UbuntuCentralizedServiceAdministrator

Revision 16 as of 2009-03-06 19:37:22

Clear message

Please check the status of this specification in Launchpad before editing it. If it is Approved, contact the Assignee or another knowledgeable person before making changes.

Summary

Release Target: Ubuntu 10.04

Name: ucsa (Ubuntu Centralized Service Administrator)

Create a tool for centralized server administration, maintenance and configuration. This tool should provide an easy, but powerful user interface based on curses and have support for dynamic module inclusion to add support for new services or packages.

Release Note

Rationale

Ubuntu has the goal to be 'Linux for human beings', on the desktop the goal has been reached, but on the server side there is no easy and unique way to administrate, configure or maintain the services. Also the current recommended tools are web based (e.g. eBox), which involves running a web server and can be a security issue, or are GUI based, which are not adapted for the servers environments. Also the current tools are very limited and most of them make some non standard configurations files, which make difficult for sysadmins to tune their services.

Use Cases

Alice has a small business and wants to add some network services but she has no idea how to configure them. Alice can use the ucsa UI to help her do the job.

Bob installs a file server for his small business, he want to use a common configuration with some tunning at the end. Bob can use ucsa to do the base configuration and then edit the config files by hand to do the tuning.

Assumptions

The tool will allow users to manage configurations and to administrate the services. However, to fully integrate with the system, packages (services?) should provide a file (or a line in a centralized one) saying that it's installed. However we can change that and make the services provide the augeas lenses, so Ucsa will only open those services.

Design

The tool will use augeas as backend, which will manage the configuration files (open, edit and write), the tool will only offer a frontend to libaugeas and a separately curses interface, which will provide a form-like presentation of the file and will pass the files to the augeas tree for it to write it to the config file.

Migration

There will be no problems with the migration since augeas manages all the config files, and it allows any formats and personal changes to them.

Implementation

First libaugeas is needed on the archives, then we need to write lenses for the most common files, when we are comfortable with the number of lenses the tool will start to be written.

Rollout

Status

Augeas package is waiting for review on revu.

Test/Demo Plan

Install a service, see if ucsa recognizes it and make some changes to the configuration. Then edit the config file by hand adding new directives (not supported by ucsa) and some comments, open ucsa again, make more changes and save again, it won't break anything.

Outstanding Issues

Augeas still doesn't have lenses for all services, it's needed first of all to write lenses for the most common services.

ddumont: Depending on the lense, Augeas may not provide validation of entered data. For instance, it is currently possible to do "set /files/etc/ssh/sshd_config/Toto titi" and find an unvalid keyword in sshd_config. So Augeas is a great project, but a lot of work is still needed to provide a safe configuration tool for users.

BoF agenda and discussion

Meeting Notes 2008/05/??

Comments

JonathanJesse: All backends must provide for reporting, especially a centralized reporting system. A system admin needs to be able find the status across all devices (servers, workstations, mobile, etc). Also the admin will need to be able to answer the question: "How many of devices have X?" where X can be memory, program or other. I like that you are talking about XML already as it is great for storing data and transmitting that data. I feel that a web server does provide the graphical interface needed to present the data and make configuration changes. See http://www.spiceworks.com for a free implementation of a process that provides inventory/network discovery/software deployment. For paid for services see http://www.altiris.com, http://landesk.com, http://kace.com. Note: I am a consultant on the Altiris product set and need to be careful this doesn't copy Altiris to closely if I am going to be involved in it.

NealMcBurnett: note related discussions on the server team list about "Centrilized managment console", "More discussion: GUI, blogs, and pizza", "Bug 2 review pls", etc. at https://lists.ubuntu.com/archives/ubuntu-server/2008-June/thread.html

Note related projects like

mkaufmann: It would be a good Idea to integrate an Hardware/Software-Inventory. Since 8.04 OCS NG (see http://www.ocsinventory-ng.org/). With the Inventory the Admin have a good overview over the Clients and Servers in the local net. Björn Sundberg started a new Project, a OCS-Client written in Python (see: https://answers.launchpad.net/pyocsclient)

ddumont: Well, it depends on the scope of this project. Reading the summary, I think the scope is the user's machine, not a cluster.


CategorySpec