Sponsored server!

Brian J. Tarricone bjt23 at cornell.edu
Thu Jul 7 11:41:02 CEST 2005 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Auke Kok wrote:
> Yesterday, I have received one 1U server in perfect working order!

W00t!

> That means that the future server of Xfce sponsored by 2X is ready to be 
> installed, and I will start installing it ASAP. I've set a virtual 
> deadline for myself at august 31st, but hope to finish everything as 
> soon as august 1st.
> 
> This means that I need to start planning to migrate content and 
> databases over to the new machine, and take some decisions on _what_ I'm 
> gonna move. I also want to setup some mirroring between espresso and the 
> new server so that we have some redundancy and all projects can benefit 
> from that, but this is not required.
> 
> I'm gonna start a discussion here and propose a solution immediately 
> here, to get it all going. If I don't hear about it I assume you all 
> agree with me and are okay with it:
> 
> 1. Name
> 
> I'm very lame about names so my proposal is simple: "cappuccino". Other 
> coffees are good alternatives, perldude likes "icetea", also "moccha". 
> The FQDN would become "cappuccino.foo-projects.org". Even "coffee" would 
> suffice.

I like icetea, or hottea (though that looks kinda funny), since I'm not
a coffee guy.  Perhaps just 'tea', though that seems a bit short.  I
keep coming back to icetea.  Though the pedant in me realises it should
really be 'icedtea'.

> 2. Services
> 
> I want to setup the new server as secundary DNS and SMTP, this way we 
> have 2 decent machines, nicely separated, same configuration etc that 
> can host the 3 zones and user accounts. I'll have to figure out how to 
> handle user accounts, mailing lists etc. (splitting up all users means 
> we have to split up the mailinglists, meaning more work, so I'd like all 
> mail to end up on espresso and keep that the same for now)

The user account thing sounds somewhat icky to me.  Simple brute-force
solution is just to mirror all user accounts, and leave it up to each
user to keep their password etc. in sync if they want to.

A middle-ground option is writing a bunch of scripts and stuff to do a
password change via https (or something), and have it propagate to both
machines.

Super-painful totally-not-recommended option is something like LDAP.  Ick.

> Round-robin DNS would be nice, this way we have 4 'www.xfce.org' 
> servers. We should see if it's possible to set this up

Yup, that would be cool.  On a related note, Dreamhost (my webhost)
decided that every week they'd increase my disk space by 60MB and my
monthly transfer by 2GB/mo, cumulative.  I think I'm up to around
260GB/mo right now, with around 10GB of disk.  www.ca-us.xfce.org can
start taking more traffic if it wants (currently it's barely hitting a
gig a month).  I certainly wouldn't mind doing round-robin on xfce.org
with all this excess.

> As usual, SVN, DAV, HTTP/HTTPS, SSH will be used to host subversion and 
> thus the repository needs to be moved and all that comes with that. All 
> xxx.xfce.org projects too.
> 
> no IMAPS/POP3S, this will stay on espresso, or can be moved at a later 
> stage.

Mmm, I think it makes more sense to leave it on espresso, perhaps
permanently.  Definitely a good idea to have it act as a backup MX.

> 3. Root access
> 
> Since this server sits a tad whee bit far from my house and I don't have 
> someone else with physical access to it (like Remco and espresso), I 
> need to grant someone root access to be able to do emergency maintenance 
> on the console at the spot. I propose JF gets this as his location is 
> closest to the machine.
> 
> I also wish to give one additional senior Xfce developer root access for 
> maintaining stuff like svn permissions, user accounts etc. This gives us 
> the same setup on espresso and will make it easy for everyone to figure 
> out who can help when a person is on vacation etc. This person needs to 
> be found and agreed upon by the Xfce (senior) team, and as with 
> lunar/espresso, this is the least important person with root access 
> (backup of the backup).

Yah, I agree with JF.  I wouldn't mind doing this, esp since it's only a
backup-of-a-backup role.  I'd rather not be too critical, esp on a
server that's 5000+ miles away.

> 4. Schedule
> 
> 2 weeks -> installing of all services ready 2 go
> 
>   ???    -> transport to Namur, BE (about 300km)
> 
> 1 week  -> transfer of http domains, mysql db's,
>             secundary DNS/SMTP,
>             user accounts, setup of rsync to espresso for backup purposes
> 
> 1 week  -> transfer of SVN repository
> 
> 
> 
> I'm gonna start pondering stuff like proper partitioning sizes and 
> technical details and see if I can get that worked out today. As usual 
> I'll keep you all informed about progress.

Good stuff.  Thanks for taking care of all this, Auke - we really
appreciate it (well, I do, and if the others don't, we can kick them in
the ass later).

Ok, really going to bed now.

	-brian

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)

iD8DBQFCzPiu6XyW6VEeAnsRApkYAKDEWqmeClZvsEY2vN5/47/xeMh65wCgzxI9
1hmbR8YqnWa8zMu6ZcMLmVQ=
=fWoH
-----END PGP SIGNATURE-----

More information about the Xfce4-dev mailing list