hacksch
r3home
tickets
-gnocci[0:1]
+gnocchi[0:1]
## TODO: remove the variable once https://github.com/ansible/ansible/issues/39119 is fixed
metrics localconfig_ssh_config_user=root
[baremetalservers]
alfred
-gnocci[0:1]
+gnocchi[0:1]
[kvmhosts]
alfred
-gnocci[0:1]
+gnocchi[0:1]
[virtualservers]
#torwaechter
[apu]
-gnocci[0:1]
+gnocchi[0:1]
--- /dev/null
+* Roadmap
+** DONE Get tunnel & subnet from mur.at for testing [2/2]
+*** DONE Get approval from mur.at
+ CLOSED: [2018-06-01 Fri 20:29]
+*** DONE Set up tunnel
+ CLOSED: [2018-06-02 Sa 01:26]
+ Assigned: equinox
+ IPv4: 89.106.211.0/28
+ IPv6: 2a02:3e0:4001::/48
+ IPIP Tunnel Endpoint: 10.12.240.246
+** DONE Create new VLANs [3/3]
+*** DONE mgmt VLAN 32 (aka new managemnt VLAN)
+ CLOSED: [2018-06-02 Sa 03:17]
+ Assigned: equinox
+*** DONE Finish converting plan to diagram & push to ikiwiki
+ CLOSED: [2018-07-08 So 00:07]
+ Assigned: nicoo
+*** DONE Remaining VLANs
+ CLOSED: [2018-07-08 So 00:07]
+ Assigned: equinox (waiting for nicoo to upload the diagram)
+** TODO Bring gnocchi online [0/2]
+*** TODO Move gnocchis to the rack in W1
+ Assigned: nicoo
+*** TODO Setup [3/9]
+**** DONE Adapt vm/setup to be able to bring up Gnocchi VMs
+ CLOSED: [2018-06-17 Sun 12:32]
+
+ vm/setup had implicit assumptions about network which might not have
+ held when installing core network VMs on gnocchi
+
+ It now only needs connectivity on the VM's primary interface,
+ to the configured debian mirror.
+
+**** TODO Prepare preseed installs for gnocchis
+ Assigned: nicoo
+
+ Generate preseed in Ansible, concat to initramfs.
+
+**** TODO 1 if -> mgmt, 2 if -> lacp -> tagged VLANs
+**** DONE Basic services on hypervisor [3/3]
+ Assigned: nicoo
+***** DONE NTPd
+ CLOSED: [2018-06-17 Sun 16:31]
+***** DONE Haveged
+ CLOSED: [2018-06-08 Sun 21:24]
+***** DONE Provide time & entropy to guests
+ CLOSED: [2018-06-08 Sun 21:24]
+
+**** TODO Get the vm-host role working there
+**** DONE Figure out best way to virtualize OpenWRT
+ CLOSED: [2018-06-17 So 16:00]
+ Assigned: equinox
+
+ Openwrt x86_64 have everything built in to run inside KVM
+ I propose to store to have 2 disks for the VMs. The first will contain
+ the kernel as well as a sqashfs root filesystem. The second one will hold
+ the overlay. This is basically a ext-root setup:
+
+ https://openwrt.org/docs/guide-user/additional-software/extroot_configuration
+
+**** TODO Move gw to a gnocchi VM
+Clone the VM, run with the legacy VLANs
+**** TODO VMs for firewaling & basic net services (1/subnet)
+Sit directly on the service LAN (original /27)
+**** TODO VMs for critical services [0/4]
+***** TODO DNS resolver
+unbound or getdns
+***** TODO Authoritative NS for realraum.at
+bind (potentially)
+***** TODO Authn/authz [0/2]
+****** TODO whawty
+****** TODO RADIUS
+***** TODO netboot.xyz
+* Future stuffs
+** Switch to a wireguard tunnel
+*** Upgrade r2ko to LEDE
+**** Forward-port murtun
+**** Actual upgrade
+*** Setup tunnel
+** Hardware RNG & key storage
+*** Design miniPCIe PCB for Flying Stone 1
+ Only uses power & USB
+ Assigned: equinox
+*** Forward key intarface to guests
+++ /dev/null
-* Roadmap
-** DONE Get tunnel & subnet from mur.at for testing [2/2]
-*** DONE Get approval from mur.at
- CLOSED: [2018-06-01 Fri 20:29]
-*** DONE Set up tunnel
- CLOSED: [2018-06-02 Sa 01:26]
- Assigned: equinox
- IPv4: 89.106.211.0/28
- IPv6: 2a02:3e0:4001::/48
- IPIP Tunnel Endpoint: 10.12.240.246
-** DONE Create new VLANs [3/3]
-*** DONE mgmt VLAN 32 (aka new managemnt VLAN)
- CLOSED: [2018-06-02 Sa 03:17]
- Assigned: equinox
-*** DONE Finish converting plan to diagram & push to ikiwiki
- CLOSED: [2018-07-08 So 00:07]
- Assigned: nicoo
-*** DONE Remaining VLANs
- CLOSED: [2018-07-08 So 00:07]
- Assigned: equinox (waiting for nicoo to upload the diagram)
-** TODO Bring gnocchi online [0/2]
-*** TODO Move gnocchis to the rack in W1
- Assigned: nicoo
-*** TODO Setup [3/9]
-**** DONE Adapt vm/setup to be able to bring up Gnocci VMs
- CLOSED: [2018-06-17 Sun 12:32]
-
- vm/setup had implicit assumptions about network which might not have
- held when installing core network VMs on gnocci
-
- It now only needs connectivity on the VM's primary interface,
- to the configured debian mirror.
-
-**** TODO Prepare preseed installs for gnocchis
- Assigned: nicoo
-
- Generate preseed in Ansible, concat to initramfs.
-
-**** TODO 1 if -> mgmt, 2 if -> lacp -> tagged VLANs
-**** DONE Basic services on hypervisor [3/3]
- Assigned: nicoo
-***** DONE NTPd
- CLOSED: [2018-06-17 Sun 16:31]
-***** DONE Haveged
- CLOSED: [2018-06-08 Sun 21:24]
-***** DONE Provide time & entropy to guests
- CLOSED: [2018-06-08 Sun 21:24]
-
-**** TODO Get the vm-host role working there
-**** DONE Figure out best way to virtualize OpenWRT
- CLOSED: [2018-06-17 So 16:00]
- Assigned: equinox
-
- Openwrt x86_64 have everything built in to run inside KVM
- I propose to store to have 2 disks for the VMs. The first will contain
- the kernel as well as a sqashfs root filesystem. The second one will hold
- the overlay. This is basically a ext-root setup:
-
- https://openwrt.org/docs/guide-user/additional-software/extroot_configuration
-
-**** TODO Move gw to a gnocchi VM
-Clone the VM, run with the legacy VLANs
-**** TODO VMs for firewaling & basic net services (1/subnet)
-Sit directly on the service LAN (original /27)
-**** TODO VMs for critical services [0/4]
-***** TODO DNS resolver
-unbound or getdns
-***** TODO Authoritative NS for realraum.at
-bind (potentially)
-***** TODO Authn/authz [0/2]
-****** TODO whawty
-****** TODO RADIUS
-***** TODO netboot.xyz
-* Future stuffs
-** Switch to a wireguard tunnel
-*** Upgrade r2ko to LEDE
-**** Forward-port murtun
-**** Actual upgrade
-*** Setup tunnel
-** Hardware RNG & key storage
-*** Design miniPCIe PCB for Flying Stone 1
- Only uses power & USB
- Assigned: equinox
-*** Forward key intarface to guests
projects / noc.git / commitdiff