Name | Founded | Status | Members | Icon |
---|---|---|---|---|
Server and hosting infrastructure of the OpenSCADA project | Jun 2014 | Implemented and exploiting now to store and present those and many other resources of the OpenSCADA project. | Roman Savochenko | ![]() |
Description | ||||
OpenSCADA server infrastructure representing, tracing and managing.
|
The page aimed for server's infrastructure of OpenSCADA project representing, tracing and managing.
From begin of OpenSCADA its resources hosted on a main server of DIYA Ltd and the server's details and specific were not suitable to publish. From 2015 year the OpenSCADA project had own a server and an internet channel thanks mostly to Beams&Plasmas funding. From 2016 year all resources of the project OpenSCADA were moved to the new server and domain name "oscada.org" was switched to it and for its DNS there uses the Hosting Ukraine, the configuration shown in Table 1.
Table 1: Domain "oscada.org" configuration.
Property | Old value | Current value |
---|---|---|
Name Server 1 | NS0.XNAME.ORG | NS1.FASTDNS.HOSTING |
Name Server 2 | NS1.UKRAINE.COM.UA | NS2.FASTDNS.HOSTING |
Name Server 3 | NS2.UKRAINE.COM.UA | NS3.FASTDNS.HOSTING |
oscada.org. | 82.207.88.73 | 134.249.149.50 |
ftp | 82.207.88.73 | 134.249.149.50 |
wiki | 82.207.88.73 | 134.249.149.50 |
82.207.88.73 | 134.249.149.50 | |
www | 82.207.88.73 | 134.249.149.50 |
Contents
1 Hardware and internet channel
The OpenSCADA server located now into a quarter of the author of the OpenSCADA system it is Roman Savochenko. For link to the global network (Internet) used a service of the Internet provider Kyivstar in Kamjanske city of Ukraine. The provider uses the conception of Fiber To The Building (FTTB) and the internet channel's bandwidth now it is 100Mbit/s (30Mbit/s was up to 2018.02). The main domain-name "oscada.org" is connected now to the static IP 134.249.149.50. Hardware configuration of the server shown up into Table 2:
Table 2: Hardware configuration of the OpenSCADA server.
Name | Configuration | Notes |
---|---|---|
CPU | AMD Phenom(tm) II X4 900e | that was purchased as used one instead of the original one Athlon 64 X2 (too weak) and the brand new one A8-6500, TDP 65W |
MB | GIGABYTE GA-M68M-S2P AM2+ (NVIDIA® GeForce 7025/nForce 630a) | socket AM2/AM2+/AM3 main board
|
Memory | 4GB (DDR2-800) | DDR2 memory
|
HDD | 1TB, RAID1 (IRP-SSDPR-S25C-01T+ST1000VM002) | brand new ones, low power consumption ones, heating about +8°C
|
Power Supply | Cooler Master 400W | brand new one |
Case | MidiTower, ATX | used one |
UPS | PowerCom INF-800 + LPM-MG12-65Ah |
|
2 Program environment and services
The program environment in base uses the OS Linux distributive Debian 7 (Wheezy). For external services isolation and some other purposes there uses the OpenVZ lightweight isolation into different Virtual Private Servers (VPS). Into the mostly VPS there also uses the Linux distributive Debian 7 (Wheezy), sometime there uses Debian 8 (Jessie) and ALTLinux T6. Hardware server (HS) is the x86_64 program environment but the VPSs mostly use the x86 environment especially for highly demanded tasks, as the result we have overall memory consumption of the server about 1.2GB instead 2GB of an even-functional x86_64 pure environment. The program environment structure shown in Figure 1.
File system of the hardware server (HS) has not a swap partition and has two main mirrored partitions:
- "root (/)": 9.1GB
- "data (/data): 908GB
Besides only VPS containers management by OpenVZ the HS environment also has some services for the external and internal networks:
- SSH: Generic access to the server control by SSH from internal and external.
- PPTP: Secure tunneling. For connection from external environments to the internal network at all or for remote connection to the connected client.
- NTP: Network time service. For internal and external hosts.
- FTP: Internal network FTP-server for the local data storage access.
- Samba: Internal network SMB-server for the local data storage access.
