From OpenSCADAWiki
Jump to: navigation, search
Other languages:
English • ‎Українська
Name Founded Status Members Icon
Server and hosting infrastructure of the OpenSCADA project Jun 2014 Implemented and exploiting now to store and present those and many other resources of the OpenSCADA project. Roman Savochenko Server net.png
Description
OpenSCADA server infrastructure representing, tracing and managing.
  • WD10EZRX: appearing the reallocated sectors => REPLACED by the brand new one SSD IRP-SSDPR-S25C-01T
  • 2021-10-05 22:03: The DATA partition was dropped out the RAID, Reallocated_Sector_Ct achieved up to 1082 and the problematic-slow disk space is 0.12(0.9...1.02)% = 1GB.
  • 2021-08-10 06:39: 57 Reallocated_Sector_Ct, 9 Reallocated_Event_Count
  • M2NPV-VM: several problems in stability => REPLACED by GA-M68M-S2P
  • 2022-06-27 : the MB started after about 30 minutes at restart for the UPS battery one year test => unsuccessfully tried for start after the MB discharging procedure and discharging the MB capacitors
  • 2022-02-02 : the MB started after about several minutes of cooling at some service restart
  • ST1000VM002: stopping sometimes, seems after accessing to some sectors
  • speed of the SATA interface dropped down to 1.5 Gbps by MB itself
  • 2019-04-25 06:00 => This HDD connected to SATA2 and WD to SATA1
  • 2019-01-11 19:03 => Swap the SATA port between the WD HDD
  • 2018-06-15 22:45 => The SATA cable was replaced on 22.06.2018
  • LPM-MG12-65Ah: brand new one 2021.02 that is dead again after two years and about 102 partial and 57 whole cycles on 12.5Ah (from 65Ah) => DEAD
At.png Logic Power batteries are DUNG!
  • 2023-06-20: Capacity = 12.5 Ah (5 hours at 2.5A)
  • 2022-06-29: R = 12 mOm, Capacity = 70.5 Ah (28.2 hours at 2.5A)
  • 2021-06-18: R = 16 mOm, Capacity = 75 Ah (30 hours at 2.5A)
  • LPM-MG12-65Ah: brand new one 2018 that is dead mostly after two years on 27Ah (from 65Ah) => REPLACED
  • 2021-06-01: Capacity = 27 Ah (10.7 hours at 2.5A), by the USB-Meter: 30(-6%)Ah
  • 2020-09-15: Capacity = 46 Ah (18.2 hours at 2.5A), by the USB-Meter: 49(-6%)Ah
  • 2019-06-15: R = 46 mOm, Capacity = 68 Ah (27.5 hours at 2.5A), by the USB-Meter: 71(-6%)Ah
  • 6CT-60-A3 (12V 60Ah, 170x240x190, 2016-05): an automobile starter accumulator, so it was dead on 6Ah (from 65Ah) after three years => REPLACED
  • 2019-06-13: R = 90 mOm, Capacity = 5.7Ah, 5.9(-6%)Ah
  • 2018-09-11: ~2.5 hours at (86+33)W = 25Ah
  • 2018-08-18: 52Ah
13.5V -> 8.2V = 52Ah;
8.2V -> 14.3V = 46Ah (30°C -> 33.5°С)
13.6V - 6h -> 13.3V
  • 2016-05: 4 hours at (84+33)W = 39Ah
16.7 hours at 33W(2.5A) = 42Ah
  • Temperature sensor DS18B20 (288C704A0000001F): freezes in the measuring => NOT OBSERVED
2019-02: failure in the measuring freeze => restored after the power reset

The page aimed for server's infrastructure of OpenSCADA project representing, tracing and managing.

From the OpenSCADA founding its resources were hosted on a main server of DIYA Ltd and the server details and specific were not suitable to publish. From year 2015 the OpenSCADA project have got an own server and an internet channel thanks mostly to Beams&Plasmas funding. From year 2016 all resources of the project OpenSCADA were moved to the new server, the domain name "oscada.org" was switched to it and as its DNS there used the Hosting Ukraine with configuration in Table 1.

