1 / 61

CIT 470: Advanced Network and System Administration

CIT 470: Advanced Network and System Administration. Workstations and Servers. Topics. Machine Lifecycle Automated Installs Server Hardware Services. Machine Lifecycle. Workstation Management. States of Machines. New A new machine Clean

seanna
Download Presentation

CIT 470: Advanced Network and System Administration

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. CIT 470: Advanced Network and System Administration Workstations and Servers CIT 470: Advanced Network and System Administration

  2. Topics • Machine Lifecycle • Automated Installs • Server Hardware • Services CIT 470: Advanced Network and System Administration

  3. Machine Lifecycle

  4. Workstation Management CIT 470: Advanced Network and System Administration

  5. States of Machines New A new machine Clean OS installed, but not yet configured for environment. Configured Configured correctly for the operating environment. Unknown Misconfigured, broken, newly discovered, etc. Off Retired/surplussed CIT 470: Advanced Network and System Administration

  6. State Transitions Build Set up hardware and install OS. Initialize Configure for environment; often part of build. Update Install new software. Patch old software. Change configurations. CIT 470: Advanced Network and System Administration

  7. Automated Installs

  8. Why Automate Installs? • Save time. Boot the computer, then go do something else. • Ensure consistency. No chance of entering wrong input during install. Avoid user requests due to mistakes in config. What works on one desktop, works on all. • Fast system recovery. Rebuild system with auto-install vs. slow tapes. CIT 470: Advanced Network and System Administration

  9. Trusting the Vendor Installation Always reload the OS on new machines. • You need to configure the host for your env. • Eventually you’ll reload the OS on a desktop, leaving you with two platforms to support: the vendor OS install and your OS install. • Vendors change their OS images from time to time, so systems you bought today have a different OS from systems bought 6 months ago. CIT 470: Advanced Network and System Administration

  10. Install Types • Hard Disk Imaging Duplicate hard disk of installed system. Advantages: fast, simple. Disadvantages: need identical hardware, leads to many images, all of which must be updated manually when you make a change • Scripted Installs Installer accepts input from script. Advantages: flexible, systems can be different Disadvantages: more effort to setup initially CIT 470: Advanced Network and System Administration

  11. Auto-Install Features • Unattended Requires little or no human interaction. • Concurrent Multiple installs can be performed at once. • Scalable New clients added easily. • Flexible Configurable to do custom install types. CIT 470: Advanced Network and System Administration

  12. Auto-Install Components Boot Component Media (floppy or CD) Network (PXE) Network Configuration DHCP: IP addresses, netmasks, DNS Install Configuration Media (floppy or CD) Network (tftp, ftp, http, NFS) Install Data and Programs Network (tftp, ftp, http, NFS) CIT 470: Advanced Network and System Administration

  13. PXE Preboot eXecution Environment Intel standard for booting over the network. PXE BIOS loads kernel over network. Applications Diskless clients (use NFS for root disk.) Booting install program. How it works • Asks DHCP server for config (ip, net, tftp.) • Downloads pxelinux from tftp server. • Boots pxelinux kernel. • Kernel uses tftp’d filesystem image or NFS filesystem. CIT 470: Advanced Network and System Administration

  14. Disk Imaging 2-3. test client • Setup ftp server. • Install OS image on a test client. • Verify test client OS. • Copy image to server. • Boot clients with imaging media. • Clients pull image from ftp server. 4. Copy image 6. Pull img 5. deployment #1 6. Pull img 1. ftp server 5. deployment #2 CIT 470: Advanced Network and System Administration

  15. Clonezilla CIT 470: Advanced Network and System Administration

  16. g4u CIT 470: Advanced Network and System Administration

  17. Scripted Install Tools Red Hat distributions, incl. Centos • Kickstart • Cobbler Debian distributions, incl. Ubuntu • FAI • Preseed Mandriva Linux • DrakX Solaris • Jumpstart CIT 470: Advanced Network and System Administration

  18. Network Configuration What’s so bad about manual net settings? • It’s only an IP address and netmask. • What happens if you need to renumber? Use DHCP instead of manual settings • Make all changes on a single server. • Easy to change settings for entire network. • DHCP can assign static IPs as well as dynamic. CIT 470: Advanced Network and System Administration

  19. Servers vs. Desktops

  20. How are Servers different? • 1000s of clients depend on server. • Requires high reliability. • Requires tighter security. • Often expected to last longer. • Investment amortized over many clients, longer lifetime. CIT 470: Advanced Network and System Administration

