Smart Contracts (Hyperledger vs Eth) [closed] - hyperledger

Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 5 years ago.
Improve this question
Quick few questions on smart contracts
how does hyperledger smart contract (chaincode) stack up against ethereum ?
hyperledger - golang; Expressibility? ; Performance? ; Security?
Ethereum - solidity; Expressibility ; Performance? ; Security?
how to secure smart contracts to ensure that code is not tampered?
how can both parties trust and trace the results of the smart contract? any audit/traceability capability?
Also in a decentralised ideal world, whose legal liability if there is a bug and/or buffer overflow in the smart contract resulting in some losses?
Any performance benchmarks? E.g., 2000 of complicated smart contracts executed during a span of 10 seconds?
How does one enable/restrict security access to these smart contracts? i.e., only Alice and Bob can see the contract and not John

I suspect that it is still fairly rare for someone to have spent a lot of time developing smart contracts on Ethereum and Hyperledger Fabric. Couple that with the fact that anyone who has such experience is probably up to their eyeballs in work right now :-)
I worked on Go chaincode for about a year, building an IoT-oriented platform for smart contracts that has been temporarily suspended while I worked on JavaScript smart contracts through the Hyperledger Composer this year. I don't have direct expertise on Ethereum and Solidity, but I will do my best to answer what I can.
Do note though, that Ethereum is based on crypto-currencies and mining, and a lot of the activity is centered around the public, permissionless network. I.e. this is not designed for secure business networks, which require that you take a version of the Ethereum code base and hack it. This is not the same thing at all as working with Fabric, which is designed from the ground up to be used for secure business transactions.
Quick few questions on smart contracts
how does hyperledger smart contract (chaincode) stack up against
ethereum ?
Ethereum, like Fabric, have multiple smart contract languages. Ethereum's are Solidity -- a JavaScript-like language, Serpent -- a Python-like language, and LLL -- a Lisp-Like Language). The big difference here is that Fabric runs the actual versions of those languages so your skills are portable in both directions.
hyperledger - golang; Expressibility? ; Performance? ;
Security?
Golang looks a lot like C language but is more expressive, with concepts like channels, receivers, and so on. The performance is pretty extreme.
I also favour the Hyperledger Composer infrastructure, which uses interpreted JavaScript code and a powerful business network modelling language. This is worth exploring as it is evolving fast. A lot of security headaches are solved with minimal fuss using their access control language in permissions.acl.
Ethereum - solidity; Expressibility ; Performance? ;
Security?
Not sure about expressibility of any of their languages, but presumably you can do common contract stuff. Performance, though, is limited by definition to the block cadence of the Ethereum network, which is limited by the speed of mining. Bitcoin commits blocks about every 10 minutes. Ethereum is faster, but there will be a limit.
Regarding security of these two -- Fabric is permissioned and is generally expected to run on a private network, in backoffice(s) or on a cloud. Thus, it can be architected and engineered for as much physical security as you desire and / or can afford. Ethereum is likely the same when deployed privately, but not when deployed into an exchange that is meant to be public a la Bitcoin.
There are attack vectors of course, but presuming that you keep your chaincode in private repositories then again you can get as much security as you can afford.
how to secure smart contracts to ensure that code is not tampered?
You have to secure your network and repositories. For example, if you are running on a single Kubernetes cluster for a small blockchain, then you secure the cluster. If you are running on a large collaboration with multiple separate back offices running the HSBN (IBM's Fabric-based High Security Business Network) on Z systems, then you will secure the physical hardware and the internetworks. The chaincode has few to zero attack vectors if you spend enough money. (I'm using cost also as a synonym for effort by the way). Presumably, a private Ethereum deployment will have similar characteristics but again it is conceived as a crypto-currency engine and is natively permissionless.
how can both parties trust and trace the results of the smart contract? any audit/traceability capability?
Fabric has a historian that tracks every transaction and world state change (and I mean all of them ever). You can write complex SQL-like queries to gather and analyze such data. It is extremely powerful.
When I search for similar info for Ethereum, I get article after article discussing the historical price of Ethereum's currency. These are different worlds.
Also in a decentralised ideal world, whose legal liability if there is a bug
and/or buffer overflow in the smart contract resulting in some losses?
With Fabric, someone will be responsible for implementing smart contracts as codified business rules, and there is little logical difference between that and any existing financial system that was implemented either internally or using contracts. The dynamics of liability will be the same.
With Ethereum, I have no idea. There is a funky crypto angle to be aware of and if you try to implement a business network a la Fabric you are probably stepping into territory for which Ethereum takes no responsibility. This is not all that different from Fabric I suppose. But there is a difference in original purpose and that might make a difference when it comes to legal arguments (as in the "what were you thinking?" defense.) That is all pure speculation :-)
Any performance benchmarks? E.g., 2000 of complicated smart contracts
executed during a span of 10 seconds?
I ran some load tests (poisson traffic into a Go smart contract on a 4 node v0.6 fabric on Bluemix) for months at an average of about 23,000 transactions per hour with full history retention in world state. It ran fine. Hyperledger v1 has been engineered to be considerably higher performing than v0.6, however there are more complexities in using it so it will require serious system engineering to eke out its best performance (and what is new about that?)
How does one enable/restrict security access to these smart contracts? i.e.,
only Alice and Bob can see the contract and not John
Take a look at the ACL language in Hyperledger Composer and you will see that there is a rather sophisticated view of participant restrictions.
UPDATE: That link is busted. The new one is https://hyperledger.github.io/composer/latest/reference/acl_language.html
There is also research going on with Go libraries for ACL concepts, but I don't know when such might appear.
Anyway, I hope some of this was useful.

