1
<?xml version="1.0" encoding="utf-8"?>
2
<!DOCTYPE chapter PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN" "http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd" [
3
<!ENTITY % globalent SYSTEM "../../../libs/global.ent">
4
<!-- NAMES --><!ENTITY canonical-name "Canonical Ltd.">
5
<!ENTITY project-name "Ubuntu Documentation Project">
6
<!ENTITY ubuntu "<phrase>Ubuntu</phrase>">
7
<!-- VERSIONS --><!ENTITY distro-version "Gutsy Gibbon">
8
<!ENTITY distro-rev "7.10">
9
<!ENTITY distro-release-date "October 2007">
10
<!ENTITY linux-kernel-version "2.6.22">
11
<!ENTITY gcc-version "4.1.2">
12
<!ENTITY glibc-version "2.5">
13
<!ENTITY python-version "2.5">
14
<!-- AUTHORS --><!ENTITY author-ubuntu-documentation-project SYSTEM "../common/authors/ubuntu-documentation-project.xml">
15
<!ENTITY glossary SYSTEM "../common/C/glossary.xml">
16
<!-- LEGAL URLs --><!ENTITY gpl-url '<ulink url="http://www.gnu.org/licenses/gpl.html">GNU General Public License</ulink>'>
17
<!ENTITY cc "http://creativecommons.org/">
18
<!ENTITY cc-attrib '<ulink url="http://creativecommons.org/licenses/by-sa/2.5/">Attribution-ShareAlike 2.5</ulink>'>
19
<!ENTITY cc-fulldeed-url "http://creativecommons.org/licenses/by-sa/2.5/legalcode/">
20
<!ENTITY fdl-url '<ulink url="http://www.gnu.org/copyleft/fdl.html">GNU Free Documentation License</ulink>'>
21
<!ENTITY cc-disclaimer-url "http://creativecommons.org/licenses/disclaimer-popup?lang=en">
22
<!-- CANONICAL URL RESOURCES --><!ENTITY canonical-url "http://www.canonical.com">
23
<!-- OTHER UBUNTU RELATED RESOURCES --><!ENTITY upstart-url "http://upstart.ubuntu.com">
24
<!-- UBUNTU IRC INFORMATION --><!ENTITY irc-network "Freenode">
25
<!ENTITY irc-server "irc.ubuntu.com">
26
<!ENTITY ubuntu-irc "irc.ubuntu.com channel #ubuntu">
27
<!ENTITY kubuntu-irc "irc.ubuntu.com channel #kubuntu">
28
<!ENTITY xubuntu-irc "irc.ubuntu.com channel #xubuntu">
29
<!ENTITY edubuntu-irc "irc.ubuntu.com channel #edubuntu">
30
<!-- UBUNTU URL RESOURCES --><!ENTITY ubuntu-packages "http://packages.ubuntu.com">
31
<!ENTITY ubuntu-dpkgfile "ubuntu5.10.tar">
32
<!ENTITY ubuntu-web "http://www.ubuntu.com">
33
<!ENTITY ubuntu-main "http://www.ubuntu.com">
34
<!ENTITY ubuntu-download "http://www.ubuntu.com/download">
35
<!ENTITY ubuntu-forums "http://www.ubuntu.com/community/forums">
36
<!ENTITY ubuntu-components "http://www.ubuntu.com/ubuntu/components">
37
<!ENTITY ubuntu-lists "http://lists.ubuntu.com">
38
<!ENTITY ubuntu-wiki "http://wiki.ubuntu.com">
39
<!ENTITY ubuntu-bugzilla "https://launchpad.net/distros/ubuntu/+bugs">
40
<!ENTITY ubuntu-doc-bugs "https://launchpad.net/products/ubuntu-doc/+bugs">
41
<!ENTITY ubuntu-support "http://www.ubuntu.com/support">
42
<!ENTITY ubuntu-paidsupport "http://www.ubuntu.com/support/paid">
43
<!ENTITY ubuntu-freesupport "http://www.ubuntu.com/support/free">
44
<!ENTITY ubuntu-comments "http://www.ubuntuforums.org/showthread.php?p=21787">
45
<!ENTITY ubuntu-documentation "http://help.ubuntu.com">
46
<!ENTITY ubuntu-documentation-repos "https://docteam.ubuntu.com/repos/trunk">
47
<!ENTITY ubuntu-doc-team "https://wiki.ubuntu.com/DocumentationTeam">
48
<!ENTITY ubuntu-doc-list "http://lists.ubuntu.com/mailman/listinfo/ubuntu-doc">
49
<!ENTITY ubuntu-shipit "http://shipit.ubuntu.com">
50
<!ENTITY ubuntu-launchpad "https://launchpad.ubuntu.com">
51
<!ENTITY ubuntu-rosetta "https://launchpad.ubuntu.com/rosetta">
52
<!ENTITY ubuntu-planet "http://planet.ubuntu.com">
53
<!ENTITY ubuntu-philosophy "http://www.ubuntu.com/ubuntu/philosophy">
54
<!ENTITY ubuntu-participate "http://www.ubuntu.com/community/participate/">
55
<!ENTITY ubuntu-marketplace "http://www.ubuntu.com/support/marketplace">
56
<!ENTITY ubuntu-hwdb "http://hwdb.ubuntu.com">
57
<!-- UBUNTU WIKI RESOURCES --><!ENTITY wiki-UserDocumentation "https://help.ubuntu.com/community/UserDocumentation">
58
<!ENTITY restricted-formats "https://help.ubuntu.com/community/RestrictedFormats">
59
<!ENTITY wiki-RestrictedFormats "https://help.ubuntu.com/community/RestrictedFormats">
60
<!ENTITY wiki-XChatHowto "https://help.ubuntu.com/community/XChatHowto">
61
<!ENTITY wiki-RootSudo "https://help.ubuntu.com/community/RootSudo">
62
<!ENTITY wiki-HowToGetHelp "https://help.ubuntu.com/community/HowToGetHelp">
63
<!ENTITY transcode "https://help.ubuntu.com/community/DVDRippingandEncoding">
64
<!ENTITY wiki-Wine "https://help.ubuntu.com/community/Wine">
65
<!ENTITY wiki-Cedega "https://help.ubuntu.com/community/Cedega">
66
<!ENTITY wiki-Nano "https://help.ubuntu.com/community/NanoHowto">
67
<!ENTITY wiki-locoteams "https://wiki.ubuntu.com/LoCoTeamList">
68
<!ENTITY wiki-BasicCommands "https://help.ubuntu.com/community/BasicCommands">
69
<!ENTITY wiki-filepermissions "https://help.ubuntu.com/community/FilePermissions">
70
<!-- KUBUNTU URL RESOURCES --><!ENTITY kubuntu-web "http://www.kubuntu.org">
71
<!ENTITY kubuntu-main "http://www.kubuntu.org">
72
<!ENTITY kubuntu-download "http://releases.ubuntu.com/kubuntu/">
73
<!ENTITY kubuntu-packages "http://packages.ubuntu.com/edgy/">
74
<!ENTITY kubuntu-cdpackages-nodefault "http://people.ubuntu.com/~cjwatson/seeds/kubuntu-edgy/ship">
75
<!ENTITY kubuntu-lists "http://lists.ubuntu.com/archives/kubuntu-users/">
76
<!ENTITY kubuntu-lists-users "http://lists.ubuntu.com/mailman/listinfo/kubuntu-users/">
77
<!ENTITY kubuntu-lists-devel "http://lists.ubuntu.com/mailman/listinfo/kubuntu-devel/">
78
<!ENTITY kubuntu-mirrors "http://distrowatch.com/kubuntu">
79
<!ENTITY kubuntu-forums "http://kubuntuforums.net">
80
<!ENTITY kubuntu-wiki "https://wiki.kubuntu.org">
81
<!ENTITY kubuntu-documentation-site "http://www.kubuntu.org/documentation.php">
82
<!ENTITY kubuntu-wiki-UserDocumentation "https://help.ubuntu.com/community/UserDocumentation">
83
<!ENTITY kubuntu-support "http://www.kubuntu.org/support.php">
84
<!-- XUBUNTU URL RESOURCES --><!ENTITY xubuntu-web "http://www.xubuntu.org">
85
<!ENTITY xubuntu-main "http://www.xubuntu.org">
86
<!ENTITY xubuntu-web-help "http://www.xubuntu.org/help">
87
<!-- DEBIAN RESOURCES --><!ENTITY debian-apt "http://www.debian.org/doc/user-manuals#apt-howto">
88
<!-- EXTERNAL URL RESOURCES --><!ENTITY linmodem "http://www.linmodems.org/">
89
<!ENTITY gnome "http://www.gnome.org/">
90
<!ENTITY linuxorg "http://www.linux.org/">
91
<!ENTITY ooo "http://www.openoffice.org/">
92
<!ENTITY kde "http://www.kde.org/">
93
<!ENTITY lugww "http://lugww.counter.li.org/">
94
<!ENTITY ubuntu-watch "http://distrowatch.com/ubuntu/">
95
<!ENTITY realplayer-download "http://www.real.com/linux/">
96
<!ENTITY nvu-download "http://www.nvu.com/download.html">
97
<!ENTITY sunjava-download "http://java.sun.com/j2se/1.5.0/download.jsp">
98
<!ENTITY xorg "http://www.x.org">
99
<!ENTITY dyndns "http://www.dyndns.org">
100
<!ENTITY shoutcast "http://www.shoutcast.com/">
101
<!ENTITY freedomtoaster "http://www.freedomtoaster.org/">
102
<!ENTITY xfce "http://www.xfce.org/">
103
<!-- ubuntu-screenshots TODO --><!ENTITY kubuntu-screenshots "http://shots.osdir.com/">
104
<!ENTITY mozilla "http://www.mozilla.org/">
105
<!ENTITY mozilla-firefox "http://www.mozilla.org/products/firefox/">
106
<!ENTITY gnu "http://www.gnu.org/">
107
<!ENTITY gnu-philosophy "http://www.gnu.org/philosophy/">
108
<!ENTITY win4lin "http://www.win4lin.com">
109
<!ENTITY codeweavers "http://www.codeweavers.com">
110
<!ENTITY kernel "http://www.kernel.org">
111
<!ENTITY google "http://www.google.com">
112
<!ENTITY kdelook " http://www.kde-look.org">
113
<!ENTITY lulu-store "http://www.lulu.com/ubuntu-doc">
114
<!-- this entity controls the url for addons--><!ENTITY java-download "http://java.sun.com/j2se/1.5.0/download.jsp">
115
<!ENTITY skype-deb "skype_1.2.0.17-1_i386.deb">
116
<!ENTITY skype-download "http://www.skype.com/go/getskype-linux-deb">
117
<!ENTITY scanmodem-gz "scanModem.gz">
118
<!ENTITY scanmodem-url "http://linmodems.technion.ac.il/packages/scanModem.gz">
119
<!ENTITY ext2fs-url "http://www.fs-driver.org/index.html">
120
<!ENTITY mvb-tar "mvb_1.6.tgz">
121
<!ENTITY mvb-url "http://www.xscd.com/pub/mvb/&mvb-tar;">
122
<!-- TLDP --><!ENTITY ldp-pre-install-check "http://tldp.org/HOWTO/Pre-Installation-Checklist/">
123
<!-- LANGUAGES (sorted by two letter code)--><!ENTITY Afar "aa">
124
<!ENTITY Abkhazian "ab">
125
<!ENTITY Afrikaans "af">
126
<!ENTITY Amharic "af">
127
<!ENTITY Arabic "ar">
128
<!ENTITY Assamese "as">
129
<!ENTITY Aymara "ay">
130
<!ENTITY Azerbaijani "az">
131
<!ENTITY Bashkir "ba">
132
<!ENTITY Byelorussian "be">
133
<!ENTITY Bulgarian "bg">
134
<!ENTITY Bihari "bh">
135
<!ENTITY Bislama "bi">
136
<!ENTITY Bangla "bn">
137
<!ENTITY Bengali "bn">
138
<!ENTITY Tibetan "bo">
139
<!ENTITY Breton "br">
140
<!ENTITY Catalan "ca">
141
<!ENTITY Corsican "co">
144
<!ENTITY Danish "da">
145
<!ENTITY German "de">
146
<!ENTITY Bhutani "dz">
148
<!-- <!ENTITY EnglishAmerican 'en'> --><!ENTITY EnglishAmerican "C">
149
<!ENTITY Esperanto "eo">
150
<!ENTITY Spanish "es">
151
<!ENTITY Estonian "et">
152
<!ENTITY Basque "eu">
153
<!ENTITY Persian "fa">
154
<!ENTITY Finnish "fi">
156
<!ENTITY Faeroese "fo">
