Jaguar Servers Systems Applications
From UG
(→IT Servers in NY) |
(→Squid proxy) |
||
(23 intermediate revisions not shown) | |||
Line 4: | Line 4: | ||
This is an overview of current servers, systems and applications in Jaguar NY office and Cloud. | This is an overview of current servers, systems and applications in Jaguar NY office and Cloud. | ||
+ | |||
+ | Jaguar IT consists of: | ||
+ | |||
+ | * Network gear | ||
+ | * Servers | ||
+ | * Desktops | ||
+ | * Applications | ||
+ | * Users | ||
+ | |||
+ | === Network gear === | ||
+ | |||
+ | ==== Network Diagram ==== | ||
See Jaguar Network diagram below: | See Jaguar Network diagram below: | ||
Line 9: | Line 21: | ||
[[File:Network diagramm.JPG]] | [[File:Network diagramm.JPG]] | ||
+ | ==== WAN ==== | ||
+ | |||
+ | Broadband provider: Optimum Cable | ||
+ | Tech Support: 1-866-200-9751 | ||
+ | Router: Atlanta Scientific Cable Modem DPX2203 > Cisco 851-K9 Router to provide Static IP | ||
+ | Circuit IDs: n/a | ||
+ | Account Number: 0785851119001 | ||
+ | Network: 96.56.6.192/29 | ||
+ | IP Range: 96.56.6.194 to 96.56.6.198/29 (usable) | ||
+ | Gateway: 96.56.6.193 | ||
+ | Subnet: 255.255.255.248 | ||
+ | DNS: 167.206.112.138, 167.206.7.4 | ||
+ | |||
+ | ==== WAN (Secondary) ==== | ||
+ | |||
+ | Broadband provider: Optimum Light Path | ||
+ | Tech Support: 866-611-3434 | ||
+ | Router: Cisco 851-K9 Router to provide Static IP | ||
+ | Circuit IDs: 01/KPIV/100421 | ||
+ | Account Number: | ||
+ | Network: 69.74.55.200/29 | ||
+ | IP Range: 69.74.55.202 to 69.74.55.206/29 (usable) | ||
+ | Gateway: 69.74.55.201 | ||
+ | Subnet: 255.255.255.248 | ||
+ | DNS: 167.206.112.3, 167.206.112.4 | ||
+ | |||
+ | ==== Internal Network ==== | ||
+ | |||
+ | Network:192.168.0.0/24 | ||
+ | Netmask: 255.255.255.0 | ||
+ | Broadcast: 192.168.0.255 | ||
+ | Gateway: 192.168.0.1 | ||
+ | DNS Servers: 192.168.0.12 | ||
+ | WINS Server: 192.168.0.12 | ||
+ | DHCP Server: 192.168.0.12 | ||
+ | Dynamic Range: 192.168.0.225 to 192.168.0.240 | ||
+ | |||
+ | ==== Network Equipment (Cable - active drop) ==== | ||
+ | |||
+ | Router: Cisco 1841-ADVSecurityK9-M | ||
+ | Inside IP: 192.168.0.3 ( uses HSRP as active and ipsla to provide VIP of 192.168.0.1 ) | ||
+ | Outside IP: 96.56.6.197/29 | ||
+ | Model: 1841-ADVSecurityK9-M | ||
+ | Password: | ||
+ | User: | ||
+ | |||
+ | Firewall: JaguarCable | ||
+ | Host Name: JaguarCable | ||
+ | Model: Cisco 1841-ADVSecurityK9-M | ||
+ | Serial Number: FTX1018Y12G | ||
+ | IOS Version: 12.4(13r)T | ||
+ | Login Usemame: jaguar | ||
+ | Login Password: | ||
+ | Enable Password: | ||
+ | Access Methods: telnet, sdm loaded on router | ||
+ | |||
+ | ==== Network Equipment (Fiber Optic - standby drop) ==== | ||
+ | |||
+ | Router: Cisco 1841-ADVSecurityK9-M | ||
+ | Inside IP: 192.168.0.2 ( uses HSRP as standby and ipsla to provide VIP of 192.168.0.1 ) | ||
+ | Outside IP: 69.74.55.204/29 | ||
+ | Model: 1841-ADVSecurityK9-M | ||
+ | Password: | ||
+ | User: | ||
+ | |||
+ | Firewall: JaguarBkp | ||
+ | Host Name: JaguarBkp | ||
+ | Model: Cisco 1841-ADVSecurityK9-M | ||
+ | Serial Number: FTX1202W0E2 | ||
+ | IOS Version: 12.4(13r)T5 | ||
+ | Login Usemame: jaguar | ||
+ | Login Password: | ||
+ | Enable Password: | ||
+ | Access Methods: telnet, sdm loaded on router | ||
+ | |||
+ | ==== Switch Equipment ==== | ||
+ | |||
+ | Switch: Cisco Catalyst 2960 | ||
+ | Inside IP: 192.168.0.4 (VLAN) | ||
+ | Serial: F0C142X0TG | ||
+ | Model: Cisco Catalyst 2960 | ||
+ | IP: 192.168.0.4 | ||
+ | HostName: devswitch | ||
+ | Password: | ||
+ | User: | ||
+ | Access Methods: telnet | ||
+ | |||
+ | Other Switches: 3comm Baseline 2824 x2, 3comm Baseline 2226 Plus, Baseline 10/100 switch plus gigabit | ||
=== Applications === | === Applications === | ||
- | ==== Squid ==== | + | ==== Desktop Applications ==== |
+ | |||
+ | ==== NY network Applications ==== | ||
+ | |||
+ | ===== Squid ===== | ||
* '''What:''' web filter | * '''What:''' web filter | ||
* '''Users:''' most NY office users (8-8 EST) | * '''Users:''' most NY office users (8-8 EST) | ||
* '''Usage pattern:''' constant, all users will be down if app is down; most users have browser pointing to it for internet access | * '''Usage pattern:''' constant, all users will be down if app is down; most users have browser pointing to it for internet access | ||
- | ==== Door card DB ==== | + | ===== Door card DB ===== |
