CNMCyber Usable
CNM Cloud Usable (in the Russian-language version, known as Работы над Облаком) is the fourth, current, phase of the CNM Cloud Project. CNM Cloud (hereinafter - the Cloud) is a set of technologies that supports CNM Cyber. This very wikipage presents the primary list of those endeavors that are included in that phase. CNM Cyber Project Coordinators (hereinafter, the Coordinators) are invited to organize work on its endeavors.
Contents
Trivia
Projects vs operations
- The endeavors include:
- Projects undertaken to develop new systems to be deployed at the Cloud.
- Operations undertaken to sustain productive functions of deployed systems of the Cloud.
Cloud layers
- CNM Farms. The Cloud infrastructure or, in other words, ecosystem of computing servers and cloud OS to support both Opplet and CNM apps.
- Opplet. The enterprise-wide utility software that supports CNM apps regardless of their location of those applications in the Cloud.
- CNM apps. End-user applications of the Cloud.
Farms
CNM Farms (hereinafter, the Farms) present the infrastructure for the functioning of both the CNM apps and Opplet that serves those apps. The Farms are assembled using commercial off-the-shelf (COTS) software only.
Farms' administration
- For the purposes of this wikipage, the Farms' administration refers to those endeavors that are utilized or can be used on several rather than one individual Farm:
- Integration for CNM Farms. New development of CNM Cloud Integration that is based on exploring the possibilities of integrating the Cloud, such as using Jenkins and Kafka, and adding VPNs, such as integrating email services across the Farms.
- Configuration for CNM Farms. New development of CNM Cloud Configuration that is based on exploring the possibilities of adding the ability to automatically create virtual machines, possibly using Terraform and Ansible.
- Statistics for CNM Farms. New development of CNM Cloud Statistics that is based on exploring the possibilities of using ZooKeeper and log management.
- Revisions for CNM Farms. New development of CNM Cloud Revisions that aim to build the system of periodic revisions of the Farms.
Authorized endeavors related to the Farms' administration Endeavors Integration Configuration Statistics Revisions Business requirements Product prototypes User requirements Work requirements Technical requirements Endeavor consent Utility Applicability Controllability
Database management
- For the purposes of this wikipage, database management refers to those endeavors that are related to databases of the Cloud:
- MariaDB for CNM Farms. Further development of CNM MariaDB to explore using additional tools such as MariaDB MaxScale and MariaDB xPand in the existing MariaDB cluster of the Cloud.
- PostgreSQL for CNM Farms. New development of CNM PostgreSQL to create a cluster of PostgeSQL databases of the Cloud. In general, linking similar databases with each other may make their functioning more stable.
- DBs for Opplet. Further development of Opplet DB to optimize existing databases of Opplet and to add new federated databases that can be shared by CNM apps. New databases, for instance, can manage the data of the customers to be taken from and shared with CNM Venture and CNM Linkup. Earlier, the Cloud developers discussed possibilities of using MongoDB or Cassandra for data storage, MuleESB for data collection and Apache Hadoop for "formating".
- Ceph for CNM Farms. Further development of CNM Bureau DB to document and optimize it.
Authorized endeavors related to database management Работы MariaDB PostgreSQL Opplet (DBs) Ceph Business requirements Product prototypes User requirements Work requirements Technical requirements Endeavor consent Utility Applicability Controllability
DNS management
- For the purposes of this wikipage, DNS management refers to those endeavors that are utilized or can be used to manage DNS of the Cloud:
- CDN for CNM Farms. New development of CDN in CNM Farms to explore building one or more content delivery networks (CDNs) at least for some of CNM apps.
- DNSSEC for CNM Farms. New development of DNSSEC in CNM Farms to explore utilizing DNSSEC in the Cloud.
- Geocast for CNM Farms. New development of Geocast in CNM Farms to explore adding Geocast or similar functionality to some part or parts of the Cloud.
- IPv6 for CNM Farms. Further development of IPv6 in CNM Farms to explore migration of the Cloud's DNS, except for public access, to IPv6.
