Re: [Nolug] Sharing File Systems

From: Dustin Puryear <dustin_at_puryear-it.com>
Date: Tue, 06 Jan 2009 15:23:03 -0600
Message-ID: <4963CBB7.5090104@puryear-it.com>

Sorry for the LATE replies. I sent these the other day, but I think they
went out with the wrong email addy so they didn't make it. 

--
Dustin Puryear
President and Sr. Consultant
Puryear Information Technology, LLC
225-706-8414 x112
http://www.puryear-it.com
Author, "Best Practices for Managing Linux and UNIX Servers"
  http://www.puryear-it.com/pubs/linux-unix-best-practices/
Dustin Puryear wrote:
> I agree with Kevin: Avoid NFS and Samba here. If you are going to bring
> up a VPN then you have more options, but barring that you need to stay
> away from those two.
> 
> SSHFS looks cool.
> 
> And there is AFS.
> 
> Or what about just an 'rsync -o ssh' script for /usr/local/scripts? In
> this situation, having a local master with:
> 
> /usr/local/site
> /usr/local/site/bin
> /usr/local/site/conf
> /usr/local/site/logs
> 
> may make sense, and you just rsync everything (other than logs) to the
> remote boxes every 30 min or so.
> 
> Puppet and the other tools are great, but they may be overkill here.
> Still, nifty stuff.
> 
> --
> Dustin Puryear
> President and Sr. Consultant
> Puryear Information Technology, LLC
> 225-706-8414 x112
> http://www.puryear-it.com
> 
> Author, "Best Practices for Managing Linux and UNIX Servers"
>   http://www.puryear-it.com/pubs/linux-unix-best-practices/
> 
> 
> John Souvestre wrote:
>> Hi Kevin.
>>
>>  
>>
>> Thanks for the info.   Yep, I should probably check out the versioning
>> systems also.
>>
>>  
>>
>> Thanks,
>>
>> John
>>
>>    John Souvestre - Integrated Data Systems - (504) 355-0609
>>
>> ------------------------------------------------------------------------
>>
>> *From:* owner-nolug@stoney.redfishnetworks.com
>> [mailto:owner-nolug@stoney.redfishnetworks.com] *On Behalf Of *Kevin Kreamer
>> *Sent:* Friday, January 02, 2009 6:47 PM
>> *To:* nolug@nolug.org
>> *Subject:* Re: [Nolug] Sharing File Systems
>>
>>  
>>
>> Call me paranoid, but I wouldn't want to put either a NFS or a Samba
>> server out on the Internet.  SSHFS does have the benefit that you're
>> probably already running ssh on the servers.  If you do go with either
>> NFS or Samba, then you'll probably need to use some sort of VPN
>> software, as I don't remember either generally encrypting network traffic.
>>  
>> It sounds like you are mostly working on configuring servers and related
>> network services.  I just wanted to point out that there is a whole
>> class of software focused on pushing configs from a central location,
>> from things like puppet, tripwire, and cfengine all the way up to
>> LDAP/directory servers.  They're a bit more of a pain to set up
>> initially, but allows you to add servers easily and can provide side
>> benefits like increased security (no one changing configs behind your
>> back), versioning support, and a centralized place from which to do
>> backups.  Just an idea.
>>
>> Kevin
>>
>> On Fri, Jan 2, 2009 at 18:59, John Souvestre <johns@sstar.com
>> <mailto:johns@sstar.com>> wrote:
>>
>> Hi.
>>
>> I have two situations in which sharing the file system on a Linux box
>> would be
>> handy.  I'm looking at NFS, Samba and SSHFS.  Any others I should be
>> considering?
>>
>> 1)  This application is to allow access from one Linux box (master) to
>> two other
>> Linux boxes (slaves).  The purpose is to allow scripting to keep the
>> configs for
>> some DNS servers tightly coordinated and easy to change.  It's light
>> duty as not
>> much data will be moved and speed isn't important either.
>>
>> 2)  This is to allow access from various Windows machines to various
>> Linux (and
>> a couple of FBSD) boxes for miscellaneous maintenance activities, editing
>> mostly.  I haven't found a Linux editor I like enough to use for
>> anything other
>> than light editing.  :)
>>
>> In both cases security and reliability must be great as the Linux boxes are
>> mostly online servers of various types.  All the boxes are on the
>> Internet, some
>> behind firewalls of various types.  Some of the boxes (both Linux and
>> Windows)
>> will be outside our network thus making a secure connection desirable.
>>
>> From what I gather, for Linux to Linux I should go with either NFS or Samba.
>> Any pro's or con's here?  I did read some people saying that NFS had
>> security
>> and locking problems sometimes and that it should be consider obsolete
>> in favor
>> of Samba.
>>
>> For Windows to Linux Samba is what I see most mentioned but Microsoft
>> seems to
>> have a nice NFS client available too, so I don't know.
>>
>> Then I ran across mention of SSHFS.  If I understand correctly, this
>> requires no
>> setup on the Linux client boxes at all, just SSH.  I like this because like
>> putting as little as possible on the servers.
>>
>> SSHFS also plays nice with firewalls which can be a problem sometimes
>> for NFS
>> and Samba (is this so?).  Finally, everything is encrypted which is nice
>> should
>> a box be outside our network.
>>
>> I have seen two inexpensive SSHFS windows clients, SFTPDrive and WebDrive.
>>
>> Any advice?
>>
>> Thanks,
>>
>> John
>>
>>   John Souvestre - Integrated Data Systems - (504) 355-0609
>>
>>
>> ___________________
>> Nolug mailing list
>> nolug@nolug.org <mailto:nolug@nolug.org>
>>
>>  
>>
>>
>> -- 
>> This message was scanned by ESVA and is believed to be clean.
>> Click here to report this message as spam. <
>> http://esva.puryear-it.com/cgi-bin/learn-msg.cgi?id= >
> 
> ___________________
> Nolug mailing list
> nolug@nolug.org
> 
> --
> This message was scanned by ESVA and is believed to be clean.
> Click here to report this message as spam. 
> http://esva.puryear-it.com/cgi-bin/learn-msg.cgi?id=
> 
> 
___________________
Nolug mailing list
nolug@nolug.org
Received on 01/06/09

This archive was generated by hypermail 2.2.0 : 02/17/09 EST