ServerLand and NetworkWideUpdates considerations

Filippo Spike Morelli fsm at spikelab.org
Mon Jan 16 01:46:31 UTC 2006 

Hi,

just jumped in so, hello everybody.

I'm currently reading up specs and stuff to tune in with the -server 
development, and doing so I happened to read the two pages mentioned in 
topic:
.1 https://wiki.ubuntu.com/NetworkWideUpdates
.2 https://wiki.ubuntu.com/ServerLand

1 is obviously a subset of 2 (so 2 should link 1).
2 mentiones cfengine, and that's what I'd definitely use (see comments later) 
to implement 1. Cfengine perfectly fits the features listed in "Scope and Use 
Cases" paragraph. It might not be strightforward and elegant in some 
parts,compared to the proposed one, but it's definitely doable and, if we go 
that way, we already have in place the structure to implement 2.

- Comments about cfengine
Actually, rather than cfengine I'd use puppet[1], which could be said to be 
the next-generation cfengine. Quoting from the faq[2]:

"The overall design is heavily influenced by cfengine, but the language is 
more powerful than cfengine's and the library is more flexible. In addition, 
Puppet's client and server use standard protocols like XMLRPC and are easy to 
enhance with new functionality, so they are well-positioned to become the 
platform for the network applications of the future, while cfengine's client 
and server rely entirely on cfengine-specific protocols and are quite 
difficult to enhance."

For more details you can see "How Puppet compares to Cfengine" page [3].

Besides technical details let me quote something I consider very important:

"Puppet will be supported by an organization[4] dedicated to creating the best 
system automation software, and I expect to have a staff of at least a few 
people dedicated to development, support, consulting, and custom development. 
Constrast this with cfengine, which is supported by a professor whose primary 
use for the software is in research into anomalies."

Puppet is written in ruby
Puppet is licensed under GPL.

There are only 2 cons I can see: 
- puppet is newer than cfengine
- cfengine can be run in windows under cygwin, puppet isnt supported yet (it's 
being worked on)

Nonetheless puppet is moving *much* faster than cfengine, and via ruby's 
windows port you can have something running natively instead of the cygwin 
"hack" (cyg->cfengine->activeperl->Win32::OLE),which is better when deploying 
nodes.

- A long shot: ServerLand, runnels[5] and Adminotaur
ServerLand saying "Using plenty of pre-existing F/OSS apps" has an important 
implication:  that plenty of FLOSS must talk to each other and/or to the 
ServerLand "server". Now, the problem with this is a common language all the 
apps speak, and runnels happens to be the answer:

"Runnels is a new project to create a networked message bus for passing 
information between system administration applications. The basic idea is 
that different applications across the network would produce and/or consume 
small chunks of data on the message bus."

Runnels is *very* cool and incidentally is developed by the same guys of 
puppet, with obvious benefits for integration, support, and development of 
the ServerLand project.


Runnels is released under GPL
Runnels uses xml-rpc as IPC

Last comes Adminotaur, which is a project of mine.

<disclaimer>
In no way I'm trying to advertise my project, and things I mention here are 
only because of their relevance with the ServerLand project.
</disclaimer>

There's no code yet but the design is sort of done, hopefully I'll put online 
a page with the specs soon. The project aims to collect and process messages 
produced by systems it controls (dispatched by runnels), and render them in a 
web interface. In concepts it's very similar to OS-SIM[6], but for the fact 
it's not targeted at security but at a more generic system administration.
Compared to ServerLand it's just a small subset.I dont aim to create a control 
panel, rather, when I started Adminotaur, I had in mind a ticketing system 
and was looking for:
- grouping and displaying events in a cohesive way.
Example: nagios/munin/cacti alerts, available system updates,commit of a 
config file managed under RCS
- be able to turn any event into a ticket or refer to it into a ticket
Example: nagios detects a service problem and that automagically becomes a new 
ticket the admin can then solve and close, maintaining an history.
- be able to have a complete networks and systems overview
Example: all the systems should be registered within the application, so the 
admin can easily access a report of the machines status, installed 
applications,available updates and so on. A map of the network should be also 
autobuilt, nagios like.
- offer a wiki/diary so the admin can easily make a note of info and things
- offer the ability to define a "job". A "job" doesnt depend on a ticket but 
is something like a new project the company starts, which might imply stuff 
like a new set of dedicated servers. The admin should be able to define a 
gantt like schema, with resources involved,timeline,milestones and so on.
- BE ABLE TO CORRELATE EVERYTHING OF THE ABOVE.
Example: 
1) system runs out of disk space
2) that becomes a ticket
3) the admin is notified
4) the admin investigates the problem and finds out it depends on bad option 
the FS has been formatted with, which caused it to run out of inodes. Doing 
so he/she finds some interesting links documenting the issue and makes a note 
of them.
5) the admin fixes the problem
6) If necessary someone is notified of that
7) this could happen during the development of a new project, causing a 
release date to be postponed.

the advantages offered by being able to correlate all those events are 
enormous imho, of course proportional to the complexity of the network and 
number of admins. With such system it's also easier to generate reports for 
upper management and the like, they all love those nice graphs and 
schemas :).

Adminotaur will be released under GPL
Adminotaur will be probably based on Trac[7], unless I decide to go with ruby.


-------------- Conclusions -------------- (Sorry for the long post.)
I'm not yet enough into ubuntu to understand all the implications and 
problems, but to me, investing time on puppet is the best solution for both 
"ServerLand" and "NetworkWideUpdates", and maybe more.


bye

Spike

[1]http://reductivelabs.com/projects/puppet/
[2]http://reductivelabs.com/documents/faq
[3]http://reductivelabs.com/projects/puppet/documentation/notcfengine
[4]Reductive Labs http://reductivelabs.com/
[5]http://reductivelabs.com/projects/runnels/
[6]http://www.ossim.net/whatis.php
[7]http://www.edgewall.com/trac/

-- 
"And then the lord said to John: "Come forth and gain eternal life."
But John came fifth and won a toaster."
					
						some guy on irc

More information about the ubuntu-server mailing list