- Revisions for CNM DNS. New development of CNM DNS Revisions that aim to build the system of periodic revisions of all the Cloud's DNS records.
Authorized endeavors related to DNS management Endeavors CDN DNSSEC Geocast IPv6 Ревизия DNS Business requirements Product prototypes User requirements Work requirements Technical requirements Endeavor consent Utility Applicability Controllability
Support tools
- For the purposes of this wikipage, support tools refer to those software development and sysadmin administrative tools that are (a) listed at https://github.com/kahun/awesome-sysadmin and (b) not mentioned in other sections of the endeavors.
- Panels for CNM Farms. New development of Panels in CNM Farms to explore adding control panels such as VestaCP, as well as status systems such as Cachet to the Cloud.
- Workspaces for CNM Cloud. New development of Workspaces in CNM Cloud to explore adding personal tools and development environments such as Eclipse to the Cloud.
- Nextcloud for CNM Cloud. New development of CNM Nextcloud to explore adding Nextcloud as a set of personal management tools to the Cloud.
Authorized endeavors related to support tools Endeavors Panels Workspaces Nextcloud Business requirements Product prototypes User requirements Work requirements Technical requirements Endeavor consent Utility Applicability Controllability
Node clusters
- For the purposes of this wikipage, node clusters refers to clusters of nodes that are utilized or can be used to build the Farms. The four Farms are made up of clustered nodes. Each cluster must have at least one (a) entry point, which for highly available Farms includes a load balancer on a public web address, (b) synchronization of resources of common individual nodes, at least databases, (c) monitoring, ( d) security, including firewalls; and (e) backup and recovery systems.
- Farm for Bureau. Further development of Bureau Farm to advance its features. Currently, this Farm is based on two bare-metal servers. This Farm also utilizes a portion of one bare-metal server that belongs to the Lab Farm. The issues to work on may include (a) security outside of iptables, (b) adding NAS, as well as advanced backup and recovery systems, and (c) advanced monitoring systems.
- Farm for Campus. Further development of Campus Farm to advance its features. Currently, this Farm is based on three virtual private servers (VPSes), which databases are synchronized via MariaDB Galera, and high availability functionality is based on HAProxy and includes (a) entry point, (b) monitoring, (c) security, and (d) backup and recovery system. One of the servers is also connected to additional storage, which is supposed to be converted to NAS.
- Farm for Lab. Further development of Lab Farm to advance its features. Currently, this Farm is based on one bare-metal server. This Farm requires no high availability functionality due to the experimental nature of the applications installed on it. Due to the lack of high availability requirement, this farm will require an advanced backup and recovery system.
- Farm for Opplet. Further development of Opplet Farm to advance its features. Currently, this Farm is based on two virtual private servers (VPSes); however, they haven't been included in one network. It is expected that a few developments of Campus Farm will be used here.
- Previously, a private cloud built on OpenStack was used. It was closed due to high cost and low workload at the time. The development of the project may require the transfer of some of the Farms resources to the cloud solution again. Recently, Apache CloudStack has also become popular. If such a decision is made, it will be necessary to decide which support package to use and whether it will be the development of Lab Farm or Opplet Farm.
Authorized endeavors related to node clusters Endeavors Bureau (farm) Campus (farm) Lab (farm) Opplet (farm) Business requirements Product prototypes User requirements Work requirements Technical requirements Endeavor consent Utility Applicability Controllability
Opplet
Opplet represents (a) enterprise-wide middleware that serves the Cloud and (b) a group of end-user applications that allows end-users to utilize it. Therefore, the Opplet's functionalities can be divided into two groups:
- Services for CNM apps. Those federation services that Opplet provides to CNM apps.
- Services for end-users. Those services that Opplet provides to its end-users.
Some endeavors that are related to Opplet are included in the Farm for Opplet project (section Node clusters of this very wikipage) and DBs for Opplet project (section Database management). The core of Opplet is written specifically for the Cloud using Yii framework. Its periphery devices are assembled using commercial off-the-shelf (COTS) software.
