[Cryptech Core] Workshop backup plan kit (was Re: Introductory presentations at Berlin Workshop)
Rob Austein
sra at hactrn.net
Tue Jul 5 19:26:03 UTC 2016
At Tue, 5 Jul 2016 18:01:24 +0000, Peter Stuge wrote:
> > backup plan to serve software packages on LAN in the room if necessary
> ..
> > Bad Things can happen to kit while in transit
>
> I can easily bring kit to the venue. Let me know what you need?
>
> Know that Germany has the worst connectivity in all of Europe.
>
> I can maybe get some mobile internet into the room, but indoor
> coverage is not a given and no contracts include more than a few
> GB of traffic.
Back when I ran the technical side of a little company which had a
booth at every Networld+Interop, planning doctrine said that the demo
MUST NOT depend on network connectivity outside the booth. It was
fine to incorporate the venue network and the Internet in the primary
plan, but there needed to be a fallback in case networks beyond our
control were down or unusable. While our situation in Berlin is not
identical, it's pretty close: we hope to be able to use the IETF
network but we can't depend on it, and we have no control over the
path from the hotel in Berlin to our servers in Reykjavik.
So primary plan is to use our APT and Homebrew repositories on the
servers in Reykjavik to supply the packages that users need to
install, but doctrine says we should have some way of serving that
content within the demo room if necessary.
I think that translates to a WiFi hub capable of supporting everybody
we expect to be in the room, and some kind of box which can run a web
server. Not particularly challenging. If necessary, we take that box
to someplace where the network does work and wget everything from the
relevant repositories onto it. As a last gasp, we have all of the
source repositories, synthesis and cross compilation tools, etc on
some box in the room and build and serve our own images in the room.
I plan to bring a little base station and a little headless Shuttle
server running Debian Jessie: I will make sure to install Apache on it
before leaving home, and to mirror the then-current content of
https://apt.cryptech.is/ and https://brew.cryptech.is/.
Peter, if you have a WiFi base station which can comfortably serve the
number of machines we expect to have (no, I don't know what that is,
ask Leif or Phil), that would be a good thing to bring, as I'm not
sure that my usual travel base station can cope, I've never used it
for more than a handful of devices at once.
Creating a build machine is somewhat tedious. I've tried to keep
notes on what needs to be installed but as we've discovered it
piecemeal I have no doubt forgotten something. A Debian or Ubuntu VM
on a sufficiently powerful laptop would probably suffice, doesn't
necessarily need hardware, I just happen to have some and prefer not
to tie up my laptop (or bet on VM USB emulation working correctly).
Having a laptop which can drive the projector would be nice, so that
nobody has to sacrifice their work machine to the cause during the
workshop (gets annoying when trying to help a participant means taking
down the instruction page with all the URLs, Murphy's law says that 30
seconds after you do that someone will need to know one of those URLs
again). If that laptop can also serve as a backup HTTP(S) server, so
much the better.
As is no doubt obvious, this is all paranoia. Then again, this level
of paranoia saved my company's collective butts more than once, back
in the day. With luck we won't need any of the backup kit, but having
it available gives us more options if something goes pear shaped.
More information about the Core
mailing list