- On freenode join #ubuntu-server summit
Enable PIE by default on 64bit architectures
- A gobby document was created for the spec, jaunty-server-pie
- Schedule changed: Likewise-open instead of lvm-crypt.
- Disable pie by default on 32 bit arch, noticeable slow-down
- PIE on 64-bit has no problems
- What works right now in Ubuntu? Running and backtracing core
- Fix gdb PIE and existing compiler tests that do not work and move on
- Do we need benchmarks? Compare bootspeed (python boot benchmarks)
- Phronix does distro compare boot benchmarks
- Getting a backtrace from a running PIE process must work
- Phoronix for testing, perhaps? - phoronix-test-suite
- Are .a files shipping with -dev packages still? Has Debian Policy changed?
- More of a goal for jaunty +1
- Work on rebuilding the archive over Christmas
- For server team pie roadmap
- Build a package with my ppa cflags + pie
- debian.org/hardening for more hardening information
- There is no impact on desktops
- Get benchmarks from every time? How does pie affect your part of the ubuntu stack?
- Fix multiarch spec for 64bit compiler building 32bit targets
- Benchmark for open-jdk with pie enabled
- The best benchmark for the dev stuff would be to run a test suite
- What about third parties? shouldn't affect kernel drivers and shipped third party apps
- How much additional security does PIE give you?
- Time for spec ending for PIE by Default
- Why shouldn't Ubuntu Server be the first distro to have PIE by default... we should!
- For Jaunty determine a list of things needed for default PIE.
Jaunty Security Defaults
- sha512 by default is done
- Jaunty tries to reduce the number of places it needs to be set /etc/login.defs is the One True Place for it
- What about LDAP migrations from sha512 to LDAP?
- Caller of crypt() needs to be able to use the right salt for sha512
- LDAP clients with glibc that doesn't know about sha512 may have issues (pre Hardy?)
- TODO: a migration PAM module that updates existing hashes to sha512 (jaunty+1)
- syn flood protection
- Very conflicting data on this and should probably wait for some form of "sign off"
- Elmo says Fedora enabled it and Dave Miller went bananas and he has never seen this attack in use - not providing any protection for additional risk
- Add UFW option to installer.
- Need a GUI for ufw before it is enabled by default on Desktops.
- Install a service and the service starts, install apache and then apache starts
- Default to open ports be default (with debconf option to not enable this)
- UFW dynamic listening detection is on the todo list.
- Firewall on by default on server?
- Make sure that upgrades don't re enable the port
- Need to cover all of main services before the default is active?
- New Profiles
- apparmor for dhclient and for squid: lots of things, pretty scary, hard pressed to do a config that wouldn't break people
- Get notification daemon working by default
Default LDAP DIT for user and group management
- Determine Directory Information Tree for LDAP:
- users -- uidNumber
- groups -- gidNumber
- Service Node: Apache, Mail
- MIT is the default kereberos implementation in main
- Question: Make it FreeIPA compatible
Mandrivav proposed tree: http://ur1.ca/030n
- A directory should start with a sane DIT.
Base the DIT on rfc2307: http://ur1.ca/030r
May follow rfc2307 http://ur1.ca/030r
- The success of your directory hinges on the management tools.
- Which is the best schema to load by default?
- qmail is perhaps the best mail schema
- default scheme: cosine, inetOrgPerson, Samba, qmail, core
Likewise 5 (AD authentication)
- Likewise-open and jaunty... likewise-open is now at version 5 and its development process is now more open, using git.
- Is it possible to use likewise-open's sandboxed libraries?
- There are only a few open bugs in likewise-open-5.0
- Discussing if the AD domain admin should have sudo access on the Ubuntu machine that joined the domain.
Suspend and Hibernate Support for the Ubuntu Server (Green Computing)
- Server Suspend: it's about creating an "eelastic cloud"
- Help the Green Computing initiative by lowering server power consumption in the datacenter.
- Use case of using hibernate to save the state of a machine while booting into another OS.
- At some point powering down systems can save a large amount of $$ for some businesses.
- Use case for suspend: adjust resources based on work load, suspend allows adding more resources quickly.
- Can use wakeonlan to resume systems from suspend or hibernate.
- Green Cloud, move virtual machines between larger systems to dynamically support demand.
- There may not be any gain in using suspend/hibernate in a VM, because most virtual solutions already contain a snapshot feature.
- Hibernate/suspend won't be a solution for all servers.