App-oriented
- For the purposes of this wikipage, app-oriented Opplet refers to those endeavors that are utilized or can be used on several rather than one individual Farm:
- WSO2 IS for Opplet. New development of Opplet WSO2 IS to add WSO2 Identity Server (WSO2 IS) services to Opplet. Currently, Opplet utilizes OpenLDAP as its authorization and identity connector. However, OpenLDAP does not allow single sign-on (SSO) services. In addition, the Opplet developers faced troubles in changing roles and in connecting some end-user applications such as MediaWiki with OpenLDAP. Adding WSO2 IS also aims to introduce user registration in Opplet within CNM apps. Currently, the users must first register with Opplet in order to use those CNM app's services that are available for the registered users only. It is unclear at the moment whether OpenLDAP shall be kept in Opplet after WSO2 IS addition and, if so, how.
- Enrollment to Opplet. New development of Opplet Enrollment to transfer the course registration (which Moodle in Australian way calls "enrolment") from CNM Cert to Opplet. Beyond visibility of user enrollment status on Opplet dashboard, this transfer shall resolve several problems: (a) speed. The current enrollment is carried out through the cron tool, which has a response delay, (b) enrollment in LMSes other than CNM Cert. The Cert accommodates only first 3 levels of the educational programs, (c) automatic unenrollment from those courses that have successfully been completed.
- Roles to Opplet. Further development of Opplet roles to (a) automatically add new federated roles of an Opplet user based on the course progress and (b) communicate those roles to CNM apps. Currently, Opplet user roles can only be changed manually by Opplet administrators.
- Mail for CNM Cloud. Further development of CNM Mail Server to make sure that all CNM apps can send and, when applicable, receive emails through it.
- Exams to Opplet. New development of Opplet Exams to move test banks from CNM Moodle to Opplet.
- Warehouse for CNM Cloud. New development of Opplet Warehouse to create a federated object storage in order to make illustrations and other files available for various CNM apps. The Cloud developers earlier also discussed an idea was to utilize CNM GitLab as a file storage.
Authorized endeavors related to app-oriented Opplet Endeavors WSO2 IS Enrollment Roles Mail (Cloud) Exams Warehouse Business requirements Product prototypes User requirements Work requirements Technical requirements Endeavor consent Utility Applicability Controllability
User-oriented
- For the purposes of this wikipage, user-oriented Opplet refers to those endeavors that are utilized or can be used on several rather than one individual Farm:
- Interface for Opplet. Further development of Opplet Interface to improve its usability and graphic design.
- Events for Opplet. New development of Opplet Events to (a) organize events on the administrative side and (b) manage own participation on the end-user side in the Cloud.
- Mailboxes to Opplet. Further development of Opplet Mailboxes to accommodate its automatic creation, management, and cancelation in order to upgrade this minimal viable product to the marketable.
- Newsletters to Opplet. New development of Opplet Newsletters to add mailing list and subscription functionalities.
- Calendar for Opplet. New development of Opplet Calendar to add a federated calendar to Opplet.
Authorized endeavors related to user-oriented Opplet Endeavors Interface (Opplet) Events (Opplet) Mailboxes (Opplet) Newsletters (Opplet) Calendar (Opplet) Business requirements Product prototypes User requirements Work requirements Technical requirements Endeavor consent Utility Applicability Controllability
Apps
CNM apps (hereinafter, the Apps) present end-user applications that are available to users of the Cloud. Any App needs to be able to work with our future CNM WSO2 IS and, possibly, existing OpenLDAP. The Apps are assembled using commercial off-the-shelf (COTS) software only.
Those endeavors that need to be undertaken for every App, must include:
- Updating the Apps to the latest stable versions and install the latest patches if and when they become available.
- Documenting what we have and identify problems.
This section lists both (a) those Apps that are incorporated and (b) some applications that may be potentially incorporated in the Cloud.
Utilizing MariaDB
- For the purposes of this wikipage, utilizing MariaDB apps refer to those CNM apps that utilize MariaDB as its database management system. The Cloud incorporates at least five of them.