  21. Vendor Product Lines Home • Cheapest purchase price. • Components change regularly based on cost. Business • Focuses on Total Cost of Ownership (TCO). • Slower hardware changes, longer lifetime. Server • Lowest cost per performance metric (nfs, web) • Easy to service rack-mountable chassis. • Higher quality (MIL-SPEC) components. CIT 470: Advanced Network and System Administration

  22. Server Hardware • More internal space. • More CPU/Memory. • More / high-end CPUs. • More / faster memory. • High performance I/O. • PCIe vs PCI • SCSI/FC-AL vs. IDE • Rack mounted. • Redundancy • RAID • Hot-swap, hot-spares CIT 470: Advanced Network and System Administration

  23. Rack Mounting Efficient space utilization. • Simple, rectangular shape measured in RUs. • Repair and upgrade while mounted in rack. • No side access required. Requirements • Cooling through back, not sides. • Drives in front, cables in back. • Remote management (serial console, hardware sensors, VM MUI) CIT 470: Advanced Network and System Administration

  24. Server Memory Servers need more RAM than desktops. • x86 supports up to 64GB with PAE. • x86-64 supports 1 PB (1024 TB) Servers need faster RAM than desktops. • Higher memory speeds. • Multiple DIMMs accessed in parallel. • Larger CPU caches. CIT 470: Advanced Network and System Administration

  25. Server CPUs CIT 470: Advanced Network and System Administration

  26. Xeon vs Pentium/Core CPUs Xeon based on Pentium/Core with changes that vary by model: • Allows more CPUs • Has more cores • Better hyperthreading • Faster/larger CPU caches • Faster/larger RAM support CIT 470: Advanced Network and System Administration

  27. System Buses Servers need high I/O throughput. • Fast peripherals: SCSI-3, Gigabit ethernet • Often use multiple and/or faster buses. PCI • Desktop: 32-bit 33 MHz, 133 MB/s • Server: 64-bit 66 MHz, 533 MB/s PCI-X (backward compatible) • v1.0: 64-bit 133 MHz, 1.06 GB/s • v2.0: 64-bit 533 MHz, 4.3 GB/s PCI Express (PCIe) • Serial architecture, v3.0 up to 16 GB/s CIT 470: Advanced Network and System Administration

  28. Hardware Redundancy Disks are most likely component to fail. • Use RAID for disk redundancy. • Cover in detail in Disks lecture. Power supplies second most likely to fail. • Use redundant power supplies. • Many servers need 2 power supplies normally. • Need 3 power supplies for redundancy. • Use separate power cord and UPS for each power supply. CIT 470: Advanced Network and System Administration

  29. Full and n+1 Redundancy n+1 Redundancy: One component can fail, but the system is still functional. • Ex: RAID 5, dual NICs with failover Full Redundancy: Two complete sets of hardware configured with failover mechanism. • Manual: SA switches to 2nd system when notices failure. • Automatic: The second system monitors the first and switches over automatically on failure. • Load-sharing: Both systems serve users, sharing load, but each has capacity to handle entire load on its own. When one fails, other automatically handles entire load. CIT 470: Advanced Network and System Administration

  30. Hot-swap Components Hot-swap components • Components can be replaced while running. • Need n+1 redundancy for this to be useful. • Don’t need to schedule a downtime. Issues • Which parts are hot-swappable? • May require a few seconds to reconfigure. • Be sure components are hot-swap, not hot-plug. CIT 470: Advanced Network and System Administration

  31. Hot Plug and Hot Spare Hot Plug • Electrically safe to replace component. • Part may not be recognized until next reboot. • Requires downtime, unlike hot swap. Hot Spare • Spare component already plugged into system. • System automatically uses hot spare when disk/CPU board etc. fails. • Provides n+2 redundancy. CIT 470: Advanced Network and System Administration

  32. Separate Administrative Network Reliability • Allows access to machines even when network is down. Performance • Backups require so much bandwidth that they’re often done over their own network. Security • Network security monitoring data and logs sent across network should be secured. CIT 470: Advanced Network and System Administration

  33. Maintenance Contracts • All machines eventually break. • Vendors offer variety of maint contracts. • Non-critical: Next-day or 2-day contract. • Clusters: If you have many similar hosts (CPU or web farm), then on-site spares may be cheaper than maintenance contract. • Controlled Model: Use small # of machine types for all servers, so you can afford a spares kit. • Critical Host: Same-day response or on-site spares. • Highly Critical: On-site technician + dup machine. CIT 470: Advanced Network and System Administration

