RaQ 550

From CobaltFAQs

nbsp UI fix - Fix four lines that have HTML typos

Complete Feature List

Hardware Design

• single processor
• reduced cable design
• off the shelf certified power supply
• dual front mount cooling fans
• ear and slide rail mountable
• tool free cover removal

New and Improved Features

• Software RAID (at install, choose 0 or 1 in 2 disk system)
• Journaling file system
• Security enhancements: SSH, stackguard compile?
• power options: wake on lan,
• JSP and servlet support
• IP address assignment restriction
• UPS UI config/monitor
• enhanced user addition
• admin login for virtual site maintenance
• additional server admins
• software auto-provisioning
• enhanced monitoring: power supply, battery, thermal, memory, SMART

User Interface

• Feature detection to generate pages
• Hide disabled features for sites
• Access-controlled display
• Data preservation
• Online support
• BlueLinQ? UI update

Server Admins

• Create alternate admins
• Cleaner implement of alteradmin from XTR
• Use Levels of Admin from Mendocino
• Server admins cannot
  • manage other admins
  • lock the desktop
• configurable capabilities
  • some ISPs may want to restrict

Software RAID

• install-time select
• one time configurable
• only appears in 2 disk systems

Journaling File System

• Faster boot - no need for fsck or quota check
• Journal maintains consistency
• No guarantees against lost data in crash scenario
• Implemented as XFS

Security Features

• Buffer overflow protection (stackguard)
• port scan detection
• SSH

Power Options

• Wake on LAN
• Wake on Power application
• Reboot and shutdown on one page for consistency

JSP and servlet support

• add ability to run
• configurable per domain
• jakarta tomcat
• Web Archive (WAR) files created with jar utility

IP Address Pools

• allows ISPs to restrict assignable IPs
• prevents IP address conflicts
• server admin configures allowed ranges
• ranges enforces on
  • site add
  • tcp/ip settings change
  • interface aliases

UPS Enhancements

• Config and monitor in UI
• Integrate with Wake on LAN
  • power up configured slaves

User Add Enhancements

• help find unused names
• suggest alternates if requested name is in use
• suggest email alias with requested name, if available

User import/export

• import same format as qube
• export usable by site admin or server admin
• use to move users to another server
• does not move settings or data

Admin Site Logins

• remove 32 group limit (via kernel/libc patches)
• allow server admins to manage files for all sites
• replace admin-fqdn logins

software provisioning

• allow customized software payload without config to order server
• via LCD interface or control station

Enhanced monitoring

• increased coverage
  • power supply
  • battery
  • cpu temp
  • fan speed
  • ECC memory
  • UPS
  • JSPs and servlets
  • RAID status
  • SMART and DMA
  • buffer overflow
  • port scan detection
• ACPId for immediate alert on power supply and temp
  • Active Monitor will shut down on fan fail - spare fans a must!
• images show hardware for RAID, ECC and fans
• "service required" LED on front bezel

password database

• most users now in berkeleydb file
• scales to 10s of 1000s
• system accounts still in flat files

virtual host config

• separate files in /etc/httpd/conf/vhosts
• no more home site

web server settings

• hostname lookups checkbox
• settings in /etc/httpd/conf/httpd.conf

backup

• site/user backup is data only
• files must be restored to same raq with site and user data already in CCE

• need CCE backup

SSL

• admin site not tied to virtual sites
• secondary certificate authorities
• improved UI
• generate signing requests independent of self-signed certs

Mail

• mail in $HOME/mbox
• catch-all email address in Email Settings
• Mail aliases

Virtual Site/User? Dirs

• site and user dirs are hashed to provide file system independent scaling
• symlinks with legacy naming used for command line navigation

interface aliases

• allows greater control of aliases
• easier to set up multiple, small, non-contiguous subnets
• does not assume netmask

capabilites/LOA

• allows assignment of privs to users
• used for server admins and ui access control
• capability groups setup in constructors
• ccewrap also capabilities-enabled

CCE/CSCP

• FIND with regex matching
• capabilities
• custom security rules
• rollback

PCI card support

• scsi and gigabit card investigated, no official support
• drivers autoloaded on boot for known cards
• new interfaces appear in tcp/ip settings screen

DNS/AutoDNS?

• uses BIND 9.1.1
• runs as named chrooted (/var/lib/named)
• zone file format config in UI
• auto-dns enabled by default
• email fqdn aliases that share site domain create MX and A records
• web fqdn alises that share site domain create CNAME records

UI logging

• UI logging turned on to study beta testers
• info logged to /tmp/ui.log
• config in /usr/sausalito/ui/conf/ui.cfg
• blank out to disable

additional storage

• more flexible
• add storage without erasing or forcing use as a "home" partition
• erase without remove/re-add
• supports SCSI on external SCSI port

statistics enhancements

• now uses iptables
• logrotate only rotates logs to avoid missing hits
• split_logs run serially to avoid hogging CPU and RAM
• configuraibe: enable, resolution, archive history

connection rates

• allow config of inetd connection rates
• connections/minute
• settable per service

Jumper Information

Thanks to Glenn M. at OpenGate for this info about motherboard jumpers:

• JP1: On: Sets the FSB to 100 Mhz, Off: Sets the FSB to AUTO
• JP8: Doesn't seem to do anything on and off
• "As far as I can see there are no other jumpers present (you'd have to solder them yourself)"

Security Warning

Due to the out of date and possibly vulnerable software, it is recommended that you upgrade your RaQ appliance to the BlueQuartz (Strongbolt) or RackStar Server Appliance OS.