- There's no way to determine by looking at a machine if it has the ability to respond to wakeonlan
- Develop initramfs, udev rules, etc in order for the resume to work properly.
- Getting server hardware support for suspend/resume may not be as large a job as it was for laptop hardware
- Ultimate Goal: fill the suspend/resume gap between laptop, server hardware, and virtual machines.
- Use case is that the cache is hot, so there's a perceived benefit by suspending that primed cache, rather rebooting with a cold cache
- Make current tools ipmi, wakeonlan, etc work out of the box.
Growing the server community
- How to improve coverage of the Ubuntu Server community.
- Change from one big block post to multiple smaller posts
- use the post in future in wordpress
- blog post is summary of ubuntu server team meeting, more of a minutes section for those that cannot attend
- New categories for the server blog
- Blog outreach: outside the Ubuntu community (ex: most popular post: ruby).
- Create trackbacks from the server blog to the persons blog who is blogging about new development
- Use/goal of the team report. how-to get more information from the community members for the report
- 'Server community' is wide description; we should, maybe, split to groups, where each group would be doing some oriented task; ..
- New packages to the archive announced to the archive
- Create an archive report based on server team member activity
- That way new people would know where to start when they want to approach ubuntu server community
- After uds blog about the specs that were discussed
- Close to release there is less things to blog about
- QA tracker/iso tracking -- is this being tracked?
- Call for testing category.
- Jorge to find a Bridge Person between Ubuntu Server and the Ubuntu Forums.
- Good example of forums use is vm builder
- Need some type of identifier for the forums.
- Flag people in ubuntu forums as a member of core-dev, Canonical employee, etc
- Create a special ubuntu server team rank
- Not to create a ubuntu developer rank
- Contact technoviking on the forums
- Find ways to reach out beyond the Ubuntu community to other developer communities.
- Push blog posts to upstream blog planets
- Goals for team report, Jorge to track this down
- Is openweek/developer week helping out?
- Running a session but not seeing a spike after that in membership of the team
- Ubuntu server team is the only team that doesnt have a separate -devel channel
- -devel discussion moving to ubuntu-devel
- Building a community is not about building an irc channel but building a community
- irc has exlusivity
- Developers will follow the users.
- The Ubuntu Server community may not be known to a large number of users.
- Don't have a good way of showing consumers to contrib, nothing shows up in ubuntu weekly news on ubuntu server team
- Use technical information to make blog posts more attractive.
- Ubuntu switching to qmail?
I don't get the context of this entry, yikes! -- jorge 2009-01-05 19:51:53
- Age demographic is important to determine the Ubuntu Server audience.
- What is being replaced by ubuntu server: ie is windows being replaced by ubuntu server or is solaris being replaced by ubuntu, etc
- LISA '09 November 1Â6, 2009 Baltimore, MD
- Ted T'so is starting his session.
- Full lsb needs some graphical libraries
- A profile for systems with no X may be created.
- LSB is important for end user's and ISVs.
- LSB may allow ISVs to build applications on bleeding edge distros and they will work with older distro versions as well.
- Will LSB support non-rpm based distros.
- LSB no longer requires rpm. It actually requires alien that requires rpm
- Registering files outside the package manager probably won't work with Ubuntu due to the dist-upgrade process.
- Package namespace is an issue between distros, LSB has a mechanism to handle it, but isn't being followed by distros.
- Need help writing LSB tests.
- Past Ubuntu versions have been tested for LSB compliance.
- There's an error found by LSB due to relro compile flag.
- Question: has LSB thought about having a standard for Web configuration applications.
- Current LSB team doesn't have the expertise to develop a Web interface standard.
- LSB looks at what distros are doing and decides on a standard.
- Starting server bugs session.
- Are there any issues using LP in the work flow?
- Is there a way to "rate" bug comments, to only view relevant comments.
- Have the ability to create a bug from a comment that is a different bug from the original.
- New feature will be able to mute bug mail, but will still allow subscription.
- Use the API to find bugs that a team is subscribed to.
- Have documentation available to help setup environment available when mentoring someone on a bug.
- Can set bug filing guide lines per package.
- Guidelines are better from a user perspective than templates may be.
- If a specific set of data is needed for a bug, a script or instructions can be included with the package and recommended in the guidelines.
- In LP 3.0 the ability to close a bug for multiple Ubuntu releases will be available.
- Make it easier to file bugs upstream when upstream doesn't use LP.
- It would be good to be able to see a LP bug list and an upstream bug list side by side.
