Difference between revisions of "RMU build Gen-1.5"

From Internet Computer Wiki
Jump to: navigation, search
m (fix roman numerals (there were two "II"))
 
(11 intermediate revisions by one other user not shown)
Line 1: Line 1:
''Process for building a new RMU for the Gen 1.5 ICR''
+
''Process for building a new RMU to convert Gen-1 sites to Gen-1.5 sites.''
  
The following guide describes how DFINITY monitors their ICR Sites. If you choose to follow this guide, completing everything up to [[RMU build Gen-1.5#IV. Best Practices|Best Practices]] will get you remote access to the RMU and the ability to add additional services via teleport. The [[RMU build Gen-1.5#IV. Best Practices|Best Practices]] section does introduce some services that greatly improve the overall experience such as being able to update firmware on all servers remotely.
+
The following guide describes how DFINITY monitors their ICR Sites using the equipment that is already standard in most Gen-1.a sites. If you choose to follow this guide, completing everything up to [[RMU build Gen-1.5#IV. Best Practices|Best Practices]] will get you remote access to the RMU and the ability to add additional services via teleport. The [[RMU build Gen-1.5#IV. Best Practices|Best Practices]] section does introduce some services that greatly improve the overall experience such as being able to update firmware on all servers remotely.
  
Once Proxmox is installed and reachable (Step II.A), the rest can be done remotely.
+
Please be aware that this guide provides only the foundational steps for setting up a Gen1.5 RMU. It does not encompass comprehensive security hardening for the RMU, nor does it address system maintenance. Responsibility to ensure a secure and well-maintained environment rests with each Node Provider.
  
 
=== I.  [[RMU build Gen-1.5: I. Prerequisites|Prerequisites]] ===
 
=== I.  [[RMU build Gen-1.5: I. Prerequisites|Prerequisites]] ===
  
=== II. [[RMU build Gen-1.5: II. Proxmox|Proxmox]] ===
+
=== II. Proxmox ===
 
+
Once Proxmox is installed and reachable (Step II.A), the rest can be done remotely.
 
* A. [[RMU build Gen-1.5: II. Proxmox - A. Install Proxmox|Install Proxmox]]
 
* A. [[RMU build Gen-1.5: II. Proxmox - A. Install Proxmox|Install Proxmox]]
* B. Update Proxmox
+
* B. [[RMU build Gen-1.5: II. Proxmox - B. Update Proxmox|Update Proxmox]]
* C. Download CT Templates
+
* C. [[RMU build Gen-1.5: II. Proxmox - C. Download CT Templates|Download CT Templates]]
* D. Download ISO Images
+
* D. [[RMU build Gen-1.5: II. Proxmox - D. Download ISO Images|Download ISO Images]]
* E. Add LAN Network Device
+
* E. [[RMU build Gen-1.5: II. Proxmox - E. Add LAN Network Device|Add LAN Network Device]]
  
=== II. Teleport ===
+
=== III. Teleport ===
 +
This service will provide you secure remote access to all of the services installed on your RMU.
 +
* A. [[RMU build Gen-1.5: II. Teleport - A. Create Teleport CT|Create Teleport CT]]
 +
* B. [[RMU build Gen-1.5: II. Teleport - B. Install Teleport Software|Install Teleport Software]]
 +
* C. [[RMU build Gen-1.5: II. Teleport - C. Share RMU Services Via Teleport|Share RMU Services Via Teleport]]
 +
* D. [[RMU build Gen-1.5: II. Teleport - D. Teleport Notes|Teleport Notes]]
  
* A. Create Teleport CT
+
=== IV. MaaS (Metal as a Service) ===
* B. Install Teleport Software
 
* C. Share RMU Services Via Teleport
 
* D. Teleport Notes
 
  
=== III. MaaS (Metal as a Service) ===
+
* A. [[RMU build Gen-1.5: III. Maas - A. Create Proxmox CT|Create Proxmox CT]]
 +
* B. [[RMU build Gen-1.5: III. Maas - B. Install Maas Software via APT|Install MaaS Software via APT (for a Container)]]
 +
* C. [[RMU build Gen-1.5: III. Maas - C. Share Services Via Teleport|Share Services Via Teleport]]
 +
* D. [[RMU build Gen-1.5: III. Maas - D. Initial Configuration of Maas Server|Initial Configuration of MaaS Server]]
 +
* E. [[RMU build Gen-1.5: III. Maas - E. Configure CHCP Subnet on MaaS|Configure DHCP Subnet on MaaS]]
  
