[OpenAFS] how?: Distribute /home to n Terminal Servers

[Nathan Rawling]

Dan,

> a situation like you describe would be doable, and would take you away
> from the situation of "one NFS server dies, all users are dead", but
> would leave you with a significantly harder to manage cluster,
> and would still leave you with "any one server dies, some set of users
> are dead".

I believe it depends a great deal on what sort of administrative hassle
you prefer. I concede that creating a user on a UNIX system with home
directories stored in AFS can be significantly more complicated than a
similar NFS system.

However, other common tasks are greatly simplified. Instead of the endless
tar-copy-tar that ensues when trying to move users from one NFS partition
(or server) to another, you get a great set of tools and infrastructure to
make it easier.

If you choose to take advantage of the single-sign-on opportunities that
exist with AFS you can almost avoid password files at all.

> If it were me, I would probably just stick with one NFS server.  The cost
> of the extra hardware is not that high, and you will more than make it
> up in manageability.  Obviously, it would be worth your while for any
> sizeable installation to give some effort/$$ to making sure that that
> NFS server did not go down.  You might invest in a hardware RAID with
> multiple host SCSI controllers, and use some sort of clustering software
> to ensure that if the primary NFS server died, that a secondary machine
> would take over.

> Such hardware raids are not too terribly expensive - I just bought a
> system with 8x80G IDE disks (host attachment via Ultra160 scsi), dual
> PSU, single controller (but i am pretty sure that dual-controller
> configs are available for a few hundred more) for under US$5000

However, you could also build a cell of 10 AFS servers using mirrored IDE
drives on some Linux variant for about $5000 too.

Personally, I like the distributed aspect of AFS. You can put one server
in a rack in one datacenter or closet, and another anywhere else, and
still seamlessly move and access your files. You can add and remove
servers without anyone becoming aware, or even noticing that their home
directory just moved halfway across the country.

I'm sorry to say that no matter how many times I dealt with a single
server that was redundant, clustered, or otherwise believed to be "safe",
something terrible happened. Sometimes the server crashed anyway, because
both RAID controllers failed at the same time, or perhaps rainwater
streamed from the ceiling onto the shared disk array of the cluster.

My preference is to have as much of my data left after a failure or
natural disaster takes out a single server (or a single site, for that
matter). I'm willing to invest a few minutes a day for the additional
peace of mind.

Nathan