- AptCacher: APT cacher of new generation (apt-cacher-ng). Serves for unmistakable Live-disks building and used for Debian repositories updating by the http-cacher.
- Service config files: "/etc/apt-cacher-ng/".
- AptMirror: APT mirroring (apt-mirror) for need APT-repositories. Serves for unmistakable Live-disks building in use TDE. For now there mirror next repositories:
deb http://mirror.xcer.cz/trinity-sb/ jessie main-r14 deps-r14 deb-i386 http://mirror.xcer.cz/trinity-sb/ jessie main-r14 deps-r14 deb http://mirror.xcer.cz/trinity-sb/ wheezy main-r14 deps-r14 deb-i386 http://mirror.xcer.cz/trinity-sb/ wheezy main-r14 deps-r14 deb http://mirror.xcer.cz/trinity-sb/ stretch main-r14 deps-r14 deb-i386 http://mirror.xcer.cz/trinity-sb/ stretch main-r14 deps-r14
- AutoBuilder: Automatic OpenSCADA package's builder for LTS and Work versions of OpenSCADA, by the local Subversion repository check.
- DNS (Bind9): Internal network domain names server.
Some time it is in lost all forwarders by no external host resolved, possible after DDNS update the original zone file, observed: 17.03.2016
- DHCP: Hosts of the internal network dynamic configuration.
- CUPS: Print service of the internal network.
- SmartHouse: smart-house and sensors monitoring based on OpenSCADA of the server.
2.1 VPS: FTP
Address: ftp.oscada (192.168.0.10)
Service: exclusively provides a public file-service for OpenSCADA resources.
Base of the VPS: OS Linux distributive Debian 7 (Wheezy) x86, file server ProFTP.
This FTP has next partial tree with the descriptions:
- "ALTLinux/" — repositories of packages of the OS Linux distribution ALTLinux;
- "Debian/" — repositories of packages of the OS Linux distribution Debian;
- "Misc/" — misc files;
- "OpenSCADA/" — files of the OpenSCADA project;
- ...
- "books/" — books, wrote by participants of the OpenSCADA project, mostly by Roman Savochenko.
2.2 VPS: DB
Address: db.oscada (192.168.0.11)
Service: exclusively provides different DBMS to use internally and by the VPSes.
Base of the VPS: OS Linux distributive Debian 7 (Wheezy) x86, provides next DBMS: MySQL, PostgreSQL, FireBird, OpenLDAP (slapd).
Table 2.2: Allowed DBMS and their using.
DBMS | Using |
---|---|
MySQL | TYPO3 (http://oscada.org), MediaWiki (http://oscada.org/wiki), WackoWiki (http://wiki.oscada.org), Jabber, some OpenSCADA tests. |
PostgreSQL | Some OpenSCADA tests. |
FireBird | Some OpenSCADA tests. |
OpenLDAP | Jabber users authentication and some OpenSCADA tests. |
2.3 VPS: SVN
Address: svn.oscada (192.168.0.12)
Service: provides the control versions systems.
Base of the VPS: OS Linux distributive Debian 7 (Wheezy) x86, provides next control versions systems: Subversion, CVS.
CVS is an old-deprecated control versions system used up to year 2005 by the OpenSCADA project and some projects of firm DIYA Ltd of their author Roman Savochenko. For now CVS is provided only for the compatibility and it supports only guest access: $ cvs -d:pserver:guest@oscada.org:/CVS_R co OpenScada
Subversion is current control version system using now by the OpenSCADA project. It supports two managing and two display connections:
- In classic way, it allows managing and anonymous reading/observing, by self service "svn:", for example: $ svn ls svn:oscada.org/trunk/OpenSCADA/
- In secure way by SSH, it allows managing but only for authorized users, by a secure prefix like "svn+oscada:", for example: $ svn ls svn+oscada:oscada.org/mnt/SVN_R/trunk/OpenSCADA
- Through DAV by HTTP, it allows only anonymous reading/observing, by HTTP prefix "http://", for example: $ svn ls http://oscada.org/svn/trunk/OpenSCADA/
- Through Web-interface of WebSVN, it allows only anonymous observing.
2.4 VPS: HTTP
Address: http.oscada (192.168.0.13)
Service: provides different HTTP-services which mostly based on Apache2 web-server.