* A. Create Proxmox CT
+
=== V. Best Practices ===
* B. Install MaaS Software via APT (for a Container)
 
* C. Share Services Via Teleport
 
* D. Initial Configuration of MaaS Server
 
* E. Configure DHCP Subnet on MAAS
 
  
=== IV. Best Practices ===
+
* A. Recommended: [[RMU build Gen-1.5: IV. Best Practices - A. Proxmox Security|Proxmox Security]]
 +
* B. Optional: [[RMU build Gen-1.5: IV. Best Practices - B. Install RACADM Tool on RMU|Install RACADM Tool On RMU (Dell Nodes)]]
 +
* C. Recommended: [[RMU build Gen-1.5: IV. Best Practices - C. Dell OpenManage Enterprise|Dell OpenManage Enterprise (OME) (Dell Nodes)]]
 +
* D. Recommended: [[RMU build Gen-1.5: IV. Best Practices - D. Update Firmware on SuperMicro Nodes|Update Firmware On SuperMicro Nodes]]
 +
* E. Recommended: [[RMU build Gen-1.5: IV. Best Practices - E. Enable Remote Access to Servers Console|Enable Remote Access To Servers Console (Dell Nodes)]]
 +
* F. Recommended: [[RMU build Gen-1.5: IV. Best Practices - F. Enable GUI Access to OPNsense devices|Enable GUI Access To OPNsense devices]]
  
* A. Recommended: Proxmox Security
+
=== VI. Reference Information ===
* B. Optional: Install RACADM Tool On RMU (Dell Nodes)
 
* C. Recommended: Dell OpenManage Enterprise (OME) (Dell Nodes)
 
** C.1 - Create VM
 
** C.2 - Download & Import OME
 
** C.3 - Configure OME
 
** C.4 - Share Services with Teleport
 
** C.5 - Configure OME Web GUI
 
** C.6 - Discover Your Nodes
 
* D. Recommended: Update Firmware On SuperMicro Nodes
 
* E. Recommended: Enable Remote Access To Servers Console (Dell Nodes)
 
** E.1 - Allow iDRACs To Be Browsable Through Teleport
 
** E.2 - Add Teleport Entries For BMC/iDRAC access
 
* F. Recommended: [WIP] Victoria Metrics (Local Monitoring)
 
** F.1 - Create Proxmox CT
 
** F.2 - Install Victoria Metrics
 
** F.3 - Share Services Via Teleport
 
  
=== V. Reference Information ===
+
* [[RMU build Gen-1.5: V. Reference Information - Internal Network Layout|Internal Network Layout]]
 +
* [[RMU build Gen-1.5: V. Reference Information - RMU Cabling|RMU Cabling]]
 +
* [[RMU build Gen-1.5: V. Reference Information - Checking number of internal drives|Checking number of internal drives]]

Latest revision as of 07:50, 17 April 2024

Process for building a new RMU to convert Gen-1 sites to Gen-1.5 sites.

The following guide describes how DFINITY monitors their ICR Sites using the equipment that is already standard in most Gen-1.a sites. If you choose to follow this guide, completing everything up to Best Practices will get you remote access to the RMU and the ability to add additional services via teleport. The Best Practices section does introduce some services that greatly improve the overall experience such as being able to update firmware on all servers remotely.

Please be aware that this guide provides only the foundational steps for setting up a Gen1.5 RMU. It does not encompass comprehensive security hardening for the RMU, nor does it address system maintenance. Responsibility to ensure a secure and well-maintained environment rests with each Node Provider.

I. Prerequisites

II. Proxmox

Once Proxmox is installed and reachable (Step II.A), the rest can be done remotely.

III. Teleport

This service will provide you secure remote access to all of the services installed on your RMU.

IV. MaaS (Metal as a Service)

V. Best Practices

VI. Reference Information

Retrieved from "https://wiki.internetcomputer.org/w/index.php?title=RMU_build_Gen-1.5&oldid=7711"