* '''What:''' users info about NY office main door access (not sure what is there) | * '''What:''' users info about NY office main door access (not sure what is there) | ||
* '''Users:''' michael.k@jaguarfreight.com (he is responsible for managing cards) | * '''Users:''' michael.k@jaguarfreight.com (he is responsible for managing cards) | ||
* '''Usage pattern:''' approx once a week | * '''Usage pattern:''' approx once a week | ||
- | ==== Sugar CRM ==== | + | ==== Web Applications ==== |
+ | |||
+ | ===== Sugar CRM ===== | ||
* '''What:''' CRM for Sales Dept (global) | * '''What:''' CRM for Sales Dept (global) | ||
* '''Users:''' All Jaguar Sales - sales@jaguarfreight.com | * '''Users:''' All Jaguar Sales - sales@jaguarfreight.com | ||
Line 28: | Line 134: | ||
* '''Usage pattern:''' global, unknown, low between 19-20 EST | * '''Usage pattern:''' global, unknown, low between 19-20 EST | ||
- | ==== CT2 ==== | + | ===== CT2 ===== |
Main Jaguar App. There are several versions - see below. Always have 2 parts (wars/urls): internal and client. | Main Jaguar App. There are several versions - see below. Always have 2 parts (wars/urls): internal and client. | ||
Line 73: | Line 179: | ||
** SF: ? | ** SF: ? | ||
** BKK:? | ** BKK:? | ||
+ | |||
+ | ==== Mail ==== | ||
+ | |||
+ | Mail | ||
+ | |||
+ | External Hosted Exchange | ||
+ | Provider: Appriver | ||
+ | Address: 1101 Gulf Breeze Parkway | ||
+ | City: Gulf Breeze | ||
+ | State: FL | ||
+ | Postal Code: 32561 | ||
+ | tel: 850-932-9900 | ||
+ | |||
+ | External | ||
+ | MX record: jaguarfreight.com.1.arsmtp.com AND jaguarfreight.com.2.arsmtp.com | ||
+ | RPC over setting HTTP: exg3.exghost.com | ||
+ | MSSTD: exg3.exghost.com | ||
+ | Password Authentication (NTLM) | ||
+ | Email Password for all users: on excel sheet provided by Alex | ||
=== Dev and CT2 Servers in NY === | === Dev and CT2 Servers in NY === | ||
- | + | ====Sugar CRM and EA Demo server==== | |
* (old) [[#Sugar CRM]] app - This has been migrated to *.74 CT2 server in a cloud | * (old) [[#Sugar CRM]] app - This has been migrated to *.74 CT2 server in a cloud | ||
** could be discontinued now | ** could be discontinued now | ||
Line 84: | Line 209: | ||
Box: new Optiplex 330 | Box: new Optiplex 330 | ||
- | + | ====Dev==== | |
+ | |||
* [[#CT2 Demo]] | * [[#CT2 Demo]] | ||
** in active use | ** in active use | ||
Line 92: | Line 218: | ||
Box: new Optiplex 330 | Box: new Optiplex 330 | ||
- | + | Dev Server | |
+ | |||
+ | Hostname dev.jaguarfreight.com | ||
+ | |||
+ | Internal IP Address 192.168.10.2/24 | ||
+ | |||
+ | OS is RHEL5 kernel 2.6.18-128.el5PAE i386 | ||
+ | |||
+ | -Tomcat | ||
+ | -version 6.0.18 | ||
+ | -self signed ssl located at /opt/tomcat/webapps/jaguarfs.bin | ||
+ | -tomcat manager | ||
+ | - $CATALINA_HOME = /opt/tomcat | ||
+ | -CT2 development application stored in /opt/tomcat/webapps/ | ||
+ | -Mysql | ||
+ | - version 5.1.42-0 | ||
+ | -config file /etc/my.cnf | ||
+ | -mysqldump backups located at /var/backup/ ( 30 day retention ) | ||
+ | -JAVA | ||
+ | - jvm version 1.6.0_13-b03 | ||
+ | - $JAVA_HOME = /usr/local/jdk1.6.0_13 | ||
+ | - Security with TCP wrapper services located in /etc/hosts.allow and /etc/hosts.deny | ||
+ | |||
+ | IPTables firewall server for dev server | ||
+ | Public IP address: 69.74.55.206/29 | ||
+ | Internal IP address: 192.168.10.1/24 | ||
+ | -Firestarter Front end to edit IPTables and NAT | ||
+ | |||
+ | |||
+ | |||
+ | ====Dev Firewall==== | ||
+ | |||
* firewall for '''Dev''' server | * firewall for '''Dev''' server | ||
Box: old PC | Box: old PC | ||
- | + | ==== Mantis ==== | |
* [[#Mantis]] (old version) | * [[#Mantis]] (old version) | ||
** not used, to be discontinued now | ** not used, to be discontinued now | ||
Line 107: | Line 264: | ||
Box: new Precision 390 | Box: new Precision 390 | ||
- | 6 | + | Mantis Server |
+ | |||
+ | hostname mantis.jaguarfreight.com | ||
+ | |||
+ | ip address 69.74.55.203 | ||
+ | |||
+ | OS Ubuntu 9.10 kernel 2.6.31-14-generic-pae | ||
+ | |||
+ | Apache | ||
+ | - Version 2.0 | ||
+ | - Config dir is - /etc/apache2/ | ||
+ | - DocumentRoot is - /var/www/ | ||
+ | MySQL | ||
+ | - Version 5.1 | ||
+ | - Config file is /etc/my.cnf | ||
+ | |||
+ | PHP | ||
+ | - Version 5.2.10 | ||
+ | -config file is located /etc/php5/apache2/php.ini | ||
+ | Applications | ||
+ | - moved from /var/www to /opt/ | ||
+ | - mantis application | ||
+ | - mediawiki-1.15.0 | ||
+ | SVN | ||
+ | - Located at /svn | ||
+ | |||
+ | IPTABLES is running on it | ||
+ | |||
+ | |||
+ | |||
