Re: [Nolug] Sharing File Systems

From: Dustin Puryear <dustin_at_puryear-it.com>
Date: Tue, 06 Jan 2009 15:22:06 -0600
Message-ID: <4963CB7E.30809@puryear-it.com>

I agree with Kevin: Avoid NFS and Samba here. If you are going to bring
up a VPN then you have more options, but barring that you need to stay
away from those two.

SSHFS looks cool.

And there is AFS.

Or what about just an 'rsync -o ssh' script for /usr/local/scripts? In
this situation, having a local master with:

/usr/local/site
/usr/local/site/bin
/usr/local/site/conf
/usr/local/site/logs

may make sense, and you just rsync everything (other than logs) to the
remote boxes every 30 min or so.

Puppet and the other tools are great, but they may be overkill here.
Still, nifty stuff.

--
Dustin Puryear
President and Sr. Consultant
Puryear Information Technology, LLC
225-706-8414 x112
http://www.puryear-it.com
Author, "Best Practices for Managing Linux and UNIX Servers"
  http://www.puryear-it.com/pubs/linux-unix-best-practices/
John Souvestre wrote:
> Hi Kevin.
> 
>  
> 
> Thanks for the info.   Yep, I should probably check out the versioning
> systems also.
> 
>  
> 
> Thanks,
> 
> John
> 
>    John Souvestre - Integrated Data Systems - (504) 355-0609
> 
> ------------------------------------------------------------------------
> 
> *From:* owner-nolug@stoney.redfishnetworks.com
> [mailto:owner-nolug@stoney.redfishnetworks.com] *On Behalf Of *Kevin Kreamer
> *Sent:* Friday, January 02, 2009 6:47 PM
> *To:* nolug@nolug.org
> *Subject:* Re: [Nolug] Sharing File Systems
> 
>  
> 
> Call me paranoid, but I wouldn't want to put either a NFS or a Samba
> server out on the Internet.  SSHFS does have the benefit that you're
> probably already running ssh on the servers.  If you do go with either
> NFS or Samba, then you'll probably need to use some sort of VPN
> software, as I don't remember either generally encrypting network traffic.
>  
> It sounds like you are mostly working on configuring servers and related
> network services.  I just wanted to point out that there is a whole
> class of software focused on pushing configs from a central location,
> from things like puppet, tripwire, and cfengine all the way up to
> LDAP/directory servers.  They're a bit more of a pain to set up
> initially, but allows you to add servers easily and can provide side
> benefits like increased security (no one changing configs behind your
> back), versioning support, and a centralized place from which to do
> backups.  Just an idea.
> 
> Kevin
> 
> On Fri, Jan 2, 2009 at 18:59, John Souvestre <johns@sstar.com
> <mailto:johns@sstar.com>> wrote:
> 
> Hi.
> 
> I have two situations in which sharing the file system on a Linux box
> would be
> handy.  I'm looking at NFS, Samba and SSHFS.  Any others I should be
> considering?
> 
> 1)  This application is to allow access from one Linux box (master) to
> two other
> Linux boxes (slaves).  The purpose is to allow scripting to keep the
> configs for
> some DNS servers tightly coordinated and easy to change.  It's light
> duty as not
> much data will be moved and speed isn't important either.
> 
> 2)  This is to allow access from various Windows machines to various
> Linux (and
> a couple of FBSD) boxes for miscellaneous maintenance activities, editing
> mostly.  I haven't found a Linux editor I like enough to use for
> anything other
> than light editing.  :)
> 
> In both cases security and reliability must be great as the Linux boxes are
> mostly online servers of various types.  All the boxes are on the
> Internet, some
> behind firewalls of various types.  Some of the boxes (both Linux and
> Windows)
> will be outside our network thus making a secure connection desirable.
> 
> From what I gather, for Linux to Linux I should go with either NFS or Samba.
> Any pro's or con's here?  I did read some people saying that NFS had
> security
> and locking problems sometimes and that it should be consider obsolete
> in favor
> of Samba.
> 
> For Windows to Linux Samba is what I see most mentioned but Microsoft
> seems to
> have a nice NFS client available too, so I don't know.
> 
> Then I ran across mention of SSHFS.  If I understand correctly, this
> requires no
> setup on the Linux client boxes at all, just SSH.  I like this because like
> putting as little as possible on the servers.
> 
> SSHFS also plays nice with firewalls which can be a problem sometimes
> for NFS
> and Samba (is this so?).  Finally, everything is encrypted which is nice
> should
> a box be outside our network.
> 
> I have seen two inexpensive SSHFS windows clients, SFTPDrive and WebDrive.
> 
> Any advice?
> 
> Thanks,
> 
> John
> 
>   John Souvestre - Integrated Data Systems - (504) 355-0609
> 
> 
> ___________________
> Nolug mailing list
> nolug@nolug.org <mailto:nolug@nolug.org>
> 
>  
> 
> 
> -- 
> This message was scanned by ESVA and is believed to be clean.
> Click here to report this message as spam. <
> http://esva.puryear-it.com/cgi-bin/learn-msg.cgi?id= >
___________________
Nolug mailing list
nolug@nolug.org
Received on 01/06/09

This archive was generated by hypermail 2.2.0 : 02/17/09 EST