Dedicated service servers

Tony Dietrich td at transoft.demon.co.uk
Mon Jan 17 19:02:19 UTC 2005 

On Monday 17 Jan 2005 18:12, Ashley M. Kirchner wrote:
>     I know there are places that do this and I'd like to figure out how
> to implement it.  Most ISPs I know will have a dedicated web server and
> dedicated user server (amongst other services.)  My guess here is that
> they do an NFS mount of say /var/www onto the user server and then
> symlink each ~user/public_html to /var/www/~user.  However, how do you
> handle permissions?  How do you set it up so that each user can modify
> their own files on /var/www/~user without a) getting a permission denied
> because of how the mount was originally mounted, and b) without being
> able to affect someone else's files.  NFS/LDAP across the servers?
>
Example only:
Most ISPs need you to explicitly choose to use their free webspace or not.  
This is because their 'New User' script does more than create a virtual mail 
user and dialup/ADSL/whatever account ... if selected the 'Use free webspace' 
option triggers the setup of an actual account on the webserver ... with very 
limited access.  Apache then authenticates the user using whatever mechanism 
the ISP chooses.
The machanism for keeping the accounts in sync with each other varies .. some 
ISPs uses LDAP to keep the passwords in sync, but seem to think that storage 
space is so cheap nowdays that there's not the need to ever delete an 
account ... I can still use a mail account and webspace on an ISP that I left 
over 8 years ago.
>     Next question: how do you deal with instances where the web server
> might've gone down for whatever reason?  What will happen with the user
> server having that stale NFS mount?  Anyone attempting to access their
> files will cause things to hang up.  Also, how to do deal with the
> chance of both machines having gone down, then coming back up and the
> users machine trying to mount the www one, while www isn't fully up and
> running yet?  I think the NFS mount will fail in that instance, but then
> what?  autofs?
>
>     What else am I overlooking?
Load sharing. NFS v4.  Fallover systems. Clustering. Shared storage. There are 
several mechanisms to sort this out.  Depends on the system design, how much 
money you are throwing at the problem, how much time you have for testing, 
whether you are building from scratch or tacking one system onto another. etc 
etc etc.
>
> --
> W | I haven't lost my mind; it's backed up on tape somewhere.
>   +--------------------------------------------------------------------
>   Ashley M. Kirchner <mailto:ashley at pcraft.com>   .   303.442.6410 x130
>   IT Director / SysAdmin / Websmith             .     800.441.3873 x130
>   Photo Craft Laboratories, Inc.            .     3550 Arapahoe Ave. #6
>   http://www.pcraft.com ..... .  .    .       Boulder, CO 80303, U.S.A.

-- 
Tony Dietrich
-------------
A morsel of genuine history is a thing so rare as to be always valuable.
-- Thomas Jefferson

More information about the fedora-list mailing list