5.4. Centralized versus distributed management
This section applies to those organizations
that have multiple system
administration groups, each responsible for different departments
within the organizations. If your organization has centralized remote
control of all soft administration, then these issues will be of less
interest to you.
[8]
NIS lends itself to allowing you to give system administration groups
for a given department within your organization responsibility for
maintaining the department's NIS maps without the need for
centralized control. However, the nature of hostnames, host
addresses, and domain name management is that some central controls
or rules are necessary in order to prevent mistakes in one department
from affecting other departments and beyond.
There are at least three basic approaches to consider for managing
hosts and domains.
- Complete centralization
-
In this model, if someone wants an IP address, he or she contacts a
single central committee to get one; the chances of errors are as low
as possible, but the latency in getting requests honored is the
longest. Adding new subdomains is also centralized. In this model, as
there are specific system management groups managing the non-hosts
NIS maps for a given department, it is not practical to manage hosts
via NIS; you would use DNS exclusively.
- Federation
-
In this model, the central committee has delegated
responsibility for portions of the IP address space to individual
groups responsible for a DNS subdomain. In this model, either a DNS
or a hybrid NIS/DNS model for managing hosts works (such as via the
technical rules listed in Section 5.3, "Fully qualified and unqualified hostnames" earlier
in this chapter). If the individual groups are using DNS to the
exclusion of the NIS hosts map, then there is little work for the
central committee other than to maintain the mapping of subdomains to
subdomain name servers. The central committee, of course, is
responsible for adding or deleting subdomains. If the individual
groups use NIS for local hostname information, then the central
committee would maintain the entire DNS infrastructure by
periodically gathering host map information from each group. This
could be done automatically.
- Complete decentralization
-
Each system administration group has the autonomy to modify its NIS
host maps as well as the authority to modify the common DNS database.
Such a system will not scale as the number of subdomains and system
administration groups rises. With too many authorized players, it
will be hard to track down problems caused by mistakes, not to
mention avoiding duplicate efforts.
| | |
5.3. Fully qualified and unqualified hostnames | | 5.5. Migrating from NIS to DNS for host naming |