[PPT] - Service layering I n t e g r a t i n g S a mb a w i PowerPoint Presentation

SLIDE 1

Service layering

I n t e g r a t i n g S a mb a w i t h e x i s t i n g D N S i n f r a s t r u c t u r e

S a mb a X P 2 1 8 J u n e 6 t h / 7 t h 2 1 8

P i e t e r H

l

l a n t s

SLIDE 2

Pieter who?

F r a n k f u r t , G e r ma n y

b

a s e d d e v e l

p

e r ( P y t h

n

, C , … ) b u t a l s

.

. .

➔ 3

y I T s u p p

r

t i n N e t w a r e / Wi n 9 5 t i me s

➔ 9

y ( S e n i

r

) I n t e r n a t S U S E C

n

s u l t i n g

➔ 4

y L i n u x S y s t e ms E n g i n e e r a t G e r ma n A i r T r a ffjc C

n

t r

l

( a u t

ma

t e d i n s t a l l a t i

n

s

f

h i g h a v a i l a b i l i t y

s

y s t e ms , h a r d w a r e s t a n d a r d i z a t i

n

) . . . a n d f r e e l a n c i n g s i n c e

v

e r 1 5 y ( d e v & a d mi n )

SLIDE 3

I love Samba and I hate Samba

. . . f

r

i t i s l

v

e l y i f i t w

r

k s b u t a n i g h t ma r e t

d

e b u g .

➔ U

s i n g S U S E L i n u x s i n c e 5 . , t h u s S a mb a s i n c e 2 . . 5 ( ? )

➔ N

t

a S a mb a d e v e l

p

e r

➔ S

u p p

r

t e d s ma l l c

mp

a n i e s w i t h Wi n d

w

s c l i e n t s , N T 4 d

ma

i n w i t h s i n g l e P D C , s h a r e s , n e t l

g
n

s c r i p t s , p r i n t e r d r i v e r s , O p e n L D A P & R F C 2 3 7 b i s f u n

➔ U

n f

r

t u n a t e l y n

S

a mb a A D , c u s t

me

r s w e n t Wi n d

w

s / O u t l

k

r

u

t e

cstan.io

SLIDE 4

Samba community & me

➔ A

l w a y s l i k e d c r

s

s

p

l a t t f

r

m a p p r

a

c h e v e n i f n

t

e x a c t l y s e x y a mo n g p u r i s t i c L i n u x b e a r d s

➔ N

s

t e a d y me mb e r

f

a n y c

mmu

n i t y d u e t

c
n

t i n

u

s l y c h a n g i n g i n t e r e s t s & p r

f

a n e r e q u i r e me n t s s u c h a s e a r n i n g mo n e y

➔ L

n

g b e e n e y e i n g w i t h s a mb a X P

➔ T

a k i n g p a r t s i n c e 2 1 4 t

g

e t c l

s

e r t

c
mmu

n i t y

➔ L

a c k

f

u s e r t a l k s , s t r

n

g f

c

u s

n

d e v t

p

i c s

➔ T

h i s y e a r g

t

mo t i v a t e d t

p

u t my mo n e y w h e r e my mo u t h i s a n d s u b mi t t e d t a l k

SLIDE 5

SOHO?

SLIDE 6

London SOHO?

Wikimedia Commons / panoramio.com / joinai; CC

SLIDE 7

SOHO!

➔ We

l l

a

g e d t e r m f

r

S m a l l O ffjc e / H

m

e O ffjc e w i t h 1 t

1

e mp l

y

e e s

➔ T

y p i c a l e v

l

u t i

n

: S i n g l e P C → P C s → S e r v e r → N A S → c l

u

d s e r v i c e s ?

➔ N

I

T d e p a r t me n t

➔ N

(

f u l l

t

i me ) a d mi n i s t r a t

r

➔ R

e s t r i c t i

n

s

n

t i me a n d b u d g e t

➔ B

a c k u p s

f

t e n n e g l e c t e d

➔ R

e d u n d a n c y u n r e a l i s t i c

➔ “

C

s

t

f

f a i l u r e < c

s

t

f

mi t i g a t i

n

”

Wikimedia Commons / Stubacca; CC-BY-SA

SLIDE 8

I agree to disagree...

➔ G

t

L A N s w i t h c e n t r a l d e v i c e ( s e r v e r / N A S ) a s c e n t r a l d a t a s t

r

e f a c i l i t a t i n g b a c k u p

➔ I

mp r

v

e d r e l i a b i l i t y t h a n k s t

➔d

i s t r i b u t i

n
f

f u n c t i

n

a l i t y

v

e r mu l t i p l e d e v i c e s

➔a

d v e n t

f

fm a s h

b

a s e d l

w

v

l

t a g e d e v i c e s s u c h a s r

u

t e r s , r e d u c i n g r i s k

f

me c h a n i c a l f a i l u r e s ( n

h

a r d d i s k s , n

f

a n s )

➔ P

r i c e d r

p

f

r

ma n a g e a b l e s w i t c h e s , U P S e s … A f f

r

d a b l e r e l i a b i l i t y n

w

a t

p

i c i n S O H O a s w e l l .