Base of the VPS: OS Linux distributive Debian 7 (Wheezy) x86, Apache web-server.
Main configuration file of the virtual hosts placed into "/etc/apache2/sites-available/openscada.conf". EMail was configured as a simple relay (into file "/etc/postfix/main.cf") to an email server of the server into different VPS.
Table 2.4: Provided HTTP-services.
Name | Description | Notes |
---|---|---|
server-status | The Apache2 server current status | |
phpMyAdmin | DBMS MySQL management by a WEB-interface of phpMyAdmin | |
phpLDAPadmin | LDAP management by a WEB-interface of phpLDAPadmin | |
Main site of the project OpenSCADA based on the CMS "TYPO3", including an admin Web-interface of the CMS. |
This project tree used in original and placed into "/var/www/oscada/". mysqldump -Q --user=web -p t3_oscada > t3_oscada.sql
mysql --default-character-set=utf8 --user=web -p t3_oscada < ./t3_oscada.sql
Fixed bugs:
if(is_array($name)) array_walk($name, 'trim');
else $name = trim($name);
| |
MediaWIKI |
New one of the main OpenSCADA project's knowledge base on MediaWIKI |
This project tree used in original and placed into "/var/www/oscada/wiki/".
|
WackoWIKI |
Old one of the main OpenSCADA project's knowledge base on WackoWIKI |
This project tree used original and placed into "/var/www/oscada/wacko/". mysqldump -Q --user=wakka -p oscadawiki > oscadawiki.sql
mysql --default-character-set=latin1 --user=wakka -p oscadawiki < ./oscadawiki.sql
|
File server |
File service by HTTP of Apache2 | |
WebSVN |
Web-interface for manages the Subversion repository of the OpenSCADA project by the WebSVN. |
This project tree used in original and placed into "/var/www/oscada/websvn/". |
DAV svn |
Browsing and observing on the OpenSCADA Subversion repository as a file-system on HTTP. | |
Visits of the server different statistic by the AWStats. | Original statistic of the old server was saved and attached to the new server. |
2.5 VPS: Mail
Address: mail.oscada (192.168.0.15)
Service: provides exclusively EMail service.
Base of the VPS: OS Linux distributive Debian 7 (Wheezy) x86, SASL, Postfix, Cyrus, Amavis, SpamAssasin, ClamAV, FetchMail.
Table 2.5: Provided EMail-services.
Name | Description | Notes |
---|---|---|
SASL | Simple Authentication and Security Layer (SASL) |
For authentication there is used the local DB "/etc/sasldb2". MECHANISMS="sasldb"
OPTIONS="-c -m /var/spool/postfix/var/run/saslauthd"
Examples of tools of managing of users and passwords: sasldblistusers2 # Get users list
saslpasswd2 roman@server.diya.org # Set password for the user
|
Cyrus | Internet Message Access Protocol (IMAP) server provides access to personal mail and system-wide bulletin boards through the IMAP protocol, by the project Cyrus. Sieve (server side filters) enabled. |
Main config files: "/etc/{cyrus.conf, imapd.conf}". cyradm --user cyrus localhost # connect as the administator
cyradm --user roman localhost # connect as the user
sam user/{mbox} cyrus c; dm user/{mbox} # remove {mbox}
|
Postfix | Send messages service by the Send Message Transport Protocol (SMTP), by Postfix. |
Main config files: "/etc/postfix/{master.cf,main.cf}". postalias /etc/aliases # DB of aliases updating/forming from the original text file
postmap /etc/postfix/{bcc_map,local_recipients} # DB updating/forming from the original text file
mailq # Queue of messages of actual emails
postqueue -f # Try now for resend the actual emails of the messages queue
|
Amavis | A Mail Virus and spams Scanner (AMaViS) which for the viruses scan mostly uses ClamAV and for spam uses SpamAssasine. |
Folder of the main config files: "/etc/amavis/conf.d".
|
ClamAV | Anti-virus checking by the ClamAV. | Main configuration file: "/etc/clamav/clamd.conf". |
SpamAssasin | Anti-spam checking by the SpamAssasin. |
Main configuration file: "/etc/spamassassin/local.cf". sa-learn --no-sync --progress --spam /var/tmp/spam # Train for SPAM from the folder /var/tmp/spam
sa-learn --no-sync --progress --ham /var/tmp/ham # Train for HAM from the folder /var/tmp/ham
sa-learn --sync # Sync the learning data
sa-learn --dump magic # See the training results
|
FetchMail | Fetch for external mailboxes to the local ones by FetchMail. | Main configuration file: "/etc/fetchmailrc". |
2.6 VPS: Jabber
Address: jabber.oscada (192.168.0.16)
Service: provides instant messages server.