Table 1: Domain "oscada.org" configuration.

Property Old value Current value
Name Server 1 NS0.XNAME.ORG NS1.FASTDNS.HOSTING
Name Server 2 NS1.UKRAINE.COM.UA NS2.FASTDNS.HOSTING
Name Server 3 NS2.UKRAINE.COM.UA NS3.FASTDNS.HOSTING
oscada.org. 82.207.88.73 134.249.149.50 > 46.98.2.159
ftp 82.207.88.73 134.249.149.50 > 46.98.2.159
wiki 82.207.88.73 134.249.149.50 > 46.98.2.159
mail 82.207.88.73 134.249.149.50 > 46.98.2.159
www 82.207.88.73 134.249.149.50 > 46.98.2.159

1 Hardware and the Internet channel

The OpenSCADA server is located now in a quarter of the OpenSCADA author. To connect the global network there is used one of the Internet service providers in Kamjanske city of Ukraine. The provider uses the conception of Fiber To The Building (FTTB) and the Internet channel bandwidth now is 50Mbit/s. The main domain-name "oscada.org" is connected now to the static IP 46.98.2.159. Hardware configuration of the server is shown in Table 2.

Table 2: Hardware configuration of the OpenSCADA server.

Name Configuration Notes
CPU AMD Phenom(tm) II X4 900e that was purchased as used one instead of the original one Athlon 64 X2 (too weak) and the brand new one A8-6500, TDP 65W
MB GIGABYTE GA-M68M-S2P AM2+ (NVIDIA® GeForce 7025/nForce 630a) socket AM2/AM2+/AM3 main board
  • [2022-06] GA-M68M-S2P — replaces M2NPV-VM for reuse the actual configuration and CPU
  • more reliable at using solid capacitors and big chipset radiator;
  • lesser power consumption (CPU powering by 1V) — server common consumption at the low loading is 46W instead 56W.
  • [2014-06] M2NPV-VM — used but hard tested one and reliable one solution, instead purchased specially one of the brand new MB MSI A88X-G41 PC Mate.
Memory 4GB (DDR2-800) DDR2 memory
  • [2022-06] new ones (4GB) after replacing MB where only two memory slots are;
  • [2014-06] mixed original ones for the Main Board (MB) and new ones (4GB).
HDD 1TB, RAID1 (IRP-SSDPR-S25C-01T+ST1000VM002) brand new ones, low power consumption ones, heating about +8°C
  • [2021] SSD IRP-SSDPR-S25C-01T — replaces broken WD10EZRX
  • [2015] WD10EZRX+ST1000VM002 — replace previous ones due to 5400+5900 RPM
  • [2014-06] 2 x DT01ACA050, 7200 RPM
Power Supply Cooler Master 400W brand new one
Case MidiTower, ATX used one
UPS PowerCom INF-800 + LPM-MG12-65Ah
  • PowerCom INF-800 — brand new one (2016):
    • The output form: a clean sine curve
    • Charging: ~6A, up to 13.6V
    • Discharging down to: ~11.2V
    • Inverter effectivity: ~74%, from 52Ah (at ~120W) / 70.5Ah (on self 25W)
    • Own consumption:
      • from the battery, discharging on self (+23W): 2.5(4.35)A*13.3(13.1)V = 33(57)W
      • from the powernet (without the inverter): 15(13)W
    • The load measuring: 100% = 480W
  • 12V Battery
  • [2024-02] 12V16850BBlock2-30Ah assembled on 30 batteries INR18650 29E and the 3S 40A Balance board — replaces broken LPM-MG12-65Ah
  • 2024-02-20: R = 27 mOm, Capacity = 30 Ah
  • [2023-11] 12V16850BBlock1-20Ah assembled on 21 batteries INR18650 35E and the 3S 40A Balance board — replaces broken LPM-MG12-65Ah
  • 2024-02-28: R = 44 mOm, Capacity = 19.2 Ah
  • 2023-11-01: Capacity = 19.5 Ah
  • [2021-06] LPM-MG12-65Ah brand new one AGM MultiGel UPS buffer mode battery (2021-02) — replaces the previous broken — DEAD
  • 2023-06-20: Capacity = 12.5 Ah (5 hours at 2.5A)
  • 2022-06-29: R = 12 mOm, Capacity = 70.5 Ah (28.2 hours at 2.5A), Degradation = 4.5 Ah/year
  • 2021-06-18: R = 16 mOm, Capacity = 75 Ah (30 hours at 2.5A)
  • [2019-06] LPM-MG12-65Ah brand new one AGM MultiGel UPS buffer mode battery (2018) — replaces the previous broken
  • [2016-05] 6CT-60-A3 brand new one automobile starting battery

