Differences
This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision Next revisionBoth sides next revision | ||
users:start [2020/07/21 03:02] – jesse | users:start [2020/08/01 02:05] – jesse | ||
---|---|---|---|
Line 1: | Line 1: | ||
====== User Information ====== | ====== User Information ====== | ||
- | Note: some of these URLs might change as the migration finishes, basically iron.waffle.tech is just a temporary way to get to the new machine and will be replaced by just waffle.tech once the main webserver is totally moved over. | + | **Migration |
===== Services ===== | ===== Services ===== | ||
Line 14: | Line 14: | ||
Incidentally, | Incidentally, | ||
+ | |||
+ | When connected to login.waffle.tech, | ||
===== Basic platform info ===== | ===== Basic platform info ===== | ||
Line 21: | Line 23: | ||
The basic platform is the open-source enterprise virtualization engine Proxmox. Most virtual machines run CentOS 8, but login.waffle.tech runs Fedora Server 32 to offer more recent versions. Access control is centralized by FreeIPA and, soon, Keycloak for SAML and oauth. All virtual machines share an internal network in reserved IP space, and the VM host forwards connections on many ports to various VMs. Some VMs (such as login) have an additional network interface which is directly on the internet with a public IP. | The basic platform is the open-source enterprise virtualization engine Proxmox. Most virtual machines run CentOS 8, but login.waffle.tech runs Fedora Server 32 to offer more recent versions. Access control is centralized by FreeIPA and, soon, Keycloak for SAML and oauth. All virtual machines share an internal network in reserved IP space, and the VM host forwards connections on many ports to various VMs. Some VMs (such as login) have an additional network interface which is directly on the internet with a public IP. | ||
- | * [[users: | + | ===== Engineering ===== |
+ | |||
+ | |||
+ | | ||
+ | |||
+ | ===== Known Issues ===== | ||
+ | |||
+ | * Website auth (this website) is not against LDAP yet, due to some configuration issues. | ||
+ | * The mail server has occasionally been very slow due to filesystem performance issues. This seems to be fixed but I'm not counting my chicks yet. | ||
+ | * The Kubernetes environment needs some polish so that it's more usable - e.g. a way of distributing keys for kubectl. |