[Server-devel] Server-devel Digest, Vol 10, Issue 12
Tony Pearson
tpearson at us.ibm.com
Fri Feb 8 20:21:53 EST 2008
Greg,
I updated your Wiki directly in a few places, hope you don't mind.
As for your question if Apache hosts only Moodle or something else. Here's
how I set it up on my test system.
/var/www/html/ <--- this is the high level directory.
/var/www/html/index.php <--- this is the default home page. If I do a
"http://192.168.0.77" that is what shows up.
/var/www/html/moodle <--- this is moodles directory
/var/www/html/moodle/index.php <-- this is the Moodle home page
In this way, index.php can be some kind of identifier front page, in
English and Nepali. In other words,
half the screen is in English, and other half in Nepali, and so anyone can
use it.
Welcome to the OLPC School Server! (English) Welcome to OLPC
School Server (Napali)
Click here for Moodle Click here
for Moodle(Nepali)
Click here for Nepal Library Server Click here
for Nepal Library Server(Nepali)
Click here for .... etc.
Then, I think the key would be to update the default webpage on the XO
laptop to allow for an option
to connect to this server.
Laptops or other machines at the school could access the webpage also.
Thanks
Tony Pearson
Senior Storage Consultant, IBM System Storage?
Telephone: +1 520-799-4309 | tie 321-4309 | Cell: +1 520 990-8669
email: tpearson at us.ibm.com | GSA: http://tucgsa.ibm.com/~tpearson
Blog: http://www.ibm.com/developerworks/blogs/page/InsideSystemStorage
AKA: 990tony Paravane, eightbar specialist
server-devel-request at lists.laptop.org
Sent by: server-devel-bounces at lists.laptop.org
02/07/2008 10:32 PM
Please respond to
server-devel at lists.laptop.org
To
server-devel at lists.laptop.org
cc
Subject
Server-devel Digest, Vol 10, Issue 12
Send Server-devel mailing list submissions to
server-devel at lists.laptop.org
To subscribe or unsubscribe via the World Wide Web, visit
http://lists.laptop.org/listinfo/server-devel
or, via email, send a message with subject or body 'help' to
server-devel-request at lists.laptop.org
You can reach the person managing the list at
server-devel-owner at lists.laptop.org
When replying, please edit your Subject line so it is more specific
than "Re: Contents of Server-devel digest..."
Today's Topics:
1. Re: Thoughts on redundancy (Bryan Berry)
2. Re: Thoughts on redundancy (Martin Langhoff)
3. Nepal project plan and requirements updated
(Greg Smith (gregmsmi))
4. Git checkouts for the XS (Martin Langhoff)
5. ejabberd crash (John Watlington)
6. Re: Git checkouts for the XS (John Watlington)
7. Re: Git checkouts for the XS (John Watlington)
----------------------------------------------------------------------
Message: 1
Date: Thu, 07 Feb 2008 15:28:42 -0500
From: Bryan Berry <bryan.berry at gmail.com>
Subject: Re: [Server-devel] Thoughts on redundancy
To: server-devel at lists.laptop.org
Message-ID: <1202416122.7064.34.camel at dell.linuxdev.us.dell.com>
Content-Type: text/plain
Tony,
Great ideas on redundancy. I have put them on the wiki
http://wiki.laptop.org/go/Nepal:Redundancy
Here are some ideas I have on the questions you raised
> LS fails -- students have access to local activities, XS moodle >
lessons,
> and internet, and whatever LS content cached on XS server
We could run a script ahead of the first day of school that locally
caches the library content on the XS. There likely will be some but not
a ton of content on the library by April 13th (first day of school).
Also, we should have a live back up Library Server that mirrors the
production library server
> ISP fails -- students have access to local activities, XS moodle
> lessons, and whatever LS/Internet cached content on XS server
What is ISP providing for "Service Level Agreement". Can they
> resolve this in a single day or two?
The ISP's in Nepal are actually pretty reliable. ISP access will likely
be donated along w/ volunteer support. They should be able to resolve
issues quickly __for this pilot__. For broader implementation we will
need service level agreements and dedicated support, be it volunteer or
paid.
An issue that I am concerned about: What if the mesh network crashes? I
heard this happened in Mongolia and it is still not totally resolved. We
need a way to fall back to non-mesh networking very quickly.
