Difference between revisions of "Adding a New Machine to the Network"

From URY Wiki
Jump to navigation Jump to search
 
(5 intermediate revisions by the same user not shown)
Line 2: Line 2:
  
  
== Checklist ==
+
== Pre-Install Checklist ==
* Has the device been recently? New equipment should be by before being placed into production (YUSU offer to do it, but are entered into a 3 year [as of 2013] exclusive contract with a company that takes weeks to respond - you can also try Computer Science Hardware support [Pete Cooper], Electronics, or one of the free PAT days the University offers at the start of the academic year).
+
* Has the device been PA Tested recently? New equipment should be by before being placed into production (YUSU offer to do it, but are entered into a 3 year [as of 2013] exclusive contract with a company that takes weeks to respond - you can also try Computer Science Hardware support [Pete Cooper], Electronics, or one of the free PAT days the University offers at the start of the academic year).
 
* Is the device earmarked to go into the [[Server Cupboard]]? If so, it must be a rack mount device. It improves airflow, accessibility and prettyness. If you don't have a suitable case, ask around the team - we have "contacts" that can "source" them for you (Read: have collections of old servers).
 
* Is the device earmarked to go into the [[Server Cupboard]]? If so, it must be a rack mount device. It improves airflow, accessibility and prettyness. If you don't have a suitable case, ask around the team - we have "contacts" that can "source" them for you (Read: have collections of old servers).
 
* Has the device been allocated an IP address in one of the subnets allocated to us by IT Services? Have you updated the Google Doc (at https://docs.google.com/spreadsheet/ccc?key=0AtlIZR-runbWdEphYXdNQkcxU25BeFJfUGtQeFRRWnc&usp=drive_web)?
 
* Has the device been allocated an IP address in one of the subnets allocated to us by IT Services? Have you updated the Google Doc (at https://docs.google.com/spreadsheet/ccc?key=0AtlIZR-runbWdEphYXdNQkcxU25BeFJfUGtQeFRRWnc&usp=drive_web)?
Line 9: Line 9:
 
* Have you configured the IP Address for the device *statically*, with DNS Servers 144.32.64.164, 144.32.128.242, 144.32.128.243? A sample /etc/network/interfaces file is below in [[#Static IP Configuration]]
 
* Have you configured the IP Address for the device *statically*, with DNS Servers 144.32.64.164, 144.32.128.242, 144.32.128.243? A sample /etc/network/interfaces file is below in [[#Static IP Configuration]]
 
* If Windows, has it been Domain Joined? If Linux/FreeBSD, have you set up Samba as per [[#Single Sign On with Samba]]?
 
* If Windows, has it been Domain Joined? If Linux/FreeBSD, have you set up Samba as per [[#Single Sign On with Samba]]?
 +
* If this device is to have trunked networking, or something other than/in addition to VLAN653 untagged, have you configured the switch appropriately and updated the Google Doc (at https://docs.google.com/spreadsheet/ccc?key=0AtlIZR-runbWdEZOd2YtenEzT1RvNUdpaDFrYWpGM1E&usp=drive_web)?
  
=== Registering with LAN DB ===
+
== Physical Install - Server Cupboard ==
Men & Mice, The LAN Database, or The Evil Central Repository of Stupid, is the central IT Service database of devices that use the campus network (excluding NAS and eduroam devices). They will set you on fire if you put a device into production without telling them it exists. Create a Footprints (using either https://footprints.york.ac.uk or emailing itsupport@york.ac.uk) that looks similar to the following:
+
When installing or removing rack-mount equipment from the Server Cupboard, it is usually necessary to remove the wooden front panel. You must have three technical team members with you when doing this, and a good couple of hours when it isn't raining (you'll need to move the Outside Broadcast equipment.... outside).
  
Hi,
+
'''Do not attempt to access the rear of the rack if you are anything other than exceedingly slim. This will end badly.'''
 
Could I have a new device added to the LAN Database as follows please:
 
  
 +
First, make sure you have cleared space in the stores walkway for the panel to be kept whilst it is removed. This involves placing everything currently there into the vinyl section of stores or outside. Then, switch off the fans (located above a thermostat at the rear of the cupboard) and disconnect their power cables.
  
+
This panel is held on with a series of wood screws that need to be removed. You can then begin to gently push the panel out at the bottom from the inside. Once this has given somewhat, you should be able to push the whole thing forward an inch or so out of the frame.
Object name: (DNS prefix, e.g. uryserver3)
 
  
Machine type: Unsupported Office PC
+
You now need to slide the panel '''away''' from the wall dividing technical storage from music in order to free the section that fits around the ducting.
  
Operating System: (OS and Version e.g. FreeBSD 10.0)
+
'''''You might find yourself panicing that small pieces of material have fallen loose and are now in your hair. This is NOT asbestos, just some poorly placed polystyrene.'''''
  
Department/contact: Students Union / (Your Name)
+
Once that is free, you can then life the panel up from the bottom, sliding it out further. As you do this, rotate it 90 degrees, and it will rest happily against the wall. You now have front access to the rack.
  
