Re: Today's experiences installing skolelinux at a school
Hi Mike,
2014-03-31 4:25 GMT+08:00 Mike Gabriel <mike.gabriel@das-netzwerkteam.de>:
> Hi Frenklin,
>
>
> On So 30 Mär 2014 16:46:45 CEST, Franklin Weng wrote:
>
>>> Was that login on another client on the Debian Edu network that failed or
>>> user/admin login on TJENER?
>>>
>>
>> On tjener.
>
>
> Hmmm... ok. Then KDC would normally not notice that (because the times on
> client and server (same machine) are identical). Maybe there indeed is some
> timestamp issue in recent OpenLDAP versions that I have not stumbled upon,
> yet.
Under this condition I could even not see correct uid/gid in
/skole/tjener/home0. For example, my own home directory should be at
/skole/tjener/home0/franklin with uid/gid set to franklin/franklin.
But under that condition (LDAP with future timestamp) in
/skole/tjener/home0/ I saw the uid/gid of franklin is 1000/1000.
If timestamp okay but unable to login after subnet_change, I could see
uid/gid as franklin/franklin for /skole/tjener/home0/franklin.
Another symptom was that, if LDAP was unusable, the login prompt of
kdm will be delayed for several (up to 10) seconds.
>>>> 3. The performance was not as good as our last test. We wondered if it
>>>> was
>>>> because of the quality of the LAN. One of the client could boot and
>>>> logged
>>>> into the system, but when operating (for example, browsing web pages or
>>>> using some software) it disconnected with the main server, hence had
>>>> problems writing configs back to home folder.
>>>
>>>
>>>
>>> Urgh... that is strange. Maybe DNS problems, as well. I noticed earlier,
>>> that Debian Edu systems behave weirdly, if upstream (internet) DNS is
>>> unavailable. Not sure why.
>>>
>>
>> DNS worked that time I think.
>
>
> Ok...
>
>
>> Yesterday we went there again and was sure that LAN is gigabit and worked
>> well. It means that we still didn't find out why.
>>
>> Another problematic scenario was that, the teacher asked (about nearly 30)
>> students to download a video clip from youtube. Then 10 of them
>> experienced
>> network problem. They could no longer connect to anywhere until they
>> rebooted.
>
>
> A classroom full of youtube watchers is not a good idea, at all. But the
> system should slow down, rather then break.
>
> Have you tried setting the NFSv4 options setup from sync to async? In
> another post from Wolfgang Schweer I read today that there is such an issue
> in the Debian Edu wheezy system.
>
I'll try it.
>>>> 4. When clicking the menu icon, it would sometimes show the menu very
>>>> slowly, maybe after 5 or more seconds. Also when I pointed the mouse to
>>>> a
>>>> category, it would sometimes show the second layer menu very slowly.
>>>> Was
>>>> it because the home folder was remotely mounted? Is there any way to
>>>> improve this?
>>>
>>>
>>>
>>> This happens, because on first menu clicks the .desktop files are read
>>> from disk/NFS. Next time, menus are obtained from the diskless client's
>>> RAM
>>> cache. You could try to read-ahead the .desktop files somehow.
Could you please tell me more about "read-ahead"? I added a script
reading all the .desktop and .directory files after logging into KDE.
I put it in /etc/X11/Xsession.d/98read-ahead, using a nested for loop
to read all desktop files under /usr/share/applications. (cat
/usr/share/applications/kde4/dolphin.desktop > /dev/null 2>&1)
However this morning the teacher told me that the speed showing the
menu items was still the same.
>>
>> Thanks for the information.
>>
>> BTW, I tried to improve NFS performance in a gigabit environment but
>> didn't
>> know where to put NFS parameters. Could you please tell me how to improve
>> NFS performance ?
>
>
> On the server (TJENER) it is /etc/exports (of course).
>
> For the clients, you have to dive into the LDAP DIT (use ldapvi for it and
> set env var VISUAL=<editor-of-my-choice>).
>
> The command line for me is
>
> VISUAL=mcedit ldapvi --discover -D
> cn=admin,ou=ldap-access,dc=skole,dc=skolelinux,dc=no
>
> The original bootstrapping of those LDAP objects responsible for AutoFS
> mounts is derived from these files [1]. Search for the corresponding entries
> in your LDAP data.
>
> Mike
>
> [1]
> http://anonscm.debian.org/viewvc/debian-edu/branches/wheezy/debian-edu-config/ldap-bootstrap/autofs.ldif?view=markup
>
> PS: your mail client seems to break mail quoting when viewing the mail in
> plain text. Not sure if you post your mails as HTML or plaintext, but you
> may consider sending plain text mails (if you don't do that already).
Sorry. I used gmail all the time (including on my phone) but didn't
change the default option (HTML). I changed to plain text mode this
time.
Franklin
Reply to: