UbuntuEasyBusinessServer

Revision 18 as of 2007-05-08 17:49:53

Clear message

Please check the status of this specification in Launchpad before editing it. If it is Approved, contact the Assignee or another knowledgeable person before making changes.

Summary

This spec describes Ubuntu's Easy Business Server, a configuration utility aimed at making it easy for non-technical businesses set up an Ubuntu based server for various things.

Rationale

The free software universe in general, and Ubuntu in particular, already provides most of the tools and infrastructure components needed to fulfill the needs of small businesses. What we need is good integration between these components and easy configuration.

The currently available solutions have various shortcomings. E.g. webmin is essentially a web enabled configuration file and does not provide a lot of help for the inexperienced user. The goal of this project is to provide something much more high level. For instance, insted of "setting up the server with lvm, creating a new logical volume, formatting it with xfs, sharing it via samba to an appropriate set of users, who btw are kept in LDAP", the user will just "Create a Sales group".

In short: UEBS should bring the ease-of-use from the Ubuntu desktop to the server world. (Just to preempt inevitable questions: this does not mean that the server will have the Ubuntu desktop interface installed, but it will provide some graphical means for configuring certain things.)

Use Cases

  • Mark runs a small business and has almost no computer experience. He doesn't want to store the documents he creates on the local PCs and laptops, because those have to be re-installed sometimes when they get viruses. He wants his documents to be safe, and know that everything is backed up as well. So Mark wants a new server but to utilise his existing network infrastructure.
  • Alan has a small business which needs a backend storage for office files. He needs a simple interface to setup and configure the new server he has bought.
  • Soren has been running this software for a year in his small business. He's now grown up and wants to use the user database for authentication on his network. He'd like to be able just set up the clients and ready to go. His guru friends say he should be using interoperable standards like ldap and kerberos. Soren (being a sensible man) agrees.
  • John is a Sysadmin with experience in other Microsoft-Branded OSes. He expects that Ubuntu Easy Bussiness Server brings similar features 'out-of-the-box' as Microsoft-branded OSes. He expects a simple way to connect remotely to the server configured out-of-the-box (VNC will be fine).

Scope

  • Initial setup (IP address (range), company name, etc)
  • File server
    • Sharing of files
    • Limitation of access to files
    • User based access
  • Print server
  • Easy/simple "incremental" (+ hardlinks) backup to an attached USB disk (+ unmounting + "it's no(w|t) safe to remove your backup disk" things).

For the Google Summer of Code project, "only" the above will be prioritised. Note: The scope was changed after discussion at UDS-Sevilla.

For each of these tasks, a set of configuration files will be created based on best practices and a simple interface for setting them up will be provided.

Ultimately, the following services will be included, too:

  • Groupware
    • Mail server (internal and external)
      • Multiple domains
      • Aliases
      • vacation integration
    • Calendar server
      • Sharing of free/busy schedule
    • Contact Management (Added by gQuigs 2007-3-15)
      • Optional: Storing telephone call information
    • Jabber or IRC server
  • Infrastructure
    • DHCP
    • DNS
    • Time
    • Firewall/Internet gateway
    • VPN
  • User management
    • Linux
    • Windows
  • Backup
    • Configuration
    • Files

Design

The single most important keyword is simplicity.

The goal is to provide a file and print server that will blow the users away. On the path to file and print nirvana we also find network configuration and user/group management.

The interface will be web based and some means of accessing it on the machine's console will be provided.

The user will be asked to describe his network using a set of widgets that he can connect with lines. Based on the resulting diagram, we'll be generating a sensible network configuration.

In doing user management the user (of the admin tool) will be encouraged to group people by function or department. E.g. when creating a new user, a list of commonly used groups will be shown and we'll ask if the user does any of these things or logically belongs in any of these deparments. This is done to ease the enivetable transition in a growing company from having e.g. a sales person to having a sales department which in many cases means that the previous sales person, Bob, now has to share a set of his files on the server with someone else and he does this by giving said user access to a certain subtree of his home directory. As the

Each user and group will automatically be assigned a shared storage space on the server as well as given access to a storage space shared among all users.

Printer sharing should include autodetection of any sort of newly available printer (USB, Zeroconf, etc.).

The scope of the project as been narrowed down to a file/print server. These two services, however, should be top-of-the-pops, all-bling, no-fuss magic.

Implementation

Installation:

  • Either its own CD or a prominently displayed install option on the existing server CD
  • Based on the alternate installer (live-cd settings does not really make sense, I think), although network configuration will be preseeded to local-only (unless we can think of something that works in every kind of environment describable by our graphical network config thing)
  • On completed installation (and any subsequent boot), an X-server will be fired up (no desktop!) with a fullscreen web browser (kiosk mode, probably) pointed at the configuration interface.

