Accessing Network File System (NFS) from Linux* Laptop

Similar documents
VMware vsphere 5.1 Advanced Administration

VMware vsphere 5.0 Boot Camp

ICANWK401A Install and manage a server

Designing a Windows Server 2008 Applications Infrastructure

Designing a Windows Server 2008 Applications Infrastructure

File Services. File Services at a Glance

VMWARE VSPHERE 5.0 WITH ESXI AND VCENTER

Windows Services. Support Windows and mixed-platform workgroups with high-performance, affordable network services. Features

Windows Server 2008 R2 Hyper V. Public FAQ

29/07/2010. Copyright 2010 Hewlett-Packard Development Company, L.P.

InterWorx Clustering Guide. by InterWorx LLC

SonicWALL WAN Acceleration FAQ Document

Building Storage Service in a Private Cloud

VMware vsphere 4.1 with ESXi and vcenter

Global Filesystems in the Real World: Comparing Experiences with AFS and NFS. Phillip Moore

Course 6437A: Designing a Windows Server 2008 Applications Infrastructure

Unified Threat Management Systems (UTMS), Open Source Routers and Firewalls. Tim Hooks Scott Rolf

Intro to Virtualization

6437A: Designing a Windows Server 2008 Applications Infrastructure (3 Days)

Solution for private cloud computing

Deploying BitDefender Client Security and BitDefender Windows Server Solutions

What is included in the ATRC server support

Designing a Windows Server 2008 Applications Infrastructure

The Evolution of the Virtual Environment

Setting up a DNS MX Record for mail.corp.com p. 327 Installing Fedora on the Front-End Mail Server with the Postfix and SpamAssassin Packages

HP Intelligent Management Center Enterprise Software Platform

Transparent fileservices for Windows, Unix and Mac

CVE-401/CVA-500 FastTrack

Creating the Conceptual Design by Gathering and Analyzing Business and Technical Requirements

Virtualization Support - Real Backups of Virtual Environments

Install Guide for JunosV Wireless LAN Controller

To join the audio portion of this webcast: meeting code

Design a Scalable Virtual Desktop Infrastructure

Getting More Performance and Efficiency in the Application Delivery Network

Basic IPv6 WAN and LAN Configuration

Compatibility and Support Information Nasuni Corporation Natick, MA

APPLICATION FOR BOARD APPROVAL. of Locally Developed Course. MCP CERTIFICATION 11/12a/12b/12c

13 Courses Quick Guide

Professional Integrated SSL-VPN Appliance for Small and Medium-sized businesses

MCSE SYLLABUS. Exam : Managing and Maintaining a Microsoft Windows Server 2003:

Oracle Solaris Security: Mitigate Risk by Isolating Users, Applications, and Data

Full and Para Virtualization

Implementing and Administering Security in a Microsoft Windows Server 2003 Network

Open Source Terminal Server Architecture for Enterprise Environment

CA ARCserve Family r15

Whitepaper. NexentaConnect for VMware Virtual SAN. Full Featured File services for Virtual SAN

A Virtual Filer for VMware s Virtual SAN A Maginatics and VMware Joint Partner Brief

Desktop U-M. September 28, 2011 Ryan Henyard ITS Desktop Infrastructure

VitalQIP Appliance Manager (AM)

1. Installation Overview

Release Version 4.1 The 2X Software Server Based Computing Guide

HP Intelligent Management Center Standard Software Platform

Release Version 3 The 2X Software Server Based Computing Guide

How to build an Identity Management System on Linux. Simo Sorce Principal Software Engineer Red Hat, Inc.

What s New in Juniper Networks Secure Access (SA) SSL VPN Version 6.4

Integrating UNIX and Linux with Active Directory. John H Terpstra

Designing and Implementing a Server Infrastructure

Kingston Communications Virtualisation Platforms

MODULE 3 VIRTUALIZED DATA CENTER COMPUTE

Solution for private cloud computing

Windows Server on WAAS: Reduce Branch-Office Cost and Complexity with WAN Optimization and Secure, Reliable Local IT Services

Deliver Secure and Accelerated Remote Access to Applications

HP Intelligent Management Center Standard Software Platform

WanVelocity. WAN Optimization & Acceleration

70-647: Windows Server Enterprise Administration

Citrix XenServer 5.6 Feature Pack 1 Quick Start Guide. Published Monday, 17 January Edition

SCOPE DOCUMENT. Trade Name IT- Network Systems Administration Post- Secondary DATE OF DISTRIBUTION VIA WEBSITE

Veeam Cloud Connect. Version 8.0. Administrator Guide

MCSA Objectives. Exam : TS:Exchange Server 2007, Configuring

Outgoing VDI Gateways:

Bosch Video Management System High Availability with Hyper-V

50331D Windows 7, Enterprise Desktop Support Technician (Windows 10 Curriculum)

Boas Betzler. Planet. Globally Distributed IaaS Platform Examples AWS and SoftLayer. November 9, IBM Corporation

SharePoint 2013 Logical Architecture

Designing and Implementing a Server Infrastructure

SharePoint 2013 on Windows Azure Infrastructure David Aiken & Dan Wesley Version 1.0

Apple Pro Training Series. OS X Server. Essentials. Arek Dreyer. and Ben Greisler

VMware Server 2.0 Essentials. Virtualization Deployment and Management

Centralized Mac Home Directories On Windows Servers: Using Windows To Serve The Mac

How To Create A Virtual Desktop In Gibidr

Installation Overview

A Guide to New Features in Propalms OneGate 4.0

Objectif. Participant. Prérequis. Remarque. Programme. Windows 7, Enterprise Desktop Support Technician (seven)

