Linux topics - PowerPoint PPT Presentation

About This Presentation
Title:

Linux topics

Description:

no free download, but product still (mostly) GPL. exceptions: truetype fonts, Codeweavers Wine ... ask for using a free socket in your office. eventually, any ... – PowerPoint PPT presentation

Number of Views:26
Avg rating:3.0/5.0
Slides: 34
Provided by: wwwzeut
Category:
Tags: linux | topics

less

Transcript and Presenter's Notes

Title: Linux topics


1
Stephan Wiesand June 17, 2003
Linux topics State of DESY Linux 5
discussion Notebook support
2
DL5 why and when
  • DL4 is based on SuSE 7.2 Professional
  • SuSE 7.2 was released July 2001
  • is showing its age now
  • KDE2
  • glibc too old for recent gcc versions
  • SuSE provides security patches for 2 years
  • doing this ourselves is too much effort
  • Ambitious schedule
  • June
  • decision on DL5 base distribution
  • August
  • provide DL5 to early adopters, volunteers
  • October
  • DL5 default on new installations

3
selection criteria for DL5 base distribution
  • should have a sufficient time to live
  • security and bug fixes by distributor
  • 2 years limit is forcing us right now
  • even if we'd like to keep DL4, we couldn't
  • should come with recent software
  • glibc, gcc (new C ABI since version 3.2)
  • KDE, application software
  • should be supported by 3rd party vendors
  • software (compilers...) hardware (notebooks...)
  • should fit well with HEP, GRID, ...

4
DL5 distributions considered
  • Red Hat
  • Professional
  • Enterprise Server / WorkStation
  • SuSE
  • Professional
  • SuSE Linux Enterprise Server / SuSE Linux Desktop
  • Debian
  • Stable woody
  • Unstable sarge (or is it sid?)

5
debian
  • PROs
  • no license troubles
  • no monetary cost
  • long life time
  • but undefined
  • good patches support
  • but for Stable only
  • no commitment to 100 compatibility
  • very complete
  • CONs
  • software in Stable is old (like DL4)
  • no release date for next Stable
  • this year? next year?
  • no commitment to timely, compatible patches for
    Unstable
  • poor support by 3rd party vendors

6
Red Hat Professional
  • PROs
  • de facto HEP standard
  • but which one?
  • HEP uses 7.x today
  • current is 9
  • no license troubles
  • no monetary cost
  • good 3rd party support
  • fairly complete
  • CERN considers going for version 10
  • CONs
  • life time 10-12 months
  • 6 months after next release (4-6 months)
  • 1 year DL release cycle?
  • start working on public beta releases?
  • ... a vehicle for exposing new technology to the
    community (RedHat)

7
Red Hat ES/WS
  • targeted at professional customers, not SOHO
  • no free download, but product and updates still
    GPL
  • cost is 1k per year for 1 ES 1 WS systems
  • for Red Hat Network services support
  • Sales is unable to talk about site licenses (not
    yet)
  • patches provided for 5 years
  • reduced number of packages
  • true for all Enterprise distributions
  • current version 2.1 corresponds to Professional
    7.x
  • next release Q3-Q4, no beta yet, betas are not
    public

8
SuSE Professional
  • PROs
  • life time 2 years
  • very complete
  • up to date
  • some 3rd party support
  • no monetary cost
  • little license troubles
  • comes with
  • AFS
  • globus
  • CONs
  • life time 2 years
  • common misconception about YaST license
  • though it's ok for HEP
  • considered less compatible with HEP, GRID than
    Red Hat
  • again which Red Hat ?

9
SuSE Enterprise
  • no free download, but product still (mostly) GPL
  • exceptions truetype fonts, Codeweavers Wine
  • cost is 1.5 k per year for 1 SLES 5 SLD
    systems
  • for SuSE Maintenance Web services support
  • Sales is able and willing to talk about site
    licenses
  • patches provided for 5 years
  • reduced number of packages
  • additional ones possible for a fee
  • current version 8 corresponds to Professional 8.1
  • SLD has more recent KDE

10
DL5 summary
  • 6 months ago, the decision would have been easy
  • Red Hat Professional best choice
  • Enterprise Desktops were not available
  • SuSE Professional was not in good shape
  • since then, conditions have changed
  • Red Hat reduced support time from 2 years to 1
  • mature SuSE Professional available
  • Enterprise Desktops available
  • and SuSE's is even up to date

