Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 2 years ago.
Improve this question
I've been tasked with writing a monitoring program for my company's server software that integrates with zenoss via snmp.
To be brief, I can't get anything up off the ground. I think my first goal is to figure out the correct way to write an snmp agent (in any language to start, although it will eventually be in java). Are there any good test harnesses out there? I've used snmptest, which ships with zenoss, but it's not much good to me if I can't get a test agent off the ground. Anything that I know the zenoss manual has a lot of info, but it seems to presume a prior knowledge of standard systems monitoring practices and tools, and I can barely penetrate it.
Also, is it generally a good practice to use snmp to monitor software?
Short description of a typical SNMP agent:
Set the agent up. This usually entails telling it what server to send alerts to.
Run it.
Send appropriate SNMP messages to the configured server when things happen.
Reply to requests from the configured server.
All of the request/reply stuff is done using SNMP messages. If your company does not have a specially designed/assigned OID for the server software, you'll need to look into the standard MIB definitions to determine which OID(s) are appropriate.
MIB: Management Information Block. These come in standard and custom flavors. Standard ones are defined by a standards body (IETF?). Custom ones are created by vendors to support information unique to their product(s). MIBs are basically collections of OIDs.
OID: Object IDentifier - this is a dotted-notation number string that identifies the piece of hardware/software, and the bit of information you're looking for from it - for example, the number of TX collisions on an ethernet port might look something like: 1.5.82.316.8.4.3 (though that's not a valid OID, it's just a made-up example).
More detail available at Wikipedia. Download a free MIB browser to get an idea of what OIDs look like, and how detailed they can get. Check the RFCs for more detailed information. Look at something like perl's Net-SNMP - you may even be able to use the snmpd software that's included with it to do most of your work.
SNMP is certainly an acceptable way to monitor your network, devices and servers. Because it uses UDP it won't unduly stress the network via TCP retries and the like (SNMP clients are, or should be, architected to handle dropped packets etc.). Plus you'll have a huge array of client solutions to monitor your system and integrate against.
If you envisage a final solution in Java, see the Java/SNMP documentation and SNMP4J
SNMP.com (founded by Jeffrey Case, one of the SNMP architects) sells extensible SNMP agents. One of these may save you a world of grief.
nSoftware has an SNMP agent (not free). This might be easier than rolling your own.
Also check out William Stalling's book: SNMP.
Zenoss is quite complicated and comes with many pre-defined SNMP stuff. Do you really need to code your own SNMP agents?
SNMP is a big topic, with lots of complexity if you go into all the details and all the historical versions of the protocol and related tools. I'd suggest picking up a copy of Essential SNMP by Mauro and Schmidt, which gives a very clear introduction to both the fundamental ideas behind SNMP as well as practical examples of how to get started with it and use it in parctice with a number of different tools.
you can aim lower and try the Cacti (http://www.cacti.net/).
I too tried the Zenoss but gave up. The Cacti was up and running pretty fast. I just monitor use of bandwith of quite a few routers and many many ports in switches all over the country. But there are templates for monitoring all kind of things more related to a single server (temp, fan speed etc.)
BR. Anders
Related
I want to create mobile apps using webRTC APIs. My basic need is one-to-one video calling capability. Should I just use an open source webRTC server like openwebrtc? I want it to handle at least 5k clients. Is there any other option to fulfill my needs?
This question is very broad (and this isn't a proper answer), and is likely to attract very opinionated answers, and is also likely to be deemed as off-topic for Stack Overflow.
Having said that, if you can provide more information, you might get some reasonable opinions.
Please provide more information about what is important to you.
As WebRTC is a peer-to-peer system, scaling isn't a major issue. You need a signalling server of some kind to do call establishment. That work is over quite quickly, and then the two parties can continue the call without needing the server any more.
I don't have experience with openwebrtc, but I have used PeerJS, and found it to be quite good. It hasn't been updated in 2 years, but it seems to do the job pretty well, and is quite lightweight.
There are some commercial offerings around, but I question the value, as they leverage heavily from the open source components, and rely on the browsers for support. They are probably worth using if you want to do many-to-many video calling, as that is when you need a video server.
