1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
|
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<HTML>
<HEAD>
<TITLE> [Mageia-sysadm] Clearifying questions
</TITLE>
<LINK REL="Index" HREF="index.html" >
<LINK REL="made" HREF="mailto:mageia-sysadm%40mageia.org?Subject=Re%3A%20%5BMageia-sysadm%5D%20Clearifying%20questions&In-Reply-To=%3C9934516.0vypeegWjG%40tiger.ranger.dnsalias.com%3E">
<META NAME="robots" CONTENT="index,nofollow">
<META http-equiv="Content-Type" content="text/html; charset=us-ascii">
<LINK REL="Previous" HREF="004718.html">
<LINK REL="Next" HREF="004706.html">
</HEAD>
<BODY BGCOLOR="#ffffff">
<H1>[Mageia-sysadm] Clearifying questions</H1>
<B>Buchan Milne</B>
<A HREF="mailto:mageia-sysadm%40mageia.org?Subject=Re%3A%20%5BMageia-sysadm%5D%20Clearifying%20questions&In-Reply-To=%3C9934516.0vypeegWjG%40tiger.ranger.dnsalias.com%3E"
TITLE="[Mageia-sysadm] Clearifying questions">bgmilne at zarb.org
</A><BR>
<I>Tue Sep 18 18:13:53 CEST 2012</I>
<P><UL>
<LI>Previous message: <A HREF="004718.html">[Mageia-sysadm] Clearifying questions
</A></li>
<LI>Next message: <A HREF="004706.html">[Mageia-sysadm] Clearifying questions
</A></li>
<LI> <B>Messages sorted by:</B>
<a href="date.html#4717">[ date ]</a>
<a href="thread.html#4717">[ thread ]</a>
<a href="subject.html#4717">[ subject ]</a>
<a href="author.html#4717">[ author ]</a>
</LI>
</UL>
<HR>
<!--beginarticle-->
<PRE>On Monday, 17 September 2012 03:45:58 Joerg Stephan wrote:
><i> Hi there,
</I>><i>
</I>><i> nice topics, all of them
</I>><i>
</I>><i> 1. Topic: Virtual Machines
</I>><i> What do we use? xen/kwm/vmware?
</I>
KVM.
><i> I already done automatic setups for xen
</I>><i> machines on our side. I could take a look.
</I>
At $dayjob, we have been running Xen for years as well.
However, we need a well-defined problem statement, and we should look at
current best-of-breed open-source tools to see if they satisfy our
requirements.
The current two IMHO are:
-ovirt (basis for RHEV)
-openstack
There are also some others, but IMHO these have the most developer mindshare
...
For other purposes, I have started packaging openstack, but got stuck at
febootstrap (and some ocaml dependencies). I can provide some more detail,
but, unfortunately these days I am quite pressed for time.
><i> Could be hart whitout accessing
</I>><i> the machines.
</I>
Well, we need a design first, software to be packaged, configurations in
puppet etc. first, before any access is required.
><i> 2. Topic sympa emails
</I>><i> maybe we could maniulate the databases. For we use LDAP shouldnt be the
</I>><i> problem if both systems can interact.
</I>
The question is where to trigger what update based on what action.
We can build all sorts of clever functionality into identity (btw., I am the
original author). I would prefer if such functionality could be plugin-based.
Alternatively, we could handle this all at the LDAP level (e.g. provide for
non-identity changes on LDAP), such as by a script that subscribes to changes
on LDAP via syncrepl, and pushes changes to various systems as appropriate. I
have a number of scripts in production at $dayjob (e.g. one
creates/modifies/deletes accounts on a web hosting control panel). I have some
skeleton code that may be appropriate, but I don't currently have too much
time to update this code, again it should probably be more modular or allow
plugins or modules that can operate on specific changes.
><i> 3. On the Sysadmin side
</I>><i> Backups could be done via bacula.
</I>
We should probably look at all viable alternatives. For example, any reason
not to use amanda? Or rsnapshot?
><i> i could set that up. Would be easy to
</I>><i> integrate that in puppet for the clients. Needs talking about schedule for
</I>><i> incremental and full backups. And i would need access to a backup server.
</I>><i>
</I>><i> 4. This ruby puppet
</I>
What is the problem, that we need to make changes?
><i> I used to not running an puppetd on the none masters. I use a ssh script via
</I>><i> public_key which rtuns the agent on the system when i need it. Its
</I>><i> scripted. So after i made changes to puppet i trigger the script and let
</I>><i> the client run.
</I>><i>
</I>><i> 5. I made a copy of the puppet svn and will have a closer look this evening.
