Jaguar Servers Systems Applications

From UG

Revision as of 16:35, 22 March 2011

Intro

This is an overview of current servers, systems and applications in Jaguar NY office and Cloud.

Jaguar IT consists of:

• Network gear
• Servers
• Desktops
• Applications
• Users

Network gear

Network Diagram

See Jaguar Network diagram below:

WAN

Broadband provider: Optimum Cable
Tech Support: 1-866-200-9751
Router: Atlanta Scientific Cable Modem DPX2203  >  Cisco 851-K9 Router to provide Static IP 
Circuit IDs: n/a
Account Number: 0785851119001
Network: 96.56.6.192/29
IP Range: 96.56.6.194 to 96.56.6.198/29 (usable)
Gateway: 96.56.6.193
Subnet: 255.255.255.248
DNS: 167.206.112.138, 167.206.7.4

WAN (Secondary)

Broadband provider: Optimum Light Path
Tech Support: 866-611-3434
Router:  Cisco 851-K9 Router to provide Static IP  
Circuit IDs: 01/KPIV/100421
Account Number: 
Network: 69.74.55.200/29
IP Range: 69.74.55.202 to 69.74.55.206/29 (usable)
Gateway: 69.74.55.201
Subnet: 255.255.255.248
DNS: 167.206.112.3, 167.206.112.4

Internal Network

Network:192.168.0.0/24
Netmask: 255.255.255.0
Broadcast: 192.168.0.255
Gateway: 192.168.0.1
DNS Servers: 192.168.0.12   
WINS Server: 192.168.0.12
DHCP Server: 192.168.0.12
Dynamic Range: 192.168.0.225 to 192.168.0.240

Network Equipment (Cable - active drop)

Router:  Cisco 1841-ADVSecurityK9-M 
Inside IP: 192.168.0.3 ( uses HSRP as active and ipsla to provide VIP of 192.168.0.1 )
Outside IP: 96.56.6.197/29
Model: 1841-ADVSecurityK9-M
Password:   
User:  

Firewall:  JaguarCable
Host Name: JaguarCable 
Model:	 Cisco 1841-ADVSecurityK9-M
Serial Number: FTX1018Y12G
IOS Version: 12.4(13r)T
Login Usemame: jaguar
Login Password:  
Enable Password:  
Access Methods: telnet, sdm loaded on router

Network Equipment (Fiber Optic - standby drop)

Router:  Cisco 1841-ADVSecurityK9-M 
Inside IP: 192.168.0.2 ( uses HSRP as standby and ipsla to provide VIP of 192.168.0.1 )
Outside IP: 69.74.55.204/29
Model: 1841-ADVSecurityK9-M
Password:       
User:  

Firewall:  JaguarBkp
Host Name: JaguarBkp
Model:	 Cisco 1841-ADVSecurityK9-M
Serial Number: FTX1202W0E2
IOS Version: 12.4(13r)T5
Login Usemame: jaguar
Login Password:  
Enable Password:  
Access Methods: telnet, sdm loaded on router

Switch Equipment

Switch:  Cisco Catalyst 2960
Inside IP: 192.168.0.4  (VLAN)
Serial: F0C142X0TG
Model: Cisco Catalyst 2960
IP: 192.168.0.4
HostName: devswitch
Password:       
User:  
Access Methods: telnet  

Other Switches: 3comm Baseline 2824 x2, 3comm Baseline 2226 Plus, Baseline 10/100 switch plus gigabit

Applications

Desktop Applications

NY network Applications

Squid

• What: web filter
• Users: most NY office users (8-8 EST)
• Usage pattern: constant, all users will be down if app is down; most users have browser pointing to it for internet access

Door card DB

• What: users info about NY office main door access (not sure what is there)
• Users: michael.k@jaguarfreight.com (he is responsible for managing cards)
• Usage pattern: approx once a week

Web Applications

Sugar CRM

• What: CRM for Sales Dept (global)
• Users: All Jaguar Sales - sales@jaguarfreight.com

Chikei Ho; Harry Morgan; Janine Hines; Percy Kaye; Simon Kaye; Sylvia Jenkins; Vikesh Vithlani

• Usage pattern: global, unknown, low between 19-20 EST

CT2

Main Jaguar App. There are several versions - see below. Always have 2 parts (wars/urls): internal and client.