WebRTC is supposed to be easy, and it has been in the browsers for several years now (notably excluding Safari and IOS). It is a difficult area, and will take some time to master.
OpenWebRTC project is a reasonable option for a basic video calling native mobile app; its signalling server is only a basic demo, all written in JavaScript. As such, it should not crash on 5K simultaneous peer video connections.
But a real-world solution might require much more than this: TURN and STUN services, backup for the moments of hardware failure, load balancing, statistics and administration interfaces. Take security seriously: you should be able to cut out a spammer or other offender, in addition to protection against hackers.
Server software is that can help you will not necessarily cost much. See also https://stackoverflow.com/a/38810518/192373.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
We don’t allow questions seeking recommendations for books, tools, software libraries, and more. You can edit the question so it can be answered with facts and citations.
Closed 2 years ago.
Improve this question
Is there any decent alternative to OPC-UA as a solution for accessing process data of a system composed of various PLCs? Something that is platform independent and can "speak" with products of different brands ?
I've heard of MQTT but it seems to be much more like a transport protocol, and only that. It does not have all the higher level stuff like the information modeling, etc.
Thanks for your help!
OPC is the only standard way for communicating with PLCs. OPC DA is the old alternative. OPC UA is the new one and recommended, nowadays. Before OPC there was just proprietary protocols and shared protocols like Modbus, but they are just lower level transport protocols as you've mentioned.
OPC UA is pretty unique with the Information Modeling, especially. With that feature it is enabling new communication possibilities for higher level systems and applications as well, in addition to plain PLC communication.
Note that some PLCs can also talk OPC UA natively, which makes it a standard in that way.
And OPC UA is really standardised as IEC 62541, ensuring that it's independent.
Update 17/07/19: OPC UA is now defined also as the Industry 4.0 Communication as I wrote in my recent article.
Update 20/05/05: OPC UA version 1.04 defines Pub/Sub alternatives, using UDP for secure data multicast in local networks and AMQP/MQTT for secure broker based data & event delivery to cloud systems. Version 1.04 also defines a WebSocket/JSON protocol alternative, which enable easier usage in web applications. None of these are broadly available, yet, but hopefully will become popular in 2020-21 time frame.
OPC-UA has some very interesting parts, especially concerning information modelling, interoperability and the publish/subscribe pattern.
However, even though it's a standard in the strictest of senses, I've found that to use it in a webapp you need to code a gateway server. Because it uses raw sockets and a binary (although fast) serialization protocol.
This is why we created an alternative protocol called Woopsa at my university. We decided to base it on HTTP + JSON. We tried to make a protocol that's similar to OPC-UA: it has Information Modelling, publish/subscribe, and even multi-requests. It's all completely open-source.
We've just released version 1.0 here: http://www.woopsa.org/
You can get the source code directly on our GitHub: https://github.com/woopsa-protocol/Woopsa
Basically, our protocol is just a standardized RESTful API using HTTP+JSON. For example, you can read a value by making a GET /woopsa/read/Temperature and it will reply you in JSON:
{"Value":24.2,"Type":"Real"}
You can also get the object tree by using the meta word, for example: GET /woopsa/meta/ which will give you something like that:
{
"Name":"WeatherStation",
"Properties": [
{"Name":"Temperature","Type":"Real"},
...
],
"Methods": { ... }
"Items": [
"Thermostat",
...
]
}
In a practical industrial application, MQTT is not an alternative to OPC-UA. The original goal of OPC, back in the '90s, was to provide a standard communication mechanism and data model that would provide interoperability among clients and servers that implemented the specification. OPC-UA expands and generalizes the data model and the communication without giving up on that core goal. In order to do this, the standard must specify things like the format of a time stamp, the encoding of data types, historical values, alarms, etc.
MQTT is a message transport layer that does not provide interoperability by design. It does not stipulate the format of the payload, does not specify how one transmits a particular data type, timestamp, value, hierarchy, or anything else that would allow an application to understand the data being transmitted. You can create a valid MQTT server that emits XML, JSON, or custom formatted data that is plain-text, encrypted, base-64 encoded, or anything else you like. The only way a client application can interact with your server is by knowing in advance what data format the server will produce and accept.
