<br><br><div class="gmail_quote">On Mon, Sep 13, 2010 at 9:12 PM, Brian Lavender <span dir="ltr"><<a href="mailto:brian@brie.com">brian@brie.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">
<div class="im"><br>
</div>That is along the lines that I am thinking. For any suited networking<br>
environment with more than one machine, it seems that you need a good<br>
way to replicate users and authenticate them. I noticed with Fedora 13<br>
that you can point it to an LDAP and KDC and you are good to go.<br>
<br>
And, why have DNS on the local network when LDAP is perfectly suited?<br></blockquote><div><br></div><div>Because this is what DNS was designed for. I've yet to work in a place that was completely homogeneous, usually, you have at least a few non UNIX/Linux machines, and DNS is a standard. I ran DNS locally on my home network for this very reason. Just about anything that can network TCP/IP will talk it. And I'm not talking solely about PCs/workstations here. You have other non PC equipment in your network. </div>
<div> </div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">
<br>
The really strange thing I have noticed is when you go to organizations<br>
and they name their systems, devmx01, smtpmark01. That is really<br>
annoying when you can use a directory server to store these attributes.<br>
<br></blockquote><div><br></div><div>I disagree. I can with just a simple hostname command determine exactly what the node does. Its names like "fiddle" or "d0r3k9s2" that make no sense. And having to query LDAP is IMO annoying as hell. </div>
<div> </div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">
I think to really catapult GNU/Linux, we have to be able to easily<br>
deploy these services. Otherwise, we'll just remain hobbyists or single<br>
server hackers (with backups).<br></blockquote><div><br></div><div> I'm kinda confused, I thought a good portion of web servers out there run on LAMP.. If you want a specific example, I believe Google uses a linux variant as their main OS. I would hardly call them a single server hacker, tho their "manage by install" setup is one on steroids, or at least that's what I have been given to believe by reading. </div>
<div><br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">
<br>
And speaking of backups, what better way can you think besides having<br>
an offsite backup of rsyncing your data to another hot fail server?!!!<br></blockquote><div><br></div><div>That's great in some setups, until you lose the hot fail server. Sure you get redundancy, but there's nothing like the safety of a non volatile backup. Of course this is highly dependent on what data we're talking about. In many cases, rsync'ing to another server, or hell, just tar/encrypt/uuencoding and gmailing the data is also fine. But sometimes you want the safety of tape/optical/etc. </div>
<div><br></div><div>One other thing, just having backups is not enough. You need to test said backups, and test them regularly. I have known occasions, when the backup equipment has failed, and failed in a way that the only way we knew it failed is when we started the restore and looked at random bits coming off the media. </div>
<div><br></div><div>My advice is there is not one backup strategy that works. Know the data you're backing up, how important it is, and tailor your backup strategy based on that. And then test. If you don't test, you don't know that it works. </div>
<div><br></div><div>One other thing about tools.. I have known a ton of different tools in my career, and over time, all have changed. Tool X may be king now, but it's likely to be worthless in time. However, the concepts, they always work. So know those, and be able to adapt to any tool, then you will always be able to do your job as a system admin. </div>
<div><br></div><div>Mike </div></div><br>-- <br>Michael Wenk<br><a href="mailto:mjwenk@ucdavis.edu">mjwenk@ucdavis.edu</a><br>