Managing a network of UNIX workstations

George Robbins grr at cbmvax.commodore.com
Sat Jan 13 20:15:19 AEST 1990 

In article <3949 at jhunix.HCF.JHU.EDU> barrett at jhunix.HCF.JHU.EDU (Dan Barrett) writes:
> 
> 	I may be managing a network of DECstation 3100's running Ultrix in
> the near future.  I have been managing VAXen for a long time, but never a
> network of workstations.  So, I have some questions:
> 
> (1)	How do you handle inter-machine superuser privileges?
> 
> 	I do NOT want to put "root" in /.rhosts -- this is a big security
> 	risk, right?

Don't unless you can control physical access to the hardware or are operating
in an intentionally un-secure mode.  It is may be an acceptable risk /
convenience if you have a coule of servers in a secure area.

> (2)	How do you do transparent backups?  I want to pop a tape in ONE
> 	tape drive and say "Back up ALL files from ALL workstations onto
> 	this tape."

One traditional means is to have an "operator" account on all machines
and then have all the "raw" disks readable by "operator" and use a shell
script that remotely executes rdump on on each of the systems. 

Unforturnatly the Ultrix dump program is broken and thinks only "root"
is allowed to run dump.  I don't know of any convienient and secure
automated way to handle this.

The operator can still do the dumps from a central site/machine/tape, but
he has to know the root password and log into each of the machines and
manually run the dump program.
 
> 	Suppose I dedicate one workstation as the "main node", mount all
> 	other workstation disks on the main node using NFS, and then back it
> 	up.  This should work...?  But don't I have to worry about
> 	inter-machine superuser privileges?  After all, we want to back up
> 	EVERY file from EVERY machine.

Yep...  Plus you can only use cpio/tar across NFS.  Dump/restore are
generally speaking better tools.

> (3)	We'd like all users to have accounts on all workstations.  What's
> 	the best way to maintain an inter-machine password file?  I've
> 	heard vaguely of "yellow pages" but have never used it.

Yellow pages is probably a good way to do this, especially for a cluster
of workstations under one management being used in a homogenous manner.
Start with the DEC YP manuals and also get ahold of a set of sun Manuals
if you can...

> (4)	We'd like a system where the entire network appears to each user as
> 	if it were one huge "machine".  A user would log onto this "machine"
> 	and not care which workstation s/he were actually using.  (Maybe the
> 	"machine" would automatically log the user onto the workstation with
> 	the lightest system load.  I've seen this done with VMS systems at
> 	other schools.)  Can this entire scheme be done?  Transparently?

All the file systems can appear as one big filesystem if you set up an
appropriate cross mounting scheme.  YP can help with this.  Automatic load
sharing is not so simple and would be hard to make transparent in most cases.

> (5)	Should we put disks on every workstation, or have one fileserver and
> 	many diskless workstations?  Which is better?  Easier to maintain?

This is a religious question.  Central fileservers definitly make the
backup problem *much* easier to manage.  Backing up across a network is
slow and painful, having a decent performance tape drive on the same system(s)
as the disk drives is much faster.  The fewer filesystems you have to dump
the easier media management and recovery are.

> 	My idea is to have one or two fileservers, make the other
> 	workstations use NFS, but put a small disk on each workstation for
> 	swapping only.  Good?  Bad?  What's better?

Another one.  If you can afford to, put at least a swap disk on each system
and/or a root/swap/var disk(s) on each one and let the fileserver serve
files and not handle swapping or booting.  Some people will tell you that
network stuff is faster that low performance built-in SCSI drives.  This
may be true, especially on a lightly loaded net - if so, just run the
systems diskless.

> (6)	Does anybody make a removable media drive, like the Syquist
> 	44-megabyte cartridge drive, for the DS3100?

Anything SCSI may work, but you'll probably have to try it to test for
compatibilty before buying.  Small removable media hard drives are
still of questionale reliability.
-- 
George Robbins - now working for,	uucp: {uunet|pyramid|rutgers}!cbmvax!grr
but no way officially representing	arpa: cbmvax!grr at uunet.uu.net
Commodore, Engineering Department	fone: 215-431-9255 (only by moonlite)

More information about the Comp.unix.ultrix mailing list