New Hackspace Server and Networking Infrastructure Query

[Stanto]

Hello,

In the Mabgate hackspace we've had a suffering wireless access point that has been limping along for a while. A number of months ago we were donated a Cisco airnet access point, this has now been setup in place of the poor d-link and appears to be working fine (802.11g 2.4ghz and 802.11a 5ghz). This has been setup with the details that the old access point has, so you shouldn't notice any difference at the moment.

This led onto a bunch of conversations, about the server and how it currently acts as a router, about how we have a managed switch with seperated vlans for wireless and wired, etc.

I understand we're moving soon/soonish and we may end up with our current setup put in situ because it works, but I think it may be a good time to revise how we have stuff setup.

There has been mention of having simpler to use, but well documented hardware. If we go for a managed switch (say a cisco 2950) then we don't have the wireless and wired seperated on vlans, and if we do have any separation (say for administration of devices, or ports dedicated to infrastructure) that this is clearly labelled, that configs are stored somewhere (like the wiki or github) and that it's clear.

A further suggestion is that the server no longer acts as the router, this to me makes sense, I understand we have router/gateway hardware. The current setup of the server acting as the router was helpful due to reliant on a gateway device we didn't have direct control over, but this's changing in the new space.

There appears to be a clear need for a 'lab' type setup for servers and virtual machines, to me this should be somewhat seperate to a simple, well documented infrastructure.

Which goes onto my query:

How're we setting up the infrastructure in the new space? Who's working on it?

It looks like we're going to be using these Cisco access points at least, which I'm happy to sort out and lead on, along with any other cisco kit we decide to use (it's simple to setup and save configs for and to even setup the managed hardware to act as though it's unmanaged).

[Tom Hargreaves]

On Tue, Sep 27, 2016 at 05:21:01PM -0700, Stanto wrote:
[...]

> How're we setting up the infrastructure in the new space? Who's working on
> it?

While I'm happy to help, I'm not a networking guru so I am not sure
what assistance I could offer.

I do have at least one feature request though, namely that there be
more transparency into DHCP leases (and maybe networking in general,
e.g. bandwidth usage). I've lost count of the number of times I've
plugged a Pi/other random IoT device into the network and struggled to
find what IP it was assigned.

Since we have a glut of saurons (saura?) at newspace I think a list of
network-connected devices could usefully be displayed on one of them.
I would of course be delighted to write such a thing.

Tom.

[Owen Grein]

I have a wap551-e-k9 sat here that i was going to bring down with me next time i manage to make it. And a couple of RV042G's if they are any use (dual wan gigabit router). Just not sure when i will be able to make it down next. 

--
You received this message because you are subscribed to the Google Groups "Leeds Hack Space" group.
To unsubscribe from this group and stop receiving emails from it, send an email to leeds-hack-space+unsubscribe@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Stanto]

Thanks Owen, I'm happy to take a look at them. 

There was interest in having a lab environment for playing with / setting up hardware, so if we end up with an abundance of kit (eg. this replaces the older kit we're using) then it's something to play with at least.

To unsubscribe from this group and stop receiving emails from it, send an email to leeds-hack-spa...@googlegroups.com.

[Samwise Wilson]

Im not precious about anything; but vlans seem like a sensible option, so do VM's with NIC's for stuff. Reason being:

If we have 1000% documentation for each system, the documentation for the "separate stuff" infrastructure plan will be complicated, eventhough the solution is made from simple parts. If we go for VM's and managed switches, the documentation will be simple, but the setup is more complicated. - I know what I would rather have!

I think the problem is solved by documentation, and our use case and infrastructure goals outweigh having it "noob friendly" when that noob friendly solution isnt optimal for anything but noob friendlyness.

Making use of the new microservers is probably a boon, but i don't know what resources we actually have. I do know that we have laptops, sensors, machines, projects, a lab, storage? This is all going onto the network and separation seems to make sense to make that easier to work with.

\o/ network party!

[Stanto]

Okay,

It may help to know what hardware we want to have connected to the network, and what hardware we're using to connect to the internet, and what hardware we want connected to the internet.

For example since I don't know what hardware we're using to connect to the internet, it's not clear if anything on the network will be exposed to the internet, this may seem like a stupid question, but it's one that would justify vlans, for example.

Another example might be however the door system will be working for the new space, will that be the same as the old space? Or will it be something on the network?

If we're using managed kit, out of necessity more than anything else, will we be forced to use a vlan so that we can administrate the hardware (reboot it, etc) without having to dismantle it from the wall, and to prevent joe anybody from getting on the network and tinkering with it, or do we want to be okay with that?

These are the types of questions that I'm seeking thoughts and answers to considering I've setup the Cisco AP to be used for the space. Now that hardware is happy to just be plugged in and just work, it doesn't hurt to explore these questions even if they won't be acted on.

[Samwise Wilson]

Just to bump this, the current server fell over again today! 

