# Training session in 28h ## Proposal | Slot | Day 1 | Day 2 | Day 3 | Day 4 | Day 5 | Day 6 | Day 7 | |---|---|---|---|---|---|---|---| | Topic | Base Infrastructure | Setup home DC services | API+Vault | PoP rebuild: base | PoP rebuild: network | Pop rebuild: edge/service | Metrics + Logs | | 1 | Base infrastructure: Terraform, Ansible | Flux in detail | API deploy: Ops api | Configure switches, router, VPN | Internal BGP and networking | Service node build | Metrics bootstrap and analysis | | 2 | Kubernetes cluster in home dc | Github runners, Nexus | Tyk, Vault | APU configuration and usage | Upstream BGP and anycasting | Edge node build | Logs bootstrap and analysis | | Team | Devops + Developer | Devops + Developer | Developer | Devops + Network | Devops + Network | DevOps | DevOps + Developer | ### Topic details * Base infrastructure: Terraform, Ansible * All nodes providing k8s services are up * Including name servers * Bastion * SSH authentication and access works * Objective: the base infrastructure is up and running * Kubernetes cluster in home dc * Base k8s up * Including Nginx ingress controller * Including Cloud integrations * Coordination with LF team for SSL certs installation. Objective is to have installed API's ssl cert and end-user touchpoint cert installed into ops namespace as tls secret. * Objective: k8s basis up and running, ready for running payload * Flux in detail * Deployment * Configuration * Usage * Objective: getting people comfortable with the Flux CDN * Github Runners, Nexus * Caching and triggers * Objective: images and triggers are in place, workflows are understood * OPS API deploy * The API is deployed and usable * Include also how to use it, some sample flows * Objective: being able to deploy, configure and use the API * Tyk, Vault, Database: * Description of how it's Tyk gateway is used * Deployment of OPS API's database * Setup and usage of vault, some manual tests/usage * Configure switches, router, VPN * Reviewing and reconfiguring switches from scratch (if possible) * Building and verifying the VPN * Objective: being able to reproduce network configuration and connect Edge and Home DC through VPN * APU configuration and usage * Setting up / verify APU setting, how to use it, what services are running on it * Opengear: usage to connect to hardware serial consoles * Objective: being able to apply configuration changes on network devices through serial console. Being able to provide service to bootstrap Edge and service nodes. * Internal BGP and networking * Switches to Edge nodes * Edge node LB * Show which networks are deployed for which use cases * Include MTU setting descriptions * Objective: Clear understanding of network configurations related to routing and access * Upstream BGP and anycasting * Peering with upstream * Anycasting configuration * Expected routing behaviour * Service Nodes build * Install OS and bootstraping * Deploy delivery API * PowerDNS service and end-user touch point domain configuration * Including the vault agent * Objective: Get a k8s service worker running and joined to the cluster. * Edge Nodes build * Install OS and bootrstraping * Including Varnish and interaction with k8s * Including nginx * Including the configuration agent * Including Py-Key-Loader * Objective: Get Edge nodes working. Get a tenant service working pointing to an origin and end-users can access to the tenant service and using end-user touch point DNS for resolution. * Metrics * Being able to setup metrics collection * Seeing all dashboards * Understanding the architecture * Should include the pop metrics * Alert configuration * Objective: Metrics are collected and grafana display usage data. Prometheus does not report any outstading alert. * Logs * Configuration overview * Objective: Edge logs are collected and can be visualized ## Notes Sebastian * VPN not seen yet * APUs for remote bootstrapping / debugging * Netbooting * Kickstart * Installation process * Remote access * Opengear we skip * Internal networking * review configuration * Check with existing configuration * Calico networking * Time (including Sebastian) * 08:00-10:00 - 18:00-20:00 * 10:30-12:30 - 20:30-22:30 * Networking teardown needs to be defined * Negotation