Discussion points:

  • Having X on something called a server is bound cause a stir.
    • Is it justifiable?
    • Can we work around it somehow? (The problem being mostly the inital network configuration)

Network configuration:

  • Basic building blocks:
    • Internet
    • This machine
    • Clients
    • Anything else?
    • Existing AJAXy magic stuff for this?
  • When saving a new configuration and it has been put into effect, the user should (within a reasonable timeframe) confirm that everything is still working as expected. If not, reset the network configuration to last known working configuration.

User management:

  • LDAP/Kerberos
    • Rationale: If the environment grows up, they'll have a sensible authentication framework in place already.
  • When creating new users, a list of common groups will be shown suggesting to create them and add the new user to them.
    • This is to help the admin create a sensible user/group scheme right from the start rather than have to migrate to it later.

File sharing

  • All of:
    • Samba
    • http (webdav)
    • ftp
    • anything else?
  • Backup
    • most likely use case is an external harddrive, I think. Agreed?
    • rsync?
    • BackupPC?

  • Everything should be announced via ZeroConf for easy access

  • Outstanding issues: locking?

Printer sharing

  • Make the cups server share them via the network (allows cups clients to see them easily)
  • Announce via zeroconf
  • Questions:
    • Which of our existing means of configuring printers can be easily used for this? (Directly or by porting certain bits of it)

Implementation language and platform:

  • Nevow
    • since it's in main already
  • Other things to either base it on or steal from:
    • Conga
    • Please add other things

Screenshots

These screenshots predate the discussion at UDS. Expect major changes! I imagine it will look something like this (these are just mock ups): http://linux2go.dk/uebs-scrshots/mail.png http://linux2go.dk/uebs-scrshots/user.png http://linux2go.dk/uebs-scrshots/users.png http://linux2go.dk/uebs-scrshots/network.png

Data preservation and migration

Unresolved issues

BoF agenda and discussion

Comments

Comment by ArtCancro on 2007-03-15: may I suggest Citadel [http://www.citadel.org] as the groupware component? It would save an awful lot of work because it's got all of the mail and calendar stuff built in.

Comment by PaulKishimoto on 2007-03-20: I added UbuntuServerTasks and AdministerServerViaWebInterface to the related specs list. The former has already been approved, and the creator seems to know something about tasksel, which sounds like it would be useful.

Comment by SorenHansen on 2007-03-20: UbuntuServerTasks (and tasksel) is not quite what I'm after. Those tasks are simply a collection of existing packages. E.g. a web server task would just install apache and a number of interpreters. This spec is more about configuration. AdministerServerViaWebInterface on the other hand looks very similar to this. Interesting.

Comment by PaulKishimoto on 2007-03-22: I'm not a packaging expert, but I suspect .deb install scripts for different groupware packages may interact with each other and modify configuration files. I imagined a use case where Bob installs Ubuntu Server from a CD, chooses certain tasks (ie. package sets), adds the "uebs" package, and then points a web browser at the new server. Several of the tasks in UbuntuServerTasks install the groupware UEBS would configure, so instead of depending on packages directly it could recognizes and enable modules for only those packages which are installed.

I also should have mentioned two blog posts by Herman Bos from Planet Ubuntu: http://dev.osso.nl/herman/blog/2006/12/27/management-framework-2/ and http://dev.osso.nl/herman/blog/2007/01/31/ambition-readjustment/. I'm not sure what you had planned, a client-server model would make it possible to use either the web client or develop a PyGTK client to run on an administrator's desktop. He might have some helpful thoughts on this.

Comment by SorenHansen on 2007-03-22: Yes, postinst scripts might change configurations and whatnot, but that will not be a problem here. When installing uebs, it will "take over" the proper configuration files. Besides, the configuration file handling outlined should mitigate any problems that might arise from other things (possibly a human) changing the configuration files. UEBS will also be modular in nature, so if someone doesn't want certain bits managed, he will just not install the corresponding module. Only when used as an install option (the common use case, I suspect) will all modules be enabled by default. I've also seen Heman Bos' blog posts, but as far as I can tell, we're solving different problems here. That said, there might very well be basis for some cooperation along the way. By the way: Please don't just insert extra spaces here and there unless there's a reason. It's a pain to go through the diffs and try to figure out what was changed. Smile :-)

Comment by EdwardMurrell on 2007-04-13: Have you considered using Kerberos for authentication? NFSv4 practically requires it, and it would mean that you get automagic secure authentication. If you're already implementing DNS and NTP, then you're halfway there. If you need some help on intergrating it with LDAP, I can feed you the work I've done to get it going here.

Comment by SorenHansen on 2007-04-13: This has turned into a Summer of Code project for me. My main focus is going to be on getting the framework together and building all the groupware-like plugins. The target group for this is mostly the not-so-technical bunch of people who want to use Ubuntu as a server, and I think Kerberos is a bit out of scope for them. Nevertheless, there's nothing per se wrong with having a Kerberos plugin available. I can ping you when the plugin API starts to stabilize, then maybe you can work on the plugin your self. Thanks for your input

Please also add jabber and wiki, as both authenticate off of ldap this should be reasonable, also another great addition would be dyndns, though that's a little pie in the sky. ~~~

CategorySpec