Join GitHub today
GitHub is home to over 31 million developers working together to host and review code, manage projects, and build software together.Sign up
Operating System Choices
- Users familiarity with environment (before and after course)
- Hardware support
- Ease of packages installation (assuming the package is available in normal repos)
- Ease of customisation
- Wide range of binary packages available (to meet unforeseen needs)
- Wide range of source packages available (harder to install than binary, but less effort to package)
- Availability of sufficiently modern versions of packages
- Long-term support viability (security updates and bug fixes)
- Quality of available software
- Bug fixes (response to bug reports)
- Virtualisation host support
- Availability of specific software used in SS-E
- +2: Excellent; no issues encountered
- +1: Good; some issues, but fewer than other options; package available in base repositories
- 0: Average; no more or fewer issues than other options; package available in EPEL/Universe
- -1: Poor; more issues than other options; package requires building from source, ports or RPM
- -2: Terrible; unworkable or massively inconvenient; ; package requires building a DEB
Specific packages that are required (or under consideration, or require customisations) for training SS-E. Lacking support for these may be a reason to choose a platform that's less than ideal for other reasons.
- Apache, PHP and PHP-MySQL - often problematic
- [Exim with AUTH_RADIUS, CONTENT_SCAN, MYSQL, SASLAUTHD and SPF] (http://www.ws.afnog.org/afnog2013/sse/#exim) - often problematic
- Dovecot with MySQL
- Could try MailPile instead of SquirrelMail in future?
- FreeRADIUS 2
- libvirt (optional, maybe no practical)
Sticking with FreeBSD this year (2014) because of the reduced number of instructors, and some new instructors, making the burden of rewriting the materials higher.
I believe that we have consent to move to Debian or Ubuntu next year.
Replace Squirrelmail with MailPile
New webmail system, like Gmail, in alpha, difficult to install.
Switch from Exim to Postfix
Exim is hard to use, most people don't need the extra flexibility, but it's a good teaching tool?
How to we want to qualify its use?
RADIUS, LDAP/Active Directory, Kerberos
- ISPs and universities want RADIUS.
- Everyone including them wants LDAP.
- LDAP + Kerberos gives us passwordless token login between systems.
Options suggested: Puppet, Chef, Ansible.
Parked as inappropriate for now.
Requested by participants
- "Scalable Opensource Storage Solutions eg Openstack, Eucalyptus
- Efficient Logfile Managment, centralized syslog
- Daily reporting (logwatch?)
- Enterprise Intrusion Detection
- Scalable services:
As sysadmin on the biggest ISP in Benin, we used to set up servers. Most of the time, we put all application dependencies on the same server: database server, http server, dns server, mail server, etc. We know that this is a very, very bad approach, but sometimes, we did not have the choice. Moving forward, we use a "distributed" approach: use database from another server, or dns from another server for example.
But we notice that, even with internal users (employees) those solutions did not work well when number of users trying to use the same resources (applications) is large (continuously growing) or when there is high latency on network. For external users (clients, suppliers, on field technicians), it's worst. Before, we were thinking that, we can solve this issue by using server with more capacity (more memory, more disk capacity, more processor, etc) and by given big bandwidth on datacenter network access.
Unfortunately, none of those solutions works as expected. So we are planning to set a high availability infrastructure in our datacenter to better serve users. Based on our reading on the field, we have general ideas: set a load balancer, put servers in cluster, etc. The technical workshop on Scalable Internet Services is an opportunity to finally get accurate knowledge and really learn by practice.
Are we actually going to address this? For which servers? What are the real underlying problems?