SLIDE 9

Service layering model (1/2)

I l i k e t

m
d

e l t h e n

l
n

g e r s

t

r i v i a l S O H O w

r

l d a n d d i s t i n g u i s h b e t w e e n

➔

b a s i c n e t w

r

k s e r v i c e s ( n e c e s s a r y u t i l i t i e s f

r

)

➔

p r

d

u c t i v e s e r v i c e s ( p r

v

i d e a c t u a l c u s t

me

r v a l u e ) . B a s i c n e t w

r

k s e r v i c e s a r e i n d e p e n d e n t = P r

d

u c t i v e s e r v i c e s d

n

’ t i n t e r f e r e w i t h t h e m. “ I f e v e r y t h i n g a b

v

e c r a s h e s , I s t i l l w a n t t

b

e a b l e t

s

u r f t h e We b f

r

t r

u

b l e s h

t

i n g p u r p

s

e s . ”

SLIDE 10

Service layering model (2/2)

➔ I

n S O H O D N S & D H C P r e q u i r e me n t s a r e e a s y

➔ C

a n b e s e r v e d b y d n s ma s q r u n n i n g

n

a n e mb e d d e d O S s u c h a s O p e n Wr t

n

a fm a s h

b

a s e d r

u

t e r . Wh e r e w

u

l d w e p l a c e S a mb a ?

SLIDE 11

Samba NT4-style DC

➔ E

a s y : r u n n mb d , s mb d , w i n b i n d , d

n

e .

➔ N

e t B I O S / WI N S r u n s p r e t t y i n d e p e n d e n t f r

m

D N S .

➔ N

i

n t e r f e r e n c e w i t h b a s i c n e t w

r

k s e r v i c e s

SLIDE 12

Samba AD

T h r e e a d d i t i

n

a l s e r v i c e s w i t h t i g h t i n t e r d e p e n d e n c i e s a n d p e c u l i a r i t i e s

f

t h e i r

w

n :

➔ K

e r b e r

s

➔ L

D A P

➔ D

N S

SLIDE 13

AD DNS peculiarities (1/2)

S p e c i a l r e q u i r e me n t s f

r

D N S s e r v e r s :

➔ d

y n a mi c D N S u p d a t e s

➔ s

p e c i a l S R V / A / C N A M E r e c

r

d s f

r

l

c

a t i n g s e r v i c e s D N S s e r v e r s r u n n i n g

n

e mb e d d e d L i n u x n

t

r e a l l y w e l l

s

u i t e d : K a i B l i n l

k

e d a t d n s ma s q

1

, b u t d e a d e n d . C

u

l d c r e a t e r e q u i r e d r e c

r

d s ma n u a l l y

2

, b u t t

h

a c k i s h a n d u n s u p p

r

t e d . A n d s t i l l n

d

y n a mi c D N S u p d a t e s .

1 : h t t p : / / l i s t s . t h e k e l l e y s .

r

g . u k / p i p e r ma i l / d n s ma s q

d

i s c u s s / 2 1 q 1 / 3 5 5 4 . h t ml 2 : h t t p : / / e d

c

e

.

c

m/

h

w

t

/

s a mb a 4

SLIDE 14

AD DNS peculiarities (2/2)

Wi t h d n s ma s q

u

t

f

t h e g a me t w

p

t i

n

s :

➔ S

a mb a

i

n t e r n a l D N S s e r v e r w r i t t e n b y K a i B l i n ( f

r

s ma l l e r s e t u p s , l i mi t e d f u n c t i

n

a l i t y : n

c

a c h i n g , n

r

e c u r s i v e q u e r i e s , n

x

f e r s . . . )

➔ B

i n d 9 w i t h D L Z D N S B a c k e n d ( c

mp

l e x c

n

fj g u r a t i

n

, f

r

l a r g e r s e t u p s ) P r

b

l e m: t h e y ( s t i l l ) d

n

’ t r e a l l y r u n

n

e mb e d d e d L i n u x w e l l , n e i t h e r S a mb a n

r

B i n d .

SLIDE 15

Could use this...

➔ S

D c a r d s n

t

r e a l l y r e l i a b l e

➔ P

r e f e r e mb e d d e d d e v i c e s w i t h fm a s h

➔ O

r r e a l h a r d w a r e . . .

SLIDE 16

The problem

➔ S

e r v e r w i t h S a mb a / B i n d 9 b e c

me

s p r

d

u c t i v e s e r v i c e b u t w e s a i d D N S i s b a s i c s e r v i c e – mo d e l v i

l

a t i

n

!