+ | ====Ext==== | ||
* backups for Dev server apps (anything else?) | * backups for Dev server apps (anything else?) | ||
** used, not clear what exactly is there | ** used, not clear what exactly is there | ||
Line 113: | Line 300: | ||
Box: new Optiplex 330 | Box: new Optiplex 330 | ||
- | + | Backup Server for development servers | |
+ | Hostname: ext.jaguarfreight.com | ||
+ | Ipaddress: 69.74.55.202/29 | ||
+ | OS version RHEL5 kernel 2.6.18-164.6.1.el5PAE | ||
+ | -RSYNC and ftp repository for CT2 server, mantis.jaguarfreight.com, dev.jaguarfreight.com, specs.jaguarfreight.com application files and mysqldump backups | ||
+ | -IPTables running on this server | ||
+ | |||
+ | |||
+ | ====Specs==== | ||
+ | - video tutorial Dev Server | ||
* not used, can be discontinued | * not used, can be discontinued | ||
Box: old PC | Box: old PC | ||
- | + | Test Server for video tutorial and misc applications | |
+ | |||
+ | Hostname: specs.jaguarfreight.com | ||
+ | |||
+ | Ipaddress: 69.74.55.205/29 | ||
+ | |||
+ | OS Fedora 10 kernel version 2.6.27.30-170.2.82.fc10.i686 | ||
+ | |||
+ | Apache | ||
+ | - Version 2.2.11-2 | ||
+ | - DocumentRoot /var/www/html | ||
+ | MySQL | ||
+ | - Version 5.0.84 | ||
+ | - Config file is located at /etc/my.cnf | ||
+ | PHP | ||
+ | - Version 5.2.9-2 | ||
+ | - Config file is located at /etc/php.ini | ||
+ | Flash Video tutorial software used | ||
+ | - Flowplayer* (video player gui and associated plugin files) | ||
+ | |||
+ | |||
+ | |||
+ | ====Test and Dev for Sugar CRM==== | ||
* not used, can be discontinued | * not used, can be discontinued | ||
Line 127: | Line 345: | ||
==== Jaguar-NY2 ==== | ==== Jaguar-NY2 ==== | ||
- | • OS: Windows Server 2003 32bit Standard Edition R2 | + | • OS: Windows Server 2003 32bit Standard Edition R2 |
- | • CPU: 2 Processors; x86 Family 6 Model 15 Stepping 2 2133 MHz | + | • CPU: 2 Processors; x86 Family 6 Model 15 Stepping 2 2133 MHz |
- | • Memory: 4GB (2GBx2) | + | • Memory: 4GB (2GBx2) |
- | • Storage: Raid5 Hot Swappable 250GBx4 | + | • Storage: Raid5 Hot Swappable 250GBx4 |
- | • IP Address: 192.168.0.12 | + | • IP Address: 192.168.0.12 |
- | • Mac Address: 00-1d-09-ef-15-04 | + | • Mac Address: 00-1d-09-ef-15-04 |
- | + | Roles | |
- | • FSMO and GC holder | + | • FSMO and GC holder |
- | • Primary domain contoller | + | • Primary domain contoller |
- | • Active Directory (domain: jaguarfreightny.local) | + | • Active Directory (domain: jaguarfreightny.local) |
- | • File Server(with DFRS replication) | + | • File Server(with DFRS replication) |
- | • Primary Print Server | + | • Primary Print Server |
- | • Shadow Copy of D drive | + | • Shadow Copy of D drive |
- | • DHCP | + | • DHCP |
- | • Primary DNS Server | + | • Primary DNS Server |
- | • Wins Server | + | • Wins Server |
- | • Fax server | + | • Fax server |
- | • Yosemite backup software | + | • Yosemite backup software |
- | • Radius Server/VPN | + | • Radius Server/VPN |
'''Overview of Jaguar-ny2''' | '''Overview of Jaguar-ny2''' | ||
Line 152: | Line 370: | ||
This is the primary domain controller that host active directory for jaguarfreightny.local, users authenticate to AD on this server. End users also connect to this domain controller to access the shared printers and shared files (including network scans, user folders, accounting folder, company folder ( which is the general folder) ) NTFS permission are configured here. DFRS replication replicates Company, Scans, Account, Users folders located on the D drive to jaguar-ny3. This server also serves as the only dhcp server in the jaguarfreightny.local network. This server is also the primary dns server and wins server. The Fax server is connected to an external fax modem and the fax is shared to the domain. Yosemite backup software is run on this server to backup the entire file system of Jaguar-ny2 this also includes the replicated Quickbooks backups located at D:\Replicated_Folders\QBBkp and the replicated QB company file folder D:\Replicated_Folders\QB2010. Full Backups are run on Thursdays and differential backups are run daily, there is a 2 week retention. Shadow Copies are run every weekday at 1pm EST on the D:\ drive. Radius Server is configured here to allow authentication of users against AD for ipsec vpn, the vpn group is named vpnusers. | This is the primary domain controller that host active directory for jaguarfreightny.local, users authenticate to AD on this server. End users also connect to this domain controller