AfNOG 2019 Workshop on Network Technology

Track SS-E: Scalable Internet Services

Jump within this page:

[SS-E Group Photo]

Introduction

This course on Scalable Internet Services in English (SS-E) is part of the AfNOG 2019 Workshop on Network Technology, held in conjunction with the AfNOG meeting in Dakar, Senegal, April-May 2019.

We use hands-on training in a well-equipped classroom over a five-day period to teach skills required for the configuration and operation of large scale Internet services.

Who should attend

Technical staff who are now providing Internet Services, or those who will be involved in the establishment and/or provisioning of basic Internet Services.

Prerequisites

Experience using and administering *NIX Servers, Name Servers, Web Servers, Mail Servers and similar services. Knowledge of Networking is a plus!

Help!

You can get free help with any of the tutorials or materials on this site by joining the AfNOG mailing list and sending an email to afnog@afnog.org with your question or problem. Please note that you must subscribe to the list first, otherwise your post will be rejected automatically.

Instructors

NameInitialsFromCountry
Isabel Odida IO Uganda
Kevin Chege KC ISOC Kenya
Vitus Aborogu VA Ghana.Com Ghana
Manhal Mohamed MH SdNOG Sudan
Michuki Mwangi MM ISOC Kenya

Participants

First Names Surname Organisation Country
PENDING PENDING    

Timetable

  Monday Tuesday Wednesday Thursday Friday
  10/06 11/06 12/06 13/06 14/06
09:00-11:00 Introduction Data Security Ansible, Dovecot, Rainloop Virtualization
Tea break          
11:30-13:00 DNS DNS Ansible NTP RSPAMD
Lunch          
14:00-16:00 DNS DNS Postfix Monitoring RADIUS
Tea break          
16:30-18:30 Network Security Apache, Postfix Monitoring NETDATA and Expert Panel
Supper          
Evening Sessions:
20:00-22:00
General Help General Help General Help Instructor Dinner Closing Ceremony

Topics

Introduction

Isabel Odida

NTP

Ansible

Manhal Mohamed

Apache

Isabel Odida

Backups

Joe Abley

Closing Survey

Chris Wilson

Configuration Management

Laban Mwangi

Data Security

Joe Abley

Deployment

Chris Wilson

DNS

Michuki Mwangi

DNS Fundamentals
DNS Resolvers
Netdata
DNS Authoritative Name Servers
DNSSEC

Goal: DNSSEC High Level Awareness.

Dovecot

Kevin Chege

Ganeti

Chris Wilson

Load Balancing

Chris Wilson

MAAS

Chris Wilson

Monitoring

Kevin Chege

Network Security

Kevin Chege

Manhal Mohammed

OpenLDAP

Frank Kuse

Kevin Chege

Rainloop

Rainloop is a free to use WebMail client that does not require a MySQL database

Postfix

Spam Filtering

Squirrelmail

Kevin Chege

RADIUS

Frank Kuse

Kevin Chege

RSPAMD

This is a quick setup of a powerful anti-spam software known as RSPAMD with default settings to demo a sample mail filter

*NB: ALL COMMANDS ARE TO BE CARRIED OUT ON YOUR FREEBSD SERVER!!!

RSPAMD website: http://rspamd.com

Virtualization

Isabel Odida

Chris Wilson

Management

Details for project management of the SS-E workshop.

Editing this page

Please file an issue requesting to be added as an administrator of the AfNOG organisation on GitHub.

Mailing list

The instructors group on Google Groups:

There is a wiki page on course development.

Equipment

To host this track you will probably need the following equipment:

Setup

We usually use LXC containers, although not everything is supported (e.g. you can’t run an iSCSI Target in an LXC container yet), so there is an alternative setup using KVM virtual machines. These are much heavier-weight, so you can’t run as many on the same host (especially RAM is a limiting factor, since each VM needs ~512 MB of dedicated RAM).

Administration

All done by CW unless anyone else wants to.

TODO

Meta (about this site)

Quick Start (editing)

If someone else is hosting, then all you have to do is:

Quick Start (hosting)

Only one person should host a repository, otherwise you will duplicate work and maybe have race conditions (although you should both be producing and updating the same content, so it should actually work if you have more than one, but there’s no point or advantage to it.)

If you want to host, you need a Linux or Mac desktop with lsyncd, rsync and ruby installed. Then follow these steps:

Syncing to the Afnog webserver (ws.afnog.org) which runs FreeBSD

For updates to automatically sync to the webserver in use at the AFNOG workshop, do the following:

Source code (Markdown)

Generated HTML

Presentations

Presentations use a special format to invoke remark on the Markdown source files:

Generating the HTML

If you’re using Ruby 1.8, you may need to install Ruby 1.9 first.

Warning: This command by default will overwrite ../afnog.github.io/sse, since it assumes that you have both https://github.com/afnog/sse/ and https://github.com/afnog/afnog.github.io/ checked out side-by-side (for example in SparkleShare).

If you want it to overwrite a different directory (where it will write the generated HTML files), you can specify it as a command-line argument to Make:

make DST_DIR=/tmp/site

You will need to install Jekyll to generate the HTML files:

sudo gem install jekyll execjs therubyracer

Then run make to build them once, in the destination directory:

make

Or run make watch to tell Jekyll to stay running, watch for source files changing, and generate a new HTML file when they do (ideal for modifying presentations on the fly):

make watch

Publishing the HTML

You can use make sync to run lsyncd (which you must have installed, for example with brew install lsyncd) to automatically rsync the content to the workshop server, http://www.ws.afnog.org. You will need to check the SYNC_HOST and SYNC_DIR in the Makefile, which must point to the destination host and directory which will be overwritten.

make sync

Automatic publishing

If you want to have a server automatically fetch changes from Git and update the static website, you can’t use SparkleShare on the server because it’s a GUI tool. What you can do is checkout both Git repositories, using a fresh personal access token to give it write access to the afnog.github.io repository, and “git pull” in a loop (or automatically from Cron), generate the HTML and commit and publish it if different (which is almost what SparkleShare does):

git config --global user.name "Your Name"
git config --global user.email you@example.com
sudo apt install lsyncd rsync ruby ruby-dev gcc g++ make
sudo gem install jekyll execjs therubyracer
mkdir ~/website
cd ~/website
git clone https://github.com/afnog/sse.git
git clone https://<your GitHub username>:<your token>@github.com/afnog/afnog.github.io.git
git config --global push.default simple
while true; do cd ~/website/sse; git pull; make autocommit; sleep 5; done

Or replace the last line with a Cron job:

* * * * *	cd ~/website/sse; git pull; make autocommit