| *** nowen has quit (Quit: Leaving.) | 00:01 | |
| *** nowen (~nowen@50-194-249-125-static.hfc.comcastbusiness.net) has joined #wikid | 14:02 | |
| *** nowen has quit (Quit: Leaving.) | 18:04 | |
| *** nowen (~nowen@50-194-249-125-static.hfc.comcastbusiness.net) has joined #wikid | 19:15 | |
| *** entrans (be50c986@gateway/web/freenode/ip.190.80.201.134) has joined #wikid | 19:54 | |
| entrans | hello everyone - i have a question about replication and running two wikid servers in two different geographic locations - presumably two different external ip addresses - anyone have a moment to go through the details right now? | 19:55 |
|---|---|---|
| joevano | nowen: ^^^ | 21:09 |
| nowen | entrans: hey | 21:09 |
| nowen | joevano: thanks for the ping | 21:09 |
| joevano | np | 21:09 |
| nowen | working on an ossim/alienvault plugin and it's not working | 21:10 |
| nowen | entrans: is this for a new deployment? | 21:11 |
| entrans | remember the chilean company you referred to me - its for them - so they apparently have an existing install that they need to migrate along with their other facilities to a new data center | 21:20 |
| nowen | ahh | 21:20 |
| entrans | so the trick is how to do it while leaving the old server up for current operations and migrating to the new server for future operations | 21:20 |
| nowen | ok | 21:21 |
| entrans | i gave some ideas based on what i understand but i wanted to talk it out with you to see if there maybe some options i haven't considered | 21:21 |
| nowen | so, we can set up the new server as the replicant and move the users over. then we can set up a DNS entry to fool the tokens into going to the new IP | 21:22 |
| entrans | wouldn't the token have to register to a new domain with the dns? right now (I'm assuming) they are going to the padded IP address directly. That said if it did work they would still be able to switch between the two at any time? | 21:24 |
| nowen | the tokens check the IP and if that fails, check domainid.wikidsystems.net | 21:25 |
| nowen | that's how we do the demo domain 88888888888 | 21:25 |
| entrans | okay so we can put something in the hosts file to fake the ip - got it | 21:26 |
| nowen | no need. | 21:26 |
| entrans | explain please... | 21:26 |
| nowen | we'll put an entry into the wikidsystems.net dns pointing to the new IP | 21:27 |
| entrans | that saves going to every machine (or in cases of smartphones not having much option) | 21:28 |
| nowen | the token will look up xxxxxxxxxx.wikidsystems.net and get pointed to the new IP | 21:28 |
| entrans | so i get that then - it handles not having to register to a second server - how do we give the option of going to one or the other for the 3 months of transition time they will need - this solution sounds like an all or nothing approach - am i wrong in that assessment? | 21:29 |
| nowen | no, you're right about that | 21:30 |
| nowen | they need to get to both? | 21:30 |
| entrans | yeah - because they have plan to move the datacenter over a period of time so they will need to get to one or the other of the sites until they bring down the original site entirely | 21:30 |
| nowen | hmm | 21:31 |
| nowen | how many users? | 21:31 |
| entrans | 50 | 21:31 |
| nowen | well, you could set up a webpage on the 2nd server protected by the first. They login with their existing token and register the new domain on the new server | 21:32 |
| entrans | will the registration eliminate the need for an administrator to complete the process? | 21:33 |
| nowen | yes | 21:33 |
| entrans | if so is that any different that what I've seen white papers on to integrate with AD to accomplish something similar? | 21:34 |
| nowen | very much the same | 21:34 |
| nowen | in fact, the same code, just remove AD and put in WiKID | 21:34 |
| entrans | okay - because that's what i've given them as a solution so far - since i'm not sure they are running an AD environment or that the wikid server can access it your idea is a good alternative | 21:34 |
| entrans | cool | 21:35 |
| entrans | another question about ths | 21:35 |
| nowen | yeah, probably best for the long run too | 21:35 |
| nowen | and our dns isn't in the middle | 21:35 |
| entrans | what is the downside of creating a replica and then breaking the replica to have two masters - from a user migration, domain and network configuration perspective? | 21:35 |
| entrans | yeah - having your DNS in the middle indefinitely could be a concern | 21:36 |
| nowen | the users would have to re-register anyway. | 21:36 |
| entrans | okay - i figured as much but i wanted to confirm | 21:36 |
| nowen | those token keys are associated with the old domain | 21:36 |
| entrans | exactly what i thought | 21:36 |
| nowen | network config would be ok | 21:36 |
| nowen | but that | 21:36 |
| nowen | isn't much work anyway | 21:37 |
| entrans | yeah but the network config is the easy part - its really the registered tokens i'm trying to work out | 21:37 |
| nowen | also, I'm more comfortable if you set up the new server ;) | 21:37 |
| entrans | lol - i understand | 21:37 |
| entrans | ok - i'll read up on the web page and AD approach and see what I can get cooking in the lab to be prepared | 21:37 |
| nowen | will you be able to do this all remote? | 21:37 |
| nowen | if you look at the example.jsp page, it also has all the needed code. pretty much 'login' and 'register' | 21:38 |
| entrans | well they told me they can give me remote access to their network and i have a few tricks of my own so as long as they can manage installing the image i should be able to take it from there | 21:38 |
| nowen | cool | 21:38 |
| entrans | excellent | 21:38 |
| nowen | I might have another lead for you too. Let me dig it up | 21:39 |
| entrans | i have to drop you a few e-mails about other clients - i'll be sure to reach out to you by tomorrow regarding those | 21:39 |
| nowen | ok | 21:39 |
| entrans | ok - cool - just call me a wikid kind of guy ;-) | 21:39 |
| nowen | ok - i'm heading home early today. | 22:06 |
| nowen | storming here and that means bad traffic | 22:06 |
| joevano | have a good one... I think our thunderstorms are over for the day, bring on the snow tonicght | 22:13 |
| nowen | nice | 22:13 |
| joevano | started the day at 52 F low tonight is supposed to be 12 with 19 as a high tomorrow | 22:14 |
| nowen | brr | 22:15 |
| nowen | later! | 22:18 |
| *** nowen has quit (Quit: Leaving.) | 22:18 | |
| *** entrans has quit (Quit: Page closed) | 23:03 | |
Generated by irclog2html.py 2.11.0 by Marius Gedminas - find it at mg.pov.lt!