Current Program Goals
This page is a working version of the Sysadmin program's current high-level short, medium, and long-term goals. Small tasks which are part of these high-level goals should be put on Kanboard, not here.
- ✔ Migrate VM storage still on Fryingpan to Apocalypse. Multiple VMs located on Fryingpan have recently been encountering I/O errors, so this is a top priority to ensure no loss of data occurs.
- ✔ Acquire more storage for Apocalypse. Right now, Apocalypse is over 70% capacity. More disks should be purchased and we should add an additional vdev to the Apocalypse pool.
- ✔ Fix issues we have been experiencing with Kerberos/our cross-domain trust by moving to a MIT Kerberos KDCs from our Heimdal KDCs.
- ✔ Fix related LDAP issues. These are placing a significant burden on use of Intranet student directory features for students and staff.
- ✔ Set up / finish setting up new VM server hardware to increase VM capacity.
- ✔ Migrate VMs from and decommission Vega, due to aging hardware.
- Ensure Ion has all the necessary tools (including schedule import) to be ready for the 2017 school year.
- Put the finishing touches on the new HPC cluster and open it up for use by the general student/staff body.
- Streamline home directory and slurm account creation
- Write usage policy
- Set up an additional www VM and load balance the two VMs. Our web traffic is steadily increasing and webserver reliability would receive a significant boost from such load balancing.
- ✔ Use Salt to streamline the Workstation imaging process.
- Improve documentation and monitoring (Livedoc, Racktables, Nagios, and RDNS)
- Integrate nagios with livedoc.
- Ensure everything is being monitored by Nagios.
- Create additional nagios distribution lists so that people can receive only the events they care about.
- Ensure we know what every network-attached system is, and add missing ones to RDNS/Documentation
- Improve the security of communication between LDAP and clients
- Use the internal Syslab SSL system to generate and deploy valid SSL certs for LDAP.
- Audit backup system, and ensure disaster recovery plan is complete.
- Make sure mirror is up-to-date, and that it remains so.
- Broaden our selection of available distros on mirror.
- Ensure the mailservers (Casey and Smith) support and use TLS
- Improve logging capability for Syslab systems
- Setup a central syslog collector.
- Ensure all syslab services are using centralized authentication against LDAP.
- ✔ Migrate from a joint Nginx/Apache setup to Nginx-only on WWW.
- ✔ Move web files outside of AFS, possibly to a shared NFS mount stored on Sonic, to decrease latency.
- ✔ Improve security for user web sandboxes.
- ✔ Develop a self-service system to create web-docs and other website spaces after approval.
- Modernize our list server
- Migrate lists to mailman 3.0.
- Investigate setting up eduroam Wi-Fi