[sf-lug] Regarding the "new" (Silicon Mechanics) SF-LUG box ...
Michael Paoli
Michael.Paoli at cal.berkeley.edu
Tue Jun 3 04:31:07 PDT 2008
Regarding the "new" (Silicon Mechanics) SF-LUG box ...
Some various informational points, etc., in not necessarily any
particular order:
About a week or two ago, I did create a nice fresh image on USB stick
suitable for doing network install of Debian (most current stable, so
that's more current than image I earlier created for Jim Stockford; I
was also going to post a simple how-to on creating that (maybe I will
yet) ... but the Debian documentation on that is pretty
straight-forward anyway).
At least some bits of communications about setting up the new boxen,
and administration thereof has happened off-list ... quite a while back
I suggested to Jim Stockford and Nathan Kuriger that we set up an email
alias for communications about administration matters regarding SF-LUG
boxen (most notably so that A) I/we might actually notice such
communications in a reasonably timely manner (I frequently get quite
behind in reading/skimming the SF-LUG list and might potentially miss
stuff there), and B) it could be suitable for any items that would
possibly not be suitable for on-list (e.g. possibly security sensitive
matters) ... I believe I did set up such an alias ... yes, did ... I'll
send 'em a reminder in case they might possibly have forgotten (haven't
put it on-list, mostly to keep it from picking up lots more spam ...
it's basically a dumb forwarder).
So, when do "we" (me/Jim/Nathan) (plus anyone else we want to invite to
tag along) want to set up this new box? This week (through this coming
weekend) is out for me, as I'm on-call for work, ... but maybe an
upcoming Monday evening other than when SF-LUG meets?
Got IPMI[1]? I believe we also got an IPMI card/module for this system
which we also still "need" to install (which will significantly ease
some important aspects of remote administration).
KVM over IP / terminal server - I got donated to BALUG[2] (which we'll
share use of with SF-LUG and possibly others (e.g. SFCCP)) a quite
capable KVM[4] over IP / terminal server device - this will allow
remote KVM access; also has some fairly capable networking capabilities
- could likely do some NAT with it so that the IPMI could be accessed
without consuming yet another Internet IP.
The gameplan has changed a bit since the box was first obtained by Jim
for SF-LUG, but I believe the present (target) gameplan is:
* Set up base (host) OS with Debian (fairly minimal, quite secure, very
limited access)
* Set up VMs (e.g. Xen and/or KVM[5], etc.), for:
* SF-LUG
* BALUG
* utility/test/training
* ...?
Note that the VMs can be quite independent of the host OS (e.g. they
could be a completely different flavors of Linux, and with full
virtualization, quite fully different operating systems).
Once the base VMs are set up (or at least started so they can be
administered), from that point most aspects of things within the VMs
can be maintained by whatever person(s) are allowed and willing to work
on such.
VMs were set up earlier on the box (and I believe are still there
presently), but there (for various reasons) has been a change in plans
on how the base system should be built. In any case, once the host OS
is rebuilt, the existing VMs can be redeployed pretty much (if not
exactly?) as they currently exist ... if that's desired ... or rebuilt,
or put in place from some existing VM image or copy.
There's a bunch of stuff to be transfered, at some point, off of the
"old" (sf-lug.com) box ... many of those items are rather critical to
BALUG (e.g. BALUG uses such to manage much production BALUG stuff,
among other functionality), and probably at least fairly important to
SF-LUG (e.g. wiki and various documentation and information, etc.).
So, there's a fair bit of work (most notably coordination and timing)
when things are to be moved off of there (and onto new location(s)).
And yes, BALUG has a fair bit of stuff on shared SF-LUG resources,
along with some Untangle, and member supplied DreamHost.com resources.
This:
http://www.balug.org/dns/
may give one a very rough idea of some of those bits that are scattered
about (those with sf-lug in the name generally reflect a resource on or
targeted to be on some shared SF-LUG resource).
Hmmmm.... Silicon Mechanics acknowledgement/logo ... BALUG will
probably (at least eventually) have something like that too - due to
use of the shared resource, e.g. roughly like (an incomplete draft):
http://www.test.balug.org/mpaoli/contributing/
references/excerpts:
1. Intelligent Platform Management Interface
2. Bay Area Linux Users Group http://www.balug.org/
3. San Francisco Community Colocation Project http://www.sfccp.net/
4. Keyboard Video Mouse, not to be confused with [5]
5. Kernel Virtual Machine, not to be confused with [4]
http://www.debian.org/
http://www.centos.org/
A Xen kind of experience:
http://linuxmafia.com/pipermail/sf-lug/2008q1/004135.html
> Date: Mon, 02 Jun 2008 09:55:02 -0700
> From: jim <jim at well.com>
> Subject: [sf-lug] sf-lug news update
> To: Linux user Group <sf-lug at linuxmafia.com>
>
> * volunteer to do some sysadm work, especially
> help bring the new box online (it's a XEN-based
> host that supports separate VMs for sf-lug.com,
> balug.org, and a generic community do-gooders
> host. also, take charge of some services or
> some part of the web page tree.
> Date: Mon, 02 Jun 2008 16:31:24 -0700
> From: jim <jim at well.com>
> Subject: Re: [sf-lug] sf-lug news update
> Cc: sf-lug at linuxmafia.com
>
> second tho't: there are no preconditions, only biases.
> the way things worked, the new machine is running
> CentOS 5.<something-or-another> with a XEN kernel.
> the balug VM is a debian distro. i forget what the
> sf-lug VM is. i forget what the general purpose VM
> is, too. shame on me, i'll look things up.
>
> the DNS registration fees, the current box (which i
> bought specially for this purpose, but i'll get it
> back after we put in the new box, donated by silicon
> mechanics, whose logo we should add to the sf-lug
> web page). the time costs are more significant: help
> with various community projects, sys adm the machine,
> Date: Mon, 02 Jun 2008 16:46:20 -0700
> From: jim <jim at well.com>
> Subject: Re: [sf-lug] sf-lug news update
> To: Ola Peters <opeters at pacbell.net>
> Cc: Linux user Group <sf-lug at linuxmafia.com>
>
> help, help, oh golly help with this damned XEN
> VM. not just the XEN-specific sysadm stuff but the
> job of bringing over the stuff from the current
> box to the new VM host. NOTE that things always go
> better if we have a pal or two we can work with,
> so if you want to learn or mentor, that should be
> a big plus in contributing. we can do this with
> email and our existing shell accounts on the
> current box. First step is to divide the work
> (parts of the web page tree, various server
> config...).
> Date: Mon, 02 Jun 2008 16:49:52 -0700
> From: jim <jim at well.com>
> Subject: Re: [sf-lug] sf-lug news update
> Cc: sf-lug at linuxmafia.com
>
> michael paoli seems to have gotten a debian
> distro on the balug VM, he may welcome a pal
> to help out.
> shame on me, but i've forgotten exactly what
> the sf-lug VM is, i think CentOS 5.X, likewise
> the general purpose community do-gooder VM.
> the current box runs nagios and osiris as
> well as HTTPD and a few other services that'll
> have to be moved over from the current box. it
> would help to improve the config of those
> servers. i bet you'd have ideas for improving
> security, too.
More information about the sf-lug
mailing list