Server Best Practices --
Preston Kutzner
shizzlecash at gmail.com
Mon Feb 9 16:49:01 UTC 2009
On Feb 7, 2009, at 7:29 PM, p.echols at comcast.net wrote:
> I have a few projects in mind that are - for me at least - somewhat
> ambitious. The question is about best practice / acceptable
> practice for server installations. (I have been using Ubuntu
> desktop on my laptop for a few years now but have a learning curve
> ahead for setting up and running a server.)
>
> The question is can all of my projects run successfully on one
> server, and if not, why would that be a bad idea. The following are
> what I have in mind (I don't think these are all really separate
> projects, but this is how they are organized in my mind):
>
> Project 1. Setting up a LAMP server for testing of web pages / apps
> before transferring them to the commercial site that has my website.
> Project 1 (a) Using the same to set up an Intranet page for home
> documents etc and info I mention this one because that would be
> about the maximum limit of the traffic.
This isn't much of a problem. You can get around some security
implications of sharing public and private sites on the same server by
using appropriate Apache access controls to determine who can access
which sites. Apache's security mechanisms are pretty good.
>
>
> Project 2. Setting up a Samba server so that the in house Windows
> users have lan based redundant (RAID-1) storage / backup area.
>
> Project 3. Allowing server to function as remote site for my office
> automatic backups.
I would lump Projects 2 and 3 together, as they sort of have the same
basic purpose, file-storage. Obviously, you'd want to make sure that
whatever firewall you have this server behind (or local firewall, if
it's not behind a separate firewall) is blocking access to Samba from
the Internet. As for your office backups, how you would implement
being a remote site is probably dependent on the requirements of your
backup configuration. I would not recommend just backing up over an
exposed SMB/CIFS share, it's just asking for trouble. If you do want
to back up to an SMB/CIFS share over the internet, I would suggest
doing it over a VPN (which would be another project in and of itself).
>
>
> Project 4. LTSP server both to serve Ubuntu desktops and w/ a
> virtual machine to serve XP desktops. (The boxes that would be
> using this all have their own licenses. But the hardware was never
> really adequate and by today's standards pathetic).
>
> The machine currently redundant and tapped as the probable server is
> a Celeron 2.4 ghz w/ 1.6 Gb RAM. Ideally I'd like to just add the
> drives required to support the necessary storage, possibly more ram
> and get started, one thing at a time.
Judging from your current system configuration, it is possible to use
it as an LTSP server. However, you'd have to give more information as
to how many clients you're expecting to serve. The number of clients
you're planning on having connect to your LTSP server will determine
what your hardware needs are. Here's a reasonable place to get a
ballpark for what you'd need: http://www.k12ltsp.org/install.html
Please keep in mind that those hardware requirements are for a server
that is SOLELY serving as an LTSP server with no other function. LTSP
is pretty resource intensive on the server-end, as all applications
technically run on the server and not on client. The more users you
have and the more applications they have open at the same time, the
more strain is placed on the server.
In light of that, adding a Windows Server (running Terminal Services
or Citrix) in a VM on the same server would be very taxing. You'd at
very least want to be running it on a server with multiple processors
or cores and devote 1 or more of the processors / cores to the VM.
You'd also have to dedicate a slice of available RAM to the VM which
means it wouldn't be available to the underlying server. If you're
going to be running a Linux / Window terminal server, I would
definitely recommend setting aside some dedicated hardware for it.
Or, at least bumping the specs up for your current system.
Otherwise, it is possible to run Apache and Samba on the same system
and have it serving as a LAMP and SMB/CIFS server. I would advise you
to look into the security implications of doing so, however. If
someone was to exploit a security flaw in PHP through one of your
sites, they might be able to gain access to files you have stored in
your Samba share or backups. In the same vein, if someone were to
exploit a flaw in Samba, they might gain access to your webroot as
well. Things to think about as you go forward with your endeavors.
As Rashkae already posted, it is *possible* to do all of these things
on one piece of hardware. I would argue that it's not *practical* or
recommended to do so. But, sometimes you just have to make due with
what you have available. Again, Projects 1-3 on the same server is
the most doable scenario. I would recommend focusing on mitigating
security risks while doing so, however. And for the LTSP / Windows
server aspect, you'd need to lay-out some cash whichever way you went
with it (upgrade current hardware / purchase new hardware) as your
current specs would probably be pretty strained under the load of
*all* of those services, especially Project 4.
--
Preston
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/ubuntu-users/attachments/20090209/cbe262fa/attachment.html>
More information about the ubuntu-users
mailing list