| Name | Founded | Status | Members | Icon |
|---|---|---|---|---|
| Server and hosting infrastructure of the OpenSCADA project | Jun 2014 | Implemented and exploiting now to store and present those and many other resources of the OpenSCADA project. | Roman Savochenko | 
|
| Description | ||||
OpenSCADA server infrastructure representing, tracing and managing.
| ||||
The page aimed for server's infrastructure of OpenSCADA project representing, tracing and managing.
From the OpenSCADA founding its resources were hosted on a main server of DIYA Ltd and the server details and specific were not suitable to publish. From year 2015 the OpenSCADA project have got an own server and an internet channel thanks mostly to Beams&Plasmas funding. From year 2016 all resources of the project OpenSCADA were moved to the new server, the domain name "oscada.org" was switched to it and as its DNS there used the Hosting Ukraine with configuration in Table 1.
Table 1: Domain "oscada.org" configuration.
| Property | Old value | Current value |
|---|---|---|
| Name Server 1 | NS0.XNAME.ORG | NS1.FASTDNS.HOSTING |
| Name Server 2 | NS1.UKRAINE.COM.UA | NS2.FASTDNS.HOSTING |
| Name Server 3 | NS2.UKRAINE.COM.UA | NS3.FASTDNS.HOSTING |
| oscada.org. | 82.207.88.73 | 134.249.149.50 > 46.98.2.159 |
| ftp | 82.207.88.73 | 134.249.149.50 > 46.98.2.159 |
| wiki | 82.207.88.73 | 134.249.149.50 > 46.98.2.159 |
| 82.207.88.73 | 134.249.149.50 > 46.98.2.159 | |
| www | 82.207.88.73 | 134.249.149.50 > 46.98.2.159 |
Contents
1 Hardware and the Internet channel
The OpenSCADA server is located now in a quarter of the OpenSCADA author. To connect the global network there is used one of the Internet service providers in Kamjanske city of Ukraine. The provider uses the conception of Fiber To The Building (FTTB) and the Internet channel bandwidth now is 50Mbit/s. The main domain-name "oscada.org" is connected now to the static IP 46.98.2.159. Hardware configuration of the server is shown in Table 2.
Table 2: Hardware configuration of the OpenSCADA server.
| Name | Configuration | Notes |
|---|---|---|
| CPU | AMD Phenom(tm) II X4 900e | that was purchased as used one instead of the original one Athlon 64 X2 (too weak) and the brand new one A8-6500, TDP 65W |
| MB | GIGABYTE GA-M68M-S2P AM2+ (NVIDIA® GeForce 7025/nForce 630a) | socket AM2/AM2+/AM3 main board
|
| Memory | 4GB (DDR2-800) | DDR2 memory
|
| HDD | 1TB, RAID1 (IRP-SSDPR-S25C-01T+ST1000VM002) | brand new ones, low power consumption ones, heating about +8°C
|
| Power Supply | Cooler Master 400W | brand new one |
| Case | MidiTower, ATX | used one |
| UPS | PowerCom INF-800 + LPM-MG12-65Ah |
|
2 Environment of the programs and services
The program environment uses in common the OS Linux distribution Debian 7 (Wheezy). For external services isolation and some other purposes there used the OpenVZ lightweight isolation in different Virtual Private Servers (VPS). In the most VPSes there used also the Linux distributive Debian 7 (Wheezy), sometime there used Debian 8 (Jessie) and ALTLinux T6. The hardware server (HS) is the x86_64 program environment though the VPSes use mostly the x86_32 environment especially in the demanding tasks, as the result of that we have overall memory consumption of the server about 1.2GB instead 2GB of an even-functional x86_64 pure environment. The program environment structure shown in Figure 1.
File system of the hardware server (HS) has no swap partition and has two main mirrored partitions:
- "root (/)": 9.1GB
- "data (/data): 908GB
Besides management by OpenVZ for the VPS containers, the HS environment contains also some services for external and internal networks:
- SSH: Generic access to the server control by SSH from internal and external environments.
- PPTP: Secure tunnelling for connection from external environments to the internal network or for back remote connection to the connected clients.
