Hi everyone!
Angel Martin Alganza wrote:
>
> Subject: Thin Servers & Clients
> (Was: RE: [Leaf-user] Oxygen + TFTP boot
> -&- Re: LRP Print Server & LRP Xterminal)
>
> Hello,
>
> Brett J. Hoffman wants to load his whole firewall OS from a TFTP server.
> Dave Hng wants to set up an LRP Xterminal, so he needs to load packs via
> TFTP.
>
> I, for some time now, am thinking about something related to those two
> ideas, how to set up the following two things:
>
> 1. A cluster of specialized servers (1 web server, 1 ssh & scp server, 1
> mail and perhaps fax server, 1 printer server, etc.). All of them I want
> to be disk-less, except for a disk server which should share its disk
> space to the others (when needed for spooling, storage, etc). Even the
> disk server I would like to be LEAF (or something similar) based; the OS
> would run on RAM, except for the spool data, logs, user data, etc., which
> would reside on its hard disk(s).
>
> The whole cluster should be quite fail resistant (we are all
> familiar to the advantages of the OS running on RAM and being loaded from
> read only media). When one of the boxes should fail, all the other
> services will keep alive. Replacement of the broken box would be as easy
> as replacing the box, booting the new one with the right floppy and you
> are done! (A couple of boxes would be kept as quick replacement onces; and
> the broken one could be fixed or substituted if needed without the
> pressure of laking a service while its being done.)
>
> There should, for all this, be a LEAF Web server floppy (or
> package), a LEAF SSH & SCP floppy (or pack), etc. which would quickly
> convert virtually any computer on a unit of a cluster of servers which
> could be shared with other users with very few changes (keeping the same
> IP addresses for the same service boxes and so...
>
You can actually use bootroms for your ethernet-NICs and load everything
including the kernel via tftp. (I guess this is also what was meant by
Brett J. Hoffman). While being the simplest setup (no floppy drives and
worse floppies to fail), it is probably not the most secure way of doing
it. If someone on the subnet has evil plans I imagine he could somehow
make the diskless machine get to load a manipulated kernel...
I therefore like the idea of booting from a floppy and loading packages
via ssh. This is significantly safer from manipulation. OTOH you have
the floppies to cope with and you need some sort of kernel on the floppy
as well in order to have the ssh connection work.
> 2. Using a single floppy to boot a Wintel box into Linux and make it a
> temporarily Xterminal. The idea is to use a few boxes on a computer
> classroom as Xterminal to a main server where all applications
> (bioinformatics and Internet, mainly) would run. The reason why I want
> them to boot from floppy and leave the hard disks (which they
> have) untouched is because those boxes are used under Windows most of the
> time, and I want them to boot straight into Windows unless a (LEAF) floppy
> is on the floppy drive (when the Xterminal should be set up).
>
You should check out www.ltsp.org for diskless X-terminals. Their system
is designed to run via bootroms and tftp loading the kernel, but in my
opinion this appears to be a lot more acceptable for workstations than
for servers.
> As some of you might know, I was very exited about DavidD's
> Butterfly, which I though I would wait for to be used for this two
> projects. (At the moment, Xterminals are being made by using X servers for
> Windows; and services are run by a single box running Debian; so I am not
> in a hurry and want to analyze all my options before I decide for one). I
> am not waiting for Butterfly anymore and so, I am looking for
> alternatives. LEAF is my first beat and I think muLinux is not bad either.
>
I think the main question is how hard it will be to get the X-server
(and other not typical firewall software) to run with the limited
enviroment in leaf.
> I would like to hear your ideas and criticisms to all this as well
> as your advices on how to proceed (or start :) working on those two
> lines. Perhaps the first step is to decide whether or not LEAF is my way
> to go (which I guess it is).
>
I would really consider LTSP for the X-terminal stuff, since it might as
well work almost out of the box (you can use floppies instead of the
bootroms) and save you lot's of trouble. OTOH I would be very happy to
see ssh based package loading over the network - this might be a big
enchancement in security over tftp. But for the paranoid there is still
no alternative to read only media, ok one could serve the packages from
a cd-rom on the disk-server...
Fabian
--
Fabian Linzberger - [EMAIL PROTECTED] - (0699/1)9568768
Fighting for Socialism: www.worldsocialist-cwi.org - www.slp.at
Do yourself a favor - use and support Debian/GNU Linux
_______________________________________________
Leaf-user mailing list
[EMAIL PROTECTED]
http://lists.sourceforge.net/lists/listinfo/leaf-user