2 Environment of the programs and services

The program environment uses in common the OS Linux distribution Debian 7 (Wheezy). For external services isolation and some other purposes there used the OpenVZ lightweight isolation in different Virtual Private Servers (VPS). In the most VPSes there used also the Linux distributive Debian 7 (Wheezy), sometime there used Debian 8 (Jessie) and ALTLinux T6. The hardware server (HS) is the x86_64 program environment though the VPSes use mostly the x86_32 environment especially in the demanding tasks, as the result of that we have overall memory consumption of the server about 1.2GB instead 2GB of an even-functional x86_64 pure environment. The program environment structure shown in Figure 1.

Figure 1. Network of the OpenSCADA server and structure of the program environment.

File system of the hardware server (HS) has no swap partition and has two main mirrored partitions:

  • "root (/)": 9.1GB
  • "data (/data): 908GB

Besides management by OpenVZ for the VPS containers, the HS environment contains also some services for external and internal networks:

  • SSH: Generic access to the server control by SSH from internal and external environments.
  • PPTP: Secure tunnelling for connection from external environments to the internal network or for back remote connection to the connected clients.
  • NTP: Network time service for internal and external hosts.
  • FTP: FTP-server of the internal network for accessing the local data storage.
  • Samba: SMB-server of the internal network for accessing the local data storage.
  • AptCacher (DISABLED): APT-cacher of the new generation apt-cacher-ng, serves for unmistakable Live Disks building and used in the Debian systems updating by http-cacher.
Service config files: "/etc/apt-cacher-ng/".
  • AptMirror (DISABLED): APT mirroring apt-mirror for needs of the APT-repositories, serves for unmistakable Live Disks building in the TDE using.
  • AutoBuilder: Automatic OpenSCADA package's builder for LTS and Work branches of OpenSCADA, with checking the local Subversion repository.
  • DNS (Bind9): Server of the domain names of the internal network.
  • DHCP: Hosts' dynamic configuration of the internal network.
  • CUPS: Print service of the internal network.
  • SmartHouse: Smart House and sensors monitoring of the server, based on OpenSCADA.

2.1 VPS: FTP

Address: ftp.oscada (192.168.0.10)
Service: exclusively provides the public file service for OpenSCADA resources
Base of the VPS: OS Linux distributive Debian 7 (Wheezy) x86, file server ProFTP

This FTP has follow partial tree:

  • "ALTLinux/" — the deprecated package repositories of the OS Linux distribution ALTLinux;
  • "Debian/" — the package repositories of the OS Linux distribution Debian;
  • "Misc/" — miscellaneous files;
  • "OpenSCADA/" — files of the OpenSCADA project.

2.2 VPS: DB

Address: db.oscada (192.168.0.11)
Service: exclusively provides different DBMS to use internally and by the VPSes
Base of the VPS: OS Linux distributive Debian 7 (Wheezy) x86, provides DBMS: MySQL, PostgreSQL, FireBird, OpenLDAP (slapd)

Table 2.2: Provided DBMSes and their using.

DBMS Using
MySQL TYPO3 (http://oscada.org), MediaWiki (http://oscada.org/wiki), WackoWiki (http://wiki.oscada.org), Jabber, some OpenSCADA tests.
PostgreSQL Some OpenSCADA tests.
FireBird Some OpenSCADA tests.
OpenLDAP Jabber user authentication and some OpenSCADA tests.

