Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
436
Installation and Upgrades / Re: Virtualizing the Server
« on: July 26, 2011, 04:09:31 pm »
Thank you for the feedback !!! This is exactly the kind of information and thoughts I was looking for. I am new to linux and in general complete server/infrastructure management.
The Zentyal system I have currently running is all completely on one physical machine with all the services enabled (except VOIP and Jabber).... the system runs well and really takes up no resources on my machine. Basically the 6 core cpu is idle and I don't see the system using much over 2gigs of ram (I have
.
I guess I originally started thinking of virtualizing some of the components after I read an article about security. Something along the lines that a mail and webserver should be split from the intranet systems (since they are components accessed from outside. This got me thinking about virtualizing certain pieces of Zentyal in order to make them complete separate systems. Maybe this is not really needed in a small business or home environment??? Maybe the security risks are not really that great when it is such a small layout. What do you guys think from a pure security stand point?? Full business infrastructure layout???
Another thing I wanted was to have an intranet based website and also an external website..... currently from what I understand Zentyal is really made to be an intranet type infrastructure system and you would VPN into the system in order to get on the intranet. However if I install something like Alfresco shouldn't I have that open to the outside world the same way I currently have subsonic access or the zarafa webaccess???
I welcome all view points.... suggestions... thoughts... anything !!! I am learning and trying new things...and I don't mind reinstalling my system a hundred times if it means I learn all that I can and have a secure well functioning infrastructure !!
The Zentyal system I have currently running is all completely on one physical machine with all the services enabled (except VOIP and Jabber).... the system runs well and really takes up no resources on my machine. Basically the 6 core cpu is idle and I don't see the system using much over 2gigs of ram (I have
. I guess I originally started thinking of virtualizing some of the components after I read an article about security. Something along the lines that a mail and webserver should be split from the intranet systems (since they are components accessed from outside. This got me thinking about virtualizing certain pieces of Zentyal in order to make them complete separate systems. Maybe this is not really needed in a small business or home environment??? Maybe the security risks are not really that great when it is such a small layout. What do you guys think from a pure security stand point?? Full business infrastructure layout???
Another thing I wanted was to have an intranet based website and also an external website..... currently from what I understand Zentyal is really made to be an intranet type infrastructure system and you would VPN into the system in order to get on the intranet. However if I install something like Alfresco shouldn't I have that open to the outside world the same way I currently have subsonic access or the zarafa webaccess???
I welcome all view points.... suggestions... thoughts... anything !!! I am learning and trying new things...and I don't mind reinstalling my system a hundred times if it means I learn all that I can and have a secure well functioning infrastructure !!
437
Installation and Upgrades / Re: Virtualizing the Server
« on: July 25, 2011, 03:02:09 pm »
Unfortunately for me creating a new server is not an option. I will have to go with the hardware I already have.... I checked an it is not compatible with the vmware ESXi.
I will have to stick with either virtualbox or KVM.
After some searching and reading the replies to this post I think I will try the following setup.
On the physical machine I will install Samba PDC and print server since I already have a software raid6 made of physical disks which is used just for data (I could not find a way to mount a physical array on a virtual machine... very possible it is just from inexperience)..... On that same machine I will install my UPS management interface and VM module(Zentyal 2.2)
I will create a VM machine which just runs LDAP as a master
another VM machine running Gateway, DNS, DHCP, and VPN
I will try to create a 3rd VM for mail server and a 4th for webserver
I do however have some questions.
1) does this sound possible and is this an alright setup?
2) Would I install the firewall and IDS modules on all the servers or just the one which contains the gateway??
3) Would I install the zarafa module on the mail server or one of the other ones?
2) I also currently run subsonic and would like to retain that function.... any idea which server I would install it under? Would it be the web server or would it be the samba server?
3) Also I was thinking of installing something like Alfresco or Joomla (have never used anything like these programs before, but would like to see what they are about)... from what I understand I would install them on the webserver?
Thank you for any and all feedback and help !!!!
I will have to stick with either virtualbox or KVM.
After some searching and reading the replies to this post I think I will try the following setup.
On the physical machine I will install Samba PDC and print server since I already have a software raid6 made of physical disks which is used just for data (I could not find a way to mount a physical array on a virtual machine... very possible it is just from inexperience)..... On that same machine I will install my UPS management interface and VM module(Zentyal 2.2)
I will create a VM machine which just runs LDAP as a master
another VM machine running Gateway, DNS, DHCP, and VPN
I will try to create a 3rd VM for mail server and a 4th for webserver
I do however have some questions.
