-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

Hello,

Looks like we are waiting for the new switch before doing any network redesign. Still we can probably prepare the servers right now.

We can start changing ip address of our servers for the future VLANs: 1/ public ips : for squids, (download|noc).wikimedia.org and future bastion hosts. 2/ squid <-> apaches 3/ apaches <-> databases 4/ management

Actually we got our servers under 10/8. 192.168/16 is used for network stuff (switch, bgp?). We can use 172.16/20 block for monitoring and management purpose, with the new switch we can assign it high priority in case the site got a trouble.

Larousse can probably be the monitoring host as it already hosts cricket servmon and nagios. Cricket currently only graph squids and it can be interesting to get more graphs for memcached usage, apache usage, disk space ... Nagios actually require the nrpe daemon running on every host and rely on custom scripts being run on host to feed data.

To get something a bit easier to manager, I think we should install snmp daemon on all servers and make them send snmp traps to Larousse, then we can have snmptrapd log the traps somewhere, send notifications to nagios and feed the irc bots.

- -- Ashar Voultoiz - WP++++ http://en.wikipedia.org/wiki/User:Hashar http://www.livejournal.com/community/wikitech/ Servers in trouble ? noc (at) wikimedia (dot) org