You cannot have just one network install server

February 8, 2014

Suppose, hypothetically, that you want to install your fleet of machines in the approved modern way, which is through an automated over the network install system. You PXE boot your new server, pick 'install system' from a boot menu (for good reason), and after a while it's all done for you. This sounds great, doesn't it.

So here's a question: how many network install servers do you have?

Your network install server (or servers) is a crucial core resource. If it is down or broken or suffers data loss, you can't install or reinstall any of your regular servers. You can't add any new ones and you can't replace any broken ones. This is obviously a very undesirable situation to be in, especially if you have any non-redundant regular servers (where you only have, say, one mail gateway because after all if it breaks you can network install a replacement in half an hour out of the generic spares pool).

The obvious conclusion is that if your regular install method is network installs, you cannot have just one network install server. You need at least two for redundancy and you're going to want to think about backups (and just as importantly, restores) for all of those install configurations and possibly install data that you need.

(Whether or not you back up things like standard OS packages used in the install process depends in part on how fast you can re-fetch them from the master sources versus how fast you can restore them from your backups and in part on whether re-fetching them will take too long or use up too much of your network bandwidth or both. In some situations you may actually determine that re-fetching them will be faster than a restore.)

Oh, and hopefully it goes without saying that you probably don't want to network install your network install servers. That can easily create a little chicken and egg situation, no matter how tempting it is once you have things going.

(Among other things, consider a new OS release where the network installer for the new release can only be hosted on a machine running the new release.)

Ideally the install servers shouldn't depend on anything that they're used to install, including for things like DNS service. In practice avoiding circular dependencies here might get very irritating and avoiding them may not be worthwhile. After all, if you've lost all redundant copies of, say, your install servers, your DNS servers, and your firewalls, you probably have bigger problems than the fact that you can't recreate your install servers following your usual canned procedures in order to then recreate the DNS servers and the firewalls. You'll likely be improvising a lot more than just the install server installs.

Written on 08 February 2014.
« A followup to what sudo emails to ignore and not ignore
Why I'm not looking at installing OmniOS via Kayak »

Page tools: View Source, Add Comment.
Login: Password:
Atom Syndication: Recent Comments.

Last modified: Sat Feb 8 01:54:20 2014
This dinky wiki is brought to you by the Insane Hackers Guild, Python sub-branch.