to access the shared printers and shared files (including network scans, user folders, accounting folder, company folder ( which is the general folder) ) NTFS permission are configured here. DFRS replication replicates Company, Scans, Account, Users folders located on the D drive to jaguar-ny3. This server also serves as the only dhcp server in the jaguarfreightny.local network. This server is also the primary dns server and wins server. The Fax server is connected to an external fax modem and the fax is shared to the domain. Yosemite backup software is run on this server to backup the entire file system of Jaguar-ny2 this also includes the replicated Quickbooks backups located at D:\Replicated_Folders\QBBkp and the replicated QB company file folder D:\Replicated_Folders\QB2010. Full Backups are run on Thursdays and differential backups are run daily, there is a 2 week retention. Shadow Copies are run every weekday at 1pm EST on the D:\ drive. Radius Server is configured here to allow authentication of users against AD for ipsec vpn, the vpn group is named vpnusers. | ||
+ | Server name: Jaguar-NY2 | ||
+ | IP: 192.168.0.12 | ||
+ | Mac Address: 00-1D-09-EF-15-04 | ||
+ | Admin Password: Str0ng4uS | ||
+ | Responsibilities: Domain Controller, Active Directory, DHCP, DNS, Wins, Print Server, File Server (DFRS), Radius Server, Fax Server, Yosemite Backup Software | ||
+ | Model: PowerEdge 840 | ||
+ | Raid Configuration:Raid 5 HotSwap | ||
+ | Operating System: Windows Server 2003 Standard R2 | ||
+ | OS Key: Q74JD-R8TWG-QDDPD-MKVMJ-XRJ6W | ||
+ | Number of Licenses: 1 (For server) | ||
+ | CALS: 35 | ||
- | + | ==== Jaguar-NY3 ==== | |
+ | • OS: Windows Server 2003 32bit Standard Edition R2 | ||
+ | • CPU: 8 Processors; x86 Family 6 Model 30 Stepping 5 2660 MHz | ||
+ | • Memory: 4GB (2GBx2) | ||
+ | • Storage: Raid5 Cabled 250GBx4 | ||
+ | • IP Address: 192.168.0.6 | ||
+ | • Mac Address: 00-26-b9-80-5e-2f | ||
+ | |||
+ | Roles | ||
+ | • Active Directory (domain: jaguarfreightny.local) | ||
+ | • Backup Domain Controller | ||
+ | • File Server(with DFRS replication) | ||
+ | • Print Server | ||
+ | • Secondary DNS Server | ||
+ | • WSUS Server | ||
+ | • Quickbooks Database Manager | ||
+ | • Symantec Endpoint Protection Manager | ||
+ | • Cygwin Server | ||
+ | |||
+ | '''Overview of Jaguar-ny3''' | ||
+ | |||
+ | This is the secondary domain controller that host active directory for jaguarfreightny.local, users authenticate to AD on this server if primary AD fails. End users can connect to this domain controller to access the shared printers and replicated shared files (including network scans, user folders, accounting folder, company folder ( which is the general folder) ) from Jaguar-NY2. DFRS replication replicates Quickbooks folders D:\QB and D:\QBBkp from Jaguar-ny3 to D:\Replicated_Folders\ on Jaguar-ny2 where it is shadow copied and backed up by the Yosemite Backup software. Cygwin shell is used to run rsync replication to ct1 server to remotely backup Quickbooks Backups. This is the primary server that holds the QB company files and database. This is also the server for Symantec Endpoint protection manager. The installable client is located at //Jaguar-ny3/My Company_Client. This server is also the secondary dns server. The WSUS Server is used to push windows updates to all machines in the network. Shadow Copies are run every weekday at 1pm EST on D:\ drive. | ||
+ | |||
+ | Server name: Jaguar-NY3 | ||
+ | IP: 192.168.0.6 | ||
+ | Mac Address: 00-26-B9-80-5E-2F | ||
+ | Admin Password: Str0ng4uS | ||
+ | Responsibilities: Domain Controller, Active Directory, DNS, Print Server, File Server (DFRS),Quickbooks Enterprise 2010 Database, Symantec Endpoint Protection Manager Cygwin ( rsync running with cronjob) | ||
+ | Model: PowerEdge T110 | ||
+ | Service tag Number: HVHM5M1 | ||
+ | |||
+ | Raid Configuration:Raid 5 Cabled | ||
+ | Operating System: Windows Server 2003 Standard R2 | ||
+ | OS Key: JPDY8-7D2RQ-HWPM4-6FVBB-D8DPB | ||
+ | Number of Licenses: 1 (For server) | ||
+ | Number of Licenses: 35 | ||
+ | |||
+ | ====Squid proxy==== | ||
+ | |||
+ | - this is the only server that is required for NY office network | ||
* [[#Squid]] | * [[#Squid]] | ||
- | ** could be discontinued in the future | + | ** could be discontinued in the future |
+ | ** Vlad migrated this to the WINS Server IP Address: 192.168.0.6 | ||
* [[#Door card DB]] | * [[#Door card DB]] | ||
