Society of Sysadmins

The Society of Sysadmins is the group of system administrators that is supported by CNMCyber. Its development occurs under the Sysadmins for CNM Cloud project.

Topics

We tried to implement WSO2 IS for our identity service management, but got stuck -- are you familiar with that piece of software? If so, we use LDAP now -- may we keep LDAP while using WSO2 IS?
Nenad: i've worked with some WSO2, but i don't think for your use case. LDAP or AD in Zentyal,whatever you're comfortable with.

We will use Cloudflare for our Wordpress applications. However, we would like to consider our own implementation of CDN and Geocast for our cluster built on VPS distributed to different regions -- do you have any recommendations?
Nenad: No, usually cloudflare if i'm not mistaken.

We stopped using our instance of Jitsi video conferencing after having some troubles -- what would you recommend?
Nenad: Jitsi is open source, usually zoom for paying customers. I don't know why is jitsi working so bad. Maybe WebRTC ?

How well do you know IPv6? Particularly, using it with vSwitch since IPv6 is drastically more affordable.
Nenad: I know ipv6,but i'm not using it really on a daily basis.

Many of our applications have their own mail features. May we centralize? Further, our users need to get notifications from particular applications, but, because of security issues, we don't want to supply those applications with users' email addresses. May we set up a system in which the applications would send messages to the central mail server and it would be sending those to users?
Nenad: I don't understand this very well, we can talk about it.

Are you familiar with MariaDB HA tools such as MaxScale? Currently, we use Galera. How may we move to HA?
Nenad: Used galera and percona, i am usually using postgres for bigger apps.

We are organizing a meetup group for Ukrainian system administrators. Do you have good examples of such groups?
Nenad: If you are talking about physical then no.

We consider substituting the third server with a higher-space-harddisk one in order to use that third server in other projects and experiments.

We will need to set up a HA cluster on distributed VPS (they are on Contabo, one is in Germany, two are in the US), if it is possible, using HAProxy? Is this where we need SDN -- software defined networks that one suggested? or VPN? Back to networks, are you familiar with Microtik? Do we need it? Where should we start?
Nenad: Yes, i use mikrotik routers and switches, you don;t need it for this ,only usually for remote locations. You can use SDN or VPN which is simpler.

We plan to create VMs for our users automatically according some VM images. How would you recommend implementing that task?
Nenad: In proxmox there is an API for automating, and usually you can use ansible and terraform, but i don't have enough experience with terraform, only basic.
Joseph: Ansible would most likely be a very straight forward method, I guess it just depends on how and why you'd like the VM's created. For example, are you hoping to automate creation whenever a new user creates an account on a third party service - or would you like initiate VM creation manually?