Difference between revisions of "Talk:SubGroups/Network"
(→Network Infra Suggestion #1) |
|||
| Line 6: | Line 6: | ||
| − | + | = Network Infra Suggestion #1 = | |
| − | Aims and Notes | + | |
| + | |||
| + | == Aims and Notes == | ||
* Provide a stable and usable environment. | * Provide a stable and usable environment. | ||
* Networking subgroup should be able to maintain the setup. (Not *everyone* in the space, we do not want bikeshedding. The sole reason of this group is to organize the networking infra and prevent bikeshedding) | * Networking subgroup should be able to maintain the setup. (Not *everyone* in the space, we do not want bikeshedding. The sole reason of this group is to organize the networking infra and prevent bikeshedding) | ||
| − | Motivation | + | == Motivation == |
| + | |||
| + | We need a stable distribution that is not a pain to use. We need one that is customizable to fit our needs. | ||
Most of the core servers need not be accessible/managed by people outside the networking subgroup. | Most of the core servers need not be accessible/managed by people outside the networking subgroup. | ||
It would be nice to have bleeding edge versions of some packages and very stable (old) packages of others. We can use debian backports to get recent versions of software or we can use Portage's slots and keywording to force packages to specific versions. | It would be nice to have bleeding edge versions of some packages and very stable (old) packages of others. We can use debian backports to get recent versions of software or we can use Portage's slots and keywording to force packages to specific versions. | ||
| + | |||
| + | == Separation of services == | ||
| + | |||
| + | There should be a clear separation of services: Core services such as PXE boot, LDAP, Networked Storage, MPD should obviously not be fiddled with too much. Access to these machines should be restricted to a specific group of users. | ||
| + | Other services like the LED wall should be more publicly accessible. (Log in with LDAP accounts?) | ||
Main server that does: | Main server that does: | ||
| Line 27: | Line 36: | ||
* Support login with LDAP for members | * Support login with LDAP for members | ||
* Secured, more or less. Resources managed and limited. | * Secured, more or less. Resources managed and limited. | ||
| + | * OpenVPN? | ||
One server to build/manage our own packages: | One server to build/manage our own packages: | ||
Revision as of 16:32, 26 October 2012
suggestion for linux distro on all servers:
- http://hannahmontana.sourceforge.net/ << Amran be trolling.
- Something easily maintainable, that we can build our own (updated) image for. (debian? gentoo? arch?) - Dreamer 12:11, 25 October 2012 (CEST)
- BINPKG + Netboot since all hardware is pretty much the same; own portage mirror. (Gentoo or Debian) - Wizzup] See suggestion 1.
Network Infra Suggestion #1
Aims and Notes
- Provide a stable and usable environment.
- Networking subgroup should be able to maintain the setup. (Not *everyone* in the space, we do not want bikeshedding. The sole reason of this group is to organize the networking infra and prevent bikeshedding)
Motivation
We need a stable distribution that is not a pain to use. We need one that is customizable to fit our needs. Most of the core servers need not be accessible/managed by people outside the networking subgroup. It would be nice to have bleeding edge versions of some packages and very stable (old) packages of others. We can use debian backports to get recent versions of software or we can use Portage's slots and keywording to force packages to specific versions.
Separation of services
There should be a clear separation of services: Core services such as PXE boot, LDAP, Networked Storage, MPD should obviously not be fiddled with too much. Access to these machines should be restricted to a specific group of users. Other services like the LED wall should be more publicly accessible. (Log in with LDAP accounts?)
Main server that does:
- Netboot / Netinstall
- LDAP
- (Networked) Storage
Shell server accessible from outside:
- Support login with LDAP for members
- Secured, more or less. Resources managed and limited.
- OpenVPN?
One server to build/manage our own packages:
- BINPKG or debian equivalent.
- Portage tree or debian equivalent.
Other servers:
- Some device for MPD.
- Some device for LED Wall
-- i would add that unless the server requires low level hardware access, the server should be virtualised --Amx109 15:18, 26 October 2012 (CEST)
Workstations: TODO (Debian stable with GNOME 2.x? Optional other WMs?)
- Support login via LDAP