1) does this sound possible and is this an alright setup?
2) Would I install the firewall and IDS modules on all the servers or just the one which contains the gateway??
3) Would I install the zarafa module on the mail server or one of the other ones?
2) I also currently run subsonic and would like to retain that function.... any idea which server I would install it under? Would it be the web server or would it be the samba server?
3) Also I was thinking of installing something like Alfresco or Joomla (have never used anything like these programs before, but would like to see what they are about)... from what I understand I would install them on the webserver?
Thank you for any and all feedback and help !!!!
438
Installation and Upgrades / Zentyal 2.1 Beta - PPTP; Captive Portal questions
« on: July 21, 2011, 07:16:52 pm »
Hello !!!
I have been trying out the latest Beta of Zentyal. So far my impression is that the web dashboard seems to work faster which is great.
I can't seem to connect to my server using PPTP. I am trying to connect through my androids built in client. Has anyone tried using the new PPTP module??
Second I can't seem to start the captive portal module. I can open the module and set options, but when I go to the menu to actually activate the module it fails. It fails after the drop down menu for dependencies (LDAP )... I click ok and it just shoots me over to a white page saying that it has failed.
Anybody got this moduel to work???
I have been trying out the latest Beta of Zentyal. So far my impression is that the web dashboard seems to work faster which is great.
I can't seem to connect to my server using PPTP. I am trying to connect through my androids built in client. Has anyone tried using the new PPTP module??
Second I can't seem to start the captive portal module. I can open the module and set options, but when I go to the menu to actually activate the module it fails. It fails after the drop down menu for dependencies (LDAP )... I click ok and it just shoots me over to a white page saying that it has failed.
Anybody got this moduel to work???
439
Installation and Upgrades / Re: Virtualizing the Server
« on: July 15, 2011, 11:14:27 pm »
That is a problem. Maybe I can't even create a system atleast for myself using my current functions.
At the very least I was hoping that I could create a virtual file server and mount under /mnt my software raid6 (not as virtual disk).... maybe this is not possible to do. I really don't have any experience with VM.
At the very least I was hoping that I could create a virtual file server and mount under /mnt my software raid6 (not as virtual disk).... maybe this is not possible to do. I really don't have any experience with VM.
440
Installation and Upgrades / Re: Virtualizing the Server
« on: July 15, 2011, 10:17:21 pm »
When I say desktop components I mean.... my server uses regular hardware you would buy for a desktop pc. I am using a regular AMD 1090T processor on an MSI desktop motherboard with 8 gigs of DDR3-1600 ram. I have one 160 gig drive, two 500 gig drives, and seven 2 TB drives.
When I look at the website for esxi I don't see my hardware on the compatible list.......
Also what about raid setup? Currently my seven 2TB disks are setup in a software raid6 and my two 500gig disks are also setup in a software raid1 for the OS and /Home directory. How is raid implemented under esxi ?
When I look at the website for esxi I don't see my hardware on the compatible list.......
Also what about raid setup? Currently my seven 2TB disks are setup in a software raid6 and my two 500gig disks are also setup in a software raid1 for the OS and /Home directory. How is raid implemented under esxi ?
441
Installation and Upgrades / Re: Virtualizing the Server
« on: July 15, 2011, 09:50:37 pm »
I was thinking of using esxi since you can install it directly on the bare metal components.
However I think I might run into a problem because I am just using desktop components and esxi does not seem to be compatible with them. Maybe I will give it a try and see what happens
However I think I might run into a problem because I am just using desktop components and esxi does not seem to be compatible with them. Maybe I will give it a try and see what happens
442
Installation and Upgrades / Re: Virtualizing the Server
« on: July 15, 2011, 07:51:53 pm »
Ok Thank you for your input and information !!!
This is what I was looking for.
For my personal use.... I have had no problem just installing all the functions of Zentyal on the physical machine along with subsonic + truecyrpt + webmin. Everything works and since it is not critical if the machine goes down it is the one server in my house.
However I have been helping my friend out by setting up an office server for his chiropractor/physical therapy office (before this they had nothing setup and found out later that one of their employes gave herself remote access to the systems and was stealing from them). They basically have 4 people full time and another 6 part time people.
They are using a system very close to mine. Just basic desktop components. AMD 1090T hexacore cpu + 8 gigs of ram. They have 4 disk drives basically split into two software raid1 arrays. They use one for the OS and the second of storing files. They also have an external that they use for backup. The serer has and UPS as well.
