Sun Project Blackbox – Datacenter in a Can

Lots of small companies want to hire an IT department in a can… You know, the ones who hire only one person to run their Linux servers, code their websites, architect their networks, support their users and order more printer toner. It’s a hard job, but it’s pretty common to see them advertised. What I never dreamed I would see is an entire data center in a can… Literally, in a can… Or at least a shipping container, which is really not that far off.

Leave it to Sun though. Not only have they packed an entire datacenter into a shipping container, they have packed a really good datacenter into a shipping container. Complete with integrated power, cooling, fire suppression, cable managment and redundant everything, this little server room-in-a-box has it all. They even showed off how tough it is by putting it through an earthquake!

All told, I really like the idea of my brand new datacenter rolling in on the back of a tractor-trailer truck. It kinda reminds me of the setup the bad guys had in latest Die Hard movie. I just hope nobody buys one and hires only one person to run it.

Setting Up The Automounter Service on RHEL

Mounting filesystems in RHEL is pretty straightforward and easy. Occasionally, however, you will not want the filesystem to remain mounted all the time, but rather to automatically mount for a set period of time only when it is needed. Because of networking overhead, and the general unreliability of networks, NFS mounts are a good example of when this can be especially useful.

In order to manage the automatic mounting and unmounting of filesystems on RHEL, we use the Automounter service. Here is how.

First, The main configuration file is “/etc/auto.master”. It should look something like this:

# $Id: auto.master,v 1.3 2003/09/29 08:22:35 raven Exp $
# Sample auto.master file
# This is an automounter map and it has the following format
# key [ -mount-options-separated-by-comma ] location
# For details of the format look at autofs(5).
#/misc  /etc/auto.misc --timeout=60
#/misc  /etc/auto.misc
#/net   /etc/

Let’s assume that we want to set up an NFS mount on “/misc/backups”. We would first create an entry in this file that looks something like this:

/misc   /etc/auto.misc --timeout=120

This tells the autofs service that we want to use it to manage mounts from within “/misc”, that the configuration file is “/etc/auto.misc”, and that it should disconnect after 2 minuets of inactivity.

Now, let’s edit the “/etc/auto.misc” file. The file has three columns: the mount point from within the /misc directory, the options for mounting the filesystem, and the filesystem to be mounted. It also includes the remote server’s name since we are using NFS. It should look something like this when you are done:

# $Id: auto.misc,v 1.2 2003/09/29 08:22:35 raven Exp $
# This is an automounter map and it has the following format
# key [ -mount-options-separated-by-comma ] location
# Details may be found in the autofs(5) manpage

cd              -fstype=iso9660,ro,nosuid,nodev :/dev/cdrom
backups         -rw,soft,intr remoteservername:/path/to/nfs/export

# the following entries are samples to pique your imagination
#linux          -ro,soft,intr 
#boot           -fstype=ext2            :/dev/hda1
#floppy         -fstype=auto            :/dev/fd0
#floppy         -fstype=ext2            :/dev/fd0
#e2floppy       -fstype=ext2            :/dev/fd0
#jaz            -fstype=ext2            :/dev/sdc1
#removable      -fstype=ext2            :/dev/hdd

Next, we create the directory for the mount point in /misc:

# mkdir /misc/backups

And finally we restart the autofs service:

# service autofs restart

That should pretty much do it. If you don’t have autofs configured to start up, you can use chkconfig to enable it. “/misc/backups” will now be mounted whenever a user or process attempts to access data on it, and it will be automatically disconnected after 120 seconds of inactivity. Last, but not least, you can always confirm that it is running with the “service” command:

# service autofs status

As always, change the details to match your own requirements.

Controlling Services With chkconfig

Many system 5 UNIX variants use scripts in the /etc/rcN.d/ directories to control which services should be started in the various runlevels. If, for instance, you wanted the secure shell daemon to run in runlevel 4, you would put a script named something like “S55sshd” in “/etc/rc4.d”. This script would usually accept the “start” “stop” and “restart” arguments, as well as the commands to perform these functions. When the system came up, it would execute “/etc/rc4.d/S55sshd start” when it transitioned into runlevel 4. On the way down, it would execute “/etc/rc4.d/S55sshd stop” as the system passed from runlevel 4 to runlevel 3. If you had made some changes to the sshd configuration file, and wanted to restart the service, you could manually execute “/etc/rc3.d/sshd restart” to kill and then restart the daemon.

Since this model involved having multiple copies of the same script in many different directories, Linux and others have adopted the standard of putting all service control scripts in “/etc/init.d/”, and using symbolic links to these scripts in the various “/etc/rcN.d/” directories. This allowed for the SGI IRIX innovation of the “chkconfig” command, which is command line tool that manages the symbolic links for you.

How to use “chkconfig” in Red Hat Enterprise Linux:

First, all your service control scripts need to be in the “/etc/init.d/” directory. They should reflect the name of the service they control. In our example, the file is named /etc/init.d/sshd”.

Secondly, they have a tag at the head of the script that looks something like this so that “chkconfig” understands that it can controll it:

# Basic support for IRIX style chkconfig
# chkconfig: 2345 55 25
# description: Manages the services you are controlling with the chkconfig command

The first set of numbers “2345” is are the default runlevels for the service, and “55” and “25” represent the name of the “S” and “K” symbolic links, and the order in which the service will be started and stopped in the respective runlevel. You will need to change these last two numbers, making them unique.

Once these requirements are met, using the command is fairly simple. When we go into /etc/rc3.d, we see a file called “S55sshd”.

[root@calvin rc2.d]# cd /etc/rc3.d
[root@calvin rc2.d]# ls -al S55sshd
lrwxrwxrwx 1 root root 14 Nov 15 15:10 S55sshd -> ../init.d/sshd

We see this file is a symbolic link to “../init.d/sshd”. Let’s run the “chkconfig” command to turn sshd off.

[root@calvin init.d]# /sbin/chkconfig sshd off
[root@calvin init.d]# /sbin/chkconfig --list sshd
sshd 0:off 1:off 2:off 3:off 4:off 5:off 6:off

chkconfig --list sshd confirms that sshd has been disabled in all runlevels, and the symbolic link has been removed from all “/etc/rcN.d/” directories.

Let’s turn sshd back on:

[root@calvin init.d]# /sbin/chkconfig sshd on
[root@calvin rc2.d]# /sbin/chkconfig --list sshd
sshd 0:off 1:off 2:on 3:on 4:on 5:on 6:off

chkconfig --list sshd confirms that sshd has now been enabled in runlevels 2, 3, 4 and 5, and we see s symbolic link to “/etc/init.d/sshd” named “S55sshd” in “/etc/rc2.d/”, “/etc/rc3.d/”, “/etc/rc4.d/” and “/etc/rc5.d/”.

Let’s imagine now that we only want sshd to be enabled in runlevel 5. We run the following command to accomplish this:

[root@calvin rc2.d]# /sbin/chkconfig sshd --level 234 off
cd /etc/[root@calvin rc2.d]# /sbin/chkconfig --list sshd
sshd 0:off 1:off 2:off 3:off 4:off 5:on 6:off

chkconfig --list sshd confirms that sshd has been disabled in all runlevels except 5, and the “S55sshd” has been removed from “/etc/rc2.d/”, “/etc/rc3.d/” and “/etc/rc4.d/”.

There is, of course, more to it, but this should get you well on your way to happily managing your system services with “chkconfig”.