StrummerInfo

Table of contents :

Purpose of the server?

This server has two purposes:
  1. the main purpose is to act as a dedicated server for overseas indymedia collectives who run mir sites. it is anticipated that this would be running within 3-6 months of the server getting put in place (at an ISP)
  2. the secondary, short-term purpose is to act as a decanting server where the sites currently hosted on Traven can be placed whilst the 3ware RAID card is removed from Traven. This is because we believe that the 3ware card is causing additional overheads in terms of disk access (i.e. to the hard drives) and thus slowing down the whole machine.

Hardware

This is fully detailed on UkServerSpec but, in brief:

  • 2 x AMD Socket F (1207) Second-Generation AMD Opteron 2210, Dual Core 1.8GHz, 2MB Cache
  • 4 x 500 Gb Western Digital WD5000YS RE2, SATA300, 7200 rpm, 16MB Cache, 9 ms, NCQ
  • 8 x 4GB kit (2GBx2), 240-pin DIMM, DDR2 PC2-5300 memory module ECC

Set up

disks

RAID

There is a good explanation about different RAID types at MythTV. Strummer has been set up using RAID-1, RAID-01 and RAID-10, as follows:

md0 : active raid1 sda1[0] sdd1[3] sdc1[2] sdb1[1]
md1 : active raid0 sda2[0] sdb2[1]
md2 : active raid0 sdc2[0] sdd2[1]
md3 : active raid1 md1[0] md2[1]
md4 : active raid1 sdc3[1] sda3[0]
md5 : active raid1 sdd3[1] sdb3[0]
md6 : active raid0 md4[1] md5[0]

LVM

LVM has been used on the largest partition to help split it into chunks for the individual vservers.

volume group: vg logical volumes: lv_christie lv_meltzer lv_garcia

Encryption

Each logical volume is encrypted prior to mounting.

encrypted volumes: crypt_christie crypt_meltzer crypt_garcia

vservers

The primary vserver is called Christie, after Stuart Christie. It was built by following a mixture of two sets of instructions: RiseupLabs and Linux-Vserver.

  • eth0 ip: 89.107.22.11
  • dummy0 ip: [not given]

It has now got a minimal set-up on it - see ChristieInfo

Two secondary vservers have been configured on the internal, 'dummy0' interface. They are called Meltzer, after Albert Meltzer and Garc\xEDa, after Miguel Garc\xEDa. They also need setting up. The plan was for them to be used as follows:

  • Meltzer: postgres server
  • Garc\xEDa: backup server - but is actually being used temporarily for http://london.indymedia.org.uk
    • eth0 ip: 89.107.22.11
    • dummy0 ip: [not given]

Monitoring

* Munin monitoring is available at https://munin.tachanka.org

to do:

  • postgres
  • apache2
  • rsync
  • tomcat
  • ant
  • ?? do we really need anything else?

old - not yet cleaned up!

security

I would like to use vservers. This means that the host machine will [i]only[/i] be running:
  • sshd
  • iptables / firewall
  • individual vservers
Access to this will be extremely limited.

Most of the actual data and programs will then go into vservers, which can be easily mounted on encrypted partitions if desired. This will give slightly greater flexibility should there be any problems in the future (e.g. box gets cracked) or if we want to switch different sites around. Depending on how the server copes, it also gives greater flexibility for future resource utilisation, as well as moving sites between different physical servers.


-- GarconDuMonde - 09 Aug 2008
-- GarconDuMonde - 15 Aug 2008
-- GarconDuMonde - 17 Aug 2008
Topic revision: r6 - 26 Sep 2008, GarconDuMonde
This site is powered by FoswikiCopyright © by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding Foswiki? Send feedback