[samson B]

could we put the new server in with members storage with some sort of exstracker fan to keep mebers projects and the servers cool or would that use way to mutch power ?

--

You received this message because you are subscribed to the Google Groups "Leeds Hack Space" group.

To unsubscribe from this group and stop receiving emails from it, send an email to leeds-hack-space+unsubscribe@googlegroups.com.

[Samwise Wilson]

The microservers we have don't run hot at all and use less than 80W with full drives. 

I think the current hardware just hasn't had much physical TLC. 

To unsubscribe from this group and stop receiving emails from it, send an email to leeds-hack-spa...@googlegroups.com.

[Matt C]

There appears to be a clear need for a 'lab' type setup for servers and virtual machines, to me this should be somewhat seperate to a simple, well documented infrastructure.

I really agree with this statement particularly on the simple well documented infrastructure!

[Samwise Wilson]

Is there any traction on this? Does a leader need to be appointed? We wouldn't want to replicate the tension or invoke The Spooky Action at a Distance Anti-Pattern on this infrastructure. 

[Matt Collins]

Well volunteered Samwise, please present your project plan at your earliest convenience.

--

You received this message because you are subscribed to the Google Groups "Leeds Hack Space" group.

To unsubscribe from this group and stop receiving emails from it, send an email to leeds-hack-space+unsubscribe@googlegroups.com.

[Stanto]

> Is there any traction on this? 

Not to my knowledge.

> Does a leader need to be appointed? 

If that's how the directors want it to work, yes.

> We wouldn't want to replicate the tension or invoke The Spooky Action at a Distance Anti-Pattern on this infrastructure.

Communication is good.

It could start with an inventory of hardware we're using. Can meet up to discuss if you like. At present it seems to be me, you and Nav that have interest in sorting parts of this.

Infrastructure actions/decisions can wait until server admins are back, such as Martyn.

[Daniel Fligg]

Depending on the timescales needed I'd be happy to lead, but obviously not for a couple of weeks (as I'm still laid up in a Manchester hospital).
If we currently have working Internet then future expansion seems less time critical though it would be nice for it to be done properly :)

On 21 Oct 2016 01:16, "Stanto" <sta...@gmail.com> wrote:

> Is there any traction on this? 

Not to my knowledge.

> Does a leader need to be appointed? 

If that's how the directors want it to work, yes.

> We wouldn't want to replicate the tension or invoke The Spooky Action at a Distance Anti-Pattern on this infrastructure.

Communication is good.

It could start with an inventory of hardware we're using. Can meet up to discuss if you like. At present it seems to be me, you and Nav that have interest in sorting parts of this.

Infrastructure actions/decisions can wait until server admins are back, such as Martyn.

On Thursday, 20 October 2016 15:25:33 UTC+1, Samwise Wilson wrote:

Is there any traction on this? Does a leader need to be appointed? We wouldn't want to replicate the tension or invoke The Spooky Action at a Distance Anti-Pattern on this infrastructure. 

On Thursday, 29 September 2016 22:01:31 UTC+1, Matt C wrote:

There appears to be a clear need for a 'lab' type setup for servers and virtual machines, to me this should be somewhat seperate to a simple, well documented infrastructure.

I really agree with this statement particularly on the simple well documented infrastructure!

--

[Stanto]

Sounds great, I don't think there's a rush. Though I have not been involved in what's required for onboarding new members and giving them access, I trust that's currently in a maintenance-working-mode with the di. We currently have internet access, and the access points are setup in such a way that they just plug in and work.

When the server cab and such is moved over to newspace(tm) I'll alter the passphrase as previously discussed to remove the explective, then I can setup a git for the config / guide on setting up in the hackspace organisation on github. 

To unsubscribe from this group and stop receiving emails from it, send an email to leeds-hack-spa...@googlegroups.com.

[Daniel F]

The Cisco access points are capable of broadcasting multiple SSIDs - we could potentially leave the old network name and password and password for legacy devices and start again for the new - LHS-3.0 for the new network with a definite non-sweary password?

That said, a) off the top of my head I don't know if they'll drop multiple SSIDs onto the same vlan happily and b) are we going to want different networks with different levels of access (eg members vs guests, people vs "embedded").

There's a  umber of ways we could play this, sadly I've been out of the loop too long to just make unilateral decisions without being there :)

To unsubscribe from this group and stop receiving emails from it, send an email to leeds-hack-space+unsubscribe@googlegroups.com.

[Samwise Wilson]

New space new start. Out of anything we shouldn't port anything that is existing problematic into the newspace, lets not problem solve for legacy sake, especially when its as trivial as SSID. 

I know the implementation of the example above is simple, but it is more complication that we would have to explain in documentation, that as time progresses makes less and less sense and has the capability to be held on too. (Spooky action at a distance).

Lets inventory the gear we have, list *actual* requirements (aligned with the goal of actual hackspace infrastructure and not a sandpit) and then take unilateral decisions and implement them.