Slashdot Mirror

← Back to Stories (view on slashdot.org)

High Performance Diskless Linux At AX-Div, LLNL

Posted by timothy on from the four-letter-acronym dept.

Lee Busby writes "As a co-author, I am biased, but I think that our recent paper describing a diskless Linux deployment at Lawrence Livermore National Lab (PDF)may be of general interest. It's a little different than most diskless systems -- simpler, and designed to be high performance."

20 comments

  1. iSCSI? by 4of12 · · Score: 1

    Thanks for the link. I work in a similar environment where security requirements are more easily met by diskless workstations.

    This project started a few years ago and there have been some interesting new developments since.

    Given the current situation, would you consider using iSCSI in your environment?

    --
    "Provided by the management for your protection."
    1. Re:iSCSI? by battjt · · Score: 1

      I would have, but I would have used ndb instead of nfs. You could then proxy over a secure connection. It would have also fixed their swap problem.

      Joe

      --
      Joe Batt Solid Design
    2. Re:iSCSI? by wowbagger · · Score: 1

      The problem that I see with using iSCSI is that you cannot share the storage for the units - each box needs its own section of disk.

      With NFS, you can have all boxes sharing /home, /usr, /bin, and so on, saving total storage.

      --
      www.eFax.com are spammers
    3. Re:iSCSI? by 4of12 · · Score: 2, Insightful

      Sharing common resources is great, and NFS performance is increased if they're all mounted read-only on the clients.

      Keeping some protection and partition of /home/me over iSCSI to a single workstation seems like a good idea to me. Given all the concerns of classified processing, it's not like you and some other workstation are going to be routinely part of a parallel cluster where multiple clients need write access to the same filesystem.

      Then, each client would only need a writable /etc for system configuration and /var for log files over iSCSI.

      I'm not familiar enough to know, but if the traffic is read only, can't the same /usr/bin be exported to multiple clients via iSCSI?

      --
      "Provided by the management for your protection."
  2. NFS? by ghostlibrary · · Score: 3, Interesting

    This has some nice configuration management ideas. Given that a linux distribution is small, cloning them for each diskless is a neat approach to balance centralized management versus changing hardware.

    That said... NFS is woefully insecure so, if subversion by an insider is a problem (as it would be with, say, disk workstations), NFS may not be the best choice for handling the disk management.

    --
    A.
    1. Re:NFS? by 44BSD · · Score: 1

      How many times do we need to hear the canard about NFS being insecure before we decide to RTFM?

      UNIX auth isn't the only authentication flavor for NFS. It may be appropriate in may settings, it may be the default for many "distros", it may be the only authentication various n00bs are familiar with, but it isn't the only game in town.

    2. Re:NFS? by Ed+Avis · · Score: 1

      So is there an authentication system for NFS that doesn't trust the client PC? One that is secure against plugging in your own laptop and setting it to have the same IP address and MAC address as an existing machine (which you unplug at the same time)?

      --
      -- Ed Avis ed@membled.com
    3. Re:NFS? by Ed+Avis · · Score: 1

      Why not Linux's remote block device? It might perform better than NFS because (assuming read-only access to the block device on the server, with a smaller device for /var) blocks can be cached on the client. (OTOH, a clever NFS implementation could cache bits of filesystem if you promised it the data was not going to change.)

      --
      -- Ed Avis ed@membled.com
  3. The more things change.. by scumbucket · · Score: 1, Insightful

    the more they stay the same. This doesn't seem too much different from the 'dumb' terminal connected to the corporate mainframe that is still in use today. Except that it is running Linux, a much superios OS to IBM's MVS or z/OS.

    --
    CMDRTACO CHECK YOUR EMAIL!
  4. Networked File systems by wowbagger · · Score: 2, Informative

    A quick skim of the PDF leads me to believe they are still using NFS for the operation.

    My question would be, does anybody have any meaningful experiences using CodaFS or Intermezzio?

    Where I work, we have NFS mounted home directories. When the main server goes down, we all get to twiddle our thumbs because we cannot do anything without a home directory.

    It would seem to me that the caching of Coda and Intermezzio would be better - you still have the centralized management of the disk images, but you also get the speed of local access and the robustness of not having a single failure point in the server.

    But I've not had time to set up a trial system - has anybody else?

    --
    www.eFax.com are spammers
    1. Re:Networked File systems by Craigory · · Score: 3, Informative

      At my University there is a fairly large Andrew system which performs well. The only gotcha is that Andrew implements its own non-Unix file permissions, which is a bit confusing. Coda is of course based on Andrew. It differs only slightly in its concurrent write semantics.

    2. Re:Networked File systems by pmz · · Score: 1

      When the main server goes down, we all get to twiddle our thumbs because we cannot do anything without a home directory.

      Why does you main server go down during working hours? Perhaps you need a new administrator or better hardware. If your company is too cheap to get better hardware, perhaps you need a new employer, as well.

