| What is it? | Justify | Functions | On Desktop | Details | Installation | Top |
When you specify computer hardware, the correct order to consider issues is this:
The new machine is replacing an existing desktop system which acts as a home server. Its current jobs are extensive in number, but not in CPU power required. In addition, the new machine is being considered for a role at work in a student computer lab, and so it will be set up for a full-bore desktop role, evaluated and reported on. The desktop features will be removed, or at least de-emphasized, when it goes into production as the home server.
These are the home server's tasks. For most services (marked *), each other (UNIX) host on the internal net has a slave server so it can operate autonomously. Only clients on the internal net can connect to these services (with one exception).
Gateway: routes packets between the internal network and the DSL line. This function includes an aggressive firewall written by jimc: internal hosts can connect to any outside IP and port they want, but session-beginning packets from outside are dropped (with one exception for SSH). On the DSL line we obtain an IP address as a DHCP client, using the dhclient program.
Wireless network: presently served by a separate access point, a Linksys WRT54G running OpenWRT. I hope to integrate this function on the home server, and to supervise wireless traffic with the same firewall that handles the wired traffic.
VPN* terminus: makes a secure, encrypted, authenticated tunnel to a remote partner, which in my case is the gateway at work. The main reason I use a VPN is not privacy (encryption) but to get access from home to services normally available only to machines on the work net. Software: OpenVPN.
DHCP server: assigns IP addresses to hosts on the home net that do not have fixed IPs, such as laptops. Software: dhcp-server from ISC.
DNS* server: translates between hostnames and IP addresses. This server is authoritative for the home domain, and interacts with outside DNS servers for wild-side addresses. Software: BIND.
Kerberos* authentication. Some sites, but not this one, handle both Windows and UNIX authentication with a UNIX Kerberos server. Software: MIT Kerberos 5.
NTP* time synchronization. Software: xntp.
IPP printing. This protocol can be used by both UNIX and Microsoft Windows. Software: CUPS.
Image scanning. Software: SANE.
SSH* shell access. This protocol uses RSA Public Key Infrastructure to authenticate a remote client, and establishes an encrypted channel so private information (specifically, passwords) cannot be intercepted without a brute-force exploit against the crypto algorithm. The firewall allows my work IP address range to connect from the global internet. Software: OpenSSH.
XMPP/Jabber instant message server. Using the SSH firewall hole, I can tunnel through to XMPP from my work machine. Software: jabberd.
HTTP* web portal; Content includes photo albums, music and distro software, plus remote control of the machine's DSL and VPN. Software: Apache.
Backup storage and burning on removeable media. Clients back up data to an area on the server, which is burned to CDs periodically. The backup procedures and software are locally written, using generic command-line burning tools: formerly cdrdao, now wodim.
SMTP* outgoing mail handling; but in practice the mail client sends direct to the work MX or mail service's MX. Software: Postfix.
Evaluations may be found here of these Desktop Environments:
The AMD Geode clearly is aimed at the market for set-top boxes. These devices receive compressed audio-video data, decompress it, and show it on a TV set and accompanying speakers. Given my limited testing of video playback in the Linux desktop context, I imagine that the AMD Geode is well able to do the set-top box task. The Koolu would probably make a decent simple playback node for a media distribution system, but it has a few limitations. First, the VGA video output is a bit low-tech and a HDMI output could not be kludged together (I think). Second, the sound is AC'97 type, just two channel stereo. But it should be possible to buy a USB sound module that can put out surround sound. Third, a true media center machine needs to be able to compress video at the same time it decompresses, and the Geode LX 800 definitely does not have enough CPU power to do both tasks at once. (Perhaps a proocessor from the Geode NX series would be powerful enough.)
To support these various jobs we are using, or will use, this hardware infrastructure:
Processor selection itself was not highly formalized. Starting about
2006-08, about 1.5 years ago, I intermittently did research on low power
machines. Early in 2007 I discovered the
Linutop, which is very much like the Koolu but is marketed in the European
Union, a problem for availability. I was impressed by
this Buddhist student's review comparing several
thin client
candidates and how to use them, and affirming favorable
comments I had seen about the Koolu.
The gateway function requires two network interfaces. One will be the onboard NIC. The NIC serving the DSL line on the old server is an add-in PCI card; on the Koolu it will be a USB NIC. Purchased: SMC, SMC2209USB/ETH, 10/100/200 MHz (full duplex), $25 from Newegg.
The wireless network function, if successful, will be served by a USB wireless device. We have a disused Netgear WG111v2; we'll see how well it works.
The printing and scanning functions are served by the existing Epson CX4800 combination device, which connects by USB.
Backup, media and distro storage require disc space and are outgrowing the 40 Gb drive in the desktop machine. Current disc space commitments are:
For the Koolu I bought a Seagate
Momentus
ST9160821A laptop drive, Ultra ATA/100, 160 Gb at 5400
RPM, $100 from Newegg. A SATA variant is available at the same price, for
motherboards that support it (not the Koolu). An 80 Gb drive from a different
vendor is available preinstalled from Koolu for the same price.
For burning backup discs the old machine has a NEC ND-3550A DVD_RW burner. I plan to take it out and put it in an external enclosure connected by USB. I got the INOi DW560C-0000 5.25" USB & 1394 ODD External Enclosure, $30 from Newegg.
The Koolu (and other machines in this class) typically come with these peripherals:
I'm going to have these USB devices attached:
With this many USB devices I am going to need a hub. The one I got was the IOgear GUH227 (7 ports), $28 from Newegg. I plan to attach the burner and the hub directly to the Koolu, and everything else to the hub.
Power distribution is going to be an issue; I am going to have to get a new plug strip with jacks oriented sideways so wall warts will fit. Power requirements are:
| CPU (Koolu) | Plug & box | Was a plug |
| Monitor | Plug & box | Existing |
DSL modem (Westell Weasel) | Wall wart | Existing |
| Ethernet hub, 4 ports | Wall wart | Existing |
| Printer | Plug | Existing |
| Burner Enclosure | Plug & box | New |
| USB hub | Wall wart | New |
| Miscellaneous | Plug | E.g. desk lamp |
I got the DirectUPS SP9X, 9 jacks plus phone and coax protection, 540 joule surge suppression. Space for 3 wall warts (or plugs) plus 6 plugs, or 6 wall warts. $14 from Newegg.
So the total cost of new hardware infrastructure, in addition to the Koolu itself, was $197.
| What is it? | Justify | Functions | On Desktop | Details | Installation | Top |