- NTP: Network time service for internal and external hosts.
- FTP: FTP-server of the internal network for accessing the local data storage.
- Samba: SMB-server of the internal network for accessing the local data storage.
- AptCacher (DISABLED): APT-cacher of the new generation apt-cacher-ng, serves for unmistakable Live Disks building and used in the Debian systems updating by http-cacher.
- Service config files: "/etc/apt-cacher-ng/".
- AptMirror (DISABLED): APT mirroring apt-mirror for needs of the APT-repositories, serves for unmistakable Live Disks building in the TDE using.
- AutoBuilder: Automatic OpenSCADA package's builder for LTS and Work branches of OpenSCADA, with checking the local Subversion repository.
- DNS (Bind9): Server of the domain names of the internal network.
- DHCP: Hosts' dynamic configuration of the internal network.
- CUPS: Print service of the internal network.
- SmartHouse: Smart House and sensors monitoring of the server, based on OpenSCADA.
2.1 VPS: FTP
Address: ftp.oscada (192.168.0.10)
Service: exclusively provides the public file service for OpenSCADA resources
Base of the VPS: OS Linux distributive Debian 7 (Wheezy) x86, file server ProFTP
This FTP has follow partial tree:
- "ALTLinux/" — the deprecated package repositories of the OS Linux distribution ALTLinux;
- "Debian/" — the package repositories of the OS Linux distribution Debian;
- "Misc/" — miscellaneous files;
- "OpenSCADA/" — files of the OpenSCADA project.
2.2 VPS: DB
Address: db.oscada (192.168.0.11)
Service: exclusively provides different DBMS to use internally and by the VPSes
Base of the VPS: OS Linux distributive Debian 7 (Wheezy) x86, provides DBMS: MySQL, PostgreSQL, FireBird, OpenLDAP (slapd)
Table 2.2: Provided DBMSes and their using.
| DBMS | Using |
|---|---|
| MySQL | TYPO3 (http://oscada.org), MediaWiki (http://oscada.org/wiki), WackoWiki (http://wiki.oscada.org), Jabber, some OpenSCADA tests. |
| PostgreSQL | Some OpenSCADA tests. |
| FireBird | Some OpenSCADA tests. |
| OpenLDAP | Jabber user authentication and some OpenSCADA tests. |
2.3 VPS: SVN
Address: svn.oscada (192.168.0.12)
Service: provides the version control systems
Base of the VPS: OS Linux distributive Debian 7 (Wheezy) x86, provides the version control systems: Subversion, CVS
CVS is an deprecated version control system used up to year 2005 by the OpenSCADA project and some projects of the firm DIYA Ltd of their author Roman Savochenko. Currently CVS is provided only for the compatibility and that supports only the guest access cvs -d:pserver:guest@oscada.org:/CVS_R co OpenScada.
Subversion is the actual version control system used now by the OpenSCADA project. It supports two managing and two display connections:
- in the classic way it allows managing and anonymous reading/observing by own service "svn://", for example svn ls svn://oscada.org/trunk/OpenSCADA/;
- in the secure way by SSH it allows managing only for the authorized users by the secure prefix "svn+oscada://", for example svn ls svn+oscada://oscada.org/mnt/SVN_R/trunk/OpenSCADA;
- through DAV by HTTP it allows only anonymous reading/observing by the HTTP prefix "http://", for example svn ls http://oscada.org/svn/trunk/OpenSCADA/;
- through the Web-interface of WebSVN it allows only the anonymous observing
2.4 VPS: HTTP
Address: http.oscada (192.168.0.13)
Service: provides different HTTP-services which mostly based on the Apache2 Web Server
Base of the VPS: OS Linux distributive Debian 7 (Wheezy) x86, Apache Web Server
Main configuration file of the virtual hosts placed in "/etc/apache2/sites-available/openscada.conf". EMail was configured in "/etc/postfix/main.cf" as a simple relay to the EMail server VPS.
