Powerpoint - SLAC Project Website Server
Download
Report
Transcript Powerpoint - SLAC Project Website Server
Towards a tool for common sysadmin tasks
under UNIX and NT - A proposal
Wolfgang Friebel
DESY
Oct 6, 1999
VAMOS system administration
1
Motivation
New tasks for Sysadmins to cope with
Increasing interdependence between UNIX and NT admin tasks
managing AFS volumes and AFS home directories
common password management for UNIX and NT users
presently used tool GenuAdmin not prepared for future tasks
registering hosts for DNS
shared (AFS) directories for users
mail access and delivery
Rising number of tools and potentially inconsistent data collections
Oct 6, 1999
need to manage Oracle tables (user registry, phone book, …)
keep configuration files up to date ( for DNS, NIS, printer support, …)
influence of asset management on system administration
VAMOS system administration
2
Present situation
In use at Zeuthen (UNIX)
In use at Hamburg (UNIX)
GenuAdmin for registering users and configuring services
sue/cfengine for installing systems and administering software
logserver and prlog to analyze logfiles
access database for rudimentary asset management
qddb based user registry
Tcl/Tk based tool to administer AFS and DFS volumes
salad/wboom for installing systems and administering software
In use for NT
Oct 6, 1999
tools accessing Oracle databases and NT internal data (see talk by
Christian Trachimov, DESY)
VAMOS system administration
3
Deficits
Tools are incompatible to each other
Similar tasks get solved with differing methods
Tools are not extensible/flexible enough
Tools are usually not running on multiple platforms
The same data are stored in several locations and are to a certain
percentage inconsistent to each other
Access to the data is often done with dedicated programs
Oct 6, 1999
VAMOS system administration
4
Why not commercially available tools
Candidates are
Unicenter, Tivoli, HP Open View, ...
Tools provide a framework and some basic functionality
Tools will require extensive adaptation and configuration work
Tools will not cover all “exotic” solutions (e.g. AFS, krb4, DCE, …)
Tools are very expensive
Cost effectiveness probably only for very large installations
Number of items to handle is small in terms of a database ( O(1000) )
Tasks are presently solved with relatively simple tools
Oct 6, 1999
VAMOS system administration
5
Our proposal: Project VAMOS
A Versatile Administration tool in a Multi OS environment
Aims of the project
step by step replacement of existing tools by creating a set of programs
with identical underlying mechanisms
Creation and management of consistent data collections and its efficient
storage in databases
Development of interfaces to existing data sources
modular object oriented design of
Oct 6, 1999
interfaces to data
user interfaces
administration modules
platform independent system management and access to data
Creation of reliable and scalable tools without single points of failure
VAMOS system administration
6
Expected results
Consistent description of work and data flows in the computer center
Synergy effects by merging similar mechanisms on different platforms
Further automation of the system management, release of manpower within
a larger time scale
Education and training on the fields of modern software concepts
(OO design, UML, CORBA, DCOM, XML)
Reuse of software for other projects
Use of the tools to be developed outside the computer center / at other sites
Oct 6, 1999
VAMOS system administration
7
Design criteria
OO design as opposed to procedural design
Modularity, necessary modules:
Oct 6, 1999
User Interfaces (Command line, Tk based, WWW based, ASCII, …)
Authentication, Authorization, Encryption (Kerberos, ...)
SQL Database Interfaces (Oracle, mySQL, Access, flat files, …)
Interfaces to other data sources (db, dbm, LDAP, NT registry)
Logging, change management (syslog, history databases)
Communication modules (Client/Server, Proxies, RPC, …)
Administrative modules (configuring the OS, file system tasks (AFS,
NFS, ...), process mgmt, subsystems (NIS, DNS), software repository,…)
VAMOS system administration
8
Design criteria(2)
No dependence on data locations and data access methods
fetch (inconsistent) data from anywhere (using common interfaces)
make consistency checks
store consistent data for later retrieval (ODBMS or RDBMS)
uniform description of data sources and acces rights (metadata)
Platform independence as far as possible
Class design and documentation using UML
Project documentation in a format, that can be converted to XML
Oct 6, 1999
VAMOS system administration
9
The language choice: Perl
Popular choices: C++, Java, Perl, Python, Eiffel, Smalltalk (others?)
