SAC Service Status

Infrastructure of OSGeo System Administration Committee (SAC)

= System List =

WE NEED TO DO OUR HOMEWORK AND COMPLETE THIS PAGE.

SVN and Trac are utilizing our central OSGeo LDAP server for authentication - a start towards the dream of one OSGeo userid/password for a variety of services and projects. We also have the capacity to capture project history in a migration to SVN for folks using CVS now.

Buildbot, for those not familiar with it, is used to do automated builds of software packages from svn, run tests suites, and provide a status web page indicating how it is working. An example is at:

http://buildbot.osgeo.org:8500/

The download server is just a server providing http download from a directory tree, but it is on a high speed network (telascience.org) with lots of bandwidth.

Server osgeo.org

 * Hardware - sbarnes, Howard Butler, Tyler Mitchell, Frank Warmderdam
 * Software:
 * Web pages - Tyler Mitchell, ... (info)
 * postfix - Tyler Mitchell, ...
 * Linux updates - Tyler Mitchell, ... (info)
 * LDAP - ? (info)
 * backup - ?
 * SSL certificate - ?
 * DNS - ?
 * SVN - Howard Butler (info)
 * Virtual Hosts
 * trac.osgeo.org - Howard Butler (info)
 * lists.osgeo.org - Tyler Mitchell (info)
 * buildbot.osgeo.org - Howard Butler (info)
 * download.osgeo.org - Mateusz Loskot (info)

Emergency plans:
 * ISP/DNS problem: what to do? do we need to call anyone?
 * hardware reset: Shawn Barnes (+1 613.565.5056 - Ottawa business hours), Howard Butler, Tyler Mitchell, Frank Warmderdam (+1 613.754.2041 - anytime). One option is a power cycle on the UPS to restart osgeo.org, using the "Reboot Immediate" item on the UPS.

OSGeo Wiki (wiki.osgeo.org)

 * Maintained at and by terrestris.de
 * Responsible: XXX

Emergency plan: ...

Telascience Blades
This page only describes some of the core systems and is not a full description of the telascience reality in any way


 * HyperCube for geodata
 * xblade10-2 (198.202.74.215) FC4
 * new server: new install, ldap enabled, yum updated Nov 5th/2006.
 * mapbender.telascience.org; Postgres MySQL running
 * http://mapbender.telascience.org/
 * https://198.202.74.215/phpMyAdmin/
 * https://198.202.74.215/phpPgAdmin/


 * xblade11-2 (198.202.74.216) FC4
 * new server: new install, ldap enabled, yum updated July 20th/2006.
 * geodata.telascience.org; Assigned for geodata work for now, and to be named dev.geodata.osgeo.org or something similar. Binaries on geodata:
 * all GIS binaries are installed into /usr/local/*
 * /usr/local/lib was added to /etc/ld.so.conf


 * xblade12-2 (198.202.74.217) FC4
 * new server: new install, no ldap or remotely mounted home.
 * This machine is allocated to Kids GIS Portal


 * xblade13-2 (198.202.74.218) FC4
 * shell.telascience.org: Lots of software installed, general use.
 * Also used for DevelopmentDrupalInstance - contact Kanhaiya Kale.


 * xblade14-2 (198.202.74.219) FC4
 * new server: new install, ldap enabled, yum updated July 19th/2006.
 * using for Frank and Mateusz' experiments with OSGeo BuildBot Configuration.
 * Using for Community Mapbuilder Continuum Builds.
 * Using for Download Server.


 * xblade15-2 (198.202.74.220) FC4
 * ldap.telascience.org: Fedora Directory Server. LDAP server.
 * osgeo.telascience.org: Plone
 * txtmob.telascience.org: SMS Smart Mob system
 * gpstrack.telascience.org: Plone GPS / APRS / Cell tracking .... wishing ;)
 * ISO mirroring


 * sparcblade8 (198.202.74.213) Solaris 2.9
 * civicspace.telascience.org: experimental community portal

= Services =


 * LDAP (on .74.220)
 * Plone (on .74.220)
 * HTTPD (on .74.220)
 * OSGeo GeoNetwork Installation

= Known Issues =


 * .216/.217/.218/.219: need Admin group in sudoers file.
 * .74.220 is not using ldap authentication for shell access.
 * Access to LDAP server needs to be restricted to specific machines somehow?
 * We have to create userids on the LDAP server manually, can't be done through plone without a lot of work.
 * Plone instance is not using LDAP for authentication.

Service Groups
Currently, shell access is limited to users in the LDAP schema under the "Shell" group. No further group authorization/granularity exists at this time. It is desireable to have "Shell" be broken into groups like "Database", "Subversion Admin", etc to distribute the administration of those tasks.