CT2 EA Demo

• What: Demo version of CT2 for Sales Dept to demonstrate to prospective Clients CT2 functionality
• Users: All Jaguar Sales - sales@jaguarfreight.com and any client users during the scheduled demo and possibly after if salesman left them login info
• Usage pattern: unknown

CT2 Demo

• What: Demo version of CT2 for QA and UAT. RE-deployed almost daily.
• Users: CT2 Team plus MOs occasionally
• Usage pattern: 24x7 with heavy during:
  • NY: (8-20 EST)
  • Kiev: (2-19 EST)

CT2 Staging

• What: Staging version of CT2 for QA before release and bug investigation
• Users: CT2 Team plus MOs occasionally
• Usage pattern: most heavy before release or emergency release, could be used for bug investigation any day

SVN

• What: CT2 source code repository
• Users: CT2 Team, mostly Development Team
• Usage pattern:
  • not well known; few pages used frequently for read over http
  • probably at least once a day at least 1 developer checks in or out some code

Mantis

• What: task and bug tracking system for CT2 and IT
• Users: CT2 Team, list could grow in the future
• Usage pattern: 24x7 with heavy during:
  • NY: (8-20 EST)
  • Kiev: (2-19 EST)
  • SF: ?
  • BKK:?

Wiki

• What: info repository for CT2 and IT (specs, etc)
• Users: CT2 Team plus MOs occasionally
• Usage pattern: 24x7 with heavy during:
  • NY: (8-20 EST)
  • Kiev: (2-19 EST)
  • SF: ?
  • BKK:?

Mail

Mail

External Hosted Exchange
Provider:  Appriver
Address:   1101 Gulf Breeze Parkway
City:  Gulf Breeze
State:  FL
Postal Code: 32561 
tel: 850-932-9900

External
MX record: jaguarfreight.com.1.arsmtp.com AND  jaguarfreight.com.2.arsmtp.com
RPC over setting HTTP: exg3.exghost.com
MSSTD: exg3.exghost.com
Password Authentication (NTLM)
Email Password for all users: on excel sheet provided by Alex

Dev and CT2 Servers in NY

Sugar CRM and EA Demo server

• (old) #Sugar CRM app - This has been migrated to *.74 CT2 server in a cloud
  • could be discontinued now
• #CT2 EA Demo - instances of internal and Client CT2 Apps for Sales
  • has to be migrated

Box: new Optiplex 330

Dev

• #CT2 Demo
  • in active use
• #CT2 Staging
  • in active use

Box: new Optiplex 330

Dev Server

Hostname dev.jaguarfreight.com

Internal IP Address 192.168.10.2/24

OS is RHEL5 kernel 2.6.18-128.el5PAE i386

-Tomcat
	-version 6.0.18 
	-self signed ssl located at /opt/tomcat/webapps/jaguarfs.bin
	-tomcat manager 
	- $CATALINA_HOME = /opt/tomcat
	-CT2 development application stored in /opt/tomcat/webapps/
-Mysql 
 	- version 5.1.42-0
	-config file /etc/my.cnf
	-mysqldump backups located at /var/backup/  ( 30 day retention )
-JAVA
	- jvm version 1.6.0_13-b03
	- $JAVA_HOME = /usr/local/jdk1.6.0_13
- Security with TCP wrapper services located in /etc/hosts.allow and /etc/hosts.deny

IPTables firewall server for dev server
Public IP address: 69.74.55.206/29
Internal IP address: 192.168.10.1/24
-Firestarter Front end to edit IPTables and NAT

Dev Firewall

• firewall for Dev server

Box: old PC

Mantis

• #Mantis (old version)
  • not used, to be discontinued now
• #Wiki (old version)
  • not used, to be discontinued now
• #SVN
  • in active use

Box: new Precision 390

Mantis Server

hostname mantis.jaguarfreight.com

ip address 69.74.55.203

OS Ubuntu 9.10 kernel 2.6.31-14-generic-pae

Apache
	- Version 2.0
	- Config dir is  - /etc/apache2/
              - DocumentRoot is - /var/www/
MySQL
	- Version 5.1
- Config file is /etc/my.cnf

PHP
  	- Version 5.2.10
	-config file is located /etc/php5/apache2/php.ini
Applications
	- moved from /var/www to /opt/
	- mantis application
	- mediawiki-1.15.0
SVN
-	Located at /svn

IPTABLES is running on it

Ext

• backups for Dev server apps (anything else?)
  • used, not clear what exactly is there

Box: new Optiplex 330

Backup Server for development servers
Hostname: ext.jaguarfreight.com
Ipaddress: 69.74.55.202/29
OS version RHEL5 kernel 2.6.18-164.6.1.el5PAE
-RSYNC and ftp repository for CT2 server, mantis.jaguarfreight.com, dev.jaguarfreight.com, specs.jaguarfreight.com  application files and mysqldump backups
-IPTables running on this server

Specs

- video tutorial Dev Server

• not used, can be discontinued

Box: old PC

Test Server for video tutorial and misc applications

Hostname: specs.jaguarfreight.com

Ipaddress: 69.74.55.205/29

OS Fedora 10 kernel version 2.6.27.30-170.2.82.fc10.i686

Apache 
-	Version 2.2.11-2
-	DocumentRoot /var/www/html
MySQL
-	Version 5.0.84
-	Config file is located at /etc/my.cnf
PHP
-	Version 5.2.9-2
-	Config file is located at /etc/php.ini
Flash Video tutorial software used
-	Flowplayer* (video player gui and associated plugin files)

