Systems deployment

From Pumping Station One
Revision as of 16:43, 23 November 2017 by Skm (talk | contribs) (fixed link syntax)

Current situation

Really bad

Here is a crude list of our services (non-members):

Server VMID Name Role Deployable Backuped
VM05 105 bob Samba and VPN No Yes
VM05 107 sally some members stuff, full of IRC bots that look for care No No
VM05 110 dhcp Our DHCP and DNS No (Carl started something on it) No
VM05 115 mail Our mail server No No
VM05 119 rt Our Ticket master, or Really Terrible No (Bjonnh is working on it) Yes
VM05 121 wiki-ansibled Our wiki Yes (but could take some love and ansible vault) Yes
VM05 123 ps1auth Our members system, slowly crumbling away No Yes
VM05 131 windows10-test-samba A Windows test instance to see if samba is working correctly, of course running on the same host as samba to make it useless No (Not meant for it) No
Cloud1 101 www1 Our web frontend (no, not the blog, just our front-end to the world) No No

Expected situation

  • Ansible deployment playbooks using Ansible Vault for credentials:
    • Master credentials for CTO (common to all services)
    • (ir)responsible credentials for whomever wants to play with it
  • Ability to bootstrap from backups
  • Updated versions and homogeneous Linux distributions (for now Debian is the default for new machines)
  • Netdata or some form of monitoring (including on the hosts)
  • Log aggregations?
  • A nice plan of how everything works
  • A nice git repo of everything
  • A nice key management/revocation model