Wild-eyed thinking aloud: Python System Management Infrastructure

Dan Mercer dmercer at zembu.com
Tue Aug 14 23:50:38 CEST 2001


Over the past year, my coworkers and I have developed a systems management 
suite that is similar in many respects to what has been discussed in this 
thread, and I've found the discourse here to be quite valuable and interesting.
We originally developed our tools to support the deployment of Zembu's 
distributed application infrastructure, but recently the decision has been
made to productize this software, making it available to the public.

Our Infrastructure Manager is composed of a number of components, including
a serial terminal server and physical power control (when the appropriate
hardware is available), a densely-meshed VPN based on the KAME projects
IPSec implementation using a Kerberos KDC for key management, and other
features, but the functionality that most applies to this discussion is a 
configuration management system written in Python.

The core of our system uses a simple XML-based declaration language to 
describe the properties of and relationships between components that comprise 
the managed infrastructure. W3 XSL documents are applied to this data to
generate a variety of configuration files and specialized scripts that
determine how the manager configures it's managed hosts. This mechanism is
used to setup the management system to bootstrap new Solaris and Linux systems 
in an automated manner, and to generate the appropriate configuration files
and package/patch adds needed to make the new system match a described
profile. The idea is to provide a configuration revision control system
that allows admins to rapidly duplicate a profile onto dozens of hosts.

A portable, lightweight management library is installed on each managed
host that allows communication with the manager via SSL encrypted XmlRpc.
The management library can be 'taught' new methods as packages are installed
for instance, the install of an apache package would add methods for
starting, stopping and getting the status of the apache server. This code
is also written in Python, which is really wonderful for cross-platform
systems work.

Currently, a UNIX style command line interface is available, along with a
specialized 'shell' environment that restricts access of users to specific
subsets of the IM's functionality. Currently a web based user interface is
also under development, which will allow for the same functionality
available on the commandline, including the editing/adding/removing of
components to be configured without editing a single line of XML. 

Since our marketing department is just now beginning to put together the
positioning for this software, it'd be very useful to us to hear your opinions
on what functionality you think would be useful, or what systems you think we
should support most quickly. If you are interested in trying out some of
this software pre-release, and could answer some questions about your own
infrastructure, it would be of great benefit to us. We'd like to provide a
user-extensible, 'no snake oil' management solution that solves the 
problems of sysadmins and doesn't require a complete overhaul of your 
environment and thousands of dollars to implement. If you'd like to provide
input please respond to this message, or send mail to karin at zembu.com.

We will be releasing initial support for Solaris 7/8 and Redhat 6.2. 
We've really only tested sun4u systems, but I expect old sun4m/c stuff
should work as well. For intel systems the only requirement for managed
hosts is Intel (PXE) compliant network interfaces. The release date is 
currently 10/1/2001.

Dan Mercer
Systems Engineering - Zembu Labs

More information about the Python-list mailing list