Editing Migrating to Community-driven Infrastructure

Warning: You are not logged in. Your IP address will be recorded in this page's edit history.
The edit can be undone. Please check the comparison below to verify that this is what you want to do, and then save the changes below to finish undoing the edit.
Latest revision Your text
Line 1: Line 1:
-
'''please somebody does a major rework of this page, to a new wiki page like "community maemo.org infra - at IPHH" and clean out all the history data that doesn't give any useful info anymore. Also splitting off the autobuilder stuff into a separate page might help'''
+
== Introduction ==
-
'''''--[[User:joerg_rw|joerg_rw]] 15:20, 4 June 2013 (UTC)'''''
+
[up to date as of 2013-02-08]
 +
Albeit Nokia's plans about discontinuation of maemo support been known since spring 2012, Nokia gave "Go" to Nemein (service provider on behalf of Nokia) for the real migration work not earlier than 2 weeks before christmas 2012.
-
Started to move stuff
+
As of January, 18th 2013 the *.maemo.org infrastructure has been consolidated from a 20+ physical servers (aka "irons") to current config and completely migrated to new locations independant of Nokia servers. This task been accomplished by Nemein. Talk.maemo.org forum been integrated with the other infra, many thanks to Nemein for donating the VM for that. Also many thanks to Nemein for this incredible piece of work done during times when others (as well as the guys there) usually are already away for winter holidays.
-
http://wiki.maemo.org/Maemo.org_Infrastructure
+
The current setup (see below) consists of around 10 Virtual Machines hosted by Nemein on their xen-grid. This is an interim solution. Nokia paid Nemein for this consolidation/migration and hosting until end of February.
-
http://wiki.maemo.org/Maemo.org_Infrastructure/Autobuilder
+
Handing over control of servers still pending, right now (2013-01-30) it's still Nemein and affiliates to control that infra.  
-
Please use Categories below for any future pages of this topic
+
Transfer of control over (*.)maemo.org DNS entries ("the domain") is still being negotiated between Nokia and HiFo, all DNS changes done so far been done by Nokia dnsmaster on Nemein's request
 +
 
 +
The plans of council and HiFo board so far are: kindly ask Nemein to have  *.maemo.org nicely bundled. We hope for this setup to be free of major known bugs (I.E. autobuilder working, repository working albeit maybe slow) when Nemein hands us the package.
 +
 
 +
[2013-02-08] Negotiations about direct migration to one of our 3 options (see below) are ongoing.
 +
 
 +
===further plans, state of migration===
 +
Further plans are to migrate again to some hosted root servers, either on a sponsor like http://osuosl.org/about-osuosl or to our own stuff we may rent from e.g. Hetzner.
 +
 
 +
[2013-02-08] currently we're in negotiations about 3 possible ways into future hosting:
 +
* osuosl (could provide VM or rootservers or CoLo [UPS server shipping: 48h:1200EUR, 7d:630EUR, +customs])
 +
* IPHH, a ISP in Hamburg. Falk contacted them and they are willing to offer CoLo basically free of charge. Of course we will put their name on our maemo.org frontpage to give due credit. HW service will be done by Falk. (costs ~300EUR for setup and HW upgrade, plus 50..300EUR for shipping the iron to Hamburg)
 +
* get own paid rootservers, like 2 of http://www.hetzner.de/en/hosting/produkte_rootserver/ex10 (costs ~300EUR/month, 400EUR setup)
 +
Depending on option chosen, we might or might not keep the SuperMicro.
 +
 
 +
[2013-02-17] Hildon Foundation board has agreed on following IPHH if the contract is good and keeping OSUOSL open as an alternative.  Sending iron to IPHH on 2013-02-18/19, and also negotiating with OSUOSL about how a possible migration to them would look like so we get a decent checklist in case we need it.
 +
 
