Server

Revision 1 as of 2009-01-05 18:55:53

Clear message

Server

  • On freenode join #ubuntu-server summit

Enable PIE by default on 64bit architectures

  • A gobby document was created for the spec, jaunty-server-pie
  • Schedule changed: Likewise-open instead of lvm-crypt.
  • Disable pie by default on 32 bit arch, noticeable slow-down
  • PIE on 64-bit has no problems
  • What works right now in Ubuntu? Running and backtracing core
  • Fix gdb PIE and existing compiler tests that do not work and move on
  • Do we need benchmarks? Compare bootspeed (python boot benchmarks)
  • Phronix does distro compare boot benchmarks
  • Getting a backtrace from a running PIE process must work
  • Phoronix for testing, perhaps? - phoronix-test-suite
  • Are .a files shipping with -dev packages still? Has Debian Policy changed?
  • More of a goal for jaunty +1
  • Work on rebuilding the archive over Christmas
  • http://ur1.ca/02pz

  • For server team pie roadmap
  • Build a package with my ppa cflags + pie
  • debian.org/hardening for more hardening information
  • There is no impact on desktops
  • Get benchmarks from every time? How does pie affect your part of the ubuntu stack?
  • Fix multiarch spec for 64bit compiler building 32bit targets
  • Benchmark for open-jdk with pie enabled
  • The best benchmark for the dev stuff would be to run a test suite
  • What about third parties? shouldn't affect kernel drivers and shipped third party apps
  • How much additional security does PIE give you?
  • Spec page:http://ur1.ca/02qy

  • Time for spec ending for PIE by Default
  • Why shouldn't Ubuntu Server be the first distro to have PIE by default... we should!
  • For Jaunty determine a list of things needed for default PIE.

Jaunty Security Defaults

  • sha512 by default is done
  • Jaunty tries to reduce the number of places it needs to be set /etc/login.defs is the One True Place for it
  • What about LDAP migrations from sha512 to LDAP?
  • Caller of crypt() needs to be able to use the right salt for sha512
  • LDAP clients with glibc that doesn't know about sha512 may have issues (pre Hardy?)
  • TODO: a migration PAM module that updates existing hashes to sha512 (jaunty+1)
  • syn flood protection
  • Very conflicting data on this and should probably wait for some form of "sign off"
  • Elmo says Fedora enabled it and Dave Miller went bananas and he has never seen this attack in use - not providing any protection for additional risk
  • Add UFW option to installer.
  • Need a GUI for ufw before it is enabled by default on Desktops.
  • Install a service and the service starts, install apache and then apache starts
  • Default to open ports be default (with debconf option to not enable this)
  • UFW dynamic listening detection is on the todo list.
  • Firewall on by default on server?
  • Make sure that upgrades don't re enable the port
  • Need to cover all of main services before the default is active?

AppArmor

  • New Profiles
    • Squid
    • Dovecot
  • apparmor for dhclient and for squid: lots of things, pretty scary, hard pressed to do a config that wouldn't break people
  • Get notification daemon working by default

Default LDAP DIT for user and group management

  • Determine Directory Information Tree for LDAP:
    • users -- uidNumber
    • groups -- gidNumber
  • Service Node: Apache, Mail
  • MIT is the default kereberos implementation in main
  • Question: Make it FreeIPA compatible
  • Mandrivav proposed tree: http://ur1.ca/030n

  • A directory should start with a sane DIT.
  • Base the DIT on rfc2307: http://ur1.ca/030r

  • May follow rfc2307 http://ur1.ca/030r

  • The success of your directory hinges on the management tools.
  • Which is the best schema to load by default?
    • qmail is perhaps the best mail schema
    • default scheme: cosine, inetOrgPerson, Samba, qmail, core

Likewise 5 (AD authentication)

  • Likewise-open and jaunty... likewise-open is now at version 5 and its development process is now more open, using git.
  • Is it possible to use likewise-open's sandboxed libraries?
  • There are only a few open bugs in likewise-open-5.0
  • Discussing if the AD domain admin should have sudo access on the Ubuntu machine that joined the domain.