</I>><i>
</I>><i> Kind regards
</I>><i> ________________________________
</I>><i> From: nicolas vigier <<A HREF="https://www.mageia.org/mailman/listinfo/mageia-sysadm">boklm at mars-attacks.org</A>>
</I>><i> To: Mageia Sysadmin discussions <<A HREF="https://www.mageia.org/mailman/listinfo/mageia-sysadm">mageia-sysadm at mageia.org</A>>
</I>><i> Sent: Monday, September 17, 2012 11:01 AM
</I>><i> Subject: Re: [Mageia-sysadm] Clearifying questions
</I>><i>
</I>><i> On Sun, 16 Sep 2012, Joerg Stephan wrote:
</I>><i> > Good morning @All,
</I>><i> >
</I>><i> > i have some questions:
</I>><i> >
</I>><i> > 1. Who can grant me access to the systems?
</I>><i>
</I>><i> We cannot give root access to the servers to anybody who asks. We need
</I>><i> to trust people who get root access, so we need to know them very well,
</I>><i> for a long time, and we need some proof that they will be helpful in
</I>><i> the team and that they know what they are doing, for instance by seeing
</I>><i> that they have made useful contributions to Mageia in the past.
</I>><i>
</I>><i> However there are many areas where it's possible to help without having
</I>><i> root access. For instance :
</I>><i> - we need to find a solution so that email changed on
</I>><i> identity.mageia.org is automatically changed on sympa mailing lists.
</I>><i> This require making some changes to identity and/or sympa.
</I>><i> - we need to make mirrorlist redundant, for instance by allowing
</I>><i> generation of static files by MGA::Mirrors, so that we can copy the
</I>><i> files on a 2nd server, and changing urpmi to be able to use 2 servers
</I>><i> - we need to work on some tools to manage virtual machines creations /
</I>><i> deletions by contributors on a server, to allow them to use test VMs
</I>><i> - there is a lot of bugfix or improvements to be made on build system
</I>><i> tools
</I>><i>
</I>><i> > 2. Do we have a Todo list? Where can i see current projects of the sysadm
</I>><i> > team.
</I>><i> Many bugs are assigned to sysadmin on bugzilla :
</I>><i> <A HREF="https://bugs.mageia.org/buglist.cgi?cmdtype=dorem&remaction=run&namedcmd=sys">https://bugs.mageia.org/buglist.cgi?cmdtype=dorem&remaction=run&namedcmd=sys</A>
</I>><i> admin&sharer_id=69
</I>><i>
</I>><i> A few on the wiki :
</I>><i> <A HREF="https://wiki.mageia.org/en/Category:SysadminTODO">https://wiki.mageia.org/en/Category:SysadminTODO</A>
</I>><i>
</I>><i> And others that you can see by following discussions on mailing lists.
</I>><i>
</I>><i> > 3. What is this: /usr/bin/ruby /usr/sbin/puppetd -o --no-daemonize -l
</I>><i> > syslog i mean, why does rruby start the puppetd (?!?)
</I>><i> Because puppet is written in ruby.
</I>><i>
</I>><i> > 4. Are there ayn meetings scheduled?
</I>><i>
</I>><i> Not at the moment, but we can schedule one if someone thinks there is
</I>><i> important topics to discuss.
</I>><i>
</I>><i> > 5. Do we have a system description, like which server does what?
</I>><i>
</I>><i> You can see that in puppet configuration.
</I>><i>
</I>><i> _______________________________________________
</I>><i> Mageia-sysadm mailing list
</I>><i> <A HREF="https://www.mageia.org/mailman/listinfo/mageia-sysadm">Mageia-sysadm at mageia.org</A>
</I>><i> <A HREF="https://www.mageia.org/mailman/listinfo/mageia-sysadm">https://www.mageia.org/mailman/listinfo/mageia-sysadm</A>
</I>><i> _______________________________________________
</I>><i> Mageia-sysadm mailing list
</I>><i> <A HREF="https://www.mageia.org/mailman/listinfo/mageia-sysadm">Mageia-sysadm at mageia.org</A>
</I>><i> <A HREF="https://www.mageia.org/mailman/listinfo/mageia-sysadm">https://www.mageia.org/mailman/listinfo/mageia-sysadm</A>
</I>-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/mageia-sysadm/attachments/20120918/ca874640/attachment-0001.html>
</PRE>
<!--endarticle-->
<HR>
<P><UL>
<!--threads-->
<LI>Previous message: <A HREF="004718.html">[Mageia-sysadm] Clearifying questions
</A></li>
<LI>Next message: <A HREF="004706.html">[Mageia-sysadm] Clearifying questions
</A></li>
<LI> <B>Messages sorted by:</B>
<a href="date.html#4717">[ date ]</a>
<a href="thread.html#4717">[ thread ]</a>
<a href="subject.html#4717">[ subject ]</a>
<a href="author.html#4717">[ author ]</a>
</LI>
</UL>
<hr>
<a href="https://www.mageia.org/mailman/listinfo/mageia-sysadm">More information about the Mageia-sysadm
mailing list</a><br>
</body></html>
|
