Table of Contents
Ansible for DS Financial demo network
Create and configure hosts (typically a Raspberry PI) for sites on demo network. Create and install tools to generate network traffic.
Note: The traffic generated is only for portal statistics, testing steering, etc. It is NOT for performance testing.
The following assumptions are made:
- All raspberry pi devices are attached to their associated uCPE's
- All raspberry pi devices have the proper IP address configured for their uCPE (link below or instructions)
- All raspberry pi devices have Internet access, either centralized or DIA
- The SD-WAN VPN provides either full mesh connectivity OR the ansible-host defined below is a HUB site with connectivity to all other sites
DS Financial Demo Network - Wiki
Current State
Currently, this is just a loose collection of some repeatable tasks.
The Goal is to evenually be able to be a turnkey solution to spin up a "real" network, generating real traffic:
- Configure host name based on inventory (less manual "pi" setup)
- Configure DNS resolution by updating hosts files on each PI from inventory. This is much simpler than bothering to set up DNS services
- SMB
- Currently working. Ansible to copy scripts and set up cron job
- Samba Server
- install samba
- configure share
- enable samba server
- generate server files in share
- FTP
- Currently working. Manual configuration
- TBD set up server
- TBD set up scripts and cron job on clients
- Web
- Currently working. Manual configuration
- TBD setup server
- EBD set up scripts and cron job on clients
- SIP/Voice
- Currently working for both client and server (currently only one direction audio)
- Download sipp source
- Configure sipp source
- Copy scripts and set up cron jobs
- Add test to generate some traffic with various DSCP markings using ping to the sipp server
- Currently working for both client and server (currently only one direction audio)
- Web application traffic. Note: Must currently be run on separate machines (ie. cannot have Facebook and Youtube on the same box)
- Youtube
- Currently working. Ansible install of scripts and cron configuration
- Facebook
- Currently working. Ansible install of scripts and cron configuration
- SalesForce
- Currently working. Ansible install of scripts and cron jobs
- Youtube
- Active Directory Domain (separate from the SMB traffic generation)
- Provision a Samba Active Directory Domain Controller
- Provision a Samba Active Directory Domain Controller (secondary) - not tested
- Provision Samba memeber servers
- Fail2Ban
- Add Fail2Ban to block ssh attempts
Getting Started
- Download the Raspbery Pi Disk Imager from https://www.raspberrypi.com/software
- Place the SD card in your PC, launch Raspberry Pi Imager
- Choose OS - select the default (Raspberry Pi OS(32-bit))
- Choose storage - select your SD card
- Click the gear in the lower right corner to configure
- Set hostname - 'raspberry' will work as the ansible script will configure this later
- Enable SSH - this is important, select "Uer password authentication"
- Select "Set username and password'
- enter the username and password you would like to use
- optionally set locale
- Place the card into a Pi and boot up with monitor and keyboard connected
- On each Pi
- log in with the username and password you used in the Imager utility
- Configure network
- The Raspberry Pi is configured for DHCP by default If your uCPE does not provide DHCP addresses, you will need to configure a staitc IP address by following the instructions at this site https://www.raspberrypi.com/documentation/computers/configuration.html#static-ip-addresses
- Designate one of the Pi's to be the "main" device and do the following
- log in via SSH or via local keyboard and mouse
- if local, open a command prompt
- execute sudo apt install -y ansible sshpass git
- get a copy of repo (requies github account, comcast VPN access, and configured git credentials)
- execute cd dsfin-ansible
- execute cp hosts .. copy hosts file outide of git to prevent it from being overwritten on update
- execute ansible-galaxy collection install -r requirements.yml
- execute nano ../hosts and follow the instructions in that file to add all of your Pi devices
- execute ssh-keygen -t rsa you will need to press enter three times to accept the defaults
- execute ansible-playbook -i ../hosts main.yaml -k -K it will ask for the password which is still 'raspberry then you can enter a different username/password if needed'
- after it completes without errors
- execute ansible-playbook -i ../hosts reboot.yaml and wait for it to complete
- execute sudo reboot
At this point, the configuration of all of the Raspberry Pi devices will be completed and they will start generating traffic as configured while editing the hosts file.
Additional tools
- dhcptest - tool for testing dhcp responses. useful for testing custom options and dhcp in general
- samba4 domain Controller
- samba4 domain memeber
- filebrowser - web-based file transfer/sharing tool
- zabbix - configure zabbix clients - install client, push default configuration
- tcgui - web gui for configuring the built in kernel tc module. use to generate packet loss, jitter, latency, shaping, etc.
- qos - script to generate traffic with varying dscp markings. useful for validating qos configurations
Give examples
Installing
A step by step series of examples that tell you how to get a development env running
Say what the step will be
Give the example
And repeat
until finished
End with an example of getting some data out of the system or using it for a little demo
Running the tests
Explain how to run the automated tests for this system
Break down into end to end tests
Explain what these tests test and why
Give an example
And coding style tests
Explain what these tests test and why
Give an example
Deployment
Add additional notes about how to deploy this on a live system
Built With
- Dropwizard - The web framework used
- Maven - Dependency Management
- ROME - Used to generate RSS Feeds
Contributing
Please read CONTRIBUTING.md for details on our code of conduct, and the process for submitting pull requests to us.
Versioning
We use SemVer for versioning. For the versions available, see the tags on this repository.
Authors
- Billie Thompson - Initial work - PurpleBooth
See also the list of contributors who participated in this project.
Acknowledgments
- Hat tip to anyone whose code was used
- Inspiration
- etc