 +
Falk's mail forwarded form IPHH to HiFo:
<pre>
<pre>
-
[[Category:maemo.org]]
+
Hi everyone,
-
[[Category:Infrastructure]]
+
-
</pre>
+
-
'''''--[[User:sixwheeledbeast|sixwheeledbeast]] 20:46, 5 June 2013 (UTC)'''''
+
these are the details, what IPHH is willing to offer us.
-
Suggest maintainers should be removed an [[Maemo.org_team]] page should be updated
+
Best regards,
-
'''''--[[User:sixwheeledbeast|sixwheeledbeast]] 20:50, 5 June 2013 (UTC)'''''
+
Falk
-
== Introduction ==
+
Begin forwarded message:
-
[2013-11-07] migration to our own servers at IPHH accomplished since ~6 months now, below info is for historical documentation.
+
-
[up to date as of 2013-02-08]
+
> From: Rene Sasse <support@iphh.xxx>
 +
> Subject: [IPHH #442659] Re: maemo.org
 +
> Date: 18. Februar 2013 11:08:33 MEZ
 +
> To: falk@fourecks.xxx
 +
> Cc: joerg@openmoko.xxx
 +
> Reply-To: support@iphh.xxx
 +
>
 +
> Falk,
 +
>
 +
> IPHH offers the following services to Hildon Foundation for one year free of  
 +
> charge:
 +
>
 +
> * Colocation/electricity for the following devices:
 +
> - 1 Server (2RU)
 +
> - 1 Switch (1RU)
 +
> * 1 100MBit/s Uplink Port
 +
> * A /27 IPv4 Network
 +
>
 +
> This offer is valid for one year and has to be discussed for renewal after 11
 +
> month.
 +
>
 +
> Legal Contact will be:
 +
>
 +
> Hildon Foundation
 +
> 120 West 10th Street, Erie, PA, 16501, USA
 +
>
 +
> Technical Contact will be:
 +
>
 +
> Falk Stern (FS7182-RIPE)
 +
> Rathmann-Cohrs-Straße 12, 21357 Bardowick, Germany
 +
> Mobile: +49-160-71560xx
 +
>
 +
>
 +
> best regards
 +
> Rene
 +
>
 +
> --
 +
> Rene Sasse                          E-Mail: support@iphh.xxx
 +
> Technical Consultant                Tel: +49 (0)40 374919-xx
 +
> IPHH Internet Port Hamburg GmbH      Fax: +49 (0)40 374919-xx
 +
> Wendenstrasse 408                    AG Hamburg, HRB 76071
 +
> D-20537 Hamburg                      Geschaeftsfuehrung: Axel G. Kroeger--7E94C7404EC25FD69CC85C3653348297
 +
>
 +
</pre>
-
Albeit Nokia's plans about discontinuation of maemo support been known since spring 2012, Nokia gave "Go" to Nemein (service provider on behalf of Nokia) for the real migration work not earlier than 2 weeks before christmas 2012.
+
Iron to move form:  ( http://nemein.com/fi/ )
 +
Nemein Oy
 +
tel. +358 20-198 6030
 +
Vilhonvuorenkatu 11 D, 8 krs
 +
00500 Helsinki, FINLAND
 +
FIN-1647219-2
 +
    support AT nemein.com
-
As of January, 18th 2013 the *.maemo.org infrastructure has been consolidated from a 20+ physical servers (aka "irons") to current config and completely migrated to new locations independant of Nokia servers. This task been accomplished by Nemein. Talk.maemo.org forum been integrated with the other infra, many thanks to Nemein for donating the VM for that. Also many thanks to Nemein for this incredible piece of work done during times when others (as well as the guys there) usually are already away for winter holidays.
+
to ( http://www.iphh.net/en/contact.html )
 +
  IPHH Internet Port Hamburg GmbH
 +
  #444615
 +
  Wendenstrasse 408
 +
  20537 Hamburg
 +
  Germany
 +
T : +49 40 37 49 19-0
 +
F : +49 40 37 49 19-29
 +
E : info@iphh.net
-
The current setup (see below) consists of around 10 Virtual Machines hosted by Nemein on their xen-grid. This is an interim solution. Nokia paid Nemein for this consolidation/migration and hosting until end of February.
+
Package details:
 +
size
 +
  x: 100cm
 +
  y: 66cm
 +
  z: 28cm
 +
weight: ~40kg
-
Handing over control of servers still pending, right now (2013-01-30) it's still Nemein and affiliates to control that infra.
 