11
DL5 Options
  • Red Hat Professional, effective ttl 10 months
  • at least some HEP institutes are heading there
  • they also talk about throwing money at Red Hat
    for extending the support time
  • can DESY wait for the outcome ?
  • too late for version 9 anyway
  • SuSE 8.2 Professional, effective ttl 1½ years
  • SuSE SLES8/SLD8, effective ttl 4 years 8
  • buy one, install many, or
  • negotiate licensing with SuSE

12
DL5 next steps
  • Evaluation Matrix will be presented and discussed
    in Linux User Meeting in HH next week
  • if DL5 is important to you
  • do come, and speak up
  • or brief me, and I'll speak up
  • continue talking to SuSE about Enterprise
    products
  • licensing terms, additional packages, cooperation
  • talk to HEP community
  • hopefully, take a reasonable decision for DL5
    soon
  • if it's not reasonable available today, it's DL6

13
Notebook Support Outline
  • centrally supported notebooks
  • why linux notebooks anyway ?
  • hardware issues
  • support concept
  • current service level, to do list
  • can linux notebooks replace desktops yet ?
  • unsupported / private notebooks
  • what we can do for users, and what we can't
  • common pitfalls

14
Why Linux notebooks ?
  • for many physicists, Unix is still the
    environment
  • where they feel at home
  • where they work most efficiently
  • Windows on notebooks is not trivial, either
  • nobody's talking about not supporting that
  • Pooled Linux notebooks make sense
  • Windows notebooks currently work best for a
    single user

15
Hardware issues
  • Linux likes slightly dated hardware
  • Power management prefer APM over ACPI
  • APM allows suspend, and is still much more stable
  • alas, recent notebooks no longer have it
  • WLAN
  • 802.11b cards (Dell TM 1150, Cisco Aironet) work
  • 802.11a/g cards don't, and may not anytime soon
  • Graphics
  • nvidia GeForce works, but not easily
  • older ATI works fine, recent chips unknown
  • i830M works fine, recent chips unknown

16
Recommended Hardware
  • Linux sort of works on most notebooks today
  • It works really well on very few available models
  • Standardization committee recommendation now
    Dell Latitude D600
  • reasonably priced, powerful, good battery life
  • untested under Linux yet (should basically work)
  • no WLAN option for Linux (we'll try the old
    card...)
  • The committee also recommends
  • for Linux, still consider Dell Latitude C series
  • available until Q3/03

17
What hardware to buy today
  • Dell C840
  • works well, but heavy, nvidia graphics needs
    tweaking
  • Dell C640
  • untested (probably works)
  • Dell C400
  • well tested and now supported, works very well
  • very lightweight
  • reasonably priced
  • get a TrueMobile 1150 internal WLAN card
  • getting a US keyboard is no problem

18
First centrally supported notebooks
  • there are now 9 identical C400s at DESY Zeuthen
  • providing real support starts making sense
  • basic setup
  • dual boot Linux (SuSE 8.2 Professional) / Windows
    XP
  • hard disk shared 50-50
  • 1GB FAT32 partition for exchanging data
  • Linux
  • programmed remote installation
  • automatic / remote maintenance (first steps,
    anyway)

19
Support model
  • this is not considered support
  • handing out pristine notebooks and a stack of CDs
  • handing out functional notebooks and forgetting
    them
  • this could be, but isn't feasible due to
    manpower
  • handing out notebooks, letting users deal with
    them, and helping with individual problems
  • this is
  • handing out functional notebooks and caring for
    them
  • keeping it functional and secure (remember it has
    a mic)
  • providing configuration improvements when
    available

20
The concept
  • programmed remote installation
  • well defined initial state
  • this is the easy part, similar to current
    mechanisms
  • automatic configuration maintenance
  • make current state converge to correct state
  • this is the challenge notebooks
  • have no permanent network connection
  • must work in very different environments
  • must allow the user to change the current state
  • easily failsafe
  • existing mechanisms for desktops simply don't work

21
Automatic Maintenance
  • rpm package postinstnotebook
  • cfengine scripts archive of files
  • executed on network startup, by cron, by
    SuSEconfig
  • notebook
  • pulls updates of postinstnotebook when network
    runs
  • confirms by http request to install server
  • dhcp server
  • notifies install server by http request
  • install server
  • tries to push updates when client fails to confirm

