AfNOG 2017 Workshop on Network Technology

Track SS-E: Scalable Internet Services

Jump within this page:

[SS-E Group Photo]

Introduction

This course on Scalable Internet Services is part of the AfNOG 2017 Workshop on Network Technology, held in conjunction with the AfNOG meeting in Nairobi, Kenya, May-June 2017.

We use hands-on training in a well-equipped classroom over a five-day period to teach skills required for the configuration and operation of large scale Internet services.

Who should attend

Technical staff who are now providing Internet Services, or those who will be involved in the establishment and/or provisioning of a basic national Internet Services in the country.

Prerequisites

Experience using and administering *NIX Servers, Name Servers, Web Servers and Mail Servers.

Help!

You can get free help with any of the tutorials or materials on this site by joining the AfNOG mailing list and sending an email to afnog@afnog.org with your question or problem. Please note that you must subscribe to the list first, otherwise your post will be rejected automatically.

Instructors

NameInitialsFromCountry
Joe Abley JA NSRC Canada
Ayitey Bulley AB Ghana
Kevin Chege KC Kenya
Frank Kuse FK Ghana
Michuki Mwangi MM ISOC Kenya
Chris Wilson CW UK
Emmanuel Odoom EO Ghana
Isabel Odida IO Uganda

Participants

First Names Surname Organisation Country
HELLEN NAKAWUNGU    
ABEAKU BADU ARTHUR    
ZOUMANA COULIBALY    
MUGABE H. PATRICK    
LYDIA AKIRIZA    
JEZREEL M. NYANGE    
SALLY CHAM    
LILLIAN RUTH ACHOM    
ISAAC LARTEY    
GRACE ADONG    
FRANCIS MALAMA    
VANESSA A. ISSAH    
PETER JOHN CHIROMBO    
VICTORIA PHILEMON RUTAKARA    
RICHARD OTIEKU - BOADU    
MAXWELL OWUSU MARFO    
SIMON SERUYINDA    
JOSEPH MUTITI    
OMAR SALUM SALEH    
HARRUN ISIAHO    

Timetable

  Monday Tuesday Wednesday Thursday Friday
  30/05 31/05 01/06 02/06 03/06
09:00-11:00 Introduction Data Security Postfix RADIUS Finishing up e-mail
Tea break          
11:30-13:00 DNS DNS Postfix RADIUS Deployment
Lunch          
14:00-16:00 Network Security DNS OpenLDAP NTP Virtualization
Tea break          
16:30-18:30 DNS Apache, Postfix OpenLDAP Dovecot, Squirrelmail Expert Panel and Closing Survey
Supper          
Evening Sessions:
20:00-22:00
General Help General Help DNSSEC, Ansible Instructor Dinner Closing Ceremony

Topics

Introduction

Ayitey Bulley

NTP

Ansible

Frank Kuse

Apache

Isabel Odida

Backups

Joe Abley

Closing Survey

Chris Wilson

Configuration Management

Laban Mwangi

Data Security

Joe Abley

Deployment

Chris Wilson

DNS

Joe Abley

DNS Fundamentals
DNS Resolvers
DNS Authoritative Name Servers
DNSSEC

Goal: DNSSEC High Level Awareness.

Dovecot

Kevin Chege

Ganeti

Chris Wilson

Load Balancing

Chris Wilson

MAAS

Chris Wilson

Monitoring

Kevin Chege

Network Security

Frank Kuse

OpenLDAP

Frank Kuse

Postfix

Kevin Chege

Spam Filtering

Squirrelmail

Kevin Chege

RADIUS

Frank Kuse

Virtualization

Chris Wilson

Management

Details for project management of the SS-E workshop.

Editing this page

Please file an issue requesting to be added as an administrator of the AfNOG organisation on GitHub.

Mailing list

The instructors group on Google Groups:

There is a wiki page on course development.

Equipment

To host this track you will probably need the following equipment:

Setup

We usually use LXC containers, although not everything is supported (e.g. you can’t run an iSCSI Target in an LXC container yet), so there is an alternative setup using KVM virtual machines. These are much heavier-weight, so you can’t run as many on the same host (especially RAM is a limiting factor, since each VM needs ~512 MB of dedicated RAM).

Administration

All done by CW unless anyone else wants to.

TODO

Meta (about this site)

Quick Start (editing)

If someone else is hosting, then all you have to do is:

Quick Start (hosting)

Only one person should host a repository, otherwise you will duplicate work and maybe have race conditions (although you should both be producing and updating the same content, so it should actually work if you have more than one, but there’s no point or advantage to it.)

If you want to host, you need a Linux or Mac desktop with lsyncd, rsync and ruby installed. Then follow these steps:

Source code (Markdown)

Generated HTML

Presentations

Presentations use a special format to invoke remark on the Markdown source files:

Generating the HTML

If you’re using Ruby 1.8, you may need to install Ruby 1.9 first.

Warning: This command by default will overwrite ../afnog.github.io/sse, since it assumes that you have both https://github.com/afnog/sse/ and https://github.com/afnog/afnog.github.io/ checked out side-by-side (for example in SparkleShare).

If you want it to overwrite a different directory (where it will write the generated HTML files), you can specify it as a command-line argument to Make:

make DST_DIR=/tmp/site

You will need to install Jekyll to generate the HTML files:

sudo gem install jekyll execjs therubyracer

Then run make to build them once, in the destination directory:

make

Or run make watch to tell Jekyll to stay running, watch for source files changing, and generate a new HTML file when they do (ideal for modifying presentations on the fly):

make watch

Publishing the HTML

You can use make sync to run lsyncd (which you must have installed, for example with brew install lsyncd) to automatically rsync the content to the workshop server, http://www.ws.afnog.org. You will need to check the SYNC_HOST and SYNC_DIR in the Makefile, which must point to the destination host and directory which will be overwritten.

make sync

Automatic publishing

If you want to have a server automatically fetch changes from Git and update the static website, you can’t use SparkleShare on the server because it’s a GUI tool. What you can do is checkout both Git repositories, using a fresh personal access token to give it write access to the afnog.github.io repository, and “git pull” in a loop (or automatically from Cron), generate the HTML and commit and publish it if different (which is almost what SparkleShare does):

git config --global user.name "Your Name"
git config --global user.email you@example.com
sudo apt install lsyncd rsync ruby ruby-dev gcc g++ make
sudo gem install jekyll execjs therubyracer
mkdir ~/website
cd ~/website
git clone https://github.com/afnog/sse.git
git clone https://<your GitHub username>:<your token>@github.com/afnog/afnog.github.io.git
git config --global push.default simple
while true; do cd ~/website/sse; git pull; make autocommit; sleep 5; done

Or replace the last line with a Cron job:

* * * * *	cd ~/website/sse; git pull; make autocommit