<h3>Entries from March 2014.</h3>
+ <div class="entry">
+ <div class="title">
+ <a href="http://people.skolelinux.org/pere/blog/How_to_add_extra_storage_servers_in_Debian_Edu___Skolelinux.html">How to add extra storage servers in Debian Edu / Skolelinux</a>
+ </div>
+ <div class="date">
+ 14th March 2014
+ </div>
+ <div class="body">
+ <p>On larger sites, it is useful to use a dedicated storage server for
+storing user home directories and data. The design for handling this
+in Debian Edu / Skolelinux, is to update the automount rules in LDAP
+and let the automount daemon on the clients take care of the rest. I
+was reminded about the need to document this better when one of the
+customers of <a href="http://www.slxdrift.no/">Skolelinux Drift AS</a>,
+where I am on the board of directors, asked about how to do this. The
+steps to get this working are the following:</p>
+
+<p><ol>
+
+<li>Add new storage server in DNS. I use nas-server.intern as the
+example host here.</li>
+
+<li>Add automoun LDAP information about this server in LDAP, to allow
+all clients to automatically mount it on reqeust.</li>
+
+<li>Add the relevant entries in tjener.intern:/etc/fstab, because
+tjener.intern do not use automount to avoid mounting loops.</li>
+
+</ol></p>
+
+<p>DNS entries are added in GOsa², and not described here. Follow the
+<a href="https://wiki.debian.org/DebianEdu/Documentation/Wheezy/GettingStarted">instructions
+in the manual</a> (Machine Management with GOsa² in section etting
+started).</p>
+
+<p>Ensure that the NFS export points on the server are exported to the
+relevant subnets or machines:</p>
+
+<p><blockquote><pre>
+root@tjener:~# showmount -e nas-server
+Export list for nas-server:
+/storage 10.0.0.0/8
+root@tjener:~#
+</pre></blockquote></p>
+
+<p>Here everything on the backbone network is granted access to the
+/storage export. With NFSv3 it is slightly better to limit it to
+netgroup membership or single IP addresses to have some limits on the
+NFS access.</p>
+
+<p>The next step is to update LDAP. This can not be done using GOsa²,
+because it lack a module for automount. Instead, use ldapvi and add
+the required LDAP objects using an editor.</p>
+
+<p><blockquote><pre>
+ldapvi --ldap-conf -ZD '(cn=admin)' -b ou=automount,dc=skole,dc=skolelinux,dc=no
+</pre></blockquote></p>
+
+<p>When the editor show up, add the following LDAP objects at the
+bottom of the document. The "/&" part in the last LDAP object is a
+wild card matching everything the nas-server exports, removing the
+need to list individual mount points in LDAP.</p>
+
+<p><blockquote><pre>
+add cn=nas-server,ou=auto.skole,ou=automount,dc=skole,dc=skolelinux,dc=no
+objectClass: automount
+cn: nas-server
+automountInformation: -fstype=autofs --timeout=60 ldap:ou=auto.nas-server,ou=automount,dc=skole,dc=skolelinux,dc=no
+
+add ou=auto.nas-server,ou=automount,dc=skole,dc=skolelinux,dc=no
+objectClass: top
+objectClass: automountMap
+ou: auto.nas-server
+
+add cn=/,ou=auto.nas-server,ou=automount,dc=skole,dc=skolelinux,dc=no
+objectClass: automount
+cn: /
+automountInformation: -fstype=nfs,tcp,rsize=32768,wsize=32768,rw,intr,hard,nodev,nosuid,noatime nas-server.intern:/&
+</pre></blockquote></p>
+
+<p>The last step to remember is to mount the relevant mount points in
+tjener.intern by adding them to /etc/fstab, creating the mount
+directories using mkdir and running "mount -a" to mount them.</p>
+
+<p>When this is done, your users should be able to access the files on
+the storage server directly by just visiting the
+/tjener/nas-server/storage/ directory using any application on any
+workstation, LTSP client or LTSP server.</p>
+
+ </div>
+ <div class="tags">
+
+
+ Tags: <a href="http://people.skolelinux.org/pere/blog/tags/debian edu">debian edu</a>, <a href="http://people.skolelinux.org/pere/blog/tags/english">english</a>, <a href="http://people.skolelinux.org/pere/blog/tags/ldap">ldap</a>.
+
+
+ </div>
+ </div>
+ <div class="padding"></div>
+
<div class="entry">
<div class="title">
<a href="http://people.skolelinux.org/pere/blog/Hvordan_b_r_RFC_822_formattert_epost_lagres_i_en_NOARK5_database_.html">Hvordan bør RFC 822-formattert epost lagres i en NOARK5-database?</a>
<li><a href="http://people.skolelinux.org/pere/blog/archive/2014/02/">February (3)</a></li>
-<li><a href="http://people.skolelinux.org/pere/blog/archive/2014/03/">March (1)</a></li>
+<li><a href="http://people.skolelinux.org/pere/blog/archive/2014/03/">March (2)</a></li>
</ul></li>
<li><a href="http://people.skolelinux.org/pere/blog/tags/debian">debian (94)</a></li>
- <li><a href="http://people.skolelinux.org/pere/blog/tags/debian edu">debian edu (144)</a></li>
+ <li><a href="http://people.skolelinux.org/pere/blog/tags/debian edu">debian edu (145)</a></li>
<li><a href="http://people.skolelinux.org/pere/blog/tags/digistan">digistan (10)</a></li>
<li><a href="http://people.skolelinux.org/pere/blog/tags/drivstoffpriser">drivstoffpriser (4)</a></li>
- <li><a href="http://people.skolelinux.org/pere/blog/tags/english">english (236)</a></li>
+ <li><a href="http://people.skolelinux.org/pere/blog/tags/english">english (237)</a></li>
<li><a href="http://people.skolelinux.org/pere/blog/tags/fiksgatami">fiksgatami (21)</a></li>
<li><a href="http://people.skolelinux.org/pere/blog/tags/kart">kart (18)</a></li>
- <li><a href="http://people.skolelinux.org/pere/blog/tags/ldap">ldap (8)</a></li>
+ <li><a href="http://people.skolelinux.org/pere/blog/tags/ldap">ldap (9)</a></li>
<li><a href="http://people.skolelinux.org/pere/blog/tags/lenker">lenker (7)</a></li>
projects / homepage.git / blobdiff