➔ (

S i n g l e ) P

i

n t

f

F a i l u r e : S a mb a d

w

n , a l l D N S d

w

n

SLIDE 17

Running both at the same time

a . ) C l i e n t s t a l k t

S

a mb a , f

r

w a r d i n g t

d

n s ma s q

➔ D

e

s n ’ t s

l

v e i s

l

a t i

n

p r

b

l e m: S a mb a d

w

n → a l l d

w

n ! b . ) P r i ma r y D N S : S a mb a ( f

r

w a r d i n g t

d

n s ma s q ) S e c

n

d a r y D N S : d n s ma s q

➔ S

a mb a d

w

n → t i me

u

t s f

r

a l l !

➔ I

n c

n

s i s t e n t c l i e n t b e h a v i

r

d e p e n d i n g

n

u s e d D N S s e r v e r ( r e c

r

d s a v a i l a b l e v s . n

t

a v a i l a b l e )

SLIDE 18

So what now, Sherlock?

O n s e c

n

d t h

u

g h t w h a t w e r e a l l y w a n t i s :

➔ o

n l y A D c l i e n t s d e p e n d

n

S a mb a ( f

r

w a r d i n g t

d

n s ma s q )

➔ a

l l

t

h e r c l i e n t s d e p e n d

n

d n s ma s q

n

l y B e c a u s e i f S a mb a ’ s D N S i s d

w

n , s

i

s t h e r e s t

f

S a mb a a n d A D c l i e n t s a r e a fg e c t e d a n y w a y H

w

e v e r e . g . L i n u x c l i e n t s k e e p w

r

k i n g

SLIDE 19

So what now, Sherlock??

C

u

l d f e e d c l i e n t s d i fg e r e n t D N S s e r v e r s v i a D H C P s

t

h e y g e t d i fg e r e n t “ v i e w s ”

n

s a me D N S z

n

e

➔ We

’ d h a v e t

r

e p l i c a t e d n s ma s q r e c

r

d s t

S

a mb a s

i

t k n

w

s “ b a s i c ” z

n

e r e c

r

d s a s w e l l

➔ S

a mb a ’ s i n t e r n a l s e r v e r c a n ’ t d

t

h a t a c t u a l l y

➔ E

v e n i f i t c

u

l d , d n s ma s q c e r t a i n l y c a n ’ t . . . h e y , w h y d

n

’ t w e g i v e A D a s e p a r a t e D N S z

n

e ? H

w

a b

u

t s u b z

n

e ?

SLIDE 20

Enlightenment (1/2)

➔ d

n s ma s q s t a y s p r i ma r y / s e c

n

d a r y D N S f

r

a l l c l i e n t s

➔ C

n

fj g u r e d n s ma s q t

f
r

w a r d r e q u e s t s f

r

s u b z

n

e t

S

a mb a ( n

t

D N S d e l e g a t i

n

: n

N

S r e c

r

d s n e e d e d )

SLIDE 21

Enlightenment (2/2)

➔ D

H C P h a n d s

u

t * . a d . my z

n

e . n e t n a me s t

A

D c l i e n t s .

➔ (

A l mo s t ) n

t

h i n g t

d
w

i t h I P s u b n e t s : t w

D

N S z

n

e s , b u t s t i l l

n

l y

n

e I P s u b n e t ! ( H

w

e v e r . . . )

SLIDE 22

Forward ever...

S

f

a r

n

l y a d d r e s s e d f

r

w a r d l

k

u p s f r

m

n a me s t

I

P a d d r e s s e s . P e r f e c t l y fj n e t

h

a v e b

t

h

➔ d

n s ma s q : my s e r v e r . my z

n

e . n e t A 1 9 2 . 1 6 8 . . 1

➔ S

a mb a : my s e r v e r . a d . my z

n

e . n e t A 1 9 2 . 1 6 8 . . 1 C l i e n t s w i l l a c c e p t t h i s j u s t h a p p i l y .

SLIDE 23

...backward never

B u t f

r

r e v e r s e l

k

u p :

➔ d

n s ma s q : 1 . . 1 6 8 . 1 9 2 . i n

a

d d r . a r p a A my z

n

e . s i t e . n e t w h i c h me a n s : R e v e r s e L

k

u p ( F

r

w a r d L

k

u p ( n a me ) ) ! = n a me K e r b e r

s

ma y n

t

l i k e t h a t u n l e s s

n

e a d d s rdns = false t

/etc/krb5.conf.

SLIDE 24

dnsmasq setup (1/2)

SLIDE 25

dnsmasq setup (2/2)

SLIDE 26

Questions? Feedback?

P i e t e r H

l

l a n t s

p i e t e r @h

l

l a n t s . c

m

p f h l l n t s