Related

What is the maximum (practical) number of nodes in an Erlang system

I wish to create a platform as a service in the financial markets using Erlang/Elixir. I will provide AWS lambda-style functions in financial markets, but rather than being accessible via web/rest/http, I plan to distribute my own ARM-based hardware terminals to clients (Nvidia Jetson TX2-based or similar, so decent hardware). They will access the functions from these terminals. I want said terminals to be full nodes in the system. So they will use the actor model to message pass to my central servers, and indeed, the terminals might message pass amongst each other if terminal users decide to put their own functions online.
Is this a viable model? Could I run 1000 terminals like this? 100 000? What kinds of limitations might I start bumping into? Is Erlang message routing scalable enough to imagine such a network still being performant if we had soft-real time financial markets streaming data flowing around? (mostly from central servers to terminals, but a good proportion possible moving directly around from terminal to terminal). We could have a system where up to 100k or more different "subscription" data channel processes were available, many of them taking input and producing output every second.
Basically I'd like a canonical guide to the scalability capabilities of an Erlang system something like the above. Ideally I'd also like some guide to the security implications of such a system ie. would global routing tables or any other part of the system be compromisable by a rogue terminal user, or can edge nodes be partly "sealed off" from sensitive parts of the rest of the Erlang network?
Note that I'd want to make heavy use of ports/NIFs for high-compute processes.
I would not pursue this avenue for various reasons, all of which hark back to the sort of systems that Erlang's distribution mechanism was developed for - a set of boards on a passive backplane: "free" local bandwidth and the whole machine sits in the same security domain. The Erlang distribution protocol is probably too chatty to work well on widely spread and large networks, and it is certainly too insecure. Unless you want nodes to be able to execute :os.cmd("rm -rf /") on each other, of course.
Use the Erlang distribution protocol in your central system to your heart's content, and have these terminals talk something that's data-only-over-SSL to that system and each other. On top of that, you can quite simply build a sort of overlay network to do whatever you want.
I recommend read this carefully and i recommend divide your service to little Micro-Services too.
Another benchmark is Investigating the Scalability Limits of
Distributed Erlang.
In the Joe Armstorng's book programming Erlang, he said:
"A few years ago, when I had my research hat on, I was working with PlanetLab. I had access to the PlanetLab a network, so I installed empty Erlang servers on all the PlanetLab machines (about 450 of them).
I didn’t really know what I would do with the machines, so I just set up the server infrastructure to do something later."
Do not use External ports, use internal drivers which are written in C or C++ instead.
You will find a lot of information regarding erlang Architectures is this answer: How scalable is distributed Erlang?
Short answer is, there is a pratical limitation of nodes in a cluster, but this limitation can be breach with federations fairly easily.
EDIT 1/ Further more I would recommend to read this book : Designing for scalability with Erlang/OTP

How to run the technical department of a non-technical start-up?

