[Systems] Upcoming sysadmin tasks (Was: My Sugar Labs Membership)

Bernie Innocenti bernie at codewiz.org
Tue Oct 6 17:17:46 EDT 2009

Previous message: [Systems] Upcoming sysadmin tasks (Was: My Sugar Labs Membership)
Next message: [Systems] Upcoming sysadmin tasks (Was: My Sugar Labs Membership)
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Oops, my fingers slipped on ctrl+enter while I was typing furiously.
I'm late for a math class.

El Tue, 06-10-2009 a las 16:53 -0400, Bernie Innocenti escribió:
> Provisioning is starting to become a problem: creating accounts on
> multiple machines and distributing ssh keys does not scale well.  I
> think we should investigate a centralized solution such as ssh+lpk or a
> distrib

...distribution system for the public keys.

We could also employ secured NFSv4 (or perhaps CIFS with the POSIX
extensions) to share specific home directories between sunjammer and
beamrider.  Not all users of sunjammer would have a shell account on
beamrider, only those who need to admin specific applications.  We'd
still use POSIX groups to reduce the number of people which need root
access to a reasonable minimum.


> Finally, I'd like to move the master nameserver and LDAP 

...to a new VM hosted on treehouse (working name "atombender", after the
bad guy in Impossible Mission).  This machine would be higher security,
with only 3 or 4 admins and no user accounts or web applications.

Munin should also move away from sunjammer, perhaps on treehouse.

The number of machines is growing fast.  Sascha proposed adopting Bcfg2
<http://trac.mcs.anl.gov/projects/bcfg2> to centrally manage them.  He
will investigate and report back.

I feel that the Infrastructure Team is also growing large enough that
we'd have to resume the weekly Infrastructure Team meetings.  It would
be great if someone less busy and more reliable than me took the role of
chairing our meetings.  Perhaps Henry or Dogi would like to offer their
experience as OLPC VIG coordinators?


> > I thank you for the offer, I managed to point the domains
> > (somosazucar.org+.com+.net)
> > to SL nameservers.

Ok, I'll add zones for them later today.


> > What I'd like to do is have a wiki at pe.sugarlabs and point the new
> > domains there to begin with. Let me know how I can help with this. Also,
> > should I go register a new google apps account for emails, or do we add the new domains to
> > the sugarlabs google apps account? Let me know whatever is less work for you.

Let's discuss how to setup the wiki instance on IRC later tonight if
you're available.

For Google Apps, David has always done the initial work and then passed
administratorship to me.  I'll ask him.

-- 
   // Bernie Innocenti - http://codewiz.org/
 \X/  Sugar Labs       - http://sugarlabs.org/

Previous message: [Systems] Upcoming sysadmin tasks (Was: My Sugar Labs Membership)
Next message: [Systems] Upcoming sysadmin tasks (Was: My Sugar Labs Membership)
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Systems mailing list