Reinstall inf31 - Monitoring & Secondary IDP

[rbo]

• [x] Reinstall inf32 with RHEL8
• [x] Added permanent KVM / avocent
• [x] Check network cable - if should be connected to the cisco switch
• [x] Install OMD https://labs.consol.de/omd/ - https://inf31.coe.muc.redhat.com/mon
  • [ ] Configure basic checks
    • [ ] Ping check mgmt interface
    • [ ] Ping check primary interface
    • [ ] SSH Login?
  • [x] Alerting into Telegram group
  • [x] Room Temperature checks

/cc @astolzen @dmoessne

[DanielFroehlich]

Good Action! Can we please alert to Gchat? Or email?

On Wed, Jul 6, 2022, 20:28 Robert Bohne @.***> wrote:

• Reinstall inf32 with RHEL8
• Added permanent KVM / avocent
• Relocate from Right Rack into Left Rack
• Install OMD https://labs.consol.de/omd/
  • Configure basic checks
    • Ping check mgmt interface
    • Ping check primary interface
    • SSH Login?
  • Alerting into Telegram group
  • Room Temperature checks

/cc @astolzen https://github.com/astolzen @dmoessne https://github.com/dmoessne

— Reply to this email directly, view it on GitHub https://github.com/stormshift/support/issues/93, or unsubscribe https://github.com/notifications/unsubscribe-auth/AENMQWZNE5PCRVQZWPPUOSTVSXF5VANCNFSM522VSR6Q . You are receiving this because you are subscribed to this thread.Message ID: @.***>

[rbo]

@DanielFroehlich of course, we can configure different alerts to email or gchat for different servers, checks, groups whatever...

[rbo]

RHEL 8 removed the driver of the raid controller:

[rbo]

Tried to add the driver during https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html-single/performing_an_advanced_rhel_8_installation/index#updat[…]d-user with ISO https://elrepo.org/linux/dud/el8/x86_64/dd-aacraid-1.2.1-7.el8_6.elrepo.iso

Did not work.

I ordered a cheap NVME PCIE for operating system. Then we can easily install customer kernel modules for the raid controller after OS installation and use the disks for pure Data.

[rbo]

OMD installed: https://inf31.coe.muc.redhat.com/mon

Scondary IDP installed: https://github.com/stormshift/support/issues/99

[DanielFroehlich]

Can we add a nice cert? The stormshift master cert has a SAN of "monitor.stormshift.coe.muc.redhat.com" - if we add this as vhost to thruk (alaias to inf31) and provide a DNS entry, it would work. What do you think?

[rbo]

Can we add a nice cert? The stormshift master cert has a SAN of "monitor.stormshift.coe.muc.redhat.com" - if we add this as vhost to thruk (alaias to inf31) and provide a DNS entry, it would work. What do you think?

Technical possible, to be honest: I try to avoid more effort and complexity. A proper Red Hat certificate for inf31.coe.muc.redhat.com is on my To-Do list. Maybe you can assist to request an *.coe.muc.redhat.com certificate, then we can use this for much more "core" services?

[DanielFroehlich]

Here's ansible magic, I think only the last step using the PKI command is not working anymore, you have to upload the CSR manually to the Red Hat CA site:

https://github.com/stormshift/automation/blob/a9d319120c81d4e7ed5b93e6970863543e9eafa1/050_prepare_installhost.yml#L94

[rbo]

Setup is good enough :-)