SAC Service Status

From OSGeo
Jump to navigation Jump to search

Infrastructure of OSGeo System Administration Committee (SAC)

System List

This page only describes some of the core systems and is not a full description of the telascience reality in any way

Telascience Blades

  • xblade11-2 (198.202.74.216) FC4
    • new server: new install, ldap enabled, yum updated July 20th/2006.
    • geodata.telascience.org; Assigned for geodata work for now, and to be named dev.geodata.osgeo.org or something similar. Binaries on geodata:
      • all GIS binaries are installed into /usr/local/*
      • /usr/local/lib was added to /etc/ld.so.conf
  • xblade12-2 (198.202.74.217) FC4
    • new server: new install, ldap enabled.
    • This machine is allocated to Kids GIS Portal
  • xblade13-2 (198.202.74.218) FC4
    • shell.telascience.org: Lots of software installed, general use.
  • xblade14-2 (198.202.74.219) FC4
    • new server: new install, ldap enabled, yum updated July 19th/2006.
    • using for Frank and Mateusz' experiments with OSGeo BuildBot Configuration.
  • xblade15-2 (198.202.74.220) FC4
    • ldap.telascience.org: Fedora Directory Server. LDAP server.
    • osgeo.telascience.org: Plone
    • txtmob.telascience.org: SMS Smart Mob system
    • gpstrack.telascience.org: Plone GPS / APRS / Cell tracking .... wishing ;)
    • ISO mirroring
  • sparcblade8 (198.202.74.213) Solaris 2.9
    • civicspace.telascience.org: experimental community portal

Services

  • LDAP (on .74.220)
  • Plone (on .74.220)
  • HTTPD (on .74.220)

Known Issues

  • .216/.217/.218/.219: need Admin group in sudoers file.
  • .74.220 is not using ldap authentication for shell access.
  • Access to LDAP server needs to be restricted to specific machines somehow?
  • We have to create userids on the LDAP server manually, can't be done through plone without a lot of work.
  • Plone instance is not using LDAP for authentication.

Service Groups

Currently, shell access is limited to users in the LDAP schema under the "Shell" group. No further group authorization/granularity exists at this time. It is desireable to have "Shell" be broken into groups like "Database", "Subversion Admin", etc to distribute the administration of those tasks.