Table 2.4: Provided HTTP-Services.
| Name | Description | Notes |
|---|---|---|
| server-status (INTERNAL) | Current status the Apache2 server | |
| phpMyAdmin (INTERNAL) | DBMS MySQL management by WEB-Interface of phpMyAdmin | |
| phpLDAPadmin (INTERNAL) | LDAP management by WEB-Interface of phpLDAPadmin | |
| Main site of the project OpenSCADA based on the CMS "TYPO3", including the CMS admin WEB-Interface. | Placed in "/var/www/oscada/".
This configuration and DB moved from PHP version 5.2 to 5.4 and from TYPO3 version 4.3 to 4.5 LTS. In that reason and since PHP 5.4 has significant changes there were some migrations problems in the CMS extensions mm_forum, sr_feuser_register and lz_gallery, which fixed. Commands of migration of the DB: mysqldump -Q --user=web -p t3_oscada > t3_oscada.sql
mysql --default-character-set=utf8 --user=web -p t3_oscada < ./t3_oscada.sql
Fixed bugs:
if(is_array($name)) array_walk($name, 'trim');
else $name = trim($name);
| |
|
MediaWIKI |
New knowledge base (WIKI) of the OpenSCADA project on MediaWIKI | Placed in "/var/www/oscada/wiki/".
Installed version 1.26.4 of MediaWiki due to using PHP 5.4. Fixed bugs:
|
|
WackoWIKI |
Old knowledge base (WIKI) of the OpenSCADA project on WackoWIKI | Placed in "/var/www/oscada/wacko/".
This configuration and DB moved from PHP version 5.2 to 5.4 what caused for some problems, firstly it is in the function htmlspecialchars() and need in the default charset UTF-8. These problems mostly fixed before moving to the new Wiki-engine. Commands of migration of the DB: mysqldump -Q --user=wakka -p oscadawiki > oscadawiki.sql
mysql --default-character-set=latin1 --user=wakka -p oscadawiki < ./oscadawiki.sql
|
|
File server |
File service by HTTP of Apache2 | Fixes and changes:
|
|
WebSVN |
WEB-Interface for managing the Subversion repository of the OpenSCADA project by WebSVN. | Placed in "/var/www/oscada/websvn/".
The configuration file "/var/www/oscada/websvn/include/config.php" to edit the function "addRepository(...)". No migration problems here was detected. |
|
DAV svn |
Browsing and observing on the OpenSCADA Subversion repository as a filesystem on HTTP. | |
| Statistic of visiting the server by the AWStats. | Original statistic of the old server was saved and attached to the new server. |
2.5 VPS: EMail
Address: mail.oscada (192.168.0.15)
Service: exclusively provides the EMail service
Base of the VPS: OS Linux distributive Debian 7 (Wheezy) x86, SASL, Postfix, Cyrus, Amavis, SpamAssasin, ClamAV, FetchMail.
Table 2.5: Provided EMail-services.
| Name | Description | Notes |
|---|---|---|
| SASL | Simple Authentication and Security Layer (SASL) | For authentication there is used the local DB "/etc/sasldb2".
For Cyrus IMAP-server the DB pointed directly in the file "/etc/imapd.conf", as a line "sasldb_path: /etc/sasldb2". For Postfix there specially configured the daemon "saslauthd" in the configuration file "/etc/default/saslauthd" by lines: MECHANISMS="sasldb"
OPTIONS="-c -m /var/spool/postfix/var/run/saslauthd"
Examples of tools for the users and passwords managing: sasldblistusers2 # Get users list
saslpasswd2 roman@server.diya.org # Set password for the user
|
| Cyrus | Server of the Internet Message Access Protocol (IMAP) provides access to personal EMail and system-wide bulletin boards through the IMAP protocol by the Cyrus project. Sieve (server side filters) enabled. | The main configuration files are "/etc/{cyrus.conf, imapd.conf}".
Folder of the Local DB is "/var/lib/cyrus". Folder of the user EMail is "/var/spool/cyrus/mail". The folder "/var/lib/cyrus" and "/var/spool/cyrus/mail" were taken from the old server and spare for OpenSCADA mailboxes were removed. Examples of tools of the mailboxes managing: cyradm --user cyrus localhost # connect as the administator
cyradm --user roman localhost # connect as the user
sam user/{mbox} cyrus c; dm user/{mbox} # remove {mbox}
|
| Postfix | Service of the messages sending through the Send Message Transport Protocol (SMTP) by Postfix. | The main configuration files are "/etc/postfix/{master.cf,main.cf}".
