managing servers...

Scot L. Harris webid at cfl.rr.com
Sun May 29 13:58:42 UTC 2005 

On Sat, 2005-05-28 at 21:30, bruce wrote:
> appreciate the info...
> 
> however, i wasn't looking at how someone would setup an oscar type of
> situation... my issue is what tootls would one use to easily configure a
> server/multiple servers...
> 
> as far as i can tell.. there are apps that are good at certain functionality
> (control panels), nogios, etc... nut you don't have a good comprehensive
> tool that would allow someone to easily setup a really good
> ftp/webserver/etc.. and know that it's solid...
> 
> linux still requires a great deal of hand/command line functions to make it
> work...
> 
> i'm envisioning an open source kind of app that combines functionality of
> the control panel (cpanel/plesk/etc..) with what's going on at sourcelabs...
> with the ability to mangage the network.. and all of this fro a gui kind of
> interface..

As stated previously there is not going to be a single tool to do all
the things you listed.  You really need to get at least a basic
understanding of each service you are deploying.  And that means
understanding the under lying configuration files.  Covering that stuff
up with a GUI is IMHO a disservice.  An admin that relies on such tools
will find it difficult to trouble shoot a serious problem when it
occurs.  

A good example of that is YAST from the SUSE distribution.  That
probably comes closest to what you are asking for.  But an admin can get
into all kinds of problems using it if any changes are made to the
config files out side of it, and the admin does not know what files YAST
changes behind the scenes.  As such the admin is left being able to do
what YAST lets them do and nothing more.

If you have the underlying understanding of the systems and packages you
are using you will be better off assembling a collection of tools that
will make managing large numbers of servers easier.  This goes back to
the basic unix philosophy, select or build a tool for a specific purpose
that does that job really well and set it up so it can be integrated
with other tools easily.  That way you can get the best in each class of
tool.

Concentrate on the following broad categories, monitoring, management,
and reporting.  There are tools that will help you do each of these.  

There are any number of good monitoring tools, HP Openview, BMC Patrol,
Big Brother, Nagios, Opennms.  Management is a little more difficult due
to the moving target that systems present.  Webmin is not to bad.  And
there are the various system- tools that come with Fedora (you could
write a very simple panel tool that lets you select each of those as
needed), however even the system tools don't let you make all of the
types of changes that an admin would typically like to make.  

For management I personally believe you need to concentrate on each
service that you are supporting.  Get the tools that make setting up
that service easier for you, for example, web servers with virtual hosts
can easily be setup with vhost from http://chaogic.com/vhost.  Setup a
local yum repository that you use to install all your software from. 
Before releasing software to your local repository run it through a
couple of test systems first so you can run regression testing to make
sure things won't break in your production environment.  Setup intrusion
detection systems such as tripwire and snort.

Develop good change control processes with appropriate back out plans. 
Have disaster recovery plans in place and tested periodically.  Keep
good backups of all important data so if you need to recover a system
you can.  Run periodic security scans on your systems using chkrootkit
or similar packages.  Read roots email every day.  Review your log files
regularly for any odd entries.

Being a good systems admin is hard mostly thankless work.  And if you
are really good at that job your users won't know you are there. 
Because things will just work.

In the long run you will find that using specific tools for each
service/application will be easier than having to wait on an upgrade to
some monolithic management tool so you can run the latest version of
samba.


-- 
Scot L. Harris
webid at cfl.rr.com

La-dee-dee, la-dee-dah.

More information about the users mailing list