on other servers

  • add server to ansible host groups and run deploy playbook
  • add server to Nagios (check_mk) and Munin
  • setup backups on Eris - Bacula

Documentation


Detailed Setup for LXD Guests

OS Installation

  • Login to LXD host and run:
  • lxc launch ubuntu:16.04 GUESTNAME -p bridge

Post Install Configuration

  • disable swap and set limits for CPU, memory, and disk
  • lxc config set $GUESTNAME limits.memory.swap false
    lxc config set $GUESTNAME limits.memory 4GB
    lxc config set $GUESTNAME limits.cpu 4
    lxc config device set $GUESTNAME root size 40GB
    lxc config set $GUESTNAME volatile.eth0.name eth0
  • login to guest via host
  • lxc exec GUESTNAME bash
    • setup networking
    • install python
    • create a user account
    • set the root password
    • enable the firewall

Configure services on other servers

  • add server to ansible host groups and run deploy playbook
  • add server to Nagios (check_mk) and Munin
  • setup backups on Eris and a disk backup server

Documentation

default_server_setup.txt · Last modified: 2017/07/21 16:04 by outin