> AA1 fails
Don't know how many clients an active antenna can support. Need to
figure that out
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Tue, 5 Feb 2008 18:55:55 -0700
> From: Tony Pearson <tpearson at us.ibm.com>
> Subject: Re: [Server-devel] Server-devel Digest, Vol 10, Issue 8
> To: server-devel at lists.laptop.org
> Message-ID:
>
> <OF18EBB7C5.4DC4F92E-ON072573E7.00064E19-072573E7.000A9B65 at us.ibm.com>
> Content-Type: text/plain; charset="us-ascii"
>
> Barry,
> Here are my thoughts on redundancy. The basic heuristics is as follows:
>
> (a) Determine the minimum setup and identify all components that can
> fail individually.
> (b) For each failure, what would be the impact to the entire system.
> (c) Determine an N+1 or N+2 configuration that might address the
> concern.
>
> Let's assume that:
> The LS (Library Server) is not located at the school, but somewhere else
> in the country, or hosted by the ISP itself.
> There is a single ISP provider, who provides a single line to the school
> that carries the internet signal.
> The ISP provides a single RJ45 terminal cable, which can be connected to
> a Hub or XS server A single four-port hub/Wifi router, which allows
> laptop use, network printer, or other servers.
> The School has a single XS server, two USB ports, two Active Antenna,
> and that each antenna handles maximum 100 XO laptops The WiFi router is
> WEP-protected so that only teachers/principals/guests have access, all
> students on mesh-only There are 200 laptops, at least one per student or
> teacher.
>
> LS----(ISP)---Hub----XS----AA1- - - - - XO1, XO2, ... XO100
> ----AA2- - - - - XO101, XO102, ... XO200
>
> Failure scenarios:
>
> LS fails -- students have access to local activities, XS moodle lessons,
> and internet, and whatever LS content cached on XS server
> Is that a problem? If there is a central LS for all of Nepal,
> they should consider a secondary LS server.
> Resolution: Perhaps have some LS content permanently on a local
> server, either on XS or other, in event central LS is down
>
> ISP fails -- students have access to local activities, XS moodle
> lessons, and whatever LS/Internet cached content on XS server
> What is ISP providing for "Service Level Agreement". Can they
> resolve this in a single day or two?
> Resolution: class might continue without internet access. Some
> lessons might be impacted that involve LS or Internet access.
>
> Hub fails -- students lose access to LS and internet. Teachers lose
> access to WiFi.
> Resolution: XS could be connected directly to ISP until new Hub
> replacement made available. Students continue as before.
>
> XS fails -- students lose access to LS, Internet and XS moodle. Can
> they
> mesh with each other? They can continue using activities on their XO.
> The XS failure could be either the disk drive itself fails, or
> something else on the system that prevents it from running.
> Resolution: it would seem that best option is multiple XS
> servers, and perhaps mirrored disk data between the two systems.
>
> AA1 fails -- If one Active Antenna fails, the other Active Antenna will
> not be able to handle the total 200 XO laptops. Do we know how
> many XO laptops an active antenna can support?
> If AA1 was for second graders, and AA2 was for sixth graders,
> then perhaps only one grade impacted.
> Resolution: Having an AA3 would mean that any one antenna
> failure, the remaining two antenna can handle the workload
>
> XO (teacher) fails -- An individual teacher is impacted. For N
> teachers,
> you should consider N+1 XO laptops, with one or more spare
> to handle this situation. The teacher XO would be enabled for
> WiFi-WEP key and have whatever extra software was needed on them.
> In lieu of an XO, the teacher could have a full PC running QEMU
> emulating the XO image, in the event it takes long to repair the
> original XO.
>
> XO (student) fails -- An individual student forgets his XO at home,
> breaks it, or whatever. Too bad. Student looks over shoulder of
> a fellow student. Alternatively, have a few XO student laptops
> that can be swapped out with the broken one while the broken
> one is getting repaired. Student would lose any work unless it
> was backed up to XS server.
>
> Here is an alternative with some redundancy built in:
>
> LS1----(ISP)----Hub------------------------------------------Hub
> LS2 XS----AA1, AA2, AA3
>
> In this case, we have two Library Servers in the central location, and
> the ISP or the LS-folks handle this so that they are properly available
> if one or the other is down.
>
> Alternatives for disk failure can include a LiveCD+USB stick. In this
> case, if the disk fails, you boot from a LiveCD, and the USB stick has
> all the modified values (conf files, IP settings, etc).
> Depending on the size of the USB stick, could contain critical backups
> of Moodle lesson plans, etc.
> There are also ways to have a "Boot from USB stick" that can then have
> either all the modifications needed, or a second USB with the modified
> values.
