Child pages
  • TUSK Network Requirements
Skip to end of metadata
Go to start of metadata

TUSK Network Requirements

These are some guidelines for network configurations of TUSK servers. They are 

Do Not Use NetworkManager on CentOS or RHEL

NetworkManager is aimed at laptop or desktop deployments, not servers. NetworkManager lacks the ability to do pair bonding, KVM bridges, or VLAN setups.

To avoid accidenal activation of NetworManager, make sure that every /etc/sysconfig/network-scripts/ifcfg-eth* file has these lines:

NM_CONTROLLED=no
USER_CONTROLLED=no

Do Not Use DHCP

Tusk does not behave well with changing network configurations, especially with changing hostnames. It requires a stable hostname to do web "Redirect" operations for people to log into TUSK.

DNS Requirements

  • TUSK needs a local, reliable DNS server for sending email to students and getting software updates.
    • Configure as necessary with the "system-config-network" program on RHEL or CentOS hosts.
  • If the TUSK services are publicly accessible, the DNS hostnames  must be published to the Intnernet at large.
    • TUSK is configured with this hostname as its actual "ServerName", and traffic will be redirected to this hostname by TUSK's configuration.
  • It's also common to put TUSK behind a load balancer, and configure multiple TUSK servers to all use a hostname and IP address on the load balancer to handle all the traffic.
    • In this case, the hostname of the address on the load balancer is what needs to be publicly available.
    • That hostname on the load balancer is also what TUSK must use in its web configuration, typically in the "tusk.conf" file.
  • Ensure that any TUSK rlated server is listed in the local DNS servers  with a stable IP address.
    • Configure the local IP address as necessary with the "system-config-network" program on RHEL or CentOS hosts.
  • TUSK needs a local, reliable DNS server for sending email to students and getting software updates.
    • Configure as necessary with the "system-config-network" program on RHEL or CentOS hosts.

Email Requirements

TUSK User Email

TUSK sends email to the TUSK login users, especially as they change their passwords.

  • Sending email means that the above DNS Requirements are critical, so the mail can be delivered effectively.
  • Sending email means that port 25 needs to be available, reaching *out* to the Internet at large.
    • This means that if a local "SMARTHOST" is required for outbound email, it needs to be configured in the Sendmail or Postfix configuratons.
  • Sending email means that that forward and reverse DNS for the mail server or any SMARTHOST should be published in publicly available DNS.
    • Email can still work without this, but spam filters are much more likely to reject mail without valid forward and reverse DNS for mail senders.

System Account Email

The TUSK software and cron jobs, themselves, send email to those local users. This can be dealt with on a case by case basis, and is dependent on local email standards.

  • "root" should have an alias set in /etc/aliases, pointing to the system administrator.
  • "tusk" should have an alias set in /etc/aliases, pointing to the TUSK  administrator.

Any local account or system user who does not configure /etc/aliases or a local $HOME/.forward file will have their mail wind up on the local TUSK server, and will probably never see the cron job messages they're interested in.

Getting local accounts to automatically forward to a "SMARTHOST" depends very strongly on which mail server is used and local configurations, and is beyond the scope of this document.

  • No labels