Disclaimer: I hope that this is the right mailing list, but I really wanted to reach developers would can say if it's feasible and what to use for that.
Anyway, I was fighting the usual problems with networks and came up with the following dream to make my life easier as a network admin. Basically I am tired of fixing things, of worrying if a hard disk will die, of having to deal with data access, backup etc...
I was thinking this through by looking at how most of my coworkers, friends, and small offices use their PCs in day-to-day operations and applying that work flow to a solution.
Before, somebody screams, this means little or moderate daily data generation so that, basically, a laptop drive could hold the entire company's data. (This may require email-purge rules and other things like that).
Anyway here it is: Basically, I suggest that (almost) all PCs in the network be laptops with the exact same image. Furthermore, they replicate their HD continuously (with possibly some delay). This certainly applies to the user data and application. It may not be necessary for the OS
I am not sure of the technology to use here, but I thought something deriving from the P-to-P technology, some distributed file system, some database replication technology or even freenet could be a good base. Since every laptop will contain ALL the data for the whole network, every laptop uses hardware encryption at the hard disk level using an external dongle/card/whatever to limit the risk when a laptop is lost or stolen.
Additionally, every login ALSO uses a dongle/card for access to their account. This makes it (almost) impossible for somebody stealing a laptop to get access to the whole data. Additionally, it makes it (alomst) impossible for somebody to fet to other people's data. If a system dies, you just get a new one and sync it up. However, one main idea is that you always have EVERYTHING you need right where you are, no matter WHERE you are. Also, there is no UPS to worry about. Communication between PCs could be implemented using VPN/IPSec or whatever other protected mechanism. Internet access would have to be "sandboxed", but UNIX based OSes allow for that easily. That's the gist of it. A lot of things can be configured in many ways, but the whole point here is to simplify people's life.
Look at it from a disaster recovery: a lot of people bring their laptop home. Even if the company's building burns down as well as a few employees homes, one surviving laptop is enough to bring the business back online.
Pros: * seamless company disaster recovery * seamless personal computer loss recovery (you lose everything since the last sync) * you can use ANY laptop and find YOUR own environment and files * no central server/single point of failure * no UPS except for the internet firewall (this comes from the PCs being laptops)
Cons: * sync across a lot of PCs might be tricky and needs to be tuned. Maybe randonly select one as master like the SMB Master browser election works? * each laptop needs to have enough space for the whole company's data * maybe not appropriate for disk intensive applications (video capture...)
I wanted to post it here for other people to use if they think it's a good idea. (and also to preempt any proprietary company from saying "me first")
It seems that Windows Vista is coming with some automatic synchronization across two PCs so, that's one step towards it, but we have different goals.
I posted this somewhere and somebody pointed me toward stateless linux and it seems pretty cool and close to what I was thinking of. I'll look smoe more into it, but does anybody see this as useful for VERY SMALL networks? (I already got bashed by enterprise admins sneernig at people who don't want a rack server, so if that's your intent, just reply "me too").
Feel free to comment (I know people will).
Nick
(I had been trying to send this email without much success. Sorry if you got it twice)
I hope that this is the right mailing list, but I really wanted to reach developers would can say if it's feasible and what to use for that.
Anyway, I was fighting the usual problems with networks and came up with the following idea (pipe dream?) to make my life easier as a network admin. Basically I am tired of fixing things, of worrying if a hard disk will die, of having to deal with data access, backup etc...
I was thinking this through by looking at how most of my coworkers, friends, and small offices use their PCs in day-to-day operations and applying that work flow to a solution.
Before, somebody screams, this means little or moderate daily data generation so that, basically, a laptop drive could hold the entire company's data. (This may require email-purge rules and other things like that).
Anyway here it is: Basically, I suggest that (almost) all PCs in the network be laptops with the exact same image. Furthermore, they replicate their HD continuously (with possibly some delay). This certainly applies to the user data and application. It may not be necessary for the OS
I am not sure of the technology to use here, but I thought something deriving from the P-to-P technology, some distributed file system, some database replication technology or even freenet could be a good base. Since every laptop will contain ALL the data for the whole network, every laptop uses hardware encryption at the hard disk level using an external dongle/card/whatever to limit the risk when a laptop is lost or stolen.
Additionally, every login ALSO uses a dongle/card for access to their account. This makes it (almost) impossible for somebody stealing a laptop to get access to the whole data. Additionally, it makes it (alomst) impossible for somebody to fet to other people's data. If a system dies, you just get a new one and sync it up. However, one main idea is that you always have EVERYTHING you need right where you are, no matter WHERE you are. Also, there is no UPS to worry about. Communication between PCs could be implemented using VPN/IPSec or whatever other protected mechanism. Internet access would have to be "sandboxed", but UNIX based OSes allow for that easily. That's the gist of it. A lot of things can be configured in many ways, but the whole point here is to simplify people's life.
Look at it from a disaster recovery: a lot of people bring their laptop home. Even if the company's building burns down as well as a few employees homes, one surviving laptop is enough to bring the business back online.
Pros: * seamless company disaster recovery * seamless personal computer loss recovery (you lose everything since the last sync) * you can use ANY laptop and find YOUR own environment and files * no central server/single point of failure * no UPS except for the internet firewall (this comes from the PCs being laptops)
Cons: * sync across a lot of PCs might be tricky and needs to be tuned. Maybe randonly select one as master like the SMB Master browser election works? * each laptop needs to have enough space for the whole company's data * maybe not appropriate for disk intensive applications (video capture...)
I wanted to post it here for other people to use if they think it's a good idea. (and also to preempt any proprietary company from saying "me first")
It seems that Windows Vista is coming with some automatic synchronization across two PCs so, that's one step towards it, but we have different goals.
I posted this somewhere and somebody pointed me toward stateless linux and it seems pretty cool and close to what I was thinking of. I'll look some more into it, but does anybody see this as useful for VERY SMALL networks? (I already got bashed by enterprise admins sneering at people who don't want a rack server, so if that's your intent, just reply "me too").
Feel free to comment.
Nick
On Thu, 2006-02-23 at 10:09 -0600, Nic wrote:
(I had been trying to send this email without much success. Sorry if you got it twice)
I hope that this is the right mailing list, but I really wanted to reach developers would can say if it's feasible and what to use for that.
Not sure if this is or is not on-topic, but it's worth at least one answer to the security issue. The rest is technically feasible using rsync and some automation.
Additionally, every login ALSO uses a dongle/card for access to their account. This makes it (almost) impossible for somebody stealing a laptop to get access to the whole data.
Stolen or lost laptops are a real concern. If someone has physical access to the hard drive, the determination, and sufficient resources, it is only a matter of time until they get the data off it.
- Karsten
devel@lists.stg.fedoraproject.org