OPC-UA has recently introduced a publish/subscribe mechanism to improve bandwidth utilization, reducing a communication bandwidth advantage that MQTT currently offers. At the same time, the MQTT specification will need to grow to specify data formats in order to promote interoperability. Expect to see a convergence of functionality between MQTT and OPC-UA, mostly MQTT growing to meet OPC-UA.
MQTT is a much simpler implementation at the moment, which holds advantages for embedded and resource-constrained systems. The addition of a data modeling specification would act to reduce this advantage.
The bottom line is that OPC-UA is for interoperability and MQTT is for simple custom communication. MQTT needs to grow before it can be an alternative to OPC-UA.
MQTT is growing in popularity as the protocol of choice for I.o.T. It does have its short comings - however its simplicity is often seen as a strength whereas OPCUA carries the overhead of design by committee.
If you need to combine the two, you may like to consider trying our simple gateway mqtt2opcua
Unserver is a product designed to solve the exact problem described in this question.
It is capable of talking to different field devices and provide a unified HTTP API on
top of them.
It integrates with devices via Modbus RTU, but other common protocols will be added in the future.
In short, first you configure a data 'tag' like this:
{
"name": "tank1",
"device": "plc1",
"properties": [
{
"name": "level",
"address": "HR0",
"type": "numeric",
"raw": "int16"
}
]
}
Then you can work with the tag using an API endpoint created automatically:
GET http://localhost:9000/tags/tank1
{
data:{
level: 1
}
}
Check out the documentation for more info.
The product is free for evaluation and non-commercial use.
Disclaimer: I'm part of the team. Hope this is useful.
I just released another approach to this challenge. The project is called ELTRA IoT.
It's cloud service as mediator and end-user components that act as device representation or operator interface (https://www.eltra.ch/)
Primarily, it was created to simplify integration of CANopen devices with smartphone applications, but I quickly realized, that it can be used for any IoT project.
This project is inspired mainly by CANopen and FDT architecture.
The first idea was to deliver the solution, that allows bringing your device into internet using web standards like REST/JSON (avoid binary protocols, gateways, firewall, proxies issues and all this staff, that makes this whole process more complicated) within short time.
Web standard like HTTP/REST/JSON/WebSocket plays well with all operating systems and architectures and allows also easy end-user app integration in any modern language.
Main features:
Same API both sides (device and operator)
CANopen CiA-311 data model representation
Nodes, object dictionary, index, subindex, strong data typing, ranges etc. You know CANopen = you are at home
History data
RPC support - custom commands execution
Simple cloud service API https://eltra.ch/docs
Standard authentication scheme
SSL encryption
Cross-platform solution for Windows, Linux, Android, IPhone, Raspberry PI
SDK is available as open source on Github:
https://github.com/eltra-ch/eltra-sdk
At the moment, the library is implemented in .NET Standard and tested with Windows, Linux (x64 and ARM32), Android, IPhone.
Nuget package is available under:
https://www.nuget.org/packages/Eltra.Connector/
If the complexity of OPC UA is an overkill and Woopsa doesn't fit your design, then ELTRA could be an alternative.
disclaimer: This project is part of my masterthesis and eltra.ch service is my privately held website
As it currently stands, this question is not a good fit for our Q&A format. We expect answers to be supported by facts, references, or expertise, but this question will likely solicit debate, arguments, polling, or extended discussion. If you feel that this question can be improved and possibly reopened, visit the help center for guidance.
Closed 10 years ago.
I would like to know a list of the most common application/websites/solutions where Erlang is used, successfully or not.
Explaining why it is used into a specific solution instead of others programming languages would be very much appreciated, too.
Listing BAD Erlang case studies (cases in which Erlang is misused) it would be interesting, as well.
From Programming Erlang:
(source: google.com)
Many companies are using Erlang in their production systems:
• Amazon uses Erlang to implement SimpleDB, providing database services as a part
of the Amazon Elastic Compute Cloud (EC2).
