Main Page: Difference between revisions
No edit summary |
No edit summary |
||
| Line 5: | Line 5: | ||
{| | {| | ||
!Management and operation of systems | !Management and operation of systems | ||
| | |- | ||
* [[Home and shared directories]] | * [[Home and shared directories]] | ||
* [[Virtualisation and cloud]] | * [[Virtualisation and cloud]] | ||
* [[Policies]] | * [[Policies]] | ||
* [[Networking]] | |||
* [[Host and server installation and setup]] | |||
* [[User session and account management]] | |||
|} | |} | ||
| Line 14: | Line 17: | ||
* Examine the SyntaxHighlight extension from the point of view of demands on the host (suggested by AndrewT, see also https://phabricator.wikimedia.org/T250763) | * Examine the SyntaxHighlight extension from the point of view of demands on the host (suggested by AndrewT, see also https://phabricator.wikimedia.org/T250763) | ||
* [[Linux namespaces and cgroups]] | * [[Linux namespaces and cgroups]] | ||
* [[Controlling Resources & Privileges with Linux namespaces, cgroups & limits]] | * [[Controlling Resources & Privileges with Linux namespaces, cgroups & limits]] | ||
* [[cfengine - stripped down compared to how it is distributed, m4]] | * [[cfengine - stripped down compared to how it is distributed, m4]] | ||
* [[conform]] - [[nodeinfo]] | * [[conform]] - [[nodeinfo]] | ||
* [[Lab computer auto install]] | * [[Lab computer auto install]] | ||
* [[hostlist.csv]] | * [[hostlist.csv]] | ||
| Line 45: | Line 44: | ||
* [[Kerberos]] | * [[Kerberos]] | ||
* [[LDAP]] | * [[LDAP]] | ||
* [[podman]] | * [[podman]] | ||
* [[pandoc]] | * [[pandoc]] | ||
Revision as of 07:16, 23 Haziran 2022
| Guide to TechDocs for administrators and content creators |
- Home and shared directories
- Virtualisation and cloud
- Policies
- Networking
- Host and server installation and setup
- User session and account management
| Management and operation of systems |
|---|
Grab-bag of unsorted topics
- Examine the SyntaxHighlight extension from the point of view of demands on the host (suggested by AndrewT, see also https://phabricator.wikimedia.org/T250763)
- Linux namespaces and cgroups
- Controlling Resources & Privileges with Linux namespaces, cgroups & limits
- cfengine - stripped down compared to how it is distributed, m4
- conform - nodeinfo
- Lab computer auto install
- hostlist.csv
- host classes
- update_hosts - host generators
- cfengine hub
- run-cf-agent
- check_and_install_promises
- /var/lib/cfengine3/masterfiles -> promises.cf
- /usr/local/warehouse
- /usr/local/administration
- Debian package management - installation, purging, auto update, CSG-managed lists, teaching-managed lists
- /usr/local/extrafiles
- /usr/local/extrapackages - installations triggered by list changes
- Monitoring - nagios, graphing, auto-configuration by update_hosts
- Old UDB
- New UDB
- bandleader
- maillard
- PostFix
- Printing
- Kerberos
- LDAP
- podman
- pandoc
- MediaWiki documentation site management - MySQL DB, /home/mediawiki/images, /home/mwimages/
- Pages yet to be created
Page categories
Introduction
For over twenty years the configuration of CSE's servers and lab computers has been managed by a home-grown product called conform. conform micromanaged the entire filesystem of each computer and handled the copying in of all configuration files, binaries, scripts, libraries, data files, etc, from a central repository called "the conformary" (and NFS server). conform is very powerful, but is also very labour intensive in regards to maintaining the conformary and the thousands of specification files which determine conform's actions. Also, being so old conform lacks many newer ideas such as pre- and post-install scripts. conform is part of the Old World.
The New World grew out a HoS-supported project to move as much CSE infrastructure as possible out of CSE's K17 data centre and into "the cloud", specifically Amazon's AWS. Early on, a decision was made that conform would be left behind and that all new servers and hosts set up in AWS would be managed some other way. This other way ended up being -- after a review of configuration management tools -- a split between cfengine and Debian's apt family of package manager utilities (apt, dpkg, apt-get, apt-file, etc.) In this split, apt handles all Debian package management (mainly installs and updates) and cfengine handles the rest, mostly configuration files.
Debian was chosen because CSE's existing teaching platform was heavily based on Debian and the principle of least surprise was applied.
A bit more specifically, each New World host's filesystem is handled thusly:
| Path | Handled by |
|---|---|
/etc
|
Jointly managed by apt which mostly provides default versions of configuration files, and cfengine which installs CSE-specific versions of configuration files
|
/usr/local/extrafiles/usr/local/extrapackages/usr/local/debpkgs_lists/usr/local/vmimages
|
cfengine
|
/proc/sys/dev
|
The kernel |
/tmp/var
|
Whatever processes are running on the host |
/export
|
The kernel's nfsd (i.e., NFS server)
|
/import/home
|
The automounter |
| Everything else | apt
|
The light-touch approach
There's a philosophy behind the way New World is set up. This is the "light touch approach" and goes like this:
Leave Debian-installed configurations and defaults alone unless there is an actual operational or functional need to be addressed.
Thus:
| Changes for cosmetic reasons | No |
| Changes for management or administrative convenience | No |
| Etcetera | No |
Debian package management (apt)
Configuration management (cfengine)
The cfengine hub.
The split between CSG's and teaching's bailiwicks
Differences between conform and cfengine
MediaWiki installation leftovers
MediaWiki has been installed.
Consult the User's Guide for information on using the wiki software.