Difference between revisions of "CNM Bureau Farm"
(→Features) |
|||
Line 3: | Line 3: | ||
==Features== | ==Features== | ||
+ | Networks | ||
+ | current cluster uses 3 IP for their communication channel. | ||
+ | # ipv4 public for network cluster communication. | ||
+ | # ipv6 for network cluster communication | ||
+ | # ipv4 internal for storage network cluster. | ||
+ | |||
===DNS entry point=== | ===DNS entry point=== | ||
: [[load balancer]] on a public web address | : [[load balancer]] on a public web address |
Revision as of 00:48, 23 July 2023
CNM Bureau Farm (formerly known as CNM EndUser Farm; hereinafter, the Farm) is the CNM farm that is based on bare-metal servers. This Farm also utilizes a portion of one bare-metal server that belongs to the CNM Lab Farm. The issues to work on may include (a) security outside of iptables, (b) adding NAS, as well as advanced backup and recovery systems, and (c) advanced monitoring systems.
Contents
Features
Networks current cluster uses 3 IP for their communication channel.
- ipv4 public for network cluster communication.
- ipv6 for network cluster communication
- ipv4 internal for storage network cluster.
DNS entry point
- load balancer on a public web address
Syncronization
- synchronization of resources of common individual nodes, at least databases.
Monitoring
Security
- iptables as a firewall
- For security, we use Fail2ban because it operates by monitoring log files (e.g. /var/log/auth.log, /var/log/apache/access.log, etc.) for selected entries and running scripts based on them. Most commonly this is used to block selected IP addresses that may belong to hosts that are trying to breach the system's security. It can ban any host IP address that makes too many login attempts or performs any other unwanted action within a time frame defined by the administrator. Includes support for both IPv4 and IPv6.
Backup and recovery
Development
Development of the Farm occurs under the Administration for CNM Farms project.