- AVideo for CNM Cloud. Further development of CNM AVideo to upgrade this app from its minimal viable product (MVP) up to the marketable. Previously, several test videos were recorded and posted there, but their fate is currently unknown. At this moment, it is unclear where and how this app will be finally installed since its HA and storage solutions haven't been designed yet.
- WordPress for CNM Cloud. Further development of CNM WordPress to explore in the Cloud.
Working on Webcams for the development of the Bratsk Webcam, its course and future version, as well as software. There are currently no attachments installed. Several installation attempts have been made, but no effective anti-virus strategy has been found.
для разработок Брацкой Вебки, её курсовой и будущей версии, а также ПО. В настоящее время, установленных прилад нет. Предпринималось несколько попыток установки, однако эффективной стратегии борьбы с вирусами найдено не было.
- MediaWiki for CNM Cloud. Further development of CNM MediaWiki to explore in the Cloud.
Work on Edits for the development of Bratskaya Edit, its course and future version, as well as software. Currently, the main attachment is installed and actively used. Due to integration issues with LDAP, the versions have not been updated for several years. Also periodically there are problems with pictures. The mail agent is either not connected or not working.
для разработок Брацкой Правки, её курсовой и будущей версии, а также ПО. В настоящее время, основная прилада установлена и активно используется. Из-за проблем интеграции с LDAP, версии уже несколько лет не обновляются. Также периодически появляются проблемы с картинками. Почтовый агент либо не подключен, либо не работает.
- HumHub for CNM Cloud. Further development of CNM HumHub to explore in the Cloud.
Work on Grids for the development of the Bratskaya Grid, its course and future version, as well as software. Currently, the main attachment is installed, but is not used systematically. The mail agent is either not connected or not working.
для разработок Брацкой Сетки, её курсовой и будущей версии, а также ПО. В настоящее время, основная прилада установлена, но используется несистематически. Почтовый агент либо не подключен, либо не работает.
- Moodle for CNM Cloud. Further development of CNM Moodle to explore in the Cloud.
Work on training manuals for the development of the Bratskaya training manual, its course and future versions, as well as software. Currently, the main attachment is installed and actively used. Several issues are documented on the Working on Tutorials page. The mail agent is either not connected or not working.
для разработок Брацкой Учебки, её курсовой и будущей версии, а также ПО. В настоящее время, основная прилада установлена и активно используется. Несколько проблем задокументировано на странице Работа над Учебками. Почтовый агент либо не подключен, либо не работает.
Authorized endeavors related to utilizing MariaDB apps Endeavors Бачки Вебки Правки Сетки Учебки Business requirements Product prototypes User requirements Work requirements Technical requirements Endeavor consent Utility Applicability Controllability
- Так как приложения существуют не в вакууме, часть усилий по развитию приложений относится к другим группам. Например, к:
- Доменным проектам относится CDN в Облаке.
- Эксперементальным проектам относится LDAP для Правки.
Because apps don't exist in a vacuum, part of the app development effort goes to other groups. For example, to:
Domain projects include CDN in the Cloud. Pilot projects include LDAP for Editing.
Utilizing non-MariaDB
- For the purposes of this wikipage, utilizing non-MariaDB apps refer to those CNM apps that don't utilize MariaDB as its database management system. The Cloud incorporates at least four of those Apps:
- GitLab for CNM Cloud. Further development of CNM GitLab to explore in the Cloud.
для разработок Брацкой Крынки, её курсовой и будущей версии, а также ПО. Окончательный перевод Крынки с Redmine на GitLab. В настоящее время, GitLab стоит и несистематически используется, хотя и не на верном веб-адресе. База данных -- PostgreSQL. Тот Redmine, который использовался для Крынки, надо перевести на Опытно Облако.
- SuiteCRM for CNM Cloud. Further development of CNM SuiteCRM to explore in the Cloud.
для разработок Брацкой Связки, её курсовой и будущей версии, а также ПО. В настоящее время, не используется вообще. База данных -- PostgreSQL.
