#2232: Convert some of our physical/virtual servers to LXD containers
---------------------------+---------------------------------------
Reporter: robe | Owner: sac@…
Type: enhancement | Status: closed
Priority: normal | Milestone: Sysadmin Contract 2019-I
Component: Systems Admin | Resolution: fixed
Keywords: |
---------------------------+---------------------------------------
Changes (by robe):
* status: new => closed
* resolution: => fixed
Comment:
FYI I've already used this tool and it's working great.
So far I've used it to pull an image of the following -- many flagged as
separate tickets so I'll close this out and remainder I do I will record
as separate tickets.
{{{
projects.osgeo.osuosl.org (old-projects on osgeo7) -- community-
review.foss4g.org, spatialreference.org are now being served by the new
lxd container. I don't think there is anything left on old server we need
so will retired soon.
web.osgeo.osuosl.org (old-web on osgeo7) -- id.osgeo.org, fdo.osgeo.org
are running off these, a lot of the remaining things appear to be
redirects which we should probably move directly to nginx as redirects.
No point in hopping to a container just to be redirected elsewhere
adhoc.osgeo.osuosl.org (old-adhoc) -- I told OSUOSL to repoint the name to
osgeo7. I created a adhoc.osgeo.org to test --
http://adhoc.osgeo.org/livedvd/docs/en/index.html
wiki.osgeo.osuosl.org - this one I need to reimage cause first time mysql
was running so didn't get a clean backup (was corrupted). I do however
have wiki.osgeo.org repointing at osgeo7 and being proxied thru the nginx
container https -> https (I think this will even work when SSL cert
expires as I don't think nginx will care it's proxying to an expired
https, but the users will be getting the non-expired letsencrypt.
I didn't want to go https -> http (as they are public Ips so it really not
encrypted that way)
secure.osgeo.osuosl.org (old-secure container) -- I imaged this one but
have it off on osgeo7. This one is going to be a bit tricky mostly
because I don't know much about LDAP (I believe the ldaps might be using
the STAR osgeo key which will expire soon (not sure how ldaps works to be
sure). I'm going to need help with this one as it controls everything.
The debian on it is debian6 - yikes way past it's prime.
I'm also not sure how the whitelists work -I think this one I'll need to
give a real ip too (not proxy port) so it can see the ips it's
whitelisting
web18a.osgeo.osuosl.org (www.osgeo.org) -> (wordpress-dev) -- this one I
imaged just so we can have exact replica of our running www server for dev
purposes. staging.www.osgeo.org and dev.www.osgeo.org are running on this
container -- and pulling from git like the old - as Vicky has documented
here - https://git.osgeo.org/gitea/osgeo/www_osgeo/wiki/Links
}}}
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2232#comment:2>
OSGeo <https://osgeo.org/>
OSGeo committee and general foundation issue tracker.