ServerCandy

Differences between revisions 13 and 14
Revision 13 as of 2005-11-02 15:28:49
Size: 4116
Editor: 225_220_103_66-WIFI_HOTSPOTS
Comment:
Revision 14 as of 2005-11-02 15:36:05
Size: 4645
Editor: 225_220_103_66-WIFI_HOTSPOTS
Comment:
Deletions are marked like this. Additions are marked like this.
Line 15: Line 15:

== Response to Comments ==

  MarkRamm:

 * I clarified everything I can, and wrote out more detailed descriptions of the data that needs to be gathered before we can finalize the seed list. I hope it makes more sense now.
Line 78: Line 84:
 *  * We need to get a list of IBM, and Sun tools, and what they require when we do negotiations for certificatin (see TestingServerHardware. (MDY)
Line 80: Line 86:

 * Packaging or installer wrappers for third-party hardware monitoring/admin tools from major vendors would be nice.
 (fabbione to package and write wrappers - james/znarl to test what's possible at the DC
 ~ as fast they come in)		 '''Packaging or installer wrappers for third-party hardware monitoring/admin tools''
 * A list of tools needs to be compiled (particularly, we need all tools for supporting hardware we want to certify)
 * fabbione can then package and write wrappers.
 * james/znarl to test what's possible at the DC
 * The folks at the Server Test Lab should test these against certified hardware.

Reviewer Comments

  • MarkShuttleworth:

    • WHAT seed changes? Make some concrete proposals please, don't just push it off.

In general, this spec is too hand-wavy and incomplete to be approved.

Response to Comments

  • I clarified everything I can, and wrote out more detailed descriptions of the data that needs to be gathered before we can finalize the seed list. I hope it makes more sense now.

Summary

The "server edition" of Dapper will be supported for 5 years. We need to make sure that we have thought of things that will be attractive for system administrators, to raise interest in Ubuntu as a server OS. This specification lists ideas for the server edition.

Rationale

We would like to improve the profile of Ubuntu as a server platform, and help system administrators to get things done quickly and efficently.

Use cases

Bob wants to stress test his shiny new server before he puts it into production

Sandra wants to check the integrity her server system after an intrusion attempt.

Naomi wants to have SSL that just works for postfix and apache.

Felicia wants to be able to administer her HP Smart Array without downloading tools from hp and configuring them herself.

Scope

Create tools to make system administrators life easier. This focuses on low hanging fruit, and avoids using tools like webmin which we don't want to have to support in main.

Design

Implementation

Ship a Server Test Suite on the CD

  • The test suite is defined in TestingServerHardware.

  • The test suite will be intigrated in the Debian Installer mode

  • The test suite will need to produce reasonable short run results, along with it's full burn-in test results (all this is in the spec on TestingServerHardware).

We need to implement a central snakeoil SSL setup This would be one package that provids SSL/TLS setup for:

  • postfix
  • apache2
  • slapd
  • exim4
  • imap/pop
  • etc)

These packages will also need to be modified to look to this new central SSL cert package by default.

  • (infinity/lamont ~ 4 weeks)

Create an MD5 checker for the Debian Installer recovery mode

This has two parts: 1) creating a public server such as pkgsums.ubuntu.com that has known-good md5sums of everything in the archive 2) the creation of a tool that can be run from Debian Installer Recovery mode

  • pkgsums.ubuntu.com should be indexed by package_version so we are sure we're checking against the correct version.
  • Layout the server as archive.u.c and ship only .md5 files.
  • The server should start out on rookery (server side), and be moved off to a separate server if the need arises.
  • The client side program needs to have an interface to check specific files to make sure they match the web archive.
  • The client side program needs to have an interface to check all installed files for a particular deb against the server.
  • The client side program should have an interface to check all installd debs against the MD5 archive.
    • --- (fabbione ~ 2/3 weeks)

Make adjustments to the seed list

  • We should add request-tracker3.4 to the seed list.
  • Suggestions for important packages should be solicited from the lists, and evaluated for inclusion in the seed.
    • (fabbione to collect info from the community ~ always in progress)

We should seed any libraries that third-party binary sever admin tools require

  • James will give us a list of HP tools

  • We need to get a list of IBM, and Sun tools, and what they require when we do negotiations for certificatin (see TestingServerHardware. (MDY)

Packaging or installer wrappers for third-party hardware monitoring/admin tools

  • A list of tools needs to be compiled (particularly, we need all tools for supporting hardware we want to certify)
  • fabbione can then package and write wrappers.
  • james/znarl to test what's possible at the DC
  • The folks at the Server Test Lab should test these against certified hardware.

Outstanding Issues

Bling is not really something system administrators value on the server. They want stability, they like things that just work, and sane defaults.

It would be nice to investigate other tools which system administrators love.

BoF agenda and discussion

ServerCandy (last edited 2008-08-06 16:18:50 by localhost)