disadvantages of linux cluster - admin
bogdan.costescu at iwr.uni-heidelberg.de
Thu Nov 7 05:01:06 PST 2002
On Wed, 6 Nov 2002 alvin at Maggie.Linux-Consulting.com wrote:
> - harden the server from the user standpoint
> - remove passwd command, remove tar, remove make/gcc...
I don't think that you are too serious here. I remember several years ago
when the Ping-Of-Death was discussed on Bugtraq, somebody said that admins
should remove (or remove access for users to) the "ping" program - yeah,
sure, like nobody would be able to copy another ping binary or even
compile its own.
As you have to let users:
- log on to the cluster to launch jobs
- be able to copy files to/from cluster (otherwise you do need _infinite_
storage space attached to the cluster),
you can't forbid installing their own versions of the same programs in
their own home dir. It's usually as simple as:
Having make/gcc/... unavailable is sometimes impossible - when development
is one of the purposes of the cluster. But even if they are unavailable,
it only takes another similarly configured system (and with Linux/*BSD
it's trivial to do it these days) where the compilation takes place. Even
when the architecture/OS is not readily available, cross-compiling can
still be used to achieve the same goal.
> changes... ( most expensive if it breaks - depending on 3rd party sw )
> - you dont need to apply any new changes unless it
> prevents some kind of functionality that is needed
> and or a security vulnerability/exploitability
He-he, I've found that most of the things that I want to do _do_ fall into
these categories :-)
> if one human needs help... its likely others will need the same help...
> - send um to the internal "help docs"
You probably missed the whole paragraph in RGB's message that was talking
about users - I can only say that my experience here is perfectly
described by this paragraph. Yeah, shoot them :-)
> cheaper to buy 2 systems.... than it is to buy support contracts..
> ( keep lots of "spare parts" floating around
I'm constantly amazed at the prolonged support contracts (like 2-3 years)
when, as you stated earlier, HW is out-of-stock or discontinued so fast.
Do these people keep huge stocks of whatever parts they put in your
system ? Even DIY approach of keeping spare (OK, let's say more than 1)
parts seems a bit too much to me, unless the cluster _must_ be homogenous.
> > * Shoot your users. G'wan, admit it, you've thought about it.
> give um GUIs to use .. :-)
Noooo, I think some need direct brain UIs to be able to do something !
Even so, I have doubts :-)
IWR - Interdisziplinaeres Zentrum fuer Wissenschaftliches Rechnen
Universitaet Heidelberg, INF 368, D-69120 Heidelberg, GERMANY
Telephone: +49 6221 54 8869, Telefax: +49 6221 54 8868
E-mail: Bogdan.Costescu at IWR.Uni-Heidelberg.De
More information about the Beowulf