      --
      Healthcare article at Kuro5hin
    3. Re:Networked File systems by digital+photo · · Score: 1

      The typical workaround to that of the risk of a central server failure would be a NAS box where the box has redundant "heads" and redundant pathing through 2 switches.

      That way, if the server dies, the 2nd takes its place immediately. If maintenance needs to be done, you do it on one before the other. If a switch is lost, you have the other path, etc.

      If you're working on a production site where your customer's time means your money, you will have a robust setup. A single server with a single path is just asking for it.

      I've worked at a unviversity with a setup like that. The ONLY justification they had was that of cost. When a server went down, so did the labs that depended on that server. It was pretty bad.

      --

      Winged Power Photography
    4. Re:Networked File systems by Anonymous Coward · · Score: 0

      > Why does you main server go down during
      > working hours? Perhaps you need a new
      > administrator or better hardware. If your
      > company is too cheap to get better hardware,
      > perhaps you need a new employer, as well.

      Perhaps you should move out of your parents' basement and out into the real world.

    5. Re:Networked File systems by millette · · Score: 1

      I think the parent post was refering to redundancy. You know. Like when you take a plane and don't expect it to crash?

  5. NFS diskless story by Mr+Coffee+Cup · · Score: 1

    The company I work for (actually, the company I own) builds and sells specialized systems that use diskless via NFS. One server and up to 10 terminals. Each terminal has it's own (very stripped down) root fs, and they all share a single usr fs mounted ro.

    I use e2fs still, despite other options available. It benchmarks reasonably well across the board. (Personally, I think it's a lot more important to have more than sufficient memory on the server than to quibble about benchmark numbers.. cache cache cache.) More importantly, e2fs has proven reliable, even when tired customers just turn their server off rather than shut it down. (the system does send internal "Nag" notes to upper management whenever the server is improperly shut down) More than that though, as I'm a (totally) small time business with very limited human resources, the customers all need to be on the same page. Much easier to troubleshoot over the phone when everybody's running the same 'stuff'.

    Much ado has been given to configuring the sizes of rsize and wsize in NFS mounted filesystems. I've tested and tested and tested. The default value (4096 in the server/terminal kernels i run) works the best over the most situations, but that's perhaps due to the combination of hardware I'm using, so if you're setting one up yourself, you'll probably want to investigate. (see the current NFS howto at linuxdoc.org. There's a section on tuning, and links to some benchmark suites.). At any rate, you definitely want your NICs to run in full duplex to avoid collision overhead on NFS so do your homework before picking a card. Performance in my case isn't an issue anyways, except when booting a terminal. Even on my local setup here, where I do a lot of box backups on the back-net via NFS, the defaults seem to work as well as anything else.

    The terminals are typically pentiums, recycled. They're cheap, and need to be given the harsh environment the terminals work in. I've used both netboot and etherboot as loaders, and have finally settled on etherboot as it seems to build loaders that for are more tolerant of NIC card firmware revisions.

    Network hardware is just a switch and 100mbit network cards. I support only one card at present (actually 3, but two are being deprecated), but bought a dozen or so of the most commonly available cards and played with them for a while before deciding on one. I want consistency in loaders, especially across a single site. Mostly though, I want the customers to be able to replace *anything* that breaks with commonly available stuff themselves so they can get back up quickly. Not that I mind the fees for on site service, but I'd much prefer happy customers. Rabidly happy customers have basically done 95% of my sales for me. Those sort of relationships aren't worth jeopardizing over specialized hardware or a fee.

    The terminals all run our proprietary software package. (While that might offend some OSS guys, it pays my bills.. and at ~130K lines of C, represents a *substantial* investment in time, and a long period of being 'not paid'.) A hook in /etc/inittab to the software replaces getty in the appropriate runlevels, and since my customers all own pizza/pasta stores, the replacement is named 'pizgetty'. Pizgetty is just a wrapper that strips root perms and starts the frontend of the real software package. Each terminal runs several separate connections (typically.. it's configurable) to the server software so a terminal actually provides more than one virtual/independent screen. The software handles all configuration internally, so changing node names around, re-configuring printers or other hardware is done (hopefully) only from menus within the software. However if you're swapping nodes, the affected nodes do have to be rebooted once the config is written. Things are statically routed, which keeps configurations easy to manage.

    Likewise, the server screens function like a terminal's screens. There's no login prompt without a high level of p

  6. Is swap via NFS necessary? by Mr+Coffee+Cup · · Score: 1

    Seems swap via NFS might cause some bottlenecks. Since cost doesn't seem to be the issue, why not compile ide and fs support into your tagged client kernels? You could then on the client boxes (theoretically?) add a hd and set up swap locally. Though I suppose there might be security concerns at LL about the theoretical possibility of removal of a 'swap' harddrive and subsequent inspection elsewhere.

    1. Re:Is swap via NFS necessary? by Hast · · Score: 1

      Encrypted swap/cache partitions? That may kill performance too much so that it's not useful though. But it's one way to get around the problem of not being able to swap because of security requirements.