-
Transfer of control over (*.)maemo.org DNS entries ("the domain") is still being negotiated between Nokia and HiFo, all DNS changes done so far been done by Nokia dnsmaster on Nemein's request
+
Shipping accomplished:
 +
Shipment number 1139212793
 +
Status from Wed, 20.02.2013 10:57 hours Delivered - signed for by Herr POLROK*
 +
Recipient TPHH
 +
Delivered on Herr POLROK*
 +
via DHL account provided by Nokia/Pekka (many thanks!) on 2013-02-19.
 +
Courtesy Aslan and Eero of Nemein.
-
The plans of council and HiFo board so far are: kindly ask Nemein to have  *.maemo.org nicely bundled. We hope for this setup to be free of major known bugs (I.E. autobuilder working, repository working albeit maybe slow) when Nemein hands us the package.
+
 +
Hosting migration timing plan:
 +
https://docs.google.com/spreadsheet/ccc?key=0AuQnrvWRbTtzdFhERzlDbEp0eVNQQTdfNWpQbzdIT0E&usp=sharing
 +
 
 +
 
 +
Alternatives - however obvious - for the above plans have been discussed with Nemein and HiFo and are not feasible. E.G. there was no way we could get the money instead of the server iron hardware. Sustaining the current xen-grid based VM hosting would be ~1500EUR per month plus a basically not evadable 2200EUR on top for maintenace. We want to switch away from that by all means, thus the 2nd migration.
-
[2013-02-08] Negotiations about direct migration to one of our 3 options (see below) are ongoing.
 
-
===further plans, state of migration===
 
-
(obsolete. thus deleted. See wiki history if interested in what happened when)
 
   
   
This page is intended as a central place where status and other operational information can be gathered.
This page is intended as a central place where status and other operational information can be gathered.
Line 56: Line 140:
* ... (hidden DNS master set up)
* ... (hidden DNS master set up)
** sync databases, switch DNS entries
** sync databases, switch DNS entries
-
** DNS switched [Nokia] to new IPs on 2013-03-14 1700UTC. Final sync established 1900. since then machines up and running on *new*
+
** DNS switched to new IPs on 3013-03-14 1700UTC. Final sync established 1900. since then machines up and running on *new*
VMs we need to migrate:  
VMs we need to migrate:  
Line 87: Line 171:
=== State of final migration ===
=== State of final migration ===
-
all VMs got migrated to IPHH server, DNS still owned and managed by Nokia [2013-05-29]
 