** <strike>could be migrated into simple xls (for Michael to manage)</strike> | ** <strike>could be migrated into simple xls (for Michael to manage)</strike> | ||
Line 168: | Line 437: | ||
=====Barbxp (Hope’s pc)===== | =====Barbxp (Hope’s pc)===== | ||
This computer must be on so that accounting can connect to the 400 dymo printer. | This computer must be on so that accounting can connect to the 400 dymo printer. | ||
+ | |||
+ | IP: 192.168.0.170 | ||
=====Dymo (pc next to phaser4500)===== | =====Dymo (pc next to phaser4500)===== | ||
This computer must be on so that operations can connect to the 450 dymo printer. | This computer must be on so that operations can connect to the 450 dymo printer. | ||
+ | |||
+ | IP: 192.168.0.140 | ||
=== Servers in the Cloud === | === Servers in the Cloud === | ||
- | ==== | + | ==== CT2 server ==== |
In Texas | In Texas | ||
Cost: ??? | Cost: ??? | ||
Line 200: | Line 473: | ||
- | + | CT2 Server (Rackspace) | |
+ | Hostname: ct.jaguarfreight.com, www.jaguarfreight.com, jaguarfreight.com, soon to be mantis.jaguarfreight.com? | ||
+ | IPaddress 72.3.184.74 | ||
+ | OS is RHEL5.5 kernel version 2.6.18-194.17.1.el5 | ||
+ | Tomcat | ||
+ | -version 6.0.18 | ||
+ | -$CATALINA_HOME located at /opt/tomcat | ||
+ | -SSL cert is located at /opt/tomcat/JaGFS125 | ||
+ | -webapps located at /opt/tomcat/webapps | ||
+ | -tomcat manager enabled | ||
+ | Apache | ||
+ | - Version 2.2.3-43.el5_53 | ||
+ | - Config file is located at /etc/httpd/conf/ or conf.d | ||
+ | - Modules | ||
+ | o Mod_jk | ||
+ | Mysql | ||
+ | - Version 5.0.77-4.el5_5.4 | ||
+ | - Config file /etc/my.cnf | ||
+ | JAVA | ||
+ | - $JAVA_HOME is /usr/local/jre1.6.0_13 | ||
+ | - 64bit | ||
+ | POSTFIX | ||
+ | - Version 2.3.3-2.1.el5_2 | ||
+ | - Directory for config file /etc/postfix | ||
+ | - Logs /var/log/maillog | ||
+ | VSFTPD | ||
+ | - Version 2.0.5-16.el5 5.1 | ||
+ | - Config file /etc/vsftpd/vsftpd.conf | ||
+ | - descartes user account is used for edi | ||
+ | - logs /var/log/vsftpd.log and xferlog | ||
+ | CT2 backups | ||
+ | -Mysqldumps go to /var/backup | ||
+ | -WebApp directory and war file backups go to /opt/wbackups/ directory is created with backup_mmddyyyy format | ||
+ | -Scripts to automatically backup and send to release for CT2 webapps located at /root/ct2deployer | ||
+ | PHP | ||
+ | -version 5.2.16-1.1 | ||
+ | -config file is located at /etc/php.ini | ||
+ | Other PHP based production applications | ||
+ | -Mantis | ||
+ | -Wiki | ||
+ | -SugarCRM | ||
+ | - the above files are located in /var/www/html/ | ||
+ | |||
+ | Cisco PIX firewall | ||
+ | ------------------ | ||
+ | You can access gui based firewall to modify acl’s for CT2 server at https://my.rackspace.com | ||
+ | Account number: 913397 | ||
+ | Products > Devices > fw.jaguarfreight.com | ||
+ | Add and remove acl info as needed. | ||
+ | |||
+ | TCP Wrappers | ||
+ | -hosts.allow and hosts.deny are configured. | ||
+ | |||
+ | ==== CT1 server ==== | ||
In London | In London | ||
Cost:??? | Cost:??? | ||
Line 223: | Line 549: | ||
TBD | TBD | ||
- | + | - Hostname live.jaguarfreight.com | |
+ | - Ipaddress 78.136.62.88 | ||
+ | - OS RHEL4 update 8 kernel version 2.6.9-89.0.11.ELsmp | ||
+ | Apache | ||
+ | -version 2.0.52-41.ent.7 | ||
+ | -config file locations are /etc/httpd/conf and conf.d | ||
+ | - modules | ||
+ | -mod_jk | ||
+ | -mod_auth_mysql | ||
+ | -ssl | ||
+ | -DocumentRoot /var/www/html | ||
+ | Tomcat | ||
+ | - Version 5.0.28 | ||
+ | - $CATALINA_HOME is /usr/tomcat/ | ||
+ | - Servlets and application dir is located in /opt/servlets and soft linked to cybertrax | ||
+ | - Upload files are located in documents and docArchive | ||
+ | JAVA | ||
+ | - Version jdk1.5.0_16 | ||
+ | - $JAVA_HOME = /usr/java/current | ||
+ | Mysql | ||
+ | - Version 4.1.22-2.el4_8.4 | ||
+ | - Config file /etc/my.cnf | ||
+ | Quickbooks remote backup repository using rsync coming from Jaguar-NY3 server in NY. | ||
+ | /home/skaye/.Bespoke | ||
+ | /home/skaye/.Freight | ||
+ | /home/skaye/.Global | ||
+ | /home/skaye/.IIK | ||
+ | IPTables is running on this server. | ||
- | |||
- | + | === Printers and other peripherals === | |
- | + | === Desktops === | |
- | + | === Users and groups === | |
+ | |||
+ | === APPENDIX === | ||
+ | |||
+ | Older articles: [[CT2 Development Systems and HR transition 2011]] |
Current revision as of 18:23, 23 March 2011
Contents |
[edit] Intro
This is an overview of current servers, systems and applications in Jaguar NY office and Cloud.
