[Systems] Hosting with SL
Stefan Unterhauser
stefan at unterhauser.name
Wed Aug 20 18:22:28 EDT 2014
Hi all,
I am dogi devops and take physically care of all the sugarlabs machines
hosted in the medialab
I am also the main user (virtually) of freedom
sorry for my delay,
and sorry for this long email
but I was busy fixing all the boot issues in the VMs which was hosted on
freedom
<http://munin.treehouse.su/gar/DOMs/freedom.treehouse.su/libvirt.html>
this was due the reboot after the upgrade to 14.04
there are 23 VMs on this machine (17 of them are active)
even it looks like 2 days of stable running we will know earliest by the
end of the month (monthly cron),
if all stuff we tweaked the virtual machine host (freedom) survived the
upgrade to 14.04
anyway bernie thank you for all your help with upgrade :)
but keeping in mind that disk I/O shortage is causing an average load of 5
I wonder if our best bet for testing is freedom
I think the best way of spooling this docker thing ;) down gracefully
is to do it at least for now treehouse.treehouse.su
<http://munin.treehouse.su/gar/DOMs/treehouse.treehouse.su/index.html>
treehouse is as freedom and justice
<http://munin.treehouse.su/gar/DOMs/justice.treehouse.su/libvirt.html> a
64GB ram machine, has 12cores in 2cpus instead of 8
and is right now in the last process of harddrive testing
one of the 2 refurbished hd-drives already failed :( -> I need only one to
last
I have there two raid1's over at least 3 (sometimes 4) harddrives one in hd
and the other in ssd ;)
so far I run there some tiny experiments like http://chat.media.mit.edu,
http://genome.media.mit.edu:8003, farmier and dirt are both drupals ...
treehouse so far is a machine with a plain new ubuntu 14.04 install and is
supposed to be next production machine
for all the valuable experiments on freedom like http://publiclab.org
some of you may wonder what treehouse(.su/gar) as an entity is,
it is a loose group of devops and ala
which are using the IRC channel #treehouse
<http://chat.media.mit.edu/?channels=treehouse&nick=> on oftc.net to share
and an learn about systems administration
and got created 2009 backed up by necsys
<http://web.media.mit.edu/~mbletsas/> of medialab with the intention to
middle between sugarlabs and olpc in form of 2 servers -> treehouse and
housetree
anyway on #treehouse irc channel right now there are at least 4 people with
docker experience
isforinsects <https://github.com/GITenberg/> (former olpc sysadmin)
nicocesar <https://github.com/nicocesar> (fsf sysadmin)
itamarst <https://github.com/itamarst> (https://clusterhq.com/ and flocker!)
and
myself ... yes did already do 18 months ago first experiments ...
I did end up scratching them -> not stable enough at the time ;(
-> but I have a lot of ssh tunnel experience :P
also forgot freedom, justice, treehouse and housetree (-> working on a
clusterhq version with zfs) are all in the same serverroom
long email short
I strongly advise not shaking freedom right now more then necessary (only
one new thing (update to 14.04) at the time),
but can offer temporary access to treehouse which is a machine on its way
to be a new production machine
Hereby I officially add bernie as root user on new treehouse ;)
if all of you send me sshkeys and perferred username I can hook you up
xo
dogi
PS: email is not my forte ... will try to be shorter next time ;) -> I
strongly prefer IRC or other sync media :P
On Wed, Aug 20, 2014 at 8:38 AM, Prasoon Shukla <prasoon92.iitr at gmail.com>
wrote:
> Hey all. Just got back from classes.
>
> @Matthew, @Sam: I have no idea how ssh tunneling works and I've never done
> it before, so I guess if you guys think it's alright then it's fine by me,
> too.
> ᐧ
>
>
> On Wed, Aug 20, 2014 at 3:49 PM, Sam P. <sam.parkinson3 at gmail.com> wrote:
>
>> I like Matthew's the idea of ssh proxying it, but wouldn't a nginx/apache
>> proxy be more appropriate? That seems to be how all the other SL stuff
>> goes.
