...
- DNS
- What DNS domain will these hosts be in? nrao.edu? remote-institution.site? other?
- Will this vary depending on site?
- 2022-10-26 krowe: it is looking like the institution will own the equpment. Either they buy it with their own money like UPR-M or AUI gives them a grant and they buy it. Either way, they own it. So, I think we can expect the hosts to be in their DNS domain. Which is probably for the best. We can make CNAMEs for each head node if needed.
- So what IP range should we use? That may depend on the site as each site may use non-routable IP ranges differently.
- DHCP
- SMTP
- NTP or chrony
- What timezone should these be in? I think the choices are
- Mountain - Perhaps the most convenient for NRAO users and consistant between the sites.
- Local - Makes the most sence to the local users but means differences between the sites.
- UTC - equally annoying for all.
- What timezone should these be in? I think the choices are
- NFS
- Directory Server
- NIS? Probably not. RHEL9 will not support NIS.
- OpenLDAP
- 389 Directory Server? (previously Fedora Directory Server)
- Identity Management
- FreeIPA
- How do we handle accounts? I think we will want accounts on at least the head node. The execution nodes could run everything as nobody or as real users. If we want real users on the execute hosts then we should use a directory service which should probably be LDAP. No sense in teaching folks how to use NIS anymore.
- remote institution accounts only?
- 2022-10-26 krowe: RHEL8 and later don't come with OpenLDAP anymore. Red Hat wants you to use either their 389DS or IDM or RHDS or some other thing that gets them money. It's all very confusing
- ssh
- rsync (nraorsync_plugin.py)?
- NAT so the nodes can download/upload data?
- TFTP (for OSes and switch)
- condor (port 9618) https://htcondor-wiki.cs.wisc.edu/index.cgi/wiki?p=HowToMixFirewallsAndHtCondor
- nagios
- ganglia
- Ganglia hasn't been updated since 2015 so perhaps it is time to look for something else.
- Prometheus/Graphana
- Zabbix
...