Suspend and Hibernate Support for the Ubuntu Server (Green Computing)

  • Server Suspend: it's about creating an "eelastic cloud"
  • Help the Green Computing initiative by lowering server power consumption in the datacenter.
  • Use case of using hibernate to save the state of a machine while booting into another OS.
  • At some point powering down systems can save a large amount of $$ for some businesses.
  • Use case for suspend: adjust resources based on work load, suspend allows adding more resources quickly.
  • Can use wakeonlan to resume systems from suspend or hibernate.
  • Green Cloud, move virtual machines between larger systems to dynamically support demand.
  • There may not be any gain in using suspend/hibernate in a VM, because most virtual solutions already contain a snapshot feature.
  • Hibernate/suspend won't be a solution for all servers.
  • There's no way to determine by looking at a machine if it has the ability to respond to wakeonlan
  • Develop initramfs, udev rules, etc in order for the resume to work properly.
  • Getting server hardware support for suspend/resume may not be as large a job as it was for laptop hardware
  • Ultimate Goal: fill the suspend/resume gap between laptop, server hardware, and virtual machines.
  • Use case is that the cache is hot, so there's a perceived benefit by suspending that primed cache, rather rebooting with a cold cache
  • Make current tools ipmi, wakeonlan, etc work out of the box.

Growing the server community

  • How to improve coverage of the Ubuntu Server community.
  • Change from one big block post to multiple smaller posts
  • use the post in future in wordpress
  • blog post is summary of ubuntu server team meeting, more of a minutes section for those that cannot attend
  • New categories for the server blog
  • Blog outreach: outside the Ubuntu community (ex: most popular post: ruby).
  • Create trackbacks from the server blog to the persons blog who is blogging about new development
  • Use/goal of the team report. how-to get more information from the community members for the report
  • 'Server community' is wide description; we should, maybe, split to groups, where each group would be doing some oriented task; ..
  • New packages to the archive announced to the archive
  • Create an archive report based on server team member activity
  • That way new people would know where to start when they want to approach ubuntu server community
  • After uds blog about the specs that were discussed
  • Close to release there is less things to blog about
  • QA tracker/iso tracking -- is this being tracked?
  • Call for testing category.
  • Jorge to find a Bridge Person between Ubuntu Server and the Ubuntu Forums.
  • Good example of forums use is vm builder
  • Need some type of identifier for the forums.
  • Flag people in ubuntu forums as a member of core-dev, Canonical employee, etc
  • Create a special ubuntu server team rank
  • Not to create a ubuntu developer rank
  • Contact technoviking on the forums
  • Find ways to reach out beyond the Ubuntu community to other developer communities.
  • Push blog posts to upstream blog planets
  • Goals for team report, Jorge to track this down
  • Is openweek/developer week helping out?
  • Running a session but not seeing a spike after that in membership of the team
  • Ubuntu server team is the only team that doesnt have a separate -devel channel
  • -devel discussion moving to ubuntu-devel
  • Building a community is not about building an irc channel but building a community
  • irc has exlusivity
  • Developers will follow the users.
  • The Ubuntu Server community may not be known to a large number of users.
  • Don't have a good way of showing consumers to contrib, nothing shows up in ubuntu weekly news on ubuntu server team
  • Use technical information to make blog posts more attractive.
  • Ubuntu switching to qmail?
    • I don't get the context of this entry, yikes! -- jorge 2009-01-05 19:51:53