Test and Dev for Sugar CRM

• not used, can be discontinued

Box: old PC

IT Servers in NY

Jaguar-NY2

•	OS: Windows Server 2003 32bit Standard Edition R2
•	CPU: 2 Processors; x86 Family 6 Model 15 Stepping 2 2133 MHz
•	Memory: 4GB (2GBx2)
•	Storage: Raid5 Hot Swappable 250GBx4 
•	IP Address: 192.168.0.12
•	Mac Address: 00-1d-09-ef-15-04

Roles
•	FSMO and GC holder
•	Primary domain contoller
•	Active Directory (domain: jaguarfreightny.local)
•	File Server(with DFRS replication)
•	Primary Print Server
•	Shadow Copy of D drive
•	DHCP
•	Primary DNS Server
•	Wins Server
•	Fax server
•	Yosemite backup software
•	Radius Server/VPN

Overview of Jaguar-ny2

This is the primary domain controller that host active directory for jaguarfreightny.local, users authenticate to AD on this server. End users also connect to this domain controller to access the shared printers and shared files (including network scans, user folders, accounting folder, company folder ( which is the general folder) ) NTFS permission are configured here. DFRS replication replicates Company, Scans, Account, Users folders located on the D drive to jaguar-ny3. This server also serves as the only dhcp server in the jaguarfreightny.local network. This server is also the primary dns server and wins server. The Fax server is connected to an external fax modem and the fax is shared to the domain. Yosemite backup software is run on this server to backup the entire file system of Jaguar-ny2 this also includes the replicated Quickbooks backups located at D:\Replicated_Folders\QBBkp and the replicated QB company file folder D:\Replicated_Folders\QB2010. Full Backups are run on Thursdays and differential backups are run daily, there is a 2 week retention. Shadow Copies are run every weekday at 1pm EST on the D:\ drive. Radius Server is configured here to allow authentication of users against AD for ipsec vpn, the vpn group is named vpnusers.

Server name: Jaguar-NY2
IP: 192.168.0.12
Mac Address: 00-1D-09-EF-15-04
Admin Password:     Str0ng4uS
Responsibilities: Domain Controller, Active Directory, DHCP, DNS, Wins, Print Server, File Server (DFRS), Radius Server, Fax Server,  Yosemite Backup Software
Model: PowerEdge 840
Raid Configuration:Raid 5 HotSwap 
Operating System: Windows Server 2003 Standard R2
OS Key:  Q74JD-R8TWG-QDDPD-MKVMJ-XRJ6W            
Number of Licenses: 1 (For server)
CALS:  35                 

Jaguar-NY3

•	OS: Windows Server 2003 32bit Standard Edition R2
•	CPU: 8 Processors; x86 Family 6 Model 30 Stepping 5 2660 MHz
•	Memory: 4GB (2GBx2)
•	Storage: Raid5 Cabled 250GBx4 
•	IP Address: 192.168.0.6
•	Mac Address: 00-26-b9-80-5e-2f

Roles
•	Active Directory (domain: jaguarfreightny.local)
•	Backup Domain Controller
•	File Server(with DFRS replication)
•	Print Server
•	Secondary DNS Server
•	WSUS Server
•	Quickbooks Database Manager
•	Symantec Endpoint Protection Manager
•	Cygwin Server 

Overview of Jaguar-ny3

This is the secondary domain controller that host active directory for jaguarfreightny.local, users authenticate to AD on this server if primary AD fails. End users can connect to this domain controller to access the shared printers and replicated shared files (including network scans, user folders, accounting folder, company folder ( which is the general folder) ) from Jaguar-NY2. DFRS replication replicates Quickbooks folders D:\QB and D:\QBBkp from Jaguar-ny3 to D:\Replicated_Folders\ on Jaguar-ny2 where it is shadow copied and backed up by the Yosemite Backup software. Cygwin shell is used to run rsync replication to ct1 server to remotely backup Quickbooks Backups. This is the primary server that holds the QB company files and database. This is also the server for Symantec Endpoint protection manager. The installable client is located at //Jaguar-ny3/My Company_Client. This server is also the secondary dns server. The WSUS Server is used to push windows updates to all machines in the network. Shadow Copies are run every weekday at 1pm EST on D:\ drive.