• Yahoo! uses it in its social bookmarking service, Delicious, which has more than
5 million users and 150 million bookmarked URLs.
• Facebook uses Erlang to power the backend of its chat service, handling more than
100 million active users.
• WhatsApp uses Erlang to run messaging servers, achieving up to 2 million connected users per server.
• T-Mobile uses Erlang in its SMS and authentication systems.
• Motorola is using Erlang in call processing products in the public-safety industry.
• Ericsson uses Erlang in its support nodes, used in GPRS and 3G mobile networks
worldwide.
The most popular open source Erlang applications include the following:
• The 3D subdivision modeler Wings 3D, used to model and texture polygon
meshes.
• The Ejabberd system, which provides an Extensible Messaging and Presence Protocol
(XMPP) based instant messaging (IM) application server.
• The CouchDB “schema-less” document-oriented database, providing scalability
across multicore and multiserver clusters.
• The MochiWeb library that provides support for building lightweight HTTP servers.
It is used to power services such as MochiBot and MochiAds, which serve
dynamically generated content to millions of viewers daily.
• RabbitMQ, an AMQP messaging protocol implementation. AMQP is an emerging
standard for high-performance enterprise messaging.
ejabberd is one of the most well know erlang application and the one I learnt erlang with.
I think it's the one of most interesting project for learning erlang because it is really building on erlang's strength. (However some will argue that it's not OTP, but don't worry there's still a trove of great code inside...)
Why ?
An XMPP server (like ejabberd) can be seen as a high level router, routing messages between end users. Of course there are other features, but this is the most important aspect of an instant messaging server. It has to route many messages simultaneously, and handle many a lot of TCP/IP connections.
So we have 2 features:
handle many connections
route messages given some aspects of the message
These are examples where erlang shines.
handle many connections
It is very easy to build scalable non-blocking TCP/IP servers with erlang. In fact, it was designed to solve this problem.
And given it can spawn hundreds of thousand of processes (and not threads, it's a share-nothing approach, which is simpler to design), ejabberd is designed as a set of erlang processes (which can be distributed over several servers) :
client connection process
router process
chatroom process
server to server processes
All of them exchanging messages.
route messages given some aspects of the message
Another very lovable feature of erlang is pattern matching.
It is used throughout the language.
For instance, in the following :
access(moderator, _Config)-> rw;
access(participant, _Config)-> rw;
access(visitor, #config{type="public"})-> r;
access(visitor, #config{type="public_rw"})-> rw;
access(_User,_Config)-> none.
That's 5 different versions of the access function.
Erlang will select the most appropriate version given the arguments received. (Config is a structure of type #config which has a type attribute).
That means it is very easy and much clearer than chaining if/else or switch/case to make business rules.
To wrap up
Writing scalable servers, that's the whole point of erlang. Everything is designed it making this easy. On the two previous features, I'd add :
hot code upgrade
mnesia, distributed relational database (included in the base distribution)
mochiweb, on which most http erlang servers are built on
binary support (decoding and encoding binary protocol easy as ever)
a great community with great open source projects (ejabberd, couchdb but also webmachine, riak and a slew of library very easy to embed)
Fewer LOCs
There is also this article from Richard Jones. He rewrote an application from C++ to erlang: 75% fewer lines in erlang.
The list of most common applications for Erlang as been covered (CouchDb, ejabberd, RabbitMQ etc) but I would like to contribute the following.
The reason why it is used in these applications comes from the core strength of Erlang: managing application availability.
Erlang was built from ground up for the telco environment requiring that systems meet at least 5x9's availability (99.999% yearly up-time). This figure doesn't leave much room for downtime during a year! For this reason primarily, Erlang comes loaded with the following features (non-exhaustive):
Horizontal scalability (ability to distribute jobs across machine boundaries easily through seamless intra & inter machine communications). The built-in database (Mnesia) is also distributed by nature.
Vertical scalability (ability to distribute jobs across processing resources on the same machine): SMP is handled natively.
