internet services administration cs35910 n.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
Internet Services Administration CS35910 PowerPoint Presentation
Download Presentation
Internet Services Administration CS35910

Loading in 2 Seconds...

play fullscreen
1 / 20

Internet Services Administration CS35910 - PowerPoint PPT Presentation


  • 101 Views
  • Uploaded on

Internet Services Administration CS35910. File Services Administration and File Access Services. Backups. Don’t worry, your data is safely backed up on multiple redundant RAID servers. Principles of System Administration. Corollary 25: Redundancy

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Internet Services Administration CS35910' - amina


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
internet services administration cs35910

Internet Services AdministrationCS35910

File Services Administration and File Access Services

backups
Backups

Don’t worry, your data is safely backed up on multiple redundant RAID servers

principles of system administration
Principles of System Administration
  • Corollary 25: Redundancy
    • Reliability is often safeguarded by redundancy, or backup services running in parallel, ready to take over at a moments notice
  • Principle 46: Data Invulnerability
    • The purpose of a backup copy is to provide an image of data which is unlikely to be destroyed by the same act that destroys the original
  • Corollary 47
    • Backup copies should be stored at a different physical location to the originals
redundancy
Redundancy
  • To lose one parent, Mr. Worthing, may be regarded as a misfortune; to lose both looks like carelessness

Lady Bracknell,

The Importance of Being Earnest

  • When a RAID disk fails, fix it straight away
  • Don’t forget the importance of backups
backups1
Backups
  • Full and incremental backups
  • Backup storage solutions
  • Off-site storage
  • Amanda and tar
  • Linux Journal Reader’s Choice Awards

Favourite Backup Solution

1. tar (65%)

2. Amanda (5%)

3. Arkeia Network Backup (<1%)

check your disaster recovery
Check your Disaster Recovery
  • Backups always succeed
  • Restores always fail!

The backup motel – files check in but never check out

file transfer
File Transfer
  • Why transfer files
  • File transfer technologies
    • Sneakernet
    • UUCP
    • FTP
    • SSH - SCP and SFTP
    • Network Filestore
    • HTTP
    • Webdav etc.
ftp access
FTP Access
  • Advantages
    • Easy to set up
    • Well supported
    • Easy to use
    • Fast
  • Disadvantages
    • Problems with firewalls (use passive mode)
    • Plain text transfers, including password
ftp anonymous or not
FTP: Anonymous or not
  • Problems with user FTP security:
    • Plain text passwords can be easily snooped
    • Real user accounts can allow exploits such as uploading .rhosts etc.
    • SCP/SFTP provides a better solution for these needs
    • See also SSLftp: ftp://ftp.psy.uq.oz.au/pub/Crypto/SSLapps
  • Problems with anonymous FTP:
    • Configuration needs more care
    • No method to uniquely identify users
management of nfs
Management of NFS
  • /etc/exports
  • TCP Wrappers (hosts.allow, hosts.deny) protect the vulnerable portmapper
  • Root squashing
  • mountd, nfsd
nfs cookies
NFS Cookies
  • NFS is stateless. Cookies are passed by mountd to indicate a successful mount
  • Limited persistence of cookies
    • Cookies usually changed when remounting filestore
    • For crash recovery, the cookie persists across a reboot
  • Stateless nature makes locking very difficult
  • TCP may be used for NFS over routers and even on LANS, but the protocol remains stateless
nfs automounter
NFS Automounter
  • Administrative nightmare of cross mounting home filestore from multiple servers
  • Auto mounter uses maps to mount filestore on demand
  • Maps may be shared by RDIST, NIS or LDAP or some other means
  • May also be used to mount loopback filesystems
    • Possible to emulate a CD server using ISO images and the automounter
principles of system administration1
Principles of System Administration
  • Principle 12: Separation
    • Data which are separate from the O.S. should be kept in a separate directory tree, preferably on a separate disk partition. If they are mixed with the O.S. system file-tree it makes re-installation or upgrade of the O.S. unnecessarily difficult
  • Principle 20: Freedom
    • Quotas, limits and restrictions tend to antagonize users. Users place a high value on personal freedom. Restrictions should be minimized
timing issues with network filestore
Timing issues with network filestore
  • The problem: datagram networks are unpredictable
    • Latency
  • NT Opportunistic locking
    • Oplocks
      • Delayed writes for network shares
      • When tuning Samba servers, fake oplocks may be used on read-only shares for improved performance
    • Strict locking
    • Neither oplocks nor strict locks are very good for JET databases
  • NFS inconsistencies
    • flock(), lockf() timing issues
    • rpc.lockd – a partial solution
principle 4 communities
Principle 4 (Communities)
  • What one member of a cooperative community does affects every other member and vice versa. Each member of the community therefore has a responsibility to consider the effect of his/her actions on all the other users
    • Principles of Network and System Administration
management of smb
Management of SMB
  • Windows NT shares
    • Directory Security and Share Security
    • Hidden shares, e.g. \\myhost\backup$
      • Not very well hidden
    • Administrative Shares
  • UNIX shares with Samba
    • Browse lists
    • Read and Write lists
permissions and privileges
Permissions and Privileges
  • Permissions (rights) always associated with a particular object
    • Permission to read a file etc.
  • Privileges associated with particular actions on the system and granted to users
    • E.g. SE_SYSTEMTIME_NAME privilege to change system time
network attached storage
Network Attached Storage
  • Drives attached to embedded unit
  • Cut down OS provides only data storage, access and management functionality
  • Usually provides multiple access protocols
    • NFS
    • SMB/CIFS
storage area networks
Storage Area Networks
  • Enterprise Solution
  • Devices attached to a network, called a fabric
  • Access to the device at block I/O level
  • SCSI protocol is usually used