Managing multiple Debian linux servers
At CIAS here we manage around 20 linux machines, of which only a handful of them are in a cluster.
This means that conventional tools such as puppet and other cluster management software suits don't fit well into what we want to do.
So what am i to do? I have 20 machines to manage, secure, audit, monitor, update and any number of other tasks. Any good system administrator will have his hands knee deep in BASH and perl and <insert favorite scripting language here>. I personally happen to be a web guy. I live and breath in PHP and MySQL. My specialty over the years has been to create nice little one off web applications that parse data, manage it, and present in a useful manner to myself and my co workers. Lately i've start to go a step beyond that and create web services which my machines begin to interact with. I've created clever little command line apps that do specific tasks, and are usually generic enough that they work on all our machines. I've even created a deployment method for these apps! So now i update a single repository of our scripts and auto-magicly our servers have the latest scripts.
This system has really started to work well, and its been growing day by day.
So far i've created systems for the following solutions:
- A global iptables blacklist - add an ip to the list and all our machines block that IP
- A command to block an IP from any of our hosts, which then is put in the global list
- A script that audits SSH attacks and blocks those ips
- A web interface for all those blocked IP's (Add, Edit and Delete from the list)
- A web interface to show all available APT updates on a host, and the ability to approved updates and have them install automatically at a certain time.
- A web reporting tool that monitors all our servers disk usage and sends warning on full or near full disks
- A interface to a long term archive solution we are custom building
- A script and web interface which aggregates all of our logwatch reports, and then converts them to RSS
As more and more problems need solution i keep creating and distributing these systems. To what end?
In the future i would love to create a portal based system where I log in and i can manage and interact with all of my servers from one place. Much like an Altiris Notification server for my linux machines.
So here's my question to the great internet... Does anyone else do anything kinda like this? Is this a set of solution that I should think about packaging up and creating an open source project for? Does anyone care? Does anyone else have a better solution than the hacks i've been working on? I want to hear your feed back!!!
And now for something completely random:
Force SSL connection using PHP
When place before all other output on your PHP script this little snipped will force you PHP page to be presented over SSLThis is very useful on things like Login forms.
if($_SERVER['SERVER_PORT'] != '443') {
//Force SSL upon this page
header("Location: https://".$_SERVER['HTTP_HOST'].$_SERVER['PHP_SELF']);
}
Logwatch & RSS – A Perfect Union
Here at CIAS we have a bunch of linux servers, and we run logwatch on them to give us a daily look at our servers.
There are few options with logwatch and how you want to get the information, you can have it email you, which for one or two servers that is pretty standard, but we are managing 10+ servers, and i don't want to clog up my email and i don't want to use my inbox as a way to archive all of our logwatch reports.
So what did I come up with?
On The Server
Everything that happens here is using a simple upload script i created to facilitate the aggregation of the scripts. Machine's logwatch runs as a cron scripts and outputs its report to a directory on the machine. Right after that script runs another scripts run and copies the logwatch report to a central web server.
On the Web Server
The 'logwatch' app is just a nice simple front end to a bunch of directories from this structure
archive
server1
12-3-07
logwatch.txt
12-2-07
logwatch.txt
server2
12-3-07
logwatch.txt
I created a nifty little PHP class that takes care of this structure, and allows easy access to the files through code.
RSS and <insert favorite news reader here>
Cool, so now i have a nifty little web app that organizes our logwatch reports... so whats the next step?
I already run NetNewsWire on my Mac and RSS would be a perfect solution for seeing updated logwatch reports as they come in from the servers. So create the RSS is was pretty easy...
1. use the PHP class
2. output in RSS format the last 5 logwatch reports for the specified server
3. RSS MONEY!!
I'm pretty happy with this elegant solution. I always have a hard time remembering to 'go' to a web app... I always keep NetNewsWire open. So this solution makes me a better System Administrator