[volunteers] (forw) Re: [reiber@gmail.com: Re: brie]

[Rick Moen]

Posted here for collective knowledge.  (Please try to remember our 
group memory, and consider posting here instead of just private mail.
Also, please remember that many questions are already answered in this
mailing list's archive.)

----- Forwarded message from Rick Moen <rick at linuxmafia.com> -----

Date: Tue, 24 Apr 2007 16:51:09 -0700
From: Rick Moen <rick at linuxmafia.com>
To: svlug at flygirl.com
Cc: Paul Reiber <reiber at gmail.com>,
	Mark Weisler <mark at weisler-saratoga-ca.us>
Subject: Re: [reiber at gmail.com: Re: [volunteers] brie]

Quoting Lisa Corsetti (svlug at flygirl.com):

> As shown below, Paul and I have been talking and I asked for the
> info on the linnode machine.  I also wanted to know if anyone
> has actually set anything up on it yet or not.
>
> I have a linnode "machine" myself and would be interested in
> doing so if no one has already and/or experimenting on it for
> other things (perhaps a backup server or something).
> 
> So, assuming that you have the info, could you give me the
> linnode username/password as well as, if it has been set up
> already, the machine username/password?

Coolness!  Please telephone me at your convenience (650-283-7902).

I'm sorry to have been a bit busy to have noticed that thread, but
here's where we are:

J. Paul Reed (ex-Pres.) got his VP Micah Dowty to negotiate for free
virthosting, and got the owner of Linode to give us a free Linode
virthost:  64 MB RAM, 3072 MB disk space.  My understanding is that the
Linode folks expect us to credit them as the (hosting) sponsor of our
Web site, to acknowledge their gift.

Micah installed Ubuntu (Dapper?) on it[1], and kept it entirely to
himself until just before he and Paul Reed left office.  He named it
"gruyere" (which is where we got the cheese naming scheme).

Paul Reed told Micah to give me access, which he then did.  I started
setting things up.  Micah believed the virthost able to house all of
SVLUG's operations.  I politely doubted this:  As I started setting
things up, my doubt increased markedly.  There's neither enough disk nor
enough RAM.

At Paul Reed's directive, I first established primary nameservice there,
because Paul Reed was most eager to get out of the business of doing
SVLUG's nameservice at all.  I tried BIND9, but as expected found its
memory footprint way too large.  So, I consulted available options, and
settled on NSD, an authoritative-only nameserver that uses BIND-format
zonefiles* and is RAM-thrifty.  It was invented to run the root zone for
the ".nl" ccTLD, and still does so.  This worked stunningly well, and
the Linode host immediately became the master nameserver for
svlug.{org|com|net}, and is reachable as hostname "ns1.svlug.org", 
among others.

For reasons similar to those that applied to DNS, Apache 2.x and 1.3
seemed far too RAM-hungry, so I settled on lighttpd
(http://www.lighttpd.net).  There was not (and probably still is not) an
Ubuntu package of lighttpd, so I compiled a .deb package from an
upstream tarball.  It installed correctly, ran, and seemed pleasingly
fast and light.

The best tradeoff of RAM, performance, and security seemed to involve
running MoinMoin as a FastCGI process, so I started configuring that.
I successfully configured ligthttpd to run as a FastCGI front-end, but
encountered difficulty getting MoinMoin to run as a FastCGI back-end,
and so asked for help.  

Nobody helped me for a long time (which made me feel a little peevish,
considering all the other things I'm already handling for SVLUG), so I
didn't bust my butt trying to figure out that problem.  Eventually
(about a month ago?**), Paul Reiber said he'd solved that problem,
though I do not yet have details.

Once Paul Reiber's fix is implemented, all the remains for MoinMoin
deployment is importing Heather's MoinMoin stuff.  I believe she said
she put a copy of it on the current/legacy SVLUG host[2], in her home
directory.

Based on my assessment of NSD and lighttpd/MoinMoin's RAM footprint, 
I estimated that _also_ doing SVLUG's SMTP + Mailman on that host would
not be feasible (the mailing list archives alone being huge enough to
possibly exhaust the disk space), and recommended to Paul and Mark that
those functions be kept on machines at Via.Net.  They accepted my
recommendation.

The question frequently arises as to whether we should maybe either
scrap the Linode virthost, or use it for nameservice only.  We could do
that.  Ultimately, that decision is up to the Pres. and VP.

We're using the Linode host because Micah made that arrangement with
Linode, and because Paul Reed decided to move our Web presence there.
If we keep just the DNS there, Linode _might_ cancel its gift on grounds
that we aren't crediting them, and aren't using it as agreed.  Or they
might not.  If our virthost gets cancelled, we'll have to move master
DNS.

Heather tells me that MoinMoin now (in the most recent releases)
includes built-in continuous hot replication between instances.  Thus,
we could have the production MoinMoin instance on Linode, and a fallback
instance on one of the Via.Net machines (preferably brie).  

Luckily, far-sighted admins in the past have segregated SVLUG's
functions using DNS names, which can be moved as needed:

"lists.svlug.org": Mailman SMTP and Web pages
"www.svlug.org":  Site HTML
"svlug.org":  Non-Mailman SMTP


[1] I have nothing against Ubuntu as a server OS, though my own
preference is Debian.  When last I was in it, I had upgraded the
installation from what Micah installed to then-current Ubuntu.

[2] The legacy host's hostname is "svlug", and thus "svlug.svlug.org" is 
a valid FQDN for it.  The plan is for it to be decommissioned after its
various functions have been migrated away.  It can then be reloaded with
a less wacky installation of Debian, and repurposed for backup or
whatever.


----- End forwarded message -----

* As I mentioned elsewhere, it uses binary hashed versions of zonefiles,
compiled using "zonec".

** January, Paul says.