Base of the VPS: OS Linux distributive Debian 8 (Jessie) x86, Jabberd2. This VPS was successfully updated from the Debian 7 minimal VPS template but that VPS is not allowed for x86 platform for Debian 8.
For users authentication of the instant messages server used LDAP on the VPS "DB". For contacts storing it used the table "jabberd2" on the DBMS MySQL on the VPS "DB". The configuration and the table "jabberd2" were taken on the old server and successfully adapted to the new one.
2.7 VPS: ALTLinux32 builder
Address: bldrALT32.oscada (192.168.0.100)
Service: Live-disks and firmwares building environment of the Linux distributive ALTLinux 5 (5.1) and 6 (T6) of the hardware platform x86.
Base of the VPS: OS Linux distributive ALTLinux T6 x86, MKImage.
This VPS contains and provides set of MkImage profiles which mostly used from the AutoBuilder system of OpenSCADA and also allowed for manual their using. Allowed MkImage profiles shown into Table 2.7.
Table 2.7: MkImage profiles.
Profile | Description |
---|---|
mkimage-profiles-5-kdesktop | Live-disk for desktop of ALTLinux 5 (5.1) building. Inactive now! |
mkimage-profiles-5-plc | Generic PLC firmwares (tarballs) building profile on ALTLinux 5 (5.1). |
mkimage-profiles-5-plc-LP8x81 | ICP-DAS PLC firmwares (tarballs) building profile on ALTLinux 5 (5.1). |
mkimage-profiles-5-KramMill | Live/Install/Service disk of the project "ACS TP of the ball mills "ШБМ 287/410" of the boiler "БКЗ 160–100 ПТ"". |
mkimage-profiles-6-kdesktop | Live-disk for desktop of ALTLinux 6 (T6) building, includes OpenSCADA and KDE 3.5.13.2. |
mkimage-profiles-6-plc | Generic PLC firmwares (tarballs) building profile on ALTLinux 6 (T6). |
mkimage-profiles-6-plc-LP8x81 | ICP-DAS PLC firmwares (tarballs) building profile on ALTLinux 6 (T6). |
mkimage-profiles-6-bagley | Live/Install/Service disk of the project "Bagley Coke Boiler #1 dispatching system (will be soon prepared)". |
mkimage-profiles-6-KramWater | Live/Install/Service disk of the project "Kramatorsk Water (will be soon prepared)". |
For the Live-disks unmistakable building the original packages repositories of ALTLinux 5 and 6 located on the server. By the OpenSCADA project in different times was created a self repository of packages included builds of the OpenSCADA packages and other programs with fixings and renewals, for details see to the Automation Linux distributive of the project OpenSCADA. Next actual repositories for ALTLinux allowed on the OpenSCADA server:
- ALTLinux 5.1:
- "rpm ftp://ftp.oscada.org/ALTLinux/5/branch i586 classic" — classic packages of the i586 architecture;
- "rpm ftp://ftp.oscada.org/ALTLinux/5/branch noarch classic" — classic packages of independent from an architecture;
- "rpm ftp://ftp.oscada.org/ALTLinux/5 openscada main" — repository of OpenSCADA packages.
- ALTLinux T6:
- "rpm ftp://ftp.oscada.org/ALTLinux/6/branch i586 classic" — classic packages of the i586 architecture;
- "rpm ftp://ftp.oscada.org/ALTLinux/6/branch i586 debuginfo" — debug information packages of the i586 architecture;
- "rpm ftp://ftp.oscada.org/ALTLinux/6/branch noarch classic" — classic packages of independent from an architecture;
- "rpm ftp://ftp.oscada.org/ALTLinux/6 openscada main" — repository of OpenSCADA packages.