Location: V/URY
+
* Ensure the new device is powered from the UPS, either directly from the sockets on its rear or through the 16A PDU at the back of the shelf in the middle. This is more for power smoothing than redundancy - until we got this unit we lost around one server per term due to surges and brownouts.
 +
* Ensure the new device is connected to the KVM, located below the shelf in the middle of the rack.
 +
* If the rackmount equipment requires any screwing into the rack, there is a large tub of identical M4 bolts. If this supply has run out, acquire more from IT Services - they ironically have thousands of this same screw as it comes with HP Switches but is slightly different to the style they have standardised on.
 +
* Ensure that cabling is managed down the side of the rear of the rack, network on one side, power on the other.
 +
* Power up the device. Ensure that APC PowerChute is installed on it and the UPS has been configured to trigger a remote shutdown at the appropriate time during a power outage.
 +
* IMPORTANT: Update the Server Rack diagram documentation, including the A3 printed on in stores, and the system startup/shutdown procedure.
  
Interface type: Ethernet
+
Once you're done, don't forget to reinstall the wooden panel in front of the rack.
  
MAC address: (The MAC address)
+
== Registering with LAN DB ==
 +
Men & Mice, The LAN Database, or The Evil Central Repository of Stupid, is the central IT Services database of devices that use the campus network (excluding NAS and eduroam devices). They will set you on fire if you put a device into production without telling them it exists. Create a Footprints (using either https://footprints.york.ac.uk or emailing itsupport@york.ac.uk) that looks similar to the following:
  
Attachment Point: ury
+
  Hi,
 +
  Could I have a new device added to the LAN Database as follows please:
 +
 
 +
  Object name: (DNS prefix, e.g. uryserver3)
 +
  Machine type: Unsupported Office PC
 +
  Operating System: (OS and Version e.g. FreeBSD 10.0)
 +
  Department/contact: Students Union / (Your Name)
 +
  Location: V/URY
 +
  Interface type: Ethernet
 +
  MAC address: (The MAC address)
 +
  Attachment Point: ury
 +
  IP address: 144.32.64.xxx (or 10.64.160.xxx)
 +
  Gateway: 144.32.64.161 (or 10.64.160.xxx)
 +
 
 +
  (Your Signoff Here)
  
IP address: 144.32.64.xxx (or 10.64.160.xxx)
+
== Single Sign On with Samba ==
 
+
=== FreeBSD ===
Gateway: 144.32.64.161 (or 10.64.160.xxx)
 
 
 
 
 
(Your Signoff Here)
 
 
 
=== Single Sign On with Samba ===
 
==== FreeBSD ====
 
 
* Follow the following guide: http://www.whitneytechnologies.com/?p=119
 
* Follow the following guide: http://www.whitneytechnologies.com/?p=119
 
* Change the home directory path configuration from above to just be /home/%U (no domain in the path)
 
* Change the home directory path configuration from above to just be /home/%U (no domain in the path)
Line 53: Line 65:
 
* If you are using ZFS data anywhere and plan to share over NFS or SMB, also look at https://mywushublog.com/2012/05/zfs-and-acls-with-samba/
 
* If you are using ZFS data anywhere and plan to share over NFS or SMB, also look at https://mywushublog.com/2012/05/zfs-and-acls-with-samba/
  
==== Debian ====
+
=== Debian ===
 
We haven't tried this with Debian yet. We should try this with Debian.
 
We haven't tried this with Debian yet. We should try this with Debian.
  
  
=== Static IP Configuration ===
+
== Static IP Configuration ==
 
/etc/network/interfaces:
 
/etc/network/interfaces:
 +
 
<code>
 
<code>
iface eth0 inet static
+
  iface eth0 inet static
 
         address 144.32.64.xxx
 
         address 144.32.64.xxx
 
         netmask 255.255.255.224
 
         netmask 255.255.255.224
Line 69: Line 82:
 
         mtu 1500
 
         mtu 1500
 
</code>
 
</code>
 +
 +
/etc/resolv.conf:
 +
 
<code>
 
<code>
/etc/resolv.conf:
+
  domain ury.york.ac.uk york.ac.uk
domain ury.york.ac.uk york.ac.uk
+
  nameserver 144.32.64.164
nameserver 144.32.64.164
+
  nameserver 144.32.128.242
nameserver 144.32.128.242
+
  nameserver 144.32.128.243
nameserver 144.32.128.243
 
 
</code>
 
</code>
 +
 +
[[Category:Technical How-Tos]]

Latest revision as of 10:55, 18 December 2013

Sometimes, URY's Computing team will come across a need to network a new device. This could be a new server, or maybe the fabled Talkback.