I have recently completed my bachelor's degree in Computer Engineer. I have had one small internship till now.
I have little coding experience.
After searching for months (Does not mean I am desperate for the job-Just wanted to clarify so that your answer is not based on it), I have been offered a job at a start-up to design and develop their web application for user interaction and management. I am the sole technical hire and will be the only person responsible for the development of the platform. The founders, though highly educated, do not have any sort of technical background.
It seems like an interesting opportunity but I am wondering if it too much responsibility too early?
I know this is not a standard programming question but I think this is a programming ability understanding type of question.
I would highly value your insight on this subject.
Thank you.
Just looked at your LinkedIn profile. Looks like you have great entry-level programmer qualifications.
Being the sole technical member of the team, with limited industry experience may be a great opportunity for growth.
However, the flip side argument is that you may be losing out on opportunities to grow with adequate mentorship. In all reality, the college/university CS/CE curriculum does not typically prepare you to handle real-world problems that senior-level software engineers address daily. In a company where you are NOT the sole technical staff member, you will have the opportunity to collaborate with and learn from experienced pros. In my opinion, that is a huge factor in selecting your first job.
So ... assuming this startup grows quickly ... are you qualified to:
Make day-to-day technical decisions regarding scaling, security, and prioritization of product features?
Interview, hire and evaluate the performance of additional technical personnel?
Develop the full-stack of a web application including setting up and administering server, database, APIs and associated frameworks, client side technologies?
If you are uncomfortable with any of the above (which is a very limited set of questions) you probably aren't yet ready. It takes a long time before any of us are. Before I took my first leadership position in a startup, I had over 10 years of experience in multiple industries and with several technologies. But that's me ... you have to make this decision for yourself.
Depends on the type of the company. If there's going to be interaction between the users and the site a lot and it just doesn't serve the purpose of providing information, then you'll have to handle things on the server side as well to provide proper response and you need to be quite good with your stack and as a fresher, it isn't quite recommended to be a sole performer in the technical section of an entire firm.
Since you tell, web application, I assume the user does have to interact. I wouldn't go for it if I were you. But you haven't told about the level of expertise you possess in your skill set. So, can't say whether or not you'll be able to handle it.
and this is just my opinion btw.

Single technology stack vs. multiple technologies for high scale site

I have recently been come to for advise on an idea of rewriting an existing site due to massive maintenance problems in their old design.
Basically, the company is considering a complete rewrite of aprox. 90% of their site which is currently written in PHP using an in-house framework.
The company would like to rebuild the backend and some way down the road the front-end as well in order to minimize their maintenance problems and make it easier to bring in new tallent which doesn't need to spend months learning the architecture before they can become affective developers.
We've come up with several possible architectures, some involving rewriting the whole site using an existing scripting web framework such as Cake, Django or RoR and some compiled language frameworks in Java or even .Net.
In addition we have come up with some cross technology solutions - such as a web application built in Django with a Scala backend.
I was wondering what merit would there be to using a single technology stack (such as RoR) as apposed to using a cross between two (such as RoR with Scala, like Twitter now do) and vise versus.
Take into consideration the fact that this company's site is a high traffic site with over 1 million unique visitors a day, which will be transitioned onto the new architecture slowly over a long period (several month to a year)...
Thanks
Generally speaking, I don't think any particular technology stack is better than any other in terms of performance; Facebook runs on PHP and I know first hand that Java and .Net scale well too. Based on what you've said I'd be worrying more about the maintainability related issues than performance and scalability just now.
Generally speaking, I would keep within one well known technology stack if possible:
It'll be easier to find (good) staff for a well known platform / technology stack; there will be more in the market, and rates will not be as expensive as the skills are too rare.
Splitting your technology means you need a wider range of knowledge; by sticking with a single technology stack you can focus on it, with better / faster results.
People tend to focus on one platform / technology stack, so it'll be easier to find developers for technology X, rather than technologies X, Y and Z.
It's easier for team members to work on different parts of the system as it's all written in the same technology - presumably in a similar way.
In terms of integation, items within the same technology stack play nicer together, crossing into different stacks can quickly become more difficult and harder to support.
Where you do want to use different technology, ensure the boundary is clean - something standards based or technology agnostic like web service / JSON calls.
Rewriting your whole codebase will require significant effort and lots of pressure, and for a start you would be best to start by doubling or maybe tripling the initial time estimate.
You can think about your problem from two perspectives :
Number of platforms. In order to minimize and manage complexity of this task, it is most definitely your imperative to reduce mental strain by using as less new technologies/platforms as possible. For example, an advantage of RoR over PHP+Smarty that has been cited often is that with RoR you don't have to learn a new presentation language.
Team effort required to learn new techs. If your existing team is already versatile with PHP, Django etc, but not RoR, then you might be better off reusing existing skills, since the mental strain for developers will be lesser.
Single technology means less moving targets; simpler is always better as long as it meets the requirements. So, use as many technologies as you need, but not more than that. The technology is not important; the right technology is the one that makes your job easier. So, ask yourself what are your current pain points, and how would each of those technologies help.
Getting the architecture right and the code clean is the easiest with Smalltalk and Seaside, especially when you do the persistence with Gemstone. At this scale, you'll have to talk to them about license costs. You might know them from the Ruby work they do with Maglev.