2.8 VPS: Debian{8,9} builder
Address: bldrDeb8.oscada (192.168.0.101), bldrDeb9.oscada (192.168.0.102)
Service: Live-disks and firmwares building environment of the Linux distributive Debian 7 and 8 of the hardware platforms x86 and x86_64.
Base of the VPS: OS Linux distributive Debian 8 (Jessie) x86_64, Live System Build Components (live-build).
This VPS contains and provides set of the Live System Build configurations which mostly used from the AutoBuilder system of OpenSCADA and also allowed for manual their using. Some pure ToolChain-based builds located into the VPS. Allowed "Live System Build" configurations and toolchains shown into Table 2.8.
Table 2.8: Live System Build configurations
For the Live-disks unmistakable building the original packages repositories of Debian 7, 8 and 9 cached on the server by "APT cacher of new generation" and some repositories like Trinity DE are located on the server and the regular mirroring performed by "APT mirror". By the OpenSCADA project was created a self repository of packages included builds of the OpenSCADA packages and other programs with fixings and renewals, for details see to the Automation Linux distributive of the project OpenSCADA. Next actual repositories for Debian cached and placed on the OpenSCADA server:
- Debian 7:
- "deb http://ftp.ua.debian.org/debian/ wheezy main non-free contrib" — cached main, non-free and contribute packages of Debian;
- "deb http://ftp.ua.debian.org/debian/ wheezy-updates main non-free contrib" — cached main, non-free and contribute packages of Debian updates;
- "deb http://ftp.ua.debian.org/debian/ wheezy-backports main non-free contrib" — cached main, non-free and contribute packages of Debian backports;
- "deb http://ftp.ua.debian.org/debian-security/ wheezy/updates main non-free contrib" — cached main, non-free and contribute packages of Debian security updates;
- "deb ftp://oscada.org/Debian/7/trinity-sb/ wheezy main-r14 deps-r14" — located main and dependents packages of Trinity DE R14 for Debian;
- "deb ftp://oscada.org/Debian/7/openscada/ ./" — repository of packages of OpenSCADA.
- Debian 8:
- "deb http://ftp.ua.debian.org/debian/ jessie main non-free contrib" — cached main, non-free and contribute packages of Debian;
- "deb http://ftp.ua.debian.org/debian/ jessie-updates main non-free contrib" — cached main, non-free and contribute packages of Debian updates;
- "deb http://ftp.ua.debian.org/debian/ jessie-backports main non-free contrib" — cached main, non-free and contribute packages of Debian backports;
- "deb http://ftp.ua.debian.org/debian-security/ jessie/updates main non-free contrib" — cached main, non-free and contribute packages of Debian security updates;
- "deb ftp://oscada.org/Debian/8/trinity-sb/ jessie main-r14 deps-r14" — located main and dependents packages of Trinity DE R14 for Debian;
- "deb ftp://oscada.org/Debian/8/openscada/ ./" — repository of packages of OpenSCADA.
- Debian 9:
- "deb http://ftp.ua.debian.org/debian/ stretch main non-free contrib" — cached main, non-free and contribute packages of Debian;
- "deb http://ftp.ua.debian.org/debian/ stretch-updates main non-free contrib" — cached main, non-free and contribute packages of Debian updates;
- "deb http://ftp.ua.debian.org/debian/ stretch-backports main non-free contrib" — cached main, non-free and contribute packages of Debian backports;
- "deb http://ftp.ua.debian.org/debian-security/ stretch/updates main non-free contrib" — cached main, non-free and contribute packages of Debian security updates;
- "deb ftp://oscada.org/Debian/9/trinity-sb/ stretch main-r14 deps-r14" — located main and dependents packages of Trinity DE R14 for Debian;
- "deb ftp://oscada.org/Debian/9/openscada/ ./" — repository of packages of OpenSCADA.
2.9 VPS: OpenSCADA models
Address: oscadaModels.oscada (192.168.0.110)
Service: OpenSCADA models of automation systems execution and the Web-based external access providing.
Base of the VPS: OS Linux distributive Debian 7 (Wheezy) x86, OpenSCADA.
All the OpenSCADA models were prepared for no modified installation provides and easy their deploy besides some specific passwords setting into the config file. For now there next models prepared and executed: