In this success story, you can find out how we set up a collaborative workspace for SOLARKIOSK AG, a company offering green energy services, high-quality products, and sustainable solutions all over the world. This workspace allows all members of the team to work and communicate with each other from anywhere and at any time – efficiently, reliably, and securely.
Requirements for the IT infrastructure
The desired infrastructure should allow standardized management of a heterogeneous environment containing Windows, Apple, and Linux desktops in a single domain and include a central identity management system. In order to facilitate more comprehensive, collaborative working among the employees located at sites across the globe, the company required, in addition to a groupware system, solutions for private cloud file sharing and project management as well as an Intranet solution for knowledge management.
Following successful realization of the project, the cooperation can now continue in a virtualized environment with UCS.
In this article, you find out more about what hardware and software we employed in this project and how.
The SOLARKIOSK AG team
SOLARKIOSK AG, a team with more than 250 members working in Ethiopia, Kenya, Rwanda, Tanzania, and Germany, coordinates all of its tasks via simple data exchange formats and communicates using IMAP mail.
SOLARKIOSK AG’s infrastructure
With no official premises at the sites in Africa, but a company headquarters in Berlin, our first step was to evaluate the company’s situation. After thorough analysis, we suggested the development of a classic, Open Source, on-premises infrastructure.
Open Source, on-premises infrastructure
In order to allow easy upkeep, maintenance, and continuous development, we also suggested using a virtualization software to provide the requisite services separately as dedicated components via virtual machines with the use of a classic Linux appliance and employing the Univention Corporate Server now also successfully in use there.
All the central aspects – including the creation of new users, groups, and network drives – are easily accessible and centrally administrated via the Univention Management Console. UCS’ flexible concept and integrated replication mechanisms inherently support the mounting and administration of additional services such as the groupware Zimbra.
Hypervisor
- Hypervisor Univention Virtual Machine Manager for the management of virtual machines
- Integrated OpenVPN site-to-site tunnel and RoadWarrior bridge server
- Integrated 4-zone firewall and Internet proxy
- 64-bit server software with logical volume management and monitoring of system services
Storage
- SSD hardware RAID 6 for virtual machines with a useful capacity of around 480 GB
- SATA hardware RAID 6 for virtual machines with a useful capacity of around 4 TB
Virtual machines
The virtualization software QEMU/KVM provides the following components in a dedicated fashion:
- Virtualized master server for domain management
- Virtualized file & print server for roaming profiles, group policies, and print services
- Virtualized Zimbra groupware server with offline web app, support for mobile devices, and an Outlook connection
- Virtualized ownCloud Community Edition server with LDAP connection
- Virtualized OpenProject Community Edition server with LDAP connection
Hardware sizing
The services for the more than 250 users are provided by a reliable server with emergency power supply and switch from Thomas-Krenn.AG.
- Supermicro server board with Intel chip set
- Dual Intel Xeon 6-Core CPU 1.6 GHz
- 128 GB ECC master memory
- 4 servers SSD 240GB
- 4 servers SATA hard drives 2 TB
- 1 SAS RAID controller 8-port
Open Source cloud infrastructure
In a further milestone, the on-premises infrastructure was expanded with a cloud infrastructure from Filoo GmbH and the groupware server swapped out in light of the growth.
The cloud infrastructure comprises four virtual instances, which are connected via a private network segment, offer services via a public network segment, and use Filoo GmbH’s Ceph block storage.
The key component on the cloud is a UCS domain controller slave for the provision of the central identity management system. This instance was connected with the domain controller master via OpenVPN for continuous replication.
The second instance forms the basis for the Ubuntu server LTS and the Zimbra groupware. The third instance provides the CRM solution Odoo. The fourth instance takes care of the backup.
Assignment of a virtual CPU, 2 GB vRAM, and a 10 GB Ceph block storage is sufficient for high-performance running of the instances such as that of the domain controller slave. The resources can be increased during runtime.
Outlook
This environment supports a team working at different locations via a traditional, collaborative workspace provided on premises and on the cloud. Complete control is retained, the system can be centrally administrated, and it is also possible to integrate additional enterprise apps from the Univention App Center, for example.
The selected hardware and software components have proven their worth and allow problem-free shared working. The resources are sufficient for the virtual instances and have not required any expansions to date. The central administration of identities has proven practical.
I hope that this user story will provide you with new impulses, and would be delighted if it did. If you have any questions or comments, please feel free to use the comments field or contact me directly via our website.