ISP Software

This section covers software that can be added to servers for system administration, customer services, etc. Everything besides the foundational Linux software that virtually every server has and other software that is already covered in the Server Guides section.

Managing software on servers encompasses these topics:

• Installation
• Upgrades
• Removal
• Configuration
• Starting and stopping

Verifying proper operation is left for the Monitoring topic.

One tool that can do all of the above for large numbers of servers is Cfengine. I have evaluated Cfengine, Puppet, BCFG2, and LCFG: my choice was Cfengine, so I will cover some of the things I have learnt.

This topic is just beginning. I have a lot of material that is not included here. Send me a note to encourage me if you are interested in this topic (use Contact Wiki Admin link on left). Otherwise I will just put my notes here to give them a place to live and will organise and complete at some future date.

I began using Cfengine version 3 in February 2010. Information here only covers version 3, which is substantially different from version 2.

Cfengine 3

Everyone needs version control: for code, documents, original artwork, configuration files, what-have-you. CVS is the old standard, Subversion is more robust, and some prefer Git (whose fame is at least partly due to being written by Linus Torvalds). I use Subversion, so that's what I will cover here.

Subversion

I have always used rsync with custom-written scripts to automate the process, but am now looking at something called Box Backup that I recently discovered. If it is as good as it sounds, I will write more about it as I gain experience.

Stapler is a Perl application developed to simplify server DNS zone file maintenance. To learn more, click here.

NB: Turnstile is based on ipchains and therefore will only work with a 2.4 or older kernels, or series 2.6 kernels up to 2.6.10.

1. Download Turnstile script.
2. Download sample config files.
3. Installation and usage instructions.

Software to help monitor the status and performance of your servers and network.

• Nagios has free and paid versions. Icinga is a fork of Nagios that has made some great improvements; I recommend using it over Nagios.
• Zabbix is an excellent open-source free package with a mature code-base that has been developed since 2001. The company offers reasonably-priced training and support options. I think it is the best choice from among commercial and open-source options alike (so much so that I took their ceritifcation course).
• Big Sister sounds like a knock-off from Big Brother, but from its appearance it seems to just be playing on the name.
• Xymon aka Hobbitmon grew from Big Brother to become its own package, although it still retains the look of Big Brother.
• OpManager is a commercial monitoring package.
• Monitorix is a free, open-source monitoring package with slick-looking graph screens.
• Spacewalk is Red Hat's open-source release of their RHN Satellite commercial product. It appears as if Red Hat gave up on its closed-source development efforts and released the code to the open-source community to see if it could be finished for free so they could make money on it. That could be a reasonable trade-off, but for me the math doesn't work. The product doesn't seem very good, their marketing is confusing, the products future is uncertain, their contract terms for using the commercial version with RHN are unreasonable (does anyone besides me read those terms before clicking “I agree”?), and they restrict the free version from working with RHEL and RHN. All this seems to encourage me to use CentOS rather than RHEL – and while I am at it why not use Zabbix for monitoring, and if I'm not using Spacewalk I might as well skip CentOS and use Gentoo…
• Pandora FMS is a free monitoring package that also has a commercial offering. This one looks promising, especially for Spanish locales since the company is based in Spain.
• Hyperic HQ is a Java monitoring app from a company founded in 2004 that apparently had its first stable release in 2007 (based on news releases). The company was acquired by SpringSource in May 2009, which in turn was acQuired by VMware in August 2009 (which itself was acquired by EMC in January 2004). The commercial licence cost is rather high, on par with MS SCOM, around the $700 per server mark. There was a free offering as well the last time I checked, but I'm not a fan of Java apps and didn't like some of the things I read in their documentation, so I haven't pursued this one any further.
• SCOM is the commercial product from a well-known vendor released in 2007. The product makes some impressive claims and I have heard people say they have done amazing things with it, but I found the Linux support of both their software and their tech support people to be weak, which makes it hard to justify paying nearly $700 per server plus the cost of add-ons just to end up with Linux monitoring that is marginally useful and not nearly as good as Zabbix.

A comparison matrix will be posted some time in the future (the days and weeks just fly by… if you are waiting for this, please drop me a note to encourage me to finish this).

Webilant is the name given to an http (web) content filter that uses squid to provide caching and filtering at the same time. To learn more, click here.