wiki:SystemAdministration

Version 164 (modified by Sander Maijers, 8 years ago) (diff)

change hosts table after UU -> TransIP migration for www

Contents

  1. 1. Tickets
  2. 2. Hosts
    1. 2.1. Internally managed
    2. 2.2. Externally managed, with central services
    3. 2.3. Decommissioned
  3. 3. DNS entries and TLS certificates
  4. 4. Getting access
    1. 4.1. Security
  5. 5. Default VM setup
    1. 5.1. SLES 11

1. Tickets

Ticket Priority Summary Owner Created Modified
#954 major Increase database pool size for Component Registry Sander Maijers 8 years ago 3 years ago
#1086 minor Problem with admin messages from lists.clarin.eu André Moreira 4 years ago 4 years ago
#963 major Centralized logging Sander Maijers 8 years ago 6 years ago
#961 major configure beta-vlo behind https Sander Maijers 8 years ago 6 years ago
#1060 major test notifications André Moreira 6 years ago 6 years ago
#1061 major test André Moreira 6 years ago 6 years ago
#1062 major Test André Moreira 6 years ago 6 years ago
#1063 major test André Moreira 6 years ago 6 years ago
#1064 major test André Moreira 6 years ago 6 years ago
#1054 major Bad URL encoding in catalog.clarin.eu/vlo -> vlo.clarin.eu redirects André Moreira 6 years ago 6 years ago
#969 major Migrate user.clarin.eu Willem Elbers 8 years ago 6 years ago
#968 major Migrate Subversion and Trac to new hoster Sander Maijers 8 years ago 7 years ago
#1010 minor Piwik overlay André Moreira 7 years ago 7 years ago
#1000 major Review server timezone André Moreira 7 years ago 7 years ago
#996 major catalog.clarin.eu SP: aa-statistics error message on login André Moreira 7 years ago 7 years ago
#978 major Add nagios check for https://idp.clarin.eu Sander Maijers 8 years ago 7 years ago
#981 major Add DKIM, DMARC DNS RRs for clarin.eu Sander Maijers 8 years ago 8 years ago
#887 major Configure local firewall for idp1-clarin and idp2-clarin Sander Maijers 8 years ago 8 years ago
#890 minor Migration of newlists.clarin.eu/lists.clarin.eu Sander Maijers 8 years ago 8 years ago
#882 minor Logging in to Sonatype Nexus server fails intermittently Sander Maijers 8 years ago 8 years ago
#881 minor Migrate lists.clarin.eu Sander Maijers 8 years ago 8 years ago
#880 minor Add alpha-vlo-clarin VM Sander Maijers 8 years ago 8 years ago
#901 major Robots.txt for beta-vlo.clarin.eu Sander Maijers 8 years ago 8 years ago
#876 blocker Add acceptance host; harmonize dev, acceptance and production Sander Maijers 8 years ago 8 years ago
#888 major Stop old vz07 VM; remove on 1 April Sander Maijers 8 years ago 8 years ago
#879 major Alter MySQL database name and permissions for Drupal Sander Maijers 8 years ago 8 years ago
#877 major Add Apache httpd redirect from http(s)://clarin.eu to https://www.clarin.eu Sander Maijers 8 years ago 8 years ago
#896 major Add python 3 package to all hosts Sander Maijers 8 years ago 8 years ago
#874 critical [CVE-2015-7547] Patch glibc vulnerability Willem Elbers 8 years ago 8 years ago
#891 critical dmeventd for LVM hogs CPU on CentOS 7 Willem Elbers 8 years ago 8 years ago
#949 major Update to the component registry database Willem Elbers 8 years ago 8 years ago
#955 major Add Reverse DNS records for TransIP VMs Sander Maijers 8 years ago 8 years ago
#908 major Prevent crawlers from indexing the vlo search pages Sander Maijers 8 years ago 8 years ago
#904 minor Add TuNDRA to piwik Sander Maijers 8 years ago 8 years ago
#902 major Grant read access to httpd logs Sander Maijers 8 years ago 8 years ago
#899 major Include sitemap generation after succesful harvest + import Sander Maijers 8 years ago 8 years ago
#898 major Add robots.txt with link to vlo sitemap Sander Maijers 8 years ago 8 years ago
#886 major Icinga monitoring checks CRITICAL, self-signed cert. use on aai{1,2}.clarin.eu, dev-idp.clarin.eu Sander Maijers 8 years ago 8 years ago
#889 major Resolve Icinga check error states Sander Maijers 8 years ago 8 years ago
#878 blocker Set firewall rules (external) Sander Maijers 8 years ago 8 years ago
#885 major Django security update to 1.9.3 Sander Maijers 8 years ago 8 years ago
#884 critical Security-critical instructions to data centre support should have integrity Sander Maijers 8 years ago 8 years ago
#883 major Devise automatic tty I/O auditing setup & policy Sander Maijers 8 years ago 8 years ago
#865 major Make host pages adhere to host template in Trac Sander Maijers 8 years ago 8 years ago
#864 major Automated collection of running Docker containers Sander Maijers 8 years ago 8 years ago
#863 minor Automate collection of host info Sander Maijers 8 years ago 8 years ago

