Operating System Choices

Chris Wilson edited this page Apr 27, 2014 · 1 revision

Extracted from the discussion on our mailing list.

Operating system

  • Users familiarity with environment (before and after course)
  • Hardware support
  • Ease of packages installation (assuming the package is available in normal repos)
  • Ease of customisation
  • Wide range of binary packages available (to meet unforeseen needs)
  • Wide range of source packages available (harder to install than binary, but less effort to package)
  • Availability of sufficiently modern versions of packages
  • Long-term support viability (security updates and bug fixes)
  • Quality of available software
  • Bug fixes (response to bug reports)
  • Virtualisation host support
  • Availability of specific software used in SS-E

Grades

  • +2: Excellent; no issues encountered
  • +1: Good; some issues, but fewer than other options; package available in base repositories
  • 0: Average; no more or fewer issues than other options; package available in EPEL/Universe
  • -1: Poor; more issues than other options; package requires building from source, ports or RPM
  • -2: Terrible; unworkable or massively inconvenient; ; package requires building a DEB

SS-E requirements

Specific packages that are required (or under consideration, or require customisations) for training SS-E. Lacking support for these may be a reason to choose a platform that's less than ideal for other reasons.

Comparison spreadsheet

https://docs.google.com/a/aptivate.org/spreadsheet/ccc?key=0AjX4PdSQsGYMdDhDRGkyb3NqQUJBWWUyZGUwbmYtNVE#gid=0

Current status

Sticking with FreeBSD this year (2014) because of the reduced number of instructors, and some new instructors, making the burden of rewriting the materials higher.

I believe that we have consent to move to Debian or Ubuntu next year.

Future developments

Replace Squirrelmail with MailPile

New webmail system, like Gmail, in alpha, difficult to install.

Switch from Exim to Postfix

Exim is hard to use, most people don't need the extra flexibility, but it's a good teaching tool?

DNSSEC

How to we want to qualify its use?

RADIUS, LDAP/Active Directory, Kerberos

  • ISPs and universities want RADIUS.
  • Everyone including them wants LDAP.
  • LDAP + Kerberos gives us passwordless token login between systems.

DevOps

Options suggested: Puppet, Chef, Ansible.

Parked as inappropriate for now.

Requested by participants

  • "Scalable Opensource Storage Solutions eg Openstack, Eucalyptus
  • Efficient Logfile Managment, centralized syslog
  • Syslog/ng
  • Daily reporting (logwatch?)
  • Enterprise Intrusion Detection
  • Scalable services:

As sysadmin on the biggest ISP in Benin, we used to set up servers. Most of the time, we put all application dependencies on the same server: database server, http server, dns server, mail server, etc. We know that this is a very, very bad approach, but sometimes, we did not have the choice. Moving forward, we use a "distributed" approach: use database from another server, or dns from another server for example.

But we notice that, even with internal users (employees) those solutions did not work well when number of users trying to use the same resources (applications) is large (continuously growing) or when there is high latency on network. For external users (clients, suppliers, on field technicians), it's worst. Before, we were thinking that, we can solve this issue by using server with more capacity (more memory, more disk capacity, more processor, etc) and by given big bandwidth on datacenter network access.

Unfortunately, none of those solutions works as expected. So we are planning to set a high availability infrastructure in our datacenter to better serve users. Based on our reading on the field, we have general ideas: set a load balancer, put servers in cluster, etc. The technical workshop on Scalable Internet Services is an opportunity to finally get accurate knowledge and really learn by practice.

Are we actually going to address this? For which servers? What are the real underlying problems?

Clone this wiki locally
You can’t perform that action at this time.
You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session.
Press h to open a hovercard with more details.