157
<!ENTITY French "fr">
158
<!ENTITY Frisian "fy">
160
<!ENTITY Gaelic "gd">
161
<!ENTITY ScotsGaelic "gd">
162
<!ENTITY Galician "gl">
163
<!ENTITY Guarani "gn">
164
<!ENTITY Gujarati "gu">
167
<!ENTITY Croatian "hr">
168
<!ENTITY Hungarian "hu">
169
<!ENTITY Armenian "hy">
170
<!ENTITY Interlingua "ia">
171
<!ENTITY Interlingue "ie">
172
<!ENTITY Inupiak "ik">
173
<!ENTITY Indonesian "in">
174
<!ENTITY Icelandic "is">
175
<!ENTITY Italian "it">
176
<!ENTITY Hebrew "iw">
177
<!ENTITY Japanese "ja">
178
<!ENTITY Yiddish "ji">
179
<!ENTITY Javanese "jw">
180
<!ENTITY Georgian "ka">
181
<!ENTITY Kazakh "kk">
182
<!ENTITY Greenlandic "kl">
183
<!ENTITY Cambodian "km">
184
<!ENTITY Kannada "kn">
185
<!ENTITY Korean "ko">
186
<!ENTITY Kashmiri "ks">
187
<!ENTITY Kurdish "ku">
188
<!ENTITY Kirghiz "ky">
190
<!ENTITY Lingala "ln">
191
<!ENTITY Laothian "lo">
192
<!ENTITY Lithuanian "lt">
193
<!ENTITY Latvian "lv">
194
<!ENTITY Lettish "lv">
195
<!ENTITY Malagasy "mg">
197
<!ENTITY Macedonian "mk">
198
<!ENTITY Malayalam "ml">
199
<!ENTITY Mongolian "mn">
200
<!ENTITY Moldavian "mo">
201
<!ENTITY Marathi "mr">
203
<!ENTITY Maltese "mt">
204
<!ENTITY Burmese "my">
206
<!ENTITY Nepali "ne">
208
<!ENTITY Norwegian "no">
209
<!ENTITY Occitan "oc">
213
<!ENTITY Punjabi "pa">
214
<!ENTITY Polish "pl">
215
<!ENTITY Pushto "ps">
216
<!ENTITY Pashto "ps">
217
<!ENTITY Portuguese "pt">
218
<!ENTITY Quechua "qu">
219
<!ENTITY Rhaeto-Romance "rm">
220
<!ENTITY Kirundi "rn">
221
<!ENTITY Romanian "ro">
222
<!ENTITY Russian "ru">
223
<!ENTITY Kinyarwanda "rw">
224
<!ENTITY Sanskrit "sa">
225
<!ENTITY Sindhi "sd">
226
<!ENTITY Sangro "sg">
227
<!ENTITY Serbo-Croatian "sh">
228
<!ENTITY Singhalese "si">
229
<!ENTITY Slovak "sk">
230
<!ENTITY Slovenian "sl">
231
<!ENTITY Samoan "sm">
233
<!ENTITY Somali "so">
234
<!ENTITY Albanian "sq">
235
<!ENTITY Serbian "sr">
236
<!ENTITY Siswati "ss">
237
<!ENTITY Sesotho "st">
238
<!ENTITY Sudanese "su">
239
<!ENTITY Swedish "sv">
240
<!ENTITY Swahili "sw">
242
<!ENTITY Tegulu "te">
245
<!ENTITY Tigrinya "ti">
246
<!ENTITY Turkmen "tk">
247
<!ENTITY Tagalog "tl">
248
<!ENTITY Setswana "tn">
250
<!ENTITY Turkish "tr">
251
<!ENTITY Tsonga "ts">
254
<!ENTITY Ukrainian "uk">
257
<!ENTITY Vietnamese "vi">
258
<!ENTITY Volapuk "vo">
261
<!ENTITY Yoruba "yo">
262
<!ENTITY Chinese "zh">
264
<!ENTITY % cdo-C SYSTEM "../../../libs/cdo-C.ent">
265
<!-- COMMON DOC OBJECTS --><!ENTITY copyright SYSTEM "../common/C/copyright.xml">
266
<!ENTITY conventions SYSTEM "../common/C/conventions.xml">
267
<!ENTITY feedback SYSTEM "../common/C/feedback.xml">
268
<!ENTITY publisher SYSTEM "../common/C/publisher.xml">
269
<!ENTITY disclaimer SYSTEM "../common/C/disclaimer.xml">
270
<!ENTITY inline-ubuntu-icon SYSTEM "../common/C/inlinemediaobject-ubuntu-icon.xml">
271
<!ENTITY inline-ubuntu-icon-header SYSTEM "../common/C/inlinemediaobject-ubuntu-icon-header.xml">
272
<!ENTITY relative-ubuntu-icon SYSTEM "../common/C/mediaobject-relative-ubuntu-icon.xml">
273
<!ENTITY ubuntu-icon SYSTEM "../common/C/mediaobject-ubuntu-icon.xml">
274
<!ENTITY gpl SYSTEM "../common/C/gpl.xml">
275
<!ENTITY fdl SYSTEM "../common/C/fdl.xml">
276
<!ENTITY cc-by-sa SYSTEM "../common/C/ccbysa.xml">
277
<!ENTITY licenses SYSTEM "../common/C/licenses.xml">
278
<!ENTITY legalnotice SYSTEM "../common/C/legalnotice.xml">
279
<!ENTITY klegalnotice SYSTEM "../kubuntu/libs/legalnotice.xml">
280
<!ENTITY % gnome-menus-C SYSTEM "../../libs/edubuntu-menus-C.ent">
281
<!-- MENUS --><!ENTITY % edubuntuent SYSTEM "../../libs/edubuntu.ent">
282
<!-- AUTHORS --><!ENTITY author-edubuntu-documentation-project SYSTEM "../../common/authors/edubuntu-documentation-project.xml">
283
<!-- Edubuntu License --><!ENTITY educopy SYSTEM "../../common/C/educopy.xml">
284
<!ENTITY % xinclude SYSTEM "../../../libs/xinclude.mod">
285
<!ELEMENT xi:include (xi:fallback)?>
286
<!ATTLIST xi:include xmlns:xi CDATA #FIXED "http://www.w3.org/2001/XInclude">
287
<!ATTLIST xi:include href CDATA #REQUIRED>
288
<!ATTLIST xi:include parse (xml | text) "xml">
289
<!ATTLIST xi:include xpointer CDATA #IMPLIED>
290
<!ATTLIST xi:include encoding CDATA #IMPLIED>
291
<!ATTLIST xi:include accept CDATA #IMPLIED>
292
<!ATTLIST xi:include accept-charset CDATA #IMPLIED>
293
<!ATTLIST xi:include accept-language CDATA #IMPLIED>
294
<!ELEMENT xi:fallback ANY>
295
<!ATTLIST xi:fallback xmlns:xi CDATA #FIXED "http://www.w3.org/2001/XInclude">
296
<!ENTITY % local.preface.class "| xi:include">
297
<!ENTITY % local.part.class "| xi:include">
298
<!ENTITY % local.chapter.class "| xi:include">
299
<!ENTITY % local.divcomponent.mix "| xi:include">
300
<!ENTITY % local.para.char.mix "| xi:include">
301
<!ENTITY % local.info.class "| xi:include">
302
<!ENTITY % local.common.attrib "xmlns:xi CDATA #FIXED 'http://www.w3.org/2001/XInclude'">
303
<!ENTITY language "en">
304
<!ENTITY edubuntu "<phrase>Edubuntu</phrase>">
306
<chapter id="server" status="review">
307
<title>Edubuntu Server and Thin Client Computing</title>
309
<para>Edubuntu Server is almost the same thing as Edubuntu Workstation. It
310
contains all the same great educational programs, and the same ease of use.
311
The only difference is that it also installs, by default, a thin
315
<para>The Edubuntu community has worked very closely with the Linux Terminal
316
Server Project (LTSP), to come up with the next generation thin client solution
317
for GNU/Linux. It comes automatically installed on an Edubuntu server, so
318
you can begin setting up a thin client school lab right out of the box.
321
<para>Thin client computing has been around for a long time in the
322
UNIX world. Although the implementation has evolved quite a bit, the
323
concept has remained the same:
329
<para>The thin client only takes care of the basic functions like
330
display, keyboard, mouse and sound.
336
<para>The server does the heavy weightlifting. All the applications
337
run on the server, and they simply display on the thin
344
<para>Because the thin clients have a limited number of tasks to
345
manage, the hardware for the thin client can be small and cheap.
346
The thin clients themselves are basically maintenance free. They
347
last longer because they have no storage with moving parts like
348
hard disks. If they break no data is lost since nothing is stored
349
on the client itself. Simply swap the client with another one and
350
go back to work. If your thin client is stolen or put in the
351
trash, no data ends up in the hands of unauthorized people.
354
<para>The terminal server runs all applications and contains all
355
the data. All the regular maintenance (software updates,
356
administration) takes place on the terminal server. The number of
357
thin clients that a terminal server can support is proportional to
358
the power of the server. Because GNU/Linux in general, and Edubuntu
359
in particular, make efficient use of resources, you can support a
360
surprising number of thin clients from a machine which might only
361
be considered a powerful single user system running other operating
362
systems. Please see <xref linkend="server-sizing"/> for more
366
<para>Dans un environnement de clients légers, la stabilité du serveur est primordiale. Votre serveur devra impérativement disposer d'une bonne gestion de l'alimentation électrique, secourue par un onduleur, et suivant le niveau de disponibilité voulu, on envisagera même des alimentations électriques redondantes. Les utilisateurs qui en ont les moyens pourront investir dans des systèmes disques RAID et d'autres options nécessaires dans un environnement à Haute Disponibilité. Cependant, ceux-ci ne sont pas indispensables dans tous les cas et grâce la haute qualité de Edubuntu, vous n'en aurez probablement pas besoin, sauf dans les environnements les plus exigeants.</para>
369
<sect1 id="server-hw">
370
<title>Matériels Requis</title>
371
<para>Une personne installant un environnement de client léger sous LTSP pour la première fois, pose généralement deux questions :</para>
374
<para>Mes machines actuelles vont elles suffire comme terminaux, ou, que dois-je acheter pour utiliser comme terminal ?</para>
377
<para>De quelle taille de serveur ai-je besoin ?</para>
380
<para>Chances are, hardware that you already have is more than
381
sufficient for terminals. One of the great advantages of an Edubuntu
382
Server is that you can set up a high quality lab of terminals for your
383
students to use, by leveraging the machines you already have.
384
As for servers, usually, it's very easy
385
to turn any high-end single user desktop machine into a terminal
386
server capable of handling many thin clients. We'll present some
387
guidelines that should help in making the most of your
391
<title>Spécifications matérielles pour les clients légers LTSP</title>
392
<para>A lot of Edubuntu deployments are in classroom environments,
393
and usually, in these situations, the primary goal is to re-use
394
existing hardware that the school already owns. However,
395
specifically designed thin clients can be used also.