- A good feature would be good to see a list of bugs assigned to a team.
- Sort on generic columns.
- Link a bug to a PPA, would be a great feature. The feature is also on the LP todo list.
Improved Power Management
- Time for Improved Power Management session.
- Nut has power management ability, through communicating to UPSs.
- May be room to add Nut functionality to Landscape.
- Would be nice to be able to limit a server's power usage based on load.
- Power management can improve HA functionality, by allowing one machine to power off another so that the state of the machine can be known.
- Starting server roundtable, followed by cloud computing.
- Finished introductions for everyone and starting the roundtable
- Today is cloud computing day, lots of discussions, hopefully breaking the cloud computing day with other sessions, but goal is the cloud
- auegos disussion, project done by red hat that is an ipi for extracting configuration files
- Focus has been to work on integration into ubuntu, creation of lenses, etc
- augeas augeas.net
- How do I manage centrally ubuntu server: currently we have to manage each application individually plus each server application
- Community would like a small to medium business server with a nice gui/web front end.
- Goal is standardize on a community application that doesn't exist
- Configuration management discussion currently happening
- Two different types of customers when you get involved with it, hundreds of boxes for the enterprise and small community size server
- Programmatic access to configuration is necessary before any gui is placed on top.
- Need to solve both programmatic configuration issue and remote management issue with the same tools.
Ubuntu cloud strategy
Blueprint ofr cloud computing: http://ur1.ca/04rf
- Soren defining what cloud computing is and how it is implemented
- Amazon's service is what most people think of when they think of cloud computing
- Cloud Computing: An outsourcing of computational resources to the Internet.
- Cloud in the box: a local cloud, inside the data center
- Cloud computing is a very "cloudy" term
- Cloud computing at he hardware layer is hypervisor plus os
- Framework is the service provided on top of the hardware layer
- Taking existing applications moving to the cloud layer without having to re writing them
- Azure and google app enginer are framework
More information on auzre: http://ur1.ca/04rp which is the windows cloud framework
- Managing virtual machine problems: need to easily deploy similar virtual machines and also need the ability to scale
- Now on the white board he is drawing a nice fluffy cloud with VMs in it
- Need management interface to Live Migrate virtual machines to other physical machines in the cloud.
- Linux high availabitly is a framework that can manage this
- We need a management interface to control the Live Migration of virtual machines between nodes in the cloud.
- Eucalyptus provides an EC2 like experience.
- Linux ha has some scalability issues, when you get into the hundreds of servers
- Q: is Linux ha integrated into libvirt? A: no, works at a higher level then libvrt
- Q: Is Linux HA what was in mind A: not really, more trying to figure out what we would like to do and then look into solutions
- Q: Could Eucalyptus be integrated from unstructured clouds to more structured clouds a: don't think mutually exclusive
- HA has a policy based framework to determine where virtual machines can be placed based on load, state, etc.
- Real push to have an ec2 system in place
- sabdfl do not want to introduce another framework, pick something that is consolidating efforts on what will be the defacto standard
- sadfl: 5 commands to have a cloud computer that should be our goal for 9.04
- sabdfl: 5 commands: create a cloud, create a group, create a node, associate a node, associate a node to a group
- For amazon ec2 need official support and official backing
- Some run hardy some run intrepid
- People prototype on ec2, not are in a hardware business
- Place an apt mirror in S3 for updates to systems on EC2.
- Create an apt mirror on S3 for updating EC2 systems.
Identity management and network authentication in Hardy
- Starting Identity Management session.
- Need a solution to provide logon if the directory is unavailable.
- A long running daemon needs to know the state of the directory.
- nss-ldap should know the state of the directory.
- If the directory is unavailable it should fail quickly and allow local logon.
The google thing: http://ur1.ca/04ut
- Use the lsass module from likewise-open to cache nss information.
- lsass makes assumptions about AD, and may not work well with slapd.
- May be able to use lsass from likewise-open to cache nss information, but lsass is primailry for AD not slapd.
- One solution may be to use a local slapd containing information from the network directory.
Local caching slapd
- only listens on unix socket
- keeps an updated cache with syncrepl overlay
- /etc/ldap/ldap.conf reconfigured to connect that per ldapi://
- (possibly ?) magic to determine if master is reachable
- pam_ccreds can cache tickets even when server not available
- How can you stay connected to a samba server ?
- The Kerberos model depends on KDC being available.