 +
* talk.maemo.org is running on "new" hardware, but currently with mail notifications disabled
 +
* DNS switchover should happen at 14.3., around 17:00UTC
 +
 +
=== Setup with IPHH ===
 +
 +
==== Networks ====
 +
 +
We have 2 /28 Subnets (213.128.137.0/28 and 213.128.137.16/28)
 +
 +
Networks are configured as follows:
 +
 +
{|
 +
! IPv4 !! IPv6 !! VLAN !! Xen Bridge !! default GW
 +
|+
 +
| 213.128.137.0/28 || not yet || 1 || xenbr0 || 213.128.137.14
 +
|+
 +
| 213.128.137.16/28 || not yet || 2 || xenbr1 || 213.128.137.17
 +
|+
 +
| 10.0.1.0/24 || not yet || 3 || xenbr2 || 10.0.1.1
 +
|}
 +
 +
IP Plan for vlan 1
 +
 +
{|
 +
! IPv4 !! IPv6 !! Hostname
 +
|+
 +
| 213.128.137.1 || n/a || firewall-carp
 +
|+
 +
| 213.128.137.2 || n/a || firewall-a
 +
|+
 +
| 213.128.137.3 || n/a || firewall-b
 +
|+
 +
| 213.128.137.4 || n/a || blade-a
 +
|+
 +
| 213.128.137.5 || n/a || blade-b
 +
|+
 +
| 213.128.137.6 || n/a || portforwarding for monitor
 +
|+
 +
| 213.128.137.7 || n/a ||
 +
|+
 +
| 213.128.137.8 || n/a ||
 +
|+
 +
| 213.128.137.9 || n/a ||
 +
|+
 +
| 213.128.137.10 || n/a ||
 +
|+
 +
| 213.128.137.11 || n/a ||
 +
|+
 +
| 213.128.137.12 || n/a || IPHH Router 1
 +
|+
 +
| 213.128.137.13 || n/a || IPHH Router 2
 +
|+
 +
| 213.128.137.14 || n/a || IPHH-VRRP
 +
|}
 +
 +
IP Plan for vlan 2
 +
 +
{|
 +
! IPv4 !! IPv6 !! Hostname !! Aliases
 +
|+
 +
| 213.128.137.17 || n/a || firewall-carp || -
 +
|+
 +
| 213.128.137.18 || n/a || firewall-a || -
 +
|+
 +
| 213.128.137.19 || n/a || firewall-b || -
 +
|+
 +
| 213.128.137.20 || n/a || www || static, maemo.org, planet, downloads
 +
|+
 +
| 213.128.137.21 || n/a || wiki || bugs
 +
|+
 +
| 213.128.137.22 || n/a || repository || stage
 +
|+
 +
| 213.128.137.23 || n/a || mail || lists
 +
|+
 +
| 213.128.137.24 || n/a || scratchbox || -
 +
|+
 +
| 213.128.137.25 || n/a || vcs || drop
 +
|+
 +
| 213.128.137.26 || n/a || garage || -
 +
|+
 +
| 213.128.137.27 || n/a || builder || -
 +
|+
 +
| 213.128.137.28 || n/a || talk || -
 +
|+
 +
| 213.128.137.29 || n/a || DNS || -
 +
|+
 +
| 213.128.137.30 || n/a || - || -
 +
|}
 +
 +
IP Plan for vlan 3
 +
 +
{|
 +
! IPv4 !! IPv6 !! Hostname
 +
|+
 +
| 10.0.1.1 || n/a || firewall-carp
 +
|+
 +
| 10.0.1.2 || n/a || firewall-a
 +
|+
 +
| 10.0.1.3 || n/a || firewall-b
 +
|+
 +
| 10.0.1.10 || n/a || db
 +
|+
 +
| 10.0.1.11 || n/a || monitor
 +
|+
 +
| 10.0.1.200 || n/a || blade-a/IPMI
 +
|+
 +
| 10.0.1.201 || n/a || blade-b/IPMI
 +
|+
 +
| 10.0.1.202 || n/a || maemo-switch
 +
|}
 +
 +
==== Disk Layout of blade-[ab] ====
 +
 +
Both disks have the following partitioning:
 +
 +
RAID1 Volume for /boot (/dev/md0), consisting of /dev/sda1 and /dev/sdb1 (200M)
 +
 +
RAID1 Volume /dev/md1 consisting of /dev/sda2 and /dev/sdb2 (around 970G)
 +
The RAID1 Volume contains a physical LVM volume.
 +
We only have one VolumeGroup (vg_blade[ab]), which has LogVol00 with 20G as root volume, LogVol01 with 2 Gig as swap and vmstore with the rest as VM Storage mounted on /vmstore.
==== Tips & Tricks for migration ====
==== Tips & Tricks for migration ====
Line 107: Line 310:
<pre>cd / ; rsync -arvSxz . root@host:/mount/point</pre>
<pre>cd / ; rsync -arvSxz . root@host:/mount/point</pre>
-
==== Stuff to do [2013-03-15] ====  
+
==== Stuff to do ====  
-
* Implement a proper service monitoring for all machines and applications - nagios pending, http://monitor.maemo.org/ganglia/
+
* Implement a proper service monitoring for all machines and applications
* Setup a common policy for root/user accounts and sudo permissions
