|
Size: 1499
Comment: syntax error
|
← Revision 11 as of 2014-04-18 13:36:00 ⇥
Size: 3479
Comment:
|
| Deletions are marked like this. | Additions are marked like this. |
| Line 5: | Line 5: |
| If you'd like to help, just join and email the [[https://lists.hcoop.net/listinfo/hcoop-sysadmin|administrators mailing list]]! | If you'd like to help, just join and email the [[https://lists.hcoop.net/listinfo/hcoop-sysadmin|administrators mailing list]]! No offer of free labor shall be refused. |
| Line 7: | Line 7: |
| == Replacinging Mire == | == Replacinging Old Machines == |
| Line 9: | Line 9: |
| Mire is a crufty old ... mire of a machine. See FritzVirtualization for details on its replacement. | |
| Line 11: | Line 10: |
| == Short term == | === Deleuze === |
| Line 13: | Line 12: |
| * Find new admins * Work out physical access situation * Get new web services VM online * Get new member shell / daemon VM online |
Although still serving us well, Deleuze's Debian install is hopelessly obsolete, and its total horsepower equals about 1/8th of a modern low cost server. The quickest way to replace it will be to acquire a new kvm server, and then spin up a pair of KernelVirtualMachine``s to serve the few remaining services on Deleuze: * base node (on the metal): AndrewFileSystem servers that can be made redunant (read only copies of common volumes, ptsserver, ...), possibly MitKerberos KDC slave * [[ServerMccarthy|mccarthy]]: domtool-server, general admin node (for e.g. building packages, creating users) * ''unnamed'': courier imap, exim Things deleuze does: (incomplete, probably) * Generated webalizer pages * Portal hosting * domtool-server * Mail delivery and filtering (exim, exim filters, procmail) * Mail access (courier imap/pop) * Mailman * List delivery/archiving (stored locally!) * Web serving of list archives/management interfaces * Web serving hcoop.net * Cannot easily convert to domtool config because of `mod_userdir` * Squirrelmail hosting * AndrewFileSystem servers * bos, vos, maybe others. == New Server / Rack Cleanup == See NewServerDiscussion2013. We also completed some cleanup during [[OnSiteVisits/20130626]] and [[OnSiteVisits/20130627]]. == Immediate Tasks == * '''ASAP''' Find new admins * ClintonEbadi is the only active admin (DavorOcelic still assists with emergency tasks and processing of permissions requests -- ClintonEbadi <<DateTime(2012-09-04T01:28:39-0400)>>). This is problematic because ClintonEbadi is only one person, can fake being a sysadmin most days but has holes in his knowledge, and the coop would be screwed should his bicycle and a bus meet. * SrikanthSastry has volunteered to do front line support and handle OnSiteVisits. * It's hard to become an HCoop sysadmin, but a lot of work has been done in 2012 to make it easier... if you're interested please mail the administrators list! Anyone with experience administering exim and courier imap would be extremely helpful as of September 2012. * HeartbleedAftermath - 2014 spring security clean-up. |
| Line 20: | Line 51: |
| * Spring 2012: Kill mire * Fall 2012: Kill deleuze * Winter 2012: Acquire more disk space * Summer/Fall 2013: Acquire another 8-core monstrosity (KVM server, redundantly serving everything on fritz?) |
* Summer/Fall 2013: Acquire install Power``Edge R515 * Fall/Winter 2013: Kill deleuze * Winter 2013: Upgrade to AndrewFileSystem 1.6, rekey cell * Spring 2014: Upgrade member services to wheezy |
| Line 30: | Line 61: |
| * imap (courier authdaemon needs [or needed] a patch to work properly, converting to Dovecot has its own set of difficulties) | * IMAP (courier authdaemon needs [or needed] a patch to work properly, converting to Dovecot has its own set of difficulties) |
This page is meant to be an aid to our bug-tracker, in the case where several tasks are woven together via dependencies. Within a section, tasks are listed in order of which needs to be done first.
If you'd like to help, just join and email the administrators mailing list! No offer of free labor shall be refused.
Replacinging Old Machines
Deleuze
Although still serving us well, Deleuze's Debian install is hopelessly obsolete, and its total horsepower equals about 1/8th of a modern low cost server.
The quickest way to replace it will be to acquire a new kvm server, and then spin up a pair of KernelVirtualMachines to serve the few remaining services on Deleuze:
base node (on the metal): AndrewFileSystem servers that can be made redunant (read only copies of common volumes, ptsserver, ...), possibly MitKerberos KDC slave
mccarthy: domtool-server, general admin node (for e.g. building packages, creating users)
unnamed: courier imap, exim
Things deleuze does: (incomplete, probably)
- Generated webalizer pages
- Portal hosting
- domtool-server
- Mail delivery and filtering (exim, exim filters, procmail)
- Mail access (courier imap/pop)
- Mailman
- List delivery/archiving (stored locally!)
- Web serving of list archives/management interfaces
- Web serving hcoop.net
Cannot easily convert to domtool config because of mod_userdir
- Squirrelmail hosting
AndrewFileSystem servers
- bos, vos, maybe others.
New Server / Rack Cleanup
See NewServerDiscussion2013. We also completed some cleanup during OnSiteVisits/20130626 and OnSiteVisits/20130627.
Immediate Tasks
ASAP Find new admins
ClintonEbadi is the only active admin (DavorOcelic still assists with emergency tasks and processing of permissions requests -- ClintonEbadi 2012-09-04 05:28:39). This is problematic because ClintonEbadi is only one person, can fake being a sysadmin most days but has holes in his knowledge, and the coop would be screwed should his bicycle and a bus meet.
SrikanthSastry has volunteered to do front line support and handle OnSiteVisits.
- It's hard to become an HCoop sysadmin, but a lot of work has been done in 2012 to make it easier... if you're interested please mail the administrators list! Anyone with experience administering exim and courier imap would be extremely helpful as of September 2012.
HeartbleedAftermath - 2014 spring security clean-up.
Long Term
Summer/Fall 2013: Acquire install PowerEdge R515
- Fall/Winter 2013: Kill deleuze
Winter 2013: Upgrade to AndrewFileSystem 1.6, rekey cell
- Spring 2014: Upgrade member services to wheezy
Neglected tasks
BackupInfo situation really, really sucks. I'd use stronger language if children weren't around.
- Services need updating to latest versions (lots of config merging and testing):
- Exim
- IMAP (courier authdaemon needs [or needed] a patch to work properly, converting to Dovecot has its own set of difficulties)
- Mailman (not clear how to have mailman stuff generated on a machine other than the mail delivery node)
Tasks which non-admins can do, too
See HcoopVolunteerTasks for a list of things non-admins can help with.