Version: $Id$ = Introduction = This document will outline which server is running which service where, why (and sometimes how) in order to meet expectations and set basic guidelines and references we use. Contacts in case you like to see something changed/added (as this might have sever impact the way the infrastructure is running): - Rick van der Zwet - Richard van Mansom The document will use the term 'inet' as a referal to a service which is connected to the 'Internet', while 'wleiden' is used as a referal for services which are connected to 'Wireless Leiden Network' = Machines and connections = - dellas = DEAD machine - inet - siteview = VPS Jail (low specs) - inet - sunfire = Sunfire X2200 - inet,wleiden - sunny = Sunfire X2200 - wleiden - tyan = Tyan GT20 Transport - inet - zwet = VPS Jail (low specs) - inet = SLA Goals = How much time does a service needs to be available. Please do consider this numbers with a bit of salt. Neither the MTTR Mean Time To Recovery) nor the response time if mentioned yet, but are in practive based on best effort services. The percent mentioned is the availability goal. == inet == - DNS wirelessleiden.nl. - 99.999% - mailinglists. - 99.9% - repositories. - 99.9% - website (trac, projects, wiki). - 90.0% - Expose WirelessLeiden Network Services. - 90.0% == wleiden == - DNS wleiden.net. - 95.0% - Configuration (wlconfig,gformat). - 95.0% - Monitoring (nagios,nodemap). - 90.0% - Proxy to inet. - 90.0% - Connectivity between nodes. - TBD - Node services. - TBD = Design Principles = Why did we do they way stuff is currently running: - Low resource requirements; KISS principle also in hardware and connectivity as most equipment is provided with limitation. - Up2date packages; Fixing security bugs is more easy if all your packages are up2date. Else you will end up will package hells and massive upgrades in case of a security bugs. - Backup and failover at same location; to allow rapid failover and easy maintenance. - Monilitic setup; system should not be dependant on each-other, every service needs to be able to run at its own 'power'. Makes migration more easy to do. - Accountablility; Configuration files are stored in the repository, every user has it's own login credentials (either by the means of username or key). - Cold standby with manual failover; Make mainenance more easy and less dependencies, more flexible with switching. - Disaster backup only; Less resources needed. = uptime measurement 3 times per year we will evaluate and report the statistics of the previous period, where needed we will adjust the expected results. The evaluation will be done by a *small* group of Wireless Leiden volunteers, but input is always welcome and results are released under the standard license (WL). = Implementation = == siteview == used as failover DNS (slave isc-bind) and to provide a 'message unavailable message' if a website is pointing to that host. == vdzwet == used as backup/failover for the inet services. == tyan == hosting all the inet services. NO playground, strict accounting. == sunny == is hosting all wleiden services (including development services). playground provided using jails. == sunfire == mixture of production (expose wleiden Services to inet for example), but also meant as buildbot development. Limited playground provided as machine has inet connection where limitations apply.