- Odoo for CNM Cloud. Further development of CNM Odoo to explore in the Cloud.
для разработок Брацкой Справы, её курсовой и будущей версии, а также ПО. В настоящее время, не используется, но есть планы переводить туда отдел кадров и рекрутирование. База данных -- PostgreSQL.
- Jitsi for CNM Cloud. Further development of CNM Jitsi to explore in the Cloud.
для разработок Брацких Жиц, её курсовой и будущей версии, а также ПО. Построение кластера для высокой доступности Брацких Жиц. Основная прилада стоит и, в настоящее время, предпринимаются попытки её использования. База данных неизвестна.
Translation of Krynka to GitLab for the development of Bratska Krynka, its course and future version, as well as software. Final transfer of Krynka from Redmine to GitLab. Currently, GitLab stands and is inconsistently used, although not at the correct web address. The database is PostgreSQL. The Redmine that was used for Krynka should be transferred to Experimental Cloud.
Work on Bundles for the development of Bratskaya Bundle, its course and future version, as well as software. Currently not used at all. The database is PostgreSQL. Work on the Rights for the development of Bratskoy Prava, its course and future versions, as well as software. Currently not in use, but there are plans to move the HR and recruiting department there. The database is PostgreSQL. Sustainability for Zhytsi for the development of Bratsky Zhytsi, its course and future version, as well as software. Building a cluster for high availability Bratsky Zhytsy. The main attachment is standing and, at present, attempts are being made to use it. The database is unknown.
Authorized endeavors related to utilizing non-MariaDB apps Endeavors Крынки Связки Справы Жици Business requirements Product prototypes User requirements Work requirements Technical requirements Endeavor consent Utility Applicability Controllability
Experimental
- For the purposes of this wikipage, experimental apps refer to those endeavors that are utilized or can be used on several rather than one individual Farm:
- Усилия по построению перспективных и популярных ресурсов the Cloud:
- MediaWiki LDAP. Further development of v to explore in the Cloud.
-- уже много лет, стабильная версия MediaWiki не обновляется из-за конфликта новых версий с нашим плагином LDAP. Однако принято решение о переводе интеграции на WSO2 IS и не ясно, будет ли оставлен LDAP в качестве обязательного.
-- Moodle решено оставить исключительно под три начальных курса Лестницы к Профессии. Другие курсы, включая языковые, планируется делать на платформе OpenEdX.
- ProjecQtOr. Further development of v to explore in the Cloud.
-- некогда был установлен для коротких тренингов по ПО для управления проектами.
-- некогда использовался для Крынки, сейчас рассматривается возможность оставить для тренинга или в качестве "музейного" экспоната.
-- некогда был установлен для коротких тренингов по ПО для управления проектами.
MediaWiki LDAP -- For many years now, the stable version of MediaWiki has not been updated due to a new version conflict with our LDAP plugin. However, a decision has been made to migrate the integration to WSO2 IS and it is not clear if LDAP will remain mandatory.
OpenEdX -- Moodle decided to leave exclusively under the three initial courses of the Ladder to the Profession. Other courses, including language courses, are planned to be done on the OpenEdX platform. ProjecQtOr -- was once installed for short training sessions on project management software. Redmine - once used for Krynka, now considering the possibility of leaving it for training or as a "museum" exhibit. Taiga -- was once installed for short training sessions on project management software.
Authorized endeavors related to experimental apps Endeavors MediaWiki LDAP OpenEdX ProjecQtOr Redmine Taiga Business requirements Product prototypes User requirements Work requirements Technical requirements Endeavor consent Utility Applicability Controllability
Enterprise
Venture administration
- For the purposes of this wikipage, venture administration refers to those endeavors that are utilized or can be used on several rather than one individual Farm:
- Personnel for CNM Cloud. Further development of CNM Cloud Personnel to explore in the Cloud.
-- построение Кадров Облака, отдела кадров и практик по обслуживанию существующего персонала.
- Организация для Облака. Further development of v to explore in the Cloud.
