ECHOChallengeGoalOverviewPowerPoint PresentationCentralized Control UnitInformation CollectionEchoMe DaemonRouter Connectivity Discovery by SNMPSystem InformationNetwork InformationInformation AnalysisParsing EngineIFACE TablesSlide 15Individual Node AnalysisCollaborative AnalysisInterface to View AnalysisActionSecuritySystem Stat TableTranscripts for SNMP Router DiscoveryPartial Router Connectivity on Millennium Discovered by SNMPConclusionFuture WorkECHOA System Monitoring and Management ToolYitao Duan and Dawey HuangChallengeHow can we manage all these machines?GoalAimed at networked system managementBetter tools for–Discovering system states –Enhancing system availability–Monitoring network and system statistics–Error detection and correction–Fault tolerance for specific network applications (such as web server)OverviewDistributed agents gathering informationCentralized Control Unit (CCU) monitors and analyzes data. Takes control action if neededScript language for automatic decision making Web browser user interfaceSNMP ToolEchoMe DaemonCentralized Control UnitInformation collection–Machine information–Network informationInformation analysis–Individual Machine analysis–Collaborative network analysisAction–System modification–Network routingInformation CollectionTwo approaches investigated–EchoMe Daemons running on hosts and reporting system information to server–SNMP to discover router connectivity and statesDaemon mostly for collecting local information. Much more detailedSNMP for network connectivityEchoMe Daemon1. Automatically discover a node (node reporting stage)–EchoMe Daemon start up as machine boot–Send up OS type/machine info to CCU–Register a session in CCU2. CCU sends to node a monitor program base on node’s OS/Machine type and execute it on the node.3. Monitor program send up information packet periodically to CCU.Router Connectivity Discovery by SNMPRouters implemented SNMPProgram can run on any host within MillenniumGiven a router (can get from local host’s gateway information), query its ipRouteTableTraverse all its neighboring routers, performing the same queryRecursion stops at specified distanceSystem InformationNumber and speed of the CPUs Total physical and swap memory Installed System Clock Uptime Kernel Version Percent CPU user, nice, system and idle One, five and fifteen minute load averages Number of running processes and total number of processes Amount of free, shared, buffered, cached and swap memoryNetwork InformationNetwork Interfaces –/proc/dev or CTL_NET/AF_LINK–SNMP: interface.ifTableARP cache – direct neighbors–/proc/arp or RTF_LLINFO–SNMP: ip.ipNetToMediaTableRoute Table–/proc/route or NET_RT_DUMP–SNMP: ip.ipRouteTableInformation AnalysisCCU a relational databaseFront end, parsing engineIndividual Node AnalysisCollaborative AnalysisParsing EngineIPACKET is in standard XML formatIPACKET use incremental update, new packet specifies differences from previous packet.Parsing Engine parses the IPACKET into objects and does the insertion to iface accordingly.<ID ??> <DATATYPE>DATA </DATATYPE></ID>IFACE TablesThe client node register an unique nodeid in iface_node_tableIt starts a session for reporting information to CCUEach time, client node reports information by sending up an information packet. (ipacket)CCU process this packet, create an unique statement id from iface_index_table and parse information into each iface_?DATA_table.Individual Node AnalysisClean up iface_?data_table by transferring and categorizing data into each nodes’ own data table.A background process runs on CCU.Examples:–Network statistic overtime table–Network route change reporting–Network usage of nodes. (packets, tcp/udp connection counts)–Node’s system state overtime table–Node’s configuration change tableCollaborative AnalysisGroup up specify information in the iface_?data_tables and ninfo_?data_tables to generate special tables for user viewing/analysis.Examples–Network connectivity graph–Network graph between two node or route–Network snapshot table–All nodes’ current network statistic table–All nodes’ current state tableInterface to View AnalysisWeb interface–Viewable under web browserWeb session–Display analysis–Take action input from userJava Servlet + JSP–Security control–Data Objects map with tables in collaborative analysisActionDaemon capable of receiving and executing binary programs from CCUCommand module issues command in response to certain events–Add pseudo interface to a host–Reroute a host–Initialize new program–Etc.SecurityOpenSSL encryption EchoMe Daemon Run as nobodySystem Modification Program needs to do suexec (ROOT PASSWORD requires)System Stat TableTranscripts for SNMP Router Discovery……Iterating neighbors of 169.229.51.202 ....IP address: 169.229.51.161(A9E533A1)IP address: 169.229.51.233(A9E533E9)IP address: 169.229.51.165(A9E533A5)IP address: 169.229.51.167(A9E533A7)IP address: 169.229.51.168(A9E533A8)IP address: 169.229.50.33(A9E53221)IP address: 169.229.50.129(A9E53281)IP address: 169.229.51.166(A9E533A6)IP address: 169.229.51.169(A9E533A9)IP address: 169.229.51.234(A9E533EA)In getIPRouteTable. nHops = 8Setting target to 169.229.51.234……Partial Router Connectivity on Millennium Discovered by SNMP169.229.48.1169.229.51.226169.229.51.161169.229.51.165128.32.44.10128.32.44.1169.229.51.169169.229.51.233169.229.51.167169.229.51.133169.229.51.198ConclusionInformation collection methods feasibleAutomatic discoveryComprehensive and accurate information about systemNeeds user feedbackFuture WorkMore (or less) features based on user feedbackUser interfaceMore on information analysis and decision makingFully deploy on
View Full Document