[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Colo Servers, Telco-Grade Configuration, Embedded/Turnkey Systems

 I have a question related to a variety of similar common server
 configurations.  In many cases servers are remote; they have no
 console, or the console is almost always unattended.

 There are a number of settings that will make a system (even a 
 PC) much more robust under these circumstances.  Currently I have
 to hack them into the rc*, /etc, /proc and other places by hand
 when I'm setting up such a system.

 Here's a sample of some of the settings that I change/use:

 	Move the /usr/bin/logger to /bin (so it's on the root
	fs before /usr is mounted).

	Change the ifconfig and networking to enable networking
	before fsck, mounting, etc.

	Put sshd (and libz and libcrypto) on the root filesystem 
	and start it from a respawn (-D) option in /etc/inittab.

	Likewise for syslogd and crond,

	Tune the kernel for panic=60 (don't hang at a crashdump
	forever), reboot after a small timeout.

	Configure lilo and the kernel for serial console; add
	dumb-terminal getty entries (if I have some sort of terminal 
	server in that rack/cabinet, sometimes I just crosslink the 
	serial ports from nearby boxes --- so I can get to the serial
	console of any one box from its neighbor (a daisy chain)
	[I'd like to figure out how to do that so each null modem
	can be bidrectionally attached --- each as a monitoring getty
	but doesn't emit an issue file until it recieves a break or
	<Enter> or something].

	Install software watchdog and loaddog utilities. (Sometimes,
	I install hardware watchdog timer cards).

	I go through rc scripts and change as many of them to use 
	logger -s for their errors and warnings as I can.  

 I do various other tweaks as they occur to me and has required by 
 particular systems.

 Obviously (being a lazy bum) I'd like to have some of these merged
 into Debian policies, or at least made compatible with policy and
 automated into an installable package.
 I'd like to see Debian GNU/Linux come to completely dominate the 
 colocated and telco-grade remote/isolated server markets.  These 
 sorts of unattended systems (sometimes called "embedded" or "turnkey"
 systems) are a huge marketshare among full-time professional system
 It's pretty common to want maximal robustness and secure remote 
 accessibility for such systems.  Driving across town and "getting
 into the cage" (dealing with Pinkerton's dweebs and fingerprint
 or palm reader machines at the front door, etc) is a hassle.  Linux
 is far better for this than *cough* any Microsoft OS; and it's
 almost as good as any other UNIX (better than any other PC UNIX).

 But, it could be better.  

 What do I want?

 I want to see a version of syslog that can be started off the
 root fs before any other filesystems are started, even before
 the network interfaces are configured.  It would buffer its
 messages in RAM (malloc'd) until it can open all of its
 pipes, files, and sockets.  It would have a signal handler that
 would tell it when to try opening /var/log, and it's UDP/TCP sockets
 tunnels, or whatever, et al (and/or it could try periodically until 
 those succeed).  Maybe another signal (USR2?) could tell it to 
 give up on any dead sinks that were listed in /etc/syslog.conf
 (posting a warning/error to any of the successfully opened sinks).

 I want to see logger moved to the rootfs.  I'd like to see all
 rc scripts use it for all error and warning output (using it with -s
 causes those to be tee'd to stderr, too).

 I want to see sshd and its requisite libraries moved to the rootfs
 (and optionally put in inittab with a respawn and the necessary
 --- and quite recent! --- -D (don't fork/daemonize) option).

 I'd like to see static network configuration (optionally) resequenced
 so that it occurs before fsck/mounting.

 I'd love to see a (tricky) option that would run the rc scripts
 under a detached screen session (if screen was installed) so that
 any sort of rc script "hang at fsck" type conditions could be
 handled remotely (assuming we got far enough to get sshd and screen
 started --- I'd ssh into the "down" system, re-attach to the screen
 session and handle the problem interactively).  Of course we'd like
 for all scripts to have and ABSOLUTELY UNATTENDED, DON'T STOP FOR
 ANYTHING, robustness --- but we might not ever quite get there ---
 so a run under screen hack might help for that last 1%.

 I'd like to see an installable package that would configure the
 kernel, bootloader, and inittab for serial console and login.

 I'd like to see a 'task-unattended-server' that would include
 software watchdog and panic= settings.

 I'd like to see other ideas for the things I've missed.

 I'd like a winning lottery ticket in that California lottery,
 too.  (Think of what SPI and FSF could do with little portions 
 of that!).

Reply to: