To Systems Overview

Systems - Sun4

Basics

Purpose

Sun4 is a host machine that runs OpenSuSE 11 and a number of Xen virtual servers.

Physical Location

This system is located in rack 3.7 in BIT-2B.

Physical Configuration

See SystemAdministration/EquipmentList

Logical location

IP: 172.28.50.14 sun4.intra.cacert.org

Applicable Documentation

This is it

Administration

System Admin:

Dirk Astrath

Services

Listening services

port

service

access origin

purpose

22

SSH

hopper

SSH access for remote administration

To be completed.

Running services

Service

Started from

cron

/etc/init.d/cron

syslog-ng

/etc/init.d/syslog-ng

ssh

/etc/init.d/ssh

ntp

/etc/init.d/ntp

To be completed.

Other services

To be completed.

Connected Systems

Connected to all its virtual servers:
hopper
syslog
ns

Outbound network connections

Uses DNS resolver at 172.28.50.1
NTP to tt0.ripe.net.
Firewall rules /etc/firewall.sh

Security

Non-distribution packages and modifications

Risk assessments on critical packages

Tasks

Xen server navigation

list Xen servers - sudo xm list
grab Xen server console - sudo xm console {machine}

where are the Xen server configurations

less /etc/xen/vm/*

building Xen servers

to be supplied

Critical Configuration items

== Start ==

After a statrt of this server it's not possible to enter the crypto-password for the harddisk using the ILOM/ELOM-textconsole.

To enter this password, you need to use the "Remote Console", which can be started using Admin-Web-Environment.

Unfortunately this web-environment is not working with recent browsers and java implementations.

In detail:

Install Firefox 40 ... as this still works with the old cipher suites ILOM/ELOM-web-interface is able to present.
Install JRE 1.7.0_80 ... as this still works with the old cipher suites ILOM/ELOM-web-interface is able to present.
This Java-Installation needs to 32 bit ... as the Remote Console is able to use 32 bit only
Don't forget to install necessary libs in your Linux-set for 32 bit (or use a 32 bit distribution)
Forwarding the SSL-Port of ILOM/ELOM-web-interface to "other" ports will not work
Use an english keyboard to enter the crypto-password

If the environment is set up, login via Firefox, start Remote Console and open the *.jnlp-file using /bin/javaws.

== Firewall ==

/etc/firewall.sh - Firewall configuration

To be completed.

Changes

Planned

Document Backups

CategorySystems

SystemAdministration/Systems/Sun4 (last edited 2020-04-21 20:09:21 by dirkastrath)

port	service	access origin	purpose
22	SSH	hopper	SSH access for remote administration

Service	Started from
cron	/etc/init.d/cron
syslog-ng	/etc/init.d/syslog-ng
ssh	/etc/init.d/ssh
ntp	/etc/init.d/ntp