2.3 VPS: SVN

Address: svn.oscada (192.168.0.12)
Service: provides the version control systems
Base of the VPS: OS Linux distributive Debian 7 (Wheezy) x86, provides the version control systems: Subversion, CVS

CVS is an deprecated version control system used up to year 2005 by the OpenSCADA project and some projects of the firm DIYA Ltd of their author Roman Savochenko. Currently CVS is provided only for the compatibility and that supports only the guest access cvs -d:pserver:guest@oscada.org:/CVS_R co OpenScada.

Subversion is the actual version control system used now by the OpenSCADA project. It supports two managing and two display connections:

  • in the classic way it allows managing and anonymous reading/observing by own service "svn://", for example svn ls svn://oscada.org/trunk/OpenSCADA/;
  • in the secure way by SSH it allows managing only for the authorized users by the secure prefix "svn+oscada://", for example svn ls svn+oscada://oscada.org/mnt/SVN_R/trunk/OpenSCADA;
  • through DAV by HTTP it allows only anonymous reading/observing by the HTTP prefix "http://", for example svn ls http://oscada.org/svn/trunk/OpenSCADA/;
  • through the Web-interface of WebSVN it allows only the anonymous observing

2.4 VPS: HTTP

Address: http.oscada (192.168.0.13)
Service: provides different HTTP-services which mostly based on the Apache2 Web Server
Base of the VPS: OS Linux distributive Debian 7 (Wheezy) x86, Apache Web Server

Main configuration file of the virtual hosts placed in "/etc/apache2/sites-available/openscada.conf". EMail was configured in "/etc/postfix/main.cf" as a simple relay to the EMail server VPS.

Table 2.4: Provided HTTP-Services.

Name Description Notes
server-status (INTERNAL) Current status the Apache2 server
phpMyAdmin (INTERNAL) DBMS MySQL management by WEB-Interface of phpMyAdmin
phpLDAPadmin (INTERNAL) LDAP management by WEB-Interface of phpLDAPadmin

TYPO3
http://oscada.org
http://oscada.org/typo3

Main site of the project OpenSCADA based on the CMS "TYPO3", including the CMS admin WEB-Interface. Placed in "/var/www/oscada/".

This configuration and DB moved from PHP version 5.2 to 5.4 and from TYPO3 version 4.3 to 4.5 LTS. In that reason and since PHP 5.4 has significant changes there were some migrations problems in the CMS extensions mm_forum, sr_feuser_register and lz_gallery, which fixed.

Commands of migration of the DB: 

mysqldump -Q --user=web -p t3_oscada > t3_oscada.sql
mysql --default-character-set=utf8 --user=web -p t3_oscada < ./t3_oscada.sql

Fixed bugs:

  • [2021-10-14] The module "sr_feuser_register" finished in translation to Ukrainian, FE appended by the users invitation page for developers and contributors, and enabled for the administrator review of the new registrants.
  • [2016-11-19] Long entry to the FE login at an error in the last part of addLabelMarkers(). Long entry to the BE login at array trim() in TYPO3 cObjGetSingle(), replaced to:
if(is_array($name)) array_walk($name, 'trim');
else $name = trim($name);
  • [2016-04-30] The module "mm_forum" omits to encode for the "quoted-printable" mode at all that causes for message headers like to "XXXX", possible in class.tx_mmforum_havealook.php.
  • [2016-04-30] The EMail encoding by the "quoted-printable" mode some broken, especially for the header sequences like to "(а)", the module "sr_feuser_register".

MediaWIKI
http://oscada.org/wiki

New knowledge base (WIKI) of the OpenSCADA project on MediaWIKI Placed in "/var/www/oscada/wiki/".

Installed version 1.26.4 of MediaWiki due to using PHP 5.4.

Fixed bugs:

  • [2016] Detected the problem of cutting the new pages marked to translation and breakage the translation process for big articles => the reason is in small size of the one table column, what was changed to TEXT and about that the MediaWiki community was notified.

