Difference between revisions of "User:Jbroman/Ceo Architecture"

From CSCWiki
Jump to navigation Jump to search
(starting architecture document)
 
Line 22: Line 22:
 
== <tt>ceo</tt> ==
 
== <tt>ceo</tt> ==
   
<tt>ceo</tt> is the user interface with which users interact. It is implemented in Python and presents a curses-based menu system (though some feature can also be accessed by passing command-line flags). It is installed at <tt>/usr/bin/ceo</tt> by the <tt>ceo-python</tt> Debian package.
+
<tt>ceo</tt> is the user interface with which users interact. It is implemented in Python and presents a curses-based menu system (though some features can also be accessed by passing command-line flags). It is installed at <tt>/usr/bin/ceo</tt> by the <tt>ceo-python</tt> Debian package.
   
 
When launched, users may be prompted for their password. This is used to obtain a Kerberos ticket for the [[LDAP]] service if neither a service ticket nor ticket-granting ticket are found in the cache.
 
When launched, users may be prompted for their password. This is used to obtain a Kerberos ticket for the [[LDAP]] service if neither a service ticket nor ticket-granting ticket are found in the cache.
  +
  +
The following tasks are completed by creating a request which is relayed by <tt>ceoc</tt> and executed by <tt>ceod</tt> on the appropriate machine.
  +
  +
* Adding new users (members, club reps, clubs) is done on [[Machine_List#ginseng|ginseng]].
  +
* Creating MySQL databases is done on [[Machine_List#caffeine|caffeine]] since <tt>mysqld</tt> is configured to allow only local connections.
  +
  +
The library feature queries a PostgreSQL database; all other functions (at time of writing) are done over LDAP using the user's previously obtained ticket.

Revision as of 21:56, 7 September 2010

This is a draft of a document on the architecture of ceo.

Getting

All of these components are available in source form in the the public/pyceo.git repository. The official Debian packages are on http://debian.csclub.uwaterloo.ca/. This server should be in the APT sources list of all club machines.

Architecture

Overview

The ceo ecosystem consists of the following components:

ceo
a command-line interface to various club-related administation functions
ceod
a Kerberized daemon responsible for executing tasks requiring special access (e.g. creating Kerberos principals or MySQL databases) on behalf of the user
ceoc
a client program used by ceo to send messages to ceod for execution

ceo

ceo is the user interface with which users interact. It is implemented in Python and presents a curses-based menu system (though some features can also be accessed by passing command-line flags). It is installed at /usr/bin/ceo by the ceo-python Debian package.

When launched, users may be prompted for their password. This is used to obtain a Kerberos ticket for the LDAP service if neither a service ticket nor ticket-granting ticket are found in the cache.

The following tasks are completed by creating a request which is relayed by ceoc and executed by ceod on the appropriate machine.

  • Adding new users (members, club reps, clubs) is done on ginseng.
  • Creating MySQL databases is done on caffeine since mysqld is configured to allow only local connections.

The library feature queries a PostgreSQL database; all other functions (at time of writing) are done over LDAP using the user's previously obtained ticket.