398
<title>Clients</title>
400
<title>Vieux matériels</title>
401
<para>There are three things to consider when trying to re-use
406
<para>Processeur</para>
412
<para>Carte vidéo</para>
417
<title>Processeur</title>
418
<para>For using the default, secure mode of LTSP, you'll need to
419
have a slightly faster CPU. Any 233 MHz or better CPU should
420
provide acceptable performance.
422
<para>If you have slower clients, in the range of 133 MHz to 233
423
MHz, you may be able to use them, if you're willing to reduce the
424
security of your thin client network. More information on this is available in
425
<xref linkend="customizing-thin-client"/>.
427
<para>For the best possible performance, a 533 MHz processor will
428
provide a first class thin client desktop experience.
432
<title>Réseau</title>
433
<para>A thin client boots over the network, using a small program
434
called a network boot loader. This network boot loader is sometimes
435
located on the card itself, or, for older cards without one, the
436
user can provide one on a floppy or CDRom which can be used to boot
439
<para>Three common network boot loaders which can be used
445
<emphasis role="bold">PXE:</emphasis> This one is the most common,
446
and many network cards and motherboards with built-in network cards
447
support this. If you have one of these, you'll be able to boot
448
without any problems.
453
<emphasis role="bold">Etherboot:</emphasis> For older cards that
454
don't have PXE included on them, you can use the Free Software
455
equivalent, Etherboot. This excellent alternative to PXE can either
456
be booted from a floppy, memory stick, or CDRom, or, if you're
457
handy with electronics, be burned onto a EPROM if your card has a
458
socket for one. More information on the project can be found at
459
http://www.etherboot.org, and you can download ready-to-use
460
Etherboot images at http://www.rom-o-matic.org.
465
<emphasis role="bold">Yaboot:</emphasis> For Macintosh PowerPC
466
machines (iMac's and later), you can use the built in Yaboot
473
<title>Carte vidéo</title>
474
<para>Typically, any video card that uses the PCI bus and has 2 MB
475
or more of memory, should make a reasonable client.
481
<sect2 id="server-sizing">
482
<title>Serveur Edubuntu requis</title>
483
<para>An Edubuntu/LTSP thin client network is quite scalable; a moderately
484
powerful machine can serve several thin clients, and if you need to
485
add more thin clients, you can either expand the capabilities of
486
the existing server, or, simply add more servers.
489
<title>Recommended specs</title>
490
<para>Dimensionner un serveur pour un réseau LTSP relève plus de l'art que de la science ! Demandez à n'importe quel administrateur de réseau LTSP la taille du serveur dont vous avez besoin, et il vous répondra sûrement « Ça dépend ! ». La taille du serveur dont vous avez besoin dépend largement de ce que vous avez l'intention de faire avec votre réseau de clients légers. Les besoins d'un serveur pour un réseau destiné à un peu de navigation sur Internet, sans Java ni Flash, seront bien différents de ceux pour un réseau où vous voudrez traiter des graphismes lourds, des jeux interactifs ou de l'animation Flash. Voici quelques règles générales qui devraient convenir à la plupart des cas « courants »</para>
493
<title>Memoire</title>
494
<para>Étant basé sur GNU/Linux, Edubuntu est un système d'exploitation qui utilise efficacement la mémoire. La formule généralement utilisée pour ajouter de la mémoire à un serveur de clients légers est :</para>
495
<para>256 + (128 * users) MB</para>
496
<para>Ainsi, si vous souhaitez connecter jusqu'à 20 terminaux sur votre serveur, il vous faudra :</para>
497
<para>256 + (128 * 20) = 256 + 2560 = 2816 MB</para>
498
<para>Rounding up, you'll need 3 1 Gig simms. Making sure you've
499
got enough memory is the single most important thing you can do to
500
help the performance of an Edubuntu/LTSP thin client server. If you do not
501
have enough memory in your server, you'll find your server will
502
have to use the hard drive as an overflow "virtual" memory. Hard
503
drives are much slower than memory, so you'll find things getting
504
very slow if this happens.
506
<para>If you intend to make heavy use of graphics work in your curriculum, you
507
may want to add even more, perhaps doubling the previous estimate.
512
<title>Processeurs</title>
513
<para> How fast a processor you
514
need is entirely dependant on what programs you plan to use.
515
Interactive games require a bit more than say, a word processor. If
516
you plan to use Java and Flash plugins in your web browser, these
517
can consume a lot of processing power. For a "mixed" model, i.e.
518
some people playing TuxMath, a few people browsing the web, and a
519
few people typing in OpenOffice.org, a 2GHz or better processor
520
should be able to adequately handle 20 people with some minor
521
delays. A 3GHz processor would be better.
523
<para>Pour de plus grands réseaux, il peut être très avantageux de passer à un processeur SMP (Symetric Multi Processing, Multi Processeur Symétrique) ou même encore à un serveur multi-processeurs. Si vous avez l'intention de gérer 30 clients ou plus, un serveur Xenon ou Opteron double-cœur donnera de bons résultats.</para>
524
<para>Enfin, pensez que si vous devez gérer un grand nombre de postes clients, il sera plus judicieux de mettre en place plusieurs petits serveurs Edubuntu, chacun d'entre eux gérant un sous-ensemble de clients.</para>
528
<title>Disques</title>
529
<para>Il est recommandé d'utiliser une des formes de RAID dans les serveurs de terminaux. En plus de préserver vos données quand un des disques tombe en panne, cela améliore les performances (principalement en lecture, cas le plus fréquent d'accès aux données). Pour le cas où le budget prime, mettre en oeuvre un RAID1 logiciel, avec deux disques SATA et NCQ (mise en Queue Native des Commandes) donnera de bons résultats. Si votre budget est plus confortable, vous pouvez envisager d'utiliser une bonne carte contrôleur SCSI et les disques adaptés. Ceci vous procurera le meilleur niveau de performance et de fiabilité.</para>
534
<title>Réseau</title>
535
<para>If you have more then 20 users, it is recommended to use
536
gigabit ethernet connected to a gigabit port on a switch for your LTSP servers. Although normal usage
537
ranges from 0.5 to 2mbit, clients can peak quite high (70mbit),
538
especially when watching multimedia content.
544
<sect1 id="ltsp-theory">
545
<title>Utilisation : aspects théoriques</title>
546
<para>Booting a thin client involves several steps.
547
Understanding what is happening along the way will make it much
548
easier to solve problems, should they arise.
550
<para>There are four basic services required to boot an LTSP
551
thin client. They are:
561
<para>NFS or NBD</para>
568
<title>The LTSP chroot environment</title>
569
<para>In order to turn a computer into a thin client, we need to run a mini
570
version of GNU/Linux on the workstation. It needs to boot this mini version
571
of GNU/Linux over the network, since it probably won't have a hard drive on
572
it's own. This mini GNU/Linux installation needs to live somewhere, and the
573
best place for it is on the server.
576
<para>This scaled-down GNU/Linux installation, customized so that it's
577
efficient to boot over the network, is called a
578
<emphasis role="strong">chroot environment</emphasis>. You can have several
579
of them, based upon several different CPU architectures. They'll normally
580
live under <filename>/opt/ltsp</filename> on the server, with subdirectories
581
for each of the architectures. For instance, if you have a lab full of
582
old Power PC Macs, and older PC's, you'll have an
583
<filename>/opt/ltsp/ppc</filename> and an <filename>/opt/ltsp/i386</filename>
584
directory on the server.
586
<para>The reason why it is called a chroot environment is that to install it, the
587
GNU/Linux command <command>chroot</command> is called to actually set the
588
installation root to <filename>/opt/ltsp/</filename><emphasis role="strong">arch</emphasis>.
589
From there, a scaled-down version of the distribution is installed. What this
590
means is that for you to manage the chroot, performing such things as updates,
591
all you need to do is use the <command>chroot</command> command to change
592
the root of your installation. Then you can use all your tools like you
598
<title>The boot process of a thin client</title>
599
<orderedlist spacing="normal">
601
<para>Load the Linux kernel into the memory of the thin client.
602
This can be done several different ways, including:
606
<para>Bootrom (Etherboot,PXE)</para>
609
<para>Disquette</para>
612
<para>Disque dur</para>
618
<para>USB Memory Device</para>
621
<para>Each of the above booting methods will be explained later in
626
<para>Une fois le noyau chargé en mémoire, son exécution commence.</para>
629
<para>Le noyau initialise tout le système et tous les périphériques qu'il reconnaît.</para>
632
<para>C'est là que les choses amusantes commencent. Durant le processus du chargement du noyau, une image initramfs est également chargée en mémoire.</para>
635
<para>Normalement, quand le noyau a fini de démarrer, il démarre le nouveau lanceur de tâches <command>upstart</command> qui gère le démarrage d'un serveur ou d'une station de travail. Mais dans ce cas, nous avons demandé au noyau de charger à la place un petit script. Ce script s'appelle <command>/init</command>, et se trouve dans la racine de /initramfs.</para>
638
<para>Le script <command>/init</command> commence par monter /proc et /sys, lance <command>udev</command> pour rechercher et initialiser le matériel, en particulier la carte réseau, qui est indispensable durant toutes les étapes du démarrage à venir. Dans le même temps, il crée un petit disque en mémoire, pour stocker localement tout ce qui aura besoin de l'être (par exemple, pour configurer le fichier <filename>xorg.conf</filename>).</para>
641
<para>L'interface réseau <emphasis role="strong">loopback</emphasis> est configurée. Cette interface se voit attribuer l'adresse IP <emphasis>127.0.0.1</emphasis>.</para>
644
<para>Un petit client DHCP nommé <command>ipconfig</command> est ensuite exécuté, pour envoyer une autre requête au serveur DHCP. Cette requête distincte, en espace utilisateur, récupère les informations fournies par le fichier dhcpd.conf, comme le serveur racine nfs, la passerelle par défaut, et d'autres paramètres importants.</para>
648
<command>ipconfig</command> gets a reply from the server, the
649
information it receives is used to configure the ethernet
650
interface, and determine the server to mount the root
655
<para>Up to this point, the root filesystem has been a ram disk.
657
<command>/init</command> script will mount a new root filesystem via
658
either NBD or NFS. In the case of NBD, the image that is normally
659
loaded is <filename>/opt/ltsp/images/i386.img</filename>. If the root is mounted
660
via NFS, then the directory that is exported from the server is typically
661
<filename>/opt/ltsp/i386</filename>. It can't just mount the new
662
filesystem as /. It must first mount it to a separate directory. Then,
664
<command>run-init</command>, which will swap the current root
665
filesystem for a new filesystem. When it completes, the
666
filesystem will be mounted on /. At this point, any directories
667
that need to be writable for regular startup to occur, like /tmp,
668
or /var, are mounted at this time.
672
<para>Une fois le montage du nouveau système de fichiers racine terminé, c'en est fini avec le script /init et on doit invoquer le vrai programme <command>/sbin/init</command>.</para>
676
The <command>init</command> program will read the
677
<filename class="directory">/etc/event.d</filename> directory and
678
begin setting up the thin client environment. From there, upstart
679
will begin reading the startup commands in
680
<filename class="directory">/etc/rcS.d</filename>.
685
It will execute the <command>S32ltsp-client-setup</command> command
686
which will configure many aspects of the thin client environment, such as
687
checking if local devices need starting, loading any specified modules, etc.
692
Next, the <command>init</command> program will begin to execute commands
693
in the <filename class="directory">/etc/rc2.d</filename> directory
697
<para>One of the items in the
698
<filename class="directory">/etc/rc2.d</filename> directory is the
699
<command>S20ltsp-client-core</command>command that will be run while the
700
thin client is booting.
