Current Program Goals
This page is a working version of the Sysadmin program's current high-level short, medium, and long-term goals. Small tasks which are part of these high-level goals should be put on , not here.
- Migrate VM storage still on Fryingpan to Apocalypse. Multiple VMs located on Fryingpan have recently been encountering I/O errors, so this is a top priority to ensure no loss of data occurs.
- Acquire more storage for Apocalypse. Right now, Apocalypse is over 70% capacity. More disks should be purchased and we should add an additional vdev to the Apocalypse pool.
- Fix issues we have been experiencing with Kerberos/our cross-domain trust by moving to a MIT Kerberos KDCs from our Heimdal KDCs.
- Fix related LDAP issues. These are placing a significant burden on use of Intranet student directory features for students and staff.
- Set up / finish setting up the three new G6s we acquired as VM servers.
- Migrate VMs from and decommission Vega, due to aging hardware.
- Develop official tool to update LDAP from SIS data ready for the start of the 2017 school year
- Put the finishing touches on the new HPC cluster and open it up for use by the general student/staff body.
- Streamline home directory and slurm account creation
- Write usage policy
- Set up an additional www VM and load balance the two VMs. Our web traffic is steadily increasing and webserver reliability would receive a significant boost from such load balancing.
- Use Salt to streamline the Workstation imaging process.
- Identify unknown systems, document them and add them to RDNS.
- Give observium more resources, and give it permission to query libvirt.
- Move iodine-ldap and openldap1/2 to the lmdb backend, as well as generating valid ssl certs and using them.
- Audit backup system, and ensure disaster recovery plan is complete.
- Make sure mirror is up-to-date, and that it remains so.
- Make sure the mailservers support tls fully, and use it.
- Integrate nagios with livedoc.
- Setup a central syslog collector.
- Make sure nagios is monitoring everything.
- Create additional nagios distribution lists so that people can receive only the events they care about.
- Setup a CSL Play Store account.
- Migrate from a joint Nginx/Apache setup to Nginx-only on WWW.
- Move web files outside of AFS, possibly to a shared NFS mount stored on Sonic, to decrease latency.
- Improve security for user web sandboxes.
- Migrate lists to mailman 3.0.
- Setup a SSO system: auth livedoc, observium, etc against the main ldap servers.
- Investigate setting up eduroam Wi-Fi
- Develop a self-service system to create web-docs and other website spaces after approval.