My company is approx 200 users. We have 10 offices each with 5-30 users each. A few offices work independently, but there has been a lot more inter-office work lately. I am looking for a way to provide fast local access to files stored in the same office as the user, but also acceptable performance for inter-office file transfers. We are currently using Oracle Drive for a central file server, it utilizes WebDAV and has good performance over the WAN. There are samba & adaptec snap servers for local file access, but these are currently only accessible when in the same office as the local server. - I have done a lot of research and demoing of OpenAFS (even went to their conference last month!). While it is a true distributed filesystem; it is very complex to setup, requires client software, requires a kerberos server and seems to have a lot of quirks of its own. I don't think I am ready to trust that... - I have been trying to figure out a way to have Samba servers in each office that would mount remote servers/folders via NFS. This would provide access from the local server with hopefully better speeds for remote files (NFS is my experience has been much faster over WAN links). But I'm not sure how file locking will work. From searching, it seems that samba/nfs locking isn't reliable. What is the current status of this? I also saw in Samba 3.2, the CTDB project is becoming more mature. Would this be a possibility? Or is that really only for clusters on a fast local network? - There is MS DFS, but we really don't want to implement MS servers. - ?? I have been searching and searching, but haven't found anything that would solve our problem...so I'm hoping someone can help! Any suggestions would be greatly appreciated. Thank you! --Bill
What types of files are you trying to share? If they are primarily small (under 100meg) files that you need read/write access to (especially documents), you might want to adopt some type of document management system like KnowledgeTree instead of using Samba. I suggest this not only because you get document management features, but KnowlegeTree works over http, and if you are using webdav you already have an Apache infrastructure set up. At my last job, we used Subversion for the same purpose: distributed document management. However, using it for distributed document management requires training the staff to use TortoiseSVN (and disciplining them to use locks), and the Subversion experience is not intuitive to the "non-developer". KnowlegeTree has a much more intuitive flow for documents. However, Subversion can use WebDav as its interface, so the transition may not be too rough. Subversion is very traffic efficient (in my opinion). The latest version of Subversion (1.5.x) allows you to mirror your repositories. Since most of the traffic is of a "read nature", mirroring your repositories will drastically reduce your WAN traffic. In fact, the only traffic across your WAN (if I understand the technology correctly) is the "diff" between the old document version and the new document version. Because both of these solutions (Subversion and KnowlegeTree) work with Apache, you can authenticate to them using your Windows user base (either through mod_auth_kerb if you are using Active Directory or another Kerberos), or through mod_authnz_ldap to your Samba PDC (if you are using NT, there is also some way to authenticate to it, but I have never used it). However, fine grained file permissions in Subversion are a pain to set up and maintain, so if your ACL's run 40 lines each and are different for every file, stick to something else. If you do go with Subversion, I recommend using Insurrection as a front-end to mod_dav_svn. Insurrection is very difficult to set up, especially if you need SSL support for it. But the time is worth it, since it gives a great user front-end for repo browsing. Throw in the Firefox TortoiseSVN menu plug-in, and you are good to go. If the files are large and primarily read-only, set up a master server at one office, and mirror it to the other offices using rsync. Set up the remote samba servers as read-only, and the problem is solved efficiently. I don't know if rsync preserves ACL's, but I heard there was a patch in the wild somewhere... I was very pleased how the Subversion solution came out, but I never set up remote mirrors for anything other than read-only backups. We added Trac for project and issue management, and made the non-developer staff use it. The working-copy thing was tough for them to get used to, but the webdav access worked well for them. I just think straight Samba servers may be the wrong tool for what you are trying to do, though they may appear to be the simplest solution. - Scott Bill Baird wrote:> My company is approx 200 users. We have 10 offices each with 5-30 users > each. A few offices work independently, but there has been a lot more > inter-office work lately. I am looking for a way to provide fast local > access to files stored in the same office as the user, but also acceptable > performance for inter-office file transfers. > > We are currently using Oracle Drive for a central file server, it utilizes > WebDAV and has good performance over the WAN. There are samba & adaptec snap > servers for local file access, but these are currently only accessible when > in the same office as the local server. > > - I have done a lot of research and demoing