Open main menu

CDOT Wiki β


Daily Infrastructure Duties
[[Category:CDOT Staff]][[Category:Fedora ARM Secondary Architecture]][[Category:SOP]]
== Daily Infrastructure Duties ==
** Mount points from Hong Kong - Work Space (builder specific, and /mnt/koji).
* Back-ups - Check all automated back ups
**Back-ups are located on Ireland, New Zealand the critical management servers and iraq - /vararchive/kojiblaze-backup/***should contain backups of "/etc" and a postgresql dump, run on a daily basis at after midnight. These are cronjobs run as root for "/etc" and as koji for the postgresql dump.***Ireland should also have a full copy of "/mnt/koji". This is a cronjob run under the root account on Hong Kong.
* Check available disk space on all relevant machines - Hongkong, Ireland and New Zealand.
** /var and /mnt/koji on Hong Kong
* Blogpost including links
* Wiki page for the release highlighting changes, notes
== Create Koji Builder - Create repo ==
* Download the ARM patched koji software from [ Koji Software]
yum localinstall koji-1.6.0-2.fc15.arm.noarch.rpm koji-builder-1.6.0-2.fc15.arm.noarch.rpm
* on hongkong create a certificate to be used with the new host. Certificates are created from the directory '/etc/pki/koji' by running the 'certscript'. A link to the [http://scotland/paulwhalen/certscript certscript]
./certscript <hostname>
* copy the cert (hostname.pem) and 'koji_ca_local+fedora.crt' to the new host machines '/etc/kojid/' folder.
* In order for createrepo tasks to work successfully you will need to downgrade the createrepo and yum packages that are included in F16. Download [ createrepo-0.9.8-5.fc14.noarch.rpm ] and [ yum-3.2.29-10.fc15.noarch.rpm]
rpm -Uvh --oldpackage createrepo-0.9.8-5.fc14.noarch.rpm
rpm -Uvh --oldpackage yum-3.2.29-10.fc15.noarch.rpm
* Edit the /etc/yum.conf to exclude the above packages from being updated
* edit '/etc/kojid/kojid.conf'. Example of a kojid.config can be found here [http://scotland/paulwhalen/kojid.conf kojid.conf]
* Edit the export file in the nfs server that holds mount koji, at this point which is chile and add the to-be-createrepo machine's info on that file and restart the nfs server
* Add mount koji through nfs in the to-be-createrepo machine (make the mounting directory and edit the fstab) and run mount all
== Bandwidth Throttling and Connection Limiting in Scotland ==
=== Throttling ===
* This script is based on [ Traffic Shaping script] and uses [ tc command]
* The bandwidth throttling script ''bwmon'' is available in /usr/local/bin in scotland
* Activate it by running the following
bwmon start
* Available options are
# bwmon [start|stop|restart|show]
* Script base is available [ here]
* [ External link] on bandwidth throttling.
=== Connection Limiting ===
* Connection will be limited 2 per host every 60 sec
* Custom netfilter tables are available in /usr/local/bin directory
* To enable connection limiting run the following
iptables-restore < /usr/local/bin/connlim.iptab
iptables-save > /etc/sysconfig/iptables
* To disable connection limiting run the following
iptables-restore < /usr/local/bin/regular.iptab
iptables-save > /etc/sysconfig/iptables
* More info available at [ Cybercity]
== rsync server: Scotland ==
* The rsync server is running at default rsync port (TCP 873)
* Associated files are
daemon file = /etc/rsyncd.conf
motd file = /etc/rsyncd.motd
log file = /var/log/rsyncd.log
pid file = /var/run/
lock file = /var/run/rsync.lock
* The Firewall was adjusted to accommodate the rsyncd service. Please see [ already implemented firewall rules]
* Available modules are test and raspberrypi
* Sample invocation method as follows
rsync -aprvz /path/to/destination/directory
* Script base is available at [ Everything Linux]
* Additional tutorials available at [ Seneca Wiki]
=== Feature possibilities for the rsync server ===
* Service Command compatibility [ script from Fredshack] can be added
* Systemd compatibility [ script from Github] can be implemented