Warning Livedoc is no longer being updated and will be deprecated shortly. Please refer to https://documentation.tjhsst.edu.

Difference between revisions of "Discussion Agenda archive 1"

From Livedoc - The Documentation Repository
Jump to: navigation, search
(Added rack configuration, comment to lost and found)
m (I can count servers... although I really did think there was 6)
Line 53: Line 53:
  
 
==Rack Configuration== --[[User:Brandon Vargo|bvargo]]
 
==Rack Configuration== --[[User:Brandon Vargo|bvargo]]
*Find a place for the 6 "new" servers we just received
+
*Find a place for the 7 "new" servers we just received
 
*Find a place for the machines sitting behind the rack (tess and alpha)
 
*Find a place for the machines sitting behind the rack (tess and alpha)
*Organize machines by machine type (e.g. the penguins together, the hp's together, the new hp's together, the 6 1u servers together)?
+
*Organize machines by machine type (e.g. the penguins together, the hp's together, the new hp's together, the 7 1u servers together)?
 
*Relabel machines because most are incorrect, due to the new ip scheme (the labels have the old ip addresses)
 
*Relabel machines because most are incorrect, due to the new ip scheme (the labels have the old ip addresses)
  

Revision as of 22:38, 6 March 2007

If there is anything that needs to be/should be discussed in a sysadmin meeting, please list it here - also, if you add something to a topic, remember to add your username to the section:

==CSL keytabs (why not?)== --wyang

==Whether it is possible to restart the weekly meetings, and if so, when they will take place== --bvargo

==Service distribution, specifically what services, if any, will go onto the "new" servers== --bvargo

==Future of Livedoc== --bvargo

  • Update software
    • latest version of mediawiki
    • move to something more structured (like twiki, or something similiar)
  • If we move to something more structured, it should have a WYSIWYG editor - I (bvargo for one, would update livedoc a lot more if it was more structured, and had a WYSIWYG editor in it (most of the WYSIWYG editors for mediawiki have had security issues, so I would steer clear of them)

==Virtualization ideas== --bvargo, wyang

  • What services to start to virtualize, as a proof of concept and/or permanent installation*
    • Dev hosts - each developer gets their own host to setup and configure as they wish for whatever they are doing (currently being implemented on humboldt for iodine developemnt, as well as development of the new school website)
    • remote and oldremote (until it goes away) - separate configuration for each, without needing to commit a workstation or server to that configuration - also prevents users from gaining access to production servers
    • DNS - bind has not had a great security record, it would be best to put bind in an isolated environment, making a vm perfect - if this is not going to be done for awhile, bind should at least be chrooted
    • etc
  • Data storage methods to employ for virtualization
    • Central storage on one or more servers, provides HA (something like storage arrays with both data and VMs)
    • Distributed storage, using something like AoE
    • Local storage with backup - vm is stored locally, with another copy somewhere else that is updated periodically, but is not turned on unless needed
    • Some other storage scheme

==Cleanup of AFS== --bvargo

  • While we are auditing AFS permissions, and removing @local.tjhsst.edu users, we should do a few other things
  • Clean the service directory
    • Archive everything that is no longer in use
    • Archive everything that is no longer useful
  • Audit permissions on all directories, including web, etc
  • Other cleanup tasks (I'll add more when I have more time)

==Security issues== --bvargo

  • Separation of services
    • Services should be separated for security, if one is compromised, all services should not be compromised
      • fiordland comes to mind as something that should be fixed
      • One solution is to put services into virtual machines - good security, with additional management benefits - want to move what host a service runs on, just move the vm with a simple command
  • Logging - do we look at the logs for anything anymore, and if not, how can we go about accomplishing this, so we know what is happening on our systems
  • More issues added as I have more time to add them to this list

==High availability / load balancing== --bvargo

  • Currently we have almost zero high availability for most services, this needs to change - also, we need to test high availability functions for services in which it supposedly should work
  • Mysql
  • Apache
  • Kerberos (does it work?)
  • Iodine
  • Remote and oldremote (until it goes away) - loadbalanced and high availability
  • Workstation service ip, so I can ssh to workstation, and it will redirect me to the workstation with the lowest load?
  • Zimbra (can we make it work, even though the "community" edition does not include it)
  • Other services

==Rack Configuration== --bvargo

  • Find a place for the 7 "new" servers we just received
  • Find a place for the machines sitting behind the rack (tess and alpha)
  • Organize machines by machine type (e.g. the penguins together, the hp's together, the new hp's together, the 7 1u servers together)?
  • Relabel machines because most are incorrect, due to the new ip scheme (the labels have the old ip addresses)

==Backups== --bvargo, srepetsk

  • Off-site backup -- possibly in the room outside the library, or the closet in the guys locker room that's used for the PA system (I think) srepetsk
  • Online backups for AFS (yesterday directory)
  • Offline backups for AFS, how it is implemented, and what we have to do to get it to work (following emperor's troubles)

==Additional "services" to offer in the lab== --bvargo, srepetsk, wyang

  • Yesterday directory for all home directories
  • Postgresql
  • Bugzilla or TRAC for issues users encounter in the lab
  • Form submission on tjhsst.edu/admin/ or tjhsst.edu/syslab or papers on the wall for web accounts, mysql stuff, etc. (talk to lkearsle)

==Stuff that needs to be fixed== --bvargo

  • Yesterday directory on old afs directories (stopped working at the start of February)
  • Timely processing of user service request form - Do we need a new system for handling these requests (see online form submission in the services section above)?
  • The workstation agammemnon should be agamemnon, someone misspelled when typing in the hostname

==Lost and Found== --srepetsk

  • At this time, I (srepetsk) think there are currently two options
    • Start our own lost and found so we have a place to put all the random stuff sitting around the lab
      • There is currently a lost and found of sorts hidden in the bookshelf by the systems monitor --bvargo
    • Take all the stuff in the lab and take it down to the lost and found by the security office