  34. Data Protection • Avoid desktop backups by storing data on servers. Easy on UNIX, harder on Windows. • Use RAID for server hardware failures. • Mirror root disk, higher RAID levels for data. • Some servers use 16GB Flash drives for root disk. • Doesn’t protect against software mistakes. • Server backups • Use specialized admin network to keep load off main network. • Use specialized tape jukeboxes to fully automate backups of large data servers (DBs, fileservers). CIT 470: Advanced Network and System Administration

  35. Keep Servers in Data Center Data center necessary for server reliability. • Power (enough power, UPS) • Climate control (temperature, humidity) • Fire protection • High-speed network • Physical security CIT 470: Advanced Network and System Administration

  36. Server Operating Systems CIT 470: Advanced Network and System Administration

  37. Server OS Image Need greater reliability, security than desktop. • Remove unnecessary OS components. • Configure for best security & performance. Install and config specialized server software. • Server software: web, db, nfs, dns, ldap, etc. • May need monitoring software too. • Configuration: disk space, networking Server OS install should be automated too. CIT 470: Advanced Network and System Administration

  38. Remote Administration Servers must be accessible remotely. • Allows SA to fix problems quickly at 3am. • Allows SA to work outside machine room. Remote Administration • Serial console and concentrator (UNIX) • Networked KVM (Windows) • Remote power control. • Important to secure remote admin facilities. CIT 470: Advanced Network and System Administration

  39. Server Appliances Dedicated hardware + software • Fileserver (NetApp, Auspex) • Print servers • Routers Advantages • Performance • Reliability • Easy to setup • Extra capabilities Disadvantages • Cost CIT 470: Advanced Network and System Administration

  40. Many Inexpensive Workstations Why buy server hardware? • Buy two cheap rack-mount PCs + failover software. • Works if two PCs cheaper than server. • Google’s approach with ~450,000 servers. CIT 470: Advanced Network and System Administration

  41. Blade Servers • High-density servers on a board. • CPU • Memory • Disk • Each blade lives in a blade chassis. CIT 470: Advanced Network and System Administration

  42. Blade Chassis • Blade chassis provides power, network, remote. • Typically hot-swappable, hot-spare. • Racks can only support 1 svr/RU. • Blades are higher density, but also require more power and cooling. CIT 470: Advanced Network and System Administration

  43. Services

  44. Servers vs Services A server is a piece of hardware. A service is the function that is provided by one or more servers. CIT 470: Advanced Network and System Administration

  45. Services • Distinguish structured computing environment from some standalone PCs. • Large orgs linked through shared services to ease communication and optimize resources. • Typical environments have many services • Fundamental: net, DNS, email, auth, printing. • Typical: DHCP, backup, directory, file, license. • Services often depend on other services • Almost everything depends on DNS. CIT 470: Advanced Network and System Administration

  46. Providing a Service A service is more than hardware + software. A service must be • Reliable. • Scalable. • Monitored. • Maintained. • Supported. CIT 470: Advanced Network and System Administration

  47. Servers and Services For a service to be reliable, servers should: • Be as simple as possible. • Have minimum software to run service. • Depend on as few other services as possible. • Depend only on services that are at least as reliable as the service running on the server. • Have access restricted to SAs. • Be as few as needed for performance + reliability. CIT 470: Advanced Network and System Administration

  48. Customer Requirements Customers are the reason for the service. • How do they intend to use it? • What features do they need? • What features would they like to have? • How critical is the service? • What levels of availability and support are needed? Service Level Agreement (SLA) • Enumerates services. • Defines level of support. • Commits to response times for problem types. CIT 470: Advanced Network and System Administration

  49. Operational Requirements Essential to designing a reliable service • What services does it depend upon? • What other services will depend upon it? • How does it interoperate with other services? • How can it be integrated with auth/dir services? • How does the service scale? • How can the service be upgraded? • Downtime requirements. • What systems are affected? CIT 470: Advanced Network and System Administration

  50. Open Architecture Service should be built around open standards • Check IETF RFCs to see if it’s an open protocol. • Example service: SMTP • Example products: exim, postfix, qmail, sendmail. • Open standards don’t require open source. Allows vendors to make interoperable products. • Avoids vendor lock-in. • Allows vendor competition (cheaper prices for you.) • Decouples client selection from server selection. • Avoids need for protocol gateways. CIT 470: Advanced Network and System Administration

More Related