22
Automatic maintenance
Notebook
pull
HTTP Server (updates)
request
push
pull
ack
confirm
Install Server
DHCP server
notify
check
HTTP server (client DB)
23
when the notebook network starts
  • the latest postinstnotebook release is downloaded
  • 50 kB
  • unless inhibited by user
  • it sends confirmation to the install server
  • if on our network
  • after 30 seconds delay starts cfengine scripts
  • unless inhibited by user
  • these do the work
  • only a very small subset is executed during boot

24
what the cfengine scripts do
  • some examples
  • make sure the network configuration is secure
  • make USB work
  • add necessary sudo entries
  • correct the hardware clock configuration
  • if on our network, sync the system clock
  • if on our ethernet, download certain updates
  • make sure important services are running
    (apmd,...)
  • enhance the AFS client configuration
  • have a look in /var/run/cfengine/features

25
functional today
  • LAN
  • Ethernet, Wireless
  • start/stop/configure/restore by user
  • AFS client
  • start/stop/cell change by user
  • Suspend (to RAM)
  • optional USB Intellimouse
  • USB memory sticks work
  • backup your mobile work !
  • external VGA port (for beamer)

26
A simple GUI for some functions
  • convenient access to some important settings
  • make it easiest to do it right and safe
  • allow without being root
  • simple surface for commands
  • intelligence not in GUI but in scripts it calls
    (maintainable)

27
not yet available
  • will be rolled out by update mechanism when
    ready
  • base configuration and start/stop by user for
  • ISDN (with without callback)
  • Modem (maybe even the C400's internal winmodem)
  • DSL
  • printing on DESY printers
  • CUPS or LPRng ?
  • automatic security updates bug fixes from SuSE
  • using local mirror, only on Ethernet, in
    background
  • directory information (passwd, group)
  • will (try to) avoid interfering with manual
    settings

28
About replacing desktops by notebooks
  • current philosophy for notebooks
  • boot as quickly as possible, avoid timeouts
  • do not start any network interface by default
  • no kerberos/AFS login
  • local accounts and home directories
  • no backup !
  • accounts created manually today
  • no interface to user registry
  • allow ALL ifh.de accounts w/o password by
    default?
  • avoid deviation from SuSE default setup
  • no HEPiX11, no customized ssh,...
  • no NFS access (read only, at best)

29
Private / unsupported notebooks
  • what we can provide
  • an up to date installation/package repository
  • a handful of installation profiles that should
    work for most notebooks, for programmed
    installation
  • manual modification possible
  • manual confirmation required
  • postinstnotebook should work on any SuSE 8.2
    system
  • Linux pages in HH hold some goodies for
    individualists
  • what we can't
  • the manpower for fixing messed up installations
  • a linux administration hotline / tutorials

30
Common pitfalls networking
  • all notebooks are confined to a certain subnet
  • dynamic DHCP only available in this subnet
  • this subnet is only available on certain wall
    sockets
  • public access points in terminal rooms
  • ask for using a free socket in your office
  • eventually, any wall socket in lab building
  • will work for any registered device
  • will lock out unknown devices - have yours
    registered
  • use only a single network interface at a time
  • or you have to deal with routing

31
Common pitfalls accounts groups
  • on supported notebooks, let us create the
    accounts
  • hook it up to the Ethernet, we'll do it remotely
  • if you do it yourself
  • use the same name/UID as on central systems !
  • makes using AFS, ssh,.... much more convenient
  • do NOT create groups with GID lt 100
  • they may clash (many common DESY GIDs are lt 100)
  • not needed

32
Common pitfalls ssh access to DESY hosts
  • there is no way to correctly log in to a DESY
    computer without giving a password
  • actually there is one, but if we catch you using
    it, we'll assume your account has been hacked and
    lock it
  • for this reason, ssh public key authentication
    does not work correctly from notebooks to ifh.de
    hosts
  • will let you in, but
  • after some timeout
  • no kerberos ticket, no AFS token, no X11
    forwarding

33
Linux Notebooks Summary
  • choose hardware carefully
  • talk to us before buying
  • whether or not the notebook will be supported by
    us
  • accept our support
  • please be patient, it's just evolving
  • do provide feedback
  • don't expect full desktop functionality
  • don't expect all the familiar gimmicks
    customizations
Write a Comment
User Comments (0)
About PowerShow.com