Friday, January 15, 2010

Farmville, now in Linux

Installing any of mainstream linux distrubutions these days is a lot easier than a few years back, unless you want to get your hands dirty with a Gentoo "unsupported" stage 2 (which used to be the norm). The installation systems have really come a long way, and it doesn't take more than a an hour or 2 to have a mostly functional < server | desktop | laptop > up and running.

Working in a relatively small startup company, we have found that installing / re-installing is a relatively common process to go through; with advances in hardware, virtualization has boomed over the last 3 years and  you could find yourself installing a few VM's over and over for ... whatever purpose you find fit. Here are some methods that could streamline installation of multiple Linux systems.

1) OS Installation media - PXE-me-up
PXE ('pixie'), or Pre-boot eXecution Environment, is a specification created by Intel that basically gives us stuff like network boot / network installs.  It can be built relatively easily by a sys admin: all you need is a DHCP server, a TFTP Server and OS installation images (pxe-enabled of course). Check out http://menteb.org/tech/gentoo-pxe as 1 of many howto's.

2) Preconfigured installs with Kickstart (for the RH-type distros)
Kickstart is a Rehat product developed to automate OS installations (and used in similar distributions, such asd CentOS and Fedora). The configuration is saved in a file, served via any method accessible to the PXE kernel, such as HTTP. There is an extension configuration parameter set that can be used to tune your install, ranging from partitioning to software sets to install, with the manual available at http://www.redhat.com/docs/manuals/enterprise/RHEL-4-Manual/sysadmin-guide/ch-kickstart2.html. Use a scripting language (perl / python / php) to dynamic present kickstart files for even better dynamic installs. Post-installation scripts, set via the %post configuration, gets the host up and running the way you need it to, complete with centralized authentication configuration (keep reading).

3) Maintenance: local software repositories - Mirror mirror in the server room, what's the fastest of them all.
The joys of sub-standard infrastructure. While most of you probably live in a country where bandwidth flows more freely water through the Amazon, we do not all share these small pleasures. Here in sunny South Africa, bandwidth is slow. And expensive. With as little as 10 hosts of the same distribution (and major version perhaps), it would be probably be a good idea for the average small to medium business to have a local repository of software updates, mirrored from upstream providers. The initial sync can be painful. Right now, we have a mirror of the latest release of CentOS (5.4) and Fedora (12), which is a little over 100GB. Once it's set up, a daily rsync will ensure that you always have the latest updates at your finger tips. Until the next release of course.

4) Package management
I love having the latest and greatest software versions on test systems - new features. Software crashes. Really broken dependency trees. Fun fun fun. Why? Source installations - the bane of the inexperienced system administrator. Most distributions have package management for a reason - it ensures integrity of software. It's been tested.  Many hours are spent by the distribution developers ensuring that everything fits together nicely for you so you don't have to worry about rebuilding 40 different libraries manually. Keep to yum, up2date, apt and portage if you can. And if you do need something thats not available, its not that difficult to set up your own repository. (rpmbuild + createrepo for RH distributions are great tools to familiarise yourself with).

Lastly...
5)Centralized authentication
My first home network: 1 gentoo "server" *cough* celeron *cough* (which is still running today, 6 years later) and a Windows 2000 notebook. And centralized authentication with LDAP. And a Samba PDC. Those where the days, plenty of time to spend.  This is really only useful if there are more than 2 or 3 people needing authorized access to 10+ hosts and a handful of services (web applications, mail, source).
One password to authenticate all, one password for them all. One password to authorize all and in the network bind them.