- Some users may be hesitant to run a slapd service on each client.
VMbuilder should support the creation of iso and usb as well
- starting vm-builder disuccsuion
- Use vmbuilder to create ISOs and USB installs.
- Dropped ubuntu name off vm-builder to allow for other distributions to use
- The old version of ubuntu-vm-builder was a shell script, now written in python and designed to be used as a library
- Vmbuilder to run on bare metal and create isos
Spec of what is being discussed: http://ur1.ca/04w3
- Other use cases for vmbuilder? possibility to use vm builder to create ec2 images in the box lab (local cloud)
- Add an encrypted file system inside a virtual machine.
- Create a VM that includes a package list from a server currently running on metal.
vm Live migration policy
- Four dimensions to determine a move is needed: disk usage, network, memory, and processor.
- There's a libvirt function to migrate VMs.
- Need a framework to implement the policy to move a VM.
- libvirt also provides an API to gather information on the metrics.
- Need an outside service that VMs report to that determines when to migrate a VM.
- Determining a list of things to gather information on, then will determine what to do with them.
- For Jaunty getting linux-ha in main is a goal.
- Also integrating linux-ha with KVM.
Converting physical machines to virtual machines
- Two approaches: take the system offline then boot to another meda, and using some type of agent to migrate the system.
- Current question is how to migrate disk layout from a physical machine to a virtual one.
- System won't worry about the OS, and the assumption is that it will support the drivers in the VM.
- Develop a tool to create a "live hyporvisor" that will test the migration from physical to virtual.
- New motd may be more than 25 lines.
- Might be possible to use screen to allow for more lines.
- The problem with using screen is that it changes key bindings that users may not be used to.
- Will need to have a great section in the Server Guide for screen.
- Need a prototype of what the screen session will contain, and how to access it.
- Screen idea may be more of a job for a community member, but design should be reviewed by a UI expert.
- Next topic is using puppet for system configuration.
- Puppet can help install certain packages on a server depending on different configurable options such as hardware, role, etc.
- Need an easy way to create Puppet profiles, which configure services on the system.
- Puppet may be more work to configure than the advantages it offers.
- If Ubuntu can ship with multiple "generic" profiles it may be worth using, because it will decrease work for sites with large deployments.
- Puppet can also help with the configuration and management of sites with a large number of virtual machines.
* There is still time and effort involved when using any configuration management engine.
Configure RAID by default in Ubuntu
- RAID is not very user friendly to setup during the install process.
- LVM may be a better option to setup by default than RAID.
- There's an interest in automatically added new drives to a LVM volume.
- Better to do an fsck periodically than doing one at mount or boot time.
- mdadm can now do a weekly consistency check.
- Use LVM by default one for / and one for swap.
- 10:16:25 AM: If there is sufficient disk space don't fill the entire disk with the LV.
- Haven't created a separate /home because there's no good way to determine how big to make it, but with LVM that changes.
- Current question is how to name the VG to be unique, which allows the disk to be moved to another system and still work.
- The RAID+LVM question requires input from foundations and desktop teams.
- Getting back to the RAID by default discussion.
- RAID question needs to be further explored and some additional testing is required.
Encrypted Home Directory
- Encrypted home is based on the work done for the encrypted Private directory.
- The next step is to add encryption options to the installer for both server and desktop.
- ecryptfs is not designed to protect data from root user access.
- Graphical add users and groups utility still needs to be patched to offer encrypted home.
- Install questions should be geared to non-power users.
- The idea behind implementing encrypted /home is to make it very easy to use once setup.
- Migrating from encrypted Private to encrypted home is not really an option due to the issue of possible data loss.
- A possible issue with adding options to the installer is that users may not fully understand what they are getting into.
Encrypted Swap By Default
- If you are going to encrypt private or /home you need to also encrypt swap.
- Possible implementation would be to generate a random key on boot.
- Some non-scientific performance testing has been done, and no significant issues were found.
- With new hardware there should be no issues with performance.
- There has been no reported instances of data corruption in Intrepid using ecryptfs.
- May be possible to use some type of unionfs stack to migrate from encrypted Private to encrypted home.
- How do you retrieve data in a corporate environment from an employee who leaves the company.
- An upcoming patch will encrypt both data and file names.
- How does encrypted home work with samba, nfs, automount, etc?
- ecryptfs will mount on top of a network mount, and encrypt all data saved to the remote file system.
Use PAE kernel when hardware supports it
- Not all current hardware supports PAE.