Pre-Install Checklist

  • Has the device been PA Tested recently? New equipment should be by before being placed into production (YUSU offer to do it, but are entered into a 3 year [as of 2013] exclusive contract with a company that takes weeks to respond - you can also try Computer Science Hardware support [Pete Cooper], Electronics, or one of the free PAT days the University offers at the start of the academic year).
  • Is the device earmarked to go into the Server Cupboard? If so, it must be a rack mount device. It improves airflow, accessibility and prettyness. If you don't have a suitable case, ask around the team - we have "contacts" that can "source" them for you (Read: have collections of old servers).
  • Has the device been allocated an IP address in one of the subnets allocated to us by IT Services? Have you updated the Google Doc (at https://docs.google.com/spreadsheet/ccc?key=0AtlIZR-runbWdEphYXdNQkcxU25BeFJfUGtQeFRRWnc&usp=drive_web)?
  • Have you informed IT Services that the new device exists? See #Registering with LAN DB
  • Have you configured the IP Address for the device *statically*, with DNS Servers 144.32.64.164, 144.32.128.242, 144.32.128.243? A sample /etc/network/interfaces file is below in #Static IP Configuration
  • If Windows, has it been Domain Joined? If Linux/FreeBSD, have you set up Samba as per #Single Sign On with Samba?
  • If this device is to have trunked networking, or something other than/in addition to VLAN653 untagged, have you configured the switch appropriately and updated the Google Doc (at https://docs.google.com/spreadsheet/ccc?key=0AtlIZR-runbWdEZOd2YtenEzT1RvNUdpaDFrYWpGM1E&usp=drive_web)?

Physical Install - Server Cupboard

When installing or removing rack-mount equipment from the Server Cupboard, it is usually necessary to remove the wooden front panel. You must have three technical team members with you when doing this, and a good couple of hours when it isn't raining (you'll need to move the Outside Broadcast equipment.... outside).

Do not attempt to access the rear of the rack if you are anything other than exceedingly slim. This will end badly.

First, make sure you have cleared space in the stores walkway for the panel to be kept whilst it is removed. This involves placing everything currently there into the vinyl section of stores or outside. Then, switch off the fans (located above a thermostat at the rear of the cupboard) and disconnect their power cables.

This panel is held on with a series of wood screws that need to be removed. You can then begin to gently push the panel out at the bottom from the inside. Once this has given somewhat, you should be able to push the whole thing forward an inch or so out of the frame.

You now need to slide the panel away from the wall dividing technical storage from music in order to free the section that fits around the ducting.

You might find yourself panicing that small pieces of material have fallen loose and are now in your hair. This is NOT asbestos, just some poorly placed polystyrene.

Once that is free, you can then life the panel up from the bottom, sliding it out further. As you do this, rotate it 90 degrees, and it will rest happily against the wall. You now have front access to the rack.

  • Ensure the new device is powered from the UPS, either directly from the sockets on its rear or through the 16A PDU at the back of the shelf in the middle. This is more for power smoothing than redundancy - until we got this unit we lost around one server per term due to surges and brownouts.
  • Ensure the new device is connected to the KVM, located below the shelf in the middle of the rack.
  • If the rackmount equipment requires any screwing into the rack, there is a large tub of identical M4 bolts. If this supply has run out, acquire more from IT Services - they ironically have thousands of this same screw as it comes with HP Switches but is slightly different to the style they have standardised on.
  • Ensure that cabling is managed down the side of the rear of the rack, network on one side, power on the other.
  • Power up the device. Ensure that APC PowerChute is installed on it and the UPS has been configured to trigger a remote shutdown at the appropriate time during a power outage.
  • IMPORTANT: Update the Server Rack diagram documentation, including the A3 printed on in stores, and the system startup/shutdown procedure.

Once you're done, don't forget to reinstall the wooden panel in front of the rack.

Registering with LAN DB

Men & Mice, The LAN Database, or The Evil Central Repository of Stupid, is the central IT Services database of devices that use the campus network (excluding NAS and eduroam devices). They will set you on fire if you put a device into production without telling them it exists. Create a Footprints (using either https://footprints.york.ac.uk or emailing itsupport@york.ac.uk) that looks similar to the following:

 Hi,
 Could I have a new device added to the LAN Database as follows please:
 
 Object name: (DNS prefix, e.g. uryserver3)
 Machine type: Unsupported Office PC
 Operating System: (OS and Version e.g. FreeBSD 10.0)
 Department/contact: Students Union / (Your Name)
 Location: V/URY
 Interface type: Ethernet
 MAC address: (The MAC address)
 Attachment Point: ury
 IP address: 144.32.64.xxx (or 10.64.160.xxx)
 Gateway: 144.32.64.161 (or 10.64.160.xxx)
 
 (Your Signoff Here)

Single Sign On with Samba

FreeBSD

auth sufficient /usr/local/lib/pam_winbind.so

Debian

We haven't tried this with Debian yet. We should try this with Debian.


Static IP Configuration

/etc/network/interfaces:

 iface eth0 inet static
       address 144.32.64.xxx
       netmask 255.255.255.224
       network 144.32.64.160
       broadcast 144.32.64.191
       gateway 144.32.64.161
       dns-search york.ac.uk
       mtu 1500

/etc/resolv.conf:

 domain ury.york.ac.uk york.ac.uk
 nameserver 144.32.64.164
 nameserver 144.32.128.242
 nameserver 144.32.128.243