Jaguar IT consists of:
- Network gear
- Servers
- Desktops
- Applications
- Users
[edit] Network gear
[edit] Network Diagram
See Jaguar Network diagram below:
[edit] WAN
Broadband provider: Optimum Cable Tech Support: 1-866-200-9751 Router: Atlanta Scientific Cable Modem DPX2203 > Cisco 851-K9 Router to provide Static IP Circuit IDs: n/a Account Number: 0785851119001 Network: 96.56.6.192/29 IP Range: 96.56.6.194 to 96.56.6.198/29 (usable) Gateway: 96.56.6.193 Subnet: 255.255.255.248 DNS: 167.206.112.138, 167.206.7.4
[edit] WAN (Secondary)
Broadband provider: Optimum Light Path Tech Support: 866-611-3434 Router: Cisco 851-K9 Router to provide Static IP Circuit IDs: 01/KPIV/100421 Account Number: Network: 69.74.55.200/29 IP Range: 69.74.55.202 to 69.74.55.206/29 (usable) Gateway: 69.74.55.201 Subnet: 255.255.255.248 DNS: 167.206.112.3, 167.206.112.4
[edit] Internal Network
Network:192.168.0.0/24 Netmask: 255.255.255.0 Broadcast: 192.168.0.255 Gateway: 192.168.0.1 DNS Servers: 192.168.0.12 WINS Server: 192.168.0.12 DHCP Server: 192.168.0.12 Dynamic Range: 192.168.0.225 to 192.168.0.240
[edit] Network Equipment (Cable - active drop)
Router: Cisco 1841-ADVSecurityK9-M Inside IP: 192.168.0.3 ( uses HSRP as active and ipsla to provide VIP of 192.168.0.1 ) Outside IP: 96.56.6.197/29 Model: 1841-ADVSecurityK9-M Password: User:
Firewall: JaguarCable Host Name: JaguarCable Model: Cisco 1841-ADVSecurityK9-M Serial Number: FTX1018Y12G IOS Version: 12.4(13r)T Login Usemame: jaguar Login Password: Enable Password: Access Methods: telnet, sdm loaded on router
[edit] Network Equipment (Fiber Optic - standby drop)
Router: Cisco 1841-ADVSecurityK9-M Inside IP: 192.168.0.2 ( uses HSRP as standby and ipsla to provide VIP of 192.168.0.1 ) Outside IP: 69.74.55.204/29 Model: 1841-ADVSecurityK9-M Password: User:
Firewall: JaguarBkp Host Name: JaguarBkp Model: Cisco 1841-ADVSecurityK9-M Serial Number: FTX1202W0E2 IOS Version: 12.4(13r)T5 Login Usemame: jaguar Login Password: Enable Password: Access Methods: telnet, sdm loaded on router
[edit] Switch Equipment
Switch: Cisco Catalyst 2960 Inside IP: 192.168.0.4 (VLAN) Serial: F0C142X0TG Model: Cisco Catalyst 2960 IP: 192.168.0.4 HostName: devswitch Password: User: Access Methods: telnet
Other Switches: 3comm Baseline 2824 x2, 3comm Baseline 2226 Plus, Baseline 10/100 switch plus gigabit
[edit] Applications
[edit] Desktop Applications
[edit] NY network Applications
[edit] Squid
- What: web filter
- Users: most NY office users (8-8 EST)
- Usage pattern: constant, all users will be down if app is down; most users have browser pointing to it for internet access
[edit] Door card DB
- What: users info about NY office main door access (not sure what is there)
- Users: michael.k@jaguarfreight.com (he is responsible for managing cards)
- Usage pattern: approx once a week
[edit] Web Applications
[edit] Sugar CRM
- What: CRM for Sales Dept (global)
- Users: All Jaguar Sales - sales@jaguarfreight.com
Chikei Ho; Harry Morgan; Janine Hines; Percy Kaye; Simon Kaye; Sylvia Jenkins; Vikesh Vithlani
- Usage pattern: global, unknown, low between 19-20 EST
[edit] CT2
Main Jaguar App. There are several versions - see below. Always have 2 parts (wars/urls): internal and client.
[edit] CT2 EA Demo
- What: Demo version of CT2 for Sales Dept to demonstrate to prospective Clients CT2 functionality
- Users: All Jaguar Sales - sales@jaguarfreight.com and any client users during the scheduled demo and possibly after if salesman left them login info
- Usage pattern: unknown
[edit] CT2 Demo
- What: Demo version of CT2 for QA and UAT. RE-deployed almost daily.
- Users: CT2 Team plus MOs occasionally
- Usage pattern: 24x7 with heavy during:
- NY: (8-20 EST)
- Kiev: (2-19 EST)
[edit] CT2 Staging
- What: Staging version of CT2 for QA before release and bug investigation
- Users: CT2 Team plus MOs occasionally
- Usage pattern: most heavy before release or emergency release, could be used for bug investigation any day
[edit] SVN
- What: CT2 source code repository
- Users: CT2 Team, mostly Development Team
- Usage pattern:
- not well known; few pages used frequently for read over http
- probably at least once a day at least 1 developer checks in or out some code
[edit] Mantis
- What: task and bug tracking system for CT2 and IT
- Users: CT2 Team, list could grow in the future
- Usage pattern: 24x7 with heavy during:
- NY: (8-20 EST)
- Kiev: (2-19 EST)
- SF: ?
- BKK:?
[edit] Wiki
- What: info repository for CT2 and IT (specs, etc)
- Users: CT2 Team plus MOs occasionally
- Usage pattern: 24x7 with heavy during:
- NY: (8-20 EST)
- Kiev: (2-19 EST)
- SF: ?
- BKK:?
