Fresh Install Questions

Hi,

Once I’ve finished the file system backup, I will be formatting our works server which is currently running OpenSUSE 13.2 and installing a fresh version of LEAP 15.1. However, I need a little clarification / advice on a few issues.

Our current OpenSUSE 13.2 server is predominately used for running Samba shared drives across our LAN. These shared drives can also be accessed via FTP from remote locations. As well as Samba, we also run a LAMP configuration for a small business website, ftp, ssh etc.

The current OpenSUSE 13.2 installation runs no desktop, just the shell command. Reason being… I was always under the impression that a desktop or GUI would slow the server down? However, I’m now coming around to the idea of using the desktop, simply for ease of software installation, updates, server management etc.

Given I’m a mechanical engineer by trade, and the business owner, being the only one who manages the server and knows a very limited amount of shell commands, what avenue would you recommend I go down in terms of installation type? With or without a desktop? I want something easy to use, reliable, secure and up to date with minimal work. If I were to install the desktop, is there a way to close it down back to the command prompt when its not been used? Bearing in mind the server can go months without a screen, keyboard and mouse plugged in.

The current installation uses a RAID 5 config and when I originally set the server up, it wasn’t intended to become such a critical part of the business. 5 years down the line and I can safely say if it ever become corrupt or we lost the information we’d be in a bad bad place! I was thinking of using Rsync or Grsync (if I use a desktop) to easily backup the file systems automatically to an external hard drive. Would this be something easily achievable using LEAP with desktop?

Any advice appreciated.
Many thanks,
Jim

I’m going to answer more or less in the reverse order of the questions you asked because some topics are more basic than others so should be considered first.

If you fee comortable deployed on RAID5, do the same.
You didn’t say iif that’s hardware or software RAID, of course in nearly all cases hardware RAID is preferable to software RAID, but you should either have an extra disk controller on hand or know where you can get an exact same if you need it.

If you install software RAID, BTRFS RAID is still a somewhat new technology, although you probably wouldn’t have any problems with very few disks, I’d still recommend setting up EXT4 using the “Guided Setup” on the screen where you configure your Disk Layout because you’re building for a Business deployment.

Regarding RAID and rsync solutions, those address very different needs and shouldn’t replace each other. RAID is not a backup solution, it only protects against disk hardware failure. Backups like what you might get with rsync, tar and various applications addresses completely different failures related to software malfunction due to human error application error, system mis-configuration,compromise, and many other possibilities. So, you absolutely do backups, and replicate copies of anything important but that does not mean that you might skip fault tolerance like implementing RAID.

Regarding your decision about graphic Desktop installed,
The traditional thought is that text-only, command line only machines use less less machine resources.
That’s true compared to common Desktops Users install like KDE and Gnome, but after careful testing I’ve found that if you run only a Window Manager, the resources used is hardly any different than a text-only machine.
The other common reason for not installing a graphical Desktop is to lessen attack surface exposed to hackers and malware, and that’s still a valid reason to not install a Desktop but the consequences are harder for a User to evaluate. My personal recommendation is to not be overly afraid of deploying a Desktop but continue to do “Best Practices” maintenance, particularly by enabling automatic updates hardening your configurations and monitor your system regularly. The convenience of using a web browser for some tasks can also be useful. Whether you install a Desktop or not has no effect on your use of YaST to modify your system, versions of YaST can run in command line as well as graphical Desktop environments.

Possibly the biggest change to re-building SAMBA will be that both server and clients have been set up to use SAMBA v1 which was made obsolete many years ago due to various vulnerabilities, perhaps the greatest is exposure to ransomware. More current openSUSE conforms with the rest of the world enforcing SMB v2 which will likely mean some changes on your client machines as well.

YaST will make setting up LAMP, FTP, ssh and more pretty much the same as on 13.2.

If your machine was originally built by someone else but you’re considering building and maintaining your own machine that you spend some time to do some dry run testing and learning, you may even want to consider learning about virtualization which has a fairly easy to learn and would have major effect giving you new and easy options for long term maintenance and backups.

TSU

My personal opinion about having a desktop on a system that basicaly only runs service programs is:

On such a system one normaly does not log in at all very much. Normal maintenance like backups and cleaning old files is done through automated (cron) jobs, etc. Thus one only logs in for e.g. software installs/updates and probably changes in configuration, which in may cases is restricted to say once a week or similar.

When one does not need GUI tools for those tasks (or when having a GUI does improve the way doing maintenance enough to love to want it), why use the GUI or even install it?

When you have a case for using he GUI from time to time, one can still run the system in run level 3 as standard, just switch to run level 5 when doing that particular maintenance.

When one does not want to change the run level every tieme (e.g. when the GUI usage is more frequent), as long as there is no login the only overhead is the display manager running. Not realy killing IMHO.

When being loged in, the overhead is more of course, but choosing a more mundane DE then KDE/Gnome (or no DE at all, just X) may help restricting overhead. Also not starting mail programs, browsers, etc. (who needs them on such a system) turns down the overhead. And not installing those may even improve security because a system maintainer can then not use them by incident.

Just a few ideas about the subject, but it depends very much on your system, it’s use, it’s environment, the knowledge level of the people involved, etc, etc.

FWIW: A friend who’s slightly dyslectic found the best way for him was to

  • Install openSUSE Leap 15.1 with KDE desktop ( that he runs on his laptop as well )
  • Install the necessary server software ( LAMP, Samba, NFS ) and configure them using YaST’s modules
  • After finishing, set the default to multi-user.target ( i.e. no X, no desktop

Whenever he needs to add / modify services, he goes to the graphical.target, does what he has to do, then goes back. I showed him that YaST does have it’s ncurses version, but he states that makes it harder for him.

Thanks for the replies.

Knurpht… is that basically opening KDE desktop when its needed, then closing it down to be left with the text console once finished? From here he can do the usual SSH login etc? If so, I never thought of doing it that way.

The server is a HP ProLiant ML350 Gen 6 with hardware RAID 5 configured. I’ll be sticking with this 100%, but with a reformat first. I have a few spare disks ready if ever one failed. Although in the last 5 years I’ve only had 1 go bad.

Sorry Tsu2, I probably didn’t explain myself very well. I understand the differences between RAID and rsync and have no intention of using just one. I’ll be sticking with both.

After reading the comments, and doing my own research I’m leaning more towards sticking with the command shell. Yast and web based programs like Webmin make server admin much easier these days. On that note, can anyone recommend a better alternative to Webmin? Or is it possible to use Yast through a web browser from a remote machine?

A few remarks (may be explaining better what has said above by Knurpht and me):

  • you can use YaST from the console (the co called ncurses interface) and thus have the help of YaST without needing X.
  • Switching between the default (for your system) multi-user.target (runlevel 3) and graphical.target (runlevel 5) when needed was advised by both Knurpht and me.
  • When using X (graphical.target/runlevel 5) either always or only when needed, you do not need a heavy DE like KDE. You could use a lighter one.