RE: managing servers...

From: bruce (bedouglas_at_earthlink.net)
Date: 05/29/05

  • Next message: Dotan Cohen: "Re: hp-IPAQ 4150 support on Linux" 
    To: "'For users of Fedora Core releases'" <fedora-list@redhat.com>
Date: Sun, 29 May 2005 08:25:26 -0700

    scott,

    your points are valid, and work well for someone who has the expertise/time
    to really get comfortable, and to know what's going on... but i'm
    envisioning a market/targeted customer base of people who don't have that
    level of expertise, nor do they want to go there...

    as an example, i have 10-15 servers... i'm not an admin, and for the things
    that i'm working on, i don't want to be one... however, i'd still like to
    know that the boxes are corectly setup for the given functions.. right now,
    i don't. as i said, my gut tells me that a combination of the control
    panels/sourcelabs.com with monitoring, and some other functionality would be
    useful...

    not everybody wants to live at the edge.. in fact, a lot of people want
    something that works, that's stable, and that's tested...

    -bruce

    -----Original Message-----
    From: fedora-list-bounces@redhat.com
    [mailto:fedora-list-bounces@redhat.com]On Behalf Of Scot L. Harris
    Sent: Sunday, May 29, 2005 6:59 AM
    To: 'For users of Fedora Core releases'
    Subject: RE: managing servers...

    On Sat, 2005-05-28 at 21:30, bruce wrote:
    > appreciate the info...
    >
    > however, i wasn't looking at how someone would setup an oscar type of
    > situation... my issue is what tootls would one use to easily configure a
    > server/multiple servers...
    >
    > as far as i can tell.. there are apps that are good at certain
    functionality
    > (control panels), nogios, etc... nut you don't have a good comprehensive
    > tool that would allow someone to easily setup a really good
    > ftp/webserver/etc.. and know that it's solid...
    >
    > linux still requires a great deal of hand/command line functions to make
    it
    > work...
    >
    > i'm envisioning an open source kind of app that combines functionality of
    > the control panel (cpanel/plesk/etc..) with what's going on at
    sourcelabs...
    > with the ability to mangage the network.. and all of this fro a gui kind
    of
    > interface..

    As stated previously there is not going to be a single tool to do all
    the things you listed. You really need to get at least a basic
    understanding of each service you are deploying. And that means
    understanding the under lying configuration files. Covering that stuff
    up with a GUI is IMHO a disservice. An admin that relies on such tools
    will find it difficult to trouble shoot a serious problem when it
    occurs.

    A good example of that is YAST from the SUSE distribution. That
    probably comes closest to what you are asking for. But an admin can get
    into all kinds of problems using it if any changes are made to the
    config files out side of it, and the admin does not know what files YAST
    changes behind the scenes. As such the admin is left being able to do
    what YAST lets them do and nothing more.

    If you have the underlying understanding of the systems and packages you
    are using you will be better off assembling a collection of tools that
    will make managing large numbers of servers easier. This goes back to
    the basic unix philosophy, select or build a tool for a specific purpose
    that does that job really well and set it up so it can be integrated
    with other tools easily. That way you can get the best in each class of
    tool.

    Concentrate on the following broad categories, monitoring, management,
    and reporting. There are tools that will help you do each of these.

    There are any number of good monitoring tools, HP Openview, BMC Patrol,
    Big Brother, Nagios, Opennms. Management is a little more difficult due
    to the moving target that systems present. Webmin is not to bad. And
    there are the various system- tools that come with Fedora (you could
    write a very simple panel tool that lets you select each of those as
    needed), however even the system tools don't let you make all of the
    types of changes that an admin would typically like to make.

    For management I personally believe you need to concentrate on each
    service that you are supporting. Get the tools that make setting up
    that service easier for you, for example, web servers with virtual hosts
    can easily be setup with vhost from http://chaogic.com/vhost. Setup a
    local yum repository that you use to install all your software from.
    Before releasing software to your local repository run it through a
    couple of test systems first so you can run regression testing to make
    sure things won't break in your production environment. Setup intrusion
    detection systems such as tripwire and snort.

    Develop good change control processes with appropriate back out plans.
    Have disaster recovery plans in place and tested periodically. Keep
    good backups of all important data so if you need to recover a system
    you can. Run periodic security scans on your systems using chkrootkit
    or similar packages. Read roots email every day. Review your log files
    regularly for any odd entries.

    Being a good systems admin is hard mostly thankless work. And if you
    are really good at that job your users won't know you are there.
    Because things will just work.

    In the long run you will find that using specific tools for each
    service/application will be easier than having to wait on an upgrade to
    some monolithic management tool so you can run the latest version of
    samba. 

    --
Scot L. Harris
webid@cfl.rr.com
La-dee-dee, la-dee-dah.
--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list
-- 
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list
  • Next message: Dotan Cohen: "Re: hp-IPAQ 4150 support on Linux"

    Relevant Pages

    • RE: managing servers...
      ... there are apps that are good at certain functionality ... tool that would allow someone to easily setup a really good ... >>i'm trying to get my hands around the issue of managing servers. ... Bruce, last I checked on OSCAR, it has a couple of limitations, chief among ...
      (Fedora)
    • Re: Renaming Admin ID - Making Sys Admins Accountable
      ... If they are 2003 member servers then you have remote access via the /console ... I think their point was that these apps dont necessarily need ... > that power user to do admin tasks because the apps have to always be ... >> /console and remotely run the console and still keep your two sessions up ...
      (microsoft.public.win2000.active_directory)
    • Re: Forest to Child -- Permissions
      ... first DC in the root. ... the member servers only ... DCDiag pretty much confirms authentication AND that DNS is right. ... never happen unless some admin has been mucking about. ...
      (microsoft.public.windows.server.dns)
    • Re: Inheriting network, first steps?
      ... PS. step 0 diable VPN access until you have time for step 4 ... determine that you can log in with the highest admin rights on each box ... Domain controllers first, critical servers next, etc. ... inventory all accounts with admin rights, ...
      (microsoft.public.windows.server.security)
    • RE: managing servers...
      ... > tool that would allow someone to easily setup a really good ... understanding the under lying configuration files. ... An admin that relies on such tools ... Concentrate on the following broad categories, monitoring, management, ...
      (Fedora)