The OSPO Community Infrastructure (CommInfra) team seeks to provide infrastructure support to various opensource communities fostered by Red Hat.
To achieve this we manage several projects and various resources described below.
The Community Cage project provides externally-facing co-location services to various community projects (CentOS, Fedora, Gluster, Ceph…). In the RDU2 datacenter in Raleigh we host projects owning their own hardware and provide space and connectivity. This is a joint effort between OSPO CommInfra, Red Hat IT, and PnT DevOps. The Cage is IPv6 enabled.
To provide infrastructure for more granular needs, or for smaller communities without their own hardware infrastructure, OSPO created the OSCI project. OSCI is a tenant of the Community cage and provide:
- shared services, used by multiples communities
- hosted services for small tenants or tenants in need of complementary services
All services are made using Free software.
Because some services are best maintained by external providers or because our small team lacks the resources to do it properly, we sometimes rely on external providers; this includes:
- Openshift containers
- Wordpress instances
The list of provided services is flexible and expanding with time and new projects.
Here is a non-exhaustive list of services we are used to provide and can deploy in a reasonable time:
|Domain||* primary DNS: git delegated zones or dynamic zones|
|* secondary DNS servers (transfers secured using TSIG)|
|* mail server (redirections, mailboxes with IMAPS/POP3S access)|
|* mailing-lists (using Mailman 3, migration from Mailman 2 possible)|
|* anti-virus and anti-SPAM|
|* secondary MX servers|
|Time||time server (NTP) accessible inside the Community Cage|
|VM||Raw VM with root access|
|Web||* web sites hosting (static preferred, Ruby/Python/PHP/NodeJS possible)|
|* HTTPS (using Let’s Encrypt or dedicated certificates) and security settings (headers, CSP…)|
|* builders for various static sites generators (Ascii Binder, Jekyll, Middleman, Nikola, Planet)|
|* Discourse (WIP)|
|* Nextcloud (WIP)|
|* Wordpress instances|
More generally we help tenants build their infra and customize it using various resources (ours, project owned, external). We can then fully manage it, collaboratively work together, or pass the knowledge over; it is flexible.
Shared services are fully managed by the OSPO Community Infrastructure (CommInfra) team, whereas hosted projects are handled according to project members’ wishes, from raw VM with root access to full management by the OSPO team and anything in the middle.
The infrastructure “code” is public and we much welcome contributions.