[Server-devel] XS server addons

Martin Langhoff martin.langhoff at gmail.com
Tue Aug 5 06:05:12 EDT 2008 

On Tue, Aug 5, 2008 at 9:38 PM, David Van Assche <dvanassche at gmail.com> wrote:
>> 1 - I'll incorporate them into xs-config :-)
>> 2 - don't have to hack the network startup scripts to remove the part
>> that reloads rules
>> 3 - you don't have to redo the in step 2 hack with every upgrade - as
>> xs-config updates will nuke your changes
>
> The main reason for shorewall is traffic shaping... its the only

Get SW to spit out a nice traffic shaping ruleset, clean it up, and we
can see if it can be merged into network_config

> Anyway, shorewall is already a done deal for us and works wonderfully...

Reread my notes above - an XS update will probably kill it, and you
won't be around to help fix it. It's not that SW is not good - I've
used it myself quite happily - but that it is not a sustainable move.

> Would u care to elaborate on how to do this

I've outlined two options. Pick one, yum install the packages and read
the man pages :-)

Also note that openldap is very brittle when it comes to unexpeted
poweroffs and stuff like that. It gets its BDB DB in a tangle even
when running normally - a simple ldapsearch <pattern> | sed |
ldapmodify script can corrupt the DB.

Bad juju with openldap. Very bad.


>>> 5. Install Webmin for overall (internal) gui manipulation of the server...
>>
>> Ugh! Not recommended and xs-config in its current incarnation is
>> lilkely to just make a mess of it all. I am not too proud of
>> xs-config, and Webmin is too horrible for words.
>
> Its a matter of opinion...

It is a lot more serious than that David. I can almost guarantee
xs-config and webmin will interact disastrously.

Not just webmin (though I worked with its internal code circa 1999
and... ), but anything that wants to change the config files. Any
changes to config files that xs-config controls will bring grief, my
worry with Webmin is that it makes it easy to change a lot of stuff
that xs-config will later re-change. And I am sure modern Webmin will
try and be smart about it - with a good chance of making things worse.
Unless it has developed mind-reading abilities, the result will be
<ka-boom>.

It's not just Webmin: any "administration" program, web-based or not -
is *not* recommended on a XS. And by that I mean "the next yum update
very likely leave the machine in non-working state".

xs-config is a bit nasty ATM, but even if we make it better, it wil
_never_ interact well with a webmin-type app. Sorry. Life is hard like
that.

> need... I have no idea what xs-config is... but I'll gladly take a
> look...

It is what configured everything in the XS.

Dragons. There. Yes, right there. Nah, I'm not kidding.

>>> 6. Install various server monitoring tools
>>
>> Install whatever tickles your fancy but do install sysstat and make
>> sure it's logging. If you need help, or can provide load stats, it
>> will be the sysstat logs that we'll want to look at.
>
> yeah, I think we've settled for Nagios... seems to be allround for
> what we need... Ill make sure to sysstat and post the logs...

Yup, nagios is ok. Cacti too. And BB if you want. As long as you get
sysstat in there, we're _sorted_.

cheers,



m
-- 
 martin.langhoff at gmail.com
 martin at laptop.org -- School Server Architect
 - ask interesting questions
 - don't get distracted with shiny stuff - working code first
 - http://wiki.laptop.org/go/User:Martinlanghoff

More information about the Server-devel mailing list