>
> Fedora 7 uses Linux LVM, and I suspect this level of LVM supports disk
> mirroring, which makes updates to two disks at the same time. In the
> event a single disk fails, the other disk would be used. That needs to
> be investigated. In this case, there would be two disks inside one
> server, containing identical information.
>
> Three Active Antenna would handle 300 laptops, so losing one can still
> handle the 200 XO laptops expected.
> A second hub provides wider WiFi access, more ports for
> peripherals/printers, etc. In the event a hub fails, the other one can
> be connected in its place.
>
> For this to work, you need an XS server with at least 3 USB ports.
>
> Another alternative:
> LS1----(ISP)----Hub------------------------------------------Hub
> XS1----AA1, AA2 XS2----AA3,
>
> AA4
> LS2-Local
>
> In this example, LS2 is a local version or subset of LS1, in the event
> the internet or LS1 is down, the LS2 can be used instead.
>
> There can be two XS servers. XS1 for second graders, XS2 for sixth
> graders. In the event either one is down, all students can use the
> remaining XS server. Each AA can handle 100 XO laptops, so assuming 100
> second graders and 100 sixth graders, then this setup can handle loss of
> any two active antenna and still be able to handle all students, and
> provide room for growth. XS1 and XS2 would send backups to each others
> databases to each other as needed, and if needed, an XS could handle the
> databases of both sets of students, and possibly have separate Moodle's
> on single Apache instance.
>
> XS1 could backup to XS2 and vice versa. This can be scheduled with CRON
> and SCP.
> Alternatively, LS2 could double as the backup server, with XS1 and XS2
> sending backups to LS2.
>
>
>
>
> Tony Pearson
> (IBM)
> -------------- next part --------------
> An HTML attachment was scrubbed...
> URL:
> http://lists.laptop.org/pipermail/server-devel/attachments/20080205/38f0
> fe7c/attachment-0001.htm
>
> ------------------------------
>
>
> ------------------------------
>
> _______________________________________________
> Server-devel mailing list
> Server-devel at lists.laptop.org
> http://lists.laptop.org/listinfo/server-devel
>
>
> End of Server-devel Digest, Vol 10, Issue 10
> ********************************************
------------------------------
Message: 2
Date: Fri, 8 Feb 2008 09:59:21 +1300
From: "Martin Langhoff" <martin.langhoff at gmail.com>
Subject: Re: [Server-devel] Thoughts on redundancy
To: "Bryan Berry" <bryan.berry at gmail.com>
Cc: server-devel at lists.laptop.org
Message-ID:
<46a038f90802071259lb403003l1fb31c66fb4fa857 at mail.gmail.com>
Content-Type: text/plain; charset=ISO-8859-1
On Feb 8, 2008 9:28 AM, Bryan Berry <bryan.berry at gmail.com> wrote:
> Great ideas on redundancy. I have put them on the wiki
>
> http://wiki.laptop.org/go/Nepal:Redundancy
So far the thinking around XS redundancy seems to have been about
recovering after a disastrouos XS failure -- in other words, having
solid backups "upstream" and an easy restore procedure. I think that's
the main thing we have to address ATM.
HA-oriented redundancy is expensive and technically hard to get right.
And different locations will have different failure scenarios. IMHO,
there's a more valuable payoff in focussing on recovery. The laptops
are independent enough that if the XS is down for a few days things
should tick right along (without the XS services, of course).
As much as I love the XS, we really want to avoid being XS-centric, or
too XS-dependent...
cheers,
m
------------------------------
Message: 3
Date: Thu, 7 Feb 2008 17:04:37 -0500
From: "Greg Smith (gregmsmi)" <gregmsmi at cisco.com>
Subject: [Server-devel] Nepal project plan and requirements updated
To: <server-devel at lists.laptop.org>
Message-ID:
<B02C78B842B89E448937F82241C96A2B046E1FD4 at xmb-rtp-20c.amer.cisco.com>
Content-Type: text/plain; charset="US-ASCII"
Hi All,
The Nepal project plan and school server specification Wiki pages have
been updated.
See:
http://wiki.laptop.org/go/Nepal#Planning
We need to pick the XS server image we will deploy ASAP. Teacher
training starts April 1!
Will there be another XS server image blessed by OLPC beyond
OLPC_XS_150.iso in the next few weeks?
One open question is the status of single sign on.
I see three options:
1 - Don't use it in phase 1
2 - Use one of the proposed work arounds. See Single Sign On section at:
http://wiki.laptop.org/go/Nepal:School_Server_Specification#Requirements
_Not_Specific_to_a_Core_Software_Module_
3 - Use some other OLPC developed solution. (Bitfrost?)