U-LITE Network Infrastructure

Deploying BitDefender Client Security and BitDefender Windows Server Solutions

Desktop Virtualization. The back-end

VMware Backup and Deduplication. Written by: Anton Gostev Product Manager Veeam Software

OGF25/EGEE User Forum Catania, Italy 2 March 2009

Veeam Backup & Replication

Oracle Desktop Virtualization

MCSA Security + Certification Program

How To Create A Cloud Based System For Aaas (Networking)

Gladinet Cloud Enterprise

Firewall, Mail and File server solution

Windows 7, Enterprise Desktop Support Technician

Open Directory. Apple s standards-based directory and network authentication services architecture. Features

SECURE, ENTERPRISE FILE SYNC AND SHARE WITH EMC SYNCPLICITY UTILIZING EMC ISILON, EMC ATMOS, AND EMC VNX

Data Centers and Cloud Computing

Satish Mohan. Head Engineering. AMD Developer Conference, Bangalore

Implementing Microsoft Azure Infrastructure Solutions

Transcription:

Accessing Network File System (NFS) from Linux* Laptop Gregory Touretsky Senior Systems Engineer Intel Corporation gregory.touretsky@intel.com

Intel s Engineering Environment Around 70 design centers worldwide Hardware/Software development, mostly Unix*-based Large design projects span multiple sites Large farms of data-less Linux* compute servers used for batch and interactive jobs NFS is used for data sharing within data centers

Typical Intel Design Center Environment Data Center Universe NFS Samba servers CIFS NFS servers Access allowed based on netgroups NFS NFS Linux Batch Farms Linux Interactive hosts X11 Engineers use MS Windows*-based laptops to connect backend Unix environment

Typical Intel Design Center Environment: Future Data Center Universe NFS Samba servers CIFS NFS Linux Interactive hosts NFS servers NFS Linux* Batch Farms Linux and MS Windows* virtual machines on mobile client

2007 Unified Client Environment Service Partition Virtual Machine Office Partition Virtual Machine Linux* CAD Design Virtual Machine Linux SW Dev Virtual Machine Win CAD or SW Dev Virtual Machine Common system administration and management services ex: security, backup, inventory, SW/OS provisioning, monitoring, etc. Always ON and servicing all other system partitions Standard Intel IT Office client environment ex: MS Office* Suite, IE*, IM, VoIP, Net Meeting*, WinZip*, Win DVD*, etc. By default, can be turned off/on ondemand Linux-based CAD design tools and environment ex: Interactive EDA CAD tools, X11 connectivity, batch, etc. On-demand image instantiation Linux-based SW development environment ex: ClearCase* or other SCM tool, debugger, editor, compiler, etc. On-demand image instantiation Windows CAD or SW development environment ex: VSS, Visual.Net, Windows CAD tools, etc. On-demand image instantiation Micro-Hypervisor Virtual Machine Manager (VMM) VT Enabled Hardware Platform Host BIOS CPU GMCH ICH HDD NIC TPM

2005 Unified Client Environment O/S Hosted Linux* Linux Interactive EDA CAD Software, Linux Software Development Tools, Batch Services O/S Hosted IT Apps Win XP* Pro MS Office* Suite, Internet Explorer*, Instant Messaging, VoIP, Net Meeting*, WinZip*, Win DVD, Client Backup, SharePoint* Svcs SW VMM (VT Enabled Product) Operating System Drivers and Infrastructure/Mgmt. Services Linux Host Operating System Host Platform Software (Linux) Hardware Platform Host BIOS CPU GMCH ICH HDD NIC

Challenge: Secure NFS Access from Roaming Linux* Client Different types of connectivity: Office LAN Conference room WLAN Home/public Internet via VPN Remote site over WAN Future: multiple Linux virtual machines from the same host with different security levels Can t rely on the existing NFSv3 security (IP-based netgroups)

Examined Options Solution Pros Cons NFSv4 Kerberos support Access Control Lists (ACLs) Delegation and other WAN goodies Might not be mature enough Lack of vendor support Some features are not supported yet NFSv3 + Kerberos Re-use existing infrastructure No support by all vendors No support for ACLs, WAN NFSv3 + netgroups Use existing exports restriction model add mobile-client netgroup DNS and netgroups caching on file servers

Examined Options (Continued) Solution Pros Cons NFSv3 over SSH tunnel Performance Scalability Support NFSv3 over OpenVPN Transparent for roaming clients, tunnel survive client IP change Certificates for authentication Performance Extra IP addressees VPN tunnel endpoint system Smbmount through Samba Performance Lack of full Unix semantics

Chosen Directions Short term NFSv3 over OpenVPN tunnel Long term NFSv4 Lots of integration will be required OS vendors support is crucial

NFS over OpenVPN architecture Office Filer Home Site NIS Local services: Licenses DHCP Conference Room Proxies pool Ex: <site>-login hosts OpenVPN server Rsync server for NIS maps distribution to UCE clients Home Office Remote Site Local services: Licenses DHCP Working from home

NFS over OpenVPN: Best Known Methods Automounter maps are cached on clients - updated hourly via rsync from the proxy Routing table on clients updated every time new NFS server appears on automounter map Several OpenVPN processes run on the proxy for better performance Several OpenVPN servers share single DNS RR alias for load balancing and redundancy Certificates management/distribution mechanism should be defined

Next Steps Deploy certificates management solution for OpenSSL authentication Approach NFSv4 deployment towards multipartitioned systems Identification, Authentication integration Automounter support Backward compatibility old NFS servers? Mixed security mode (v3/v4) for new servers Vendors support Performance Define secure file system sharing solution between different VMs within single client

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information