Thursday, February 3, 2011

Building a Small Office Simuation Server

I'm trying to set up a little "Small Office" scenario on a bunch of VMs to experiment with actually being in IT, sort of a testing grounds to try out different things. I would like to have these based on Linux if at all possible... The users would (probably) be running Windows 7.

To start up a basic small office server I would need: - Domain Controller
- File Server
- User Account Server
- DHCP / DNS Server
- Jabber / IRC / Mail Server)
- Ticket Tracker
- Image Backup and Maintenance

Would there be anything else I am missing?

Which tools are best to suit this scenario? I hear webmin is great for maintaining it (aside form the actual command line) and with samba I could setup the file server, Kerberos / Samba for user authentication and login, Linux as a DHCP / DNS Server, not really sure what I could use for the jabber / irc / mail servers, ticket tracker (no idea!), and for image backup and maintenance I could use Amanda Open Source Backup...

I'm just trying to get together the best tools for the job, and what I'd imagine a typical business environment would need...

Another thing I'm looking at is, virtualization. It would be best to store all of these in separate VMs to isolate them in case something wrong awfully wrong / gets hacked, right? What about fault tolerance, how can I specify more than one authentication / DHCP / mail server? I assume all that would either be done on the client, or the domain controller? Would it be a good idea virtualizing file server due to the hit in I/O if the HDDs are on that same machine? Would it be easier to simply do software RAID?

So many questions buzzing around in my head :P If anyone could answer them, I would be grateful, thanks!

  • If you have the hardware for it, I'd recommend using VMWare ESXi to host the VMs - you'll need a supported hardware RAID controller, but the OS overhead is incredibly small. It also lets you allocate resources to each VM, create snapshots, etc.

    dnsmasq is good for DNS/DHCP (lots of routers use it), Zimbra is a decent mail system (now owned by VMWare), and RT is a decent ticket system. I'm not sure how Samba fares with Windows 7; you may be better off with Windows 2008 Server.

    Chris : Well, the reason I didn't want to use Server 2008 R2 was to keep the cost down, plus I'd rather work on Linux systems to begin with.
    phuzion : If you plan on working in IT, a Technet subscription might be something to look into in the future. Although I do admit, it would be much nicer if everyone worked with Linux, sometimes the truth is quite the opposite. I've got 80+ boxes at my place of employment, 1 of which runs linux. And it's our firewall.
    From Andrew
  • You are way too granular.

    • Domain Controller
    • File Server
    • User Account Server
    • DHCP / DNS Server

    All that is ONE server. Seriously - using Windows all those are OS roles, there is nothing against installing them on one server. Especially as most are not using any load / memory worth mentioning.

    Now, the question is what you want to learn. Using Linux is great - avoids some overhead, small. But totally useless in pretty much 80% of the real businesses which somehow do rely on windows. I never was so far in a business where I was put in front of a Linux based workstation.

    It would be best to store all of these in separate VMs to isolate them in case something wrong awfully wrong / gets hacked, right?

    No. Too much overhead and work. I am a big fan for virtualization, but I would not isolate my office DHCP / DNS server from a domain controller etc. - simply not worth the effort in the real world, especially office side (something else for internet facing DNS).

    Would it be a good idea virtualizing file server due to the hit in I/O if the HDDs are on that same machine?

    Hardly. FIrst, a file server in a small office normally has no IO worth mentioning - small office != many people using it, it basically does nothing most of the time.

    Second, even IF it does a lot - get more discs.

    I have one core machine here in the office running:

    • Windows
    • Domain Controller, DNS, DHCP for my office
    • File server
    • Hyper-V role for virtualizaation (becuase I do virtualize out "larger" stuff).

    Incidentally enough it has 8 discs on a hardware RAID - the file server section serves files from a 4x500gb RAID 5.

    See, there is nothing requiring a split here. Nothing.

    and with samba I could setup the file server, Kerberos / Samba for user authentication and login, Linux as a DHCP / DNS Server

    Your goal is what? Learning - great. Getting usable skills - how do you transfer that to a real windows environment? If you want to learn, rather learn with the stuff your employees / customers will use, you know.

