RMU build Gen-1.5

Process for building a new RMU to convert Gen-1 sites to Gen-1.5 sites.

The following guide describes how DFINITY monitors their ICR Sites using the equipment that is already standard in most Gen-1.a sites. If you choose to follow this guide, completing everything up to Best Practices will get you remote access to the RMU and the ability to add additional services via teleport. The Best Practices section does introduce some services that greatly improve the overall experience such as being able to update firmware on all servers remotely.

Please be aware that this guide provides only the foundational steps for setting up a Gen1.5 RMU. It does not encompass comprehensive security hardening for the RMU, nor does it address system maintenance. Responsibility to ensure a secure and well-maintained environment rests with each Node Provider.

I. Prerequisites

II. Proxmox

Once Proxmox is installed and reachable (Step II.A), the rest can be done remotely.

• A. Install Proxmox
• B. Update Proxmox
• C. Download CT Templates
• D. Download ISO Images
• E. Add LAN Network Device

III. Teleport

This service will provide you secure remote access to all of the services installed on your RMU.

• A. Create Teleport CT
• B. Install Teleport Software
• C. Share RMU Services Via Teleport
• D. Teleport Notes

IV. MaaS (Metal as a Service)

• A. Create Proxmox CT
• B. Install MaaS Software via APT (for a Container)
• C. Share Services Via Teleport
• D. Initial Configuration of MaaS Server
• E. Configure DHCP Subnet on MaaS

V. Best Practices

• A. Recommended: Proxmox Security
• B. Optional: Install RACADM Tool On RMU (Dell Nodes)
• C. Recommended: Dell OpenManage Enterprise (OME) (Dell Nodes)
• D. Recommended: Update Firmware On SuperMicro Nodes
• E. Recommended: Enable Remote Access To Servers Console (Dell Nodes)
• F. Recommended: Enable GUI Access To OPNsense devices

VI. Reference Information

• Internal Network Layout
• RMU Cabling
• Checking number of internal drives