Posts tagged Server
Working Locally from a Remote Location
Mar 2nd
Yes, I know it sounds funny. You can work locally from a remote location. I am specifically referring to use of LTSP. I am managing a server for a company, and I will be placing the server in an air conditioned server room; and I don’t want to sit in that room all day long. I installed an LTSP server so I can sit in the main office and boot a PXE enabled computer from the system. LTSP allows you to login directly to the server from a remote location. The desktop environment will be exactly the same as if you were sitting in front of the machine. The only difference is the LDM login screen, which technically you can change to anything including GDM.
I want to take the graphics card out of the server; its a nice Nvidia card; in the end I will not being doing what I want because I cannot leave the server completely without local video capabilities. I will be relying on the motherboard integrated Intel video chipset on the PXE enabled computer. It will server its purpose. I will be taking the 1080p capable monitor from the server, to use on the client; this I can get away with. Its a nice system and a pleasure to manage.
Remote Server Management in Local Facility – LTSP
Feb 13th
I’m using LTSP to manage a server remotely in a local facility. I setup an LTSP server on the host machine, and will place it in an air-conditioned room to preserve longevity. I configured a machine, of much lower power, to PXE boot from the server. There are several nuances to setting up an LTSP server. Once all is done you realize that it is less complicated that is can or needs to be. When things go right there is essentially three step in total. First:
sudo apt-get install ltsp-server-standalone
This installs the works. Then configured dhcp.
sudo nano /etc/ltsp/dhcpd.conf
Config the subnet to the same that you are using on your router. Clearly if your routers local ip is 192.168.0.1 your subnet would be 192.168.0.0. Then set a range. Make sure you turn off the dhcp servers in any and all routers connected to the network. You need the dhcp server on the machine to be the sole and only. Set the “next-server” option to the came local ip address of the server. Then set the rest of the options; domain, default gateway, dns…. Then reboot the server:
sudo /etc/init.d/dhcp3-server restart
Build the clients:
sudo ltsp-build-client
Thats really all there is to it. I’ve found that problems do arise, and instead of trying to fix them just purge all the installed applications and start over.
sudo apt-get remove --purge ltsp-server-standalone ltsp-server xinetd
One time I was stuck because there were two tftp inet servers, openbsd-inetd and inetd-hpa. They were conflicting. Then purge the autoremove function:
sudo apt-get --purge autoremove
Then start over installing ltsp-server-standalone. You can test your ltsp server using VirtualBox. Just like a real machine set the boot sequence to network as the first option. Now hook up a fancy monitor that can support 1920×1080 to the relatively low powered machine in the other room, and remotely manage your server from a pseudo local desktop environment.
Web Based SSH Clients
Dec 25th
If you want to connect to your server in an encrypted and secure fashion, but do not want to or cannot install a binary on your local system, you can use a web based ssh client. The original software, that I have heard of, is Anyterm. It has since been replaced by Sjax Term, and subsequently Web Shell. I have played with Ajax Term a bit, but could never get everything working as I wanted. I’m going to take a second crack as Ajax Term, and then Web Shell. I would like a secure means of connecting to my server, but there is a hitch. The most secure means is to use rsa keypairs. Which means the key must be transportable on a usb drive or the like. I wonder how well Ajax Term or Web Shell function using a rsa key. Conveniently you can install ajax term directly from the Ubuntu repos. A simple:
sudo apt-get install ajaxterm
Ajax Term will be installed as a system server complete with an init.d script. In Karmic you will issue:
sudo service ajaxterm start
Configure Ajax Term in /etc/default/ajaxterm. Ajax Term does not do encryption, therefore for security you would do ssl, and connect to your server with https. Refer to the Ubuntu documentation for more information about ssl setup for Ajax Term. As per Ubuntu documentation there is also Shell in a Box. There are various choices and wants to get a secure connection to your home machine.
The main reason I recommend, and prefer rsa keypairs is to completely disable password authentication on the server. This eliminates the possibility of a brute force attach, or a ssh DOS. The server rejects are password attempts no matter what. It is a sweet configuration, and as a server administrator you can walk around with a usb drive with your rsa key to connect to the server securely.
Server and Backup Layout
Dec 22nd
Both the master and slave servers reside on a host machine. Clearly the servers are virtual machines. Its strategic to use virtual machines because the host machine remains useful for a variety of other tasks. The virtual server compartmentalize the functions to a discretely backupable file. In my particular arrangement the master server is synchronized with the slave server. The slave server has the same applications installed as the master. A fully functional apache web server with php and mysql support. The mysql database is synchronized as a replicate in real time, and rsync is used to sync the apache web root. In the rsync function I skip the wordpress and wiki config files, in which I reference the mysql server on the slave machine. Doing so allows server2 to be a drop in replacement for the master just by switching the port forwarding settings in the router. I would have to reconfigure my.cnf as the master in such a transplanation. The mail server has spamassassin and clamav installed on master and slave and /var/mail are synchronized to keep a relatively real time backup.
Then once a day the slave server is backed up. Vboxtool handled this seamlessly. Vboxtool stops the virtual machine, transfers it, and automatically restarts it. The initial backup is done to backup1. Then rsync is used to backup the home folder on my host system. I also use the computer for my own personal things, which are effectively backed up to backup1. Then, subsequently, the host initiates an rsync of backup1 to backup2, then to backup3. I have a rsync duplicate of backup1 on backup2 and backup3.
The host also is a MythTV server, and backup3 is the client that is subsequently connected to the TV. I have my various hosts relatively diversified and multitasked.
Slave Server – Backup the Backup – More Uptime
Dec 21st
I’m almost at the point of having a completely duplicated slave server. Currently mysql database replication is working. I have apache php5 and mysql fully working. The server synchronizes the apache root directory, with the server, every minute. Therefore for all practical purposes any file changes on the master are propogated to the slave. The mysql database is propogated in real time. I installed dovecot, sendmail, spamassassin, and clamav therefore the email environment is setup. I’m going to sync the entire /etc directory.
I’m stuck, for a little, on the users inboxes. I’m trying to rsync /var/mail but I think some permissions are missing. After I get the /var/mail directory to synchronize, as per crontab, the systems will be fully synchronized.
Now when server2 is backed up using vboxtool the main server will remain completely online! This will save approximately 5 minutes per day, therefore I will be saving 30.42 hours of downtime per year. By backing up the server as such I will be adding 30.42 hours of uptime; a rather big number.
