Difference between revisions of "Educaship Proxmox"

From CNM Wiki
Jump to: navigation, search
(Double Objective)
Line 1: Line 1:
[[Educaship Proxmox]] (hereinafter, [[#The VEs]]) is the [[ProxmoxVE]] instances and supporting software packages that are used at [[CNM Farms]].
+
[[Educaship Proxmox]] (hereinafter, [[#The VEs]]) is the combination of [[ProxmoxVE]] instances, supporting software packages, and the complete documentation that are used at [[CNM Farms]].
  
  

Revision as of 20:27, 16 April 2024

Educaship Proxmox (hereinafter, #The VEs) is the combination of ProxmoxVE instances, supporting software packages, and the complete documentation that are used at CNM Farms.


Double Objective

#The VEs shall serve two equally-important objectives. It shall be both (a) the #Functional Platform and (b) #Learning Resource.

Functional Platform

#The VEs shall support functionality of Opplet, which is the technology where the end-users are served.

Learning Resource

#The VEs shall be a collection of learning resources for those customers who would like to learn and have a work-alike practice. Specifically, that means that #The VEs shall be:
  1. Fully documented at the CNM Lab for those students who have a work-alike practice.
  2. Documented without security-sensitive details at the CNMCyber.com for those students who would like to learn about #The VEs.

Instances

Currently, #The VEs consists of two instances, #Federated VE and #Peripheral VE. #We will consider #Adding More VEs when such a need emerges.

Federated VE

The federated part of #The VEs is called CNM Bureau Farm and is based on three metal servers of Bureau Infrastructure. It utilizes ha-manager and Ceph storage.

Peripheral VE

The peripheral part of #The VEs is called CNM Lab Farm and is based on one metal server of Lab Infrastructure.

Adding More VEs

When #We need more resources, #We plan to add more instances similar to #Peripheral VE to the #Federated VE.

Projects

Jitsi functionality

Jitsi software is selected to be used for webconferencing. Currently, we use some instance outside of #The VEs because of challenges as follows. We have multiple Jitsi installations, one of which is in Docker. In this installation, there is no sound at all. Also, when updating Docker, a conference is not created.

Openness to the world

To utilize pfSense better, we consider clustering VMs at #Peripheral VE and placing HAProxy and similar proxies behind pfSense on the #Federated VE.
We are experiencing some issues obtaining SSL certificates for our sites running behind Pfsense. Due to the absence of the certificate, the service becomes completely unavailable.

Storage for VMs

We are looking for solutions for distributed storage available to several VMs. We have several websites that use MariaDB; their databases are combined in a Galera Cluster. We need a solution for these websites' files to have a shared storage. We tried GlusterFS, but it seemed too slow to us. We copied the files to this storage for almost a week, and as a result, the website did not work.

VM automation

We would like #Peripheral VE and #Peripheral VE only to create a VM for each VM customer automatically. In some cases, we have used Ansible. We are open to any solution.

Monitoring

Our current monitoring doesn't satisfy us. We use Grafana for Proxmox. We would like to add several servers that do not use Proxmox, configure communication channels, and expand monitoring according to our tasks.

Security

Our security outline shall be reviewed and improved.

Backup and recovery

We use Proxmox Backup Server on the #Federated VE. We consider adding NAS, as well as advancing backup and recovery systems.

See also