705
<filename>lts.conf</filename> file will be parsed, and all of the
706
parameters in that file that pertain to this thin client will be
707
set as environment variables for the
708
<command>S20ltsp-client-core</command> script to use.
712
<para>If Sound is configured at this point, the
713
<command>pulseaudio</command> daemon is started, to allow remote
714
audio connections from the server to connect and play on the
719
<para>If the thin client has local device support enabled, the
720
<command>ltspfsd</command> program is started to allow the server to
721
read from devices such as memory sticks or CD-Roms attached to the
726
<para>At this point, any of the screen sessions you've defined in your
727
<filename>lts.conf</filename> will be executed.
729
<para>Screen sessions are what you want to launch on all of the virtual
730
screens on your terminal. These are the standard virtual screens that
731
all GNU/Linux distros have, i.e. alt-F1, through alt-F10.
733
<para>By default, a standard character based getty will be run on
734
screen 1 (SCREEN_01 in the <filename>lts.conf</filename> file).
737
As well, if nothing else is specified in the <filename>lts.conf</filename>
738
file, an <command>ldm</command> screen script is run on SCREEN_07. The
739
LTSP Display Manager (<command>ldm</command>) is the default login manager
745
<emphasis role="strong">SCREEN_07</emphasis> is set to a value of
746
<emphasis role="strong">ldm</emphasis>, or
747
<emphasis role="strong">startx</emphasis>, then the
748
X Windows System will be launched, giving you a graphical user
751
<para>By default, the Xorg server will auto-probe the card, create
752
a default <filename>/etc/X11/xorg.conf</filename> file on the ramdisk
753
in the terminal, and start up xorg with that custom config.
758
The X server will either start an encrypted <command>ssh</command>
759
tunnel to the server, in the case of <command>ldm</command>, or an an
760
XDMCP query to the LTSP server, in the case of startx. Either way, a login
761
box will appear on the terminal.
765
<para>At this point, the user can log in. They'll get a session on
768
<para>This confuses a lot of people at first. They are sitting at a
769
thin client, but they are running a session on the server. All
770
commands they run will be run on the server, but the output will
771
be displayed on the thin client.
778
<title>Network booting the thin client</title>
780
<para>Getting the thin client to boot over the network can be
781
accomplished in a variety of ways:
786
<para>Boot ROM</para>
789
<para>Local media</para>
794
<title>Boot ROM</title>
796
<para>Depending on your network card, it may already contain a boot ROM, or
797
you may be able to use an EPROM programmer to create your own. Check the
798
hardware documentation for the network card in your thin client for details.
802
<title>Etherboot</title>
804
<para>Etherboot is a very popular open-source bootrom project. It
805
contains drivers for many common network cards, and works very well
809
<para>ROM images suitable for booting from floppy, CD-ROM, etc., can be
810
obtained from http://www.rom-o-matic.org
813
<para>Linux kernels must be tagged with the
814
<command>mknbi-linux</command>, which will prepare the kernel for
815
network booting, by prefixing the kernel with some additional code,
816
and appending the initrd to the end of the kernel.
818
<para>The kernels that are supplied with Edubuntu/LTSP are already tagged,
819
and ready to boot with Etherboot.
825
<para>Part of the 'Wired for Management' specification from the
826
late 1990's included a specification for a bootrom technology known
828
<emphasis>Pre-boot Execution Environment</emphasis> commonly
829
abbreviated as <emphasis role="strong">PXE</emphasis>.
831
<para>A PXE bootrom can load at most a 32 kilo-byte file. A Linux
832
kernel is quite a bit larger than that. Therefore, we setup PXE to
833
load a 2nd stage boot loader called
834
<emphasis role="strong">pxelinux</emphasis>, which is small
835
enough to be loaded. It knows how to load much larger files,
836
such as a Linux kernel.
842
<title>Local media</title>
843
<para>If your network card in the thin client doesn't have a boot ROM built
844
in, and you don't have access to an EPROM burner, have no fear! Chances
845
are, that old machine has a floppy drive, or CD-ROM in it. If so, then you
846
can use local media to boot the thin client.
850
<title>Disquette</title>
852
<para>Booting Etheboot from a floppy is an excellent way of booting
853
an LTSP thin client that doesn't have a boot ROM.
854
Etherboot is loaded in the boot sector of the floppy.
855
Then, it will act just like a bootrom. The boot code will be
856
executed, the network card will be initialized, and the kernel will
857
be loaded from the network server.
862
<title>Disque Dur</title>
863
<para>The hard disk can be used with LILO or GRUB, to load the
864
Linux kernel and initrd. You can also load the Etherboot bootrom
865
image from the hard disk, and it will act like a bootrom.
870
<title>CD-ROM</title>
871
<para>A bootable CD-ROM can be loaded either with a Linux kernel,
872
or an Etherboot image.
877
<title>Clé USB</title>
878
<para>Just like a CD-ROM, Floppy disk and Hard disk, you can use a
879
USB Memory device to boot an Etherboot module.
887
<sect1 id="customizing-thin-client">
888
<title>Customizing thin client behaviour</title>
889
<para>By default, most thin clients will automatically configure themselves
890
correctly, and just work when they're plugged in. However, sometimes you
891
may wish to customize their behavior. You would do this by editing the
892
<filename>lts.conf</filename> file.
895
<title>Format of the lts.conf file</title>
896
<para>When LTSP was designed, one of the issues that needed to be
897
dealt with was varying hardware configurations for the
898
thin client. Certainly, whatever combination of processor, network
899
card and video card available today would not be available in 3
900
months, when you want to add more thin clients to the
903
<para>So, LTSP.org devised a way of specifying the configuration of
904
each thin client. The configuration file is called
905
<filename>lts.conf</filename> and it lives in the
906
<filename class="directory">
911
<para>The format of the lts.conf allows for 'default' settings and
912
individual thin client settings. If all of your thin clients are
913
identical, you could specify all of the configuration settings in
914
the '[Default]' section.
917
<title>Section headings</title>
918
<para>Section headings begin with an identifier in square brackets.
919
the identifier can be one of:
923
<para>a mac address for a workstation, in the form of XX:XX:XX:XX:XX:XX,
924
where X is the digits 0-9, or A-F. You can usually read the mac
925
address for a network card from a sticker on the card itself, or
926
use some kind of network tool to discover it. The <command>ifconfig</command>
927
can tell you the mac address of your network cards.
931
<para>an IP address. You'll need to statically assign host IP addresses
932
for this to work, as by default, Edubuntu ships with a
933
<filename>dhcpd.conf</filename> that hands out dynamic addresses.
934
This means there's no guarantee which host will get what IP
939
<para>a hostname. Same issue as an IP address, but additionally, you
940
must have either defined the hostname in DNS, or in <filename>/etc/hosts</filename>.
944
<para>The special section heading [Default]. This section can set defaults
945
that apply to all terminals.
951
<title>Variable Assignments</title>
952
<para>After the section heading, you can then define variables. Variables are
953
ether boolean values, requiring a True/False or Y/N answer. Note that you
954
can either use True or False, Yes or No, or Y or N. Whichever you prefer.
955
Other variables may simply be strings, supplied after the = sign. The general
956
format of an assignment looks like:
959
BOOLEAN_VARIABLE = True
960
STRING_VARIABLE = Information
962
<para>Comments can be inserted into the file for your documentation purposes.
963
Comments start with a # character, and everything after the # for the
964
rest of the line is considered a comment.
968
<title>Location of the lts.conf filename</title>
969
<para>In order to speed up LTSP, by default, we're using NBD (Network Block
970
Devices) rather than NFS. The <filename class="directory">/opt/ltsp/i386</filename>
971
still exists, but now, it's compressed into a squashfs image, so it's much
972
smaller than simply exporting via NFS. This means that the client uses less
973
network bandwidth than before. However, it would mean that every time you
974
change the <filename>lts.conf</filename> file, you'd have to re-create this
975
image using the command <command>ltsp-update-image</command>. This takes a while
976
to do. So, in order to avoid this, we've moved the <filename>lts.conf</filename> file
977
to the TFTP directory, in <filename class="directory">/var/lib/tftpboot/ltsp/i386</filename>.
978
This means you can make changes to the file immediately, and simply reboot the terminal, without
979
recompiling the image.
983
<title>About using NBD instead of NFS</title>
984
<para>Using NBD instead of NFS has several advantages:</para>
987
<para>Using a squashfs image we can now merge that together in a unionfs to get writeable
988
access which is a lot faster during bootup.
992
<para>A squashed root filesystem uses less network bandwidth.
996
<para>Many users and administrators have asked us to eliminate NFS, for reasons of
997
site policy. Since the squashed image is now served out by <command>nbd-server</command>,
998
which is an entirely userspace program, and is started as the user nobody, this
999
should help to eliminate concerns over NFS shares.
1003
<para>However, some people still want to use NFS. Fortunately, it's easy to switch back to NFS, if it's
1008
<para>On the server, use the <command>chroot</command> command to maintain the LTSP chroot:
1010
sudo chroot /opt/ltsp/i386
1015
<para>Now edit <filename>/etc/default/ltsp-client-setup</filename>
1016
and change the value of the root_write_method variable to use bind mounts
1017
instead of unionfs, it should look like this afterwards:
1019
root_write_method="bind_mounts"
1024
<para>Next, create the file <filename>/etc/initramfs-tools/conf.d/ltsp</filename>
1025
and add the following line (set the value of the BOOT variable to nfs):
1032
<para>Regenerate the initramfs:
1039
<para>Hit CTRL-D to exit the chroot now. Make sure LTSP uses the new initramfs to boot:
1041
sudo ltsp-update-kernels
1048
<title>Sample lts.conf file</title>
1049
<para>Here is an example of the lts.conf file:
1052
# Global defaults for all clients
1053
# if you refer to the local server, just use the
1054
# "server" keyword as value
1055
# see lts_parameters.txt for valid values
1066
#[MAC ADDRESS]: Per thin client settings
1070
X_MOUSE_DEVICE=/dev/ttyS0
1071
X_MOUSE_PROTOCOL=intellimouse
1074
# A Thin Client Print server
1075
# (switch off X by pointing tty7 to shell,
1076
# to save ressources)
1079
PRINTER_0_DEVICE=/dev/usblp0
1083
# A workstation that executes a specific
1084
# command after login
1087
LDM_REMOTECMD=/usr/bin/myloginscript
1093
<title>The LDM display manager</title>
1094
<para>The LTSP Display Manager, or <command>ldm</command> is the display
1095
manager specifically written by the LTSP project to handle logins
1096
to a GNU/Linux server. It is the default display manager for LTSP thin
1097
clients running under Edubuntu, and has a lot of useful features:
1101
<para>It is written in C, for speed and efficiency on low end clients.
1105
<para>It supports logging in via either a greeter (a graphical login
1106
application) or autologin.
1110
<para>It can be configured to encrypt X Windows traffic, for increased
1111
security, or leave it unencrypted, for better performance on slower
1116
<para>It contains a simple load-balancing system, to allow the system
1117
administrator to allow load balancing across several servers.
1121
<para>We'll go over the <filename>lts.conf</filename> entries you'll need to
1122
control these features below.
1125
<title>Utilisation : aspects théoriques</title>
1126
<para>To help understand the following sections, a bit of an explanation
1127
of how <command>ldm</command> does it's work is needed. Most thin
1128
client display managers tend to run up on the server. The
1129
<command>ldm</command> display manager is unique in that it runs on
1130
the thin client itself. This allows the thin client to have a lot
1131
of choice as to how it will set up the connection. A typical login
1132
session goes as follows:
1136
<para><command>ldm</command> launches and starts up the X Windows
1137
display on the thin client.
