It is a struggle to install and manage online services in an offline world. Simple things like updates or installing new packages becomes a hassle. We work in highly secure prison environments where internet is not available.
The goal here is to create a tool where we can package apps that can be easily copied to a USB drive, then pushed to a server in the offline environment.
This project consists of building and staging of apps, easy deployment into facilities, and offline laptops that students can take back to their unit to continue their school work.
1) Create a place for skilled IT personnel to stage and place apps that are ready to deploy
2) Limit the need for skilled IT personnel to deal with the actual deployment process
3) Provide laptop images that can sync to a learning management system, credential for an individual student, and apply security settings to keep the system secure during use
1) Skilled IT personnel create docker apps and setup code to sync these apps and app data to a device (e.g. USB drive or Laptop)
2) Sync USB drive in online or offline mode with a few button clicks - Goal is to have non IT personnel do this
3) Image laptops and credential them for individual students - Goal is non IT personnel or local IT personnel to be able to do this easily
4) Student brings laptop to docking station to sync with learning management system - download materials, upload completed work
We utilize Docker containers for micro services. You will need a machine that can run docker containers on the outside to build and setup your services, and a docker machine on the inside to transfer images and data to.
+----------------------------------------------------------------------+
| Online Server |
| |
| you need a linux machine running docker |
| - can host this on campus (recommended) |
| - or on your desktop in virtual box/hyper-v/vmware/etc... |
| |
| Pre built Linux with Docker Available Here: |
| - https://susestudio.com/a/P08rUy/ope-docker |
| |
+------------------^---------------------------------------------------+
|
|
+----V--------------------------------------------------+
| USB Drive (or laptop) |
| |
| Use a GUI based app to sync between servers |
| - Pulls apps/data from the online server |
| - Pushes apps/data to the offline server |
| - Clickable buttons - made for NON IT personnel |
+------------------------^------------------------------+
|
|
+----V-------------------------------------------------------+
| Offline Server |
| |
| identical to the online server, but apps/data will |
| be pushed into this system |
| |
| Use the same docker system as the online system: |
| - https://susestudio.com/a/P08rUy/ope-docker |
+--^----------------------------------------------------------+
|
|
+----------------------V------------------------------------+
| Inmate Laptop |
| |
| Credentialed with the LMS app installed |
| Will pull course work from offline LMS server and |
| push completed work back to the server for grading |
+-----------------------------------------------------------+
Get a linux distro with docker installed in both your online and offline servers:
From online computer, download the OPE Git project at: https://github.com/operepo/ope_server_sync_binaries
Run the SyncApp.exe app
Configure your settings
Run Online
Unplug, take USB drive to offline server, the choose the Offline option and run it
Repeat online/offline as often as needed
Setup DNS forwarder to .ed domain name to the static IP of the server. This forwards all DNS queries for the .ed domain to the docker apps to resolve DNS automatically
Use this method to get everything ready to do development.
Get a linux distro with docker installed in both your online and offline servers:
Install Git
Python 2.7.? and needed libraries (python.org - choose 2.7? MSI installer)
Clone the OPE project into a folder on your computer.
Use the SyncApp tool to push apps to your online linux server (see instructions above)
SSH into your online server (putty is a great tool from windows)
Move to the OPE folder: cd /ope
Move to the folder with the docker files: cd docker_build_files
Start the apps: ./up.sh (use ./up.sh b if you want to build the docker apps from here)
From here you can also use docker-compose commands:
Revising to use dockerhub to pull built images as well as include client tools/etc... This is currently in process and could mean breaking changes to the prev build process.
option space PXE;
option PXE.mtftp-ip code 1 = ip-address;
option PXE.mtftp-cport code 2 = unsigned integer 16;
option PXE.mtftp-sport code 3 = unsigned integer 16;
option PXE.mtftp-tmout code 4 = unsigned integer 8;
option PXE.mtftp-delay code 5 = unsigned integer 8;
option arch code 93 = unsigned integer 16; # RFC4578
use-host-decl-names on;
ddns-update-style interim;
ignore client-updates;
authoritative;
allow booting;
allow bootp;
option option-128 code 128 = string;
option option-129 code 129 = text;
next-server fog.ed;
#filename "pxelinux.0";
#filename "snponly.efi";
#filename "ipxe.efi";
option tftp-server-name "fog.ed";
#option bootfile-name "pelinux.0";
#option bootfile-name "undionly.kpxe"; # works for vmplayer
#option bootfile-name "snponly.efi";
#option bootfile-name "ipxe.efi";
#range dynamic-bootp 192.168.10.25 192.168.10.28;
class "UEFI-32-1" {
match if substring(option vendor-class-identifier, 0, 20) = "PXEClient:Arch:00006";
filename "i386-efi/ipxe.efi";
}
class "UEFI-32-2" {
match if substring(option vendor-class-identifier, 0, 20) = "PXEClient:Arch:00002";
filename "i386-efi/ipxe.efi";
}
class "UEFI-64-1" {
match if substring(option vendor-class-identifier, 0, 20) = "PXEClient:Arch:00007";
#filename "ipxe.efi";
filename "snp.efi"; # works for hyperv
}
class "UEFI-64-2" {
match if substring(option vendor-class-identifier, 0, 20) = "PXEClient:Arch:00008";
#filename "ipxe.efi";
filename "snp.efi"; # Works for hyper v
}
class "UEFI-64-3" {
match if substring(option vendor-class-identifier, 0, 20) = "PXEClient:Arch:00009";
#filename "ipxe.efi";
filename "snp.efi"; # Works for hyperv
}
class "Legacy" {
match if substring(option vendor-class-identifier, 0, 20) = "PXEClient:Arch:00000";
filename "undionly.kkpxe";
}