Moodle hosted off Kuberate-What do I have to know?

Moodle hosted off Kuberate-What do I have to know?

by Aarthi Ramesh -
Number of replies: 1

Hi,

For different reasons, my company is suggesting I move the Moodle environment to an open-source Kubernate private cloud environment. The private cloud is managed by the company's security-cloud team. Currently, it sits in a server-based rack facility and only the people who VPN into the company's network can access it...aka, I never really had to worry about providing access outside the company. With changing requirements and growth, we will open up Moodle to the world wide web (external-facing). Given the highly sensitive and proprietary nature of the content, hosting on a non-company hosted server/cloud may not an option.

As the sole Moodle admin/trainer/person-in-charge, I will be required to plan for the system and security configurations within the environment. The cloud-security team will help plan for a DMZ port access, but finally, I will be responsible for what enters/exits the LMS. I am ready to learn, but here is the challenge. I do not know what I have to know. I have successfully administered/managed/taught using the Moodle VPN-access based environment for several years now but will need hand-holding for this new setup. I am ready to complete any type of admin training, so if someone has pointers in that direction, that will be helpful!

Please advise how I can get started.

Oh ya..eventually the Moodle courses will also need to be available internally to the company employees, so that will be the next project.

Thanks!

Aarthi


Average of ratings: -
In reply to Aarthi Ramesh

Re: Moodle hosted off Kuberate-What do I have to know?

by Ken Task -
Picture of Particularly helpful Moodlers

First ... probably a good idea to post in only one forum a question (such as yours).   Posted in 2 you will/might get responses split ... confusing if someone trying to keep track.

Concept ... moodle is nothing more than a web site, running under apache/nginx (?), accessed via a browser (URL - best if by fully qualifed domain name (hint: external and internal DNS is involved) ... it's a series of php scripts and backended by a DB ... MySQL/MariaDB/etc.  That, you already know.  But add this to the concepts ... networking comes before application (moodle).

So ... does this 'cloud-security team' already run something web based?

As to the security of moodle itself ... a valid tls cert (https), show nothing on front page of the moodle - require all to login to see anything - consider using some internal corp auth for users but at least 3 users need to remain manual ... guest (even if you don't use guest access), the initial admin user that installed and one other account.

If moodledata is gonna have tons of uploaded files, an internal NFS or other file system that is hidden to outside ... and the DB box probably as well.

Those would be 10. IP's?

Am sure others (at least one Moodle Partner) will chime in here.

'SoS', Ken

Average of ratings: -