[SAC] Server host quotes

shawn barnes sbarnes at dmsolutions.ca
Mon Nov 20 13:10:31 EST 2006 

Tyler Mitchell wrote:
>
> On 8-Nov-06, at 12:08 PM, Daniel Morissette wrote:
>
>> The Peer1 quote seems to be reasonable, assuming we do need two 
>> servers to get started. I missed a good part of discussions about the 
>> transition plan a few weeks ago, so I'll just assume that we do know 
>> that we need two servers and that someone has a clear plan for how 
>> they are going to be configured and used. With respect to the 
>> hardware firewall, my experience is that we can have very reliable 
>> software firewalls with iptables. However the call to have a hardware 
>> firewall or not should probably be made by the administrator who will 
>> setup and manage the servers in the long run and who will be 
>> responsible for keeping them up 24x7 for the years to come. Same for 
>> backup system I guess.
>
> Shawn - your thoughts on this?  From talking last week, I believe you 
> were in favour of the firewall and some tape backup.  and that you 
> wanted the 2nd server for failover and load balancing.
>
> Jason - seems we have chosen the provider?  What can I do to help 
> finalise this deal so Shawn has public infrastructure to work on?
>
> Tyler
>
Yes I think the separate firewall, tape backup and two servers are good 
ideas. 

The firewall gives us the advantage of having a dedicated device for 
primary firewall duties and for vpn and load balancing.  Iptables is 
very reliable and powerful tool and will be set up on the servers 
creating a secondary firewall but, i prefer a separate device for 
firewalling - greater security, server not using resources for 
filtering/vpn/etc.

Tape backup as the main backup, especially considering the svn server.  
A secondary backup strategy probably via rsync will be set up but, i 
believe a tape backup is  mandatory.  The tape allows us to rebuild a 
machine quicker than the 'rsync' backups and having backups in multiple 
places and media is definitely good.

Two servers give us redundancy and fail over protection at source and 
when needed a second system for load balancing.   Still working on exact 
configuration but, planning on mirroring the servers as much as possible.


Shawn Barnes

More information about the Sac mailing list