of OpenAFS (even went to their > conference last month!). While it is a true distributed filesystem; it is > very complex to setup, requires client software, requires a kerberos server > and seems to have a lot of quirks of its own. I don't think I am ready to > trust that... > > - I have been trying to figure out a way to have Samba servers in each > office that would mount remote servers/folders via NFS. This would provide > access from the local server with hopefully better speeds for remote files > (NFS is my experience has been much faster over WAN links). But I'm not sure > how file locking will work. From searching, it seems that samba/nfs locking > isn't reliable. What is the current status of this? I also saw in Samba 3.2, > the CTDB project is becoming more mature. Would this be a possibility? Or is > that really only for clusters on a fast local network? > > - There is MS DFS, but we really don't want to implement MS servers. > > - ?? > > I have been searching and searching, but haven't found anything that would > solve our problem...so I'm hoping someone can help! Any suggestions would be > greatly appreciated. Thank you! > > --Bill >
What types of files are you trying to share? If they are primarily small (under 100meg) files that you need read/write access to (especially documents), you might want to adopt some type of document management system like KnowledgeTree instead of using Samba. I suggest this not only because you get document management features, but KnowlegeTree works over http, and if you are using webdav you already have an Apache infrastructure set up. At my last job, we used Subversion for the same purpose: distributed document management. However, using it for distributed document management requires training the staff to use TortoiseSVN (and disciplining them to use locks), and the Subversion experience is not intuitive to the "non-developer". KnowlegeTree has a much more intuitive flow for documents. However, Subversion can use WebDav as its interface, so the transition may not be too rough. Subversion is very traffic efficient (in my opinion). The latest version of Subversion (1.5.x) allows you to mirror your repositories. Since most of the traffic is of a "read nature", mirroring your repositories will drastically reduce your WAN traffic. In fact, the only traffic across your WAN (if I understand the technology correctly) is the "diff" between the old document version and the new document version. Because both of these solutions (Subversion and KnowlegeTree) work with Apache, you can authenticate to them using your Windows user base (either through mod_auth_kerb if you are using Active Directory or another Kerberos), or through mod_authnz_ldap to your Samba PDC (if you are using NT, there is also some way to authenticate to it, but I have never used it). However, fine grained file permissions in Subversion are a pain to set up and maintain, so if your ACL's run 40 lines each and are different for every file, stick to something else. If you do go with Subversion, I recommend using Insurrection as a front-end to mod_dav_svn. Insurrection is very difficult to set up, especially if you need SSL support for it. But the time is worth it, since it gives a great user front-end for repo browsing. Throw in the Firefox TortoiseSVN menu plug-in, and you are good to go. If the files are large and primarily read-only, set up a master server at one office, and mirror it to the other offices using rsync. Set up the remote samba servers as read-only, and the problem is solved efficiently. I don't know if rsync preserves ACL's, but I heard there was a patch in the wild somewhere... I was very pleased how the Subversion solution came out, but I never set up remote mirrors for anything other than read-only backups. We added Trac for project and issue management, and made the non-developer staff use it. The working-copy thing was tough for them to get used to, but the webdav access worked well for them. I just think straight Samba servers may be the wrong tool for what you are trying to do, though they may appear to be the simplest solution. - Scott Bill Baird wrote:> My company is approx 200 users. We have 10 offices each with 5-30 users > each. A few offices work independently, but there has been a lot more > inter-office work lately. I am looking for a way to provide fast local > access to files stored in the same office as the user, but also acceptable > performance for inter-office file transfers. >
On Thu, Jul 10, 2008 at 02:10:40AM -0400, Bill Baird wrote:> > - I have been trying to figure out a way to have Samba servers in each > office that would mount remote servers/folders via NFS. This would provide > access from the local server with hopefully better speeds for remote files > (NFS is my experience has been much faster over WAN links). But I'm not sure > how file locking will work. From searching, it seems that samba/nfs locking > isn't reliable. What is the current status of this? I also saw in Samba 3.2, > the CTDB project is becoming more mature. Would this be a possibility? Or is > that really only for clusters on a fast local network?Re-exporting via NFS works, but not for a multiple-node site sharing the same data.> - There is MS DFS, but we really don't want to implement MS servers.Samba supports MS-DFS. Whatever you want to build with MS-DFS you can build with Samba servers. Jeremy.