* Setup a common policy for root/user accounts and sudo permissions
-
* Change root-passwords - done
+
* Change root-passwords  
-
* Make SSH root-login key-only - done?
+
* Make SSH root-login key-only
-
* Find out, what to sync for final migration - done
+
* Find out, what to sync for final migration
* Configure internal DNS server in /etc/resolv.conf
* Configure internal DNS server in /etc/resolv.conf
-
* Coordinate DNS setup with Nokia - partially done
+
* Coordinate DNS setup with Nokia
-
* Consolidate Databases - WIP
+
* Consolidate Databases
-
* Add disks to system - done, 4TB on blade-a
+
* Add disks to system
-
* Setup bugtracking system for infrastructure - done: roundup?
+
* Setup bugtracking system for infrastructure
-
* fix NFS mounts - WIP
+
* fix NFS mounts
-
* update VMs to 3.2.0-38
+
* update VMs to 3.2.0-38  
==== Problems we walked into ====
==== Problems we walked into ====
Line 153: Line 356:
We fixed that problem on our machines by ensuring dom0 and domU use same MAX_SKB_FRAGS
We fixed that problem on our machines by ensuring dom0 and domU use same MAX_SKB_FRAGS
-
== Inventory ==
+
== Inventory (obsolete, please update) ==
-
As a first step we gathered information about the former infrastructure at *.maemo.org. This "inventory" provided an overview about all components of the infrastructure as well as information that would later on aid during the migration.
+
As a first step we try to gather information about the present infrastructure at *.maemo.org. This "inventory" is intended to provide an overview about all components of the infrastructure as well as to provide information that will later on aid during the actual migration.
-
The following topics were considered important for the migration:
+
Currently the following topics are considered important for the migration:
* Legal Issues (Names, Trademarks, Domain Names, etc.)
* Legal Issues (Names, Trademarks, Domain Names, etc.)
* Infrastructure (Web Site, Forum, Wiki, Autobuilder, Mailinglists, Garage, etc.)
* Infrastructure (Web Site, Forum, Wiki, Autobuilder, Mailinglists, Garage, etc.)
 +
== Legal Issues ==
== Legal Issues ==
Line 205: Line 409:
== Operational Platform ==
== Operational Platform ==
-
[2013-03-20] All of maemo.org is running on our supermicro server colocated at IPHH
+
For now (2013-01,02) all services are implemented as VM running on Nemein's xen-grid. Plan is to migrate those VM to a virtualization installed on the serevrs (see below) that Nokia donates to the community. This hardware is located at Nemein office right now (2013-02-16) and '''should''' get shipped to iphh.net in Hamburg on Monday 2013-02-18.
List of hardware Nokia will donate to HiFo, according to Nemein's plans. [2013-02-08]
List of hardware Nokia will donate to HiFo, according to Nemein's plans. [2013-02-08]
Line 229: Line 433:
|-
|-
| 01
| 01
-
| blade-a.maemo.org
+
|  
|  
|  
|  
|  
Line 237: Line 441:
| http://www.supermicro.nl/products/system/2u/2027/SYS-2027TR-HTRF.cfm?parts=SHOW
| http://www.supermicro.nl/products/system/2u/2027/SYS-2027TR-HTRF.cfm?parts=SHOW
| 2U 19" Rackmount
| 2U 19" Rackmount
-
| Intel® Xeon® processor E5-2620
+
| 2 * Intel® Xeon® processor E5-2620
-
| 32GB
+
| 2 * 32GB
-
| (raid1:2*)1TB, 2*2TB=4TB aux.
+
| 2 * (raid1 2 * 1TB)
|
|
| 3 years
| 3 years
Line 246: Line 450:
|-
|-
| 02
| 02
-
| blade-b.maemo.org
+
|  
|  
|  
|  
|  
Line 254: Line 458:
|  
|  
|  
|  
-
| Intel® Xeon® processor E5-2620
+
|  
-
| 32GB
+
|
-
| (raid1:2*)1TB
+
|  
|
|
|
|
Line 262: Line 466:
|}
|}
-
http://wstaw.org/m/2013/06/02/plasma-desktopVf3743.png
 
