KYAULABS:Schema: Difference between revisions
mNo edit summary |
mNo edit summary |
||
(50 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
{{ | {{DISPLAYTITLE:{{TitleIcon|kyaulabs=true}} KYAU Network}}<metadesc>The short description and history of the hardware that powers the KYAU Network.</metadesc>__NOTOC__ | ||
| | {{Back|KYAULABS}} | ||
| | <div id="tocalign">__TOC__</div> | ||
|cpu=Intel | = {{Icon|sitemap}} KYAU Network = | ||
|memory= | KYAU Network is powered by [//www.archlinux.org Arch Linux] and [//kyaulabs.com KYAU Labs]. While once utilizing dedicated servers to power, everything is now located on-site via the local KYAU Labs datacenter with external access being routed through a VPS using a [//www.wireguard.com Wireguard] VPN. KYAU Labs chiefly utilizes Kernel-based Virtual Machines (KVM) to separate services onto separate virtual machines (VMs). Each VM and/or VPS is setup using [//gitlab.com/kyaulabs/aarch kyaulabs/aarch]. | ||
|graphic-card= | == {{Icon|notebook}} Security & Reliability == | ||
|drive= | Our network has been setup with security and reliability as our two primary focus points. Our DNS server has been setup to achieve an A+ with 100% in all four categories on [//dnsspy.io/scan/kyau.net DNS Spy]. Our web server, running [//www.nginx.org nginx] with [//letsencrypt.org Let's Encrypt] SSL certificates, has been setup to achieve an A+ rating with 100 points in every category on [//www.ssllabs.com/ssltest/analyze.html?d=kyau.net SSL Labs]. | ||
{{Note|We are currently looking for a low-end, multiple IPv4, VPS provider on a separate network/continent for our slave DNS server}} | |||
<div style="display:inline;float:right;padding-top:30px">{{MachineSpecs | |||
|title=NEUTRON | |||
|case=InWin R400-03N Open-Bay 4U Server Case | |||
|motherboard=Supermicro X9DR3-F ATX Server Board | |||
|cpu=2x Intel Xeon E5-2650 v2; (20M Cache, 2.6GHz, 8.0 GT/s QPI) | |||
|memory=6x SAMSUNG 8GB PC3L-10600R (2Rx4, 1.35V, ECC Registered) | |||
|memory2=4x SAMSUNG 4GB PC3L-10600R (2Rx4, 1.5V, ECC Registered) | |||
|graphic-card=EVGA GeForce GTX 960 | |||
|raid-card=LSI 9207-8i SAS Host Bus Adapter | |||
|ssd=SAMSUNG SSD 830 Series 128GB | |||
|drive=2x HGST Ultrastar C10K900 600GB 2.5" SAS2 10000RPM | |||
|drive2=2x Seagate Barracuda 5TB 2.5" SATA 6Gb/s | |||
|fan=2x Noctua NH-U9DX i4 CPU Fan | |||
|fan2=2x Noctua NF-R8 redux Case Fan | |||
|bandwidth=1Gb/s (unmetered) | |||
|linux=Arch Linux x64_86 | |linux=Arch Linux x64_86 | ||
}} | }}</div> | ||
== {{Icon|notebook}} Why Arch Linux? == | |||
Arch Linux was an in-house decision not taken lightly, in 2013 the switch from FreeBSD to Arch Linux was made without regret. Running Arch Linux on a server in a production environment is very feasible, provided you know a bit about [[ArchLinux:Security|security]] and keep on top of [//security.archlinux.org/advisory advisories]. That being said we do not live in a perfect world, and server logs are proof of that. | |||
== {{Icon|notebook}} History == | |||
{{margin}} | |||
{{Changelog|2020-03-03|KYAU Labs main server rebuild.}} | |||
{{Changelog|2018-11-27|Purchased 3 VPS servers off of VirMach's Black Friday specials.}} | |||
{{Changelog|2018-04-25|Services have been relocated to KYAU Labs.}} | |||
{{Changelog|2017-08-15|<s>Migration to E5v2-SAT-1-16 complete.</s> ''{{Red|Terminated}}''}} | |||
{{Changelog|2017-08-13|<s>E5v2-SAT-1-16 setup complete: [[ArchLinux:OVH|OVH: Custom Installation]], [[ArchLinux:Security|Hardening Arch Linux]], [[ArchLinux:KVM|KVM on Arch Linux]]</s> ''{{Red|Terminated}}''}} | |||
{{Changelog|2017-07-29|<s>E5v2-SAT-1-16 purchased from OVH SYS in their BHS datacenter to replace the KS-8G.</s> ''{{Red|Terminated}}''}} | |||
{{Changelog|2017-07-24|<s>VPS-SSD1 purchased from OVH in their BHS datacenter for the creation of tutorials.</s> ''{{Red|Terminated}}''}} | |||
{{Changelog|2013-12-10|<s>KS-8G dedicated server purchased from OVH in their BHS datacenter.</s> ''{{Red|Terminated}}''}} | |||
{{Changelog|2013-05-31|<s>SP 16G dedicated server purchased from OVH in their BHS datacenter.</s> ''{{Red|Terminated}}''}} | |||
{{Changelog|2013-01-13|<s>KS1 dedicated server purchased from OVH in their BHS datacenter.</s> ''{{Red|Terminated}}''}} | |||
== {{Icon|notebook}} Network == | |||
The following is the complete network setup for everything that the KYAU Network is currently running. | |||
{| class="wikitable acenter" style="font-size:90%;line-height:100%;" | |||