Server name: Jaguar-NY3
IP: 192.168.0.6
Mac Address: 00-26-B9-80-5E-2F
Admin Password:     Str0ng4uS
Responsibilities: Domain Controller, Active Directory, DNS, Print Server, File Server (DFRS),Quickbooks Enterprise 2010 Database,  Symantec Endpoint Protection Manager Cygwin ( rsync running with cronjob)
Model: PowerEdge T110
Service tag Number: HVHM5M1

Raid Configuration:Raid 5 Cabled
Operating System: Windows Server 2003 Standard R2
OS Key: JPDY8-7D2RQ-HWPM4-6FVBB-D8DPB             
Number of Licenses: 1 (For server)
Number of Licenses: 35

Squid proxy

- this is the only server that is required for NY office network

• #Squid
  • could be discontinued in the future
• #Door card DB
  • could be migrated into simple xls (for Michael to manage)
  • per Michael this App can be discontinued

Box: old PC

Dymo printer Servers

Barbxp (Hope’s pc)

This computer must be on so that accounting can connect to the 400 dymo printer.

Dymo (pc next to phaser4500)

This computer must be on so that operations can connect to the 450 dymo printer.

Servers in the Cloud

CT2 server

In Texas Cost: ???

Apps:

• /internal
• /Client

Systems:

• MySQL 5.*
• Tomcat 6.*
• Java 1.6.*
• vsftpd - for Descartes
• rsync
• SSL
• sendmail or postfix

Cron jobs: TBD

Files:

• uploaded files
• pdfs
• invoices

CT2 Server (Rackspace)
Hostname: ct.jaguarfreight.com, www.jaguarfreight.com, jaguarfreight.com, soon to be mantis.jaguarfreight.com?
IPaddress 72.3.184.74
OS is RHEL5.5 kernel version 2.6.18-194.17.1.el5
Tomcat
-version 6.0.18
-$CATALINA_HOME located at /opt/tomcat
-SSL cert is located at /opt/tomcat/JaGFS125
-webapps located at /opt/tomcat/webapps
-tomcat manager enabled
Apache
-	Version 2.2.3-43.el5_53
-	Config file is located at /etc/httpd/conf/ or conf.d
-	Modules
o	Mod_jk
  Mysql
-	Version 5.0.77-4.el5_5.4
-	Config file /etc/my.cnf
  JAVA
-	$JAVA_HOME is /usr/local/jre1.6.0_13
-	64bit
POSTFIX
-	Version 2.3.3-2.1.el5_2
-	Directory for config file /etc/postfix
-	Logs /var/log/maillog
VSFTPD
-	Version 2.0.5-16.el5 5.1
-	Config file /etc/vsftpd/vsftpd.conf
-	descartes user account is used for edi
-	logs /var/log/vsftpd.log and xferlog
CT2 backups
-Mysqldumps go to /var/backup
-WebApp directory and war file backups go to /opt/wbackups/   directory is created with backup_mmddyyyy format
-Scripts to automatically backup and send to release for CT2 webapps located at /root/ct2deployer
PHP
	-version 5.2.16-1.1 
	-config file is located at /etc/php.ini
Other PHP based production applications
-Mantis
-Wiki
-SugarCRM
- the above files are located in /var/www/html/

Cisco PIX firewall
------------------
You can access gui based firewall to modify acl’s for CT2 server at https://my.rackspace.com
Account number: 913397
Products > Devices > fw.jaguarfreight.com 
Add and remove acl info as needed.

TCP Wrappers
-hosts.allow and hosts.deny are configured.

CT1 server

In London Cost:???

Apps:

• www.jaguarfreight.com website on Apache (actively used)
• CT1 on Tomcat 5 (rarely used)
• bugtrucking (idle)

Systems:

• MySQL 4.*
• Tomcat 5.*
• Apache(modules: ...)
• Java 1.?.*
• SSL
• sendmail or postfix

Files:

• QB backups for NY office

Cron jobs: TBD

-	Hostname  live.jaguarfreight.com
-	Ipaddress 78.136.62.88
-	OS RHEL4 update 8 kernel version 2.6.9-89.0.11.ELsmp
Apache 
	-version 2.0.52-41.ent.7
	-config file locations are /etc/httpd/conf and conf.d
	- modules
		-mod_jk
		-mod_auth_mysql
		-ssl
	-DocumentRoot /var/www/html
Tomcat
-	Version 5.0.28
-	$CATALINA_HOME is /usr/tomcat/
-	Servlets and application dir is located in /opt/servlets and soft linked to cybertrax
-	Upload files are located in documents and docArchive
JAVA
-	Version jdk1.5.0_16
-	$JAVA_HOME = /usr/java/current
Mysql
-	Version 4.1.22-2.el4_8.4
-	Config file /etc/my.cnf
Quickbooks remote backup repository using rsync coming from Jaguar-NY3 server in NY.
/home/skaye/.Bespoke
/home/skaye/.Freight
/home/skaye/.Global
/home/skaye/.IIK
IPTables is running on this server.

Printers and other peripherals

Desktops

Users and groups

APPENDIX

Older articles: CT2 Development Systems and HR transition 2011