[debian-edu-commits] [Debian Wiki] Update of "DebianEdu/Documentation/Stretch/Architecture" by HolgerLevsen
Debian Wiki
wiki at debian.org
Sat Dec 3 16:17:52 UTC 2016
Dear Wiki user,
You have subscribed to a wiki page or wiki category on "Debian Wiki" for change notification.
The "DebianEdu/Documentation/Stretch/Architecture" page has been changed by HolgerLevsen:
https://wiki.debian.org/DebianEdu/Documentation/Stretch/Architecture?action=diff&rev1=3&rev2=4
Comment:
more changes due to renaming Thin-Client-Server to LTSP-Server (see #588510)
{{attachment:Debian_Edu_Network_Stretch.png|The Debian Edu network topology|width=1024}}
- The figure is a sketch of the assumed network topology. The default setup of a Skolelinux network assumes that there is one (and only one) main-server, while allowing the inclusion of both normal workstations and thin-client-servers (with associated thin-clients and/or diskless workstations). The number of workstations can be as large or small as you want (starting from none to a lot). The same goes for the thin-client servers, each of which is on a separate network so that the traffic between the clients and the thin-client server doesn't affect the rest of the network services.
+ The figure is a sketch of the assumed network topology. The default setup of a Skolelinux network assumes that there is one (and only one) main-server, while allowing the inclusion of both normal workstations and LTSP-servers (with associated thin-clients and/or diskless workstations). The number of workstations can be as large or small as you want (starting from none to a lot). The same goes for the LTSP servers, each of which is on a separate network so that the traffic between the clients and the LTSP server doesn't affect the rest of the network services.
The reason that there can only be one main server in each school network is that the main server provides DHCP, and there can be only one machine doing so in each network. It is possible to move services from the main server to other machines by setting up the service on another machine, and subsequently updating the DNS-configuration, pointing the DNS alias for that service to the right computer.
@@ -55, +55 @@
|| Printing || CUPS || ipp ||
|| Secure Remote Login || OpenSSH || ssh ||
|| Automatic Configuration || Cfengine || cfengine ||
- || Thin Client Server/s || LTSP || ltsp ||
+ || LTSP Server/s || LTSP || ltsp ||
|| Machine and Service Surveillance with Error Reporting, plus Status and History on the Web. Error Reporting by email ||munin, nagios and site-summary || munin, nagios and site-summary ||
Personal files for each user are stored in their home directories, which are made available by the server. Home directories are accessible from all machines, giving users access to the same files regardless of which machine they are using. The server is operating system agnostic, offering access via NFS for Unix clients, SMB for Windows and Macintosh clients.
@@ -66, +66 @@
To increase performance on frequently accessed sites a web proxy that caches files locally (Squid) is used. In conjunction with blocking web-traffic in the router this also enables control of Internet access on individual machines.
- Network configuration on the clients is done automatically using DHCP. Normal clients are allocated IP addresses in the private subnet 10.0.0.0/8, while thin clients are connected to the corresponding thin-client-server via the separate subnet 192.168.0.0/24 (this is to ensure that the network traffic of the thin clients doesn't interfere with the rest of the network services).
+ Network configuration on the clients is done automatically using DHCP. Normal clients are allocated IP addresses in the private subnet 10.0.0.0/8, while thin clients are connected to the corresponding LTSP-server via the separate subnet 192.168.0.0/24 (this is to ensure that the network traffic of the thin clients doesn't interfere with the rest of the network services).
Centralised logging is set up so that all machines send their syslog messages to the server. The syslog service is set up so that it only accepts incoming messages from the local network.
@@ -80, +80 @@
In order to avoid certain problems with NFS, and to make it simpler to debug problems, the different machines need synchronised clocks. To achieve this the Skolelinux server is set up as a local Network Time Protocol (NTP) server, and all workstations and clients are set up to synchronise with the server. The server itself should synchronise its clock via NTP against machines on the Internet, thus ensuring the whole network has the correct time.
- Printers are connected where convenient, either directly onto the main network, or connected to a server, workstation or thin-client-server. Access to printers can be controlled for individual users according to the groups they belong to; this will be achieved by using quota and access control for printers.
+ Printers are connected where convenient, either directly onto the main network, or connected to a server, workstation or LTSP-server. Access to printers can be controlled for individual users according to the groups they belong to; this will be achieved by using quota and access control for printers.
=== LTSP server(s) ===
- A Skolelinux network can have many LTSP servers (which we called "thin client servers" in releases before Stretch), which are installed by selecting the Thin client server profile.
+ A Skolelinux network can have many LTSP servers (which we called "thin client servers" in releases before Stretch), which are installed by selecting the LTSP server profile.
The LTSP servers are set up to receive syslog from thin clients and workstations, and forward these messages to the central syslog recipient.
@@ -124, +124 @@
Only the netinstall image needs access to the Internet during installation.
- The installation should not ask any questions, with the exception of desired language (e.g. Norwegian Bokmål, Nynorsk, Sami) and machine profile (server, workstation, thin client server). All other configuration will be set up automatically with reasonable values, to be changed from a central location by the system administrator subsequent to the installation.
+ The installation should not ask any questions, with the exception of desired language (e.g. Norwegian Bokmål, Nynorsk, Sami) and machine profile (main server, workstation, LTSP server, ...). All other configuration will be set up automatically with reasonable values, to be changed from a central location by the system administrator subsequent to the installation.
=== File system access configuration ===
Each Skolelinux user account is assigned a section of the file system on the file server. This section (home directory) contains the user's configuration files, documents, email and web pages. Some of the files should be set to have read access for other users on the system, some should be readable by everyone on the Internet, and some should not be accessible for reading by anyone but the user.
More information about the debian-edu-commits
mailing list