Warning Livedoc is no longer being updated and will be deprecated shortly. Please refer to https://documentation.tjhsst.edu.

Difference between revisions of "Current Program Goals"

From Livedoc - The Documentation Repository
Jump to: navigation, search
(Small change about SSO)
(Medium-Term Goals)
Line 20: Line 20:
 
## Ensure everything is being monitored by Nagios.
 
## Ensure everything is being monitored by Nagios.
 
## Create additional nagios distribution lists so that people can receive only the events they care about.
 
## Create additional nagios distribution lists so that people can receive only the events they care about.
 +
## Ensure we know what every network-attached system is, and add missing ones to RDNS/Documentation
 
# Improve the security of communication between LDAP and clients
 
# Improve the security of communication between LDAP and clients
 
## Use the internal Syslab SSL system to generate and deploy valid SSL certs for LDAP.
 
## Use the internal Syslab SSL system to generate and deploy valid SSL certs for LDAP.

Revision as of 13:40, 20 April 2016

This page is a working version of the Sysadmin program's current high-level short, medium, and long-term goals. Small tasks which are part of these high-level goals should be put on Kanboard, not here.

Short-Term Goals

  1. Migrate VM storage still on Fryingpan to Apocalypse. Multiple VMs located on Fryingpan have recently been encountering I/O errors, so this is a top priority to ensure no loss of data occurs.
    1. Acquire more storage for Apocalypse. Right now, Apocalypse is over 70% capacity. More disks should be purchased and we should add an additional vdev to the Apocalypse pool.
  2. Fix issues we have been experiencing with Kerberos/our cross-domain trust by moving to a MIT Kerberos KDCs from our Heimdal KDCs.
    1. Fix related LDAP issues. These are placing a significant burden on use of Intranet student directory features for students and staff.
  3. Set up / finish setting up new VM server hardware to increase VM capacity.
  4. Migrate VMs from and decommission Vega, due to aging hardware.
  5. Ensure Ion has all the necessary tools (including schedule import) to be ready for the 2017 school year.

Medium-Term Goals

  1. Put the finishing touches on the new HPC cluster and open it up for use by the general student/staff body.
    1. Streamline home directory and slurm account creation
    2. Write usage policy
  2. Set up an additional www VM and load balance the two VMs. Our web traffic is steadily increasing and webserver reliability would receive a significant boost from such load balancing.
  3. Use Salt to streamline the Workstation imaging process.
  4. Improve documentation and monitoring (Livedoc, Racktables, Nagios, and RDNS)
    1. Integrate nagios with livedoc.
    2. Ensure everything is being monitored by Nagios.
    3. Create additional nagios distribution lists so that people can receive only the events they care about.
    4. Ensure we know what every network-attached system is, and add missing ones to RDNS/Documentation
  5. Improve the security of communication between LDAP and clients
    1. Use the internal Syslab SSL system to generate and deploy valid SSL certs for LDAP.
  6. Audit backup system, and ensure disaster recovery plan is complete.
  7. Make sure mirror is up-to-date, and that it remains so.
    1. Broaden our selection of available distros on mirror.
  8. Ensure the mailservers (Casey and Smith) support and use TLS
  9. Improve logging capability for Syslab systems
    1. Setup a central syslog collector.
  10. Ensure all syslab services are using centralized authentication against LDAP.

Long-Term Goals

  1. Migrate from a joint Nginx/Apache setup to Nginx-only on WWW.
  2. Move web files outside of AFS, possibly to a shared NFS mount stored on Sonic, to decrease latency.
  3. Improve security for user web sandboxes.
    1. Develop a self-service system to create web-docs and other website spaces after approval.
  4. Modernize our list server
    1. Migrate lists to mailman 3.0.
  5. Investigate setting up eduroam Wi-Fi