Planning out a FOG install.
-
@george1421 NAT? And why fog stable?
-
@Wayne-Workman said in Planning out a FOG install.:
@george1421 NAT? And why fog stable?
NAT was not requested. So if the address space is unique to the LAB why not just make it routable and not have to mess with nat. The OP can do do NAT if he wants, but that setup is way beyond the scope of what I posted. (yes I know you can do it with iptables).
FOG stable, I guess I didnāt explain that one very well, and I missed a step.
FOG Stable because that doesnāt have to connect back to the fogproject site for kernel downloads. That installer should be self contained. It will have to be, because the FOG server is not acting like a router yet. But we need the fog installer to be sure to select the NIC connected to the lab network. That way the multicasting and other FOG settings will be configured correctly.Now the part that should be step 10
10. Download and install the FOG 1.2.0 trunk version and update the stable version of fog 1.2.0 to the latest trunk. Now that routing is working correctly the FOG installer can reach the fogproject.org web site to pickup the checksums and files. -
@george1421 In trunk, the interface stuff is corrected now, just fyi. The installer intelligently detects the correct interface and IP to use.
-
This is a very informative thread
I fully understand that the configuration and steps you lined out are from you and not FOG.
I apologize if I didnāt articulate all thoughts in my head (finals this months so thereās more hamsters than normal running the wheels)
I was looking at possibly NAT-ing at the FOG box. Have the lab on a private IP range (i.e. 192.168.x.x/24) and have the Fog box NAT/Route those IP to a single weber.edu address. Over the next month or so (after finals) I plan to have a sit down with out network group too. Hopefully they will be fine with a NET situation or assign the room a specific ip-range/vlan. I expect that they definitely want to keep the clustering traffic off the schoolās network.
Its great having multiple config options available.
-
@Wayne-Workman said in Planning out a FOG install.:
@chimchild Man, honestly, tell your uni to go to wal-mart and get a 30 dollar router. (or something better).
I donāt really have a budget; Iām sure if I have sufficient justification I can get reasonable purchases authorized. Personally I enjoy the challenges of re-purposing & ārecylewareā. So far all hardware (except the new boxes for the lab computers) is stuff Iāve pulled from our storage closets, or the campus warehouse store.
And this has been a nice refresher & educational Linux project for me, that I believe will translate well into real-world post-graduation interviews in the next couple years.
-
OK. Overall I plan to stay within āstableā releases. One of my goals once its set up, to be able to remotely manage it so it will be headless, and leave behind sufficient documentation for future administration after Iāve graduated next year.
-
@Wayne-Workman Thanks for sharing that. I think that will be very helpful to me on my project
-
@chimchild Just remember, my project is GPLv3, so to use any of it, your project must be GPLv3 as well.
-
@Wayne-Workman been looking over your script/code. To disable the VPN portion would I just need to comment out or remove lines 43-100? of the functions.sh file?
-
@chimchild A lot more than that, look at the make_setiptables() function. Also, all the components are called from the install.sh file. lines 51 - 53.
Not even going to pretend that adapting my project will be easy or optimal, but do-able yes. The whole project was made from the perspective of forcing a network through a VPN transparently and reliably.
-
@Wayne-Workman
Will keep that in mind. This is still in the planing and tryng different setup & configuration stages. I donāt think the Lab itself wonāt be set up until the end of summer. -
Iāve also been looking at something like this https://www.howtoforge.com/nat_iptables as possible solution or part solution, especially if Fog itself can handle the DHCP requests.
-
@chimchild That would do it. I favor iptables for major network appliances. Itās commands and config make more sense to me than firewalld does.