[edit] Mail
External Hosted Exchange Provider: Appriver Address: 1101 Gulf Breeze Parkway City: Gulf Breeze State: FL Postal Code: 32561 tel: 850-932-9900
External MX record: jaguarfreight.com.1.arsmtp.com AND jaguarfreight.com.2.arsmtp.com RPC over setting HTTP: exg3.exghost.com MSSTD: exg3.exghost.com Password Authentication (NTLM) Email Password for all users: on excel sheet provided by Alex
[edit] Dev and CT2 Servers in NY
[edit] Sugar CRM and EA Demo server
- (old) #Sugar CRM app - This has been migrated to *.74 CT2 server in a cloud
- could be discontinued now
- #CT2 EA Demo - instances of internal and Client CT2 Apps for Sales
- has to be migrated
Box: new Optiplex 330
[edit] Dev
- #CT2 Demo
- in active use
- #CT2 Staging
- in active use
Box: new Optiplex 330
Dev Server
Hostname dev.jaguarfreight.com
Internal IP Address 192.168.10.2/24
OS is RHEL5 kernel 2.6.18-128.el5PAE i386
-Tomcat -version 6.0.18 -self signed ssl located at /opt/tomcat/webapps/jaguarfs.bin -tomcat manager - $CATALINA_HOME = /opt/tomcat -CT2 development application stored in /opt/tomcat/webapps/ -Mysql - version 5.1.42-0 -config file /etc/my.cnf -mysqldump backups located at /var/backup/ ( 30 day retention ) -JAVA - jvm version 1.6.0_13-b03 - $JAVA_HOME = /usr/local/jdk1.6.0_13 - Security with TCP wrapper services located in /etc/hosts.allow and /etc/hosts.deny
IPTables firewall server for dev server Public IP address: 69.74.55.206/29 Internal IP address: 192.168.10.1/24 -Firestarter Front end to edit IPTables and NAT
[edit] Dev Firewall
- firewall for Dev server
Box: old PC
[edit] Mantis
- #Mantis (old version)
- not used, to be discontinued now
- #Wiki (old version)
- not used, to be discontinued now
- #SVN
- in active use
Box: new Precision 390
Mantis Server
hostname mantis.jaguarfreight.com
ip address 69.74.55.203
OS Ubuntu 9.10 kernel 2.6.31-14-generic-pae
Apache - Version 2.0 - Config dir is - /etc/apache2/ - DocumentRoot is - /var/www/ MySQL - Version 5.1 - Config file is /etc/my.cnf
PHP - Version 5.2.10 -config file is located /etc/php5/apache2/php.ini Applications - moved from /var/www to /opt/ - mantis application - mediawiki-1.15.0 SVN - Located at /svn
IPTABLES is running on it
[edit] Ext
- backups for Dev server apps (anything else?)
- used, not clear what exactly is there
Box: new Optiplex 330
Backup Server for development servers Hostname: ext.jaguarfreight.com Ipaddress: 69.74.55.202/29 OS version RHEL5 kernel 2.6.18-164.6.1.el5PAE -RSYNC and ftp repository for CT2 server, mantis.jaguarfreight.com, dev.jaguarfreight.com, specs.jaguarfreight.com application files and mysqldump backups -IPTables running on this server
[edit] Specs
- video tutorial Dev Server
- not used, can be discontinued
Box: old PC
Test Server for video tutorial and misc applications
Hostname: specs.jaguarfreight.com
Ipaddress: 69.74.55.205/29
OS Fedora 10 kernel version 2.6.27.30-170.2.82.fc10.i686
Apache - Version 2.2.11-2 - DocumentRoot /var/www/html MySQL - Version 5.0.84 - Config file is located at /etc/my.cnf PHP - Version 5.2.9-2 - Config file is located at /etc/php.ini Flash Video tutorial software used - Flowplayer* (video player gui and associated plugin files)
[edit] Test and Dev for Sugar CRM
- not used, can be discontinued
Box: old PC
[edit] IT Servers in NY
[edit] Jaguar-NY2
• OS: Windows Server 2003 32bit Standard Edition R2 • CPU: 2 Processors; x86 Family 6 Model 15 Stepping 2 2133 MHz • Memory: 4GB (2GBx2) • Storage: Raid5 Hot Swappable 250GBx4 • IP Address: 192.168.0.12 • Mac Address: 00-1d-09-ef-15-04
Roles • FSMO and GC holder • Primary domain contoller • Active Directory (domain: jaguarfreightny.local) • File Server(with DFRS replication) • Primary Print Server • Shadow Copy of D drive • DHCP • Primary DNS Server • Wins Server • Fax server • Yosemite backup software • Radius Server/VPN
Overview of Jaguar-ny2
This is the primary domain controller that host active directory for jaguarfreightny.local, users authenticate to AD on this server. End users also connect to this domain controller to access the shared printers and shared files (including network scans, user folders, accounting folder, company folder ( which is the general folder) ) NTFS permission are configured here. DFRS replication replicates Company, Scans, Account, Users folders located on the D drive to jaguar-ny3. This server also serves as the only dhcp server in the jaguarfreightny.local network. This server is also the primary dns server and wins server. The Fax server is connected to an external fax modem and the fax is shared to the domain. Yosemite backup software is run on this server to backup the entire file system of Jaguar-ny2 this also includes the replicated Quickbooks backups located at D:\Replicated_Folders\QBBkp and the replicated QB company file folder D:\Replicated_Folders\QB2010. Full Backups are run on Thursdays and differential backups are run daily, there is a 2 week retention. Shadow Copies are run every weekday at 1pm EST on the D:\ drive. Radius Server is configured here to allow authentication of users against AD for ipsec vpn, the vpn group is named vpnusers.
Server name: Jaguar-NY2 IP: 192.168.0.12 Mac Address: 00-1D-09-EF-15-04 Admin Password: Str0ng4uS Responsibilities: Domain Controller, Active Directory, DHCP, DNS, Wins, Print Server, File Server (DFRS), Radius Server, Fax Server, Yosemite Backup Software Model: PowerEdge 840 Raid Configuration:Raid 5 HotSwap Operating System: Windows Server 2003 Standard R2 OS Key: Q74JD-R8TWG-QDDPD-MKVMJ-XRJ6W Number of Licenses: 1 (For server) CALS: 35
[edit] Jaguar-NY3
• OS: Windows Server 2003 32bit Standard Edition R2 • CPU: 8 Processors; x86 Family 6 Model 30 Stepping 5 2660 MHz • Memory: 4GB (2GBx2) • Storage: Raid5 Cabled 250GBx4 • IP Address: 192.168.0.6 • Mac Address: 00-26-b9-80-5e-2f
Roles • Active Directory (domain: jaguarfreightny.local) • Backup Domain Controller • File Server(with DFRS replication) • Print Server • Secondary DNS Server • WSUS Server • Quickbooks Database Manager • Symantec Endpoint Protection Manager • Cygwin Server
Overview of Jaguar-ny3
This is the secondary domain controller that host active directory for jaguarfreightny.local, users authenticate to AD on this server if primary AD fails. End users can connect to this domain controller to access the shared printers and replicated shared files (including network scans, user folders, accounting folder, company folder ( which is the general folder) ) from Jaguar-NY2. DFRS replication replicates Quickbooks folders D:\QB and D:\QBBkp from Jaguar-ny3 to D:\Replicated_Folders\ on Jaguar-ny2 where it is shadow copied and backed up by the Yosemite Backup software. Cygwin shell is used to run rsync replication to ct1 server to remotely backup Quickbooks Backups. This is the primary server that holds the QB company files and database. This is also the server for Symantec Endpoint protection manager. The installable client is located at //Jaguar-ny3/My Company_Client. This server is also the secondary dns server. The WSUS Server is used to push windows updates to all machines in the network. Shadow Copies are run every weekday at 1pm EST on D:\ drive.
