Tools for system administrationin a heterogeneous environmentSATand PulsarRaphael FinkelComputer Science DepartmentUniversity of KentuckyLexington, [email protected]://www.cs.uky.edu/˜raphael/System administration tools 1SAT—Central ideaConfiguration files are built automatically oneach host as a side effect of changes to adatabase.• Hosts are individual machines, including (inour site) VAX (obsolete), Sequent (obsolete),Sun, Linux, OSF/1, and SGI workstations.All run Unix, but some (Solaris) are descen-dents of System V and others of BSD Unix.• Configuration files include /etc/exports,/etc/dfs/dfstab, /etc/amd.mounts.conf;/etc/hosts, /var/named/hosts.cs; /etc/motd;/etc/passwd, /etc/shadow,/etc/amd.users.conf, /etc/group;/etc/printcap, /etc/lp/printers/*Theymust be be consistent with each otherand with related files on other hosts.The same configuration file may have differ-ent contents and format on different hosts.System administration tools 2The database•The database consists of relations containingtuples of attributes. Each relation is stored inadirectory.•Each relation is described by a scheme.Thescheme is an Ascii file in the relation direc-tory.•The attributes of a relation are defined in itsscheme. Example from the Hosts relation:FullHostName, HostName, Other-Aliases, IPAddress, OSType,OSVer, MachType, Description,HostClass•Atuple is a set of values, one for eachattribute. The data are stored in an Ascii file.System administration tools 3Types of relations• Static relations are stored in tables and can beread and updated. Examples include:Hosts, Users, Printers, Motd,Mounts.• Dynamic relations are generated by programswhen read; theycannot be updated. Exam-ples include: Files, DiskSpace, Sys-log.We nolonger use dynamic relations; Pulsarhas superseded this need.System administration tools 4Data integrity•The scheme specifies the datatype of eachattribute, such as integer, Boolean,string, real. Example: A user identi-fier can be specified as integer.•Some types can be further restricted. Integerscan have ranges, and strings can be forced tomatch a givenpattern. Example: Host namescan be forced to end in uky.edu and haveno spaces.•The scheme can specify a checking programthat must approve all updates to the relation.Example: User names in the Users relationmust not be duplicated.System administration tools 5Access control•Auser-alias file defines classes of {user id,host name} pairs.•The scheme indicates which user alias file touse. (Wealways use the same one; it is builtfrom the Users relation.)•There are four privilege levels: owner,modify, append, read.•The owner may read and update both thescheme and the table.•Amodifier may read the scheme and read andupdate the table.•Anappender may read the scheme and readand append to the table.•Areader may read the scheme and the table.•For each privilege level, the scheme tellswhich user alias class applies. (Wealwayshave root as owner and usually have ANY asreader).System administration tools 6Distribution•Ahost-alias file defines classes of hosts.•The scheme indicates which host alias file touse. (Wealways use the same one; it is builtfrom the Hosts relation.)•Replicas of a relation have four styles:Model, Trusted, Copy, Access.•Only model replicas may be directly modi-fied.•Trusted replicas are taken from model repli-cas. Since model replicas are expensive,trusted replicas act as secondary repositoriesthat are cheaper to maintain.•Copyreplicas are taken from trusted or modelreplicas. Theyare not transferred to otherhosts.•Access replicas are on hosts with limited disk;theyare remote-mounts of other replicas.System administration tools 7Data consistency•The relation may be locked, which means thatamajority of model replicas are locked. (Wegenerally use only one model host.)•Only locked relations may be modified.•Anepidemic-style algorithm distributes repli-cas.•Hosts regularly poll for more up-to-date repli-cas.•Reads might get old data for a while.•The scheme usually specifies that a side effectof receiving an updated replica is to run areport program. This program generatescustomized configuration files based on hostidentity and OS version.System administration tools 8SATTools• Schedit:Dumps a scheme to an ordinary filefor editing, parses the result, and installschanges.• Tabedit:Dumps a table to an ordinary file forediting, parses the result, checks for consis-tency, and installs changes.• Tabread:Selects tuples based on a Booleanexpression and outputs desired attributes.•Table update programs: tabinsert, tabdelete,tabmod.•The Sal language, which contains databasequery components, table data structures, andmore common language components: used towrite report and check programs.• Perl scripts for the same purposes as Sal, butmachine-independent.• Relmod:Locks/unlocks, restructures, andcauses distribution of a relation.System administration tools 9AlternativesRdist can be used to copyfiles to manyhosts.•Rdist can only create identical copies, notcopies tailored to the particular operating sys-tem and host.•SAT can build rdist lists. Rrun and rd runprograms and distribute files to all hosts satis-fying an expression based on Hosts:Host-Class.System administration tools 10AlternativesIt is possible to use NIS and NIS+ to get someof the power of SAT.•SAT isless standard. It is therefore somewhatmore secure and somewhat less maintainable.•SAT relies on local files. Network problemsinterfere with data dissemination, but notwhether configuration files are usable. NIS-backed data is inaccessible if the server isdown or there is a network problem.•SAT ismore configurable; it can generate anyconfiguration file. NIS has built-in files andcan deal with no others.•NIS is still needed for netgroup,which isneeded to reduce the size of NFS export files.Hosts:report causes netgroup to berefreshed appropriately.System administration tools 11Pulsar — Central idea• Pulse monitors are simple programs sched-uled to run at regular intervals on each hostthat is to be monitored.•Each monitor has a specific task, such as dis-covering the current cpu load.•Each monitor has a notion as to the comfortlevelofthe data it discovers. For example, acpu load of 0.10 might be considered excel-lent, but 7.6 might be considered uncomfort-able.•Pulse monitors report the current comfortleveltoapresenter,which is a program thatdisplays a graphical viewofthe