Infrastructure As A Service (IAAS) Server Setup | Ubuntu | Setups | Infrastructure | Internal | CSCF | CS | UW

The Initial OS Install of An Image.

Choose a server image from one of the many ISO images available at "http://mirror.cs.uwaterloo.ca/ubuntu-releases/".

Go ahead and do a minimum base install, stopping just after the first reboot. Official installation documentation is available at "https://help.ubuntu.com/18.04/installation-guide/index.html".

CSCF Infrastructure's Server Disk partitioning recommendations. Other disk paritioning information is available at "https://cs.uwaterloo.ca/cscf/internal/infrastructure/setups/OS-specific/ubuntu/disk-layout/".

Updating the Apt Repository Sources to use the CS sponsored local mirror.

1. With the support of University of Waterloo School of Computer Science, the CS Club provides an official Canadian mirror (mirror.csclub.uwaterloo.ca) of many sites.

   CSCF setup makes use of this Ubuntu repository as their main Apt sources configuration file.

   Make sure this hosts "local apt key trust" has the ca-certificates package installed:

          sudo apt-get install ca-certificates
        

   Update /etc/apt/sources.list

          wget -q -O - \
            https://cs.uwaterloo.ca/cscf/internal/infrastructure/setups/os/ubuntu/UW-CS-common/etc/apt/sources.list
              | sed -e "s/CodeName/`lsb_release -c -s`/"       \
              | sudo -s tee /etc/apt/sources.list.d/uwcs-depot.list > /dev/null
        

   Update apt's local database, checking output for problems with new setup:

   sudo apt-get update

2. Create /etc/apt/sources.list.d/canonical_partner.list

   Use this repository for up-to-date versions of Acroread, Flash, Skype, UEX, SUN Java, OpenBravo...

   Information from http://www.ubuntuupdates.org/ppa/canonical_partner

   sudo sh -c 'echo "deb http://archive.canonical.com/ubuntu/ `lsb_release -c -s` partner" > /etc/apt/sources.list.d/canonical_partner.list'

3. These packages allow people to easily duplicate the Linux environments used within the Cheriton School of Computer Science.

   Add "depot.cs.uwaterloo.ca" gpg key to the local apt key trust.

   	if [ `lsb_release -sr` \> 22 ]; then 
              wget -q -O - \
                https://cs.uwaterloo.ca/cscf/internal/infrastructure/setups/certs/depot.pub.gpg.key \
   	     | sudo tee /etc/apt/trusted.gpg.d/depot.pub.asc > /dev/null
   	else 
   	   wget -O - \
                https://cs.uwaterloo.ca/cscf/internal/infrastructure/setups/certs/depot.pub.gpg.key \
   	     | sudo apt-key add - 
           fi
        

   Create /etc/apt/sources.list.d/uwcs-depot.list

          wget -q -O - \
            https://cs.uwaterloo.ca/cscf/internal/infrastructure/setups/os/ubuntu/UW-CS-common/etc/apt/sources.list.d/uwcs-depot.list \
            | sed -e "s/CodeName/`lsb_release -c -s`/"       \
            | sudo -s tee /etc/apt/sources.list.d/uwcs-depot.list > /dev/null
        

   Update apt's local database:

   sudo apt-get update

Update Kernel Tuning parameters:

Warning: This item maybe out of date WRT newer Linux kernels 5.0 and newer. A better solution maybe to use zram (and zswap) although that hasn't been evaluated by CSCF as of 2021-07-12

On hosts with plenty of memory, we want to reduce how aggressive the kernel is about swapping processes out.
By default swappiness=60, change the 10 below to 0 for lxc container IaaS (Infrastructure as a Service) containers or some other value but make sure you document your reasons/references in the sysctl.conf file!

echo -e "\n# \n# We have lots of memory so make system much less aggressive in swapping memory out to disk. \nvm.swappiness=10 \n" | sudo -s tee -a /etc/sysctl.conf

References:

1. Linux Performance and Tuning Guidelines - IBM Redbooks
2. What Is Swappiness on Linux? (and How to Change It) - Dec 2019
3. Why most people recommend to reduce swappiness to 10-20? and the links it refers to
4. Yoshinori's tutorial at the MySQL conference

Add Host to a DRCSCS AD Domain (if it uses any SCS printing or network file server resourses).

For now, create a CSCF ST request providing the name of the host, which domain (CS-TEACHING or CS-GENERAL or ...) for athentication and if the host should be restricted to a particular group of users within that domain.

You can also try to use https://www.cs.uwaterloo.ca/twiki/view/CF/ADAddUbuntu to add this host to a DRCSCS AD Domain yourself.

Tracking the Basic Set of Packages that Define a CS Infrastructure Server.

1. Since this is NOT a virtual system, we install the "uwcs-bare-metal" package to manage the hardware:

   sudo apt-get -y install uwcs-bare-metal

2. We use the "uwcs-server" metapackage to make sure this Server tracks the list of packages that define the base CSCF Server system setup:

   sudo apt-get -y install uwcs-server

3. We use the "uwcs-server-iaas" metapackage to make sure this Server tracks the list of packages that define the base CSCF IAAS Server system setup:

   sudo apt-get -y install uwcs-server-iaas

Configuring to Use Various CSCF IT Services.

1. You should likely double check the "/etc/resolv.conf" setup: [an error occurred while processing this directive]

2. We want to be able to use snmp to monitor this server:

   [an error occurred while processing this directive]

3. Setup NTP: [an error occurred while processing this directive]