WackoWIKI
http://wiki.oscada.org

Old knowledge base (WIKI) of the OpenSCADA project on WackoWIKI Placed in "/var/www/oscada/wacko/".

This configuration and DB moved from PHP version 5.2 to 5.4 what caused for some problems, firstly it is in the function htmlspecialchars() and need in the default charset UTF-8. These problems mostly fixed before moving to the new Wiki-engine.

Commands of migration of the DB: 

mysqldump -Q --user=wakka -p oscadawiki > oscadawiki.sql
mysql --default-character-set=latin1 --user=wakka -p oscadawiki < ./oscadawiki.sql

File server
http://oscada.org/oscadaArch/
http://ftp.oscada.org/

File service by HTTP of Apache2 Fixes and changes:
  • [2023.02.18] Expanding in some file types specifying and some file description, initially in "OpenSCADA/LTS/Nokia/900".

WebSVN
http://oscada.org/websvn

WEB-Interface for managing the Subversion repository of the OpenSCADA project by WebSVN. Placed in "/var/www/oscada/websvn/".

The configuration file "/var/www/oscada/websvn/include/config.php" to edit the function "addRepository(...)".

No migration problems here was detected.

DAV svn
http://oscada.org/svn

Browsing and observing on the OpenSCADA Subversion repository as a filesystem on HTTP.

AWStats (INTERNAL)
WWW
WWW files
WIKI
FTP

Statistic of visiting the server by the AWStats. Original statistic of the old server was saved and attached to the new server.

2.5 VPS: EMail

Address: mail.oscada (192.168.0.15)
Service: exclusively provides the EMail service
Base of the VPS: OS Linux distributive Debian 7 (Wheezy) x86, SASL, Postfix, Cyrus, Amavis, SpamAssasin, ClamAV, FetchMail.

Table 2.5: Provided EMail-services.

Name Description Notes
SASL Simple Authentication and Security Layer (SASL) For authentication there is used the local DB "/etc/sasldb2".

For Cyrus IMAP-server the DB pointed directly in the file "/etc/imapd.conf", as a line "sasldb_path: /etc/sasldb2".

For Postfix there specially configured the daemon "saslauthd" in the configuration file "/etc/default/saslauthd" by lines: 

MECHANISMS="sasldb"
OPTIONS="-c -m /var/spool/postfix/var/run/saslauthd"

Examples of tools for the users and passwords managing: 

sasldblistusers2 # Get users list
saslpasswd2 roman@server.diya.org # Set password for the user
Cyrus Server of the Internet Message Access Protocol (IMAP) provides access to personal EMail and system-wide bulletin boards through the IMAP protocol by the Cyrus project. Sieve (server side filters) enabled. The main configuration files are "/etc/{cyrus.conf, imapd.conf}".

Folder of the Local DB is "/var/lib/cyrus".

Folder of the user EMail is "/var/spool/cyrus/mail".

The folder "/var/lib/cyrus" and "/var/spool/cyrus/mail" were taken from the old server and spare for OpenSCADA mailboxes were removed.

Examples of tools of the mailboxes managing: 

cyradm --user cyrus localhost    # connect as the administator
cyradm --user roman localhost    # connect as the user
sam user/{mbox} cyrus c; dm user/{mbox}   # remove {mbox}
Postfix Service of the messages sending through the Send Message Transport Protocol (SMTP) by Postfix. The main configuration files are "/etc/postfix/{master.cf,main.cf}".

Local lists and DBs: "/etc/aliases.db", "/etc/postfix/{bcc_map.db, local_recipients.db, mynetworks}".

Examples of tools of the server managing: 

postalias /etc/aliases   # updating/forming for the aliases DB from the original text file
postmap /etc/postfix/{bcc_map,local_recipients}   # updating/forming the DB from the original text file
mailq           # the message queue of the actual EMails
postqueue -f    # try now for resending the actual EMails of the message queue

Fixes and changes:

  • [2023.03.02] Revision the relaying policy in "smtpd_recipient_restrictions" to prevent for not allowed and bad relaying.
  • [2021.11.17] Appending by the validation SPF and DKIM.
Amavis The virus and SPAM scanner of EMail by (AMaViS) which for the viruses scan mostly uses ClamAV and for SPAM uses SpamAssasine. Folder of the main configuration files is "/etc/amavis/conf.d".

