Virtual Hosting Services -
In continuing our virtual machine services, we added two new departments to the infrastructure. Vanderbilt Institute Research Group is going to host a web application server that manages their database in our virtual infrastructure. In order to get this accomplished, I had to get the new co-located server subnet trunked into the virtual infrastructure. I had to also create the VM for the OS installation as well as get them access to our bastion host and virtual infrastructure client. Blair is also going to host a file and print server in the virtual infrastructure. I also identified a need for co-located bastion hosts, to ensure the security and minimize access to our bastion hosts.
Monitoring the Virtual Environment -
I got SNMP enabled for our entire ESX environment. Through SNMP we are able to monitor and meter the host as well as its capacity limits and how close we are to those limits. I also enabled the ESX mibs that allow the SNMP query to get information on the Virtual machines that are running on that physical host.
CSM Load Balancer -
In order to stabilize the SMTP environment we began researching putting the mailgate SMTP servers and the exchange front end servers behind the CSM load balancer module. The first stages of testing this is to get physical network connectivity and IP address in the CSM space. I have already allocated the IP space. I have also made the necessary firewall adjustments for the exchange front end servers, and we are currently trying to get the exchange portion tested.
CSM Load Balancer -
In order to load balance the webmail environment, I had to get IP address in the CSM server and client vlans. I then switched the network connection from the actual production network to the CSM production network. At this point I could assign the IP addresses on the CSM server vlan to the webmail servers. I then had to configure a serverfarm, virtual server, and two probes (HTTP, and HTTPS) to allow clients to connect to the web server running on the webmail servers. This was our first production service being load balanced by the CSM module.
Streaming Media Services -
The server that serves the helix streaming media service is scheduled to be replaced by new hardware. We decided to implement this service on a virtual machine rather than on physical hardware. I built the OS and installed the application. I then took a step further and secured the administration of this service. The way administration works on a fresh install is very insecure by allowing authentication over HTTP. I protected this service by wrapping it inside of apache running mod_ssl for encrypted connections from clients to the management interface.
It has been requested to the ITS department to include flash as a form of media we are capable of streaming over the internet. We decided to put this application on a virtual machine. I have successfully installed the OS as well as the application. I also architect ed a secure management solution over an encrypted connection.