Difference between revisions of "Einstein Status"

From Nuclear Physics Group Documentation Pages
Jump to navigationJump to search
 
Line 5: Line 5:
 
'''Remade the RAID5. Will redo the software, but if the RAID dies again we should think of a different machine to sub for einstein.'''
 
'''Remade the RAID5. Will redo the software, but if the RAID dies again we should think of a different machine to sub for einstein.'''
  
# Pick a date within the next week '''Monday, 7/23/2007'''
 
# Send an e-mail to Aaron, warning him of the future takedown of tomato '''Done'''
 
# Update Tomato to RHEL5 '''Installed w/ basic configuration (auth, autofs, etc)'''
 
 
# Check all services einstein currently provides.  Locate as many custom scripts, etc. as is reasonable and label/copy them.
 
# Check all services einstein currently provides.  Locate as many custom scripts, etc. as is reasonable and label/copy them.
## [[DNS]] ''Installed, set up, working''
+
## [[Iptables]]
## [[LDAP]] ''Installed, set up, working.'' Changed config files on tomato and einstein to do replication, but their LDAP services need restarted. Need to schedule a time to do it on einstein. Double-check configs!
+
## [[DNS]]
## [[Postfix]] ''Installed, set up, working!''
+
## [[LDAP]]  
## [[AMaViS]] ''Installed, set up''
+
## [[Postfix]]  
## [[ClamAV]] ''Installed, set up''
+
## [[AMaViS]]  
## [[SpamAssassin]] ''Installed, set up, working? (need to test to make sure)''
+
## [[ClamAV]]
 +
## [[SpamAssassin]]  
 
## <del>[[Cyrus Imap|IMAP]] <code>cyradm localhost</code> gives "cannot connect to server". This all seems to be sasl-related. It'd be probably be easy if there was a way to have cyrus use PAM. [http://www.openldap.org/doc/admin23/sasl.html LDAP and sasl] <ins>Nevermind, that has to do with using SASL to authenticate LDAP</ins><code>saslauthd -v</code> lists pam and ldap as available authentication mechanisms, and /etc/sysconfig/saslauthd has an entry "MECH=pam"&hellip;! What am I missing? '''Tried making a new "mail.physics.unh.edu.crt" for tomato, but couldn't because that would have required revoking einstein's cert of the same name. Tried using the "tomato.unh.edu.crt" and "tomato.unh.edu.key", but is giving the same results as the "mail.physics.unh.edu.*" copied from einstein.''' Tried using tomato's UNH address instead of hostname: same result. '''I'm able to login using the <code>imtest</code> program, but the server doesn't send the same messages as shown [http://cyrusimap.web.cmu.edu/twiki/bin/view/Cyrus/ImtestByHand here].'''</del> Let's try Dovecot instead. It supposed to be simpler to maintain and is supported by RedHat.
 
## <del>[[Cyrus Imap|IMAP]] <code>cyradm localhost</code> gives "cannot connect to server". This all seems to be sasl-related. It'd be probably be easy if there was a way to have cyrus use PAM. [http://www.openldap.org/doc/admin23/sasl.html LDAP and sasl] <ins>Nevermind, that has to do with using SASL to authenticate LDAP</ins><code>saslauthd -v</code> lists pam and ldap as available authentication mechanisms, and /etc/sysconfig/saslauthd has an entry "MECH=pam"&hellip;! What am I missing? '''Tried making a new "mail.physics.unh.edu.crt" for tomato, but couldn't because that would have required revoking einstein's cert of the same name. Tried using the "tomato.unh.edu.crt" and "tomato.unh.edu.key", but is giving the same results as the "mail.physics.unh.edu.*" copied from einstein.''' Tried using tomato's UNH address instead of hostname: same result. '''I'm able to login using the <code>imtest</code> program, but the server doesn't send the same messages as shown [http://cyrusimap.web.cmu.edu/twiki/bin/view/Cyrus/ImtestByHand here].'''</del> Let's try Dovecot instead. It supposed to be simpler to maintain and is supported by RedHat.
## [[automount|/home]] ''Installed, set up, working''
+
## [[automount|/home]]
## [[Samba]] ''Installed, set up, working.'' If anyone needs samba access, they need to find us and have us make them a samba account. No LDAP integration.
+
## [[Samba]] If anyone needs samba access, they need to find us and have us make them a samba account. No LDAP integration.
 
## [[Web Servers|Web]]?
 
## [[Web Servers|Web]]?
 
## Fortran compilers and things like that? (Also needs compat libs--'''Nope, tomato is 32-bit.''')
 
## Fortran compilers and things like that? (Also needs compat libs--'''Nope, tomato is 32-bit.''')
# Clone those services to tomato
 
 
# Switch einstein <-> tomato, and then upgrade what was originally einstein
 
# Switch einstein <-> tomato, and then upgrade what was originally einstein
 
# Look into making an einstein, tomato failsafe setup.
 
# Look into making an einstein, tomato failsafe setup.

Revision as of 18:43, 3 January 2008

Status for Einstein

Massive amount of deployment documentation for RHEL 5

Remade the RAID5. Will redo the software, but if the RAID dies again we should think of a different machine to sub for einstein.

  1. Check all services einstein currently provides. Locate as many custom scripts, etc. as is reasonable and label/copy them.
    1. Iptables
    2. DNS
    3. LDAP
    4. Postfix
    5. AMaViS
    6. ClamAV
    7. SpamAssassin
    8. IMAP cyradm localhost gives "cannot connect to server". This all seems to be sasl-related. It'd be probably be easy if there was a way to have cyrus use PAM. LDAP and sasl Nevermind, that has to do with using SASL to authenticate LDAPsaslauthd -v lists pam and ldap as available authentication mechanisms, and /etc/sysconfig/saslauthd has an entry "MECH=pam"…! What am I missing? Tried making a new "mail.physics.unh.edu.crt" for tomato, but couldn't because that would have required revoking einstein's cert of the same name. Tried using the "tomato.unh.edu.crt" and "tomato.unh.edu.key", but is giving the same results as the "mail.physics.unh.edu.*" copied from einstein. Tried using tomato's UNH address instead of hostname: same result. I'm able to login using the imtest program, but the server doesn't send the same messages as shown here. Let's try Dovecot instead. It supposed to be simpler to maintain and is supported by RedHat.
    9. /home
    10. Samba If anyone needs samba access, they need to find us and have us make them a samba account. No LDAP integration.
    11. Web?
    12. Fortran compilers and things like that? (Also needs compat libs--Nope, tomato is 32-bit.)
  2. Switch einstein <-> tomato, and then upgrade what was originally einstein
  3. Look into making an einstein, tomato failsafe setup.