Code Hot-Swapping: the ability to update/upgrade code live during operations
Asynchronous: the real world is async so Erlang was built to account for this basic nature. One feature that contributes to this requirement: Erlang's "free" processes (>32000 can run concurrently).
Supervision: many different strategies for process supervision with restart strategies, thresholds etc. Helps recover from corner-cases/overloading more easily whilst still maintaining traces of the problems for later trouble-shooting, post-mortem analysis etc.
Resource Management: scheduling strategies, resource monitoring etc. Note that the default process scheduler operates with O(1) scaling.
Live debugging: the ability to "log" into live nodes at will helps trouble-shooting activities. Debugging can be undertaken live with full access to any process' running state. Also the built-in error reporting tools are very useful (but sometimes somewhat awkward to use).
Of course I could talk about its functional roots but this aspect is somewhat orthogonal to the main goal (high availability). The main component of the functional nature which contributes generously to the target goal is, IMO: "share nothing". This characteristic helps contain "side effects" and reduce the need for costly synchronization mechanisms.
I guess all these characteristics help extending a case for using Erlang in business critical applications.
One thing Erlang isn't really good at: processing big blocks of data.
We built a betting exchange (aka prediction market) using Erlang. We chose Erlang over some of the more traditional financial languages (C++, Java etc) because of the built-in concurrency. Markets function very similarly to telephony exchanges. Our CTO gave a talk on our use of Erlang at CTO talk.
We also use CouchDB and RabbitMQ as part of our stack.
Erlang comes from Ericsson, and is used within some of their telecoms systems.
Outside telecoms, CouchDb (a document-oriented database) is possibly the best known Erlang application so far.
Why Erlang ? From the overview (worth reading in full):
The document, view, security and
replication models, the special
purpose query language, the efficient
and robust disk layout and the
concurrent and reliable nature of the
Erlang platform are all carefully
integrated for a reliable and
efficient system.
I came across this is in the process of writing up a report: Erlang in Acoustic Ray Tracing.
It's an experience report on a research group's attempt to use Erlang for Acoustic Ray Tracing. They found that while it was easier to write the program, less buggy, etc. It scaled worse, and performed 10x slower than a comparable C program. So one spot where it may not be well suited is CPU intensive scenarios.
Do note though, that the people wrote the paper were in the stages of first learning Erlang, and may not have known the proper development procedures for CPU intensive Erlang.
Apparently, Yahoo used Erlang to make something it calls Harvester. Article about it here: http://www.ddj.com/architect/220600332
What is erlang good for?
http://beebole.com/en/blog/erlang/why-erlang/
http://www.aquabu.com/2008/2/15/erlang-pragmatic-studio-day-3-notes
http://www.reddit.com/r/programming/comments/9q0lr/erlang_and_highfrequency_trading/
(jerf's answer)
It's important to realize that Erlang's 4 parts: the language itself, the VMs(BEAM, hipe) standard libs (plus modules on github, CEAN, etc.) and development environment are being steadily updated / expanded/improved. For example, i remember reading that the floating point performance improved when Wings3d's author realized it needed to improve (I can't find a source for this). And this guy just wrote about it:
http://marian-dan.com/wordpress/?p=324
A couple years ago, Tim Bray's Wide Finder publicity and all the folks starting to do web app frameworks and HTTP servers lead (at least in part) to improved regex and binaries handling. And there's all the work integrating HiPE and SMP, the dialyzer project, multiple unit testing and build libs springing up, ..
So its sweet spot is expanding, The difficult thing is that the official docs can't keep up very well, and the mailing list and erlang blogosphere volume are growing quickly
We are using Erlang to provide the back-end muscle power for our really real-time browser-based multi-player game Pixza. We don't use Flash or any other third-party plugins, though the game is real-time multi-player. We use pure JS and COMET techniques instead. And Erlang supports the "really realtimeliness" of Pixza.
I'm working for wooga, a social game company and we use Erlang for some of our game backends (basically http apis for millions of daily users) and auxiliary services like ios push notification provider, payment etc.