  • Age demographic is important to determine the Ubuntu Server audience.
  • What is being replaced by ubuntu server: ie is windows being replaced by ubuntu server or is solaris being replaced by ubuntu, etc
  • LISA '09 November 1­6, 2009 Baltimore, MD

lsb-compliance

  • Ted T'so is starting his session.
  • Full lsb needs some graphical libraries
  • A profile for systems with no X may be created.
  • LSB is important for end user's and ISVs.
  • LSB may allow ISVs to build applications on bleeding edge distros and they will work with older distro versions as well.
  • Will LSB support non-rpm based distros.
  • LSB no longer requires rpm. It actually requires alien that requires rpm
  • Registering files outside the package manager probably won't work with Ubuntu due to the dist-upgrade process.
  • Package namespace is an issue between distros, LSB has a mechanism to handle it, but isn't being followed by distros.
  • Need help writing LSB tests.
  • Past Ubuntu versions have been tested for LSB compliance.
  • There's an error found by LSB due to relro compile flag.
  • Question: has LSB thought about having a standard for Web configuration applications.
  • Current LSB team doesn't have the expertise to develop a Web interface standard.
  • LSB looks at what distros are doing and decides on a standard.

Server Bugs

  • Starting server bugs session.
  • Are there any issues using LP in the work flow?
  • Is there a way to "rate" bug comments, to only view relevant comments.
  • Have the ability to create a bug from a comment that is a different bug from the original.
  • New feature will be able to mute bug mail, but will still allow subscription.
  • Use the API to find bugs that a team is subscribed to.
  • Have documentation available to help setup environment available when mentoring someone on a bug.
  • Can set bug filing guide lines per package.
  • Guidelines are better from a user perspective than templates may be.
  • If a specific set of data is needed for a bug, a script or instructions can be included with the package and recommended in the guidelines.
  • In LP 3.0 the ability to close a bug for multiple Ubuntu releases will be available.
  • Make it easier to file bugs upstream when upstream doesn't use LP.
  • It would be good to be able to see a LP bug list and an upstream bug list side by side.
  • A good feature would be good to see a list of bugs assigned to a team.
  • Sort on generic columns.
  • Link a bug to a PPA, would be a great feature. The feature is also on the LP todo list.

Improved Power Management

  • Time for Improved Power Management session.
  • Nut has power management ability, through communicating to UPSs.
  • May be room to add Nut functionality to Landscape.
  • Would be nice to be able to limit a server's power usage based on load.
  • Power management can improve HA functionality, by allowing one machine to power off another so that the state of the machine can be known.

Server Roundtable

  • Starting server roundtable, followed by cloud computing.
  • Finished introductions for everyone and starting the roundtable
  • Today is cloud computing day, lots of discussions, hopefully breaking the cloud computing day with other sessions, but goal is the cloud
  • auegos disussion, project done by red hat that is an ipi for extracting configuration files
  • Focus has been to work on integration into ubuntu, creation of lenses, etc
  • augeas augeas.net
  • How do I manage centrally ubuntu server: currently we have to manage each application individually plus each server application
  • Community would like a small to medium business server with a nice gui/web front end.
  • Goal is standardize on a community application that doesn't exist
  • Configuration management discussion currently happening
  • Two different types of customers when you get involved with it, hundreds of boxes for the enterprise and small community size server
  • Programmatic access to configuration is necessary before any gui is placed on top.
  • Need to solve both programmatic configuration issue and remote management issue with the same tools.

Ubuntu cloud strategy

  • Blueprint ofr cloud computing: http://ur1.ca/04rf

  • Soren defining what cloud computing is and how it is implemented
  • Amazon's service is what most people think of when they think of cloud computing
  • Cloud Computing: An outsourcing of computational resources to the Internet.
  • Eucalyptus: http://ur1.ca/04rk

  • Cloud in the box: a local cloud, inside the data center
  • Cloud computing is a very "cloudy" term
  • Cloud computing at he hardware layer is hypervisor plus os
  • Framework is the service provided on top of the hardware layer
  • Taking existing applications moving to the cloud layer without having to re writing them
  • Azure and google app enginer are framework
  • More information on auzre: http://ur1.ca/04rp which is the windows cloud framework

