Tony, this is fantastic; thanks for all of the work you put into this. --SJ<br><br><div class="gmail_quote">2008/7/2 Tony Pearson <<a href="mailto:tpearson@us.ibm.com">tpearson@us.ibm.com</a>>:<br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<br><font face="sans-serif" size="2">Team,</font>
<br><font face="sans-serif" size="2">The XS School Server we build for Edublog
has been shipped to its final destination today! This is in support
of Proyecto Ceibal of OLPC Uruguay. Details of the poject here:
<a href="http://wiki.laptop.org/go/Educational_Blogger_Project" target="_blank">http://wiki.laptop.org/go/Educational_Blogger_Project</a></font>
<br>
<br><font face="sans-serif" size="2">Some key lessons learned:</font>
<br>
<br><font face="sans-serif" size="2">(a) XS install on machine with two disk
drives</font>
<br>
<br><font face="sans-serif" size="2">The unattended-kickstart XS-163.iso
image only works when there is a single disk drive. If you have two
or more disk drives, disconnect them during the initial install. Other
than that, the parts list for the hardware, and pictures of the assembly
are here: <a href="http://wiki.laptop.org/go/User:Az990tony/edublog-beta-hw" target="_blank">http://wiki.laptop.org/go/User:Az990tony/edublog-beta-hw</a></font>
<br>
<br><font face="sans-serif" size="2">(b) I was able to get "multi-boot"
working. </font>
<br>
<br><font face="sans-serif" size="2">I still need to update my notes on this
page: <a href="http://wiki.laptop.org/go/User:Az990tony/edublog-beta-sw" target="_blank">http://wiki.laptop.org/go/User:Az990tony/edublog-beta-sw</a></font>
<br>
<br><font face="sans-serif" size="2">The OS images are:</font>
<br>
<br><font face="sans-serif" size="2"> 1.
XS-163 ( what we plan to do our primary development/test)</font>
<br><font face="sans-serif" size="2"> 2.
Fedora 7 (for comparison/test purposes)</font>
<br><font face="sans-serif" size="2"> 3.
Debian 4 (for potential porting of Edublog)</font>
<br><font face="sans-serif" size="2"> 4.
SysRescCD (to repair the other three)</font>
<br>
<br><font face="sans-serif" size="2">The method could be extended to dual-boot
for XS with WIndows for example, and maybe even XS with Apple Mac OS X.
Let me know if there is any interest in either Windows or Mac OS
dual-boot scenarios.</font>
<br>
<br><font face="sans-serif" size="2">(c) RAID and LVM2</font>
<br>
<br><font face="sans-serif" size="2">While the BIOS of the motherboard advertised
"RAID" capability, this is only BIOS-assisted RAID for Windows
device drivers. Linux calls this "fake raid" and is only
supported on a few motherboards, but the one we had was not on the support
list. I was able to get instead "software raid"
mirroring "raid1" and LVM2 logical volumes, but had troubles
with this process. Converting regular partitions to raid, or regular
partitions to LVM is straight-forward, but converting either of these to
LVM2+RAID was fraught with problems, especially if the LVM2+RAID contain
any "root" directories needed to start the OS image. For
now, LVM2+RAID should only be used only for shared data directories that
are non-essential for OS boot.</font>
<br>
<br><font face="sans-serif" size="2">(d) Remote administration with SSH</font>
<br>
<br><font face="sans-serif" size="2">Our development team is all over the
place, so we set up "sshd" server with DSA private/public key
pairs. To make this feasible, I put the "/home" directory
on LVM2 logical volume so that all of the OS images could access. Fedora
and Debian have different default userid value starting points, so I used
"groupadd -g nnnn " to create a group, and "useradd -g nnnn
-u mmmm user" to create the users on each OS image. This
ensures that everyone can read their own files regardless of which OS image
they are running with.</font>
<br>
<br><font face="sans-serif" size="2">I tested with a Windows SSH client (sshWindows
on SourceForge.net), and was able to access the server successfully. </font>
<br>
<br><font face="sans-serif" size="2">(e) MySQL vs. PostgreSQL</font>
<br>
<br><font face="sans-serif" size="2">Despite Tim's excellent set of notes,
I was unable to get past his "test.php" phase, I just could not
get Apache to have authorization to the postgresql databases from the PHP
pages. I hope the remote admin team can figure this out when needed.
