WilliamsNet Architecture: Difference between revisions
DrEdWilliams (talk | contribs) (Created page with "== Networks == (include a network diagram including the three core switches, the firewall, cable modem, and internet link) Describe which ports are dedicated for specific VLA...") |
DrEdWilliams (talk | contribs) m (→Networks) |
||
| Line 6: | Line 6: | ||
=== VLANs === | === VLANs === | ||
describe all three primary VLANs (Admin, StorageNet, iSCSINet) and what they are used for. | describe all three primary VLANs (Admin, StorageNet, iSCSINet) and what they are used for. | ||
=== External Access === | |||
firewall pinholes | |||
* http/https | |||
* ssh (non-standard ports) | |||
* Plex | |||
domains (wildcard DNS entries) - Managed/provided by enom.com | |||
* williams-net.org | |||
* dredwilliams.com | |||
* ewconsulting.com | |||
=== Firewall === | |||
* pfSense software/appliance | |||
* DHCP Server | |||
* DNS server | |||
* IPsec VPN | |||
** mobile clients | |||
** Michael's network (loneisles) | |||
** Joshua's network (alagaesia) | |||
** Cottage network (menagerie) menagerie.williams-net.org | |||
== Storage == | == Storage == | ||
Revision as of 22:16, 18 August 2021
Networks
(include a network diagram including the three core switches, the firewall, cable modem, and internet link)
Describe which ports are dedicated for specific VLANs (iSCSINet/Storagenet)
VLANs
describe all three primary VLANs (Admin, StorageNet, iSCSINet) and what they are used for.
External Access
firewall pinholes
- http/https
- ssh (non-standard ports)
- Plex
domains (wildcard DNS entries) - Managed/provided by enom.com
- williams-net.org
- dredwilliams.com
- ewconsulting.com
Firewall
- pfSense software/appliance
- DHCP Server
- DNS server
- IPsec VPN
- mobile clients
- Michael's network (loneisles)
- Joshua's network (alagaesia)
- Cottage network (menagerie) menagerie.williams-net.org
Storage
EquaLogic Storage Array
Promise Storage Array
Primary File Server
/files on storage1 -> EquaLogic Storage Array -> zfs -> NFS/SMB /backup on storage1 -> local disk -> zfs -> NFS/SMB /promise on storage1 -> Promise Storage Array -> zfs -> NFS
Work Filesystem
/work on pro6 -> EquaLogic Storage Array -> xfs -> NFS
Infrastructure Services
Load Balancer/Reverse proxy - NGINX - diggle.williams.localnet IMAP/SMTP (production cluster) [mail|smtp|imap|narnia].williams.localnet Log Aggregator (production cluster) rsyslog.williams.localnet Config Server (production cluster) http://config.williams.localnet MariaDB (production cluster) database.williams.localnet
Web applications
- MediaWiki (https://wiki.williams-net.org & http://wiki.williams.localnet) - Production Cluster
- WordPress (https://dredwilliams.com) - Production Cluster
- GitLab (https://gitlab.williams-net.org & https://gitlab.dev.williams.localnet) - Development Cluster
Kubernetes Clusters
Production Cluster
vanilla upstream install (point to config page)
- telmar (master)
- compute4 (node)
- pro5 (node)
- separate Ceph cluster (7TB ish)
Test Cluster
k3s HA install (point to config page)
- pro1 (master)
- pro2 (master)
- pro3 (master)
- pro4 (node)
- integrated rook/ceph storage
Development Cluster
k3s HA install (point to config page)
- rogin (master)
- duffle (master)
- compute1 (master)
- compute8 (node)
- storage1 (node)
- integrated rook/ceph storage (~20TB)
Spare Servers
- poggin (Debian 10)
- trumpkin (Debian 10)
- calormen (Debian 10)
- lamppost (Fedora 34)