Let me know if option 3 has a chance to make a new build or if we should
focus on the first two for now.
Any other comments on the which of the listed requirements are addressed
in which XS server build are appreciated.
Also, clarifications, additions and suggestions are welcome. I will try
to improve the formatting and add detail regularly.
For the Nepal team,
After we lock down SSO strategy, what do you want to focus on next? I
think we should switch from design to implementation in less than two
weeks. Hot topics we could try to flush out include:
- Moodle design and usage
- Backup and reliability, including storage and network aspects
- Caching and filtering
- Localization
Something else?
Pick an area and we'll try to suggest and help implement a design ASAP.
Thanks,
Greg Smith
------------------------------
Message: 4
Date: Fri, 8 Feb 2008 11:46:02 +1300
From: "Martin Langhoff" <martin.langhoff at gmail.com>
Subject: [Server-devel] Git checkouts for the XS
To: server-devel <server-devel at lists.laptop.org>, wad at laptop.org, "
Ivan Krsti? " <ivan at laptop.org>
Message-ID:
<46a038f90802071446r661f489q374c0e81ac23efaa at mail.gmail.com>
Content-Type: text/plain; charset=ISO-8859-1
Cloned some key git checkouts and have been reading through the recent
changelogs last night -
xs-callhome/
xs-config/
xs-livecd/
xs-pkgs/
security/
ds-backup/
is there anything I am missing? Initially, am looking at
- adding the relevantdependencies for moodle and mediawiki
- some postinst scripts or "configuration" packages to edit apache's
configuration for tuning to the available resources
- a basic moodle package and mediawiki package (more work on moodle
and mw to follow)
- trying to understand where the security infrastructure is at, and
how can apache of the XS get some identity information from the XO
clients, the bitfrost way if possible, kludging it somehow if not...
cheers,
m
------------------------------
Message: 5
Date: Thu, 7 Feb 2008 21:26:35 -0500
From: John Watlington <wad at laptop.org>
Subject: [Server-devel] ejabberd crash
To: Robert McQueen <robert.mcqueen at collabora.co.uk>,
olpc at collabora.co.uk
Cc: server-devel at lists.laptop.org
Message-ID: <CAAEECCA-E6BF-4D36-A5FF-90D1554FE5D4 at laptop.org>
Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed
ejabberd decided to eat its database again, on schoolserver.laptop.org
(http://dev.laptop.org/ticket/6365)
The error (from sasl.log) is:
Error reading Mnesia database
A number of laptops (25 or so) were registered with
schoolserver.laptop.org today.
Any recommendations on how to recover without nuking the
database ? Any Mnesia experts out there ?
And a relevant question: what will telepathy do in this case ? Will
it automatically
re-register if a laptop's jabber account is deleted ?
wad
------------------------------
Message: 6
Date: Thu, 7 Feb 2008 22:07:57 -0500
From: John Watlington <wad at laptop.org>
Subject: Re: [Server-devel] Git checkouts for the XS
To: "Martin Langhoff" <martin.langhoff at gmail.com>
Cc: server-devel <server-devel at lists.laptop.org>, Ivan Krsti?
<ivan at laptop.org>
Message-ID: <8C15203C-012D-4ECC-B69C-6316F5657E9C at laptop.org>
Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed
On Feb 7, 2008, at 5:46 PM, Martin Langhoff wrote:
> Cloned some key git checkouts and have been reading through the recent
> changelogs last night -
>
> xs-callhome/
A crusty turd best ignored (tunelling over ssh to allow access to
servers behind NATs)
> xs-config/
> xs-livecd/
> xs-pkgs/
These are the core of the schoolserver build. One to gather the
packages, one
to configure them, and one to package them onto a self-installing CD.
> security/
Currently not used on the schoolserver. I was letting the security
implementation
mature on the laptop before stealing it for the school server. I
think it is still
maturing too quickly.
> ds-backup/
Let Ivan finish this before reviewing/using.
> is there anything I am missing? Initially, am looking at
>
> - adding the relevant dependencies for moodle and mediawiki
To xs-pkgs
> - some postinst scripts or "configuration" packages to edit apache's
> configuration for tuning to the available resources
To xs-config
> - a basic moodle package and mediawiki package (more work on moodle
> and mw to follow)
These can be added to the repositories on xs-dev. We can exchange
account
info in separate email. In the meantime, you can redirect the
kickstart script in
xs-livecd to include your own repositories, or to a local mirror of
ours which includes
your new packages.
> - trying to understand where the security infrastructure is at, and
> how can apache of the XS get some identity information from the XO
> clients, the bitfrost way if possible, kludging it somehow if not...