Where is Erlang used and why? [closed]

As it currently stands, this question is not a good fit for our Q&A format. We expect answers to be supported by facts, references, or expertise, but this question will likely solicit debate, arguments, polling, or extended discussion. If you feel that this question can be improved and possibly reopened, visit the help center for guidance.
Closed 10 years ago.
I would like to know a list of the most common application/websites/solutions where Erlang is used, successfully or not.
Explaining why it is used into a specific solution instead of others programming languages would be very much appreciated, too.
Listing BAD Erlang case studies (cases in which Erlang is misused) it would be interesting, as well.
From Programming Erlang:
(source: google.com)
Many companies are using Erlang in their production systems:
• Amazon uses Erlang to implement SimpleDB, providing database services as a part
of the Amazon Elastic Compute Cloud (EC2).
• Yahoo! uses it in its social bookmarking service, Delicious, which has more than
5 million users and 150 million bookmarked URLs.
• Facebook uses Erlang to power the backend of its chat service, handling more than
100 million active users.
• WhatsApp uses Erlang to run messaging servers, achieving up to 2 million connected users per server.
• T-Mobile uses Erlang in its SMS and authentication systems.
• Motorola is using Erlang in call processing products in the public-safety industry.
• Ericsson uses Erlang in its support nodes, used in GPRS and 3G mobile networks
worldwide.
The most popular open source Erlang applications include the following:
• The 3D subdivision modeler Wings 3D, used to model and texture polygon
meshes.
• The Ejabberd system, which provides an Extensible Messaging and Presence Protocol
(XMPP) based instant messaging (IM) application server.
• The CouchDB “schema-less” document-oriented database, providing scalability
across multicore and multiserver clusters.
• The MochiWeb library that provides support for building lightweight HTTP servers.
It is used to power services such as MochiBot and MochiAds, which serve
dynamically generated content to millions of viewers daily.
• RabbitMQ, an AMQP messaging protocol implementation. AMQP is an emerging
standard for high-performance enterprise messaging.
ejabberd is one of the most well know erlang application and the one I learnt erlang with.
I think it's the one of most interesting project for learning erlang because it is really building on erlang's strength. (However some will argue that it's not OTP, but don't worry there's still a trove of great code inside...)
Why ?
An XMPP server (like ejabberd) can be seen as a high level router, routing messages between end users. Of course there are other features, but this is the most important aspect of an instant messaging server. It has to route many messages simultaneously, and handle many a lot of TCP/IP connections.
So we have 2 features:
handle many connections
route messages given some aspects of the message
These are examples where erlang shines.
handle many connections
It is very easy to build scalable non-blocking TCP/IP servers with erlang. In fact, it was designed to solve this problem.
And given it can spawn hundreds of thousand of processes (and not threads, it's a share-nothing approach, which is simpler to design), ejabberd is designed as a set of erlang processes (which can be distributed over several servers) :
client connection process
router process
chatroom process
server to server processes
All of them exchanging messages.
route messages given some aspects of the message
Another very lovable feature of erlang is pattern matching.
It is used throughout the language.
For instance, in the following :
access(moderator, _Config)-> rw;
access(participant, _Config)-> rw;
access(visitor, #config{type="public"})-> r;
access(visitor, #config{type="public_rw"})-> rw;
access(_User,_Config)-> none.
That's 5 different versions of the access function.
Erlang will select the most appropriate version given the arguments received. (Config is a structure of type #config which has a type attribute).
That means it is very easy and much clearer than chaining if/else or switch/case to make business rules.
To wrap up
Writing scalable servers, that's the whole point of erlang. Everything is designed it making this easy. On the two previous features, I'd add :
hot code upgrade
mnesia, distributed relational database (included in the base distribution)
mochiweb, on which most http erlang servers are built on
binary support (decoding and encoding binary protocol easy as ever)
a great community with great open source projects (ejabberd, couchdb but also webmachine, riak and a slew of library very easy to embed)
Fewer LOCs
There is also this article from Richard Jones. He rewrote an application from C++ to erlang: 75% fewer lines in erlang.
The list of most common applications for Erlang as been covered (CouchDb, ejabberd, RabbitMQ etc) but I would like to contribute the following.
The reason why it is used in these applications comes from the core strength of Erlang: managing application availability.
Erlang was built from ground up for the telco environment requiring that systems meet at least 5x9's availability (99.999% yearly up-time). This figure doesn't leave much room for downtime during a year! For this reason primarily, Erlang comes loaded with the following features (non-exhaustive):
Horizontal scalability (ability to distribute jobs across machine boundaries easily through seamless intra & inter machine communications). The built-in database (Mnesia) is also distributed by nature.
