Christian Mesh
Back to Top


Serenity

What is Serenity?

A custom Linux distrobution that has ideological roots in Arch, Debian, and Gentoo. It has a hybrid source and binary package manager.

What have we accomplished?

The entire toolchain was rewritten in golang to promote both code safeness and developer sanity. This migration took the first part of the semester and significantly improved the clarity of the code base

New features were added and implemented since last semester, topping out at around 5000 lines of code. This is in addition to several hundered packages in the standard repos

A installer and automated package builder have been prototyped and are in a functional status

Tools:

  • Forge - Package Creator

    Builds a spakg from a *.pie file. This tool has been moved mostly into a library, with a light cli for testing package builds.

  • Wield - Package Installer

    Installs a package from a *.spakg file. It extracts the fs.tar to a temp directory, checks it against the md5sum file, and coppies all of the resultant files to the root directory.

  • Spack - Package Manager

    Coordinates the creation and installation of packages in a system. This has been improved significantly since last semester, the biggest improvements being search functionality and improved dependency management

  • Smithy - Repo Builder

    Builds all of the packages in a repo and preps them for distrobution onto the mirror

  • Spackle - Installed

    Credit goes to Adam Kimball for the name of the fantastic installer of serenity. It can install to any block device and sort of supports setting up the grub bootloader

What is working:

  • Dependency resolution (advanced with flags,versions, and arch)
  • Binary Repositores
  • Successfully building a package
  • Successfully installing a package
  • Source repositories
  • pre and post install scripts
  • Mark packages installed
  • System wide upgrades
  • Package search
  • Package info
  • Flags!

What is not working:

  • Hooks
  • Grub in spackle

Stats:

  • 250+ commits
  • 10000+ lines added
  • 5000+ lines removed
  • 3 contributors

Zabbix Setup

Kyle and I did more setup this semester, we added more systems and experimented with different forms of authentication

Orwell

What is Orwell?

A new monitoring and management system that takes inspiration from both Zabbix and Nagios. The goal is to create a secure and flexible monitoring system that is easy to use and configure.

Components

Core:

The database access layer and setup scripts

Sentinel:

The service that watches over the remote systems (clients) and asks them for information and to run tasks. There can be multiple sentinels on a orwell system that share the load and responsibility.

Agent:

A small service for the Sentinels to connect to for monitoring the remote system.

Transport:

Secure client server over libssh that uses rsa keys for authentication. This is the layer between sentinel and agent

Api:

A CRUD API based on the standard golang http server. This api requires an authentication token, which can be received from a login. It is designed to support both the Website and cli access through a long term auth token.

Web:

Standard web interface for Orwell. Written in angularjs, it is a well structured interface to the system which is completely written in html and js. All information comes directly from an Api node so the website can be hosted on a simple web server.

Stats:

  • 200+ commits
  • 4000+ lines total
  • 2 contributors

ITL Creation Script

Script to automate the creation of the base image for the ITL.

Usage:

./create_build.sh    (as root)
This generates a linux system at /itl-build.  The recommended way to use this system is rsync it to a server running nfs and configure a read only export.  Then boot the kernel with the standard nfsroot arguments (preferably over pxe).

Requirements:

  • debootstrap
  • chroot
  • systemd-nspawn
  • at least 6 GB at /itl-build (TODO location parameter)

Changes from last semester:

  • Fuse support
  • Static IP addresses in the ITL
  • Support for mounting/unmounting flash drives
  • Switch to lightdm

Future of the build

I am handing off the responsiblity of maintaining and updated the build to Kyle