server space at telascience

Hello,

I'm Benjamin, systems administrator of CCGIS/Bonn in Germany.
Arnulf told me, that there possibly will be server space, an incredibly
fast blade server :-), at telascience for hosting mapbender.org (mediawiki, postgresql) itself and maybe some other related stuff.

Also, there is a request on OSGeo-Edu to install a wiki for the EOGEO
FreeGIS Book. I think, that this would be a good opportunity to
move wiki.osgeo.org to telascience, too, to have it all together.

What do you think?

Best,
Benjamin

Benjamin

I am open to everything !

SAC ... whats the priority for installing stuff

Benjamin Thelen wrote:

Hello,

I'm Benjamin, systems administrator of CCGIS/Bonn in Germany.
Arnulf told me, that there possibly will be server space, an incredibly
fast blade server :-), at telascience for hosting mapbender.org (mediawiki, postgresql) itself and maybe some other related stuff.

Also, there is a request on OSGeo-Edu to install a wiki for the EOGEO
FreeGIS Book. I think, that this would be a good opportunity to
move wiki.osgeo.org to telascience, too, to have it all together.

What do you think?

Best,
Benjamin

Benjamin Thelen wrote:

Hello,

I'm Benjamin, systems administrator of CCGIS/Bonn in Germany.
Arnulf told me, that there possibly will be server space, an incredibly
fast blade server :-), at telascience for hosting mapbender.org (mediawiki, postgresql) itself and maybe some other related stuff.

Also, there is a request on OSGeo-Edu to install a wiki for the EOGEO
FreeGIS Book. I think, that this would be a good opportunity to
move wiki.osgeo.org to telascience, too, to have it all together.

What do you think?

Benjamin,

Indeed, I'm keen to have this setup. My only concern is which machine to
put it on, how to keep the various services segregated, and whether we
ought to be looking at having the freegis book wiki using the LDAP
service for user authentication so folks can share a signon between in
and other services.

From a "which machine to put it on" point of view, we have had a delay in
getting some of the blades configured due to issues with a "kickstart server".
So, for now, we have one system with LDAP running on it, but we are trying to
keep this system quite secure, so we likely don't want too much else on it.

We have another system with a variety of software already installed. We
could use it, but I think if we do, then we need to treat this system as
"medium security" and not provide shell accounts on it widely (to the
geodata processing folks for instance) for fear of messing up important
services (starting with this wiki).

Another service we would like to get setup is a bug database, initially for
Mapbender, but later for other projects too, such as GDAL. All in all, I
think we need some careful planning of where things go to avoid services
conflicting, or stuff getting lost in a tangle of different running systems
all on the same machine.

So the system I was thinking of is 198.202.74.218 described at:

   http://wiki.osgeo.org/index.php/SAC_Service_Status

Lastly, is there anyone but Hobu currently who can create new LDAP users?
If not, we will need to wait for him to return from vacation. I think he
will be back Monday. We *really* need to spread around knowledge of how
LDAP stuff works so others can create users soon.

Best regards,
--
---------------------------------------+--------------------------------------
I set the clouds in motion - turn up | Frank Warmerdam, warmerdam@pobox.com
light and sound - activate the windows | http://pobox.com/~warmerdam
and watch the world go round - Rush | President OSGF, http://osgeo.org

At 10:40 PM -0400 7/13/06, Frank Warmerdam wrote:

Benjamin Thelen wrote:

Hello,

I'm Benjamin, systems administrator of CCGIS/Bonn in Germany.
Arnulf told me, that there possibly will be server space, an incredibly
fast blade server :-), at telascience for hosting mapbender.org (mediawiki, postgresql) itself and maybe some other related stuff.

Also, there is a request on OSGeo-Edu to install a wiki for the EOGEO
FreeGIS Book. I think, that this would be a good opportunity to
move wiki.osgeo.org to telascience, too, to have it all together.

What do you think?