  • Managing virtual machine problems: need to easily deploy similar virtual machines and also need the ability to scale
  • Now on the white board he is drawing a nice fluffy cloud with VMs in it
  • Need management interface to Live Migrate virtual machines to other physical machines in the cloud.
  • Linux high availabitly is a framework that can manage this
  • We need a management interface to control the Live Migration of virtual machines between nodes in the cloud.
  • Eucalyptus provides an EC2 like experience.
  • Linux ha has some scalability issues, when you get into the hundreds of servers
  • Q: is Linux ha integrated into libvirt? A: no, works at a higher level then libvrt
  • Q: Is Linux HA what was in mind A: not really, more trying to figure out what we would like to do and then look into solutions
  • Q: Could Eucalyptus be integrated from unstructured clouds to more structured clouds a: don't think mutually exclusive
  • HA has a policy based framework to determine where virtual machines can be placed based on load, state, etc.
  • Real push to have an ec2 system in place
  • sabdfl do not want to introduce another framework, pick something that is consolidating efforts on what will be the defacto standard
  • sadfl: 5 commands to have a cloud computer that should be our goal for 9.04
  • sabdfl: 5 commands: create a cloud, create a group, create a node, associate a node, associate a node to a group
  • For amazon ec2 need official support and official backing
  • Some run hardy some run intrepid
  • People prototype on ec2, not are in a hardware business
  • Place an apt mirror in S3 for updates to systems on EC2.
  • Create an apt mirror on S3 for updating EC2 systems.

Identity management and network authentication in Hardy

  • Starting Identity Management session.
  • Need a solution to provide logon if the directory is unavailable.
  • A long running daemon needs to know the state of the directory.
  • nss-ldap should know the state of the directory.
  • If the directory is unavailable it should fail quickly and allow local logon.
  • The google thing: http://ur1.ca/04ut

  • Use the lsass module from likewise-open to cache nss information.
  • lsass makes assumptions about AD, and may not work well with slapd.
  • May be able to use lsass from likewise-open to cache nss information, but lsass is primailry for AD not slapd.
  • [nss_updatedb] http://ur1.ca/04ux

  • One solution may be to use a local slapd containing information from the network directory.

Local caching slapd

  • only listens on unix socket
  • keeps an updated cache with syncrepl overlay
  • /etc/ldap/ldap.conf reconfigured to connect that per ldapi://
  • (possibly ?) magic to determine if master is reachable
  • pam_ccreds can cache tickets even when server not available
  • How can you stay connected to a samba server ?
  • The Kerberos model depends on KDC being available.
  • Some users may be hesitant to run a slapd service on each client.

VMbuilder should support the creation of iso and usb as well

  • starting vm-builder disuccsuion
  • Use vmbuilder to create ISOs and USB installs.
  • Dropped ubuntu name off vm-builder to allow for other distributions to use
  • The old version of ubuntu-vm-builder was a shell script, now written in python and designed to be used as a library
  • Vmbuilder to run on bare metal and create isos
  • Spec of what is being discussed: http://ur1.ca/04w3

  • Other use cases for vmbuilder? possibility to use vm builder to create ec2 images in the box lab (local cloud)
  • Add an encrypted file system inside a virtual machine.
  • Create a VM that includes a package list from a server currently running on metal.

vm Live migration policy

  • Four dimensions to determine a move is needed: disk usage, network, memory, and processor.
  • There's a libvirt function to migrate VMs.
  • Need a framework to implement the policy to move a VM.
  • libvirt also provides an API to gather information on the metrics.
  • Need an outside service that VMs report to that determines when to migrate a VM.
  • Determining a list of things to gather information on, then will determine what to do with them.
  • For Jaunty getting linux-ha in main is a goal.
  • Also integrating linux-ha with KVM.

Converting physical machines to virtual machines

  • Two approaches: take the system offline then boot to another meda, and using some type of agent to migrate the system.
  • Current question is how to migrate disk layout from a physical machine to a virtual one.
  • System won't worry about the OS, and the assumption is that it will support the drivers in the VM.
  • Develop a tool to create a "live hyporvisor" that will test the migration from physical to virtual.

