Table of Contents
=================

   * [Ansible for DS Financial demo network](#ansible-for-ds-financial-demo-network)
   * [Current State](#current-state)
      * [Getting Started](#getting-started)
         * [Prerequisites](#prerequisites)
         * [Installing](#installing)
      * [Running the tests](#running-the-tests)
         * [Break down into end to end tests](#break-down-into-end-to-end-tests)
         * [And coding style tests](#and-coding-style-tests)
      * [Deployment](#deployment)
      * [Built With](#built-with)
      * [Contributing](#contributing)
      * [Versioning](#versioning)
      * [Authors](#authors)
      * [Acknowledgments](#acknowledgments)


# Ansible for DS Financial demo network

Create and configure hosts (typically a Raspberry PI) for sites on demo network.  Create and install tools to generate network traffic.

**Note:** The traffic generated is only for portal statistics, testing steering, etc.  It is **NOT** for performance testing.

The following assumptions are made:
 * All raspberry pi devices are attached to their associated uCPE's
 * All raspberry pi devices have the proper IP address configured for their uCPE (link below or instructions)
 * All raspberry pi devices have Internet access, either centralized or DIA
 * The SD-WAN VPN provides either full mesh connectivity OR the __ansible-host__ defined below is a HUB site with connectivity to all other sites


[DS Financial Demo Network](https://wiki.sys.comcast.net/pages/viewpage.action?spaceKey=ETHERNET&title=Demo+Network+Configuration) - Wiki

# Current State

Currently, this is just a loose collection of some repeatable tasks.  

The Goal is to evenually be able to be a turnkey solution to spin up a "real" network, generating real traffic:
* Configure host name based on inventory (less manual "pi" setup)
* Configure DNS resolution by updating hosts files on each PI from inventory.  This is much simpler than bothering to set up DNS services
* SMB
  * Currently working.  Ansible to copy scripts and set up cron job
  * Samba Server
    * install samba
    * configure share
    * enable samba server
    * generate server files in share
* FTP
  * Currently working.  Manual configuration
  * TBD set up server
  * TBD set up scripts and cron job on clients
* Web
  * Currently working. Manual configuration
  * TBD setup server
  * EBD set up scripts and cron job on clients
* SIP/Voice
  * Currently working for both client and server (currently only one direction audio)
    * Download sipp source
    * Configure sipp source
    * Copy scripts and set up cron jobs
  * Add test to generate some traffic with various DSCP markings using ping to the sipp server
* Web application traffic.  Note: Must currently be run on separate machines (ie. cannot have Facebook and Youtube on the same box)
  * Youtube
    * Currently working.  Ansible install of scripts and cron configuration
  * Facebook
    * Currently working.  Ansible install of scripts and cron configuration
  * SalesForce
    * Currently working.  Ansible install of scripts and cron jobs
* Active Directory Domain (separate from the SMB traffic generation)
  * Provision a Samba Active Directory Domain Controller
  * Provision a Samba Active Directory Domain Controller (secondary) - not tested
  * Provision Samba memeber servers
* Fail2Ban
  * Add Fail2Ban to block ssh attempts
## Getting Started

* Download the Raspbery Pi Disk Imager from https://www.raspberrypi.com/software
* Place the SD card in your PC, launch Raspberry Pi Imager
 * Choose OS - select the default (Raspberry Pi OS(32-bit))
 * Choose storage - select your SD card
 * Click the gear in the lower right corner to configure
 * Set hostname - 'raspberry' will work as the ansible script will configure this later
 * Enable SSH - this is important, select "Uer password authentication"
   * Select "Set username and password'
   * enter the username and password you would like to use
* optionally set locale
* Place the card into a Pi and boot up with monitor and keyboard connected
* On each Pi
  * log in with the username and password you used in the Imager utility
  * Configure network
    * The Raspberry Pi is configured for DHCP by default  If your uCPE does not provide DHCP addresses, you will need to configure a staitc IP address by following the instructions at this site https://www.raspberrypi.com/documentation/computers/configuration.html#static-ip-addresses
* Designate one of the Pi's to be the "main" device and do the following
  * log in via SSH or via local keyboard and mouse
  * if local, open a command prompt
  * execute _**sudo apt install -y ansible sshpass git**_
  * get a copy of repo (requies github account, comcast VPN access, and configured git credentials)
  * execute _**cd dsfin-ansible**_
  * execute _**cp hosts ..**_ copy hosts file outide of git to prevent it from being overwritten on update
  * execute _**ansible-galaxy collection install -r requirements.yml**_
  * execute _**nano ../hosts**_ and follow the instructions in that file to add all of your Pi devices
  * execute _**ssh-keygen -t rsa**_ you will need to press enter three times to accept the defaults
  * execute _**ansible-playbook -i ../hosts main.yaml -k -K**_ it will ask for the password which is still 'raspberry then you can enter a different username/password if needed'
  * after it completes without errors
    * execute _**ansible-playbook -i ../hosts reboot.yaml**_ and wait for it to complete
    * execute _**sudo reboot**_

At this point, the configuration of all of the Raspberry Pi devices will be completed and they will start generating traffic as configured while editing the hosts file.

### Additional tools
* dhcptest - tool for testing dhcp responses.  useful for testing custom options and dhcp in general
* samba4 domain Controller
* samba4 domain memeber
* filebrowser - web-based file transfer/sharing tool
* zabbix - configure zabbix clients - install client, push default configuration
* tcgui - web gui for configuring the built in kernel tc module.  use to generate packet loss, jitter, latency, shaping, etc.
* qos - script to generate traffic with varying dscp markings.  useful for validating qos configurations


```
Give examples
```

### Installing

A step by step series of examples that tell you how to get a development env running

Say what the step will be

```
Give the example
```

And repeat

```
until finished
```

End with an example of getting some data out of the system or using it for a little demo

## Running the tests

Explain how to run the automated tests for this system

### Break down into end to end tests

Explain what these tests test and why

```
Give an example
```

### And coding style tests

Explain what these tests test and why

```
Give an example
```

## Deployment

Add additional notes about how to deploy this on a live system

## Built With

* [Dropwizard](http://www.dropwizard.io/1.0.2/docs/) - The web framework used
* [Maven](https://maven.apache.org/) - Dependency Management
* [ROME](https://rometools.github.io/rome/) - Used to generate RSS Feeds

## Contributing

Please read [CONTRIBUTING.md](https://gist.github.com/PurpleBooth/b24679402957c63ec426) for details on our code of conduct, and the process for submitting pull requests to us.

## Versioning

We use [SemVer](http://semver.org/) for versioning. For the versions available, see the [tags on this repository](https://github.com/your/project/tags). 

## Authors

* **Billie Thompson** - *Initial work* - [PurpleBooth](https://github.com/PurpleBooth)

See also the list of [contributors](https://github.com/your/project/contributors) who participated in this project.


## Acknowledgments

* Hat tip to anyone whose code was used
* Inspiration
* etc