With the next version of zentyal having a VM module I was thinking of splitting up their server for better function and security. (first will learn on my own system). This is why I am trying to figure out the best way of performing this task. I am not sure for that few people there will be any advantages, but what do you think?
This is what I was looking for.
For my personal use.... I have had no problem just installing all the functions of Zentyal on the physical machine along with subsonic + truecyrpt + webmin. Everything works and since it is not critical if the machine goes down it is the one server in my house.
However I have been helping my friend out by setting up an office server for his chiropractor/physical therapy office (before this they had nothing setup and found out later that one of their employes gave herself remote access to the systems and was stealing from them). They basically have 4 people full time and another 6 part time people.
They are using a system very close to mine. Just basic desktop components. AMD 1090T hexacore cpu + 8 gigs of ram. They have 4 disk drives basically split into two software raid1 arrays. They use one for the OS and the second of storing files. They also have an external that they use for backup. The serer has and UPS as well.
With the next version of zentyal having a VM module I was thinking of splitting up their server for better function and security. (first will learn on my own system). This is why I am trying to figure out the best way of performing this task. I am not sure for that few people there will be any advantages, but what do you think?
443
Installation and Upgrades / Re: Virtualizing the Server
« on: July 15, 2011, 07:10:19 pm »
ok on your zentyal servers which modules do you have running on each one?? I am trying to figure out what is the best way to split it up.
For instance should I run one server with the gateway, utm, and DHCP functions and the second server as Zentyal Samba and another one as the mail or web server???
I guess that is really at the heart of my questions. To have a very good functioning machine which is secure, how should I split up the functions of Zentyal?
Thank you !!!
For instance should I run one server with the gateway, utm, and DHCP functions and the second server as Zentyal Samba and another one as the mail or web server???
I guess that is really at the heart of my questions. To have a very good functioning machine which is secure, how should I split up the functions of Zentyal?
Thank you !!!
444
Installation and Upgrades / Virtualizing the Server
« on: July 15, 2011, 03:03:53 pm »
I am looking into virtualize different components of my test Zetnyal server (beta 2.1 version). However I am not sure which functions I should virtualize.
I know that creating a VM web-server that host content for the outside world is a good idea for security. I would assume making your file server virtual will also be a good idea.
However I do not know if I should split up other server functions.
When I look at Zentyal I see that it is split up into 5 categories. Gateway, UTM, infrastructure, file server, communications server. Should I install one of them on the physical machine and virtualize the rest or only virtualize some of them?
What do you guys think???
I know that creating a VM web-server that host content for the outside world is a good idea for security. I would assume making your file server virtual will also be a good idea.
However I do not know if I should split up other server functions.
When I look at Zentyal I see that it is split up into 5 categories. Gateway, UTM, infrastructure, file server, communications server. Should I install one of them on the physical machine and virtualize the rest or only virtualize some of them?
What do you guys think???
445
Installation and Upgrades / Re: Beta 2.1
« on: July 14, 2011, 04:00:31 pm »
Yes I looked at that one.... it must be the firewall here !!! I will test it tonight at home from a different machine and tell you what I find.
446
Installation and Upgrades / Re: Beta 2.1
« on: July 14, 2011, 02:49:31 pm »
This happens when I use the noVNC interface inside the dashboard. I tried a standalone client at work, but it did not connect. This could be either A) the firewall at work is the problem or B) I did not setup the connection properly.
For windows, which VNC client would you recommend and is it possible to connect to the VM even though it is not up and running yet (OS not setup)..... I have started the machines, but they are only at the post OS install stage and do not have any of the modules loaded yet. The base layer of my server only has the gateway programs installed + the VM module. I was going to split up the install into one physical setup (the gateway) and than the rest into VM's (UTM + infrastructure + office + communication) with also another VM for an external web-server. I don't know if this will work correctly, but I figured this would be a good of a time as any to learn more about server setup using VM.
FYI: On a different server I have Zentyal 2.0 running on a software raid1 + software raid6(10TB usable storage) with all the modules + webmin, truecrypt and subsonic on the physical server..... that setup works great. I have my entire family + some friends which are all over the world use it as their primary or secondary mail server and all of them have VPN access and their own shares + FTP access.
If there is anything you would like me to test.... I think I should have enough free hardware resources to do so The VM module; IP sec; PPTP; Captive portal module really interest me.... Also the Beta is much faster at loading screens and usability than the previous version so thank you !!!
