REDDNet Site Requirements: Difference between revisions

From ReddNet
Jump to navigation Jump to search
No edit summary
No edit summary
 
(25 intermediate revisions by the same user not shown)
Line 1: Line 1:
=== Depots ===
= Depots =


Our standard depot contains one dual-core AMD Athlon CPU, 4 GB of RAM, two 1 Gb network ports, and 4-8 TB of storage space.  The standard depot draws approximately 300 W.
Our standard depot is a 2U server with one 4-core Intel I7, 12 GB of RAM, two 1 Gb network ports, and 24 TB of storage space.  The depots connect to the network via 10 Gb ethernet (preferred) or 1 Gb ethernet.  The node uses an average of 250 Watts in regular usage, but in extreme instances may spike up to 350 Watts.  Please let us know whether your site uses 110V or 220V power so we can make sure the appropriate power cables are included.


We are evaluating a new depot configuration with one 8-core Intel I7, 12 GB of RAM, two 1 Gb network ports, and 23 TB of storage space. This depot may optionally connect to the network via 10 Gb ethernet (via an add-on adapter).  We will provide power requirements for this box at a later date.
[http://www.reddnet.org/mwiki/index.php/REDDNet_Depot_Installation_Instructions Click here] to get information on the correct order for installing the depot hardware.


= IP Addresses =


=== Network Ports on your Switch ===
We require two externally-visible IP address for each depot.  One address is for the depot itself, the other is for the management console.


Each depot has two network interfaces, so if supported by your switch, we would like to use both interfaces in 802.3ad bonding mode for increased performance.  This requires two switch ports and two ethernet cables per depot. 
= Network Ports on your Switch =


If not supported, then each depot only requires one port/cable.
We support three types of network connectivity for data traffic (in order of preference):


=== IP Addresses ===
* Preferably,the depot can connect via 10 Gb ethernet for those sites that can use it.  This requires your primary switch to have a 10 Gb optical port and a fiber cable long enough to stretch between depot and switch.  Please let us know what type of optics your switch requires, as well as if you need a connecting fiber cable.


We require one externally-visible IP address for each depot, PDU, or KVM.
* At sites without 10 Gb support but which support link aggregation, we can use two 1 Gb ethernet cables bonded together in 802.3ad mode to get 2 Gb/sec performance.  This requires a switch which supports 802.3ad bonding, and two switch ports and two ethernet cables per depot.


=== Remote PDU ===
* Otherwise, the depot will use one of its 1 Gb network ports (requires one switch port/cable per depot).


We provide an APC PDU unit for every 4 depots. This allows us to power-cycle a hard-locked machine and do other forms of maintenance that aren't possible using the KVM alone.  
In addition, each depot has an ethernet port for the management console. The management consoles can connect directly to your primary network switch, or they can run off a smaller dumb switch to minimize the number of primary switch ports in use.  


Each PDU requires a 110 V power connection and a network connection with either static or DHCP-issued IP address.
= Required Network Ports =


=== Remote KVM ===
These ports should be opened on your perimeter firewall (or firewalls if you have both organizational and departmental firewalls).


We provide a KVM unit for every 8 depots to allow us to manage the depot remotely.  The KVM requires a 110 V power connection (usually supplied by one of our PDU units) as well as a network connection with a externally-visible IP address.
* Management interface:


=== Required Network Ports ===
{|
!style="background:#000000;color:#ff8888"|Port
!style="background:#000000;color:#ff8888"|Service
!style="background:#000000;color:#ff8888"|Notes
|-
|tcp/22
|ssh
|from all depots to 192.111.108.101
|-
|tcp/80
|www
|from all depots to 129.59.0.0/16
|-
|tcp/443
|https
|from all depots to 129.59.0.0/16
|-
|tcp/5120 and 5123
|remote cd/floppy
|from all depots to 129.59.0.0/16
|-
|tcp/5900 and 5901
|vnc
|from all depots to 129.59.0.0/16
|}


These ports should be opened on your perimeter firewall (or firewalls if you have both organizational and departmental firewalls).


