RUB logo placeholder

RUB – Koha Centralization

Centralization of Koha ILS for Nine Constituent Colleges

Royal University of Bhutan (RUB)

A proposal to consolidate hosting at OVC while preserving college autonomy, improving reliability, security, and observability.

Tip: Use / keys to navigate.

Summary

Current Scenario

  • 9 independent Koha ILS hosted locally across colleges.
  • College-specific VMs with limited central oversight.
  • No unified disaster recovery posture.

Proposal

  • Centralized hosting at OVC; independent Koha VMs per college.
  • Autonomy retained for configuration and operations.
  • Shared platform services for reliability, security, and DR.

Features

  • Autonomy with centralized reliability.
  • SIP2 integration for RFID.
  • Anti-bot & AI-scraping protection.
  • Comprehensive monitoring & transparent reporting.

Objectives

  • Centralize Koha hosting while preserving autonomy.
  • Ensure reliable power, networking, and DR readiness.
  • Secure SIP2 for RFID integration.
  • Protect OPAC/SRU endpoints from AI abuse.
  • Provide transparent monitoring and reporting.

Architecture Overview

Logical Layout

Users → Nginx LBs (load balancers) → College VMs (Koha + MariaDB + Zebra/ES + SIP2) Shared Services: Proxmox VE, PBS, Zabbix, Uptime Kuma, MinIO/NAS DR Site: 1× Proxmox VE + PBS

Notes

  • Per-college VM isolation; shared infra plane.
  • TLS termination and WAF at Nginx LBs.
  • Backups land on PBS; replicated to DR site.

Networking & UPS Design

Dual ISPs → Firewall HA → Core Switches → Proxmox/Nginx → PBS → NAS/MinIO UPS Layer: 20 kVA, N+1, 30 min runtime + generator

Resilience

  • Dual uplinks with failover.
  • Firewall HA (active/standby).
  • N+1 UPS with generator support.

Security

  • Segmentation for OPAC, staff, and SIP2 networks.
  • Strict ACLs, IP allowlists for kiosks.
  • Centralized certificate management.

Key Features

VM Management

  • Proxmox VE cluster for compute & HA.
  • PBS backups with nightly schedule & 90‑day retention.

SIP2 Security

  • stunnel TLS wrapping for SIP2.
  • Per‑college ports and IP restrictions.

Load Balancing & WAF

  • Nginx LBs with TLS termination.
  • Bot‑blocking & AI scraping deterrents.

Monitoring

  • Zabbix metrics and alerting.
  • Uptime Kuma public status page.

Hardware & Cost (Primary Site)

ItemQtyEst. Cost (INR)
Proxmox VE hosts212,00,000
PBS 20 TB14,00,000
Nginx LB23,00,000
UPS 20 kVA212,00,000
Core Switches26,00,000
Racks + PDUs + cabling3,00,000

Figures are indicative; vendor quotes required for final budgeting.

DR Site & OPEX

DR Site

ItemQtyCost (INR)
Proxmox VE15,00,000
PBS backup 10 TB13,00,000

OPEX (Annual)

  • Dual ISP: At actuals
  • Sysadmin staff: At actuals
  • AMC/Support: ₹5,00,000

Implementation Roadmap

Timeline

  • Month 1: Deploy Proxmox VE, PBS, Nginx, UPS, networking
  • Month 2: Build Koha VM template, pilot migration
  • Months 3–4: Migrate remaining colleges
  • Month 5: Deploy DR host, replicate PBS backups
  • Month 6: Launch status page, finalize monitoring

Success Criteria

  • All 9 colleges live on centralized platform.
  • RPO ≤ 24 hours; RTO ≤ 4 hours.
  • Public status page with 99.9% monthly uptime.

Thank You

Questions? Contact the OVC ICT Team.

Add college and RUB logos to the header for branding.