For windows, which VNC client would you recommend and is it possible to connect to the VM even though it is not up and running yet (OS not setup)..... I have started the machines, but they are only at the post OS install stage and do not have any of the modules loaded yet. The base layer of my server only has the gateway programs installed + the VM module. I was going to split up the install into one physical setup (the gateway) and than the rest into VM's (UTM + infrastructure + office + communication) with also another VM for an external web-server. I don't know if this will work correctly, but I figured this would be a good of a time as any to learn more about server setup using VM.
FYI: On a different server I have Zentyal 2.0 running on a software raid1 + software raid6(10TB usable storage) with all the modules + webmin, truecrypt and subsonic on the physical server..... that setup works great. I have my entire family + some friends which are all over the world use it as their primary or secondary mail server and all of them have VPN access and their own shares + FTP access.
If there is anything you would like me to test.... I think I should have enough free hardware resources to do so
The VM module; IP sec; PPTP; Captive portal module really interest me.... Also the Beta is much faster at loading screens and usability than the previous version so thank you !!!
447
Installation and Upgrades / Re: Beta 2.1
« on: July 14, 2011, 12:50:08 pm »
After I got home last night I found out a couple of things.
1) I still can't get the new version of firefox to open the console for some reason (maybe it is just my lack of knowledge)
2) Google Chrome has no problem opening the console
The only other issue I am having is that I can't get keyboard control in the console unless I restart the VM while the console is up. If the machine is running and I just open the console I can't get the keyboard to work. Not sure why this is.
Once the VM is setup this will not be a problem because I can just use SSH or just connect directly to the VM through its IP address, but since my DHCP server is not setup this is causing a problem.
If anyone has solutions on how to get the keyboard working in the console without having to restart the VM let me know !!
1) I still can't get the new version of firefox to open the console for some reason (maybe it is just my lack of knowledge)
2) Google Chrome has no problem opening the console
The only other issue I am having is that I can't get keyboard control in the console unless I restart the VM while the console is up. If the machine is running and I just open the console I can't get the keyboard to work. Not sure why this is.
Once the VM is setup this will not be a problem because I can just use SSH or just connect directly to the VM through its IP address, but since my DHCP server is not setup this is causing a problem.
If anyone has solutions on how to get the keyboard working in the console without having to restart the VM let me know !!
448
Installation and Upgrades / Re: Beta 2.1
« on: July 13, 2011, 07:08:28 pm »
Thank you !!!
I will try and see if a different browser will work and also will check if it has anything to do with the proxy or firewall at work.
I tried a VNC client and it also did not connect... so it my be just my current location.
I will try and see if a different browser will work and also will check if it has anything to do with the proxy or firewall at work.
I tried a VNC client and it also did not connect... so it my be just my current location.
449
Installation and Upgrades / Re: Beta 2.1
« on: July 13, 2011, 06:48:44 pm »
With firefox I can't get the console working remotely. It keeps saying ( noVNC ready: WebSockets emulation, createImageData rendering). From there it says the connecting has timed out.
If I go and turn on websockets in firefox it can't make the connection either. I also have flash installed, but it seems to default to websockets.
If I go and turn on websockets in firefox it can't make the connection either. I also have flash installed, but it seems to default to websockets.
450
Installation and Upgrades / Re: Beta 2.1
« on: July 13, 2011, 05:48:44 pm »
Thank you for your reply.....
For me the hole server is currently setup at home as just a test machine so I am not really worried about security at the moment. This module grabbed my attention because I was thinking of splitting up the functions of zentyal into a couple of sections if possible. Basically setup a gateway portion as the main system and than create virtual machines for some of the features like the webserver an file server. Maybe this is not the correct way to use zentyal, but I was reading an article which talked about using virtual machines to split up server functions for security reasons.
Any thoughts on this?
Also about the module itself or rather on the remote machine.... does the web browser like firefox require websockets to be enabled??
For me the hole server is currently setup at home as just a test machine so I am not really worried about security at the moment. This module grabbed my attention because I was thinking of splitting up the functions of zentyal into a couple of sections if possible. Basically setup a gateway portion as the main system and than create virtual machines for some of the features like the webserver an file server. Maybe this is not the correct way to use zentyal, but I was reading an article which talked about using virtual machines to split up server functions for security reasons.
Any thoughts on this
?Also about the module itself or rather on the remote machine.... does the web browser like firefox require websockets to be enabled??