Re: (ASCEND) In Defense Of Ascend...

To: Peter Winker <WINKER@mailer.MPI-STUTTGART.MPG.DE>
Subject: Re: (ASCEND) In Defense Of Ascend...
From: Joe Portman <baron@ws4.aa.net>
Date: Fri, 27 Mar 1998 19:28:06 -0800 (PST)
cc: ascend-users@bungi.com
In-Reply-To: <01IV5R2TZOOI8WW2IK@MAILER.MPI-STUTTGART.MPG.DE>
Reply-To: Joe Portman <baron@ws4.aa.net>
Sender: owner-ascend-users@max.bungi.com

On Fri, 27 Mar 1998, Peter Winker wrote:

> >13 maxen, 5500+ users, 95% linux based.
> 
> >Our main servers are all RH 5.0 net-booted to a Netapp fileserver.
> 
>                                 ^^^^^^^^^^
> 
> 			Joe , what do you mean by this ?

The servers are running totally diskless, except for a boot floppy.

> 			could you explain a little bit more please .

Sure, the root filesystem is loaded via NFS.

> 			so you boot several LINUXen from a fileserver ?

Yes, using a lilo config file like this to create a boot floppy. Each
server has two ethernet cards. Ether0 is on the 'nfs-bone'. Ether1 is
connected to the Internet.

--------------------------------------------------------------------------
boot = /dev/fd0H1440
install = /fd/boot.b
map = /fd/map
prompt
timeout=50
compact
root=/dev/nfs
image = /fd/vmlinuz
   label=slave1-128
        read-only
        append = "panic=60 mem=128m nfsroot=10.10.11.10:/linux_root \
        nfsaddrs=10.10.11.11:10.10.11.10::255.255.255.0:slave1:eth0:none"

-------------------------------------------------------------------------

This mounts 10.10.11.10:/linux_root as the _root_ file system and then
continues booting from there.

You have to play some tricks in /etc/rc.d/* and I don't use an /etc/fstab,
rather I have a script that determines which filesystems to mount based on
the host name from the floppy disk.

> 			do they have a boot-prom, where is swap-space ?

No boot prom is needed. No swap space either. :-)

Each server has 128M ram (which has proven to be _plenty_) for this
configuration.

All slave servers _share_ a '/' and '/usr' file system _read only_. 

This makes for a very secure system (attacker cannot modify system files)
and a very scalable system (easy to create additional slaves).

In addition, we use the 'snapshot' feature of the Netapps to keep 'online'
backups of files as well as making 'offline' backups via high capacity DLT
tape drives.

We use load balancing DNS to distribute service requests to each of the
three slave servers. 

We use a custom /lib/nss_private.so authentication shared library, which
replaces NIS and uses cryptographically signed packets to replace
/etc/passwd and /etc/shadow transparently to the client programs (such as
sendmail, cucipop and ftpd). This, unfortunately, only works for RH 5.0 on
the Intel platform (so far).

So far, this setup has been 100% reliable for over 90 days. 

ZERO mail, ftp or POP downtime in 90 days. ZERO, as in NONE. Individual
servers can be rebooted or taken down for maintenance with NO LOSS of
service for the customer. As long as ONE server is up and running, all
services are available to the customers.

I expect to rack up YEARS of "uptime" with this setup. :-)

Cordially,
-----------------------------------------------------------------------------
Joe Portman  - Alternate Access Inc.     Affordable, Reliable Internet
-----------------------------------------------------------------------------

++ Ascend Users Mailing List ++
To unsubscribe:	send unsubscribe to ascend-users-request@bungi.com
To get FAQ'd:	<http://www.nealis.net/ascend/faq>

Prev by Date: No Subject
Next by Date: Re: (ASCEND) TNT 2.0 Reports
Prev by thread: Re: (ASCEND) In Defense Of Ascend...
Next by thread: (ASCEND) Never a "Bad Password"
Index(es):
- Main
- Thread