Infrastructure of OSGeo System Administration Committee (SAC)

System List

This page only describes some of the core systems and is not a full description of the telascience reality in any way

Telascience Blades

• xblade10-2 (198.202.74.215) FC4
  • new server: new install, ldap enabled, yum updated Nov 5th/2006.
  • mapbender.telascience.org; Postgres MySQL running
    • http://mapbender.telascience.org/
    • https://198.202.74.215/phpMyAdmin/
    • https://198.202.74.215/phpPgAdmin/
• xblade11-2 (198.202.74.216) FC4
  • new server: new install, ldap enabled, yum updated July 20th/2006.
  • geodata.telascience.org; Assigned for geodata work for now, and to be named dev.geodata.osgeo.org or something similar. Binaries on geodata:
    • all GIS binaries are installed into /usr/local/*
    • /usr/local/lib was added to /etc/ld.so.conf
• xblade12-2 (198.202.74.217) FC4
  • new server: new install, no ldap or remotely mounted home.
  • This machine is allocated to Kids GIS Portal
• xblade13-2 (198.202.74.218) FC4
  • shell.telascience.org: Lots of software installed, general use.
• xblade14-2 (198.202.74.219) FC4
  • new server: new install, ldap enabled, yum updated July 19th/2006.
  • using for Frank and Mateusz' experiments with OSGeo BuildBot Configuration.
• xblade15-2 (198.202.74.220) FC4
  • ldap.telascience.org: Fedora Directory Server. LDAP server.
  • osgeo.telascience.org: Plone
  • txtmob.telascience.org: SMS Smart Mob system
  • gpstrack.telascience.org: Plone GPS / APRS / Cell tracking .... wishing ;)
  • ISO mirroring
• sparcblade8 (198.202.74.213) Solaris 2.9
  • civicspace.telascience.org: experimental community portal

Services

• LDAP (on .74.220)
• Plone (on .74.220)
• HTTPD (on .74.220)

Known Issues

• .216/.217/.218/.219: need Admin group in sudoers file.
• .74.220 is not using ldap authentication for shell access.
• Access to LDAP server needs to be restricted to specific machines somehow?
• We have to create userids on the LDAP server manually, can't be done through plone without a lot of work.
• Plone instance is not using LDAP for authentication.

Service Groups

Currently, shell access is limited to users in the LDAP schema under the "Shell" group. No further group authorization/granularity exists at this time. It is desireable to have "Shell" be broken into groups like "Database", "Subversion Admin", etc to distribute the administration of those tasks.