Sakai/OSP Portfolio Implementation @ UvA

Bas ToeterUniversiteit van Amsterdam

b.toeter@uva.nl

Agenda

• Infrastructural Architecture– File storage, Database, – LDAP, e-mail, sizing.

• Customization– Sites, Roles, – Realms, Permissions.

• Software Development Aspects– Development, deployment.

OSP @ Amsterdam• Piloted with OSP 2.0 in 2005 / 2006

– Worked on internationalization and testing– Set up a QA server with automated testing– Documented a couple of tools

• Sakai 2-2-x production since January 07– Worked on OSP bug fixing and testing– Set up a QA server

• Sakai 2-4– Worked on OSP requirements– Some testing

• We have a Portfolio only implementation

Infrastructural Architecture

• Sizing – How may users do what at the same time?– cpu, memory, storage, database, bandwidth– Load balancing

• Enterprise Integration – File Storage– Mail– Database– User management / Authentication

Sizing• Guestimates:

• Current numbers– 637 users– 62 MB database– 449 MB uploaded files

Dual 3.4Ghz CPU4GB memoryRedundant storage

Year Programs Users Concurrent File storage DB storage

1 9 750-1200 125-200 240 GB 1440 MB

2 15 2250-3150 375-525 630 GB 3780 MB

3 40 5760-7100 960-1200 1.4 TB 8250 MB

Load balanced infrastructure

Server 1

Loadbalancer 2

Loadbalancer 1

Server 2

Load balanced infrastructure• Two Cisco content switches

– (Which are a pain to configure)– Running in failover mode

• Sessions are sticky– Users need to keep going to the same

instance

• No true clustering, just load balancing• Offloading SSL

sakai.properties# identify your application server with a short name, un…# choose a server id even if you are running a single a…serverId=bomans

# the URL to the server, including transport, DNS name,…serverUrl=https://portfolio.uva.nl

# force all URLs out of Sakai back to Sakai to be secure…# Otherwise, the URLs will reflect the attributes of the…force.url.secure=443

# For OSP, only set auto.ddl = true on one cluster serverauto.ddl = true | false

File Storage• Files stored on Storage Area Network

– Network Storage mounted on a fileserver– Using NFS between members and fileserver– Reduced storage overhead through many

‘small’ (~800GB) volumes (lowers cluster size)

Fibre ChannelNFS

Server 1 SANFile Server

sakai.properties# root of archive file system area - used to write… # when clustering app servers, this should be a sh… # storagePath@org.sakaiproject.archive.api.Archive…storagePath@org.sakaiproject.archive.api.ArchiveService = /home/portfolio-files/sakai/archive

# when storing content hosting's body bits in file…# to act as volumes to distribute the files among …# see the readme file (2.2.7 File Based Content Ho…bodyVolumes@org.sakaiproject.content.api.ContentHostingService = volume1

# Site quota setting (KB)siteQuota@org.sakaiproject.content.api.ContentHostingService= 204800

Mail Integration

• Outgoing mail – Goes out through a local sendmail– ‘Smarthost’ configuration

Portfolio server

Local sendmailprocess Corporate SMTP servers

Mail Integration

• Incoming mail – Not doing this …. yet– May do something like this:

Portfolio server

Local sendmailprocess Corporate SMTP servers

@portfolio.uva.nl

James

Mail Integration

• Incoming mail – Or simpler:

Portfolio server

Local sendmailprocess Corporate SMTP servers

@portfolio.uva.nl

James

sakai.properties

# smtp server for outgoing emailssmtp@org.sakaiproject.email.api.EmailService=localhost

# email address to send errors caught by the portal…portal.error.email=portfolio-fb-ic@uva.nl

#setup request; from address for emails to users about…setup.request=portfolio-fb-ic@uva.nl

# flag to enable or disable James for incoming email…smtp.enabled = false

Database• Size (oversized multipurpose db)

– SUN V890 - 16 GB physical - 4 dual core UltraSparc IV @ 1200 MHz runningSolaris 8 2/04 s28s_hw4wos_05a SPARC.

