User:Asamaras/Fedora Success stories: Difference between revisions

Introduction

In this page you can find successful and not-so-successful stories than involve some (or many) Fedora Releases. The stories are written by the users and administrators themselves in respect to the Fedora’s way.

Sunshine in my world

Under this section you will find the successful ones. In some cases you will find detailed methodology while in other stories emphasize to the result itself. Let’s get started!

Fedora 1 and 3 Route

This story is about the “useless and outdated hardware” that can still be of use.

Back then Fedora was taking it first steps. I also was an “absolute beginner” in the administration world.

The quest was to create a router that would support 75 PCs divided into 3 networks enabling on-demand re-configuration.

Network Layout:

Room A:

• 30 PCs running Windows 2000 Professional, 1GB RAM, 80 GB HDD.
• 1 Network Laser Printer
• 3 Stand-by Ethernet connections for laptops
• 2 CISCO 2950 24p 10/100 switches with uplink
• Some bad switch ports
• Connectivity to main switches via 1000 Ethernet

Room B:

• 30 PCs running Windows 2000 Professional, 1GB RAM, 80 GB HDD.
• 2 Network Laser Printer
• 3 Stand-by Ethernet connections for laptops
• 3 Stand-by Administrative/Service/Technician Ethernet outlets
• 2 CISCO 2950 24p 10/100 switches with uplink
• Connectivity to main switches via 1000 Ethernet

Servers :

• 1 Server Xeon based with 4 GB RAM and a few SCSI HDDs, Windows 2003, part of Active Domain, backup DHCP server
• 1 Server Xeon based with 4GB RAM/500 GB HDD acting as Global Catalog, DHCP server, WINS server
• 1 PC Pentium III with 786 MB RAM and 40 GB HDD running Fedora

Office / Administration

• 4 Pentium 4/4GB RAM/250 GB HDD/Windows XP Proffesional boxes
• 1 Network Laser Printer
• 1 3COM Gigabit switch
• 1 Intel 8p switch
• 1 CISCO 2950 switch

User Requirements

• All the terminals (PCs) in the Rooms A & B should have Internet Access during free hours.
• All the users should be able to print out (later a limit was set to # of pages per user per day)
• All the servers should have access to updates and antivirus database updates.
• All the Administrative stations should have access to all the terminals
• All the users should have an account in the Active Directory, Personal Storage and a Roaming Profile
• During some classes the terminal PCs should have restricted access to specific extranet servers outside of LAN
• During some classes the terminals should not have any access to any server outside of the LAN
• During some classes and some exams the terminals should have access to specific servers and specific ports, no other network traffic is to be allowed
• The services of Active Directory should be available 24/7

The solution that I have worked out was to take a P4 box that was running Fedora 1, add 2 more NICs and use it as a router.

To get the job done, it was pretty simple to implement basic routing so I went through Fedora‘s documentation and got basic routing up and running within the day.

Now we were able to control the traffic to internet and decide whether to allow or disallow it.

According to the User Requirement Document (URD) that we put up in the first place, we had to be able to filter certain packages.

So I start searching through the internet to find something like layer 7 router. Downloaded some of them and tried to configure and use them.

Eventually I install and configure a pretty straight forward firewall script based on IPTables (I think it was arno’s script http://rocky.eld.leidenuniv.nl/joomla/) that was readable and configurable.

This script supported the entire above mentioned and promised to deliver Layer 7 functionality in the future. Since there was no clear demand for Layer 7, the script simply was fitting the needs.

The infrastructure was based on a static public IP directly connected to back-bone. The configuration went smoothly and after a couple of phone calls to software houses about needed open ports and other similar information that usually it is almost impossible to get, voila, the router/firewall was in place.

For a period of 6 months I was monitoring the attacks and the outgoing traffic as well as the CPU & RAM utilization, and finally I put up a small web server that was hosting a couple of pages as a backup. Still I had plenty of resources. The only issue was that I had to deactivate graphical login, but on the other hand who needs a graphical login to a router?

After a period of about 2 years, we upgrade the distribution to Fedora 3 (again without X) and since then the same box supported the network for 3 years more until more funds were available to get a CISCO solution (that cost more than 10 P4 boxes).

--A.E.S. 19:15, 23 November 2009 (UTC)

Fedora Helping Windows

Again I will refer to the same organization but this time it is more or less a bit complicated.

All system administrators that use Windows Server family at some point of their career have faced an ugly situation when a Domain Controller fails.

Usually to avoid that, additional hardware is required plus a license for the operating system.

According to a well known law “If something can go wrong it will” and I add “in the worst possible way at the worst possible moment”.

After having a couple of weekends spend to setup an Active Directory and two servers configured as Domain Controllers under Windows 2003, the lab was up and running again.

Groups / Users / Shares / Roaming profiles/ Personal Space all setup and available.

Plus I got a new dual Xeon 4GB / 250GB HDD/ dual Gigabit Ethernet server in my hands that were a spare at the time.

At the same time Fedora just release version 4, so I thought it would be nice to try a native 64 bit operating system.

I install it and updated the system to the latest packages. The initial thought was to create an additional web and mail server, but it was the time for virtualization.

I tried to use XEN and failed, basically due to the limited time I had, so turned to VMware server.

After about 3 hours VMware was up and running. It took me about 2 days to install and configure a Windows 2003 virtual machine that was acting as an additional controller to my AD (by then I had something like 50 Groups and about 2000 named users).

You can figure out the rest:

Problem: Domain Controller A fails, shortly after the Hard Drive of Domain Controller B also fails.

Time: During electronic exams that took place in both of the computer rooms.

Actions taken:

1. Panic attack (?)
2. Promote the virtual machine to Global Catalog
3. Boot Server A from CD and re-install Windows
4. Take out a spare HDD and re-install Server B from scratch

Result:

As soon as the “old” Global Catalog Master (Server A) came up; it synchronized with the VM, so all the Active Directory was saved.

Now Server B had also been the storage server and the HDD that failed was the one that stored Personal Folders (not the profiles but some private network storage). These files were lost.

But finally all went well, the exams continued for about 8 hours while I was reviving Server A. Server B took a bit longer (about 1 day worth of work) since all the home folders had to be re-created, oh yes, did I mention that the tape backup also failed….

--A.E.S. 19:46, 23 November 2009 (UTC)

It's a Blue Monday

Here are the stories of worries.

We hope that through this section you can gain knowledge to avoid the possible issues.

Be sure that Fedora Community will help you and guide you to convert them from trouble to success.