2. Hosts

2.1. Internally managed

Canonical FQDN Aliases IPv4-address OS Docker (v)CPUs Memory
(GiB) 		Storage
(GiB) 		Hoster Responsible Support Collectd
lvps92-51-161-129.dedicated.hosteurope.de vlo.clarin.eu 92.51.161.129 CentOS
7.1.1503 		n/a 8 32 500 HostEurope sysops@clarin.eu support@hosteurope.de 5.5
clarinvm.ics.muni.cz catalog.clarin.eu
docker.clarin.eu
nexus.clarin.eu
office.clarin.eu 		147.251.9.199 CentOS
7.1.1503 		1.8.2 8 32 500 CESNET sysops@clarin.eu cloud@metacentrum.cz 5.5
idp1-clarin.esc.rzg.mpg.de aai1.clarin.eu 130.183.206.196 Scientific Linux
7.2 		1.9.1 2 4 20 MPCDF sysops@clarin.eu clarin-support@rzg.mpg.de 5.5
idp2-clarin.esc.rzg.mpg.de aai2.clarin.eu 130.183.206.33 Scientific Linux
7.2 		1.9.1 2 4 20 MPCDF sysops@clarin.eu clarin-support@rzg.mpg.de 5.5
dev-idp-clarin.esc.rzg.mpg.de dev-idp.clarin.eu
dev-sp.clarin.eu 		130.183.206.39 Scientific Linux
7.2 		1.9.1 2 4 20 MPCDF sysops@clarin.eu clarin-support@rzg.mpg.de 5.5
centres-clarin.esc.rzg.mpg.de centres.clarin.eu 130.183.206.32 SLES
11.3 		n/a 1 1 17 MPCDF sysops@clarin.eu clarin-support@rzg.mpg.de no
centres2-clarin.esc.rzg.mpg.de (centres.clarin.eu)
staging-centres.clarin.eu 		130.183.206.40 Scientific Linux
7.2 		1.10.2 1 1 2 MPCDF sysops@clarin.eu clarin-support@rzg.mpg.de no
beta-vlo-clarin.esc.rzg.mpg.de beta-vlo.clarin.eu 130.183.206.198 Scientific Linux
7.2 		1.7.1 8 16 1000 MPCDF sysops@clarin.eu clarin-support@rzg.mpg.de 5.5
catalog-clarin?.esc.rzg.mpg.de alpha-vlo.clarin.eu 130.183.206.35 SLES
11.3 		n/a 4 8 125 MPCDF Twan Goosen clarin-support@rzg.mpg.de 5.4.2
ems04.mpi.nl infra.clarin.eu
trac.clarin.eu
stats.clarin.eu
svn.clarin.eu
user.clarin.eu 		192.87.79.165 Ubuntu
12.04.5 LTS 		n/a 1 4 10 MPI-PL sysops@clarin.eu Tobias.vanValkenhoef@mpi.nl 4.10
149-210-236-86.colo.transip.net proxy.clarin.eu
discovery.clarin.eu
idp.clarin.eu 		149.210.236.86 CentOS
7.1.1503 		1.8.2 2 4 150 TransIP sysops@clarin.eu CP, 2nd best: support@transip.nl 5.5
37-97-154-156.colo.transip.net dev-www.clarin.eu? 37.97.154.156 CentOS
7 		1.11 2 4 150 TransIP sysops@clarin.eu CP, 2nd best: support@transip.nl 5.5
37-97-184-230.colo.transip.net www.clarin.eu? 37.97.184.230 CentOS
7 		1.11 2 4 150 TransIP sysops@clarin.eu CP, 2nd best: support@transip.nl 5.5

