Ubuntu Wiki

• Launchpad Entry: https://launchpad.net/distros/ubuntu/+spec/server-candy

• Created: 2005/10/25 by FabioMassimoDiNitto

• Contributors: FabioMassimoDiNitto

• Packages affected: unknown

Summary

We would like to have better server support.

Rationale

We would like to improve the profile of Ubuntu as a server platform, and help system adminitrators to get things done quickly and efficently.

Use cases

Bob wants to stress test his shiny new server before he puts it into production

Sandra wants to check the integrity her server sysystem after an intrusion attempt.

Bill wants to set up a postfix and imap server for his small company.

Naomi wants to have SSL that just works for postfix and apache.

Frank wants tools to monitor all of the servers in his network

Scope

Create tools to make system administrators life easier. This focuses on low hanging fruit, and avoids using tools like webmin which we don't want to have to support in main.

Design

Implementation

• We need to ship the server testsuite from TestingServerHardware on the server CD.

  • -- should talk to the server certification spec team .... perhaps there will be some overlap (~6-8 weeks delivery time from the server cert. team)
• We should have a central snakeoil SSL setup that all our shipped SSL/TLS-using packages can use (postfix, apache2, slapd, exim4, imap/pop, etc); these packages should be designed to look to the central SSL cert by default.
  • -- should provide an easy way to replace the central snakeoil SSL setup with user-generated certificates (infinity/lamont ~ 4 weeks)
• We need an MD5 checker in the recovery mode; an idea was floated to host a debsums.ubuntu.com that has known-good md5sums of everything in the archive, and a tool on the CD to check against that. debsums.ubuntu.com should be indexed by package_version, so we are sure we're checking against the correct version. Layout the server as archive.u.c and ships only .md5 files.
  • -- this will start on rookery (server side), and be moved off to a separate server if the need arises. -- write deb/udeb to run the test client side).
  (fabbione ~ 2/3 weeks)
• The rest is adjustments to the seed list, and package configuration files.
  • (James would like request tracker in the server seed - request-tracker3.4 package) (fabbione to collect info from the community ~ always in progress)
• We should seed any libraries that third-party binary sever admin tools will depend on
• Packaging or installer wrappers for third-party hardware monitoring/admin tools from major vendors would be nice. (fabbione to package and write wrappers - james/znarl to test what's possible at the DC ~ as fast they come in)

Outstanding Issues

Bling is not really thing system administrators value on the server. They want stability, they like things that just work, and sane defaults matter.

It would be nice to investigate other tools which system administrators love.

BoF agenda and discussion