Folder of the quarantined viruses and SPAM is "/var/lib/amavis/virusmails".

The configuration was taken from the old server and it provides followed policy:

  • For viruses: placing in quarantine and the recipient notifying.
  • For the SPAM level lesser at 5.0: No SPAM and PASS.
  • For the SPAM level lesser at 7.0: Mark as "Possible SPAM" and PASS.
  • For the SPAM level lesser at 10.0: Mark as "SPAM" and PASS and quarantine.
  • For the SPAM level great at 10.0: Kill the message.
ClamAV Checking for viruses by ClamAV. The main configuration file is "/etc/clamav/clamd.conf".
SpamAssasin Checking for SPAM by SpamAssasin. The main configuration file is "/etc/spamassassin/local.cf".

The training DB is "/var/spool/spamassassin/".

Examples of tools of the SPAM-filter learning: 

sa-learn --no-sync --progress --spam /var/tmp/spam    # train for SPAM from the folder /var/tmp/spam
sa-learn --no-sync --progress --ham /var/tmp/ham      # train for HAM from the folder /var/tmp/ham
sa-learn --sync          # sync the learning data
sa-learn --dump magic    # see the training results
FetchMail (DISABLED) Fetching the external mailboxes to the local ones by FetchMail. The main configuration file is "/etc/fetchmailrc".

2.6 VPS: Jabber

Address: jabber.oscada (192.168.0.16)
Service: provides the instant messages server
Base of the VPS: OS Linux distributive Debian 8 (Jessie) x86, Jabberd2. This VPS was successfully updated from the Debian 7 minimal VPS template since such VPS isn't accessible for the x86 platform on Debian 8.

For the user authentication of the instant message server there is used LDAP on the VPS "DB". For the contacts storing there is used the table "jabberd2" on the DBMS MySQL of the VPS "DB". The configuration and the table "jabberd2" were taken from the old server and successfully adapted to the new one.

2.7 VPS: ALTLinux32 builder

Address: bldrALT32.oscada (192.168.0.100)
Service: the building environment for Live Disks and firmware of the Linux distributive ALTLinux 5 (5.1) and 6 (T6) of the hardware platform x86
Base of the VPS: OS Linux distributive ALTLinux T6 x86, MKImage

This VPS contains a set of MkImage profiles which mostly used from the Automatic Builder of OpenSCADA in context of the Automation Linux distributive of the project OpenSCADA, and allowed also for manual using.

2.8 VPS: Debian8 builder

Address: bldrDeb8.oscada (192.168.0.101)
Service: the building environment for Live Disks and firmware of the Linux distributive Debian 7 and 8 of the hardware platforms x86 and x86_64
Base of the VPS: OS Linux distributive Debian 8 (Jessie) x86_64, Live System Build Components (live-build).

This VPS contains a set of the Live System Build configurations which mostly used from the Automatic Builder of OpenSCADA in context of the Automation Linux distributive of the project OpenSCADA, and allowed also for manual using. That is used in building for old Debian distributions 7 and 8, when the new ones are built on an external host with the modern building environment. Some pure ToolChain-based builds located in the VPS.

2.9 VPS: OpenSCADA simulators-models

Address: oscadaModels.oscada (192.168.0.110)
Service: execution the OpenSCADA simulators-models of the automation systems and providing the Web-based external access
Base of the VPS: OS Linux distributive Debian 7 (Wheezy) x86, OpenSCADA

All the OpenSCADA simulators-models were prepared to provide not modified installation and to deploy their easily, besides setting some specific passwords in the configuration file. Currently follow simulators-models prepared and executed:

3 Links

Retrieved from "http://oscada.org/wiki/index.php?title=Sub-projects/Server&oldid=85227"