1141
<para><command>ldm</command> starts up the greeter, which is a
1142
graphical program which presents the user with a nice login
1143
display and allows them to select their session, language,
1144
and host they'd like to log into.
1148
<para><command>ldm</command> collects the information from the greeter,
1149
and starts an ssh session with the server. This ssh connection
1150
is used to create an ssh master socket, which is used by all
1151
subsequent operations.
1155
<para>Now, the users selected session is started via the master
1156
socket. Depending on whether or not an encrypted connection
1157
has been requested, via the LDM_DIRECTX parameter, the session
1158
is either connected back to the local display via the ssh tunnel,
1159
or via a regular TCP/IP connection.
1163
<para>During the session, any memory sticks, or other local devices
1164
that are plugged in, communicate their status to the server via
1165
the ssh control socket.
1169
<para>When the user exits the session, the ssh connection is closed
1170
down, the X server is stopped, and <command>ldm</command> restarts
1171
itself, so everything starts with a clean slate.
1177
<title>Encrypted versus unencrypted sessions</title>
1178
<para>By default, LTSP5 encrypts the X session between the server. This
1179
makes your session more secure, but at the cost of increased processing
1180
power required on the thin client and on the server. If processing
1181
power is a concern to you, it's very easy to specify that the connection
1182
for either an individual workstation, or the default setting should use
1183
an unencrypted connection. To do so, simply specify:
1188
<para>in your <filename>lts.conf</filename> file in the appropriate stanza.
1192
<title>Auto login features</title>
1193
<para>This new version of LDM supports auto login of accounts, if
1194
specified in the <filename>lts.conf</filename> file. Simply
1195
create a config stanza for each of the terminals you want to log
1196
in automatically (you can use either MAC address, IP address, or
1197
hostname) and specify the variable <command>LDM_USERNAME</command>
1198
and <command>LDM_PASSWORD</command>. Note that you must have created
1199
these accounts on the server, with the passwords specified. An example
1200
will serve to illustrate how to use this:
1204
LDM_USERNAME=station1
1205
LDM_PASSWORD=sekrit1
1208
LDM_USERNAME=station2
1209
LDM_PASSWORD=sekrit2
1213
<title>Load balancing features</title>
1214
<para>In this version of LTSP, there's a simple load-balancing solution
1215
implemented that allows administrators to have multiple Edubuntu
1216
servers on the network, and allow the thin client to pick which
1217
one of the servers it would like to log into.
1219
<para>The host selection system is simple and flexible enough to allow
1220
administrators to implement their own policy on how they want
1221
the load balancing to happen: either on a random, load-based, or
1222
round robin system. See <xref linkend="multiple-server-setup"/>
1228
<title>General thin client parameters</title>
1229
<para>There are several variables that one can define in the lts.conf file
1230
which control how the thin client interacts with the server. These
1236
<command>SERVEUR</command>
1239
<para>This is the server that is used for the XDM_SERVER,
1240
TELNET_HOST, XFS_SERVER and SYSLOG_HOST, if any of those are not
1241
specified explicitly. If you have one machine that is acting as the
1242
server for everything, then you can just specify the address here
1243
and omit the other server parameters. If this value is not set, it
1244
will be auto detected.
1250
<command>SYSLOG_HOST</command>
1253
<para>If you want to send logging messages to a machine other than
1254
the default server, then you can specify the machine here. If this
1255
parameter is NOT specified, then it will use the 'SERVER' parameter
1262
<command>NBD_SWAP</command>
1266
<command>Y</command> if you want to turn on NBD swap. The default is
1267
<command>Y</command>.
1273
<command>SWAP_SERVER</command>
1276
<para>The NBD swap server can exist on any server on the network
1277
that is capable of handling it. You can specify the IP address of
1278
that server. The default is whatever the value of SERVER set
1285
<command>NBD_PORT</command>
1288
<para>The port on which NBD swapping will occur. This is set to
1295
<command>USE_LOCAL_SWAP</command>
1298
<para>If you have a hard drive installed in the thin client, with a
1299
valid swap partition on it, this parameter will allow the thin
1300
client to swap to the local hard drive. The default is
1301
<command>N</command>.
1307
<command>DNS_SERVER</command>
1310
<para>Used to build the resolv.conf file. Not needed by
1317
<command>SEARCH_DOMAIN</command>
1320
<para>Used to build the resolv.conf file.</para>
1325
<command>SON</command>
1328
<para>This parameter enables sound for the thin client. The default is
1329
<command>Y</command>.
1335
<command>LOCALDEV</command>
1338
<para>This parameter enables local devices support, like CD's and
1339
USB sticks. Users plugging them in should see them on the desktop,
1340
after they've been added to the fuse group on the server. You can do
1343
<guimenu>System</guimenu>
1344
<guisubmenu>Administration</guisubmenu>
1345
<guimenuitem>Users and Groups</guimenuitem>
1347
selecting the user, clicking on "Properties", the going into the
1348
"User Privileges" tab, and making sure the "Allow use of FUSE filesystems..."
1349
box is checked. The default is:
1350
<command>Y</command>.
1357
<title>Screen Scripts</title>
1358
<para>Screen scripts are how LTSP determines what type of login will run
1359
on what virtual screen. Most GNU/Linux machines have 12 virtual consoles,
1360
which you can access by pressing Control-Alt-F1, through Control-Alt-F12.
1361
There is a text based getty that is started on screen 1, but you normally
1362
can't log into it, as there are no local users on the thin client.
1365
However, for debugging purposes, you may want to set up root to log in
1366
on the thin client. You may need to do this if you're debugging problems
1367
with local devices, for example. Fortunately, it's easy to do: on the server,
1368
just chroot into the LTSP chroot, and set the password with passwd.
1371
sudo chroot /opt/ltsp/i386
1374
<para>By default, if there's nothing else mentioned in <filename>lts.conf</filename>,
1375
an LDM session will be started on screen 7.
1378
<title>Parameters relating to screen scripts</title>
1381
<command>SCREEN_01</command> thru
1382
<command>SCREEN_12</command>
1385
<para>Up to 12 screen scripts can be specified for a thin client.
1386
This will give you up to 12 sessions on the thin client, each
1387
accessible by pressing the Ctrl-Alt-F1 through Ctrl-Alt-F12 keys.
1393
<para>Currently, possible values include:
1397
<emphasis role="bold">ldm</emphasis>: This is the default display
1398
manager. It collects a username and password, and then establishes
1399
a secure, encrypted tunnel to the server via
1400
<command>ssh</command>. This should be good for most environments.
1401
Edubuntu deployments with lower-powered clients or servers
1402
may find that the extra overhead involved in encrypting the X
1403
traffic might slow their sessions, and may wish to enable the
1404
<command>LDM_DIRECTX</command> parameter described in <xref linkend="ldm"/>
1409
<emphasis role="bold">sdm</emphasis>: Similar in functionality to
1410
ldm, but a little less graphically intensive.
1415
<emphasis role="bold">startx</emphasis>: Older X connection requiring
1416
the use of XDMCP to connect to the server. Some legacy installations
1417
may want to use it, however, the intruduction of the <command>LDM_DIRECTX</command>
1418
parameter has eliminated much of the need to run it.
1419
Enabling this will require you to turn on XDMCP for the
1420
<command>gdm</command> login manager. As an administrative user, go
1423
<guimenu>System</guimenu>
1424
<guisubmenu>Administration</guisubmenu>
1425
<guimenuitem>Login Window</guimenuitem>
1427
and in the "Remote" tab, change the drop down to
1428
"Same as local". Additionally, you may wish to click on the
1429
"Configure XDMCP" button on the lower corner, and increase the
1430
"Maximum remote sessions" to something a little higher than the
1431
number of thin clients you have.
1432
<emphasis role="bold">Please note that doing this means local
1433
devices will not work for you, as they rely on the ssh
1434
tunnel that ldm provides.
1440
<emphasis role="bold">telnet</emphasis>: Text screen telnet into
1441
whatever host TELNET_HOST is set to. See below for an explanation.
1446
<emphasis role="bold">shell</emphasis>: spawns a shell on the thin
1447
client. Useful for testing.
1452
<emphasis role="bold">rdesktop</emphasis>: spawns an rdesktop session
1453
to a remote windows server. Note that you must have the <command>rdeskop</command>
1454
package installed in the chroot.
1458
Look in the <filename class="directory">/opt/ltsp/i386/usr/lib/ltsp/screen.d</filename>
1459
directory for more scripts, or write your own, and put them there.
1465
<command>TELNET_HOST</command>
1468
<para>If the thin client is setup to have a character based
1469
interface, then the value of this parameter will be used as the
1470
host to telnet into. If this value is NOT set, then it will use the
1472
<command>SERVER</command> above.
1480
<title>Modules and startup scripts</title>
1481
<para>For the most part, LTSP does a very good job of detecting what hardware's on
1482
your thin client. However, it's possible that you may want to manually specify
1483
a kernel module to load after boot. Alternatively, you may have a script you've
1484
written that you've put in the chroot, and want to make sure gets run at startup.
1485
LTSP provides some hooks to allow you to do this.
1490
<command>MODULE_01</command> thru
1491
<command>MODULE_10</command>
1494
<para>Up to 10 kernel modules can be loaded by using these
1495
configuration entries. The entire command line that you would use
1496
when running insmod can be specified here. For example:
1498
MODULE_01 = uart401.o
1499
MODULE_02 = "sb.o io=0x220 irq=5 dma=1"
1503
<para>If the value of this parameter is an absolute pathname, then
1504
<command>insmod</command> will be used to load the module.
1506
<command>modprobe</command> will be used.
1508
<para>In normal circumstances, you shouldn't need to specify
1509
anything here, as most hardware will be auto-detected.
1515
<command>RCFILE_01</command> thru
1516
<command>RCFILE_10</command>
1519
<para>Additional RC scripts can be executed by the
1520
<command>ltsp-client-setup</command> script. Just put the script in the
1521
<filename>/opt/ltsp/i386/etc/init.d</filename> directory, and
1522
specify the name of the script in one of these entries.
1529
<title>X-Windows parameters</title>
1530
<para>Setting up X windows on the thin client's normally a pretty easy operation.
1531
The thin client uses X.org's own auto configuration mode to let X determine
1532
what it thinks is installed in the box. The thin client just runs the command
1533
<command>Xorg -configure</command>, and then uses that output, slightly
1534
modified, for the X config file.
1536
<para>However, sometimes, this doesn't always work. Either due to strange/buggy
1537
hardware, or buggy drivers in X.org, or because X detects default settings that
1538
you don't want. For instance, it may detect that your monitor is capable of doing
1539
1280x1024, but you'd prefer it to come up in 1024x768 resolution. Fortunately,
1540
you can tweak individual X settings, or, alternatively, simply provide your own
1541
<filename>xorg.conf</filename> to use.
1544
<title>X.org configuration</title>
1547
<command>X_CONF</command>
1550
<para>If you want to create your own complete X.org config file, you
1551
can do so and place it in the
1552
<filename class="directory">/opt/ltsp/i386/etc/X11</filename> directory. Then, whatever you
1553
decide to call it needs to be entered as a value for this
1554
configuration variable. For example:
1556
X_CONF = /etc/X11/my-custom-xorg.conf
1558
Note that for the thin client, you reference it from <filename class="directory">/etc/X11</filename>.
1564
<command>X_RAMPERC</command>
1567
<para>Some programs allocate a large amount of ram in the X.org server running on your thin
1568
client. Programs like <command>Firefox</command> and <command>Evince</command> can use
1569
up so much ram, that they eventually exhaust all your physical ram, and NBD swap, causing
1570
your thin client to crash. If you find your clients being booted back to a login prompt,
1571
or freezing up when viewing certain PDF's or web pages, this may be the problem.
