Network Team: Difference between revisions

From Technologia Incognita
Jump to navigation Jump to search
← Older edit
No edit summary
Removed part about fixed IP addresses since we can do that from Unifi now
 
(8 intermediate revisions by 2 users not shown)
Line 1: Line 1:
== Intake Process ==
The network team is an informal team that takes care of the [[Network Infrastructure]] in TechInc.


For any Network or Maintenance issues, please Email: [mailto:board@board.techinc.nl board@board.techinc.nl]<br>
If you want to do something related to the network infrastructure (fix something, add a new service, want to help maintain...), either reach a member directly, or send an email to network@ (might not be up to date).
Your email will be handled quickly and in confidence, and a ticket opened if needed.  We'll keep you informed.
Please do not contact individual team members or use the unmonitored IRC channel.


== Caveat ==
Board infrastructure is handled separately, as it includes members PII and other sensitive information that should only be accessible to board and board-appointed board helpers.
<h3><b>2022-03-05: The remainder of this page is utterly outdated</b></h3>
The Network Team will slowly start updating this information here.


== Documentation ==
== Members ==
Below is the list of pages that are handy for the Network team and space members.


*[[Server Cabinet]]
While there isn't a formal structure, those members have some access and knowledge about the infra:
*[[Space IP List]]
*[[TI Certificate Authority]]
*[[TI Password Database]]
*[[Service Diagrams Templates]]
*[[Services Page Template]]
*[[Resource Request Form]]
*[[Host SNMP Configuration]]
*[[Downloads]]


== Services ==
* Frogeye (inherited most of the access from pre-2024 network team)
* Grey
* Thijs
* xbr


This is an initial setup, by Mattronix on 19-11-2014
Those people have been designated as trusted by Frogeye and also have an access to the systems to increase the bus factor:
{|class="wikitable"
|-
! Service !! Description !! Maintainer !! Running Host
|-|-
| [[monitoring.ti]] ||  Infra Monitoring system. || N/A  || [[hv1.ti]]
|-|-
| [[ampache.ti]] ||  Music streaming server. || N/A  || [[hv1.ti]]
|-|-
| [[backup.ti]] || Backup management and backup system. || N/A || [[hv1.ti]]
|-|-
|[[cloud.ti]] || Dedicated Owncloud Server|| N/A || [[hv1.ti]]
|-|-
| [[ldap.ti]] || User authentication and accounting server. || N/A || [[hv1.ti]]
|-|-
| [[mqtt.ti]] || [[MQTT]] broker accessible in the space || [[User:Chotee|Chotee]] || [[Ledslie]]
|-|-
| [[quessel.ti]] || Shared IRC Client Server for dedicated IRC Clients || N/A || [[hv1.ti]]
|-|-
| [[vpn.ti]] || VPN server || ||
|-|-
| [[srv1.ti]] || Shared Webserver running ISPConfig for members who want to run a website. || N/A || [[hv1.ti]]
|-|-
| [[techinc.nl]] || Dedicated machine for wiki.techinc.nl and techinc.nl + mailing lists.|| N/A || [[hv1.ti]]
|-|-
| [[router.ti]] || The spaces primary gateway to the internet. || N/A || [[router.ti]]
|-|-
| [[sip.ti]] || The spaces primary PBX. || N/A || [[hv1.ti]]
|}


== Admin Portal Links ==
* mrCyborg
* tams


This is an initial setup, by Mattronix on 19-11-2014
== Inventory ==
Internal Links Only!!!!


{|class="wikitable"
Keeping track of things here is hard because there are so many moving parts.
|-
So it's best to always look at the source
! Link !! Function
|-
| LDAP Portal Fusion Directory || Use this portal to maintain LDAP Users,Groups and Attributes.
|-
| LDAP Portal Emergency/Advanced || Used for when something goes wrong ALWAYS USE FUSION DIRECTORY for day to day tasks.
|-
| monitoring.ti || Network Monitoring Server used to automatically detects and warn of critical events.  
|-
| dfm.ti || NetApp Data Fabric Manager server used to optimize NetApp Backups
|}