I think it really shines in network related tasks and it makes it kind of straight forward to structure and implement simple and complex network services alike in it. Distribution, fault tolerance and performance are easy to achieve because Erlang already has some of the key ingredients built in and they are being used for a long time in critical production infrastructure. So its not like "the new hip technology thing 0.0.2 alpha".
I know that other game companies use Erlang as well. You should be able to find presentations on slideshare about that.
Erlang draws its strength from being a functional language with no shared memory. Hence IMO, Erlang won't be suitable for applications that require in place memory manipulations. Image editing for example.
Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 7 years ago.
Improve this question
I was recently approached by a network-engineer, co-worker who would like to offload his minor network admin duties to a junior-level helpdesk tech. The specific location in need of management acts as an ISP for tenants on its single-site property, so there's a lot of small adjustments being made on a daily basis.
I am thinking it would be helpful to write him a winform app to manage the 32 Cisco devices, on-site. I'd like to initially provide functionality which could modify access control lists, port VLAN assignments, and bandwidth limitations per VLAN... adding more to the list as its deemed valuable.
My initial thought was to emulate a telnet session with the network device; utilizing my network-engineer's familiarity with the command-line / IOS interaction. Minimal time would be required to learn Cisco IOS conventions, myself.
Though while searching for solutions, it appears that most people favor SNMP. That, or, their specific circumstances pushed them in the direction of SNMP.
I wanted to know if I've overlooked an obvious benefit of SNMP. Should I be using SNMP? Why or why not?
SNMP is great for getting information out of a Cisco device, but is not very useful controlling the device. (although technically, you can push a new config to a Cisco IOS device using a combination of SNMP and TFTP. But sending a whole new config is a pretty blunt instrument for controlling your router or switch).
One of the other commenters mentioned the Cisco IOS XR XML API. It's important to note that the IOS XR XML API is only available on devices that run IOS XR. IOS XR is only used on a few of Cisco's high end carrier class devices, so for 99% of all Cisco routers and switches the IOS XR XML API is not an option.
Other possibilities are SSH or HTTP (many Cisco routers, switches, AP, etc. have an optional web interface). But I'd recommend against either of those. To my knowledge, the web interface isn't very consistent across devices, and a rather surprising number of Cisco devices don't support SSH, or at least don't support it in the base license.
Telnet is really the only way to go, unless you're only targeting a small range of device models. To give you something to compare against, Cisco's own CiscoWorks network management software uses Telnet to connect to managed devices.
I wouldn't use SNMP, instead look at a little language called 'expect'. it makes for a very nice expect/response processor for these routers.
I have done a reasonable amount of real world SNMP programming with Cisco switches and find Python on top of Net-SNMP to be quite reasonable. Here is an example, via Google books, of uploading a new Cisco configuration via Net-SNMP and Python: Cisco Switch Upload via Net-SNMP and Python. I should disclose I was the co-author of the book referenced in the link.
Everyone's milage may vary, but I personally do not like using expect, and prefer to use SNMP because it was actually designed to be a "Simple Network Management Protocol". In a pinch, expect is ok, but it would not be my first choice. One of the reasons some companies use expect is that a developer just gets used to using expect. I wouldn't necessarily chock up bypassing SNMP just because there is an example of someone automating telnet or ssh. Try it out for self first.
There can be some truly horrible things that happen with expect, that may not be obvious as well. Because expect waits for input, under the right conditions there be very subtle problems that are difficult to debug. This doesn't mean a very experienced developer can't develop reliable code with expect, but it something to be aware of as well.
One of the other things you may want to look at is an example of using the multiprocessing module to write non-blocking SNMP code. Because this is my first post to stackoverflow I cannot post more then one link, but if you google for it you can find it, or another one on using IPython and Net-SNMP.
One thing to keep in mind when writing SNMP code is that it involves reading a lot of documentation and doing trial and error. In the case of Cisco, the documentation is quite good though.
SNMP isn't bad but it may not be able to do everything you need it to do. Depending on the library you use and how it hides the details of interacting with SNMP you may have a hard time finding the correct parts of the MIB to change and even knowing what or how to change them to do what you want.