Server Roundtable

  • New motd may be more than 25 lines.
  • Might be possible to use screen to allow for more lines.
  • The problem with using screen is that it changes key bindings that users may not be used to.
  • Will need to have a great section in the Server Guide for screen.
  • Need a prototype of what the screen session will contain, and how to access it.
  • Screen idea may be more of a job for a community member, but design should be reviewed by a UI expert.
  • Next topic is using puppet for system configuration.
  • Puppet can help install certain packages on a server depending on different configurable options such as hardware, role, etc.
  • Need an easy way to create Puppet profiles, which configure services on the system.
  • Puppet may be more work to configure than the advantages it offers.
  • If Ubuntu can ship with multiple "generic" profiles it may be worth using, because it will decrease work for sites with large deployments.
  • Puppet can also help with the configuration and management of sites with a large number of virtual machines.

* There is still time and effort involved when using any configuration management engine.

Configure RAID by default in Ubuntu

  • RAID is not very user friendly to setup during the install process.
  • LVM may be a better option to setup by default than RAID.
  • There's an interest in automatically added new drives to a LVM volume.
  • Better to do an fsck periodically than doing one at mount or boot time.
  • mdadm can now do a weekly consistency check.
  • Use LVM by default one for / and one for swap.
  • 10:16:25 AM: If there is sufficient disk space don't fill the entire disk with the LV.
  • Haven't created a separate /home because there's no good way to determine how big to make it, but with LVM that changes.
  • Current question is how to name the VG to be unique, which allows the disk to be moved to another system and still work.
  • The RAID+LVM question requires input from foundations and desktop teams.
  • Getting back to the RAID by default discussion.
  • RAID question needs to be further explored and some additional testing is required.

Encrypted Home Directory

  • Encrypted home is based on the work done for the encrypted Private directory.
  • The next step is to add encryption options to the installer for both server and desktop.
  • ecryptfs is not designed to protect data from root user access.
  • Graphical add users and groups utility still needs to be patched to offer encrypted home.
  • Install questions should be geared to non-power users.
  • The idea behind implementing encrypted /home is to make it very easy to use once setup.
  • Migrating from encrypted Private to encrypted home is not really an option due to the issue of possible data loss.
  • A possible issue with adding options to the installer is that users may not fully understand what they are getting into.

Encrypted Swap By Default

  • If you are going to encrypt private or /home you need to also encrypt swap.
  • Possible implementation would be to generate a random key on boot.
  • Some non-scientific performance testing has been done, and no significant issues were found.
  • With new hardware there should be no issues with performance.
  • There has been no reported instances of data corruption in Intrepid using ecryptfs.
  • May be possible to use some type of unionfs stack to migrate from encrypted Private to encrypted home.
  • How do you retrieve data in a corporate environment from an employee who leaves the company.
  • An upcoming patch will encrypt both data and file names.
  • How does encrypted home work with samba, nfs, automount, etc?
  • ecryptfs will mount on top of a network mount, and encrypt all data saved to the remote file system.

Use PAE kernel when hardware supports it

  • Not all current hardware supports PAE.
  • We may need a new kernel flavor to enable PAE.
  • Kees will gather more information to find out the feasibility of adding PAE.
  • Quick discussion on EC2 security and How to do updates on a VM in EC2.
  • Adding PAE changes the kernel binary a lot.

Augeas Integration

  • Augeas is pronounced Og-ee-as
  • Augeas was created to change a configuration file in a programmatic way.
  • Augeas is designed to handle configuration data in it's current place.
  • Written in C to deal with files in the lowest level possible.
  • Augeas "lenses" are part of a tree which consists of a label and value system.
  • There are API bindings for most popular languages.
  • Lenses need to be written for each configuration file that Augeas is intended to manipulate.
  • There is a list in the Ubutu Wiki of needed lenses.
  • May be a Mac port of Augeas in the future.
  • The augeas tree is system dependent, due to the fact that the tree is based on the file system which varies between distros.