== Space Infrastructure Maintainers ==
* Introduction and generalities: [[Network Infrastructure]]
* VMs: See descriptions on proxmox cluster (https://longhorn.ti:8006/)
* Managed others: Rudder might have some extra hardware: http://rudder.ti
* Unmanaged others: Unifi should discover everything, but also a lot of user devices: http://unifi.ti


This is an initial setup, by Mattronix on 19-11-2014
== Agent ==
{|class="wikitable"
 
|-
If you create a VM / physical machine that is for members to use, we ask you to make it available to the network team.
! Member !! Member Maintains !! Available for members technical issues.
That way, should you not be available, we can fix problems too.
|-
To ensure the current network team has access to the machine, (also check we have a minimum of security good practices, maybe more too) we use Rudder (http://rudder.ti).
| [[User:Mattronix|Mattronix]] || Storage,Backups,Network,Hyper-Visors,[[TI Password Database]] || yes
To connect your machine to it, please run:
|-|-
 
| [[User:Piele|Piele]]  || Network,Hyper-Visors,[[TI Certificate Authority]] || yes
    wget --quiet -O /etc/apt/trusted.gpg.d/rudder_apt_key.gpg "https://repository.rudder.io/apt/rudder_apt_key.gpg"
|-|-
    apt install lsb-release -y
| [[User:Wizzup|Wizzup]] || ampache.ti || no
    echo "deb [arch=$(dpkg --print-architecture)] https://repository.rudder.io/apt/latest/ $(lsb_release -cs) main" > /etc/apt/sources.list.d/rudder.list
|-|-
    apt update
| [[User:Tg|tg]] || N/A || yes
    apt install rudder-agent -y
|-|-
    rudder agent policy-server 10.209.60.232
| [[User:Arda Xi|Arda Xi]] || boot.ti || no
    rudder agent inventory
|-|-
 
| [[User:Webmind|Webmind]] || N/A || no
And ping the network team so we can add it.
|-|-
 
| [[User:nathan7|nathan7]] || N/A || no
== Old documentation ==
|-|-
 
| [[User:Muse|Muse]] || LTSP || yes
Pre-2022 (if not 2014) documenation: https://wiki.techinc.nl/index.php?title=Network_Team&oldid=29772
|}

Latest revision as of 16:36, 20 January 2025

The network team is an informal team that takes care of the Network Infrastructure in TechInc.

If you want to do something related to the network infrastructure (fix something, add a new service, want to help maintain...), either reach a member directly, or send an email to network@ (might not be up to date).

Board infrastructure is handled separately, as it includes members PII and other sensitive information that should only be accessible to board and board-appointed board helpers.

Members

While there isn't a formal structure, those members have some access and knowledge about the infra:

  • Frogeye (inherited most of the access from pre-2024 network team)
  • Grey
  • Thijs
  • xbr

Those people have been designated as trusted by Frogeye and also have an access to the systems to increase the bus factor:

  • mrCyborg
  • tams

Inventory

Keeping track of things here is hard because there are so many moving parts. So it's best to always look at the source

Agent

If you create a VM / physical machine that is for members to use, we ask you to make it available to the network team. That way, should you not be available, we can fix problems too. To ensure the current network team has access to the machine, (also check we have a minimum of security good practices, maybe more too) we use Rudder (http://rudder.ti). To connect your machine to it, please run: 

   wget --quiet -O /etc/apt/trusted.gpg.d/rudder_apt_key.gpg "https://repository.rudder.io/apt/rudder_apt_key.gpg"
   apt install lsb-release -y
   echo "deb [arch=$(dpkg --print-architecture)] https://repository.rudder.io/apt/latest/ $(lsb_release -cs) main" > /etc/apt/sources.list.d/rudder.list
   apt update
   apt install rudder-agent -y
   rudder agent policy-server 10.209.60.232
   rudder agent inventory

And ping the network team so we can add it.

Old documentation

Pre-2022 (if not 2014) documenation: https://wiki.techinc.nl/index.php?title=Network_Team&oldid=29772

Retrieved from "https://wiki.techinc.nl/index.php?title=Network_Team&oldid=29775"