One reason not to use SNMP is that you can do all the configuration you need using the IOS XR XML API. It could be a lot easier to bundle up the commands you want to send to the devices using that than to interact with SNMP.
I've found SNMP to be a pain for management. If you just need to grab a little data it's great; if you need to change things or use if heavily it can be very time consuming. In my case I'm comfortable with the CLI so a Telnet approach works well. I've written some Python scripts to perform administrative tasks on various pieces of network gear using Telnetlib
SNMP has quite a significant CPU hit on the devices in question compared to telnet; I'd recommend telnet wherever possible. (As stated in a previous answer, the IOS XR XML API would be nice, but as far as I know IOS XR is only deployed on high-end carrier grade routers).
In terms of existing configuration management systems, two commercial players are HP Opsware, and EMC Voyence. Both will probably do what you need. I'm not aware of many open source solutions that actually support deploying changes. (RANCID, for example, only does configuration monitoring, not pre-staging and deploying config changes).
If you are going to roll your own solution, one thing I would recommend is sitting down with your network admin and coming up with a best-practice deployment model for the service he's providing (e.g. standardised ACL, QoS queue, and VLAN names; similar entries in ACLs that have the same function for different customers, etc.). Ensure that all the existing deployed config complies with this BP before you start your design, it will make the problem much more manageable. Best of luck.
Sidenote: before you reinvent the wheel writing another service provisioning system/network management system, try looking for existing ones. I know quite a lot of commercial solutions of various degrees of flexibility/functionality, but I am sure there are quite a lot opensource ones.
Cisco has included menu options for helpdesk applications. Basically you telnet to the box and it presents a nice clean menu (press 1, 2, 3). For more info check this link:
http://www.cisco.com/en/US/docs/ios/12_2/configfun/command/reference/frf001.html#wp1050026
Another vote for expect.
Also, you don't want to allow configuration of your firewalls via either telnet or SNMP - ssh is the only way to go. The reason is that ssh encrypts its payload, and will not expose the privileged management credentials to potential interception.
If for some reason you cannot use ssh directly, consider connecting up an ssh-enabled serial console server to the firewall's console port and configuring it that way.
I am considering Erlang as a potential for my upcoming project. I need a "Highly scalable, highly reliable" (duh, what project doesn't?) web server to accept HTTP requests, but not really serve up HTML. We have thousands of distributed clients (other systems, not users) that will be submitting binary data to central cluster of servers for offline processing. Responses would be very short, success, fail, error code, minimal data. We want to use HTTP since it is our best chance of traversing firewalls.
Given this limited information about the project, can you provide any weaknesses that might pop up using a technology like Erlang? For instance, I understand Erlang's text processing capabilities might leave something to be desired.
You comments are appreciated.
Thanks.
This sounds like a perfect candidate for a language like Erlang. The scaling properties of the language are very good, but if you're worried about the data processing abilities, you shouldn't be. It's a very powerful language, with many libraries available for developers. It's an old language, and it's been heavily used/tested in the past, so everything you want to do has probably already been done to some degree.
Make sure you use erlang version R11B5 or newer! Earlier versions of erlang did not provide the ability to timeout tcp sends. This results in stalled or malicious clients being able to execute a DoS attack on your application by refusing to recv data you send them, thus locking up the sending process.
See issue OTP-6684 from R11B5's release notes.
With Erlang the scalability and reliability is there but from your project definition you don't outline what type of text processing you will need.
I think Erlang's main limitation might be finding experienced developers in your area. Do some research on the availability of Erlang architects and coders.
If you are going to teach yourself or have your developers learn it on the job keep in mind that it is a very different way of coding and that while the core documentation is good a lot of people do wish there were more examples. Of course the very active community easily makes up for that.
I understand Erlang's text processing
capabilities might leave something to
be desired.
The starling project already provides basic unicode support and there is a EEP (Erlang Enhancement Proposal) currently in draft, but going in to bring it into the mainstream of Erlang/OTP support.
I encountered some problems with Redis read performance from Erlang. Here is my question. I tend to think the reason is Erlang-written module, which has troubles while processing tons of strings during communication with Redis.