*NIX

Jan. 26, 2010, 1:54 a.m.
posted by whitehat

NIS Slave Servers



NIS Slave Servers

NIS relies a lot on broadcast traffic to operate, which prevents you from having an NIS server on a different network from the clients. You can avoid this problem on your local subnet by using slave servers that are configured to automatically synchronize their NIS data with that of the single master server.

You can also consider placing multiple NIS servers on a single subnet for the sake of redundancy. To do this, configure the NIS clients to have multiple NIS servers for the domain in the /etc/yp.conf file.

Configuring NIS Slave Servers

In this scenario, you need to add an NIS slave server named Nisslave (IP address 192.168.1.254) to the NIS-SCHOOL-NETWORK NIS domain. You also must configure the NIS master server, Bigboy, to push its database map information to the slave whenever there is an update. Here are the steps you need:

1.
As you're referring to our servers by their hostnames, you'll have to make sure the names resolve correctly to IP addresses. This can be done either in DNS, when the hosts reside in the same domain, or more simply by editing the /etc/hosts files on both servers as seen in Figure.

Figure NIS Master and Slave /etc/hosts Files

Master (Bigboy)

Slave (nisslave)

#

#

# File: /etc/hosts (Bigboy)

# File: /etc/hosts (Nisslave)

#

#

192.168.1.254 nisslave

192.168.1.100 bigboy


2.
Configure the NIS slave as a NIS client of itself in the /etc/yp.conf file, and configure the NIS domain in the /etc/sysconfig/network file as seen in Figure.

Figure NIS Master and Slave /etc/yp.conf Files

/etc/yp.conf

/etc/sysconfig/network

#

#

# File: /etc/yp.conf (Bigboy)

# File: /etc/sysconfig/network

#

#

ypserver 127.0.0.1

NISDOMAIN="NIS-SCHOOL-NETWORK"


3.
On the slave server, run ypbind so the slave can query the master server:

[root@nisslave tmp]# service portmap start
Starting portmapper: [  OK  ]
[root@nisslave tmp]# service ypbind start
Binding to the NIS domain:
Listening for an NIS domain server.
[root@nisslave tmp]#

[root@nisslave tmp]# chkconfig portmap on
[root@nisslave tmp]# chkconfig ypbind on

4.
Optimize database map transfers by the NIS map transfer daemon, which should be started on both the master and slave:

[root@nisslave tmp]# service ypxfrd start
Starting YP map server: [  OK  ]
[root@nisslave tmp]#
[root@nisslave tmp]# chkconfig ypxfrd on

[root@bigboy tmp]# service ypxfrd start
Starting YP map server: [  OK  ]
[root@bigboy tmp]#
[root@bigboy tmp]# chkconfig ypxfrd on

5.
Do a simple database query of the master from the slave using the ypwhich command with the -m (master) switch. You should get a listing of all the tables.

[root@nisslave tmp]# ypwhich -m
mail.aliases bigboy
group.bygid bigboy
passwd.byuid bigboy
rpc.bynumber bigboy
...
...
[root@nisslave tmp]#

6.
Do an initial database download to the slave from the master with the ypinit command using the -s switch for a slave-type operation and specifying server Bigboy as the master from which the data is to be obtained. You should see "Trying ypxfrd - success" messages. If the messages say "Trying ypxfrd - not running," then start ypxfrd on both servers.

[root@nisslave tmp]# /usr/lib/yp/ypinit -s bigboy
We will need a few minutes to copy the data from bigboy.
Transferring services.byservicename...
Trying ypxfrd ... success

Transferring group.byname...
Trying ypxfrd ... success
...
...

nisslave's NIS data base has been set up.
If there were warnings, please figure out what went wrong, and fix
it.

At this point, make sure that /etc/passwd and /etc/group have
been edited so that when the NIS is activated, the data bases you
have just created will be used, instead of the /etc ASCII files.
[root@nisslave tmp]#

If your database is corrupt or your /etc/hosts files are incorrect, you'll get map enumeration errors as shown. Use the make command again to rebuild your database on the master when necessary.

[root@nisslave tmp]# /usr/lib/yp/ypinit -s bigboy
Can't enumerate maps from bigboy. Please check that it is running.
[root@nisslave tmp]#

7.
Now that the data has been successfully downloaded, make the slave server serve NIS clients with ypserv.

[root@nisslave tmp]# service ypserv start
Starting YP server services:
[root@nisslave tmp]#
[root@nisslave tmp]# chkconfig ypxfrd on

8.
Log on to the master server. Add the slave server to the master server's database map by editing the /var/yp/ypservers file on the master:

[root@bigboy yp]# cd /tmp
[root@bigboy tmp]# cd /var/yp/
[root@bigboy yp]# vi ypservers

9.
Add nisslave to the file.

#
# File: /var/yp/ypservers
#
bigboy
nisslave

10.
The make file in the /var/yp directory defines how the NIS server will build the database map and how the master will relate to the NIS slave. Make a copy of the master's make file for safekeeping:

[root@bigboy yp]# cp Makefile Makefile.old

11.
Edit the make file to allow the master to push maps to the slave:

#
# File: /var/vp/Makefile
#

#
# Allow the master to do database pushes to the slave
#
NOPUSH=false

12.
Use the make command to rebuild the database. The make command automatically pushes database updates to the servers listed in the /var/yp/servers file.

[root@bigboy yp]# make
gmake[1]: Entering directory `/var/yp/NIS-SCHOOL-NETWORK'
Updating ypservers...
YPPUSH: gethostbyname(): Success
YPPUSH: using not FQDN name
gmake[1]: Leaving directory `/var/yp/NIS-SCHOOL-NETWORK'
gmake[1]: Entering directory `/var/yp/NIS-SCHOOL-NETWORK'
Updating netid.byname...
YPPUSH: gethostbyname(): Success
YPPUSH: using not FQDN name
gmake[1]: Leaving directory `/var/yp/NIS-SCHOOL-NETWORK'
[root@bigboy yp]#

13.
On the slave server, create a cron file in the /etc/crond.d directory, in this case named nis_sync, that will run periodic database downloads from the master server. This helps to ensure that the slave servers have current databases even if they miss updates from the master in the event the school goes offline for maintenance. Restart the cron daemon so that the configuration in this file becomes active.

[root@nisslave yp]# vi /etc/cron.d/nis_sync

#
# File: /etc/cron.d/nis_sync
#
20 *    * * *     /usr/lib/yp/ypxfr_1perhour
40 6    * * *     /usr/lib/yp/ypxfr_1perday
55 6,18 * * *     /usr/lib/yp/ypxfr_2perday


[root@nisslave yp]# service crond restart

That's a lot of work but it's still not over. There is one final configuration step that needs to be done on the NIS clients before you're finished.

Configuring NIS Clients with Slaves

Edit the /etc/yp.conf file on all the clients to include Nisslave, and restart ypbind.

     #
     # File: /etc/yp.conf (Smallfry)
     #
     domain NIS-SCHOOL-NETWORK server 192.168.1.100
     domain NIS-SCHOOL-NETWORK server 192.168.1.254

     [root@smallfry tmp]# service ypbind restart
     Shutting down NIS services: [ OK ]
     Binding to the NIS domain: [ OK ]
     Listening for an NIS domain server..
     [root@smallfry tmp]#

     Python   SQL   Java   php   Perl 
     game development   web development   internet   *nix   graphics   hardware 
     telecommunications   C++ 
     Flash   Active Directory   Windows