Vertical scalability (ability to distribute jobs across processing resources on the same machine): SMP is handled natively.
Code Hot-Swapping: the ability to update/upgrade code live during operations
Asynchronous: the real world is async so Erlang was built to account for this basic nature. One feature that contributes to this requirement: Erlang's "free" processes (>32000 can run concurrently).
Supervision: many different strategies for process supervision with restart strategies, thresholds etc. Helps recover from corner-cases/overloading more easily whilst still maintaining traces of the problems for later trouble-shooting, post-mortem analysis etc.
Resource Management: scheduling strategies, resource monitoring etc. Note that the default process scheduler operates with O(1) scaling.
Live debugging: the ability to "log" into live nodes at will helps trouble-shooting activities. Debugging can be undertaken live with full access to any process' running state. Also the built-in error reporting tools are very useful (but sometimes somewhat awkward to use).
Of course I could talk about its functional roots but this aspect is somewhat orthogonal to the main goal (high availability). The main component of the functional nature which contributes generously to the target goal is, IMO: "share nothing". This characteristic helps contain "side effects" and reduce the need for costly synchronization mechanisms.
I guess all these characteristics help extending a case for using Erlang in business critical applications.
One thing Erlang isn't really good at: processing big blocks of data.
We built a betting exchange (aka prediction market) using Erlang. We chose Erlang over some of the more traditional financial languages (C++, Java etc) because of the built-in concurrency. Markets function very similarly to telephony exchanges. Our CTO gave a talk on our use of Erlang at CTO talk.
We also use CouchDB and RabbitMQ as part of our stack.
Erlang comes from Ericsson, and is used within some of their telecoms systems.
Outside telecoms, CouchDb (a document-oriented database) is possibly the best known Erlang application so far.
Why Erlang ? From the overview (worth reading in full):
The document, view, security and
replication models, the special
purpose query language, the efficient
and robust disk layout and the
concurrent and reliable nature of the
Erlang platform are all carefully
integrated for a reliable and
efficient system.
I came across this is in the process of writing up a report: Erlang in Acoustic Ray Tracing.
It's an experience report on a research group's attempt to use Erlang for Acoustic Ray Tracing. They found that while it was easier to write the program, less buggy, etc. It scaled worse, and performed 10x slower than a comparable C program. So one spot where it may not be well suited is CPU intensive scenarios.
Do note though, that the people wrote the paper were in the stages of first learning Erlang, and may not have known the proper development procedures for CPU intensive Erlang.
Apparently, Yahoo used Erlang to make something it calls Harvester. Article about it here: http://www.ddj.com/architect/220600332
What is erlang good for?
http://beebole.com/en/blog/erlang/why-erlang/
http://www.aquabu.com/2008/2/15/erlang-pragmatic-studio-day-3-notes
http://www.reddit.com/r/programming/comments/9q0lr/erlang_and_highfrequency_trading/
(jerf's answer)
It's important to realize that Erlang's 4 parts: the language itself, the VMs(BEAM, hipe) standard libs (plus modules on github, CEAN, etc.) and development environment are being steadily updated / expanded/improved. For example, i remember reading that the floating point performance improved when Wings3d's author realized it needed to improve (I can't find a source for this). And this guy just wrote about it:
http://marian-dan.com/wordpress/?p=324
A couple years ago, Tim Bray's Wide Finder publicity and all the folks starting to do web app frameworks and HTTP servers lead (at least in part) to improved regex and binaries handling. And there's all the work integrating HiPE and SMP, the dialyzer project, multiple unit testing and build libs springing up, ..
So its sweet spot is expanding, The difficult thing is that the official docs can't keep up very well, and the mailing list and erlang blogosphere volume are growing quickly
We are using Erlang to provide the back-end muscle power for our really real-time browser-based multi-player game Pixza. We don't use Flash or any other third-party plugins, though the game is real-time multi-player. We use pure JS and COMET techniques instead. And Erlang supports the "really realtimeliness" of Pixza.
I'm working for wooga, a social game company and we use Erlang for some of our game backends (basically http apis for millions of daily users) and auxiliary services like ios push notification provider, payment etc.
I think it really shines in network related tasks and it makes it kind of straight forward to structure and implement simple and complex network services alike in it. Distribution, fault tolerance and performance are easy to achieve because Erlang already has some of the key ingredients built in and they are being used for a long time in critical production infrastructure. So its not like "the new hip technology thing 0.0.2 alpha".
I know that other game companies use Erlang as well. You should be able to find presentations on slideshare about that.
Erlang draws its strength from being a functional language with no shared memory. Hence IMO, Erlang won't be suitable for applications that require in place memory manipulations. Image editing for example.