Server name: Jaguar-NY3 IP: 192.168.0.6 Mac Address: 00-26-B9-80-5E-2F Admin Password: Str0ng4uS Responsibilities: Domain Controller, Active Directory, DNS, Print Server, File Server (DFRS),Quickbooks Enterprise 2010 Database, Symantec Endpoint Protection Manager Cygwin ( rsync running with cronjob) Model: PowerEdge T110 Service tag Number: HVHM5M1
Raid Configuration:Raid 5 Cabled Operating System: Windows Server 2003 Standard R2 OS Key: JPDY8-7D2RQ-HWPM4-6FVBB-D8DPB Number of Licenses: 1 (For server) Number of Licenses: 35
[edit] Squid proxy
- this is the only server that is required for NY office network
- #Squid
- could be discontinued in the future
- Vlad migrated this to the WINS Server IP Address: 192.168.0.6
- #Door card DB
-
could be migrated into simple xls (for Michael to manage) - per Michael this App can be discontinued
-
Box: old PC
[edit] Dymo printer Servers
[edit] Barbxp (Hope’s pc)
This computer must be on so that accounting can connect to the 400 dymo printer.
IP: 192.168.0.170
[edit] Dymo (pc next to phaser4500)
This computer must be on so that operations can connect to the 450 dymo printer.
IP: 192.168.0.140
[edit] Servers in the Cloud
[edit] CT2 server
In Texas Cost: ???
Apps:
- /internal
- /Client
Systems:
- MySQL 5.*
- Tomcat 6.*
- Java 1.6.*
- vsftpd - for Descartes
- rsync
- SSL
- sendmail or postfix
Cron jobs: TBD
Files:
- uploaded files
- pdfs
- invoices
CT2 Server (Rackspace) Hostname: ct.jaguarfreight.com, www.jaguarfreight.com, jaguarfreight.com, soon to be mantis.jaguarfreight.com? IPaddress 72.3.184.74 OS is RHEL5.5 kernel version 2.6.18-194.17.1.el5 Tomcat -version 6.0.18 -$CATALINA_HOME located at /opt/tomcat -SSL cert is located at /opt/tomcat/JaGFS125 -webapps located at /opt/tomcat/webapps -tomcat manager enabled Apache - Version 2.2.3-43.el5_53 - Config file is located at /etc/httpd/conf/ or conf.d - Modules o Mod_jk Mysql - Version 5.0.77-4.el5_5.4 - Config file /etc/my.cnf JAVA - $JAVA_HOME is /usr/local/jre1.6.0_13 - 64bit POSTFIX - Version 2.3.3-2.1.el5_2 - Directory for config file /etc/postfix - Logs /var/log/maillog VSFTPD - Version 2.0.5-16.el5 5.1 - Config file /etc/vsftpd/vsftpd.conf - descartes user account is used for edi - logs /var/log/vsftpd.log and xferlog CT2 backups -Mysqldumps go to /var/backup -WebApp directory and war file backups go to /opt/wbackups/ directory is created with backup_mmddyyyy format -Scripts to automatically backup and send to release for CT2 webapps located at /root/ct2deployer PHP -version 5.2.16-1.1 -config file is located at /etc/php.ini Other PHP based production applications -Mantis -Wiki -SugarCRM - the above files are located in /var/www/html/
Cisco PIX firewall ------------------ You can access gui based firewall to modify acl’s for CT2 server at https://my.rackspace.com Account number: 913397 Products > Devices > fw.jaguarfreight.com Add and remove acl info as needed.
TCP Wrappers -hosts.allow and hosts.deny are configured.
[edit] CT1 server
In London Cost:???
Apps:
- www.jaguarfreight.com website on Apache (actively used)
- CT1 on Tomcat 5 (rarely used)
- bugtrucking (idle)
Systems:
- MySQL 4.*
- Tomcat 5.*
- Apache(modules: ...)
- Java 1.?.*
- SSL
- sendmail or postfix
Files:
- QB backups for NY office
Cron jobs: TBD
- Hostname live.jaguarfreight.com - Ipaddress 78.136.62.88 - OS RHEL4 update 8 kernel version 2.6.9-89.0.11.ELsmp Apache -version 2.0.52-41.ent.7 -config file locations are /etc/httpd/conf and conf.d - modules -mod_jk -mod_auth_mysql -ssl -DocumentRoot /var/www/html Tomcat - Version 5.0.28 - $CATALINA_HOME is /usr/tomcat/ - Servlets and application dir is located in /opt/servlets and soft linked to cybertrax - Upload files are located in documents and docArchive JAVA - Version jdk1.5.0_16 - $JAVA_HOME = /usr/java/current Mysql - Version 4.1.22-2.el4_8.4 - Config file /etc/my.cnf Quickbooks remote backup repository using rsync coming from Jaguar-NY3 server in NY. /home/skaye/.Bespoke /home/skaye/.Freight /home/skaye/.Global /home/skaye/.IIK IPTables is running on this server.
[edit] Printers and other peripherals
[edit] Desktops
[edit] Users and groups
[edit] APPENDIX
Older articles: CT2 Development Systems and HR transition 2011