SOWN 2020 Goals

From SOWNWiki
Jump to: navigation, search

This page details goals for SOWN in 2020.

Node Firmware

  • In early 2020 produce a new firmware release that:
    • Allows us to use an unmodified OpenWRT release
    • Fixes the issue with dnsmasq failing and preventing clients getting DHCP leases
    • Fixes issue with multiple OpenVPN processes running
    • Fixes issue with stale logread processes hanging around
  • Provide production and development SOWN opkg repositories.
    • Could host production one on buildroot and development one on buildroot-dev as nodes will be able to see these when connected to the VPN.


  • Get all server service checks working on Icinga 2
  • Remove all servers and their service checks on Sown-monitor just to leave nodes and a couple of host checks for VPN servers.


  • Switchover to a ZFS backups solution


  • Move nodes onto new Sown-vpn server to take load off Sown-auth2
  • Provide VPN tunnels for non-node devices


  • Deploy new RADIUS server (VM) to take the load off Sown-auth2
    • Potentially allow FreeRADIUS to be externally accessible.
    • Might be nice to make this HA in some form, with a VM on each of VMS and VMS2?
      • If we're deploying multiple, write an ansible playbook to do it all

Server Infrastructure

  • Install new server (VMS2) to run VMs for development/testing purposes
    • Deploy in Mountbatten server room with Backup2 server
    • Migrate existing dev and test VMs from VMS to this new server.


  • To be determined


  • Replace Bind with PowerDNS
    • [tds] I'm not convinced pdns gets us much over BIND, so may be worth sticking with what we have for now
    • Could move it to a new server to get it off auth2 though
  • Generate hosts parts of zonefiles from netbox rather than node control


  • Migrate servers to new DMZ
    • GW/GW2 - should be nice and easy, only used for OOB
    • Auth2 - remove DMZ interface entirely, linked to VPN and RADIUS discussion above