-- построение Организации Облака, структуры организации стоящей за the Cloud.
- Финансы для Облака. Further development of v to explore in the Cloud.
-- построение Финансов Bskol, финансового учёта и отчётности, а также управления финансами.
- Юридическое для Облака. Further development of v to explore in the Cloud.
-- построение Юридических аспектов Облака, юридического оформления деятельности Облака.
Cloud Human Resources -- building Cloud Human Resources, Human Resources, and practices to serve existing staff.
Organization for the Cloud -- building the Cloud Organization, the structure of the organization behind the Cloud. Finance for the Cloud -- building Bskol Finance, financial accounting and reporting, and financial management. Legal for the Cloud -- building the Legal aspects of the Cloud, legalizing the activities of the Cloud.
Authorized endeavors related to enterprise administration Endeavors Кадровое Организационное Финансовое Юридическое Business requirements Product prototypes User requirements Work requirements Technical requirements Endeavor consent Utility Applicability Controllability
External operations
- For the purposes of this wikipage, enterprise external operations refer to those endeavors that are utilized or can be used on several rather than one individual Farm:
- Индустрия для Облака. Further development of v to explore in the Cloud.
-- построение Слежения за индустрией Облака, системы по сбору данных об индустриях the Cloud, их новостях и тенденциях, изучению этих данных, сравнение организации работы с the Cloud с общими тенденциями и выработки предложений по измемениям в работе с the Cloud.
- Разработчики для Облака. Further development of v to explore in the Cloud.
-- построение Работы с разработчиками Облака.
- Технологии для Облака. Further development of v to explore in the Cloud.
-- построение Слежения за технологиями Облака, системы по сбору данных о технологиях на рынках the Cloud, их новостях и тенденциях, изучению этих данных, сравнение предложений the Cloud с предложениями конкурентов и выработки предложений по измемениям в the Cloud.
- Техподдержка для Облака. Further development of v to explore in the Cloud.
-- построение Службы техподдержки Облака
- Эксплуатационщики для Облака. Further development of v to explore in the Cloud.
-- построение Работы с эксплуатационщиками Облака.
Industry for the Cloud -- building the Cloud Industry Tracker, a system to collect data on the Cloud's industries, their news and trends, examine that data, compare the Cloud's organization to general trends, and propose changes to the Cloud.
Developers for the Cloud -- building Work with Cloud developers. Technologies for the Cloud -- building the Cloud Technology Tracker, a system to collect data on technologies in the Cloud markets, their news and trends, study this data, compare the Cloud's offerings with those of competitors, and generate proposals for changes to the Cloud. Help Desk for the Cloud -- Building a Cloud Help Desk Cloud Operators -- Building Work with Cloud Operators.
Authorized endeavors related to enterprise external operations Endeavors Индустрия Разработчики Технологии Техподдержка Эксплуатационщики Business requirements Product prototypes User requirements Work requirements Technical requirements Endeavor consent Utility Applicability Controllability
Stakeholder groups
- For the purposes of this wikipage, stakeholder groups refer to those endeavors that are utilized or can be used to manage groups of the Cloud stakeholders:
- Комитеты для Облака. Further development of v to explore in the Cloud.
-- построение Ценных Облаку комитетов
- Советы для Облака. Further development of v to explore in the Cloud.
-- построение Ценных Облаку советов
- Пользователи для Облака. Further development of v to explore in the Cloud.
-- построение Групп пользователей Облака
- Сисадмины для Облака. Further development of v to explore in the Cloud.
-- построение Сообщества Сисадминов.
Committees for the Cloud -- Building Cloud-Valued Committees
Tips for the Cloud -- Building Cloud-Value Tips Cloud Users - Building Cloud User Groups SysAdmins for the Cloud -- Building a Community of Sysadmins.
Authorized endeavors related to stakeholder groups Endeavors Комитеты Советы Пользователи Сисадмины Business requirements Product prototypes User requirements Work requirements Technical requirements Endeavor consent Utility Applicability Controllability