Describe LVM and finish arbitration system
[cacert-infradocs.git] / docs / systems.rst
1 Systems
2 =======
3
4 .. toctree::
5 :maxdepth: 2
6
7 systems/infra02
8 systems/arbitration
9 systems/emailout
10 systems/monitor
11
12 General
13 -------
14
15 .. todo:: consider whether a central MySQL service should be setup
16
17 Many containers contain their own instance of MySQL. It might be a better
18 idea to centralize the MySQL setups in a single container.
19
20 .. todo:: consider whether a central PostgreSQL service should be setup
21
22 .. todo::
23
24 setup a central syslog service and install syslog clients in each container
25
26 Checklist
27 ---------
28
29 .. index::
30 single: etckeeper
31 single: nrpe
32
33 * All containers should be monitored by :doc:`systems/monitor` and should
34 therefore have :program:`nagios-nrpe-server` installed
35 * All containers should use :program:`etckeeper` to put their local setup into
36 version control. All local setup should use :file:`/etc` to make sure it is
37 handled by :program:`etckeeper`
38 * All infrastructure systems must send their mail via :doc:`systems/emailout`
39 * All infrastructure systems should have an system-admin@cacert.org alias to
40 reach their admins
41 * The installation of :index:`systemd-sysv` in containers can be blocked by
42 putting the following lines in :file:`/etc/apt/preferences.d/systemd-sysv`::
43
44 Package: systemd-sysv
45 Pin: release a=stable
46 Pin-Priority: -1
47
48 .. todo:: think about replacing nrpe with Icinga2 satellites
49 .. todo:: document how to setup the system-admin alias on the email system