Introduction to SNMP monitoring [closed]

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 2 years ago.
Improve this question
I've been tasked with writing a monitoring program for my company's server software that integrates with zenoss via snmp.
To be brief, I can't get anything up off the ground. I think my first goal is to figure out the correct way to write an snmp agent (in any language to start, although it will eventually be in java). Are there any good test harnesses out there? I've used snmptest, which ships with zenoss, but it's not much good to me if I can't get a test agent off the ground. Anything that I know the zenoss manual has a lot of info, but it seems to presume a prior knowledge of standard systems monitoring practices and tools, and I can barely penetrate it.
Also, is it generally a good practice to use snmp to monitor software?
Short description of a typical SNMP agent:
Set the agent up. This usually entails telling it what server to send alerts to.
Run it.
Send appropriate SNMP messages to the configured server when things happen.
Reply to requests from the configured server.
All of the request/reply stuff is done using SNMP messages. If your company does not have a specially designed/assigned OID for the server software, you'll need to look into the standard MIB definitions to determine which OID(s) are appropriate.
MIB: Management Information Block. These come in standard and custom flavors. Standard ones are defined by a standards body (IETF?). Custom ones are created by vendors to support information unique to their product(s). MIBs are basically collections of OIDs.
OID: Object IDentifier - this is a dotted-notation number string that identifies the piece of hardware/software, and the bit of information you're looking for from it - for example, the number of TX collisions on an ethernet port might look something like: 1.5.82.316.8.4.3 (though that's not a valid OID, it's just a made-up example).
More detail available at Wikipedia. Download a free MIB browser to get an idea of what OIDs look like, and how detailed they can get. Check the RFCs for more detailed information. Look at something like perl's Net-SNMP - you may even be able to use the snmpd software that's included with it to do most of your work.
SNMP is certainly an acceptable way to monitor your network, devices and servers. Because it uses UDP it won't unduly stress the network via TCP retries and the like (SNMP clients are, or should be, architected to handle dropped packets etc.). Plus you'll have a huge array of client solutions to monitor your system and integrate against.
If you envisage a final solution in Java, see the Java/SNMP documentation and SNMP4J
SNMP.com (founded by Jeffrey Case, one of the SNMP architects) sells extensible SNMP agents. One of these may save you a world of grief.
nSoftware has an SNMP agent (not free). This might be easier than rolling your own.
Also check out William Stalling's book: SNMP.
Zenoss is quite complicated and comes with many pre-defined SNMP stuff. Do you really need to code your own SNMP agents?
SNMP is a big topic, with lots of complexity if you go into all the details and all the historical versions of the protocol and related tools. I'd suggest picking up a copy of Essential SNMP by Mauro and Schmidt, which gives a very clear introduction to both the fundamental ideas behind SNMP as well as practical examples of how to get started with it and use it in parctice with a number of different tools.
you can aim lower and try the Cacti (http://www.cacti.net/).
I too tried the Zenoss but gave up. The Cacti was up and running pretty fast. I just monitor use of bandwith of quite a few routers and many many ports in switches all over the country. But there are templates for monitoring all kind of things more related to a single server (temp, fan speed etc.)
BR. Anders

Resources