Potential Hosts

I'll start by listing problems in need of a solution:


 * Stable Webserver
 * Serving:
 * fudo.org
 * forum.selby.ca
 * webmail
 * etc...
 * Should be stable, not generally user-accessible, not particularly resource-hungry


 * Database server - Main
 * Should be stable, not user-accessible, provide databases to back our stable pages: webmail, forums, blogs or whatever


 * Database server - User
 * A database that users can access (gubbs, say), and that has experimental databases (I've used our servers for test filesystems, stock market quotes, etc...)


 * Database server - Dynamic DNS
 * Sparta does this right now; again, it'll be 'user'-accessible (where user here means special hosts), and with ports facing the internet, so it shouldn't be the main DB. Perhaps more importantly, dynamic DNS needs to run in place of bind


 * Jabber & Email
 * Should be stable, /home should not be shared (needs to be accessible always)


 * User server
 * Accessible to all users (who ask), probably tighter security, large /home which can be remounted in other hosts
 * Used for experimental stuff?
 * User homepages; ~/public_html, personal blogs, files, etc


 * Kerberos & LDAP
 * Should be stable, master/slave; LDAP needs one open port, kerberos about 4-5 (but it's goddamn kerberos, it should be pretty secure), both fairly lightweight
 * Should be very secure, not user-accessible


 * DNS servers
 * Should be stable, master/slave; you know the requirements


 * Spamassassin
 * Just musing, we might not want to ask the 'stable' email server to do all the spam processing by itself; the user server could pitch in

Alright, so some musings:


 * Web server (Main) is very compatible with DB server (main), possibly Jabber & Email, maybe even LDAP, Kerberos, and DNS--but then it's getting messy, maybe we could split that into Webserver and Services, uh, server?


 * DB server (user) could go on the User server happily, obviously


 * Kerberos and LDAP (and DNS for that matter) are foundational; all sub-servers depend on them to some extent.
 * Thus, from a dependency POV, it makes good sense to put them on the hypervisor. OTOH, that grows the hypervisor, possibly exposing it to instability/insecurity.
 * I don't like having either (especially LDAP) on a host that depends on them (LDAP on athens, for example) because that's an ugly mess.
 * This suggests a special host, which can be small, on each machine serving these three (and possibly email/jabber--ah, but there's that metacircular problem again...)

Olympus - eth0 - 208.81.1.141/28 - 2605:e200:d100::1:141/64
Olypmus hardware is HP Proliant DL145. 2x500 GB HDD, 8 GB RAM, 2x2 2.4 GHz Opteron CPU (x86_64).
 * eth1 - 10.0.1.10/24 - interlink to asgard-eth1

Olympus is a OS on hardware host, running latest Ubuntu (not LTS).


 * DNS - ns1.fudo.org, BIND 9.9, master DNS server for Fudo.org
 * drives:
 * home - 300 GB
 * WWW for ~/public_html
 * MySQL
 * PostgreSQL

FORMER HOSTS  Zeus - 208.81.1.134 - 2605:e200:2:2::20/64 '
 * 4 GB RAM
 * Drives:
 * root - 80 GB
 * home - 300 GB
 * WWW for:
 * ~/public_html
 * User websites
 * PostGreSQL & MySQL databases, user-accessible
 * SpamAssassin nodes

 Athena - 208.81.1.130 - 2605:e200:d100:1::21/64 
 * 512 MB RAM
 * 20 GB root
 * Kerberos
 * LDAP
 * DNS

 Athens - 208.81.1.135 - 2605:e200:d100:1::22/64 
 * 2 GB RAM

''' subversive1 - 208.81.1.136 - 2605:e200:2:2::
 * 512 MB RAM
 * /dev/olympus/subversive1-root - 20 GB
 * For hosting Dave's project for changing government.

(Total allocated: 6.5 GB RAM, 423 GB HDD)

Asgard - eth0 - 208.81.1.140/28 - 2605:e200:d100:1::140/64
Asgard hardware is IBM x346 with 8 GB RAM, 6x73 GB 10k RPM HDD, 2 x Xeon 3.4 GHz CPU (x86_64).
 * eth1: 10.0.1.11 - interconnect to olympus-eth1

Asgard serves as a network syslog receiving server, using rsyslogd.
 * SERVICES

Asgard as VM host has the following allocation:
 * RESOURCES
 * 3.6 GB RAM
 * 20 GB HDD

VIRTUALIZED GUESTS:

 Odin - 208.81.1.132/28 - 2605:e200:d100:1::132/64
 * 3 GB RAM
 * 60 GB root
 * WWW for:
 * fudo.org
 * forums
 * webmail
 * MySQL database for:
 * forums
 * webmail
 * webmail

 Tyr - 208.81.1.133/28 - 2605:e200:d100:1::133/64 
 * 2 GB RAM (can balloon to 3 GB as required)
 * 60 GB root
 * Jabber (XMPP) - for fudo.org, using ejabberd and SRV DNS records
 * SMTP - for fudo.org and rogerwongphoto, inbound and outbound, using postfix (plus spamassasin and postgrey)
 * POP3 and IMAP - Email retrieval services, using dovecot
 * Dynamic DNS - for dyn.fudo.org, using power DNS and MySQL
 * Apt-cacher-ng, port 3412

 Thor - 208.81.1.131/28 - 2605:e200:d100:1::32/64


 * 512 MB RAM
 * 20 GB root
 * Kerberos
 * LDAP
 * DNS

 Loki - 208.81.1.137/28 - 2605:e200:d100:1::33/64 
 * * 512 MB RAM
 * * 20 GB root
 * DNS Master (ns1)
 * LDAP
 * Kerberos

(Total allocated: 4.5 GB RAM, 140 GB HDD) - !out of date!