2.2. Externally managed, with central services

Canonical FQDN Aliases IPv4-address OS Docker (v)CPUs Memory
(GiB) 		Storage
(GiB) 		Hoster Responsible
vz07-clarin-list?.im.hum.uu.nl lists.clarin.eu
newlists.clarin.eu 		131.211.143.192 Debian
6 		n/a ? ? ? UU ictenmedia@uu.nl
fsd-cloud22.zam.kfa-juelich.de monitoring.clarin.eu 134.94.199.42 Ubuntu 14.04.4 LTS n/a FZJ? CLARIN-support@fz-juelich.de
clarin.fz-juelich.de - 134.94.199.71 n/a FZJ? CLARIN-support@fz-juelich.de
clarin.ids-mannheim.de clarin.ids-mannheim.de 193.196.8.17 CentOS
5.11 		n/a 4 16 64 IDS? Oliver Schonefeld
weblicht.sfs.uni-tuebingen.de weblicht.sfs.uni-tuebingen.de 130.183.206.38 Scientific Linux
6.7 		n/a 4 64 500 UTU? emanuel.dima@uni-tuebingen.de
im-linux-clarin-eu?.im.hum.uu.nl www.clarin.eu 131.211.143.212 Debian
8 		n/i 1 4 28 UU web team
Sander Maijers 		ictenmedia@uu.nl no
im-linux-dev-clarin-eu.hum.uu.nl - 131.211.143.192 Debian
8 		n/i 1 4 28 UU web team
Sander Maijers 		ictenmedia@uu.nl no
vz07-clarin-eu?.im.hum.uu.nl - 131.211.143.186 Debian
6 		n/a 8 8 73 UU web team
Sander Maijers 		ictenmedia@uu.nl no

2.3. Decommissioned

Canonical FQDN Aliases IPv4-address OS Docker Hoster Responsible
idp-clarin.esc.rzg.mpg.de - 130.183.206.37 SLES
11.3 		n/a MPCDF sysops@clarin.eu
stoor146.meta.zcu.cz - 147.228.242.146 CentOS
7.1.1503 		1.5.0 CESNET sysops@clarin.eu
catalog.clarin.eu catalog.clarin.eu 192.87.79.171 SLES
11.2 		n/a MPI-PL sysops@clarin.eu

3. DNS entries and TLS certificates

Hosted by Networking4All

admins: Dieter Van Uytvanck, Sander Maijers, Willem Elbers

4. Getting access

Shell access to the CLARIN hosts is only possible via key-based SSH.

Contact sysops@clarin.eu to request access to a host. Make sure to include your public SSH key.

Instructions and guidelines on how to create your OpenSSH key pair can be found here.

4.1. Security

5. Default VM setup

These instructions describe how we install/provision/configure each host by default.

5.1. SLES 11

We are in the process of migration our SLES 11 machines to CentOS/Scientific Linux. We collect some notes on administering SLES hosts.