ServiceCatalogueForm | |
---|---|
Name | Package Repository Service |
Description | Package Repository Service |
Unit | Managed Platform |
End Users | Computing Staff, University Staff, External Users |
Software | lcfg-refreshpkgs component |
Hardware | bruegel (package master), hare and wildcat (cache servers), porto (export http and rsync server) |
Risk | More than Two People |
Review Status | No University Equivalent |
Review Details | This is the upstream service for LCFG. |
Dependencies |
AFS service for storing packages. Nagios service for monitoring. |
Redundancy | Multiple cache slaves. Can only have one package master running at one time, but planning to configure one of the AFS servers to be a backup package master. |
Connection Authentication | Kerberos, Other |
Connection Authentication Details (if Other) | Kerberos for package submission. Kerberos for package retrieval using file access (AFS). None for package retrieval using http or rsync. |
Connection Authorization | LDAP, Roles/Capabilities, Other |
Connection Authorization Details (if Other) | AFS ACLs for package submission, and retrieval by file access. Apache configured IP address based for package retrieval using http or rsync. |
Connection Configuration Management | LCFG |
Connection Configuration Management Details (if Other) | |
Connection Visibility | World |
Connection Visibility Details (if Other) | |
Connection Supported Clients | pkgsubmit (over AFS) for package submission, http/rsync/afs-file-access for package retrieval |
Connection Client Configuration | via LCFG for pkgsubmit |
Backend Authentication | Other |
Backend Authentication Details (if Other) | Package master uses a keytab for access to AFS volumes. Package slaves have an AFS admin UID which is used via waklog to gain access to AFS repository |
Backend Authorization | Other |
Backend Authorization Details (if Other) | AFS ip-address access control is used to give read access to the RPM repository from Package slaves. |
Backend Configuration Management | Not Applicable |
Backend Configuration Management Details (if Other) | |
User Feature Authentication | Not Applicable |
User Feature Authentication Details (if Other) | |
User Feature Authorization | Not Applicable |
User Feature Authorization Details (if Other) | |
User Feature Configuration Management | Not Applicable |
User Feature Configuration Management Details (if Other) | |
Link to End User Documentation | n/a |
Link to Technical Documentation | https://wiki.inf.ed.ac.uk/DICE/MPUPackageRepository |
Miscellaneous Comments |