<br><font size=2 face="sans-serif">Slight side-bar here, but I think it relates:</font>
<br>
<br><font size=2 face="sans-serif">My chain of thought:</font>
<br>
<br><font size=2 face="sans-serif">1) everyone agrees NIS works (even if it is arguable about the speed, reliability, security etc)</font>
<br><font size=2 face="sans-serif">2) everyone agrees that it can/cause have problems in some situations - especially beowulf speed related ones.</font>
<br><font size=2 face="sans-serif">3) the speed has to do with the synchronisation delays inherent in a bidirectional on-the-fly network daemon approach like NIS</font>
<br><font size=2 face="sans-serif">4) many people prefer the files approach for speed/simplicity (ie to avoid problems in 3).</font>
<br><font size=2 face="sans-serif">5) In a beowulf cluster, passwords shouldn't be changed on nodes, so a server push password system is all that's required -hence the files approach in 4).</font>
<br><font size=2 face="sans-serif">6) why not have the best of both worlds? What we need is a little daemon on the server that pushes the passwd/shadow/group/etc files to the clients over a ssh link whenever the respective file is modified on the server.</font>
<br><font size=2 face="sans-serif">7) How I suggest implementing this:</font>
<br>
<br><font size=2 face="sans-serif">The nieve/simple approach: </font>
<br><font size=2 face="sans-serif">set up the client so that root can ssh to them without a password (I suggest a ~/.ssh/authorisedkeys2 file amd a ~/.ssh/known_hosts2 file)</font>
<br><font size=2 face="sans-serif">root crontab entries that run the following commands periodically (as often as you require - depending on how much password latency you can live with)</font>
<br><font size=2 face="sans-serif"># first client</font>
<br><font size=2 face="sans-serif">/usr/bin/rsync -ae 'ssh -x' --rsync-path='/usr/bin' /etc/passwd root@client1</font>
<br><font size=2 face="sans-serif">/usr/bin/rsync -ae 'ssh -x' --rsync-path='/usr/bin' /etc/shadow root@client1</font>
<br><font size=2 face="sans-serif">/usr/bin/rsync -ae 'ssh -x' --rsync-path='/usr/bin' /etc/group root@client1</font>
<br><font size=2 face="sans-serif"># second client</font>
<br><font size=2 face="sans-serif">/usr/bin/rsync -ae 'ssh -x' --rsync-path='/usr/bin' /etc/passwd root@client2</font>
<br><font size=2 face="sans-serif">/usr/bin/rsync -ae 'ssh -x' --rsync-path='/usr/bin' /etc/shadow root@client2</font>
<br><font size=2 face="sans-serif">/usr/bin/rsync -ae 'ssh -x' --rsync-path='/usr/bin' /etc/group root@client2</font>
<br><font size=2 face="sans-serif"># etc</font>
<br>
<br>
<br><font size=2 face="sans-serif">The improved aproach (a perl program i just wrote - tell me what u think?</font>
<br>
<br><font size=2 face="sans-serif">):</font>
<br>
<br><font size=2 face="sans-serif"><br>
--------------------------------------------------------------------<br>
David Bussenschutt Email: D.Bussenschutt@mailbox.gu.edu.au<br>
Senior Computing Support Officer & Systems Administrator/Programmer<br>
Location: Griffith University. Information Technology Services<br>
Brisbane Qld. Aust. (TEN bldg. rm 1.33) Ph: (07)38757079<br>
--------------------------------------------------------------------</font>
<br>
<br>
<br>
<table width=100%>
<tr valign=top>
<td>
<td><font size=1 face="sans-serif"><b>Donald Becker <becker@scyld.com></b></font>
<br><font size=1 face="sans-serif">Sent by: beowulf-admin@beowulf.org</font>
<p><font size=1 face="sans-serif">10/05/01 10:32 AM</font>
<br>
<td><font size=1 face="Arial"> </font>
<br><font size=1 face="sans-serif"> To: Tim Carlson <tim.carlson@pnl.gov></font>
<br><font size=1 face="sans-serif"> cc: Greg Lindahl <lindahl@conservativecomputer.com>, beolist <beowulf@beowulf.org></font>
<br><font size=1 face="sans-serif"> Subject: Re: NIS?</font></table>
<br>
<br>
<br><font size=2 face="Courier New">On Thu, 4 Oct 2001, Tim Carlson wrote:<br>
> On Thu, 4 Oct 2001, Greg Lindahl wrote:<br>
> <br>
> > BTW, by slaves, do you mean "slave servers" or "clients"? There's a<br>
> > big difference. Having lots of slave servers means a push takes a<br>
> > while, but queries are uniformly fast.<br>
> <br>
> I meant clients.<br>
> 1 master, 50 clients.<br>
> The environment on the Sun side wasn't a cluster. 50 desktops.<br>
<br>
Completely different cases.<br>
Workstation clients send a few requests to the NIS server at random times.<br>
Cluster nodes will send a bunch of queries simultaneously.<br>
<br>
> Never had complaints about authentication delays. I just haven't seen<br>
> these huge NIS problems that everybody complains about.<br>
<br>
The problems are not failures, just dropped and delayed responses. A<br>
user might not notice an occasional ten second delay. When even trivial<br>
cluster jobs took ten seconds, you'll notice.<br>
<br>
> If you were running<br>
> 1000 small jobs in a couple of minutes I could imagine having problems<br>
> authenticating against any non-local mechanism.<br>
<br>
Hmmm, a reasonable goal is running a small cluster-wide job every<br>
second. I suspect the NIS delays alone take longer than one second with<br>
just a few nodes.<br>
<br>
> Our current cluster builds use http://rocks.npaci.edu/ for clustering<br>
> software. This system uses NIS. I know it is odd to hear of any other<br>
> system than Scyld on this list, but we have had good luck with NPACI<br>
> Rocks.<br>
<br>
We don't discourage discussions about other _Beowulf_ systems on this<br>
list. We have thought extensively about the technical challenges<br>
building and running clusters, and are more than willing to share our<br>
experiences and solutions.<br>
<br>
Donald Becker becker@scyld.com<br>
Scyld Computing Corporation http://www.scyld.com<br>
410 Severn Ave. Suite 210 Second Generation Beowulf Clusters<br>
Annapolis MD 21403 410-990-9993<br>
<br>
<br>
_______________________________________________<br>
Beowulf mailing list, Beowulf@beowulf.org<br>
To change your subscription (digest mode or unsubscribe) visit http://www.beowulf.org/mailman/listinfo/beowulf<br>
<br>
</font>
<br>
<br>