1573
<para>The X_RAMPERC variable stands for X RAM PERCent, and is a number between 0 and 100 that
1574
specifies how much of the free space on your thin client X.org is allowed to consume. You'll
1575
generally want to set it at something lower than 100 percent, if you're having problems.
1576
Experimentation has shown a value between 80 and 90 will usually keep the terminal alive.
1577
What will then happen is the program consuming the memory will die, as opposed to the thin client
1578
itself. If you're having unexplained terminal problems, specifying:
1582
in your <filename>lts.conf</filename> file may improve things.
1588
<command>XDM_SERVER</command>
1591
<para>If you're using the older <command>startx</command> screen script, and need to specify a different
1592
server, then you can specify the server here. If this parameter is
1593
NOT specified, then it will use the 'SERVER' parameter described
1600
<command>XSERVER</command>
1603
<para>You can use this parameter to override which X server the thin client will run. For PCI
1604
and AGP video cards, this parameter should not be required. The
1605
thin client should normally be able to
1606
auto-detect the card.
1608
<para>If, for some reason you do need to manually set it, here are
1619
<para>atimisc</para>
1625
<para>cirrus_alpine</para>
1631
<para>cirrus_laguna</para>
1664
<para>neomagic</para>
1667
<para>newport</para>
1682
<para>rendition</para>
1685
<para>riva128</para>
1691
<para>s3virge</para>
1697
<para>siliconmotion</para>
1712
<para>trident</para>
1740
<command>X_MOUSE_DEVICE</command>
1743
<para>This is the device node that the mouse is connected to. If it
1744
is a serial mouse, this would be a serial port, such as
1745
<command>/dev/ttyS0</command> or
1746
<command>/dev/ttyS1</command>. This is not needed for PS/2 or USB
1747
mice, as they are auto-detected.
1753
<command>X_MOUSE_PROTOCOL</command>
1756
<para>Should be auto-detected. However, valid entries
1767
<para>vsxxxaa</para>
1770
<para>spaceorb</para>
1773
<para>spaceball</para>
1776
<para>magellan</para>
1779
<para>warrior</para>
1782
<para>stinger</para>
1785
<para>mousesystems</para>
1788
<para>sunmouse</para>
1791
<para>microsoft</para>
1797
<para>mouseman</para>
1800
<para>intellimouse</para>
1803
<para>mmwheel</para>
1809
<para>h3600ts</para>
1812
<para>stowawaykbd</para>
1815
<para>ps2serkbd</para>
1818
<para>twiddler</para>
1821
<para>twiddlerjoy</para>
1828
<command>X_MOUSE_EMULATE3BTN</command>
1831
<para>Normally unset, may need to be set to
1832
<command>Y</command> for certain 2 button mice.
1838
<command>X_COLOR_DEPTH</command>
1841
<para>This is the number of bits to use for the color depth.
1843
<command>8</command>,
1844
<command>16</command>,
1845
<command>24</command> and
1846
<command>32</command>. 8 bits will give 256 colors, 16 will give
1847
65536 colors, 24 will give 16 million colors and 32 bits will give
1848
4.2 billion colors! Not all X servers support all of these values.
1849
The default value for this is
1850
<command>24</command>.
1856
<command>USE_XFS</command>
1859
<para>You have a choice of running the X Font Server (XFS) or
1860
reading the fonts through the file system. XFS has been pretty much
1861
superceeded by the RENDER extention of X.org, but for special cases, you
1863
The 2 values for this option are
1864
<command>Y</command> and
1865
<command>N</command>. The default value is
1866
<command>N</command>. If you do want to use a font server, then you
1868
<command>XFS_SERVER</command> entry to specify which host will act
1875
<command>XFS_SERVER</command>
1878
<para>If you are using an X Font Server to serve fonts, then you
1879
can use this entry to specify the IP address of the host that is
1880
acting as the font server. If this is not specified, it will use
1881
the default server, which is specified with the
1882
<command>SERVER</command> entry described above.
1888
<command>X_HORZSYNC</command>
1891
<para>This sets the X.org
1892
<command>HorizSync</command> configuration parameter. This should be
1893
auto-detected for your monitor, however, if you want to force a
1894
lower resolution, use this parameter to do so.
1900
<command>X_VERTREFRESH</command>
1903
<para>This sets the X.org
1904
<command>VertRefresh</command> configuration parameter. This should
1905
be auto-detected for your monitor. If you need to force a
1906
lower resolution, use this parameter to do so.
1912
<command>X_VIDEORAM</command>
1915
<para>This sets the X.org
1916
<command>VideoRam</command> configuration parameter. This should
1917
be auto-detected for your monitor. If you need to force a
1918
different video ram setting, use this parameter to do so.
1924
<command>X_OPTION_01 through X_OPTION_12</command>
1927
<para>This allows you to specify
1928
<command>Option</command> settings in the <filename>xorg.conf</filename> file, to
1929
add options to the video driver. A common use for this will be to test
1930
turning off accelleration in your driver, if you're having trouble. An example usage
1933
X_OPTION_01 = "\"NoAccel\""
1934
X_OPTION_02 = "\"AnotherOption\" \"True\""
1935
</screen>. You probably won't need these except in special circumstances.
1941
<command>X_MODE_0, X_MODE_1, and X_MODE_2</command>
1944
<para>These sets the X.org
1945
<command>ModeLine</command> configuration. For example, if your
1946
thin client comes up in a higher resolution than what you want,
1947
say, 1280x1024, specifying:
1951
should get your desired resolution on startup.
1958
<title>Printer configuration parameters</title>
1959
<para>Sometimes, it's convenient to hang a printer off of a thin
1960
client in a lab, so that the computer lab has access to local
1961
printing resources. Fortunately, LTSP can accomodate printing
1964
<para>LTSP can connect up to 3 printers per workstation to the network
1965
via a small daemon called JetPipe. Both parallel and USB printers
1966
are supported. JetPipe makes the printer
1967
look like a standard HP Jet Direct printer interface. You can then
1968
create any cups printer on your server, and point it at the printer
1969
via a Jet Direct connection.
1971
<para>In your <filename>dhcpd.conf</filename> file that controls your
1972
thin client IP assignments, you'll want to assign a static IP
1973
for the terminal with the printers, to guarentee that it gets
1974
the same IP address every time it boots. Otherwise, your printing
1975
won't work if the terminal leases a different IP address.
1978
<title>Printing related parameters</title>
1981
<command>PRINTER_0_DEVICE</command>
1984
<para>The device name of the printer. Names such as
1985
<command>/dev/lp0</command>, or
1986
<command>/dev/usblp0</command> are allowed.
1992
<command>PRINTER_0_PORT</command>
1995
<para>The TCP/IP Port number to use. By default, it will use '
1996
<command>9100</command>', for PRINTER_0_DEVICE, '<command>9101</command>' for PRINTER_1_DEVICE, and
1997
'<command>9102</command>' for PRINTER_2_DEVICE.
2004
<title>Paramètres Clavier</title>
2005
<para>All of the keyboard support files are copied into the
2006
/opt/ltsp/i386 hierarchy, so configuring international keyboard
2007
support is simply a matter of configuring X.org. There are several
2008
configuration parameters for this.
2010
<para>The values for the above parameters are from the X.org
2011
documentation. Whatever is valid for X.org is valid for these
2014
<para>We would like to add documentation to show what values are
2015
needed for each type of international keyboard. If you work with
2016
this and can configure your international keyboards, feedback to
2017
Edubuntu would be greatly appreciated.
2022
<command>CONSOLE_KEYMAP</command>
2025
<para>Allows you to specify a valid console keymap for TELNET_HOST
2026
sessions. Default is
2027
<command>en</command>.
2033
<command>XKBLAYOUT</command>
2036
<para>Consult the X.org documentation for valid settings.</para>
2041
<command>XKBMODEL</command>
2044
<para>Consult the X.org documentation for valid settings.</para>
2049
<command>XKBVARIANT</command>
2052
<para>Consult the X.org documentation for valid settings.</para>
2057
<command>XKBRULES</command>
2060
<para>Consult the X.org documentation for valid settings.</para>
2065
<command>XKBOPTIONS</command>
2068
<para>Consult the X.org documentation for valid settings.</para>
2076
<!--multiple-server-setup-->
2077
<sect1 id="multiple-server-setup">
2078
<title>Multiple server setup</title>
2080
A multiple server setup is useful for larger thin client networks. Instead of using one big server,
2081
it makes it possible to use smaller servers, and dispatch users on them. You can adjust computing
2082
resources as the demand grows simply by adding a new server.
2083
To make sure that every server behaves the same from the users point of view, new services and
2084
configurations that are required will be discussed. In addition, some configurations specific
2085
to thin clients will be presented.
2087
<sect2 id="multiple-server-setup-common-services">
2088
<title>Infrastructure setup</title>
2090
<title>Network topology</title>
2092
The network topology is the same as a standalone server setup, except that
2093
there are more than one server on the thin client lan.
2096
You will need to select one server to behave as the primary server. This server
2097
will be used to run additional services, hold users files, and network boot thin clients.
2100
Secondary servers will be used only to run desktop sessions. They are simpler, and will
2101
be configured to use the central services from the primary server. Installing the package
2102
<command>ltsp-server</command> will install required software.
2105
<sect3><title>Common authentication</title>
2107
A user should be able to start a session with the same login and password, no matter
2108
which server it connects to. For this purpose, a central authentication mechanism must
2109
be used. There are many possibilities offered. Here are the major technologies:
2113
<para>LDAP authentication: On the master server, setup an OpenLDAP server.
2114
Configure each servers to use this LDAP server as the authentication base,
2115
with the pam_ldap plugin.
2119
<para>NIS authentication: On the master server, setup a NIS server. Configure
2120
each server to use this NIS server for the authentication.
2124
<para>Winbind authentication: Useful if you already have an Active Directory server.
2128
<para>The smbldap-installer offers system administrators an easy way to set up a Samba/LDAP server which can authenticate both Windows and non-Windows (Linux, Mac OS X, and others) clients. Home directories can be centrally located on one server and shared with other servers. For more information: <ulink url="http://www.majen.net/smbldap">http://www.majen.net/smbldap</ulink>
2133
For detailed instructions, see their respective manuals.
2137
<title>Shared home directories</title>
2139
Shared home directories are easy to setup using an NFS server on the primary server.
2140
To configure the share, install the package <command>nfs-kernel-server</command>.
2141
Then, edit the file <filename class="directory">/etc/exports</filename> and add the following line,
2142
by replacing <command>secondary_server_ip</command> by the real IP address of the server.
2144
/home secondary_server_ip(rw,no_root_squash)
2146
After this modification, the service needs to be restarted.
2148
sudo invoke-rc.d nfs-kernel-server restart
2150
You can define the mount point on each secondary servers, by editing the file
2151
<filename>/etc/fstab</filename> and adding the following line:
2153
192.168.0.1:/home /home nfs hard,intr,rsize=8192,wsize=8192,bg 0 0
2157
With the default setup, the home directory of the user must exist before the
2158
first login. To create the home directory on the fly on the first login,
2159
you can use the pam_mkhomedir plugin. The NFS export option
2160
<command>no_root_squash</command> allows any secondary server to create
2161
directories on the primary server.
2165
<title>Shared printers</title>
2166
<para>For printers to be accessible on each server, the cups server must be
2167
configured to share printers. Refer to the CUPS manual for detailed instructions.
2171
<title>Synchronization of packages</title>
2172
<para>Once you install one desktop application on one server, then you must
2173
install it on all the other servers, as well. Otherwise, users may not be able to
2174
use the same set of applications. First, make sure that
2175
<command>/etc/apt/sources.list</command> file is the same on each server.