Benjamin,

Indeed, I'm keen to have this setup. My only concern is which machine to
put it on, how to keep the various services segregated, and whether we
ought to be looking at having the freegis book wiki using the LDAP
service for user authentication so folks can share a signon between in
and other services.

From a "which machine to put it on" point of view, we have had a delay in

getting some of the blades configured due to issues with a "kickstart server".
So, for now, we have one system with LDAP running on it, but we are trying to
keep this system quite secure, so we likely don't want too much else on it.

We have another system with a variety of software already installed. We
could use it, but I think if we do, then we need to treat this system as
"medium security" and not provide shell accounts on it widely (to the
geodata processing folks for instance) for fear of messing up important
services (starting with this wiki).

Another service we would like to get setup is a bug database, initially for
Mapbender, but later for other projects too, such as GDAL. All in all, I
think we need some careful planning of where things go to avoid services
conflicting, or stuff getting lost in a tangle of different running systems
all on the same machine.

So the system I was thinking of is 198.202.74.218 described at:

  http://wiki.osgeo.org/index.php/SAC_Service_Status

Lastly, is there anyone but Hobu currently who can create new LDAP users?
If not, we will need to wait for him to return from vacation. I think he
will be back Monday. We *really* need to spread around knowledge of how
LDAP stuff works so others can create users soon.

Best regards,

John should be able to create users in the LDAP as well. I will put a wiki page together to describe the process. Basically, what needs to be done is to create a user, give them a password, set their unix stuff (give them a unique UID starting at 10010, home director of /home/username, and GID of 100), and then add them to the "Shell" group if they are to have shell access. Email the user with a bogus and easy password if they are to have shell access and have them log into the (a) shell machine and reset their password with 'passwd'. Their home directory will be automatically created for them upon first login.

For non-shell users, we need to provide a mechanism to at least change passwords and ideally hook up Plone/Drupal/Wikipedia/whatever to be able to create users with limited group membership. This item should probably go on a 'todo' list somewhere. Any pointers on how to do this (even a simple web app that *explicitly* does this sort of thing would probably be sufficient) would be appreciated.

Benjamin, email me the userid you would like and I will contact you with the details.

Howard

Frank Warmerdam schrieb:

Benjamin Thelen wrote:

Hello,

I'm Benjamin, systems administrator of CCGIS/Bonn in Germany.
Arnulf told me, that there possibly will be server space, an incredibly
fast blade server :-), at telascience for hosting mapbender.org (mediawiki, postgresql) itself and maybe some other related stuff.

Also, there is a request on OSGeo-Edu to install a wiki for the EOGEO
FreeGIS Book. I think, that this would be a good opportunity to
move wiki.osgeo.org to telascience, too, to have it all together.

What do you think?

Benjamin,

Indeed, I'm keen to have this setup. My only concern is which machine to
put it on, how to keep the various services segregated, and whether we
ought to be looking at having the freegis book wiki using the LDAP
service for user authentication so folks can share a signon between in
and other services.

Hi Frank,

What about something like jails, used in FreeBSD, XEN or something like that, to segregate things? I don't know, if there is something else besides XEN similar like jails in Linux.

Could you find a possibility to use LDAP together with mediawiki? I could't at first sight.

From a "which machine to put it on" point of view, we have had a delay in
getting some of the blades configured due to issues with a "kickstart server".
So, for now, we have one system with LDAP running on it, but we are trying to
keep this system quite secure, so we likely don't want too much else on it.

I definitely like to have services segregated on different machines or at least jails/s.th. like that to keep administration easier and more secure.

We have another system with a variety of software already installed. We
could use it, but I think if we do, then we need to treat this system as
"medium security" and not provide shell accounts on it widely (to the
geodata processing folks for instance) for fear of messing up important
services (starting with this wiki).

I suggest to have the wikis on a seperate machine/jail, if possible. Starting with the "freegis book wiki" (e.g. edu.osgeo.org/wiki), moving the wiki.osgeo.org to telascience secondly and lastly mapbender.org, which just consists of a mediawiki at the moment.