* tcp/22   (ssh)    : from all local depots/PDUs to 129.59.197.60 and 129.59.197.90
* Depot network interface:
* tcp/5666 (nagios) : from all local depots to 129.59.197.60 and 129.59.197.90
 
* tcp/6714 (ibp)    : from all local depots to world
{|
* tcp/4823 (bwctl)  : from 1st local depot to world
!style="background:#000000;color:#ff8888"|Port
* tcp/861 (owamp)  : from 2nd local depot to world
!style="background:#000000;color:#ff8888"|Service
* tcp/80  (http)  : from KVM and PDU's to 129.59/16
!style="background:#000000;color:#ff8888"|Notes
* tcp/443  (https)  : from KVM to 129.59/16
|-
* tcp/21  (ftp)    : from PDU's to 129.59.197.90 (for firmware upgrades)
|tcp/22
* tcp/5900 (vnc)    : from KVM to 129.59/16
|ssh
* udp/123  (ntp)    : allow outbound from local depots
|from all depots to 192.111.108.101 and 192.111.108.103
* udp/161  (snmpv3) : from all to 129.59.197.60 and 129.59.197.90
|-
|tcp/5666
|nagios
|from all depots to 192.111.108.101 and 192.111.108.103
|-
|tcp/8080
|tomcat
|from all depots to world
|-
|tcp/6714
|ibp
|from all depots to world
|-
|tcp/4823
|bwctl
|from all depots to world
|-
|tcp/861
|owamp
|from all depots to world
|-
|udp/123
|ntp
|allow outbound from local depots
|-
|udp/53
|dns
|allow DNS to 129.59.197.151
|-
|udp/161
|snmpv3
|from all to 192.111.108.101 and 192.111.108.103
|}

Latest revision as of 13:32, 3 May 2012

Depots

Our standard depot is a 2U server with one 4-core Intel I7, 12 GB of RAM, two 1 Gb network ports, and 24 TB of storage space. The depots connect to the network via 10 Gb ethernet (preferred) or 1 Gb ethernet. The node uses an average of 250 Watts in regular usage, but in extreme instances may spike up to 350 Watts. Please let us know whether your site uses 110V or 220V power so we can make sure the appropriate power cables are included.

Click here to get information on the correct order for installing the depot hardware.

IP Addresses

We require two externally-visible IP address for each depot. One address is for the depot itself, the other is for the management console.

Network Ports on your Switch

We support three types of network connectivity for data traffic (in order of preference):

  • Preferably,the depot can connect via 10 Gb ethernet for those sites that can use it. This requires your primary switch to have a 10 Gb optical port and a fiber cable long enough to stretch between depot and switch. Please let us know what type of optics your switch requires, as well as if you need a connecting fiber cable.
  • At sites without 10 Gb support but which support link aggregation, we can use two 1 Gb ethernet cables bonded together in 802.3ad mode to get 2 Gb/sec performance. This requires a switch which supports 802.3ad bonding, and two switch ports and two ethernet cables per depot.
  • Otherwise, the depot will use one of its 1 Gb network ports (requires one switch port/cable per depot).

In addition, each depot has an ethernet port for the management console. The management consoles can connect directly to your primary network switch, or they can run off a smaller dumb switch to minimize the number of primary switch ports in use.

Required Network Ports

These ports should be opened on your perimeter firewall (or firewalls if you have both organizational and departmental firewalls).

  • Management interface:
Port Service Notes
tcp/22 ssh from all depots to 192.111.108.101
tcp/80 www from all depots to 129.59.0.0/16
tcp/443 https from all depots to 129.59.0.0/16
tcp/5120 and 5123 remote cd/floppy from all depots to 129.59.0.0/16
tcp/5900 and 5901 vnc from all depots to 129.59.0.0/16


  • Depot network interface:
Port Service Notes
tcp/22 ssh from all depots to 192.111.108.101 and 192.111.108.103
tcp/5666 nagios from all depots to 192.111.108.101 and 192.111.108.103
tcp/8080 tomcat from all depots to world
tcp/6714 ibp from all depots to world
tcp/4823 bwctl from all depots to world
tcp/861 owamp from all depots to world
udp/123 ntp allow outbound from local depots
udp/53 dns allow DNS to 129.59.197.151
udp/161 snmpv3 from all to 192.111.108.101 and 192.111.108.103