Difference between revisions of "Network Overview"

From Spark Makerspace
Jump to navigation Jump to search
m
Line 11: Line 11:
 
[[image:Spark Network Diagram.png|300px|thumb|Latest Spark Network Diagram]]
 
[[image:Spark Network Diagram.png|300px|thumb|Latest Spark Network Diagram]]
  
[https://www.yworks.com/yed-live/?file=https://drive.google.com/file/d/1-uMt6-LX9USwaRefRKs6wx3tz8q_GRJC/view?usp=sharing Editable Network Graph on yEd Live]
+
[https://www.yworks.com/yed-live/?file=https://doc-0k-9s-docs.googleusercontent.com/docs/securesc/0tb09o5khf1jkv46je1lm5ittja241bj/dp5v7529nlq7la275aoc06lk1opo9ue2/1638164550000/03037837665914916854/03037837665914916854/1-uMt6-LX9USwaRefRKs6wx3tz8q_GRJC?e=download Editable Network Graph on yEd Live]
  
 
== Domain ==
 
== Domain ==

Revision as of 05:44, 29 November 2021


Spark Makerspace Network Overview

This page is intended to give you an overview of the network at Spark Makerspace.

Network Graph

Latest Spark Network Diagram

Editable Network Graph on yEd Live

Domain

Spark is using FreeIPA to manage host and user identities. While it's not a replacement for a Microsoft Active Directory domain controller, it get us close for the low price of free!

How to Create a New User

Point your browser tohttps://freeipa.spark.spork

while on the Spark network and login with administrator credentials.

FreeIPA Login Page

Once logged in, on the Identity > Users tab, click the Add button on the primary section. Enter the user's information. Spark uses a username format of first initial + last name. If this username is already in use, use full first name instead of first initial.

How to enroll a new Ubuntu machine

1. Set hostname

$ sudo hostnamectl set-hostname new-host.spark.spork

2. Install freeipa-client package

$ sudo apt install -y freeipa-client

3. Edit /etc/hosts

$ sudo vim /etc/hosts
# Add FreeIPA Server IP and hostname
10.11.12.156 freeipa.spark.spork freeipa

4. Register host

$ sudo ipa-client-install --hostname=`hostname -f` \
--mkhomedir \
--server=freeipa.spark.spork \
--domain spark.spork \
--realm SPARK.SPORK

You can proceed with fixed values and no DNS discovery. It's also fine to not configure NTP.

5. Enable mkhomedir.

$ sudo bash -c "cat > /usr/share/pam-configs/mkhomedir" <<EOF
Name: activate mkhomedir
Default: yes
Priority: 900
Session-Type: Additional
Session:
required pam_mkhomedir.so umask=0022 skel=/etc/skel
EOF

Then run

$ sudo pam-auth-update

Ensure that "activate mkhomedir" is checked and hit enter when prompted.

Or just use the shell script here as cloud-init userdata

#!/bin/bash
HOSTNAME=$(hostname)
IP=$(hostname -i | awk '{print $1}')
echo "$HOSTNAME.spark.spork" > /etc/hostname
FQDN="$HOSTNAME.spark.spork"
echo "FQDN is: $FQDN"
sed -i "1 i\
$IP $FQDN $HOSTNAME" /etc/hosts
echo "10.11.12.156 freeipa.spark.spork freeipa" >> /etc/hosts
apt-get -y update
apt-get install -y nfs-kernel-server nfs-common
DEBIAN_FRONTEND=noninteractive apt-get -y install freeipa-client
ipa-client-install --hostname=$(hostname -f) --server=freeipa.spark.spork \
--domain=spark.spork --no-ntp --unattended --principal=admin --password='<PASSWORD_GOES_HERE!!!!!!!!!!!!!!!!!!!!!!!!>'\
--realm=SPARK.SPORK --mkhomedir
sed -i '/ticket_lifetime/a renew_lifetime = 28d' /etc/krb5.conf
service sssd restart