>>
>> Did you dockerify the redirector thing? Just wondering :)
>>
>>
>> On Wed, Aug 20, 2014 at 8:44 AM, Matthew Ciao <matthew at laptop.org.au>
>> wrote:
>>
>>> On Wednesday, 20 August 2014, Bernie Innocenti <bernie at sugarlabs.org>
>>> wrote:
>>>
>>>> Status update: Freedom is now running Ubuntu 14.04 and still holding
>>>> well.
>>>>
>>>> I installed docker.io and tried setting up a simple container to ensure
>>>> everything works. It did.
>>>
>>>
>>> Nice one!
>>>
>>>
>>>>
>>>> Now we'd be ready to deploy your image and experiment with it. Sam &
>>>> Matthew: what should I do next? I guess you need a public ip and a dns
>>>> entry for it?
>>>
>>>
>>> For testing purpose I'd SSH tunnel into the system and use dynamic port
>>> forwarding to the application listening on localhost.
>>>
>>> That way you don't need to bind Docker to a WAN facing interface.
>>>
>>> It's a good security measure that avoids exposing the testing instance
>>> until is fully ready and secured.
>>>
>>> If security is not a concern in this case, then public IP and a DNS
>>> CNAME record should do the trick!
>>>
>>> Sam/Prasoon what do you think?
>>>
>>> Cheers
>>>
>>>
>>>>
>>>> For fast turnaround, please chat me on #sugar, as I don't check my
>>>> personal email very often during work days.
>>>>
>>>> On 08/18/2014 10:20 PM, Matthew Ciao wrote:
>>>> > Sure, I'm always on IRC #olpc-au (@freenode) but if you let me know
>>>> > where you folks hang out I'll be there..
>>>> >
>>>> >
>>>> > On 19 August 2014 12:16, Bernie Innocenti <bernie at sugarlabs.org
>>>> > <mailto:bernie at sugarlabs.org>> wrote:
>>>> >
>>>> > Dogi and I are meeting at my place in 20 minutes to start
>>>> upgrading
>>>> > freedom to Ubuntu 14.04.
>>>> >
>>>> > Then we'll install Docker. If you'll be around in about 1h, any
>>>> help is
>>>> > welcome.
>>>> >
>>>> >
>>>> > On 08/18/2014 10:14 PM, Matthew Ciao wrote:
>>>> > > Hi folks,
>>>> > >
>>>> > > I have some experience with Docker on virtualized systems (KVM)
>>>> -
>>>> > we use
>>>> > > it to run our build/cross-compile environments for low level
>>>> driver
>>>> > > development here at OLPCAU.
>>>> > >
>>>> > > Glad to lend a hand if needed however Bernie was first so I am
>>>> > second in
>>>> > > the queue of available people for this project :)
>>>> > >
>>>> > >
>>>> > > On 19 August 2014 07:06, Sam P. <sam.parkinson3 at gmail.com
>>>> > <mailto:sam.parkinson3 at gmail.com>
>>>> > > <mailto:sam.parkinson3 at gmail.com
>>>> > <mailto:sam.parkinson3 at gmail.com>>> wrote:
>>>> > >
>>>> > > Hey,
>>>> > >
>>>> > > > What access level do you need in order to setup and
>>>> > configure your
>>>> > > > container(s)? I'd rather not give out root access to our
>>>> > production
>>>> > > > hosts, but several SL sysadmins can help you.
>>>> > >
>>>> > > Normally you need root but you can set up a docker group:
>>>> > >
>>>> >
>>>> https://docs.docker.com/installation/binaries/#giving-non-root-access
>>>> > >
>>>> > > Sam
>>>> > >
>>>> > >
>>>> >
>>>> >
>>>> > --
>>>> > Bernie Innocenti
>>>> > Sugar Labs Infrastructure Team
>>>> > http://wiki.sugarlabs.org/go/Infrastructure_Team
>>>> >
>>>> >
>>>>
>>>>
>>>> --
>>>> Bernie Innocenti
>>>> Sugar Labs Infrastructure Team
>>>> http://wiki.sugarlabs.org/go/Infrastructure_Team
>>>>
>>>
>>
>
> _______________________________________________
> Systems mailing list
> Systems at lists.sugarlabs.org
> http://lists.sugarlabs.org/listinfo/systems
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sugarlabs.org/private/systems/attachments/20140820/f0aa5714/attachment.html>
More information about the Systems
mailing list