Locker Setup: Difference between revisions
| Line 27: | Line 27: | ||
===Nginx Setup=== | ===Nginx Setup=== | ||
The 'DB1' VM runs an instance of Nginx, that behaves as a proxy for each users locker, as well as providing authentication and encryption. | |||
Each locker has it's own config file for nginx in the <tt>/etc/nginx/sites-avalible/</tt> which is symlinked to <tt>/etc/nginx/sites-enabled/</tt> when active. This file contains the configuration for the proxy settings of the locker, namely which host name it should listen for, and where it should forward the request (In this case, which internal-only IP address is the user's locker running on), as well as the location of the htpasswd file used to authenticate users, which is generated using the [htpasswd http://www.howtoforge.com/basic-http-authentication-with-nginx] command. | |||
===LXC Container Setup=== | ===LXC Container Setup=== | ||
Revision as of 18:19, 23 January 2013
Our installs of locker currently run in a VM provided by the university computing service.
Locker Install Setup
Lockers are currently run from inside a Xen virtual machine, hosted by the University Computing Service. A second Xen machine handles the DNS records for the locker.cam.ac.uk domain.
The locker code is used within a minimal Debian install, together with NodeJS and MongoDB to form a container, one per user, which is isolated in it's own LXC container and runs as a virtual machine. This virtual machine stores all data that is uploaded from the iPhone app and controls access to it. It also allows migration to other hosts, should the user wish to move it.
Virtual Machine Setup
The VMs used for the current locker setup are hosted by the University Computing Service.
ns1.locker.cam.ac.uk ( 193.60.91.221 )
is the primary DNS server for the locker.cam.ac.uk domain.
db1.locker.cam.ac.uk ( 193.60.91.222 )
hosts all lockers, and the front end proxy server and web server.
DNS Setup
The Primary DNS for the lcoker.cam.ac.uk zone is handle by the 'ns1' VM. This machine is running Debian Linux (Squeeze), and uses the [NSD http://www.nlnetlabs.nl/projects/nsd/] name server to provide DNS functionality.
The file at /etc/nsd3/locker.cam.ac.uk.zone contains the name entries to manage the zone.
Nginx Setup
The 'DB1' VM runs an instance of Nginx, that behaves as a proxy for each users locker, as well as providing authentication and encryption.
Each locker has it's own config file for nginx in the /etc/nginx/sites-avalible/ which is symlinked to /etc/nginx/sites-enabled/ when active. This file contains the configuration for the proxy settings of the locker, namely which host name it should listen for, and where it should forward the request (In this case, which internal-only IP address is the user's locker running on), as well as the location of the htpasswd file used to authenticate users, which is generated using the [htpasswd http://www.howtoforge.com/basic-http-authentication-with-nginx] command.
LXC Container Setup
Locker Management
Creating a Locker
Starting a Locker
Stopping a Locker
Destroying a Locker
- Info on locker install in the lab, how to create, destroy, start, stop lockers etc.
* setup of VMs at computing service * DNS setup, location of relevant files etc * Web Server front end setup, etc * LXC Container setup * Locker install with containers