Knowledge of C++ and Java not sufficient for such a project
Perl is THE language for system administrators
Huge number of modules centrally maintained (1000, quickly rising)
Major admin tasks already well covered
(Database support, NIS, AFS, LDAP, NT registry…)
Wide range of available user interfaces
(WWW, Tk, gTk, xforms, curses, …)
Rapid prototyping, short development cycles
“You can write faster programs in C, but you can faster write programs in perl”
essentially all OO features (multiple inheritance, encapsulation, …)
Oct 6, 1999
VAMOS system administration
10
Proposed architecture
Client(s)
(G)UI
DB server
Comm
Comm
Auth
Crypt
Crypt
ORB
App servers
App Server 1
App Server 2
App Server 3
Log
DBI
Oct 6, 1999
Data
VAMOS system administration
11
Modularity: Example Data access
Access
Oracle
mSQL
ODBC
CSV File
Database specific drivers (DBD)
slapd
Database engines
LDAP
API Layer (perl)
Generic Database interface (DBI)
Data access methods (get, update, check,...)
DBI Layer (perl)
VAMOS Layer
Application
Oct 6, 1999
VAMOS system administration
12
Managing the project
Description of the project in varying detail, identification of
components, describing required data and processes, …
Modeling the project with classes and methods
Definition of milestones
Quality management by
formal test suites
coding rules
external test by an independent group
Establish the project team and assign tasks
Oct 6, 1999
VAMOS system administration
13
Milestones
Already achieved
Access to databases (Oracle, m(y)SQL, Access, flat file)
Installation of tools: perl on UNIX and NT, Rational Rose
UI design , simple implementation for perl/Tk, plain ASCII
demo of simple WWW user interface
Sample program demonstrating DB access, (G)UI and Client/Server
Kerberos password administration (still with old GenuAdmin tool)
October 99
Oct 6, 1999
Authentication, authorization, encryption, logging
VAMOS system administration
14
Milestones (2)
December
Class definitions for NetNode and User classes
Design of a new user registry
AFS volume management module
Prototype of a new user registry (password, quota, finger info)
till 3/2000
Oct 6, 1999
User registry (final version)
Host management tool
Software registry
VAMOS system administration
15
Tested modules
UI (ASCII, Tk)
(similar solution for WWW in Linux Magazin 5/99 )
DBI/DBD both from NT and UNIX
Access to Berkeley db and dbm files (NIS)
Socket communication UNIX<->NT and proxy servers
Quota management (read, write including AFS!)
AFS module (adding a new user with directories, quota, ACLs,
Kerberos account data, group management (pts)) vos suite missing
Kerberos4 authentication/authorization
existing but not tested
Oct 6, 1999
Access to NT registry, NT admin tasks, LDAP, UNIX df and ps interface,
syslog, ...
VAMOS system administration
16
Sample class design
UML definition of a NetNode (host, printer, switch, …)
Oct 6, 1999
VAMOS system administration
17
A simple application
Platform independent access to data
in various databases using several
user interfaces
Oct 6, 1999
VAMOS system administration
18
Status of VAMOS
Initial proposal spring 1999
Demonstration of the concepts already done for various parts
Progress very slow due to lack of manpower
at the moment few enthusiasts at Zeuthen
part time help by two students (starting Oct 99)
Real application (e.g. Quota mgmt) expected by end of 1999
Essential parts planned for II/2000 (including UNIX/NT userreg)
Project already 3 months late compared to initial planning
Project might fail without additional resources
Oct 6, 1999
VAMOS system administration
19
Further information
Mailing list [email protected]
mail to [email protected], “subscribe” in mail body
Files in /afs/ifh.de/project/VAMOS (CVS repository)
Books on OO, Perl, UML, ...
Oct 6, 1999
VAMOS system administration
20