|+ style="padding-bottom:4px"| Network Overview | |||
|- | |||
! Machine/VM | |||
! OS | |||
! Hostname | |||
! Location | |||
! IPv4 | |||
! Description | |||
|- | |||
| SERVER | |||
| Arch Linux | |||
| neutron.wa | |||
| KYAULABS-42A | |||
| xx.x.xx.xx{{White|/32}} | |||
| Dual Xeon E5-2650v2 | |||
|- | |||
| VM | |||
| Arch Linux | |||
| pulsar.wa | |||
| KYAULABS-42A | |||
| xx.x.xx.xx{{White|/32}} | |||
| Grafana/InfluxDB (Monitoring) | |||
|- | |||
| VM | |||
| Arch Linux | |||
| unifi.wa | |||
| KYAULABS-42A | |||
| xx.x.xx.xx{{White|/32}} | |||
| UniFi Controller | |||
|- | |||
| VM | |||
| Arch Linux | |||
| dragon.wa | |||
| KYAULABS-42A | |||
| xx.x.xx.xx{{White|/32}} | |||
| Minecraft Server / VPN Endpoint | |||
|- | |||
| VM | |||
| Arch Linux | |||
| void.wa | |||
| KYAULABS-42A | |||
| xx.x.xx.xx{{White|/32}} | |||
| Development | |||
|- | |||
| VM | |||
| Arch Linux | |||
| vpn.wa | |||
| KYAULABS-42A | |||
| xx.x.xx.xx{{White|/32}} | |||
| VPN Endpoint | |||
|- | |||
| VM | |||
| Arch Linux | |||
| voidbbs.wa | |||
| KYAULABS-42A | |||
| xx.x.xx.xx{{White|/32}} | |||
| VOID BBS | |||
|- | |||
| VM | |||
| Arch Linux | |||
| web.wa | |||
| KYAULABS-42A | |||
| xx.x.xx.xx{{White|/32}} | |||
| Web Server + VPN Endpoint | |||
|} | |||
== {{Icon|notebook}} Shell Box == | |||
''The shell box was decommissioned on April 25th, 2018 when all of our services were brought in-house. It is possible that it might be revived at a later date, but don't count on it.'' | |||
[[Category:KYAULABS]] | |||
[[Category: |
Latest revision as of 21:59, 27 November 2020
KYAU Network
KYAU Network is powered by Arch Linux and KYAU Labs. While once utilizing dedicated servers to power, everything is now located on-site via the local KYAU Labs datacenter with external access being routed through a VPS using a Wireguard VPN. KYAU Labs chiefly utilizes Kernel-based Virtual Machines (KVM) to separate services onto separate virtual machines (VMs). Each VM and/or VPS is setup using kyaulabs/aarch.
Security & Reliability
Our network has been setup with security and reliability as our two primary focus points. Our DNS server has been setup to achieve an A+ with 100% in all four categories on DNS Spy. Our web server, running nginx with Let's Encrypt SSL certificates, has been setup to achieve an A+ rating with 100 points in every category on SSL Labs.
We are currently looking for a low-end, multiple IPv4, VPS provider on a separate network/continent for our slave DNS server |
NEUTRON |
---|
Supermicro X9DR3-F ATX Server Board |
2x Intel Xeon E5-2650 v2; (20M Cache, 2.6GHz, 8.0 GT/s QPI) |
2x Noctua NH-U9DX i4 CPU Fan 2x Noctua NF-R8 redux Case Fan |
6x SAMSUNG 8GB PC3L-10600R (2Rx4, 1.35V, ECC Registered) 4x SAMSUNG 4GB PC3L-10600R (2Rx4, 1.5V, ECC Registered) |
EVGA GeForce GTX 960 |
LSI 9207-8i SAS Host Bus Adapter |
SAMSUNG SSD 830 Series 128GB |
2x HGST Ultrastar C10K900 600GB 2.5" SAS2 10000RPM 2x Seagate Barracuda 5TB 2.5" SATA 6Gb/s |
InWin R400-03N Open-Bay 4U Server Case |
1Gb/s (unmetered) |
Why Arch Linux?
Arch Linux was an in-house decision not taken lightly, in 2013 the switch from FreeBSD to Arch Linux was made without regret. Running Arch Linux on a server in a production environment is very feasible, provided you know a bit about security and keep on top of advisories. That being said we do not live in a perfect world, and server logs are proof of that.
History
Network
The following is the complete network setup for everything that the KYAU Network is currently running.
Machine/VM | OS | Hostname | Location | IPv4 | Description |
---|---|---|---|---|---|
SERVER | Arch Linux | neutron.wa | KYAULABS-42A | xx.x.xx.xx/32 | Dual Xeon E5-2650v2 |
VM | Arch Linux | pulsar.wa | KYAULABS-42A | xx.x.xx.xx/32 | Grafana/InfluxDB (Monitoring) |
VM | Arch Linux | unifi.wa | KYAULABS-42A | xx.x.xx.xx/32 | UniFi Controller |
VM | Arch Linux | dragon.wa | KYAULABS-42A | xx.x.xx.xx/32 | Minecraft Server / VPN Endpoint |
VM | Arch Linux | void.wa | KYAULABS-42A | xx.x.xx.xx/32 | Development |
VM | Arch Linux | vpn.wa | KYAULABS-42A | xx.x.xx.xx/32 | VPN Endpoint |
VM | Arch Linux | voidbbs.wa | KYAULABS-42A | xx.x.xx.xx/32 | VOID BBS |
VM | Arch Linux | web.wa | KYAULABS-42A | xx.x.xx.xx/32 | Web Server + VPN Endpoint |
Shell Box
The shell box was decommissioned on April 25th, 2018 when all of our services were brought in-house. It is possible that it might be revived at a later date, but don't count on it.