| 1 |
Sébastien Arnaud wrote: |
| 2 |
> I have started to "pour" more Gentoo Linux based server in a datacenter |
| 3 |
> over the past year, I lost control 3 times of remote servers. One of |
| 4 |
> them was after a hard reboot and filesystem check which required to |
| 5 |
> press a key on the physical machine, |
| 6 |
|
| 7 |
This is controlled by your fstab, the last column change to a 0 This |
| 8 |
will stop fsck from running on boot, but can make recovering a partition |
| 9 |
trickey depending on how you have your disk sliced. This is where the |
| 10 |
old school argument of multiple partitions comes into play, to each |
| 11 |
their own though so don't flame me for mentioning it. |
| 12 |
|
| 13 |
and the two remaining ones were |
| 14 |
> linked to SSH terminating the connection after running some updates. |
| 15 |
> So, I wanted to get some advice on how you all handle keeping control of |
| 16 |
> your remote Gentoo servers, and for instance how to keep SSH running at |
| 17 |
> all costs. |
| 18 |
|
| 19 |
I would probably write a quick and dirty bash script to cron and check |
| 20 |
it. Also, you could possibly get tricky with a nagios style plugin and |
| 21 |
actually check the connection and not just a running process. |
| 22 |
|
| 23 |
There may be something out there that does this. SIM may have something |
| 24 |
in it, I can't recall if sshd was in the default checklist or not. I |
| 25 |
usually just sit down and hack something out when needed. |
| 26 |
|
| 27 |
Yet another possiblity is running a back door for yourself, a seperate |
| 28 |
sshd on another port. But, I probably wouldn't go this far. One more |
| 29 |
thing to maintain and watch. |
| 30 |
|
| 31 |
You could also create a new service through xinetd that resets sshd very |
| 32 |
easily. Just make sure you lock it down to a trusted host ;) |
| 33 |
|
| 34 |
Get creative, the more I think about it the more ways come to mind. |
| 35 |
|
| 36 |
|
| 37 |
> I have seen in different FAQs that running a serial cable to each server |
| 38 |
> and using a SSH serial console switch is a good idea, but I am having |
| 39 |
> trouble finding something cheap in this arena. |
| 40 |
|
| 41 |
This is a PITA IMHO (having to manage hundreds of machines in a DC myself) |
| 42 |
|
| 43 |
KVM over IP is another solution, but costly and a PITA to maintain the |
| 44 |
cabling over time on larger networks. |
| 45 |
|
| 46 |
Also, how much better is |
| 47 |
> it in terms of reliability in case something goes really wrong with the |
| 48 |
> server? FYI, all the servers are plugged into a remote APC reboot switch |
| 49 |
> but I almost never use this, as many times it ends up invalidating the |
| 50 |
> filesystem and therefore requiring a physical intervention at the |
| 51 |
> keyboard. Anyway around this problem as well? |
| 52 |
|
| 53 |
Changing the fstab will help with this somewhat. It runs for a reason, |
| 54 |
but sometimes getting it up matters most. |
| 55 |
|
| 56 |
Just my opinions, |
| 57 |
Rob |
Archives