– Oracle 9.2.0.8

• JDBC Driver– ojdbc14.jar v. 10.2.0.1.0 (1.536.979 bytes)

• AL32UTF8 Character set

User Management

• User creation via a tool– Controlled rollout

• LDAP authentication– Implemented a UserDirectoryProvider– Supports fallback and multiple domains– Does not create accounts

Vlan

Management &Backup interfaces

Public Interface

Server1 / Frontend

Public interface

L2 loadbalancer

portfolio.uva.nl

L1 loadbalancer

Server2 /Frontend

Portfolio Specific Infrastructure

ldap1.uva.nl

ldap2.uva.nl

ldap3.uva.nl

SAN

Coolen / NFS

SMTP

DB

Management &Backup interfaces

Public Interface

Management &Backup interfaces

The big picture..

Customization

– Gateway site – Different My workspace’s– Managing site types– Delegated site creation– Realms, Roles, Permissions

Customize your Gateway

• Gateway is a site defined in !gateway • Use the Sites tool to modify

Diversifying the My Workspace

• Different users have different needs and get different tools…..defined in ‘site template’

The effect of Type on My Workspace

Sites• Choices in setting up portfolio sites

– Portfolio in My Workspace ?– One Portfolio site per student ?– A site per study program?– Site per study program per year?

• Presentation and Matrix tools in different sites?

• Leave it up to faculty !

Portfolio sites• Defined as a category in toolOrder.xml

<category name="portfolio"> <tool id = "sakai.iframe.site" /> <tool id = "sakai.synoptic.chat" /> <tool id = "sakai.synoptic.discussion" /> <tool id = "sakai.synoptic.announcement" /> <tool id = "home" selected = "true" /> <tool id = "sakai.syllabus" /> <tool id = "sakai.announcements" /> <tool id = "sakai.resources" /> <tool id = "osp.glossary" /> <tool id = "osp.matrix" /> <tool id = "osp.presentation" /> <tool id = "osp.evaluations" /> <tool id = "sakai.siteinfo" required = "true" /> </category>

Allowing local admins to create Portfolio sites (only)

• Use Sites tool to open local_admins my workspace template

Allowing local admins to create Portfolio sites (only)

• Scroll down and open ‘Pages’ section

Allowing local admins to create Portfolio sites (only)

• Open the ‘Worksite Setup’ page• Click on the tool id of the sakai.setup tool• Scroll down to ‘Configuration’

Allowing local admins to create Portfolio sites (only)

• Remove siteTypes ‘project’ and ‘course’

Realms define Roles…

• Define roles in site template realms• OOTB: !site.template.portfolio• Reuse or modify

…and Permissions

• For Sakai tools• not (yet) for OSP tools

OSP Tool Permissions• Can be defined in sakai.properties

# Glossary tool permissionsglossary.permissions.override=falseglossary.permissions.map.count=1glossary.permissions.map.1=Coordinatorglossary.permissions.map.1.siteTypes=portfolioglossary.permissions.map.1.value.count=4glossary.permissions.map.1.value.1=osp.help.glossary.deleteglossary.permissions.map.1.value.2=osp.help.glossary.addglossary.permissions.map.1.value.3=osp.help.glossary.editglossary.permissions.map.1.value.4=osp.help.glossary.export

Software Development Aspects

• Basic idea– Being able to test, and accept before moving

into production– Script as much as possible– Create a simple deployment process

Develop, Test, Accept, Run!

Script as much as possible

DEV PRDACC

Simple Deployment Process

/etc/sakai/sakai.properties

/etc/sakai/toolorder.properties

/usr/local/tomcat1/

sakai.properties

toolorder.properties

tomcat1/

portfolio_prd-r2227-2007-02-12_16.34.tar.gz

• Deployment file contains• Tomcat and• Config files

Todo..

• Upgrade to Sakai 2.4• Move to virtualized hardware• Externalize authentication• Connect to IDMS and CAS

Questions..?