2176
Then, list packages of the reference server. Using the primary server for
2177
this purpose is not recommended, since it may install other server packages
2178
that are not necessary on secondary servers. To build the package list:
2179
<screen>dpkg --get-selections > deblist </screen>
2180
Then, copy this file on the target server you want to sync applications,
2181
and perform the following steps:
2183
sudo dpkg --set-selections < deblist
2184
sudo apt-get dselect-upgrade
2186
Apt will install additional packages that are not already installed on the target machine.
2190
<title>Managing the SSH known hosts file</title>
2192
For security reasons, a thin client won't connect to an untrusted server. You
2193
must add the keys of secondary servers inside the client root on the primary
2194
server. To do this, first export the key file of the secondary server to add:
2196
sudo ltsp-update-sshkeys --export ssh_known_hosts.myhostname
2198
Then, copy the file on the primary server, in the directory
2199
<filename class="directory">/etc/ltsp/</filename>, and run <command>ltsp-update-sshkeys</command>
2200
on the primary server. Then, thin clients will trust the freshly added server,
2201
and will be able to connect to it.
2204
If a secondary server changes it's IP address, then this procedure must be repeated.
2208
<title>Setting network forwarding</title>
2209
<para>Primary server will act as an network gateway for other servers. With this
2210
configuration, other workstations will be able to access the network behind
2211
the primary server. Here is an example of script that setup the network forwarding.
2212
We put it in <command>/etc/network/if-up.d/forward.sh</command>, and make it
2213
executable. The script will run at each network start. In this example, the
2214
primary server private IP is <command>192.168.0.1</command>. It must be
2215
adapted for the IP address used.
2220
echo 1 > /proc/sys/net/ipv4/ip_forward
2222
echo Setting up the forwarding
2224
LAN_IP_NET="192.168.0.1/24"
2228
iptables -t nat -A POSTROUTING -s $LAN_IP_NET -o $OUT_NIC -j MASQUERADE
2229
iptables -A FORWARD -j ACCEPT -i $LAN_NIC -s $LAN_IP_NET
2230
iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT
2234
<title>Replication of desktop profiles</title>
2235
<para>If you customize user's desktop, then custom desktop profiles should be
2236
copied to every server. Gnome desktop profiles created with Sabayon are
2237
located in <command>/etc/desktop-profiles</command>
2241
<sect2 id="multiple-server-setup-config">
2242
<title>Session dispatching</title>
2244
<title>Define the server list</title>
2246
LDM is a login manager for thin clients. Users can select a server
2247
from the available ones in the host selection dialog box.
2250
The displayed server list is defined by the <command>LDM_SERVER</command>
2251
parameter. This parameter accepts a list of server IP address or host names,
2252
separated by space. If you use host names, then your DNS resolution must work
2253
on the thin client. If defined in the <filename>lts.conf</filename> file, the
2254
list order will be static, and the first server in the list will be selected
2258
You can also compute a new order for the server list, by creating the script
2259
<command>/opt/ltsp/i386/usr/lib/ltsp/get_hosts</command>. The parameter
2260
<command>LDM_SERVER</command> overrides the script. In consequence, this
2261
parameter must not be defined if the <command>get_hosts</command> is going
2262
to be used. The <command>get_hosts</command> script writes on the standard
2263
output each server IP address or host names, in the chosen order.
2267
<title>Dispatching method</title>
2269
You can change this behavior by using a script to rearrange the
2270
list. The simplest way to do it is by randomizing the list. First, define
2271
a custom variable in the file <command>lts.conf</command>, for example
2272
<command>MY_SERVER_LIST</command>, that will contain the list of servers,
2273
the same way as <command>LDM_SERVER</command> Then, put the following
2274
script in <command>/opt/ltsp/i386/usr/lib/ltsp/get_hosts</command>.
2277
# Randomize the server list contained in MY_SERVER_LIST parameter
2282
for i in $MY_SERVER_LIST; do
2285
TMP_LIST="$TMP_LIST\n${rank}_$i"
2288
TMP_LIST=$(echo -e $TMP_LIST | sort)
2289
for i in $TMP_LIST; do
2290
SHUFFLED_LIST="$SHUFFLED_LIST $(echo $i | cut -d_ -f2)"
2297
More advanced load balancing algorithms can be written. For example,
2298
load balancing can be done by querying ldminfod for the server rating.
2299
By querying ldminfod, you can get the current rating state of the server.
2300
This rating goes from 0 to 100, higher is better. Here is an example of
2303
nc localhost 9571 | grep rating | cut -d: -f2
2310
<!-- Network Swap -->
2312
<title>Network Swap</title>
2313
<subtitle>Helping thin clients with smaller amounts of ram</subtitle>
2314
<para>Just like on a full fledged workstation, it helps to have swap defined
2315
for your thin client. "Swap" is an area of disk space set aside to allow
2316
you to transfer information out of ram, and temporarily store it on a hard
2317
drive until it's needed again. It makes the workstation look like it has
2318
more memory than it actually does. For instance, if your workstation has
2319
64 Megabytes of ram and you configure 64 Megabytes of swap, it's theoretically
2320
possible to load a 128 Megabyte program.
2322
<para>I say, "theoretically", because in practice, you want to avoid swapping
2323
as much as possible. A hard drive is several orders of magnatude slower
2324
than ram, and, of course, on a thin client, you don't even have a hard drive!
2325
You have to first push the data through the network to the server's hard drive,
2326
thus making your swapping even slower. In practice, it's best to make sure
2327
you have enough ram in your thin client to handle all your average memory
2330
<para>However, sometimes that's not possible. Sometimes, you're re-using old
2331
hardware, or you've simply got a program that isn't normally used, but does
2332
consume a lot of ram on the thin client when it does. Fortunately, LTSP
2333
supports swapping over the network via NBD, or Network Block Devices. We include
2334
a small shell script called nbdswapd, which is started via inetd. It handles
2335
creating the swap file, and setting up the swapping, and removing the swap file
2336
when it's no longer needed, after the terminal shuts down.
2338
<para>By default, swap files are 32 Megabytes in size. This was chosen to give your
2339
workstation a little extra ram, but not use up too much disk space. If you get some
2340
random odd behaviour, such as Firefox crashing when viewing web pages with a lot
2341
of large pictures, you may want to try increasing the size of the swap files. You can
2342
do so by creating a file in the directory <filename class="directory">/etc/ltsp</filename>
2343
on the Edubuntu server, called <filename>nbdswapd.conf</filename>. In it, you can set the
2344
SIZE variable to the number of Megabytes you wish the file to be sized to. For instance,
2345
to create 128 Megabyte files, you'll want:
2349
in the <filename>nbdswapd.conf</filename> file.
2351
<para>Please note that this is a global setting for all swap files. If your server has 40 thin
2352
clients, each using 128 Megs of memory, you'll need 128 * 40 = 5120, or a little over 5
2353
Gigabytes of space in your <filename class="directory">/tmp</filename> directory, where
2354
the swapfiles are stored.
2360
<title>Managing DHCP</title>
2361
<para>DHCP stands for Dynamic Host Configuration Protocol and is the very first thing your
2362
thin client uses to obtain an IP address from the network, in order to allow it to start
2363
booting. In Edubuntu, the dhcpd file is located in <filename class="directory">/etc/ltsp</filename>. Any changes
2364
you want to make to booting behaviour should be made there.
2366
<para>By default, Edubuntu ships a <filename>dhcpd.conf</filename> that serves thin clients
2367
in a dynamic range (i.e. it will hand out ip addresses to anyone who asks for them) from
2368
192.168.0.20 to 192.168.0.250. The default dhcpd.conf file looks like:
2371
# Default LTSP dhcpd.conf config file.
2376
subnet 192.168.0.0 netmask 255.255.255.0 {
2377
range 192.168.0.20 192.168.0.250;
2378
option domain-name "example.com";
2379
option domain-name-servers 192.168.0.1;
2380
option broadcast-address 192.168.0.255;
2381
option routers 192.168.0.1;
2382
# next-server 192.168.0.254;
2383
# get-lease-hostnames true;
2384
option subnet-mask 255.255.255.0;
2385
option root-path "/opt/ltsp/i386";
2386
if substring( option vendor-class-identifier, 0, 9 ) = "PXEClient" {
2387
filename "/ltsp/i386/pxelinux.0";
2389
filename "/ltsp/i386/nbi.img";
2393
This <filename>dhcpd.conf</filename> should handle most situations.
2395
<para>By default, Edubuntu will detect an unused network interface and configure it to be 192.168.0.254.
2396
Edubuntu's recommended single server installation is to use a separate network interface for the thin
2397
clients. If, however, you're not using two network interfaces, or you already have an interface
2398
in the 192.168.0 range, then you might have to configure the thin client interface differently, which
2399
means you may have to adjust the <filename>dhcpd.conf</filename> accordingly.
2401
<para>If the network interface that you're going to connect the thin clients to has, say, a TCP/IP address
2402
of 10.0.20.254, you'll want to replace every occurance of 192.168.0 with 10.0.20 in the
2403
<filename>dhcpd.conf</filename> file.
2405
<para>Always remember, you'll need to re-start the dhcp server if you make any changes. You can do this
2406
by issuing the command:
2408
sudo invoke-rc.d dhcp3-server restart
2410
at the command prompt.
2413
<title>Adding static entries to the dhcpd.conf</title>
2414
<para>Sometimes, you may need to have a certain terminal boot with a guaranteed fixed TCP/IP address
2415
every time. Say, if you're connecting a printer to the terminal, and need to make sure the
2416
print server can find it at a fixed address. To create a fixed address, use a low number
2417
in the range of 2-19, or otherwise, if you change the range statement in the <filename>dhcpd.conf</filename>.
2419
<para>To create a static entry, simply add the following after the "option root-path" line:
2422
hardware ethernet MA:CA:DD:RE:SS:00;
2423
fixed-address 192.168.0.2;
2426
Substitude the mac address for the mac address of the thin client you wish to fix the address of. The
2427
fixed-addres will be the TCP/IP address you want, and "hostname" is the name you wish to give the host.
2431
<title>DHCP failover loadbalancing</title>
2432
<para>Another common method of loadbalancing is to use DHCP loadbalancing. There's an excellent writeup on the topic at:
2433
<ulink url="https://wiki.edubuntu.org/EdubuntuDHCPload-balancingFailover">https://wiki.edubuntu.org/EdubuntuDHCPload-balancingFailover</ulink>
2439
<title>Lockdown with Sabayon and Pessulus</title>
2440
<para>A common requirement in both schools and businesses is having the ability to lock down the desktop
2441
and provide certain default configurations.
2443
<para>In Edubuntu, the applications you'll want to use are Sabayon and Pessulus. You'll want to add them from
2444
the <command>synaptic</command> package manager. After you've added them both, then you can start them from
2446
<guimenu>System</guimenu>
2447
<guisubmenu>Administration</guisubmenu>
2448
<guimenuitem>User Profile Editor</guimenuitem>
2451
<para>The Sabayon profile editor looks like a window that contains a smaller sized picture of your desktop. Within
2452
this window, you can create a default layout: add icons to panels and the desktop, lock down the panels
2453
so they can't be modified, remove access to the command line, etc.
2455
<para>Once you're done, you can save your profile. You have the option of applying your profile to either individual
2456
users, or all users on the system. Please consult the manual included with Sabayon for all the details.