=== OS and virtulization on community iron (planning, discussion) ===
=== OS and virtulization on community iron (planning, discussion) ===
Please don't forget to tag your contributions with your nick!
Please don't forget to tag your contributions with your nick!
Line 272: Line 475:
-
====Virtualization====
+
====Virtulization====
===== alternative A =====
===== alternative A =====
XEN (with OS blabla of above)
XEN (with OS blabla of above)
Line 473: Line 676:
=== More Detailed Information ===
=== More Detailed Information ===
-
''this is based on what we got/found on Nemein temporary infra - it's NOT related/applicable to new IPHH infra. For IPHH new infra IPs [[Maemo.org_Infrastructure]]''
 
In this sub section more detailed information about the entries in the table can be placed. The intent is to keep the table concise while still being able to have all relevant information at hand.
In this sub section more detailed information about the entries in the table can be placed. The intent is to keep the table concise while still being able to have all relevant information at hand.
Line 567: Line 769:
| maemo || warfare || Falk Stern || falk<at>fourecks.de || (maemo master sysop) || ||
| maemo || warfare || Falk Stern || falk<at>fourecks.de || (maemo master sysop) || ||
|+
|+
-
| maemo || chemist || Ruediger Schiller || webmaster<at>talk.m.o || Talk || || ||
+
| maemo || chemist || Ruediger Schiller || chemist<at><to-be-disclosed-by-owner> || Talk || || ||
|+
|+
| maemo || merlin1991 || Christian Ratzenhofer || <at> || Repos || || [preliminary accepted] ||
| maemo || merlin1991 || Christian Ratzenhofer || <at> || Repos || || [preliminary accepted] ||
Line 576: Line 778:
|+
|+
| || || || || (planet???) || ||
| || || || || (planet???) || ||
-
|}
+
|}  
-
 
+
-
== Unsorted Hints ==
+
-
=== ssh access ===
+
-
All legacy accounts got ported to new infra.
+
-
 
+
-
Access to any VM is via plain direct ssh:
+
-
ssh <user>@<VM>.maemo.org
+
-
 
+
-
=== backup ===
+
-
we're doing backups to the 4TB auxiliary storage on blade-a, using backupPC:
+
-
ssh -L8088:localhost:80 blade-a
+
-
konqueror http://localhost:8088
+
-
backup-master is Falk
+
-
 
+
-
talk VM sysop (chem|st) has access to it and control over own backups, via ssh confic on blade-a:
+
-
command="sleep 1d",permitopen="127.0.0.1:80"  <ssh-pubkey>
+
== Steering ==
== Steering ==
-
 
council is in charge of any steering.  
council is in charge of any steering.  
-
 
Joerg Reisenweber got appointed for "maemo.org infra administration coordinator" and thus is the single point of coordination for any detail questions.
Joerg Reisenweber got appointed for "maemo.org infra administration coordinator" and thus is the single point of coordination for any detail questions.
Line 605: Line 789:
* OBS @ TiZen or SuSe : https://bugs.tizen.org/jira/browse/TINF-48?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
* OBS @ TiZen or SuSe : https://bugs.tizen.org/jira/browse/TINF-48?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
-
 
-
* links: http://wiki.maemo.org/Maemo.org_team/Updating_maemo.org_sites
 
-
 
-
[[Category:maemo.org]]
 
-
[[Category:Infrastructure]]
 

Learn more about Contributing to the wiki.


Please note that all contributions to maemo.org wiki may be edited, altered, or removed by other contributors. If you do not want your writing to be edited mercilessly, then do not submit it here.
You are also promising us that you wrote this yourself, or copied it from a public domain or similar free resource (see maemo.org wiki:Copyrights for details). Do not submit copyrighted work without permission!


Cancel | Editing help (opens in new window)