Local lists and DBs: "/etc/aliases.db", "/etc/postfix/{bcc_map.db, local_recipients.db, mynetworks}". Examples of tools of the server managing: postalias /etc/aliases # updating/forming for the aliases DB from the original text file
postmap /etc/postfix/{bcc_map,local_recipients} # updating/forming the DB from the original text file
mailq # the message queue of the actual EMails
postqueue -f # try now for resending the actual EMails of the message queue
Fixes and changes:
|
| Amavis | The virus and SPAM scanner of EMail by (AMaViS) which for the viruses scan mostly uses ClamAV and for SPAM uses SpamAssasine. | Folder of the main configuration files is "/etc/amavis/conf.d".
Folder of the quarantined viruses and SPAM is "/var/lib/amavis/virusmails". The configuration was taken from the old server and it provides followed policy:
|
| ClamAV | Checking for viruses by ClamAV. | The main configuration file is "/etc/clamav/clamd.conf". |
| SpamAssasin | Checking for SPAM by SpamAssasin. | The main configuration file is "/etc/spamassassin/local.cf".
The training DB is "/var/spool/spamassassin/". Examples of tools of the SPAM-filter learning: sa-learn --no-sync --progress --spam /var/tmp/spam # train for SPAM from the folder /var/tmp/spam
sa-learn --no-sync --progress --ham /var/tmp/ham # train for HAM from the folder /var/tmp/ham
sa-learn --sync # sync the learning data
sa-learn --dump magic # see the training results
|
| FetchMail (DISABLED) | Fetching the external mailboxes to the local ones by FetchMail. | The main configuration file is "/etc/fetchmailrc". |
2.6 VPS: Jabber
Address: jabber.oscada (192.168.0.16)
Service: provides the instant messages server
Base of the VPS: OS Linux distributive Debian 8 (Jessie) x86, Jabberd2. This VPS was successfully updated from the Debian 7 minimal VPS template since such VPS isn't accessible for the x86 platform on Debian 8.
For the user authentication of the instant message server there is used LDAP on the VPS "DB". For the contacts storing there is used the table "jabberd2" on the DBMS MySQL of the VPS "DB". The configuration and the table "jabberd2" were taken from the old server and successfully adapted to the new one.
2.7 VPS: ALTLinux32 builder
Address: bldrALT32.oscada (192.168.0.100)
Service: the building environment for Live Disks and firmware of the Linux distributive ALTLinux 5 (5.1) and 6 (T6) of the hardware platform x86
Base of the VPS: OS Linux distributive ALTLinux T6 x86, MKImage
This VPS contains a set of MkImage profiles which mostly used from the Automatic Builder of OpenSCADA in context of the Automation Linux distributive of the project OpenSCADA, and allowed also for manual using.
2.8 VPS: Debian8 builder
Address: bldrDeb8.oscada (192.168.0.101)
Service: the building environment for Live Disks and firmware of the Linux distributive Debian 7 and 8 of the hardware platforms x86 and x86_64
Base of the VPS: OS Linux distributive Debian 8 (Jessie) x86_64, Live System Build Components (live-build).
This VPS contains a set of the Live System Build configurations which mostly used from the Automatic Builder of OpenSCADA in context of the Automation Linux distributive of the project OpenSCADA, and allowed also for manual using. That is used in building for old Debian distributions 7 and 8, when the new ones are built on an external host with the modern building environment. Some pure ToolChain-based builds located in the VPS.
2.9 VPS: OpenSCADA simulators-models
Address: oscadaModels.oscada (192.168.0.110)
Service: execution the OpenSCADA simulators-models of the automation systems and providing the Web-based external access
Base of the VPS: OS Linux distributive Debian 7 (Wheezy) x86, OpenSCADA
All the OpenSCADA simulators-models were prepared to provide not modified installation and to deploy their easily, besides setting some specific passwords in the configuration file. Currently follow simulators-models prepared and executed: