[Setup-tool-hackers] distributed administration

From: Diego <dggonz yahoo com>
To: setup-tool-hackers <setup-tool-hackers ximian com>
Subject: [Setup-tool-hackers] distributed administration
Date: 07 Feb 2001 20:53:51 +0100
Hello


    I've been thinking for several months about building a distributed
    administration system that would use some of the stuff built by for
    the ximian-setup-tools.

    This systema is something like this:

    Functions that the system has to be able to perform:

        1) Administration of groups of workstations based on Unix,
        configuration, software installation, backups, etc.

        2) Administration of  servers or groups of them and clusters of
        high availability, configuration, software instalation and
        maintaince, security and performance management.

        3) Administration of net devices (computers that are use as net
        devices) based on Uinux: routers, bridges, firewalls etc, the
        system would handle: software instalation, configureation,
        maintainance and management of security profiles both, at host
        level and at network level.

    In each computer to be managed an agent should be installed, this
    agent would be responsible of collecting metrics, launching daemons,
    and launching the scripts that would translate the config files into
    and from XML (like the ximian tools). Regarding the gathering of
    performance metrics this daemon would pass a first filter to all the
    local metrics gathered, and then send the metrics to the "Group
    Master" where they will be stored and furthered filtered for future
    analysis.

    The would be two types of agents: Pangea and Gondwana, the first on
    them would be able to handle a group of computers running Gondwana,
    the computers running Gondwana "talk" to their "Group Master", never
    to the administration console to avoid a lot of communication, in
    this way, i think, the communication will be reduced to the minimun.
    I also think that this structure simplifies the management to large
    groups of similar configured computers.

    Upon the installation of Gondwana the daemon would gather
    information about the hardware, configuration and software of the
    system in wich it is installed, this information will be sent to the
    "Group Master", where it will be stored, and then, this would be
    resend to the admin. console, thus the local and global
    administration would be quite faster, as the state of the hosts
    would be known without the need for any communication.

    The system would also need to let the manual configuration (i mean
    editing config files in place), this would suppose a risk because al
    the configuration would run out of sync. to avoid this problem,
    diferent systems would could be used: fam/imon, or de dnotify
    interface available in 2.4.X kernels. Gondwana would be notified of
    the changes and send them to the "Group Master".

    Note that the Pangea agent would be a "dual" agent, it would work as
    Pangea "Group Master" for configuring it associated computers
    running Gondwana, and as a Gondwana to let the administration of the
    host in with it is installed.


    Ok, i know that you are thinking about implementing some kind of
    clustered configuration method, what i propose here is quite more
    ambitious. I also know that one of your primary objetives and
    worries is about the security of the system. I cannot do anything
    about encryption, ORBit2 should solve this problem, but there is
    another general problem consisting on the authentication that would
    be needed to connect to the agents, this is a general problem in
    Bonobo becuase i think it should provide such a framework, i guess
    that Bonobo would provide this in the future, but i probably would
    need to implement some authentication system...

    Any way, are you insterested on this?, do you have any idea,
    questions?



    Diego



_________________________________________________________
Do You Yahoo!?
Get your free @yahoo.com address at http://mail.yahoo.com


_______________________________________________
setup-tool-hackers maillist  -  setup-tool-hackers@helixcode.com
http://lists.helixcode.com/mailman/listinfo/setup-tool-hackers
Follow-Ups:
- Re: [Setup-tool-hackers] distributed administration
  - From: Chema Celorio
[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]