diff options
Diffstat (limited to 'zarb-ml/mageia-sysadm/2010-October/000044.html')
| -rw-r--r-- | zarb-ml/mageia-sysadm/2010-October/000044.html | 157 |
1 files changed, 157 insertions, 0 deletions
diff --git a/zarb-ml/mageia-sysadm/2010-October/000044.html b/zarb-ml/mageia-sysadm/2010-October/000044.html new file mode 100644 index 000000000..dc44aba04 --- /dev/null +++ b/zarb-ml/mageia-sysadm/2010-October/000044.html @@ -0,0 +1,157 @@ +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> +<HTML> + <HEAD> + <TITLE> [Mageia-sysadm] planning for sysadmin task + </TITLE> + <LINK REL="Index" HREF="index.html" > + <LINK REL="made" HREF="mailto:mageia-sysadm%40mageia.org?Subject=Re%3A%20%5BMageia-sysadm%5D%20planning%20for%20sysadmin%20task&In-Reply-To=%3C201010251024.52483.bgmilne%40multilinks.com%3E"> + <META NAME="robots" CONTENT="index,nofollow"> + <META http-equiv="Content-Type" content="text/html; charset=us-ascii"> + <LINK REL="Previous" HREF="000042.html"> + <LINK REL="Next" HREF="000045.html"> + </HEAD> + <BODY BGCOLOR="#ffffff"> + <H1>[Mageia-sysadm] planning for sysadmin task</H1> + <B>Buchan Milne</B> + <A HREF="mailto:mageia-sysadm%40mageia.org?Subject=Re%3A%20%5BMageia-sysadm%5D%20planning%20for%20sysadmin%20task&In-Reply-To=%3C201010251024.52483.bgmilne%40multilinks.com%3E" + TITLE="[Mageia-sysadm] planning for sysadmin task">bgmilne at multilinks.com + </A><BR> + <I>Mon Oct 25 11:24:51 CEST 2010</I> + <P><UL> + <LI>Previous message: <A HREF="000042.html">[Mageia-sysadm] planning for sysadmin task +</A></li> + <LI>Next message: <A HREF="000045.html">[Mageia-sysadm] planning for sysadmin task +</A></li> + <LI> <B>Messages sorted by:</B> + <a href="date.html#44">[ date ]</a> + <a href="thread.html#44">[ thread ]</a> + <a href="subject.html#44">[ subject ]</a> + <a href="author.html#44">[ author ]</a> + </LI> + </UL> + <HR> +<!--beginarticle--> +<PRE>On Sunday, 24 October 2010 11:58:26 Olivier Thauvin wrote: +><i> * Michael Scherer (<A HREF="https://www.mageia.org/mailman/listinfo/mageia-sysadm">misc at zarb.org</A>) wrote: +</I>><i> > Hi, +</I>><i> > +</I>><i> > so now the server are in place, we have to install them. Here is a +</I>><i> > proposal of the needed services : +</I>><i> > +</I>><i> > Then we need to deploy the basic infrastructure for us. Again, I assume +</I>><i> > that no one is against apache : +</I>><i> > - ldap ( valstar or alamut ? ) +</I> +At this stage, I am thinking that we may want 3 servers running LDAP: +-Master LDAP server, which is primarily not used by read-only clients. I +haven't tested referrals yet in my app, so for now CatDap will probably need +to use it. Could possibly be used as fall-back for either of the slaves +-1 slave used primarily for infrastructure support, but not exposed to much +external traffic. Mostly nss_ldap/pam_ldap on build hosts, and any other +infrastructure stuff which we decide to put in LDAP. If the total userbase is +too large we could consider a partial replica (e.g. only posixAccount +entries), though we may need to test this a bit ... +-1 slave used primarily for external traffic, e.g. forum, wiki etc. This could +be the web server running some of these applications. + +If this is excessive, we could consider combining master and internal read +access on one server (but I would prefer to have at least one fall-back + +><i> > - apache +</I>><i> > - buchan application +</I> +Interim name for my app is CatDap, but feel free to suggest a better name. + +><i> May I suggest to setup all our web on same server, especially since a +</I>><i> lot use perl-Catalyst (buchan's one, epoll and the one I did to manage +</I>><i> mirror). +</I>><i> +</I>><i> May I also suggest all our web be installed using RPM ? +</I>><i> Notice I got some issue using catalyst in fcgi mod, but it works fine in +</I>><i> server mode + apache as proxy. +</I> +I will try and create a package today. I think all the dependencies should be +available for Mdv2010.0 and up. However, if we want to have any contributions +(skinning work from web team, localisations) with quick testing, it may be +useful to run one instance from an svn checkout. + +BTW., do we want to run these apps on separate virtual hosts? Should I ship +vhost definition in apache config (e.g. for identity.mageia.org)? + +><i> > - create account for us. +</I> +Set up host authentication to LDAP first? We will need SSL certificates for +LDAP hosts as well. Self-signed certs or certs from self-signed CA are fine. + +><i> Yup, especially if we have to work on them :) +</I> +I have created some accounts in LDAP, and I am happy to create any we need to +proceed to the point where the account registration portion of CatDap is +running. However, I think we may want to get internal use of it (for +registration) before opening the gates ... + +Also, I probably need to start work on the admin features, for now I am +planning: +-user modification (e.g. add posixAccount to existing user account, modify any +attributes necessary manually, +-group management (add groups, modify group membership etc.) + +Please let me know what other features are important sooner than later. + +><i> > Then we have to take care of installing the first web applications, and +</I>><i> > that requires a db : +</I>><i> > - postgresql ( alamut ) +</I>><i> > - epoll ( alamut ) +</I>><i> +</I>><i> + MGA::Mirror, the tools currently on distrib-coffee to manage mirrors. +</I>><i> +</I>><i> I want to migrate it ASAP because http on distrib-coffee is not reliable +</I>><i> due to load made by some distributions. +</I>><i> +</I>><i> Can I take this part since I know pgsql and I'll need them myself. +</I>><i> +</I>><i> BTW: I hope pgsql can have a dedicated fs, it can help to avoid out of +</I>><i> space. +</I>><i> +</I>><i> > then the rest is less prioritary : +</I>><i> > - postfix ( alamut ) +</I>><i> > - migrate to sympa ( alamut ) +</I>><i> > - enter everybody in the ldap +</I>><i> > - nagios/munin ( or similar ) ( alamut ) +</I> +xymon? + +><i> > - migrate blogs +</I>><i> > - migrate wiki +</I>><i> > - nanar application for mirror +</I>><i> +</I>><i> Once pgsql + catalyst is installed, this part is easy to do. Notice it +</I>><i> need a MTA to work, only to send mail. +</I> +CatDap also requires an MTA for registration (sending only). + +Regards, +Buchan +</PRE> + + +<!--endarticle--> + <HR> + <P><UL> + <!--threads--> + <LI>Previous message: <A HREF="000042.html">[Mageia-sysadm] planning for sysadmin task +</A></li> + <LI>Next message: <A HREF="000045.html">[Mageia-sysadm] planning for sysadmin task +</A></li> + <LI> <B>Messages sorted by:</B> + <a href="date.html#44">[ date ]</a> + <a href="thread.html#44">[ thread ]</a> + <a href="subject.html#44">[ subject ]</a> + <a href="author.html#44">[ author ]</a> + </LI> + </UL> + +<hr> +<a href="https://www.mageia.org/mailman/listinfo/mageia-sysadm">More information about the Mageia-sysadm +mailing list</a><br> +</body></html> |