- We may need a new kernel flavor to enable PAE.
- Kees will gather more information to find out the feasibility of adding PAE.
- Quick discussion on EC2 security and How to do updates on a VM in EC2.
- Adding PAE changes the kernel binary a lot.
- Augeas is pronounced Og-ee-as
- Augeas was created to change a configuration file in a programmatic way.
- Augeas is designed to handle configuration data in it's current place.
- Written in C to deal with files in the lowest level possible.
- Augeas "lenses" are part of a tree which consists of a label and value system.
- There are API bindings for most popular languages.
- Lenses need to be written for each configuration file that Augeas is intended to manipulate.
- There is a list in the Ubutu Wiki of needed lenses.
- May be a Mac port of Augeas in the future.
- The augeas tree is system dependent, due to the fact that the tree is based on the file system which varies between distros.
- Eucalyptus implements EC2's API, allowing you to have your own infrastructure as a service, or cloud environment.
- Need assistance packaging eucalyptus.
- Currently eucalyptus requires xen, but Ubuntu will need to use KVM.
- Originally distributed as a tarball in order to be distribution agnostic.
- Eucalyptus can be built with OpenJDK.
- Needs root access to access network, hpervisor, etc. Currently runs Apache as root, but that will change in the future.
- Eucalyptus and Amazon naming scheme is different, so no conflict will arise.
- No VM resource accounting system in place at the moment, but is on the road map for the future.
- The development team is working very hard on regression testing.
- Eucalyptus developers are not interested in answering the question of whether or not cloud computing is the same as grid computing.
- Should have a release candidate in a matter of days.
- We'll be getting access to the VCS soon as well.
- Can be used to prototype virtual machines for EC2, in some instances.
Kerberize Main (Clients)
Web based repository mirror manager
- Started Server Round Table, currently discussing easing the configuration of serial console.
- May be able to add a commented line in the /boot/grub/menu.lst file.
- The current eBox version is broken in Intrepid due to not being properly packaged.
- How to get community members involved with small tasks to get them familiar and comfortable with the people and tools.
- Create a list of triaged bugs/tasks that new community members can help with.
- Need to clean up the list of Server Team blueprints.l
- The Community Team will need to be involved with the blueprint cleanup.
Integrated Mail Stack
- Implement an integrated spam, virus, etc scanning system with normal SMTP email server (Postfix).
- The current issue is with configuring Dovecot from another package, or in a programmatic way.
- Should configure Dovecot to use maildir by default.
- Should Postfix be changed to use Dovecot as a MDA by default.
- There are performance and reduced complexity advantage of using Dovecot's LDA.
- By default postfix authentication will be tied to Dovecot, but this can be reconfigured easily by an admin.
- Some filtering features such as greylisting and rbl won't be on by default.
- But some options that postfix can do to filter spam, and they may be configured if it's determined that they won't drop legit messages.
- Could configure a quarantine "folder" for spam by default.
- Can implement a Greet Delay with postfix.
- Policy should be that protocol violations should cause a message to be rejected, but content violations will still allow the message through
/etc under revision control
- etckeeper is an application that will handle most of the version control aspects.
- One drawback of using etckeeper is that it doesn't expose all the nice features of bzr.
- Another option is to just use bzr natively to enable version control of /etc.
- The choice is between etckeeper, captainslog, or native bzr.
- Could integrate three way merge for dpkg using bzr... which would handle upgrading packages whose config has been changed.
- The goal for Jaunty will be to have /etc under version control, then other three-way merge, etc features can be added.
- Currently etckeeper with bzr has been working fine.
- etckeeper won't restore permissions to restored files.
- Forgetting to commit a change may be an issue, but can be solved by doing an auto-commit.
- etckeeper does preserve permission, it's when the bzr is used outside of etckeeper that permissions are not maintained.
- No one thinks version control of /etc is a bad idea, but there are still some implementation details.
EcryptFS graphical user interface for Jaunty desktop
- Some good work done with Python GTK for a GUI front end to the encrypted Private directory, but didn't get into Intrepid.
Jaunty Server Guide Updates
Doc section was short and the list can be found here: https://wiki.ubuntu.com/JauntyServerGuide
- Surprisingly few objections to the way Landscape client has been integrated into Ubuntu Server.
- Ubuntu system management service... implemented following the software as a service model.
- Landscape team is open to help with documenting the landscape protocol, and integrating with other tools.
- Working on supporting the EC2 API in Landscape.