Eucalyptus integration

  • Eucalyptus implements EC2's API, allowing you to have your own infrastructure as a service, or cloud environment.
  • Need assistance packaging eucalyptus.
  • Currently eucalyptus requires xen, but Ubuntu will need to use KVM.
  • Originally distributed as a tarball in order to be distribution agnostic.
  • Eucalyptus can be built with OpenJDK.
  • Needs root access to access network, hpervisor, etc. Currently runs Apache as root, but that will change in the future.
  • Eucalyptus and Amazon naming scheme is different, so no conflict will arise.
  • No VM resource accounting system in place at the moment, but is on the road map for the future.
  • The development team is working very hard on regression testing.
  • Eucalyptus developers are not interested in answering the question of whether or not cloud computing is the same as grid computing.
  • Should have a release candidate in a matter of days.
  • We'll be getting access to the VCS soon as well.
  • Can be used to prototype virtual machines for EC2, in some instances.

Kerberize Main (Clients)

Web based repository mirror manager

Server Roundtable

  • Started Server Round Table, currently discussing easing the configuration of serial console.
  • May be able to add a commented line in the /boot/grub/menu.lst file.
  • The current eBox version is broken in Intrepid due to not being properly packaged.
  • How to get community members involved with small tasks to get them familiar and comfortable with the people and tools.
  • Create a list of triaged bugs/tasks that new community members can help with.
  • Need to clean up the list of Server Team blueprints.l
  • The Community Team will need to be involved with the blueprint cleanup.

Integrated Mail Stack

  • Implement an integrated spam, virus, etc scanning system with normal SMTP email server (Postfix).
  • The current issue is with configuring Dovecot from another package, or in a programmatic way.
  • Should configure Dovecot to use maildir by default.
  • Should Postfix be changed to use Dovecot as a MDA by default.
  • There are performance and reduced complexity advantage of using Dovecot's LDA.
  • By default postfix authentication will be tied to Dovecot, but this can be reconfigured easily by an admin.
  • Some filtering features such as greylisting and rbl won't be on by default.
  • But some options that postfix can do to filter spam, and they may be configured if it's determined that they won't drop legit messages.
  • Could configure a quarantine "folder" for spam by default.
  • Can implement a Greet Delay with postfix.
  • Policy should be that protocol violations should cause a message to be rejected, but content violations will still allow the message through

/etc under revision control

  • etckeeper is an application that will handle most of the version control aspects.
  • One drawback of using etckeeper is that it doesn't expose all the nice features of bzr.
  • Another option is to just use bzr natively to enable version control of /etc.
  • The choice is between etckeeper, captainslog, or native bzr.
  • Could integrate three way merge for dpkg using bzr... which would handle upgrading packages whose config has been changed.
  • The goal for Jaunty will be to have /etc under version control, then other three-way merge, etc features can be added.
  • Currently etckeeper with bzr has been working fine.
  • etckeeper won't restore permissions to restored files.
  • Forgetting to commit a change may be an issue, but can be solved by doing an auto-commit.
  • etckeeper does preserve permission, it's when the bzr is used outside of etckeeper that permissions are not maintained.
  • No one thinks version control of /etc is a bad idea, but there are still some implementation details.

EcryptFS graphical user interface for Jaunty desktop

  • Some good work done with Python GTK for a GUI front end to the encrypted Private directory, but didn't get into Intrepid.

Jaunty Server Guide Updates

landscape-client integration

  • Surprisingly few objections to the way Landscape client has been integrated into Ubuntu Server.
  • Ubuntu system management service... implemented following the software as a service model.
  • Landscape team is open to help with documenting the landscape protocol, and integrating with other tools.
  • Working on supporting the EC2 API in Landscape.