The school server's current identity model is that a child is
represented by their laptop.
The username is the laptop serial number (guaranteed unique), the
password is the
laptop UUID (large, random, and never exposed). Authentications
other than disaster
recovery use a public/private key pair, which is generated when a
user first opens a laptop.
Other IDs include a hash of the public key (IIRC) used by the
presence (ejabberd) service
to represent a user. There is also a nickname, which is not
guaranteed to be unique
within a school but is nonetheless used in our UI.
There is no security infrastructure currently. Even SELinux is
turned off in the interest
of making things work. A student could theoretically access a
school server, but
they would have to know to use their serial number as the username.
wad
------------------------------
Message: 7
Date: Fri, 8 Feb 2008 00:32:46 -0500
From: John Watlington <wad at laptop.org>
Subject: Re: [Server-devel] Git checkouts for the XS
To: Martin Langhoff <martin.langhoff at gmail.com>
Cc: server-devel <server-devel at lists.laptop.org>, Ivan Krsti?
<ivan at laptop.org>
Message-ID: <76F5F838-7C34-4759-B2A7-95AB2D70D4B4 at laptop.org>
Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed
You forgot the idmgr package. See:
http://wiki.laptop.org/go/XS_Software_Repositories
wad
On Feb 7, 2008, at 10:07 PM, John Watlington wrote:
> On Feb 7, 2008, at 5:46 PM, Martin Langhoff wrote:
>
>> Cloned some key git checkouts and have been reading through the
>> recent
>> changelogs last night -
>>
>> xs-callhome/
> A crusty turd best ignored (tunelling over ssh to allow access to
> servers behind NATs)
>
>> xs-config/
>> xs-livecd/
>> xs-pkgs/
>
> These are the core of the schoolserver build. One to gather the
> packages, one
> to configure them, and one to package them onto a self-installing CD.
>
>> security/
>
> Currently not used on the schoolserver. I was letting the security
> implementation
> mature on the laptop before stealing it for the school server. I
> think it is still
> maturing too quickly.
>
>> ds-backup/
>
> Let Ivan finish this before reviewing/using.
>
>> is there anything I am missing? Initially, am looking at
>>
>> - adding the relevant dependencies for moodle and mediawiki
> To xs-pkgs
>
>> - some postinst scripts or "configuration" packages to edit apache's
>> configuration for tuning to the available resources
> To xs-config
>
>> - a basic moodle package and mediawiki package (more work on moodle
>> and mw to follow)
>
> These can be added to the repositories on xs-dev. We can exchange
> account
> info in separate email. In the meantime, you can redirect the
> kickstart script in
> xs-livecd to include your own repositories, or to a local mirror of
> ours which includes
> your new packages.
>
>> - trying to understand where the security infrastructure is at, and
>> how can apache of the XS get some identity information from the XO
>> clients, the bitfrost way if possible, kludging it somehow if not...
>
> The school server's current identity model is that a child is
> represented by their laptop.
> The username is the laptop serial number (guaranteed unique), the
> password is the
> laptop UUID (large, random, and never exposed). Authentications
> other than disaster
> recovery use a public/private key pair, which is generated when a
> user first opens a laptop.
> Other IDs include a hash of the public key (IIRC) used by the
> presence (ejabberd) service
> to represent a user. There is also a nickname, which is not
> guaranteed to be unique
> within a school but is nonetheless used in our UI.
>
> There is no security infrastructure currently. Even SELinux is
> turned off in the interest
> of making things work. A student could theoretically access a
> school server, but
> they would have to know to use their serial number as the username.
>
> wad
>
------------------------------
_______________________________________________
Server-devel mailing list
Server-devel at lists.laptop.org
http://lists.laptop.org/listinfo/server-devel
End of Server-devel Digest, Vol 10, Issue 12
********************************************
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.laptop.org/pipermail/server-devel/attachments/20080208/70ec9d88/attachment-0001.htm
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/gif
Size: 166 bytes
Desc: not available
Url : http://lists.laptop.org/pipermail/server-devel/attachments/20080208/70ec9d88/attachment-0002.gif
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/jpeg
Size: 3808 bytes
Desc: not available
Url : http://lists.laptop.org/pipermail/server-devel/attachments/20080208/70ec9d88/attachment-0001.jpeg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/gif
Size: 166 bytes
Desc: not available
Url : http://lists.laptop.org/pipermail/server-devel/attachments/20080208/70ec9d88/attachment-0003.gif
More information about the Server-devel
mailing list