From owner-freebsd-isp@FreeBSD.ORG Wed Jul 21 20:13:58 2010 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id A17E9106564A for ; Wed, 21 Jul 2010 20:13:58 +0000 (UTC) (envelope-from tom@tomjudge.com) Received: from eu1sys200aog114.obsmtp.com (eu1sys200aog114.obsmtp.com [207.126.144.137]) by mx1.freebsd.org (Postfix) with SMTP id CE8898FC1A for ; Wed, 21 Jul 2010 20:13:57 +0000 (UTC) Received: from source ([63.174.175.251]) by eu1sys200aob114.postini.com ([207.126.147.11]) with SMTP ID DSNKTEdVBPpJLkC26i+b6BYwQ/L/5kRaS0Vh@postini.com; Wed, 21 Jul 2010 20:13:58 UTC Received: from [172.17.10.53] (unknown [172.17.10.53]) by bbbx3.usdmm.com (Postfix) with ESMTP id F33E4FD01C; Wed, 21 Jul 2010 19:56:38 +0000 (UTC) Message-ID: <4C4750A6.30005@tomjudge.com> Date: Wed, 21 Jul 2010 19:55:18 +0000 From: Tom Judge User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.1.10) Gecko/20100527 Lightning/1.0b1 Thunderbird/3.0.5 MIME-Version: 1.0 To: "Marc G. Fournier" References: In-Reply-To: X-Enigmail-Version: 1.0.1 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Cc: freebsd-isp@freebsd.org Subject: Re: OSS Control Panel to manage FreeBSD jails ... ? X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 21 Jul 2010 20:13:58 -0000 On 07/21/2010 06:49 PM, Marc G. Fournier wrote: > > About 6 years ago or so, we wrote an inhouse control panel to allow us > to manage freebsd jails from a central gui ... although it works, its > neither intuitive or pretty ... and is a nightmare to change ... > At $work use a heavily customized version of RackTables with support for managing FreeBSD Jails across all of our sites (200+ hosts, 570+ jails). The backend management is driven by cfengine with a custom module that leverages ezjail to the actual jail management. You can find the backend details here: http://www.tomjudge.com/index.php/CFEngine/Managing_FreeBSD_Jails Our full modifications to RackTables include role based package management and automated package building using tinderbox nodes, which I have yet to completely write up. > The features it does have is: > > each client has 1 or more login ideas tot heir account > a client can have multiple jails assigned to them > - front page has a summary of memory, storage and bandwidth usage > - each VPS has their own detail screen that includes the above, as well > as any virtual hosts that are running on it > - new virtual machines can be requesetd > - new virtual hosts can be added > - mysql/pgsql databases can be added / deleted > all invoicing is performed automatically through the system > there is a support center for clients to post problems > The system is not any where near this advanced, it does however work quite nicely for us. To distribute the configuration data across our 7 sites we use MySQL replication and each node uses a local replica of the configuration database. Most of the monitoring functions we use cacti and nagios to perform but they are not integrated into the user interface in a nice/useful way. For us the way forward is looking to be openQRM and adding jail support to it. > what it doesn't do is dns or email management ... dns is modified 'by > request', and email is a totally seperate, unintegrated inferface ... > For DNS management we use Bind with the ldap backend as a master, then 2 slaves at each site. To push out changes we have a collection of scripts that send SOA notifications out on different IP addresses. This is needed as a number of zones are split horizon and all updates originate from our internal network. > I've tried DTC, and its a nice interface, but its more a 'seperate > instance per VPS' vs centralized solution ... I don't want to have to > log into multiple interfaces to deal with support issues, for instance > .. but, at the same time, don't want to force a client to have two > different interfaces to handle things ... > > Does anyone have any suggestions on software that could replace this? > I don't want ot run VMWare, or any of the other virtualization > software packages, I would like to stick, as much as possible, to a > nice, clean, jail environment ... > Not sure if any of the info I have provided is useful to you, but someone may find it useful. Tom -- TJU13-ARIN