2460
<!-- Thin Client Manager -->
2461
<sect1 id="ltsp-tcm">
2462
<title>Edubuntu Thin Client Manager</title>
2464
<title>Using Thin Client Manager</title>
2465
<subtitle>Managing an LTSP setup effectivly</subtitle>
2466
<para>Thin Client Manager (TCM) is a system administration utility to
2467
enable a teacher to easily control the machines in their class, by
2468
utilising the following features:
2472
<para>Remote program execution</para>
2475
<para>Simple message sending</para>
2478
<para>Remote application closure</para>
2481
<para>Quick access to the lockdown editor</para>
2484
<para>Remote logout execution</para>
2487
<para>Process listings for each user</para>
2490
<para>Plugin framework to expand functionality</para>
2493
<para>When first loaded, TCM shows the clients currently logged
2494
onto the server on the right hand side, along with their IP address
2495
and username, as in Fig 1. This list is dynamically updated and
2496
will change as users log into and out of the system. Clicking on an
2497
entry in this list will highlight it, and enable certain functions
2498
in the user interface. Clicking on a user will also fill the window
2499
on the right with all the processes that are running in that users
2505
<imagedata fileref="../../images/C/scpmain.png" format="PNG"/>
2508
<phrase>Vue principale</phrase>
2510
</inlinemediaobject>
2514
<title>Opérations</title>
2516
<title>Process Management</title>
2517
<para>You can end a users applications by first choosing a user,
2518
selecting a process from the right hand side, and then clicking on
2519
the "End Process" button. You will then be asked to confirm your
2520
actions and, upon confirmation, a message is sent to the clients
2521
session asking for the program to terminate. (Note: You can select
2522
multiple users here)
2527
<imagedata fileref="../../images/C/scpprocs.png" format="PNG"/>
2530
<phrase>Processes Window</phrase>
2532
</inlinemediaobject>
2536
<title>Logging Users Out</title>
2537
<para>If desired, you can log a user out of their session, by first
2538
selecting a user and click on the "Disconnect" button. You will
2539
then be asked to confirm your actions and, upon confirmation, a
2540
message is sent to end the users session. This will log the user
2541
out of their current session. (Note: You can select multiple users
2546
<title>Envoyer un Message</title>
2547
<para>You are able to send short messages to users, for example,
2548
"You have 5 minutes left of this lesson". To do this, first select
2549
a user and then click on the send message button. You will then be
2550
presented with a box to type in your message. Upon clicking "Ok",
2551
the message will be sent to the selected user. (Note: You can
2552
select multiple users here)
2557
<imagedata fileref="../../images/C/scpmess.png" format="PNG"/>
2560
<phrase>Message Window</phrase>
2562
</inlinemediaobject>
2566
<title>Starting A Program</title>
2567
<para>It is also possible to start an application or process in a
2568
clients session from TCM. To do this simply select the user, and
2569
click on the "Execute" button. You will then be presented with a
2570
dialog box to enter a command to be run in the users session. Upon
2571
clicking "Ok", a message will be sent to the users session asking
2572
for the chosen command to be run. (Note: You can select multiple
2578
<imagedata fileref="../../images/C/scpexec.png" format="PNG"/>
2581
<phrase>Fenêtre d'Exécution</phrase>
2583
</inlinemediaobject>
2587
<title>Éditeur de verrous</title>
2588
<para>By choosing a single user and right clicking on that users name, you will open up the context menu. From here you can choose "Lockdown", which will allow you to set options to restrict a particular user. Clicking this menu item will invoke the "Pessulus" program, which is the Gnome lockdown editor. Ticking and unticking options in Pessulus will enable and disable certain functions for that particular user. There is a padlock next to each option in Pessulus. Ticking this will make the option unchangeable by the user. This is called a mandatory setting. Pessulus has been altered for integration with Thin Client Manager so that mandatory keys are now per user, instead of per system. For further help with Pessulus, please refer to the Pessulus documentation.</para>
2591
<title>Gérer les utilisateurs avec les groupes</title>
2592
<para>The latest version of Thin Client Manager comes with a user group and filtering system. Right clicking in the user list, will present you with a menu which has an option called Groups. From this menu you can create new groups, delete old groups and assign users to groups.</para>
2594
To assign users to a group simply select the users required from the user list and then right click to enter context menu. Now you can move through the menu,
2596
<guimenu>Groups</guimenu>
2597
<guisubmenu>Add user to group</guisubmenu>
2598
<guimenuitem>Group Name</guimenuitem>
2600
The process for removing members from a group is exceedingly similar.
2603
Once you have assigned your users into groups, you can use the filter combo box above the user list to show only members of that particular group. Groups and members are persistent across Thin Client Manager sessions and are automatically saved once you have altered them. If you ever need to manually access the file which stores this information, it is located at <filename>/etc/tcm/users.conf</filename>.
2607
<title>Plug-ins</title>
2609
The plugin framework allows you to expand the way TCM works. By selecting one or more users in the left hand panel you can right click in the left hand area and be presented with the context menu. This menu has an option called "Plugins" and from that there is a list of all the plugins installed in TCM. On a fresh installation, this will consist of a single plugin, which is used purely as an example. For the more advanced user, please see the example plugin file located at <filename>/usr/lib/python2.4/site-packages/studentcontrolpanel/plugins/cheap_plugin</filename>. A plugin consists simply of a class and a registration function. The plugin is provided with a list of users, which you can use to write a code to perform functions based on that list.
2613
<title>Screen Viewing</title>
2615
<emphasis role="bold">This functionality requires some set up by the system administrator, please see the Ubuntu wiki for more information.</emphasis>
2617
<para>By clicking on the Screen Viewer tab, you can view four client screens at a time. By using the buttons at the bottom of the screen you can move between the currently logged in users. If a user becomes disconnected, you can use the refresh option to reconnect all screens. Connections are closed when switching to the Process Viewer to save bandwidth, but are reconnected again upon switching to the Screen Viewer tab.</para>
2622
<sect1 id="ltsp-updates">
2623
<title>Keeping your Edubuntu server in shape</title>
2624
<para>Security, as it's often been said, is a process, and not an
2625
end result. Fortunately, Ubuntu makes it easy to keep up to date
2626
with the latest security patches.
2629
<title>Edubuntu Server Management</title>
2630
<para>When logging onto the LTSP network as an administrator you
2631
will sometimes find a bubble appear in the top right informing you
2632
that there are updates available for your computer.
2639
<imagedata fileref="../../images/C/updateavailable.png" format="PNG"/>
2645
<para> Any updates you
2646
apply here will automatically be applied to all clients, though
2647
they may require a reboot. This is because LTSP clients all use the
2648
same set of applications on the server. When this prompt appears
2649
click the small red icon, and enter your password
2650
to display the following application.
2656
<imagedata fileref="../../images/C/updatemanager.png" format="PNG"/>
2661
<para>This application allows you to apply all available updates
2662
for your computer quickly and easily. Clicking on the <emphasis role="bold">Check</emphasis>
2663
button, checks to see if there are any more updates since the
2664
computer last checked. If you are going to perform the updates,
2665
it's a good idea to click this button. Once the check is completed,
2666
you are ready to update your system.
2668
<para>Be sure to check how much information is going to be
2669
downloaded, if you are low on bandwidth, or using a slow
2670
connection. Click on the <emphasis role="bold">Update</emphasis> button, to set the computer
2671
downloading and installing updates. Once clicked, if there are any
2672
verification issues, these will be shown. If you are happy that the
2673
packages come from a trusted source, you can click <keycap>OK</keycap> to continue.
2674
First, your computer will download all available packages and
2675
display a screen similar to that below.
2681
<imagedata fileref="../../images/C/updatedownload.png" format="PNG"/>
2686
<para>After all packages have finished downloading, you will be
2687
presented with the progress box, which shows how far the computer
2688
has come in updating. If you wish you can click the word
2689
<emphasis role="bold">terminal</emphasis> to show more detailed information about the updates
2693
<informalfigure float="left">
2696
<imagedata fileref="../../images/C/updateinstall.png" format="PNG"/>
2701
<para>After the updates have completed, the computer will inform
2702
you if you need to restart in order for the updates to come into
2703
effect. You can either shutdown when you wish, or click the small
2704
blue icon in the top righthand corner, and you will
2705
be presented with this question.
2709
<para>If you restart your computer without shutting down your
2710
clients, their computers will stop responding and they may lose
2711
data. Be sure all clients are logged out before restarting the
2718
<title>Updating your LTSP chroot</title>
2719
<para>At some point in the future, updates will become available
2720
for your LTSP server. You must remember that altough you may have
2721
applied all the updates to the server itself, as in the
2722
instructions....HERE it is likely that the LTSP chroot will also
2723
need updating. To do this you must open up a terminal and use the
2726
<para>First make sure the Client environment has the same Package
2727
lists as the Server, to achieve that, you will copy the
2728
sources.list file from the Server to the Client environment.
2731
sudo cp /etc/apt/sources.list /opt/ltsp/i386/etc/apt/
2733
<para>Now issue the command below.</para>
2734
<screen>sudo chroot /opt/ltsp/i386</screen>
2735
<para>This will change your root directory to be the LTSP clients
2736
root directory. In essence, anything you now do inside here, will
2737
be applied to the LTSP clients NFS root. This is a separate small
2738
set of files that are used to boot the clients into a usable, and
2739
enable them to contact the LTSP server. Once inside this shell, we
2740
must type the following command to obtain the latest list of
2741
packages from the apt servers.
2743
<screen>apt-get update</screen>
2744
<para>Once this has completed you will have to upgrade the software
2745
in the chroot by running the following command:
2747
<screen>apt-get upgrade</screen>
2748
<para>Once all upgrades have finished, you must leave the chroot by
2749
either typing <emphasis role="bold">exit</emphasis> or by using the key combination Ctrl+D.
2750
This will return you to the root of the server.
2752
<para>If your kernel has been upgraded you must run the LTSP kernel
2753
upgrade script, to ensure that your LTSP chroot uses the latest
2754
version. This is performed by running the command below:
2756
<screen>sudo ltsp-update-kernels</screen>
2757
<para>All of your clients will now use the latest kernel upon their
2760
<para>Finally, you must remember to rebuild the NBD boot image from your
2761
chroot with the following command:
2763
<screen>sudo ltsp-update-image</screen>
2764
<para>Be advised that this may take a few minutes, depending on the speed of your server.
2768
<title>Changing the IP of your LTSP server</title>
2769
<para>At some point in time, it may become necessary to change the
2770
IP address of your LTSP server. Normally this does not present an
2771
issue, but LTSP servers and clients communicate over and encrypted
2772
channel and require all SSL certificates to be updated. Without
2773
this update, <emphasis role="bold">no LTSP clients will be able to log in</emphasis>. This is
2774
done by simply opening a terminal and running the following
2777
<screen>sudo ltsp-update-sshkeys</screen>
2782
<sect1 id="server-backup">
2783
<title>Sauvegarde</title>
2785
Now that you have your Edubuntu server working, and are keeping it updated,
2786
you're going to want to back up your users' data.
2789
<para>There are a variety of options available for external backup media.
2790
SCSI tape drives, DVD RAM or ROM's, or even CD/R's may all be used to back
2791
up your server on a regular basis.
2794
<sect2 id="backupwhat">
2795
<title>What needs to be backed up?</title>
2796
<para>When backing up a server, there are typically two approaches:</para>
2799
<para>Back up everything.</para>
2802
<para>Back up config files, and user data.</para>
2805
<para>We'll look at each briefly.</para>
2808
<title>Back up everything</title>
2809
<para>Typically, by backing up everything, the administrator is looking to
2810
do a restore of the entire operating system, as well as user data.
2812
<para>Typically, you'll want to use a SCSI tape drive, and a program like
2813
<command>amanda</command> (available in the universe repository) to do this
2814
kind of backup strategy.
2818
<title>Back up configs and data</title>
2819
<para>Backing up only config files and data is an acceptable strategy for sites
2820
on a budget. On a typical Edubuntu system, without a lot of customization,
2821
backing up the following files and directories should capture most of what's
2822
on your system. Following a disaster, you'll need to re-install Edubuntu from
2823
the CD, re-install any programs you added, and re-apply all updates. At that
2824
point, you can pull the config files and user data from your backup.
2829
/var/lib/tftpboot/ltsp/i386/lts.conf