    John Gardeniers : While those functions could be installed onto the one server it goes against Microsoft's own recommendations and common sense. That's one heck of a security issue and is extremely bad advice to give to someone wanting to learn. Let's teach GOOD habits, not bad ones.
    TomTom : Yeah. Especially with the cost of a virtual machine licensing wise, as well as the significant overhead. For a small business. Gotcha. Common sense in your world is wasting funds. Gratulations. American Philosophy (as much debt as one can have)?
    Chris : Many Virtualization products are free, I just don't see the point in having a single point of failure?
    TomTom : Yes, but the licenses for the windows machiens are not free. I suggest reading up on them. THe overhead for a VM is also not zero - and if you start cluttering your environment like you do.... Plus - single point of failure? Server fails = vm fail. Get real. And a small business will NOT have a cluster.
    Zoredache : @TomTom, if the purpose of this was for testing/evaluation only then a simple technet license would provide more then enough licences for separate VMs. OTOH, I agree there really isn't enough reason to separate them for a small install
    Chris : It still just seems like I'm shooting myself in the foot by only having a single instance of each running all on the same OS it just seems like a call for a disaster! Is it really ok just to have them all run on the same machine / OS? Even Windows disagrees with this method...
    TomTom : Theoretically yes, but then a SMALL OFFICE means that paying for two machines is - sorry - not in the budget. If the computer fials, it gets repaired. This is not a desaster if the downtime is limited (a day). Otherwise.... redundancy is good (but even then this can mean only another hardware ready), but it makes things too complicated for most small offices. I have yet to see a small office with 2 servers.
    From TomTom
  • If you're setting this up for a small office then go with something like Ebox. There's no point in doing all the setup and management yourself if you don't need to. There are some restrictions, if you're wanting to do anything which the Ebox gui doesn't support then you'll have problems, but in general it supports the basic setup a small office would need.

    If you're doing this to learn Linux then get yourself some Ubuntu Server or Fedora machines installed in Virtualbox and just start playing. By using any gui, be it Webmin or Ebox or something else, you're not actually learning Linux you're just learning a new gui.

    How you virtualise in the real environment will depend on the size of your organisation. If you're small then you can probably just keep everything on the one virtual box, but you'll still benefit from being able to image it to test upgrades and the ease of porting it to another physical box if you start having hardware trouble.

    You might consider hosting your jabber server and mail server on external boxes since it'll improve connectivity to the outside world, but then internal communications do go down when your office loses internet connection. Likewise with ticketing, you possibly don't want it on the same box as your main server because then nobody can file tickets when your main server is completely down; though if you main server is completely down then you probably have more to worry about then broken printers.

    From kaerast
  • If you are looking for a beginning into the world of Windows Server, it may be worth looking at Microsoft's small buisness server. It provides: Domain Controller, DHCP/DNS, File serving, Exchange (Microsoft's Email Server) and much more all under one package. - The OS is heavily wizzard driven to make tasks simpler. I'm a windows server tech so I couldnt tell you too much about *nix systems. Hope this helps some.

    symcbean : Buts sooooo expensive, keeps falling over and is virtually impossible to automate :(
    TomTom : So what? Still what people use. It is IIRC EOL, too, btw :)
    James : I dont see any need to -1! The answer isnt offtopic and is a valid suggestion. I look after literally 40+ SBS2008 networks which do not fall over. I Think the pricing is reasonable for small office enviroments, however anything compared to linux enviroments is going to be expensive.
    From James
  • I'd recommend having a look at something like GoSA for directory services rtather than starting with local authentication then trying to hack into a more scalable solution later.

    What about

    • Printer server

    • Email server (with AV/Spam checking)

    • Internet Proxy

    • VPN support for remote access and branch offices

    Personally I'd go for a database server (with ODBC access - postgreSQL?) and a Wiki too.

    It would be best to store all of these in separate VMs to isolate them in case something wrong awfully wrong / gets hacked, right?

    No - you're not really improving security greatly by doing this. And there is a performance cost.

    What about fault tolerance, how can I specify more than one authentication / DHCP / mail server?

    Question is a bit vague but LVS is probably the answer.

    Would it be a good idea virtualizing file server due to the hit in I/O if the HDDs are on that same machine?

    Not a big impact - as long as you implement any software raid/volume management on the host box rather than the virtual box.

    C.

    From symcbean

0 comments:

Post a Comment