On Thu, Jul 10, 2008 at 3:05 AM, Scott Grizzard <scott@scottgrizzard.com> wrote:> What types of files are you trying to share? >> > > Most files are in the under 25MB range. > >> >> If they are primarily small (under 100meg) files that you need read/write >> access to (especially documents), you might want to adopt some type of >> document management system like KnowledgeTree instead of using Samba. I >> suggest this not only because you get document management features, but >> KnowlegeTree works over http, and if you are using webdav you already have >> an Apache infrastructure set up. >> > > We are actually using KnowledgeTree right now for sharing files with > client/vendors. Oracle Drive provides the same features, but is actually a > bit better (minus cost). They have a windows client that maps network drives > (similar to WebDrive) and a great web interface. We could move to KT, but > this doesn't solve our problems of a distributed environment. We would still > have to setup multiple servers and users would have to contact each one > individually. > >> >> At my last job, we used Subversion for the same purpose: distributed >> document management. However, using it for distributed document management >> requires training the staff to use TortoiseSVN (and disciplining them to use >> locks), and the Subversion experience is not intuitive to the >> "non-developer". KnowlegeTree has a much more intuitive flow for documents. >> However, Subversion can use WebDav as its interface, so the transition may >> not be too rough. >> >> Subversion is very traffic efficient (in my opinion). The latest version >> of Subversion (1.5.x) allows you to mirror your repositories. Since most of >> the traffic is of a "read nature", mirroring your repositories will >> drastically reduce your WAN traffic. In fact, the only traffic across your >> WAN (if I understand the technology correctly) is the "diff" between the old >> document version and the new document version. >> >> Because both of these solutions (Subversion and KnowlegeTree) work with >> Apache, you can authenticate to them using your Windows user base (either >> through mod_auth_kerb if you are using Active Directory or another >> Kerberos), or through mod_authnz_ldap to your Samba PDC (if you are using >> NT, there is also some way to authenticate to it, but I have never used it). >> However, fine grained file permissions in Subversion are a pain to set up >> and maintain, so if your ACL's run 40 lines each and are different for every >> file, stick to something else. >> >> If you do go with Subversion, I recommend using Insurrection as a >> front-end to mod_dav_svn. Insurrection is very difficult to set up, >> especially if you need SSL support for it. But the time is worth it, since >> it gives a great user front-end for repo browsing. Throw in the Firefox >> TortoiseSVN menu plug-in, and you are good to go. >> >> If the files are large and primarily read-only, set up a master server at >> one office, and mirror it to the other offices using rsync. Set up the >> remote samba servers as read-only, and the problem is solved efficiently. I >> don't know if rsync preserves ACL's, but I heard there was a patch in the >> wild somewhere... >> >> > In our environment, some data is read-only. But with more & more > inter-office work, they are constantly needing to share read/write files. > > >> >> I was very pleased how the Subversion solution came out, but I never set >> up remote mirrors for anything other than read-only backups. We added Trac >> for project and issue management, and made the non-developer staff use it. >> The working-copy thing was tough for them to get used to, but the webdav >> access worked well for them. >> >> I just think straight Samba servers may be the wrong tool for what you are >> trying to do, though they may appear to be the simplest solution. >> > > I will take a look at subversion, thanks! > > >> >> - Scott >> >> Bill Baird wrote: >> >>> My company is approx 200 users. We have 10 offices each with 5-30 users >>> each. A few offices work independently, but there has been a lot more >>> inter-office work lately. I am looking for a way to provide fast local >>> access to files stored in the same office as the user, but also >>> acceptable >>> performance for inter-office file transfers. >>> >>> >> >> -- >> To unsubscribe from this list go to the following URL and read the >> instructions: https://lists.samba.org/mailman/listinfo/samba >> > >