The question for me is, who will maintain and who will get access on mapbender.org if moved to telascience?

wiki.osgeo.org is on a good machine at the moment, but I think, best would be to have all under "one roof". Same with mapbender.org.

Another service we would like to get setup is a bug database, initially for
Mapbender, but later for other projects too, such as GDAL. All in all, I
think we need some careful planning of where things go to avoid services
conflicting, or stuff getting lost in a tangle of different running systems
all on the same machine.

Yes, I fully agree.

So the system I was thinking of is 198.202.74.218 described at:

  http://wiki.osgeo.org/index.php/SAC_Service_Status

Well, this is a machine "Lots of software installed, general use." - comment from the wiki. Wouldn't it be better not to install additional things, especially important services? I cannot evaluate this machine.

Best,
Ben

Lastly, is there anyone but Hobu currently who can create new LDAP users?
If not, we will need to wait for him to return from vacation. I think he
will be back Monday. We *really* need to spread around knowledge of how
LDAP stuff works so others can create users soon.

Best regards,

Howard Butler schrieb:

At 10:40 PM -0400 7/13/06, Frank Warmerdam wrote:

Benjamin Thelen wrote:

Hello,

I'm Benjamin, systems administrator of CCGIS/Bonn in Germany.
Arnulf told me, that there possibly will be server space, an incredibly
fast blade server :-), at telascience for hosting mapbender.org (mediawiki, postgresql) itself and maybe some other related stuff.

Also, there is a request on OSGeo-Edu to install a wiki for the EOGEO
FreeGIS Book. I think, that this would be a good opportunity to
move wiki.osgeo.org to telascience, too, to have it all together.

What do you think?

Benjamin,

Indeed, I'm keen to have this setup. My only concern is which machine to
put it on, how to keep the various services segregated, and whether we
ought to be looking at having the freegis book wiki using the LDAP
service for user authentication so folks can share a signon between in
and other services.

From a "which machine to put it on" point of view, we have had a delay in
getting some of the blades configured due to issues with a "kickstart server".
So, for now, we have one system with LDAP running on it, but we are trying to
keep this system quite secure, so we likely don't want too much else on it.

We have another system with a variety of software already installed. We
could use it, but I think if we do, then we need to treat this system as
"medium security" and not provide shell accounts on it widely (to the
geodata processing folks for instance) for fear of messing up important
services (starting with this wiki).

Another service we would like to get setup is a bug database, initially for
Mapbender, but later for other projects too, such as GDAL. All in all, I
think we need some careful planning of where things go to avoid services
conflicting, or stuff getting lost in a tangle of different running systems
all on the same machine.

So the system I was thinking of is 198.202.74.218 described at:

  http://wiki.osgeo.org/index.php/SAC_Service_Status

Lastly, is there anyone but Hobu currently who can create new LDAP users?
If not, we will need to wait for him to return from vacation. I think he
will be back Monday. We *really* need to spread around knowledge of how
LDAP stuff works so others can create users soon.

Best regards,

John should be able to create users in the LDAP as well. I will put a wiki page together to describe the process. Basically, what needs to be done is to create a user, give them a password, set their unix stuff (give them a unique UID starting at 10010, home director of /home/username, and GID of 100), and then add them to the "Shell" group if they are to have shell access. Email the user with a bogus and easy password if they are to have shell access and have them log into the (a) shell machine and reset their password with 'passwd'. Their home directory will be automatically created for them upon first login.

For non-shell users, we need to provide a mechanism to at least change passwords and ideally hook up Plone/Drupal/Wikipedia/whatever to be able to create users with limited group membership. This item should probably go on a 'todo' list somewhere. Any pointers on how to do this (even a simple web app that *explicitly* does this sort of thing would probably be sufficient) would be appreciated.

Benjamin, email me the userid you would like and I will contact you with the details.

Howard

Hi Howard,

Isn't there a naming scheme? If not, "bthelen" would be quite allright with me, because, that is my osgeo eMail address.

Ben