As a fall-back, I installed MySQL which we know should have no problems
with Moodle.</font>
<br>
<br><font face="sans-serif" size="2">(f) Ethernet ports/devices/MAC addresses</font>
<br>
<br><font face="sans-serif" size="2">A very frustrating aspect of the multi-boot
process is that each OS assigns different "eth0/eth1/eth2/eth3"
for the devices it finds. Following the XS-163 scheme of "eth0"
being the WAN connection to the outside world, and "eth1/eth2"
to be the internal LAN connections, there were means to set Fedora and
Debian to match. This way, "eth0" is always the WAN connection
regardless of OS image currently running.</font>
<br>
<br><font face="sans-serif" size="2">(g) Backup methodology</font>
<br>
<br><font face="sans-serif" size="2">Seeing that moving partitions around,
converting to raid, and LVM2, required a backup method, but the "Mondo
Rescue" method deployed in OLE/Nepal did not handle the raid/LVM2
very well.</font>
<br>
<br><font face="sans-serif" size="2">Instead, I was able to use "SysRescCD"
(from <a href="http://sysresccd.org/" target="_blank">http://sysresccd.org/</a>) which is developed in France, and has English
and Spanish instruction manuals. This was able to understand raid
and LVM2 devices, and has "partimage" tool to backup regular
partitions, raid-mirrored partitions, and LVM2 logical volumes.</font>
<br>
<br><font face="sans-serif" size="2">(h) Boot-CD and Recover-DVD</font>
<br>
<br><font face="sans-serif" size="2">Part of the project was a "nice-to-have"
requirement for a Recover DVD to rebuild the machine to original working
state in case the devlopers do something bad that breaks the system. I
chose SysRescCD, customized to run "sshd" on boot with the appropriate
settings, users and public keys in place. I created a "Boot-CD"
that is only 200MB, and a Recover-DVD which boots just like the Boot-CD,
but has 3.7GB of backup files (mostly from "partimage" tool).
I did not have time to fully test an automated recovery, but was
able to summarize the seven steps involved. The advantage is that
these seven recovery steps can be done by remote administration, you only
need someone to reboot the XS with the Recovery DVD, and let the remote
admins do the rest. </font>
<br>
<br><font face="sans-serif" size="2">(i) Rescue OS image on the disk drive
itself</font>
<br>
<br><font face="sans-serif" size="2">I wanted to put the SysRescCD on the
hard disk itself, but again it assigns "eth0/eth1/eth2" differently
than what I had already done with Fedora and Debian. I worked with
my new friends at SysRescCD, and they added a kernel parameter "nameif="
that allows me to specify "eth0" to be the motherboard port,
"eth1" to be the top NIC and "eth2" to be the bottom
NIC card, just as they are defined with the other OS images. Here
is the description:</font>
<br>
<br><font face="sans-serif" size="2"><a href="http://www.sysresccd.org/news/2008/06/28/option-to-define-the-name-of-a-network-interface-using-the-mac-address/" target="_blank">http://www.sysresccd.org/news/2008/06/28/option-to-define-the-name-of-a-network-interface-using-the-mac-address/</a></font>
<br>
<br><font face="sans-serif" size="2">With this parameter, I was able to match
the "eth" settings of XS-163, and have it as a fourth "boot
OS" image. While SysRescCD can be put onto existing OS image
partitions, I chose instead to put this as /dev/sda1, and moved the
shared /boot directory to /dev/sda2.</font>
<br>
<br><font face="sans-serif" size="2">Hopefully, it will arrive and be online
for development purposes next week.</font>
<br><font color="#888888">
<br><font face="sans-serif" size="2">Tony Pearson</font>
<br><font face="sans-serif" size="2"><a href="http://wiki.laptop.org/go/User:Az990tony" target="_blank">http://wiki.laptop.org/go/User:Az990tony</a></font></font><br>_______________________________________________<br>
Server-devel mailing list<br>
<a href="mailto:Server-devel@lists.laptop.org">Server-devel@lists.laptop.org</a><br>
<a href="http://lists.laptop.org/listinfo/server-devel" target="_blank">http://lists.laptop.org/listinfo/server-devel</a><br>
<br></blockquote></div><br>