54c2bd119f
Add ICMP probes
...
These probes check if we can reach several targets via ICMP, which is
not proxied, so they can be used to see if ICMP forwarding is working in
the login node.
In particular, we test if we can reach the Google (8.8.8.8) and
Cloudflare (1.1.1.1) DNS servers, the BSC gateway which responds to ping
only from the intranet and the login node (ssfhead).
Reviewed-By: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
2023-10-25 17:13:03 +02:00
e5d85c1b38
Enable proxy for Grafana too
...
The alerts need to contact the slack endpoint, so we add the proxy
environment variables to the grafana systemd service.
Reviewed-By: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
2023-10-25 16:55:56 +02:00
f1486b84c1
Make blackbox exporter use the proxy
...
By default it was trying to reach the targets using the default gateway,
but since the electrical cut of 2023-10-20, the login node has not
enabled forwarding again. So better if we don't rely on it.
Reviewed-By: Aleix Roca Nonell <aleix.rocanonell@bsc.es>
2023-10-25 16:55:24 +02:00
472f4b0334
Don't log SLURM connection attempts from ssfhead
2023-10-06 15:22:04 +02:00
425dca3e00
Add docker runner too
2023-10-06 15:17:07 +02:00
e4080cf931
Monitor gitlab.bsc.es too
2023-10-06 15:17:07 +02:00
fc9285f89d
Monitor PM webpage via blackbox
2023-10-06 15:17:07 +02:00
fbe238f5b6
Temporarily disable pm runners
2023-10-06 15:17:07 +02:00
9874da566d
Add runner for gitlab.bsc.es
2023-10-06 15:17:07 +02:00
ebc5c4d84f
Allow anonymous access to grafana
2023-09-22 10:51:30 +02:00
8634a9e133
Remove user/group when using DynamicUsers
2023-09-22 10:13:06 +02:00
0ce79ed79e
Set the SLURM_CONF variable
2023-09-21 22:22:00 +02:00
5f492ee1d7
Enable slurm-exporter service
2023-09-21 21:40:02 +02:00
3040a803b2
Mount the hut nix store for SLURM jobs
2023-09-20 19:38:43 +02:00
70a9e855cf
Enable direnv integration
2023-09-20 09:32:58 +02:00
aa64e9ef24
Remove bscpkgs from the registry and nixPath
...
This is done to prevent accidental evaluations where the nixpkgs input
of bscpkgs is still pointing to a different version that the one
specified in the jungle flake. Instead use jungle#bscpkgs.X to get a
package from bscpkgs.
2023-09-15 12:00:33 +02:00
ff98ba47c4
Don't fetch registry flakes from the net
2023-09-15 12:00:28 +02:00
d522113cb9
Open ports in firewall of compute nodes
2023-09-14 15:45:43 +02:00
5a5f4672cd
Monitor storage nodes via IPMI too
2023-09-13 15:57:13 +02:00
2646ad4b70
Enable fstrim service
2023-09-12 16:39:45 +02:00
b120a7ca85
Serve the nix store from hut
2023-09-12 12:19:43 +02:00
2a0254b684
Add encrypted munge key with agenix
2023-09-08 19:05:45 +02:00
e3e6e7662d
Remove unused large port hole in firewall
2023-09-08 18:22:48 +02:00
868f825e26
Make exporters listen in localhost only
2023-09-08 18:13:04 +02:00
f231dc81f1
Allow only some ports for srun
2023-09-08 17:51:37 +02:00
a758eef354
Block ssfhead from reaching our slurm daemon
2023-09-08 17:36:28 +02:00
9c9c41fb57
Poweroff idle slurm nodes after 1 hour
2023-09-08 16:49:53 +02:00
1a1708f16f
Add IB and IPMI node host names
2023-09-08 13:21:37 +02:00
eb9876aff6
Unlock ovni gitlab runners
2023-09-05 16:59:45 +02:00
68f4d54dd1
Add agenix to all nodes
2023-09-04 22:10:43 +02:00
2042d58b72
Add agenix module to ceph
2023-09-04 22:07:07 +02:00
2c8c90e6e4
Remove old secrets
2023-09-04 22:04:32 +02:00
208dcb7dde
Mount /ceph in owl1 and owl2
2023-09-04 22:00:36 +02:00
e2f82a6383
Warn about the owl2 omnipath device
2023-09-04 22:00:17 +02:00
d704816de9
Clean owl2 configuration
2023-09-04 21:59:56 +02:00
74ec4eb22a
Move the ceph client config to an external module
2023-09-04 21:59:04 +02:00
0a5f9b55f5
Reorganize secrets and ssh keys
...
The agenix tools needs to read the secrets from a standalone file, but
we also need the same information for the SSH keys.
2023-09-04 21:36:31 +02:00
900de39e2f
Add anavarro user
2023-09-04 16:00:01 +02:00
1e466d07df
Set zsh inc_append_history option
2023-09-03 16:57:53 +02:00
13807c5e8f
Set zsh shell for rarias
2023-09-03 16:46:27 +02:00
d8d6d6d421
Enable zsh and fix key bindings
2023-09-03 16:42:04 +02:00
a242ddd39c
Keep a log over time with the config commits
2023-09-03 00:02:14 +02:00
2c52ef9ff0
Store nixos config in /etc/nixos/config.rev
2023-09-02 23:37:11 +02:00
acb91695ac
Enable binary emulation for other architectures
2023-08-31 17:27:08 +02:00
9d93760e6f
Enable watchdog
2023-08-30 16:32:17 +02:00
aad67b9d99
Enable all osd on boot in lake2
2023-08-30 16:32:17 +02:00
e1d406023d
Scrape lake2 too
2023-08-29 12:33:26 +02:00
db6bb90af8
Also enable monitoring in lake2
2023-08-29 12:29:41 +02:00
1266c8f04e
Scrape metrics from bay
2023-08-29 11:58:00 +02:00
2b7823788c
Add monitoring in the bay node
2023-08-29 11:53:32 +02:00
